From owner-svn-ports-branches@FreeBSD.ORG Sun Jul 20 16:09:57 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1C64D470; Sun, 20 Jul 2014 16:09:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 081BB21A2; Sun, 20 Jul 2014 16:09:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6KG9v4v027783; Sun, 20 Jul 2014 16:09:57 GMT (envelope-from rene@svn.freebsd.org) Received: (from rene@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6KG9t3L027769; Sun, 20 Jul 2014 16:09:55 GMT (envelope-from rene@svn.freebsd.org) Message-Id: <201407201609.s6KG9t3L027769@svn.freebsd.org> From: Rene Ladan Date: Sun, 20 Jul 2014 16:09:55 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362331 - in branches/2014Q3/www: linux-seamonkey seamonkey seamonkey-i18n X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jul 2014 16:09:57 -0000 Author: rene Date: Sun Jul 20 16:09:55 2014 New Revision: 362331 URL: http://svnweb.freebsd.org/changeset/ports/362331 QAT: https://qat.redports.org/buildarchive/r362331/ Log: MFH: r362322 Update to 2.26.1 PR: 191184 Submitted by: Jan Beich Approved by: gecko (flo) Security: http://www.vuxml.org/freebsd/888a0262-f0d9-11e3-ba0c-b4b52fce4ce8.html Approved by: portmgr (erwin) Modified: branches/2014Q3/www/linux-seamonkey/Makefile branches/2014Q3/www/linux-seamonkey/distinfo branches/2014Q3/www/seamonkey-i18n/Makefile branches/2014Q3/www/seamonkey-i18n/distinfo branches/2014Q3/www/seamonkey/Makefile branches/2014Q3/www/seamonkey/distinfo Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/www/linux-seamonkey/Makefile ============================================================================== --- branches/2014Q3/www/linux-seamonkey/Makefile Sun Jul 20 16:05:08 2014 (r362330) +++ branches/2014Q3/www/linux-seamonkey/Makefile Sun Jul 20 16:09:55 2014 (r362331) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= seamonkey -DISTVERSION= 2.26 +DISTVERSION= 2.26.1 CATEGORIES= www mail news editors irc ipv6 MASTER_SITES= MOZILLA/${PORTNAME}/releases/${DISTVERSION}/linux-i686/en-US Modified: branches/2014Q3/www/linux-seamonkey/distinfo ============================================================================== --- branches/2014Q3/www/linux-seamonkey/distinfo Sun Jul 20 16:05:08 2014 (r362330) +++ branches/2014Q3/www/linux-seamonkey/distinfo Sun Jul 20 16:09:55 2014 (r362331) @@ -1,5 +1,5 @@ -SHA256 (seamonkey-2.26.tar.bz2) = 4b306933c629bfaa0f6f4a8e5db08a47055061e3db87010b4c1e058d4ee4e0b2 -SIZE (seamonkey-2.26.tar.bz2) = 30916325 +SHA256 (seamonkey-2.26.1.tar.bz2) = ce16da8005748b38068e409e1c861e0faa5291afccd07b53616492c49db7f089 +SIZE (seamonkey-2.26.1.tar.bz2) = 30921432 SHA256 (glib2-2.22.2-2.fc12.i686.rpm) = e3b459c245ec14e7248e9de4b506963a4773407f3e58835db5070d0ed02ecc99 SIZE (glib2-2.22.2-2.fc12.i686.rpm) = 1162908 SHA256 (gtk2-2.18.3-19.fc12.i686.rpm) = aea9cf7ffe9c8dae0faa2bf3d2aa1b2117c55dce03da72dcce8c268279ec0a4b Modified: branches/2014Q3/www/seamonkey-i18n/Makefile ============================================================================== --- branches/2014Q3/www/seamonkey-i18n/Makefile Sun Jul 20 16:05:08 2014 (r362330) +++ branches/2014Q3/www/seamonkey-i18n/Makefile Sun Jul 20 16:09:55 2014 (r362331) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= seamonkey-i18n -PORTVERSION= 2.26 +PORTVERSION= 2.26.1 CATEGORIES= www mail news editors irc MASTER_SITES= MOZILLA/${PORTNAME:S|-i18n||}/releases/${PORTVERSION}/langpack PKGNAMEPREFIX= Modified: branches/2014Q3/www/seamonkey-i18n/distinfo ============================================================================== --- branches/2014Q3/www/seamonkey-i18n/distinfo Sun Jul 20 16:05:08 2014 (r362330) +++ branches/2014Q3/www/seamonkey-i18n/distinfo Sun Jul 20 16:09:55 2014 (r362331) @@ -1,54 +1,54 @@ -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.be.langpack.xpi) = bba364903e2cd080a83b4c7b06317ce547fce0463e46cb1ff5241dcd3b0341f7 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.be.langpack.xpi) = 818751 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ca.langpack.xpi) = 8885d0412bd420b77a831bc28aae685d0962ef840ddb16e380cd07a2f2ef176c -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ca.langpack.xpi) = 816735 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.cs.langpack.xpi) = cc77420a27f8e0757bcbdd6f8df2be361883ae1c5840e63f63a1386e43bc498c -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.cs.langpack.xpi) = 814944 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.de.langpack.xpi) = 960ce22067f7cd19ec30c1249a588c651785a8989f374e14e8d06de8dce35237 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.de.langpack.xpi) = 822042 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.en-GB.langpack.xpi) = 42aa60112205d55fb9f835baf1a051da97942a950a17fbb37f0aac7cf6f5135e -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.en-GB.langpack.xpi) = 785904 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.en-US.langpack.xpi) = 31b47ea472f6f4293f896355d8d4092ced3094ab001afc3625c33de1dfb4a6e8 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.en-US.langpack.xpi) = 786788 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.es-AR.langpack.xpi) = 70e3502d5578c3d793645c47872c436f92845800f5a74bcea3803b2c5db73dad -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.es-AR.langpack.xpi) = 836833 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.es-ES.langpack.xpi) = 13bdb45b40c8a9b03f3c93aca5d120ce163a9dc263c68d9fa225826bf429c1a0 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.es-ES.langpack.xpi) = 814002 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.fi.langpack.xpi) = f21cd2e898e11039b2909cad62a71e8f4ee769c68c5681d82300f95c9c70c00a -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.fi.langpack.xpi) = 784387 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.fr.langpack.xpi) = 4e892a84852f9d7470c7c7ff4cc6ff8da0cb5bc8e8197d41ca3105ded6d7356d -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.fr.langpack.xpi) = 795188 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.gl.langpack.xpi) = de1db0aefa37fa6ce4ca2ab6ddbd53d4466e48cb435861270266ca0f56e338e0 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.gl.langpack.xpi) = 794258 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.hu.langpack.xpi) = a1c8b084b6b64bb0b992e9a05c6fa49c9a5a48b437e86351b8a2ed1f2997f22c -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.hu.langpack.xpi) = 828526 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.it.langpack.xpi) = 30dde81ae8bf1379caabc0a7e35bee72b8fa9fa052136de333dcbcd7f3ea550a -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.it.langpack.xpi) = 728566 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ja-JP-mac.langpack.xpi) = 6db90470137661dc35f888d8e649906300b62fa06d7a477346da31d272b11b30 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ja-JP-mac.langpack.xpi) = 892973 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ja.langpack.xpi) = 002743784937853e368c31ca5f80056eb50bd91dfa3f791164e388ab66e1e160 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ja.langpack.xpi) = 867575 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.lt.langpack.xpi) = 5beaf750798ffe4979e31e19dd88721df2819eeb4ac6cfb73388c0acecfb80f3 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.lt.langpack.xpi) = 832068 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.nb-NO.langpack.xpi) = 5559b7554f6683b7ad444af019d7ad75b13795f6669653b3be9c0934d12857a9 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.nb-NO.langpack.xpi) = 805527 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.nl.langpack.xpi) = 794019b24058071a080b6450991fa79ca71a447df7702e6384785895fce18a34 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.nl.langpack.xpi) = 781831 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.pl.langpack.xpi) = fff16b9b77830bf983c49e42516091ec987a9616168d8040598799349b135e1f -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.pl.langpack.xpi) = 855815 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.pt-PT.langpack.xpi) = 35ecbc2df9c90227ce0e46d854237272d019ad4a5c54e459cdf82a601a9d52dd -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.pt-PT.langpack.xpi) = 817865 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ru.langpack.xpi) = 9c4c665da191538e1e836ecad5b4556f5a9ed4a4db94c4779db537dd2cef1c94 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.ru.langpack.xpi) = 885692 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.sk.langpack.xpi) = dca3c93b1b2131e58483a537961df44a044b80f5cc97fb2628b384f26e973212 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.sk.langpack.xpi) = 841872 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.sv-SE.langpack.xpi) = e55f7d962db49d461b3b2cc2cc93da46da64139164b8d83f2e67df35bbfa2979 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.sv-SE.langpack.xpi) = 809829 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.tr.langpack.xpi) = d4923efdc2d4e3a294b864c1fbb9fe0a9a9d0d3636cb4ebed2e2263fbabbe5fa -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.tr.langpack.xpi) = 791385 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.uk.langpack.xpi) = ebdc37f591c32ddfe8783257c3944b6a44be15a2b10be4298326c187caddda81 -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.uk.langpack.xpi) = 853567 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.zh-CN.langpack.xpi) = 57ab3c518f60627b9cbbe57f5a25b22dace427ec9597d395953104732a5cf0fe -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.zh-CN.langpack.xpi) = 818845 -SHA256 (xpi/seamonkey-i18n-2.26/seamonkey-2.26.zh-TW.langpack.xpi) = 2512be926be2859e16e058977e9dc31d29a3c8b92eefe5a6b3a6f304325cb7fe -SIZE (xpi/seamonkey-i18n-2.26/seamonkey-2.26.zh-TW.langpack.xpi) = 843200 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.be.langpack.xpi) = 1304caf66562d819b8df6089224496d2ef593054201a124fdfea4e8d325268d6 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.be.langpack.xpi) = 818753 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ca.langpack.xpi) = 77845f85562118ccf17ba7233408516c57aaa91a0b1f5083a08c8341e5c819a9 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ca.langpack.xpi) = 816736 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.cs.langpack.xpi) = e71366cacb6274864fe5e6f441f3e7ebb15db090a92df30ae2395d9bcb518913 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.cs.langpack.xpi) = 814946 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.de.langpack.xpi) = 9ac22a758f62bc31aaa83a5d3a1d21e2fa0bc06d6f4ee26c8adf85e8225064ae +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.de.langpack.xpi) = 822043 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.en-GB.langpack.xpi) = 30ecd2a83e179017d24eb0dfa9e9ec7d220f0fd16bada1be14ddc69688f74ea6 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.en-GB.langpack.xpi) = 785905 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.en-US.langpack.xpi) = 1fdf1d312b6f82662e877b8361e5ae4df5249958bfd8a454e32b3b9da15867e2 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.en-US.langpack.xpi) = 786790 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.es-AR.langpack.xpi) = e6202b022e8c952449b8509f39803a626e5005fbc11ea1102af8082880b7ff27 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.es-AR.langpack.xpi) = 836836 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.es-ES.langpack.xpi) = 9818c7eb20cb9b5f47928cb8299f4807d1a722995760b70e6cae3a945bd04cc3 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.es-ES.langpack.xpi) = 814004 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.fi.langpack.xpi) = e0c70cf2fdf60b45394d89a8515820b6984edd4b252bfda19c59cb0f405467c2 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.fi.langpack.xpi) = 784389 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.fr.langpack.xpi) = b57475d1b47a2b6fb64d27230212784602146d2c45fa037b57c2ec27c0761311 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.fr.langpack.xpi) = 795190 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.gl.langpack.xpi) = 8c1d47ec6fca70b88f3fde4f2b54c6838d8a6d1cc29fc66d2d1b7f912214b8bf +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.gl.langpack.xpi) = 794260 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.hu.langpack.xpi) = 08311664e95c3da977d81c033bce4d75c1339e9eecff7bcf507318cf54ed9a82 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.hu.langpack.xpi) = 828532 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.it.langpack.xpi) = 128f4fee131b28dcde7464f675e255c5bf31bd5ba99227cc95b4257a98cb726f +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.it.langpack.xpi) = 728567 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ja-JP-mac.langpack.xpi) = eb0b4075407d56a539b310803c1d1f505aee15253739b87e78e43875cf00331b +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ja-JP-mac.langpack.xpi) = 892974 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ja.langpack.xpi) = c8eaf09ad594cd589e9486fa149a695375ce4603bb927ebaafa3b72b8a13c11e +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ja.langpack.xpi) = 867577 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.lt.langpack.xpi) = ffac3896d8c24aef230918573efa26d0d409aad53708cfdfc94679913b50b262 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.lt.langpack.xpi) = 832069 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.nb-NO.langpack.xpi) = 5f80ae03c4890980031fdc96d422d2713142d3f11e5a6b5bc6ebe106f84d474e +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.nb-NO.langpack.xpi) = 805528 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.nl.langpack.xpi) = 28ea348e46bb9ef6328fad3b1d45a18b103741803b30e4ebe5e746ae3d6b3c69 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.nl.langpack.xpi) = 781833 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.pl.langpack.xpi) = 223ae1798bb0284415218545de43919c4361a5dbd55ab2b5d4805678087e333b +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.pl.langpack.xpi) = 855816 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.pt-PT.langpack.xpi) = 49116b6d66bb00fd16e09cf9a9935cb5228300f6ac209e72ae5fd274d4afc3eb +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.pt-PT.langpack.xpi) = 817866 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ru.langpack.xpi) = a40a053a9df8174febf2a19f98e11cfef75a82a2c3666e80b551d22ad89a495d +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.ru.langpack.xpi) = 885694 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.sk.langpack.xpi) = c6afd39a1a25384f79c58ad5757c7e15147bae3578f6e6a5d302907fbc8b0bf7 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.sk.langpack.xpi) = 841874 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.sv-SE.langpack.xpi) = 6f1ff640ee52f6f27536a1aa127bb1bc4badefcdc07157c18e3ab6d8d9bececd +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.sv-SE.langpack.xpi) = 809831 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.tr.langpack.xpi) = b7e7a2e962c156b7012d449381d40866d233a460c1f4c45ef91f67d472db2d64 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.tr.langpack.xpi) = 791387 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.uk.langpack.xpi) = 7009492796add5f7e6a6b08eda9a875245f1ed69f6457e4dedc459945694c81c +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.uk.langpack.xpi) = 853570 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.zh-CN.langpack.xpi) = c288ec1f532f021eda32ef6dd10ae12acecbbb9e1797ee21dfaeaa07fc656d7f +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.zh-CN.langpack.xpi) = 818847 +SHA256 (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.zh-TW.langpack.xpi) = 06a8fbb17152d706ec6b880e86572151cfa1a30d0d105514ecc90afcaf1daf22 +SIZE (xpi/seamonkey-i18n-2.26.1/seamonkey-2.26.1.zh-TW.langpack.xpi) = 843202 Modified: branches/2014Q3/www/seamonkey/Makefile ============================================================================== --- branches/2014Q3/www/seamonkey/Makefile Sun Jul 20 16:05:08 2014 (r362330) +++ branches/2014Q3/www/seamonkey/Makefile Sun Jul 20 16:09:55 2014 (r362331) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= seamonkey -DISTVERSION= 2.26 -PORTREVISION= 2 +DISTVERSION= 2.26.1 CATEGORIES?= www mail news editors irc ipv6 MASTER_SITES= MOZILLA/${PORTNAME}/releases/${DISTVERSION}/source \ https://ftp.mozilla.org/pub/mozilla.org/${PORTNAME}/candidates/${DISTVERSION}-candidates/build1/source/ Modified: branches/2014Q3/www/seamonkey/distinfo ============================================================================== --- branches/2014Q3/www/seamonkey/distinfo Sun Jul 20 16:05:08 2014 (r362330) +++ branches/2014Q3/www/seamonkey/distinfo Sun Jul 20 16:09:55 2014 (r362331) @@ -1,4 +1,4 @@ -SHA256 (seamonkey-2.26.source.tar.bz2) = 985262d39f38fc20d307e810c371c9f581f7c55a66cfabd6b5561c236116b874 -SIZE (seamonkey-2.26.source.tar.bz2) = 165548355 +SHA256 (seamonkey-2.26.1.source.tar.bz2) = 741d383c87cc58e38b8d5eef34033a88a4352ff7d76064914bfc05fef1c5d2f3 +SIZE (seamonkey-2.26.1.source.tar.bz2) = 165537001 SHA256 (enigmail-1.6.1_pre20140112.tar.xz) = 2d89a9186c3ccfc9397c933c6f63c0518224fea0096d7a292dba3765de088149 SIZE (enigmail-1.6.1_pre20140112.tar.xz) = 916028 From owner-svn-ports-branches@FreeBSD.ORG Sun Jul 20 22:34:16 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4395172D; Sun, 20 Jul 2014 22:34:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1609023E3; Sun, 20 Jul 2014 22:34:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6KMYFHc018319; Sun, 20 Jul 2014 22:34:15 GMT (envelope-from ohauer@svn.freebsd.org) Received: (from ohauer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6KMYEsT018306; Sun, 20 Jul 2014 22:34:14 GMT (envelope-from ohauer@svn.freebsd.org) Message-Id: <201407202234.s6KMYEsT018306@svn.freebsd.org> From: Olli Hauer Date: Sun, 20 Jul 2014 22:34:14 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362382 - in branches/2014Q3/www/apache24: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jul 2014 22:34:16 -0000 Author: ohauer Date: Sun Jul 20 22:34:13 2014 New Revision: 362382 URL: http://svnweb.freebsd.org/changeset/ports/362382 QAT: https://qat.redports.org/buildarchive/r362382/ Log: MFH: r361314 - strip - remove obsolete apache-*-2.2.