Re: sparc64 bulk build report
On Mon, Oct 08, 2018 at 11:51:35PM +0200, Rafael Sadowski wrote:
> On Sun Oct 07, 2018 at 04:05:30PM -0600, lan...@openbsd.org wrote:
> > http://build-failures.rhaalovely.net//sparc64/2018-09-30/security/hashdeep.log
>
> I can reproduce the compiler error. hashdeep needs a C++11 compiler.
> Tested with ports-gcc and base-clang on amd64 but should build on
> sparc64 too.
Confirmed (and tested on amd64). OK feinerer@
> Index: Makefile
> ===
> RCS file: /cvs/ports/security/hashdeep/Makefile,v
> retrieving revision 1.2
> diff -u -p -u -p -r1.2 Makefile
> --- Makefile 6 Jul 2018 19:01:21 - 1.2
> +++ Makefile 8 Oct 2018 21:48:29 -
> @@ -5,6 +5,7 @@ COMMENT = tools to compute hashes recur
> GH_ACCOUNT = jessek
> GH_PROJECT = hashdeep
> GH_TAGNAME = v4.4
> +REVISION = 0
>
> CATEGORIES = security
>
> @@ -15,6 +16,9 @@ PERMIT_PACKAGE_CDROM = Yes
>
> WANTLIB += ${COMPILER_LIBCXX} c m
>
> +# C++11 nullptr
> +COMPILER = base-clang ports-clang ports-gcc
> +
> BUILD_DEPENDS = ${MODGNU_AUTOCONF_DEPENDS} \
> ${MODGNU_AUTOMAKE_DEPENDS}
>
> @@ -25,6 +29,8 @@ AUTOCONF_VERSION = 2.69
> AUTOMAKE_VERSION = 1.15
>
> NO_TEST =Yes
> +
> +CXXFLAGS = -std=c++11
>
> pre-configure:
> cd ${WRKSRC} && \
[Hopefully fixed] devel/hs-Diff
Thanks to Brian and Matthias Kilian, hopefully the attached tgz is better. Fixes: no revision number, homepage removed because it was uninformative, PLIST fixed (I think -- not sure about this), license changed to BSD. Happy for any further feedback which I'll apply to the other 50+ ports on the way through to hledger. hs-Diff.tgz Description: application/gtar-compressed
Collision in py-six-1.11.0 and py-llvm-6.0.1p0
Hi, While upgrading, I saw the following: Collision in py-llvm-6.0.1->6.0.1p0: the following files already exist /usr/local/lib/python2.7/site-packages/six.py (py-six-1.11.0 and py-llvm-6.0.1p0) $ pkg_locate '*2.7/site-packages/six.py' py-llvm-6.0.1p0:devel/llvm,-python:/usr/local/lib/python2.7/site-packages/six.py py-six-1.11.0:devel/py-six:/usr/local/lib/python2.7/site-packages/six.py Thanks. -- Sebastien Marie
UPDATE: net/tinc (CVE-2018-16737, CVE-2018-16738, CVE-2018-16758) and quirks
Hi All,
simple security update. This release prevent from the following CVEs:
oracle attacks (CVE-2018-16737, CVE-2018-16738).
MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
Our patched also merged upstream. OK before ports look?
Best regards,
Rafael
Index: devel/quirks/Makefile
===
RCS file: /cvs/ports/devel/quirks/Makefile,v
retrieving revision 1.621
diff -u -p -r1.621 Makefile
--- devel/quirks/Makefile 8 Oct 2018 12:08:08 - 1.621
+++ devel/quirks/Makefile 9 Oct 2018 05:06:26 -
@@ -5,7 +5,7 @@ CATEGORIES =devel databases
DISTFILES =
# API.rev
-PKGNAME = quirks-3.14
+PKGNAME = quirks-3.15
PKG_ARCH = *
MAINTAINER = Marc Espie
Index: devel/quirks/files/Quirks.pm
===
RCS file: /cvs/ports/devel/quirks/files/Quirks.pm,v
retrieving revision 1.635
diff -u -p -r1.635 Quirks.pm
--- devel/quirks/files/Quirks.pm8 Oct 2018 12:08:08 - 1.635
+++ devel/quirks/files/Quirks.pm9 Oct 2018 05:06:26 -
@@ -1194,6 +1194,7 @@ my $cve = {
'www/p5-CGI-Application' => 'p5-CGI-Application-<4.50p0',
'www/webkitgtk4' => 'webkitgtk4-<2.20.5',
'x11/gnome/gdm' => 'gdm-<3.28.3',
+ 'net/tinc' => 'tinc-<1.0.35v0',
};
# please maintain sort order in above $cve list, future updates need to
# replace existing entries
Index: net/tinc/Makefile
===
