cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
161,415 Commits 1 Branch 0 Tags
Commit Graph

14214 Commits

Author SHA1 Message Date
sthen
65c5bce2cc update to Apache httpd 2.4.51, the previous fix for CVE-2021-41773 was 
insufficient. ok giovanni@

"It was found that the fix for CVE-2021-41773 in Apache HTTP Server
2.4.50 was insufficient. An attacker could use a path traversal attack
to map URLs to files outside the directories configured by Alias-like
directives.

If files outside of these directories are not protected by the usual
default configuration "require all denied", these requests can succeed.
If CGI scripts are also enabled for these aliased pathes, this could
allow for remote code execution.

This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier
versions."
 2021-10-07 17:19:18 +00:00
kirby
6bf49816c4 update HOMEPAGE and switch to HTTPS 2021-10-06 14:13:00 +00:00
pvk
a9f154a313 Update gitea 1.15.2 -> 1.15.3 
Changelog: https://github.com/go-gitea/gitea/releases/tag/v1.15.3
 2021-10-06 11:25:06 +00:00
gonzalo
ad31fc6364 Update for Nextcloud to 22.2.0 
OK rsadowski@

Tested by Adriano Barbosa, thanks!

cvs: ----------------------------------------------------------------------
 2021-10-06 08:34:50 +00:00
giovanni
353fac875e Security update to 2.4.50 
fixes CVE-2021-41524 and CVE-2021-41773
 2021-10-05 15:35:26 +00:00
landry
ac8fa77397 www/firefox-esr: update to 91.2.0. 
See https://www.mozilla.org/en-US/firefox/91.2.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/
 2021-10-05 13:10:20 +00:00
landry
517de2c831 www/mozilla-firefox: update to 93.0. 
See https://www.mozilla.org/en-US/firefox/93.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/

add a patch to prevent a sysctl call with KERN_PROC_ARGV triggering
pledge violations.
 2021-10-05 13:08:43 +00:00
tb
6cb9641d9d www/newsboat: update to 2.25 2021-10-05 05:16:06 +00:00
sthen
c5a57a3b5f update to squid-5.2 2021-10-04 20:11:18 +00:00
robert
9211827887 update to 5.0.2 2021-10-04 18:18:52 +00:00
robert
0923ab631c unbreak after harfbuzz update by cherry-picking some upstream changes 2021-10-04 14:55:17 +00:00
robert
544c7e35d1 update to 94.0.4606.71 2021-10-03 21:26:51 +00:00
kn
814e74b713 Update to varnish 7.0.0 
https://varnish-cache.org/releases/rel7.0.0.html
 2021-10-03 21:14:21 +00:00
sthen
3cc41ab6f5 update to nghttp2-1.45.1 2021-10-03 19:17:48 +00:00
sthen
da03611585 update to httpie-2.5.0 2021-10-03 19:17:10 +00:00
jturner
9ab430699b Update openradtool to 0.13.9 2021-10-03 19:04:34 +00:00
jturner
f9350a8c62 Update kcgi to 0.13.0 2021-10-03 19:04:15 +00:00
ajacoutot
e66d1a0244 Bump to be ahead of -stable. 
ok sthen@
 2021-09-21 10:44:46 +00:00
cwen
c2690555bf webkitgtk4: use the "lonesome" DPB_PROPERTIES on macppc 
No objections from aja@ (maintainer)
 2021-09-19 19:09:39 +00:00
ajacoutot
3cdee6000f Update to webkitgtk4-2.32.4. 2021-09-17 14:50:59 +00:00
sthen
f41b2ce6f9 update to composer-2.1.8, mostly regression fixes 2021-09-17 10:17:59 +00:00
giovanni
4218767dd7 Update to 2.4.49 
fixes CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275
and CVE-2021-40438.
Full changelog at https://downloads.apache.org/httpd/CHANGES_2.4.49
 2021-09-16 21:18:10 +00:00
robert
18683c3bac bump arm64 memory limit up to 512M (from upstream) because it is partitioned 
down in the JIT code so it will not hit the limit and allow amd64 to allocate
128M by default

