From owner-freebsd-ports@FreeBSD.ORG Sun May 24 07:53:51 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7AB9CE7B; Sun, 24 May 2015 07:53:51 +0000 (UTC) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "anubis.delphij.net", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 590B51ED6; Sun, 24 May 2015 07:53:51 +0000 (UTC) Received: from Xins-MBP.home.us.delphij.net (c-71-202-112-39.hsd1.ca.comcast.net [71.202.112.39]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by anubis.delphij.net (Postfix) with ESMTPSA id 6D4CD15BC7; Sun, 24 May 2015 00:53:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delphij.net; s=anubis; t=1432454025; x=1432468425; bh=M/xtWT73tH5z05/4IvK3eIS/r/JnWCXPJWbDcTfrv28=; h=Date:From:To:CC:Subject:References:In-Reply-To; b=04/xcajxFKNPoA5FeuvJnVUs5Nrpc0Zy9mN6XDQaGK/RQMvQdWE0R3oqLmKYW4gNn 5lccecEK2+AUYJHLOM+6+x5ClBH0iJsj/qXSa+E1QZEux8LBGOvY96SB8FIfRkfZqB ABS6V3FYryqJ8Ej6Bcg45y0ePUj73Lqc5pAtrpTg= Message-ID: <55618388.7000504@delphij.net> Date: Sun, 24 May 2015 00:53:44 -0700 From: Xin Li User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Jason Unovitch , ports-secteam@FreeBSD.org, freebsd-security@freebsd.org, freebsd-ports@freebsd.org CC: Roger Marquis , xmj@FreeBSD.org, pi@FreeBSD.org Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) References: <20150523153031.A1A07357@hub.freebsd.org> In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 May 2015 07:53:51 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, On 5/23/15 09:14, Jason Unovitch wrote: > On Sat, May 23, 2015 at 11:30 AM, Roger Marquis > wrote: >> If you find a vulnerability such as a new CVE or mailing list >> announcement please send it to the port maintainer and >> as quickly as possible. They are >> whoefully understaffed and need our help. Though freebsd.org >> indicates that security alerts should be sent to >> this is incorrect. If the vulnerability is >> in a port or package send an alert to ports-secteam@ and NOT >> secteam@ as the secteam will generally not reply to your email or >> forward the alerts to ports-secteam. >> >> Roger >> > > I've attempted to knock out a couple of these over the past 2 > days. There's certainly a non-trivial amount of PRs stuck in > Bugzilla that mention security or CVE that need some care and > attention. Here's a few that are now ready for the taking. > > vuxml patch ready: emulators/virtualbox-ose -- > https://bugs.freebsd.org/200311 I've added the information to the main entry and discarded virtualbox specific text from Oracle. Since Xen is also affected I have applied the fix to xen-tools; the 2015Q2 branch version is not affected as Dom0 support is not there so I haven't merged the change there. > databases/cassandra -- https://bugs.freebsd.org/199091 Committed, thanks! I've assigned the PR to the maintainer for the port update. > databases/cassandra2 -- https://bugs.freebsd.org/200414 (refers to > vuxml patch in PR 199091) I've assigned the PR to the maintainer. We should probably mark the above two ports as FORBIDDEN and/or DEPRECATED. > sysutils/py-salt -- https://bugs.freebsd.org/200172 This was already done by xmj@. This one seems serious, can the fix be backported or should the port merged to 2015Q2 branch? > vuxml previously done and update patch ready: net/chrony -- > https://bugs.freebsd.org/199508 The vuxml entry was committed by jbeich@ and port updated by pi@. I think the update should be merged to quarterly branch. > both vuxml and update patch ready: mail/davmail -- > https://bugs.freebsd.org/198297 This was done by pi@. I think this fix should also go to 2015Q2 branch? Thanks everyone working on these issues and thanks for taking time preparing the patches. Cheers, -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVYYOGAAoJEJW2GBstM+nsmeoP+wVfw1Uw7YYGqhLXMEsFgQ/E CtWD9LfDgia9ffQIANXi61nUKJ8ex0QZHEFborUMoUMGxPMic5fILFIsKY/FeaLq Rq6jkVfHlelvHgi4XXf4v9u9JWFISu0jnYqafQiiOc4CK5a3d/JiouC9DJX74fau jaDZ2snv4VjVnbZHwO35hWTQiN5iCJFt9bkdMV5iQkd/jU1waSDTVuzv9zstaVcQ jJadqLCNX8ENhNwTZt0SbBBsRNL9mwRMEKbdYcCtxLJoKyQ+GYjbd5UEERajGSLv H8TaO/wYIrMdeOMFjBe1ppNp+2mX8pn1AnxZx//N9am8dKhTiI+itV2FGonRluzs aJJmzOHFYUSxwmSkyrcEm/XC0+BEAsTq24fxggJWNKFpD8brCd5ENt8oiA/uOkPR fkCr1wG8dCW3OV2TYeiFW1XWGmA41J57wP/9WRRLmYTbBqUGTmLsNtnFT0KcdJwQ G7tbd86xiHQjeF+Al1XAwL/9WgzIsrwjjQ7NO4737yNqvlAMyME30qtmCTwv1beX 3VQWqxJQ82FzI2x7OZgX5NAwyp0InaEI3j+cgTuJY5a6uMd49IMj+Wj+u3E52G/U wTtp4D3FzaxH4ZCs9pxLM8glvmoCmH6E11+G/WPESFxOXbxw/mkjD+wus5HyCsa7 M7b0T5Y6hN425BmaPaeA =tvL9 -----END PGP SIGNATURE----- From owner-freebsd-ports@FreeBSD.ORG Sun May 24 12:04:03 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F2B0B77F for ; Sun, 24 May 2015 12:04:02 +0000 (UTC) Received: from albert.catwhisker.org (mx.catwhisker.org [198.144.209.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C50DD18BC for ; Sun, 24 May 2015 12:04:01 +0000 (UTC) Received: from albert.catwhisker.org (localhost [127.0.0.1]) by albert.catwhisker.org (8.14.9/8.14.9) with ESMTP id t4OC3t5r005370 for ; Sun, 24 May 2015 05:03:55 -0700 (PDT) (envelope-from david@albert.catwhisker.org) Received: (from david@localhost) by albert.catwhisker.org (8.14.9/8.14.9/Submit) id t4OC3tU3005369 for freebsd-ports@freebsd.org; Sun, 24 May 2015 05:03:55 -0700 (PDT) (envelope-from david) Date: Sun, 24 May 2015 05:03:54 -0700 From: David Wolfskill To: freebsd-ports@freebsd.org Subject: Updating port emulators/wine-compholio after r387240?? Message-ID: <20150524120354.GM1156@albert.catwhisker.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="8Nc+Tfv1AudcG31Y" Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 May 2015 12:04:03 -0000 --8Nc+Tfv1AudcG31Y Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable During my daily buildworld, I prepare for the subsequent "portmaster -ad" by running "portmaster -aF" -- fetching is something I'd really rather not wait for, and doesn't conflict with the build. Prior to starting the fetch, of course, I use "pkg updating -d ..." to check for any /usr/ports/UPDATING entries in the last 2 days. (Two, vs. one, to reduce the probabilty that something might "fall through the cracks.") And nothing showed up today (as is usual). This morning, I happened to see that the "portmaster -aF" run mentioned: =2E.. =3D=3D=3D>>> Launching 'make checksum' for misc/pciids in background =3D=3D=3D>>> Returning to update check of installed ports =3D=3D=3D>>> No /usr/ports/emulators/wine-compholio exists, and no information =3D=3D=3D>>> about emulators/wine-compholio can be found in /usr/ports/MOVED =3D=3D=3D>>> Launching child to update gawk-4.1.3 to gawk-4.1.3_1 =3D=3D=3D>>> All >> gawk-4.1.3 (2/2) =2E... Hmmm... OK; emulators/wine-compholio is one of the (many!) ports that I have installed merely because something else requires it; it's not something I use directly (that I know of). But I certainly *thought* it existed.... So I checked in /usr/ports/emulators by running "svn log Makefile", and saw: ------------------------------------------------------------------------ r387240 | gerald | 2015-05-23 19:10:18 -0700 (Sat, 23 May 2015) | 7 lines Rename emulators/wine-compholio to emulators/wine-staging and accordingly emulators/i386-wine-compholio to emulators/i386-wine-staging. Adjust CONFLICTS across all Wine related ports. Reviewed by: dbn, kmoore ------------------------------------------------------------------------ as the most recent entry -- my /usr/ports is an SVN working copy, presently updated to r387260. Huh. Now, I thought that in such cases in the past, there had been a MOVED entry or an UPDATING entry or both. I've completed the buildworld; I'm about to smoke-test the newly-built world (in this case, stable/10 i386 @r283359), and assuming(!) that things look OK, proceed with the "portmaster -ad" -- but that little whimper about emulators/wine-compholio seems a bit ... inauspiciious. So... am I supposed to be taking some sort of evasive action (e.g. "portmaster -o emulators/wine-staging wine-compholio-1.7.43,1")? And if so, should MOVED and/or UPDATING be updated to reflect that? Thanks.... Peace, david --=20 David H. Wolfskill david@catwhisker.org Those who murder in the name of God or prophet are blasphemous cowards. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --8Nc+Tfv1AudcG31Y Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJVYb4qXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RThEMDY4QTIxMjc1MDZFRDIzODYzRTc4 QTY3RjlDOERFRjQxOTNCAAoJEIpn+cje9Bk7s7QP+gI5X8SlWb31e4cvDQjWqYdB MYFqggTLoHe0P54OHTjAeC8UtlVMYuVzJlDcHFsNtj5ZP9J/KblRICQWfaaLb8/5 /VW74J1+8y1OA0pn4iqSM7hUmYcASHc97z7UVSgsgHN42A1LkvXiFZFnNPcCPI61 HdLTKRyk0mM9QVxI81kTihTGeoqZotVLJB1GzlKj9U22yKv5zSHNM96CS0OyvdZS oWX4swK4rpiTmQy955BBmyE3LtDY/UAh6FS77DGa4SPwTG9zwzTD1LARUwVo6zfy JogprcxA4n+EoN0/wb82kDh0LwSVYKFWJyFOlKiaDjdMKKgMp0Ua6037hS/FnRKL o5FRvSb+5cmkBLx1rX1CNgSUhtcEb6zvJhPi8nNkhndfuSHkXzwdq+ZgzZGNPVAW 64dowVdNXQQI7GopXEdHV98igfgye11qMyO2Dydmf1iZ2fYRFKwfbGUICx9sa3Jj Rd2y/XOIPKRd2o7HCs5syrV7rDPhbws5U0b007DZspFuy99iUqS7uvg9KDs5t/aG V4SHxCmRv89BiZH60O7L3BysJhSG++Y61ePoYCUR7ghk6niA8jXiKJu15cbcfADz Xuc75kCzuudel1xtA5GRPIOrv8MRiSDSRfOZHH6i47tabur50gYLW2MyrYbiw0UV vOPiB4BtYxk1lBgbpLl4 =o3BI -----END PGP SIGNATURE----- --8Nc+Tfv1AudcG31Y-- From owner-freebsd-ports@FreeBSD.ORG Sun May 24 16:01:21 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E2F63D50; Sun, 24 May 2015 16:01:21 +0000 (UTC) Received: from mail-ig0-x22a.google.com (mail-ig0-x22a.google.com [IPv6:2607:f8b0:4001:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A98EC1165; Sun, 24 May 2015 16:01:21 +0000 (UTC) Received: by igbpi8 with SMTP id pi8so21870056igb.1; Sun, 24 May 2015 09:01:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=hlbLsC6g4cli5n56lj/n18NMwfJAhqayn1Sa02SiCAA=; b=bNy8c1WOY0gcMNHL9zgLAOC4BQ7ezi2IiOY57XI+/Pye8pMm/fkegyF0jThGdaJyqi ZwJdzp0/i54Rg++0yeVepLwq/OYdsm3eB/JHzdr907hHFGlpKrthV33D++laaul6R3Mn zwQiqU72Fh0jnFPH7PnVMsCHiD76LuhLrKnJdc1y3UptZ3uvGYTZdBme55IWMCW0R1zE B8FgRyFDNVykCwZZTbSVOCDGFTKTRxOVHydvwRmttowo2g8EbfT48Em3lyAjCdvbvqKn Ja/AlcJj5fzb45mIiYdRcXS2LqJEWjtWqPtSLH98IKJ6xtOOzdDZSR3i3q1+jiBgv7qy VEdw== MIME-Version: 1.0 X-Received: by 10.50.79.167 with SMTP id k7mr18200187igx.32.1432483280902; Sun, 24 May 2015 09:01:20 -0700 (PDT) Sender: kob6558@gmail.com Received: by 10.107.174.22 with HTTP; Sun, 24 May 2015 09:01:20 -0700 (PDT) In-Reply-To: <55618388.7000504@delphij.net> References: <20150523153031.A1A07357@hub.freebsd.org> <55618388.7000504@delphij.net> Date: Sun, 24 May 2015 09:01:20 -0700 X-Google-Sender-Auth: 7jjLSPZgyXxUxWN3H7OK4NzQt9o Message-ID: Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) From: Kevin Oberman To: Xin Li Cc: Jason Unovitch , ports-secteam@freebsd.org, freebsd-security@freebsd.org, FreeBSD Ports ML , xmj@freebsd.org, pi@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 May 2015 16:01:22 -0000 On Sun, May 24, 2015 at 12:53 AM, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > On 5/23/15 09:14, Jason Unovitch wrote: > > On Sat, May 23, 2015 at 11:30 AM, Roger Marquis > > wrote: > >> If you find a vulnerability such as a new CVE or mailing list > >> announcement please send it to the port maintainer and > >> as quickly as possible. They are > >> whoefully understaffed and need our help. Though freebsd.org > >> indicates that security alerts should be sent to > >> this is incorrect. If the vulnerability is > >> in a port or package send an alert to ports-secteam@ and NOT > >> secteam@ as the secteam will generally not reply to your email or > >> forward the alerts to ports-secteam. > >> > >> Roger > Can our bugzilla have a button or something similar to tag bugs with CVE entries and adding ports-secteam to the cc list? Better would be a scan of bug submissions for the string "CVE-". (I have never looked at bugzilla other than to use it to search or submit bugs, so have no idea if this is feasible.) I know that this would generate false positives, but it appears to me that most all such could be dismissed very quickly and would be better than having serious security issues lost in the heap of bug reports. I know that when I opened a PR (pre-bugzilla) for a significant security issue in a popular port (ImageMagick) a few years ago, even though I marked it as "critical", it was almost 2 weeks before the port was updated, probably because the maintainer was just routinely updating the port as the commit did not reference the vulnerability, at all. It was a rather gaping hole, too. The PR was eventually closed as very stale, as it should have been by then. -- Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com From owner-freebsd-ports@FreeBSD.ORG Sun May 24 18:13:24 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38814BEF for ; Sun, 24 May 2015 18:13:24 +0000 (UTC) Received: from albert.catwhisker.org (mx.catwhisker.org [198.144.209.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CD2F51156 for ; Sun, 24 May 2015 18:13:23 +0000 (UTC) Received: from albert.catwhisker.org (localhost [127.0.0.1]) by albert.catwhisker.org (8.14.9/8.14.9) with ESMTP id t4OIDLwU002140 for ; Sun, 24 May 2015 11:13:21 -0700 (PDT) (envelope-from david@albert.catwhisker.org) Received: (from david@localhost) by albert.catwhisker.org (8.14.9/8.14.9/Submit) id t4OIDLjr002139 for freebsd-ports@freebsd.org; Sun, 24 May 2015 11:13:21 -0700 (PDT) (envelope-from david) Date: Sun, 24 May 2015 11:13:21 -0700 From: David Wolfskill To: freebsd-ports@freebsd.org Subject: Any guidance for gnupg-2.0 -> gnupg-2.1 (archived encrypted email)? Message-ID: <20150524181321.GB1214@albert.catwhisker.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="CUfgB8w4ZwR/yMy5" Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 May 2015 18:13:24 -0000 --CUfgB8w4ZwR/yMy5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable For the most part, I am fairly aggressive about ensuring that the FreeBSD systems I use day-to-day are running a recent STABLE snapshot, and that installed ports are also out-of-date by no more than a week. Last November, I encountered a reason to deviate from that: When security/gnupg became gnupg-2.1, I found that gnupg-2.1 was unable to decrypt some (well, any, in my experience) archived encrypted email messages. For me, that is a show-stopper; I was relieved to find that I could switch to security/gnupg20 and restore the previous functionality. (Thank you, kuriyama@, for keeping security/gnupg20 available!) For most pruposes, this fallback works OK. But there are a couple of issues: * I'm relying on code that isn't being maintained. And at some point, it won't work any more. Or I'll find that I "need" to run the new(er) version for some other reason. * There exists at least one port that I have installed (emulators/pipelight) that is constructed in such a way that it requires security/gnupg -- though as far as I can tell, security/gnupg20 would satisfy the actual requirement for a functioning ${LOCALBASE}/bin/gpg2: g1-254(10.1-S)[1] pkg which /usr/local/bin/gpg2 /usr/local/bin/gpg2 was installed by package gnupg20-2.0.27 g1-254(10.1-S)[2] pkg info -o gnupg20-2.0.27 gnupg20-2.0.27 security/gnupg20 -- I'd submit a PR w/patch if a had a clue how to get pipelight & portmaster to just use the already-installed executable. For the latter issue, my current (ugly!) evasive maneuver is to run: portmaster -o security/gnupg `pkg info gnupg\*` before updating emulators/pipelight, and: portmaster -o security/gnupg20 `pkg info gnupg\*` afterward. This isn't the sort of thing I'd care to hold up as an exemplar of the FreeBSD experience. :-} I waited for a while, in the hope that the folks at gnupg.org would realize the magnitude of the issue and address it, with at least some sort of guide for those who found themselves in such a position -- I expect that there are more than just a few others who are in a similar state of having encrypted archived data that gnupg-2.1 will not decrypt -- but reading things like , and particularly , left me a bit discouraged on that front. So I came to freebsd-ports@, where I'm hoping that there are some clueful folks who are also a bit more, shall we say, sensitive to things like "POLA" and "backwards compatibility" -- as well as history -- to ask if anyone else has figured out a better way to cope, or found a write-up of same (and would be willing to share). FWIW, the bulk of the encrypted data I have archived is email messages; usually, these are also signed. And some were written by other folks, and I'd like to preserve both my ability to read the messages and the evidence that they were signed by their auhors. Thanks in advance; I'm happy to summarize private responses. Peace, david --=20 David H. Wolfskill david@catwhisker.org Those who murder in the name of God or prophet are blasphemous cowards. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --CUfgB8w4ZwR/yMy5 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJVYhTBXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RThEMDY4QTIxMjc1MDZFRDIzODYzRTc4 QTY3RjlDOERFRjQxOTNCAAoJEIpn+cje9Bk7qbAP/ir2+lh/aZMYDBJpWLFKgmXn 2eWsO2DOBMypnTrufXQbpWAsL/JjTK4Vr0jtdyAehYeVQqhXAvo36HBb1jeoM4/G uaLqZcP3oj0ENFQ9J6LQbNsQ7+2pDzqFQfAQSLbzQ2n3Ij5C25u34Bd8qofsgjXB w/9vfvtd98P8NrLO880cMY/oqS3prDWpipVxoeZADlDR6neQuYIlT+ll7LkgLEar cYKFxBJfRtDKQVBjHojy45RG7QdKUcMpifDC24jn7BXxYbD0jedAYKQvrodYOVxo 1xAASH7Ywq/JYc6FCniomkP1A1rAEh26eorBAyjEUTszYVW8KXQuO/A2GSfpNNIv WtsWVe8PAGl2JG9w4bvZ8VGs2O+c7DxHPEnwDoPC7zgozrOkzK67TRhRNZ5Dp5hT D5e9fv4lHK7KiYtaVc80DDgWlq3cypXuWi0YGD1WTsASNffu2K23zkWr6cGbriLN T8YcbskefqOXAGCJgdoKJnKK/cS6hzVb1zt7GdhcsYYqWZTk12O66BvAUInZmavj HLR1BQYLLg09ZTKiFxSSVbfYfhzFUVKNTG/j0HH81VsSzFWYBFXtbFVIezIYCLSV 1HOqCK9jKUqJwxEq16/mbV0fqOxYXxjQ5VnIhDeFB2SC8CzCdOlkn5mBglXiy2Ck RSrB1jw80JY3izLarlWJ =EBzC -----END PGP SIGNATURE----- --CUfgB8w4ZwR/yMy5-- From owner-freebsd-ports@FreeBSD.ORG Mon May 25 09:55:06 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B3363B8D for ; Mon, 25 May 2015 09:55:06 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org (portscout.freebsd.org [IPv6:2001:1900:2254:206a::50:6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A165122E for ; Mon, 25 May 2015 09:55:06 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org ([127.0.1.123]) by portscout.freebsd.org (8.14.9/8.14.9) with ESMTP id t4P9t6ot017975 for ; Mon, 25 May 2015 09:55:06 GMT (envelope-from portscout@FreeBSD.org) Received: (from portscout@localhost) by portscout.freebsd.org (8.14.9/8.14.9/Submit) id t4P9t6F5017974; Mon, 25 May 2015 09:55:06 GMT (envelope-from portscout@FreeBSD.org) Message-Id: <201505250955.t4P9t6F5017974@portscout.freebsd.org> X-Authentication-Warning: portscout.freebsd.org: portscout set sender to portscout@FreeBSD.org using -f Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Date: Mon, 25 May 2015 09:55:06 +0000 From: portscout@FreeBSD.org To: ports@freebsd.org Subject: FreeBSD ports you maintain which are out of date X-Mailer: portscout/0.8.1 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2015 09:55:06 -0000 Dear port maintainer, The portscout new distfile checker has detected that one or more of your ports appears to be out of date. Please take the opportunity to check each of the ports listed below, and if possible and appropriate, submit/commit an update. If any ports have already been updated, you can safely ignore the entry. You will not be e-mailed again for any of the port/version combinations below. Full details can be found at the following URL: http://portscout.freebsd.org/ports@freebsd.org.html Port | Current version | New version ------------------------------------------------+-----------------+------------ biology/migrate | 3.6.9 | 3.6.10 ------------------------------------------------+-----------------+------------ print/lilypond-devel | 2.19.11 | 2.19.21 ------------------------------------------------+-----------------+------------ If any of the above results are invalid, please check the following page for details on how to improve portscout's detection and selection of distfiles on a per-port basis: http://portscout.freebsd.org/info/portscout-portconfig.txt Thanks. From owner-freebsd-ports@FreeBSD.ORG Mon May 25 12:02:03 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BC76440F for ; Mon, 25 May 2015 12:02:03 +0000 (UTC) (envelope-from david@catwhisker.org) Received: from albert.catwhisker.org (mx.catwhisker.org [198.144.209.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7AA127C1 for ; Mon, 25 May 2015 12:02:02 +0000 (UTC) (envelope-from david@catwhisker.org) Received: from albert.catwhisker.org (localhost [127.0.0.1]) by albert.catwhisker.org (8.14.9/8.14.9) with ESMTP id t4PC21PU008200 for ; Mon, 25 May 2015 05:02:01 -0700 (PDT) (envelope-from david@albert.catwhisker.org) Received: (from david@localhost) by albert.catwhisker.org (8.14.9/8.14.9/Submit) id t4PC217b008199 for freebsd-ports@freebsd.org; Mon, 25 May 2015 05:02:01 -0700 (PDT) (envelope-from david) Date: Mon, 25 May 2015 05:02:01 -0700 From: David Wolfskill To: freebsd-ports@freebsd.org Subject: Re: Updating port emulators/wine-compholio after r387240?? Message-ID: <20150525120201.GI1214@albert.catwhisker.org> References: <20150524120354.GM1156@albert.catwhisker.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="54ZiyWcDhi/7bWb8" Content-Disposition: inline In-Reply-To: <20150524120354.GM1156@albert.catwhisker.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2015 12:02:03 -0000 --54ZiyWcDhi/7bWb8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I see that there are now entries in MOVED for emulators/{,i386-}wine-compholio; thanks. But now the attempt to migrate from emulators/i386-wine-compholio to emulators/i386-wine-staging fails: =2E.. =3D=3D=3D> Fetching all distfiles required by i386-wine-staging-1.7.43,1 fo= r building =3D=3D=3D> Extracting for i386-wine-staging-1.7.43,1 =3D> SHA256 Checksum OK for freebsd:10:x86:64/i386-wine-compholio-1.7.43,1.