RCS file: /cvs/ports/net/tinc/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- net/tinc/Makefile 16 Jun 2018 11:20:29 - 1.10
+++ net/tinc/Makefile 9 Oct 2018 05:06:26 -
@@ -1,7 +1,7 @@
# $OpenBSD: Makefile,v 1.10 2018/06/16 11:20:29 rsadowski Exp $
COMMENT = Virtual Private Network (VPN) daemon
-DISTNAME = tinc-1.0.34
+DISTNAME = tinc-1.0.35
CATEGORIES = net security
EPOCH =0
Index: net/tinc/distinfo
===
RCS file: /cvs/ports/net/tinc/distinfo,v
retrieving revision 1.8
diff -u -p -r1.8 distinfo
--- net/tinc/distinfo 16 Jun 2018 11:20:29 - 1.8
+++ net/tinc/distinfo 9 Oct 2018 05:06:26 -
@@ -1,2 +1,2 @@
-SHA256 (tinc-1.0.34.tar.gz) = wDqbYd7dRSEW3ZqNsjFUW6CKfJa84BHgy9PP0sVtz9o=
-SIZE (tinc-1.0.34.tar.gz) = 484174
+SHA256 (tinc-1.0.35.tar.gz) = GMg7FHzD4hM6esJUPusBTVIHDeAcdHQofTzOzJsWiV4=
+SIZE (tinc-1.0.35.tar.gz) = 499277
Index: net/tinc/patches/patch-doc_tinc_texi
===
RCS file: net/tinc/patches/patch-doc_tinc_texi
diff -N net/tinc/patches/patch-doc_tinc_texi
--- net/tinc/patches/patch-doc_tinc_texi16 Jun 2018 11:20:29 -
1.8
+++ /dev/null 1 Jan 1970 00:00:00 -
@@ -1,22 +0,0 @@
-$OpenBSD: patch-doc_tinc_texi,v 1.8 2018/06/16 11:20:29 rsadowski Exp $
-Index: doc/tinc.texi
doc/tinc.texi.orig
-+++ doc/tinc.texi
-@@ -2075,7 +2075,7 @@ In switch or hub modes ARP does work so the sender alr
- In those modes every interface should have a unique MAC address, so make sure
they are not the same.
- Because switch and hub modes rely on MAC addresses to function correctly,
- these modes cannot be used on the following operating systems which don't
have a `tap' style virtual network device:
--OpenBSD, NetBSD, Darwin and Solaris.
-+NetBSD, Darwin and Solaris.
-
-
- @c ==
-@@ -2503,8 +2503,6 @@ For IPv6 addresses:
- On some platforms, when running tinc in switch mode, the VPN interface must
be set to tap mode with an ifconfig command:
-
- @multitable {Darwin (Mac OS X)} {ifconfig route add -bla network address
netmask netmask prefixlength interface}
--@item OpenBSD
--@tab @code{ifconfig} @var{interface} @code{link0}
- @end multitable
-
- On Linux, it is possible to create a persistent tun/tap interface which will
Index: net/tinc/pkg/PLIST
===
RCS file: /cvs/ports/net/tinc/pkg/PLIST,v
retrieving revision 1.3
diff -u -p -r1.3 PLIST
--- net/tinc/pkg/PLIST 18 Apr 2018 10:19:02 - 1.3
+++ net/tinc/pkg/PLIST 9 Oct 2018 05:06:26 -
@@ -1,15 +1,16 @@
@comment $OpenBSD: PLIST,v 1.3 2018/04/18 10:19:02 kn Exp $
@newgroup _tinc:759
@newuser _tinc:759:_tinc:daemon:tinc user:/var/empty:/sbin/nologin
+@rcscript ${RCDIR}/tincd
@info info/tinc.info
@man man/man5/tinc.conf.5
@man man/man8/tincd.8
@bin sbin/tincd
share/examples/tinc/
share/examples/tinc/hosts/
+@mode 750
@owner root
@group _tinc
-@mode 750
@sample ${SYSCONFDIR}/tinc/
@sample ${SYSCONFDIR}/tinc/example/
@sample ${SYSCONFDIR}/tinc/example/hosts/
@@ -20,8 +21,6 @@ share/examples/tinc/hosts/beta
@sample ${SYSCONFDIR}/tinc/example/hosts/beta
share/examples/tinc/rsa_key.priv
@sample ${SYSCONFDIR}/tinc/example/rs
Re: sparc64 bulk build report
Rafael Sadowski writes: > On Sun Oct 07, 2018 at 04:05:30PM -0600, lan...@openbsd.org wrote: > > http://build-failures.rhaalovely.net//sparc64/2018-09-30/net/megatools.log > > Unbreak megatools. The build needs a C99 or C11 compiler. > +# C99 > +COMPILER = base-clang ports-clang ports-gcc ... > +CFLAGS +=-std=c99 Surely only one or the other is necessary? GCC 4.2 supports -std=c99, it just doesn't default to it.
