ghen [Mon, 24 Sep 2007 08:53:33 +0000 (08:53 +0000)]
Ticket #2193.
ghen [Mon, 24 Sep 2007 08:53:15 +0000 (08:53 +0000)]
Pullup ticket 2193 - requested by tron
security update for ImageMagick, p5-PerlMagick
- pkgsrc/graphics/ImageMagick/Makefile.common 1.76
- pkgsrc/graphics/ImageMagick/PLIST 1.57
- pkgsrc/graphics/ImageMagick/distinfo 1.91
- pkgsrc/graphics/ImageMagick/patches/patch-aa removed
Module Name: pkgsrc
Committed By: tron
Date: Mon Sep 24 08:03:25 UTC 2007
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
Removed Files:
pkgsrc/graphics/ImageMagick/patches: patch-aa
Log Message:
Update ImageMagick and p5-PerlMagick packages to version 6.3.5.10.
The new version provides a lot of bug fixes and small enhancements and
fixes four security vulnerabilites found by iDefense (CVE-4985, CVE-4986,
CVE-4987 and CVE-4988). Approved by wiz@.
ghen [Sun, 23 Sep 2007 14:35:41 +0000 (14:35 +0000)]
Ticket #2192.
ghen [Sun, 23 Sep 2007 14:35:05 +0000 (14:35 +0000)]
Pullup ticket 2192 - requested by tron
security fix for fetchmail
- pkgsrc/mail/fetchmail/Makefile 1.163
- pkgsrc/mail/fetchmail/distinfo 1.38
- pkgsrc/mail/fetchmail/patches/patch-aa 1.6
Module Name: pkgsrc
Committed By: tron
Date: Sun Sep 23 12:48:46 UTC 2007
Modified Files:
pkgsrc/mail/fetchmail: Makefile distinfo
Added Files:
pkgsrc/mail/fetchmail/patches: patch-aa
Log Message:
Add fix for security vulnerability reported in CVE-2007-4565.
Bump package revision.
ghen [Sat, 22 Sep 2007 18:19:50 +0000 (18:19 +0000)]
Tickets #2190, 2191.
ghen [Sat, 22 Sep 2007 18:19:22 +0000 (18:19 +0000)]
Pullup ticket 2191 - requested by markd
security fix for kdebase3
- pkgsrc/x11/kdebase3/Makefile 1.133
- pkgsrc/x11/kdebase3/distinfo 1.99
Module Name: pkgsrc
Committed By: markd
Date: Fri Sep 21 20:48:13 UTC 2007
Modified Files:
pkgsrc/x11/kdebase3: Makefile distinfo
Log Message:
Updated version of konqueror address bar spoofing fix
http://www.kde.org/info/security/advisory-
20070914-1.txt
also fix for KDM passwordless login vulnerability
http://www.kde.org/info/security/advisory-
20070919-1.txt
ghen [Sat, 22 Sep 2007 12:40:30 +0000 (12:40 +0000)]
Pullup ticket 2190 - requested by markd
security fix for kdelibs3
- pkgsrc/x11/kdelibs3/Makefile 1.128
- pkgsrc/x11/kdelibs3/distinfo 1.88
Module Name: pkgsrc
Committed By: markd
Date: Fri Sep 21 20:45:53 UTC 2007
Modified Files:
pkgsrc/x11/kdelibs3: Makefile distinfo
Log Message:
Updated version of Konqueror address bar spoofing fix
http://www.kde.org/info/security/advisory-
20070914-1.txt
salo [Sun, 16 Sep 2007 20:17:41 +0000 (20:17 +0000)]
Pullup ticket 2176 - requested by ghen
security update for seamonkey (second part)
- pkgsrc/www/seamonkey/Makefile-seamonkey.common 1.12
- pkgsrc/www/seamonkey/distinfo 1.24
- pkgsrc/www/seamonkey-bin/Makefile 1.16
- pkgsrc/www/seamonkey-bin/distinfo 1.13
Module Name: pkgsrc
Committed By: ghen
Date: Fri Aug 10 09:23:23 UTC 2007
Modified Files:
pkgsrc/www/seamonkey: Makefile-seamonkey.common distinfo
pkgsrc/www/seamonkey-bin: Makefile distinfo
Log Message:
Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.4.
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
For more info, see
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1.4/
ghen [Sat, 15 Sep 2007 17:27:33 +0000 (17:27 +0000)]
Ticket #2189.
ghen [Sat, 15 Sep 2007 17:27:07 +0000 (17:27 +0000)]
Pullup ticket 2189 - requested by tron
security fix for qt3-libs
- pkgsrc/x11/qt3-libs/Makefile 1.67 via patch
- pkgsrc/x11/qt3-libs/distinfo 1.46
- pkgsrc/x11/qt3-libs/patches/patch-aq 1.2
Module Name: pkgsrc
Committed By: tron
Date: Sat Sep 15 12:04:02 UTC 2007
Modified Files:
pkgsrc/x11/qt3-libs: Makefile distinfo
pkgsrc/x11/qt3-libs/patches: patch-aq
Log Message:
Fix security vulnerability reported in CVE-2007-4137.
Bump package revision.
ghen [Mon, 10 Sep 2007 20:58:22 +0000 (20:58 +0000)]
Ticket #2185.
ghen [Mon, 10 Sep 2007 20:57:52 +0000 (20:57 +0000)]
Pullup ticket 2185 - requested by tron
security update for apache22
- pkgsrc/www/apache22/Makefile 1.18, 1.20
- pkgsrc/www/apache22/Makefile.common 1.6
- pkgsrc/www/apache22/PLIST 1.2, 1.3
- pkgsrc/www/apache22/distinfo 1.7
- pkgsrc/www/apache22/patches/patch-aa 1.2
- pkgsrc/www/apache22/patches/patch-ab removed
- pkgsrc/www/apache22/patches/patch-an removed
- pkgsrc/www/apache22/patches/patch-ao removed
- pkgsrc/www/apache22/patches/patch-ap removed
- pkgsrc/www/apache22/patches/patch-ar removed
- pkgsrc/www/apache22/patches/patch-at removed
Module Name: pkgsrc
Committed By: tron
Date: Sat Sep 8 11:02:11 UTC 2007
Modified Files:
pkgsrc/www/apache22: Makefile Makefile.common PLIST distinfo
pkgsrc/www/apache22/patches: patch-aa
Removed Files:
pkgsrc/www/apache22/patches: patch-ab patch-an patch-ao patch-ap
patch-ar patch-at
Log Message:
Update "apache22" package to version 2.2.6.
This update is a bug and security fix release. The following security
problem hasn't been fixed in "pkgsrc" before:
- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
parsing date-related headers.
---
Module Name: pkgsrc
Committed By: rillig
Date: Sun Sep 9 08:12:58 UTC 2007
Modified Files:
pkgsrc/www/apache22: Makefile
Log Message:
Only fix the suexec permissions if the file exists.
---
Module Name: pkgsrc
Committed By: tron
Date: Mon Sep 10 20:36:41 UTC 2007
Modified Files:
pkgsrc/www/apache22: PLIST
Log Message:
Remove duplicate entry for "share/httpd/icons/README.html".
