OpenBSD ports changes summary for 2017-06-21 ============================================
archivers/unrar astro/ansiweather comms/gammu comms/py-gammu devel/quirks devel/sdcc graphics/mandelbulber lang/jruby net net/libepc net/openvpn net/py-botocore net/texapp productivity productivity/tudu sysutils/awscli sysutils/sysclean www/webkitgtk4 x11/dstat x11/gnome x11/gtk+3 x11/xli == archivers ========================================================= 01/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/archivers unrar ~ Makefile ~ distinfo ~ patches/patch-makefile ~ patches/patch-os_hpp ~ patches/patch-rijndael_cpp > Security update to 5.50 beta 4 to fix the VMSF_DELTA filter signedness > error and unspecified other issues. (naddy@) == astro ============================================================= 02/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/astro ansiweather ~ Makefile ~ distinfo > Update ansiweather to 1.11. (fcambus@) == comms ============================================================= 03/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/comms gammu ~ Makefile ~ distinfo > update to gammu-1.38.4 (kirby@) py-gammu ~ Makefile ~ distinfo > update to python-gammu-2.9 (kirby@) == devel ============================================================= 04/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel quirks ~ Makefile ~ files/Quirks.pm > Register texapp removal. (bcallah@) sdcc ~ Makefile > and that makes 3! > -fms-extensions is inoperative with clang, and it sure builds without it > (unnamed structs work as long as you don't try any pedantic standard) > (espie@) == graphics ========================================================== 05/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/graphics mandelbulber + patches/patch-src_Render3D_cpp > how can one choose C++ and not know such basics. Begars the mind. > fix build with clang (espie@) == lang ============================================================== 06/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang jruby ~ Makefile ~ distinfo ~ pkg/PLIST > Update to JRuby 9.1.12.0 (jeremy@) == net =============================================================== 07/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net net ~ Makefile > Remove net/texapp. The service it targeted has been shut down. > ok fcambus@ (bcallah@) libepc ~ patches/patch-tests_framework_c > you guys missed one, or gcc gets ioctl magically (espie@) openvpn - patches/patch-include_openvpn-plugin_h_in - patches/patch-src_openvpn_syshead_h ~ Makefile ~ distinfo ~ patches/patch-configure ~ patches/patch-src_openvpn_route_c ~ patches/patch-src_openvpn_tun_c > SECURITY update to openvpn-2.4.3 > Fixes for: > - CVE-2017-7508 Remotely-triggerable ASSERT() on malformed IPv6 packet > - CVE-2017-7520 Pre-authentication remote crash/information disclosure > for clients > - CVE-2017-7521 Potential double-free in --x509-alt-username > - CVE-2017-7512 Remote-triggerable memory leaks > - CVE-2017-7522 Post-authentication remote DoS when using > the --x509-track option > - Null-pointer dereference in establish_http_proxy_passthru() > Full description at > https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 > This update kills some of our patches that were committed upstream. > Similar diff proposed by pirofti@, ok pirofti@ stsp@ (jca@) - patches/patch-include_openvpn-plugin_h_in - patches/patch-src_openvpn_syshead_h ~ Makefile ~ distinfo ~ patches/patch-configure ~ patches/patch-src_openvpn_route_c ~ patches/patch-src_openvpn_tun_c TAGGED OPENBSD_6_1 > SECURITY update to openvpn-2.4.3 > Fixes for: > - CVE-2017-7508 Remotely-triggerable ASSERT() on malformed IPv6 packet > - CVE-2017-7520 Pre-authentication remote crash/information disclosure > for clients > - CVE-2017-7521 Potential double-free in --x509-alt-username > - CVE-2017-7512 Remote-triggerable memory leaks > - CVE-2017-7522 Post-authentication remote DoS when using > the --x509-track option > - Null-pointer dereference in establish_http_proxy_passthru() > Full description at > https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 > This update kills some of our patches that were committed upstream. > Similar diff proposed by pirofti@, ok pirofti@ stsp@ (jca@) ~ Makefile ~ distinfo TAGGED OPENBSD_6_1 > openvpn re-rolled 2.4.3 tarballs... > Lots of churn because the previous tarball was generated with automake > 1.14.1, the new one with 1.15. > -SHA256 (openvpn-2.4.3.tar.gz) = > hKAao98MEqNVLKO6qjnXABN7W85LbeaD/of7eb+l3ws= > -SIZE (openvpn-2.4.3.tar.gz) = 1397306 > +SHA256 (openvpn-2.4.3.tar.gz) = > zuPTykYpYKUKZ8Dr0YbgG20T23AnUgVmNpUVLJrKhXk= > +SIZE (openvpn-2.4.3.tar.gz) = 1422692 > Not discussed with upstream yet. Committing this now because of the > security issues fixed by openvpn-2.4.3. > Issue also noticed by robert@ (jca@) ~ Makefile ~ distinfo TAGGED OPENBSD_6_1 > Switch to self-hosted tarballs > Upstream seems to serve two versions of the 2.4.3 tarball (issues with > cloudflare ?). (jca@) ~ Makefile TAGGED OPENBSD_6_1 > Switch to self-hosted tarballs > Upstream seems to serve two versions of the 2.4.3 tarball (issues with > cloudflare ?). (jca@) py-botocore ~ Makefile ~ distinfo > Update to py-botocore-1.5.72. (ajacoutot@) texapp - Makefile - distinfo - pkg/DESCR - pkg/PLIST > Remove net/texapp. The service it targeted has been shut down. > ok fcambus@ (bcallah@) == productivity ====================================================== 08/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/productivity productivity ~ Makefile > Add tudu. (fcambus@) tudu + Makefile + distinfo + pkg/PLIST + pkg/DESCR + patches/patch-configure > New import: > Import productivity/tudu. == sysutils ========================================================== 09/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/sysutils awscli ~ Makefile ~ distinfo > Update to awscli-1.11.109. (ajacoutot@) sysclean ~ Makefile ~ distinfo > Update to sysclean-2.3. > from Sebastien Marie (dev / maintainer) (ajacoutot@) == www =============================================================== 10/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www webkitgtk4 ~ Makefile ~ distinfo > SECURITY update ot webkitgtk4-2.16.4. > - CVE-2017-2538 (ajacoutot@) ~ Makefile ~ distinfo TAGGED OPENBSD_6_1 > SECURITY update of webkitgtk4-2.16.4. > - CVE-2017-2538 (ajacoutot@) == x11 =============================================================== 11/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/x11 dstat ~ Makefile ~ distinfo > update to dstat-0.5 (jung@) gnome ~ session/Makefile + session/patch-gnome-session_gsm-shell-extensions_c > shell-extension: fix warning when iterating over extension list (upstream). > (ajacoutot@) ~ totem-pl-parser/Makefile ~ totem-pl-parser/distinfo ~ totem-pl-parser/pkg/PLIST > Update to totem-pl-parser-3.10.8. (ajacoutot@) ~ gjs/Makefile ~ gjs/distinfo > update to gjs-1.48.5 (jasper@) gtk+3 ~ Makefile ~ distinfo > Update to gtk+3-3.22.16. (ajacoutot@) xli + patches/patch-rlelib_c > kill ancient unneeded header, say "hello clang" (espie@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
