JavaScriptCore code is not fully compatible with it. This is a
requirement for using libc++ 5.0.0, which is more strict.
Approved by: tcberner (maintainer)
PR: 220188
MFH: 2017Q2
Changelog:
20170505
Workaround for a current problem where some destination
announces primarily IPv6 MX addresses, the smtp_address_limit
eliminates most or all IPv4 addresses, and the destination
is not reachable over IPv6. This workaround is enabled with
"smtp_balance_mx_inet_protocols = yes", which is the default.
Files: smtp/smtp.c, smtp/smtp_params.c, smtp/smtp_addr.c,
global/mail_params.h, proto/postconf.proto.
20170506
A last-minute cosmetic fix had introduced a bug in
smtp/smtp_addr.c.
20170512
Bugfix (introduced: Postfix 2.0): the MIME nesting level
counter was not initialized (i.e. left at the memory fill
pattern 0xffffffff which equals -1). This broke unit tests
with a different memory allocator. Changing the value to
zero would break backwards compatibility (reject mail that
was previously not rejected). Files: global/mime_state.c.
20170531
Bugfix (introduced: Postfix 3.2): after the table lookup
overhaul, the check_sender_access and check_recipient_access
features ignored the parent_domain_matches_subdomains
setting. Reported by Henrik Larsson. File: smtpd/smtpd_check.c.
Workaround (introduced: Postfix 3.2): mail_addr_find() logs
a warning that it does not support both parent-domain and
dot-parent-domain style lookups in the same call. File:
global/mail_addr_find.c
20170610
Workaround (introduced: Postfix 3.0 20140718): prevent MIME
downgrade of Postfix-generated message/delivery-status.
It's supposed to be 7bit, therefore quoted-printable encoding
is not expected. Problem reported by Griff. File:
bounce/bounce_notify_util.c.
Documentation: indicate that the transport_mumble parameters
are implemented by the queue manager, not by delivery agents.
Files: mantools/postlink, local/local.c, pipe/pipe.c,
*qmgr/qmgr.c, smtp/smtp.c, virtual/virtual.c.
20170611
Security: Berkeley DB 2 and later try to read settings from
a file DB_CONFIG in the current directory. This undocumented
feature may introduce undisclosed vulnerabilities resulting in
privilege escalation with Postfix set-gid programs (postdrop,
postqueue) before they chdir to the Postfix queue directory,
and with the postmap and postalias commands depending on whether
the user's current directory is writable by other users. This
fix does not change Postfix behavior for Berkeley DB < 3.
File: util/dict_db.c.
- adjust PORTSCOUT
Changelog:
20170221
Compatibility fix (introduced: Postfix 3.1): some Milter
applications do not recognize macros sent as {name} when
macros have single-character names. Postfix now sends such
macros without {} as it has done historically. Viktor
Dukhovni. File: milter/milter.c.
20170402
Bugfix (introduced: Postfix 3.2): restore the SMTP server
receive override options at the end of an SMTP session,
after the options may have been modified by an smtpd_milter_maps
setting of "DISABLE". Problem report by Christian R__ner,
root cause analysis by Viktor Dukhovni. File: smtpd/smtpd.c.
20170430
Safety net: append a null byte to vstring buffers, so that
C-style string operations won't scribble past the end. File:
vstring.c.
20170531
Bugfix (introduced: Postfix 3.2): after the table lookup
overhaul, the check_sender_access and check_recipient_access
features ignored the parent_domain_matches_subdomains
setting. Reported by Henrik Larsson. File: smtpd/smtpd_check.c.
20170610
Workaround (introduced: Postfix 3.0 20140718): prevent MIME
downgrade of Postfix-generated message/delivery status.
It's supposed to be 7bit, therefore quoted-printable encoding
is not expected. Problem reported by Griff. File:
bounce/bounce_notify_util.c.
20170611
Security: Berkeley DB 2 and later try to read settings from
a file DB_CONFIG in the current directory. This undocumented
feature may introduce undisclosed vulnerabilities resulting
in privilege escalation with Postfix set-gid programs
(postdrop, postqueue) before they chdir to the Postfix queue
directory, and with the postmap and postalias commands
depending on whether the user's current directory is writable
by other users. This fix does not change Postfix behavior
for Berkeley DB < 3, but reduces file create performance
for Berkeley DB 3 .. 4.6. File: util/dict_db.c.
