pkgsrc fixup [Mon, 25 Jul 2011 20:00:46 +0000 (13:00 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Fri, 22 Jul 2011 17:23:23 +0000 (10:23 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Wed, 20 Jul 2011 21:23:22 +0000 (14:23 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Tue, 19 Jul 2011 22:01:34 +0000 (15:01 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Tue, 19 Jul 2011 02:35:05 +0000 (19:35 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Mon, 18 Jul 2011 21:42:21 +0000 (14:42 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Wed, 13 Jul 2011 23:24:35 +0000 (16:24 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Tue, 12 Jul 2011 21:51:54 +0000 (14:51 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Tue, 12 Jul 2011 02:55:29 +0000 (19:55 -0700)]
Fixup fromcvs/togit conversion
jkunz [Thu, 13 Jan 2011 22:01:30 +0000 (22:01 +0000)]
Revert erroneous commit to branch pkgsrc-2010Q3.
Sorry for the inconvenience.
jkunz [Thu, 13 Jan 2011 20:56:29 +0000 (20:56 +0000)]
Update to version 0.3.4
Changes:
Bug #11:
Fix screenshot rotation for 60SCx
Request #12:
add driver for Forerunner 305
jkunz [Thu, 13 Jan 2011 20:51:30 +0000 (20:51 +0000)]
Update to version 0.17.0.
Changes:
* French Cadastre plugin
* Bing Maps plugin
* GDAL raster background plugin
* Printing and exporting to PDF/raster/SVG
* Extrude interaction for ways
* Filter system
* Toolbar editor (create/modify tollbars)
* Allow to align background image with <SPACE>+pan
* When opening/importing, always fallback to GDAL if available. Allows to open most GDAL supported geomtery files.
* Styles : allow to texture areas with an icon
* Auto-add "source" tag when drawing over a background map; define the value in the WMS and TMS editors
* New command line options: "--ignore-preferences" && "--reset-preferences"
* "--importag-tags-as-is" command-line switch to prevent adding underscores to imported tags
* When creating a way or area, press "C" to close the current way
* New preference: "Allow node/way creation in select mode". When checked, allows double-click to create a node and double-click on a node to start a way in select mode.
* Snap to angle functionality when creating way: keeping "o" pressed snap to 45° angles, "h" snap to 30° angles
* Ability to enter and select multiple OSM servers in preferences
* Use Nominatim (http://nominatim.openstreetmap.org/) for place name lookup due to gazetteer closure
* Support for XAPI
* Allow to rename a layer by double-clicking on its name
* If a shapefile do not provide its projection, ask the user for it and do not crash
* "Set view projection to layer's" action added to image layers; set the main projection to the one of the layer
* Tool to align edges to regularly spaced angles (can orthogonalise buildings)
* Join areas tool
* Add a "portable" mode to merkaartor via command-line ("-p") or build setting ("PORTABLE=1")
* Add a "Find" button to the Feature dock. Press "Reset" to revert to list current features.
tron [Sat, 8 Jan 2011 15:32:19 +0000 (15:32 +0000)]
Pullup ticket #3319.
tron [Sat, 8 Jan 2011 15:29:47 +0000 (15:29 +0000)]
Pullup ticket #3319 - requested by taca
lang/php5: security update
lang/php53: security update
Revisions pulled up:
- lang/php5/Makefile.common 1.45
- lang/php5/distinfo 1.83
- lang/php5/distinfo 1.84
- lang/php5/patches/patch-ab 1.6
- lang/php5/patches/patch-ab delete
- lang/php53/Makefile.common 1.4
- lang/php53/distinfo 1.9
- lang/php53/patches/patch-ar 1.1
---
Module Name: pkgsrc
Committed By: jklos
Date: Thu Jan 6 22:13:24 UTC 2011
Modified Files:
pkgsrc/lang/php5: distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ab
Log Message:
Fix VAX floating point handling in zend_strtod.c.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 7 09:16:28 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile.common distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-ab
Log Message:
Update php5 pacakge to 5.2.17.
* patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.
06 Jan 2010, PHP 5.2.17
- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
Rasmus)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 7 09:20:16 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.common distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-ar
Log Message:
Update php53 pacakge to 5.3.5.
* Add fix for VAX floating point handling (Bug #53682), r307192 from
PHP's repositry. (It is in PHP 5.2.17 but not in 5.3.5).
06 Jan 2011, PHP 5.3.5
- Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus)
tron [Sat, 8 Jan 2011 15:11:27 +0000 (15:11 +0000)]
Pullup ticket #3317 and #3318.
tron [Sat, 8 Jan 2011 15:10:20 +0000 (15:10 +0000)]
Pullup ticket #3317 - requested by taca
www/contao29: security update
Revisions pulled up:
- www/contao29/Makefile 1.8-1.10
- www/contao29/Makefile.version 1.3-1.4
- www/contao29/distinfo 1.4-1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 13:32:45 UTC 2010
Modified Files:
pkgsrc/www/contao29: Makefile Makefile.version distinfo
Log Message:
Update contao29 package to 2.9.2.
Version 2.9.2 (2010-12-02)
--------------------------
- Updated TCPDF to version 5.9.023 (#2686)
- Updated MooTools Core to version 1.2.5 (#2545)
- Updated TinyMCE to version 3.3.9.2 (#2702)
- Updated mediaboxAdvanced to version 1.2.5 (#2701)
- Added: allow external images in HTML newsletters (#2396)
- Added: added insert tags for acronyms and abbreviations (#2478)
- Added: add class "sibling" to pages on the same level in the navigation menu (#2419)
- Fixed: do not allow insert tags in comments (#2499)
- Fixed: check for custom layout sections during the theme import
- Fixed: only send the comments notification once (#2407)
- Fixed: skipping the first item of a news list did not work correctly (#2488)
- Fixed: allow column width 0 in page layouts (#2554)
- Fixed: consider the protocol when loading scripts from the Google CDN (#2450)
- Fixed: textareas in the back end were cut off in Opera (#2404)
- Fixed: the task history could not be collapsed (#2424)
- Fixed: the link insert tags showed the page title instead of the page name (#2371)
- Fixed: do not show empty fieldset legends in the form generator (#2625)
- Fixed: preserve curly brackets when replacing simple tokens (#2597)
- Fixed: the style sheet importer did not support some CSS3 selectors (#2566)
- Fixed: textual date insert tags were not replaced when loaded from cache (#2644)
- Fixed: the image insert tag did not output the image dimensions (#2529)
- Fixed: clear the $_GET array after rendering the event list module (#2445)
- Fixed: do not aggregate style sheets with a @font-face selector (#2443)
- Fixed: news insert tags did not handle entities correctly (#2604)
- Fixed: do not show the FTP and database passwords in the install tool (#2417)
- Fixed: minor fixes for the TimePeriod widget (#2477)
- Fixed: update the CSS files after an old version of a record has been restored (#2524)
- Fixed: custom page templates were not shown in "override all" mode (#2494)
- Fixed: incorrect event sorting (#2675)
- Fixed: do not execute hooks in the extension manager (#2448)
- Fixed: check for existing files when renaming files in the file manager (#2610)
- Fixed: check redirect pages for circular references (#2704)
- Fixed: fixed a few minor spelling issues (#2403)
- Fixed some minor issues
---
odule Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 15:41:30 UTC 2010
Modified Files:
pkgsrc/www/contao29: Makefile distinfo
Log Message:
Due to a serious bug of installtool, Contao 2.9.2 has repackaged.
So, introduce DIST_SUBDIR and Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jan 6 13:19:08 UTC 2011
Modified Files:
pkgsrc/www/contao29: Makefile Makefile.version distinfo
Log Message:
Update contao29 (and implicitly contao29-example) pacakge to 2.9.3.
Version 2.9.3 (2011-01-06)
--------------------------
- Fixed: custom templates were not always shown in "override all" mode (#2725)
- Fixed: prevent the X_FORWARDED_FOR header against XSS attacks (#2751)
- Fixed: preserve the selector fields in the personal data module (#2609)
- Fixed: skip mounted folders in the file manager if they do not exist (#2708)
- Fixed: the quick navigation modules failed to work when aliases were
disabled (#2718)
- Fixed some minor issues
tron [Sat, 8 Jan 2011 15:01:11 +0000 (15:01 +0000)]
Pullup ticket #3318 - requested by taca
www/typolight28: security patch
Revisions pulled up:
- www/typolight28/Makefile 1.12
- www/typolight28/distinfo 1.10
- www/typolight28/patches/patch-ae 1.1
- www/typolight28/patches/patch-af 1.1
---
Mommitted By: taca
Date: Thu Jan 6 14:23:41 UTC 2011
Modified Files:
pkgsrc/www/typolight28: Makefile distinfo
Added Files:
pkgsrc/www/typolight28/patches: patch-ae patch-af
Log Message:
Add the same patch of Comment module as Contao 2.9.3.
Changes are derived from Conao's repository.
Bump PKGREVISION.
sbd [Wed, 5 Jan 2011 21:35:41 +0000 (21:35 +0000)]
Pullup ticket #3316
sbd [Wed, 5 Jan 2011 21:34:34 +0000 (21:34 +0000)]
Pullup ticket #3316 - requested by tron
Security patch for wireshark
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.58
- pkgsrc/net/wireshark/distinfo 1.38
- pkgsrc/net/wireshark/patches/patch-SA42767 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Jan 4 15:39:34 UTC 2011
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Added Files:
pkgsrc/net/wireshark/patches: patch-SA42767
Log Message:
Add patch from the Wireshark SVN repository to fix the security
vulnerability reported in SA42767 which affects the ENTTEC dissector.
sbd [Mon, 3 Jan 2011 22:46:42 +0000 (22:46 +0000)]
Pullup ticket #3315
sbd [Mon, 3 Jan 2011 22:45:48 +0000 (22:45 +0000)]
Pullup ticket #3315 - requested by taca
www/geeklog security fix
Revisions pulled up:
- pkgsrc/www/geeklog/Makefile 1.29, 1.30
- pkgsrc/www/geeklog/PLIST 1.14
- pkgsrc/www/geeklog/distinfo 1.15, 1.16
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 4 15:52:10 UTC 2010
Modified Files:
pkgsrc/www/geeklog: Makefile PLIST distinfo
Log Message:
Update www/geeklog package to 1.7.1.