Pointed out by Geert Hendrickx in private e-mail.
ghen [Mon, 10 Sep 2007 20:13:55 +0000 (20:13 +0000)]
Ticket #2187.
ghen [Mon, 10 Sep 2007 20:13:32 +0000 (20:13 +0000)]
Pullup ticket 2187 - requested by jlam
security update for lighttpd
- pkgsrc/www/lighttpd/DESCR 1.2
- pkgsrc/www/lighttpd/Makefile 1.16
- pkgsrc/www/lighttpd/PLIST 1.7
- pkgsrc/www/lighttpd/distinfo 1.11
- pkgsrc/www/lighttpd/patches/patch-aa 1.7
- pkgsrc/www/lighttpd/patches/patch-ab 1.4
- pkgsrc/www/lighttpd/patches/patch-ac 1.3
Module Name: pkgsrc
Committed By: jlam
Date: Mon Sep 10 13:59:51 UTC 2007
Modified Files:
pkgsrc/www/lighttpd: DESCR Makefile PLIST distinfo
Added Files:
pkgsrc/www/lighttpd/patches: patch-aa patch-ab patch-ac
Log Message:
Update www/lighttpd to 1.4.18. Changes from 1.4.16 include:
* fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
--> fixed FastCGI header overrun in mod_fastcgi
* fixed hanging redirects with keep-alive due to missing
"Content-Length: 0" headers
* fixed crashing when using undefined environment variables in the config
* added dir-listing.set-footer in mod_dirlisting (#1277)
* added sending UID and PID for SIGTERM and SIGINT to the logs
* fixed compression of files < 128 bytes by disabling compression (#1241)
* fixed mysql server reconnects (#518)
* fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166)
* fixed crash on mixed EOL sequences in mod_cgi
* fixed key compare (#1287)
* fixed invalid char in header values (#1286)
* fixed invalid "304 Not Modified" on broken timestamps
--> fixed endless loop on shrinked files with sendfile() on BSD (#1289)
--> fixed counter overrun in ?auto in mod_status (#909)
* fixed too aggresive caching of nested conditionals (#41)
--> fixed possible overflow in unix-socket path checks on BSD (#713)
* fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
* fixed handling of duplicate If-Modified-Since to return 304
* fixed extracting status code from NPH scripts (#1125)
* removed config-check if passwd files exist (#1188)
* fixed crash when etags are disabled but the client sends one (#1322)
* fixed crash when freeing the config in mod_alias
* fixed server.error-handler-404 breakage from 1.4.16 (#1270)
* fixed entering 404-handler from dynamic content (#948)
* added more debug infos for FAM based stat-cache
The highlighted changes are security vulnerabilities that are fixed in
this release.
ghen [Sat, 8 Sep 2007 09:55:09 +0000 (09:55 +0000)]
Ticket #2184.
ghen [Sat, 8 Sep 2007 09:54:47 +0000 (09:54 +0000)]
Pullup ticket 2184 - requested by tron
security update for apache2
- pkgsrc/devel/apr0/Makefile 1.3
- pkgsrc/devel/apr0/distinfo 1.2
- pkgsrc/www/apache2/Makefile 1.118
- pkgsrc/www/apache2/Makefile.commom 1.22
- pkgsrc/www/apache2/PLIST 1.35
- pkgsrc/www/apache2/distinfo 1.51
- pkgsrc/www/apache2/patches/patch-ap removed
- pkgsrc/www/apache2/patches/patch-aq removed
Module Name: pkgsrc
Committed By: tron
Date: Fri Sep 7 23:11:41 UTC 2007
Modified Files:
pkgsrc/devel/apr0: Makefile distinfo
pkgsrc/www/apache2: Makefile Makefile.common PLIST distinfo
Log Message:
Update "apr" package to version 0.9.16.2.0.61 and "apache2" package
to version 2.0.61.
This update is a bug and security fix release. The following security
problem hasn't been fixed in "pkgsrc" before:
- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
parsing date-related headers.
---
Module Name: pkgsrc
Committed By: tron
Date: Fri Sep 7 23:28:23 UTC 2007
Removed Files:
pkgsrc/www/apache2/patches: patch-ap patch-aq
Log Message:
Remove obsolete patch files.
ghen [Tue, 4 Sep 2007 12:48:26 +0000 (12:48 +0000)]
Tickets #2178, 2183.
ghen [Tue, 4 Sep 2007 12:46:46 +0000 (12:46 +0000)]
Pullup ticket 2183 - requested by markd
security fix for konqueror
- pkgsrc/x11/kdebase3/Makefile 1.131
- pkgsrc/x11/kdebase3/distinfo 1.98
- pkgsrc/x11/kdelibs3/Makefile 1.126
- pkgsrc/x11/kdelibs3/distinfo 1.87
Module Name: pkgsrc
Committed By: markd
Date: Sun Sep 2 04:34:00 UTC 2007
Modified Files:
pkgsrc/x11/kdebase3: Makefile distinfo
pkgsrc/x11/kdelibs3: Makefile distinfo
Log Message:
The Konqueror address bar is vulnerable to spoofing attacks
that are based on embedding white spaces in the url. In addition
the address bar could be tricked to show an URL which it is
intending to visit for a short amount of time instead of the
current URL.
http://www.kde.org/info/security/advisory-
20070816-1.txt
Bump PKGREVISION for kdelibs3 and kdebase3
salo [Tue, 4 Sep 2007 01:36:19 +0000 (01:36 +0000)]
#2180
salo [Tue, 4 Sep 2007 01:35:37 +0000 (01:35 +0000)]
Pullup ticket 2180 - requested by ghen
security update for thunderbird15
Revisions pulled up:
- pkgsrc/mail/thunderbird15/Makefile-thunderbird.common 1.3
- pkgsrc/mail/thunderbird15/distinfo 1.3
- pkgsrc/mail/thunderbird15/PLIST 1.2
- pkgsrc/mail/thunderbird15-gtk1/PLIST 1.2
Module Name: pkgsrc
Committed By: ghen
Date: Fri Aug 24 14:53:32 UTC 2007
Modified Files:
pkgsrc/mail/thunderbird15: Makefile-thunderbird.common PLIST distinfo
pkgsrc/mail/thunderbird15-gtk1: PLIST
Log Message:
Update thunderbird15 and thunderbird15-gtk1 to 1.5.0.13.
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
MFSA 2007-18 Crashes with evidence of memory corruption (rv:1.8.1.5)
For more info, see
http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.13.html
salo [Mon, 3 Sep 2007 23:50:24 +0000 (23:50 +0000)]
#2176
salo [Mon, 3 Sep 2007 23:48:59 +0000 (23:48 +0000)]
Pullup ticket 2176 - requested by ghen
security update for seamonkey
Revisions pulled up:
- pkgsrc/www/seamonkey/Makefile-seamonkey.common 1.11, 1.12
- pkgsrc/www/seamonkey/PLIST 1.13
- pkgsrc/www/seamonkey/distinfo 1.23, 1.24
- pkgsrc/www/seamonkey-gtk1/PLIST 1.8
- pkgsrc/www/seamonkey/patches/patch-cn 1.4
- pkgsrc/www/seamonkey-bin/Makefile 1.14, 1.16
- pkgsrc/www/seamonkey-bin/distinfo 1.12, 1.13
Module Name: pkgsrc
Committed By: ghen
Date: Thu Jul 26 08:50:17 UTC 2007
Modified Files:
pkgsrc/www/seamonkey: Makefile-seamonkey.common PLIST distinfo
pkgsrc/www/seamonkey-bin: Makefile distinfo
pkgsrc/www/seamonkey-gtk1: PLIST
pkgsrc/www/seamonkey/patches: patch-cn
Log Message:
Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.3.
Security fixes in this version:
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escalation using an event handler attached to an
element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
For more info, see
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1.3/
---
Module Name: pkgsrc
Committed By: ghen
Date: Fri Aug 10 09:23:23 UTC 2007
Modified Files:
pkgsrc/www/seamonkey: Makefile-seamonkey.common distinfo
pkgsrc/www/seamonkey-bin: Makefile distinfo
Log Message:
Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.4.