= txz. /usr/bin/tar -xf /usr/ports/distfiles//freebsd:10:x86:64/i386-wine-compholi= o-1.7.43,1.txz -C /common/ports/emulators/i386-wine-staging/work --include = '/usr/local/share/licenses/i386-wine-staging-1.7.43,1/LICENSE' -s '|/usr/lo= cal/share/licenses/i386-wine-staging-1.7.43,1/||g' tar: /usr/local/share/licenses/i386-wine-staging-1.7.43,1/LICENSE: Not foun= d in archive tar: Error exit delayed from previous errors. *** Error code 1 And when I look at the tarball, I see: =2E.. -rw-rw-r-- 0 root root 26434 May 15 06:36 wine-1.7.43/COPYING.LIB -rw-rw-r-- 0 root root 824 May 15 06:36 wine-1.7.43/LICENSE -rw-rw-r-- 0 root root 1324 May 15 06:36 wine-1.7.43/LICENSE.OLD -rw-rw-r-- 0 root root 2553 May 15 06:36 wine-1.7.43/Make.vars.in -rw-rw-r-- 0 root root 2577 May 15 06:36 wine-1.7.43/Makefile.in =2E.. Hmmm... Looks as if the pathname in the tarball doesn't include the ",1" suffix... which is expected, if I understand correctly, as the distfile wouldn't have the PORTEPOCH in it... yes? So it appears that the test for the existence of the LICENSE file is in error. Peace, david --=20 David H. Wolfskill david@catwhisker.org Those who murder in the name of God or prophet are blasphemous cowards. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --54ZiyWcDhi/7bWb8 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJVYw84XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RThEMDY4QTIxMjc1MDZFRDIzODYzRTc4 QTY3RjlDOERFRjQxOTNCAAoJEIpn+cje9Bk76nwQAIeZAJ03iNum53JTNug9yTak c/ZNaAL4yFwRINfhh/3Sbf6vRpYgQ3Z70RNejtLfaeEFX3j441kwhwhwtAKzZAQl c0YfEjj0FV5a/WyXVEM+5CSR2yjnLrI/yG4TUoBy9nxAGzJnxjFcfoe4vf6KXHCt vyNIoWS7mdFC7liXrUz2cB6/WpuQY3Y8f0lZ6sZCLF2YqC/xH79BHo0rfa3cDOlV t1vY4mx7hzEt5RuYSYgQ1rNjRlG0dlCQpr1xiCgzAt4w5OsPPtZUjfgr/ORn9U7G xDGJwofpfLp4RIImPd3kmvUjQA1GoDzjwaANSivqctxD2zqO0XzdYEZ3WlqCtzgl jCDqpxz5Y1DkKCJjUhhLyWdveRlZkU6G8c5WzXqKEeJC6dUTXOrbt04SH9G0Io+X Udp3bTTsSg1/58ozf3G/WauQuWxJwksIlftDlvFqtFG7NyOa75sJbCZVP2dVPYDW qP3oDT/z5GOHHLyoJbMpXzR/MhDTCemfULIDD6e9dWjRHdy5TY/AtedpdK2bsevC 49pmBjfL4h/565eTI1s1605Bv3Tio8r/mnMx7pJ6l8FkZ+MOOdzP7vy6G8UKYLHO mQ2rtHmbMQEb2Nq71E1rIN8m+fstv+CbDSxNrfkEgllCqkcJpbyW5S2GHyn4pSAG +xMPxfYuH1dM+nWNCZhb =hHaZ -----END PGP SIGNATURE----- --54ZiyWcDhi/7bWb8-- From owner-freebsd-ports@FreeBSD.ORG Mon May 25 21:00:06 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DCFCEEAB for ; Mon, 25 May 2015 21:00:06 +0000 (UTC) (envelope-from john.marshall@riverwillow.com.au) Received: from mta1.riverwillow.net.au (mta1.riverwillow.net.au [IPv6:2001:8000:1000:1801::3001]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mta1.riverwillow.net.au", Issuer "Riverwillow 2014 CA Root Certificate" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id E0539896 for ; Mon, 25 May 2015 21:00:04 +0000 (UTC) (envelope-from john.marshall@riverwillow.com.au) Received: from mail1.riverwillow.net.au (mail1.riverwillow.net.au [IPv6:2001:8000:1000:1801:0:0:0:4001]) by mta1.riverwillow.net.au (8.15.1/8.15.1) with ESMTPS id t4PKxud5091525 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 26 May 2015 06:59:57 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=riverwillow.com.au; s=mta1002; t=1432587597; bh=H7Q1wFfYJ8AtlKMybUB43C91kGEWf2jeZgGsm2u6oJU=; h=Date:From:To:Subject:References:In-Reply-To; b=whH+AcyOntPbzb1h85VcymrWUhtqbs/Sb6ECo8vFb50IsjzWpLmpaU9zsX1eXZ23Z EHjPvupbKkaWC0LGUVluQh+rNIBCLPMIxI/SgOin6mOtP2ek0qNLlnO7jVoo9sAZu4 c4+/Yy955fOrqg1JT47v8Aq1DNkwTGoMpgXxd7dE= Received: from rwpc15.gfn.riverwillow.net.au (rwpc15.gfn.riverwillow.net.au [IPv6:2001:8000:1000:18e1:20c:76ff:fe0a:2117]) (authenticated bits=56) by mail1.riverwillow.net.au (8.15.1/8.15.1) with ESMTPSA id t4PKxraj091524 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 26 May 2015 06:59:55 +1000 (AEST) Date: Tue, 26 May 2015 06:59:52 +1000 From: John Marshall To: freebsd-ports@freebsd.org Subject: Re: Any guidance for gnupg-2.0 -> gnupg-2.1 (archived encrypted email)? Message-ID: <20150525205952.GA4054@rwpc15.gfn.riverwillow.net.au> Mail-Followup-To: freebsd-ports@freebsd.org References: <20150524181321.GB1214@albert.catwhisker.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4Ckj6UjgE2iN1+kY" Content-Disposition: inline In-Reply-To: <20150524181321.GB1214@albert.catwhisker.org> OpenPGP: id=A29A84A2; url=http://pki.riverwillow.com.au/pgp/johnmarshall.asc User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2015 21:00:07 -0000 --4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, 24 May 2015, 11:13 -0700, David Wolfskill wrote: > Last November, I encountered a reason to deviate from that: When > security/gnupg became gnupg-2.1, I found that gnupg-2.1 was unable to > decrypt some (well, any, in my experience) archived encrypted email > messages. I was bitten badly in November when I blindly upgraded security/gnupg and found myself in the new, shiny, non-STABLE version 2.1.0. I can't remember the details, but too much stuff didn't work. I went to the release notes and other places and spent about a day trying to make the best of it. I had some success but ended up reverting security/gnupg -> security/gnupg20 after I discovered the following on the GnuPG home page. - 2.0.27 is the stable version suggested for most users, - 2.1.4 is the brand-new modern version with support for ECC and many other new features, and - 1.4.19 is the classic portable version. The STABLE 2.0 branch still works for me and the surprise factor is not as prominent as in 2.1. I have no idea why the main FreeBSD port was switched from STABLE to CURRENT and the STABLE version was relegated to a new version-tagged port. Sorry if this is off-topic but maybe it helps some folks. --=20 John Marshall --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlVjjUgACgkQw/tAaKKahKJvMwCeOVlvxuarJpxOcQnEg6xQ/sMp hTAAn0PkBRQyEzv/FoLSvgPdXY9gD3cE =OzDv -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY-- From owner-freebsd-ports@FreeBSD.ORG Tue May 26 02:53:51 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 41FB9E35 for ; Tue, 26 May 2015 02:53:51 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (unknown [IPv6:2602:d1:b4d6:e600:4261:86ff:fef6:aa2a]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DD179331 for ; Tue, 26 May 2015 02:53:50 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.14.9/8.14.9) with ESMTP id t4Q2r0wj029075; Mon, 25 May 2015 19:53:54 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) To: Cc: In-Reply-To: <20150525205952.GA4054@rwpc15.gfn.riverwillow.net.au> References: <20150524181321.GB1214@albert.catwhisker.org>, <20150525205952.GA4054@rwpc15.gfn.riverwillow.net.au> From: "Chris H" Subject: Re: Any guidance for gnupg-2.0 -> gnupg-2.1 (archived encrypted email)? Date: Mon, 25 May 2015 19:54:28 -0700 Content-Type: text/plain; charset=UTF-8; format=fixed MIME-Version: 1.0 Message-id: <1f553d90a8570bbd741b75b842dad455@ultimatedns.net> Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 02:53:51 -0000 On Tue, 26 May 2015 06:59:52 +1000 John Marshall wrote > On Sun, 24 May 2015, 11:13 -0700, David Wolfskill wrote: > > Last November, I encountered a reason to deviate from that: When > > security/gnupg became gnupg-2.1, I found that gnupg-2.1 was unable to > > decrypt some (well, any, in my experience) archived encrypted email > > messages. > > I was bitten badly in November when I blindly upgraded security/gnupg > and found myself in the new, shiny, non-STABLE version 2.1.0. I can't > remember the details, but too much stuff didn't work. I went to the > release notes and other places and spent about a day trying to make the > best of it. I had some success but ended up reverting security/gnupg -> > security/gnupg20 after I discovered the following on the GnuPG home > page. > > - 2.0.27 is the stable version suggested for most users, > - 2.1.4 is the brand-new modern version with support for ECC and many > other new features, and > - 1.4.19 is the classic portable version. > > The STABLE 2.0 branch still works for me and the surprise factor is not > as prominent as in 2.1. I have no idea why the main FreeBSD port was > switched from STABLE to CURRENT and the STABLE version was relegated to > a new version-tagged port. > > Sorry if this is off-topic but maybe it helps some folks. Isn't the standard way to deal with this in the ports tree, to create /portname, and /portname-devel ? Having portname track "stable", and the -devel branch track "current"? Can gnupg be rearranged to follow this method? CC-ing kuriyama@ --Chris > > -- > John Marshall From owner-freebsd-ports@FreeBSD.ORG Tue May 26 05:37:19 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3ED9BC6D; Tue, 26 May 2015 05:37:19 +0000 (UTC) (envelope-from koobs.freebsd@gmail.com) Received: from mail-pa0-x22c.google.com (mail-pa0-x22c.google.com [IPv6:2607:f8b0:400e:c03::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0A5E1F14; Tue, 26 May 2015 05:37:19 +0000 (UTC) (envelope-from koobs.freebsd@gmail.com) Received: by pacwv17 with SMTP id wv17so84396473pac.2; Mon, 25 May 2015 22:37:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:reply-to:subject:references:to:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-type :content-transfer-encoding; bh=kqYzHbkLjo2jydHv8xBanXhi45Wj9NfrwQ6DCYEzrU0=; b=bX1C5gmzjYq6/rPP47BDE+zWqByCgG2/EF7vxLuEbSXr5xGloP/aBhA4S35S1I4VJJ LWQpxJpswGW1/V5L/jPg8JP8/PpQP+s9J5ftuNd94C2hldXAeLO1CP/YmMrzeo7iQY0G gBm6bNMxEICQ8YUy6sJsglAgD6I1L9EQdGEcqYFKLIV1jUaypMpVAGaQAoV5y3Z6Qys0 pjy0Ixdijp4IZeUIC/bqrdvQiy8s5kFRVqv57RUNdpFlhG/du6HmaD9n8oXLQNl3Cum4 vWaqK8fpjeZ9f7fJzKdhkU8KNH1drIuVKmwld0BsHfYiGoPDbV5djwwaqxLw87leb3pa q59A== X-Received: by 10.70.37.225 with SMTP id b1mr45984822pdk.35.1432618638475; Mon, 25 May 2015 22:37:18 -0700 (PDT) Received: from [192.168.1.104] (ppp59-167-128-11.static.internode.on.net. [59.167.128.11]) by mx.google.com with ESMTPSA id p5sm11709353pdi.2.2015.05.25.22.37.15 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 25 May 2015 22:37:17 -0700 (PDT) Sender: Kubilay Kocak Reply-To: koobs@FreeBSD.org Subject: Re: Any guidance for gnupg-2.0 -> gnupg-2.1 (archived encrypted email)? References: <20150524181321.GB1214@albert.catwhisker.org> <20150525205952.GA4054@rwpc15.gfn.riverwillow.net.au> <1f553d90a8570bbd741b75b842dad455@ultimatedns.net> To: Chris H , freebsd-ports@freebsd.org Cc: kuriyama@FreeBSD.org From: Kubilay Kocak X-Enigmail-Draft-Status: N1110 Message-ID: <55640687.9070704@FreeBSD.org> Date: Tue, 26 May 2015 15:37:11 +1000 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.0 MIME-Version: 1.0 In-Reply-To: <1f553d90a8570bbd741b75b842dad455@ultimatedns.net> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 05:37:19 -0000 On 26/05/2015 12:54 PM, Chris H wrote: > On Tue, 26 May 2015 06:59:52 +1000 John Marshall > wrote > >> On Sun, 24 May 2015, 11:13 -0700, David Wolfskill wrote: >>> Last November, I encountered a reason to deviate from that: When >>> security/gnupg became gnupg-2.1, I found that gnupg-2.1 was unable to >>> decrypt some (well, any, in my experience) archived encrypted email >>> messages. >> >> I was bitten badly in November when I blindly upgraded security/gnupg >> and found myself in the new, shiny, non-STABLE version 2.1.0. I can't >> remember the details, but too much stuff didn't work. I went to the >> release notes and other places and spent about a day trying to make the >> best of it. I had some success but ended up reverting security/gnupg -> >> security/gnupg20 after I discovered the following on the GnuPG home >> page. >> >> - 2.0.27 is the stable version suggested for most users, >> - 2.1.4 is the brand-new modern version with support for ECC and many >> other new features, and >> - 1.4.19 is the classic portable version. >> >> The STABLE 2.0 branch still works for me and the surprise factor is not >> as prominent as in 2.1. I have no idea why the main FreeBSD port was >> switched from STABLE to CURRENT and the STABLE version was relegated to >> a new version-tagged port. >> >> Sorry if this is off-topic but maybe it helps some folks. > Isn't the standard way to deal with this in the ports tree, to > create /portname, and /portname-devel ? > Having portname track "stable", and the -devel branch track "current"? > Can gnupg be rearranged to follow this method? There are a couple of cases to consider: Note: I will refer to branches as !development, rather than stable/current/release, since often there isn't an absolutely clear distinction, or those designations can be relatively transient. a) Those projects that have many (read >2) "supported" versions/branches. b) Those projects that maintain 2 versions/branches, latest !development and development (next version) The category/portname and category/portname-devel convention only covers for (b), and is not necessarily a good convention for all cases. For instance ZeroMQ maintains quite a few previous "stable" branches. Having category/portname move across major/minor versions can (and does) break compatibility for dependent ports. In this case category/portnameXY is a better convention, perhaps with category/portname left to point to a DEFAULT_VERSION, which the user can change. Similar examples include apache, squid, postgresql, php among others. In this case, I'd have opted for gnupg20 and gnupg21 rather than a -devel distinction or moving gnupg across major/minor versions. Personally preference granted, but a considered one. My 2c Koobs From owner-freebsd-ports@FreeBSD.ORG Tue May 26 05:53:32 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 88D1DDF4; Tue, 26 May 2015 05:53:32 +0000 (UTC) (envelope-from david@wood2.org.uk) Received: from outbound-queue-2.mail.thdo.gradwell.net (outbound-queue-2.mail.thdo.gradwell.net [212.11.70.35]) by mx1.freebsd.org (Postfix) with ESMTP id 18BC43B7; Tue, 26 May 2015 05:53:30 +0000 (UTC) (envelope-from david@wood2.org.uk) Received: from outbound-edge-1.mail.thdo.gradwell.net (bonnie.gradwell.net [212.11.70.2]) by outbound-queue-2.mail.thdo.gradwell.net (Postfix) with ESMTP id F2DE6553A1; Tue, 26 May 2015 06:52:10 +0100 (BST) Received: from copper.wood2.org.uk (HELO [192.168.128.99]) (82.71.104.126) (smtp-auth username backup@pop3.wood2.org.uk, mechanism plain) by outbound-edge-1.mail.thdo.gradwell.net (qpsmtpd/0.83) with (AES128-SHA encrypted) ESMTPSA; Tue, 26 May 2015 06:52:10 +0100 Date: Tue, 26 May 2015 06:32:24 +0100 Subject: Re: Any guidance for gnupg-2.0 -> gnupg-2.1 (archived encrypted email)? Message-ID: <39b22657-c318-4f1f-8468-0589038fc5d2@email.android.com> X-Android-Message-ID: <39b22657-c318-4f1f-8468-0589038fc5d2@email.android.com> In-Reply-To: <1f553d90a8570bbd741b75b842dad455@ultimatedns.net> From: David Wood To: Chris H , kuriyama@freebsd.org, freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 X-Gradwell-MongoId: 55640a0a.128c3-2f4d-1 X-Gradwell-Auth-Method: mailbox X-Gradwell-Auth-Credentials: backup@pop3.wood2.org.uk X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 05:53:32 -0000 SSB3b3VsZCBzdHJvbmdseSBlbmNvdXJhZ2UgRnJlZUJTRCBub3QgdG8gc3dpdGNoIHNlY3VyaXR5 L2dudXBnIGJhY2sgdG8gdGhlIDIuMCBicmFuY2ggbm93IHRoYXQgaXQgaGFzIGJlZW4gMi4xIGZv ciBhIHdoaWxlLCBhcyB0aGF0IHdpbGwgYnJlYWsgcGVvcGxlJ3Mga2V5cmluZ3MgYW5kIGNvbmZp Z3VyYXRpb25zLgoKCjIuMSBpcyB1bmRvdWJ0ZWRseSB2ZXJ5IGRpZmZlcmVudCB0byBlYXJsaWVy IHZlcnNpb25zLiBTdXBwb3J0IGZvciBQR1AgMi54IGtleXMgaGFzIGJlZW4gY29tcGxldGVseSBy ZW1vdmVkIGluIDIuMSBhZnRlciBiZWluZyBzdHJvbmdseSBkZXByZWNhdGVkIGZvciBhIHdoaWxl IG93aW5nIHRvIGtub3duIHNlY3VyaXR5IHdlYWtuZXNzZXMuIElmIHlvdSBuZWVkIHRvIGRlY3J5 cHQgb3Igc2lnbmF0dXJlIGNoZWNrIGxlZ2FjeSBQR1AgMi54IG1hdGVyaWFsLCBrZWVwIGEgY29w eSBvZiAxLjQgYW5kIGFzc29jaWF0ZWQgY29uZmlndXJhdGlvbi9rZXlyaW5ncyB0byBoYW5kICh0 aG91Z2ggSSBkb24ndCBrbm93IGlmIHRoZSBGcmVlQlNEIHBvcnRzIHN1cHBvcnQgMS40IGFuZCAy LjEgYmVpbmcgaW5zdGFsbGVkIHNpbXVsdGFuZW91c2x5KS4KCjIuMSBoYXMgcmVmYWN0b3JlZCB2 YXJpb3VzIGNvZGUgLSBmb3IgZXhhbXBsZSwgdGhlIGNvZGUgdGhhdCBpbnRlcmFjdHMgd2l0aCBr ZXlzZXJ2ZXJzIGlzIG5vdyBpbiBkaXJtbmdyIGFuZCBhc3NvY2lhdGVkIGNvbmZpZ3VyYXRpb24g Z29lcyBpbiBkaXJtbmdyLmNvbmYsIHVubGlrZSB3aXRoIGVhcmxpZXIgYnJhbmNoZXMgb2YgR251 UEcuIGh0dHBzIHBvb2wga2V5IHNlcnZlcnMgYXJlIGZpeGVkIGZyb20gMi4xLjMgb253YXJkcyAt IEkga25vdywgYmVjYXVzZSBJIGNvbnRyaWJ1dGVkIHRoYXQgZml4LgoKSG93ZXZlciwgdGhlIGJp Z2dlc3QgY29tcGF0aWJpbGl0eSBpc3N1ZSB3aXRoIHJldmVydGluZyBzZWN1cml0eS9nbnVwZyBm cm9tIDIuMSB0byAyLjAgYXJlIHRoZSB1c2Ugb2YgLmtieCBrZXlyaW5ncyBhbmQgc3VwcG9ydCBm b3IgZWxsaXB0aWMgY3VydmUga2V5cy4gWW91IGNhbiBleHBvcnQgYWxsIHlvdXIgbm9uIGVsbGlw dGljIGN1cnZlIGtleXMgZnJvbSB5b3VyIC5rYngga2V5cmluZyBvbiBhbiBpbnRlbnRpb25hbCBk b3duZ3JhZGUgZnJvbSAyLjEgdG8gMi4wIGFuZCBpbXBvcnQgdGhlbSB0byBhIHRyYWRpdGlvbmFs IGtleXJpbmcgYWZ0ZXIgZG93bmdyYWRpbmcsIGJ1dCBpdCBpcyBoYXJkIHRvIHNlZSBob3cgdGhp cyBjb3VsZCBiZSBoYW5kbGVkIGNsZWFubHkgaWYgdGhlIHBvcnQgd2FzIHN3aXRjaGVkIGZyb20g Mi4xIHRvIDIuMC4gSXQgd291bGQgYmUgYSBiaWcgUE9MQSBicmVhY2ggZm9yIHlvdXIgcHVibGlj IGtleXJpbmcgdG8gcmV2ZXJ0IHRvIHRoZSBzdGF0ZSBpdCB3YXMgaW4gYmVmb3JlIHlvdSB1cGdy YWRlZCB0byAyLjEgLSBvciBiZWNvbWUgYmxhbmsgaWYgeW91IGhhZCBvbmx5IGV2ZXIgdXNlZCAy LjEuCgoKSSBiZWxpZXZlIFdlcm5lciBLb2NoJ3MgaW50ZW50aW9uIGlzIHRvIGRyb3AgdGhlIDIu MCBicmFuY2ggYXQgc29tZSBwb2ludCwgb24gdGhlIGJhc2lzIHRoYXQgb25jZSB0aGUgYnVncyBo YXZlIGJlZW4gc2hha2VuIG91dCBvZiAyLjEgdGhlcmUgaXMgbGl0dGxlIGp1c3RpZmljYXRpb24g dG8ga2VlcCBzdXBwb3J0aW5nIDIuMC4gMS40IGlzIHVzZWZ1bCBmb3IgZGVwbG95bWVudHMgd2hl cmUgbWluaW11bSBkZXBlbmRlbmNpZXMgYXJlIG5lZWRlZC4KCkkgaG9wZSB3ZSBhcmUgY2xvc2Ug dG8gdGhlIHBvaW50IHdoZXJlIG1ham9yIGJ1Z3MgaGF2ZSBiZWVuIHNoYWtlbiBvdXQgb2YgMi4x LCBtZWFuaW5nIHRoZXJlIGlzIGxpdHRsZSBuZWVkIHRvIHJldmVydCB0byAyLjAgYXMgYSB3b3Jr IHJvdW5kLiBUaGVyZSBhcmUgdW5kb3VidGVkbHkgY29tcGF0aWJpbGl0eSBpc3N1ZXMgaW4gbW92 aW5nIGZyb20gMi4wIHRvIDIuMSwgYnV0IEkgZG9uJ3Qgc2VlIGhvdyBtYWtpbmcgcGVvcGxlIGNo YW5nZSBiYWNrIHRvIDIuMCBjb25maWd1cmF0aW9uIGFuZCBrZXlyaW5ncyBieSByZXZlcnRpbmcg dGhlIHBvcnQgdG8gMi4wIChvciBtYWtpbmcgdGhlbSBjaG9vc2UgdG8gc3RpY2sgd2l0aCAyLjEp IGlzIGFueXRoaW5nIG90aGVyIHRoYW4gcmV0cm9ncmFkZS4KCgpXaXRoIGJlc3Qgd2lzaGVzLAoK CkRhdmlk From owner-freebsd-ports@FreeBSD.ORG Tue May 26 07:18:11 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 92C38D4F for ; Tue, 26 May 2015 07:18:11 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (unknown [IPv6:2602:d1:b4d6:e600:4261:86ff:fef6:aa2a]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 62A0ABAA for ; Tue, 26 May 2015 07:18:11 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.14.9/8.14.9) with ESMTP id t4Q7JTIw096692 for ; Tue, 26 May 2015 00:19:35 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) To: In-Reply-To: <55640687.9070704@FreeBSD.org> References: <20150524181321.GB1214@albert.catwhisker.org> <20150525205952.GA4054@rwpc15.gfn.riverwillow.net.au> <1f553d90a8570bbd741b75b842dad455@ultimatedns.net>, <55640687.9070704@FreeBSD.org> From: "Chris H" Subject: Re: Any guidance for gnupg-2.0 -> gnupg-2.1 (archived encrypted email)? Date: Tue, 26 May 2015 00:19:35 -0700 Content-Type: text/plain; charset=UTF-8; format=fixed MIME-Version: 1.0 Message-id: Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 07:18:11 -0000 On Tue, 26 May 2015 15:37:11 +1000 Kubilay Kocak wrote > On 26/05/2015 12:54 PM, Chris H wrote: > > On Tue, 26 May 2015 06:59:52 +1000 John Marshall > > wrote > > > >> On Sun, 24 May 2015, 11:13 -0700, David Wolfskill wrote: > >>> Last November, I encountered a reason to deviate from that: When > >>> security/gnupg became gnupg-2.1, I found that gnupg-2.1 was unable to > >>> decrypt some (well, any, in my experience) archived encrypted email > >>> messages. > >> > >> I was bitten badly in November when I blindly upgraded security/gnupg > >> and found myself in the new, shiny, non-STABLE version 2.1.0. I can't > >> remember the details, but too much stuff didn't work. I went to the > >> release notes and other places and spent about a day trying to make the > >> best of it. I had some success but ended up reverting security/gnupg -> > >> security/gnupg20 after I discovered the following on the GnuPG home > >> page. > >> > >> - 2.0.27 is the stable version suggested for most users, > >> - 2.1.4 is the brand-new modern version with support for ECC and many > >> other new features, and > >> - 1.4.19 is the classic portable version. > >> > >> The STABLE 2.0 branch still works for me and the surprise factor is not > >> as prominent as in 2.1. I have no idea why the main FreeBSD port was > >> switched from STABLE to CURRENT and the STABLE version was relegated to > >> a new version-tagged port. > >> > >> Sorry if this is off-topic but maybe it helps some folks. > > Isn't the standard way to deal with this in the ports tree, to > > create /portname, and /portname-devel ? > > Having portname track "stable", and the -devel branch track "current"? > > Can gnupg be rearranged to follow this method? > > There are a couple of cases to consider: > > Note: I will refer to branches as !development, rather than > stable/current/release, since often there isn't an absolutely clear > distinction, or those designations can be relatively transient. > > a) Those projects that have many (read >2) "supported" versions/branches. > > b) Those projects that maintain 2 versions/branches, latest !development > and development (next version) > > The category/portname and category/portname-devel convention only covers > for (b), and is not necessarily a good convention for all cases. > > For instance ZeroMQ maintains quite a few previous "stable" branches. > Having category/portname move across major/minor versions can (and does) > break compatibility for dependent ports. > > In this case category/portnameXY is a better convention, perhaps with > category/portname left to point to a DEFAULT_VERSION, which the user can > change. > > Similar examples include apache, squid, postgresql, php