aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* emulators/wine-devel: update to Wine 7.20Damjan Jovanovic2022-11-164-55/+7
| | | | | | | | | | This includes the following changes: - Font linking improvements. - A number of fixes for exception unwinding. - Support for dumping EMF spool files in WineDump. - Various bug fixes. files/patch-dlls-ntdll-unix-file.c has been merged upstream; drop it.
* graphics/sciplot: Move to science/sciplotYuri Victorovich2022-11-167-2/+3
| | | | | PR: 267692 Reported by: Franco Fichtner <franco@opnsense.org>; philip@
* databases/{,py-}duckdb: Update 0.5.1 -> 0.6.0Yuri Victorovich2022-11-165-16/+86
| | | | Reported by: portscout
* net/fb303: Update 2022.11.07.00 -> 2022.11.14.00Yuri Victorovich2022-11-162-4/+4
|
* devel/fatal: Update 2022.11.07.00 -> 2022.11.14.00Yuri Victorovich2022-11-162-4/+4
|
* www/proxygen: Update 2022.11.07.00 -> 2022.11.14.00Yuri Victorovich2022-11-162-4/+4
|
* devel/fbthrift: Update 2022.11.07.00 -> 2022.11.14.00Yuri Victorovich2022-11-162-4/+4
|
* net/wangle: Update 2022.11.07.00 -> 2022.11.14.00Yuri Victorovich2022-11-162-4/+4
|
* security/fizz: Update 2022.11.07.00 -> 2022.11.14.00Yuri Victorovich2022-11-162-4/+4
|
* devel/folly: Update 2022.11.07.00 -> 2022.11.14.00Yuri Victorovich2022-11-162-4/+4
|
* math/mlpack: Update 3.4.2 -> 4.0.0Yuri Victorovich2022-11-165-363/+382
|
* Qt: Update Qt6 to 6.4.1Tobias C. Berner2022-11-1646-152/+114
| | | | | | | | | | | | | | | Qt 6.4.1 release is a patch release made on the top of Qt 6.4.0. As a patch release, Qt 6.4.1 does not add any new functionality but provides bug fixes and other improvements and maintains both forward and backward compatibility (source and binary) with Qt 6.4.0. For detailed information about Qt 6.4, refer to the online documentation included in this distribution. The documentation is also available online: https://doc.qt.io/qt-6/index.html Changelog: https://code.qt.io/cgit/qt/qtreleasenotes.git/about/qt/6.4.1/release-note.md
* databases/pg_activity: Update to 3.0.1Wen Heping2022-11-162-4/+4
| | | | | | PR: 267381 Reported by: wen@ Approved by: maintainer(timeout, >= 14 days)
* www/moodle40: Update to 4.0.5Wen Heping2022-11-162-4/+4
|
* mail/py-mailsuite: Update to 1.9.14Wen Heping2022-11-163-8/+7
| | | | | PR: 267800 Reported by: meka@tilda.center(maintainer)
* framework: fix grep call in check_files hookTobias C. Berner2022-11-161-1/+1
| | | | Reported by: dch
* net-p2p/xbt: new BitTorrent tracker port had been added (+)Alexey Dokuchaev2022-11-166-0/+82
| | | | | | | | It is written in modern C++ and designed for high performance while consuming little resources (CPU and RAM). Consisting of just a dozen files, it can be easily built with BSD or GNU make.
