aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* MFH r307828: describe new vulnerabilities in www/chromium < 23.0.1271.91Rene Ladan2012-11-273-4/+45
| | | | | | | | | | | | | Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates MFH r307855: update www/chromium to 23.0.1271.91 Security: http://www.vuxml.org/freebsd/4d64fc61-3878-11e2-a4eb-00262d5ed8ee.html Approved by: portmgr (tabthorpe) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307860
* MFH r307621 by dinoex:Beat Gaetzi2012-11-264-10/+10
| | | | | | | | | | | | | | | | - mark FORBIDDEN Security: http://www.opera.com/support/kb/view/1036/ MFH r307811: - Update to 12.11 PR: ports/173853 Submitted by: dinoex (maintainer) Security: 0925716f-34e2-11e2-aa75-003067c2616f Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307812
* MFH r307747Florian Smeets2012-11-263-11/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Update backports patch to 20121114 - Bump PORTREVISION Changes: - CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function Secuity 3761df02-0f9c-11e0-becc-0022156e8794 fixed by check in fopen functions for strlen(filename) != filename_len - CVE-2012-4388 The sapi_header_op function in main/SAPI.c does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, this vulnerability exists because of an incorrect fix for CVE-2011-1398. - Timezone database updated to version 2012.9 (2012i) Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307800
* MFH r307666 by dinoex:Beat Gaetzi2012-11-261-0/+125
| | | | | | | | | | | | | | | | - opera -- execution of arbitrary code MFH r307733 by wxs: Add entries for the following advisories: FreeBSD-SA-12:08.linux FreeBSD-SA-12:07.hostapd FreeBSD-SA-12:06.bind Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307799
* MFH r307616 by mm:Beat Gaetzi2012-11-264-14/+47
| | | | | | | | | | | | Document new vulnerability in www/lighttpd 1.4.31 MFH r307617 by mm: Update lighttpd to 1.4.32 (fixes CVE-2012-5533) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307798
* MFH r307534 by jase:Beat Gaetzi2012-11-265-7/+41
| | | | | | | | | | | | | | | | | | | | | | | | - Document new vulnerability in irc/weechat and irc/weechat-devel MFH r307535 by jase: - Fix copy and paste error in latest weechat entry (81826d12-317a-11e2-9186-406186f3d89d) MFH r307536 by jase: - Update to 0.3.9.2 Changes: http://www.weechat.org/files/changelog/ChangeLog-0.3.9.2.html Security: 81826d12-317a-11e2-9186-406186f3d89d MFH r307537 by jase: - Update to 20121118 Security: 81826d12-317a-11e2-9186-406186f3d89d Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307797
* MFH 307524:Juergen Lock2012-11-221-0/+32
| | | | | | | | | | | | - Fix pulseaudio segfault. [1] - No PORTREVISION bump as PULSEAUDIO isn't a default option. Reported by: Rainer Hurling <rhurlin@gwdg.de> on -multimedia [1] Feature safe: yes Approved by: portmgr (beat) Notes: svn path=/branches/RELENG_9_1_0/; revision=307658
* MFH 307413 by ale:Florian Smeets2012-11-2192-2305/+1156
| | | | | | | | | | | | | | | | | | | | | - Update enigmail to 1.4.6 release. MFH 307414 by ale: - Use enigmail 1.4.3 (the last working release for thunderbird-esr). MFH 307606: - Update firefox and thunderbird to 17.0 - Update seamonkey to 2.14 - Update ESR ports and libxul to 10.0.11 - support more h264 codecs when using GSTREAMER with YouTube - Unbreak firefox-esr, thunderbird-esr and libxul on head >= 1000024 - Buildsystem is not python 3 aware, use python up to 2.7 Feature safe: yes Approved by: portmgr (beat) Notes: svn path=/branches/RELENG_9_1_0/; revision=307627
* MFH r307471:Tom Judge2012-11-192-1/+27
| | | | | | | | | | | | * Fix build against libcli 0.9.6 * Make dependance on ActiveMQ off by default. Feature safe: yes Approved by: portmgr (beat) Approved by: eadler, db (mentors, implicit) Notes: svn path=/branches/RELENG_9_1_0/; revision=307574
* MFH r307299:Tom Judge2012-11-192-1/+62
| | | | | | | | | | | | | * Fix memory leak * Take over maintainer Feature safe: yes Approved by: bapt Approved by: portmgr (beat) Approved by: eadler, db (mentors, implicit) Notes: svn path=/branches/RELENG_9_1_0/; revision=307573
* MFH r307465:Rene Ladan2012-11-162-0/+39
| | | | | | | | | | | | - fix font rendering issues [1] - bump PORTREVISION Submitted by: George Liaskos Reported by: freebsd-chromium@ Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307480
* MFH r307474 by ohauer:Beat Gaetzi2012-11-1615-266/+33
