1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-07 02:06:57 +00:00
Commit Graph

20953 Commits

Author SHA1 Message Date
Johannes Jost Meixner
9b82acf5d6 Register Flash vulnerabilities.
Affected: www/linux-*-flashplugin11.
2015-04-17 10:09:41 +00:00
Jan Beich
7313d8e6de Document Wesnoth vulnerability. CVE-2015-0844
PR:		199414
2015-04-17 08:04:24 +00:00
Tijl Coosemans
64e8bce526 Depend on PolarSSL 1.3
Reported by:	antoine
2015-04-17 07:04:45 +00:00
Grzegorz Blach
45bf4cceb6 Back to the pool.
Currently and in near future I don't have time to be responsible
for any port.
2015-04-16 20:13:43 +00:00
Tijl Coosemans
d5232a0aa2 Drop maintainership now that Linphone no longer depends on it 2015-04-16 19:08:09 +00:00
Cy Schubert
526bc84da4 Updade 2.9.3 --> 2.9.4 2015-04-16 19:07:02 +00:00
Mark Felder
d8fe21535f Add patches to fix Strongswan Management Protocol
SMP is an XML control interface for Strongswan used by pfSense and
Opnsense. SMP has been deprecated by upstream since 5.2.0 in favor of a
newer IPC mechanism called VICI. As a result upstream is not motivated
to take patches for SMP, and this uses non-portable strlcpy anyway.

The code has not been deleted from the project and if we can bludgeon it
into a working state I see no harm.

PR:		199442
2015-04-16 12:55:38 +00:00
Dmitry Marakasov
f07f4a707f - Add CPE info
Approved by:	portmgr blanket
2015-04-15 19:12:18 +00:00
Tijl Coosemans
8e27c129f2 New port security/libbzrtp:
An implementation of ZRTP by Belledonne Communications (Linphone).
ZRTP (RFC 6189) is a media path key agreement protocol for unicast
secure RTP.
2015-04-15 18:46:50 +00:00
Bartek Rutkowski
e5eb7c99ee security/sudo: add CPE info
PR:		199367
Submitted by:	Shun <shun.fbsd.pr@dropcut.net>
Approved by:	portmgr blanket
2015-04-15 10:00:31 +00:00
Tijl Coosemans
074ea5282a converters/libiconv:
- Remove const qualifier from iconv(3) to match POSIX:
  http://pubs.opengroup.org/onlinepubs/9699919799/functions/iconv.html
- Patch iconv.h to expose more GNU extensions when LIBICONV_PLUG is
  defined because the base system iconv supports these extensions too.

Add/remove patches to/from ports to call iconv with non-const arguments.

This breaks some ports on FreeBSD 10 because base system iconv.h still has
the const qualifier.  Fix this by letting USES=iconv add a build dependency
on converters/libiconv so ports can use its iconv.h (with LIBICONV_PLUG
defined) instead of the base system iconv.h.

This exposed some ports that link with libiconv when it is available instead
of using libc iconv.  In these cases one of the following changes has been
made:
- patch configure scripts to test for libc iconv first
- add ac_cv_lib_iconv_libiconv=no or similar to CONFIGURE_ARGS to disable
  some configure tests
- converters/wkhtmltopdf: this includes Qt4 so add a patch from devel/qt4
- lang/gcc5-aux: respect CFLAGS and friends during configure such that
  LIBICONV_PLUG is defined in the iconv test, also switch to external
  gettext
- mail/gnarwl: replace patches with CPPFLAGS/LIBS
- multimedia/ffmpeg2theora: remove iconv test from SConstruct and use
  ICONV_LIB in port Makefile instead, also fix a bug in subtitles.c
- net-im/licq: finish conversion to cmake
- net-mgmt/bandwidthd, net-mgmt/icinga, net-mgmt/nagios, net-mgmt/nagios4:
  don't need iconv
- textproc/p5-XML-TinyXML: finish conversion to USES=perl5

Other changes:
- databases/qdbm and slaves: respect CFLAGS and friends, also enable bzip2
  and lzo support
- games/ldmud: respect CFLAGS and friends
- graphics/inventor: replace some patches with MAKE_ARGS/MAKE_ENV to respect
  CFLAGS and friends, also remove FreeBSD/alpha patch and add missing xorg
  dependencies

PR:		199099
Exp-run by:	antoine
Approved by:	portmgr (antoine)
2015-04-15 08:20:27 +00:00
Sunpoet Po-Chuan Hsieh
5a194d5c00 - Update to 1.011
Changes:	http://search.cpan.org/dist/Authen-SASL-SASLprep/Changes
2015-04-14 18:31:23 +00:00
Bryan Drewery
01f1b90dd0 Replace the TTSH patch from r383618 with the one that upstream took.
Obtained from upstream d8f391caef623
2015-04-14 16:42:24 +00:00
Mikhail Teterin
97baea514d Remove the hunk replacing the original argument-parsing. Though the
old code is ugly, it is correct and replacement is thus not warranted.
2015-04-14 16:24:00 +00:00
Dmitry Marakasov
a5f74606b5 - Add LICENSE_FILE
- Add CPE info