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
For more info, see
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1.4/
ghen [Mon, 3 Sep 2007 12:53:34 +0000 (12:53 +0000)]
Pullup ticket 2178 - requested by marrti
security fix for xfce4-terminal
- pkgsrc/x11/xfce4-terminal/Makefile 1.2
- pkgsrc/x11/xfce4-terminal/buildlink3.mk 1.2
- pkgsrc/x11/xfce4-terminal/distinfo 1.2
- pkgsrc/x11/xfce4-terminal/patches/patch-aa 1.1
Modified Files:
pkgsrc/x11/xfce4-terminal: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/x11/xfce4-terminal/patches: patch-aa
Log Message:
Updated x11/xfce4-terminal to 0.2.6nb1
Fixed "URL handling allows remote shell command execution" bug:
http://bugzilla.xfce.org/show_bug.cgi?id=3383
ghen [Thu, 23 Aug 2007 14:19:32 +0000 (14:19 +0000)]
Ticket #2179.
ghen [Thu, 23 Aug 2007 14:19:11 +0000 (14:19 +0000)]
Pullup ticket 2179 - requested by tron
security fix for rsync
- pkgsrc/net/rsync/Makefile 1.68
- pkgsrc/net/rsync/distinfo 1.26
- pkgsrc/net/rsync/patches/patch-aa 1.11
Module Name: pkgsrc
Committed By: tron
Date: Thu Aug 23 13:47:51 UTC 2007
Modified Files:
pkgsrc/net/rsync: Makefile distinfo
Added Files:
pkgsrc/net/rsync/patches: patch-aa
Log Message:
Add SuSE's patch to fix the vulnerability reported in CVE-2007-4091.
Bump package revision.
ghen [Tue, 14 Aug 2007 07:03:38 +0000 (07:03 +0000)]
Pullup ticket 2165 - requested by taca
security update for tcpdump
- pkgsrc/net/tcpdump/Makefile 1.25
- pkgsrc/net/tcpdump/distinfo 1.15
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 2 15:16:52 UTC 2007
Modified Files:
pkgsrc/net/tcpdump: Makefile distinfo
Log Message:
Update tcpdump to 3.9.7.
(I think that "Summary for 0.9.7 libpcap" below should be read
"Summary for 3.9.7 tcpdump".)
Wed. July 23, 2007. mcr@xelerance.com. Summary for 0.9.7 libpcap release
NFS: Print unsigned values as such.
RX: parse safely.
BGP: fixes for IPv6-less builds.
801.1ag: use standard codepoint.
use /dev/bpf on systems with such a device.
802.11: print QoS data, avoid dissect of no-data frame, ignore padding.
smb: make sure that we haven't gone past the end of the captured data.
smb: squelch an uninitialized complaint from coverity.
NFS: from NetBSD; don't interpret the reply as a possible NFS reply
if it got MSG_DENIED.
BGP: don't print TLV values that didn't fit, from www.digit-labs.org.
revised INSTALL.txt about libpcap dependancy.
Wed. April 25, 2007. ken@xelerance.com. Summary for 3.9.6 tcpdump release
Update man page to reflect changes to libpcap
Changes to both TCP and IP Printer Output
Fix a potential buffer overflow in the 802.11 printer
Print basic info about a few more Cisco LAN protocols.
mDNS cleanup
ICMP MPLS rework of the extension code
bugfix: use the correct codepoint for the OSPF simple text auth token
entry, and use safeputs to print the password.
Add support in pflog for additional values
Add support for OIF RSVP Extensions UNI 1.0 Rev. 2 and additional RSVP objects
Add support for the Message-id NACK c-type.
Add support for 802.3ah loopback ctrl msg
Add support for Multiple-STP as per 802.1s
Add support for rapid-SPT as per 802.1w
Add support for CFM Link-trace msg, Link-trace-Reply msg,
Sender-ID tlv, private tlv, port, interface status
Add support for unidirectional link detection as per
http://www.ietf.org/internet-drafts/draft-foschiano-udld-02.txt
Add support for the olsr protocol as per RFC 3626 plus the LQ
extensions from olsr.org
Add support for variable-length checksum in DCCP, as per section 9 of
RFC 4340.
Add support for per-VLAN spanning tree and per-VLAN rapid spanning tree
Add support for Multiple-STP as per 802.1s
Add support for the cisco propriatry 'dynamic trunking protocol'
Add support for the cisco proprietary VTP protocol
Update dhcp6 options table as per IETF standardization activities
ghen [Mon, 13 Aug 2007 13:27:53 +0000 (13:27 +0000)]
Tickets #2164, 2165, 2174, 2175.
ghen [Mon, 13 Aug 2007 13:26:46 +0000 (13:26 +0000)]
Pullup ticket 2175 - requested by markd
security fix for koffice
- pkgsrc/misc/koffice/Makefile 1.95
- pkgsrc/misc/koffice/distinfo 1.42
Module Name: pkgsrc
Committed By: markd
Date: Sun Aug 12 21:07:59 UTC 2007
Modified Files:
pkgsrc/misc/koffice: Makefile distinfo
Log Message:
Latest xpdf vulnerability
http://www.kde.org/info/security/advisory-
20070730-1.txt
Bump PKGREVISION.
ghen [Mon, 13 Aug 2007 09:24:04 +0000 (09:24 +0000)]
Pullup ticket 2174 - requested by markd
security fix for kdegraphics
- pkgsrc/graphics/kdegraphics3/Makefile 1.72
- pkgsrc/graphics/kdegraphics3/distinfo 1.46
Module Name: pkgsrc
Committed By: markd
Date: Sun Aug 12 21:06:49 UTC 2007
Modified Files:
pkgsrc/graphics/kdegraphics3: Makefile distinfo
Log Message:
Latest xpdf vulnerability
http://www.kde.org/info/security/advisory-
20070730-1.txt
Bump PKGREVISION.
ghen [Mon, 13 Aug 2007 08:17:51 +0000 (08:17 +0000)]
Pullup ticket 2164 - requested by taca
security update for libpcap
- pkgsrc/net/libpcap/Makefile 1.37
- pkgsrc/net/libpcap/distinfo 1.18
- pkgsrc/net/libpcap/patches/patch-ab removed
- pkgsrc/net/libpcap/patches/patch-ad removed
- pkgsrc/net/libpcap/patches/patch-ae removed
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 2 15:15:21 UTC 2007
Modified Files:
pkgsrc/net/libpcap: Makefile distinfo
Removed Files:
pkgsrc/net/libpcap/patches: patch-ab patch-ad patch-ae
Log Message:
Update libpcap to 0.9.7.
libpcap
Wed. July 23, 2007. mcr@xelerance.com. Summary for 0.9.7 libpcap release
FIXED version file to be 0.9.7 instead of 0.9.5.
added flags/configuration for cloning bpf device.
added DLT_MTP2_WITH_PHDR support (PPI)
"fix" the "memory leak" in icode_to_fcode() -- documentation bug
Various link-layer types, with a pseudo-header, for SITA http://www.sita.aero/
introduces support for the DAG ERF type TYPE_COLOR_MC_HDLC_POS.
Basic BPF filtering support for DLT_MTP2_WITH_PHDR is also added.
check for IPv4 and IPv6, even for DLT_RAW
add support for DLT_JUNIPER_ISM
Pick up changes from NetBSD: many from tron, christos, drochner
Allocate DLT_ for 802.15.4 without any header munging, for Mikko Saarnivala.
Header for 802.16 MAC Common Part Sublayer plus a radiotap radio header
Wed. April 25, 2007. ken@xelerance.com. Summary for 0.9.6 libpcap release
Put the public libpcap headers into a pcap subdirectory in both the
source directory and the target include directory, and have include
files at the top-level directory to include those headers, for
backwards compatibility.