| | | | | | | | | | - update german and russian bugzilla templates to official new versions - remove hotfixes from german templates Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307475
* MFH r307428: update to 4.5.22, 4.6.15, and 4.7.7 to fix some regressionsRene Ladan2012-11-156-15/+15
| | | | | | | | | | | | introduced by the latest security update. Changelog: http://typo3.org/news/article/typo3-cms-4522-4615-and-477-released/ Submitted by: maintainer via private mail Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307445
* MFH 307425 by ohauer:Beat Gaetzi2012-11-1513-23/+301
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - bugzilla security updates to version(s) 3.6.11, 4.0.8, 4.2.4 Summary ======= The following security issues have been discovered in Bugzilla: * Confidential product and component names can be disclosed to unauthorized users if they are used to control the visibility of a custom field. * When calling the 'User.get' WebService method with a 'groups' argument, it is possible to check if the given group names exist or not. * Due to incorrectly filtered field values in tabular reports, it is possible to inject code which can lead to XSS. * When trying to mark an attachment in a bug you cannot see as obsolete, the description of the attachment is disclosed in the error message. * A vulnerability in swfstore.swf from YUI2 can lead to XSS. Feature safe: yes Security: CVE-2012-4199 https://bugzilla.mozilla.org/show_bug.cgi?id=731178 CVE-2012-4198 https://bugzilla.mozilla.org/show_bug.cgi?id=781850 CVE-2012-4189 https://bugzilla.mozilla.org/show_bug.cgi?id=790296 CVE-2012-4197 https://bugzilla.mozilla.org/show_bug.cgi?id=802204 CVE-2012-5475 https://bugzilla.mozilla.org/show_bug.cgi?id=808845 http://yuilibrary.com/support/20121030-vulnerability/ MFH 307429 by ohauer: - adjust required PgSQL module for bugzilla42 From Release Notes: PostgreSQL 9.2 requires DBD::Pg 2.19.3. (Bug 799721) No revision bump, p5-DBD-Pg-2.19.3 a) not on per default b) in the tree since a view months - add deprecation message to bugzilla3 From the announcement: Note that when Bugzilla 4.4 is released, the Bugzilla 3.6.x series will reach end of life. If you are using that series, we encourage you to upgrade to 4.2.4 now. http://groups.google.com/group/mozilla.support.bugzilla/browse_thread/thread/d8dcc99be0f89421 MFH 307430 by ohauer: - fix german bugzilla templates (security fixes) Notes: svn path=/branches/RELENG_9_1_0/; revision=307442
* MFH r307263 by eadler:Beat Gaetzi2012-11-135-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Apply an upstream patch that fixes a security hole when receiving a special colored message. The maintainer was contacted but due to the nature of the issue apply the patch ASAP. Approved by: secteam-ports (swills) Security: e02c572f-2af0-11e2-bb44-003067b2972c MFH r307275 by jase: - Update to 0.3.9.1 Changes: http://www.weechat.org/files/changelog/ChangeLog-0.3.9.1.html MFH r307276 by jase: - Remove extraneous patch MFH r307279 by jase: - Update to 20121110 - Remove extraneous patch MFH r307387 by jase: - Update recent weechat entry (e02c572f-2af0-11e2-bb44-003067b2972c) - Document assigned CVE Identifier - Document workaround for vulnerable versions Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307391
* MFH r307375Ruslan Makhmatkhanov2012-11-132-9/+7
| | | | | | | | | | | | | | | | | | | | - add missing build dependency on devel/py-hgtools. This should fix build on pointyhat [1] - bump PORTREVISION because of dependency change while here: - trim Makefile header - remove trailing whitespace in pkg-descr PR: 173507 [1] PR: 173501 [2] Submitted by: William Grzybowski <william88 at gmail dot com> (maintainer) Reported by: bdrewery [2] Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307378
* MFH r307374Ruslan Makhmatkhanov2012-11-134-0/+31
| | | | | | | | | | | | | | | | | | Classes and setuptools plugin for Mercurial repositories hgtools builds on the setuptools_hg plugin for setuptools. Provides classes for inspecting and working with repositories in the Mercurial version control system. WWW: http://bitbucket.org/jaraco/hgtools/ PR: 173506 Submitted by: William Grzybowski <william88 at gmail dot com> Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307377
* MFH r307334, r307335:Guido Falsi2012-11-137-143/+252