among others. > > In this case, I'd have opted for gnupg20 and gnupg21 rather than a > -devel distinction or moving gnupg across major/minor versions. > Personally preference granted, but a considered one. > > My 2c I completely understand, and very much appreciate your input on this. I also tried to figure how it would even be feasible to "rearrange" gnupg to follow the stable / -devel track, given that the "shoe has already dropped", so to speak -- the new version has already been applied to the gnupg port. But since there appeared to be 1) some "compatibility" issues, 2) the web site indicates 2.0 is the "stable" branch, and 3) so many other ports in the ports tree "depend" on the "standard" gnupg branch. That maybe the switch to 2.1 might have been a bit premature, and that the standard / -devel route might be the / a solution. That's all. Not trying to be "pushy" or anything. Just attempting to suggest a possible solution. :) > > Koobs > > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" --Chris -- From owner-freebsd-ports@FreeBSD.ORG Tue May 26 09:50:46 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 37AFE46F for ; Tue, 26 May 2015 09:50:46 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org (portscout.freebsd.org [IPv6:2001:1900:2254:206a::50:6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 264A98E6 for ; Tue, 26 May 2015 09:50:46 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org ([127.0.1.123]) by portscout.freebsd.org (8.14.9/8.14.9) with ESMTP id t4Q9ok2C026378 for ; Tue, 26 May 2015 09:50:46 GMT (envelope-from portscout@FreeBSD.org) Received: (from portscout@localhost) by portscout.freebsd.org (8.14.9/8.14.9/Submit) id t4Q9okqr026377; Tue, 26 May 2015 09:50:46 GMT (envelope-from portscout@FreeBSD.org) Message-Id: <201505260950.t4Q9okqr026377@portscout.freebsd.org> X-Authentication-Warning: portscout.freebsd.org: portscout set sender to portscout@FreeBSD.org using -f Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Date: Tue, 26 May 2015 09:50:46 +0000 From: portscout@FreeBSD.org To: ports@freebsd.org Subject: FreeBSD ports you maintain which are out of date X-Mailer: portscout/0.8.1 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 09:50:46 -0000 Dear port maintainer, The portscout new distfile checker has detected that one or more of your ports appears to be out of date. Please take the opportunity to check each of the ports listed below, and if possible and appropriate, submit/commit an update. If any ports have already been updated, you can safely ignore the entry. You will not be e-mailed again for any of the port/version combinations below. Full details can be found at the following URL: http://portscout.freebsd.org/ports@freebsd.org.html Port | Current version | New version ------------------------------------------------+-----------------+------------ databases/jasperreports | 5.5.2 | 6.1.0 ------------------------------------------------+-----------------+------------ If any of the above results are invalid, please check the following page for details on how to improve portscout's detection and selection of distfiles on a per-port basis: http://portscout.freebsd.org/info/portscout-portconfig.txt Thanks. From owner-freebsd-ports@FreeBSD.ORG Tue May 26 10:16:01 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8AA91A87 for ; Tue, 26 May 2015 10:16:01 +0000 (UTC) (envelope-from rank1seeker@gmail.com) Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com [IPv6:2a00:1450:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 24A66F58 for ; Tue, 26 May 2015 10:16:01 +0000 (UTC) (envelope-from rank1seeker@gmail.com) Received: by wichy4 with SMTP id hy4so75460740wic.1 for ; Tue, 26 May 2015 03:15:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:subject:message-id:mime-version:content-type :content-transfer-encoding; bh=v9LZCkBv/stVd6/FKEJB9MaggWxtHcCbyF0XR8D3S6M=; b=q5F2GydTWOVisPuS8cZt44td8zqVCKzmZKrarb7VXPhbDOp79DUbE35O1g3N5om8dG avpWe4RSiehFcaLIac2Ym2n1LwtVJPGpFrzB6idJZndGz8WDnj7HOeeut2dzb+dm0/C2 xMj7JHt1bcfubsYE7koeWFLgTdgPGrcMyZvnz1NxzrqPGH76dtBC+sL9Cnh/thIs3Jir HUcxnxSZv+TnuoLN8s1pDx0EEVWzYEo8JSwEEqgBDS5G71MjIAU/6jpsVhwRgOUD+RSx aa31QLhyGbDidJL6LAKfC3cojs3jOOJE92E93YG/J8Ja99iesr+MqaAGzyPnHXLql+Ov HtCA== X-Received: by 10.194.186.145 with SMTP id fk17mr47869234wjc.156.1432635359395; Tue, 26 May 2015 03:15:59 -0700 (PDT) Received: from localhost (cpe-94-253-199-175.zg2.cable.xnet.hr. [94.253.199.175]) by mx.google.com with ESMTPSA id bm9sm20988701wjc.21.2015.05.26.03.15.58 for (version=SSLv3 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 26 May 2015 03:15:58 -0700 (PDT) Date: Tue, 26 May 2015 12:15:54 +0200 From: To: ports@FreeBSD.org Subject: audio/oss Message-ID: <20150526121554.00001298@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 10:16:01 -0000 10.1-RELEASE-p10 #0 r282952 i386 oss-4.2.b2011 After playing of music finishes, I get around 20 of these: kernel trap 22 with interrupts disabled Recompilation nad reinstallation, soundoff & soundon didn't help. Same procedure, after removing 'CPUTYPE?=prescott' SOLVED a problem! Domagoj From owner-freebsd-ports@FreeBSD.ORG Tue May 26 12:30:13 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5BEA66E for ; Tue, 26 May 2015 12:30:13 +0000 (UTC) (envelope-from demelier.david@gmail.com) Received: from mail-wg0-x232.google.com (mail-wg0-x232.google.com [IPv6:2a00:1450:400c:c00::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4E2D725D for ; Tue, 26 May 2015 12:30:13 +0000 (UTC) (envelope-from demelier.david@gmail.com) Received: by wghq2 with SMTP id q2so95660557wgh.1 for ; Tue, 26 May 2015 05:30:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=uDMKqVv7E2g16X+Vo2Ch7yV/WF0ueWAOjzYCTPpLPIo=; b=lUpmz5yiv7lkx7FawI3TSh9sJk/+SPKfcvhrZejYnZfW1/OKn7k1fywI8nSaX/aAaQ dhF+qDR+NGGkor/Te1m3KVXZBGAPHIIIpYaTzXD9TuajBLKPqv7tWZ1Otp96A/4LtY9A 2vh7Yv22q6sO/gc28ExkhxPJ7rR04fT1/KyOWHVVWUx21QtcCVb5ZXqutGMlLD9RJl+d fkadAByu66JSaQlm/8UtO6T+CCcewNxuKO4OqWnHtcxfoqb7yBAAfw/tlkOHBgvmemV1 nOIQjri2au4aCHSitX5eaDbYYYymAF3C0ts3NAch7q4xazzrOgqkJWMo3ET/YRVJaTr0 iWAw== X-Received: by 10.180.88.72 with SMTP id be8mr40659087wib.45.1432643411612; Tue, 26 May 2015 05:30:11 -0700 (PDT) Received: from [192.168.1.46] (LAubervilliers-656-1-269-112.w193-248.abo.wanadoo.fr. [193.248.44.112]) by mx.google.com with ESMTPSA id gw7sm16671645wib.15.2015.05.26.05.30.10 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 26 May 2015 05:30:10 -0700 (PDT) Message-ID: <55646751.1070108@gmail.com> Date: Tue, 26 May 2015 14:30:09 +0200 From: David Demelier User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: Re: audio/oss References: <20150526121554.00001298@gmail.com> In-Reply-To: <20150526121554.00001298@gmail.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 12:30:13 -0000 Le 26/05/2015 12:15, rank1seeker@gmail.com a écrit : > 10.1-RELEASE-p10 #0 r282952 i386 > > oss-4.2.b2011 > > After playing of music finishes, I get around 20 of these: > kernel trap 22 with interrupts disabled > > Recompilation nad reinstallation, soundoff & soundon didn't help. > Same procedure, after removing 'CPUTYPE?=prescott' SOLVED a problem! > That's weird, but do you really need OSSv4 from ports? Your sound card isn't supported by default FreeBSD drivers? Regards, David. From owner-freebsd-ports@FreeBSD.ORG Tue May 26 16:56:30 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D687E526 for ; Tue, 26 May 2015 16:56:30 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ACCDE289 for ; Tue, 26 May 2015 16:56:30 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 7755820A28 for ; Tue, 26 May 2015 12:56:29 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute4.internal (MEProxy); Tue, 26 May 2015 12:56:29 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=1IK+oVYb8hZN4We BjN+6MCckLMQ=; b=N2RwXBtMhoKYAbWHv+6THeswxKZHX8aMpX/nFNff52T1ZrR zzE+stTOO/lLomAM7goHOIV2sKWaD0lUrXccj4qBMooBpXtz/jPPjLm7NpVwdloA 1RdspJx25hqq9/UgBf1eCODNsaC2+NO3Y6HnGQPuytuDBBs8jmPwPbR0W2W8= Received: by web3.nyi.internal (Postfix, from userid 99) id 4E1B51159AD; Tue, 26 May 2015 12:56:29 -0400 (EDT) Message-Id: <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> X-Sasl-Enc: D9xIToRDxzsmZaGYFBs0NFepmyGbSDpizGc6HvNWNCAa 1432659389 From: Mark Felder To: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-073992ec Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) Date: Tue, 26 May 2015 11:56:29 -0500 In-Reply-To: <20150523153029.B7BD3280@hub.freebsd.org> References: <20150523153029.B7BD3280@hub.freebsd.org> X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 16:56:30 -0000 On Sat, May 23, 2015, at 10:30, Roger Marquis wrote: > > If you find a vulnerability such as a new CVE or mailing list > announcement please send it to the port maintainer and > as quickly as possible. They are whoefully > understaffed and need our help. Who is "ports-secteam"? There has been no Call For Help that I've ever seen. If people are needed to process these CVEs so they are entered into VUXML, sign me up to ports-secteam please. From owner-freebsd-ports@FreeBSD.ORG Tue May 26 17:39:26 2015 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21BB555D; Tue, 26 May 2015 17:39:26 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id 3A75DEEA; Tue, 26 May 2015 17:39:24 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from porto.starpoint.kiev.ua (porto-e.starpoint.kiev.ua [212.40.38.100]) by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id UAA04381; Tue, 26 May 2015 20:39:15 +0300 (EEST) (envelope-from avg@FreeBSD.org) Received: from localhost ([127.0.0.1]) by porto.starpoint.kiev.ua with esmtp (Exim 4.34 (FreeBSD)) id 1YxIos-000KO0-Mj; Tue, 26 May 2015 20:39:14 +0300 Message-ID: <5564AF89.8040108@FreeBSD.org> Date: Tue, 26 May 2015 20:38:17 +0300 From: Andriy Gapon User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: ports CC: timur@FreeBSD.org, =?UTF-8?B?TWlja2HDq2wgTWFpbGxvdA==?= Subject: pkg install kodi does not like samba Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 17:39:26 -0000 Not sure if this is a problem with multimedia/kodi port or if it is with pkg or both: $ pkg install kodi Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. Updating poudriere repository catalogue... poudriere repository is up-to-date. All repositories are up-to-date. Checking integrity... done (1 conflicting) Checking integrity... done (0 conflicting) The following 13 package(s) will be affected (of 0 checked): Installed packages to be REMOVED: samba36-3.6.25 New packages to be INSTALLED: kodi: 14.2 [FreeBSD] tinyxml: 2.6.2_1 [FreeBSD] samba36-nmblookup: 3.6.25 [FreeBSD] libnfs: 1.3.0_1 [FreeBSD] libcec: 2.2.0 [FreeBSD] libbluray: 0.7.0,1 [FreeBSD] libbdplus: 0.1.2 [FreeBSD] libaacs: 0.8.0 [FreeBSD] libass: 0.12.1 [FreeBSD] sdl2: 2.0.3_4 [FreeBSD] shairplay: 0.9.0.20140422 [FreeBSD] lzo2: 2.09 [FreeBSD] So, pkg wants to replace samba36 with samba36-nmblookup. I think that those packages conflict because samba36 provides a superset of what samba36-nmblookup provides. So, there should be no reason to not just use samba36. Finally, why do we need net/samba-nmblookup at all? Seems like kodi is its only user and it is not a light-weight port already. -- Andriy Gapon From owner-freebsd-ports@FreeBSD.ORG Tue May 26 18:36:55 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 721A7264 for ; Tue, 26 May 2015 18:36:55 +0000 (UTC) (envelope-from timur@bat.ru) Received: from mail-ig0-f169.google.com (mail-ig0-f169.google.com [209.85.213.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3FFD3FCC for ; Tue, 26 May 2015 18:36:55 +0000 (UTC) (envelope-from timur@bat.ru) Received: by igbsb11 with SMTP id sb11so60519145igb.0 for ; Tue, 26 May 2015 11:36:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=cI5WkffbVIXh/kF69+nG72R8vk1JvoPEuN+d8CV+tcY=; b=SJeKjIUUQgtPV7nOFzDexIxVRYU9msbZCIiZH3Q7OIM7ZmBxpA20zDtO08X6zw6ltf 4oqgt2TgSbizlPvK9XlgQPKn9Dc3EejfZ0wycx5/y6+54/zWN1Jmb2bb4Lj5NsOskaaW hezgVPTkHkj96MBvEbX29y+g4mUWe7gd/q/cNRvZJmTKskgUsWlFjzwzvdgjVzuf+joB 7gJ63ciOupiR7F3ZnRdmKU9mytmO8ngGmpa88hMJTirvq6VetD4qT5azRAB/8ODQ2m76 LCNpYXufrlDhJHMGm1lhm2tR/4oRuYa+IWbhPBevekcmQzQYUFzQxz04IOzZb6mcf+Bv wg6g== X-Gm-Message-State: ALoCoQlirBkzhotzsuLyHlggrAr0M56GL1j8WD03BUV5fCDdZvrqMf3VTi+qrlkHjPep+M8iYRO7 X-Received: by 10.107.131.141 with SMTP id n13mr36803079ioi.74.1432665407994; Tue, 26 May 2015 11:36:47 -0700 (PDT) MIME-Version: 1.0 Sender: timur@bat.ru Received: by 10.107.170.17 with HTTP; Tue, 26 May 2015 11:36:27 -0700 (PDT) In-Reply-To: <5564AF89.8040108@FreeBSD.org> References: <5564AF89.8040108@FreeBSD.org> From: "Timur I. Bakeyev" Date: Tue, 26 May 2015 20:36:27 +0200 X-Google-Sender-Auth: 3bngUovmTtgZg07fHs6FOdY6D60 Message-ID: Subject: Re: pkg install kodi does not like samba To: Andriy Gapon Cc: ports , =?UTF-8?Q?Micka=C3=ABl_Maillot?= Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 18:36:55 -0000 Well, it's all said in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=177786. I've added samba36-nmblookup as a courtesy for the xmbc/kodi project while ago so it's not depend on full samba package, but now it's going too far in the request to drop nmblookup from samba36 itself.. The real solution(are we done with GSOC projects for this year already?) would be ability to build multiple packages out of one port, since we already have stagedir. So, only one extra step is required, similar the way it's done in Debian. On Tue, May 26, 2015 at 7:38 PM, Andriy Gapon wrote: > > Not sure if this is a problem with multimedia/kodi port or if it is with > pkg or > both: > $ pkg install kodi > Updating FreeBSD repository catalogue... > FreeBSD repository is up-to-date. > Updating poudriere repository catalogue... > poudriere repository is up-to-date. > All repositories are up-to-date. > Checking integrity... done (1 conflicting) > Checking integrity... done (0 conflicting) > The following 13 package(s) will be affected (of 0 checked): > > Installed packages to be REMOVED: > samba36-3.6.25 > > New packages to be INSTALLED: > kodi: 14.2 [FreeBSD] > tinyxml: 2.6.2_1 [FreeBSD] > samba36-nmblookup: 3.6.25 [FreeBSD] > libnfs: 1.3.0_1 [FreeBSD] > libcec: 2.2.0 [FreeBSD] > libbluray: 0.7.0,1 [FreeBSD] > libbdplus: 0.1.2 [FreeBSD] > libaacs: 0.8.0 [FreeBSD] > libass: 0.12.1 [FreeBSD] > sdl2: 2.0.3_4 [FreeBSD] > shairplay: 0.9.0.20140422 [FreeBSD] > lzo2: 2.09 [FreeBSD] > > So, pkg wants to replace samba36 with samba36-nmblookup. > I think that those packages conflict because samba36 provides a superset > of what > samba36-nmblookup provides. So, there should be no reason to not just use > samba36. > Finally, why do we need net/samba-nmblookup at all? Seems like kodi is > its only > user and it is not a light-weight port already. > > -- > Andriy Gapon > From owner-freebsd-ports@FreeBSD.ORG Tue May 26 23:21:15 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BA78D879 for ; Tue, 26 May 2015 23:21:15 +0000 (UTC) (envelope-from agabas@astabis.com) Received: from mail-wg0-f54.google.com (mail-wg0-f54.google.com [74.125.82.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 55BE5DD5 for ; Tue, 26 May 2015 23:21:14 +0000 (UTC) (envelope-from agabas@astabis.com) Received: by wgez8 with SMTP id z8so110214941wge.0 for ; Tue, 26 May 2015 16:21:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-type:importance:sensitivity:thread-index:content-language :disposition-notification-to; bh=azWHWTHXGZioyghPoa6hfxf834eHfjt3zl+Y0LxxMy4=; b=YBZaXPlHLux28kfgev1DGRkr1s7Ls0jHyFtZnC1r95SLl6UGfPRvN0LIH3HwS8TG3l EYhe2VXZMWnEW5eokb1OogDQU4h3ukdhjrdG8nlo8U7yfZGNYiJsnpluOnHXW5kKHkVD yWPnosJaBCZF0jDBUdSCGNIsrXYyCBMsk/CjbyFVEppWwLar2/u0xAbgRwBmFMx7Jhbc eD7XUmr6Bi7xAF+jHtP+pFXL8lJ/DHspX30nFGBB+BwI7j/T0R1MBaEKf4MHGPqy3VRM 1/Bk6PoKpwkUIcU/iYc/IfzX0o3sRxf8tjU+udiBfFhwUQff6AyfDtolOkr19KARtOeM +Glg== X-Gm-Message-State: ALoCoQlNAinB/NU/dUiazxXFbxveJkBD4qsvVxD6JNSN3dOA1upS2dIazFzppvK6v3/MnWOIsdw4 X-Received: by 10.181.6.37 with SMTP id cr5mr45018507wid.18.1432682466824; Tue, 26 May 2015 16:21:06 -0700 (PDT) Received: from ashkenazi (164.Red-83-32-151.dynamicIP.rima-tde.net. [83.32.151.164]) by mx.google.com with ESMTPSA id f6sm23941990wjq.31.2015.05.26.16.21.05 (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 26 May 2015 16:21:06 -0700 (PDT) From: =?utf-8?Q?Albert_Gab=C3=A0s_|_Astabis?= To: Cc: Subject: FreeBSD Port: logstash-1.4.2_1 Date: Wed, 27 May 2015 01:21:05 +0200 Message-ID: MIME-Version: 1.0 X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Outlook 15.0 Importance: High Sensitivity: Company-Confidential Thread-Index: AdCYCVMYY0ZVUQ8ITWGweoDksPbNwQ== Content-Language: es Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2015 23:21:15 -0000 Dear Enrico, =20 Please, could you update the port to the latest version - 1.5.0?? =20 Thank you!! -- Albert Gab=C3=A0s - Astabis Information Risk Management =20 Barcelona: +34 931 980 181 | Madrid: +34 911 333 071 United Kingdom: +44 203 695 2195 | Israel: +97 248 847 344 =20 From owner-freebsd-ports@FreeBSD.ORG Wed May 27 00:36:49 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 64519AE7 for ; Wed, 27 May 2015 00:36:49 +0000 (UTC) (envelope-from enrico.m.crisostomo@gmail.com) Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EA6DBF4 for ; Wed, 27 May 2015 00:36:48 +0000 (UTC) (envelope-from enrico.m.crisostomo@gmail.com) Received: by wicmx19 with SMTP id mx19so94151835wic.0 for ; Tue, 26 May 2015 17:36:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to; bh=vlt456cv8zvsCf2g5JjNgkONWKdIFNsnGTa9swy9Qog=; b=x1K4QcSAxOkCYvdIGpZACamsWNZ+E5aWnc0DznPMqBY3UEGdKun2Vb9oi7erjswIna 1j1yl6F1z5dmiYMBdXfI5b3BW7bFM5leXD8Y7VUnGPCLhIMrXlxD1e2xdorfIfpU5PrB CtNJ3IZL2R0sG4lXwZY9tXgesIpPeG1ULQmmRpmZ2F3Bj/qNjs2bG5ZK3qGHNE2RmJax /aLl/lAuJsL026WzHwSsTzSCE0bHSqeTnviTOp5TNnxDy3KM8+OjilWcrpCEH9q9s10N AtTPcQYw2TjYQZAyMlk/w1FQk0uER6iCaqtsjc1vWTFP8yOWlp1EnIpWwDFrgdnnR4lb AcAw== X-Received: by 10.194.121.163 with SMTP id ll3mr52944743wjb.142.1432687007178; Tue, 26 May 2015 17:36:47 -0700 (PDT) Received: from [192.168.1.51] (191.Red-88-1-148.dynamicIP.rima-tde.net. [88.1.148.191]) by mx.google.com with ESMTPSA id u6sm22482933wja.40.2015.05.26.17.36.44 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 26 May 2015 17:36:44 -0700 (PDT) Subject: Re: FreeBSD Port: logstash-1.4.2_1 Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\)) Content-Type: multipart/signed; boundary="Apple-Mail=_8F64B9A9-7A38-4C1C-B35D-746C3A88509A"; protocol="application/pkcs7-signature"; micalg=sha1 From: Enrico Maria Crisostomo X-Priority: 1 (Highest) In-Reply-To: Date: Wed, 27 May 2015 02:36:42 +0200 Cc: ports@FreeBSD.org Message-Id: References: To: =?utf-8?Q?Albert_Gab=C3=A0s_=7C_Astabis?