Re: adding git to quirks
On Mon, Oct 08 2018, Daniel Jakots wrote:
> On Sat, 6 Oct 2018 14:13:26 -0400, Daniel Jakots
> wrote:
>
>> We should add git to quirks because it fixes a security problem.
>> Should we add all the subpackages or only -main?
If in doubt, add all of them. Please see below,
> Updated diff after Marc's changes
>
> Index: Makefile
> ===
> RCS file: /cvs/ports/devel/quirks/Makefile,v
> retrieving revision 1.621
> diff -u -p -r1.621 Makefile
> --- Makefile 8 Oct 2018 12:08:08 - 1.621
> +++ Makefile 8 Oct 2018 13:31:11 -
> @@ -5,7 +5,7 @@ CATEGORIES = devel databases
> DISTFILES =
>
> # API.rev
> -PKGNAME =quirks-3.14
> +PKGNAME =quirks-3.15
> PKG_ARCH = *
> MAINTAINER = Marc Espie
>
> Index: files/Quirks.pm
> ===
> RCS file: /cvs/ports/devel/quirks/files/Quirks.pm,v
> retrieving revision 1.635
> diff -u -p -r1.635 Quirks.pm
> --- files/Quirks.pm 8 Oct 2018 12:08:08 - 1.635
> +++ files/Quirks.pm 8 Oct 2018 13:31:11 -
> @@ -1157,6 +1157,9 @@ my $cve = {
> 'databases/mariadb,-server' => 'mariadb-server-<10.0.36',
> 'databases/postgresql,-main' => 'postgresql-client-<10.5',
> 'databases/postgresql,-server' => 'postgresql-server-<10.5',
> + 'devel/git,-main' => 'git-main-<2.19.1',
Should be
+ 'devel/git,-main' => 'git-<2.19.1',
With that, ok jca@
> + 'devel/git,-svn' => 'git-svn-<2.19.1',
> + 'devel/git,-x11' => 'git-x11-<2.19.1',
> 'devel/mercurial,-main' => 'mercurial-<4.5.3p1',
> 'devel/mercurial,-x11' => 'mercurial-x11-<4.5.3p1',
> 'devel/pcre' => 'pcre-<8.38',
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: sparc64 bulk build report
On Sun Oct 07, 2018 at 04:05:30PM -0600, lan...@openbsd.org wrote:
> http://build-failures.rhaalovely.net//sparc64/2018-09-30/security/hashdeep.log
I can reproduce the compiler error. hashdeep needs a C++11 compiler.
Tested with ports-gcc and base-clang on amd64 but should build on
sparc64 too.
Index: Makefile
===
RCS file: /cvs/ports/security/hashdeep/Makefile,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 Makefile
--- Makefile6 Jul 2018 19:01:21 - 1.2
+++ Makefile8 Oct 2018 21:48:29 -
@@ -5,6 +5,7 @@ COMMENT = tools to compute hashes recur
GH_ACCOUNT = jessek
GH_PROJECT = hashdeep
GH_TAGNAME = v4.4
+REVISION = 0
CATEGORIES = security
@@ -15,6 +16,9 @@ PERMIT_PACKAGE_CDROM =Yes
WANTLIB += ${COMPILER_LIBCXX} c m
+# C++11 nullptr
+COMPILER = base-clang ports-clang ports-gcc
+
BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \
${MODGNU_AUTOMAKE_DEPENDS}
@@ -25,6 +29,8 @@ AUTOCONF_VERSION =2.69
AUTOMAKE_VERSION = 1.15
NO_TEST = Yes
+
+CXXFLAGS = -std=c++11
pre-configure:
cd ${WRKSRC} && \
Re: sparc64 bulk build report
On Sun Oct 07, 2018 at 04:05:30PM -0600, lan...@openbsd.org wrote:
> http://build-failures.rhaalovely.net//sparc64/2018-09-30/www/libsass.log
I run in the same compiler error with `CC=gcc CXX=g++ make`. Base gcc is
missing C++0x suport. Simple fix:
Index: Makefile
===
RCS file: /cvs/ports/www/libsass/Makefile,v
retrieving revision 1.3
diff -u -p -u -p -r1.3 Makefile
--- Makefile26 Apr 2018 08:31:29 - 1.3
+++ Makefile8 Oct 2018 21:17:57 -
@@ -5,6 +5,7 @@ COMMENT = C/C++ implementation of a Sas
GH_ACCOUNT = sass
GH_PROJECT = libsass
GH_TAGNAME = 3.5.4
+REVISION = 0
SHARED_LIBS += sass 0.0 # 0.0
@@ -18,6 +19,9 @@ CATEGORIES = www
PERMIT_PACKAGE_CDROM = Yes
WANTLIB = ${COMPILER_LIBCXX} m
+
+# c++0x
+COMPILER = base-clang ports-clang ports-gcc
BUILD_DEPENDS =${MODGNU_AUTOCONF_DEPENDS} \
${MODGNU_AUTOMAKE_DEPENDS} \
Re: sparc64 bulk build report