Geeklog History/Changes:
Oct 31, 2010 (1.7.1)
------------
- Fixed description of $index parameter for STORY_renderArticle (bug #0001203)
[Dirk]
- The number of successfully imported users was always reported as 0 for the
"Batch Add" option in the User Manager (bug #0001211) [Ivy, Dirk]
- Fixed a bug in the MS SQL changeDESCRIBE method to properly prefix the proper
sql query string [Randy]
- Updated Hebrew language files, provided by LWC
- New Italian language files for the Links plugin, provided by Rouslan Placella
- Updated Italian language files for the Static Pages plugin, provided by
Rouslan Placella
Calendar Plugin
---------------
- Fixed an SQL error when returning search results for the Personal Calendar
(bug #0001195) [Dirk]
Oct 10, 2010 (1.7.1rc1)
------------
- If content from an Autotag produces another Autotag it will be executed (to a
maximum of 5 times) [Tom]
- Themes can now have their own display functions for the start and end of
Blocks. (Feature #0001188) [Tom]
- Reverted a change in 1.7.0 that would send a Content-Type header when calling
COM_refresh since this conflicts with some plugins (e.g. the Forum) [Dirk]
- Fixed wrong view after posting a comment on a poll (bug #0001080, patch
provided by Wojtek Szkutnik)
- Fixed language in the dropdown for the permanent cookie in the Configuration
(bug #0001117, patch provided by Eric Brisco)
- Added cancel and delete buttons to comment edit and submission forms when
needed. (Feature #0000981) [Tom]
- Reverted parts of the changes for bug #0001057: Do _not_ escape curly braces
when displaying a block's content (bug #0001156). If you run into the problem
that words in curly braces inside blocks are interpreted as template
variables, simply add a space after the opening and/or the closing brace
[Dirk]
- Autotags can now be inserted directly into template files.
(Feature #0001181) [Tom]
- Plugins are able to control moderation and return a string to be displayed.
(Feature #0000619 patch provided by jmucchiello)
- Admin lists can now display a 0 in a column instead of being blank
(bug #0001060 patch provided by jmucchiello)
- Fixed "Show & Hide Boxes" option in My Account (reported by Pushkar) [Dirk]
- Display the topic name (instead of the topic id) in the list of draft stories
(bug #0001171) [Dirk]
- Fixed COM_formatTimeString to correctly handle intervals bigger than 4 weeks
(bug #0001158) [Dirk]
- Call PLG_templateSetVars for the Advanced Search form [Dirk]
- Make sure we keep the current status of the user's Advanced Editor option
even when Advanced Editor is disabled for the site (Thanks, Markus) [Dirk]
- Comment submissions for plugins were missing the type [Dirk]
- In the Group Editor, hide the 'Apply "Default Group" change' option until the
state of the "Default Group" checkbox changes (feature request #0001116,
patch provided by Dushyant Tiwari)
- Fixed handling of $LANG_DIRECTION in the install script (cf. bug #0000871)
- Fixed query highlighting in articles - didn't work for queries that contained
characters filtered by COM_applyFilter [Dirk]
- Updated Japanese language file, provided by the Geeklog.jp group
- New and updated French (France) language files, provided by Ben
- Updated Hebrew language file for the Links plugin, provided by LWC
Static Pages Plugin
-------------------
- Call up the Advanced Editor when enabled (bug #0001147, patch provided by
Samuel Leathers)
- A Static Page can now be marked as a template and used by other Static Pages.
(Feature #0001085) [Tom]
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Jan 3 01:57:25 UTC 2011
Modified Files:
pkgsrc/www/geeklog: Makefile distinfo
Log Message:
Update geeklog package to 1.7.1.1 (1.7.1sr1), security fix.
Jan 2, 2011 (1.7.1sr1)
------------
This release addresses the following security issue:
Aung Khant of the YGN Ethical Hacker Group reported an XSS in the admin's
configuration panel.
sbd [Fri, 31 Dec 2010 07:13:46 +0000 (07:13 +0000)]
Pullup ticket #3314
sbd [Fri, 31 Dec 2010 07:12:18 +0000 (07:12 +0000)]
Pullup ticket #3314 - requested by morr
wordpress critical security update.
Revisions pulled up:
- www/wordpress/Makefile 1.14
- www/wordpress/distinfo 1.10
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Thu Dec 30 22:27:45 UTC 2010
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Critical security update.
ChangeLog:
* Fix XSS vulnerabilities in the KSES library: Don't be case sensitive
to attribute names. Handle padded entities when checking for bad
protocols. Normalize entities before checking for bad protocols in
esc_url().
sbd [Thu, 30 Dec 2010 03:38:44 +0000 (03:38 +0000)]
Pullup ticket #3313
sbd [Thu, 30 Dec 2010 03:37:22 +0000 (03:37 +0000)]
Pullup ticket #3313 - requested by tron
Security patch for "sysutils/dbus"
Revisions pulled up:
- sysutils/dbus/Makefile 1.50
- sysutils/dbus/distinfo 1.36
- sysutils/dbus/patches/patch-CVE-2010-4352-1 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-2 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-3 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-4 1.1
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Dec 29 10:49:21 UTC 2010
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
Added Files:
pkgsrc/sysutils/dbus/patches: patch-CVE-2010-4352-1
patch-CVE-2010-4352-2 patch-CVE-2010-4352-3 patch-CVE-2010-4352-4
Log Message:
Add fix for vulnerability reported in CVE-2010-4352 (SA42580) taken
from the "dbus" GIT repository.
sbd [Thu, 23 Dec 2010 10:56:16 +0000 (10:56 +0000)]
Pullup tickets 3309, 3310, 3311 and 3312
sbd [Thu, 23 Dec 2010 10:52:19 +0000 (10:52 +0000)]
Pullup ticket #3311 - requested by taca
pkgsrc/www/typo3 security fix
Revisions pulled up:
- pkgsrc/www/typo3/Makefile 1.27
- pkgsrc/www/typo3/PLIST 1.16
- pkgsrc/www/typo3/distinfo 1.20
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 15:35:34 UTC 2010
Modified Files:
pkgsrc/www/typo3: Makefile PLIST distinfo
Log Message:
Update typo3 package to 4.4.5.
Quote from http://wiki.typo3.org/wiki/TYPO3_4.4.5, prease refer the
page for more detail.
Due to several security issues found in the TYPO3 Core, there was a combined
release of TYPO3 4.2.16, 4.3.9 and 4.4.5.
Find more details in the security bulletin:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/
sbd [Thu, 23 Dec 2010 10:51:51 +0000 (10:51 +0000)]
Pullup ticket #3310 - requested by taca
pkgsrc/www/horde security fix
Revisions pulled up:
- pkgsrc/www/horde/Makefile 1.70, 1.71
- pkgsrc/www/horde/PLIST 1.25
- pkgsrc/www/horde/distinfo 1.28, 1.29
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Wed Nov 10 12:46:53 UTC 2010
Modified Files:
pkgsrc/www/horde: Makefile PLIST distinfo
Log Message:
Changes 3.3.10:
* Fix searching DataTree elements (groups) if backend charset is different
from interface charset
* Fix accessing IMAP ACLs that contain non-alphanumeric characters
* Avoid fatal errors when using DateTime with not properly configured PHP 5.3+
* Fix importing recurrence exceptions from vCalendar 1.0.
* Fix preferences management regression
* Fix conversion of all-day events and certain yearly recurring events for
Funambol clients.
* Fix memcache cache regression.
* Fix SyncML page sometimes deleting more anchors than selected.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 03:38:32 UTC 2010
Modified Files:
pkgsrc/www/horde: Makefile distinfo
Log Message:
Update horde pacakge to 3.3.11.
Fixing http://secunia.com/advisories/42355/.
-------
v3.3.11
-------
[mms] SECURITY: Fix XSS when viewing details of a vCard (Bug #9357).
[jan] Fix exporting recurrence exceptions to vCalendar 1.0.
[jan] Skip event status synchronization with Outlook, which is broken.
[jan] Don't send SIF data to recent Funambol clients, unless requested.
[jan] Log all queries and errors by the history library.
sbd [Thu, 23 Dec 2010 10:28:38 +0000 (10:28 +0000)]
Pullup ticket #3309 - requested by taca
Revisions pulled up:
- pkgsrc/textproc/php-intl/Makefile 1.2
- pkgsrc/textproc/php-intl/distinfo 1.2
- pkgsrc/textproc/php-intl/patches/patch-aa 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 03:37:28 UTC 2010
Modified Files:
pkgsrc/textproc/php-intl: Makefile distinfo
pkgsrc/textproc/php-intl/patches: patch-aa
Log Message:
Update php-intl package to 1.1.2.