= X-Mailer: Apple Mail (2.2098) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 00:36:49 -0000 --Apple-Mail=_8F64B9A9-7A38-4C1C-B35D-746C3A88509A Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi Albert, I=E2=80=99ve already given logstash 1.5.0 a shot but I realised it=E2=80=99= s still affected by a bug that prevents it to function properly on = FreeBSD (see this PR I authored: = https://github.com/jnr/jnr-ffi/pull/26). Unfortunately, a fixed version of JRuby didn=E2=80=99t make it into = logstash 1.5.0 and the patch in the old port won=E2=80=99t work on the = new one (see https://github.com/elastic/logstash/issues/3271). As a consequence, my intention currently is waiting for the Logstash = developers to ship a version that includes an updated JRuby instead of = having to create and test a new patch. I believe it won=E2=80=99t take = long because developers are at work and a patch has already been merged: = https://github.com/elastic/logstash/commit/827fc6d41815adfb13bbe6032f43d44= a0d315784 Cheers, --=20 Enrico > On 27 May 2015, at 01:21, Albert Gab=C3=A0s | Astabis = wrote: >=20 > Dear Enrico, > =20 > Please, could you update the port to the latest version - 1.5.0?? > =20 > Thank you!! > -- > Albert Gab=C3=A0s - Astabis > Information Risk Management > =20 > Barcelona: +34 931 980 181 | Madrid: +34 911 333 071 > United Kingdom: +44 203 695 2195 | Israel: +97 248 847 344 --Apple-Mail=_8F64B9A9-7A38-4C1C-B35D-746C3A88509A Content-Disposition: attachment; filename=smime.p7s Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM7zCCBjQw ggQcoAMCAQICASAwDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0 Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDI1NVoX DTE3MTAyNDIxMDI1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy dENvbSBDbGFzcyAyIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMsohUWcASz7GfKrpTOMKqANy9BV7V0igWdGxA8IU77L3aTxErQ+ fcxtDYZ36Z6GH0YFn7fq5RADteP0AYzrCA+EQTfi8q1+kA3m0nwtwXG94M5sIqsvs7lRP1aycBke /s5g9hJHryZ2acScnzczjBCAo7X1v5G3yw8MDP2m2RCye0KfgZ4nODerZJVzhAlOD9YejvAXZqHk sw56HzElVIoYSZ3q4+RJuPXXfIoyby+Y2m1E+YzX5iCZXBx05gk6MKAW1vaw4/v2OOLy6FZH3XHH tOkzUreG//CsFnB9+uaYSlR65cdGzTsmoIK8WH1ygoXhRBm98SD7Hf/r3FELNvUCAwEAAaOCAa0w ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSuVYNv7DHKufcd +q9rMfPIHeOsuzAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6 Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBADqpJw3I07QW ke9plNBpxUxcffc7nUrIQpJHDci91DFG7fVhHRkMZ1J+BKg5UNUxIFJ2Z9B90Micc/NXcs7kPBRd n6XGO/vPc87Y6R+cWS9Nc9+fp3Enmsm94OxOwI9wn8qnr/6o3mD4noP9JphwUPTXwHovjavRnhUQ HLfo/i2NG0XXgTHXS2Xm0kVUozXqpYpAdumMiB/vezj1QHQJDmUdPYMcp+reg9901zkyT3fDW/iv JVv6pWtkh6Pw2ytZT7mvg7YhX3V50Nv860cV11mocUVcqBLv0gcT+HBDYtbuvexNftwNQKD5193A 7zN4vG7CTYkXxytSjKuXrpEatEiFPxWgb84nVj25SU5q/r1Xhwby6mLhkbaXslkVtwEWT3Van49r KjlK4XrUKYYWtnfzq6aSak5u0Vpxd1rY79tWhD3EdCvOhNz/QplNa+VkIsrcp7+8ZhP1l1b2U6Ma xIVteuVMD3X0vziIwr7jxYae9FZjbxlpUemqXjcC0QaFfN7qI0JsQMALL7iGRBg7K0CoOBzECdD3 fuZil5kU/LP9cr1BK31U0Uy651bFnAMMMkqhAChIbn0ei72VnbpSsrrSdF0BAGYQ8vyHae5aCg+H 75dVCV33K6FuxZrf09yTz+Vx/PkdRUYkXmZz/OTfyJXsUOUXrym6KvI2rYpccSk5MIIGszCCBZug AwIBAgICWiQwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENv bSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYD VQQDEy9TdGFydENvbSBDbGFzcyAyIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTAeFw0x NDEyMTAwMDU0MDBaFw0xNjEyMDkyMzExMDdaMIHEMQswCQYDVQQGEwJCRTEnMCUGA1UECBMeQnJ1 c3NlbHMgSG9vZmRzdGVkZWxpamsgR2V3ZXN0MRIwEAYDVQQHEwlCcnV4ZWxsZXMxKDAmBgNVBAoT H01vbmV5dHJhbnMgLSBDaGFuZ2UgQ2VudGVyIFNQUkwxIDAeBgNVBAMTF0VucmljbyBNYXJpYSBD cmlzb3N0b21vMSwwKgYJKoZIhvcNAQkBFh1lbnJpY28ubS5jcmlzb3N0b21vQGdtYWlsLmNvbTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO5L9OR8oKPK2KBvIy9eMCX1Q/qhB1LWxCOF SQncIF7rh3+hQxnuhFOaWE+zECHGvsxnsO9hEu8ZQkxNaBmdyrqZeOUwVNwJdV0pCZ+kziDXdEwY o8OgPS0P0P5IbksqHneJttowF+R8K6NffCQ2v0IpVLEk2ymm0Qg7YaQk6+zeBlOZyMVxVowQD/hs GCB6tUyr8y8exs4YfG/AKbAFNj6qBRWtn1Qg9H/kTSEba0+580S9Nv+iF9ZFHGM+tL8GKz6oZ/nc rMWHL/orR3y8A9RsvC/G7YU5msHdpaxvlULviGJ/w5MHmkJn2e53QNrlKvd4Ftc/rmGZaXLFC4ut 3CcCAwEAAaOCAuMwggLfMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdJQQWMBQGCCsGAQUF BwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQUEWWbiqPnLLPHhL8+TcGaUW8ZJbswHwYDVR0jBBgwFoAU rlWDb+wxyrn3HfqvazHzyB3jrLswKAYDVR0RBCEwH4EdZW5yaWNvLm0uY3Jpc29zdG9tb0BnbWFp bC5jb20wggFMBgNVHSAEggFDMIIBPzCCATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCARYi aHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeowJxYgU3Rh cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMgY2VydGlmaWNhdGUgd2Fz IGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzIDIgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMg b2YgdGhlIFN0YXJ0Q29tIENBIHBvbGljeSwgcmVsaWFuY2Ugb25seSBmb3IgdGhlIGludGVuZGVk IHB1cnBvc2UgaW4gY29tcGxpYW5jZSBvZiB0aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4w NgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0dTItY3JsLmNybDCB jgYIKwYBBQUHAQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDovL29jc3Auc3RhcnRzc2wuY29tL3N1 Yi9jbGFzczIvY2xpZW50L2NhMEIGCCsGAQUFBzAChjZodHRwOi8vYWlhLnN0YXJ0c3NsLmNvbS9j ZXJ0cy9zdWIuY2xhc3MyLmNsaWVudC5jYS5jcnQwIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFy dHNzbC5jb20vMA0GCSqGSIb3DQEBCwUAA4IBAQAYy1HXuGzXodiS1GSby3X4OEJ/BthSGwrM3noj F4IKgyGEFVIOcQwt2S7+vaHG7DHxBQrqWBGo5SkH6rXsjs/kx1lfwgy4Zi5UotZ6lLmoRMW5FDqL DGJh/Wd5xvdItm6qSTl1dYa8mRp6dDlRsuWWHpqHpwnvL2WPGQDjdbFAhJJflLpYh2K/9tpAvkUT wSMYW29Sq0TNZnAI1P8I9pXdVtc0c6hRhOqHu6wGTwa2bjOp/TcLCGIfG5qVDcJE4WdnLdBklFA+ YeABCyImVztuJsMyQ7MqqBWo4XIqy2mYsg6wmHRXoyYqHH3AsbLuDEojiBgz58Rf6PCmRQojP3fW MYIDbDCCA2gCAQEwgZMwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy dENvbSBDbGFzcyAyIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQICWiQwCQYFKw4DAhoF AKCCAa0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTUwNTI3MDAz NjQzWjAjBgkqhkiG9w0BCQQxFgQUGkq+2jmsF9tIAX8Q/ZNmUrQrcdswgaQGCSsGAQQBgjcQBDGB ljCBkzCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNl Y3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENsYXNz IDIgUHJpbWFyeSBJbnRlcm1lZGlhdGUgQ2xpZW50IENBAgJaJDCBpgYLKoZIhvcNAQkQAgsxgZag gZMwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1 cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAy IFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQICWiQwDQYJKoZIhvcNAQEBBQAEggEAp7g7 mKxNjOXcegBPROU4BMLjRsKVm6hv4aV4rrbz15iSL9ImparEfTZAuFe3UZOzIfsSijCPmYAurIH2 IKHLHKig8MfLdH2OPejF+qE4ywU1D3CzWH9l9GZ58lss1H/WlhsV9N+NmgD6ks5RNdn4xVc+aXmc bDjm1uG7LpK3z2KVwefLIErGYRtF4P9x0stkC4B7wgadljjZ/FWWX9K6RC6BGw6Yr8gMuncHonDy iilN4B3oKsdNb4CJqw+ltG7087dJA7VlsBbw626Fr0qboiEQD7HA8yuXHoQhcadZLh5+GiGrjBYG MHsnRAwI0DlKhrcDpUWF1vC/YQ9vAPMxagAAAAAAAA== --Apple-Mail=_8F64B9A9-7A38-4C1C-B35D-746C3A88509A-- From owner-freebsd-ports@FreeBSD.ORG Wed May 27 01:36:39 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B53A3718 for ; Wed, 27 May 2015 01:36:39 +0000 (UTC) (envelope-from brian@brianmwaters.net) Received: from smtp126.iad3a.emailsrvr.com (smtp126.iad3a.emailsrvr.com [173.203.187.126]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8F105AE for ; Wed, 27 May 2015 01:36:39 +0000 (UTC) (envelope-from brian@brianmwaters.net) Received: from smtp24.relay.iad3a.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp24.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 80D0D18078E; Tue, 26 May 2015 21:26:45 -0400 (EDT) Received: by smtp24.relay.iad3a.emailsrvr.com (Authenticated sender: brian-AT-brianmwaters.net) with ESMTPSA id CD2551805DA; Tue, 26 May 2015 21:26:44 -0400 (EDT) X-Sender-Id: brian@brianmwaters.net Received: from localhost ([UNAVAILABLE]. [50.250.18.118]) (using TLSv1.2 with cipher AES128-GCM-SHA256) by 0.0.0.0:465 (trex/5.4.2); Wed, 27 May 2015 01:26:45 GMT Date: Tue, 26 May 2015 21:26:42 -0400 From: "Brian M. Waters" To: ports@freebsd.org Subject: New port of Owl Lisp (and soon Blab) Message-ID: <20150526212642.50fcd746@brianmwaters.net> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 01:36:39 -0000 Hi there, I noticed that Aki Helin's excellent Radamsa fuzzer is available in the ports tree, but not its grammar-based counterpart, Blab: https://github.com/aoh/blab, so I started preparing a port for Blab. However, Blab has as a dependency another tool called Owl Lisp: https://github.com/aoh/owl-lisp, so I started porting that, too. The port is for the current version of Owl Lisp (0.1.7), and Aki has agreed to take some of the changes upstream for his next version. My port is available as a tarball here: https://brianmwaters.net/projects/owl-lisp.tar.gz. (It's only about 2k.) Thanks, Brian Waters Burlington, Vermont, USA From owner-freebsd-ports@FreeBSD.ORG Wed May 27 10:04:36 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 20E6DC12 for ; Wed, 27 May 2015 10:04:36 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org (portscout.freebsd.org [IPv6:2001:1900:2254:206a::50:6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0F337998 for ; Wed, 27 May 2015 10:04:36 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org ([127.0.1.123]) by portscout.freebsd.org (8.14.9/8.14.9) with ESMTP id t4RA4ZXA051239 for ; Wed, 27 May 2015 10:04:35 GMT (envelope-from portscout@FreeBSD.org) Received: (from portscout@localhost) by portscout.freebsd.org (8.14.9/8.14.9/Submit) id t4RA4Zjl051236; Wed, 27 May 2015 10:04:35 GMT (envelope-from portscout@FreeBSD.org) Message-Id: <201505271004.t4RA4Zjl051236@portscout.freebsd.org> X-Authentication-Warning: portscout.freebsd.org: portscout set sender to portscout@FreeBSD.org using -f Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Date: Wed, 27 May 2015 10:04:35 +0000 From: portscout@FreeBSD.org To: ports@freebsd.org Subject: FreeBSD ports you maintain which are out of date X-Mailer: portscout/0.8.1 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 10:04:36 -0000 Dear port maintainer, The portscout new distfile checker has detected that one or more of your ports appears to be out of date. Please take the opportunity to check each of the ports listed below, and if possible and appropriate, submit/commit an update. If any ports have already been updated, you can safely ignore the entry. You will not be e-mailed again for any of the port/version combinations below. Full details can be found at the following URL: http://portscout.freebsd.org/ports@freebsd.org.html Port | Current version | New version ------------------------------------------------+-----------------+------------ devel/ucommon | 6.1.11 | 6.3.2 ------------------------------------------------+-----------------+------------ If any of the above results are invalid, please check the following page for details on how to improve portscout's detection and selection of distfiles on a per-port basis: http://portscout.freebsd.org/info/portscout-portconfig.txt Thanks. From owner-freebsd-ports@FreeBSD.ORG Wed May 27 11:23:20 2015 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4B867CB; Wed, 27 May 2015 11:23:20 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id 9C8FEF17; Wed, 27 May 2015 11:23:19 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from porto.starpoint.kiev.ua (porto-e.starpoint.kiev.ua [212.40.38.100]) by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id OAA18376; Wed, 27 May 2015 14:23:15 +0300 (EEST) (envelope-from avg@FreeBSD.org) Received: from localhost ([127.0.0.1]) by porto.starpoint.kiev.ua with esmtp (Exim 4.34 (FreeBSD)) id 1YxZQY-000L2o-UP; Wed, 27 May 2015 14:23:14 +0300 Message-ID: <5565A8E8.3070807@FreeBSD.org> Date: Wed, 27 May 2015 14:22:16 +0300 From: Andriy Gapon User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: "Timur I. Bakeyev" CC: ports , =?UTF-8?B?TWlja2HDq2wgTWFpbGxvdA==?= Subject: Re: pkg install kodi does not like samba References: <5564AF89.8040108@FreeBSD.org> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 11:23:20 -0000 On 26/05/2015 21:36, Timur I. Bakeyev wrote: > Well, it's all said in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=177786. > I've added samba36-nmblookup as a courtesy for the xmbc/kodi project while ago > so it's not depend on full samba package, but now it's going too far in the > request to drop nmblookup from samba36 itself.. > > The real solution(are we done with GSOC projects for this year already?) would > be ability to build multiple packages out of one port, since we already have > stagedir. So, only one extra step is required, similar the way it's done in Debian. Timur, thank you for the information! It probably makes sense to just drop samba-nmblookup unless someone provides a better fix. I think that the support for multiple packages from the same work could take a while to materialize. Meanwhile, does anybody know if there is any way to coerce pkg into accepting samba36 as a dependency instead of samba36-nmblookup? > On Tue, May 26, 2015 at 7:38 PM, Andriy Gapon > wrote: > > > Not sure if this is a problem with multimedia/kodi port or if it is with pkg or > both: > $ pkg install kodi > Updating FreeBSD repository catalogue... > FreeBSD repository is up-to-date. > Updating poudriere repository catalogue... > poudriere repository is up-to-date. > All repositories are up-to-date. > Checking integrity... done (1 conflicting) > Checking integrity... done (0 conflicting) > The following 13 package(s) will be affected (of 0 checked): > > Installed packages to be REMOVED: > samba36-3.6.25 > > New packages to be INSTALLED: > kodi: 14.2 [FreeBSD] > tinyxml: 2.6.2_1 [FreeBSD] > samba36-nmblookup: 3.6.25 [FreeBSD] > libnfs: 1.3.0_1 [FreeBSD] > libcec: 2.2.0 [FreeBSD] > libbluray: 0.7.0,1 [FreeBSD] > libbdplus: 0.1.2 [FreeBSD] > libaacs: 0.8.0 [FreeBSD] > libass: 0.12.1 [FreeBSD] > sdl2: 2.0.3_4 [FreeBSD] > shairplay: 0.9.0.20140422 [FreeBSD] > lzo2: 2.09 [FreeBSD] > > So, pkg wants to replace samba36 with samba36-nmblookup. > I think that those packages conflict because samba36 provides a superset of what > samba36-nmblookup provides. So, there should be no reason to not just use > samba36. > Finally, why do we need net/samba-nmblookup at all? Seems like kodi is its only > user and it is not a light-weight port already. > > -- > Andriy Gapon > > -- Andriy Gapon From owner-freebsd-ports@FreeBSD.ORG Wed May 27 11:31:35 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EE1C99FE for ; Wed, 27 May 2015 11:31:34 +0000 (UTC) (envelope-from agabas@astabis.com) Received: from mail-wi0-f176.google.com (mail-wi0-f176.google.com [209.85.212.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8CC8D174 for ; Wed, 27 May 2015 11:31:33 +0000 (UTC) (envelope-from agabas@astabis.com) Received: by wizo1 with SMTP id o1so18354398wiz.1 for ; Wed, 27 May 2015 04:31:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-type:content-transfer-encoding:importance:thread-index :content-language; bh=8XfzbchdtU222iD8kvCuSAXEidG0bEmw1byKAHoIR+Y=; b=dDr4DVpJ3zARzti0hken8Gc2xhHfLswnl9zIpKJbKevV7/3eqs9ktL3cwproC7w/qh EzWLThiSwFNnw7wvgNwtxIa3FgwY7S7wtnyTPw4rvZuswiAZiAyBpblpoUO2QOF6eatE v8B1jVPX723zQqMbtbPF7S+fQyUUpq55qkU5IPl2SV/b1vHLj/XxN/+eZloIrlfM9l6u e1jOyqvgum0D+kPXd17jf+uBUqFP1S00UjylNKD1pAkpoKYI2hChCHB9op4iGPSdpRrE g+YymM3fSIh+ncO4b+VU6SLlj3JDeYd+lkzX8+5oz9iZp5LjRIeBn9B4dxgSsOcp8FUP 4t5Q== X-Gm-Message-State: ALoCoQmP+FIyK6ynjhbjVNXyfv91M+zAQzmxFmjSJLhTXzfmnnTi55W/Hv4tNlu7ELv9zOSyX4cS X-Received: by 10.180.101.138 with SMTP id fg10mr5144448wib.46.1432726286038; Wed, 27 May 2015 04:31:26 -0700 (PDT) Received: from ashkenazi (164.Red-83-32-151.dynamicIP.rima-tde.net. [83.32.151.164]) by mx.google.com with ESMTPSA id a18sm26411958wja.46.2015.05.27.04.31.24 (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 27 May 2015 04:31:24 -0700 (PDT) From: =?UTF-8?Q?Albert_Gab=C3=A0s_|_Astabis?= To: "'Enrico Maria Crisostomo'" Cc: Subject: OK - RE: FreeBSD Port: logstash-1.4.2_1 Date: Wed, 27 May 2015 13:31:25 +0200 Message-ID: <004201d09870$aaf4bf70$00de3e50$@astabis.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Outlook 15.0 Importance: High Thread-Index: AdCYb/G9+t0igtCqTS26uGucIej5ow== Content-Language: es X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 11:31:35 -0000 Dear Enrico, Thank you very much for your quick reply and for your explanation. Kind regards -- Albert Gab=C3=A0s - Astabis Information Risk Management Barcelona: +34 931 980 181 | Madrid: +34 911 333 071 United Kingdom: +44 203 695 2195 | Israel: +97 248 847 344 > -----Mensaje original----- > De: Enrico Maria Crisostomo [mailto:enrico.m.crisostomo@gmail.com] > Enviado el: mi=C3=A9rcoles, 27 de mayo de 2015 2:37 > Para: Albert Gab=C3=A0s | Astabis > CC: ports@FreeBSD.org > Asunto: Re: FreeBSD Port: logstash-1.4.2_1 > Importancia: Alta >=20 > Hi Albert, >=20 > I=E2=80=99ve already given logstash 1.5.0 a shot but I realised = it=E2=80=99s still > affected by a bug that prevents it to function properly on FreeBSD = (see > this PR I authored: https://github.com/jnr/jnr-ffi/pull/26). >=20 > Unfortunately, a fixed version of JRuby didn=E2=80=99t make it into = logstash > 1.5.0 and the patch in the old port won=E2=80=99t work on the new one = (see > https://github.com/elastic/logstash/issues/3271). >=20 > As a consequence, my intention currently is waiting for the Logstash > developers to ship a version that includes an updated JRuby instead of > having to create and test a new patch. I believe it won=E2=80=99t = take long > because developers are at work and a patch has already been merged: > = https://github.com/elastic/logstash/commit/827fc6d41815adfb13bbe6032f43d > 44a0d315784 >=20 > Cheers, > -- > Enrico >=20 > > On 27 May 2015, at 01:21, Albert Gab=C3=A0s | Astabis = > wrote: > > > > Dear Enrico, > > > > Please, could you update the port to the latest version - 1.5.0?? > > > > Thank you!! > > -- > > Albert Gab=C3=A0s - Astabis > > Information Risk Management > > > > Barcelona: +34 931 980 181 | Madrid: +34 911 333 071 > > United Kingdom: +44 203 695 2195 | Israel: +97 248 847 344 From owner-freebsd-ports@FreeBSD.ORG Wed May 27 14:32:48 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7F1F689F for ; Wed, 27 May 2015 14:32:48 +0000 (UTC) (envelope-from papowell@astart.com) Received: from astart2.astart.com (wsip-72-214-30-30.sd.sd.cox.net [72.214.30.30]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 557957B9 for ; Wed, 27 May 2015 14:32:47 +0000 (UTC) (envelope-from papowell@astart.com) Received: from laptop_93.private (localhost [127.0.0.1]) by astart2.astart.com (8.14.9/8.14.9) with ESMTP id t4REICAD046709 for ; Wed, 27 May 2015 07:18:12 -0700 (PDT) (envelope-from papowell@astart.com) Message-ID: <5565D224.9060203@astart.com> Date: Wed, 27 May 2015 07:18:12 -0700 From: Patrick Powell Reply-To: papowell@astart.com Organization: Astart Technologies User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: Re: Apache 2.4 must become default NOW References: <0E822D68-96E1-4328-9D00-1ADBF5671699@lists.zabbadoz.net> <53B9CD64.3010707@gmx.de> <20140706231559.GB8523@ivaldir.etoilebsd.net> <53C32862.601@sorbs.net> In-Reply-To: <53C32862.601@sorbs.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 14:32:48 -0000 On 07/13/14 17:46, Michelle Sullivan wrote: > Baptiste Daroussin wrote: >> On Mon, Jul 07, 2014 at 12:27:48AM +0200, olli hauer wrote: >> >>> On 2014-07-05 19:09, Bjoern A. Zeeb wrote: >>> >>>> Hi, >>>> >>>> given ports@ ist listed as maintainer, you get the email. The Subject says it. The world has moved on; in March I had a hard time arguing, in July I just cannot anymore. We must switch to 2.4; whatever breaks needs fixing, but somehow other distributions have managed and we did not and keep screwing our users missing a lot of security features. >>>> >>>> Please fix! >>>> >>>> — >>>> Bjoern A. Zeeb "Come on. Learn, goddamn it.", WarGames, 1983 >>>> >>> Hi Bjoern, >>> >>> nothing against this change, except your complain comes a little bit late. >>> >>> The portstree was already tagged for 9.3 some days ago so this change would be a possible issue for all users using the 9.3 packages. >>> >>> Before the default version can be changed a full expr. run by portmgr@ is required and all possible issues should be fixed. >>> >>> Unluckily we have a rolling ports tree (not like RHEL and others where such a change happens during new major releases) so there should be also a time frame to warn users about such a change. >>> >>> I remember endless discussions about the removal of apache13 after it was already deprecated nearly one year after upstream deprecation ... >>> >> Just provide the patch for the change and warn the user about the change, now, >> just do not MFH it to the quarterly branch, so the user willing to keep apache22 >> for a while can live on the quarterly branch for the next 3 months :) >> >> I don't see the problem for the people using 9.3 packages, if they want >> stability they will stay on quarterly branch which still provides by default >> apache22 for 3 month. >> >> Hopefully when pkg 1.3 will land we will be able to add new feature to the ports >> tree aka build the apache module for all supported apache version leading to >> anyone using package being able to chose the apache version they what whatever >> the default is (but we are not there yet :)) >> > One would have hoped that mod_perl2 would have had this removed first: > > .if ${APACHE_VERSION} > 22 > BROKEN= Does not build with apache24 > .endif > > Just my small (557 packages) build set: > > ====>> Skipped ports: devel/bugzilla44 devel/p5-Log-Dispatch > www/p5-Apache-DBI www/p5-HTML-Mason www/p5-HTML-Mason-PSGIHandler > www/p5-MasonX-Profiler www/p5-RT-Authen-ExternalAuth www/p5-libapreq2 > www/rt40 > > > Michelle > I believe that this has been fixed for at least since Sept 2014. There is a 'test and debugging' version of mod_perl2 that appears to have the required mods/changes, but they have not been rolled into the upstream distribution. I wonder what happened to the mod_perl updating process... -- Patrick Powell Astart Technologies papowell@astart.com 1530 Jamacha Rd, Suite X Network and System San Diego, CA 92019 Consulting 858-874-6543 FAX 858-751-2435 Web: www.astart.com From owner-freebsd-ports@FreeBSD.ORG Wed May 27 17:40:35 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 16914B0C; Wed, 27 May 2015 17:40:35 +0000 (UTC) (envelope-from marquis@roble.com) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 055D7B41; Wed, 27 May 2015 17:40:34 +0000 (UTC) (envelope-from marquis@roble.com) Date: Wed, 27 May 2015 10:40:28 -0700 (PDT) From: Roger Marquis To: Mark Felder cc: freebsd-ports@freebsd.org Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) In-Reply-To: <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> User-Agent: Alpine 2.11 (BSF 23 2013-08-11) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 17:40:35 -0000 >> If you find a vulnerability such as a new CVE or mailing list >> announcement please send it to the port maintainer and >> as quickly as possible. They are whoefully >> understaffed and need our help. Mark Felder wrote: > Who is "ports-secteam"? It was Xin Li who alerted me to the ports-secteam@freebsd.org address i.e., as being distinct from the "FreeBSD Security Team" (secteam@freebsd.org) address noted on . > There has been no Call For Help that I've ever seen. If people are needed > to process these CVEs so they are entered into VUXML, sign me up to > ports-secteam please. I believe that is part of the problem, or the multiple problems, that lead me to believe that FreeBSD is operating without the active involvement of a security officer. Specifically: * port vulnerability alerts sent to secteam@, as indicated on the /security/ page, are neither forwarded to ports-secteam@ for review nor returned to the sender with a note regarding the correct destination address, * the freebsd.org/security web page is not correct and not being updated, * aside from Xin nobody from either ports-secteam@ or secteam@ much less security-officer@ seems to be reading or participating in the security@ mailing list, * nobody @freebsd.org appears to be following CVE announcements and the maintainers of several high profile ports are also not following it or even their application's -announce list, * there appears to be no automated process to alert vuln.xml maintainers (ports-secteam@) of potential new port vulnerabilities, * offers of help to secteam@ and ports-secteam@ are neither replied to nor acted upon (except for Xin Li's request, thanks Xin!), * perhaps as a result the vuln.xml database is no longer reliable, and by extension, * operators of FreeBSD servers (unlike Debian, Ubuntu, RedHat, Suse and OpenBSD server operators) have no assurance that their systems are secure. This is a MAJOR CHANGE from just a couple of years ago which calls for an equally major heads-up to be sent to those running FreeBSD servers and looking to the freebsd.org website for help securing their systems. The signifiance of these 7 bullets should not be