on WITH_PKGNG being defined.
No change to the default package, so no version number or portrevision
bump.
Approved by: stefan (maintainer) shaun (mentor)
Feature safe: yes
Fix remote code execution which can occur with a specially crafted
audit file. The attacker would need to get the portaudit(1) to
download the bad audit database, e.g. by performing a man in the
middle attack.
Add signature verification of the portaudit database. The public key
is for the database generated for portaudit.FreeBSD.org is included
in the distribution.
(This parts add the portaudit public key missed in initial commit.)
Submitted by: Michael Gmelin <freebsd@grem.de>
Reported by: Michael Gmelin <freebsd@grem.de>, Joerg Scheinert
Security: Remote code execution
Security: http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
Feature safe: yes
With hat: so
Fix remote code execution which can occur with a specially crafted
audit file. The attacker would need to get the portaudit(1) to
download the bad audit database, e.g. by performing a man in the
middle attack.
Add signature verification of the portaudit database. The public key
is for the database generated for portaudit.FreeBSD.org is included
in the distribution.
Submitted by: Michael Gmelin <freebsd@grem.de>
Reported by: Michael Gmelin <freebsd@grem.de>, Joerg Scheinert
Security: Remote code execution
Security: http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
Feature safe: yes
With hat: so
- Remove conditionals for PERL_LEVEL < 501200
- Remove regression-test targets b/c this will be centralized in Mk/bsd.perl.mk
- Other minor cleanups
RUN_DEPENDS = ${BUILD_DEPENDS} -> RUN_DEPENDS:= ${BUILD_DEPENDS}
PR: ports/165605
Submitted by: pgollucci (myself)
Approved by: portmgr (linimon)
Exp Run by: linimon
Tested by: make index
- be more strict when checking nonstandart files
- add more whitelists
- speedup misspelled(wrong) USE_* whitelist validation, turn on it by default
Approved by: eadler (mentor)
* Include LICENSE_FILE and LICENSE_GROUPS in the regexp check. [1]
* Add LICENSE_DISTFILES. [1]
* Add a check for the reassignment of ECHO_MSG [2]
* Remove old X.Org checks [3]
* Add PROJECTHOST to the PORTNAME section [4]
Reminded by: Jan Beich <jbeich@tormail.net> [1]
Requested by: jgh [2]
Submitted by: eadler [3]
Alex Kozlov <spam@rm-rf.kiev.ua> [3]
Change initialize() routine to call getuid() to ensure the program is being
run as root before trying to call rtprio(). This allows the program to
be run by a non-privileged user in a jail(8) environment.
PR: ports/165681
Submitted by: Conrad J. Sabatier <conrads@cox.net> (maintainer)
Submitted by: Marco Steinbach <coco@executive-computing.de>
- If applicable, use CVS/Repository as the source of the port's
directory name,
- else try to fall back to the basename of the working directory
if the PORTNAME heuristic fails.
- The patches also fix
<http://sourceforge.net/support/tracker.php?aid=1969774>.
- Add CVSauto as a new diff mode:
- Handle added/deleted files without having to cvs add/delete them.
- Works with :pserver:anoncvs@anoncvs.fr.freebsd.org.
- When submitting you're asked to use "port submit -L" if files are
added or deleted, because that's FATAL for portlint.
- Don't use the full path of the working directory in diffs.
- Include a port's PORTEPOCH in update mode in the generated PR.
- To aid in debugging porttools include this information in the PR:
- porttools' PORTREVISION and PORTEPOCH (if defined),
- submit and diff mode used by the submitter.
- Bump PORTREVISION.
- Pass maintainership to submitter
PR: ports/139872
Submitted by: Johannes 5 Joemann <joemann@beefree.free.de>
to the standard "make readmes" for building the README.html files for the
FreeBSD Ports Collection, building the files in a fraction of the time of the
standard method.
