mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-02 06:03:50 +00:00
Code Issues Releases Activity
402,177 Commits 45 Branches 101 Tags 3.3 GiB
ec302b07bf
Commit Graph

24062 Commits

Author SHA1 Message Date
Torsten Zuehlsdorff
9341fb6fc3 Rails 4: Document XSS Vulnerability in Action View and 
Unsafe Query Generation Risk in Active Record

Security: CVE-2016-6316
Security: https://vuxml.freebsd.org/freebsd/43f1c867-654a-11e6-8286-00248c0c745d.html
Security: CVE-2016-6317
Security: https://vuxml.freebsd.org/freebsd/7e61cf44-6549-11e6-8286-00248c0c745d.html

Approved by: pi(mentor)
 2016-10-14 12:03:47 +00:00
Torsten Zuehlsdorff
befb3c376f Document multiple security issues of PHP 7.0 
Security: CVE-2016-7416
Security: CVE-2016-7412
Security: CVE-2016-7414
Security: CVE-2016-7417
Security: CVE-2016-7413
Security: CVE-2016-7418
Security: https://vuxml.freebsd.org/freebsd/f471032a-8700-11e6-8d93-00248c0c745d.html

Approved by: pi (mentor)
 2016-10-14 12:01:46 +00:00
Torsten Zuehlsdorff
1bcb020f24 Document multiple security issues of PHP 5.6 
Security: CVE-2016-7416
Security: CVE-2016-7412
Security: CVE-2016-7414
Security: CVE-2016-7417
Security: CVE-2016-7411
Security: CVE-2016-7413
Security: CVE-2016-7418
Security: https://vuxml.freebsd.org/freebsd/8d5180a6-86fe-11e6-8d93-00248c0c745d.html

Approved by: pi (mentor)
 2016-10-14 11:59:35 +00:00
Carlos J. Puga Medina
c92ea04689 security/py-{acme,certbot}: Update to 0.9.2 
Common:

Update PORTVERSION and distinfo checksum (0.9.2)
security/py-acme:

Add dns/py-dnspython dependency required to support both Python 2 and Python 3

Approved by:	koobs
Differential Revision: D8223
 2016-10-13 15:29:12 +00:00
Kris Moore
cb6f73059a - Set DIST_SUBDIR to handle distfile without version string 
Thanks for pointing it out: mat@
 2016-10-13 14:59:21 +00:00
Kris Moore
30c985b913 - Add new port security/ngrok 
Expose local servers behind NATs and firewalls to the public internet
over secure tunnels.

URL: https://ngrok.com

PR: 212883
Submitted by: jhixson@gmail.com
 2016-10-13 14:31:38 +00:00
Dmitry Marakasov
15e66fb575 - Switch couple more ports to verbose build 
- Remove --disable-silent-rules which are used by default