* conflict - add modules.d to EXAMPLESDIR - always install DOC (remove Makefile hack) - bump PORREVISION - sort pkg-plist MFH: r361316 - revert conflict (apache22 has MPM sub ports) MFH: r362041 Use modern LIB_DEPENDS on non default options Submitted by: ohauer MFH: r362371 - security update to release 2.4.10 - add OPTION for new mod_authnz_fcgi module - s/libluajit.so/libluajit-5.1.so/ (there is no libluajit.so) - backport for mod_lua: Don't quote values in cookies Make IE happy again [#56734] http://svn.apache.org/viewvc?view=revision&revision=1611744 - disable sanity check on demand [1] Release Notes: http://www.apache.org/dist/httpd/CHANGES_2.4.10 Approved by: portmgr (erwin@) PR: 191398 [1] Submitted by: Robert Schulze Security: 4364e1f1-0f44-11e4-b090-20cf30e32f6d CVE-2014-0117 CVE-2014-3523 CVE-2014-0226 CVE-2014-0118 CVE-2014-0231 Added: branches/2014Q3/www/apache24/files/patch-r1611744-modules__lua__lua_request.c - copied unchanged from r362371, head/www/apache24/files/patch-r1611744-modules__lua__lua_request.c Deleted: branches/2014Q3/www/apache24/files/patch-mod_authn_socache.c Modified: branches/2014Q3/www/apache24/Makefile branches/2014Q3/www/apache24/Makefile.options branches/2014Q3/www/apache24/Makefile.options.desc branches/2014Q3/www/apache24/distinfo branches/2014Q3/www/apache24/files/apache24.in branches/2014Q3/www/apache24/files/patch-Makefile.in branches/2014Q3/www/apache24/pkg-plist Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/www/apache24/Makefile ============================================================================== --- branches/2014Q3/www/apache24/Makefile Sun Jul 20 22:22:10 2014 (r362381) +++ branches/2014Q3/www/apache24/Makefile Sun Jul 20 22:34:13 2014 (r362382) @@ -1,8 +1,7 @@ # $FreeBSD$ PORTNAME= apache24 -PORTVERSION= 2.4.9 -PORTREVISION= 3 +PORTVERSION= 2.4.10 CATEGORIES= www ipv6 MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} DISTNAME= httpd-${PORTVERSION} @@ -16,7 +15,7 @@ LIB_DEPENDS= libexpat.so:${PORTSDIR}/tex libpcre.so:${PORTSDIR}/devel/pcre CONFLICTS_INSTALL= caudium14-1.* \ - apache-*-2.2.* apache22-* + apache-*-2.2.* apache22-* USE_APACHE= common24 USES= tar:bzip2 iconv perl5 libtool cpe @@ -53,12 +52,12 @@ IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped LDAP_CONFIGURE_ON= --enable-ldap=shared -LUAJIT_LIB_DEPENDS= luajit:${PORTSDIR}/lang/luajit +LUAJIT_LIB_DEPENDS= libluajit-5.1.so:${PORTSDIR}/lang/luajit LUA_CONFIGURE_WITH= lua LUA_USES= lua SOCACHE_DC_CONFIGURE_ON= --with-distcache=${LOCALBASE} -SOCACHE_DC_LIB_DEPENDS= distcache:${PORTSDIR}/security/distcache +SOCACHE_DC_LIB_DEPENDS= libdistcache.so:${PORTSDIR}/security/distcache # Note: # OpenSSL version (base/ports) depends how devel/apr1 was build @@ -72,10 +71,6 @@ SSL_USE= OPENSSL=yes ETC_SUBDIRS= Includes envvars.d extra modules.d -.if ! ${PORT_OPTIONS:MDOCS} -MAKE_ENV+= NOPORTDOCS=yes -.endif - APR_CONFIG?= ${LOCALBASE}/bin/apr-1-config APU_CONFIG?= ${LOCALBASE}/bin/apu-1-config @@ -156,6 +151,14 @@ post-install: @${MKDIR} ${ETC_SUBDIRS:S|^|${STAGEDIR}${ETCDIR}/|} ${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/ ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}/${ETCDIR}/modules.d/ +# place for module configuration samples + @${MKDIR} ${STAGEDIR}/${EXAMPLESDIR}/modules.d + ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}/${EXAMPLESDIR}/modules.d + +# suppress warning for non binary files + -@${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/* \ + ${STAGEDIR}${PREFIX}/bin/* \ + ${STAGEDIR}${PREFIX}/libexec/apache24/*.so 2>/dev/null .if ${PORT_OPTIONS:MLOG_FORENSIC} @${INSTALL_SCRIPT} ${WRKSRC}/support/check_forensic ${STAGEDIR}${PREFIX}/sbin Modified: branches/2014Q3/www/apache24/Makefile.options ============================================================================== --- branches/2014Q3/www/apache24/Makefile.options Sun Jul 20 22:22:10 2014 (r362381) +++ branches/2014Q3/www/apache24/Makefile.options Sun Jul 20 22:34:13 2014 (r362382) @@ -57,7 +57,7 @@ MOST_ENABLED_MODULES= \ VERSION VHOST_ALIAS MOST_DISABLED_MODULES:= \ - AUTHNZ_LDAP LDAP CHARSET_LITE DATA DAV_LOCK DIALUP IDENT LOG_FORENSIC \ + AUTHNZ_LDAP AUTHNZ_FCGI LDAP CHARSET_LITE DATA DAV_LOCK DIALUP IDENT LOG_FORENSIC \ LUA REFLECTOR SLOTMEM_PLAIN SLOTMEM_SHM SOCACHE_DC SUEXEC USERTRACK \ XML2ENC WATCHDOG ${HEARTBEAT_MODULES} ${EXAMPLE_MODULES} ${DEV_MODULES} Modified: branches/2014Q3/www/apache24/Makefile.options.desc ============================================================================== --- branches/2014Q3/www/apache24/Makefile.options.desc Sun Jul 20 22:22:10 2014 (r362381) +++ branches/2014Q3/www/apache24/Makefile.options.desc Sun Jul 20 22:34:13 2014 (r362382) @@ -42,6 +42,7 @@ ACTIONS_DESC= Action triggering on req ALIAS_DESC= Mapping of requests to different filesystem parts ALLOWMETHODS_DESC= Easily restrict what HTTP methods can be used on the server ASIS_DESC= Sends files that contain their own HTTP headers +AUTHNZ_FCGI_DESC= Allows a FastCGI authorizer to handle the check_authn hook AUTHNZ_LDAP_DESC= LDAP based authentication AUTHN_ANON_DESC= Anonymous user authentication control AUTHN_CORE_DESC= Core authentication module Modified: branches/2014Q3/www/apache24/distinfo ============================================================================== --- branches/2014Q3/www/apache24/distinfo Sun Jul 20 22:22:10 2014 (r362381) +++ branches/2014Q3/www/apache24/distinfo Sun Jul 20 22:34:13 2014 (r362382) @@ -1,2 +1,2 @@ -SHA256 (apache24/httpd-2.4.9.tar.bz2) = f78cc90dfa47caf3d83ad18fd6b4e85f237777c1733fc9088594b70ce2847603 -SIZE (apache24/httpd-2.4.9.tar.bz2) = 4994460 +SHA256 (apache24/httpd-2.4.10.tar.bz2) = 176c4dac1a745f07b7b91e7f4fd48f9c48049fa6f088efe758d61d9738669c6a +SIZE (apache24/httpd-2.4.10.tar.bz2) = 5031834 Modified: branches/2014Q3/www/apache24/files/apache24.in ============================================================================== --- branches/2014Q3/www/apache24/files/apache24.in Sun Jul 20 22:22:10 2014 (r362381) +++ branches/2014Q3/www/apache24/files/apache24.in Sun Jul 20 22:34:13 2014 (r362382) @@ -23,6 +23,7 @@ # Set to yes to check for accf_http kernel # module on start up and load if not loaded. # apache24_fib (str): Set an altered default network view for apache +# apache24_configcheck_disable (bool): Set to "YES" to disable sanity check on startup . /etc/rc.subr @@ -46,6 +47,7 @@ envvars="%%PREFIX%%/sbin/envvars" [ -z "$apache24limits_enable" ] && apache24limits_enable="NO" [ -z "$apache24limits_args" ] && apache24limits_args="-e -C daemon" [ -z "$apache24_http_accept_enable" ] && apache24_http_accept_enable="NO" +[ -z "$apache24_configcheck_disable" ] && apache24_configcheck_disable="NO" apache24_accf() { @@ -75,6 +77,7 @@ if [ -n "$2" ]; then eval apache24limits_enable="\${apache24limits_${profile}_enable:-${apache24limits_enable}}" eval apache24limits_args="\${apache24limits_${profile}_args:-${apache24limits_args}}" eval apache24_fib="\${apache24_${profile}_fib:-${apache24_fib}}" + eval apache24_configcheck_disable="\${apache24_${profile}_configcheck_disable:-${apache24_configcheck_disable}}" eval command="\${apache24_${profile}_command:-${command}}" eval pidfile="\${apache24_${profile}_pidfile:-${pidfile}}" eval apache24_envvars="\${apache24_${profile}_envvars:-${envvars}}" @@ -123,10 +126,14 @@ if [ "${1}" != "stop" ] ; then \ apache24_accf fi +if checkyesno apache24_configcheck_disable +then + unset restart_precmd + unset reload_precmd +fi + apache24_requirepidfile() { - apache24_checkconfig - if [ ! "0`check_pidfile ${pidfile} ${command}`" -gt 1 ]; then echo "${name} not running? (check $pidfile)." exit 1 @@ -147,6 +154,11 @@ apache24_checkconfig() apache24_graceful() { apache24_requirepidfile + if ! checkyesno apache24_configcheck_disable + then + apache24_checkconfig + fi + echo "Performing a graceful restart" eval ${command} ${apache24_flags} -k graceful } @@ -154,13 +166,21 @@ apache24_graceful() { apache24_gracefulstop() { apache24_requirepidfile + if ! checkyesno apache24_configcheck_disable + then + apache24_checkconfig + fi + echo "Performing a graceful stop" eval ${command} ${apache24_flags} -k graceful-stop } apache24_precmd() { - apache24_checkconfig + if ! checkyesno apache24_configcheck_disable + then + apache24_checkconfig + fi if checkyesno apache24limits_enable then Modified: branches/2014Q3/www/apache24/files/patch-Makefile.in ============================================================================== --- branches/2014Q3/www/apache24/files/patch-Makefile.in Sun Jul 20 22:22:10 2014 (r362381) +++ branches/2014Q3/www/apache24/files/patch-Makefile.in Sun Jul 20 22:34:13 2014 (r362382) @@ -1,5 +1,5 @@ --- ./Makefile.in.orig 2012-12-17 12:50:41.000000000 +0100 -+++ ./Makefile.in 2013-10-27 15:15:14.000000000 +0100 ++++ ./Makefile.in 2014-07-08 06:27:38.000000000 +0200 @@ -32,12 +32,10 @@ install-conf: @echo Installing configuration files @@ -91,16 +91,8 @@ install-other: @test -d $(DESTDIR)$(logfiledir) || $(MKINSTALLDIRS) $(DESTDIR)$(logfiledir) -@@ -224,19 +196,17 @@ - done - - install-man: -- @echo Installing man pages and online manual -+ @echo Installing man pages - @test -d $(DESTDIR)$(mandir) || $(MKINSTALLDIRS) $(DESTDIR)$(mandir) - @test -d $(DESTDIR)$(mandir)/man1 || $(MKINSTALLDIRS) $(DESTDIR)$(mandir)/man1 - @test -d $(DESTDIR)$(mandir)/man8 || $(MKINSTALLDIRS) $(DESTDIR)$(mandir)/man8 -- @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) +@@ -231,12 +203,7 @@ + @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) @cp -p $(top_srcdir)/docs/man/*.1 $(DESTDIR)$(mandir)/man1 @cp -p $(top_srcdir)/docs/man/*.8 $(DESTDIR)$(mandir)/man8 - @if test "x$(RSYNC)" != "x" && test -x $(RSYNC) ; then \ @@ -109,11 +101,7 @@ - cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir); \ - cd $(DESTDIR)$(manualdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi -+.if !defined(NOPORTDOCS) -+ @echo Installing online manual -+ @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) -+ cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir); -+.endif ++ cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir) install-suexec: @if test -f $(builddir)/support/suexec; then \ Copied: branches/2014Q3/www/apache24/files/patch-r1611744-modules__lua__lua_request.c (from r362371, head/www/apache24/files/patch-r1611744-modules__lua__lua_request.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q3/www/apache24/files/patch-r1611744-modules__lua__lua_request.c Sun Jul 20 22:34:13 2014 (r362382, copy of r362371, head/www/apache24/files/patch-r1611744-modules__lua__lua_request.c) @@ -0,0 +1,22 @@ +backport for mod_lua: Don't quote values in cookies; Make IE happy again [#56734] +http://svn.apache.org/viewvc?view=revision&revision=1611744 + + +--- ./modules/lua/lua_request.c.orig 2014-07-20 10:48:19.000000000 +0200 ++++ ./modules/lua/lua_request.c 2014-07-20 10:48:46.000000000 +0200 +@@ -2086,13 +2086,13 @@ + if (expires > 0) { + rv = apr_rfc822_date(cdate, apr_time_from_sec(expires)); + if (rv == APR_SUCCESS) { +- strexpires = apr_psprintf(r->pool, "Expires=\"%s\";", cdate); ++ strexpires = apr_psprintf(r->pool, "Expires=%s;", cdate); + } + } + + /* Create path segment */ + if (path != NULL && strlen(path) > 0) { +- strpath = apr_psprintf(r->pool, "Path=\"%s\";", path); ++ strpath = apr_psprintf(r->pool, "Path=%s;", path); + } + + /* Create domain segment */ Modified: branches/2014Q3/www/apache24/pkg-plist ============================================================================== --- branches/2014Q3/www/apache24/pkg-plist Sun Jul 20 22:22:10 2014 (r362381) +++ branches/2014Q3/www/apache24/pkg-plist Sun Jul 20 22:34:13 2014 (r362382) @@ -78,6 +78,7 @@ libexec/apache24/httpd.exp %%MOD_ALIAS%%libexec/apache24/mod_alias.so %%MOD_ALLOWMETHODS%%libexec/apache24/mod_allowmethods.so %%MOD_ASIS%%libexec/apache24/mod_asis.so +%%MOD_AUTHNZ_FCGI%%libexec/apache24/mod_authnz_fcgi.so %%MOD_AUTHNZ_LDAP%%libexec/apache24/mod_authnz_ldap.so %%MOD_AUTHN_ANON%%libexec/apache24/mod_authn_anon.so %%MOD_AUTHN_CORE%%libexec/apache24/mod_authn_core.so @@ -279,6 +280,7 @@ sbin/split-logfile @unexec if cmp -s %D/%%ETCDIR%%/mime.types %D/%%EXAMPLESDIR%%/mime.types; then rm -f %D/%%ETCDIR%%/mime.types; fi %%EXAMPLESDIR%%/mime.types @exec [ -f %D/%%ETCDIR%%/mime.types ] || cp %D/%%EXAMPLESDIR%%/mime.types %D/%%ETCDIR%%/mime.types +%%EXAMPLESDIR%%/modules.d/README_modules.d %%WWWDIR%%/cgi-bin/printenv %%WWWDIR%%/cgi-bin/printenv.vbs %%WWWDIR%%/cgi-bin/printenv.wsf @@ -545,22 +547,23 @@ sbin/split-logfile %%WWWDIR%%/icons/world2.gif %%WWWDIR%%/icons/world2.png %%WWWDIR%%/icons/xml.png -@dirrm %%WWWDIR%%/icons/small -@dirrm %%WWWDIR%%/icons -@dirrm %%WWWDIR%%/error/include -@dirrm %%WWWDIR%%/error -@dirrmtry %%WWWDIR%%/data -@dirrmtry %%WWWDIR%%/cgi-bin -@dirrmtry %%WWWDIR%% -@dirrm %%EXAMPLESDIR%%/extra -@dirrm %%EXAMPLESDIR%% -@dirrm %%DATADIR%%/build -@dirrm %%DATADIR%% -@dirrmtry libexec/apache24 -@dirrmtry include/apache24 @unexec rm -f %D/%%ETCDIR%%/httpd.conf.bak 2> /dev/null || true -@dirrmtry %%ETCDIR%%/modules.d -@dirrmtry %%ETCDIR%%/extra -@dirrmtry %%ETCDIR%%/envvars.d @dirrmtry %%ETCDIR%%/Includes +@dirrmtry %%ETCDIR%%/envvars.d +@dirrmtry %%ETCDIR%%/extra +@dirrmtry %%ETCDIR%%/modules.d @dirrmtry %%ETCDIR%% +@dirrmtry include/apache24 +@dirrmtry libexec/apache24 +@dirrm %%DATADIR%%/build +@dirrm %%DATADIR%% +@dirrm %%EXAMPLESDIR%%/extra +@dirrm %%EXAMPLESDIR%%/modules.d +@dirrm %%EXAMPLESDIR%% +@dirrmtry %%WWWDIR%%/cgi-bin +@dirrmtry %%WWWDIR%%/data +@dirrm %%WWWDIR%%/error/include +@dirrm %%WWWDIR%%/error +@dirrm %%WWWDIR%%/icons/small +@dirrm %%WWWDIR%%/icons +@dirrmtry %%WWWDIR%% From owner-svn-ports-branches@FreeBSD.ORG Mon Jul 21 09:15:08 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7B3E182D; Mon, 21 Jul 2014 09:15:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 681352B90; Mon, 21 Jul 2014 09:15:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6L9F8wu021372; Mon, 21 Jul 2014 09:15:08 GMT (envelope-from madpilot@svn.freebsd.org) Received: (from madpilot@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6L9F8NN021371; Mon, 21 Jul 2014 09:15:08 GMT (envelope-from madpilot@svn.freebsd.org) Message-Id: <201407210915.s6L9F8NN021371@svn.freebsd.org> From: Guido Falsi Date: Mon, 21 Jul 2014 09:15:08 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362413 - branches/2014Q3/comms/obexapp X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jul 2014 09:15:08 -0000 Author: madpilot Date: Mon Jul 21 09:15:07 2014 New Revision: 362413 URL: http://svnweb.freebsd.org/changeset/ports/362413 QAT: https://qat.redports.org/buildarchive/r362413/ Log: MFH: r362407 Fix build on head without shared readline. Approved by: portmgr (erwin) Modified: branches/2014Q3/comms/obexapp/Makefile Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/comms/obexapp/Makefile ============================================================================== --- branches/2014Q3/comms/obexapp/Makefile Mon Jul 21 09:01:22 2014 (r362412) +++ branches/2014Q3/comms/obexapp/Makefile Mon Jul 21 09:15:07 2014 (r362413) @@ -14,7 +14,7 @@ LIB_DEPENDS= libopenobex.so:${PORTSDIR}/ WRKSRC= ${WRKDIR}/${PORTNAME} -USES= iconv +USES= iconv readline PLIST_FILES= bin/obexapp .if !defined(NO_INSTALL_MANPAGES) From owner-svn-ports-branches@FreeBSD.ORG Tue Jul 22 19:30:29 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5968478A; Tue, 22 Jul 2014 19:30:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2BC552B82; Tue, 22 Jul 2014 19:30:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6MJUThc056046; Tue, 22 Jul 2014 19:30:29 GMT (envelope-from rakuco@svn.freebsd.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6MJUSru056041; Tue, 22 Jul 2014 19:30:28 GMT (envelope-from rakuco@svn.freebsd.org) Message-Id: <201407221930.s6MJUSru056041@svn.freebsd.org> From: Raphael Kubo da Costa Date: Tue, 22 Jul 2014 19:30:28 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362569 - branches/2014Q3/security/vuxml X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2014 19:30:29 -0000 Author: rakuco Date: Tue Jul 22 19:30:28 2014 New Revision: 362569 URL: http://svnweb.freebsd.org/changeset/ports/362569 QAT: https://qat.redports.org/buildarchive/r362569/ Log: MFH: r362280 Document qt4-gui/qt5-gui vulnerability. Approved by: portmgr (erwin) Modified: branches/2014Q3/security/vuxml/vuln.xml Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/security/vuxml/vuln.xml ============================================================================== --- branches/2014Q3/security/vuxml/vuln.xml Tue Jul 22 19:01:20 2014 (r362568) +++ branches/2014Q3/security/vuxml/vuln.xml Tue Jul 22 19:30:28 2014 (r362569) @@ -57,6 +57,40 @@ Notes: --> + + qt4-gui, qt5-gui -- DoS vulnerability in the GIF image handler + + + qt4-gui + 4.8.6_2 + + + qt5-gui + 5.2.1_3 + + + + +

