graphics/drm-{current,fbsd13}-kmod: Update pkg-message
Replace port name with the correct one.
Remove mention to drm-legacy-kmod as it was removed.
PR: 253092
net/ocserv: Update to 1.1.2
- Update to 1.1.2
- Reformat Makefile according to portclippy/portfmt
- Install sample config with PREFIX-ized values where
apropriate.
- Take MAINTAINERship
Reviewed by: osa (mentor)
Approved by: osa (mentor)
Differential Revision: https://reviews.freebsd.org/D28346
x11/foot: add new port
A fast, lightweight and minimalistic Wayland terminal emulator.
Features:
- Fast
- Lightweight, in dependencies, on-disk and in-memory
- Wayland native
- DE agnostic
- User configurable font fallback
- On-the-fly font resize
- On-the-fly DPI font size adjustment
- Scrollback search
- Color emoji support
- Server/daemon mode
- IME (via text-input-v3)
- Multi-seat
- Synchronized Updates
- Sixel image support
https://codeberg.org/dnkl/foot
Add patch to libxfce4menu reverting part of upstream commit 85d8d390,
adding back code to ungrab all keys before grabbing them again.
The call has been removed upstream due to causing problems with tty
switching on linux, but testing in FreeBSD show no such problems
when switching to and from vty, and fix issues with keys not working
properly in FreeBSD.
PR: 244290
Submitted by: aryeh.friedman@gmail.com,
Jethro Nederhof <jethro@jethron.id.au> (suggested patch)
Reported by: many
graphics/drm-current-kmod: Update to latest source after linuxkpi update in base
While here remove vboxvideo and vmwgfx as they having been not working for a long time now.
graphics/drm-{current,devel}-kmod: Update to latest source
This fix a compilation problem with a pre 1300135 source tree.
Reported by: Filippo Moretti <filippomore@yahoo.com>
drm-{current,devel}-kmod: Update to latest sources
Include needed change for new irq_work code from base.
graphics/drm-{current,devel}-kmod: Update to latest source
Fix radeon for __FreeBSD_version >= 1300135
Reported by: tilj
drm-{current,devel}-kmod: Update to v5.4.92
While here only allow building on FreeBSD 14 and remove
some extra CONFLICTS_INSTALL that cannot happens.
graphics/drm-{current,devel}-kmod: Update plist
Those files have been removed from the tree.
While here bump the port version to the right one
Reported by: glebius
drm-current-kmod: Re-add OSVERSION check
Pointy hat to: manu
drm-{current,devel}-kmod: Update distinfo
Reported by: glebius
drm-fbsd*-kmod: Remove CONFLICTS_INSTALL
Only one port can be built on one branch so it's not needed
graphics/drm-fbsd13-kmod: Update pkg-descr
Update pkg-descr so it matches the version.
While here update WWW too.
Reported by: monochrome <monochrome@twcny.rr.com>
textproc/bsdgrep: stop building on FreeBSD 13+
bsdgrep will ship as the non-optional default in FreeBSD 13.0. Mark it as
IGNORE on 13 and 14, with the intention of deprecating it when stable/12 is
no longer supported. In the meantime, it is still useful on the earlier
branches for testing.
