Re: [MAINTAINER UPDATE] security/lego 4.9.0 -> 4.9.1
On Mon, 28 Nov 2022 16:17:41 -0500, Horia Racoviceanu wrote: > - Upgrade to v4.9.1 Committed, thanks!
Re: UPDATE: devel/dwz 0.14 => 0.15
Hi again Stuart -- On 11/29/2022 12:36 PM, Brian Callahan wrote: > Hi Stuart -- > > On 11/29/2022 11:25 AM, Stuart Henderson wrote: >> >> How about either using BUILD_DEPENDS on xxhash (on the :patch target, to >> avoid having to actually package xxhash) instead, or listing the xxhash >> tarball in DISTFILES? (even just copying it to files/xxhash.h would be >> a bit easier than adding a whole new file via a patch, at least it >> would then be directly diff'able). >> >> Example diff using :patch below. >> > > I think that's a great idea. I didn't even know you could do that. > > ~Brian > I tried the :patch idea. Unfortunately, it causes an infinite loop because xxhash has a BDEP on dwz, and now dwz has a BDEP on xxhash. Trying to use the tarball, it turns out the xxhash uses the GH_* variables because upstream xxhash doesn't provide release tarballs. So I tried another approach that downloads xxhash.h directly, so it is in distinfo and is diffable if needed. Let me know if this makes sense, or if there's something else I'm missing. ~Brian Index: Makefile === RCS file: /cvs/ports/devel/dwz/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- Makefile11 Mar 2022 18:50:00 - 1.6 +++ Makefile29 Nov 2022 23:40:09 - @@ -1,5 +1,8 @@ COMMENT = DWARF optimization and duplicate removal tool -DISTNAME = dwz-0.14 +PKGNAME = dwz-0.15 +XXHASH_V = 0.8.1 +DISTFILES =${PKGNAME}.tar.gz:0 \ + xxhash-${XXHASH_V}{xxhash}.h:1 CATEGORIES = devel @@ -11,7 +14,8 @@ PERMIT_PACKAGE = Yes WANTLIB += c elf -MASTER_SITES = https://sourceware.org/ftp/dwz/releases/ +MASTER_SITES0 =https://sourceware.org/ftp/dwz/releases/ +MASTER_SITES1 = https://raw.githubusercontent.com/Cyan4973/xxHash/v${XXHASH_V}/ DEBUG_PACKAGES = ${BUILD_PACKAGES} @@ -25,5 +29,23 @@ WRKDIST =${WRKDIR}/dwz # XXX bootstrap: DEBUG_PACKAGES needs a dwz binary to work DWZ = ${WRKBUILD}/dwz + +EXTRACT_ONLY = ${PKGNAME}.tar.gz + +post-extract: + cp ${DISTDIR}/xxhash-${XXHASH_V}.h ${WRKSRC}/xxhash.h + +.include +.if ${PROPERTIES:Mlp64} +CFLAGS += -DNATIVE_POINTER_SIZE=8 +.else +CFLAGS += -DNATIVE_POINTER_SIZE=4 +.endif + +.if ${PROPERTIES:Mle} +CFLAGS += -DNATIVE_ENDIAN_VAL=ELFDATA2LSB +.else +CFLAGS += -DNATIVE_ENDIAN_VAL=ELFDATA2MSB +.endif .include Index: distinfo === RCS file: /cvs/ports/devel/dwz/distinfo,v retrieving revision 1.2 diff -u -p -r1.2 distinfo --- distinfo8 Mar 2021 16:51:11 - 1.2 +++ distinfo29 Nov 2022 23:40:09 - @@ -1,2 +1,4 @@ -SHA256 (dwz-0.14.tar.gz) = MwBuq4df8KB/E/yIWIPFvZUU2D7OqfGLxGtXMt3fDR8= -SIZE (dwz-0.14.tar.gz) = 186623 +SHA256 (dwz-0.15.tar.gz) = 7VnGEuIEFeaX+8RRH1J+91cAe8VvoalU5JrKHans+0Q= +SHA256 (xxhash-0.8.1.h) = 1PK5G1R8eQYWSRhnIaazMWCfK/hZVIWiHqYxyC7D75M= +SIZE (dwz-0.15.tar.gz) = 192777 +SIZE (xxhash-0.8.1.h) = 209646 Index: patches/patch-Makefile === RCS file: /cvs/ports/devel/dwz/patches/patch-Makefile,v retrieving revision 1.3 diff -u -p -r1.3 patch-Makefile --- patches/patch-Makefile 11 Mar 2022 18:50:00 - 1.3 +++ patches/patch-Makefile 29 Nov 2022 23:40:09 - @@ -6,31 +6,76 @@ Convert to bsd make Index: Makefile --- Makefile.orig +++ Makefile -@@ -1,20 +1,16 @@ +@@ -1,51 +1,21 @@ -ifneq ($(srcdir),) -VPATH = $(srcdir) -else -srcdir=$(shell pwd) -endif +- -CFLAGS = -O2 -g -DWZ_VERSION := $(shell cat $(srcdir)/VERSION) --override CFLAGS += -Wall -W -D_FILE_OFFSET_BITS=64 \ -- -DDWZ_VERSION='"$(DWZ_VERSION)"' $(shell cat $(srcdir)/COPYRIGHT_YEARS) +-CFLAGS_VERSION = -DDWZ_VERSION='"$(DWZ_VERSION)"' +-CFLAGS_COPYRIGHT = $(shell cat $(srcdir)/COPYRIGHT_YEARS) +-CFLAGS_COMMON = -Wall -W -D_FILE_OFFSET_BITS=64 +-XXH_PROG = "\#define XXH_INLINE_ALL 1\n\#include \n" +-XXH_INLINE_ALL_WORKS = $(shell printf $(XXH_PROG) \ +- | $(CC) -xc -c - -o /dev/null 2>/dev/null \ +- && echo -n 1) +-ifeq "$(XXH_INLINE_ALL_WORKS)" "1" +- CFLAGS_COMMON += -DXXH_INLINE_ALL=1 +-endif +- +-override CFLAGS += $(CFLAGS_COMMON) $(CFLAGS_VERSION) $(CFLAGS_COPYRIGHT) +- +srcdir = . +CFLAGS ?= -O2 -g +DWZ_VERSION != cat $(srcdir)/VERSION +CFLAGS += -DDWZ_VERSION='"$(DWZ_VERSION)"' +CFLAGS !+= cat $(srcdir)/COPYRIGHT_YEARS ++CFLAGS += -D_FILE_OFFSET_BITS=64 ++CFLAGS += -DXXH_INLINE_ALL=1 prefix = /usr exec_prefix = $(prefix) bindir = $(exec_prefix)/bin datarootdir = $(prefix)/share mandir = $(datarootdir)/man --OBJECTS = dwz.o hashtab.o sha1.o dwarfnames.o -+OBJECTS = dwz.o hashtab.o sha1.o dwarfnames.o obstack.o +-OBJECTS = args.o dwz.o hashtab.o pool.o sha1.o dwarfnames.o ++OBJECTS = args.o dwz.o hashtab.o pool.o sha1.o dwarfnames.o obstack.o + LIBS=-lelf +-ifneq "$(XXH_INLINE_ALL_WORKS)" "1" +-LIBS += -lxxhash +-endif
Re: some issues with sogo 5.7.1 in 7.2
On Mon, Nov 28, 2022 at 02:57:07PM +0100, Landry Breuil wrote: > Hi, > > finally upgraded my work sogo instance, hit two distinct issues > unrelated to the WOPort one, both seen when trying to login: > > [GCSSessionsFolder > writeRecordForEntryWithID:value:creationDate:lastSeenDate:]: cannot > write record: > NAME:PostgreSQL72FatalError REASON:fatal pgsql error > (channel=<0x0x31374da1608[PostgreSQL72Channel]: > connection=<0x0x3135d728468[PGConnection]: > connection=0x0x313651c3800>>): ERROR: value too long for type character > varying(255) > > found https://bugs.sogo.nu/view.php?id=5491 - from what i can see, > https://github.com/Alinto/sogo/blob/master/Scripts/sql-update-5.5.1_to_5.6.0.sh > isnt packaged in /usr/local/share/doc/sogo/. Maybe the PLIST should be > updated ? anyway, solved it locally with psql: > > sogo=> ALTER TABLE sogo_sessions_folder ALTER COLUMN c_value TYPE > VARCHAR(4096); > > but also 'upstream sent too big header while reading response header > from upstream' in nginx error logs, cf > https://www.sogo.nu/support/faq/errors-in-nginx-regarding-header-too-big.html#/faq > > i already had some proxy buffers config in nginx (coming from the > pkg-readme), had to bump them and could login just fine. > > so .. maybe also update the pkg-readme with the values recommended > upstream ? > this diff works for me with Mariadb (nginx part untested). ok ? What about 7.2 ? Cheers Giovanni Index: Makefile === RCS file: /cvs/ports/www/sogo/Makefile,v retrieving revision 1.102 diff -u -p -r1.102 Makefile --- Makefile8 Nov 2022 11:17:20 - 1.102 +++ Makefile29 Nov 2022 23:35:11 - @@ -1,7 +1,7 @@ COMMENT = web based groupware server VERSION = 5.7.1 -REVISION = 1 +REVISION = 2 DISTNAME = SOGo-${VERSION} PKGNAME = sogo-${VERSION} @@ -52,7 +52,7 @@ SUBST_VARS += SOGOLIBDIR VARBASE SCRIPTS = cas-proxy-validate.py sql-update-2.2.17_to_2.3.0.sh \ sql-update-3.2.10_to_4.0.0.sh sql-update-2.2.17_to_2.3.0-mysql.sh \ sql-update-3.2.10_to_4.0.0-mysql.sh sql-update-3.0.0-to-combined.sh \ - sql-update-3.0.0-to-combined-mysql.sh updates.php + sql-update-3.0.0-to-combined-mysql.sh sql-update-5.5.1_to_5.6.0.sh updates.php post-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/sogo Index: pkg/PLIST === RCS file: /cvs/ports/www/sogo/pkg/PLIST,v retrieving revision 1.54 diff -u -p -r1.54 PLIST --- pkg/PLIST 8 Nov 2022 11:17:20 - 1.54 +++ pkg/PLIST 29 Nov 2022 23:35:11 - @@ -2875,6 +2875,7 @@ share/doc/sogo/sql-update-3.0.0-to-combi share/doc/sogo/sql-update-3.0.0-to-combined.sh share/doc/sogo/sql-update-3.2.10_to_4.0.0-mysql.sh share/doc/sogo/sql-update-3.2.10_to_4.0.0.sh +share/doc/sogo/sql-update-5.5.1_to_5.6.0.sh share/doc/sogo/updates.php share/examples/login.conf.d/sogod @sample ${SYSCONFDIR}/login.conf.d/sogod Index: pkg/README === RCS file: /cvs/ports/www/sogo/pkg/README,v retrieving revision 1.25 diff -u -p -r1.25 README --- pkg/README 19 Sep 2022 07:01:08 - 1.25 +++ pkg/README 29 Nov 2022 23:35:11 - @@ -109,8 +109,8 @@ server { proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; -proxy_buffer_size 4k; -proxy_buffers 4 32k; +proxy_buffer_size 64k; +proxy_buffers 8 64k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; client_max_body_size 50m; signature.asc Description: PGP signature
Re: UPDATE: devel/dwz 0.14 => 0.15
Hi Stuart -- On 11/29/2022 11:25 AM, Stuart Henderson wrote: > > How about either using BUILD_DEPENDS on xxhash (on the :patch target, to > avoid having to actually package xxhash) instead, or listing the xxhash > tarball in DISTFILES? (even just copying it to files/xxhash.h would be > a bit easier than adding a whole new file via a patch, at least it > would then be directly diff'able). > > Example diff using :patch below. > I think that's a great idea. I didn't even know you could do that. ~Brian
Re: UPDATE: devel/dwz 0.14 => 0.15
On 2022/11/29 15:55, Brian Callahan wrote: > Hi ports -- > > Attached is an update to DWZ, which was released earlier this month. > Here is the release announcement, which includes the changelog: > https://sourceware.org/pipermail/dwz/2022q4/001385.html > > Apologies for the large diff; DWZ now using xxHash for a decent speedup. > Unfortunately, that means pulling xxHash in its entirety into DWZ. At > least xxHash is a single-header library. > > I have only tried this on amd64, so testing on aarch64 would be appreciated. > > OK? How about either using BUILD_DEPENDS on xxhash (on the :patch target, to avoid having to actually package xxhash) instead, or listing the xxhash tarball in DISTFILES? (even just copying it to files/xxhash.h would be a bit easier than adding a whole new file via a patch, at least it would then be directly diff'able). Example diff using :patch below. Index: Makefile === RCS file: /cvs/ports/devel/dwz/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- Makefile11 Mar 2022 18:50:00 - 1.6 +++ Makefile29 Nov 2022 16:17:01 - @@ -1,5 +1,5 @@ COMMENT = DWARF optimization and duplicate removal tool -DISTNAME = dwz-0.14 +DISTNAME = dwz-0.15 CATEGORIES = devel @@ -23,7 +23,25 @@ FAKE_FLAGS = mandir=${TRUEPREFIX}/man pr WRKDIST = ${WRKDIR}/dwz # XXX bootstrap: DEBUG_PACKAGES