trying to auto detect, which picks up gcc on those base-clang arches
which still install gcc (which I think is now causing more problems
than it solves).
Fixes a build problem reported by solene@ on i386 with old /usr/bin/gcc
present after the installer auto-removed old gcc-libs.
nipper and libnipper became comercial over ten years ago and have not been
updated ever since; HOMEPAGE doesn't even mention them any longer.
Pointed out by Marcus MERIGHI <mcmer-openbsd at tor dot at>, thanks!
OK sthen jca
- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
an unsigned variable results in an out-of-bounds read which causes a crash.
Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
parsing vulnerability.
- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper size checking of
a buffer used to initialize AES decryption routines results in an out-of-
bounds read which may cause a crash. Bug found by OSS-Fuzz.
- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.
- Fix a couple of minor memory leaks.
- Updated libclamunrar to UnRAR 5.9.2.
uacme is a lightweight client for the RFC8555 ACMEv2 protocol used with
certificate authorities to validate and issue X509 certificates. It is
written in plain C with minimal dependencies (libcurl and one of GnuTLS,
OpenSSL or mbedTLS) and can handle all authentication types via external
hooks (examples for http-01, dns-01 via nsupdate, and tls-alpn-01).
Changelog: https://github.com/hashicorp/vault/blob/master/CHANGELOG.md
Port changes:
* Vault config moved to /etc/vault/vault.hcl
* Added default config with internal Raft storage
* Add patch for signing SSH keys using rsa-sha2-256 algorithm
* Add locations for vault db/plugins/logs
* Use logger for Vault server logging to /var/log/vault/vault.log
* Add pkg README
ok ajacoutot@
Browser integration only works with Chromium-based browsers
and/or Firefox, build it only on archs that support either of
these two to avoid wasting bulk time.
"fine for me" rsadowski@ (maintainer), OK kmos@
Remvoing the default "-O2" is pointless since our CFLAGS are always
honored and passed after the default, hence overriding them.
Comment all other patches while here.
Fix side channel in ECC code that allowed an adversary with access to
precise enough timing and memory access information to fully recover an
ECDSA private key (CVE-2020-10932).
- add `-fheinous-gnu-extensions' as seen on some other archs
- add a patch to remove the `-Wa,-mppc' flag, because clang's
integrated assembler was unhappy with it. Proposed by jca@,
instead of using `-no-integrated-as'.
OK jca@ (maintainer)
