1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-28 01:06:17 +00:00
Commit Graph

495309 Commits

Author SHA1 Message Date
Koop Mast
116296778b MFH: r526526
Update webkit2-gtk3 to 2.26.4.

Security:	1cb0af4e-d641-4f99-9432-297a89447a97

Approved by:	ports-secteam@ (joneum@)
2020-02-19 19:56:32 +00:00
Luca Pizzamiglio
6badd78a50 MFH: r526499
devel/pecl-xdebug: Update to 2.9.2

Bug fix release.
Changelog: https://xdebug.org/updates#x_2_9_2

Sponsored by:	trivago N.V.

Approved by:	portmgr
2020-02-19 12:28:53 +00:00
Kai Knoblich
7b77e19910 MFH: r526491
games/anki: Update to 2.1.16

* Backport two patches from upstream that fix the argument handling with
  multimedia/mpv since r520597.

* Also slightly change the MASTER_SITES as upstream distribute tarballs for
  newer versions only via GitHub.

Although there are already some newer releases available use the 2.1.16
release for a while.  It's mainly because the build process has changed a
lot since the 2.1.17 release and still needs to be investigated a little
more closely.

Changelog:

https://apps.ankiweb.net/docs/changes.html#changes-in-2.1.16

Approved by:	ports-secteam bugfix blanket
2020-02-19 08:22:09 +00:00
Thomas Zander
3bb50ea0bc MFH: r526469
Update to upstream version 0.21.20

Details:
- Bugfix release, see
  https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.21.20/NEWS
  includes various fixes for seeking

Approved by:	ports-secteam (riggs)
2020-02-18 19:06:36 +00:00
Koichiro Iwao
7b9982600f MFH: r526441
security/softether5: fix build on non-x86 architectures

Tested on: Raspberry Pi 3 Model B+

Sponsored by:	HAW International

Approved by:	portmgr blanket (fix build)
2020-02-18 08:58:14 +00:00
Matthias Andree
4e116cfa29 MFH: r526434
sysutils/e2fsprogs: Fix powerpc32 build/self-tests
libext2fs: avoid array buffer overruns caused by insane directory blocks

PR:		242798
Reported by:	canardo909@gmx.com
Obtained from:	Theodore Y. Ts'o <tytso@mit.edu> (upstream maintainer)

Approved by:	ports-secteam (blanket, fixing broken self-test by small patch)
2020-02-17 22:14:32 +00:00
Jan Beich
cc4e6adc6e MFH: r526430
www/firefox: update to 73.0.1

Changes:	https://www.mozilla.org/firefox/73.0.1/releasenotes/
PR:		243295
Approved by:	ports-secteam blanket
2020-02-17 20:46:22 +00:00
Matthias Fechner
a600a37ee6 MFH: r524831 r525233 r526069
Update to 12.7.5.
Changelog:
https://about.gitlab.com/releases/2020/01/22/gitlab-12-7-released/
https://about.gitlab.com/releases/2020/01/24/gitlab-12-7-2-released/
https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
https://about.gitlab.com/releases/2020/01/31/gitlab-12-7-5-released/

Use the standard RC system available in FreeBSD.
This makes some commands like:
service gitlab rcvar
available. This is required by configuration management tools like Chef, Puppetm, Salt,
Ansible and more.

PR:		243860
Reported by:	amendlik@gmail.com

Security update to 12.7.6.
Changelog:
https://about.gitlab.com/releases/2020/02/13/critical-security-release-gitlab-12-dot-7-dot-6-released/

Security:	1ece5591-4ea9-11ea-86f0-001b217b3468

Approved by:	ports-secteam (joneum)
2020-02-17 19:03:59 +00:00
Matthias Fechner
d70d7f5168 MFH: r525469
Fixed build for aarch64.
This problem was send upstream here:
https://gitlab.com/gitlab-org/gitlab-workhorse/issues/246

And will be corrected with this merge request:
https://gitlab.com/gitlab-org/gitlab-workhorse/-/merge_requests/456

After the merge request reached the next stable version the two patches:
gitlab-workhorse/files/patch-go.mod
gitlab-workhorse/files/patch-go.sum

can be removed again.