Approved by:	portmgr blanket
 2016-10-13 13:08:09 +00:00
Mark Felder
94b1394a24 Document file-roller vulnerability 
PR:		213199
Security:	CVE-2016-7162
 2016-10-12 04:47:33 +00:00
Mark Felder
dd82903882 Document Virtualbox vulnerabilities 
PR:		204406
Security:	CVE-2015-4813
Security:	CVE-2015-4896
 2016-10-12 02:01:11 +00:00
Mark Felder
75511deb68 Document ImageMagick vulnerabilities 
PR:		213032
 2016-10-12 01:37:48 +00:00
Mark Felder
7fea14d1a8 Document libgd vulnerabilities 
PR:		213023
 2016-10-12 01:28:22 +00:00
Mark Felder
c721b848ac Document libvncserver vulnerabilities 
PR:		212380
Security:	CVE-2014-6051
Security:	CVE-2014-6052
Security:	CVE-2014-6053
Security:	CVE-2014-6054
Security:	CVE-2014-6055
 2016-10-12 01:22:04 +00:00
Mark Felder
9c365b8717 Document OpenOffice vulnerability 
PR:		212379
Security:	CVE-2014-3575
 2016-10-12 01:17:13 +00:00
Mark Felder
2aa75824fa Document mupdf vulnerabilites 
PR:		212207
Security:	CVE-2016-6525
Security:	CVE-2016-6265
 2016-10-12 00:49:00 +00:00
Mark Felder
111281e58d Fix OpenSSL vuln version range 
Reported by:	mat
 2016-10-11 19:59:56 +00:00
Kurt Jaeger
326e9bf742 security/p5-Crypt-LE: add missing dependencies 
Submitted by:	des
 2016-10-11 16:06:52 +00:00
Mark Felder
fd6f05caae Document openjpeg vulnerability 
PR:		212672
Security:	CVE-2016-5157
Security:	CVE-2016-7163
 2016-10-11 15:07:54 +00:00
Mark Felder
4bd338061f Document redis vulnerability 
PR:		211709
Security:	CVE-2013-7458
 2016-10-11 15:02:52 +00:00
Adam Weinberger
fb172ba3df Update to 0.0108, and donate to the Perl collective. 
No Changes file, but they're at least available at https://github.com/JaHIY/Crypt-XTEA/commits/master
 2016-10-10 19:59:19 +00:00
Mark Felder
77a4d720e4 Fix typo in vuxml topic 2016-10-10 16:20:05 +00:00
Dirk Meyer
223aa64413 - update to 1.0.29 2016-10-10 16:18:27 +00:00
Mark Felder
7c95a00386 Document FreeBSD-SA-16:31.libarchive 2016-10-10 12:43:44 +00:00
Mark Felder
6677ba01fd Document FreeBSD-SA-16:30.portsnap 2016-10-10 12:42:13 +00:00
Mark Felder
2eb7acfbea Document FreeBSD SA-16:29.bspatch 2016-10-10 12:41:35 +00:00
Mark Felder
ec93cc87f4 Add FreeBSD SA info to recent BIND vulnerability 2016-10-10 12:40:50 +00:00
Mark Felder
7e6caec094 Add FreeBSD SA info to recent OpenSSL vulnerability 2016-10-10 12:39:08 +00:00
Boris Samorodov
156c6cb357 Thank you Uffe for your past work on FreeBSD ports! Hope you'll find time 
to contribute to FreeBSD in the future. Reset Uffe's ports maintainership.

Requested by:	 Uffe Jakobsen <uffe@uffe.org> (maintainer, via e-mail)
 2016-10-09 22:01:34 +00:00
Adam Weinberger
4e582a1723 Update to 0.23. 
Changes: https://metacpan.org/changes/distribution/Unix-Passwd-File
 2016-10-09 15:58:20 +00:00
Adam Weinberger
b3f6c25c7a Update to 0.08 (which just improves the Makefile.PL), and strip 
the XS module.

Changes: https://metacpan.org/changes/distribution/Crypt-OpenSSL-ECDSA
 2016-10-09 15:52:44 +00:00
Jan Beich
f5f47a5a4e devel/nspr, security/nss: drop version from SONAME 
No other downstream appends synthetic library version, and doing so
causes underlinking due to fragile build system (see below). Not to
mention being unable to swap out bundled libs from upstream builds.

  $ cc -lplds4 -L/usr/local/lib
  /usr/lib/crt1.o: In function `_start1':
  crt1_c.c:(.text+0xa6): undefined reference to `main'
  /usr/local/lib/libplds4.so: undefined reference to `pthread_set_name_np'
  /usr/local/lib/libplds4.so: undefined reference to `pthread_create'
  /usr/local/lib/libplds4.so: undefined reference to `pthread_condattr_init'
  /usr/local/lib/libplds4.so: undefined reference to `pthread_setschedparam'
  /usr/local/lib/libplds4.so: undefined reference to `pthread_getschedparam'

