Fixes for:
- CVE-2017-7508 Remotely-triggerable ASSERT() on malformed IPv6 packet
- CVE-2017-7520 Pre-authentication remote crash/information disclosure
for clients
- CVE-2017-7521 Potential double-free in --x509-alt-username
- CVE-2017-7512 Remote-triggerable memory leaks
- CVE-2017-7522 Post-authentication remote DoS when using
the --x509-track option
- Null-pointer dereference in establish_http_proxy_passthru()
Full description at
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
This update kills some of our patches that were committed upstream.
Similar diff proposed by pirofti@, ok pirofti@ stsp@
TuDu is a command line program to manage hierarchical todos. Each task
has a title, a long text description, a deadline (tudu warns you when the
date is close), and a scheduled date. There are categories and priorities.
OK jca@
Laspy is a pythonic library for reading, modifying and writing LAS
files, ie point cloud data. Support for LAZ is limited to reading LAS
version 1.0-1.4 files. Laspy is compatible with Python 2.6+ and 3.5+.
Laspy includes a set of command line tools which can be used to do basic
file operations like format translation and validation as well as
comparing LAS files.
WWW: https://github.com/laspy/laspy
ok sthen@
PDAL is a C++ BSD library for translating and manipulating point cloud
data. It is very much like the GDAL library which handles raster and
vector data.
In addition to the library code, PDAL provides a suite of command-line
applications that users can conveniently use to process, filter,
translate, and query point cloud data.
WWW: https://pdal.io
ok sthen@ ajacoutot@
redirect is only called thru a user, so have the error message be
more helpful in telling which user can't perform the redirect.
likewise, write_error should tell which user is involved.
don't wrap redirect_fh in run_as, because we're not opening any
new file.
Make sendto() work for IPv4 by setting the IP_MULTICAST_IF socket option.
Allows this port to drop the dependency on net/libnet and stop using the
associated sendto() replacement hack (which supports only IPv4).
Make IPv6 work: Fix adding/deleting IPv6 routes, and don't complain
about a missing net.inet6.icmp6.rediraccept sysctl.
Also enable the verbose build so build logs show the commands
being used to compile things.
ok danj@ sthen@
use of the gnustep module.
Patches for the modern runtime from Debian (pointer to it from jca@)
Additionally, some failing tests, due to using the modern runtime, are disabled
The package is currently broken, and this is an attempt to fix it, and
give people a chance to actually test it.
proposed to go ahead by sthen@, also OK espie@, jca@
devel/sqlite3 not being built with support for fts3_tokenizer().
Let's use their shipped version sqlite instead of the system version
to circumvent that issue.
ok zhuk
ok sthen@
xli is an image display program for X. It is a fork of xloadimage.
A variety of options are available to modify images prior to viewing.
These options include clipping, dithering, depth reduction, zoom (either
X or Y axis independently or both at once), brightening or darkening,
input gamma correction, and image merging. When applicable, these
options are done automatically (eg. a color image to be displayed on a
monochrome screen will be dithered automatically). A utility (xlito) is
provided that allows these viewing options to be appended to the image
files.
xli can also be used to set the X background image if called as xsetbg.