Changelog says only "* Bugfixes" but it is really fix CVE-2010-4409.
sbd [Thu, 23 Dec 2010 10:10:55 +0000 (10:10 +0000)]
Pullup ticket #3312 - requested by taca
pkgsrc/lang/{php5,php53} security fixes
Revisions pulled up:
- pkgsrc/databases/php-mysql/Makefile 1.14
- pkgsrc/databases/php-mysqli/Makefile 1.3
- pkgsrc/databases/php-pdo_mysql/Makefile 1.12
- pkgsrc/lang/php5/Makefile 1.80, 1.81
- pkgsrc/lang/php5/Makefile.common 1.43, 1.44
- pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82
- pkgsrc/lang/php5/patches/patch-ak 1.8, deleted
- pkgsrc/lang/php5/patches/patch-bf 1.1, deleted
- pkgsrc/lang/php5/patches/patch-bg 1.1, deleted
- pkgsrc/lang/php53/Makefile 1.5, 1.6
- pkgsrc/lang/php53/Makefile.common 1.3
- pkgsrc/lang/php53/distinfo 1.7, 1.8
- pkgsrc/lang/php53/patches/patch-ab 1.3
- pkgsrc/lang/php53/patches/patch-am 1.1, deleted
- pkgsrc/lang/php53/patches/patch-an 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ao 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ap 1.1, deleted
- pkgsrc/lang/php53/patches/patch-aq 1.1, deleted
- pkgsrc/mail/php-imap/Makefile 1.21, 1.22
- pkgsrc/www/ap-php/Makefile 1.24
- pkgsrc/www/php-eaccelerator/Makefile 1.13
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:43:50 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
Log Message:
- GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016
- CVE-2010-3710 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=303779
- CVE-2010-3870 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=304959
- CVE-2010-4150 (php-imap)
http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-4156 (SA42135)
http://svn.php.net/viewvc?view=revision&revision=305214
Bump PKGREVISION.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:44:16 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
Log Message:
- CVE-2010-4150 (php-imap)
http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-3710 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=303885
- CVE-2010-3870 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=305055
Bump PKGREVISION.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:45:19 UTC 2010
Modified Files:
pkgsrc/mail/php-imap: Makefile
Log Message:
Bump REVISION since CVE-2010-4150 fix was added.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:15:46 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
Log Message:
Update php5 package to 5.2.15 (PHP 5.2.15):
The PHP development team would like to announce the immediate
availability of PHP 5.2.15. This release marks the end of support for
PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on improving the security and stability of the
PHP 5.2.x branch with a small number, of predominatly security fixes.
Security Enhancements and Fixes in PHP 5.2.15:
* Fixed extract() to do not overwrite $GLOBALS and $this when using
EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data).
Key enhancements in PHP 5.2.15 include:
* Fixed bug #47643 (array_diff() takes over 3000 times longer than php
5.2.4).
* Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
with SoapClient object).
* To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.15 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.15.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:16:37 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common distinfo
pkgsrc/lang/php53/patches: patch-ab
Removed Files:
pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
Log Message:
Update lang/php53 package to 5.3.4 (PHP 5.3.4).
The PHP development team is proud to announce the immediate release of PHP
5.3.4. This is a maintenance release in the 5.3 series, which includes a large
number of bug fixes.
Security Enhancements and Fixes in PHP 5.3.4:
* Fixed crash in zip extract method (possible CWE-170).
* Paths with NULL in them (foo\0bar.txt) are now considered as invalid
(CVE-2006-7243).
* Fixed a possible double free in imap extension (Identified by Mateusz
Kocielski). (CVE-2010-4150).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
* Fixed symbolic resolution support when the target is a DFS share.
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data) (CVE-2010-3710).
Key Bug Fixes in PHP 5.3.4 include:
* Added stat support for zip stream.
* Added follow_location (enabled by default) option for the http stream
support.
* Added a 3rd parameter to get_html_translation_table. It now takes a charset
hint, like htmlentities et al.
* Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend
multibyte at runtime.
* Multiple improvements to the FPM SAPI.
* Over 100 other bug fixes.
For users upgrading from PHP 5.2 there is a migration guide available here,
detailing the changes between those releases and PHP 5.3.
For a full list of changes in PHP 5.3.4, see the ChangeLog. For source
downloads please visit our downloads page, Windows binaries can be found on
windows.php.net/download/.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:18:20 UTC 2010
Modified Files:
pkgsrc/databases/php-mysql: Makefile
pkgsrc/databases/php-mysqli: Makefile
pkgsrc/databases/php-pdo_mysql: Makefile
pkgsrc/mail/php-imap: Makefile
pkgsrc/www/ap-php: Makefile
pkgsrc/www/php-eaccelerator: Makefile
Log Message:
Reset PKGREVISION by update of base PHP version.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 14:20:45 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile.common distinfo
Log Message:
Update php5 pacakge to 5.2.16:
PHP 5.2.16 Released!
The PHP development team would like to announce the immediate availability of
PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on addressing a regression in open_basedir implementation
introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
retrieval when the server is down. All users who have upgraded to 5.2.15 and
are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
5.3.4.
To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.16 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.16.
ChangeLog:
Version 5.2.16
16-Dec-2010
* Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
down). (gyp at balabit dot hu)
* Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
sbd [Sun, 19 Dec 2010 03:49:08 +0000 (03:49 +0000)]
Pullup tickets 3307 and 3308
sbd [Sun, 19 Dec 2010 03:47:00 +0000 (03:47 +0000)]
Pullup ticket #3308 - requested by drochner
security updates for freetype2
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.75-1.77
- pkgsrc/graphics/freetype2/distinfo 1.37-1.39
Files added:
- pkgsrc/graphics/freetype2/patches/patch-ab 1.14, 1.15
- pkgsrc/graphics/freetype2/patches/patch-ac 1.6
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Fri Oct 22 16:14:13 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Log Message:
update to 2.4.3
changes:
A rendering regression of S-shaped cubic arcs (introduced in
version 2.4.0) has been fixed. Besides that, a bunch
of fixes have been applied to improve handling of broken fonts.
To generate a diff of this commit:
cvs rdiff -u -r1.74 -r1.75 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/graphics/freetype2/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Wed Nov 3 11:56:37 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Added Files:
pkgsrc/graphics/freetype2/patches: patch-ab
Log Message:
add patch from upstream CVS to fix a possible buffer overflow
when processing TrueType GX fonts (SA41738), bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.75 -r1.76 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.37 -r1.38 pkgsrc/graphics/freetype2/distinfo
cvs rdiff -u -r0 -r1.14 pkgsrc/graphics/freetype2/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Wed Nov 24 18:44:55 UTC 2010
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
pkgsrc/graphics/freetype2/patches: patch-ab
Added Files:
pkgsrc/graphics/freetype2/patches: patch-ac
Log Message:
add patch from upstream CVS to fix handling the "SHZ" bytecode instruction
which could be exploited to cause a crash and potentially execute
arbitrary code via a specially crafted font (CVE-2010-3814)
bump PKGREV
being here, add CVE reference to an older patch
To generate a diff of this commit:
cvs rdiff -u -r1.76 -r1.77 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/graphics/freetype2/distinfo
cvs rdiff -u -r1.14 -r1.15 pkgsrc/graphics/freetype2/patches/patch-ab
cvs rdiff -u -r0 -r1.6 pkgsrc/graphics/freetype2/patches/patch-ac
sbd [Sun, 19 Dec 2010 03:43:01 +0000 (03:43 +0000)]
Pullup ticket #3307 - requested by shannonjr
security/pcsc-lite vulnerability
Revisions pulled up:
- pkgsrc/security/pcsc-lite/Makefile 1.9
- pkgsrc/security/pcsc-lite/distinfo 1.9
Files added:
- pkgsrc/security/pcsc-lite/patches/patch-ac 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: shannonjr
Date: Fri Dec 17 17:00:35 UTC 2010
Modified Files:
pkgsrc/security/pcsc-lite: Makefile distinfo
Added Files:
pkgsrc/security/pcsc-lite/patches: patch-ac
Log Message:
Backported security fix from Version 1.6.6 of pcsc-lite. The fix bounds the
value of a pointer, prior to a memcpy(), to prevent a buffer overflow.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/pcsc-lite/Makefile \
pkgsrc/security/pcsc-lite/distinfo
cvs rdiff -u -r0 -r1.5 pkgsrc/security/pcsc-lite/patches/patch-ac
tron [Tue, 14 Dec 2010 10:44:16 +0000 (10:44 +0000)]
Pullup ticket #3301.
tron [Tue, 14 Dec 2010 10:44:04 +0000 (10:44 +0000)]
Pullup ticket #3301 - requested by tnn
devel/xulrunner: security update
www/firefox: security update
Revisions pulled up:
- devel/xulrunner/Makefile 1.43,1.45
- devel/xulrunner/PLIST 1.25-1.26
- devel/xulrunner/dist.mk 1.17
- devel/xulrunner/distinfo 1.39
- devel/xulrunner/mozilla-common.mk 1.17-1.18
- devel/xulrunner/patches/patch-pe delete
- www/firefox/Makefile 1.78,1.80
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Nov 3 01:22:36 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: mozilla-common.mk
Log Message:
Requires sqlite3 3.7.1 now. Reported by cegger.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile
Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla
packages, like other distros have recently done. Bump package revisions.
Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
https://bugzilla.redhat.com/show_bug.cgi?id=628331
http://bugs.gentoo.org/show_bug.cgi?id=337813
https://bugzilla.mozilla.org/show_bug.cgi?id=597174
This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0
branch.
---
odule Name: pkgsrc
Committed By: tnn
Date: Sat Dec 11 14:46:29 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST dist.mk distinfo
pkgsrc/www/firefox: Makefile
Removed Files:
pkgsrc/devel/xulrunner/patches: patch-pe
Log Message:
Update to firefox-3.6.13.
MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
MFSA 2010-75 Buffer overflow while line breaking after document.write with
long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
pkgsrc fixup [Mon, 13 Dec 2010 04:04:21 +0000 (20:04 -0800)]
Fixup fromcvs/togit conversion
tron [Sun, 12 Dec 2010 20:27:38 +0000 (20:27 +0000)]
Pullup tickets #3302, #3303 and #3305.
tron [Sun, 12 Dec 2010 20:25:23 +0000 (20:25 +0000)]
Pullup ticket #3303 - requested by tnn
www/seamonkey: security update
Revisions pulled up:
- www/seamonkey/Makefile 1.42-1.43,1.45 via patch
- www/seamonkey/distinfo 1.57-1.58
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 10:54:49 UTC 2010
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
Log Message:
Update to seamonkey-2.0.10.
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile
Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla packages,
like other distros have recently done. Bump package revisions.
Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
https://bugzilla.redhat.com/show_bug.cgi?id=628331
http://bugs.gentoo.org/show_bug.cgi?id=337813
https://bugzilla.mozilla.org/show_bug.cgi?id=597174
---
odule Name: pkgsrc
Committed By: tnn
Date: Sun Dec 12 00:07:23 UTC 2010
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
Log Message:
Update to seamonkey-2.0.11.
MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a
XUL tree MFSA 2010-76 Chrome privilege escalation with window.open and
<isindex> element MFSA 2010-75 Buffer overflow while line breaking
after document.write with long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
Also:
Fixes for a number of non-security-relevant crashes, increasing the
stability of the whole platform and the Mail & Newsgroups part of
SeaMonkey
tron [Sun, 12 Dec 2010 19:12:21 +0000 (19:12 +0000)]
Pullup ticket #3302 - requested by tnn
mail/thunderbird: security update
Revisions pulled up:
- mail/thunderbird/Makefile 1.61-1.62,1.64 via patch
- mail/thunderbird/distinfo 1.76-1.77
- mail/thunderbird/patches/patch-pe delete
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:05:05 UTC 2010
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Log Message:
Update to thunderbird-3.1.6.
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile
Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla packages,
like other distros have recently done. Bump package revisions.
Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
https://bugzilla.redhat.com/show_bug.cgi?id=628331
http://bugs.gentoo.org/show_bug.cgi?id=337813
https://bugzilla.mozilla.org/show_bug.cgi?id=597174
This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0 branch.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Dec 11 14:34:41 UTC 2010
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Removed Files:
pkgsrc/mail/thunderbird/patches: patch-pe
Log Message:
Update to thunderbird-3.1.7.
- Several fixes to improve performance, stability and security
- Several fixes to improve handling of large folder files stored
locally.
- Several fixes to improve corruption in local copy of IMAP mailboxes.
- MFSA 2010-78 Add support for OTS font sanitizer
- MFSA 2010-75 Buffer overflow while line breaking after document.write
with long string
- MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/
1.9.1.16)
tron [Sun, 12 Dec 2010 18:04:03 +0000 (18:04 +0000)]
Pullup ticket #3305 - requested by spz
security/p5-IO-Socket-SSL: security updated
Revisions pulled up:
- security/p5-IO-Socket-SSL/Makefile 1.53-1.54
- security/p5-IO-Socket-SSL/distinfo 1.38-1.39
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Dec 2 12:25:05 UTC 2010
Modified Files:
pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo
Log Message:
Update to 1.34:
v1.34 2010.11.01
- schema http for certificate verification changed to
wildcards_in_cn=1, because according to rfc2818 this is valid and
also seen in the wild
- if upgrading socket from inet to ssl fails due to handshake problems
the socket gets downgraded, but is still open.
See https://rt.cpan.org/Ticket/Display.html?id=61466
- deprecate kill_socket, just use close()
---
Module Name: pkgsrc
Committed By: gls
Date: Tue Dec 7 20:15:01 UTC 2010
Modified Files:
pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo
Log Message:
Update security/p5-IO-Socket-SSL to 1.35
Security fix
v1.35 2010.12.06
- if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be
verified as valid it will no longer fall back to VERIFY_NONE but throw
an error. Thanks to Salvatore Bonaccorso and Daniel Kahn Gillmor for
pointing out the problem, see also
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058
tron [Sun, 12 Dec 2010 16:28:12 +0000 (16:28 +0000)]
Pullup ticket #3300 and #3304.
tron [Sun, 12 Dec 2010 16:25:30 +0000 (16:25 +0000)]
Pullup ticket #3304 - requested by markd
emulators/suse113_openssl: security patch
Revisions pulled up:
- emulators/suse113_openssl/Makefile 1.2
- emulators/suse113_openssl/distinfo 1.2
---
Module Name: pkgsrc
Committed By: markd
Date: Sun Dec 12 09:58:21 UTC 2010
Modified Files:
pkgsrc/emulators/suse113_openssl: Makefile distinfo
Log Message:
Update for CVE-2010-3864. Bump PKGREVISION.
tron [Sun, 12 Dec 2010 15:34:39 +0000 (15:34 +0000)]
Pullup ticket #3300 - requested by morr
www/wordpress: security update
Revisions pulled up:
- www/wordpress/Makefile 1.13
- www/wordpress/distinfo 1.9
---
Module Name: pkgsrc
Committed By: morr
Date: Fri Dec 10 23:34:18 UTC 2010
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log Message:
Security update to 3.0.3. Changes:
Fixes issues in the XML-RPC remote publishing interface which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish or delete posts.
tron [Fri, 10 Dec 2010 11:33:02 +0000 (11:33 +0000)]
Pullup ticket #3298.
tron [Fri, 10 Dec 2010 10:48:46 +0000 (10:48 +0000)]
Pullup ticket #3298 - requested by bouyer
sysutils/xenkernel3: security patch
sysutils/xenkernel33: security patch
Revisions pulled up:
- sysutils/xenkernel3/Makefile 1.19
- sysutils/xenkernel3/distinfo 1.12
- sysutils/xenkernel3/patches/patch-dc 1.1
- sysutils/xenkernel33/Makefile 1.12
- sysutils/xenkernel33/distinfo 1.10
- sysutils/xenkernel33/patches/patch-ab 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec 7 18:43:49 UTC 2010
Modified Files:
pkgsrc/sysutils/xenkernel3: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel3/patches: patch-dc
Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list and adapted for Xen 3.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec 7 18:44:26 UTC 2010
Modified Files:
pkgsrc/sysutils/xenkernel33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel33/patches: patch-ab
Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list.
Bump PKGREVISION.
tron [Tue, 7 Dec 2010 12:54:50 +0000 (12:54 +0000)]
Pullup tickets #3296 and #3297.
tron [Tue, 7 Dec 2010 12:54:13 +0000 (12:54 +0000)]
Pullup ticket #3297 - requested by obache
multimedia/gstreamer0.10: build fix
Revisions pulled up:
- multimedia/gstreamer0.10/buildlink3.mk 1.12
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Dec 3 15:19:42 UTC 2010
Modified Files:
pkgsrc/multimedia/gstreamer0.10: buildlink3.mk
Log Message:
set GST_REGISTRY_FORK=no on DragonFly.
workaround of gst-inspect hung up as PR#44108.
tron [Tue, 7 Dec 2010 12:08:21 +0000 (12:08 +0000)]
Pullup ticket #3296 - requested by morr
www/wordpress: security update
Revisions pulled up:
- www/wordpress/Makefile 1.12
- www/wordpress/PLIST 1.7
- www/wordpress/distinfo 1.8
---
Module Name: pkgsrc
Committed By: morr
Date: Sun Dec 5 16:46:29 UTC 2010
Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo
Log Message:
Security update. Changes:
* Fix moderate security issue where a malicious Author-level user could
gain further access to the site.
* Remove pingback/trackback blogroll whitelisting feature as it can
easily be abused.
* Fix canonical redirection for permalinks containing %category% with
nested categories and paging.
* Fix occasional irrelevant error messages on plugin activation.
* Minor XSS fixes in request_filesystem_credentials() and when deleting
a plugin.
* Clarify the license in the readme
* Multisite: Fix the delete_user meta capability
* Multisite: Force current_user_can_for_blog() to run map_meta_cap()
even for super admins
* Multisite: Fix ms-files.php content type headers when requesting a
URL with a query string
* Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for
upgraded WordPress MU installs
While here, set license.
tron [Sun, 5 Dec 2010 23:31:56 +0000 (23:31 +0000)]
Pullup tickets #3293, #3294 and #3295.
tron [Sun, 5 Dec 2010 23:31:06 +0000 (23:31 +0000)]
Pullup ticket #3295 - requested by bouyer
mail/clamav: bug fix update
Revisions pulled up:
- mail/clamav/Makefile 1.106-1.108
- mail/clamav/distinfo 1.68-1.69
- mail/clamav/patches/patch-ab 1.14
- mail/clamav/patches/patch-ac deleted
- mail/clamav/patches/patch-ah deleted
---
Module Name: pkgsrc
Committed By: adam
Date: Tue Oct 26 06:38:37 UTC 2010
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Log Message:
Changes 0.96.4:
* This is a bugfix release recommended for all users.
---
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Oct 28 20:15:38 UTC 2010
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Removed Files:
pkgsrc/mail/clamav/patches: patch-ah
Log Message:
Revert previous, this patch is already in 0.96.4.
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Dec 1 07:44:10 UTC 2010
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
pkgsrc/mail/clamav/patches: patch-ab
Removed Files:
pkgsrc/mail/clamav/patches: patch-ac
Log Message:
Changes 0.96.5:
* libclamav/pdf.c: fix crashes
* libclamav/pe_icons.c: off by one while
* libclamav: fix detection of embedded executables
* libclamav/matcher-ac.c: fix offset handling for sigs with {x-y} wildcards
* freshclam/manager.c: fix error path infinite loop
* clamd/clamd.c: fix RLIMIT_DATA setting on BSD
* freshclam: improve mirror management
* libclamav: fix possible use of uninitialized values
* libclamav: Set the unreliability flag on (un)packed files
* libclamav/c++: Update embedded copy of LLVM to version 2.8
* freshclam: make query format backward compatible
* freshclam: get detection stats directly from clamd
* libclamav/cache.c,c++/bytecode2llvm.cpp}: make cl_load thread safe
* freshclam: load database in subprocess
* clamd: add new commands DETSTATS and DETSTATSCLEAR
* libclamav/7z.c: fix file descriptor leak
* clamd, libclamavll: add ability to logg messages from libclamav
* libclamav/builtin_bytecodes.h: Don't disable JIT on pentium4
tron [Sun, 5 Dec 2010 20:31:32 +0000 (20:31 +0000)]
Pullup ticket #3294 - requested by bouyer
net/ocsinventory-agent: compatibility update
Revisions pulled up:
- net/ocsinventory-agent/Makefile 1.3
- net/ocsinventory-agent/distinfo 1.2
- net/ocsinventory-agent/patches/patch-ab 1.2
- net/ocsinventory-agent/patches/patch-ac 1.2
- net/ocsinventory-agent/patches/patch-ap 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Wed Dec 1 21:00:51 UTC 2010
Modified Files:
pkgsrc/net/ocsinventory-agent: Makefile distinfo
pkgsrc/net/ocsinventory-agent/patches: patch-ab patch-ac
Added Files:
pkgsrc/net/ocsinventory-agent/patches: patch-ap
Log Message:
Update to 1.1.2.1. Main motivation is to avoid warnings with perl 5.12.