needs a dwz binary to work +# use :patch target to avoid having to package xxhash DWZ = ${WRKBUILD}/dwz + +BUILD_DEPENDS =sysutils/xxhash:patch +post-extract: + cp ${WRKDIR}/sysutils/xxhash/*/xxhash.h ${WRKSRC}/ + +.include +.if ${PROPERTIES:Mlp64} +CFLAGS += -DNATIVE_POINTER_SIZE=8 +.else +CFLAGS += -DNATIVE_POINTER_SIZE=4 +.endif + +.if ${PROPERTIES:Mle} +CFLAGS += -DNATIVE_ENDIAN_VAL=ELFDATA2LSB +.else +CFLAGS += -DNATIVE_ENDIAN_VAL=ELFDATA2MSB +.endif .include Index: distinfo === RCS file: /cvs/ports/devel/dwz/distinfo,v retrieving revision 1.2 diff -u -p -r1.2 distinfo --- distinfo8 Mar 2021 16:51:11 - 1.2 +++ distinfo29 Nov 2022 16:17:01 - @@ -1,2 +1,2 @@ -SHA256 (dwz-0.14.tar.gz) = MwBuq4df8KB/E/yIWIPFvZUU2D7OqfGLxGtXMt3fDR8= -SIZE (dwz-0.14.tar.gz) = 186623 +SHA256 (dwz-0.15.tar.gz) = 7VnGEuIEFeaX+8RRH1J+91cAe8VvoalU5JrKHans+0Q= +SIZE (dwz-0.15.tar.gz) = 192777 Index: patches/patch-Makefile === RCS file: /cvs/ports/devel/dwz/patches/patch-Makefile,v retrieving revision 1.3 diff -u -p -r1.3 patch-Makefile --- patches/patch-Makefile 11 Mar 2022 18:50:00 - 1.3 +++ patches/patch-Makefile 29 Nov 2022 16:17:01 - @@ -6,31 +6,76 @@ Convert to bsd make Index: Makefile --- Makefile.orig +++ Makefile -@@ -1,20 +1,16 @@ +@@ -1,51 +1,21 @@ -ifneq ($(srcdir),) -VPATH = $(srcdir) -else -srcdir=$(shell pwd) -endif +- -CFLAGS = -O2 -g -DWZ_VERSION := $(shell cat $(srcdir)/VERSION) --override CFLAGS += -Wall -W -D_FILE_OFFSET_BITS=64 \ -- -DDWZ_VERSION='"$(DWZ_VERSION)"' $(shell cat $(srcdir)/COPYRIGHT_YEARS) +-CFLAGS_VERSION = -DDWZ_VERSION='"$(DWZ_VERSION)"' +-CFLAGS_COPYRIGHT = $(shell cat $(srcdir)/COPYRIGHT_YEARS) +-CFLAGS_COMMON = -Wall -W -D_FILE_OFFSET_BITS=64 +-XXH_PROG = "\#define XXH_INLINE_ALL 1\n\#include \n" +-XXH_INLINE_ALL_WORKS = $(shell printf $(XXH_PROG) \ +- | $(CC) -xc -c - -o /dev/null 2>/dev/null \ +- && echo -n 1) +-ifeq "$(XXH_INLINE_ALL_WORKS)" "1" +- CFLAGS_COMMON += -DXXH_INLINE_ALL=1 +-endif +- +-override CFLAGS += $(CFLAGS_COMMON) $(CFLAGS_VERSION) $(CFLAGS_COPYRIGHT) +- +srcdir = . +CFLAGS ?= -O2 -g +DWZ_VERSION != cat $(srcdir)/VERSION +CFLAGS += -DDWZ_VERSION='"$(DWZ_VERSION)"' +CFLAGS !+= cat $(srcdir)/COPYRIGHT_YEARS ++CFLAGS += -D_FILE_OFFSET_BITS=64 ++CFLAGS += -DXXH_INLINE_ALL=1 prefix = /usr exec_prefix = $(prefix) bindir = $(exec_prefix)/bin datarootdir = $(prefix)/share mandir = $(datarootdir)/man --OBJECTS = dwz.o hashtab.o sha1.o dwarfnames.o -+OBJECTS = dwz.o hashtab.o sha1.o dwarfnames.o obstack.o +-OBJECTS = args.o dwz.o hashtab.o pool.o sha1.o dwarfnames.o ++OBJECTS = args.o dwz.o hashtab.o pool.o sha1.o dwarfnames.o obstack.o + LIBS=-lelf +-ifneq "$(XXH_INLINE_ALL_WORKS)" "1" +-LIBS += -lxxhash +-endif dwz: $(OBJECTS) -- $(CC) $(LDFLAGS) -o $@ $^ -lelf -+ $(CC) $(LDFLAGS) -o $@ $(OBJECTS) -lelf +- $(CC) $(LDFLAGS) -o $@ $^ $(LIBS) +-args.o: native.o +-args.o: CFLAGS_FOR_SOURCE = \ +- -DNATIVE_ENDIAN_VAL=$(NATIVE_ENDIAN_VAL) \ +- -DNATIVE_POINTER_SIZE=$(NATIVE_POINTER_SIZE) +-NATIVE_ENDIAN=$(shell readelf -h native.o \ +- | grep Data \ +- | sed 's/.*, //;s/ endian//') +-NATIVE_ENDIAN_LITTLE=$(findstring $(NATIVE_ENDIAN),$(findstring little,$(NATIVE_ENDIAN))) +-NATIVE_ENDIAN_BIG=$(findstring $(NATIVE_ENDIAN),$(findstring big,$(NATIVE_ENDIAN))) +-NATIV
Re: Update prometheus to 2.37.4
