OpenBSD ports changes summary for 2016-02-04 ============================================
archivers/p7zip devel/quirks graphics/jasper lang/gambit mail/opensmtpd-extras multimedia/mpv net/dnscrypt-proxy net/noVNC net/ntp net/openfire print/cups-pk-helper productivity/baikal security/gnutls sysutils/google-cloud-sdk telephony/asterisk textproc/libxml textproc/libxml++ textproc/p5-Regexp-Common textproc/p5-XML-XPath textproc/zathura www/phpmyadmin www/piwik www/webkit == archivers ========================================================= 01/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/archivers p7zip ~ Makefile ~ patches/patch-CPP_7zip_UI_Console_Main_cpp > Further pledge(2) fallout due to password protected archives. > Listing or checking the integrity may call readpassphrase(3) > and thus requires a "tty" promise. > Report and fix by provided by Andre S, thanks! > ok czarkoff@, Josh Grosse (MAINTAINER) (tb@) == devel ============================================================= 02/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel quirks ~ Makefile ~ files/Quirks.pm > In OpenBSD 4.5 p5-Module-Pluggable moved to perl core, so a quirk was used > to > remove the package if installed. This was then removed from perl core > again, > a port was added, but the quirk wasn't removed, so people who *don't* clean > their /usr/libdata between updates would have the new version from packages > removed, and people who *do* clean would see a message like this, > "Not removing p5-Module-Pluggable-5.2 , > /usr/libdata/perl5/Module/Pluggable.pm not found" > Remove from quirks to fix. (sthen@) == graphics ========================================================== 03/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/graphics jasper ~ Makefile ~ patches/patch-src_libjasper_base_jas_image_c ~ patches/patch-src_libjasper_base_jas_seq_c > Security fix for CVE-2016-2089, patch from redhat bz. > ok sthen@ (jasper@) ~ Makefile ~ patches/patch-src_libjasper_base_jas_image_c ~ patches/patch-src_libjasper_base_jas_seq_c TAGGED OPENBSD_5_8 > Security fix for CVE-2016-2089, patch from redhat bz. (jasper@) == lang ============================================================== 04/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang gambit ~ Makefile > "cc1: out of memory allocating 1608 bytes". > Adding -O0 for the next bulk build. I don't have a machine where to > test the workaround. I will remove the comment when I know if that > helps with the bug or not. (juanfra@) == mail ============================================================== 05/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail opensmtpd-extras ~ Makefile ~ distinfo ~ pkg/PLIST-main > update to latest snapshot 201602042118 which fixes multiple filter issues > ok giovanni (jung@) == multimedia ======================================================== 06/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/multimedia mpv - patches/patch-DOCS_man_options_rst - patches/patch-TOOLS_old-configure - patches/patch-TOOLS_old-makefile ~ Makefile ~ distinfo ~ pkg/PLIST > update to mpv-0.15.0 > changes: > - old-configure is gone, so use waf > - instead of patching cd/dvd device names, use sed > - explicitly disable dependencies we don't have but may get in future > ok, tweaks and testing bentley@, jasper@ and sthen@ (czarkoff@) == net =============================================================== 07/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net dnscrypt-proxy - pkg/patch-src_libevent-modified_evutil_rand_c ~ Makefile ~ distinfo ~ pkg/PLIST-main > Update to dnscrypt-proxy 1.6.1 > - Security: malformed packets could cause the OpenDNS deviceid, > OpenDNS set-client-ip, blocking and AAAA blocking plugins to use > uninitialized pointers, leading to a denial of service or possibly > code execution. The vulnerable code is present since dnscrypt-proxy > 1.1.0. OpenDNS users and people using dnscrypt-proxy in order to block > domain names and IP addresses should upgrade as soon as possible. (sthen@) - patches/patch-src_libevent-modified_evutil_rand_c ~ Makefile ~ distinfo ~ pkg/PLIST-main TAGGED OPENBSD_5_8 > Update to dnscrypt-proxy 1.6.1 > - Security: malformed packets could cause the OpenDNS deviceid, > OpenDNS set-client-ip, blocking and AAAA blocking plugins to use > uninitialized pointers, leading to a denial of service or possibly > code execution. The vulnerable code is present since dnscrypt-proxy > 