* security/clamav: Update source archive to new one againYasuhiro Kimura2022-11-162-5/+5
| | | | | | | | Upstream released new source archive of 0.105.1 again to fix the problem introduced by previous update of source archive. Reference: https://blog.clamav.net/2022/11/second-clamav-100-release-candidate-and.html MFH: 2022Q4
* mail/snappymail: Update to 2.21.2Yasuhiro Kimura2022-11-162-4/+4
| | | | | ChangeLog: https://github.com/the-djmaze/snappymail/releases/tag/v2.21.1 ChangeLog: https://github.com/the-djmaze/snappymail/releases/tag/v2.21.2
* www/ilias: Update to 7.15Wen Heping2022-11-162-4/+4
|
* lang/dlang-tools: Update to 2.101.0Jose Alonso Cardenas Marquez2022-11-162-5/+4
|
* devel/py-poetry-core: Update files/setup.py for reflect new package changesJose Alonso Cardenas Marquez2022-11-162-0/+3
| | | | | | PR: 267251 Reported by: Stewart Morgan <stewart+FreeBSD-BugZilla _at_ arnos-vale.net> Approved by: maintainer timeout
* science/vmd: Update to 1.9.4a57Jason W. Bacon2022-11-169-387/+952
| | | | | Unbreak build: 1.9.3 incompatible with latest python tools Clean up portlint and stage qa issues
* lang/ldc: Make portlint friendlyJose Alonso Cardenas Marquez2022-11-164-10/+10
| | | | | PR: 264100 Reported by: jwb
* devel/dub: Remove obsolete patch fileJose Alonso Cardenas Marquez2022-11-151-27/+0
|
* mail/thunderbird: update to 102.5.0Christoph Moench-Tegeder2022-11-152-4/+5
| | | | | Release Notes: https://www.thunderbird.net/en-US/thunderbird/102.5.0/releasenotes/
* security/heimdal: Update to 7.8.0Cy Schubert2022-11-154-17/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This upgrade fixes multiple security vulnerabilities. The following issues are patched: - CVE-2022-42898 PAC parse integer overflows - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0 on the Common Vulnerability Scoring System (CVSS) v3, as we believe it should be possible to get an RCE on a KDC, which means that credentials can be compromised that can be used to impersonate anyone in a realm or forest of realms. Heimdal's ASN.1 compiler generates code that allows specially crafted DER encodings of CHOICEs to invoke the wrong free function on the decoded structure upon decode error. This is known to impact the Heimdal KDC, leading to an invalid free() of an address partly or wholly under the control of the attacker, in turn leading to a potential remote code execution (RCE) vulnerability. This error affects the DER codec for all extensible CHOICE types used in Heimdal, though not all cases will be exploitable. We have not completed a thorough analysis of all the Heimdal components affected, thus the Kerberos client, the X.509 library, and other parts, may be affected as well. This bug has been in Heimdal's ASN.1 compiler since 2005, but it may only affect Heimdal 1.6 and up. It was first reported by Douglas Bagnall, though it had been found independently by the Heimdal maintainers via fuzzing a few weeks earlier. While no zero-day exploit is known, such an exploit will likely be available soon after public disclosure. - CVE-2019-14870: Validate client attributes in protocol-transition - CVE-2019-14870: Apply forwardable policy in protocol-transition - CVE-2019-14870: Always lookup impersonate client in DB Reported by: so (philip) Approved by: so (philip) MFH: 2022Q4 Security: Many, see above Sponsored by: so (philip)
* security/dropbear: update to 2022.83Piotr Kubaj2022-11-152-6/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Features and Changes: Note >> for compatibility/configuration changes - >> Disable DROPBEAR_DSS by default It is only 1024 bit and uses sha1, most distros disable it by default already. - Added DROPBEAR_RSA_SHA1 option to allow disabling sha1 rsa signatures. >> RSA with sha1 will be disabled in a future release (rsa keys will continue to work OK, with sha256 signatures used instead). - Add option for requiring both password and pubkey (-t) Patch from Jackkal - Add 'no-touch-required' and 'verify-required' options for sk keys Patch from Egor Duda - >> DROPBEAR_SK_KEYS config option now replaces separate DROPBEAR_SK_ECDSA and DROPBEAR_SK_ED25519 options. - Add 'permitopen' option for authorized_keys to restrict forwarded ports Patch from Tuomas Haikarainen - >> Added LTM_CFLAGS configure argument to set flags for building bundled libtommath. This also restores the previous arguments used in 2020.81 (-O3 -funroll-loops). That