This is a security fix release, which addresses an issue that affects
32-bit arches when dnscrypt-proxy's DNS over HTTPS (DoH) feature is
used. It was fixed in Go 1.13.7 (now available in ports) and in the
version of golang.org/x/crypto specified in {WRKSRC}/go.mod.
Release notes: https://github.com/DNSCrypt/dnscrypt-proxy/releases
From Nam Nguyen <namn AT berkeley DOT edu> (MAINTAINER).
Those are registered as CVE-2016-9843, CVE-2016-9842, CVE-2016-9841,
CVE-2016-9840, but judging from the code, it's not even clear how to build
an exploit from this (mostly underspecified C behavior, plus it's deep
within zlib's streams).
So, don't get too alarmed about this.
Okay sthen@, naddy@
* TUI: Fall back to username when display_name is unset
* Show character count when composing
* Fix searching by hashtag which include the '#'
* Upgrade search to v2
Fixes for:
o CVE-2019-14902:
The implementation of ACL inheritance in the Samba AD DC was not complete,
and so absent a 'full-sync' replication, ACLs could get out of sync between
domain controllers.
o CVE-2019-14907:
When processing untrusted string input Samba can read past the end of the
allocated buffer when printing a "Conversion error" message to the logs.
o CVE-2019-19344:
During DNS zone scavenging (of expired dynamic entries) there is a read of
memory after it has been freed.
the syntax is compatible with older edition, and more crates are using the
edition 2018 which require it.
avoid using MODCARGO_INSTALL_ARGS just to pass "--path ."
ok landry@ (some time ago, the diff was sleeping in my tree)
- add aarch64 to ONLY_FOR_ARCHS now that it has golang
- drop "MODGO_FLAGS= -tags nosystemd", it was only being passed in for
tests which it didn't change, and didn't do anything else.
- add the default MODGO_FLAGS from go.port.mk to the custom build commands,
to honour MAKE_JOBS/debug settings, and display source files being built