Other changes are mainly improvements in backend to support more OS,
more OS variants or versions.
tron [Sun, 5 Dec 2010 19:49:25 +0000 (19:49 +0000)]
Pullup ticket #3293 - requested by bouyer
mail/imp: dependence fix
Revisions pulled up:
- mail/imp/Makefile 1.56
---
Module Name: pkgsrc
Committed By: bouyer
Date: Sun Nov 14 21:17:47 UTC 2010
Modified Files:
pkgsrc/mail/imp: Makefile
Log Message:
php5-pear-Mail_mimeDecode is required to properly display certain
mail (especially ones with a smime.p7s signature).
Bump PKGREVISION
sbd [Fri, 3 Dec 2010 04:36:38 +0000 (04:36 +0000)]
Pullup ticket #3292
sbd [Fri, 3 Dec 2010 04:34:47 +0000 (04:34 +0000)]
Pullup ticket #3292 - requested by taca
pkgsrc/security/openssl security update
Revisions pulled up:
pkgsrc/security/openssl/Makefile 1.153
pkgsrc/security/openssl/distinfo 1.79
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Fri Dec 3 00:17:21 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Log Message:
Update openssl package to 0.9.8q.
OpenSSL version 0.9.8q released
===============================
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8q of our open source toolkit for SSL/TLS. This new
OpenSSL version is a security and bugfix release. For a complete
list of changes, please see
http://www.openssl.org/source/exp/CHANGES.
The most significant changes are:
o Fix for security issue CVE-2010-4180
o Fix for CVE-2010-4252
To generate a diff of this commit:
cvs rdiff -u -r1.152 -r1.153 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.78 -r1.79 pkgsrc/security/openssl/distinfo
sbd [Thu, 2 Dec 2010 04:18:25 +0000 (04:18 +0000)]
Pullup tickets 3290 and 3291
sbd [Thu, 2 Dec 2010 04:16:16 +0000 (04:16 +0000)]
Pullup ticket #3290 - requested by taca
net/bind97 security update
Revisions pulled up:
pkgsrc/net/bind97/Makefile 1.5
pkgsrc/net/bind97/distinfo 1.5
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 00:31:34 UTC 2010
Modified Files:
pkgsrc/net/bind97: Makefile distinfo
Log Message:
Update bind97 package to bind-9.7.2pl3 (9.7.2-P3).
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
CVE: CVE-2010-3613
CERT: VU#706148
BIND: cache incorrectly allows a ncache entry and a rrsig for the same type
CVE: CVE-2010-3614
CERT: VU#837744
BIND: Key algorithm rollover bug in bind9
CVE: CVE-2010-3615
CERT: VU#510208
BIND: allow-query processed incorrectly
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/bind97/Makefile \
pkgsrc/net/bind97/distinfo
sbd [Thu, 2 Dec 2010 04:11:42 +0000 (04:11 +0000)]
Pullup ticket #3291 - requested by taca
net/bind96 security update
Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.17
- pkgsrc/net/bind96/distinfo 1.10
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 2 00:32:34 UTC 2010
Modified Files:
pkgsrc/net/bind96: Makefile distinfo
Log Message:
Update bind96 package to bind-9.6.2pl3 (9.6.2-P3).
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
CVE: CVE-2010-3613
CERT: VU#706148
BIND: cache incorrectly allows a ncache entry and a rrsig for the same type
CVE: CVE-2010-3614
CERT: VU#837744
BIND: Key algorithm rollover bug in bind9
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/net/bind96/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/bind96/distinfo
sbd [Mon, 29 Nov 2010 20:29:00 +0000 (20:29 +0000)]
Pullup ticket #3288
sbd [Mon, 29 Nov 2010 20:27:09 +0000 (20:27 +0000)]
Pullup ticket #3288 - requested by tron
Security update for "phpmyadmin" package
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.85
- pkgsrc/databases/phpmyadmin/distinfo 1.46
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Nov 29 19:13:30 UTC 2010
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to versino 2.11.11.1. Changes since 2.11.11:
Fix XSS vulnerability reported in PMASA-2010-8 (CVE-2010-4329?).
To generate a diff of this commit:
cvs rdiff -u -r1.84 -r1.85 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.45 -r1.46 pkgsrc/databases/phpmyadmin/distinfo
tron [Sun, 28 Nov 2010 14:33:06 +0000 (14:33 +0000)]
Pullup tickets #3284, #3285 and #3287.
tron [Sun, 28 Nov 2010 14:31:54 +0000 (14:31 +0000)]
Pullup ticket #3287 - requested by is
lang/ocaml: portability fix
Revisions pulled up:
- lang/ocaml/Makefile.common 1.27
- lang/ocaml/PLIST 1.23
- lang/ocaml/PLIST.opt 1.17
- lang/ocaml/distinfo 1.52
- lang/ocaml/patches/patch-aw 1.8
---
Module Name: pkgsrc
Committed By: is
Date: Sun Nov 28 08:41:33 UTC 2010
Modified Files:
pkgsrc/lang/ocaml: Makefile.common PLIST PLIST.opt distinfo
pkgsrc/lang/ocaml/patches: patch-aw
Log Message:
Make this package work again on architectures where we don't compile
natively (that is, only to byte-code).
This consists of two parts:
a) a patch to ocamldoc/Makefile to make it create the man pages using
the interpreted ocamldoc - this exists for both types of architectures,
so is safe. (This will be sent up-stream).
b) move a common shared library file to the common PLIST, and a lot of
files (natively compiled versions of the ML modules and natively compiled
versions of a few binaries) to PLIST.opt.
This has been build-tested on i386 (cross-compiled from amd64) and on
arm. unison builds and works.
"make test" shows the same amount of passed and failed tests (mostly
non-found libraries) as before; but this needs more investigation.
An additional issue to solve (with upstream) is that there's no easy way
to run the part of the test suite that would work on byte-code-only
architectures.
tron [Sun, 28 Nov 2010 14:22:11 +0000 (14:22 +0000)]
Pullup ticket #3285 - requested by taca
lang/ruby18-base: build fix
lang/ruby19-base: build fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.53
- lang/ruby18-base/PLIST 1.18
- lang/ruby19-base/PLIST 1.3
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 17 14:27:10 UTC 2010
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby18-base: PLIST
pkgsrc/lang/ruby19-base: PLIST
Log Message:
Some improvements for rubyversion.mk:
- Set RUBY_API_VERSION after RUBY_VERSION has decided.
- Change old RUBY_DOCDIR and RUBY_EXAMPLESDIR to RUBY_DOC and RUBY_EG in
comment.
- Fix shared libraries PLIST to support Mac OS X with introducing RUBY_SLEXT:
Shared library => .dylib
Extension library => .bundle
- Improve PRINT_PLIST_AWK to handle new shared libraries.
No functional change shoud be done and fix PR pkg/44050.
tron [Sun, 28 Nov 2010 14:04:37 +0000 (14:04 +0000)]
Pullup ticket #3284 - requested by taca
net/net-snmp: build fix
Revisions pulled up:
- net/net-snmp/distinfo 1.57
- net/net-snmp/patches/patch-et 1.5
- net/net-snmp/patches/patch-eu 1.2
- net/net-snmp/patches/patch-ev 1.2
- net/net-snmp/patches/patch-ew 1.2
- net/net-snmp/patches/patch-ex 1.2
- net/net-snmp/patches/patch-ey 1.3
- net/net-snmp/patches/patch-ez 1.2
- net/net-snmp/patches/patch-fa 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 17 00:59:07 UTC 2010
Modified Files:
pkgsrc/net/net-snmp: distinfo
pkgsrc/net/net-snmp/patches: patch-et patch-eu patch-ev patch-ew
patch-ex patch-ey patch-ez patch-fa
Log Message:
Fix build problem on NetBSD 4.
Previous patch for NetBSD wasn't really for netbsd4 but 4.99.58 and later.
So, I changed "#ifdef netbsd4" to "#ifdef NETBSD_STATS_VIA_SYSCTL" and
clean up patches. Should be fix PR pkg/43288.
It is fix of build problem only, so no PKG_REVISION bump.
sbd [Sat, 27 Nov 2010 04:54:54 +0000 (04:54 +0000)]
Pullup ticket #3286
sbd [Sat, 27 Nov 2010 04:47:34 +0000 (04:47 +0000)]
Pullup ticket 3286 - requested by tron
Security update for "libxml2" package
Revisions pulled up:
- pkgsrc/textproc/libxml2/Makefile 1.105, 1.106
- pkgsrc/textproc/libxml2/distinfo 1.79, 1.80, 1.81
- pkgsrc/textproc/libxml2/patches/patch-ab 1.19, 1.20, 1.21
- pkgsrc/textproc/libxml2/patches/patch-ae 1.11
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Thu Nov 25 13:18:39 UTC 2010
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
pkgsrc/textproc/libxml2/patches: patch-ab patch-ae
Log Message:
update to 2.7.8
changes:
-add code to plug in ICU converters by default
-Add xmlSaveOption XML_SAVE_WSNONSIG
-documentation fixes
-portability fixes
-bugfixes, in particular for an XPath problem which can be exploited
to crash the program by a malformed XPath expression (CVE-2010-4008)
-misc improvements, cleanup
To generate a diff of this commit:
cvs rdiff -u -r1.104 -r1.105 pkgsrc/textproc/libxml2/Makefile
cvs rdiff -u -r1.78 -r1.79 pkgsrc/textproc/libxml2/distinfo
cvs rdiff -u -r1.18 -r1.19 pkgsrc/textproc/libxml2/patches/patch-ab
cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/libxml2/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: hauke
Date: Fri Nov 26 12:56:21 UTC 2010
Modified Files:
pkgsrc/textproc/libxml2: distinfo
pkgsrc/textproc/libxml2/patches: patch-ab
Log Message:
The Darwin 8 /bin/{,k}sh take offense at empty if .. fi blocks,
so comment out the entire statement.