Add Bluetooth support
Add USB capturing support on Linux
Add support for the binary USB sniffing interface in Linux
Add support for new FreeBSD BIOCSDIRECTION ioctl
Add additional filter operations for 802.11 frame types
Add support for filtering on MTP2 frame types
Propagate some changes from the main branch, so the x.9 branch has
all the DLT_ and LINKTYPE_ values that the main branch does
Reserved a DLT_ and SAVEFILE_ value for PPI (Per Packet Info)
encapsulated packets
Add LINKTYPE_ for IEEE 802.15.4, with address fields padded as done
by Linux drivers
Add LINKTYPE_ value corresponding to DLT_IEEE802_16_MAC_CPS.
Add DLT for IEEE 802.16 (WiMAX) MAC Common Part Sublayer
Add DLT for Bluetooth HCI UART transport layer
When building a shared library, build with "-fPIC" on Linux to support x86_64
Link with "$(CC) -shared" rather than "ld -shared" when building a
".so" shared library
Add support for autoconf 2.60
Fixes to discard unread packets when changing filters
Changes to handle name changes in the DAG library resulting from
switching to libtool.
Add support for new DAG ERF types.
Add an explicit "-ldag" when building the shared library, so the DAG
library dependency is explicit.
Mac OSX fixes for dealing with "wlt" devices
Fixes in add_or_find_if() & pcap_findalldevs() to optimize generating
device lists
Fixed a bug in pcap_open_live(). The return value of PacketSetHwFilter
was not checked.
salo [Fri, 10 Aug 2007 01:41:28 +0000 (01:41 +0000)]
#2156
salo [Fri, 10 Aug 2007 01:40:48 +0000 (01:40 +0000)]
Pullup ticket 2156 - requested by ghen
security update for thunderbird
Revisions pulled up:
- pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.27, 1.28
- pkgsrc/mail/thunderbird/PLIST 1.23
- pkgsrc/mail/thunderbird/distinfo 1.40, 1.41
- pkgsrc/mail/thunderbird-gtk1/PLIST 1.13
Module Name: pkgsrc
Committed By: ghen
Date: Thu Jul 26 12:29:37 UTC 2007
Modified Files:
pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo
pkgsrc/mail/thunderbird-gtk1: PLIST
Log Message:
Update thunderbrd and thunderbird-gtk1 to 2.0.0.5.
Security fixes in this version:
MFSA 2007-15 Security Vulnerability in APOP Authentication
MFSA 2007-12 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.5/releasenotes/
---
Module Name: pkgsrc
Committed By: ghen
Date: Thu Aug 2 08:48:30 UTC 2007
Modified Files:
pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo
Log Message:
Update thunderbrd and thunderbird-gtk1 to 2.0.0.6.
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.6/releasenotes/
lukem [Tue, 7 Aug 2007 05:04:14 +0000 (05:04 +0000)]
revert previous; wrong branch.
lukem [Tue, 7 Aug 2007 05:00:19 +0000 (05:00 +0000)]
no need for PKGREVISION for tnftp
20070806
ghen [Mon, 6 Aug 2007 21:31:11 +0000 (21:31 +0000)]
Tickets #2160, 2161-2163.
ghen [Mon, 6 Aug 2007 21:13:15 +0000 (21:13 +0000)]
Pullup tickets 2161-2163 - requested by taca
security fix for php
- pkgsrc/lang/php5/Makefile 1.56
- pkgsrc/lang/php5/distinfo 1.45
- pkgsrc/lang/php5/patches/patch-ad 1.1
- pkgsrc/lang/php5/patches/patch-ae 1.1
- pkgsrc/www/ap-php/Makefile 1.15
- pkgsrc/www/php4/Makefile 1.79
- pkgsrc/www/php4/distinfo 1.66
- pkgsrc/www/php4/patches/patch-aw 1.3
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 1 01:40:55 UTC 2007
Modified Files:
pkgsrc/www/php4: Makefile distinfo
Added Files:
pkgsrc/www/php4/patches: patch-aw
Log Message:
Add patches to fix CVE-2007-3806 referring CVS repository.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 1 01:40:08 UTC 2007
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ad patch-ae
Log Message:
- Add patches to fix CVE-2007-3806 referring CVS repository.
- Fix compile problem on NetBSD with mremap(2).
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 2 15:10:04 UTC 2007
Modified Files:
pkgsrc/www/ap-php: Makefile
Log Message:
Update of www/php5 package affects ap-php, too.
So, bump PKGREVISION.
(I just forgot to commit.)
ghen [Mon, 6 Aug 2007 20:51:27 +0000 (20:51 +0000)]
Pullup ticket 2160 - requested by adrianp
security update for bind9
- pkgsrc/net/bind9/Makefile 1.91, 1.92
- pkgsrc/net/bind9/distinfo 1.33
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Jul 28 11:41:57 UTC 2007
Modified Files:
pkgsrc/net/bind9: Makefile distinfo
Log Message:
Update to 9.4.1-P1
2206. [security]
"allow-query-cache" and "allow-recursion" now
cross inherit from each other.
If allow-query-cache is not set in named.conf then
allow-recursion is used if set, otherwise allow-query
is used if set, otherwise the default (localnets;
localhost;) is used.
If allow-recursion is not set in named.conf then
allow-query-cache is used if set, otherwise allow-query
is used if set, otherwise the default (localnets;
localhost;) is used.
2203. [security]
Query id generation was cryptographically weak.
2202. [security]
The default acls for allow-query-cache and
allow-recursion were not being applied.
2193. [port]
win32: BINDInstall.exe is now linked statically.
2192. [port]
win32: use vcredist_x86.exe to install Visual
Studio's redistributable dlls if building with
Visual Stdio 2005 or later.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed Aug 1 21:09:57 UTC 2007
Modified Files:
pkgsrc/net/bind9: Makefile
Log Message:
Fix for bind package name pointed out by John Klos on tech-pkg@
salo [Thu, 2 Aug 2007 22:44:16 +0000 (22:44 +0000)]
#2154
salo [Thu, 2 Aug 2007 22:42:53 +0000 (22:42 +0000)]
Pullup ticket 2154 - requested by ghen
security update for firefox
Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common 1.46, 1.47
- pkgsrc/www/firefox/PLIST 1.28
- pkgsrc/www/firefox/distinfo 1.67, 1.68
- pkgsrc/www/firefox/patches/patch-cn 1.5
- pkgsrc/www/firefox-gtk1/PLIST 1.15
- pkgsrc/www/firefox-bin/Makefile 1.30, 1.32
- pkgsrc/www/firefox-bin/distinfo 1.27, 1.29
- pkgsrc/www/firefox15-bin/DESCR 1.3
- pkgsrc/www/firefox15-gtk1/DESCR 1.3
- pkgsrc/www/firefox15/DESCR 1.3
Module Name: pkgsrc
Committed By: xtraeme
Date: Thu Jul 19 18:20:59 UTC 2007
Modified Files:
pkgsrc/www/firefox-bin: Makefile distinfo
Log Message:
Update to 2.0.0.5:
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from
Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escalation using an event handler attached to an
element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
---
Module Name: pkgsrc
Committed By: ghen
Date: Thu Jul 26 08:43:51 UTC 2007
Modified Files:
pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
pkgsrc/www/firefox-gtk1: PLIST
pkgsrc/www/firefox/patches: patch-cn
Log Message:
Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.5.
Security fixes in this version:
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet
Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escalation using an event handler attached to an
element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/
---
Module Name: pkgsrc
Committed By: ghen
Date: Tue Jul 31 10:06:48 UTC 2007
Modified Files:
pkgsrc/www/firefox: Makefile-firefox.common distinfo
pkgsrc/www/firefox-bin: Makefile distinfo
Log Message:
Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.6.
