openoffice vulnerability?
Nightly security report sez: Checking for packages with security vulnerabilities: Database fetched: Thu May 14 03:10:05 EDT 2015 apache-openoffice-4.1.1_9 I first got this last week for version 4.1.1_7 and consequently updated my ports tree and rebuilt, specifically including changeset 385792: Add a patch to fix the HWP filter vulnerability documented in CVE-2015-1774 and http://www.openoffice.org/security/cves/CVE-2015-1774.html Approved by:mat (mentor) MFH:2015Q2 Security: b13af778-f4fc-11e4-a95d-ac9e174be3af Differential Revision: https://reviews.freebsd.org/D2478 So is it still broken, or did another vulnerability already crop up? -- George ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: FreeBSD make install in graphics/graphviz : Compilation failed unexpectedly
On Thu, May 14, 2015 at 7:25 PM, Avinash Sonawane root...@gmail.com wrote: The problem was, as the maintainer of graphviz suggested, that I had selected PHP bindings in `make config` which was failing the compilation. But then if selecting PHP bindings option in `make config` produces compile error then why to have PHP bindings option in the first place? It seems as if the work on PHP bindings option is going on but till the option is fully ready to compile what's the point in having it in `make config`? It'll only lead to compilation failure and ultimately frustration of user just to realize PHP bindings option doesn't work while building graphviz and then starting the build again with PHP bindings not selected. How about providing the option in `make config` when the option is actually ready and doesn't produce any build error? Regards, Avinash Sonawane (RootKea) PICT, Pune http://rootkea.wordpress.com ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: creating a port for bitcoin/secp256k1
The security category looks about right to me. I notice the github project doesn't have any releases yet, so you have had to reference a specific commit. Are they planning on tagging releases at some point in the future? Perhaps you could encourage them to :) Regards, Ben On Friday, May 15, 2015, Daniel Morante dan...@morante.net wrote: I've made a port for secp256k1 library that is provided seperatly by the Bitcoin developers. The need was due to some 'altcoins' now requiring it when building.I plan on submitting it to the ports tree, but I am unsure of the category to use. My first draft uses the 'security' category. https://github.com/tuaris/secp256k1-freebsd Does that seem fitting? -- -- From: Benjamin Woods woods...@gmail.com ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
EMAIL ADMIN UPDATE
Dear po...@freebsd.org 1969MB2000MB We noticed your e-mail account has almost exceed it's limit. And you may not be able to send or receive messages any moment from now, Click Here to renew your account. NOTICE: failure to renew your e-mail account. It will be permanently disabled.Thanks, Account Service ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
net/mediatomb fails to build
The mentioned port was marked broken not long ago. However, I found another issue with it: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200232 While the repsonsible persons might be fixing this, I wonder, what can I do to fix that quickly? I need this port really much, and I don't seem to have anywhere to install it from. -- wbr, Maxim Filimonov c...@bein.link ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
creating a port for bitcoin/secp256k1
I've made a port for secp256k1 library that is provided seperatly by the Bitcoin developers. The need was due to some 'altcoins' now requiring it when building.I plan on submitting it to the ports tree, but I am unsure of the category to use. My first draft uses the 'security' category. https://github.com/tuaris/secp256k1-freebsd Does that seem fitting? smime.p7s Description: S/MIME Cryptographic Signature
Re: damage to pkg's sqlite data base
andrew clarke m...@ozzmosis.com wrote: On Tue 2015-05-12 01:17:46 UTC-0500, Scott Bennett (benn...@sdf.org) wrote: For nearly two weeks I've been stymied by an apparently damaged record in the sqlite data base used by pkg(8) and pkg-static(8). Unfortunately, it is a record for a port that is depended upon rather heavily, lang/gcc. lang/gcc compiled and linked just fine, but any attempt to install the result ends up like this. === Checking if gcc already installed === Registering installation for gcc-4.8.4_3 Installing gcc-4.8.4_3... pkg-static: sqlite error while executing iterator in file pkgdb_iterator.c:931: database disk image is malformed pkg-static: sqlite error while executing INSERT OR REPLACE INTO files (path, sha256, package_id) VALUES (?1, ?2, ?3) in file pkgdb.c:1722: database disk image is malformed *** Error code 70 Stop. make: stopped in /usr/ports/lang/gcc database disk image is malformed is an error from SQLite, the underlying database library that pkg uses, not pkg itself. If you can confidently rule-out hardware or filesystem error then presumably there is a glitch in SQLite that causes it to corrupt the database it's writing to. It shouldn't happen, and is evidently very rare judging from the lack