PR:		213144
Exp-run by:	antoine
 2016-10-09 12:10:02 +00:00
Jan Beich
6dc8464d09 security/nss: update to 3.27.1 and define license 
Changes:	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.27.1_release_notes
PR:		213312
Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
MFH:		2016Q4
 2016-10-09 10:45:33 +00:00
Antoine Brodin
5b143ae2e6 Update to 4.12.31 2016-10-09 09:00:35 +00:00
Antoine Brodin
d194310170 Update to 1.1.19 2016-10-09 09:00:06 +00:00
Antoine Brodin
fe6b2bbd2e New port: security/rubygem-rex-exploitation 
This gem contains various helper mechanisms for creating exploits.  This
includes SEH Overwrite helpers, egghunters, command stagers and more.

WWW: https://github.com/rapid7/rex-exploitation
 2016-10-09 08:57:49 +00:00
Antoine Brodin
5b275f3711 Update to 2.0.4 2016-10-09 08:40:49 +00:00
Antoine Brodin
5d092e2302 Update to 2.0.4 2016-10-09 08:40:20 +00:00
Antoine Brodin
0b23803147 Update to 0.1.1 2016-10-09 08:37:46 +00:00
Antoine Brodin
ee6e9f31a9 Update to 0.1.66 2016-10-09 08:21:38 +00:00
Thomas Zander
e25daa85b7 Document code execution vulnerability in mkvtoolnix < 9.4.1 2016-10-09 07:49:26 +00:00
John Marino
386a520968 security/ca_root_nss: adjust pkg-plist to address leftover directory 
The port creates /etc/ssl directory with the default option, but until now,
did not remove it upon deinstallation.  While technically this requires
a revbump, rebuilding this port to fix a cleanup step would cause a
tremendous amount of fallout and it's not worth the pain IMO.

PR:		213121
Approved by:	feld (ports-secteam)
 2016-10-09 01:09:57 +00:00
Wen Heping
ac900b2601 - Update to 0.81 
Changes: http://search.cpan.org/src/AUDREYT/Module-Signature-0.81/Changes
 2016-10-09 00:52:23 +00:00
Bernard Spil
6f1af59abf security/acme-client: Bump port-revision 
- Force rebuild
 2016-10-08 16:49:22 +00:00
Bernard Spil
7f39696c97 security/acme-client: Add STATIC option 
- Allow static linking
  - Forego SSL runtime dependency
  - Add warning about deinstall libressl after build
  - Add extra patch for static option

PR:		212980
Submitted by:	Christian Schwarz <me@cschwarz.com>
 2016-10-08 15:15:31 +00:00
Koop Mast
7622c791a5 Update the libXfixes version. The old version was still affected by the 
vulnabilities.
 2016-10-08 13:43:13 +00:00
Bernard Spil
df85e98722 security/acme-client: Fixes for periodic script 
- Fix domains and client-args variable typos [1]
  - Don't display deploy messages when deploy-script unset[2]

PR:		213162 [1], 213163 [2]
Submitted by:	peterj
 2016-10-08 13:36:14 +00:00
Dirk Meyer
7211c2d697 - set PORTSCOUT to ignore 2016-10-08 13:12:31 +00:00
Bernard Spil
bff4eaa777 security/xmlsec1: Fix build with LibreSSL 
- Fix build with LibreSSL
  - USE_OPENSSL -> USES= ssl

PR:		213301
Submitted by:	grembo
Reported by:	grembo
Approved by:	ssl blanket
 2016-10-08 11:21:02 +00:00
Dirk Meyer
fb703cc276 - move DOCS and make them an option 
- update URL, MASTER_SITES
- add framework for mips64
- add LICENSE
 2016-10-07 19:37:14 +00:00
Dirk Meyer
40b6e986f7 - use DATADIR 2016-10-07 19:33:23 +00:00
Koop Mast
ccec89b158 Document X.org client libraries insufficient validation of data from 
the X server vulnabilities.

Security:	CVE-2016-5407
 2016-10-07 18:00:32 +00:00