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.6/releasenotes/
---
Module Name: pkgsrc
Committed By: ghen
Date: Thu Jul 26 08:47:36 UTC 2007
Modified Files:
pkgsrc/www/firefox15: DESCR
pkgsrc/www/firefox15-bin: DESCR
pkgsrc/www/firefox15-gtk1: DESCR
Log Message:
Firefox 1.5.0.x has been EOL'd.
ghen [Thu, 2 Aug 2007 07:29:59 +0000 (07:29 +0000)]
Ticket #2155.
ghen [Thu, 2 Aug 2007 07:29:29 +0000 (07:29 +0000)]
Pullup ticket 2155 - requested by tron
security fix for qt3-libs
- pkgsrc/x11/qt3-libs/Makefile 1.64
- pkgsrc/x11/qt3-libs/distinfo 1.45
- pkgsrc/x11/qt3-libs/patches/patch-ca 1.1
- pkgsrc/x11/qt3-libs/patches/patch-cb 1.1
- pkgsrc/x11/qt3-libs/patches/patch-cc 1.1
- pkgsrc/x11/qt3-libs/patches/patch-cd 1.1
- pkgsrc/x11/qt3-libs/patches/patch-ce 1.1
- pkgsrc/x11/qt3-libs/patches/patch-cf 1.1
- pkgsrc/x11/qt3-libs/patches/patch-cg 1.1
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 1 20:51:26 UTC 2007
Modified Files:
pkgsrc/x11/qt3-libs: Makefile distinfo
Added Files:
pkgsrc/x11/qt3-libs/patches: patch-ca patch-cb patch-cc patch-cd
patch-ce patch-cf patch-cg
Log Message:
Add patches provided by Trolltech to fix CVE-2007-3388.
Bump package revision.
ghen [Sat, 28 Jul 2007 22:57:13 +0000 (22:57 +0000)]
Pullup ticket 2134 - requested by lkundrak
security fix for gdb
- pkgsrc/devel/gdb/Makefile 1.34
- pkgsrc/devel/gdb/distinfo 1.9-1.10
- pkgsrc/devel/gdb/patches/patch-am 1.2
- pkgsrc/devel/gdb/patches/patch-ap 1.1
- pkgsrc/devel/gdb/patches/patch-aq 1.1
Module Name: pkgsrc
Committed By: lkundrak
Date: Tue Jul 3 12:41:19 UTC 2007
Modified Files:
pkgsrc/devel/gdb: Makefile distinfo
Added Files:
pkgsrc/devel/gdb/patches: patch-ap patch-aq
Log Message:
Fixes for CVE-2005-1704 and CVE-2005-1705. Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: lkundrak
Date: Wed Jul 11 13:12:02 UTC 2007
Modified Files:
pkgsrc/devel/gdb: distinfo
pkgsrc/devel/gdb/patches: patch-am
Log Message:
Attempt to fix build on >1.6
ghen [Sat, 28 Jul 2007 22:39:23 +0000 (22:39 +0000)]
Ticket #2136.
ghen [Sat, 28 Jul 2007 22:28:50 +0000 (22:28 +0000)]
Pullup ticket 2136 - requested by lkundrak
security fix for gimp
- pkgsrc/graphics/gimp/Makefile 1.157
- pkgsrc/graphics/gimp/distinfo 1.35
- pkgsrc/graphics/gimp/patches/patch-ae 1.7
- pkgsrc/graphics/gimp24/Makefile 1.45
- pkgsrc/graphics/gimp24/distinfo 1.18
- pkgsrc/graphics/gimp24/patches/patch-af 1.1
Module Name: pkgsrc
Committed By: lkundrak
Date: Wed Jul 4 13:34:36 UTC 2007
Modified Files:
pkgsrc/graphics/gimp: Makefile distinfo
Added Files:
pkgsrc/graphics/gimp/patches: patch-ae
Log Message:
Fix for CVE-2007-2949 heap overflow. Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: lkundrak
Date: Wed Jul 4 15:19:52 UTC 2007
Modified Files:
pkgsrc/graphics/gimp24: Makefile distinfo
Added Files:
pkgsrc/graphics/gimp24/patches: patch-af
Log Message:
Fix for CVE-2007-2949 heap overflow. Bump PKGREVISION.
ghen [Sat, 28 Jul 2007 16:47:28 +0000 (16:47 +0000)]
Ticket #2146.
ghen [Sat, 28 Jul 2007 16:46:40 +0000 (16:46 +0000)]
Pullup ticket 2146 - requested by tron
security update for mysql5
- pkgsrc/databases/mysql5-client/Makefile.common 1.25
- pkgsrc/databases/mysql5-client/PLIST 1.7
- pkgsrc/databases/mysql5-client/distinfo 1.19
- pkgsrc/databases/mysql5-client/patches/patch-ac removed
- pkgsrc/databases/mysql5-client/patches/patch-ad 1.6
- pkgsrc/databases/mysql5-client/patches/patch-ae 1.9
- pkgsrc/databases/mysql5-client/patches/patch-bg removed
- pkgsrc/databases/mysql5-server/PLIST 1.11
- pkgsrc/databases/mysql5-server/distinfo 1.16
- pkgsrc/databases/mysql5-server/patches/patch-aa 1.5
- pkgsrc/databases/mysql5-server/patches/patch-ac removed
- pkgsrc/databases/mysql5-server/patches/patch-ah 1.6
- pkgsrc/databases/mysql5-server/patches/patch-ao removed
Module Name: pkgsrc
Committed By: tron
Date: Sun Jul 15 19:22:07 UTC 2007
Modified Files:
pkgsrc/databases/mysql5-client: Makefile.common PLIST distinfo
pkgsrc/databases/mysql5-client/patches: patch-ad patch-ae
pkgsrc/databases/mysql5-server: PLIST distinfo
pkgsrc/databases/mysql5-server/patches: patch-aa patch-ah
Removed Files:
pkgsrc/databases/mysql5-client/patches: patch-ac patch-bg
pkgsrc/databases/mysql5-server/patches: patch-ac patch-ao
Log Message:
Update "mysql5-client" and "mysql5-server" packages to version 5.0.45.
Change since version 5.0.41:
- Functionality added or changed:
- A new status variable, Com_call_procedure, indicates the number of calls
to stored procedures. (Bug#27994)
- NDB Cluster: The server source tree now includes scripts to simplify
building MySQL with SCI support. For more information about SCI
interconnects and these build scripts, see Section 15.9.1,
Configuring MySQL Cluster to use SCI Sockets. (Bug#25470)
- Prior to this release, when DATE values were compared with DATETIME values
the time portion of the DATETIME value was ignored. Now a DATE value is
coerced to the DATETIME type by adding the time portion as 00:00:00. To
mimic the old behavior use the CAST() function in the following way:
SELECT date_field = CAST(NOW() as DATE);. (Bug#28929)
- A large number of bugs including these security problems have been fixed:
- A malformed password packet in the
connection protocol could cause the server to crash. Thanks for Dormando
for reporting this bug and providing details and a proof of concept.
(Bug#28984)
- CREATE TABLE LIKE did not require any privileges on the source table. Now
it requires the SELECT privilege. (Bug#25578)
- In addition, CREATE TABLE LIKE was not isolated from alteration by other
connections, which resulted in various errors and incorrect binary log
order when trying to execute concurrently a CREATE TABLE LIKE statement
and either DDL statements on the source table or DML or DDL statements on
the target table. (Bug#23667)
ghen [Fri, 27 Jul 2007 23:09:13 +0000 (23:09 +0000)]
Tickets #2144, 2147, 2151.
ghen [Fri, 27 Jul 2007 23:06:55 +0000 (23:06 +0000)]
Pullup ticket 2147 - requested by martti
latest update for clamav
- pkgsrc/mail/clamav/Makefile 1.77-1.79
- pkgsrc/mail/clamav/buildlink3.mk 1.14
- pkgsrc/mail/clamav/distinfo 1.45-1.47
- pkgsrc/mail/clamav/options.mk 1.3
- pkgsrc/mail/clamav/patches/patch-aa 1.16
- pkgsrc/mail/clamav/patches/patch-ah 1.10
Module Name: pkgsrc
Committed By: xtraeme
Date: Wed Jul 11 17:44:22 UTC 2007
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo options.mk
Log Message:
Update to 0.91:
ClamAV 0.91 is the first release to enable the anti-phishing technology
in default builds. This technology combines heuristics with special
signatures and provides effective protection against phishing threats.