Richard J. Moore reports:

+
+

The builtin GIF decoder in QtGui prior to Qt 5.3 contained a bug + that would lead to a null pointer dereference when loading certain + hand crafted corrupt GIF files. This in turn would cause the + application loading these hand crafted GIFs to crash.

+
+ + + + CVE-2014-0190 + 67087 + http://lists.qt-project.org/pipermail/announce/2014-April/000045.html + + + 2014-04-24 + 2014-07-19 + + + chromium -- multiple vulnerabilities From owner-svn-ports-branches@FreeBSD.ORG Tue Jul 22 19:32:50 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E6473A4E; Tue, 22 Jul 2014 19:32:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D1B972C2C; Tue, 22 Jul 2014 19:32:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6MJWop6059673; Tue, 22 Jul 2014 19:32:50 GMT (envelope-from rakuco@svn.freebsd.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6MJWouv059671; Tue, 22 Jul 2014 19:32:50 GMT (envelope-from rakuco@svn.freebsd.org) Message-Id: <201407221932.s6MJWouv059671@svn.freebsd.org> From: Raphael Kubo da Costa Date: Tue, 22 Jul 2014 19:32:50 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362571 - branches/2014Q3/security/vuxml X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2014 19:32:51 -0000 Author: rakuco Date: Tue Jul 22 19:32:50 2014 New Revision: 362571 URL: http://svnweb.freebsd.org/changeset/ports/362571 QAT: https://qat.redports.org/buildarchive/r362571/ Log: MFH: r362334 Fix the list of packages affected by 904d78b8-0f7e-11e4-8b71-5453ed2e2b49. Submitted by: RyoTa SimaMoto Approved by: portmgr (erwin, antoine) Modified: branches/2014Q3/security/vuxml/vuln.xml Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/security/vuxml/vuln.xml ============================================================================== --- branches/2014Q3/security/vuxml/vuln.xml Tue Jul 22 19:30:31 2014 (r362570) +++ branches/2014Q3/security/vuxml/vuln.xml Tue Jul 22 19:32:50 2014 (r362571) @@ -58,15 +58,15 @@ Notes: --> - qt4-gui, qt5-gui -- DoS vulnerability in the GIF image handler + qt4-imageformats, qt5-imageformats -- DoS vulnerability in the GIF image handler - qt4-gui - 4.8.6_2 + qt4-imageformats + 4.8.6_1 - qt5-gui - 5.2.1_3 + qt5-imageformats + 5.2.1_1 @@ -88,6 +88,7 @@ Notes: 2014-04-24 2014-07-19 + 2014-07-20 From owner-svn-ports-branches@FreeBSD.ORG Tue Jul 22 19:34:31 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 09B37C62; Tue, 22 Jul 2014 19:34:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E93CF2C4E; Tue, 22 Jul 2014 19:34:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6MJYUPS060198; Tue, 22 Jul 2014 19:34:30 GMT (envelope-from rakuco@svn.freebsd.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6MJYUU6060197; Tue, 22 Jul 2014 19:34:30 GMT (envelope-from rakuco@svn.freebsd.org) Message-Id: <201407221934.s6MJYUU6060197@svn.freebsd.org> From: Raphael Kubo da Costa Date: Tue, 22 Jul 2014 19:34:30 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362573 - branches/2014Q3/security/vuxml X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2014 19:34:31 -0000 Author: rakuco Date: Tue Jul 22 19:34:30 2014 New Revision: 362573 URL: http://svnweb.freebsd.org/changeset/ports/362573 QAT: https://qat.redports.org/buildarchive/r362573/ Log: MFH: r362499 Fix the recent Qt vulnerability entry again. The CVE patch applies to -imageformats in Qt4 but -gui in Qt5. I always get confused by the different port names... Noted by antoine@. Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49 Approved by: portmgr (antoine) Modified: branches/2014Q3/security/vuxml/vuln.xml Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/security/vuxml/vuln.xml ============================================================================== --- branches/2014Q3/security/vuxml/vuln.xml Tue Jul 22 19:33:41 2014 (r362572) +++ branches/2014Q3/security/vuxml/vuln.xml Tue Jul 22 19:34:30 2014 (r362573) @@ -58,15 +58,15 @@ Notes: --> - qt4-imageformats, qt5-imageformats -- DoS vulnerability in the GIF image handler + qt4-imageformats, qt5-gui -- DoS vulnerability in the GIF image handler qt4-imageformats 4.8.6_1 - qt5-imageformats - 5.2.1_1 + qt5-gui + 5.2.1_4 @@ -88,7 +88,7 @@ Notes: 2014-04-24 2014-07-19 - 2014-07-20 + 2014-07-21 From owner-svn-ports-branches@FreeBSD.ORG Tue Jul 22 19:41:01 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CD46B28C; Tue, 22 Jul 2014 19:41:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B83242CC4; Tue, 22 Jul 2014 19:41:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6MJf19v063836; Tue, 22 Jul 2014 19:41:01 GMT (envelope-from rakuco@svn.freebsd.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6MJf1SM063829; Tue, 22 Jul 2014 19:41:01 GMT (envelope-from rakuco@svn.freebsd.org) Message-Id: <201407221941.s6MJf1SM063829@svn.freebsd.org> From: Raphael Kubo da Costa Date: Tue, 22 Jul 2014 19:41:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362574 - in branches/2014Q3/x11-toolkits: qt4-gui qt4-gui/files qt5-gui qt5-gui/files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2014 19:41:01 -0000 Author: rakuco Date: Tue Jul 22 19:41:00 2014 New Revision: 362574 URL: http://svnweb.freebsd.org/changeset/ports/362574 QAT: https://qat.redports.org/buildarchive/r362574/ Log: MFH: r362281 Add patch for CVE-2014-0190 (DoS in the GIF image handler). Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49 Approved by: portmgr (erwin) Added: branches/2014Q3/x11-toolkits/qt4-gui/files/ - copied from r362281, head/x11-toolkits/qt4-gui/files/ branches/2014Q3/x11-toolkits/qt5-gui/files/ - copied from r362281, head/x11-toolkits/qt5-gui/files/ Modified: branches/2014Q3/x11-toolkits/qt4-gui/Makefile branches/2014Q3/x11-toolkits/qt5-gui/Makefile Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/x11-toolkits/qt4-gui/Makefile ============================================================================== --- branches/2014Q3/x11-toolkits/qt4-gui/Makefile Tue Jul 22 19:34:30 2014 (r362573) +++ branches/2014Q3/x11-toolkits/qt4-gui/Makefile Tue Jul 22 19:41:00 2014 (r362574) @@ -3,6 +3,7 @@ PORTNAME= gui DISTVERSION= ${QT4_VERSION} +PORTREVISION= 1 CATEGORIES= x11-toolkits PKGNAMEPREFIX= qt4- Modified: branches/2014Q3/x11-toolkits/qt5-gui/Makefile ============================================================================== --- branches/2014Q3/x11-toolkits/qt5-gui/Makefile Tue Jul 22 19:34:30 2014 (r362573) +++ branches/2014Q3/x11-toolkits/qt5-gui/Makefile Tue Jul 22 19:41:00 2014 (r362574) @@ -2,7 +2,7 @@ PORTNAME= gui DISTVERSION= ${QT5_VERSION} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11-toolkits graphics PKGNAMEPREFIX= qt5- From owner-svn-ports-branches@FreeBSD.ORG Tue Jul 22 19:44:10 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BC55C4C2; Tue, 22 Jul 2014 19:44:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8C65B2D6B; Tue, 22 Jul 2014 19:44:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6MJiAPO065017; Tue, 22 Jul 2014 19:44:10 GMT (envelope-from rakuco@svn.freebsd.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6MJiAht065015; Tue, 22 Jul 2014 19:44:10 GMT (envelope-from rakuco@svn.freebsd.org) Message-Id: <201407221944.s6MJiAht065015@svn.freebsd.org> From: Raphael Kubo da Costa Date: Tue, 22 Jul 2014 19:44:10 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362575 - in branches/2014Q3: graphics/qt4-imageformats graphics/qt4-imageformats/files graphics/qt5-imageformats graphics/qt5-imageformats/files x11-toolkits/qt4-gui/files x11-toolkits... X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2014 19:44:10 -0000 Author: rakuco Date: Tue Jul 22 19:44:09 2014 New Revision: 362575 URL: http://svnweb.freebsd.org/changeset/ports/362575 QAT: https://qat.redports.org/buildarchive/r362575/ Log: MFH: r362336 Move the patches fixing CVE-2014-0190 to the right ports. The GIF handler is part of qt{4,5}-imageformats, not qt{4,5}-gui. Big pointy hat to me. I've chosen not to force users to rebuild the -gui ports yet again with a PORTREVISION bump since the code built in those ports is the same regardless of whether the patch is applied or not. Submitted by: RyoTa SimaMoto Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49 Approved by: portmgr (antoine) Added: branches/2014Q3/graphics/qt4-imageformats/files/ - copied from r362336, head/graphics/qt4-imageformats/files/ branches/2014Q3/graphics/qt5-imageformats/files/ - copied from r362336, head/graphics/qt5-imageformats/files/ Deleted: branches/2014Q3/x11-toolkits/qt4-gui/files/ branches/2014Q3/x11-toolkits/qt5-gui/files/ Modified: branches/2014Q3/graphics/qt4-imageformats/Makefile branches/2014Q3/graphics/qt5-imageformats/Makefile Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/graphics/qt4-imageformats/Makefile ============================================================================== --- branches/2014Q3/graphics/qt4-imageformats/Makefile Tue Jul 22 19:41:00 2014 (r362574) +++ branches/2014Q3/graphics/qt4-imageformats/Makefile Tue Jul 22 19:44:09 2014 (r362575) @@ -3,6 +3,7 @@ PORTNAME= imageformats DISTVERSION= ${QT4_VERSION} +PORTREVISION= 1 CATEGORIES= graphics PKGNAMEPREFIX= qt4- Modified: branches/2014Q3/graphics/qt5-imageformats/Makefile ============================================================================== --- branches/2014Q3/graphics/qt5-imageformats/Makefile Tue Jul 22 19:41:00 2014 (r362574) +++ branches/2014Q3/graphics/qt5-imageformats/Makefile Tue Jul 22 19:44:09 2014 (r362575) @@ -2,6 +2,7 @@ PORTNAME= imageformats DISTVERSION= ${QT5_VERSION} +PORTREVISION= 1 CATEGORIES= graphics PKGNAMEPREFIX= qt5- From owner-svn-ports-branches@FreeBSD.ORG Tue Jul 22 19:47:59 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 343F166A; Tue, 22 Jul 2014 19:47:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1EC832DBC; Tue, 22 Jul 2014 19:47:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6MJlwl5065676; Tue, 22 Jul 2014 19:47:58 GMT (envelope-from rakuco@svn.freebsd.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6MJlwZd065675; Tue, 22 Jul 2014 19:47:58 GMT (envelope-from rakuco@svn.freebsd.org) Message-Id: <201407221947.s6MJlwZd065675@svn.freebsd.org> From: Raphael Kubo da Costa Date: Tue, 22 Jul 2014 19:47:58 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362576 - in branches/2014Q3: graphics/qt5-imageformats/files x11-toolkits/qt5-gui x11-toolkits/qt5-gui/files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2014 19:47:59 -0000 Author: rakuco Date: Tue Jul 22 19:47:58 2014 New Revision: 362576 URL: http://svnweb.freebsd.org/changeset/ports/362576 QAT: https://qat.redports.org/buildarchive/r362576/ Log: MFH: r362500 Move back the patch for CVE-2014-0190 to qt5-gui. It applies to -imageformats in Qt4, but -gui in Qt5. Noted by antoine@. A PORTREVISION bump was unavoidable to make sure people who build qt5-gui-5.2.1_3 without the patch rebuild the port with it. Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49 Approved by: portmgr (antoine) Added: branches/2014Q3/x11-toolkits/qt5-gui/files/ - copied from r362500, head/x11-toolkits/qt5-gui/files/ Deleted: branches/2014Q3/graphics/qt5-imageformats/files/ Modified: branches/2014Q3/x11-toolkits/qt5-gui/Makefile Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/x11-toolkits/qt5-gui/Makefile ============================================================================== --- branches/2014Q3/x11-toolkits/qt5-gui/Makefile Tue Jul 22 19:44:09 2014 (r362575) +++ branches/2014Q3/x11-toolkits/qt5-gui/Makefile Tue Jul 22 19:47:58 2014 (r362576) @@ -2,7 +2,7 @@ PORTNAME= gui DISTVERSION= ${QT5_VERSION} -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= x11-toolkits graphics PKGNAMEPREFIX= qt5- From owner-svn-ports-branches@FreeBSD.ORG Tue Jul 22 21:08:01 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E5D2A647; Tue, 22 Jul 2014 21:08:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CB9E2267A; Tue, 22 Jul 2014 21:08:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6ML81hs003349; Tue, 22 Jul 2014 21:08:01 GMT (envelope-from rakuco@svn.freebsd.