On Tue, Nov 29, 2022 at 02:24:30PM +, Stuart Henderson wrote: > On 2022/11/29 14:59, Claudio Jeker wrote: > > This brings prometheus up to the latest LTS release. > > > > Changes since then: > > 2.37.2: > > [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus startup. > > [BUGFIX] Agent: Fix validation of flag options and prevent WAL from > > growing more than desired. > > > > 2.37.3: > > [BUGFIX] Update our regexp library to fix upstream CVE-2022-41715. > > [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a memory > > leak. > > > > 2.37.4: > > [SECURITY] Fix basic authentication bypass vulnerability > > (CVE-2022-46146). > > > > Seems to work so far for my test setup. What is not working is the > > version / build info. My assumption is that the -X ldflags do not work > > with vendored builds. Maybe some golang expert has an idea. > > Not sure what's up there, it is setting the correct command line flags > (that's handled by promu): > > go build -o prometheus -ldflags -X > github.com/prometheus/common/version.Version=2.37.4 -X > github.com/prometheus/common/version.Revision=non-git -X > github.com/prometheus/common/version.Branch=non-git -X > github.com/prometheus/common/version.BuildUser=OpenBSD -X > github.com/prometheus/common/version.BuildDate=20221129-14:09:55 -extldflags > '-static' -v -a -tags netgo,builtinassets > github.com/prometheus/prometheus/cmd/prometheus > > Still, that is not new, so no need to let it hold up the update - OK. Agreed. This is why it may have to do with vendored build and the fact that the -X path is to a vendored module. > I suppose they will need to release new versions of snmp_exporter, > node_exporter, blackbox_exporter etc because of the pinning in go.mod > and go.sum. Did not see any updates there yet. Let's see :) -- :wq Claudio
Re: Update prometheus to 2.37.4
On 2022/11/29 14:59, Claudio Jeker wrote: > This brings prometheus up to the latest LTS release. > > Changes since then: > 2.37.2: > [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus startup. > [BUGFIX] Agent: Fix validation of flag options and prevent WAL from > growing more than desired. > > 2.37.3: > [BUGFIX] Update our regexp library to fix upstream CVE-2022-41715. > [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a memory > leak. > > 2.37.4: > [SECURITY] Fix basic authentication bypass vulnerability (CVE-2022-46146). > > Seems to work so far for my test setup. What is not working is the > version / build info. My assumption is that the -X ldflags do not work > with vendored builds. Maybe some golang expert has an idea. Not sure what's up there, it is setting the correct command line flags (that's handled by promu): go build -o prometheus -ldflags -X github.com/prometheus/common/version.Version=2.37.4 -X github.com/prometheus/common/version.Revision=non-git -X github.com/prometheus/common/version.Branch=non-git -X github.com/prometheus/common/version.BuildUser=OpenBSD -X github.com/prometheus/common/version.BuildDate=20221129-14:09:55 -extldflags '-static' -v -a -tags netgo,builtinassets github.com/prometheus/prometheus/cmd/prometheus Still, that is not new, so no need to let it hold up the update - OK. I suppose they will need to release new versions of snmp_exporter, node_exporter, blackbox_exporter etc because of the pinning in go.mod and go.sum.