To generate a diff of this commit:
cvs rdiff -u -r1.79 -r1.80 pkgsrc/textproc/libxml2/distinfo
cvs rdiff -u -r1.19 -r1.20 pkgsrc/textproc/libxml2/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Fri Nov 26 13:43:25 UTC 2010
Modified Files:
pkgsrc/textproc/libxml2: Makefile distinfo
pkgsrc/textproc/libxml2/patches: patch-ab
Log Message:
fix an obviously reversed conditional in "configure" which disabled
symbol versioning, hopefully fixes PR pkg/44154 by Geert Hendrickx
bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.105 -r1.106 pkgsrc/textproc/libxml2/Makefile
cvs rdiff -u -r1.80 -r1.81 pkgsrc/textproc/libxml2/distinfo
cvs rdiff -u -r1.20 -r1.21 pkgsrc/textproc/libxml2/patches/patch-ab
spz [Wed, 24 Nov 2010 20:40:39 +0000 (20:40 +0000)]
pullups #3277, #3278, #3279, #3280, #3281, #3283
spz [Wed, 24 Nov 2010 20:34:24 +0000 (20:34 +0000)]
Pullup ticket 3283 - requested by tron
security fixes
Revisions pulled up:
- pkgsrc/multimedia/gmplayer/Makefile 1.86
- pkgsrc/multimedia/gmplayer/distinfo 1.70
- pkgsrc/multimedia/mencoder/Makefile 1.50
- pkgsrc/multimedia/mplayer/Makefile 1.73
- pkgsrc/multimedia/mplayer-share/distinfo 1.68
Files added:
pkgsrc/multimedia/mplayer-share/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 12:31:30 UTC 2010
Modified Files:
pkgsrc/multimedia/gmplayer: Makefile distinfo
pkgsrc/multimedia/mencoder: Makefile
pkgsrc/multimedia/mplayer: Makefile
pkgsrc/multimedia/mplayer-share: distinfo
Added Files:
pkgsrc/multimedia/mplayer-share/patches: patch-ab
Log Message:
Add fix for the vulnerability reported in CVE-2010-3429 taken from
MPlayer's GIT repository.
To generate a diff of this commit:
cvs rdiff -u -r1.85 -r1.86 pkgsrc/multimedia/gmplayer/Makefile
cvs rdiff -u -r1.69 -r1.70 pkgsrc/multimedia/gmplayer/distinfo
cvs rdiff -u -r1.49 -r1.50 pkgsrc/multimedia/mencoder/Makefile
cvs rdiff -u -r1.72 -r1.73 pkgsrc/multimedia/mplayer/Makefile
cvs rdiff -u -r1.67 -r1.68 pkgsrc/multimedia/mplayer-share/distinfo
cvs rdiff -u -r0 -r1.10 pkgsrc/multimedia/mplayer-share/patches/patch-ab
spz [Tue, 23 Nov 2010 22:43:36 +0000 (22:43 +0000)]
Pullup ticket 3280 - requested by tron
security fixes
Revisions pulled up:
- pkgsrc/print/ghostscript/Makefile 1.82
- pkgsrc/print/ghostscript/distinfo 1.36
Files added:
pkgsrc/print/ghostscript/patches/patch-ae
pkgsrc/print/ghostscript/patches/patch-bd
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bouyer
Date: Sat Nov 13 17:03:00 UTC 2010
Modified Files:
pkgsrc/print/ghostscript: Makefile distinfo
Added Files:
pkgsrc/print/ghostscript/patches: patch-bd
Log Message:
Apply patch from official repository:
- Fixed memory reallocation on bitmap size change. Reallocation is not only
needed when dimendions and margins change, but also when the color depth
changes. Fixes bugs #691029 and #691108.
- Fixed arrayoption() macro in cups_put_params() function. Array values did
not get actually set in cups.header data structure. Bug only showed via
a compiler warning.
- Silenced compiler warning by presetting c0..c3 in cups_map_cmyk() to zero.
makes my epson USB printer work again with 2010Q3 cups+ghostscript
PKGREVISION++
To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/print/ghostscript/Makefile
cvs rdiff -u -r1.34 -r1.35 pkgsrc/print/ghostscript/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/print/ghostscript/patches/patch-bd
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 11:10:16 UTC 2010
Modified Files:
pkgsrc/print/ghostscript: Makefile distinfo
Added Files:
pkgsrc/print/ghostscript/patches: patch-ae
Log Message:
Add Dr. Werner Fink's patch for the vulnerability reported in CVE-2010-2055.
To generate a diff of this commit:
cvs rdiff -u -r1.81 -r1.82 pkgsrc/print/ghostscript/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/print/ghostscript/distinfo
cvs rdiff -u -r0 -r1.6 pkgsrc/print/ghostscript/patches/patch-ae
spz [Tue, 23 Nov 2010 21:50:06 +0000 (21:50 +0000)]
Pullup ticket 3279 - requested by tron
security fixes
Revisions pulled up:
- pkgsrc/lang/python26/Makefile 1.31
- pkgsrc/lang/python26/distinfo 1.29
Files added:
pkgsrc/lang/python26/patches/patch-ba
pkgsrc/lang/python26/patches/patch-bb
pkgsrc/lang/python26/patches/patch-bc
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tez
Date: Wed Nov 17 18:44:07 UTC 2010
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Log Message:
Add fix for SA41968 (CVE-2010-3493) from the 2.7 branch repo
http://svn.python.org/view/python/branches/release27-maint/Lib/smtpd.py?r1=86084&r2=82503&view=patch
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/lang/python26/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/lang/python26/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 08:24:05 UTC 2010
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-ba patch-bb patch-bc
Log Message:
Add fix for CVE-2010-3492 and update the fix for CVE-2010-3493. Both
fixes taken from the Python 2.7 branch in the Python SVN repository.
To generate a diff of this commit:
cvs rdiff -u -r1.30 -r1.31 pkgsrc/lang/python26/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/lang/python26/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/python26/patches/patch-ba \
pkgsrc/lang/python26/patches/patch-bb \
pkgsrc/lang/python26/patches/patch-bc
spz [Tue, 23 Nov 2010 21:24:08 +0000 (21:24 +0000)]
Pullup ticket 3281 - requested by tron
security fix
Revisions pulled up:
- pkgsrc/devel/libsmi/Makefile 1.17
- pkgsrc/devel/libsmi/distinfo 1.6
Files added:
pkgsrc/devel/libsmi/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 11:30:50 UTC 2010
Modified Files:
pkgsrc/devel/libsmi: Makefile distinfo
Added Files:
pkgsrc/devel/libsmi/patches: patch-ae
Log Message:
Add fix for CVE-2010-2891 taken from Debian's GIT repository.
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/libsmi/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/devel/libsmi/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/devel/libsmi/patches/patch-ae
spz [Tue, 23 Nov 2010 21:14:45 +0000 (21:14 +0000)]
Pullup ticket 3278 - requested by tron
security fixes
Revisions pulled up:
- pkgsrc/net/wget/Makefile 1.102
- pkgsrc/net/wget/distinfo 1.36
Files added:
pkgsrc/net/wget/patches/patch-aa
pkgsrc/net/wget/patches/patch-ab
pkgsrc/net/wget/patches/patch-ac
pkgsrc/net/wget/patches/patch-ad
pkgsrc/net/wget/patches/patch-ae
pkgsrc/net/wget/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Nov 23 08:22:47 UTC 2010
Modified Files:
pkgsrc/net/wget: Makefile distinfo
Added Files:
pkgsrc/net/wget/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-af
Log Message:
Add Debian's "wget" 1.12 backport of the fix for CVE-2010-2252.
To generate a diff of this commit:
cvs rdiff -u -r1.101 -r1.102 pkgsrc/net/wget/Makefile
cvs rdiff -u -r1.35 -r1.36 pkgsrc/net/wget/distinfo
cvs rdiff -u -r0 -r1.11 pkgsrc/net/wget/patches/patch-aa \
pkgsrc/net/wget/patches/patch-ac
cvs rdiff -u -r0 -r1.9 pkgsrc/net/wget/patches/patch-ab
cvs rdiff -u -r0 -r1.10 pkgsrc/net/wget/patches/patch-ad
cvs rdiff -u -r0 -r1.8 pkgsrc/net/wget/patches/patch-ae
cvs rdiff -u -r0 -r1.6 pkgsrc/net/wget/patches/patch-af
spz [Tue, 23 Nov 2010 21:01:35 +0000 (21:01 +0000)]
Pullup ticket 3277 - requested by tron
security update
Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.55
- pkgsrc/net/wireshark/distinfo 1.37
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Nov 21 22:54:55 UTC 2010
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.4.2. Changes since version 1.4.1:
- The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- Nephi Johnson of BreakingPoint discovered that the LDSS
dissector could overflow a buffer. (Bug 5318)
Versions affected: 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1.
- The ZigBee ZCL dissector could go into an infinite loop. (Bug 5303)
Versions affected: 1.4.0 to 1.4.1.
- The following bugs have been fixed:
- File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
- Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off the
end of the line" if click on last PDU. (Bug 5285)
- GTK-ERROR can occur in packets when there are multiple
Netbios/SMB headers in a single frame. (Bug 5289)
- "Tshark -G values" crashes on Windows. (Bug 5296)
- PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
- PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
- [lua] Dumper:close() will cause a segfault due later GC of the
Dumper. (Bug 5320)
- Network Instruments' trace files sometimes cannot be read with
an error message of "Observer: bad record: Invalid magic
number". (Bug 5330)
- IO Graph Time of Day times incorrect for filtered data. (Bug
5340)
- Wireshark tools do not detect and read some ERF files
correctly. (Bug 5344)
- "editcap -h" sends some lines to stderr and others to stdout.