On Sun Oct 07, 2018 at 04:05:30PM -0600, lan...@openbsd.org wrote: > http://build-failures.rhaalovely.net//sparc64/2018-09-30/net/megatools.log Unbreak megatools. The build needs a C99 or C11 compiler. Index: Makefile === RCS file: /cvs/ports/net/megatools/Makefile,v retrieving revision 1.15 diff -u -p -u -p -r1.15 Makefile --- Makefile8 Sep 2018 21:50:08 - 1.15 +++ Makefile8 Oct 2018 21:07:18 - @@ -5,6 +5,7 @@ PORTROACH = limit:[0-9]\.tar\.gz COMMENT = command line client application for Mega DISTNAME = megatools-1.10.2 +REVISION = 0 CATEGORIES = net @@ -20,6 +21,9 @@ WANTLIB += ssl MASTER_SITES = https://megatools.megous.com/builds/ +# C99 +COMPILER = base-clang ports-clang ports-gcc + BUILD_DEPENDS =devel/gobject-introspection \ textproc/asciidoc LIB_DEPENDS = devel/glib2 \ @@ -30,6 +34,8 @@ CONFIGURE_STYLE = gnu MAKE_FLAGS = VERBOSE=1 CONFIGURE_ARGS = --disable-introspection + +CFLAGS += -std=c99 SEPARATE_BUILD = Yes
Re: security/encfs build tweaks
Reads OK, but hold off until *after* we are done with 6.4. On 2018/10/08 22:46, Rafael Sadowski wrote: > Hi All! > > Please find below a diff to disable git searching at build-time and add > python as build only depend. > > With the diff: > > -- Found Threads: TRUE > -- Looking for C++ include syslog.h > -- Looking for C++ include syslog.h - found > -- Enabled syslog logging support > -- Found Intl: /usr/local/include > -- Found Gettext: /usr/local/bin/msgmerge (found version "0.19.8.1") > -- clang-tidy check skipped, need newer cmake > -- Found TinyXML: /usr/local/include > -- Using vendored Easylogging++ > -- Setting C++11 > -- Found PythonInterp: /usr/local/bin/python2.7 (found version "2.7.15") > -- git Version: v0.0.0 > -- Version: 0.0.0 > > without: > > -- Found Threads: TRUE > -- Looking for C++ include syslog.h > -- Looking for C++ include syslog.h - found > -- Enabled syslog logging support > -- Found Intl: /usr/local/include > -- Found Gettext: /usr/local/bin/msgmerge (found version "0.19.8.1") > -- clang-tidy check skipped, need newer cmake > -- Found TinyXML: /usr/local/include > -- Using vendored Easylogging++ > -- Setting C++11 > -- Found PythonInterp: /usr/local/bin/python (found version "2.7.15") > -- Found Git: /usr/local/bin/git (found version "2.19.1") > -- git Version: v0.0.0 > -- Version: 0.0.0 > > Ok? > > > Index: Makefile > === > RCS file: /cvs/ports/security/encfs/Makefile,v > retrieving revision 1.19 > diff -u -p -u -p -r1.19 Makefile > --- Makefile 26 Aug 2018 11:47:10 - 1.19 > +++ Makefile 8 Oct 2018 20:39:34 - > @@ -4,7 +4,7 @@ COMMENT = fuse-based cryptographic file > > V = 1.9.5 > DISTNAME = encfs-$V > -REVISION = 0 > +REVISION = 1 > > CATEGORIES = security > > @@ -19,12 +19,18 @@ MASTER_SITES =https://github.com/vgoug > > COMPILER = base-clang ports-clang ports-gcc > > -MODULES =devel/cmake > +MODULES =devel/cmake \ > + lang/python > + > +MODPY_RUNDEP = No > + > BUILD_DEPENDS = devel/gettext-tools > LIB_DEPENDS =devel/gettext \ > textproc/tinyxml2 > > -CONFIGURE_ARGS = -DUSE_INTERNAL_TINYXML:Bool=Off > +CONFIGURE_ARGS = -DUSE_INTERNAL_TINYXML=Off \ > + -DCMAKE_DISABLE_FIND_PACKAGE_Git=On > + > CONFIGURE_ENV = CXXFLAGS="-DHAVE_UTIMENSAT > -D_DIRENT_HAVE_D_TYPE" > > TEST_TARGET =unittests test >
security/encfs build tweaks