Other important changes and add-ons in this version include:
- unpacker for NSIS (Nullsoft Scriptable Install System) self-extracting
archives
- unpacker for ASPack 2.12
- new implementation of the Aho-Corasick pattern matcher providing
better detection for wildcard enabled signatures
- support for nibble matching and floating offsets
- improved handling of .mdb files (fixes long startup times)
- extraction of PE files embedded into other executables
- better handling of PE & UPX
- removed dependency on libcurl (improves stability)
- libclamav.dll available under Windows
- IPv6 support in clamav-milter
- many other improvements and bugfixes
---
Module Name: pkgsrc
Committed By: martti
Date: Tue Jul 17 06:54:31 UTC 2007
Modified Files:
pkgsrc/mail/clamav: Makefile buildlink3.mk distinfo
pkgsrc/mail/clamav/patches: patch-ah
Log Message:
Updated mail/clamav to 0.91.1
- libclamav/others.c: bump f-level
- libclamav/unrar/unrarvm.c: fix another occurrence of bb#555, thanks to
Ludwig Nussel <ludwig.nussel*suse.de>
- sigtool/sigtool.c: increase MAX_DEL_LOOKAHEAD, requested by Sven
- libclamav/scanner.c: don't search for embedded PEs in zip files larger
than 1 MB (bb#573)
- clamav-milter: Fix memory leak when load balancing
- clamav-milter: Chroot handling no longer marked as experimental
- libclamav/nsis: fix macro collision on AIX - bb#570
- libclamav/phishcheck.c: fix (null) FOUND
- libclamav: rename x86 macroes due to collisions on HPUX
- libclamav: Fix warnings on HP-UX
---
Module Name: pkgsrc
Committed By: martti
Date: Wed Jul 18 06:57:59 UTC 2007
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Added Files:
pkgsrc/mail/clamav/patches: patch-aa
Log Message:
Updated mail/clamav to 0.91.1nb1
Fix for https://wwws.clamav.net/bugzilla/show_bug.cgi?id=580
ghen [Fri, 27 Jul 2007 22:47:14 +0000 (22:47 +0000)]
Pullup ticket 2151 - requested by joerg
security update for lighttpd
- pkgsrc/www/lighttpd/Makefile 1.15
- pkgsrc/www/lighttpd/distinfo 1.10
Module Name: pkgsrc
Committed By: joerg
Date: Wed Jul 25 10:26:05 UTC 2007
Modified Files:
pkgsrc/www/lighttpd: Makefile distinfo
Log Message:
Update to lighttpd 1.4.16. This fixes a number of security issues:
- various possible NULL pointer references
- two cases were uninitialised memory is used or memory could be
corrupted. This might be exploitable to execute arbitrary code.
- possible mod_access by-pass by appending /
- a local DOS by broken FastCGI handlers
ghen [Fri, 27 Jul 2007 22:39:34 +0000 (22:39 +0000)]
Pullup ticket 2144 - requested by lkundrak
security fix for libarchive
- pkgsrc/archivers/libarchive/Makefile 1.17
- pkgsrc/archivers/libarchive/distinfo 1.14
- pkgsrc/archivers/libarchive/patches/patch-ad 1.1
Module Name: pkgsrc
Committed By: lkundrak
Date: Fri Jul 13 09:26:32 UTC 2007
Modified Files:
pkgsrc/archivers/libarchive: Makefile distinfo
Added Files:
pkgsrc/archivers/libarchive/patches: patch-ad
Log Message:
Fix for FreeBSD-SA-07:05.libarchive CVE-2007-3641, CVE-2007-3644 and
CVE-2007-3645. PKGREVISION bump.
ghen [Tue, 24 Jul 2007 21:29:42 +0000 (21:29 +0000)]
Older tickets: #2131, 2133, 2134, 2135, 2138.
salo [Sat, 21 Jul 2007 01:19:38 +0000 (01:19 +0000)]
#2142
salo [Sat, 21 Jul 2007 01:19:09 +0000 (01:19 +0000)]
Pullup ticket 2142 - requested by joerg
remove PKG_TOOLS_PREFIX handling from bootstrap tools
Revisions pulled up:
- pkgsrc/pkgtools/mtree/Makefile 1.22
- pkgsrc/pkgtools/mtree/Makefile.common 1.3
- pkgsrc/pkgtools/pax/Makefile 1.15
- pkgsrc/pkgtools/pkg_install/Makefile 1.131
- pkgsrc/pkgtools/pkg_install/files/lib/version.h 1.65
- pkgsrc/pkgtools/tnftp/Makefile 1.3
Module Name: pkgsrc
Committed By: joerg
Date: Tue Jul 10 15:19:18 UTC 2007
Modified Files:
pkgsrc/pkgtools/mtree: Makefile Makefile.common
pkgsrc/pkgtools/pax: Makefile
pkgsrc/pkgtools/pkg_install: Makefile
pkgsrc/pkgtools/pkg_install/files/lib: version.h
pkgsrc/pkgtools/tnftp: Makefile
Log Message:
Remove PKG_TOOLS_PREFIX handling for mtree, pax, pkg_install and
tnftp. Modifying files and possibly removing them from the base system
is doing more harm than use. Bump revision or version of each
package.
ghen [Tue, 10 Jul 2007 12:16:06 +0000 (12:16 +0000)]
Pullup ticket 2139 - requested by martti
bugfix update for proftpd
- pkgsrc/net/proftpd/Makefile 1.42
- pkgsrc/net/proftpd/PLIST 1.13
- pkgsrc/net/proftpd/distinfo 1.24
- pkgsrc/net/proftpd/patches/patch-ab 1.7
- pkgsrc/net/proftpd/patches/patch-ac 1.9
- pkgsrc/net/proftpd/patches/patch-ad removed
- pkgsrc/net/proftpd/patches/patch-ae removed
- pkgsrc/net/proftpd/patches/patch-af removed
Module Name: pkgsrc
Committed By: martti
Date: Fri Jul 6 11:04:41 UTC 2007
Modified Files:
pkgsrc/net/proftpd: Makefile PLIST distinfo
pkgsrc/net/proftpd/patches: patch-ab patch-ac
Removed Files:
pkgsrc/net/proftpd/patches: patch-ad patch-ae patch-af
Log Message:
Updated net/proftpd to 1.3.1rc3
Hello, ProFTPD community. The ProFTPD Project team is pleased to announce
that the third release candidate for ProFTPD 1.3.1 is now available
for public consumption.
The 1.3.1rc3 release includes a number of minor bugfixes, including
segfaults when handling the NLST command, dealing assigning IPv6 addresses
for the EPSV command, and better handling of Display files in chrooted
sessions.
Please read the included NEWS and ChangeLog files for the full details.
ghen [Tue, 10 Jul 2007 11:13:37 +0000 (11:13 +0000)]
Pullup ticket 2138 - requested by taca
security update for p5-Net-DNS
- pkgsrc/net/p5-Net-DNS/Makefile 1.35
- pkgsrc/net/p5-Net-DNS/distinfo 1.18
Module Name: pkgsrc
Committed By: taca
Date: Tue Jul 3 14:53:21 UTC 2007
Modified Files:
pkgsrc/net/p5-Net-DNS: Makefile distinfo
Log Message:
Update p5-Net-DNS package to 0.60.
Changes are more than 100 lines, but it fixes these security problem.