(Bug 5353)
- IP Timestamp Option: "flag=3D3" variant (prespecified) not
displayed correctly. (Bug 5357)
- AgentX PDU Header 'hex field highlighting' incorrectly spans
extra bytes. (Bug 5364)
- AgentX dissector cannot handle null OID in Open-PDU. (Bug
5368)
- Crash with "Gtk-ERROR **: Byte index 6 is off the end of the
line". (Bug 5374)
- ANCP Portmanagment TLV wrong decoded. (Bug 5388)
- Crash during startup because of Python SyntaxError in
wspy_libws.py. (Bug 5389)
- Updated Protocol Support
AgentX, ANCP, DIAMETER, HTTP, IP, LDSS, MIME, NBNS, PROFINET, SIP,
TCP, Telnet, ZigBee
- New and Updated Capture File Support
Endace ERF, Network Instruments Observer.
To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/net/wireshark/distinfo
tron [Tue, 23 Nov 2010 17:09:08 +0000 (17:09 +0000)]
Pullup ticket #3282.
tron [Tue, 23 Nov 2010 17:07:05 +0000 (17:07 +0000)]
Pullup ticket #3282 - requested by obache
www/ap2-fcgid: security update
Revisions pulled up:
- www/ap2-fcgid/Makefile 1.7
- www/ap2-fcgid/distinfo 1.4
---
Module Name: pkgsrc
Committed By: obache
Date: Tue Nov 23 11:55:16 UTC 2010
Modified Files:
pkgsrc/www/ap2-fcgid: Makefile distinfo
Log Message:
Update ap2-fcgid to 2.3.6.
Changes with mod_fcgid 2.3.6
*) SECURITY: CVE-2010-3872 (cve.mitre.org)
Fix possible stack buffer overwrite. Diagnosed by the reporter.
P R 49406. [Edgar Frank <ef-lists email.de>]
*) Change the default for FcgidMaxRequestLen from 1GB to 128K.
Administrators should change this to an appropriate value based on
site requirements. [Jeff Trawick]
*) Allow FastCGI apps more time to exit at shutdown before being
forcefully killed. [Jeff Trawick]
*) Correct a problem that resulted in FcgidMaxProcesses being ignored
in some situations. P R 48981. [<rkosolapov gmail.com>]
*) Fix the search for processes with the proper vhost config when
ServerName isn't set in every vhost or a module updates
r->server->server_hostname dynamically (e.g., mod_vhost_cdb)
or a module updates r->server dynamically (e.g., mod_vhost_ldap).
[Jeff Trawick]
*) FcgidPassHeader now maps header names to environment variable names
in the usual manner: The header name is converted to upper case and
is prefixed with HTTP_. An additional environment variable is
created with the legacy name. P R 48964. [Jeff Trawick]
*) Allow processes to be reused within multiple phases of a request
by releasing them into the free list as soon as possible.
[Chris Darroch]
*) Fix lookup of process command lines when using FcgidWrapper or
access control directives, including within .htaccess files.
[Chris Darroch]
*) Resolve a regression in 2.3.5 with httpd 2.0.x on some Unix platforms;
ownership of mutex files was incorrect, resulting in a startup failure.
P R 48651. [Jeff Trawick, <pservit gmail.com>]
*) Return 500 instead of segfaulting when the application returns no output.
[Tatsuki Sugiura <sugi nemui.org>, Jeff Trawick]
*) In FCGI_AUTHORIZER role, avoid spawning a new process for every
different HTTP request. [Chris Darroch]
tron [Wed, 17 Nov 2010 18:48:14 +0000 (18:48 +0000)]
Pullup ticket #3276.
tron [Wed, 17 Nov 2010 18:47:29 +0000 (18:47 +0000)]
Pullup ticket #3276 - requested by taca
security/openssl: security update
Revisions pulled up:
- security/openssl/Makefile 1.152
- security/openssl/distinfo 1.78
- security/openssl/patches/patch-bd delete
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 17 00:52:26 UTC 2010
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Removed Files:
pkgsrc/security/openssl/patches: patch-bd
Log Message:
Update security/openssl package to 0.9.8p.
OpenSSL version 0.9.8p released
===============================
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8p of our open source toolkit for SSL/TLS. This new
OpenSSL version is a security and bugfix release which addresses
CVE-2010-3864. For a complete list of changes,
please see http://www.openssl.org/source/exp/CHANGES.
tron [Tue, 16 Nov 2010 09:28:59 +0000 (09:28 +0000)]
Pullup ticket #3275.
tron [Tue, 16 Nov 2010 09:28:40 +0000 (09:28 +0000)]
Pullup ticket #3275 - requested by dholland
filesystems/fuse: portability fix
Revisions pulled up:
- mk/fuse.buildlink3.mk 1.11
---
Module Name: pkgsrc
Committed By: dholland
Date: Mon Nov 15 04:51:33 UTC 2010
Modified Files:
pkgsrc/mk: fuse.buildlink3.mk
Log Message:
Use an include guard symbol name that doesn't conflict with
filesystems/fuse/buildlink3.mk.
tron [Sun, 14 Nov 2010 22:36:32 +0000 (22:36 +0000)]
Pullup ticket #3272.
tron [Sun, 14 Nov 2010 22:34:41 +0000 (22:34 +0000)]
Pullup ticket #3272 - requested by bouyer
net/p5-Net-SNMP: bug fix patch
Revisions pulled up:
- net/p5-Net-SNMP/Makefile 1.26
- net/p5-Net-SNMP/distinfo 1.9
- net/p5-Net-SNMP/patches/patch-aa 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Sat Nov 13 17:06:05 UTC 2010
Modified Files:
pkgsrc/net/p5-Net-SNMP: Makefile distinfo
Added Files:
pkgsrc/net/p5-Net-SNMP/patches: patch-aa
Log Message:
Bring in change from 6.0.1:
Removed all occurrences of the "locked" attribute that was
deprecated in Perl 5.12.0.
I didn't upgrade the package to 6.0.1 because it causes incompatibilities
with net/mrtg
PKGREVISON++
tron [Sat, 13 Nov 2010 11:22:56 +0000 (11:22 +0000)]
Pullup ticket #3271.
tron [Sat, 13 Nov 2010 11:22:03 +0000 (11:22 +0000)]
Pullup ticket #3271 - requested by sbd
print/cups: security patch
Revisions pulled up:
- print/cups/Makefile 1.170
- print/cups/distinfo 1.76
- print/cups/patches/patch-aq 1.4
- print/cups/patches/patch-ar 1.4
---
Module Name: pkgsrc
Committed By: sbd
Date: Fri Nov 12 08:24:32 UTC 2010
Modified Files:
pkgsrc/print/cups: Makefile distinfo
Added Files:
pkgsrc/print/cups/patches: patch-aq patch-ar
Log Message:
Add str3648.patch by Mike Sweet to address CVE-2010-2941.
Obtained from https://bugzilla.redhat.com/show_bug.cgi?id=624438
as Cups STR#3648 (http://www.cups.org/str.php?L3648) is not public yet!
tron [Wed, 10 Nov 2010 17:13:40 +0000 (17:13 +0000)]
Pullup ticket #3270.
tron [Wed, 10 Nov 2010 17:11:47 +0000 (17:11 +0000)]
Pullup ticket #3270 - requested by obache
lang/ruby: fix build of GEM packages under Solaris
Revisions p
- lang/ruby/gem.mk 1.2
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Nov 10 10:57:41 UTC 2010
Modified Files:
pkgsrc/lang/ruby: gem.mk
Log Message:
Exactly set TZ=UTC, or not worked as expected on Solaris (time-zone difference = 0).
Fixes PR#44037.
spz [Wed, 10 Nov 2010 06:15:18 +0000 (06:15 +0000)]
pullups 3267, 3268, 3269
spz [Wed, 10 Nov 2010 06:11:58 +0000 (06:11 +0000)]
Pullup ticket 3267 - requested by wiz
security fix
Revisions pulled up:
- pkgsrc/finance/gnucash/Makefile 1.145
- pkgsrc/finance/gnucash/PLIST 1.38
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sun Nov 7 23:27:53 UTC 2010
Modified Files:
pkgsrc/finance/gnucash: Makefile PLIST
Log Message:
Do not install gnc-test-env. This file got CVE-2010-3999 attached to it
and it's not needed except for testing. Bump PKGREVISION.
While here, include desktopdb.mk.
To generate a diff of this commit:
cvs rdiff -u -r1.144 -r1.145 pkgsrc/finance/gnucash/Makefile
cvs rdiff -u -r1.37 -r1.38 pkgsrc/finance/gnucash/PLIST
spz [Tue, 9 Nov 2010 20:58:59 +0000 (20:58 +0000)]
Pullup ticket 3269 - requested by obache
security update
Revisions pulled up:
- pkgsrc/net/proftpd/Makefile 1.59
- pkgsrc/net/proftpd/PLIST 1.22
- pkgsrc/net/proftpd/distinfo 1.34
- pkgsrc/net/proftpd/options.mk 1.9
- pkgsrc/net/proftpd/patches/patch-aa 1.13
- pkgsrc/net/proftpd/patches/patch-ac 1.13
- pkgsrc/net/proftpd/patches/patch-ab 1.12
Files deleted:
pkgsrc/net/proftpd/patches/patch-ae
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Sun Nov 7 12:21:10 UTC 2010
Modified Files:
pkgsrc/net/proftpd: Makefile PLIST distinfo options.mk
pkgsrc/net/proftpd/patches: patch-aa patch-ab patch-ac
Removed Files:
pkgsrc/net/proftpd/patches: patch-ae
Log Message:
Update proftpd to 1.3.3c.
pksrc changes:
* Instead of patch&subst to change layout of statedir, pass it to configure
instead (and subst for manpages are fixed).