Hi All! Please find below a diff to disable git searching at build-time and add python as build only depend. With the diff: -- Found Threads: TRUE -- Looking for C++ include syslog.h -- Looking for C++ include syslog.h - found -- Enabled syslog logging support -- Found Intl: /usr/local/include -- Found Gettext: /usr/local/bin/msgmerge (found version "0.19.8.1") -- clang-tidy check skipped, need newer cmake -- Found TinyXML: /usr/local/include -- Using vendored Easylogging++ -- Setting C++11 -- Found PythonInterp: /usr/local/bin/python2.7 (found version "2.7.15") -- git Version: v0.0.0 -- Version: 0.0.0 without: -- Found Threads: TRUE -- Looking for C++ include syslog.h -- Looking for C++ include syslog.h - found -- Enabled syslog logging support -- Found Intl: /usr/local/include -- Found Gettext: /usr/local/bin/msgmerge (found version "0.19.8.1") -- clang-tidy check skipped, need newer cmake -- Found TinyXML: /usr/local/include -- Using vendored Easylogging++ -- Setting C++11 -- Found PythonInterp: /usr/local/bin/python (found version "2.7.15") -- Found Git: /usr/local/bin/git (found version "2.19.1") -- git Version: v0.0.0 -- Version: 0.0.0 Ok? Index: Makefile === RCS file: /cvs/ports/security/encfs/Makefile,v retrieving revision 1.19 diff -u -p -u -p -r1.19 Makefile --- Makefile26 Aug 2018 11:47:10 - 1.19 +++ Makefile8 Oct 2018 20:39:34 - @@ -4,7 +4,7 @@ COMMENT = fuse-based cryptographic file V =1.9.5 DISTNAME = encfs-$V -REVISION = 0 +REVISION = 1 CATEGORIES = security @@ -19,12 +19,18 @@ MASTER_SITES = https://github.com/vgoug COMPILER = base-clang ports-clang ports-gcc -MODULES = devel/cmake +MODULES = devel/cmake \ + lang/python + +MODPY_RUNDEP = No + BUILD_DEPENDS =devel/gettext-tools LIB_DEPENDS = devel/gettext \ textproc/tinyxml2 -CONFIGURE_ARGS = -DUSE_INTERNAL_TINYXML:Bool=Off +CONFIGURE_ARGS = -DUSE_INTERNAL_TINYXML=Off \ + -DCMAKE_DISABLE_FIND_PACKAGE_Git=On + CONFIGURE_ENV =CXXFLAGS="-DHAVE_UTIMENSAT -D_DIRENT_HAVE_D_TYPE" TEST_TARGET = unittests test
Re: adding git to quirks
On Mon, 8 Oct 2018 16:09:20 +0200, Marc Espie wrote: > Note that git could use the same model of simplification directly, > especially since its main subpackage is not even special. > > However, 3 subpackages is on the fence... does it make sense to > compactify stuff ? probably not... yeah I kept it this way because imo 3 subpackages were not worth the for loop ok for my diff or should I change it?
Re: adding git to quirks
On Mon, Oct 08, 2018 at 09:32:22AM -0400, Daniel Jakots wrote:
> On Sat, 6 Oct 2018 14:13:26 -0400, Daniel Jakots
> wrote:
>
> > We should add git to quirks because it fixes a security problem.
> > Should we add all the subpackages or only -main?
>
> Updated diff after Marc's changes
>
> Index: Makefile
> ===
> RCS file: /cvs/ports/devel/quirks/Makefile,v
> retrieving revision 1.621
> diff -u -p -r1.621 Makefile
> --- Makefile 8 Oct 2018 12:08:08 - 1.621
> +++ Makefile 8 Oct 2018 13:31:11 -
> @@ -5,7 +5,7 @@ CATEGORIES = devel databases
> DISTFILES =
>
> # API.rev
> -PKGNAME =quirks-3.14
> +PKGNAME =quirks-3.15
> PKG_ARCH = *
> MAINTAINER = Marc Espie
>
> Index: files/Quirks.pm
> ===
> RCS file: /cvs/ports/devel/quirks/files/Quirks.pm,v
> retrieving revision 1.635
> diff -u -p -r1.635 Quirks.pm
> --- files/Quirks.pm 8 Oct 2018 12:08:08 - 1.635
> +++ files/Quirks.pm 8 Oct 2018 13:31:11 -
> @@ -1157,6 +1157,9 @@ my $cve = {
> 'databases/mariadb,-server' => 'mariadb-server-<10.0.36',
> 'databases/postgresql,-main' => 'postgresql-client-<10.5',
> 'databases/postgresql,-server' => 'postgresql-server-<10.5',
> + 'devel/git,-main' => 'git-main-<2.19.1',
> + 'devel/git,-svn' => 'git-svn-<2.19.1',
> + 'devel/git,-x11' => 'git-x11-<2.19.1',
> 'devel/mercurial,-main' => 'mercurial-<4.5.3p1',
> 'devel/mercurial,-x11' => 'mercurial-x11-<4.5.3p1',
> 'devel/pcre' => 'pcre-<8.38',
Note that git could use the same model of simplification directly, especially
since its main subpackage is not even special.