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6ML816L003348; Tue, 22 Jul 2014 21:08:01 GMT (envelope-from rakuco@svn.freebsd.org) Message-Id: <201407222108.s6ML816L003348@svn.freebsd.org> From: Raphael Kubo da Costa Date: Tue, 22 Jul 2014 21:08:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362581 - branches/2014Q3/x11-toolkits/qt5-gui X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2014 21:08:02 -0000 Author: rakuco Date: Tue Jul 22 21:08:01 2014 New Revision: 362581 URL: http://svnweb.freebsd.org/changeset/ports/362581 QAT: https://qat.redports.org/buildarchive/r362581/ Log: Bump PORTREVISION once more. Sync its value with the one in HEAD, so that the range check in vuln.xml is correct (it is preferred not to change vuln.xml and update the ports it refers to than the other way around). Approved by: portmgr (mat) Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49 Modified: branches/2014Q3/x11-toolkits/qt5-gui/Makefile Modified: branches/2014Q3/x11-toolkits/qt5-gui/Makefile ============================================================================== --- branches/2014Q3/x11-toolkits/qt5-gui/Makefile Tue Jul 22 21:05:31 2014 (r362580) +++ branches/2014Q3/x11-toolkits/qt5-gui/Makefile Tue Jul 22 21:08:01 2014 (r362581) @@ -2,7 +2,7 @@ PORTNAME= gui DISTVERSION= ${QT5_VERSION} -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= x11-toolkits graphics PKGNAMEPREFIX= qt5- From owner-svn-ports-branches@FreeBSD.ORG Wed Jul 23 16:57:29 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 79F281C7; Wed, 23 Jul 2014 16:57:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 66EF7224D; Wed, 23 Jul 2014 16:57:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6NGvTPI059188; Wed, 23 Jul 2014 16:57:29 GMT (envelope-from sunpoet@svn.freebsd.org) Received: (from sunpoet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6NGvTHx059187; Wed, 23 Jul 2014 16:57:29 GMT (envelope-from sunpoet@svn.freebsd.org) Message-Id: <201407231657.s6NGvTHx059187@svn.freebsd.org> From: Sunpoet Po-Chuan Hsieh Date: Wed, 23 Jul 2014 16:57:29 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362709 - branches/2014Q3/Mk/Uses X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2014 16:57:29 -0000 Author: sunpoet Date: Wed Jul 23 16:57:28 2014 New Revision: 362709 URL: http://svnweb.freebsd.org/changeset/ports/362709 QAT: https://qat.redports.org/buildarchive/r362709/ Log: MFH: r362706 - Fix _TWISTED_COMPONENTS: add missing "pair" Approved by: portmgr (erwin) Modified: branches/2014Q3/Mk/Uses/twisted.mk Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/Mk/Uses/twisted.mk ============================================================================== --- branches/2014Q3/Mk/Uses/twisted.mk Wed Jul 23 16:51:38 2014 (r362708) +++ branches/2014Q3/Mk/Uses/twisted.mk Wed Jul 23 16:57:28 2014 (r362709) @@ -53,7 +53,7 @@ BUILD_DEPENDS+= ${PYTHON_SITELIBDIR}/twi RUN_DEPENDS+= ${PYTHON_SITELIBDIR}/twisted/__init__.py:${PORTSDIR}/devel/py-twistedCore .endif -_TWISTED_COMPONENTS= conch flow lore mail names news runner web web2 words +_TWISTED_COMPONENTS= conch flow lore mail names news pair runner web web2 words conch_DEPENDS= ${PYTHON_SITELIBDIR}/twisted/conch/__init__.py:${PORTSDIR}/security/py-twistedConch flow_DEPENDS= ${PYTHON_SITELIBDIR}/twisted/flow/__init__.py:${PORTSDIR}/devel/py-twistedFlow From owner-svn-ports-branches@FreeBSD.ORG Thu Jul 24 21:04:58 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 51504CC9; Thu, 24 Jul 2014 21:04:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3D8352847; Thu, 24 Jul 2014 21:04:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6OL4wIZ094951; Thu, 24 Jul 2014 21:04:58 GMT (envelope-from ohauer@svn.freebsd.org) Received: (from ohauer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6OL4uVS094939; Thu, 24 Jul 2014 21:04:56 GMT (envelope-from ohauer@svn.freebsd.org) Message-Id: <201407242104.s6OL4uVS094939@svn.freebsd.org> From: Olli Hauer Date: Thu, 24 Jul 2014 21:04:56 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362850 - in branches/2014Q3/www/apache22: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jul 2014 21:04:58 -0000 Author: ohauer Date: Thu Jul 24 21:04:56 2014 New Revision: 362850 URL: http://svnweb.freebsd.org/changeset/ports/362850 QAT: https://qat.redports.org/buildarchive/r362850/ Log: - merge apache backports - do not merge new apache default version (Mk/bsd.apache.mk) Approved by: portmgr (erwin@) Added: branches/2014Q3/www/apache22/files/HEADS_UP - copied, changed from r361294, head/www/apache22/files/HEADS_UP branches/2014Q3/www/apache22/files/patch-CVE-2014-0118__mod_deflate.c - copied unchanged from r362845, head/www/apache22/files/patch-CVE-2014-0118__mod_deflate.c branches/2014Q3/www/apache22/files/patch-CVE-2014-0226__scoreboard.c - copied unchanged from r362845, head/www/apache22/files/patch-CVE-2014-0226__scoreboard.c branches/2014Q3/www/apache22/files/patch-CVE-2014-0231__mod_cgid.c - copied unchanged from r362845, head/www/apache22/files/patch-CVE-2014-0231__mod_cgid.c Modified: branches/2014Q3/www/apache22/Makefile branches/2014Q3/www/apache22/files/patch-Makefile.in branches/2014Q3/www/apache22/pkg-message branches/2014Q3/www/apache22/pkg-plist Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/www/apache22/Makefile ============================================================================== --- branches/2014Q3/www/apache22/Makefile Thu Jul 24 21:03:10 2014 (r362849) +++ branches/2014Q3/www/apache22/Makefile Thu Jul 24 21:04:56 2014 (r362850) @@ -2,7 +2,7 @@ PORTNAME= apache22 PORTVERSION= 2.2.27 -PORTREVISION?= 3 +PORTREVISION?= 6 CATEGORIES= www ipv6 MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} DISTNAME= httpd-${PORTVERSION} @@ -50,8 +50,7 @@ WITH_SSL_PORT?= 443 AUTHNZ_LDAP_CONFIGURE_ON= --enable-authnz-ldap # http://httpd.apache.org/docs/2.2/bind.html -IPV4_MAPPED_CONFIGURE_OFF= --disable-v4-mapped -IPV4_MAPPED_CONFIGURE_ON= --enable-v4-mapped +IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped LDAP_CONFIGURE_ON= --enable-ldap=shared SSL_CFLAGS= -I${OPENSSLINC} @@ -73,10 +72,6 @@ SUB_LIST+= RELOAD_CMD=graceful SUB_LIST+= RELOAD_CMD=hrestart .endif -.if ! ${PORT_OPTIONS:MDOCS} -MAKE_ENV+= NOPORTDOCS=yes -.endif - APR_CONFIG?= ${LOCALBASE}/bin/apr-1-config APU_CONFIG?= ${LOCALBASE}/bin/apu-1-config @@ -129,6 +124,12 @@ IGNORE= suEXEC UserDir patch requires m show-options: @${SED} -ne 's/^##//p' ${APACHEDIR}/Makefile.doc +pre-everything:: + @${CAT} ${FILESDIR}/HEADS_UP +.if !defined(BATCH) || !defined(PORT_BUILDING) + @/bin/sleep 5 +.endif + post-extract: # remove possible leftover .svn directories in the sources @${FIND} ${WRKSRC} -type d -name .svn -print | ${XARGS} ${RM} -rf @@ -152,9 +153,9 @@ pre-configure:: @${ECHO_MSG} " You can check your modules configuration by using make show-modules" @${ECHO_MSG} "" -# Fix build on FreeBSD-10+ with OpenSSL from ports +# Fix build with OpenSSL from ports .if ${PORT_OPTIONS:MSSL} -. if ${OPSYS} == FreeBSD && ${OSVERSION} > 1000000 +. if ${OPSYS} == FreeBSD . if defined(OPENSSL_INSTALLED) && ${OPENSSL_INSTALLED} != "" @${ECHO_MSG} "===> apply fix for FreeBSD-${OSREL} (${OSVERSION}) for usage with ${OPENSSL_INSTALLED}" @${ECHO_MSG} "" @@ -172,8 +173,14 @@ post-configure: post-install: @${MKDIR} ${ETC_SUBDIRS:S|^|${STAGEDIR}${ETCDIR}/|} ${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/ - ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}/${ETCDIR}/modules.d/ - + ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${ETCDIR}/modules.d/ +# place for module configuration samples + @${MKDIR} ${STAGEDIR}/${EXAMPLESDIR}/modules.d + ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${EXAMPLESDIR}/modules.d + +# suppress warning for non binary files + -@${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/* \ + ${STAGEDIR}${PREFIX}/libexec/apache22/*.so 2>/dev/null .if ${PORT_OPTIONS:MLOG_FORENSIC} @${INSTALL_SCRIPT} ${WRKSRC}/support/check_forensic ${STAGEDIR}${PREFIX}/sbin .endif Copied and modified: branches/2014Q3/www/apache22/files/HEADS_UP (from r361294, head/www/apache22/files/HEADS_UP) ============================================================================== --- head/www/apache22/files/HEADS_UP Tue Jul 8 21:31:49 2014 (r361294, copy source) +++ branches/2014Q3/www/apache22/files/HEADS_UP Thu Jul 24 21:04:56 2014 (r362850) @@ -1,13 +1,13 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! H E A D S - U P -2014-07-11: - The default version will change from www/apache22 to www/apache24, +2014-07-13: + The default version was changed from www/apache22 to www/apache24, pre-build apache modules will also reflect this! In case ports are build by yourself and apache22 is required use the following command to keep apache22 as default - echo "APACHE_DEFAULT=2.2" >> /etc/make.conf + echo "DEFAULT_VERSIONS+=apache=2.2" >> /etc/make.conf !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Copied: branches/2014Q3/www/apache22/files/patch-CVE-2014-0118__mod_deflate.c (from r362845, head/www/apache22/files/patch-CVE-2014-0118__mod_deflate.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q3/www/apache22/files/patch-CVE-2014-0118__mod_deflate.c Thu Jul 24 21:04:56 2014 (r362850, copy of r362845, head/www/apache22/files/patch-CVE-2014-0118__mod_deflate.c) @@ -0,0 +1,284 @@ +SECURITY: CVE-2014-0118 (cve.mitre.org) + +mod_deflate: The DEFLATE input filter (inflates request bodies) now +limits the length and compression ratio of inflated request bodies to +avoid denial of sevice via highly compressed bodies. See directives +DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and +DeflateInflateRatioBurst. + +http://svn.apache.org/viewvc?view=revision&revision=1611426 + + +--- ./modules/filters/mod_deflate.c.orig 2011-08-29 17:22:22.000000000 +0200 ++++ ./modules/filters/mod_deflate.c 2014-07-24 21:07:40.000000000 +0200 +@@ -37,6 +37,7 @@ + #include "httpd.h" + #include "http_config.h" + #include "http_log.h" ++#include "http_core.h" + #include "apr_lib.h" + #include "apr_strings.h" + #include "apr_general.h" +@@ -51,6 +52,9 @@ + static const char deflateFilterName[] = "DEFLATE"; + module AP_MODULE_DECLARE_DATA deflate_module; + ++#define AP_INFLATE_RATIO_LIMIT 200 ++#define AP_INFLATE_RATIO_BURST 3 ++ + typedef struct deflate_filter_config_t + { + int windowSize; +@@ -62,6 +66,12 @@ + char *note_output_name; + } deflate_filter_config; + ++typedef struct deflate_dirconf_t { ++ apr_off_t inflate_limit; ++ int ratio_limit, ++ ratio_burst; ++} deflate_dirconf_t; ++ + /* RFC 1952 Section 2.3 defines the gzip header: + * + * +---+---+---+---+---+---+---+---+---+---+ +@@ -193,6 +203,14 @@ + return c; + } + ++static void *create_deflate_dirconf(apr_pool_t *p, char *dummy) ++{ ++ deflate_dirconf_t *dc = apr_pcalloc(p, sizeof(*dc)); ++ dc->ratio_limit = AP_INFLATE_RATIO_LIMIT; ++ dc->ratio_burst = AP_INFLATE_RATIO_BURST; ++ return dc; ++} ++ + static const char *deflate_set_window_size(cmd_parms *cmd, void *dummy, + const char *arg) + { +@@ -284,6 +302,55 @@ + return NULL; + } + ++ ++static const char *deflate_set_inflate_limit(cmd_parms *cmd, void *dirconf, ++ const char *arg) ++{ ++ deflate_dirconf_t *dc = (deflate_dirconf_t*) dirconf; ++ char *errp; ++ ++ if (APR_SUCCESS != apr_strtoff(&dc->inflate_limit, arg, &errp, 10)) { ++ return "DeflateInflateLimitRequestBody is not parsable."; ++ } ++ if (*errp || dc->inflate_limit < 0) { ++ return "DeflateInflateLimitRequestBody requires a non-negative integer."; ++ } ++ ++ return NULL; ++} ++ ++static const char *deflate_set_inflate_ratio_limit(cmd_parms *cmd, ++ void *dirconf, ++ const char *arg) ++{ ++ deflate_dirconf_t *dc = (deflate_dirconf_t*) dirconf; ++ int i; ++ ++ i = atoi(arg); ++ if (i <= 0) ++ return "DeflateInflateRatioLimit must be positive"; ++ ++ dc->ratio_limit = i; ++ ++ return NULL; ++} ++ ++static const char *deflate_set_inflate_ratio_burst(cmd_parms *cmd, ++ void *dirconf, ++ const char *arg) ++{ ++ deflate_dirconf_t *dc = (deflate_dirconf_t*) dirconf; ++ int i; ++ ++ i = atoi(arg); ++ if (i <= 0) ++ return "DeflateInflateRatioBurst must be positive"; ++ ++ dc->ratio_burst = i; ++ ++ return NULL; ++} ++ + typedef struct deflate_ctx_t + { + z_stream stream; +@@ -294,8 +361,26 @@ + unsigned char *validation_buffer; + apr_size_t validation_buffer_length; + int inflate_init; ++ int ratio_hits; ++ apr_off_t inflate_total; + } deflate_ctx; + ++/* Check whether the (inflate) ratio exceeds the configured limit/burst. */ ++static int check_ratio(request_rec *r, deflate_ctx *ctx, ++ const deflate_dirconf_t *dc) ++{ ++ if (ctx->stream.total_in) { ++ int ratio = ctx->stream.total_out / ctx->stream.total_in; ++ if (ratio < dc->ratio_limit) { ++ ctx->ratio_hits = 0; ++ } ++ else if (++ctx->ratio_hits > dc->ratio_burst) { ++ return 0; ++ } ++ } ++ return 1; ++} ++ + /* Number of validation bytes (CRC and length) after the compressed data */ + #define VALIDATION_SIZE 8 + /* Do not update ctx->crc, see comment in flush_libz_buffer */ +@@ -744,6 +829,8 @@ + int zRC; + apr_status_t rv; + deflate_filter_config *c; ++ deflate_dirconf_t *dc; ++ apr_off_t inflate_limit; + + /* just get out of the way of things we don't want. */ + if (mode != AP_MODE_READBYTES) { +@@ -751,6 +838,7 @@ + } + + c = ap_get_module_config(r->server->module_config, &deflate_module); ++ dc = ap_get_module_config(r->per_dir_config, &deflate_module); + + if (!ctx) { + char deflate_hdr[10]; +@@ -803,11 +891,13 @@ + if (len != 10 || + deflate_hdr[0] != deflate_magic[0] || + deflate_hdr[1] != deflate_magic[1]) { ++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "Failed to inflate input: wrong/partial magic bytes"); + return APR_EGENERAL; + } + + /* We can't handle flags for now. */ + if (deflate_hdr[3] != 0) { ++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "Failed to inflate input: cannot handle deflate flags"); + return APR_EGENERAL; + } + +@@ -831,6 +921,12 @@ + apr_brigade_cleanup(ctx->bb); + } + ++ inflate_limit = dc->inflate_limit; ++ if (inflate_limit == 0) { ++ /* The core is checking the deflated body, we'll check the inflated */ ++ inflate_limit = ap_get_limit_req_body(f->r); ++ } ++ + if (APR_BRIGADE_EMPTY(ctx->proc_bb)) { + rv = ap_get_brigade(f->next, ctx->bb, mode, block, readbytes); + +@@ -863,6 +959,17 @@ + + ctx->stream.next_out = ctx->buffer; + len = c->bufferSize - ctx->stream.avail_out; ++ ++ ctx->inflate_total += len; ++ if (inflate_limit && ctx->inflate_total > inflate_limit) { ++ inflateEnd(&ctx->stream); ++ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, ++ "Inflated content length of %" APR_OFF_T_FMT ++ " is larger than the configured limit" ++ " of %" APR_OFF_T_FMT, ++ ctx->inflate_total, inflate_limit); ++ return APR_ENOSPC; ++ } + + ctx->crc = crc32(ctx->crc, (const Bytef *)ctx->buffer, len); + tmp_heap = apr_bucket_heap_create((char *)ctx->buffer, len, +@@ -891,6 +998,26 @@ + ctx->stream.next_out = ctx->buffer; + len = c->bufferSize - ctx->stream.avail_out; + ++ ctx->inflate_total += len; ++ if (inflate_limit && ctx->inflate_total > inflate_limit) { ++ inflateEnd(&ctx->stream); ++ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, ++ "Inflated content length of %" APR_OFF_T_FMT ++ " is larger than the configured limit" ++ " of %" APR_OFF_T_FMT, ++ ctx->inflate_total, inflate_limit); ++ return APR_ENOSPC; ++ } ++ ++ if (!check_ratio(r, ctx, dc)) { ++ inflateEnd(&ctx->stream); ++ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, ++ "Inflated content ratio is larger than the " ++ "configured limit %i by %i time(s)", ++ dc->ratio_limit, dc->ratio_burst); ++ return APR_EINVAL; ++ } ++ + ctx->crc = crc32(ctx->crc, (const Bytef *)ctx->buffer, len); + tmp_heap = apr_bucket_heap_create((char *)ctx->buffer, len, + NULL, f->c->bucket_alloc); +@@ -1003,6 +1130,7 @@ + int zRC; + apr_status_t rv; + deflate_filter_config *c; ++ deflate_dirconf_t *dc; + + /* Do nothing if asked to filter nothing. */ + if (APR_BRIGADE_EMPTY(bb)) { +@@ -1010,6 +1138,7 @@ + } + + c = ap_get_module_config(r->server->module_config, &deflate_module); ++ dc = ap_get_module_config(r->per_dir_config, &deflate_module); + + if (!ctx) { + +@@ -1272,6 +1401,14 @@ + while (ctx->stream.avail_in != 0) { + if (ctx->stream.avail_out == 0) { + ++ if (!check_ratio(r, ctx, dc)) { ++ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, ++ "Inflated content ratio is larger than the " ++ "configured limit %i by %i time(s)", ++ dc->ratio_limit, dc->ratio_burst); ++ return APR_EINVAL; ++ } ++ + ctx->stream.next_out = ctx->buffer; + len = c->bufferSize - ctx->stream.avail_out; + +@@ -1346,12 +1483,20 @@ + "Set the Deflate Memory Level (1-9)"), + AP_INIT_TAKE1("DeflateCompressionLevel", deflate_set_compressionlevel, NULL, RSRC_CONF, + "Set the Deflate Compression Level (1-9)"), ++ AP_INIT_TAKE1("DeflateInflateLimitRequestBody", deflate_set_inflate_limit, NULL, OR_ALL, ++ "Set a limit on size of inflated input"), ++ AP_INIT_TAKE1("DeflateInflateRatioLimit", deflate_set_inflate_ratio_limit, NULL, OR_ALL, ++ "Set the inflate ratio limit above which inflation is " ++ "aborted (default: " APR_STRINGIFY(AP_INFLATE_RATIO_LIMIT) ")"), ++ AP_INIT_TAKE1("DeflateInflateRatioBurst", deflate_set_inflate_ratio_burst, NULL, OR_ALL, ++ "Set the maximum number of following inflate ratios above limit " ++ "(default: " APR_STRINGIFY(AP_INFLATE_RATIO_BURST) ")"), + {NULL} + }; + + module AP_MODULE_DECLARE_DATA deflate_module = { + STANDARD20_MODULE_STUFF, +- NULL, /* dir config creater */ ++ create_deflate_dirconf, /* dir config creater */ + NULL, /* dir merger --- default is to override */ + create_deflate_server_config, /* server config */ + NULL, /* merge server config */ Copied: branches/2014Q3/www/apache22/files/patch-CVE-2014-0226__scoreboard.c (from r362845, head/www/apache22/files/patch-CVE-2014-0226__scoreboard.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q3/www/apache22/files/patch-CVE-2014-0226__scoreboard.c Thu Jul 24 21:04:56 2014 (r362850, copy of r362845, head/www/apache22/files/patch-CVE-2014-0226__scoreboard.c) @@ -0,0 +1,82 @@ +SECURITY: CVE-2014-0226 (cve.mitre.org) + +Fix a race condition in scoreboard handling, +which could lead to a heap buffer overflow. Thanks to Marek Kroemeke +working with HP's Zero Day Initiative for reporting this. +* include/scoreboard.h: Add ap_copy_scoreboard_worker. +* server/scoreboard.c (ap_copy_scoreboard_worker): New function. +* modules/generators/mod_status.c (status_handler): Use it. + +http://svn.apache.org/viewvc?view=revision&revision=1610515 + +--- ./include/scoreboard.h.orig 2007-12-08 17:59:08.000000000 +0100 ++++ ./include/scoreboard.h 2014-07-24 21:07:40.000000000 +0200 +@@ -189,7 +189,24 @@ + int status, request_rec *r); + void ap_time_process_request(ap_sb_handle_t *sbh, int status); + ++/** Return a pointer to the worker_score for a given child, thread pair. ++ * @param child_num The child number. ++ * @param thread_num The thread number. ++ * @return A pointer to the worker_score structure. ++ * @deprecated This function is deprecated, use ap_copy_scoreboard_worker instead. ++ */ + AP_DECLARE(worker_score *) ap_get_scoreboard_worker(int x, int y); ++ ++/** Copy the contents of a worker's scoreboard entry. The contents of ++ * the worker_score structure are copied verbatim into the dest ++ * structure. ++ * @param dest Output parameter. ++ * @param child_num The child number. ++ * @param thread_num The thread number. ++ */ ++AP_DECLARE(void) ap_copy_scoreboard_worker(worker_score *dest, ++ int child_num, int thread_num); ++ + AP_DECLARE(process_score *) ap_get_scoreboard_process(int x); + AP_DECLARE(global_score *) ap_get_scoreboard_global(void); + AP_DECLARE(lb_score *) ap_get_scoreboard_lb(int lb_num); +--- ./server/scoreboard.c.orig 2012-07-24 15:46:40.000000000 +0200 ++++ ./server/scoreboard.c 2014-07-24 21:07:40.000000000 +0200 +@@ -510,6 +510,21 @@ + return &ap_scoreboard_image->servers[x][y]; + } + ++AP_DECLARE(void) ap_copy_scoreboard_worker(worker_score *dest, ++ int child_num, ++ int thread_num) ++{ ++ worker_score *ws = ap_get_scoreboard_worker(child_num, thread_num); ++ ++ memcpy(dest, ws, sizeof *ws); ++ ++ /* For extra safety, NUL-terminate the strings returned, though it ++ * should be true those last bytes are always zero anyway. */ ++ dest->client[sizeof(dest->client) - 1] = '\0'; ++ dest->request[sizeof(dest->request) - 1] = '\0'; ++ dest->vhost[sizeof(dest->vhost) - 1] = '\0'; ++} ++ + AP_DECLARE(process_score *) ap_get_scoreboard_process(int x) + { + if ((x < 0) || (server_limit < x)) { +--- ./modules/generators/mod_status.c.orig 2013-02-18 17:52:21.000000000 +0100 ++++ ./modules/generators/mod_status.c 2014-07-24 21:07:40.000000000 +0200 +@@ -241,7 +241,7 @@ + #endif + int short_report; + int no_table_report; +- worker_score *ws_record; ++ worker_score *ws_record = apr_palloc(r->pool, sizeof *ws_record); + process_score *ps_record; + char *stat_buffer; + pid_t *pid_buffer, worker_pid; +@@ -333,7 +333,7 @@ + for (j = 0; j < thread_limit; ++j) { + int indx = (i * thread_limit) + j; + +- ws_record = ap_get_scoreboard_worker(i, j); ++ ap_copy_scoreboard_worker(ws_record, i, j); + res = ws_record->status; + stat_buffer[indx] = status_flags[res]; + Copied: branches/2014Q3/www/apache22/files/patch-CVE-2014-0231__mod_cgid.c (from r362845, head/www/apache22/files/patch-CVE-2014-0231__mod_cgid.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q3/www/apache22/files/patch-CVE-2014-0231__mod_cgid.c Thu Jul 24 21:04:56 2014 (r362850, copy of r362845, head/www/apache22/files/patch-CVE-2014-0231__mod_cgid.c) @@ -0,0 +1,152 @@ +SECURITY: CVE-2014-0231 (cve.mitre.org) + +mod_cgid: Fix a denial of service against CGI scripts that do not consume +stdin that could lead to lingering HTTPD child processes filling up the +scoreboard and eventually hanging the server. + +http://svn.apache.org/viewvc?view=revision&revision=1611185 + + +--- ./modules/generators/mod_cgid.c.orig 2009-08-03 16:38:53.000000000 +0200 ++++ ./modules/generators/mod_cgid.c 2014-07-24 21:07:40.000000000 +0200 +@@ -93,6 +93,10 @@ + static pid_t parent_pid; + static ap_unix_identity_t empty_ugid = { (uid_t)-1, (gid_t)-1, -1 }; + ++typedef struct { ++ apr_interval_time_t timeout; ++} cgid_dirconf; ++ + /* The APR other-child API doesn't tell us how the daemon exited + * (SIGSEGV vs. exit(1)). The other-child maintenance function + * needs to decide whether to restart the daemon after a failure +@@ -934,7 +938,14 @@ + return overrides->logname ? overrides : base; + } + ++static void *create_cgid_dirconf(apr_pool_t *p, char *dummy) ++{ ++ cgid_dirconf *c = (cgid_dirconf *) apr_pcalloc(p, sizeof(cgid_dirconf)); ++ return c; ++} ++ + static const char *set_scriptlog(cmd_parms *cmd, void *dummy, const char *arg) ++ + { + server_rec *s = cmd->server; + cgid_server_conf *conf = ap_get_module_config(s->module_config, +@@ -987,7 +998,16 @@ + + return NULL; + } ++static const char *set_script_timeout(cmd_parms *cmd, void *dummy, const char *arg) ++{ ++ cgid_dirconf *dc = dummy; + ++ if (ap_timeout_parameter_parse(arg, &dc->timeout, "s") != APR_SUCCESS) { ++ return "CGIDScriptTimeout has wrong format"; ++ } ++ ++ return NULL; ++} + static const command_rec cgid_cmds[] = + { + AP_INIT_TAKE1("ScriptLog", set_scriptlog, NULL, RSRC_CONF, +@@ -999,6 +1019,10 @@ + AP_INIT_TAKE1("ScriptSock", set_script_socket, NULL, RSRC_CONF, + "the name of the socket to use for communication with " + "the cgi daemon."), ++ AP_INIT_TAKE1("CGIDScriptTimeout", set_script_timeout, NULL, RSRC_CONF | ACCESS_CONF, ++ "The amount of time to wait between successful reads from " ++ "the CGI script, in seconds."), ++ + {NULL} + }; + +@@ -1335,11 +1359,15 @@ + apr_file_t *tempsock; + struct cleanup_script_info *info; + apr_status_t rv; ++ cgid_dirconf *dc; + + if (strcmp(r->handler,CGI_MAGIC_TYPE) && strcmp(r->handler,"cgi-script")) + return DECLINED; + + conf = ap_get_module_config(r->server->module_config, &cgid_module); ++ dc = ap_get_module_config(r->per_dir_config, &cgid_module); ++ ++ + is_included = !strcmp(r->protocol, "INCLUDED"); + + if ((argv0 = strrchr(r->filename, '/')) != NULL) +@@ -1412,6 +1440,12 @@ + */ + + apr_os_pipe_put_ex(&tempsock, &sd, 1, r->pool); ++ if (dc->timeout > 0) { ++ apr_file_pipe_timeout_set(tempsock, dc->timeout); ++ } ++ else { ++ apr_file_pipe_timeout_set(tempsock, r->server->timeout); ++ } + apr_pool_cleanup_kill(r->pool, (void *)((long)sd), close_unix_socket); + + if ((argv0 = strrchr(r->filename, '/')) != NULL) +@@ -1487,6 +1521,10 @@ + if (rv != APR_SUCCESS) { + /* silly script stopped reading, soak up remaining message */ + child_stopped_reading = 1; ++ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, ++ "Error writing request body to script %s", ++ r->filename); ++ + } + } + apr_brigade_cleanup(bb); +@@ -1577,7 +1615,13 @@ + return HTTP_MOVED_TEMPORARILY; + } + +- ap_pass_brigade(r->output_filters, bb); ++ rv = ap_pass_brigade(r->output_filters, bb); ++ if (rv != APR_SUCCESS) { ++ /* APLOG_ERR because the core output filter message is at error, ++ * but doesn't know it's passing CGI output ++ */ ++ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, "Failed to flush CGI output to client"); ++ } + } + + if (nph) { +@@ -1707,6 +1751,8 @@ + request_rec *r = f->r; + cgid_server_conf *conf = ap_get_module_config(r->server->module_config, + &cgid_module); ++ cgid_dirconf *dc = ap_get_module_config(r->per_dir_config, &cgid_module); ++ + struct cleanup_script_info *info; + + add_ssi_vars(r); +@@ -1736,6 +1782,13 @@ + * get rid of the cleanup we registered when we created the socket. + */ + apr_os_pipe_put_ex(&tempsock, &sd, 1, r->pool); ++ if (dc->timeout > 0) { ++ apr_file_pipe_timeout_set(tempsock, dc->timeout); ++ } ++ else { ++ apr_file_pipe_timeout_set(tempsock, r->server->timeout); ++ } ++ + apr_pool_cleanup_kill(r->pool, (void *)((long)sd), close_unix_socket); + + APR_BRIGADE_INSERT_TAIL(bb, apr_bucket_pipe_create(tempsock, +@@ -1841,7 +1894,7 @@ + + module AP_MODULE_DECLARE_DATA cgid_module = { + STANDARD20_MODULE_STUFF, +- NULL, /* dir config creater */ ++ create_cgid_dirconf, /* dir config creater */ + NULL, /* dir merger --- default is to override */ + create_cgid_config, /* server config */ + merge_cgid_config, /* merge server config */ Modified: branches/2014Q3/www/apache22/files/patch-Makefile.in ============================================================================== --- branches/2014Q3/www/apache22/files/patch-Makefile.in Thu Jul 24 21:03:10 2014 (r362849) +++ branches/2014Q3/www/apache22/files/patch-Makefile.in Thu Jul 24 21:04:56 2014 (r362850) @@ -1,5 +1,5 @@ --- ./Makefile.in.orig 2008-11-25 21:24:49.000000000 +0100 -+++ ./Makefile.in 2013-10-27 15:13:17.000000000 +0100 ++++ ./Makefile.in 2014-07-08 06:12:16.000000000 +0200 @@ -31,12 +31,10 @@ install-conf: @echo Installing configuration files @@ -91,16 +91,8 @@ install-other: @test -d $(DESTDIR)$(logfiledir) || $(MKINSTALLDIRS) $(DESTDIR)$(logfiledir) -@@ -203,19 +175,17 @@ - done - - install-man: -- @echo Installing man pages and online manual -+ @echo Installing man pages - @test -d $(DESTDIR)$(mandir) || $(MKINSTALLDIRS) $(DESTDIR)$(mandir) - @test -d $(DESTDIR)$(mandir)/man1 || $(MKINSTALLDIRS) $(DESTDIR)$(mandir)/man1 - @test -d $(DESTDIR)$(mandir)/man8 || $(MKINSTALLDIRS) $(DESTDIR)$(mandir)/man8 -- @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) +@@ -210,12 +182,7 @@ + @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) @cp -p $(top_srcdir)/docs/man/*.1 $(DESTDIR)$(mandir)/man1 @cp -p $(top_srcdir)/docs/man/*.8 $(DESTDIR)$(mandir)/man8 - @if test "x$(RSYNC)" != "x" && test -x $(RSYNC) ; then \ @@ -109,11 +101,7 @@ - cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir); \ - cd $(DESTDIR)$(manualdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi -+.if !defined(NOPORTDOCS) -+ @echo Installing online manual -+ @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) -+ cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir); -+.endif ++ cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir) install-suexec: @if test -f $(builddir)/support/suexec; then \ Modified: branches/2014Q3/www/apache22/pkg-message ============================================================================== --- branches/2014Q3/www/apache22/pkg-message Thu Jul 24 21:03:10 2014 (r362849) +++ branches/2014Q3/www/apache22/pkg-message Thu Jul 24 21:04:56 2014 (r362850) @@ -4,3 +4,16 @@ in your /etc/rc.conf. Extra options can Your hostname must be resolvable using at least 1 mechanism in /etc/nsswitch.conf typically DNS or /etc/hosts or apache might have issues starting depending on the modules you are using. + +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + H E A D S - U P +2014-07-13: + The default version was changed from www/apache22 to www/apache24, + pre-build apache modules will also reflect this! + + In case ports are build by yourself and apache22 is required + use the following command to keep apache22 as default + + echo "DEFAULT_VERSIONS+=apache=2.2" >> /etc/make.conf + +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Modified: branches/2014Q3/www/apache22/pkg-plist ============================================================================== --- branches/2014Q3/www/apache22/pkg-plist Thu Jul 24 21:03:10 2014 (r362849) +++ branches/2014Q3/www/apache22/pkg-plist Thu Jul 24 21:04:56 2014 (r362850) @@ -216,6 +216,7 @@ sbin/split-logfile @unexec if cmp -s %D/%%ETCDIR%%/mime.types %D/%%EXAMPLESDIR%%/mime.types; then rm -f %D/%%ETCDIR%%/mime.types; fi %%EXAMPLESDIR%%/mime.types @exec [ -f %D/%%ETCDIR%%/mime.types ] || cp %D/%%EXAMPLESDIR%%/mime.types %D/%%ETCDIR%%/mime.types +%%EXAMPLESDIR%%/modules.d/README_modules.d %%WWWDIR%%/cgi-bin/printenv %%WWWDIR%%/cgi-bin/test-cgi %%WWWDIR%%/error/HTTP_BAD_GATEWAY.html.var @@ -461,22 +462,23 @@ sbin/split-logfile %%WWWDIR%%/icons/world1.png %%WWWDIR%%/icons/world2.gif %%WWWDIR%%/icons/world2.png -@dirrm %%WWWDIR%%/icons/small -@dirrm %%WWWDIR%%/icons -@dirrm %%WWWDIR%%/error/include -@dirrm %%WWWDIR%%/error -@dirrmtry %%WWWDIR%%/data -@dirrmtry %%WWWDIR%%/cgi-bin -@dirrmtry %%WWWDIR%% -@dirrm %%EXAMPLESDIR%%/extra -@dirrm %%EXAMPLESDIR%% -@dirrm %%DATADIR%%/build -@dirrm %%DATADIR%% -@dirrmtry libexec/apache22 -@dirrmtry include/apache22 @unexec rm -f %D/%%ETCDIR%%/httpd.conf.bak 2> /dev/null || true -@dirrmtry %%ETCDIR%%/modules.d -@dirrmtry %%ETCDIR%%/extra -@dirrmtry %%ETCDIR%%/envvars.d @dirrmtry %%ETCDIR%%/Includes +@dirrmtry %%ETCDIR%%/envvars.d +@dirrmtry %%ETCDIR%%/extra +@dirrmtry %%ETCDIR%%/modules.d @dirrmtry %%ETCDIR%% +@dirrmtry include/apache22 +@dirrmtry libexec/apache22 +@dirrm %%DATADIR%%/build +@dirrm %%DATADIR%% +@dirrm %%EXAMPLESDIR%%/extra +@dirrm %%EXAMPLESDIR%%/modules.d +@dirrm %%EXAMPLESDIR%% +@dirrmtry %%WWWDIR%%/cgi-bin +@dirrmtry %%WWWDIR%%/data +@dirrm %%WWWDIR%%/error/include +@dirrm %%WWWDIR%%/error +@dirrm %%WWWDIR%%/icons/small +@dirrm %%WWWDIR%%/icons +@dirrmtry %%WWWDIR%% From owner-svn-ports-branches@FreeBSD.ORG Fri Jul 25 09:25:40 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E68EF2FA; Fri, 25 Jul 2014 09:25:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D2D3B28EE; Fri, 25 Jul 2014 09:25:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6P9PeHF033321; Fri, 25 Jul 2014 09:25:40 GMT (envelope-from antoine@svn.freebsd.org) Received: (from antoine@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6P9Pe4g033320; Fri, 25 Jul 2014 09:25:40 GMT (envelope-from antoine@svn.freebsd.org) Message-Id: <201407250925.s6P9Pe4g033320@svn.freebsd.org> From: Antoine Brodin Date: Fri, 25 Jul 2014 09:25:40 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362877 - in branches/2014Q3/editors/gobby: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jul 2014 09:25:41 -0000 Author: antoine Date: Fri Jul 25 09:25:40 2014 New Revision: 362877 URL: http://svnweb.freebsd.org/changeset/ports/362877 QAT: https://qat.redports.org/buildarchive/r362877/ Log: MFH: r362800 - Fix build with clang Reported by: pkg-fallout Approved by: portmgr (self) Added: branches/2014Q3/editors/gobby/files/ - copied from r362800, head/editors/gobby/files/ Modified: branches/2014Q3/editors/gobby/Makefile Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/editors/gobby/Makefile ============================================================================== --- branches/2014Q3/editors/gobby/Makefile Fri Jul 25 09:01:30 2014 (r362876) +++ branches/2014Q3/editors/gobby/Makefile Fri Jul 25 09:25:40 2014 (r362877) @@ -2,6 +2,7 @@ PORTNAME= gobby PORTVERSION= 0.4.13 +PORTREVISION= 1 CATEGORIES= editors MASTER_SITES= http://releases.0x539.de/gobby/ \ LOCAL/${MAINTAINER:C/([^@]*)@.*/\1/} @@ -19,8 +20,8 @@ LIB_DEPENDS= libobby.so:${PORTSDIR}/deve OPTIONS_DEFINE= GTKSPELL NLS GTKSPELL_DESC= Enable GtkSpell support -USE_GNOME= gnomehack gtksourceview2 intltool -USES= gmake pkgconfig +USE_GNOME= gtksourceview2 intltool +USES= gmake pkgconfig pathfix GNU_CONFIGURE= yes INSTALLS_ICONS= yes From owner-svn-ports-branches@FreeBSD.ORG Fri Jul 25 14:27:24 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EAE04EF3; Fri, 25 Jul 2014 14:27:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D75F02794; Fri, 25 Jul 2014 14:27:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6PERNAG072881; Fri, 25 Jul 2014 14:27:23 GMT (envelope-from ohauer@svn.freebsd.org) Received: (from ohauer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6PERNuV072877; Fri, 25 Jul 2014 14:27:23 GMT (envelope-from ohauer@svn.freebsd.org) Message-Id: <201407251427.s6PERNuV072877@svn.freebsd.org> From: Olli Hauer Date: Fri, 25 Jul 2014 14:27:23 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362914 - branches/2014Q3/devel/bugzilla44 X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jul 2014 14:27:24 -0000 Author: ohauer Date: Fri Jul 25 14:27:22 2014 New Revision: 362914 URL: http://svnweb.freebsd.org/changeset/ports/362914 QAT: https://qat.redports.org/buildarchive/r362914/ Log: MFH: r362911 - update to bugzilla44-4.4.5 Vulnerability Details ===================== Class: Cross Site Request Forgery Versions: 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, 4.5.1 to 4.5.4 Fixed In: 4.0.14, 4.2.10, 4.4.5, 4.5.5 Description: Adobe does not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against Bugzilla's JSONP endpoint, possibly obtaining sensitive bug information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API. http://www.bugzilla.org/security/4.0.13/ Security: 9defb2d6-1404-11e4-8cae-20cf30e32f6d CVE-2014-1546 Approved by: portmgr (erwin@) Modified: branches/2014Q3/devel/bugzilla44/Makefile branches/2014Q3/devel/bugzilla44/distinfo branches/2014Q3/devel/bugzilla44/pkg-plist Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/devel/bugzilla44/Makefile ============================================================================== --- branches/2014Q3/devel/bugzilla44/Makefile Fri Jul 25 14:22:44 2014 (r362913) +++ branches/2014Q3/devel/bugzilla44/Makefile Fri Jul 25 14:27:22 2014 (r362914) @@ -1,8 +1,7 @@ # $FreeBSD$ PORTNAME= bugzilla -PORTVERSION= 4.4.4 -PORTREVISION= 1 +PORTVERSION= 4.4.5 CATEGORIES= devel MASTER_SITES= BUGZILLA MASTER_SITE_SUBDIR= webtools webtools/archived @@ -162,7 +161,8 @@ EXTRA_PATCHES= ${FILESDIR}/freebsd-proje post-extract: @${RM} -rf ${WRKSRC}/.bzr @${RM} -f ${WRKSRC}/.bzrignore ${WRKSRC}/.gitignore ${WRKSRC}/.gitrev \ - ${WRKSRC}/docs/en/README.docs ${WRKSRC}/docs/en/html/Bugzilla-Guide.proc + ${WRKSRC}/docs/en/README.docs ${WRKSRC}/docs/en/html/Bugzilla-Guide.proc \ + ${WRKSRC}/.travis.yml ${WRKSRC}/Build.PL ${WRKSRC}/MANIFEST.SKIP post-patch: @${PERL} -pi -e 's/(default => ON_WINDOWS.+)apache/$$1www/' \ @@ -178,7 +178,7 @@ post-patch: ${XARGS} ${REINPLACE_CMD} -i '' -e "s!/var/www/html/bugzilla!${WWWDIR}!" pre-install: - @${FIND} ${WRKSRC} -type f \( -name "*.orig" -or -name "*.bak" \) -delete + ${FIND} ${WRKSRC} -type f \( -name "*.orig" -or -name "*.bak" \) -delete do-install: .SILENT ${MKDIR} ${STAGEDIR}${WWWDIR} @@ -191,12 +191,11 @@ do-install: .SILENT ${TAR} -C ${WRKSRC} -cf - Bugzilla template | ${TAR} --unlink -C ${STAGEDIR}${WWWDIR} -xf - @${MKDIR} ${EMPTY_DIRS_LIST:S!^!${STAGEDIR}${WWWDIR}/!} @${MKDIR} ${STAGEDIR}${DOCSDIR} - (cd ${WRKSRC}/docs/ && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR}/) + (cd ${WRKSRC}/docs/ && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR}) .if ${PORT_OPTIONS:MCONTRIB} - @(cd ${WRKSRC}/contrib && \ - ${FIND} . -type d -exec ${MKDIR} "${STAGEDIR}${WWWDIR}/contrib/{}" \; && \ - ${FIND} . -type f -exec ${INSTALL_DATA} "{}" "${STAGEDIR}${WWWDIR}/contrib/{}" \;) + @${MKDIR} ${STAGEDIR}${WWWDIR}/contrib + (cd ${WRKSRC}/contrib && ${COPYTREE_SHARE} . ${STAGEDIR}${WWWDIR}/contrib) .endif .include Modified: branches/2014Q3/devel/bugzilla44/distinfo ============================================================================== --- branches/2014Q3/devel/bugzilla44/distinfo Fri Jul 25 14:22:44 2014 (r362913) +++ branches/2014Q3/devel/bugzilla44/distinfo Fri Jul 25 14:27:22 2014 (r362914) @@ -1,2 +1,2 @@ -SHA256 (bugzilla/bugzilla-4.4.4.tar.gz) = c799da664c8b3ca8acf993026021249f12f2dd6c3604837bc3ebacf11927d2d1 -SIZE (bugzilla/bugzilla-4.4.4.tar.gz) = 2957476 +SHA256 (bugzilla/bugzilla-4.4.5.tar.gz) = 70609fa5bbe55a3b802afcf749a098824d7a96dc87b91ce07b000cfdd7987da5 +SIZE (bugzilla/bugzilla-4.4.5.tar.gz) = 2955964 Modified: branches/2014Q3/devel/bugzilla44/pkg-plist ============================================================================== --- branches/2014Q3/devel/bugzilla44/pkg-plist Fri Jul 25 14:22:44 2014 (r362913) +++ branches/2014Q3/devel/bugzilla44/pkg-plist Fri Jul 25 14:27:22 2014 (r362914) @@ -887,178 +887,178 @@ %%WWWDIR%%/whine.pl %%WWWDIR%%/whineatnews.pl %%WWWDIR%%/xmlrpc.cgi -@dirrmtry %%WWWDIR%%/xt -@dirrm %%WWWDIR%%/template/en/default/whine -@dirrm %%WWWDIR%%/template/en/default/setup -@dirrm %%WWWDIR%%/template/en/default/search -@dirrm %%WWWDIR%%/template/en/default/request -@dirrm %%WWWDIR%%/template/en/default/reports -@dirrm %%WWWDIR%%/template/en/default/pages -@dirrm %%WWWDIR%%/template/en/default/list -@dirrm %%WWWDIR%%/template/en/default/global -@dirrm %%WWWDIR%%/template/en/default/flag -@dirrm %%WWWDIR%%/template/en/default/extensions -@dirrm %%WWWDIR%%/template/en/default/email -@dirrm %%WWWDIR%%/template/en/default/bug/process -@dirrm %%WWWDIR%%/template/en/default/bug/create -@dirrm %%WWWDIR%%/template/en/default/bug/activity -@dirrm %%WWWDIR%%/template/en/default/bug -@dirrm %%WWWDIR%%/template/en/default/attachment -@dirrm %%WWWDIR%%/template/en/default/admin/workflow -@dirrm %%WWWDIR%%/template/en/default/admin/versions -@dirrm %%WWWDIR%%/template/en/default/admin/users -@dirrm %%WWWDIR%%/template/en/default/admin/settings -@dirrm %%WWWDIR%%/template/en/default/admin/sanitycheck -@dirrm %%WWWDIR%%/template/en/default/admin/products/groupcontrol -@dirrm %%WWWDIR%%/template/en/default/admin/products -@dirrm %%WWWDIR%%/template/en/default/admin/params -@dirrm %%WWWDIR%%/template/en/default/admin/milestones -@dirrm %%WWWDIR%%/template/en/default/admin/keywords -@dirrm %%WWWDIR%%/template/en/default/admin/groups -@dirrm %%WWWDIR%%/template/en/default/admin/flag-type -@dirrm %%WWWDIR%%/template/en/default/admin/fieldvalues -@dirrm %%WWWDIR%%/template/en/default/admin/custom_fields -@dirrm %%WWWDIR%%/template/en/default/admin/components -@dirrm %%WWWDIR%%/template/en/default/admin/classifications -@dirrm %%WWWDIR%%/template/en/default/admin -@dirrm %%WWWDIR%%/template/en/default/account/prefs -@dirrm %%WWWDIR%%/template/en/default/account/password -@dirrm %%WWWDIR%%/template/en/default/account/email -@dirrm %%WWWDIR%%/template/en/default/account/auth -@dirrm %%WWWDIR%%/template/en/default/account -@dirrm %%WWWDIR%%/template/en/default -@dirrm %%WWWDIR%%/template/en -@dirrmtry %%WWWDIR%%/template -@dirrmtry %%WWWDIR%%/t -@dirrm %%WWWDIR%%/skins/standard/index -@dirrm %%WWWDIR%%/skins/standard/global -@dirrm %%WWWDIR%%/skins/standard/dependency-tree -@dirrm %%WWWDIR%%/skins/standard -@dirrm %%WWWDIR%%/skins/contrib/Dusk -@dirrm %%WWWDIR%%/skins/contrib -@dirrmtry %%WWWDIR%%/skins -@dirrmtry %%WWWDIR%%/lib -@dirrmtry %%WWWDIR%%/js/yui/yuitest -@dirrmtry %%WWWDIR%%/js/yui/yuiloader -@dirrmtry %%WWWDIR%%/js/yui/yahoo-dom-event -@dirrmtry %%WWWDIR%%/js/yui/yahoo -@dirrmtry %%WWWDIR%%/js/yui/uploader -@dirrmtry %%WWWDIR%%/js/yui/treeview -@dirrmtry %%WWWDIR%%/js/yui/tabview -@dirrmtry %%WWWDIR%%/js/yui/swfstore -@dirrmtry %%WWWDIR%%/js/yui/swfdetect -@dirrmtry %%WWWDIR%%/js/yui/swf -@dirrmtry %%WWWDIR%%/js/yui/stylesheet -@dirrmtry %%WWWDIR%%/js/yui/storage -@dirrmtry %%WWWDIR%%/js/yui/slider -@dirrmtry %%WWWDIR%%/js/yui/selector -@dirrmtry %%WWWDIR%%/js/yui/resize -@dirrmtry %%WWWDIR%%/js/yui/reset-fonts-grids -@dirrmtry %%WWWDIR%%/js/yui/reset-fonts -@dirrmtry %%WWWDIR%%/js/yui/reset -@dirrmtry %%WWWDIR%%/js/yui/progressbar -@dirrmtry %%WWWDIR%%/js/yui/profilerviewer -@dirrmtry %%WWWDIR%%/js/yui/profiler -@dirrmtry %%WWWDIR%%/js/yui/paginator -@dirrmtry %%WWWDIR%%/js/yui/menu -@dirrmtry %%WWWDIR%%/js/yui/logger -@dirrmtry %%WWWDIR%%/js/yui/layout -@dirrmtry %%WWWDIR%%/js/yui/json -@dirrmtry %%WWWDIR%%/js/yui/imageloader -@dirrmtry %%WWWDIR%%/js/yui/imagecropper -@dirrmtry %%WWWDIR%%/js/yui/history -@dirrmtry %%WWWDIR%%/js/yui/grids -@dirrmtry %%WWWDIR%%/js/yui/get -@dirrmtry %%WWWDIR%%/js/yui/fonts -@dirrmtry %%WWWDIR%%/js/yui/event-simulate -@dirrmtry %%WWWDIR%%/js/yui/event-mouseenter -@dirrmtry %%WWWDIR%%/js/yui/event-delegate -@dirrmtry %%WWWDIR%%/js/yui/event -@dirrmtry %%WWWDIR%%/js/yui/element-delegate -@dirrmtry %%WWWDIR%%/js/yui/element -@dirrmtry %%WWWDIR%%/js/yui/dragdrop -@dirrmtry %%WWWDIR%%/js/yui/dom -@dirrmtry %%WWWDIR%%/js/yui/datemath -@dirrmtry %%WWWDIR%%/js/yui/datatable -@dirrmtry %%WWWDIR%%/js/yui/datasource -@dirrmtry %%WWWDIR%%/js/yui/cookie -@dirrmtry %%WWWDIR%%/js/yui/container -@dirrmtry %%WWWDIR%%/js/yui/connection -@dirrmtry %%WWWDIR%%/js/yui/colorpicker -@dirrmtry %%WWWDIR%%/js/yui/charts -@dirrmtry %%WWWDIR%%/js/yui/carousel -@dirrmtry %%WWWDIR%%/js/yui/calendar -@dirrmtry %%WWWDIR%%/js/yui/button -@dirrmtry %%WWWDIR%%/js/yui/base -@dirrmtry %%WWWDIR%%/js/yui/autocomplete -@dirrmtry %%WWWDIR%%/js/yui/assets/skins/sam -@dirrmtry %%WWWDIR%%/js/yui/assets/skins -@dirrmtry %%WWWDIR%%/js/yui/assets -@dirrmtry %%WWWDIR%%/js/yui/animation -@dirrmtry %%WWWDIR%%/js/yui -@dirrmtry %%WWWDIR%%/js/history.js -@dirrmtry %%WWWDIR%%/js -@dirrm %%WWWDIR%%/images -@dirrmtry %%WWWDIR%%/graphs -@dirrmtry %%WWWDIR%%/data -%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline -%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit -@dirrmtry %%WWWDIR%%/contrib -@dirrm %%WWWDIR%%/Bugzilla/Whine -@dirrm %%WWWDIR%%/Bugzilla/WebService/Server -@dirrm %%WWWDIR%%/Bugzilla/WebService -@dirrm %%WWWDIR%%/Bugzilla/User/Setting -@dirrm %%WWWDIR%%/Bugzilla/User -@dirrm %%WWWDIR%%/Bugzilla/Template/Plugin -@dirrm %%WWWDIR%%/Bugzilla/Template -@dirrm %%WWWDIR%%/Bugzilla/Send -@dirrm %%WWWDIR%%/Bugzilla/Search -@dirrm %%WWWDIR%%/Bugzilla/Migrate -@dirrm %%WWWDIR%%/Bugzilla/JobQueue -@dirrm %%WWWDIR%%/Bugzilla/Job -@dirrm %%WWWDIR%%/Bugzilla/Install -@dirrm %%WWWDIR%%/Bugzilla/Field -@dirrm %%WWWDIR%%/Bugzilla/DB/Schema -@dirrm %%WWWDIR%%/Bugzilla/DB -@dirrm %%WWWDIR%%/Bugzilla/Config -@dirrm %%WWWDIR%%/Bugzilla/BugUrl/Bugzilla -@dirrm %%WWWDIR%%/Bugzilla/BugUrl -@dirrm %%WWWDIR%%/Bugzilla/Auth/Verify -@dirrm %%WWWDIR%%/Bugzilla/Auth/Persist -@dirrm %%WWWDIR%%/Bugzilla/Auth/Login -@dirrm %%WWWDIR%%/Bugzilla/Auth -@dirrm %%WWWDIR%%/Bugzilla/Attachment -@dirrmtry %%WWWDIR%%/Bugzilla -@dirrmtry %%WWWDIR%% -%%PORTDOCS%%@dirrm %%DOCSDIR%%/xsl -%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch -%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML -%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple -%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod -%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/xml -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/txt -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/pdf -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images/callouts -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/extensions -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/contrib -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Whine -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService/Server -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User/Setting -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Auth +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Config +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/DB +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Field +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Install +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/JobQueue +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Search %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Template/Plugin %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Template -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Search -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/JobQueue -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Install -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Field -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/DB -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Config -%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Auth +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User/Setting +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService/Server +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Whine %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/contrib +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/extensions %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images/callouts +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/pdf +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/txt +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/xml %%PORTDOCS%%@dirrm %%DOCSDIR%%/en +%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML +%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch +%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple +%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod +%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib +%%PORTDOCS%%@dirrm %%DOCSDIR%%/xsl %%PORTDOCS%%@dirrm %%DOCSDIR%% +@dirrm %%WWWDIR%%/Bugzilla/Attachment +@dirrm %%WWWDIR%%/Bugzilla/Auth/Login +@dirrm %%WWWDIR%%/Bugzilla/Auth/Persist +@dirrm %%WWWDIR%%/Bugzilla/Auth/Verify +@dirrm %%WWWDIR%%/Bugzilla/Auth +@dirrm %%WWWDIR%%/Bugzilla/BugUrl/Bugzilla +@dirrm %%WWWDIR%%/Bugzilla/BugUrl +@dirrm %%WWWDIR%%/Bugzilla/Config +@dirrm %%WWWDIR%%/Bugzilla/DB/Schema +@dirrm %%WWWDIR%%/Bugzilla/DB +@dirrm %%WWWDIR%%/Bugzilla/Field +@dirrm %%WWWDIR%%/Bugzilla/Install +@dirrm %%WWWDIR%%/Bugzilla/Job +@dirrm %%WWWDIR%%/Bugzilla/JobQueue +@dirrm %%WWWDIR%%/Bugzilla/Migrate +@dirrm %%WWWDIR%%/Bugzilla/Search +@dirrm %%WWWDIR%%/Bugzilla/Send +@dirrm %%WWWDIR%%/Bugzilla/Template/Plugin +@dirrm %%WWWDIR%%/Bugzilla/Template +@dirrm %%WWWDIR%%/Bugzilla/User/Setting +@dirrm %%WWWDIR%%/Bugzilla/User +@dirrm %%WWWDIR%%/Bugzilla/WebService/Server +@dirrm %%WWWDIR%%/Bugzilla/WebService +@dirrm %%WWWDIR%%/Bugzilla/Whine +@dirrmtry %%WWWDIR%%/Bugzilla +%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit +%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline +@dirrmtry %%WWWDIR%%/contrib +@dirrmtry %%WWWDIR%%/data +@dirrmtry %%WWWDIR%%/graphs +@dirrmtry %%WWWDIR%%/images +@dirrm %%WWWDIR%%/js/history.js +@dirrm %%WWWDIR%%/js/yui/animation +@dirrm %%WWWDIR%%/js/yui/assets/skins/sam +@dirrm %%WWWDIR%%/js/yui/assets/skins +@dirrm %%WWWDIR%%/js/yui/assets +@dirrm %%WWWDIR%%/js/yui/autocomplete +@dirrm %%WWWDIR%%/js/yui/base +@dirrm %%WWWDIR%%/js/yui/button +@dirrm %%WWWDIR%%/js/yui/calendar +@dirrm %%WWWDIR%%/js/yui/carousel +@dirrm %%WWWDIR%%/js/yui/charts +@dirrm %%WWWDIR%%/js/yui/colorpicker +@dirrm %%WWWDIR%%/js/yui/connection +@dirrm %%WWWDIR%%/js/yui/container +@dirrm %%WWWDIR%%/js/yui/cookie +@dirrm %%WWWDIR%%/js/yui/datasource +@dirrm %%WWWDIR%%/js/yui/datatable +@dirrm %%WWWDIR%%/js/yui/datemath +@dirrm %%WWWDIR%%/js/yui/dom +@dirrm %%WWWDIR%%/js/yui/dragdrop +@dirrm %%WWWDIR%%/js/yui/element +@dirrm %%WWWDIR%%/js/yui/element-delegate +@dirrm %%WWWDIR%%/js/yui/event +@dirrm %%WWWDIR%%/js/yui/event-delegate +@dirrm %%WWWDIR%%/js/yui/event-mouseenter +@dirrm %%WWWDIR%%/js/yui/event-simulate +@dirrm %%WWWDIR%%/js/yui/fonts +@dirrm %%WWWDIR%%/js/yui/get +@dirrm %%WWWDIR%%/js/yui/grids +@dirrm %%WWWDIR%%/js/yui/history +@dirrm %%WWWDIR%%/js/yui/imagecropper +@dirrm %%WWWDIR%%/js/yui/imageloader +@dirrm %%WWWDIR%%/js/yui/json +@dirrm %%WWWDIR%%/js/yui/layout +@dirrm %%WWWDIR%%/js/yui/logger +@dirrm %%WWWDIR%%/js/yui/menu +@dirrm %%WWWDIR%%/js/yui/paginator +@dirrm %%WWWDIR%%/js/yui/profiler +@dirrm %%WWWDIR%%/js/yui/profilerviewer +@dirrm %%WWWDIR%%/js/yui/progressbar +@dirrm %%WWWDIR%%/js/yui/reset +@dirrm %%WWWDIR%%/js/yui/reset-fonts +@dirrm %%WWWDIR%%/js/yui/reset-fonts-grids +@dirrm %%WWWDIR%%/js/yui/resize +@dirrm %%WWWDIR%%/js/yui/selector +@dirrm %%WWWDIR%%/js/yui/slider +@dirrm %%WWWDIR%%/js/yui/storage +@dirrm %%WWWDIR%%/js/yui/stylesheet +@dirrm %%WWWDIR%%/js/yui/swf +@dirrm %%WWWDIR%%/js/yui/swfdetect +@dirrm %%WWWDIR%%/js/yui/swfstore +@dirrm %%WWWDIR%%/js/yui/tabview +@dirrm %%WWWDIR%%/js/yui/treeview +@dirrm %%WWWDIR%%/js/yui/uploader +@dirrm %%WWWDIR%%/js/yui/yahoo +@dirrm %%WWWDIR%%/js/yui/yahoo-dom-event +@dirrm %%WWWDIR%%/js/yui/yuiloader +@dirrm %%WWWDIR%%/js/yui/yuitest +@dirrm %%WWWDIR%%/js/yui +@dirrm %%WWWDIR%%/js +@dirrmtry %%WWWDIR%%/lib +@dirrm %%WWWDIR%%/skins/contrib/Dusk +@dirrm %%WWWDIR%%/skins/contrib +@dirrm %%WWWDIR%%/skins/standard/dependency-tree +@dirrm %%WWWDIR%%/skins/standard/global +@dirrm %%WWWDIR%%/skins/standard/index +@dirrm %%WWWDIR%%/skins/standard +@dirrmtry %%WWWDIR%%/skins +@dirrmtry %%WWWDIR%%/t +@dirrm %%WWWDIR%%/template/en/default/account/auth +@dirrm %%WWWDIR%%/template/en/default/account/email +@dirrm %%WWWDIR%%/template/en/default/account/password +@dirrm %%WWWDIR%%/template/en/default/account/prefs +@dirrm %%WWWDIR%%/template/en/default/account +@dirrm %%WWWDIR%%/template/en/default/admin/classifications +@dirrm %%WWWDIR%%/template/en/default/admin/components +@dirrm %%WWWDIR%%/template/en/default/admin/custom_fields +@dirrm %%WWWDIR%%/template/en/default/admin/fieldvalues +@dirrm %%WWWDIR%%/template/en/default/admin/flag-type +@dirrm %%WWWDIR%%/template/en/default/admin/groups +@dirrm %%WWWDIR%%/template/en/default/admin/keywords +@dirrm %%WWWDIR%%/template/en/default/admin/milestones +@dirrm %%WWWDIR%%/template/en/default/admin/params +@dirrm %%WWWDIR%%/template/en/default/admin/products/groupcontrol +@dirrm %%WWWDIR%%/template/en/default/admin/products +@dirrm %%WWWDIR%%/template/en/default/admin/sanitycheck +@dirrm %%WWWDIR%%/template/en/default/admin/settings +@dirrm %%WWWDIR%%/template/en/default/admin/users +@dirrm %%WWWDIR%%/template/en/default/admin/versions +@dirrm %%WWWDIR%%/template/en/default/admin/workflow +@dirrm %%WWWDIR%%/template/en/default/admin +@dirrm %%WWWDIR%%/template/en/default/attachment +@dirrm %%WWWDIR%%/template/en/default/bug/activity +@dirrm %%WWWDIR%%/template/en/default/bug/create +@dirrm %%WWWDIR%%/template/en/default/bug/process +@dirrm %%WWWDIR%%/template/en/default/bug +@dirrm %%WWWDIR%%/template/en/default/email +@dirrm %%WWWDIR%%/template/en/default/extensions +@dirrm %%WWWDIR%%/template/en/default/flag +@dirrm %%WWWDIR%%/template/en/default/global +@dirrm %%WWWDIR%%/template/en/default/list +@dirrm %%WWWDIR%%/template/en/default/pages +@dirrm %%WWWDIR%%/template/en/default/reports +@dirrm %%WWWDIR%%/template/en/default/request +@dirrm %%WWWDIR%%/template/en/default/search +@dirrm %%WWWDIR%%/template/en/default/setup +@dirrm %%WWWDIR%%/template/en/default/whine +@dirrm %%WWWDIR%%/template/en/default +@dirrm %%WWWDIR%%/template/en +@dirrmtry %%WWWDIR%%/template +@dirrmtry %%WWWDIR%%/xt +@dirrmtry %%WWWDIR%% From owner-svn-ports-branches@FreeBSD.ORG Fri Jul 25 20:16:04 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5160519B; Fri, 25 Jul 2014 20:16:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3CFC1296D; Fri, 25 Jul 2014 20:16:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6PKG4NL046745; Fri, 25 Jul 2014 20:16:04 GMT (envelope-from ohauer@svn.freebsd.org) Received: (from ohauer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6PKG4Bx046741; Fri, 25 Jul 2014 20:16:04 GMT (envelope-from ohauer@svn.freebsd.org) Message-Id: <201407252016.s6PKG4Bx046741@svn.freebsd.org> From: Olli Hauer Date: Fri, 25 Jul 2014 20:16:04 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362929 - branches/2014Q3/security/vuxml X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jul 2014 20:16:04 -0000 Author: ohauer Date: Fri Jul 25 20:16:03 2014 New Revision: 362929 URL: http://svnweb.freebsd.org/changeset/ports/362929 QAT: https://qat.redports.org/buildarchive/r362929/ Log: MFH: r360546 - Add seamonkey to list of things affected by mozilla issue MFH: r362122 Document new vulnerabilities in www/chromium < 36.0.1985.125 Submitted by: Carlos Jacobo Puga Medina via freebsd-chromium Obtained from: http://googlechromereleases.blogspot.nl/ MFH: r362180 Yet another tranche of phpMyAdmin security alerts. In typical style there has been a software release with warnings that it contains security fixes, but the Security Advisories are not yet available and CVE numbers have not yet been published. MFH: r362379 Update the latest phpMyAdmin entry with CVE numbers and descriptive text from the security advisories, now that they have been published. Security: 3f09ca29-0e48-11e4-b17a-6805ca0b3d42 MFH: r362379 Update the latest phpMyAdmin entry with CVE numbers and descriptive text from the security advisories, now that they have been published. Security: 3f09ca29-0e48-11e4-b17a-6805ca0b3d42 MFH: r362262 - document apache24 CVE entries until now there is no official CHANGELOG and apache-2.4.10 is not released, so take summary from upstream SVN. MFH: r362496 security/vuxml: document security issue in mcollective MFH: r362632 Document Mozilla multiple vulnerabilities. MFH: r362708 - Document vulnerabilities in www/tomcat*: CVE-2014-0096, CVE-2014-0099, CVE-2014-0075 MFH: r362844 - document apache22 CVE entries MFH: r362910 - document bugzilla Cross Site Request Forgery (CVE-2014-1546) Approved by: portmgr (erwin) Modified: branches/2014Q3/security/vuxml/vuln.xml Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/security/vuxml/vuln.xml ============================================================================== --- branches/2014Q3/security/vuxml/vuln.xml Fri Jul 25 20:12:19 2014 (r362928) +++ branches/2014Q3/security/vuxml/vuln.xml Fri Jul 25 20:16:03 2014 (r362929) @@ -57,6 +57,266 @@ Notes: --> + + bugzilla -- Cross Site Request Forgery + + + bugzilla44 + 4.4.5 + + + + +