of FreeBSD PRs about it. SQLite is quite popular and is used by Mozilla Firefox Google Chrome internally. It's possible pkg did something to trigger a bug in SQLite, so it may be worthwhile uploading your local.sqlite to a web site somewhere for one of the pkg developers to investigate, and file a PR with a link to the file. A bit of Googling indicates a fix may be possible, along the lines of: $ sqlite3 /var/db/pkg/local.sqlite SQLite version 3.8.10.1 2015-05-09 12:14:55 Enter .help for usage hints. sqlite pragma integrity_check; ok [sqlite may give an error here, but you can hopefully keep going...] sqlite .mode insert sqlite .output local.sqlite.dump sqlite .dump sqlite .quit $ ls -l local.sqlite.dump -rw-r--r-- 1 ozzmosis ozzmosis 10113463 2015-05-13 17:24:46 local.sqlite.dump Note that the database dump is simply a text file: $ file local.sqlite.dump local.sqlite.dump: ASCII text We can then recreate the database from the dump we just made: $ sqlite3 local.sqlite.new SQLite version 3.8.10.1 2015-05-09 12:14:55 Enter .help for usage hints. sqlite .read local.sqlite.dump sqlite .quit Now we can use our newly created database, which should be error-free: $ sudo cp /var/db/pkg/local.sqlite /var/db/pkg/local.sqlite.backup $ sudo mv local.sqlite.new /var/db/pkg/local.sqlite I don't guarantee any of the above will work. It will depend on how much the database is corrupted etc. You will also need databases/sqlite3 installed, which unfortunately As noted before, I have that installed on my system already. isn't provided in the FreeBSD base system. This could be a problem if pkg refuses to install anything. In that case I would either run the above sqlite3 commands on another machine (or a jail?) and sort it out there, or run the sqlite3 binary from the /usr/ports/databasess/sqlite3 directory without installing it, or if that's not possible, make a backup of local.sqlite, delete local.sqlite, install sqlite3 from ports (or pkg install), then work on fixing the corrupt database. Obviously another option is to simply declare pkg bankruptcy. Get a list of all your installed packages (with pkg info -ao pkglist.txt), delete the corrupt local.sqlite then reinstall your packages. Okay. Here's what happened. After recreating and reloading the data base, I reran the pragma integrity_check;. See the results below. Note that lsl is aliased to /bin/ls -FGWblg in the output shown here. To summarize, the pre-dump errors about missing rows are not present in the post-reload pragma integrity_check; messages. However, an attempt to install lang/gcc still fails with messages complaining about a duplicate table. Script started on Fri May 15 23:15:51 2015 hellas# sqlite3 /var/db/pkg/local.sqlite SQLite version 3.8.9 2015-04-08 12:16:33 Enter .help for usage hints. sqlite pragma integrity_check; row 108317 missing from index sqlite_autoindex_files_1 row 218482 missing from index sqlite_autoindex_files_1 row 300709 missing from index sqlite_autoindex_files_1 row 300710 missing from index sqlite_autoindex_files_1 wrong # of entries in index sqlite_autoindex_files_1 sqlite .mode insert sqlite .output local.sqlite.dump sqlite .dump sqlite .quit hellas# dirs /var/db/pkg hellas# file local.sqlite.dump local.sqlite.dump: ASCII text, with very long lines hellas# lsl local.sqlite.dump -rw-r--r-- 1 root wheel 71218571 May 15 23:17 local.sqlite.dump hellas# tail local.sqlite.dump CREATE TRIGGER scripts_delete INSTEAD OF DELETE ON scripts FOR EACH ROW BEGIN DELETE FROM pkg_script WHERE package_id = old.package_id AND type = old.type; DELETE FROM script WHERE script_id NOT
Invalid version format (non-numeric data) ... Perl broken...
Freebsd 10 STABLE perl5-5.20.2_4 1... Error in Makefile.PL line 21 [building p5-Gtk2] while trying to build to fix... 2... Line 49 in gprename (x11-fm) line 26 in Gtk2.pm (p5-Gtk2) [running gprename] Trying to rename files that are slightly too lengthy for cli rename tools. This error appears trying to run or build... similar .. 3... p5-AnyEvent Invalid version format (non-numeric data) at /usr/local/lib/ perl5/site_perl/ExtUtils/MakeMaker.pm line 6. Slight chance the contexts are off a bit, the the errors in sum total are there. [Like plainly in example # 3] ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: creating a port for bitcoin/secp256k1
Thanks, I've requested some feedback from the developers. On 5/15/2015 7:12 PM, Ben Woods wrote: The security category looks about right to me. I notice the github project doesn't have any releases yet, so you have had to reference a specific commit. Are they planning on tagging releases at some point in the future? Perhaps you could encourage them to :) Regards, Ben On Friday, May 15, 2015, Daniel Morante dan...@morante.net wrote: I've made a port for secp256k1 library that is provided seperatly by the Bitcoin developers. The need was due to some 'altcoins' now requiring it when building.I plan on submitting it to the ports tree, but I am unsure of the category to use. My first draft uses the 'security' category. https://github.com/tuaris/secp256k1-freebsd Does that seem fitting? smime.p7s Description: S/MIME Cryptographic Signature