* Convert custom mod_wrap library modification to SUBST.
* Need to buildlink with security/tcp_wappers for mod_wrap.
NEWS:
1.3.3c - Released 29-Oct-2010
--------------------------------
- Bug 3511 - SQLAuthType Backend not properly rejected by mod_sql_sqlite.
- Bug 3513 - EPERM error logged unnecessarily for SFTP logins on Linux.
- Bug 3517 - mod_quotatab decrements file tally improperly for failed DELE
commands.
- Bug 3518 - Support SiteMiscEngine directive, for disabling mod_site_misc
functionality via proftpd.conf.
- Bug 3519 - Inappropriate directory traversal allowed by mod_site_misc.
- Bug 3521 - Telnet IAC processing stack overflow.
1.3.3b - Released 09-Sep-2010
--------------------------------
- Bug 3481 - Problem with SFTP directory listings.
- Bug 3483 - NULL pointer dereference handling SITE command in mod_quotatab.
- Bug 3485 - Disabling IPv6 via -4 or --ipv4 command-line options does not work.
- Bug 3487 - Null pointer dereference with EPRT/EPSV/PASV/PORT command during
data transfer.
- Bug 3482 - ProFTPD corrupts utmpx log files on FreeBSD 9.0/HEAD.
- Bug 3491 - Directory pattern not matching as expected.
- Bug 3492 - Null pointer dereference during data transfer due to RNFR/RNTO.
- Bug 3494 - Null pointer dereference for IPv6-enabled proftpd when no
DefaultServer configured.
- Bug 3501 - <Anonymous> logins with "AuthAliasOnly on" still handled as
anonymous logins.
1.3.3a - Released 01-Jul-2010
--------------------------------
- Bug 3400 - Add Japanese translation.
- Bug 3401 - mod_sftp does not compile with pre-0.9.7 OpenSSL.
- Bug 3402 - mod_tls does not compile with pre-0.9.7 OpenSSL due to Bug#3349.
- Bug 3403 - File upload followed by MLSD leads to wrong file size entries in
TransferLog.
- Bug 3405 - Multiple SFTPAuthorizedUserKeys stores causes segfault on 64-bit
platforms.
- Bug 3354 - Renaming a file across mount points to a full disk does not fail
as expected.
- Bug 3408 - Use <termios.h> instead of <sys/termios.h> where possible.
- Bug 3412 - Include files not included after restart due to permissions.
- Bug 3409 - Build failure on newer FreeBSD due to utmp/utmpx system changes.
- Bug 3417 - Unsafe use of pointer when scanning config for ScoreboardFile.
- Bug 3418 - %U sometimes showing up as "(none)" in ExtendedLog.
- Bug 3421 - RewriteHome does not work properly for SFTP connections.
- Bug 3419 - SSL_shutdown() errors with openssl-0.9.8m.
- Bug 3423 - Last line of multiline DisplayLogin file improperly handled.
- Bug 3426 - mod_sftp does not log to TransferLog by default.
- Bug 3425 - Improperly constructed destination paths for SCP uploads.
- Bug 3427 - mod_sftp does not handle recursive SCP uploads properly.
- Bug 3432 - ExecBeforeCommand does not interpolate the %F/%f variables
properly.
- Bug 3434 - TraceLog contains messages even with "Trace DEFAULT:0" configured.
- Bug 3435 - Encoding/decoding conversion can cause CPU spike.
- Bug 3436 - Support build-time option to disable use of nonblocking open of
log files. Use --disable-nonblocking-log-open to get the pre-1.3.3 behavior
of opening log files.
- Bug 3437 - UseImplicitSSL TLSOption causes PBSZ/PROT commands to fail.
- Bug 3439 - Encoding fails if an NLS-enabled proftpd starts in a UTF8 locale.
- Bug 3446 - .ftpaccess ignored in some cases.
- Bug 3447 - mod_sftp can become confused during large recursive SCP uploads.
- Bug 3448 - Ensure that STAT/LSTAT/FSTAT SFTP requests do not use cached/stale
data.
- Bug 3449 - mod_sftp does not properly handle the O_TRUNC flag in a SFTP OPEN
request.
- Bug 3450 - mod_sftp does not properly handle the O_APPEND flag in a SFTP OPEN
request.
- Bug 3451 - WinSCP can't upload files using protocol version 5 with mod_sftp.
- Bug 3452 - mod_sftp does not advertise its supported SFTP extensions for
protocol version 5.
- Bug 3454 - msgfmt(1) options used for generating NLS files are not compatible
with Solaris' msgfmt.
- Bug 3456 - Problem attempting to recursively download a directory via SCP.
- Bug 3458 - mod_sftp incorrectly performs OpenSSL cleanup.
- Bug 3459 - mod_radius segfaults during incorrect login due to stale data.
- Bug 3460 - REALPATH SFTP request can cause improperly cached directory
configuration.
- Bug 3462 - ftpasswd script's --delete-user option does not work.
- Bug 3463 - ftpasswd script's --delete-group option does not work.
- Bug 3465 - SIGSEGV at LIST after CCC.
- Bug 3470 - Deferred resolution <Directory> paths not handled properly by
mod_sftp.
- Bug 3469 - ExtendedLog's %f variable not properly expanded for DELE if path
begins with tilde ('~').
- Bug 3467 - mod_ifsession does not merge <Directory> blocks properly.
- Bug 3471 - Null values in allow/deny rules causes mod_wrap2 to segfault.
- Bug 3472 - mod_sftp publickey authentication fails for large keys.
- Bug 3424 - Bad LDAP lookup can cause mod_ldap segfault under some conditions.
- Bug 3476 - LIST/NLST of path starting with "-" fails.
- Bug 3475 - Add new 'noGetgrouplist' AuthUnixOption to work around buggy
libc code.
- Bug 3474 - Using SQLite database and SQLLog directive can lead to problems
under load.
To generate a diff of this commit:
cvs rdiff -u -r1.58 -r1.59 pkgsrc/net/proftpd/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/net/proftpd/PLIST
cvs rdiff -u -r1.33 -r1.34 pkgsrc/net/proftpd/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/proftpd/options.mk
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/proftpd/patches/patch-aa \
pkgsrc/net/proftpd/patches/patch-ac
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/proftpd/patches/patch-ab
cvs rdiff -u -r1.7 -r0 pkgsrc/net/proftpd/patches/patch-ae
spz [Tue, 9 Nov 2010 20:38:48 +0000 (20:38 +0000)]
Pullup ticket 3268 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/mysql51-client/Makefile.common 1.13
- pkgsrc/databases/mysql51-client/distinfo 1.10
- pkgsrc/databases/mysql51-server/PLIST 1.10
- pkgsrc/databases/mysql51-server/distinfo 1.12
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 4 15:57:07 UTC 2010
Modified Files:
pkgsrc/databases/mysql51-client: Makefile.common distinfo
pkgsrc/databases/mysql51-server: PLIST distinfo
Log Message:
Update mysql51-{client,server} package from 5.1.51 to 5.1.52.
This is maintainous release and pleare refer in detail:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html
One note from the changes:
* Security Fix: In prepared-statement mode, EXPLAIN for a SELECT from
a derived table caused a server crash. (Bug#54488)
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/mysql51-client/Makefile.common
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-client/distinfo
cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-server/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/mysql51-server/distinfo
spz [Sat, 6 Nov 2010 23:27:00 +0000 (23:27 +0000)]
pullups 3265 and 3266
spz [Sat, 6 Nov 2010 23:24:28 +0000 (23:24 +0000)]
Pullup ticket 3266 - requested by wiz
fix for alpha
Revisions pulled up:
- pkgsrc/lang/perl5/hacks.mk 1.4
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Tue Nov 2 07:54:31 UTC 2010
Modified Files:
pkgsrc/lang/perl5: hacks.mk
Log Message:
Remove alpha hack. Not needed any longer; per Staffan Thom�
<duck@shangtai.net> on tech-pkg.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/perl5/hacks.mk
spz [Sat, 6 Nov 2010 20:34:30 +0000 (20:34 +0000)]
Pullup ticket 3265 - requested by adam
security update
Revisions pulled up:
- pkgsrc/www/webkit-gtk/Makefile 1.28
- pkgsrc/www/webkit-gtk/distinfo 1.21
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Sat Oct 16 13:46:30 UTC 2010
Modified Files:
pkgsrc/www/webkit-gtk: Makefile distinfo
Log Message:
Changes 1.2.5:
Bug fixes.
To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 pkgsrc/www/webkit-gtk/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/webkit-gtk/distinfo
pkgsrc fixup [Mon, 1 Nov 2010 20:38:13 +0000 (13:38 -0700)]
Fixup fromcvs/togit conversion
tron [Fri, 29 Oct 2010 08:09:33 +0000 (08:09 +0000)]
Pullup ticket #3261.
tron [Fri, 29 Oct 2010 08:08:56 +0000 (08:08 +0000)]
Pullup ticket #3261 - requested by bouyer
mail/clamav: bug fix
Revisions pulled up:
- mail/clamav/Makefile 1.107
- mail/clamav/distinfo 1.69
- mail/clamav/patches/patch-ah 1.19
---
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Oct 28 20:11:18 UTC 2010
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Added Files:
pkgsrc/mail/clamav/patches: patch-ah
Log Message:
backport 2 fixes from the git repository. Without it, clamav would
fail to parse some PDF files. Bump PKGREVISION.
pkgsrc fixup [Thu, 28 Oct 2010 20:32:34 +0000 (13:32 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Wed, 27 Oct 2010 20:27:19 +0000 (13:27 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Tue, 26 Oct 2010 20:28:30 +0000 (13:28 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Tue, 26 Oct 2010 14:38:13 +0000 (07:38 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Mon, 25 Oct 2010 20:38:52 +0000 (13:38 -0700)]
Fixup fromcvs/togit conversion
pkgsrc fixup [Mon, 25 Oct 2010 14:35:57 +0000 (07:35 -0700)]
Fixup fromcvs/togit conversion