A Bugzilla Security Advisory reports:

+
+

Adobe does not properly restrict the SWF file format, + which allows remote attackers to conduct cross-site + request forgery (CSRF) attacks against Bugzilla's JSONP + endpoint, possibly obtaining sensitive bug information, + via a crafted OBJECT element with SWF content satisfying + the character-set requirements of a callback API.

+
+ + + + CVE-2014-1546 + + + 2014-07-24 + 2014-07-25 + + + + + apache22 -- several vulnerabilities + + + apache22 + 2.2.02.2.27_6 + + + apache22-event-mpm + 2.2.02.2.27_6 + + + apache22-itk-mpm + 2.2.02.2.27_6 + + + apache22-peruser-mpm + 2.2.02.2.27_6 + + + apache22-worker-mpm + 2.2.02.2.27_6 + + + + +

Apache HTTP SERVER PROJECT reports:

+
+

mod_deflate: The DEFLATE input filter (inflates request bodies) now + limits the length and compression ratio of inflated request bodies to + avoid denial of service via highly compressed bodies. See directives + DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and + DeflateInflateRatioBurst.

+

mod_cgid: Fix a denial of service against CGI scripts that do not consume + stdin that could lead to lingering HTTPD child processes filling up the + scoreboard and eventually hanging the server. By default, the client I/O + timeout (Timeout directive) now applies to communication with scripts. The + CGIDScriptTimeout directive can be used to set a different timeout for + communication with scripts.

+

Fix a race condition in scoreboard handling, which could lead to a heap + buffer overflow.

+
+ + + + CVE-2014-0118 + CVE-2014-0231 + CVE-2014-0226 + + + 2014-07-19 + 2014-07-24 + + + + + tomcat -- multiple vulnerabilities + + + tomcat6 + 6.0.40 + + + tomcat7 + 7.0.53 + + + tomcat8 + 8.0.4 + + + + +

Tomcat Security Team reports:

+
+

Tomcat does not properly restrict XSLT stylesheets, which allows + remote attackers to bypass security-manager restrictions and read + arbitrary files via a crafted web application that provides an XML + external entity declaration in conjunction with an entity + reference, related to an XML External Entity (XXE) issue.

+

An integer overflow, when operated behind a reverse proxy, allows + remote attackers to conduct HTTP request smuggling attacks via a + crafted Content-Length HTTP header.

+

An integer overflow in parseChunkHeader allows remote attackers + to cause a denial of service (resource consumption) via a malformed + chunk size in chunked transfer coding of a request during the + streaming of data.

+
+ + + + CVE-2014-0096 + CVE-2014-0099 + CVE-2014-0075 + https://tomcat.apache.org/security-6.html + https://tomcat.apache.org/security-7.html + https://tomcat.apache.org/security-8.html + + + 2014-05-23 + 2014-07-23 + + + + + mozilla -- multiple vulnerabilities + + + firefox + 31.0,1 + + + firefox-esr + 24.7.0,1 + + + linux-firefox + 31.0,1 + + + linux-thunderbird + 24.7.0 + + + thunderbird + 24.7.0 + + + nss + 3.16.1_2 + + + + + +

The Mozilla Project reports:

+
+

MFSA 2014-66 IFRAME sandbox same-origin access through + redirect

+

MFSA 2014-65 Certificate parsing broken by non-standard + character encoding

+

MFSA 2014-64 Crash in Skia library when scaling high + quality images

+

MFSA 2014-63 Use-after-free while when manipulating + certificates in the trusted cache

+

MFSA 2014-62 Exploitable WebGL crash with Cesium + JavaScript library

+

MFSA 2014-61 Use-after-free with FireOnStateChange + event

+

MFSA 2014-60 Toolbar dialog customization event + spoofing

+

MFSA 2014-59 Use-after-free in DirectWrite font + handling

+

MFSA 2014-58 Use-after-free in Web Audio due to + incorrect control message ordering

+

MFSA 2014-57 Buffer overflow during Web Audio + buffering for playback

+

MFSA 2014-56 Miscellaneous memory safety hazards + (rv:31.0 / rv:24.7)

+
+ + + + CVE-2014-1544 + CVE-2014-1547 + CVE-2014-1548 + CVE-2014-1549 + CVE-2014-1550 + CVE-2014-1551 + CVE-2014-1552 + CVE-2014-1555 + CVE-2014-1556 + CVE-2014-1557 + CVE-2014-1558 + CVE-2014-1559 + CVE-2014-1560 + CVE-2014-1561 + https://www.mozilla.org/security/announce/2014/mfsa2014-56.html + https://www.mozilla.org/security/announce/2014/mfsa2014-57.html + https://www.mozilla.org/security/announce/2014/mfsa2014-58.html + https://www.mozilla.org/security/announce/2014/mfsa2014-59.html + https://www.mozilla.org/security/announce/2014/mfsa2014-60.html + https://www.mozilla.org/security/announce/2014/mfsa2014-61.html + https://www.mozilla.org/security/announce/2014/mfsa2014-62.html + https://www.mozilla.org/security/announce/2014/mfsa2014-63.html + https://www.mozilla.org/security/announce/2014/mfsa2014-64.html + https://www.mozilla.org/security/announce/2014/mfsa2014-65.html + https://www.mozilla.org/security/announce/2014/mfsa2014-66.html + https://www.mozilla.org/security/announce/ + + + 2014-07-22 + 2014-07-23 + + + + + mcollective -- cert valication issue + + + mcollective + 2.5.3 + + + + +

Melissa Stone reports:

+
+

The MCollective aes_security public key plugin does not correctly + validate certs against the CA. By exploiting this vulnerability + within a race/initialization window, an attacker with local access + could initiate an unauthorized MCollective client connection with a + server, and thus control the mcollective plugins running on that + server. This vulnerability requires a collective be configured to + use the aes_security plugin. Puppet Enterprise and open source + MCollective are not configured to use the plugin and are not + vulnerable by default.

+
+ + + + CVE-2014-3251 + https://groups.google.com/forum/#!topic/puppet-announce/cPykqUXMmK4 + + + 2014-07-09 + 2014-07-21 + + + qt4-imageformats, qt5-gui -- DoS vulnerability in the GIF image handler @@ -92,6 +352,105 @@ Notes: + + apache24 -- several vulnerabilities + + + apache24 + 2.4.10 + + + + +

Apache HTTP SERVER PROJECT reports:

+
+

mod_proxy: Fix crash in Connection header handling which allowed a + denial of service attack against a reverse proxy with a threaded MPM.

+

Fix a race condition in scoreboard handling, which could lead to a + heap buffer overflow.

+

mod_deflate: The DEFLATE input filter (inflates request bodies) now + limits the length and compression ratio of inflated request bodies to avoid + denial of sevice via highly compressed bodies. See directives + DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, + and DeflateInflateRatioBurst.

+

mod_cgid: Fix a denial of service against CGI scripts that do + not consume stdin that could lead to lingering HTTPD child processes + filling up the scoreboard and eventually hanging the server. By + default, the client I/O timeout (Timeout directive) now applies to + communication with scripts. The CGIDScriptTimeout directive can be + used to set a different timeout for communication with scripts.

+
+ + + + CVE-2014-0117 + CVE-2014-3523 + CVE-2014-0226 + CVE-2014-0118 + CVE-2014-0231 + + + 2014-07-15 + 2014-07-19 + + + + + phpMyAdmin -- multiple XSS vulnerabilities, missing validation + + + phpMyAdmin + 4.2.04.2.6 + + + + +

The phpMyAdmin development team reports:

+
+

Self-XSS due to unescaped HTML output in database + structure page.

+

With a crafted table comment, it is possible to trigger + an XSS in database structure page.

+
+
+

Self-XSS due to unescaped HTML output in database + triggers page.

+

When navigating into the database triggers page, it is + possible to trigger an XSS with a crafted trigger + name.

+
+
+

Multiple XSS in AJAX confirmation messages.

+

With a crafted column name it is possible to trigger an + XSS when dropping the column in table structure page. With + a crafted table name it is possible to trigger an XSS when + dropping or truncating the table in table operations + page.

+
+
+

Access for an unprivileged user to MySQL user list.

+

An unpriviledged user could view the MySQL user list and + manipulate the tabs displayed in phpMyAdmin for them.

+
+ + + + CVE-2014-4954 + CVE-2014-4955 + CVE-2014-4986 + CVE-2014-4987 + http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php + http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php + http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php + http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php + + + 2014-07-18 + 2014-07-18 + 2014-07-20 + + + chromium -- multiple vulnerabilities @@ -596,10 +955,18 @@ Notes: 24.6.0,1 + seamonkey + 2.26.1 + + linux-firefox 30.0,1 + linux-seamonkey + 2.26.1 + + linux-thunderbird 24.6.0 From owner-svn-ports-branches@FreeBSD.ORG Sat Jul 26 21:44:01 2014 Return-Path: Delivered-To: svn-ports-branches@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8C46B6C9; Sat, 26 Jul 2014 21:44:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7A0F924AB; Sat, 26 Jul 2014 21:44:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6QLi1Ft079505; Sat, 26 Jul 2014 21:44:01 GMT (envelope-from ohauer@svn.freebsd.org) Received: (from ohauer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6QLi139079504; Sat, 26 Jul 2014 21:44:01 GMT (envelope-from ohauer@svn.freebsd.org) Message-Id: <201407262144.s6QLi139079504@svn.freebsd.org> From: Olli Hauer Date: Sat, 26 Jul 2014 21:44:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r362988 - branches/2014Q3/Mk/Uses X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jul 2014 21:44:01 -0000 Author: ohauer Date: Sat Jul 26 21:44:01 2014 New Revision: 362988 URL: http://svnweb.freebsd.org/changeset/ports/362988 QAT: https://qat.redports.org/buildarchive/r362988/ Log: MFH: r362986 - fix typo in RUN_DEPENDS s/POTSDIR/PORTSDIR/ Approved by: portmgr (erwin) Modified: branches/2014Q3/Mk/Uses/lua.mk Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/Mk/Uses/lua.mk ============================================================================== --- branches/2014Q3/Mk/Uses/lua.mk Sat Jul 26 20:55:40 2014 (r362987) +++ branches/2014Q3/Mk/Uses/lua.mk Sat Jul 26 21:44:01 2014 (r362988) @@ -98,7 +98,7 @@ MAKE_ENV+= LUA_MODLIBDIR=${LUA_MODLIBDIR .if ${_LUA_ARGS:Mbuild} BUILD_DEPENDS+= ${LUA_CMD}:${PORTSDIR}/lang/lua${LUA_VER_STR} .elfif ${_LUA_ARGS:Mrun} -RUN_DEPENDS+= ${LUA_CMD}:${POTSDIR}/lang/lua${LUA_VER_STR} +RUN_DEPENDS+= ${LUA_CMD}:${PORTSDIR}/lang/lua${LUA_VER_STR} .else LIB_DEPENDS+= liblua-${LUA_VER}.so:${PORTSDIR}/lang/lua${LUA_VER_STR} .endif