1.1.0. OpenDNS users and people using dnscrypt-proxy in order to block > domain names and IP addresses should upgrade as soon as possible. (sthen@) ~ Makefile ~ pkg/README-main ~ pkg/dnscrypt_proxy.rc TAGGED OPENBSD_5_8 > Update pkg-readme and rc script for dnscrypt-proxy; "-R opendns" was the > package's old default but this has been replaced in the csv file since > the OpenDNS acquisition. > There is now no default; select a server yourself and configure it as shown > in the readme. (sthen@) noVNC ~ Makefile ~ distinfo > add a couple more commits from bmc-support to noVNC, replace ATEN iKVM > detection heuristic and cover additional supermicro X10/X11 iKVM. (sthen@) ntp ~ Makefile ~ distinfo + patches/patch-tests_libntp_ssl_init_c > Security update to 4.2.8p6. This addresses numerous security issues. > (naddy@) ~ Makefile ~ distinfo + patches/patch-tests_libntp_ssl_init_c TAGGED OPENBSD_5_8 > Security update to 4.2.8p6. This addresses numerous security issues. > (naddy@) openfire ~ Makefile ~ distinfo > Update to openfire-4.0.1. > from Marc Peters (maintainer) (benoit@) == print ============================================================= 08/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/print cups-pk-helper ~ Makefile ~ distinfo ~ pkg/PLIST > Update to cups-pk-helper-0.2.6. (ajacoutot@) == productivity ====================================================== 09/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/productivity baikal ~ Makefile > drop MAINTAINER for i don't use this anymore (jasper@) == security ========================================================== 10/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/security gnutls ~ Makefile ~ distinfo > Bugfix update to gnutls-3.3.21. (ajacoutot@) == sysutils ========================================================== 11/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/sysutils google-cloud-sdk ~ Makefile ~ distinfo ~ pkg/PLIST > Update to google-cloud-sdk-95.0.0. > - add support for subnets (ajacoutot@) == telephony ========================================================= 12/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/telephony asterisk ~ Makefile ~ distinfo > security update to asterisk-13.7.1 (if anyone has time to look at > pulling -stable up to 11.21.1, that would be appreciated..) > BEAST vulnerability in HTTP server > http://downloads.digium.com/pub/security/AST-2016-001.html > File descriptor exhaustion in chan_sip > http://downloads.digium.com/pub/security/AST-2016-002.html > Remote crash vulnerability when receiving UDPTL FAX data. > http://downloads.digium.com/pub/security/AST-2016-003.html (sthen@) == textproc ========================================================== 13/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/textproc libxml ~ Makefile TAGGED OPENBSD_5_8 > The patches that we fetch from upstream git have a "cgit+version" in the > footer. > However upstream recently updated their cgit so the footer changed from > "cgit v0.11.2" to "cgit v0.12" which caused a checksum mismatch. > Mirror the patches elsewhere instead of playing catch-up whenever there's a > new cgit release. > checksum mismatch noticed by sven falempin (jasper@) libxml++ ~ Makefile > Add PORTROACH to limit this to version 2.X. (ajacoutot@) p5-Regexp-Common ~ Makefile ~ distinfo > update p5-Regexp-Common to 2016020301 (bluhm@) p5-XML-XPath ~ Makefile ~ distinfo > Update to p5-XML-XPath-1.29. (benoit@) zathura ~ core/Makefile ~ plugins/Makefile.inc ~ plugins/cb/Makefile ~ plugins/djvu/Makefile ~ plugins/mupdf/Makefile ~ plugins/poppler/Makefile ~ plugins/ps/Makefile > Add core as a RUN_DEPENDS of the plugins. Change core COMMENT. > OK sthen@. (juanfra@) == www =============================================================== 14/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www phpmyadmin ~ Makefile ~ distinfo ~ pkg/PLIST TAGGED OPENBSD_5_8 > Security update to 4.4.15.4 > Fixes: > PMSA-2016-[1-7], PMSA-2016-8 and PMSA-2016-9 do not affect us > ok jasper@ (giovanni@) piwik ~ Makefile ~ distinfo ~ pkg/PLIST TAGGED OPENBSD_5_8 > Security update to 2.15.0 > ok jasper@ (giovanni@) webkit ~ Makefile + patches/patch-Source_WebCore_platform_ScrollView_cpp TAGGED OPENBSD_5_8 > Fix for CVE-2014-1748. (ajacoutot@) ~ Makefile + patches/patch-Source_WebCore_platform_ScrollView_cpp TAGGED OPENBSD_5_8 > SECURITY fix for CVE-2014-1748. (ajacoutot@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