PR: 219996
Reported by: Markus Kohlmeyer
MFH: 2017Q2
- add new run dependencies:
- finance/R-cran-quantmod
- changelog:
- NAMESPACE: Re-write get.hist.quote() as a wrapper for
quantmod::getSymbols().
Generated by: portcran (0.1.5)
* qtdiag outputs diagnostics on the current Qt installation and can be helpful to find issues.
* qtpluginfo is useful while writing plugins for Qt5/KDE Plasma
Reviewed by: rakuco, mat
Differential Revision: https://reviews.freebsd.org/D11280
OpenVPN v2.4.2 was analyzed closely using a fuzzer by Guido Vranken. In
the process several vulnerabilities were found, some of which are
remotely exploitable in certain circumstances.
Compared to OpenVPN 2.4.2 there are several bugfixes and one major
feature: support for building with OpenSSL 1.1.
MFH: 2017Q3 (preapproved by Xin Li)
Security: 9f65d382-56a4-11e7-83e3-080027ef73ec
Security: CVE-2017-7508
Security: CVE-2017-7512
Security: CVE-2017-7520
Security: CVE-2017-7521
Security: CVE-2017-7522
Greps through binaries from various OSs and architectures, and colors
them. Current backends:
- ELF 32/64, arm, x86, openrisc - all others will parse and color, but
relocations won't show properly
- Mach 32/64, arm, x86
- PE (debug only)
WWW: https://github.com/m4b/bingrep
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D11162
The xi editor project is an attempt to build a high quality text
editor, using modern software engineering techniques.
Goals include:
- Incredibly high performance. All editing operations should commit
and paint in under 16ms. The editor should never make you wait for
anything.
- Beauty. The editor should fit well on a modern desktop, and not look
like a throwback from the '80s or '90s. Text drawing should be done
with the best technology available (Core Text on Mac, DirectWrite on
Windows, etc.), and support Unicode fully.
- Reliability. Crashing, hanging, or losing work should never happen.
- Developer friendliness. It should be easy to customize xi editor,
whether by adding plug-ins or hacking on the core.
WWW: https://github.com/google/xi-editor
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D11162
Alacritty is the fastest terminal emulator in existence. Using the
GPU for rendering enables optimizations that simply aren't possible in
other emulators.
Alacritty is focused on simplicity and performance. The performance
goal means it should be faster than any other terminal emulator
available. The simplicity goal means that it doesn't have many
features like tabs or scroll back as in other terminals. Instead, it
is expected that users of Alacritty make use of a terminal multiplexer
such as tmux.
WWW: https://github.com/jwilm/alacritty
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D11162
Flowgger is a fast, simple and lightweight data collector. It reads
log entries over a given protocol, extracts them, decodes them using a
given format, re-encodes them into a different format, and
asynchronously pushes the result into a remote data store.
Flowgger is designed to be:
- Paranoid: it carefully validates input data to prevent injection of
malformed/incomplete records down the chain.
- Safe: written in Rust, without any unsafe code.
- Fast: even though messages are systematically parsed and validated,
Flowgger is orders of magnitude faster than Logstash and Fluentd.
- Standalone: it comes as a single executable file, and doesn't require a JVM.
Flowgger supports common input types: stdin, UDP, TCP, TLS and Redis,
as well as multiple input formats: JSON (GELF), LTSV, Cap'n Proto and
RFC5424. Normalized messages can be sent to Kafka, Graylog, to
downstream Flowgger servers, or to other log collectors for further
processing.
WWW: https://github.com/jedisct1/flowgger
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D11162
Exa is a modern replacement for ls. It uses colours for information
by default, helping you distinguish between many types of files, such
as whether you are the owner, or in the owning group. It also has
extra features not present in the original ls, such as viewing the Git
status for a directory, or recursing into directories with a tree
view. Exa is written in Rust, so it's small, fast, and portable.
WWW: https://the.exa.website/
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D11162
ripgrep is a command line search tool that combines the usability of
The Silver Searcher (an ack clone) with the raw speed of GNU grep.
ripgrep is fast, cross platform and written in Rust.
WWW: http://blog.burntsushi.net/ripgrep/
PR: 215212
Submitted by: petteri.valkonen@iki.fi (based on)
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D11162
