More candidates are likely to come before the official announcement (aka
the rush hour) scheduled on 2017-04-19. This one intended to pick up upstream
security fixes earlier while looking for downstream regressions.
Changes: https://www.mozilla.org/firefox/53.0/releasenotes/
Security: 5e0a038a-ca30-416d-a2f5-38cbf5e7df33
MFH: 2017Q2 (piling up)
Ports r438165 fixed building cmus with devel/ncurses installed, but
stripped NCURSES_CFLAGS too aggressivly. The build picked up base's
curses.h over the correct headers from devel/ncurses.
PR: 218548
Reported by: Oleg Gushchenkov <gor@clogic.com.ua>
Reviewed by: Oleg Gushchenkov <gor@clogic.com.ua>
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D10355
Changelog: https://github.com/gitlabhq/gitlabhq/blob/v8.16.9/CHANGELOG.md
Also unbreak it by tighten the requirement of rubygem-rainbow
and relying at rubygem-google-api-client010 instead of updated
rubygem-google-api-client.
Reviewed by: remko, Matthias Fechner <idefix@fechner.net>
Fix configuration paths in CGIs and reports to include /usr/local/etc/rtg.
Affects common.php, reports.pl, and 95.pl. This will fix the CGIs to almost work out of the box.
Improve rtgtargmkr.pl to skip unresponsive routers rather than dying.
Add USES=ssl
PR: 217108
Submitted by: andrew.fengler@scaleengine.com
Approved by: maintainer timeout (15 days)
- Add LICENSE
- Use = instead of += for BUILD_DEPENDS and USES
- Use PERL instead of LOCALBASE/bin/perl
- Use USE_TEX and TEXMFDIR (already defined in bsd.tex.mk)
- Add missing USES=iconv
- Use PORTDATA
- Silence patch message
- Cosmetic change
- Reformat pkg-descr
- Update WWW: use https://
- Bump PORTREVISION for package change
warning to the pkg-message that security.bsd.see_other_uids/gids should
not be enabled if dovecot is storing mail for multiple users concurrently
(PR 218392, submitted by topical).
* passdb/userdb dict: Don't double-expand %variables in keys. If dict
was used as the authentication passdb, using specially crafted
%variables in the username could be used to cause DoS (CVE-2017-2669)
* When Dovecot encounters an internal error, it logs the real error and
usually logs another line saying what function failed. Previously the
second log line's error message was a rather uninformative "Internal
error occurred. Refer to server log for more information." Now the
real error message is duplicated in this second log line.
* lmtp: If a delivery has multiple recipients, run autoexpunging only
for the last recipient. This avoids a problem where a long
autoexpunge run causes LMTP client to timeout between the DATA
replies, resulting in duplicate mail deliveries.
* config: Don't stop the process due to idling. Otherwise the
configuration is reloaded when the process restarts.
* mail_log plugin: Differentiate autoexpunges from regular expunges
* imapc: Use LOGOUT to cleanly disconnect from server.
* lib-http: Internal status codes (>9000) are no longer visible in logs
* director: Log vhost count changes and HOST-UP/DOWN
+ quota: Add plugin { quota_max_mail_size } setting to limit the
maximum individual mail size that can be saved.
+ imapc: Add imapc_features=delay-login. If set, connecting to the
remote IMAP server isn't done until it's necessary.
+ imapc: Add imapc_connection_retry_count and
imapc_connection_retry_interval settings.
+ imap, pop3, indexer-worker: Add (deinit) to process title before
autoexpunging runs.
+ Added %{encrypt} and %{decrypt} variables
+ imap/pop3 proxy: Log proxy state in errors as human-readable string.
+ imap/pop3-login: All forward_* extra fields returned by passdb are
sent to the next hop when proxying using ID/XCLIENT commands. On the
receiving side these fields are imported and sent to auth process
where they're accessible via %{passdb:forward_*}. This is done only
if the sending IP address matches login_trusted_networks.
+ imap-login: If imap_id_retain=yes, send the IMAP ID string to
auth process. %{client_id} expands to it in auth process. The ID
string is also sent to the next hop when proxying.
+ passdb imap: Use ssl_client_ca_* settings for CA validation.
- fts-tika: Fixed crash when parsing attachment without
Content-Disposition header. Broken by 2.2.28. (fixed in FreeBSD ports)
- trash plugin was broken in 2.2.28 (fixed in FreeBSD ports)
- auth: When passdb/userdb lookups were done via auth-workers, too much
data was added to auth cache. This could have resulted in wrong
replies when using multiple passdbs/userdbs.
- auth: passdb { skip & mechanisms } were ignored for the first passdb
- oauth2: Various fixes, including fixes to crashes
- dsync: Large Sieve scripts (or other large metadata) weren't always
synced.
- Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
- doveadm: Exit codes weren't preserved when proxying commands via
doveadm-server. Almost all errors used exit code 75 (tempfail).
- ACLs weren't applied to not-yet-existing autocreated mailboxes.
- Fixed a potential crash when parsing a broken message header.
- cassandra: Fallback consistency settings weren't working correctly.
- doveadm director status <user>: "Initial config" was always empty
- imapc: Various reconnection fixes.