overlooked or understated. They call in to question the viability of FreeBSD itself. IMO, Roger Marquis From owner-freebsd-ports@FreeBSD.ORG Wed May 27 19:34:12 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C894AA32 for ; Wed, 27 May 2015 19:34:12 +0000 (UTC) (envelope-from kitche@kitchetech.com) Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 87BA4E4C for ; Wed, 27 May 2015 19:34:12 +0000 (UTC) (envelope-from kitche@kitchetech.com) Received: by obbnx5 with SMTP id nx5so15816810obb.0 for ; Wed, 27 May 2015 12:34:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=+g5c1waxwkn/0Tg9+DpLaLg+6ZZzfCf4RE/Ox4jHRM0=; b=Rd7XLHU3laRZf8QyJToNhi5iGDOVEKx7MGCcKhUsrNIHPjRRi49EGOHehr5GyMugdd uQ4XxsKhqAjvoXrnYhal9DHlDMYrpGB80YaVf2+zSSsUTHqVaf8xYRqL/sG9VPF8zg3W 6oFzCfCPDN3ctCpi1pvYdw0xqQXm6D0yQqnI4PY8A7cft7POPgiDe14nNnrr/jUzp/BU VMQ17P5GceTu/RQXxHQfpcZoiqD1m3wgWAGFCFkwKeARh5PQqvdtYNjJBG0aMENgg2d/ mIGIdRD6qHVO83dNEFkiAFrKzJGwXLSI/WxEA9kmL6XeJ/jK1MNp1lKuSlHu4ptUCkcp 0WVw== X-Gm-Message-State: ALoCoQmNUVCn2KpKiH1Mn8/QxkjTKZVP2bBvXS1TMRGphbXIok5ONLv2wmvyRm3ADwSJsAr3LBJm MIME-Version: 1.0 X-Received: by 10.202.215.5 with SMTP id o5mr26175350oig.4.1432755245819; Wed, 27 May 2015 12:34:05 -0700 (PDT) Received: by 10.76.56.9 with HTTP; Wed, 27 May 2015 12:34:05 -0700 (PDT) Received: by 10.76.56.9 with HTTP; Wed, 27 May 2015 12:34:05 -0700 (PDT) In-Reply-To: <20150527174038.9B78EB77@hub.freebsd.org> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174038.9B78EB77@hub.freebsd.org> Date: Wed, 27 May 2015 14:34:05 -0500 Message-ID: Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) From: Matthew Donovan To: Roger Marquis Cc: freebsd-ports , Mark Felder Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 19:34:12 -0000 I found the ports security reporting without issues http://www.freebsd.org/security/reporting.html. Appears someone should read reporting page Instead of saying information is not correct. On May 27, 2015 12:40 PM, "Roger Marquis" wrote: > If you find a vulnerability such as a new CVE or mailing list >>> announcement please send it to the port maintainer and >>> as quickly as possible. They are whoefully >>> understaffed and need our help. >>> >> Mark Felder wrote: > >> Who is "ports-secteam"? >> > > It was Xin Li who alerted me to the ports-secteam@freebsd.org address > i.e., as being distinct from the "FreeBSD Security Team" > (secteam@freebsd.org) address noted on > . > > There has been no Call For Help that I've ever seen. If people are needed >> to process these CVEs so they are entered into VUXML, sign me up to >> ports-secteam please. >> > > I believe that is part of the problem, or the multiple problems, that > lead me to believe that FreeBSD is operating without the active > involvement of a security officer. Specifically: > > * port vulnerability alerts sent to secteam@, as indicated on the > /security/ page, are neither forwarded to ports-secteam@ for review nor > returned to the sender with a note regarding the correct destination > address, > > * the freebsd.org/security web page is not correct and not being > updated, > > * aside from Xin nobody from either ports-secteam@ or secteam@ much > less security-officer@ seems to be reading or participating in the > security@ mailing list, > > * nobody @freebsd.org appears to be following CVE announcements and the > maintainers of several high profile ports are also not following it or > even their application's -announce list, > > * there appears to be no automated process to alert vuln.xml maintainers > (ports-secteam@) of potential new port vulnerabilities, > > * offers of help to secteam@ and ports-secteam@ are neither replied to > nor acted upon (except for Xin Li's request, thanks Xin!), > > * perhaps as a result the vuln.xml database is no longer reliable, and > by extension, > > * operators of FreeBSD servers (unlike Debian, Ubuntu, RedHat, Suse and > OpenBSD server operators) have no assurance that their systems are secure. > > This is a MAJOR CHANGE from just a couple of years ago which calls for an > equally major heads-up to be sent to those running FreeBSD servers and > looking to the freebsd.org website for help securing their systems. > > The signifiance of these 7 bullets should not be overlooked or > understated. They call in to question the viability of FreeBSD itself. > > IMO, > Roger Marquis > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" > From owner-freebsd-ports@FreeBSD.ORG Wed May 27 19:58:17 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D3191B9 for ; Wed, 27 May 2015 19:58:17 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A6C53343 for ; Wed, 27 May 2015 19:58:17 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id A24EC2041A for ; Wed, 27 May 2015 15:58:10 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute4.internal (MEProxy); Wed, 27 May 2015 15:58:10 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=aex+/oOBU8JgCSi Y6WVFercymQ8=; b=NOpki8Fi7TxFwT+5RU0c/k0XcdjEuyNzcLF0YdF1SOkaW23 /h1f0/hTagdbYzJpEGbNWBlpCj2cktFl3m6U3kBW4XRhE7liiI0fCPRAJB3XBcp3 9dHewf86diks+OE0a2l/m2S7D9OmAw2F6WZFegGA4idgRyorogKsGZlkY2UI= Received: by web3.nyi.internal (Postfix, from userid 99) id 7EC6910C782; Wed, 27 May 2015 15:58:10 -0400 (EDT) Message-Id: <1432756690.2290224.279775121.3E052535@webmail.messagingengine.com> X-Sasl-Enc: u8qC4ow8xSS9zyo4uj5FzkxnXelqjp6Zqqq46+/oj9IW 1432756690 From: Mark Felder To: Roger Marquis Cc: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-073992ec Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) Date: Wed, 27 May 2015 14:58:10 -0500 In-Reply-To: References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 19:58:18 -0000 On Wed, May 27, 2015, at 12:40, Roger Marquis wrote: > > * perhaps as a result the vuln.xml database is no longer reliable, and > by extension, > > * operators of FreeBSD servers (unlike Debian, Ubuntu, RedHat, Suse and > OpenBSD server operators) have no assurance that their systems are > secure. > Slow down here for a second. Where's the command-line tool on RedHat or Debian that lists only the known vulnerable packages? I don't believe either one provides such a thing equivalent to pkgaudit out of the box. On Yum based distros you have to "yum install yum-security" and then you can run "yum updateinfo list sec" or "yum list-sec". Considering the number of failed attempts at backporting patches that I've seen I wouldn't consider this my only safety blanket. So in that case there's a tool that may solve your specific concern in a trivial way, and that's great. But that's not the end of the story. That command won't list vulnerabilities until they have a patch released. Let's look at CVE-2015-0209 https://access.redhat.com/security/cve/CVE-2015-0209 Release date was March 23rd. Here's the commit: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a Authored on February 9th, then embargoed it would seem. It was publicly committed to git on February 25th. Redhat has a bug on this, opened February 26th: https://bugzilla.redhat.com/show_bug.cgi?id=1196737 But still, it wasn't addressed until March 23rd! That's quite a while to have vulnerable systems that aren't patched and not showing results in "yum updateinfo list sec". At least we have the capability to update vuxml and notify people before a patch is ready or the packages are built and distributed to the package mirrors so they can take any required remediation steps they require. Even so, this is just a tool to help admins. It's the admin's responsibility to know what is on their systems and to sign up to relevant security announcement mailing lists. Sure, you don't want to do that for everything installed on your OS, but at least any externally facing services you are concerned about. And let's not forget all of the missed CVEs that get late assignments and then finally trickle down to RH/Debian due to the fact that they don't have a rolling-release packaging strategy. Search for posts by Kurt Seifried on ossec mailing list if you're curious. Additionally, utilizing CPE data as a source of known vulnerabilities is not a perfect solution either because I've seen CVEs take weeks to hit the database. The grass is always greener... or is it? Let's just concentrate on how to improve things here and not worry about how they're handling security issues because they have their own unique problems to solve. From owner-freebsd-ports@FreeBSD.ORG Wed May 27 20:47:27 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4C2A8A29 for ; Wed, 27 May 2015 20:47:27 +0000 (UTC) (envelope-from ohauer@gmx.de) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B620CD6 for ; Wed, 27 May 2015 20:47:26 +0000 (UTC) (envelope-from ohauer@gmx.de) Received: from [192.168.0.100] ([87.139.233.65]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0LvENG-1Z68Vs3nDG-010O5S; Wed, 27 May 2015 22:47:23 +0200 Message-ID: <55662D5A.3030403@gmx.de> Date: Wed, 27 May 2015 22:47:22 +0200 From: olli hauer User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: Re: Apache 2.4 must become default NOW References: <0E822D68-96E1-4328-9D00-1ADBF5671699@lists.zabbadoz.net> <53B9CD64.3010707@gmx.de> <20140706231559.GB8523@ivaldir.etoilebsd.net> <53C32862.601@sorbs.net> <5565D224.9060203@astart.com> In-Reply-To: <5565D224.9060203@astart.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Provags-ID: V03:K0:yRb+X17tXDFZzV3mFUJUiuHu5ERGLL5hsdAQ2WNqd5SwGr+Q8Ih gMmsCnzck568rbcVMul0g1uHB/ec3PqPUu/Lz37+ESvELkr38I19owZsDHBXgyc25NOYASx I8AG/Uv7r2hpfEcfQvL3Ze4v3IYWnI/Pol3ZXtNFim8tsz1ugphVNf5grveqGEYht4vgESy FDOdSvAN6ADss6QVKvX/w== X-UI-Out-Filterresults: notjunk:1;V01:K0:TrRvaHBAqwA=:YiHzDlhRorZOpbxvSgU+UZ cBy1Ql9EAhM1w9Mt0DeLXNhE0kQeLkSFXeJMWd2lGxlOcWw6ePkH6VyEn0sbak4yVYtYRgtNM iLt/ZAvkgXBzPtiBTYLhwU3YDi0epUKVoXxGPN/HgdNUXUGfsM3PqiSH13wr6rAwxnGlhx4Tp 0c8nZ9qIFXPT8Diexld5IE6gbdF2zX1t1W0SoHjTb3aMMxLfMwAfu1JuHOj+BQYE1e2MuTMYa aMGps+szEYrqDVsk5M2QHLQ0ERrPIJSdfNXRqGgQDkpv3Qqdw9E/nEjkQ97LgD2nVOnRK2uUY ANLY2w4V6gP5u8WmdOfLiRQj5Lg2pMoXPiPSFb/w8qE592H4un1XzVT4RPmItDdZh+LJQlo11 pi9dMkDecljbyNfKc3dUsw8ZeltjZ609ukF+pnqhWeVHsAthlKCPD1AOc8XQ4XEeGTQAPBngX PetpDtVf301kfXMcsSzfxPC5N3Mcsv3uT5xym5qzqZrJQkX4ARFtPUNQahxbawpi1I9mETmrW zqYx57eXacWxpfI9sEkMq/XP/vnSuQns5vw6qV9QlLDOQWAEyrA+Vp51yzwsXhQ1HGacJudYy Hs2aZ12V/L+TFU+8p9DXQSU18hNsRRPmPEzDCIGPJWLV3OfT+cl7a90CJArPtCR+Oezm+0uHz A6YGppfgwU6DWiEEhgoq+MWtgP/77iQGLlWDCdMcNN8KJnsz2ryIjkijBHD3CzqUd9J8= X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 20:47:27 -0000 On 2015-05-27 16:18, Patrick Powell wrote: > On 07/13/14 17:46, Michelle Sullivan wrote: >> Baptiste Daroussin wrote: >>> On Mon, Jul 07, 2014 at 12:27:48AM +0200, olli hauer wrote: >>> >>>> On 2014-07-05 19:09, Bjoern A. Zeeb wrote: >>>> <...snip..> >> One would have hoped that mod_perl2 would have had this removed first: >> >> .if ${APACHE_VERSION} > 22 >> BROKEN= Does not build with apache24 >> .endif >> >> Just my small (557 packages) build set: >> >> ====>> Skipped ports: devel/bugzilla44 devel/p5-Log-Dispatch >> www/p5-Apache-DBI www/p5-HTML-Mason www/p5-HTML-Mason-PSGIHandler >> www/p5-MasonX-Profiler www/p5-RT-Authen-ExternalAuth www/p5-libapreq2 >> www/rt40 >> >> >> Michelle >> > I believe that this has been fixed for at least since Sept 2014. There is a 'test and debugging' version of mod_perl2 that appears to have the required mods/changes, but they have not been rolled into the upstream distribution. > > I wonder what happened to the mod_perl updating process... > At the moment the mod_perl2 port does the following. - If apache22 is detected use the original 2.0.8 source to build mod_perl. - if apache24 is detected a patch (50.000+ lines) will be applied to match upstream trunk r1638352. Between r1638352 and the current rc1 changes for modperl_interp resulting in a non working apache24 with MPM event, a report for this can be read on the mod_perl-dev list. -- olli From owner-freebsd-ports@FreeBSD.ORG Wed May 27 21:35:42 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 77B08530; Wed, 27 May 2015 21:35:42 +0000 (UTC) (envelope-from marquis@roble.com) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 635B6E7B; Wed, 27 May 2015 21:35:42 +0000 (UTC) (envelope-from marquis@roble.com) Received: from secure.postconf.com (mx5.roble.com [206.40.34.5]) by mx5.roble.com (Postfix) with ESMTP id 6A9FF67D41; Wed, 27 May 2015 14:35:41 -0700 (PDT) In-Reply-To: <1432756690.2290224.279775121.3E052535@webmail.messagingengine.com> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <1432756690.2290224.279775121.3E052535@webmail.messagingengine.com> Date: Wed, 27 May 2015 14:35:41 -0700 Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) From: "Roger Marquis" To: "Mark Felder" Cc: freebsd-ports@freebsd.org, freebsd-security@freebsd.org Reply-To: marquis@roble.com MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 21:35:42 -0000 >> * operators of FreeBSD servers (unlike Debian, Ubuntu, RedHat, Suse and >> OpenBSD server operators) have no assurance that their systems are >> secure. > > Slow down here for a second. Where's the command-line tool on RedHat or > Debian that lists only the known vulnerable packages? In RedHat you can create a security repo list ( grep "-security" /etc/apt/sources.list), install the security plugin (yum install yum-plugin-security) and 'yum check-update --security' for the same functionality as 'pkg audit -F'. Debian is even more obscure (apt-get upgrade -o Dir::Etc::SourceList=/etc/apt/security.sources.list --just-print). FreeBSD 'pkg audit' is much cleaner but what difference does that make, really, when you have a vulnerable package that isn't in the database? > But that's not the end of the story. That > command won't list vulnerabilities until they have a patch released. > Let's look at CVE-2015-0209 > https://access.redhat.com/security/cve/CVE-2015-0209 > Release date was March 23rd. No question there's variability in bugfix timeliness, especially for DOS-type bugs like CVE-2015-0209. FreeBSD ports maintainers are also able to commit patches and version updates much more quickly than their binary-only competitors, as noted with the php55/Makefile tweak. In the past that's what made FreeBSD a more secure OS to host applications on. But that's not the main issue this thread has been about. The issue that really matters from a security perspective is the completeness of the vulnerability database, vuln.xml in our case. > The grass is always greener... or is it? > > Let's just concentrate on how to improve things here and not worry about > how they're handling security issues because they have their own unique > problems to solve. I must say I am disappointed in the response to this serious and significant issue. My Redhat using co-workers, OTOH, are no doubt eating it up. Problem is I'm not the only one who has to defend their business unit's use of FreeBSD in a corporation that has otherwise nearly standardized on Redhat (and RH security, bash notwithstanding). Roger From owner-freebsd-ports@FreeBSD.ORG Wed May 27 22:03:39 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0B18AAB7; Wed, 27 May 2015 22:03:39 +0000 (UTC) (envelope-from marquis@roble.com) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id EAECF807; Wed, 27 May 2015 22:03:38 +0000 (UTC) (envelope-from marquis@roble.com) Received: from secure.postconf.com (mx5.roble.com [206.40.34.5]) by mx5.roble.com (Postfix) with ESMTP id DA39067D41; Wed, 27 May 2015 15:03:37 -0700 (PDT) In-Reply-To: References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> Date: Wed, 27 May 2015 15:03:38 -0700 Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) From: "Roger Marquis" To: "Roger Marquis" Cc: "Mark Felder" , freebsd-ports@freebsd.org, freebsd-security@freebsd.org Reply-To: marquis@roble.com MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2015 22:03:39 -0000 > Mark Felder wrote: >> Who is "ports-secteam"? > > It was Xin Li who alerted me to the ports-secteam@freebsd.org address > i.e., as being distinct from the "FreeBSD Security Team" > (secteam@freebsd.org) address noted on > . Also have to thank Remko Lodder for pointing out the ports-secteam@ address. Should also note that while the ports-secteam@ is not mentioned in or various other places where it probably should be (like the Types of Problem Reports page ) it is noted in the Port Specific FAQ and on the port mainters' page . Roger > >> There has been no Call For Help that I've ever seen. If people are needed >> to process these CVEs so they are entered into VUXML, sign me up to >> ports-secteam please. > > I believe that is part of the problem, or the multiple problems, that > lead me to believe that FreeBSD is operating without the active > involvement of a security officer. Specifically: > > * port vulnerability alerts sent to secteam@, as indicated on the > /security/ page, are neither forwarded to ports-secteam@ for review nor > returned to the sender with a note regarding the correct destination > address, > > * the freebsd.org/security web page is not correct and not being > updated, > > * aside from Xin nobody from either ports-secteam@ or secteam@ much > less security-officer@ seems to be reading or participating in the > security@ mailing list, > > * nobody @freebsd.org appears to be following CVE announcements and the > maintainers of several high profile ports are also not following it or > even their application's -announce list, > > * there appears to be no automated process to alert vuln.xml maintainers > (ports-secteam@) of potential new port vulnerabilities, > > * offers of help to secteam@ and ports-secteam@ are neither replied to > nor acted upon (except for Xin Li's request, thanks Xin!), > > * perhaps as a result the vuln.xml database is no longer reliable, and > by extension, > > * operators of FreeBSD servers (unlike Debian, Ubuntu, RedHat, Suse and > OpenBSD server operators) have no assurance that their systems are secure. > > This is a MAJOR CHANGE from just a couple of years ago which calls for an > equally major heads-up to be sent to those running FreeBSD servers and > looking to the freebsd.org website for help securing their systems. > > The signifiance of these 7 bullets should not be overlooked or > understated. They call in to question the viability of FreeBSD itself. > > IMO, > Roger Marquis > From owner-freebsd-ports@FreeBSD.ORG Thu May 28 05:58:35 2015 Return-Path: Delivered-To: ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9ECF1709 for ; Thu, 28 May 2015 05:58:35 +0000 (UTC) (envelope-from Rajeev.Kalyan@freescale.com) Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0135.outbound.protection.outlook.com [65.55.169.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "MSIT Machine Auth CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 328B92EB for ; Thu, 28 May 2015 05:58:34 +0000 (UTC) (envelope-from Rajeev.Kalyan@freescale.com) Received: from BY1PR0301MB1254.namprd03.prod.outlook.com (10.161.203.26) by BY1PR0301MB1256.namprd03.prod.outlook.com (10.161.203.28) with Microsoft SMTP Server (TLS) id 15.1.172.22; Thu, 28 May 2015 05:25:33 +0000 Received: from BY1PR0301MB1254.namprd03.prod.outlook.com ([10.161.203.26]) by BY1PR0301MB1254.namprd03.prod.outlook.com ([10.161.203.26]) with mapi id 15.01.0172.012; Thu, 28 May 2015 05:25:32 +0000 From: Kalyan I.Rajeevkalyan To: "ports@FreeBSD.org" Subject: Need help to install Dibbler package for FreeBSD Thread-Topic: Need help to install Dibbler package for FreeBSD Thread-Index: AdCZBrYNGSWKdbkzRhaajYZANRAZyw== Date: Thu, 28 May 2015 05:25:32 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Rajeev.Kalyan@freescale.com; x-originating-ip: [192.88.169.1] x-microsoft-exchange-diagnostics: 1; BY1PR0301MB1256; 3:2jID4flAQG4Y21mlnTTkEuiUDW/7Fu88I+syP4gqeAwQfZijF3MBEFP0ODww8QgWBoVRJ7jxaDzDAmpHpe45Y2E1N6iAkkcmT4A6zI4iKlYEXmLHLkyTJKFqjzqq3lXC8phVTSErSu/W84P4U3Xgqw==; 10:k4ZgqkfVF+yJjQels8/2jhaM/Gft6agqdh1pBRhiy39UEC7FRMporXwa0fWwuV3mysbG6ibS+zqLrJVDu7k/VgCm5moLj7Vtu6VaHCbvYFg=; 6:ghej/LFr6mFLzMbkRQwvGu7cA+TH20X9EQuLJHXsyjYXG5eVBtuTltxAvojBQxxw x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY1PR0301MB1256; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(520003)(5005006)(3002001); SRVR:BY1PR0301MB1256; BCL:0; PCL:0; RULEID:; SRVR:BY1PR0301MB1256; x-forefront-prvs: 0590BBCCBC x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(164054003)(189002)(199003)(5001830100001)(81156007)(92566002)(110136002)(19300405004)(2501003)(106356001)(5001860100001)(77156002)(40100003)(229853001)(450100001)(46102003)(122556002)(62966003)(2351001)(189998001)(107886002)(19609705001)(5002640100001)(76576001)(5001960100002)(77096005)(16236675004)(2656002)(87936001)(19625215002)(101416001)(50986999)(86362001)(19580395003)(33656002)(99286002)(558084003)(105586002)(54356999)(102836002)(66066001)(97736004)(15975445007)(74316001)(4001540100001)(2900100001)(64706001)(68736005)(18717965001); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR0301MB1256; H:BY1PR0301MB1254.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: freescale.com does not designate permitted sender hosts) MIME-Version: 1.0 X-OriginatorOrg: freescale.com X-MS-Exchange-CrossTenant-originalarrivaltime: 28 May 2015 05:25:32.3567 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 710a03f5-10f6-4d38-9ff4-a80b81da590d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR0301MB1256 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 05:58:35 -0000 Hi , I would like to test DHCPV6 using Dibbler (Client/Server/Relay ) tools. Co= uld anyone suggest regarding these package list for 9.1-PP2 RELEASE. Thanks, rajeev kalyan From owner-freebsd-ports@FreeBSD.ORG Thu May 28 09:19:52 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AF1002CA for ; Thu, 28 May 2015 09:19:52 +0000 (UTC) (envelope-from pvoigt@uos.de) Received: from smtp-auth.serv.Uni-Osnabrueck.DE (vm135.rz.uni-osnabrueck.de [131.173.16.