OpenBSD ports changes summary for 2017-09-18 ============================================
devel/ocaml-dose geo/pgrouting geo/qgis geo/spatialite graphics/py-cairo infrastructure/bin infrastructure/mk lang/kawa mail/rspamd net net/samba net/wireshark print/texinfo www/apache-httpd www/varnish == devel ============================================================= 01/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel ocaml-dose ~ Makefile ~ patches/patch-algo_dominators_ml > adjust for ocamlgraph 1.8.6 API > breakage spotted by naddy@; fix from upstream (jasper@) == geo =============================================================== 02/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/geo pgrouting ~ Makefile ~ distinfo ~ pkg/PLIST > Update to pgrouting 2.5.0. > See > https://github.com/pgRouting/pgrouting/wiki/Migration-Guide#migrating-from- > 24-to-25 > for details. (landry@) qgis - patches/patch-python_core_qgscoordinatetransform_sip ~ Makefile ~ distinfo ~ patches/patch-src_app_qgisapp_cpp ~ pkg/PLIST > Update to QGIS 2.18.13. > Remove python/core/qgscoordinatetransform.sip patch, was fixed > differently upstream in https://issues.qgis.org/issues/17039 (landry@) spatialite ~ freexl/Makefile ~ freexl/distinfo > Update to freexl 1.0.4, fixing CVE-2017-2923 & CVE-2017-2924 (landry@) == graphics ========================================================== 03/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/graphics py-cairo ~ Makefile ~ distinfo ~ pkg/PFRAG.no-python3 ~ pkg/PFRAG.python3 > Update to py-cairo-1.15.3. (ajacoutot@) == infrastructure ==================================================== 04/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/infrastructure bin ~ register-plist > don't count @version as relevant when registering plists. (espie@) mk ~ arch-defines.mk > scaffolding for -V option, the only missing part is activating it in > bsd.port.mk (espie@) ~ bsd.port.mk > activate @version (espie@) ~ bsd.port.mk > Display a clear error message indicating that WRKOBJDIR must be on a > wxallowed filesystem for USE_WXNEEDED ports instead of erroring out > unhelpfully. Prompted by numerous questions about Python builds failing > with "configure: error: cannot run C compiled programs." on ports@ > Input, tested in bulks and ok sthen; ok danj; no veto from espie. (tb@) == lang ============================================================== 05/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang kawa ~ Makefile > use ${LOCALBASE} as $deity intended (jasper@) ~ Makefile > remove old BROKEN-i386 from when java wouldn't build reliably (sthen@) == mail ============================================================== 06/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail rspamd ~ Makefile ~ distinfo > update to rspamd-1.6.4, similar to a diff from [email protected] > (sthen@) ~ Makefile > take maintainer, in the hope it will prod portroach into noticing this port > :) (sthen@) == net =============================================================== 07/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net net ~ Makefile > Enable mininet. OK phessler@ sthen@ (akoshibe@) samba - patches/patch-source3_rpc_server_srv_pipe_c - patches/patch-source4_heimdal_lib_krb5_ticket_c ~ Makefile ~ distinfo ~ patches/patch-lib_ldb_wscript > Update to samba-4.5.13, the latest release of the 4.5.x series > Putting this in now to help handle future possible security issues on > the 6.2 branch. Tested by Ian McWilliam. (jca@) wireshark ~ Makefile ~ pkg/PLIST-main + pkg/DESCR-gtk + pkg/PLIST-gtk > - add hidden dep on archivers/snappy > - reinstate gtk version, req by tb@ > - install mime/appdata files, missing from the !gtk build (sthen@) == print ============================================================= 08/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/print texinfo ~ Makefile ~ distinfo > Update to Texinfo 6.5 > OK kili@ (feinerer@) == www =============================================================== 09/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www apache-httpd ~ Makefile + patches/patch-server_core_c > patch apache httpd CVE-2017-9798, backported from upstream's branches/2.4.x > This is a use after free error that causes a corrupted Allow header to > be constructed in response to HTTP OPTIONS requests. It can leak pieces > of arbitrary memory from the server process that may contain secrets. > The memory pieces change after multiple requests, so for a vulnerable > host an arbitrary number of memory chunks can be leaked. > The bug appears if a webmaster tries to use the "Limit" directive with > an invalid HTTP method. (sthen@) ~ Makefile + patches/patch-server_core_c TAGGED OPENBSD_6_1 > patch apache httpd CVE-2017-9798, backported from upstream's branches/2.4.x > This is a use after free error that causes a corrupted Allow header to > be constructed in response to HTTP OPTIONS requests. It can leak pieces > of arbitrary memory from the server process that may contain secrets. > The memory pieces change after multiple requests, so for a vulnerable > host an arbitrary number of memory chunks can be leaked. > The bug appears if a webmaster tries to use the "Limit" directive with > an invalid HTTP method. (sthen@) varnish ~ Makefile ~ distinfo ~ pkg/PLIST > Update for Varnish to 5.2.0 > https://varnish-cache.org/docs/5.2/whats-new/changes-5.2.html > OK rsadowski@ (gonzalo@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