However, 3 subpackages is on the fence... does it make sense to compactify
stuff ? probably not...
Re: adding git to quirks
On Sat, 6 Oct 2018 14:13:26 -0400, Daniel Jakots
wrote:
> We should add git to quirks because it fixes a security problem.
> Should we add all the subpackages or only -main?
Updated diff after Marc's changes
Index: Makefile
===
RCS file: /cvs/ports/devel/quirks/Makefile,v
retrieving revision 1.621
diff -u -p -r1.621 Makefile
--- Makefile8 Oct 2018 12:08:08 - 1.621
+++ Makefile8 Oct 2018 13:31:11 -
@@ -5,7 +5,7 @@ CATEGORIES =devel databases
DISTFILES =
# API.rev
-PKGNAME = quirks-3.14
+PKGNAME = quirks-3.15
PKG_ARCH = *
MAINTAINER = Marc Espie
Index: files/Quirks.pm
===
RCS file: /cvs/ports/devel/quirks/files/Quirks.pm,v
retrieving revision 1.635
diff -u -p -r1.635 Quirks.pm
--- files/Quirks.pm 8 Oct 2018 12:08:08 - 1.635
+++ files/Quirks.pm 8 Oct 2018 13:31:11 -
@@ -1157,6 +1157,9 @@ my $cve = {
'databases/mariadb,-server' => 'mariadb-server-<10.0.36',
'databases/postgresql,-main' => 'postgresql-client-<10.5',
'databases/postgresql,-server' => 'postgresql-server-<10.5',
+ 'devel/git,-main' => 'git-main-<2.19.1',
+ 'devel/git,-svn' => 'git-svn-<2.19.1',
+ 'devel/git,-x11' => 'git-x11-<2.19.1',
'devel/mercurial,-main' => 'mercurial-<4.5.3p1',
'devel/mercurial,-x11' => 'mercurial-x11-<4.5.3p1',
'devel/pcre' => 'pcre-<8.38',
Re: sparc64 bulk build report
On 2018/10/08 09:37, Stuart Henderson wrote: > On 2018/10/07 16:05, lan...@openbsd.org wrote: > > http://build-failures.rhaalovely.net//sparc64/2018-09-30/print/texlive/base.log > > Not new (same failure was present in 2018-07-31, but not in the previous > 2018-05-13 build), but that is annoying :( > > libxetex.a(libxetex_a-XeTeX_ext.o): In function `initversionstring': > XeTeX_ext.c:(.text+0x50c): undefined reference to `png_get_header_ver' > XeTeX_ext.c:(.text+0x5c0): undefined reference to `png_get_header_ver' > libxetex.a(libxetex_a-pngimage.o): In function `check_for_png': > pngimage.c:(.text+0xa0): undefined reference to `png_sig_cmp' > libxetex.a(libxetex_a-pngimage.o): In function `png_scan_file': > pngimage.c:(.text+0x130): undefined reference to `png_create_read_struct' > pngimage.c:(.text+0x140): undefined reference to `png_create_info_struct' > pngimage.c:(.text+0x154): undefined reference to `png_init_io' > pngimage.c:(.text+0x160): undefined reference to `png_read_info' > pngimage.c:(.text+0x16c): undefined reference to `png_get_image_width' > pngimage.c:(.text+0x17c): undefined reference to `png_get_image_height' > pngimage.c:(.text+0x18c): undefined reference to `png_get_bit_depth' > pngimage.c:(.text+0x19c): undefined reference to `png_get_x_pixels_per_meter' > pngimage.c:(.text+0x1cc): undefined reference to `png_get_y_pixels_per_meter' > pngimage.c:(.text+0x270): undefined reference to `png_destroy_info_struct' > pngimage.c:(.text+0x28c): undefined reference to `png_destroy_read_struct' > pngimage.c:(.text+0x2fc): undefined reference to `png_destroy_read_struct' > collect2: error: ld returned 1 exit status > > Does anyone have time to investigate? > > Guessing the libpng-1.6.35 update is the most likely cause. > Main difference in libpng-1.6.35 are png_size_t -> size_t change and build system regenerated with new autoconf/autobreak, and a lot of typo fixes, doesn't seem hugely likely to trigger this..