| | | | | | | | | | | | | | | | | | - Update to 2.7.1 - Convert to new options framework - Document US-CERT VU#268267 - Trim Makefile headers PR: ports/173226 Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer) This commit fixes mergeinfo for r307335. Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307369
* MFH r307349:Rene Ladan2012-11-129-15/+24
| | | | | | | | | | | | | | | | | | | | | Update www/typo3 to 4.7.6 [2] MFH r307350: Update www/typo345 to 4.5.21 [1] MFH r307351: Update www/typo346 to 4.6.14 [3] PR: ports/173472 [1] PR: ports/173473 [2] PR: ports/173474 [3] Submitted by: maintainer Approved by: portmgr (beat) Security: 79818ef9-2d10-11e2-9160-00262d5ed8ee Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307353
* MFH r307348: document typo3 vulnerabilities [1]Rene Ladan2012-11-121-0/+211
| | | | | | | | | | | This also merges the changes to vuln.xml of r307247, r307259, r307261, r307263, r307282, r307286, r307334, and r307335 Approved by: portmgr (beat) Obtained from: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ [1] Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307352
* MFH: r307194, r307256Jung-uk Kim2012-11-123-59/+52
| | | | | | | | | | | - Update to 1.3.1. - Tidy up dependencies, trim Makefile header, and clean up style. Approved by: portmgr (tabthorpe) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307341
* MFH: r307218Jung-uk Kim2012-11-122-11/+6
| | | | | | | | | | Update to 1.8.4. Approved by: portmgr (tabthorpe) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307340
* MFH r307260Adam Weinberger2012-11-107-252/+32
| | | | | | | | | | | | | Convert remaining squirrelmail plugins to bsd.squirrelmail.mk. Because they were duplicating the content there, php version mismatches were created and package building broke. Also includes a few whitespace and header fixes due to OCD. Feature safe: yes Approved by: portmgr Notes: svn path=/branches/RELENG_9_1_0/; revision=307300
* MFH r307261Steve Wills2012-11-102-3/+3
| | | | | | | | | | | - Update lang/ruby19 to 1.9.3p327 Security: 5e647ca3-2aea-11e2-b745-001fd0af1a4c Feature safe: yes Approved by: portmgr (tabthorpe) Notes: svn path=/branches/RELENG_9_1_0/; revision=307284
* MFH r307220Jason E. Hale2012-11-101-0/+29
| | | | | | | | | | | | | - Fix build with base gcc Reported by: pointyhat via beat Approved by: portmgr (tabthorpe) makc, avilla (mentors, implicit) Obtained from: https://github.com/joyent/node/issues/4186 Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307277
* MFH r307248Bryan Drewery2012-11-091-2/+8
| | | | | | | | | | | | | | | - Restore linking to libtermcap by default by setting TERMCAP as default. - Remove use of bsd.port.pre.mk - Bump PORTREVISION as built package will be different now. Approved by: eadler (maintainer, implicit) Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307250
* MFH r307221:Eitan Adler2012-11-093-5/+37
| | | | | | | | | | | | | | | | | | | ------------------------------------------------------------------------ r307221 | eadler | 2012-11-08 23:31:13 -0500 (Thu, 08 Nov 2012) | 7 lines Update latest version and document security issues PR: ports/173487 Submitted by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> Security: 4b8b748e-2a24-11e2-bb44-003067b2972c Feature safe: yes ------------------------------------------------------------------------ Approved by: portmgr (beat) Notes: svn path=/branches/RELENG_9_1_0/; revision=307246
* MFH r307217Adam Weinberger2012-11-091-0/+1
| | | | | | | | | | | Jabber/iskemel detection requires pkg-config. Fixes package building for -server and -proxy. Feature safe: yes Approved by: portmgr Notes: svn path=/branches/RELENG_9_1_0/; revision=307244
* MFH r307210Adam Weinberger2012-11-092-42/+42
| | | | | | | | | | | | - fix plist - sort plist to make it legible - use GNU_CONFIGURE instead of HAS_CONFIGURE to make it PREFIX-safe Feature safe: yes Approved by: portmgr Notes: svn path=/branches/RELENG_9_1_0/; revision=307243
* MFH r307206Adam Weinberger2012-11-091-6/+7
| | | | | | | | | | | | | | - fix NLS support, which was wired backwards - actually enable NLS in OPTIONS - change LOCALBASE to PREFIX, as it was attempting to create a directory in one, and then install a file into another - this fixes package building Feature safe: yes Approved by: portmgr Notes: svn path=/branches/RELENG_9_1_0/; revision=307242
* MFH r307219Jason E. Hale2012-11-092-10/+3
| | | | | | | | | | | | | | - Update MASTER_SITES to fix fetch [1] - Update WWW - Trim Makefile header Reported by: pointyhat via beat Approved by: portmgr (beat) makc, avilla (mentors, implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307241