PR:		243804
Reported by:	mikael@FreeBSD.org

Approved by:	ports-secteam (joneum)
2020-02-17 19:00:48 +00:00
Matthias Fechner
59289087e0 MFH: r524826
Update to 2.7.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:59:48 +00:00
Matthias Fechner
b8b8997e49 MFH: r524942
Update to 1.2.2 to work with newer rubygem-addressable.

Approved by:	ports-secteam (joneum)
2020-02-17 18:58:57 +00:00
Matthias Fechner
d6d4ae236c MFH: r524941
Update to 1.8.1 to work with newer rubygem-addressable.

Approved by:	ports-secteam (joneum)
2020-02-17 18:58:07 +00:00
Matthias Fechner
cfea37f1e9 MFH: r524940
Update to 0.2.5 to work with newer rubygem-addressable.

Approved by:	ports-secteam (joneum)
2020-02-17 18:57:25 +00:00
Matthias Fechner
e90b327ce4 MFH: r524939
Update to 0.8.1 to work with newer rubygem-addressable.

Approved by:	ports-secteam (joneum)
2020-02-17 18:56:30 +00:00
Matthias Fechner
013fee5959 MFH: r524836
Unbreak INDEX

Approved by:	ports-secteam (joneum)
2020-02-17 18:55:45 +00:00
Matthias Fechner
30be408e5b MFH: r524830
Update to 11.0.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:53:53 +00:00
Matthias Fechner
66fae808b6 MFH: r524829
Update to 1.83.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:53:03 +00:00
Matthias Fechner
cca5b2ebe0 MFH: r524828
Update to 4.6.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:52:19 +00:00
Matthias Fechner
85ca80fb24 MFH: r524827
Update to 2.3.1 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:51:35 +00:00
Matthias Fechner
465412db4c MFH: r524825
Update to 4.15.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:50:52 +00:00
Matthias Fechner
e3180bff88 MFH: r524824
Update to 1.81.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:50:07 +00:00
Matthias Fechner
f0679ece1f MFH: r524823
Update to 1.2.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:49:26 +00:00
Matthias Fechner
0fdb5adb20 MFH: r524822
Update to 0.8.0 which is required for gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:48:35 +00:00
Matthias Fechner
519fb01a81 MFH: r524821
Upgraded to version 6.8.1.

Approved by:	ports-secteam (joneum)
2020-02-17 18:47:48 +00:00
Matthias Fechner
d007b665dc MFH: r524820
Added/reviewed ports required by gitlab-ce 12.7.

Approved by:	ports-secteam (joneum)
2020-02-17 18:46:57 +00:00
Kubilay Kocak
475716846e MFH: r526357 devel/py-Faker: Add missing dependencies
None of the packages upstream specified dependencies were declared in the
port. This change adds those missing dependencies.

The issue was identified while QA'ing www/py-freenit via bug 242817

File "/usr/local/lib/python3.7/site-packages/faker/providers/internet/__init__.py", line 4, in <module>
    from text_unidecode import unidecode
ModuleNotFoundError: No module named 'text_unidecode'

While I'm here, level up ports (and Python ports) compliance and add test
target.