Re: NEW: games/pioneer
Thank you for the port Anthony! Compiles and runs fine on 6.3-stable on amd64. There is a bug in the 20180203 tag though: When you pause the game, you can sell 10% of your fuel indefinitely and the level of your ship's tank does not change. (i.e. infinite money) I've asked around on pioneer IRC channel and devs over there said that February tag is too old and there have been lots of fixes and improvements. I wasn't able to reproduce the bug with latest release (GH_COMMIT = 2df911dc2a70592cd54eb3e36820ff51621a5f09) The patch-contrib_imgui_imgui_draw_cpp does not apply anymore, but seems to be included correctly on OpenBSD. The game segfaults when I quit from the menu for me though. Jan On Thu, Oct 04, 2018 at 05:12:36AM -0600, Anthony J. Bentley wrote: > On Wed, Sep 19, 2018 at 3:55 AM Anthony J. Bentley wrote: > > Here's a port for pioneer, a game of lonely space and adventure. > > > > Pioneer is a space adventure game set in the Milky Way galaxy at the > > turn of the 31st century. > > > > The game is open-ended, and you are free to explore the millions of star > > systems in the game. You can land on planets, slingshot past gas giants, > > and burn yourself to a crisp flying between binary star systems. You can > > try your hand at piracy, make your fortune trading between systems, or > > do missions for the various factions fighting for power, freedom or > > self-determination. > > > > ok? > > Any interest in this port? > > -- > Anthony J. Bentley pioneer.tar.gz Description: application/tar-gz
Re: NEW: security/ossec-hids
On Thu, Oct 04, 2018 at 12:39:57PM +0100, Stuart Henderson wrote:
> On 2018/10/04 12:47, Paul Irofti wrote:
> > > Sorry I don't think it's ready for commit yet, there are a few problems ..
> >
> > Sure, thank you for reviewing this!
> >
> > > - Bad distfile name, it's already using an on-the-fly
> > > tarball from github anyway so the easy fix is to use the GH_* scaffolding
> > >
> > > - Compiler command lines are hidden which makes it hard to track down some
> > > problems in bulk build logs
> > >
> > > - Needs WANTLIB etc.
> > >
> > > (Diff for the above three attached)
> >
> > Thanks!
> >
> > > - In the build of the embedded copy of libz, it's forcing "gcc -O3"
> > > and for lua it does use ${CC} but forces -O2, looks like forced -O2 in
> > > ossec's own files too?
> >
> > I try not to touch hardcoded optimization levels. Which I know is a
> > faux-pas in our ports tree, but I tend to trust the software developers
> > more now that we have modern compilers in the tree.
> >
> > If needed, I will fix this.
>
> Some arches have modern compilers, but we had something that needed -O1
> to avoid a compiler problem just last week (and modern compilers keep
> adding more and more optimisations, and I'm not sure I trust people that
> came up with the build system to track this and know which levels are
> really safe on the various compilers that might be used..)
>
> > > - Patches have hardcoded /usr/local
> >
> > Yes. I thought that we decided against supporting other install
> > directories. I can substitute them for TRUEPREFIX if needed.
>
> espie has been fixing a bunch of things that don't do this recently,
> so I don't think that has been decided :)
>
> For "things relating to the current port" (connected with the install
> location etc) it's TRUEPREFIX, for "things from another port" it's
> LOCALBASE so that's what you need for CFLAGS/LDFLAGS lines etc.
>
> (I'm not convinced the distinction between TRUEPREFIX/LOCALBASE in ports
> makes sense, but that's how it's handled at the moment, so best to follow
> that and save Antoine from fixing it later ;)
Here is a new tarbal with the fixes from you included. OK?
ossec-hids.tgz
Description: application/tar-gz
Re: sparc64 bulk build report
On 2018/10/07 16:05, lan...@openbsd.org wrote: > http://build-failures.rhaalovely.net//sparc64/2018-09-30/print/texlive/base.log Not new (same failure was present in 2018-07-31, but not in the previous 2018-05-13 build), but that is annoying :( libxetex.a(libxetex_a-XeTeX_ext.o): In function `initversionstring': XeTeX_ext.c:(.text+0x50c): undefined reference to `png_get_header_ver' XeTeX_ext.c:(.text+0x5c0): undefined reference to `png_get_header_ver' libxetex.a(libxetex_a-pngimage.o): In function `check_for_png': pngimage.c:(.text+0xa0): undefined reference to `png_sig_cmp' libxetex.a(libxetex_a-pngimage.o): In function `png_scan_file': pngimage.c:(.text+0x130): undefined reference to `png_create_read_struct' pngimage.c:(.text+0x140): undefined reference to `png_create_info_struct' pngimage.c:(.text+0x154): undefined reference to `png_init_io' pngimage.c:(.text+0x160): undefined reference to `png_read_info' pngimage.c:(.text+0x16c): undefined reference to `png_get_image_width' pngimage.c:(.text+0x17c): undefined reference to `png_get_image_height' pngimage.c:(.text+0x18c): undefined reference to `png_get_bit_depth' pngimage.c:(.text+0x19c): undefined reference to `png_get_x_pixels_per_meter' pngimage.c:(.text+0x1cc): undefined reference to `png_get_y_pixels_per_meter' pngimage.c:(.text+0x270): undefined reference to `png_destroy_info_struct' pngimage.c:(.text+0x28c): undefined reference to `png_destroy_read_struct' pngimage.c:(.text+0x2fc): undefined reference to `png_destroy_read_struct' collect2: error: ld returned 1 exit status Does anyone have time to investigate? Guessing the libpng-1.6.35 update is the most likely cause.