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3AA6FA9E for ; Thu, 28 May 2015 09:19:50 +0000 (UTC) (envelope-from pvoigt@uos.de) Received: from spock.drpetervoigt.private (p549B5646.dip0.t-ipconnect.de [84.155.86.70]) (authenticated bits=0) by smtp-auth.serv.Uni-Osnabrueck.DE (8.13.8/8.13.8) with ESMTP id t4S8uVfN025227 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 28 May 2015 10:56:32 +0200 Received: from kirk.drpetervoigt.private (kirk.drpetervoigt.private [192.168.1.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: pvoigt) by spock.drpetervoigt.private (Postfix) with ESMTPSA id 00C014A0334B for ; Thu, 28 May 2015 10:56:30 +0200 (CEST) Date: Thu, 28 May 2015 10:56:01 +0200 From: "Dr. Peter Voigt" To: freebsd-ports@freebsd.org Subject: Error message when refreshing keys Message-ID: <20150528105601.474ec8fe@kirk.drpetervoigt.private> Organization: =?UTF-8?B?VW5pdmVyc2l0w6R0IE9zbmFicsO8Y2s=?= X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.23; x86_64-suse-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.5.28.84815 (Univ. Osnabrueck) X-PMX-Spam: Gauge=IIIIIIII, Probability=8%, Report= HTML_00_01 0.05, HTML_00_10 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1000_LESS 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_500_599 0, BODY_SIZE_7000_LESS 0, FROM_NAME_PHRASE 0, NO_URI_FOUND 0, RDNS_POOLED 0, RDNS_SUSP 0, RDNS_SUSP_SPECIFIC 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __RDNS_POOLED_10 0, __SANE_MSGID 0, __SUBJ_ALPHA_END 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0 X-PMX-Spam-Level: IIIIIIII X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 09:19:52 -0000 I am on 10.1-RELEASE (amd64) and have installed latest gpg 2.0.27 from ports. When issuing # gpg --refresh-keys operation seems to work but I am getting following error messages at the end: ... gpg: keyserver communications error: Not found gpg: keyserver communications error: Bad public key gpg: keyserver refresh failed: Bad public key On an openSUSE machine I have installed gpg 2.0.22 and I have no such error message. Is this a know error? What does it mean? Is it FreeBSD specific? Any hints are appreciated. Peter From owner-freebsd-ports@FreeBSD.ORG Thu May 28 10:49:41 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 62E6545D for ; Thu, 28 May 2015 10:49:41 +0000 (UTC) (envelope-from carmel_ny@outlook.com) Received: from BLU004-OMC3S15.hotmail.com (blu004-omc3s15.hotmail.com [65.55.116.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "*.hotmail.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 200DE2B2 for ; Thu, 28 May 2015 10:49:40 +0000 (UTC) (envelope-from carmel_ny@outlook.com) Received: from BLU437-SMTP16 ([65.55.116.73]) by BLU004-OMC3S15.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.22751); Thu, 28 May 2015 03:48:33 -0700 X-TMN: [OX6nDcu5DqObuinpJf5DB63ja6kboZBd] X-Originating-Email: [carmel_ny@outlook.com] Message-ID: Date: Thu, 28 May 2015 06:48:31 -0400 From: Carmel NY To: FreeBSD Ports Subject: Re: Error message when refreshing keys In-Reply-To: <20150528105601.474ec8fe@kirk.drpetervoigt.private> References: <20150528105601.474ec8fe@kirk.drpetervoigt.private> Organization: seibercom NET X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.27; amd64-portbld-freebsd10.1) MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-OriginalArrivalTime: 28 May 2015 10:48:33.0108 (UTC) FILETIME=[D777D140:01D09933] X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 10:49:41 -0000 On Thu, 28 May 2015 10:56:01 +0200, Dr. Peter Voigt stated: >I am on 10.1-RELEASE (amd64) and have installed latest gpg 2.0.27 >from ports. When issuing > ># gpg --refresh-keys > >operation seems to work but I am getting following error messages at >the end: > >... >gpg: keyserver communications error: Not found >gpg: keyserver communications error: Bad public key >gpg: keyserver refresh failed: Bad public key > >On an openSUSE machine I have installed gpg 2.0.22 and I have no such >error message. > >Is this a know error? What does it mean? Is it FreeBSD specific? > >Any hints are appreciated. I am continually receiving this error message: gpg: refreshing 339 keys from hkp://keys.gnupg.net gpg: keyserver refresh failed: Invalid IPC response I finally just gave up. -- Carmel From owner-freebsd-ports@FreeBSD.ORG Thu May 28 11:20:32 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D7EE49A0 for ; Thu, 28 May 2015 11:20:32 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org (portscout.freebsd.org [IPv6:2001:1900:2254:206a::50:6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C6914CCE for ; Thu, 28 May 2015 11:20:32 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org ([127.0.1.123]) by portscout.freebsd.org (8.14.9/8.14.9) with ESMTP id t4SBKWX7037301 for ; Thu, 28 May 2015 11:20:32 GMT (envelope-from portscout@FreeBSD.org) Received: (from portscout@localhost) by portscout.freebsd.org (8.14.9/8.14.9/Submit) id t4SBKWjh037300; Thu, 28 May 2015 11:20:32 GMT (envelope-from portscout@FreeBSD.org) Message-Id: <201505281120.t4SBKWjh037300@portscout.freebsd.org> X-Authentication-Warning: portscout.freebsd.org: portscout set sender to portscout@FreeBSD.org using -f Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Date: Thu, 28 May 2015 11:20:32 +0000 From: portscout@FreeBSD.org To: ports@freebsd.org Subject: FreeBSD ports you maintain which are out of date X-Mailer: portscout/0.8.1 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 11:20:32 -0000 Dear port maintainer, The portscout new distfile checker has detected that one or more of your ports appears to be out of date. Please take the opportunity to check each of the ports listed below, and if possible and appropriate, submit/commit an update. If any ports have already been updated, you can safely ignore the entry. You will not be e-mailed again for any of the port/version combinations below. Full details can be found at the following URL: http://portscout.freebsd.org/ports@freebsd.org.html Port | Current version | New version ------------------------------------------------+-----------------+------------ science/clhep | 2.2.0.5 | 2.2.0.6 ------------------------------------------------+-----------------+------------ If any of the above results are invalid, please check the following page for details on how to improve portscout's detection and selection of distfiles on a per-port basis: http://portscout.freebsd.org/info/portscout-portconfig.txt Thanks. From owner-freebsd-ports@FreeBSD.ORG Thu May 28 12:25:29 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 53CC6D53 for ; Thu, 28 May 2015 12:25:29 +0000 (UTC) (envelope-from pvoigt@uos.de) Received: from smtp-auth.serv.Uni-Osnabrueck.DE (vm135.rz.uni-osnabrueck.de [131.173.16.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CF03DF6D for ; Thu, 28 May 2015 12:25:27 +0000 (UTC) (envelope-from pvoigt@uos.de) Received: from spock.drpetervoigt.private (p549B5646.dip0.t-ipconnect.de [84.155.86.70]) (authenticated bits=0) by smtp-auth.serv.Uni-Osnabrueck.DE (8.13.8/8.13.8) with ESMTP id t4SCPMpV001204 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 28 May 2015 14:25:23 +0200 Received: from kirk.drpetervoigt.private (kirk.drpetervoigt.private [192.168.1.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: pvoigt) by spock.drpetervoigt.private (Postfix) with ESMTPSA id 5490E4A033A6; Thu, 28 May 2015 14:25:22 +0200 (CEST) Date: Thu, 28 May 2015 14:25:10 +0200 From: "Dr. Peter Voigt" To: freebsd-ports@freebsd.org Cc: Kurt Jaeger Subject: Re: Error message when refreshing keys Message-ID: <20150528142510.2c06014e@kirk.drpetervoigt.private> In-Reply-To: <20150528112542.GM2495@home.opsec.eu> References: <20150528105601.474ec8fe@kirk.drpetervoigt.private> <20150528112542.GM2495@home.opsec.eu> Organization: =?UTF-8?B?VW5pdmVyc2l0w6R0IE9zbmFicsO8Y2s=?= X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.23; x86_64-suse-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.5.28.121517 (Univ. Osnabrueck) X-PMX-Spam: Gauge=IIIIIIII, Probability=8%, Report= EU_TLD 0.1, HTML_00_01 0.05, HTML_00_10 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1100_1199 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, FROM_NAME_PHRASE 0, RDNS_POOLED 0, RDNS_SUSP 0, RDNS_SUSP_SPECIFIC 0, REFERENCES 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __RDNS_POOLED_10 0, __REFERENCES 0, __SANE_MSGID 0, __SUBJ_ALPHA_END 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0, __URI_NO_PATH 0, __URI_NO_WWW 0 X-PMX-Spam-Level: IIIIIIII X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 12:25:29 -0000 On Thu, 28 May 2015 13:25:42 +0200 Kurt Jaeger wrote: > Hi! > > > I am on 10.1-RELEASE (amd64) and have installed latest gpg 2.0.27 > > from ports. When issuing > > > > # gpg --refresh-keys > > > > operation seems to work but I am getting following error messages at > > the end: > > I have > > f10$ pkg which /usr/local/bin/gpg > /usr/local/bin/gpg was installed by package gnupg1-1.4.19 > f10$ pkg which /usr/local/bin/gpg2 > /usr/local/bin/gpg2 was installed by package gnupg-2.1.4_1 > > So are you sure that it's gpg2 that you are using ? > > > Is this a know error? What does it mean? Is it FreeBSD specific? > > I have gpg2 as 2.1.4 on 10.1p9 and it's working. So please > provide more context. > Kurt, my post has been a bit imprecise because latest security/gnupg is 2.1.4 but I am still on security/gnupg20: % pkg which /usr/local/bin/gpg /usr/local/bin/gpg was not found in the database % pkg which /usr/local/bin/gpg2 /usr/local/bin/gpg2 was installed by package gnupg20-2.0.27 I am on 10.1-RELEASE-p10 (amd64). Peter From owner-freebsd-ports@FreeBSD.ORG Thu May 28 12:54:58 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B21BC6A3 for ; Thu, 28 May 2015 12:54:58 +0000 (UTC) (envelope-from pvoigt@uos.de) Received: from mail-in-3.serv.Uni-Osnabrueck.DE (vm299.rz.uni-osnabrueck.de [131.173.16.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 33EF19C0 for ; Thu, 28 May 2015 12:54:57 +0000 (UTC) (envelope-from pvoigt@uos.de) Received: from smtp-auth.serv.Uni-Osnabrueck.DE (vm136.rz.uni-osnabrueck.de [131.173.16.11]) by mail-in-3.serv.Uni-Osnabrueck.DE (8.14.4/8.14.4) with ESMTP id t4SCUALf009927 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 28 May 2015 14:30:10 +0200 Received: from spock.drpetervoigt.private (p549B5646.dip0.t-ipconnect.de [84.155.86.70]) (authenticated bits=0) by smtp-auth.serv.Uni-Osnabrueck.DE (8.13.8/8.13.8) with ESMTP id t4SCU8th009535 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 28 May 2015 14:30:09 +0200 Received: from kirk.drpetervoigt.private (kirk.drpetervoigt.private [192.168.1.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: pvoigt) by spock.drpetervoigt.private (Postfix) with ESMTPSA id C66434A033A6; Thu, 28 May 2015 14:30:08 +0200 (CEST) Date: Thu, 28 May 2015 14:29:55 +0200 From: "Dr. Peter Voigt" To: Carmel NY Cc: FreeBSD Ports Subject: Re: Error message when refreshing keys Message-ID: <20150528142955.2852528e@kirk.drpetervoigt.private> In-Reply-To: References: <20150528105601.474ec8fe@kirk.drpetervoigt.private> Organization: =?UTF-8?B?VW5pdmVyc2l0w6R0IE9zbmFicsO8Y2s=?= X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.23; x86_64-suse-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.5.28.122116 (Univ. Osnabrueck) X-PMX-Spam: Gauge=IIIIIIII, Probability=8%, Report= HTML_00_01 0.05, HTML_00_10 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1100_1199 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, FROM_NAME_PHRASE 0, RDNS_POOLED 0, RDNS_SUSP 0, RDNS_SUSP_SPECIFIC 0, REFERENCES 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __RDNS_POOLED_10 0, __REFERENCES 0, __SANE_MSGID 0, __SUBJ_ALPHA_END 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __URI_NO_PATH 0, __URI_NO_WWW 0 X-PMX-Spam-Level: IIIIIIII X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 12:54:58 -0000 On Thu, 28 May 2015 06:48:31 -0400 Carmel NY wrote: > On Thu, 28 May 2015 10:56:01 +0200, Dr. Peter Voigt stated: > > >I am on 10.1-RELEASE (amd64) and have installed latest gpg 2.0.27 > >from ports. When issuing > > > ># gpg --refresh-keys > > > >operation seems to work but I am getting following error messages at > >the end: > > > >... > >gpg: keyserver communications error: Not found > >gpg: keyserver communications error: Bad public key > >gpg: keyserver refresh failed: Bad public key > > > >On an openSUSE machine I have installed gpg 2.0.22 and I have no such > >error message. > > > >Is this a know error? What does it mean? Is it FreeBSD specific? > > > >Any hints are appreciated. > > I am continually receiving this error message: > > gpg: refreshing 339 keys from hkp://keys.gnupg.net > gpg: keyserver refresh failed: Invalid IPC response > > I finally just gave up. Hm, that's even worse. Does it mean you cannot refresh at all? On my machine keyring refresh is at least taking place in spite of the error message, but I cannot be sure everything is working correctly. From owner-freebsd-ports@FreeBSD.ORG Thu May 28 16:28:51 2015 Return-Path: Delivered-To: ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AF6638B7 for ; Thu, 28 May 2015 16:28:51 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 96C95653 for ; Thu, 28 May 2015 16:28:51 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id t4SGSpt2067071 for ; Thu, 28 May 2015 16:28:51 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id t4SGSp3a067070 for ports@FreeBSD.org; Thu, 28 May 2015 16:28:51 GMT (envelope-from bdrewery) Received: (qmail 43411 invoked from network); 28 May 2015 11:28:49 -0500 Received: from unknown (HELO ?10.10.1.139?) (freebsd@shatow.net@10.10.1.139) by sweb.xzibition.com with ESMTPA; 28 May 2015 11:28:49 -0500 Message-ID: <55674247.4020604@FreeBSD.org> Date: Thu, 28 May 2015 11:28:55 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: ports@FreeBSD.org Subject: qmail maintainership dropped OpenPGP: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="t7XOQVqhCuPL1pfHQJbxtFll1kD2r2SF0" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 16:28:51 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --t7XOQVqhCuPL1pfHQJbxtFll1kD2r2SF0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable I have dropped maintainership of qmail and all related ports. I have not been the best maintainer here, often taking up to 7 months to get patches committed to the various ports. Mostly due to the reason I am moving away from qmail. My own setup was created in 2009 from the port and has been hacked at directly since. I have not actually used any of these ports in a very long time. It's a symptom of the larger problem of qmail and its ecosystem not having any real maintainers or community support anymore. I would recommend users look into alternative solutions such as postfix, exim or opensmtp. All of which are actively maintained. Cheers, Bryan Drewery --t7XOQVqhCuPL1pfHQJbxtFll1kD2r2SF0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVZ0JHAAoJEDXXcbtuRpfPF6EIAK4I1nRDhGz43Fe0FyVkC80R y+4piiyaGCd37o6lopchOjK+giyVglAv2tuykBknTHR+tkAZel0HU7Kji5jXjGWq innVpT3gUPEwOx51FsrpHstpSPKIBFWa+qSKLmLjKlNA3OnAQYjq/f8nzZ7zuEJO bVoWDdWcVH15wbDQuQsJmRKt1Pj+O2F0hSK290f0k41aSApGE9kgyPZa5so9pQIu uJ81UPx1vqORV6AVuLmyz1I0kq+OIH2HNXwY+9bZG6mPqU2QPscFr+oqBo4d+VOx d+M3tBwD6FlGc/nOejay0seGwJlDgWOE3rLgkIJruLUVXzqSFbh7pXwEiczMAy4= =C4yf -----END PGP SIGNATURE----- --t7XOQVqhCuPL1pfHQJbxtFll1kD2r2SF0-- From owner-freebsd-ports@FreeBSD.ORG Thu May 28 16:36:20 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F668A6B for ; Thu, 28 May 2015 16:36:20 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 802D58CC for ; Thu, 28 May 2015 16:36:20 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id t4SGaK6B070142 for ; Thu, 28 May 2015 16:36:20 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id t4SGaKIf070141 for freebsd-ports@freebsd.org; Thu, 28 May 2015 16:36:20 GMT (envelope-from bdrewery) Received: (qmail 119 invoked from network); 28 May 2015 11:36:19 -0500 Received: from unknown (HELO ?10.10.1.139?) (freebsd@shatow.net@10.10.1.139) by sweb.xzibition.com with ESMTPA; 28 May 2015 11:36:19 -0500 Message-ID: <55674408.8000402@FreeBSD.org> Date: Thu, 28 May 2015 11:36:24 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: kpneal@pobox.com, freebsd-ports@freebsd.org Subject: Re: Messages about missing shared libraries... References: <20150528040950.GB37243@neutralgood.org> In-Reply-To: <20150528040950.GB37243@neutralgood.org> OpenPGP: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="hSQb6NptwIIUbV0Sc4Fd2sAknssuUeR5j" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 16:36:20 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --hSQb6NptwIIUbV0Sc4Fd2sAknssuUeR5j Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/27/2015 11:09 PM, kpneal@pobox.com wrote: > So, I'm installing a bunch of stuff in a chrooted staging area built > from source. I've got pkg bootstrapped and my /etc/make.conf looks > like this: >=20 > WITH_PKGNG=3D yes >=20 > # The former replaces the latter > OPTIONS_UNSET=3DX11 > WITHOUT_X11=3Dyes >=20 >=20 > Now, when I install from /usr/ports (I can never keep the terms straigh= t) > I see during the installation phase messages like this: >=20 > =3D=3D=3D> Registering installation for poudriere-3.1.6 > (poudriere-3.1.6) /usr/ports/ports-mgmt/poudriere/work/stage//usr/local= /libexec/poudriere/cpdup - required shared library libmd.so.5 not found > (poudriere-3.1.6) /usr/ports/ports-mgmt/poudriere/work/stage//usr/local= /libexec/poudriere/cpdup - required shared library libc.so.7 not found >=20 > But ldd shows that the executables _can_ find the libraries.=20 Try running this inside of the chroot: service ldconfig start Then check if the warnings happen still. >=20 > So, what's the deal with the missing library messages? Are they harmles= s > or do I need to do something like reinstall software? I can do that if > needed no sweat.=20 >=20 > The output of "pkg -v" is "1.5.2" since I didn't bootstrap it until tod= ay. >=20 > I'm currently running this kernel: > FreeBSD gunsight1.neutralgood.org 9.3-RELEASE-p14 FreeBSD 9.3-RELEASE-p= 14 #0 r283551: Tue May 26 13:08:20 EDT 2015 kpn@ amd64 >=20 > But the userland for the system is unpatched 9.3. I'm trying to get a > fully patched 9.3-p14 together. But I'm running pkg in a chroot with > the new -p14 userland.=20 >=20 > I apologize if this is something simple. I've never gotten to use ZFS > to build brand new installations from scratch before. I've probably > missed something somewhere. >=20 > And thanks for any help! >=20 --=20 Regards, Bryan Drewery --hSQb6NptwIIUbV0Sc4Fd2sAknssuUeR5j Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVZ0QIAAoJEDXXcbtuRpfPUooH/iXLcuozIla8V0cat10aeVRJ NJ1QszJyIM0ynw8Vrxey3WKQ1g7xjIF9XvuxlDjsjnXa9JEnY9eIv04QKHbDMR+9 rplCrFl2inb1/kaKdQH/Jhi2Sg3l90DOT2OMYXNKd8eNdi9St3pN2HQk4+Ihqr/r 5/E8MFcGiAILLYF9J/07cuEZvQc5niwfYfvi36IWgitjcawPoezAQ0hoK/vVm/gr iKl7DbwOXBDL5rJIQUNSu0Gl4NrutWsE4xC07GtfEjBFdLGTlqaEX4J5yMX+MnC/ hFOtoqWK8JaqZqIoegwYZJSXIUDnYdl8nxFHYZfouAZCd2NOmkHCU4AaEsPj7dw= =+iLn -----END PGP SIGNATURE----- --hSQb6NptwIIUbV0Sc4Fd2sAknssuUeR5j-- From owner-freebsd-ports@FreeBSD.ORG Thu May 28 16:47:28 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9E2191D1 for ; Thu, 28 May 2015 16:47:28 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7A308B73 for ; Thu, 28 May 2015 16:47:28 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id t4SGlSxa073416 for ; Thu, 28 May 2015 16:47:28 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id t4SGlScn073415 for freebsd-ports@freebsd.org; Thu, 28 May 2015 16:47:28 GMT (envelope-from bdrewery) Received: (qmail 96321 invoked from network); 28 May 2015 11:47:26 -0500 Received: from unknown (HELO ?10.10.1.139?) (freebsd@shatow.net@10.10.1.139) by sweb.xzibition.com with ESMTPA; 28 May 2015 11:47:26 -0500 Message-ID: <556746A4.4090208@FreeBSD.org> Date: Thu, 28 May 2015 11:47:32 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Roger Marquis , Mark Felder CC: freebsd-ports@freebsd.org Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> In-Reply-To: <20150527174037.EF719B11@hub.freebsd.org> OpenPGP: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="AG5xDRIWFfwuOnUj7eEiIOR0QxhNS1Qh4" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 16:47:28 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --AG5xDRIWFfwuOnUj7eEiIOR0QxhNS1Qh4 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/27/2015 12:40 PM, Roger Marquis wrote: >>> If you find a vulnerability such as a new CVE or mailing list >>> announcement please send it to the port maintainer and >>> as quickly as possible. They are whoeful= ly >>> understaffed and need our help. > Mark Felder wrote: >> Who is "ports-secteam"? >=20 > It was Xin Li who alerted me to the ports-secteam@freebsd.org address > i.e., as being distinct from the "FreeBSD Security Team" > (secteam@freebsd.org) address noted on > . >=20 >> There has been no Call For Help that I've ever seen. If people are nee= ded >> to process these CVEs so they are entered into VUXML, sign me up to >> ports-secteam please. >=20 > I believe that is part of the problem, or the multiple problems, that > lead me to believe that FreeBSD is operating without the active > involvement of a security officer. Specifically: >=20 > * port vulnerability alerts sent to secteam@, as indicated on the > /security/ page, are neither forwarded to ports-secteam@ for review no= r > returned to the sender with a note regarding the correct destination > address, >=20 > * the freebsd.org/security web page is not correct and not being > updated, >=20 > * aside from Xin nobody from either ports-secteam@ or secteam@ much > less security-officer@ seems to be reading or participating in the > security@ mailing list, >=20 > * nobody @freebsd.org appears to be following CVE announcements and th= e > maintainers of several high profile ports are also not following it or= > even their application's -announce list, >=20 > * there appears to be no automated process to alert vuln.xml maintaine= rs > (ports-secteam@) of potential new port vulnerabilities, >=20 > * offers of help to secteam@ and ports-secteam@ are neither replied to= > nor acted upon (except for Xin Li's request, thanks Xin!), >=20 > * perhaps as a result the vuln.xml database is no longer reliable, and= > by extension, >=20 > * operators of FreeBSD servers (unlike Debian, Ubuntu, RedHat, Suse an= d > OpenBSD server operators) have no assurance that their systems are sec= ure. >=20 > This is a MAJOR CHANGE from just a couple of years ago which calls for = an > equally major heads-up to be sent to those running FreeBSD servers and > looking to the freebsd.org website for help securing their systems. >=20 > The signifiance of these 7 bullets should not be overlooked or > understated. They call in to question the viability of FreeBSD itself.