Approved by:	portmgr (blanket(s): missing dependencies, ports (Python) compliance)

Approved by:	ports-secteam (blanket(s): missing dependencies, ports (Python) compliance)
2020-02-17 10:46:22 +00:00
Kubilay Kocak
4e3fe60565 MFH: r526349 www/tomcat85,9: Improve port quality
- Don't echo automatic actions unlike other manual actions
  - Don't perform ${RM} -R because the OPTIONS system takes @comment parts
    in pkg-plist into account, poudriere build does not complain.
  - Don't provide samples for XML schema files, these are NOT intended to
    be modified by the user

PR:		243648
Submitted by:	Michael Osipov <michael.osipov siemens com>
Approved by:	VVD <vvd unislabs com>

Approved by:	ports-secteam (blanket: ports compliance, bugfixes)
2020-02-17 10:43:51 +00:00
Kai Knoblich
e7111d1687 MFH: r526351
textproc/py-ocrmypdf: Update to 9.6.0

Changelog since 9.3.0:

https://github.com/jbarlow83/OCRmyPDF/blob/v9.6.0/docs/release_notes.rst

Approved by:	ports-secteam bugfix blanket
2020-02-17 08:43:22 +00:00
Kubilay Kocak
d5c41481d9 MFH: r526346 net-mgmt/netdata: Honour/respect default Python version
PR:		243567
Reviewed by:	mat, koobs (python)
Approved by:	portmgr (blanket: run time bug fix, ports (Python) compliance)
Differential Revision:	D22909

Approved by:	ports-secteam (blanket: run time bug fix, ports (Python) compliance)
2020-02-17 07:00:50 +00:00
Danilo G. Baio
2b059e7583 MFH: r526071
graphics/libexif: Fix security vulnerabilities

 - Fix CVE-2019-9278

  In libexif, there is a possible out of bounds write due to an integer
  overflow. This could lead to remote escalation of privilege in the media
  content provider with no additional execution privileges needed. User
  interaction is needed for exploitation.

 - Fix a buffer read overflow in exif_entry_get_value

 - Fix a buffer overread in exif_mnote_data_olympus_load

PR:		244060
Reported by:	tj@mrsk.me (email)
Approved by:	former maintainer
Security:	00f30cba-4d23-11ea-86ba-641c67a117d8

Approved by:	ports-secteam (blanket, backport of security fixes)
2020-02-15 16:28:41 +00:00
Matthias Andree
a6b5a5cab5 MFH: r526180, to complement r526177 (MFH r526173)
Unbreak fetch of fetchmailconf...

...which inherits MASTER_SITES through .including fetchmail/Makefile

Approved by:	ports-secteam (blanket, unbreak broken port)
2020-02-14 22:23:22 +00:00
Matthias Andree
89024c0869 MFH: r526173
Unbreak. The port had been broken while fetchmail 6.3.26 had
been removed by upstream and before mail/fetchmail had been
updated to 6.4.x - it fetches properly.

Regarding Python 3.x compatibility,
see: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244130

While here, fix TARGET -> ALL_TARGET to avoid building the C stuff,
and drop the unused obsolete distinfo file.

Approved by:	ports-secteam (blanket, unbreaking broken port)
2020-02-14 21:32:23 +00:00
Larry Rosenman
b36d87764e MFH: r526001
mail/dovecot: upgrade to 2.3.9.3

Changelog:
    * CVE-2020-7046: Truncated UTF-8 can be used to DoS
      submission-login and lmtp processes.
    * CVE-2020-7957: Specially crafted mail can crash snippet generation.

Security:	CVE-2020-7046
Security:	CVE-2020-7957
Security:	74db0d02-b140-4c32-aac6-1f1e81e1ad30

Approved by: ports-secteam (zi)
2020-02-14 21:30:24 +00:00
Baptiste Daroussin
ea60da8202 MFH: r525916
sysutils/grub2-bhyve: Neutralize privileged guest commands

GRUB was designed to run in a trusted environment, where anyone with access
to grub2.cfg could also modify grub itself.  In grub2-bhyve, we have
modified it to run in host context, but interpret the commands of guest
grub2.cfg.  This means we have to worry about malicious guests.

This patch addresses two escalation vectors: font-loading, and the direct
'read', 'write', 'in', and 'out' commands (which read/write arbitrary
addresses).  Both reported by Reno Robert.