UPDATE: net/onionshare
Hey,
attached is a update for net/onionshare. It updates onionshare to
version 1.3.1. (Changes:
https://github.com/micahflee/onionshare/releases/tag/v1.3.1)
+ license and readme.md files added.
--
fredl
Index: Makefile
===
RCS file: /cvs/ports/net/onionshare/Makefile,v
retrieving revision 1.2
diff -u -p -r1.2 Makefile
--- Makefile27 Jun 2018 21:04:00 - 1.2
+++ Makefile8 Oct 2018 08:26:37 -
@@ -6,7 +6,7 @@ COMMENT-gui = graphical user interface
GH_ACCOUNT = micahflee
GH_PROJECT = onionshare
GH_TAGNAME = v${MODPY_EGG_VERSION}
-MODPY_EGG_VERSION =1.3
+MODPY_EGG_VERSION =1.3.1
PKGNAME-main = onionshare-${MODPY_EGG_VERSION}
PKGNAME-gui = onionshare-gui-${MODPY_EGG_VERSION}
@@ -37,5 +37,15 @@ RUN_DEPENDS-gui =${RUN_DEPENDS} \
# XXX: not yet working
NO_TEST = Yes
+
+DOCDIR=${PREFIX}/share/doc/onionshare
+LICENSEDIR=${WRKSRC}/install/licenses
+
+post-install:
+ ${INSTALL_DATA_DIR} ${DOCDIR}
+ ${INSTALL_DATA} ${LICENSEDIR}/license-obfs4.txt ${DOCDIR}
+ ${INSTALL_DATA} ${LICENSEDIR}/license-onionshare.txt ${DOCDIR}
+ ${INSTALL_DATA} ${LICENSEDIR}/license-tor.txt ${DOCDIR}
+ ${INSTALL_DATA} ${WRKSRC}/README.md ${DOCDIR}
.include
Index: distinfo
===
RCS file: /cvs/ports/net/onionshare/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo9 Mar 2018 23:36:42 - 1.1.1.1
+++ distinfo8 Oct 2018 08:26:37 -
@@ -1,2 +1,2 @@
-SHA256 (onionshare-1.3.tar.gz) = AIkUctiW5AWg9y36jq+D2uyj3DG+Uz1uLIbyxTkUz+0=
-SIZE (onionshare-1.3.tar.gz) = 431352
+SHA256 (onionshare-1.3.1.tar.gz) = h+H6llSCBk6MfIvDIyb1dI/QOPfSr29RBWRE2yLvA1c=
+SIZE (onionshare-1.3.1.tar.gz) = 436741
Index: pkg/PLIST-main
===
RCS file: /cvs/ports/net/onionshare/pkg/PLIST-main,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 PLIST-main
--- pkg/PLIST-main 9 Mar 2018 23:36:42 - 1.1.1.1
+++ pkg/PLIST-main 8 Oct 2018 08:26:37 -
@@ -20,6 +20,11 @@ lib/python${MODPY_VERSION}/site-packages
lib/python${MODPY_VERSION}/site-packages/onionshare/strings.py
lib/python${MODPY_VERSION}/site-packages/onionshare/web.py
share/applications/
+share/doc/onionshare/
+share/doc/onionshare/README.md
+share/doc/onionshare/license-obfs4.txt
+share/doc/onionshare/license-onionshare.txt
+share/doc/onionshare/license-tor.txt
share/onionshare/
share/onionshare/html/
share/onionshare/html/404.html
@@ -42,7 +47,6 @@ share/onionshare/images/server_working.p
share/onionshare/images/settings.png
share/onionshare/images/web_file.png
share/onionshare/images/web_folder.png
-share/onionshare/license.txt
share/onionshare/locale/
share/onionshare/locale/cs.json
share/onionshare/locale/da.json