= >=20 > IMO, > Roger Marquis Personally I agree on all points. Our ports security regime is not working. As someone who has personally jumped on updating ports during security crisis, I have found it difficult to get others engaged. I would usually implore others to just fix it and once it was not done after a period of time I would do it. I don't have time to react to every security incident. This php one came up in the week and I almost "just fixed it", but doing those things burns me out as I have my own priorities. I'm not on ports-secteam, but I did ask to join last year and had no response. The request was even about recruiting more help. I think the VUXML database needs to be simpler to contribute to. Only a handful of committers feel comfortable touching the file. We have also had the wrong pervasive mentality by committers and users that the vuxml database should only have an entry if there is a committed fix. This is totally wrong. These CVE are _already public_ in all of these cases. Users deserve to know that there is a known issue with a package they have installed. I can understand how the mentality grew to what it is with some people, but the fact that there is not an update doesn't change that the user's system is insecure and needs to be dealt with. If the tool can't reliably report issues then it is not worth trusting. TL;DR; the file needs to be simpler. I know there is an effort to use CPE but I'm not too familiar with where it is going. As for maintainers tracking upstream mailing lists, this is hard. I'm subscribed to a lot of lists and can't keep up with all of the traffic. The RedHat security team and reporting is very impressive. Don't forget that they are a funded company though. Perhaps the FreeBSD Foundation needs to fund a fulltime security officer that is devoted to both Ports and Src. Just the Ports piece is easily a fulltime job. --=20 Regards, Bryan Drewery --AG5xDRIWFfwuOnUj7eEiIOR0QxhNS1Qh4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVZ0akAAoJEDXXcbtuRpfP4DkIANeNvZg20XIlGEiCM9KKAR9b mlSo6TNSRul2WpVfR0AOjFmcoBTzO4pQWna3+8miIRtcCNnFDG3oXmC/xWaL+6ZG xMCQoU43pmnAey2tobTQEgrDkhDj1lvqwrD0ZnucSmBWt0T6gRdm/2vPNutuYq3p Kh4BStH9WG7M4ONbiwVdFxlZDW4IZnFF3VPoH9IqVWOPa5w7TvSCqUSblVkySHQ7 1hgJYCw9amvwVJ3adQdZfAUy7hktmPGm2VuNEjIVD8Y3KvlDJCWY00ZF1IdrLx2t JVAiLLR86v7SLF2nUCiVZCRrMxsFWmBGPycjKkSox2Jtb9vf+AH4T61cxQBnQXA= =LCgq -----END PGP SIGNATURE----- --AG5xDRIWFfwuOnUj7eEiIOR0QxhNS1Qh4-- From owner-freebsd-ports@FreeBSD.ORG Thu May 28 16:57:34 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C85B0722 for ; Thu, 28 May 2015 16:57:34 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 918DADD6 for ; Thu, 28 May 2015 16:57:34 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id t4SGvYZk076532 for ; Thu, 28 May 2015 16:57:34 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id t4SGvY8K076529 for freebsd-ports@freebsd.org; Thu, 28 May 2015 16:57:34 GMT (envelope-from bdrewery) Received: (qmail 79800 invoked from network); 28 May 2015 11:57:33 -0500 Received: from unknown (HELO ?10.10.1.139?) (freebsd@shatow.net@10.10.1.139) by sweb.xzibition.com with ESMTPA; 28 May 2015 11:57:33 -0500 Message-ID: <55674903.4040202@FreeBSD.org> Date: Thu, 28 May 2015 11:57:39 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Roger Marquis , Mark Felder CC: freebsd-ports@freebsd.org Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> In-Reply-To: <556746A4.4090208@FreeBSD.org> OpenPGP: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5DMfchbgXVqGwpRgRT3vNsVif62FgJeMs" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 16:57:34 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --5DMfchbgXVqGwpRgRT3vNsVif62FgJeMs Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/28/2015 11:47 AM, Bryan Drewery wrote: > On 5/27/2015 12:40 PM, Roger Marquis wrote: =2E.. > This php one came up in the week and I almost > "just fixed it", but doing those things burns me out as I have my own > priorities. Once of which is maintaining the package builders for FreeBSD.org. On the topic of security we used to only provide packages weekly, but have recently stepped up to almost-daily. I have been meaning to get a general announcement out about this. --=20 Regards, Bryan Drewery --5DMfchbgXVqGwpRgRT3vNsVif62FgJeMs Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVZ0kDAAoJEDXXcbtuRpfPw2EH/iMo2O5pT8qIVqRSEW8P8HVk N91IpetrayI0+RRN1cvO8kh4GILlaE2l3QPGV1n5fiHgrcWY57Ca5A8wdPHO+y+y fV3QYFEpEwbrC8NntxsG+DT1seKuso4+rSDMV9oPxHl8rymrneoVxqZP8TuFgXk0 VcVkf6KbcjKSvKmDyBR1adLG2XAGjRqgycQh727AcneJTMYbhWXksOx+G3EOePHl 27MMeORPjOzEDgVhGsQZHrBjIz8Q/Zf0slkpx/SakzAtBB98+iOZTFA9FNwBMBsk cXnSjxsmU4oA1i4XXAEyAbMgyALi3rzi/eawwYBP0Cvwwf41hYal+b77culJswU= =nrGz -----END PGP SIGNATURE----- --5DMfchbgXVqGwpRgRT3vNsVif62FgJeMs-- From owner-freebsd-ports@FreeBSD.ORG Thu May 28 17:13:00 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5CE1CE2 for ; Thu, 28 May 2015 17:13:00 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8868D288 for ; Thu, 28 May 2015 17:13:00 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 518192075F for ; Thu, 28 May 2015 13:12:59 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute2.internal (MEProxy); Thu, 28 May 2015 13:12:59 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=uKde1X1AxnDuwjW 7o5I/4fHUk4k=; b=RnhhpTYwLgnt1kSL3sy/mq/FamKs5iRn1g+0sN+cKyPZfZU zax8s/9QcFS/rONh8q4zGBBZ4JzYTezsGchoskacNrpT01fkHajz5hm80IwtTrDt 30MihxVyhKevGRGbS318gWFzKHCGlbP5QvpooDKLAa0EScmRX2DEYCaXfkZo= Received: by web3.nyi.internal (Postfix, from userid 99) id 23C0310CCBD; Thu, 28 May 2015 13:12:59 -0400 (EDT) Message-Id: <1432833179.3252451.280654489.257EAA21@webmail.messagingengine.com> X-Sasl-Enc: Ker8LiQPTzPVLY8JxJkFpku0UH/QpkwC9S5hYeGM1fon 1432833179 From: Mark Felder To: Bryan Drewery , Roger Marquis Cc: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-073992ec Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) Date: Thu, 28 May 2015 12:12:59 -0500 In-Reply-To: <55674903.4040202@FreeBSD.org> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> <55674903.4040202@FreeBSD.org> X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 17:13:00 -0000 On Thu, May 28, 2015, at 11:57, Bryan Drewery wrote: > On 5/28/2015 11:47 AM, Bryan Drewery wrote: > > On 5/27/2015 12:40 PM, Roger Marquis wrote: > ... > > > This php one came up in the week and I almost > > "just fixed it", but doing those things burns me out as I have my own > > priorities. > > Once of which is maintaining the package builders for FreeBSD.org. On > the topic of security we used to only provide packages weekly, but have > recently stepped up to almost-daily. I have been meaning to get a > general announcement out about this. > This is great news! I knew this was on the radar, but didn't know it was happening yet. Thank you for your hard work!!! From owner-freebsd-ports@FreeBSD.ORG Thu May 28 17:16:38 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CA489EAE for ; Thu, 28 May 2015 17:16:38 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9DFBE2F0 for ; Thu, 28 May 2015 17:16:38 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 82EAB2082C for ; Thu, 28 May 2015 13:16:37 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute1.internal (MEProxy); Thu, 28 May 2015 13:16:37 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=AI0JRDOLnfTs8+v 02YlHyXL3UAs=; b=X3nfp51UzTwnE43I/dZojF++xmk1n47m6vzBSlwWYLP8bKG 089qFIdkO2CGv42zIx48zCepjcShs4JNwtLplsAJ4Iy1K/f1FWfAyHnuICIqIcSP Gl0C5ixE2XJgEO9sHLmjLBcvi4S0YeP/pqTuanqhDm7vOtl3K+IqUZ1dnL5M= Received: by web3.nyi.internal (Postfix, from userid 99) id 4F1F610D4DE; Thu, 28 May 2015 13:16:37 -0400 (EDT) Message-Id: <1432833397.3252848.280655409.2ADE5952@webmail.messagingengine.com> X-Sasl-Enc: qcxdb4T/FLocJK1eo3A8pHxuFerQRUW8DP7l5t9RPS74 1432833397 From: Mark Felder To: Bryan Drewery , Roger Marquis Cc: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-073992ec In-Reply-To: <556746A4.4090208@FreeBSD.org> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) Date: Thu, 28 May 2015 12:16:37 -0500 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 17:16:38 -0000 On Thu, May 28, 2015, at 11:47, Bryan Drewery wrote: > > I think the VUXML database needs to be simpler to contribute to. Only a > handful of committers feel comfortable touching the file. We could use a very friendly user-facing form that they can fill out to create a valid vuxml entry. And then the entry could create a github pull request. It would be very easy then to accept or reject the request, and accepted requests could be auto-committed to the ports tree or wherever it needs to go so pkgaudit can pull it. This would be leaps and bounds better than what we have. It would simplify the process and permit crowdsourcing CVE reporting. Everybody wins. From owner-freebsd-ports@FreeBSD.ORG Thu May 28 17:28:40 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 440F34B1 for ; Thu, 28 May 2015 17:28:40 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0D9E681E for ; Thu, 28 May 2015 17:28:40 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id t4SHSda7087028 for ; Thu, 28 May 2015 17:28:39 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id t4SHSdPe087027 for freebsd-ports@freebsd.org; Thu, 28 May 2015 17:28:39 GMT (envelope-from bdrewery) Received: (qmail 75184 invoked from network); 28 May 2015 12:28:35 -0500 Received: from unknown (HELO ?10.10.1.139?) (freebsd@shatow.net@10.10.1.139) by sweb.xzibition.com with ESMTPA; 28 May 2015 12:28:35 -0500 Message-ID: <55675049.1030502@FreeBSD.org> Date: Thu, 28 May 2015 12:28:41 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Mark Felder , Roger Marquis CC: freebsd-ports@freebsd.org Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> <1432833397.3252848.280655409.2ADE5952@webmail.messagingengine.com> In-Reply-To: <1432833397.3252848.280655409.2ADE5952@webmail.messagingengine.com> OpenPGP: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="W5SMCe2pJ5fnFqQGE1UHaEOIpXOM88J7i" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 17:28:40 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --W5SMCe2pJ5fnFqQGE1UHaEOIpXOM88J7i Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/28/2015 12:16 PM, Mark Felder wrote: >=20 >=20 > On Thu, May 28, 2015, at 11:47, Bryan Drewery wrote: >> >> I think the VUXML database needs to be simpler to contribute to. Only = a >> handful of committers feel comfortable touching the file. >=20 > We could use a very friendly user-facing form that they can fill out to= > create a valid vuxml entry. And then the entry could create a github > pull request. It would be very easy then to accept or reject the > request, and accepted requests could be auto-committed to the ports tre= e > or wherever it needs to go so pkgaudit can pull it. >=20 > This would be leaps and bounds better than what we have. It would > simplify the process and permit crowdsourcing CVE reporting.=20 >=20 > Everybody wins. >=20 swills@ wrote up something a few years ago for an html form. --=20 Regards, Bryan Drewery --W5SMCe2pJ5fnFqQGE1UHaEOIpXOM88J7i Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVZ1BJAAoJEDXXcbtuRpfPtqcH+wflYK5ig6kS/2TEdvLXo0nW NHZ/O/ftnF0MWlu97NmD/Tf+RFng4fZQJP56ZKnUn/CpxeMHLWDr85inbxDjRI6s Rvt3wQmfWGP4rTFF7e4FB69MOBhkDWcRXSaeB/edm8LxImKHull/7EKTi19UCaXT 0vMiCfZUv8FO3YlxD4xHbWGkrYsfMfjOiFx6iHmggEH0pbAPJROWFbTJGXfJG5W0 SU+exiW28rGKL7aoaM6Xkbllqv2AeYpSizzFNU2DjicMQ/tgsuhBvHLNuqceecEY QlLdp9LwNwqt9kBKbFZddjyfLkm8lUISvGMGK9NKnqpgsav1otMd3RFJdQFjYtI= =GA+F -----END PGP SIGNATURE----- --W5SMCe2pJ5fnFqQGE1UHaEOIpXOM88J7i-- From owner-freebsd-ports@FreeBSD.ORG Thu May 28 17:31:43 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BD2C5572 for ; Thu, 28 May 2015 17:31:43 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90BCA9DC for ; Thu, 28 May 2015 17:31:43 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id D55A820943 for ; Thu, 28 May 2015 13:31:42 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute6.internal (MEProxy); Thu, 28 May 2015 13:31:42 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=AZkFBCpB90LvIZf PzwXaaA0de0I=; b=j1sn9rOjIe2eSyDSaULwK4w8WUZWb/kQmBow6qaqklZBTDt l1qv105NAG7rdSB81dE+nDjroadQBMi1KxNczDti1a0Sk1uoWo+q4UD+oTGvYFTy hAPVPFgL8T04pwI78LcshuLlCWwRJugDI9Le/tyBQePh3wbLZlJH/u08OjH4= Received: by web3.nyi.internal (Postfix, from userid 99) id B0B4A10E3A6; Thu, 28 May 2015 13:31:42 -0400 (EDT) Message-Id: <1432834302.3255751.280669169.3E59C44B@webmail.messagingengine.com> X-Sasl-Enc: vF41pNFAmRcFhpr3V5UXQ7mrgKyH3U8bhfO6FBRiAghF 1432834302 From: Mark Felder To: Bryan Drewery , Roger Marquis Cc: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-073992ec Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) Date: Thu, 28 May 2015 12:31:42 -0500 In-Reply-To: <556746A4.4090208@FreeBSD.org> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 17:31:43 -0000 On Thu, May 28, 2015, at 11:47, Bryan Drewery wrote: > > Personally I agree on all points. Our ports security regime is not > working. I already communicated further with Roger off-list, but would like to point out that I *do* think there is a problem, but I don't think it's "the sky is falling / don't use FreeBSD" yet. This is a solvable problem that simply requires some defined processes and participation/organization. It seems like we're talking to ourselves here, so do we need to hijack the ports-secteam@ alias and start figuring things out ourselves? From owner-freebsd-ports@FreeBSD.ORG Thu May 28 19:31:38 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 348607E4 for ; Thu, 28 May 2015 19:31:38 +0000 (UTC) (envelope-from lists@rhavenn.net) Received: from smtp110.ord1c.emailsrvr.com (smtp110.ord1c.emailsrvr.com [108.166.43.110]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 144DABA8 for ; Thu, 28 May 2015 19:31:37 +0000 (UTC) (envelope-from lists@rhavenn.net) Received: from smtp14.relay.ord1c.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp14.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 4B29D38045D for ; Thu, 28 May 2015 15:22:32 -0400 (EDT) Received: by smtp14.relay.ord1c.emailsrvr.com (Authenticated sender: rhavenn-AT-rhavenn.net) with ESMTPSA id 20A7A3804A4 for ; Thu, 28 May 2015 15:22:30 -0400 (EDT) X-Sender-Id: rhavenn@rhavenn.net Received: from vash.rhavenn.local ([UNAVAILABLE]. [209.112.171.194]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:25 (trex/5.4.2); Thu, 28 May 2015 19:22:32 GMT Received: from localhost (vash.rhavenn.local [local]); by vash.rhavenn.local (OpenSMTPD) with ESMTPA id cae64498; for ; Thu, 28 May 2015 11:22:26 -0800 (AKDT) Date: Thu, 28 May 2015 11:22:26 -0800 From: Henrik Hudson To: freebsd-ports@freebsd.org Subject: some ports always rebuild with oudriere? Message-ID: <20150528192226.GA10291@vash.rhavenn.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 19:31:38 -0000 I use poudriere to build a custom pkg tree. There are a few ports that always seem to rebuild themselves. They're small, so not a super big deal, but more looking in as to why? www/linkchecker It always reports that: Deleting linkchecker-9.3.txz: new dependency: www/twill and rebuilds itself no matter how many times I run poudriere bulk without any other changes. henrik -- Henrik Hudson lists@rhavenn.net ----------------------------------------- "God, root, what is difference?" Pitr; UF From owner-freebsd-ports@FreeBSD.ORG Thu May 28 21:33:27 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 439F87FA for ; Thu, 28 May 2015 21:33:27 +0000 (UTC) (envelope-from jankyj@unfs.us) Received: from stig.purplehat.org (stig.purplehat.org [50.243.134.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 21020CB8 for ; Thu, 28 May 2015 21:33:26 +0000 (UTC) (envelope-from jankyj@unfs.us) Received: from localhost (bill.goatse.unfs.us [50.243.134.106]) by stig.purplehat.org (Postfix) with ESMTP id 261D1170CF for ; Thu, 28 May 2015 15:33:17 -0600 (MDT) Received: from stig.purplehat.org ([50.243.134.106]) by localhost (stig.purplehat.org [50.243.134.106]) (maiad, port 10024) with ESMTP id 06902-05 for ; Thu, 28 May 2015 15:33:16 -0600 (MDT) Received: from [172.30.30.9] (unknown [172.30.30.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: jankyj@unfs.us) by stig.purplehat.org (Postfix) with ESMTPSA id F3952170C4 for ; Thu, 28 May 2015 15:33:15 -0600 (MDT) Message-ID: <5567899B.9090500@unfs.us> Date: Thu, 28 May 2015 15:33:15 -0600 From: "Janky Jay, III" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> <1432834302.3255751.280669169.3E59C44B@webmail.messagingengine.com> In-Reply-To: <1432834302.3255751.280669169.3E59C44B@webmail.messagingengine.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Virus-Scanned: Maia Mailguard X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 21:33:27 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/28/2015 11:31 AM, Mark Felder wrote: > > > On Thu, May 28, 2015, at 11:47, Bryan Drewery wrote: >> >> Personally I agree on all points. Our ports security regime is not >> working. > > I already communicated further with Roger off-list, but would like to > point out that I *do* think there is a problem, but I don't think it's > "the sky is falling / don't use FreeBSD" yet. This is a solvable problem > that simply requires some defined processes and > participation/organization. > > It seems like we're talking to ourselves here, so do we need to hijack > the ports-secteam@ alias and start figuring things out ourselves? > It appears no one has been able to join the ports-secteam@ list, but if there is way for me to contribute in any way, I'd certainly like to be on the list as well. If anyone knows of a way to join this list, please let me know. Regards, Janky Jay, III -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlVniZsACgkQGK3MsUbJZn78mQCfYA9HqU8/94CqMfle8wbKdAdS syQAnjp+Hptkc8hsfbh4bWzFEJpI2Zi7 =dvQG -----END PGP SIGNATURE----- From owner-freebsd-ports@FreeBSD.ORG Thu May 28 23:17:10 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C22A3AEA for ; Thu, 28 May 2015 23:17:10 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from prod2.absolight.net (mx3.absolight.net [IPv6:2a01:678:2:100::25]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "plouf.absolight.net", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 8893C857 for ; Thu, 28 May 2015 23:17:10 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id A12B4BDC5E; Fri, 29 May 2015 01:17:07 +0200 (CEST) Received: from atuin.in.mat.cc (atuin.in.mat.cc [79.143.241.205]) by prod2.absolight.net (Postfix) with ESMTPA id 6CA08BDC56; Fri, 29 May 2015 01:17:07 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by atuin.in.mat.cc (Postfix) with ESMTP id 050A236955D0; Fri, 29 May 2015 01:16:56 +0200 (CEST) Date: Fri, 29 May 2015 01:16:56 +0200 From: Mathieu Arnold To: Henrik Hudson , freebsd-ports@freebsd.org Subject: Re: some ports always rebuild with oudriere? Message-ID: In-Reply-To: <20150528192226.GA10291@vash.rhavenn.local> References: <20150528192226.GA10291@vash.rhavenn.local> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 23:17:10 -0000 +--On 28 mai 2015 11:22:26 -0800 Henrik Hudson wrote: | I use poudriere to build a custom pkg tree. There are a few ports | that always seem to rebuild themselves. They're small, so not a | super big deal, but more looking in as to why? | | www/linkchecker | | It always reports that: | Deleting linkchecker-9.3.txz: new dependency: www/twill | | and rebuilds itself no matter how many times I run poudriere bulk | without any other changes. This usually happens when the dependency in the Makefile is badly done. In this case, the dependency was: LOGIN_RUN_DEPENDS= twill:${PORTSDIR}/www/twill which means "register a dependency on the twill executable installed by www/twill" Thing is, there is no twill executable installed by twill, it's obviously a mistake, I've fixed it. -- Mathieu Arnold From owner-freebsd-ports@FreeBSD.ORG Fri May 29 00:05:41 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1A21F2CA for ; Fri, 29 May 2015 00:05:41 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EE97E15A0 for ; Fri, 29 May 2015 00:05:40 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id t4T05edh027025 for ; Fri, 29 May 2015 00:05:40 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id t4T05epU027024 for freebsd-ports@freebsd.org; Fri, 29 May 2015 00:05:40 GMT (envelope-from bdrewery) Received: (qmail 39296 invoked from network); 28 May 2015 19:05:38 -0500 Received: from unknown (HELO ?10.10.1.139?) (freebsd@shatow.net@10.10.1.139) by sweb.xzibition.com with ESMTPA; 28 May 2015 19:05:38 -0500 Message-ID: <5567AD59.6020509@FreeBSD.org> Date: Thu, 28 May 2015 19:05:45 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: kpneal@pobox.com CC: freebsd-ports@freebsd.org Subject: Re: Messages about missing shared libraries... References: <20150528040950.GB37243@neutralgood.org> <55674408.8000402@FreeBSD.org> <20150528235212.GA73173@neutralgood.org> In-Reply-To: <20150528235212.GA73173@neutralgood.org> OpenPGP: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="6E49ERhwrh4u3PHqwT7EGaLApgPeB2rgw" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 00:05:41 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --6E49ERhwrh4u3PHqwT7EGaLApgPeB2rgw Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/28/2015 6:52 PM, kpneal@pobox.com wrote: > On Thu, May 28, 2015 at 11:36:24AM -0500, Bryan Drewery wrote: >> On 5/27/2015 11:09 PM, kpneal@pobox.com wrote: >>> So, I'm installing a bunch of stuff in a chrooted staging area built >>> from source. I've got pkg bootstrapped and my /etc/make.conf looks >>> like this: >>> >>> WITH_PKGNG=3D yes >>> >>> # The former replaces the latter >>> OPTIONS_UNSET=3DX11 >>> WITHOUT_X11=3Dyes >>> >>> >>> Now, when I install from /usr/ports (I can never keep the terms strai= ght) >>> I see during the installation phase messages like this: >>> >>> =3D=3D=3D> Registering installation for poudriere-3.1.6 >>> (poudriere-3.1.6) /usr/ports/ports-mgmt/poudriere/work/stage//usr/loc= al/libexec/poudriere/cpdup - required shared library libmd.so.5 not found= >>> (poudriere-3.1.6) /usr/ports/ports-mgmt/poudriere/work/stage//usr/loc= al/libexec/poudriere/cpdup - required shared library libc.so.7 not found >>> >>> But ldd shows that the executables _can_ find the libraries.