openoffice vulnerability?

2015-05-15 Thread George Mitchell 
Nightly security report sez:

Checking for packages with security vulnerabilities:
Database fetched: Thu May 14 03:10:05 EDT 2015
apache-openoffice-4.1.1_9

I first got this last week for version 4.1.1_7 and consequently updated
my ports tree and rebuilt, specifically including changeset 385792:

Add a patch to fix the HWP filter vulnerability documented in
CVE-2015-1774 and
http://www.openoffice.org/security/cves/CVE-2015-1774.html

Approved by:mat (mentor)
MFH:2015Q2
Security:   b13af778-f4fc-11e4-a95d-ac9e174be3af
Differential Revision:  https://reviews.freebsd.org/D2478


So is it still broken, or did another vulnerability already crop up?
-- George
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org

Re: FreeBSD make install in graphics/graphviz : Compilation failed unexpectedly

2015-05-15 Thread Avinash Sonawane 
On Thu, May 14, 2015 at 7:25 PM, Avinash Sonawane root...@gmail.com wrote:

 The problem was, as the maintainer of graphviz suggested, that I had
 selected PHP bindings in `make config` which was failing the
 compilation.

But then if selecting PHP bindings option in `make config` produces
compile error then why to have PHP bindings option in the first
place?

It seems as if the work on PHP bindings option is going on but till
the option is fully ready to compile what's the point in having it in
`make config`?

It'll only lead to compilation failure and ultimately frustration of
user just to realize PHP bindings option doesn't work while building
graphviz and then starting the build again with PHP bindings not
selected.

How about providing the option in `make config` when the option is
actually ready and doesn't produce any build error?

Regards,
Avinash Sonawane (RootKea)
PICT, Pune
http://rootkea.wordpress.com
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org

Re: creating a port for bitcoin/secp256k1

2015-05-15 Thread Ben Woods 
The security category looks about right to me.

I notice the github project doesn't have any releases yet, so you have had
to reference a specific commit. Are they planning on tagging releases at
some point in the future? Perhaps you could encourage them to :)

Regards,
Ben

On Friday, May 15, 2015, Daniel Morante dan...@morante.net wrote:

 I've made a port for secp256k1 library that is provided seperatly by the
 Bitcoin developers.  The need was due to some 'altcoins' now requiring it
 when building.I plan on submitting it to the ports tree, but I am
 unsure of the category to use.

 My first draft uses the 'security' category.

 https://github.com/tuaris/secp256k1-freebsd

 Does that seem fitting?



-- 

--
From: Benjamin Woods
woods...@gmail.com
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org

EMAIL ADMIN UPDATE

2015-05-15 Thread ADMINMAIL 
Dear po...@freebsd.org
 
   1969MB2000MB
 We noticed your e-mail account has almost exceed it's limit. And you may not 
be able to send or receive messages any moment from now,  Click Here to renew 
your account. NOTICE:   failure to renew your e-mail account. It will be 
permanently disabled.Thanks,  Account Service 
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org

net/mediatomb fails to build

2015-05-15 Thread Maxim V Filimonov 
The mentioned port was marked broken not long ago. However, I found another 
issue with it: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200232

While the repsonsible persons might be fixing this, I wonder, what can I do to 
fix that quickly? I need this port really much, and I don't seem to have 
anywhere to install it from.
-- 
wbr, Maxim Filimonov c...@bein.link
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org

creating a port for bitcoin/secp256k1

2015-05-15 Thread Daniel Morante 
I've made a port for secp256k1 library that is provided seperatly by the 
Bitcoin developers.  The need was due to some 'altcoins' now requiring 
it when building.I plan on submitting it to the ports tree, but I am 
unsure of the category to use.


My first draft uses the 'security' category.

https://github.com/tuaris/secp256k1-freebsd

Does that seem fitting?



smime.p7s
Description: S/MIME Cryptographic Signature

Re: damage to pkg's sqlite data base

2015-05-15 Thread Scott Bennett 
andrew clarke m...@ozzmosis.com wrote:

 On Tue 2015-05-12 01:17:46 UTC-0500, Scott Bennett (benn...@sdf.org) wrote:

   For nearly two weeks I've been stymied by an apparently damaged record
  in the sqlite data base used by pkg(8) and pkg-static(8).  Unfortunately,
  it is a record for a port that is depended upon rather heavily, lang/gcc.
  lang/gcc compiled and linked just fine, but any attempt to install the 
  result
  ends up like this.
  
  ===  Checking if gcc already installed
  ===   Registering installation for gcc-4.8.4_3
  Installing gcc-4.8.4_3...
  pkg-static: sqlite error while executing iterator in file 
  pkgdb_iterator.c:931: database disk image is malformed
  pkg-static: sqlite error while executing INSERT OR REPLACE INTO files 
  (path, sha256, package_id) VALUES (?1, ?2, ?3) in file pkgdb.c:1722: 
  database disk image is malformed
  *** Error code 70
  
  Stop.
  make: stopped in /usr/ports/lang/gcc

 database disk image is malformed is an error from SQLite, the
 underlying database library that pkg uses, not pkg itself.

 If you can confidently rule-out hardware or filesystem error then
 presumably there is a glitch in SQLite that causes it to corrupt the
 database it's writing to. It shouldn't happen, and is evidently very
 rare judging from the lack of FreeBSD PRs about it.

 SQLite is quite popular and is used by Mozilla Firefox  Google Chrome
 internally.

