- Fix insecure permissions for directories in distfile build tree. CVE-2009-4029
- Fix insecure permissions used for the top of the distfile build tree. CVE-2012-3386
This was already tested in a bulk build by me as part of a larger diff
from brad
ok aja@ sthen@ espie@
- during the scanning stage, we can rely on more than sizes. Specifically,
for files with cached sha values: detect problems early, zap the files, so
the new ones do fetch.
- do not allow "negative" caching: if the cached file doesn't match, just
run the checksum again to make sure (manual download would tamper with that).
This should allow builders to forget about the existence of
/usr/ports/distfiles/distinfo again.
- remove bad files so that fetch has a chance to work (todo: log some more
info, yeah landry...)
- zap code from (checksum) proper that's no longer in-use.
okay jasper@
(gets in because fixing the mirrors for the release is important, and dpb -F
would not do the right thing without manual intervention).
version of BIND than is in the base OS (some people require features
from this version e.g. DNS64), but note that it does not include
the hardening changes made to the version in base.
feedback from naddy@ giovanni@, ok giovanni@.
"BIND is open source software that implements the Domain Name System
(DNS) protocols for the Internet. It is a reference implementation
of those protocols, but it is also production-grade software,
suitable for use in high-volume and high-reliability applications."
* Fix issue where a window/icon could not be clicked or otherwise
be manipulated (skype, thunderbird etc).
* Fix an issue where on some Intel graphics cards when exiting the
screen turned garbled and would blink really badly.
* Bonus fix: spawn_position to actually do what it is supposed to do.
Merged from diffs from myself, Rodolfo Gouveia and with an rc script from
giovanni@.
This is a security update, fixing CVE-2011-3348, CVE-2011-3368, CVE-2011-3607,
CVE-2011-4317, CVE-2012-0021, CVE-2012-0031 and CVE-2012-0053.
YubiServe is a lightweight Validation Server supporting both OATH/HOTP
and Yubico Yubikey implementations, written in Python that uses an
SQLite database or, optionally, a MySQL database. It has an integrated
threaded webserver, with HTTPS/SSL support, compatible with the
Yubico validation protocol 2.0 including HMAC SHA-1 signatures to
provide for authentication of the server.
eduke32 is an advanced Duke Nukem 3D engine capable of playing
the game, and filled to the brim with editing enhancements.
Includes mapster32, a map-making program similar to the original
build map editor.
ok jasper@, edd@