gives a big speedup for RSA key generation, which regressed in 2022.82. There is a tradeoff with code size, so -Os can be used if required. https://github.com/mkj/dropbear/issues/174 Reported by David Bernard - Add '-z' flag to disable setting QoS traffic class. This may be necessary to work with broken networks or network drivers, exposed after changes to use AF21 in 2022.82 https://github.com/mkj/dropbear/issues/193 Reported by yuhongwei380, patch from Petr Štetiar - Allow overriding user shells with COMPAT_USER_SHELLS Based on a patch from Matt Robinson - Improve permission error message Patch from k-kurematsu - >> Remove HMAC_MD5 entirely Regression fixes from 2022.82: - Fix X11 build - Fix build warning - Fix compilation when disabling pubkey authentication Patch from MaxMougg - Fix MAX_UNAUTH_CLIENTS regression Reported by ptpt52 - Avoid using slower prime testing in bundled libtomcrypt when DSS is disabled https://github.com/mkj/dropbear/issues/174 Suggested by Steffen Jaeckel - Fix Dropbear plugin support https://github.com/mkj/dropbear/issues/194 Reported by Struan Bartlett Other fixes: - Fix long standing incorrect compression size check. Dropbear (client or server) would erroneously exit with "bad packet, oversized decompressed" when receiving a compressed packet of exactly the maximum size. - Fix missing setsid() removed in 2020.79 https://github.com/mkj/dropbear/issues/180 Reported and debugged by m5jt and David Bernard - Try keyboard-interactive auth before password, in dbclient. This was unintentionally changed back in 2013 https://github.com/mkj/dropbear/pull/190 Patch from Michele Giacomoli - Drain the terminal when reading the fingerprint confirmation response https://github.com/mkj/dropbear/pull/191 Patch from Michele Giacomoli - Fix utx wtmp variable typo. This has been wrong for a long time but only recently became a problem when wtmp was detected. https://github.com/mkj/dropbear/pull/189 Patch from Michele Giacomoli - Improve configure test for hardening options. Fixes building on AIX https://github.com/mkj/dropbear/issues/158 - Fix debian/dropbear.init newline From wulei-student Infrastructure: - Test off-by-default compile options - Set -Wundef to catch typos in #if statements
* x11-toolkits/xwallpaper: New port xwallpaperRodrigo Osorio2022-11-154-0/+31
| | | | A utility to set image files as your X wallpaper
* devel/pear-Horde_Core: fix error messagesThierry Thomas2022-11-152-0/+12
| | | | | | | | Patch submitted by wahnes (at) uni-koeln (dot) de. PR: 267508 Approved by: maintainer’s time-out Obtained from: https://bugs.horde.org/ticket/15093
* graphics/gpu-firmware-kmod: fix pkg-descr typoDmitry Marakasov2022-11-151-1/+1
| | | | | | PR: 266908 Reported by: grahamperrin Approved by: maintainer timeout (x11, a month)
* audio/hpsjam: Update to 1.2.7Hans Petter Selasky2022-11-152-5/+4
| | | | | | | - Added more contrast to GUI. - Fixes for jitter reduction Approved by: pi (implicit)
* devel/py-awscli: Update to 1.27.9Juraj Lutter2022-11-159-32/+22
| | | | | | - Update to 1.27.9 - Rename to comply with Python naming policy and flavorize - Assume MAINTAINER
* www/bacula-web: upgrade to 8.6.3Larry Rosenman2022-11-152-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog General Fixed Composer dependency problem with smarty/smarty (see #131) Bumped smarty/smarty to version 4.2.1 Improved support for PHP >= 8.0 Fixed PSR12 code style warnings Improved testing and code coverage (see #133) The error page was too verbose, even while not in debug mode (see #134) Test page Test page was not checking correctly the permissions on the protected assets folder (see #136) Console The console check command now displays current PHP version (see #137) Documentation Documentation has been fixed/updated (see #138) Added instructions for Lighttpd web server (see #129) Fixed bug(s) disabled test page New feature(s)
* devel/py-pytest-trio: update 0.7.0 → 0.8.0Dmitry Marakasov2022-11-152-10/+8
|
* Mk/bsd.sites.mk: update sourceforge mirrorsDmitry Marakasov2022-11-151-1/+1
| | | | | - Remove superb (no address record) - Add versaweb
* devel/py-pytest4-asyncio: fix typo in variable nameDmitry Marakasov2022-11-151-1/+1
|
* security/vuxml: re-organize portRene Ladan2022-11-1523-44/+44
| | | | | - move vuln-YYYY.xml files into vuln/ as just YYYY.xml - this prevents problems with the new check_files hook when 2023 arrives.