Disable font-loading by neutering the command.  It is believed to be non-
essential and there is at least one buffer overflow in the font loading
code.

Disable reading and writing host memory and IO ports.  It is believed to be
non-essential.

admbugs:	948
Reported by:	Reno Robert <renorobert AT gmail.com>
Approved by:	bapt
Security:	yes

Approved by:	portmgr (bapt)
2020-02-14 15:41:49 +00:00
Piotr Kubaj
eff95a2608 MFH: r526016
security/nss: fix build with GCC architectures

-Werror=unused-function causes:
verified/kremlin/kremlib/dist/minimal/FStar_UInt128.h:82:37: error: 'FStar_UInt128_mul32' declared 'static' but never defined [-Werror=unused-function]
   82 | inline static FStar_UInt128_uint128 FStar_UInt128_mul32(uint64_t x, uint32_t y);

Add -Wno-error=unused-function to fix build.

Approved by:	portmgr (ports tree compliance)
2020-02-13 14:18:22 +00:00
Jan Beich
0cb6642b4d MFH: r525994
emulators/citra: update to s20200211

Changes:	5d502dfec...f106e7613
Approved by:	ports-secteam (swills, implicit for snapshots)
2020-02-13 00:45:18 +00:00
Jan Beich
c61bf76047 MFH: r525989
mail/thunderbird: update to 68.5.0

Changes:	https://www.thunderbird.net/thunderbird/68.5.0/releasenotes/
Approved by:	ports-secteam blanket (browser inside)
2020-02-13 00:44:40 +00:00
Jan Beich
c0b2600b4f MFH: r525988
security/nss: unbreak on armv6 after r524147

In file included from ../../lib/freebl/gcm-arm32-neon.c:16:
/usr/lib/clang/8.0.1/include/arm_neon.h:28:2: error: "NEON support not enabled"
 #error "NEON support not enabled"
  ^

PR:		243734
Reported by:	garga
Submitted by:	mikael
Approved by:	ports-secteam blanket
2020-02-13 00:44:02 +00:00
Jan Beich
48d23973bc MFH: r525887
emulators/rpcs3: unbreak DEFAULT_VERSIONS=python=2.7 after r521573

CMake Error at /usr/local/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
  Could NOT find PythonInterp: Found unsuitable version "2.7.17", but
  required is at least "3" (found /usr/local/bin/python)
Call Stack (most recent call first):
  /usr/local/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:376 (_FPHSA_FAILURE_MESSAGE)
  /usr/local/share/cmake/Modules/FindPythonInterp.cmake:160 (FIND_PACKAGE_HANDLE_STANDARD_ARGS)
  Vulkan/glslang/CMakeLists.txt:165 (find_package)

Approved by:	ports-secteam blanket
2020-02-11 19:26:24 +00:00
Dima Panov
cc45a5657f MFH: r525833
mail/opensmtpd: update to 6.6.3p1 release

- switch default configuration to maildir
- allow mbox to deliver to users without requiring privileges in the daemon
- allow lmtp to receive sender/recipient in environment

Approved by:	ports-secteam (joneum)
2020-02-11 16:29:54 +00:00
Jung-uk Kim
bd501794c3 MFH: r525829
Update to 32.0.0.330.

https://helpx.adobe.com/security/products/flash-player/apsb20-06.html

Approved by:	ports-secteam (blanket)
2020-02-11 15:03:50 +00:00
Tobias Kortkamp
4d7312e084 MFH: r525792
www/kanboard: Unbreak MYSQL option after r514556

Unknown extension pdo_mysqli for PHP 72.