Approved by:	portmgr blanket
2015-04-14 13:21:50 +00:00
Bartek Rutkowski
01d8cc2c90 security/xml-security: add CPE information
- Maintainer's timeout (ale@FreeBSD.org)

PR:		199038
Submitted by:	Shun <shun.fbsd.pr@dropcut.net>
2015-04-14 10:21:13 +00:00
Bartek Rutkowski
9fa578de55 security/gnupg20: add CPE information
- Maintainer's timeout (kuriyama@FreeBSD.org)

PR:		198851
Submitted by:	Shun <shun.fbsd.pr@dropcut.net>
2015-04-14 08:42:13 +00:00
Raphael Kubo da Costa
19d9aa2b81 Add entry for CVE-2015-1858, CVE-2015-1859 and CVE-2015-1860.
Multiple vulnerabilities in Qt image format handling (the 3 CVEs are part of
the same security advisory).
2015-04-14 08:33:04 +00:00
Bartek Rutkowski
c24c16ba21 security/gnupg1: add CPE information
- Maintainer's timeout (kuriyama@FreeBSD.org)

PR:		198850
Submitted by:	Shun <shun.fbsd.pr@dropcut.net>
2015-04-14 08:24:06 +00:00
Mikhail Teterin
6459af4404 Fix a copy/paste error in the patch. 2015-04-14 01:35:45 +00:00
Mikhail Teterin
a5677f353b Unbreak and otherwise improve this port:
* Use standard source of PECL-sources -- the old MASTER_SITE is
	  gone, and good riddance too, because the difference between
	  0.4 and 0.4.1 was an irrelevant one-liner.
	* Patch to use modern PHP ZEND API
	* Patch to actually use cracklib as advertized -- since the
	  port's inception it LIB_DEPENDed on security/cracklib and
	  advertized its use in pkg-descr, lying on both accounts.
	* Throw in a couple of basic usage tests rejecting bad passwords
	  and accepting good ones.

Special thanks to Nathan Neulinger for making the necessary cracklib function
accessible and to cy@ for promptly updating security/cracklib to use
Nathan's latest release.
2015-04-14 01:27:51 +00:00
Steve Wills
6574fab10f Document issues in ruby 2015-04-14 00:50:37 +00:00
Sunpoet Po-Chuan Hsieh
52ca889231 - Update to 1.3.3
Changes:	http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=blob;f=NEWS;hb=HEAD
2015-04-13 19:25:19 +00:00
Jun Kuriyama
fa09e9e2b9 - Add CPE information [1].
- Fix accidentally linking devel/readline if installed [2].

# I'm working on 2.1.3 update, but it requires LDAP header even if
# disabled.  Stay tuned (or patches are welcome).

PR:		ports/198849 [1], ports/198036 and ports/198354 [2]
Submitted by:	shun.fbsd.pr@dropcut.net [1], amdmi3 and jf@fahrner.name [2]
2015-04-13 02:55:29 +00:00
Mathieu Arnold
90b17c70c0 These need Module::Build.
Sponsored by:	Absolight
2015-04-12 19:10:58 +00:00
Dirk Meyer
b8c14435b5 - disable option ASM by default
- bump PORTREVISION
PR:		196756
2015-04-12 17:28:07 +00:00
Cy Schubert
2754a5aef1 Update 2.9.2 --> 2.9.3
Submitted by:	mi
2015-04-12 00:05:56 +00:00
Johan van Selst
e50f2a871e - Update to libssh 0.6.4 (security and bugfix release)
https://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
- This version does not compile with gcrypt: force use of openssl
- Adopt port

MFH:		2015Q2
2015-04-11 16:01:01 +00:00
Antoine Brodin
dbbb91b27d New port: security/py-stix
A Python library for parsing, manipulating, and generating STIX content
WWW: https://github.com/STIXProject/python-stix
2015-04-10 22:25:06 +00:00
Baptiste Daroussin
254f6ef8bd Use regular LIB_DEPENDS dep to find nss 2015-04-10 19:42:47 +00:00
Johannes Jost Meixner
1254a1491d security/linux-c6-openssl: update to 1.0.1e_5
- update to 1.0.1e_5

From the RPM changelog:

  * Thu Mar 26 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-30.8
  - drop the AES-GCM restriction of 2^32 operations because the IV is
    always 96 bits (32 bit fixed field + 64 bit invocation field)
2015-04-10 15:54:12 +00:00
Dmitry Marakasov
a5eb72353c - Start before syslogd
This is needed as bruteblock (not to be confused with bruteblockd)
which is usually run from syslog, also requires ldconfig, and bruteblockd
rc.d script provides it for him by depending on ldconfig and running
before syslogd