* multimedia/emby-server-devel: update to 4.8.0.17Dries Michiels2022-11-152-4/+4
| | | | Changes: https://github.com/MediaBrowser/Emby.Releases/releases/tag/4.8.0.17
* net-mgmt/netdata-go: update to 0.43.1Dries Michiels2022-11-152-6/+6
| | | | Changes: https://github.com/netdata/go.d.plugin/releases/tag/v0.43.1
* security/vuxml: Document CVE-2022-42898Cy Schubert2022-11-151-0/+43
| | | | | Document MIT krb5 Security Advisory 2022-001: integer overflow vulnerabilities in PAC parsing
* framework: new hook to only allow 'default' files in category/portTobias C. Berner2022-11-151-0/+30
| | | | | | | | | | | | | | | This hooks enforces that all files in the top-directory of a port match: - .*\.mk - Makefile.* - distinfo.* - pkg-.* An example error message would look like: [pre-commit] ERROR: invalid file 'Foo' in 'kate/editors' Consider moving non-standard files to files/ or force-ignore this hook. Differential Revision: https://reviews.freebsd.org/D37387
* sysutils/egress-monitor: Add new portGoran Mekić2022-11-156-0/+60
| | | | | | | | | | | Add sysutils/egress-monitor, a tool that is watching for default routes changes and sets the interface group. When the default route is added, egress-monitor sets the group of that interface to appropriate egress. WWW: https://github.com/mekanix/egress-monitor PR: 267731 Tested by: dfr
* audio/rsgain: Update to 3.1.1Jason E. Hale2022-11-152-5/+4
| | | | https://github.com/complexlogic/rsgain/releases/tag/v3.1.1
* security/krb5-119: Update to 1.19.4Cy Schubert2022-11-152-6/+4
| | | | | MFH: 2022Q4 Security: CVE-2022-42898
* security/krb5-120: Update to 1.20.1Cy Schubert2022-11-152-8/+4
| | | | | MFH: 2022Q4 Security: CVE-2022-42898
* devel/vc-intrinsics: update to 0.9.0Jan Beich2022-11-152-4/+4
| | | | | Changes: https://github.com/intel/vc-intrinsics/releases/tag/v0.9.0 Reported by: GitHub (watch releases)
* security/krb5-devel: update to the latest MIT/KRB5 github commitCy Schubert2022-11-152-5/+5
|
* finance/odoo: Fix issues with latest version of py-werkzeugJose Alonso Cardenas Marquez2022-11-152-2/+5
| | | | | | - Fix path to odoo.conf file PR: 267331 266478 Reported by: Dimitri Kaparis <dimitri .at. kaparis.name>
* security/krb5-118: CVE-2022-42898: IGNORE and accelerate removalCy Schubert2022-11-151-1/+2
| | | | | | | | | krb5-118 was desupported by MIT when krb5-120 was released. CVE-2022-42898 now requires its accelerated removal from the tree. It is now flagged IGNORE until its removal on Nov 30, 2022. MFH: 2022Q4 Security: CVE-2022-42898
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-08 17:00:43 +0000