mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-25 04:43:33 +00:00
e5166e09fc
This update includes a security update for possible arbitrary code execution from package manifest parsing. All users are advised to upgrade ASAP. The base pkg(7) was never affected by this. [1] Changes: * Fix libyaml head-based buffer overflow [1] * Fix pkg info -E support for ports, which namely affected net/openldap* usage. [2] * Fix packages registering themselves as dependencies [3] * Bash autocompletion fixes [4] * autoremove: Don't try to remove locked packages * Support 'pkg bootstrap -f', which will force a reinstall of pkg on FreeBSD 10.0+ * Fix %t timestamp formatter with %{...%} modifiers [5] * pkg info: Show date installed * Add $daily_status_security_pkgaudit_quiet to control 410.pkg-audit.in output verbosity level * Add an error when trying to update repository and none are defined [6] * Fix typos in manpages [7] Security: CVE-2013-6393 [1] Reported by: secteam (delphij) [1] PR: ports/184797 [2] Reported by: Pavel Timofeev <timp87@gmail.com> [2], many Submitted by: smh@ [3] Submitted by: brd@ [4] Submitted by: Jamie Landeg Jones [5] Submitted by: Rodrigo Osorio [6] Submitted by: Michael Gehring, wblock [7] With hat: portmgr MFH: 2014Q1 |
||
---|---|---|
.. | ||
files | ||
distinfo | ||
Makefile | ||
pkg-descr | ||
pkg-message | ||
pkg-plist |