OpenBSD ports changes summary for 2016-12-14 ============================================
devel devel/py-coveralls devel/py-jedi devel/py-nbconvert devel/quirks mail/sendmail net/librenms net/mosh net/ntp security security/bunny security/l0phtcrack security/oledump sysutils/salt www/chromium www/firefox-esr www/firefox-esr-i18n www/firefox-i18n www/mozilla-firefox www/urlwatch x11/gnome == devel ============================================================= 01/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel devel ~ Makefile > +py-jedi > +py-jedi,python3 (shadchin@) py-coveralls ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-coveralls 1.1, from Johan Huldtgren (maintainer) (shadchin@) py-jedi + Makefile + distinfo + pkg/DESCR + pkg/PLIST > New import: > Import py-jedi 0.9.0, ok edd@ py-nbconvert ~ Makefile ~ distinfo ~ pkg/PLIST > Minor update to py-nbconvert 4.3.0 (shadchin@) quirks ~ Makefile ~ files/Quirks.pm > Remove security/l0phtcrack > Reasons include: > - i386 only > - full of scary patches and build warnings, embeds old libcrypto code, > readsmb is a pcap listener that needs to run as root... > - no licensing information for l0phtcrack itself > - LANMAN and NTLMv1 auth are so old and braindead it's not even funny. > Yes, they are still used out there, no, they really shouldn't be. > ok mestre@ sthen@ ajacoutot@ (jca@) ~ Makefile ~ files/Quirks.pm > Remove security/bunny > Unmaintained upstream, superseded by devel/afl. > ok Peter Valchev (maintainer) fcambus@ ajacoutot@ sthen@ (jca@) == mail ============================================================== 02/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail sendmail ~ Makefile + patches/patch-cf_m4_proto_m4 > Also add user _uucp to trusted users. > This avoids useless Auth warnings with the upcoming changes in net/uucp. > ok sthen@ (jca@) == net =============================================================== 03/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net librenms - patches/patch-alerts_php ~ Makefile ~ distinfo ~ patches/patch-config_php_default ~ patches/patch-daily_sh ~ patches/patch-html_install_php ~ patches/patch-html_pages_about_inc_php ~ patches/patch-includes_common_php ~ patches/patch-includes_defaults_inc_php ~ patches/patch-includes_functions_php ~ patches/patch-validate_php ~ pkg/PLIST > update to librenms-1.22.01 (sthen@) mosh - patches/patch-src_crypto_ocb_cc ~ Makefile > No need to disable inline asm on arm any more. (jca@) ntp ~ Makefile ~ distinfo + patches/patch-include_libssl_compat_h + patches/patch-libntp_libssl_compat_c > Security update to 4.2.8p9: > CVE-2016-9311: Trap crash > CVE-2016-9310: Mode 6 unauthenticated trap information disclosure and DDoS > vector > CVE-2016-7427: Broadcast Mode Replay Prevention DoS > CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS > CVE-2016-9312: Windows: ntpd DoS by oversized UDP packet > CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp Bypass > CVE-2016-7434: Null pointer dereference in _IO_str_init_static_internal() > CVE-2016-7429: Interface selection attack > CVE-2016-7426: Client rate limiting and server responses > CVE-2016-7433: Reboot sync calculation problem (naddy@) ~ Makefile ~ distinfo + patches/patch-include_libssl_compat_h + patches/patch-libntp_libssl_compat_c TAGGED OPENBSD_6_0 > Security update to 4.2.8p9: > CVE-2016-9311: Trap crash > CVE-2016-9310: Mode 6 unauthenticated trap information disclosure and DDoS > vector > CVE-2016-7427: Broadcast Mode Replay Prevention DoS > CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS > CVE-2016-9312: Windows: ntpd DoS by oversized UDP packet > CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp Bypass > CVE-2016-7434: Null pointer dereference in _IO_str_init_static_internal() > CVE-2016-7429: Interface selection attack > CVE-2016-7426: Client rate limiting and server responses > CVE-2016-7433: Reboot sync calculation problem (naddy@) == security ========================================================== 04/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/security security ~ Makefile > Remove security/l0phtcrack > Reasons include: > - i386 only > - full of scary patches and build warnings, embeds old libcrypto code, > readsmb is a pcap listener that needs to run as root... > - no licensing information for l0phtcrack itself > - LANMAN and NTLMv1 auth are so old and braindead it's not even funny. > Yes, they are still used out there, no, they really shouldn't be. > ok mestre@ sthen@ ajacoutot@ (jca@) ~ Makefile > Remove security/bunny > Unmaintained upstream, superseded by devel/afl. > ok Peter Valchev (maintainer) fcambus@ ajacoutot@ sthen@ (jca@) bunny - Makefile - distinfo - pkg/DESCR - pkg/PLIST > Remove security/bunny > Unmaintained upstream, superseded by devel/afl. > ok Peter Valchev (maintainer) fcambus@ ajacoutot@ sthen@ (jca@) l0phtcrack - Makefile - distinfo - patches/patch-Makefile - patches/patch-chal_resp_c - patches/patch-includes_h - patches/patch-readsmb_c - patches/patch-util_c - patches/patch-ztest_c - pkg/DESCR - pkg/PLIST > Remove security/l0phtcrack > Reasons include: > - i386 only > - full of scary patches and build warnings, embeds old libcrypto code, > readsmb is a pcap listener that needs to run as root... > - no licensing information for l0phtcrack itself > - LANMAN and NTLMv1 auth are so old and braindead it's not even funny. > Yes, they are still used out there, no, they really shouldn't be. > ok mestre@ sthen@ ajacoutot@ (jca@) oledump ~ Makefile ~ distinfo ~ pkg/PLIST > update oledump to 0.0.26. > ok shadchin@ benoit@ (rpointel@) == sysutils ========================================================== 05/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/sysutils salt ~ Makefile ~ distinfo ~ pkg/PLIST > Update to salt-2016.11.1. (ajacoutot@) == www =============================================================== 06/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www chromium ~ Makefile ~ distinfo > update to 55.0.2883.87 (robert@) firefox-esr ~ Makefile ~ distinfo > Update to firefox-esr 45.6.0. > See https://www.mozilla.org/en-US/firefox/45.6.0/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/ (landry@) firefox-esr-i18n ~ Makefile.inc ~ distinfo > Update to firefox-esr 45.6.0. > See https://www.mozilla.org/en-US/firefox/45.6.0/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/ (landry@) firefox-i18n ~ Makefile.inc ~ distinfo > Bugfix update to firefox 50.1.0. > See https://www.mozilla.org/en-US/firefox/50.1.0/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/. (landry@) mozilla-firefox ~ Makefile ~ distinfo > Bugfix update to firefox 50.1.0. > See https://www.mozilla.org/en-US/firefox/50.1.0/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/. (landry@) urlwatch - patches/patch-urlwatch ~ Makefile ~ distinfo ~ pkg/PLIST + patches/patch-lib_urlwatch_config_py > update to urlwatch-2.6 (sthen@) == x11 =============================================================== 07/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/x11 gnome - session/patches/patch-gnome-session_main_c ~ session/Makefile > Remove uneeded patch. (ajacoutot@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