PR:		199263
2015-04-10 12:10:24 +00:00
Dmitry Marakasov
f86d931b4f - Fix boottime startup by requiring ldconfig in rc.d script
PR:		199263
Submitted by:	fesse@mail.ru
2015-04-10 11:59:00 +00:00
Sunpoet Po-Chuan Hsieh
61b8e953b9 - Convert to new options helper
- Sort PLIST
2015-04-10 08:30:25 +00:00
Bryan Drewery
08dd690c4a Cleanup some unneeded patches.
1. There's no need to patch the xauth(1) location as the OpenSSH build already
   does so based on the --with-xauth path provided. It also updates manpages.
2. Don't modify manpage for shosts location as it was wrong. The proper
   LOCALBASE path is now used due to OpenSSH's build already handling it
   properly.
3. Remove confusing UsePrivilegeSeparation change in sshd_config. The default
   upstream is to have it disabled by default. The sshd_config line is in
   upstream to enable it by default in new installations. We always enable
   it though. So remove the sshd_config change which makes it look like
   we don't use it; it was not a needed difference with upstream.

From discussion with:	TJ <tj@mrsk.me>
2015-04-09 20:57:23 +00:00
Bryan Drewery
e574b487b5 Limit the TTSSH bug fix in r383618 to only versions that have it.
Submitted by:	IWAMOTO Kouichi <sue@iwmt.org>
2015-04-09 20:19:17 +00:00
Matthias Andree
3f93e22150 Add mailman < 2.1.20 vulnerability.
Port update to arrive shortly.
2015-04-09 19:35:00 +00:00
Hajimu UMEMOTO
d996228059 Add CPE information. 2015-04-09 17:06:11 +00:00
Adam Weinberger
371b3c79f7 Update to 0.77.
Changes: https://metacpan.org/changes/distribution/Module-Signature
2015-04-09 16:15:25 +00:00
Mark Felder
f5e491c355 Update PORTREVISION due to sguil getting new UIDs / GIDs.
We want packages on FreeBSD mirrors to have the updated UID/GID.

There was a UID conflict with dns/dnscrypt-proxy that has now been
corrected.
2015-04-09 15:47:19 +00:00
Brendan Fabeny
bddf326fa5 update to 0.2.6.7
PR:		199275
2015-04-09 12:12:22 +00:00
Bryan Drewery
c1edee9622 Fix TTSSH (Tera Type/Term) client crash:
Unexpected SSH2 message(80) on current stage(6)

This patch was submitted upstream. The client has fixed it in their SVN [1][2]
but not yet released a fixed build.

[1] http://en.sourceforge.jp/ticket/browse.php?group_id=1412&tid=35010
[2] http://en.sourceforge.jp/projects/ttssh2/scm/svn/commits/5829
2015-04-09 02:33:47 +00:00
Bryan Drewery
fff0fb586b Remove debugging leftover in release.
error: mm_request_receive: socket closed

Obtained from:	Upstream c7fe79ed7db427f1474e72b9f8b465901d61d3f6
2015-04-09 01:49:10 +00:00
Dmitry Marakasov
605a348f3e - Fix printing time_t on i386
PR:		199263
Submitted by:	fesse@mail.ru
2015-04-09 01:04:54 +00:00
Guido Falsi
ef47d9661c Document new asterisk ports vulnerability. 2015-04-08 21:46:51 +00:00
Baptiste Daroussin
8157e9f800 Add a new USES=waf to handle the waf building system, allowing to factorise code
Plug waf into MAKE_CMD and CONFIGURE_CMD so the regular defined targets can be
reused

Always define _MAKE_JOBS so that when bsd.port.mk will stop overwritting
_MAKE_JOBS when parallel jobs are disabled we can enforce -j1 (which is needed
to really disable parallelisation with waf

WAF_CMD has been created to allow one to override the location of the waf script
relatively to WRKSRC

CONFIGURE_TARGET is by default defined to "configure"
ALL_TARGET is by default defined to "build"
INSTALL_TARGET is by default defined to "install"

USES=waf is by default stagedir safe
2015-04-08 15:05:48 +00:00
Ruslan Makhmatkhanov
f848c882de Basic and Digest HTTP authentication for Flask routes.
WWW: http://github.com/miguelgrinberg/flask-httpauth/
2015-04-08 10:58:05 +00:00
Xin LI
a444f6a3de Document NTP multiple vulnerabilities. 2015-04-07 23:48:04 +00:00
Mark Linimon
5744628f68 Maintainer's email address bounces. 2015-04-07 23:34:29 +00:00
Steve Wills
b1a2ca3d26 security/rubygem-ezcrypto: fix patch 2015-04-07 18:18:01 +00:00