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3409
ghen [Tue, 10 Jul 2007 10:33:47 +0000 (10:33 +0000)]
Pullup ticket 2135 - requested by tron
security update for phpmyadmin
- pkgsrc/databases/phpmyadmin/Makefile 1.60
- pkgsrc/databases/phpmyadmin/distinfo 1.29
Module Name: pkgsrc
Committed By: tron
Date: Tue Jul 3 14:18:14 UTC 2007
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.10.2.
The new version fixes several bugs and addresses the security
vulerability reported in PMASA-2007-4.
ghen [Tue, 10 Jul 2007 10:01:55 +0000 (10:01 +0000)]
Pullup ticket 2134 - requested by lkundrak
security fix for gdb
- pkgsrc/devel/gdb6/Makefile 1.21
- pkgsrc/devel/gdb6/distinfo 1.11
- pkgsrc/devel/gdb6/patches/patch-bo 1.1
- pkgsrc/devel/gdb6/patches/patch-bp 1.1
Module Name: pkgsrc
Committed By: lkundrak
Date: Tue Jul 3 12:32:28 UTC 2007
Modified Files:
pkgsrc/devel/gdb6: Makefile distinfo
Added Files:
pkgsrc/devel/gdb6/patches: patch-bo patch-bp
Log Message:
Backported fixes for CAN-2005-1704 and CAN-2005-1705.
ghen [Tue, 10 Jul 2007 09:37:03 +0000 (09:37 +0000)]
Pullup ticket 2133 - requested by lkundrak
security update for gaim-encryption
- pkgsrc/chat/gaim-encryption/Makefile 1.15
- pkgsrc/chat/gaim-encryption/distinfo 1.4
Module Name: pkgsrc
Committed By: lkundrak
Date: Tue Jul 3 10:35:40 UTC 2007
Modified Files:
pkgsrc/chat/gaim-encryption: Makefile distinfo
Log Message:
Imported a new version with two subtle bugs, yet with security
implications were fixed.
2.39 Bugfix for invalid key messages
Memory leaks fixed (Max Kellermann and Stu Tomlinson)
ghen [Tue, 10 Jul 2007 06:55:51 +0000 (06:55 +0000)]
Pullup ticket 2131 - requested by lkundrak
security update for flac123
- pkgsrc/audio/flac123/Makefile 1.8
- pkgsrc/audio/flac123/distinfo 1.5
Module Name: pkgsrc
Committed By: lkundrak
Date: Mon Jul 2 13:20:19 UTC 2007
Modified Files:
pkgsrc/audio/flac123: Makefile distinfo
Log Message:
Updating to 0.0.10. Just changes about 5 lines to prevent a stack
overflow by the long comment string.
ghen [Mon, 9 Jul 2007 15:07:52 +0000 (15:07 +0000)]
Tickets #2126, 2127, 2128, 2130.
ghen [Mon, 9 Jul 2007 14:40:05 +0000 (14:40 +0000)]
Pullup ticket 2130 - requested by martti
bugfix update for vim
- pkgsrc/editors/vim-lang/Makefile 1.12
- pkgsrc/editors/vim-share/Makefile.common 1.86
- pkgsrc/editors/vim-share/distinfo 1.76
- pkgsrc/editors/vim-share/version.mk 1.33
Modified Files:
pkgsrc/editors/vim-lang: Makefile
pkgsrc/editors/vim-share: Makefile.common distinfo version.mk
Log Message:
Updated editors/vim-share to 7.1.18
1529 7.1.003 (extra) Win32: menu entries end up in message history
2481 7.1.004 crash when editing a directory
3841 7.1.005 "cit" used on <foo></foo> deletes <foo>
2941 7.1.006 when reading from stdin 'modified' can't be reset in autocmd
6458 7.1.007 (extra) Mac: context menu does not work, scrollbars not dimmed
2631 7.1.008 getfsize() returns an invalid number for very big files
1881 7.1.009 diff mode: tab to spaces change not highlighted correctly
2796 7.1.010 Gnome: tab pages are not included in the saved session
1934 7.1.011 buffer overflow when $VIMRUNTIME is very long
1904 7.1.012 ":let &tw = 'asdf'" does not give an error message
2139 7.1.013 ":syn include" only loads the first file
1479 7.1.014 crash in C-indenting
3743 7.1.015 MzScheme interface doesn't build on Mac; init problem
2368 7.1.016 (after 7.1.012) error message when using ":cwindow"
6729 7.1.017 ":confirm w" does not give a prompt when file is read-only
1771 7.1.018 "p" at end of line doesn't work right when 've' is set
ghen [Mon, 9 Jul 2007 14:24:04 +0000 (14:24 +0000)]
Pullup ticket 2128 - requested by joerg
build fix for p5-GTop
- pkgsrc/sysutils/p5-GTop/Makefile 1.2
Module Name: pkgsrc
Committed By: joerg
Date: Mon Jul 2 06:14:15 UTC 2007
Modified Files:
pkgsrc/sysutils/p5-GTop: Makefile
Log Message:
Needs pkg-config.
ghen [Mon, 9 Jul 2007 14:10:59 +0000 (14:10 +0000)]
Pullup ticket 2127 - requested by tnn
build fix for bootstrap
- pkgsrc/bootstrap/bootstrap 1.99
- pkgsrc/pkgtools/bootstrap-extras/Makefile 1.3
- pkgsrc/pkgtools/bootstrap-extras/PLIST 1.2
- pkgsrc/pkgtools/bootstrap-extras/files/xargs-sh 1.1
Module Name: pkgsrc
Committed By: tnn
Date: Sun Jul 1 23:27:43 UTC 2007
Modified Files:
pkgsrc/bootstrap: bootstrap
pkgsrc/pkgtools/bootstrap-extras: Makefile PLIST
Added Files:
pkgsrc/pkgtools/bootstrap-extras/files: xargs-sh
Log Message:
xargs(1) on Interix is broken. It executes the utility on the command
line even if standard input is the empty string. Install a wrapper
script bundled with pkgtools/bootstrap-extras to deal with this. This
is an attempt at a permanent workaround for the problem described in PR
pkg/25777 which has regressed since it was initially fixed.
We can now bootstrap again on Interix 3.5.
ghen [Mon, 9 Jul 2007 13:59:36 +0000 (13:59 +0000)]
Pullup ticket 2126 - requested by tnn
build fix for ncurses
- pkgsrc/devel/ncurses/Makefile.common 1.6
Module Name: pkgsrc
Committed By: tnn
Date: Mon Jul 2 02:08:20 UTC 2007
Modified Files:
pkgsrc/devel/ncurses: Makefile.common
Log Message:
On platforms that have neither a builtin groff nor builtin curses
we can end up with a circular dependency:
ncurses -> groff -> netpbm -> flex -> bison -> gtexinfo -> ncurses
ncurses may depend on groff because of USE_TOOLS+=tbl.
