OpenBSD ports changes summary for 2016-01-14 ============================================
devel/go-check-v1 devel/go-tools emulators/qemu games games/ioquake3 graphics/ffmpeg lang/go lang/racket-minimal mail/rspamd math/graphviz multimedia/get_iplayer net/go-websocket sysutils/shelldap textproc/glimpse textproc/go-xlsx www/cgit www/chromium www/lynx www/netsurf x11/mplayer == devel ============================================================= 01/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel go-check-v1 ~ Makefile ~ pkg/PLIST > Update devel/go-check-v1 for changes to go.port.mk. > ok sthen@ jasper@ czarkoff@ (jsing@) go-tools ~ Makefile ~ distinfo ~ pkg/DESCR ~ pkg/PLIST > Update devel/go-tools for changes to go.port.mk and a newer version. > cmd/vet and cmd/cover are now part of the Go base distribution, so stop > building/installing them. Additionally, godoc requires special handling > due to a 'go install' mapping that still exists for legacy reasons. > ok sthen@ jasper@ czarkoff@ (jsing@) == emulators ========================================================= 02/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/emulators qemu ~ Makefile + patches/patch-hw_nvram_fw_cfg_c > SECURITY fix for CVE-2016-1714. > from Brad (maintainer) (ajacoutot@) ~ Makefile + patches/patch-hw_nvram_fw_cfg_c TAGGED OPENBSD_5_8 > security fix for CVE-2016-1714 (jasper@) == games ============================================================= 03/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/games games ~ Makefile > + ioquake3 (abieber@) ioquake3 + Makefile + distinfo + patches/patch-Makefile_local + pkg/DESCR + pkg/PLIST + pkg/README + pkg/PFRAG.shared > New import: > import of ioquake3, an actively developed Quake 3 Arena clone. == graphics ========================================================== 04/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/graphics ffmpeg - patches/patch-libavcodec_libvpxenc_c ~ Makefile ~ distinfo ~ patches/patch-configure ~ patches/patch-doc_encoders_texi ~ patches/patch-libavcodec_aaccoder_c ~ patches/patch-libavcodec_aacenc_c ~ patches/patch-libavcodec_aacenc_h ~ patches/patch-libavcodec_aacenc_is_c ~ patches/patch-libavcodec_aacenc_pred_c ~ patches/patch-libavcodec_aacenc_utils_h ~ patches/patch-libavcodec_aacsbr_template_c ~ patches/patch-libavcodec_mips_aaccoder_mips_c ~ patches/patch-tests_fate_aac_mak + patches/patch-libavutil_random_seed_c > Update to ffmpeg-20160113. > from Brad (maintainer) (ajacoutot@) == lang ============================================================== 05/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang go ~ Makefile ~ distinfo > Update lang/go to 1.5.3. > This release addresses CVE-2015-8618. > ok ajacoutot@ sthen@ (jsing@) ~ go.port.mk > Rework go.port.mk to install packages in /usr/local/go-pkg and build > without -a, -work and without running things through sed and piping to > shell: > - Install additional packages under /usr/local/go-pkg and include this in > GOPATH when building. Go considers anything under the GOROOT to be part > of the standard library, which introduces various problems. In particular > they do not get rebuilt without the -a flag. > - Using 'go build -a' is unnecessary (at least now that we're not > installing in GOROOT). Furthermore, the semantics of -a have changed > between go1.4 and go1.5. In go1.4 the standard library was excluded from > the -a flag whereas for go1.5 it does mean all dependencies including the > standard library (this was the same for go1.3). However, there is > already blanket 'do not rebuild standard library packages' in place when > the -a flag is NOT specified. > - Avoid -work since it leaves the work directory behind and nothing is > currently cleaning it up. > - Overall, avoid running 'go install -x' and piping the results through > sed and sh. Firstly, 'go install -x' is already running those commands, > then they're being run a second time around via sh. Secondly, there are > cases where replacing GOROOT is incorrect. > ok jasper@ sthen@ kspillner@ czarkoff@ (jsing@) racket-minimal ~ Makefile ~ patches/patch-collects_compiler_embed_rkt + patches/patch-collects_compiler_distribute_rkt + patches/patch-collects_compiler_private_write-perm_rkt > Fix "raco distribute". Patch from upstream. (juanfra@) == mail ============================================================== 06/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail rspamd ~ Makefile ~ pkg/PLIST > Don;'t @sample stuffs under /var/run; it gets removed at boot time. > (ajacoutot@) == math ============================================================== 07/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/math graphviz ~ Makefile > properly disable 'R' support by disabling 'r' > ok edd@ (MAINTAINER) (jasper@) == multimedia ======================================================== 08/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/multimedia get_iplayer ~ Makefile ~ distinfo ~ patches/patch-get_iplayer ~ pkg/PLIST > Switch to devel version of get_iplayer which has a minimal workaround to > reinstate --pid/--url downloading following removal of the old XML data > sources that it was using. (sthen@) ~ Makefile ~ distinfo > Update get_iplayer again, the xml feeds got readded around the same time I > made > the last commit. Still sticking with the devel version as it has DASH > support. (sthen@) == net =============================================================== 09/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net go-websocket ~ Makefile ~ pkg/PLIST > Update net/go-websocket for go.port.mk changes. > ok sthen@ jasper@ kspillner@ (jsing@) == sysutils ========================================================== 10/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/sysutils shelldap ~ Makefile ~ distinfo > Update to shelldap 1.3.2. > Now works fine against base ldapd when binding anonymous, after a nice > debugging session with upstream. (landry@) == textproc ========================================================== 11/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/textproc glimpse ~ Makefile ~ pkg/DESCR > reformat a severely mangled DESCR > ok sthen@ (mmcc@) go-xlsx ~ Makefile ~ pkg/PLIST > Update textproc/go-xlsx for go.port.mk changes. > ok sthen@ jasper@ czarkoff@ (jsing@) == www =============================================================== 12/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www cgit ~ Makefile ~ distinfo ~ patches/patch-Makefile ~ patches/patch-filter_c > update to cgit-0.12, ok landry > Fixes some XSS and header injection problems and an int overflow in > CONTENT_LENGTH resulting in buffer overflow (sthen@) chromium ~ Makefile ~ distinfo ~ patches/patch-chrome_common_pref_names_cc ~ patches/patch-chrome_common_pref_names_h > update to 47.0.2526.111 (robert@) lynx ~ Makefile > Tweak COMMENT > Suggested by naddy@ > From maintainer Frederic Cambus (dcoppa@) netsurf ~ libnsgif/Makefile ~ libnsgif/distinfo ~ libnsbmp/Makefile ~ libnsbmp/distinfo > Security update to libnsbmp-0.1.3 and libnsgif-0.1.3. > No changes since the last release, except the following CVE fixes: > CVE-2015-7505 (stack overflow) > CVE-2015-7506 (out-of-bounds read) > CVE-2015-7507 (out-of-bounds read) > CVE-2015-7508 (heap overflow) (bentley@) == x11 =============================================================== 13/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/x11 mplayer ~ Makefile > Bump FFMpeg version. > from Brad (maintainer) (ajacoutot@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