Re: UPDATE: Varnish-7.2.1
On Tue, Nov 29, 2022 at 12:21:02PM +0100, Gonzalo L. Rodriguez wrote: > Hello, > > Update for Varnish to 7.2.1: > > https://varnish-cache.org/releases/rel7.2.1.html#rel7-2-1 This is a security fix release, so I'd say go ahead if it builds/works. > > Tests are welcome. > > OK? Comments? > > Cheers.- > > > Index: Makefile > === > RCS file: /cvs/ports/www/varnish/Makefile,v > retrieving revision 1.74 > diff -u -p -r1.74 Makefile > --- Makefile 8 Nov 2022 11:17:22 - 1.74 > +++ Makefile 29 Nov 2022 11:18:47 - > @@ -1,7 +1,6 @@ > COMMENT =high-performance HTTP accelerator > > -DISTNAME = varnish-7.1.1 > -REVISION = 0 > +DISTNAME = varnish-7.2.1 > > CATEGORIES = www > > Index: distinfo > === > RCS file: /cvs/ports/www/varnish/distinfo,v > retrieving revision 1.33 > diff -u -p -r1.33 distinfo > --- distinfo 13 Sep 2022 08:59:17 - 1.33 > +++ distinfo 29 Nov 2022 11:18:47 - > @@ -1,2 +1,2 @@ > -SHA256 (varnish-7.1.1.tgz) = LK++JZDn1Yp7rIrZm+kuRA/k04raaBbdiDbyL6UToZA= > -SIZE (varnish-7.1.1.tgz) = 3742869 > +SHA256 (varnish-7.2.1.tgz) = TZN9FyCo7BnFM/ly2TA6HJiJt7/KdDeJOuXCfPIEqUA= > +SIZE (varnish-7.2.1.tgz) = 4019119 > Index: pkg/PLIST > === > RCS file: /cvs/ports/www/varnish/pkg/PLIST,v > retrieving revision 1.25 > diff -u -p -r1.25 PLIST > --- pkg/PLIST 8 Nov 2022 11:17:22 - 1.25 > +++ pkg/PLIST 29 Nov 2022 11:18:47 - > @@ -27,7 +27,8 @@ include/varnish/tbl/backend_poll.h > include/varnish/tbl/ban_arg_oper.h > include/varnish/tbl/ban_oper.h > include/varnish/tbl/ban_vars.h > -include/varnish/tbl/bo_flags.h > +include/varnish/tbl/bereq_flags.h > +include/varnish/tbl/beresp_flags.h > include/varnish/tbl/boc_state.h > include/varnish/tbl/body_status.h > include/varnish/tbl/cli_cmds.h > @@ -42,15 +43,16 @@ include/varnish/tbl/htc.h > include/varnish/tbl/http_headers.h > include/varnish/tbl/http_response.h > include/varnish/tbl/locks.h > -include/varnish/tbl/mgt_vcc.h > include/varnish/tbl/obj_attr.h > include/varnish/tbl/oc_exp_flags.h > include/varnish/tbl/oc_flags.h > include/varnish/tbl/params.h > +include/varnish/tbl/req_bereq_flags.h > include/varnish/tbl/req_flags.h > include/varnish/tbl/sess_attr.h > include/varnish/tbl/sess_close.h > include/varnish/tbl/symbol_kind.h > +include/varnish/tbl/vcc_feature_bits.h > include/varnish/tbl/vcl_returns.h > include/varnish/tbl/vcl_states.h > include/varnish/tbl/vhd_fsm.h > @@ -81,6 +83,7 @@ include/varnish/vcli.h > include/varnish/vcs.h > include/varnish/vdef.h > include/varnish/vmod_abi.h > +include/varnish/vnum.h > include/varnish/vqueue.h > include/varnish/vre.h > include/varnish/vre_pcre2.h > -- > >%gonzalo >
Update prometheus to 2.37.4
This brings prometheus up to the latest LTS release. Changes since then: 2.37.2: [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus startup. [BUGFIX] Agent: Fix validation of flag options and prevent WAL from growing more than desired. 2.37.3: [BUGFIX] Update our regexp library to fix upstream CVE-2022-41715. [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a memory leak. 2.37.4: [SECURITY] Fix basic authentication bypass vulnerability (CVE-2022-46146). Seems to work so far for my test setup. What is not working is the version / build info. My assumption is that the -X ldflags do not work with vendored builds. Maybe some golang expert has an idea. -- :wq Claudio Index: Makefile === RCS file: /cvs/ports/sysutils/prometheus/Makefile,v retrieving revision 1.17 diff -u -p -r1.17 Makefile --- Makefile8 Nov 2022 11:17:11 - 1.17 +++ Makefile29 Nov 2022 13:17:07 - @@ -1,10 +1,9 @@ COMMENT = systems monitoring and alerting toolkit -V =2.37.1 +V =2.37.4 GH_ACCOUNT = prometheus GH_PROJECT = prometheus GH_TAGNAME = v${V} -REVISION = 0 CATEGORIES = sysutils Index: distinfo === RCS file: /cvs/ports/sysutils/prometheus/distinfo,v retrieving revision 1.7 diff -u -p -r1.7 distinfo --- distinfo13 Sep 2022 10:35:55 - 1.7 +++ distinfo29 Nov 2022 13:17:28 - @@ -1,6 +1,6 @@ -SHA256 (prometheus-2.37.1.tar.gz) = 8ON5hpfzQ7HDQqqPWdF5inLdZyBwHVX1KR6gMQsUI7Y= -SHA256 (prometheus-vendor-2.37.1.tar.gz) = JeQkPS5dpt8n5f0JmJ+ZvSPAvpcQ7j8LbVWj5dJ5hLQ= -SHA256 (prometheus-web-ui-2.37.1.tar.gz) = Uu9uO0lk79k7nu4Yx/wo+tv4FVu5nl+TUSF1w8vUoaM= -SIZE (prometheus-2.37.1.tar.gz) = 6049188 -SIZE (prometheus-vendor-2.37.1.tar.gz) = 11627435 -SIZE (prometheus-web-ui-2.37.1.tar.gz) = 4333534 +SHA256 (prometheus-2.37.4.tar.gz) = gIP1R9TjewtfeusIL9ScOyRegGSqzG6g667+bRWKpNI= +SHA256 (prometheus-vendor-2.37.4.tar.gz) = UCoi3XIpdjwmUVrAb9wWzvDpMYj41vOXirbrIBPxk0E= +SHA256 (prometheus-web-ui-2.37.4.tar.gz) = TA/pT8Q0b46eVUrqrgG4omZ84EKZm5vEG/7VKd2nzDQ= +SIZE (prometheus-2.37.4.tar.gz) = 6048871 +SIZE (prometheus-vendor-2.37.4.tar.gz) = 11625254 +SIZE (prometheus-web-ui-2.37.4.tar.gz) = 4332951
UPDATE: Varnish-7.2.1
Hello, Update for Varnish to 7.2.1: https://varnish-cache.org/releases/rel7.2.1.html#rel7-2-1 Tests are welcome. OK? Comments? Cheers.- Index: Makefile === RCS file: /cvs/ports/www/varnish/Makefile,v retrieving revision 1.74 diff -u -p -r1.74 Makefile --- Makefile8 Nov 2022 11:17:22 - 1.74 +++ Makefile29 Nov 2022 11:18:47 - @@ -1,7 +1,6 @@ COMMENT = high-performance HTTP accelerator -DISTNAME = varnish-7.1.1 -REVISION = 0 +DISTNAME = varnish-7.2.1 CATEGORIES = www Index: distinfo === RCS file: /cvs/ports/www/varnish/distinfo,v retrieving revision 1.33 diff -u -p -r1.33 distinfo --- distinfo13 Sep 2022 08:59:17 - 1.33 +++ distinfo29 Nov 2022 11:18:47 - @@ -1,2 +1,2 @@ -SHA256 (varnish-7.1.1.tgz) = LK++JZDn1Yp7rIrZm+kuRA/k04raaBbdiDbyL6UToZA= -SIZE (varnish-7.1.1.tgz) = 3742869 +SHA256 (varnish-7.2.1.tgz) = TZN9FyCo7BnFM/ly2TA6HJiJt7/KdDeJOuXCfPIEqUA= +SIZE (varnish-7.2.1.tgz) = 4019119 Index: pkg/PLIST === RCS file: /cvs/ports/www/varnish/pkg/PLIST,v retrieving revision 1.25 diff -u -p -r1.25 PLIST --- pkg/PLIST 8 Nov 2022 11:17:22 - 1.25 +++ pkg/PLIST 29 Nov 2022 11:18:47 - @@ -27,7 +27,8 @@ include/varnish/tbl/backend_poll.h include/varnish/tbl/ban_arg_oper.h include/varnish/tbl/ban_oper.h include/varnish/tbl/ban_vars.h -include/varnish/tbl/bo_flags.h +include/varnish/tbl/bereq_flags.h +include/varnish/tbl/beresp_flags.h include/varnish/tbl/boc_state.h include/varnish/tbl/body_status.h include/varnish/tbl/cli_cmds.h @@ -42,15 +43,16 @@ include/varnish/tbl/htc.h include/varnish/tbl/http_headers.h include/varnish/tbl/http_response.h include/varnish/tbl/locks.h -include/varnish/tbl/mgt_vcc.h include/varnish/tbl/obj_attr.h include/varnish/tbl/oc_exp_flags.h include/varnish/tbl/oc_flags.h include/varnish/tbl/params.h +include/varnish/tbl/req_bereq_flags.h include/varnish/tbl/req_flags.h include/varnish/tbl/sess_attr.h include/varnish/tbl/sess_close.h include/varnish/tbl/symbol_kind.h +include/varnish/tbl/vcc_feature_bits.h include/varnish/tbl/vcl_returns.h include/varnish/tbl/vcl_states.h include/varnish/tbl/vhd_fsm.h @@ -81,6 +83,7 @@ include/varnish/vcli.h include/varnish/vcs.h include/varnish/vdef.h include/varnish/vmod_abi.h +include/varnish/vnum.h include/varnish/vqueue.h include/varnish/vre.h include/varnish/vre_pcre2.h -- %gonzalo
UPDATE: SQLMap-1.6.11