Break the circular dependency by using --without-manpage-tbl
if there is no tbl(1) available and we're unable to build
groff because of missing curses.
agc [Sun, 1 Jul 2007 00:18:35 +0000 (00:18 +0000)]
Add CHANGES file for the pkgsrc-2007Q2 branch.
branch-fixup [Sat, 30 Jun 2007 19:45:13 +0000 (19:45 +0000)]
Add files from parent branch HEAD:
www/ap2-xslt2/Makefile
branch-fixup [Sat, 30 Jun 2007 19:30:50 +0000 (19:30 +0000)]
Add files from parent branch HEAD:
net/uucp/files/uucpd/uucpd.c
branch-fixup [Sat, 30 Jun 2007 19:18:47 +0000 (19:18 +0000)]
Add files from parent branch HEAD:
sysutils/lavaps/Makefile
sysutils/lavaps/distinfo
sysutils/lavaps/patches/patch-ad
sysutils/lavaps/patches/patch-ae
sysutils/lavaps/patches/patch-af
branch-fixup [Sat, 30 Jun 2007 19:16:26 +0000 (19:16 +0000)]
Add files from parent branch HEAD:
games/quakeforge/Makefile
games/quakeforge/PLIST
branch-fixup [Sat, 30 Jun 2007 18:49:38 +0000 (18:49 +0000)]
Add files from parent branch HEAD:
security/ddos-scan/Makefile
security/ddos-scan/distinfo
security/ddos-scan/patches/patch-aa
branch-fixup [Sat, 30 Jun 2007 18:42:24 +0000 (18:42 +0000)]
Add files from parent branch HEAD:
graphics/koverartist/distinfo
graphics/koverartist/patches/patch-aa
graphics/koverartist/patches/patch-ab
graphics/koverartist/patches/patch-ac
branch-fixup [Sat, 30 Jun 2007 18:31:52 +0000 (18:31 +0000)]
Add files from parent branch HEAD:
lang/brandybasic/distinfo
lang/brandybasic/patches/patch-aa
branch-fixup [Sat, 30 Jun 2007 18:24:51 +0000 (18:24 +0000)]
Add files from parent branch HEAD:
devel/bcc/Makefile
branch-fixup [Sat, 30 Jun 2007 18:14:36 +0000 (18:14 +0000)]
Add files from parent branch HEAD:
sysutils/xfce4-netload-plugin/distinfo
sysutils/xfce4-netload-plugin/patches/patch-aa
sysutils/xfce4-netload-plugin/patches/patch-ab
sysutils/xfce4-netload-plugin/patches/patch-ac
branch-fixup [Sat, 30 Jun 2007 18:08:35 +0000 (18:08 +0000)]
Add files from parent branch HEAD:
security/botan/distinfo
security/botan/patches/patch-ak
branch-fixup [Sat, 30 Jun 2007 17:59:03 +0000 (17:59 +0000)]
Add files from parent branch HEAD:
editors/xemacs-current/Makefile
editors/xemacs-current/distinfo
editors/xemacs-current/patches/patch-aj
editors/xemacs-current/patches/patch-ak
branch-fixup [Sat, 30 Jun 2007 17:40:50 +0000 (17:40 +0000)]
Add files from parent branch HEAD:
sysutils/xfce4-battery-plugin/distinfo
sysutils/xfce4-battery-plugin/patches/patch-aa
branch-fixup [Sat, 30 Jun 2007 17:17:34 +0000 (17:17 +0000)]
Add files from parent branch HEAD:
devel/ArX2/distinfo
devel/ArX2/patches/patch-ac
devel/ArX2/patches/patch-ad
branch-fixup [Sat, 30 Jun 2007 16:12:03 +0000 (16:12 +0000)]
Add files from parent branch HEAD:
security/botan/Makefile
branch-fixup [Sat, 30 Jun 2007 16:09:09 +0000 (16:09 +0000)]
Add files from parent branch HEAD:
devel/subversion/Makefile
www/ap2-auth-mysql/Makefile
www/ap2-auth-pgsql/Makefile
www/ap2-auth-radius/Makefile
www/ap2-auth-xradius/Makefile
www/ap2-bw/Makefile
www/ap2-chroot/Makefile
www/ap2-fastcgi/Makefile
www/ap2-fcgid/Makefile
www/ap2-jk/Makefile
www/ap2-perl/Makefile
www/ap2-perl/buildlink3.mk
www/ap2-python/Makefile
www/ap2-subversion/Makefile
www/ap2-transform/Makefile
www/p5-HTML-Mason/Makefile
www/p5-libapreq2/Makefile
branch-fixup [Sat, 30 Jun 2007 15:57:00 +0000 (15:57 +0000)]
Add files from parent branch HEAD:
doc/CHANGES-2007
branch-fixup [Sat, 30 Jun 2007 15:55:23 +0000 (15:55 +0000)]
Add files from parent branch HEAD:
math/R-ISwR/Makefile
math/R-ISwR/distinfo
branch-fixup [Sat, 30 Jun 2007 15:22:09 +0000 (15:22 +0000)]
Add files from parent branch HEAD:
wm/metisse/distinfo
wm/metisse/patches/patch-ab
wm/metisse/patches/patch-ad
wm/metisse/patches/patch-ae
wm/metisse/patches/patch-af
branch-fixup [Sat, 30 Jun 2007 15:11:24 +0000 (15:11 +0000)]
Add files from parent branch HEAD:
multimedia/gnash/distinfo
multimedia/gnash/patches/patch-aa
multimedia/gnash/patches/patch-ab
branch-fixup [Sat, 30 Jun 2007 15:05:08 +0000 (15:05 +0000)]
Add files from parent branch HEAD:
www/ap2-suphp/Makefile
www/ap2-suphp/distinfo
www/ap2-suphp/patches/patch-aa
www/ap2-suphp/patches/patch-ab
branch-fixup [Sat, 30 Jun 2007 15:04:55 +0000 (15:04 +0000)]
Add files from parent branch HEAD:
devel/apr-util/buildlink3.mk
devel/apr/buildlink3.mk
branch-fixup [Sat, 30 Jun 2007 14:35:11 +0000 (14:35 +0000)]
Add files from parent branch HEAD:
www/ap2-auth-ldap/Makefile
branch-fixup [Sat, 30 Jun 2007 14:28:05 +0000 (14:28 +0000)]
Add files from parent branch HEAD:
multimedia/vlc07/Makefile
multimedia/vlc07/PLIST.common
multimedia/vlc07/PLIST.common_end
branch-fixup [Sat, 30 Jun 2007 14:24:14 +0000 (14:24 +0000)]
Add files from parent branch HEAD:
devel/gtexinfo/Makefile
branch-fixup [Sat, 30 Jun 2007 14:19:52 +0000 (14:19 +0000)]
Add files from parent branch HEAD:
math/xfractint/Makefile
math/xfractint/distinfo
math/xfractint/patches/patch-ao
branch-fixup [Sat, 30 Jun 2007 13:47:38 +0000 (13:47 +0000)]
Add files from parent branch HEAD:
security/base/Makefile
branch-fixup [Sat, 30 Jun 2007 13:28:06 +0000 (13:28 +0000)]
Add files from parent branch HEAD:
net/mbrowse/Makefile
branch-fixup [Sat, 30 Jun 2007 13:21:13 +0000 (13:21 +0000)]
Add files from parent branch HEAD:
www/emacs-w3m/Makefile
branch-fixup [Sat, 30 Jun 2007 12:58:59 +0000 (12:58 +0000)]
Add files from parent branch HEAD:
pkgtools/createbuildlink/Makefile
branch-fixup [Sat, 30 Jun 2007 10:54:37 +0000 (10:54 +0000)]
Add files from parent branch HEAD:
bootstrap/README.HPUX
branch-fixup [Sat, 30 Jun 2007 05:13:24 +0000 (05:13 +0000)]
Add files from parent branch HEAD:
mk/emacs.mk
branch-fixup [Sat, 30 Jun 2007 05:07:02 +0000 (05:07 +0000)]
Add files from parent branch HEAD:
editors/leim/Makefile
branch-fixup [Sat, 30 Jun 2007 03:57:10 +0000 (03:57 +0000)]
Add files from parent branch HEAD:
x11/xplanet/Makefile
x11/xplanet/PLIST
branch-fixup [Sat, 30 Jun 2007 03:06:58 +0000 (03:06 +0000)]
Add files from parent branch HEAD:
fonts/libfontenc/buildlink3.mk
branch-fixup [Sat, 30 Jun 2007 02:54:06 +0000 (02:54 +0000)]
Add files from parent branch HEAD:
www/zope25-PropertyFolder/Makefile