PR: ports/165631
Submitted by: Conrad J. Sabatier <conrads@cox.net>
- changes:
* pkg info -R now show a full yaml (script, options, users and groups were missing in previous versions)
* new pkg query -e <evalutaion> <query-format> to be able to query packages base on boolean expression matching content of the package
* pkg check now works like other subcommand: -a for all, -gxX for (glob, regex, eregex)
* pkg check is now able to check the file checksum and print what has been modified since package installation (-s option)
* pkg check is now able to recompute the flatsize (-r) this can fix the flatsize of packages installed with version prior to beta7
* new pkg set currently can only be used to manually mark package as automatically installed or not
- Radical changes to the cache: now stores a record for every
file that could affect the generated INDEX, which ports
those files belong to and the timestamp of the file.
- Default update mechanism is now to compare timestamps with
what is in the cache. Doesn't need to parse the output of
any update mechanism (although you can still do that.)
- Added new make-readmes command to create a tree of README.html
files.
More details: http://www.infracaninophile.co.uk/portindex/index.xhtml
Approved by: shaun (mentor)
- changes:
* move commands man pages from section 1 to 8
* pkg check can now be run as a user (will print the missing dependencies if any)
* better handling of database creation error
* new option -f to install subcommand to force reinstallation of a package
* new option -f to upgrade subcommand to force reinstallation of the whole set of packages
* pkg audit can now take a package: name-version in argument
- changes:
* pkg register: now run inside a transaction, this speeds up things a lot (thank you avg)
* pkg version: -v now print name-version to match behaviour of legacy pkg_version
* pkg register: fix flatsize calculation
* new pkg-updating(1) man page (thanks beat)
GHC in the ports tree has been updated to version 7.0.4 and the port revision
for all the Haskell ports without version changes are bumped. Other per-port
updates are coming soon.
This update also incorporates some improvements for bsd.cabal.mk that makes
working with Haskell ports even easier.
Thanks ashish@ for the help!
Obtained from: FreeBSD Haskell
- changes:
* move all the private headers into a private subdirectory to prevent the temptation of using them in the frontend
* fix a miss behaviour in pkg query printing things it shouldn't in case of mistakes
- changes:
* do not assert in case of unfinished buffer but finish it instead
* more userfriendly error message for pkg audit
* print not found patterns for pkg info and pkg query
- changes:
* fix pkg add (it is been broken during beta2 sorry about that)
* fix manifest emitter: now really emit the pkg-message in message no more description
* add %M to pkg query to show messages
* concat all pkg-messages and show it once at the end of operations
* print messages about missing dependency during pkg add
- add a message to warn user that they need to migrate using pkg2ng
- add a mirror to download
- changes:
* update bundled sqlite to 3.7.10
* add -n to pkg create to avoid packing already packed packages
* Fix rc script handling
* safer sbuf usage (this fix ia64 support)
* report a list of failing packages if any with pkg add
* allow "<category>/<port>" pattern in pkg search
* add support for syslog (through a pkg.conf option)
* the portmaster patch in the git is now up to date with 3.11 and feature complete (thanks avilla)
* add -R to pkg info to print out the raw manifest of a given package
* fix pkg query "%a"
* more robust to errors when creating packages
Submit system and ports statistics to fbsdmon.org.
Statistics can be sent from command line, from rc script
or from periodic script.
WWW: http://fbsdmon.org/
PR: ports/164608
Submitted by: Grzegorz Blach <magik at roorback.net>
Approved by: rene (mentor)
Changes:
- add ARCH=i386 in make.conf on i386 jail for amd64 host [1]
- testport and bulk now uses the same package dir: ${POUDRIERE_DATA}/packages/<jailname>-<portstreename> [2]
- fix testport with pkgng
- remove an extras .txz when creating a jail > 9.0
Submitted by: martymac[1]
Suggested by: avilla[2]
FreeBSD. However, most people will find it useful to bulk build ports
for FreeBSD.
WWW: http://git.etoilebsd.net/poudriere/
Of course this is pkgng aware and it support incremental upgrade of binary bulks :)
if you want to use it please define WITH_PKGNG=yes in your /etc/make.conf
For more information read the announcement on the mailing list
With hat: portmgr
Non-Regression test: linimon
ports use BUILD_DEPENDS:= ${RUN_DEPENDS}. This patch fixes ports that are
currently broken. This is a temporary measure until we organically stop using
:= or someone(s) spend a lot of time changing all the ports over.
Explicit duplication > := > = and this just moves ports one step to the left
Approved by: portmgr
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