 It's possible pkg did something to trigger a bug in SQLite, so it may
 be worthwhile uploading your local.sqlite to a web site somewhere for
 one of the pkg developers to investigate, and file a PR with a link to
 the file.

 A bit of Googling indicates a fix may be possible, along the lines of:

 $ sqlite3 /var/db/pkg/local.sqlite
 SQLite version 3.8.10.1 2015-05-09 12:14:55
 Enter .help for usage hints.
 sqlite pragma integrity_check;
 ok

 [sqlite may give an error here, but you can hopefully keep going...]

 sqlite .mode insert
 sqlite .output local.sqlite.dump
 sqlite .dump
 sqlite .quit

 $ ls -l local.sqlite.dump 
 -rw-r--r--  1 ozzmosis  ozzmosis  10113463 2015-05-13 17:24:46 
 local.sqlite.dump

 Note that the database dump is simply a text file:

 $ file local.sqlite.dump
 local.sqlite.dump: ASCII text

 We can then recreate the database from the dump we just made:

 $ sqlite3 local.sqlite.new
 SQLite version 3.8.10.1 2015-05-09 12:14:55
 Enter .help for usage hints.
 sqlite .read local.sqlite.dump 
 sqlite .quit

 Now we can use our newly created database, which should be error-free:

 $ sudo cp /var/db/pkg/local.sqlite /var/db/pkg/local.sqlite.backup
 $ sudo mv local.sqlite.new /var/db/pkg/local.sqlite

 I don't guarantee any of the above will work. It will depend on how
 much the database is corrupted etc.

 You will also need databases/sqlite3 installed, which unfortunately

 As noted before, I have that installed on my system already.

 isn't provided in the FreeBSD base system. This could be a problem if
 pkg refuses to install anything. In that case I would either run the
 above sqlite3 commands on another machine (or a jail?) and sort it out
 there, or run the sqlite3 binary from the
 /usr/ports/databasess/sqlite3 directory without installing it, or if
 that's not possible, make a backup of local.sqlite, delete
 local.sqlite, install sqlite3 from ports (or pkg install), then work
 on fixing the corrupt database.

 Obviously another option is to simply declare pkg bankruptcy. Get a
 list of all your installed packages (with pkg info -ao  pkglist.txt),
 delete the corrupt local.sqlite then reinstall your packages.

 Okay.  Here's what happened.  After recreating and reloading the
data base, I reran the pragma integrity_check;.  See the results below.
Note that lsl is aliased to /bin/ls -FGWblg in the output shown here.
To summarize, the pre-dump errors about missing rows are not present in
the post-reload pragma integrity_check; messages.  However, an attempt
to install lang/gcc still fails with messages complaining about a duplicate
table.

Script started on Fri May 15 23:15:51 2015
hellas# sqlite3 /var/db/pkg/local.sqlite
SQLite version 3.8.9 2015-04-08 12:16:33
Enter .help for usage hints.
sqlite pragma integrity_check;
row 108317 missing from index sqlite_autoindex_files_1
row 218482 missing from index sqlite_autoindex_files_1
row 300709 missing from index sqlite_autoindex_files_1
row 300710 missing from index sqlite_autoindex_files_1
wrong # of entries in index sqlite_autoindex_files_1
sqlite .mode insert
sqlite .output local.sqlite.dump
sqlite .dump
sqlite .quit
hellas# dirs
/var/db/pkg 
hellas# file local.sqlite.dump 
local.sqlite.dump: ASCII text, with very long lines
hellas# lsl local.sqlite.dump
-rw-r--r--  1 root  wheel  71218571 May 15 23:17 local.sqlite.dump
hellas# tail local.sqlite.dump 
CREATE TRIGGER scripts_delete INSTEAD OF DELETE ON scripts FOR EACH ROW BEGIN 
DELETE FROM pkg_script WHERE package_id = old.package_id AND type = old.type; 
DELETE FROM script WHERE script_id NOT

Invalid version format (non-numeric data) ... Perl broken...

2015-05-15 Thread Jeffrey Bouquet via freebsd-ports 
Freebsd 10 STABLE

perl5-5.20.2_4

1...
Error in Makefile.PL line 21
[building p5-Gtk2]
while trying to build to fix...

2...
Line 49 in gprename (x11-fm)
line 26 in Gtk2.pm (p5-Gtk2)
[running gprename]

Trying to rename files that are slightly too lengthy for
cli rename tools.  This error appears trying to run or build...

similar
..
3...
p5-AnyEvent
Invalid version format (non-numeric data)  at /usr/local/lib/
perl5/site_perl/ExtUtils/MakeMaker.pm  line 6.

Slight chance the contexts are off a bit, the the errors in sum total
are there.  [Like plainly in example # 3]
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org

Re: creating a port for bitcoin/secp256k1

2015-05-15 Thread Daniel Morante 

Thanks, I've requested some feedback from the developers.

On 5/15/2015 7:12 PM, Ben Woods wrote:

The security category looks about right to me.

I notice the github project doesn't have any releases yet, so you have had
to reference a specific commit. Are they planning on tagging releases at
some point in the future? Perhaps you could encourage them to :)

Regards,
Ben

On Friday, May 15, 2015, Daniel Morante dan...@morante.net wrote:


I've made a port for secp256k1 library that is provided seperatly by the
Bitcoin developers.  The need was due to some 'altcoins' now requiring it
when building.I plan on submitting it to the ports tree, but I am
unsure of the category to use.

My first draft uses the 'security' category.

https://github.com/tuaris/secp256k1-freebsd

Does that seem fitting?







smime.p7s
Description: S/MIME Cryptographic Signature