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: display
>>> defined at wmwork.c
>>> wmwork.o:(display)
>>> defined at wmgeneral.c
>>> wmgeneral.o:(.bss+0x8)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: board
>>> defined at xcheckers.c
>>> xcheckers.o:(board)
>>> defined at board.c
>>> board.o:(.bss+0x0)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: b_const
>>> defined at fractalb.c
>>> ./common/fractalb.o:(b_const)
>>> defined at fractals.c
>>> ./common/fractals.o:(.bss+0x2B0)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: basedestroyed
>>> defined at base.c
>>> base.o:(basedestroyed)
>>> defined at main.c
>>> main.o:(.bss+0x1A0)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: app_context
>>> defined at callback.c
>>> callback.o:(app_context)
>>> defined at xisola.c
>>> xisola.o:(.bss+0xB0)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: controls
>>> defined at koules.c
>>> koules.o:(controls)
>>> defined at server.c
>>> server.o:(.bss+0xC1BB0)
Reported by: pkg-fallout
security/sudo - update 1.9.5p1 to 1.9.5p2
(text/plain)
Sudo version 1.9.5p2 is now available which fixes CVE-2021-3156
(aka Baron Samedit), a severe security vulnerability in sudo versions
1.8.2 through 1.9.5p1. For more details, see:
https://www.sudo.ws/alerts/unescape_overflow.htmlhttps://www.openwall.com/lists/oss-security/2021/01/26/3
Source:
https://www.sudo.ws/dist/sudo-1.9.5p2.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.9.5p2.tar.gz
SHA256 539e2ef43c8a55026697fb0474ab6a925a11206b5aa58710cb42a0e1c81f0978
MD5 e6bc4c18c06346e6b3431637a2b5f3d5
Patch:
https://www.sudo.ws/dist/sudo-1.9.5p2.patch.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.9.5p2.patch.gz
SHA256 0dd80809c4061670a0b393445b2807be452caf5d5988f279e736040cef1c14dc
MD5 2816f5fa537c61fb913046ef20b88e3b
Binary packages:
https://www.sudo.ws/download.html#binaryhttps://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_5p2
For a list of download mirror sites, see:
https://www.sudo.ws/download_mirrors.html
Sudo web site:
https://www.sudo.ws/
Sudo web site mirrors:
https://www.sudo.ws/mirrors.html
Major changes between sudo 1.9.5p2 and 1.9.5p1
* Fixed sudo's setprogname(3) emulation on systems that don't
provide it.
* Fixed a problem with the sudoers log server client where a partial
write to the server could result the sudo process consuming large
amounts of CPU time due to a cycle in the buffer queue. Bug #954.
* Added a missing dependency on libsudo_util in libsudo_eventlog.
Fixes a link error when building sudo statically.
* The user's KRB5CCNAME environment variable is now preserved when
performing PAM authentication. This fixes GSSAPI authentication
when the user has a non-default ccache.
* When invoked as sudoedit, the same set of command line options
are now accepted as for "sudo -e". The -H and -P options are
now rejected for sudoedit and "sudo -e" which matches the sudo
1.7 behavior. This is part of the fix for CVE-2021-3156.
* Fixed a potential buffer overflow when unescaping backslashes
in the command's arguments. Normally, sudo escapes special
characters when running a command via a shell (sudo -s or sudo
-i). However, it was also possible to run sudoedit with the -s
or -i flags in which case no escaping had actually been done,
making a buffer overflow possible. This fixes CVE-2021-3156.
Major changes between sudo 1.9.5p1 and 1.9.5
* Fixed a regression introduced in sudo 1.9.5 where the editor run
by sudoedit was set-user-ID root unless SELinux RBAC was in use.
The editor is now run with the user's real and effective user-IDs.
Major changes between sudo 1.9.5 and 1.9.4p2
* Fixed a crash introduced in 1.9.4 when running "sudo -i" as an
unknown user. This is related to but distinct from Bug #948.
* If the "lecture_file" setting is enabled in sudoers, it must now
refer to a regular file or a symbolic link to a regular file.
* Fixed a potential use-after-free bug in sudo_logsrvd when the
server shuts down if there are existing connections from clients
that are only logging events and not session I/O data.
* Fixed a buffer size mismatch when serializing the list of IP
addresses for configured network interfaces. This bug is not
actually exploitable since the allocated buffer is large enough
to hold the list of addresses.
* If sudo is executed with a name other than "sudo" or "sudoedit",
it will now fall back to "sudo" as the program name. This affects
warning, help and usage messages as well as the matching of Debug
lines in the /etc/sudo.conf file. Previously, it was possible
for the invoking user to manipulate the program name by setting
argv[0] to an arbitrary value when executing sudo.
* Sudo now checks for failure when setting the close-on-exec flag
on open file descriptors. This should never fail but, if it
were to, there is the possibility of a file descriptor leak to
a child process (such as the command sudo runs).
* Fixed CVE-2021-23239, a potential information leak in sudoedit
that could be used to test for the existence of directories not
normally accessible to the user in certain circumstances. When
creating a new file, sudoedit checks to make sure the parent
directory of the new file exists before running the editor.