ok aja@
 2021-09-14 14:03:32 +00:00
sebastia
57a73b54fc update 5.1.1 -> 5.2.0 2021-09-14 12:21:58 +00:00
sebastia
c07042d9ea update 5.1.1 -> 5.2.0 2021-09-14 12:21:38 +00:00
sthen
243545d2b4 fix luakit version display; from maintainer Stefan Hagen 
small tweak from me, to add a comment near GH_TAGNAME to mention that it's
used later in the Makefile
 2021-09-14 10:34:18 +00:00
robert
3131ab94db update to 93.0.4577.82 2021-09-14 06:19:48 +00:00
robert
3609fb20b9 unbreak on arm64 by shuffling some code around because it was broken 
in case FIXED_EXECUTABLE_MEMORY_POOL_SIZE_IN_MB is defined
 2021-09-13 16:31:09 +00:00
rsadowski
ea21d0899f Update qutebrowser to 2.3.1 
Update diff from maintainer
 2021-09-12 14:26:40 +00:00
ajacoutot
20d5516bf3 Update to castor-0.8.18. 2021-09-11 08:47:54 +00:00
tb
18f5a5036d Fix build of nginx-lua after libssl crank. 2021-09-10 15:19:00 +00:00
kevlo
98b694931e Add unveil for ~/.config/fcitx to make the input method work when 
using fcitx.

Reported by Yifei Zhan.

ok sthen@
 2021-09-10 13:36:51 +00:00
robert
ae4f61f369 sync arm64 ffmpeg config 2021-09-09 08:19:51 +00:00
landry
0fcef47af1 www/firefox-esr: actually remove patches that were merged upstream 
noted by semarie@, thanks !
 2021-09-08 08:41:50 +00:00
fcambus
bc1ec3958f Add sfeed and sfeed_curses. 2021-09-08 08:09:22 +00:00
fcambus
f80983ad41 Import www/sfeed_curses. 
sfeed_curses is a curses UI front-end for sfeed.

It shows the TAB-separated feed items in a graphical command-line UI. The
interface has a look inspired by the mutt mail client. It has a sidebar panel
for the feeds, a panel with a listing of the items and a small statusbar for
the selected item/url. Some functions like searching and scrolling are
integrated in the interface itself.

OK bcallah@
 2021-09-08 08:07:05 +00:00
fcambus
28589daadc Import www/sfeed. 
sfeed is a RSS and Atom parser (and some format programs).

It converts RSS or Atom feeds from XML to a TAB-separated file. There are
formatting programs included to convert this TAB-separated format to various
other formats. There are also some programs and scripts included to import and
export OPML and to fetch, filter, merge and order feed items.

OK bcallah@
 2021-09-08 08:05:37 +00:00
robert
dc62a61572 regen ffmpeg config on arm64 2021-09-08 08:01:29 +00:00
landry
9e3b8e805a www/firefox-esr: major update from 78.13.0 to 91.1.0 
See https://www.mozilla.org/en-US/firefox/91.1.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2021-40/

merges what was in www/mozilla-firefox before the 92.0 update:
- add unveil/pledge for socket & rdd processes
- sync download dir patches

allows 7.0 to ship with a maintained esr branch for its lifetime
 2021-09-07 13:43:04 +00:00
landry
7fd72e88cc www/mozilla-firefox: update to firefox 92.0. 
See https://www.mozilla.org/en-US/firefox/92.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/

tested by (at least) naddy@
 2021-09-07 13:37:55 +00:00
landry
f008d654ac www/seamonkey: fix build on i386 
make sure we dont try to detect libatomic from gcc-libs, otherwise the
build fails later on as found out by sthen@.
 2021-09-06 08:20:20 +00:00
paco
7dc6bafdea update www/hugo to 0.88.1 
ok denis@
 2021-09-05 13:53:13 +00:00
robert
51c499c2f7 unbreak on i386 2021-09-04 08:59:45 +00:00
robert
f3593cd0ef include two missing functions in libvulkan.so on OpenBSD 2021-09-04 06:11:45 +00:00
pvk
e290cbd2d8 Update gitea 1.14.6 -> 1.15.2 
Changelog: https://github.com/go-gitea/gitea/releases/tag/v1.15.2
 2021-09-03 22:46:02 +00:00
ajacoutot
320d3e3df2 net/avahi -> net/avahi,-libs for LDEP 
Add explicity RDEP on net/avahi (the daemon part) because some packages
make no sense without it.
 2021-09-03 11:48:53 +00:00
sebastia
e74fb52569 hook up ruby-jwt 2021-09-03 07:40:24 +00:00
sebastia
80fbde523f import ruby-jwt 
A pure ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT)
standard.

needed for an update of sysutils/ruby-r10k

feedback and OK kmos@
 2021-09-03 07:39:06 +00:00
ajacoutot
c6261f6fe6 Drop not really useful MESSAGE. 
ok kn@ (maintainer)
 2021-09-02 21:28:49 +00:00
fcambus
d3b60507c1 Add missing RCS ID markers in crates.inc files for some Rust ports. 2021-09-02 17:39:09 +00:00