Pointy hat:	swills
PR:		241567
Submitted by:	Vikash Badal <vikashb@where-ever.za.net>
Approved by:	bsd@if0.eu (maintainer timeout, 3 months)

Approved by:	ports-secteam blanket
2020-02-11 08:31:42 +00:00
Bernard Spil
11c8e7ed41 security/openssl: Fix Epoch
Reported by:	Dan McGrath <danmcgrath ca gmail com>
Approved by:	ports-secteam (joneum)
2020-02-11 07:19:16 +00:00
Kubilay Kocak
e0bed5b944 MFH: r525691 net-im/prosody: Update to 0.11.4
Changelog:

  https://blog.prosody.im/prosody-0.11.4-released/

PR:		243460
Submitted by:	Thomas Morper <thomas beingboiled info>
Approved by:	portmgr (maintainer timeout: > 14 days)

Approved by:	ports-secteam (blanket: bugfix release)
2020-02-11 03:40:19 +00:00
Kubilay Kocak
e01d5c9ec9 MFH: r525523 misc/brs: Update to 4.3.0
misc/brs currently builds with many warnings and segfaults at runtime,
likely a missing prototypes issue as that's what most of the warnings
are.

A much more recent version (4.30 as opposed to 4.03) of this is
widely available on linux under the name "bible-kjv", which also exists
as an OpenBSD port.

This change updates brs to 4.30, switching upstream to DEBIAN [1], and the
first step commit to renaming the port.

While here:

  - Include the "randverse" program
  - Wordsmith pkg-descr: It's all very well saying that the port
    includes libraries, but it doesn't install them.
  - Remove patches: no longer relevent

[1] Use a temporary MASTER_SITES workaround, instead of 'DEBIAN' directly
    because it does not currently use or support DISTNAME.

PR:		243886
Submitted by:	Andrew <andrew tao11.riddles.org.uk>
Approved by:	<user unknown nu> (implicit, approves maintainer change)
Approved by:	portmgr (blanket: run (crash) fixes)

Approved by:	ports-secteam (blanket: run (crash) fixes)
2020-02-11 03:37:47 +00:00
Jan Beich
72084d1010 MFH: r525766
security/nss: disable AltiVec on 32-bit powerpc

Crypto acceleration is only implemented for powerpc64 but build flags
leak to other powerpc targets. Disable via a variable introduced in 3.50.

PR:		242523
Reported by:	many
Approved by:	ports-secteam blanket
2020-02-10 23:52:08 +00:00
Jan Beich
3bf4987e3f MFH: r523059 r525757
security/nss: update to 3.50

Changes:	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.50_release_notes
Changes:	https://hg.mozilla.org/projects/nss/shortlog/NSS_3_50_RTM
ABI:		https://abi-laboratory.pro/tracker/timeline/nss/
Reported by:	Repology
Approved by:	ports-secteam blanket (required by Firefox 74)
2020-02-10 22:38:37 +00:00
Jan Beich
0005fb1bf3 MFH: r525179
www/firefox: apply upstream powerpc64 fixes

Many of these are stalled on review for various reasons but the intent
of each seems clear enough to keep rebasing or ask upstream for help.
pkg-fallout@ would identify rebase mistakes while atomic changes would
identify when a particular patch is no longer useful.

Submitted by:	mikael (via D21765)
Approved by:	ports-secteam blanket
2020-02-10 17:04:44 +00:00
Jan Beich
3a80afeba6 MFH: r525108 r525155 r525478 r525512
www/firefox: update to 73.0

Changes:	https://www.mozilla.org/firefox/73.0/releasenotes/
PR:		243295
Security:	802e3138-b8af-4a89-a908-f103107e64b4
Approved by:	ports-secteam blanket
Differential Revision:	https://reviews.freebsd.org/D23146
2020-02-10 17:02:33 +00:00
Jan Beich
581ab60645 MFH: r525107 r525477
www/firefox-esr: update to 68.5.0

Changes:	https://www.mozilla.org/firefox/68.5.0/releasenotes/
Security:	802e3138-b8af-4a89-a908-f103107e64b4
Approved by:	ports-secteam blanket
2020-02-10 16:57:41 +00:00