* MFH r307198Ruslan Makhmatkhanov2012-11-091-0/+2
| | | | | | | | | | | - add missing dependency, it should fix build on pointyhat Reported by: pointyhat (beat) Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307232
* MFH r307197Ruslan Makhmatkhanov2012-11-094-0/+27
| | | | | | | | | | | | | | This package is a setuptools plugin: it adds a file to the generated .egg-info directory, capturing the information used by the setup.py test command when running tests. WWW: http://pypi.python.org/pypi/eggtestinfo Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307231
* MFH r307208Jason E. Hale2012-11-091-0/+19
| | | | | | | | | | | | - Add upstream patch to fix build with lcms 2.4 Reported by: pointyhat via beat Approved by: portmgr (beat) makc, avilla (mentors, implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307230
* MFH r307204Jason E. Hale2012-11-091-5/+2
| | | | | | | | | | | | | - Add missing build dependency - Trim Makefile header Reported by: pointyhat via beat Approved by: portmgr (beat) makc, avilla (mentors, implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307228
* MFH r307203Jason E. Hale2012-11-091-5/+2
| | | | | | | | | | | | | - Add missing build dependency - Trim Makefile header Reported by: pointyhat via beat Approved by: portmgr (beat) makc, avilla (mentors, implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307227
* Merge r307190:Adam Weinberger2012-11-081-1/+1
| | | | | | | | | | | Prevent PREFIX from making its way into the plist for plugins. This broke package builds of squirrelmail plugins. Feature safe: yes Approved by: portmgr Notes: svn path=/branches/RELENG_9_1_0/; revision=307193
* MFH r307155: Fix @dirrmtry in plist found by 9.1-REL exp run.Jun Kuriyama2012-11-083-0/+3
| | | | | | | | Approved by: portmgr (beat) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307186
* MFH r307153: Update to 23.0.1271.64 [1]Rene Ladan2012-11-0827-271/+344
| | | | | | | | | | | | | MFH r307161: Re-adjust required diskspace for the build [2] Submitted by: George Liaskos [1] Submitted by: osa [2] Approved by: portmgr (beat) Security: http://www.vuxml.org/freebsd/209c068d-28be-11e2-9160-00262d5ed8ee.html [1] Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307183
* MFH r307178 by gahr:Beat Gaetzi2012-11-081-0/+1
| | | | | | | | | | | - fix PLIST Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307182
* MFH r307177 by gahr:Beat Gaetzi2012-11-084-427/+635
| | | | | | | | | | | | | - update to 3.3.4 (old version isn't fetchable anymore) - update Tcl/Tk dependency to 8.5 (doesn't work with 8.4 anymore) - fix jstrack.sh.in to locate jstrack's library dir Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307179
* MFH r307170 by gahr:Beat Gaetzi2012-11-081-1/+1
| | | | | | | | | | | - fix MASTER_SITES Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307175
* MFH r307169 by gahr:Beat Gaetzi2012-11-081-0/+3
| | | | | | | | | | | - fix build Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307174
* MFH r307167 by gahr:Beat Gaetzi2012-11-081-35/+0
| | | | | | | | | | | - remove obsolete patch Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307172
* MFH r307163 by gahr:Beat Gaetzi2012-11-081-1/+0
| | | | | | | | | | | - no need to depend on rpm, sysutils/yum already depends on it Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307166
* MFH r307159 by gahr:Beat Gaetzi2012-11-081-0/+4
| | | | | | | | | | | - fix mtree by avoiding to install a .in CMake configure file Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307165
* MFH r307156 by az:Beat Gaetzi2012-11-081-2/+2
| | | | | | | | | Fix build. Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307164
* MFH r307157 by gahr:Beat Gaetzi2012-11-081-0/+1
| | | | | | | | | | - fix build on amd64 Reported by: PH (via beat@) Feature safe: yes Notes: svn path=/branches/RELENG_9_1_0/; revision=307162
* - Fix distinfo for amd64 distfile. Old one was for opera-next 12.10.Bernhard Froehlich2012-11-071-2/+2
| | | | | | | | With hat: portmgr Feature safe: yes Notes: svn path=/head/; revision=307143
* - Security update to 12.10Dirk Meyer2012-11-075-17/+56
| | | | | | | | | | | | Security: http://www.opera.com/support/kb/view/1030/ Security: http://www.opera.com/support/kb/view/1031/ Security: http://www.opera.com/support/kb/view/1033/ PR: 173426 Approved by: portmgr (decke) Feature safe: yes Notes: svn path=/head/; revision=307142