OpenBSD ports changes summary for 2016-12-01 ============================================
audio/milkytracker databases/p5-DBD-mysql devel/cmake devel/py-tox editors/vim editors/vim-spell games/slash graphics/vigra mail/rspamd math/hdf5 net/bro net/libpsl net/py-botocore sysutils/awscli www/links+ == audio ============================================================= 01/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/audio milkytracker ~ Makefile > Update HOMEPAGE. (fcambus@) == databases ========================================================= 02/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/databases p5-DBD-mysql ~ Makefile ~ distinfo > Security update to 4.041, fixes CVE-2016-1251 > spotted by afresh1@, thanks (giovanni@) == devel ============================================================= 03/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel cmake ~ Makefile ~ distinfo ~ pkg/PLIST > Bugfixing update to cmake-3.7.1 (dcoppa@) py-tox ~ Makefile ~ distinfo > Update to py-tox-2.5.0 (danj@) == editors =========================================================== 04/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/editors vim ~ Makefile > add a comment about vim-spell and major versions (sthen@) vim-spell ~ Makefile.inc ~ distinfo > Sync editors/vim-spell with editors/vim update to 8.0. > ok sthen@ (stsp@) == games ============================================================= 05/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/games slash ~ Makefile ~ distinfo + patches/patch-include_global_h > Usable MASTER_SITES for the nethack distfiles. > Slash-Unix still has a broken MASTER_SITES, it should probably be > mirrored by someone who cares. (jca@) ~ Makefile > patch-include_global_h fixes a bug with wide terminals, bump REVISION > Problem reported by Solene Rapenne (jca@) == graphics ========================================================== 06/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/graphics vigra ~ Makefile > Fix typo in CONFIGURE_ARGS to prevent picking up math/hdf5 and breaking > bulk builds. > Reported by naddy@, thanks! (kirby@) == mail ============================================================== 07/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail rspamd - patches/patch-src_libserver_html_c - patches/patch-src_libserver_url_c > remote zero-byte files (sthen@) == math ============================================================== 08/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/math hdf5 ~ Makefile ~ distinfo > Update to HDF5 1.8.18 > OK pirofti@ (feinerer@) == net =============================================================== 09/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net bro ~ Makefile ~ pkg/PLIST > Needs gfind to run some of the bro scripts. > @sample local-logger.bro which was forgotten after the update to 2.5. > reported by Daniel Thayer, thanks! (ajacoutot@) libpsl ~ Makefile ~ distinfo ~ patches/patch-src_psl2c_c ~ pkg/PLIST > Update to libpsl-0.15.0 and take maintainership. (jca@) py-botocore ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-botocore-1.4.80. (ajacoutot@) == sysutils ========================================================== 10/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/sysutils awscli ~ Makefile ~ distinfo > Update to awscli-1.11.23. (ajacoutot@) == www =============================================================== 11/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www links+ ~ Makefile ~ distinfo ~ patches/patch-html_c ~ patches/patch-https_c TAGGED OPENBSD_6_0 > SECURITY update to links-2.14 > Relevant changes: > * Limit keepalive of ciphers with 64-bit block size to mitigate > the SWEET32 attack > * Improved tor hardening - when the user toggles the "Only Proxies" option > (i.e. when connecting to tor), we reset certain other options to their > default values, so that it is not possible to identify user behind tor > based on the selected options. > * Security bug fixed: Don't load or render the content of > "407 Proxy Authentication Required" reply when using https proxy. > This avoids the FalseCONNECT attack. > Also, don't allow 401 and 407 responses to set cookies. > Tested on 6.0 by Tim Meunier (maintainer) (jca@) =============================================================================== _______________________________________________ odc mailing list odc@squish.net http://www.squish.net/mailman/listinfo/odc