Hello, Update for SQLMap to 1.6.11; https://github.com/sqlmapproject/sqlmap/releases/tag/1.6.11 OK? Comments? Cheers.- Index: Makefile === RCS file: /cvs/ports/security/sqlmap/Makefile,v retrieving revision 1.42 diff -u -p -r1.42 Makefile --- Makefile13 Nov 2022 15:29:43 - 1.42 +++ Makefile29 Nov 2022 09:17:05 - @@ -2,8 +2,7 @@ COMMENT = penetration testing tool to d GH_ACCOUNT = sqlmapproject GH_PROJECT = sqlmap -GH_TAGNAME = 1.6.5 -REVISION = 0 +GH_TAGNAME = 1.6.11 CATEGORIES = security Index: distinfo === RCS file: /cvs/ports/security/sqlmap/distinfo,v retrieving revision 1.32 diff -u -p -r1.32 distinfo --- distinfo22 May 2022 11:16:33 - 1.32 +++ distinfo29 Nov 2022 09:17:05 - @@ -1,2 +1,2 @@ -SHA256 (sqlmap-1.6.5.tar.gz) = U0GUlT2Klf8dKNGhn5ssG20CH+m8Pqc2jsqyCEzrpxQ= -SIZE (sqlmap-1.6.5.tar.gz) = 7204055 +SHA256 (sqlmap-1.6.11.tar.gz) = fBCpJZH0QGeK9+rwfEOaMxx5qG5EWI4yy85JCrcxuv4= +SIZE (sqlmap-1.6.11.tar.gz) = 7206836 Index: pkg/PLIST === RCS file: /cvs/ports/security/sqlmap/pkg/PLIST,v retrieving revision 1.28 diff -u -p -r1.28 PLIST --- pkg/PLIST 22 May 2022 11:16:33 - 1.28 +++ pkg/PLIST 29 Nov 2022 09:17:06 - @@ -958,6 +958,7 @@ share/sqlmap/tamper/${MODPY_PYCACHE}comm share/sqlmap/tamper/${MODPY_PYCACHE}commalessmid.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}commentbeforeparentheses.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}concat2concatws.${MODPY_PYC_MAGIC_TAG}pyc +share/sqlmap/tamper/${MODPY_PYCACHE}decentities.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}dunion.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}equaltolike.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}equaltorlike.${MODPY_PYC_MAGIC_TAG}pyc @@ -965,6 +966,7 @@ share/sqlmap/tamper/${MODPY_PYCACHE}esca share/sqlmap/tamper/${MODPY_PYCACHE}greatest.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}halfversionedmorekeywords.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}hex2char.${MODPY_PYC_MAGIC_TAG}pyc +share/sqlmap/tamper/${MODPY_PYCACHE}hexentities.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}htmlencode.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}ifnull2casewhenisnull.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}ifnull2ifisnull.${MODPY_PYC_MAGIC_TAG}pyc @@ -985,6 +987,7 @@ share/sqlmap/tamper/${MODPY_PYCACHE}plus share/sqlmap/tamper/${MODPY_PYCACHE}randomcase.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}randomcomments.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}schemasplit.${MODPY_PYC_MAGIC_TAG}pyc +share/sqlmap/tamper/${MODPY_PYCACHE}scientific.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}sleep2getlock.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}sp_password.${MODPY_PYC_MAGIC_TAG}pyc share/sqlmap/tamper/${MODPY_PYCACHE}space2comment.${MODPY_PYC_MAGIC_TAG}pyc @@ -1022,6 +1025,7 @@ share/sqlmap/tamper/commalesslimit.py share/sqlmap/tamper/commalessmid.py share/sqlmap/tamper/commentbeforeparentheses.py share/sqlmap/tamper/concat2concatws.py +share/sqlmap/tamper/decentities.py share/sqlmap/tamper/dunion.py share/sqlmap/tamper/equaltolike.py share/sqlmap/tamper/equaltorlike.py @@ -1029,6 +1033,7 @@ share/sqlmap/tamper/escapequotes.py share/sqlmap/tamper/greatest.py share/sqlmap/tamper/halfversionedmorekeywords.py share/sqlmap/tamper/hex2char.py +share/sqlmap/tamper/hexentities.py share/sqlmap/tamper/htmlencode.py share/sqlmap/tamper/ifnull2casewhenisnull.py share/sqlmap/tamper/ifnull2ifisnull.py @@ -1049,6 +1054,7 @@ share/sqlmap/tamper/plus2fnconcat.py share/sqlmap/tamper/randomcase.py share/sqlmap/tamper/randomcomments.py share/sqlmap/tamper/schemasplit.py +share/sqlmap/tamper/scientific.py share/sqlmap/tamper/sleep2getlock.py share/sqlmap/tamper/sp_password.py share/sqlmap/tamper/space2comment.py -- %gonzalo