However, a race condition exists if the invoking user can replace
(or create) the parent directory. If a symbolic link is created
in place of the parent directory, sudoedit will run the editor
as long as the target of the link exists. If the target of the
link does not exist, an error message will be displayed. The
race condition can be used to test for the existence of an
arbitrary directory. However, it _cannot_ be used to write to
an arbitrary location.
* Fixed CVE-2021-23240, a flaw in the temporary file handling of
sudoedit's SELinux RBAC support. On systems where SELinux is
enabled, a user with sudoedit permissions may be able to set the
owner of an arbitrary file to the user-ID of the target user.
On Linux kernels that support "protected symlinks", setting
/proc/sys/fs/protected_symlinks to 1 will prevent the bug from
being exploited. For more information see
https://www.sudo.ws/alerts/sudoedit_selinux.html.
* Added writability checks for sudoedit when SELinux RBAC is in use.
This makes sudoedit behavior consistent regardless of whether
or not SELinux RBAC is in use. Previously, the "sudoedit_checkdir"
setting had no effect for RBAC entries.
* A new sudoers option "selinux" can be used to disable sudo's
SELinux RBAC support.
* Quieted warnings from PVS Studio, clang analyzer, and cppcheck.
Added suppression annotations for PVS Studio false positives.
PR: 253034
Submitted by: cy
Reported by: cy
Reviewed by: emaste
Approved by: emaste
Approved by: ports-secteam (delphij)
Security: CVE-2021-3156, CVE-2021-3156
Differential Revision: https://reviews.freebsd.org/D28363
dns/dnsmasq: regression fixes from upstream Git
Apparently there are situations where dnsmasq 2.83 can confuse
its peers or sockets, and the upstream Git contains fixes for them.
These four fixes essentially take dnsmasq to 2.84test3.
Obtained from: Simon Kelley <simon@thekelleys.org.uk>'s Git repository
dns/dnsmasq: upgrade to v2.84 (regression fixes)
Upstream blessed v2.84 rc2 (which 2.83_1 effectively already was)
into v2.84 release, so take it (and patch the upstream bug of
leaving "rc2" in the version out).
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: Big_O
>>> defined at init.c
>>> init.o:(Big_O)
>>> defined at oids.c
>>> oids.o:(.bss+0x190)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: player
>>> defined at actions.c
>>> actions.o:(player)
>>> defined at explode.c
>>> explode.o:(.bss+0x0)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: current_server_filter
>>> defined at filter.c
>>> filter.o:(current_server_filter)
>>> defined at flt-player.c
>>> flt-player.o:(.bss+0x30)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: radar
>>> defined at map.c:31
>>> map.o:(radar)
>>> defined at game.c:31
>>> game.o:(.bss+0xD8)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: IMG_SPLASH
>>> defined at data.c
>>> data.o:(IMG_SPLASH)
>>> defined at scr_xrick.c
>>> scr_xrick.o:(.data+0x18)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: act
>>> defined at xrot.c
>>> xrot.o:(act)
>>> defined at title.c
>>> title.o:(.bss+0x118)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: board
>>> defined at addpiece.c
>>> addpiece.o:(board)
>>> defined at endgame.c
>>> endgame.o:(.bss+0x0)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
ld: error: duplicate symbol: b
>>> defined at xtron.c
>>> xtron.o:(b)
>>> defined at main.c
>>> main.o:(.bss+0x100)
Reported by: pkg-fallout
Mark BROKEN on FreeBSD 13 and 14
c++ -O2 -pipe -fstack-protector-strong -fno-strict-aliasing -I../../include -Iposix -I../core/posix -c -o activity_statistics_monitor.o activity_statistics_monitor.cpp
In file included from activity_statistics_monitor.cpp:18:
In file included from ./incoming_message.h:20:
In file included from ./parameters.h:20:
In file included from ./parameter_entry.h:24:
In file included from /usr/include/c++/v1/string:506:
In file included from /usr/include/c++/v1/string_view:175:
In file included from /usr/include/c++/v1/__string:57:
In file included from /usr/include/c++/v1/algorithm:643:
In file included from /usr/include/c++/v1/memory:681:
In file included from /usr/include/c++/v1/atomic:571:
/usr/include/c++/v1/__threading_support:76:9: error: unknown type name 'sem_t'
typedef sem_t __libcpp_semaphore_t;
^
Reported by: pkg-fallout