=20 >> >> Try running this inside of the chroot: >> >> service ldconfig start >> >> Then check if the warnings happen still. >=20 > That seems to have fixed it. Thanks! >=20 > Now, do I need to rebuild ports that were built before and gave the war= ning > message? I don't know if pkg was the one requesting the info or not. >=20 No, just tell pkg to rescan for needed shared libraries. 'pkg check -Ba'.= --=20 Regards, Bryan Drewery --6E49ERhwrh4u3PHqwT7EGaLApgPeB2rgw Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVZ61ZAAoJEDXXcbtuRpfPODwIAJubL0xTYtAXd/MaorpVY5Wk oM7rh/aM+3RWuBMopnxWGls41N7rM0OS4LStIhk/GsOTLl2XxeieD5Lz2v/DW//X qH8v/0MV4OZJVJgJ/I4L7nEHypGsjgF046BxuP0d/zpDiQXidxXivd11Zu4wvDnA KXmafH1JvnA85tzdsPj80PlujkyuSmTUAyBBvXlzgnjhuZl7TnP03doPDcPKM2x1 r6vSrU+1iUJpsEVeqFxyfAImNx6Uiw7thjJVq3DAjJ3PzZqO8bUE2RHxDa8S+pH3 dvZGFlDz/DJd7EmGmNF5/+TfWfhz2iFbO16T9lJid15V+eRjuz64n+wPhGxv4PE= =sM4s -----END PGP SIGNATURE----- --6E49ERhwrh4u3PHqwT7EGaLApgPeB2rgw-- From owner-freebsd-ports@FreeBSD.ORG Fri May 29 00:17:57 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6610C536; Fri, 29 May 2015 00:17:57 +0000 (UTC) (envelope-from freebsd-ports@dan.me.uk) Received: from bolton.dan.me.uk (smtp.dan.me.uk [IPv6:2001:67c:26b4:9:21e:bff:fec7:87a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.dan.me.uk", Issuer "RapidSSL SHA256 CA - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0158D17CE; Fri, 29 May 2015 00:17:56 +0000 (UTC) (envelope-from freebsd-ports@dan.me.uk) Received: from [IPv6:2a01:348:61:0:e8b:fdff:fe32:e2b8] (laptop.dan.me.uk [IPv6:2a01:348:61:0:e8b:fdff:fe32:e2b8]) (authenticated bits=0 user=danmail mech=PLAIN) by bolton.dan.me.uk (8.15.1/8.14.9) with ESMTPSA id t4T0Hpbk015001 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT cn= subject= issuer=); Fri, 29 May 2015 01:17:51 +0100 (BST) (envelope-from freebsd-ports@dan.me.uk) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dan.me.uk; s=default; t=1432858672; bh=C8IzP0GulDGYRiQKk3rNP8pQtoEckpBz9RAnPfHjJ/I=; h=Date:From:To:Subject:References:In-Reply-To; b=hxZEbFgc7XS8RJNoYqPP8QBDlfLJMyfB8J1B/2wpglQobf9dPByMKSSICEdnoP4No wIxGrJb+H803FCY6rBrUxATv3MbY1PAqPCZaJpG6uo/1wiyLCGNQDvUaefmoNN1rv6 Lr1gVAvASm4JKhz19cBi/rpDnx0/xqlJvqcMGuSNUPD3Z1JFNfqp8o+9tljbdv2JAp cnHk7lUX+uteaTBCuIlVAI2ZHaQWYAz0bLxQSPQv3vO5InHl0hvFvEcutlydvSKQk2 NqqYu/jF30OouikKXdQ7+FpmNNkF2EEt5mOCj89EjibzFNZOVTXT0Vv/CklnqsNQkc PgPDbVy+Q+GAQ== X-Authentication-Warning: bolton.dan.me.uk: Host laptop.dan.me.uk [IPv6:2a01:348:61:0:e8b:fdff:fe32:e2b8] claimed to be [IPv6:2a01:348:61:0:e8b:fdff:fe32:e2b8] Message-ID: <5567B02A.9000108@dan.me.uk> Date: Fri, 29 May 2015 01:17:46 +0100 From: Daniel Austin User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Mathieu Arnold , freebsd-ports@freebsd.org Subject: Re: some ports always rebuild with oudriere? References: <20150528192226.GA10291@vash.rhavenn.local> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Antivirus: Scanned by F-PROT Antivirus (http://www.f-prot.com) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 00:17:57 -0000 Hi Mathieu, On 29/05/2015 00:16, Mathieu Arnold wrote: > | www/linkchecker > | > | It always reports that: > | Deleting linkchecker-9.3.txz: new dependency: www/twill > | > | and rebuilds itself no matter how many times I run poudriere bulk > | without any other changes. > > This usually happens when the dependency in the Makefile is badly done. > > In this case, the dependency was: > LOGIN_RUN_DEPENDS= twill:${PORTSDIR}/www/twill > > which means "register a dependency on the twill executable installed by > www/twill" Thing is, there is no twill executable installed by twill, it's > obviously a mistake, I've fixed it. I also get this exact same issue on every build run for editors/abiword as follows: [00:04:45] ====>> Deleting abiword-2.8.6_10.txz: new dependency: textproc/aiksaurus-gtk This may need the same treatment as www/linkchecker had. Thanks, Daniel. From owner-freebsd-ports@FreeBSD.ORG Fri May 29 08:49:42 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 65295FBA for ; Fri, 29 May 2015 08:49:42 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from prod2.absolight.net (mx3.absolight.net [IPv6:2a01:678:2:100::25]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "plouf.absolight.net", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 294911A1B for ; Fri, 29 May 2015 08:49:42 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id B9BE9BDC66; Fri, 29 May 2015 10:49:38 +0200 (CEST) Received: from atuin.in.mat.cc (atuin.in.mat.cc [79.143.241.205]) by prod2.absolight.net (Postfix) with ESMTPA id 9AC08BDC5C; Fri, 29 May 2015 10:49:38 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by atuin.in.mat.cc (Postfix) with ESMTP id 6216D369B4BD; Fri, 29 May 2015 10:49:28 +0200 (CEST) Date: Fri, 29 May 2015 10:49:27 +0200 From: Mathieu Arnold To: Daniel Austin , freebsd-ports@freebsd.org Subject: Re: some ports always rebuild with oudriere? Message-ID: <1387DA87E3B9FA7EF4E9839B@atuin.in.mat.cc> In-Reply-To: <5567B02A.9000108@dan.me.uk> References: <20150528192226.GA10291@vash.rhavenn.local> <5567B02A.9000108@dan.me.uk> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="==========6F5F4C96561B9A5F3FA3==========" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 08:49:42 -0000 --==========6F5F4C96561B9A5F3FA3========== Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline +--On 29 mai 2015 01:17:46 +0100 Daniel Austin wrote: | Hi Mathieu, | | On 29/05/2015 00:16, Mathieu Arnold wrote: |> | www/linkchecker |> | |> | It always reports that: |> | Deleting linkchecker-9.3.txz: new dependency: www/twill |> | |> | and rebuilds itself no matter how many times I run poudriere bulk |> | without any other changes. |> |> This usually happens when the dependency in the Makefile is badly done. |> |> In this case, the dependency was: |> LOGIN_RUN_DEPENDS= twill:${PORTSDIR}/www/twill |> |> which means "register a dependency on the twill executable installed by |> www/twill" Thing is, there is no twill executable installed by twill, |> it's obviously a mistake, I've fixed it. | | I also get this exact same issue on every build run for editors/abiword | as follows: | | [00:04:45] ====>> Deleting abiword-2.8.6_10.txz: new dependency: | textproc/aiksaurus-gtk | | This may need the same treatment as www/linkchecker had. This one looks ok, I'll have to investigate a bit more than that. For the general case, when you find something like this, open a PR, it's the best way to get things recorded so they can be fixed. -- Mathieu Arnold --==========6F5F4C96561B9A5F3FA3========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJVaCgYXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzQUI2OTc4OUQyRUQxMjEwNjQ0MEJBNUIz QTQ1MTZGMzUxODNDRTQ4AAoJEDpFFvNRg85Ij6oQAJh2HAf2ZV/MWVKWEJ4q97N/ vEsf5rMHC+3EBLq1F64RlPlDaV3PllGGc9NrYrDZ2699ndv8uYSSrFS+pHn4Vjce zXfWmfvRnnFDrAfzbrBAfABHALGtp8tB8dEdLnyVQsdllnwmqm7rZoexDFqTNIkm qtzVUTj6oauLNZ4spxTsiNqSd8kr+GBf5Ek35cLb6654+jJIp3uPbPXBILos+vUq wHVDN5bV0ETKgUwwA+d91SOXeUJgw2/22BYl7xqc3z7tloNLxswW+MXA3cga2tWq Qfdlg9yrA82jxTqaskorTGy3Gd3NyUj2rCZS2hR/UDgfrTCrYRzNQvgbE+VFkR8B A0bsg+hmbE+23UUKYZJre4XPa/xz2xSFfq1QmGiWq6MtaJNNs6L5ViZmYPeRfdU2 FE42b4kvmedKJrLuQ6gg/ya3vhEac+ydYZ4CqfnA3BDEkJTZaFX/VbPAn8GJqNre igmMhrKcv3hNb89cD52UN6e9ylcbLTNVQeTDOOAgeiipj4Yu86L2UA274BqXUhlv nTrHX4oOc4Ac5tjAlPICAvb20/jjWxf8dlkj7n79lNnPM93S7dtgagRRgvrtOy9Y lJJsVtW+h0/kHPzTHgZnXRQe8zxECRx3tsik52FPZBqXucE0iuPZq1Xy07CXBSg6 RfQ1TwvHCeFAGni5jKib =ERmo -----END PGP SIGNATURE----- --==========6F5F4C96561B9A5F3FA3==========-- From owner-freebsd-ports@FreeBSD.ORG Fri May 29 09:53:43 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5B3B0220 for ; Fri, 29 May 2015 09:53:43 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org (portscout.freebsd.org [IPv6:2001:1900:2254:206a::50:6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 495A31A62 for ; Fri, 29 May 2015 09:53:43 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org ([127.0.1.123]) by portscout.freebsd.org (8.14.9/8.14.9) with ESMTP id t4T9rht9036838 for ; Fri, 29 May 2015 09:53:43 GMT (envelope-from portscout@FreeBSD.org) Received: (from portscout@localhost) by portscout.freebsd.org (8.14.9/8.14.9/Submit) id t4T9rhwi036837; Fri, 29 May 2015 09:53:43 GMT (envelope-from portscout@FreeBSD.org) Message-Id: <201505290953.t4T9rhwi036837@portscout.freebsd.org> X-Authentication-Warning: portscout.freebsd.org: portscout set sender to portscout@FreeBSD.org using -f Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Date: Fri, 29 May 2015 09:53:43 +0000 From: portscout@FreeBSD.org To: ports@freebsd.org Subject: FreeBSD ports you maintain which are out of date X-Mailer: portscout/0.8.1 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 09:53:43 -0000 Dear port maintainer, The portscout new distfile checker has detected that one or more of your ports appears to be out of date. Please take the opportunity to check each of the ports listed below, and if possible and appropriate, submit/commit an update. If any ports have already been updated, you can safely ignore the entry. You will not be e-mailed again for any of the port/version combinations below. Full details can be found at the following URL: http://portscout.freebsd.org/ports@freebsd.org.html Port | Current version | New version ------------------------------------------------+-----------------+------------ textproc/py-jaxml | 3.02 | 22.00 ------------------------------------------------+-----------------+------------ If any of the above results are invalid, please check the following page for details on how to improve portscout's detection and selection of distfiles on a per-port basis: http://portscout.freebsd.org/info/portscout-portconfig.txt Thanks. From owner-freebsd-ports@FreeBSD.ORG Fri May 29 14:21:04 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EA7D21C5; Fri, 29 May 2015 14:21:04 +0000 (UTC) (envelope-from venture37@gmail.com) Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7D6991BD7; Fri, 29 May 2015 14:21:04 +0000 (UTC) (envelope-from venture37@gmail.com) Received: by wicmx19 with SMTP id mx19so17469912wic.0; Fri, 29 May 2015 07:21:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=LrEacr7LSIlXVX6muTW42kqaoOYuZyc/PlVdw6osAdU=; b=0yz87jL1w3XVqRb+mW7+5sHqenXZTVprrsASkh/14s306RZ3FwoKOvT3R4xVlWFMLM 4vVsVPd2GyFo6thlt5XTS+131/DYWQow5sCHi5Pmo+0NMclrdZxKUZQ+jJMh5QqAL58J c5ou7g3aj+X2CTut8Cw0btoHhuox57KmZu000aWhpycaw1rTkOb3DD+UV1WYUvUwVR6T Dpz4qsLG8jOBUhQDeBAjL4oYUKIMoeKQsFnJszvsy12ntWo3wsXXbcrmyaUOfnbdBDuK gfCoP8bUOChQqs9EsWL1pXbkOAVVXGjlqQn3BzDN3+otfZFtPMDYP1Z62XFnd/EQYR75 DkDg== MIME-Version: 1.0 X-Received: by 10.194.82.38 with SMTP id f6mr15112555wjy.16.1432909262987; Fri, 29 May 2015 07:21:02 -0700 (PDT) Received: by 10.194.88.165 with HTTP; Fri, 29 May 2015 07:21:02 -0700 (PDT) In-Reply-To: <556746A4.4090208@FreeBSD.org> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> Date: Fri, 29 May 2015 15:21:02 +0100 Message-ID: Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) From: "Sevan / Venture37" To: Bryan Drewery Cc: Roger Marquis , Mark Felder , freebsd-ports@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 14:21:05 -0000 On 28 May 2015 at 17:47, Bryan Drewery wrote: > I think the VUXML database needs to be simpler to contribute to. Only a > handful of committers feel comfortable touching the file. We have also > had the wrong pervasive mentality by committers and users that the vuxml > database should only have an entry if there is a committed fix. This is > totally wrong. These CVE are _already public_ in all of these cases. > Users deserve to know that there is a known issue with a package they > have installed. I can understand how the mentality grew to what it is > with some people, but the fact that there is not an update doesn't > change that the user's system is insecure and needs to be dealt with. If > the tool can't reliably report issues then it is not worth trusting. > TL;DR; the file needs to be simpler. I know there is an effort to use > CPE but I'm not too familiar with where it is going. May a I suggest a more pragmatic format of package+version, type of issue, url for further info. > The RedHat security team and reporting is very impressive. Don't forget > that they are a funded company though. Perhaps the FreeBSD Foundation > needs to fund a fulltime security officer that is devoted to both Ports > and Src. Just the Ports piece is easily a fulltime job. There seems to be a lot of eyes on the ports-bugs@ list from the community, a heads up about vulnerabilities via the bug tracker may help in the meantime? Sevan / Venture37 From owner-freebsd-ports@FreeBSD.ORG Fri May 29 17:17:52 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1C38B816 for ; Fri, 29 May 2015 17:17:52 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: from quine.pinyon.org (quine.pinyon.org [65.101.5.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F00B91747 for ; Fri, 29 May 2015 17:17:51 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: by quine.pinyon.org (Postfix, from userid 122) id EC19D160298; Fri, 29 May 2015 10:10:18 -0700 (MST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on quine.pinyon.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.0 Received: from feyerabend.n1.pinyon.org (feyerabend.n1.pinyon.org [10.0.10.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by quine.pinyon.org (Postfix) with ESMTPSA id 307BB160219 for ; Fri, 29 May 2015 10:10:17 -0700 (MST) Message-ID: <55689D79.3090907@pinyon.org> Date: Fri, 29 May 2015 10:10:17 -0700 From: "Russell L. Carter" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: 10/stable virtualbox-ose crashes Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 17:17:52 -0000 Hi, kldload vboxsrv crashes recent 10/stables. Last known working kernel/module pair is from May 5th. Not sure what is the optimal next step, suggestions welcome. Russell From owner-freebsd-ports@FreeBSD.ORG Fri May 29 17:38:13 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0928AB0C for ; Fri, 29 May 2015 17:38:13 +0000 (UTC) (envelope-from kob6558@gmail.com) Received: from mail-ie0-x229.google.com (mail-ie0-x229.google.com [IPv6:2607:f8b0:4001:c03::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D038C1C0C for ; Fri, 29 May 2015 17:38:12 +0000 (UTC) (envelope-from kob6558@gmail.com) Received: by iebgx4 with SMTP id gx4so68217225ieb.0 for ; Fri, 29 May 2015 10:38:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=7zq78OzcRIo92mAryGS5vgNoHEeEj+rf8b/xIuXrA60=; b=jNio/4vim8c7FvCY80/eZF5P+ZNeHghL3QPhlDUbqDcc0wFE8laV1iBQNRShCN/hRA BP4vPqRQbK/3NGjlCpmHBHCHnaNUTPKevmiLpwSs6ffXpUbImdlH26UScZqHsC6jbkj5 CgJE0+X3kCJpN5MUIpA09dzcBUjrFITn2zE4nD4WgD+/reUk4jRmBMLOIO5SfVMruk6u CaXj7CUxlciAJTcT6U34M3cDYXMdCluiHUBYaVpozXETI1Tvnz3uJh9W9vJal7MHOYF7 rzEZaTk+XhBxo1r6D9jiJ9I8k+4IiUXHHLYP0WV9fjCVYheK2t/7RD6IPyXsrktzf1pw 8hqw== MIME-Version: 1.0 X-Received: by 10.50.57.112 with SMTP id h16mr5422689igq.35.1432921091989; Fri, 29 May 2015 10:38:11 -0700 (PDT) Sender: kob6558@gmail.com Received: by 10.107.46.134 with HTTP; Fri, 29 May 2015 10:38:11 -0700 (PDT) In-Reply-To: <55689D79.3090907@pinyon.org> References: <55689D79.3090907@pinyon.org> Date: Fri, 29 May 2015 10:38:11 -0700 X-Google-Sender-Auth: QGklP68jM81mK0yHq5pXnykDT2w Message-ID: Subject: Re: 10/stable virtualbox-ose crashes From: Kevin Oberman To: "Russell L. Carter" Cc: FreeBSD Ports ML Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 17:38:13 -0000 On Fri, May 29, 2015 at 10:10 AM, Russell L. Carter wrote: > Hi, > kldload vboxsrv crashes recent 10/stables. Last known working > kernel/module pair is from May 5th. > > Not sure what is the optimal next step, suggestions welcome. > Sounds like you have done this, but several reports have been made of this recently. All were "fixed" by rebuilding virtualbox-ose-kmod. Always rebuild all kernel modules that are in ports when rebuilding the kernel, preferably by adding the appropriate PORTS_MODULES to /etc/src.conf. -- Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com From owner-freebsd-ports@FreeBSD.ORG Fri May 29 17:45:19 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 869DDE32 for ; Fri, 29 May 2015 17:45:19 +0000 (UTC) (envelope-from mcdouga9@egr.msu.edu) Received: from mail.egr.msu.edu (boomhauer.egr.msu.edu [35.9.37.167]) by mx1.freebsd.org (Postfix) with ESMTP id 605901E9D for ; Fri, 29 May 2015 17:45:19 +0000 (UTC) (envelope-from mcdouga9@egr.msu.edu) Received: from boomhauer (localhost [127.0.0.1]) by mail.egr.msu.edu (Postfix) with ESMTP id 4A6784B53C for ; Fri, 29 May 2015 13:45:11 -0400 (EDT) X-Virus-Scanned: amavisd-new at egr.msu.edu Received: from mail.egr.msu.edu ([127.0.0.1]) by boomhauer (boomhauer.egr.msu.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oIfOfa6pHFoy for ; Fri, 29 May 2015 13:45:11 -0400 (EDT) Received: from EGR authenticated sender mcdouga9 Message-ID: <5568A5A6.7050804@egr.msu.edu> Date: Fri, 29 May 2015 13:45:10 -0400 From: Adam McDougall User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: Re: 10/stable virtualbox-ose crashes References: <55689D79.3090907@pinyon.org> In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 17:45:19 -0000 On 05/29/2015 13:38, Kevin Oberman wrote: > On Fri, May 29, 2015 at 10:10 AM, Russell L. Carter > wrote: > >> Hi, >> kldload vboxsrv crashes recent 10/stables. Last known working >> kernel/module pair is from May 5th. >> >> Not sure what is the optimal next step, suggestions welcome. >> > > Sounds like you have done this, but several reports have been made of this > recently. All were "fixed" by rebuilding virtualbox-ose-kmod. Always > rebuild all kernel modules that are in ports when rebuilding the kernel, > preferably by adding the appropriate PORTS_MODULES to /etc/src.conf. > -- > Kevin Oberman, Network Engineer, Retired > E-mail: rkoberman@gmail.com Won't this will be a problem if people use official packages (built on 10.x-RELEASE) on a system running -stable? Wouldn't it mean an ABI was violated? From owner-freebsd-ports@FreeBSD.ORG Fri May 29 17:52:16 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D63D7357 for ; Fri, 29 May 2015 17:52:16 +0000 (UTC) (envelope-from kpaasial@gmail.com) Received: from mail-lb0-x230.google.com (mail-lb0-x230.google.com [IPv6:2a00:1450:4010:c04::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 596E71106 for ; Fri, 29 May 2015 17:52:16 +0000 (UTC) (envelope-from kpaasial@gmail.com) Received: by lbcmx3 with SMTP id mx3so53257454lbc.1 for ; Fri, 29 May 2015 10:52:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=CUmMAfahnN7739Ys2jote5BGIRuSP0zpY1T54Y01oZs=; b=sM5guVEyaeVXwysAyTfL2HT7leegB+undGgKyzlrRGCELBpwPJilP1gBUN7vPSFWc/ VB0/a3+ikV/lXWnCSVzYZVVG5jag8RvvYJLtatDmlBcNG0eJs58HH0pQmKq9K8N0p2Y2 4CUy1i+PYga59c+T/WLVGKm0Ozn8MY1jt0K9SCNSfIQUElbifvOzf/KIS7IR80VkvCdl Vxjy6ZzVmpDBMfHSvob7taRNLf1B6nXPzx/6rpgQxXkdafSfumFpeddZm0ZfVYi5b38s bdw5QpvspWS8Y+1+FDvamct5s7PI1hA+KeyD86j7erJEHGlBBbbRnTACVV4sPag6Q7ZK pf8Q== MIME-Version: 1.0 X-Received: by 10.112.51.146 with SMTP id k18mr9060109lbo.91.1432921934348; Fri, 29 May 2015 10:52:14 -0700 (PDT) Received: by 10.152.137.193 with HTTP; Fri, 29 May 2015 10:52:14 -0700 (PDT) In-Reply-To: <5568A5A6.7050804@egr.msu.edu> References: <55689D79.3090907@pinyon.org> <5568A5A6.7050804@egr.msu.edu> Date: Fri, 29 May 2015 20:52:14 +0300 Message-ID: Subject: Re: 10/stable virtualbox-ose crashes From: Kimmo Paasiala To: Adam McDougall Cc: freebsd-ports Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 17:52:16 -0000 On Fri, May 29, 2015 at 8:45 PM, Adam McDougall wrote: > On 05/29/2015 13:38, Kevin Oberman wrote: >> On Fri, May 29, 2015 at 10:10 AM, Russell L. Carter >> wrote: >> >>> Hi, >>> kldload vboxsrv crashes recent 10/stables. Last known working >>> kernel/module pair is from May 5th. >>> >>> Not sure what is the optimal next step, suggestions welcome. >>> >> >> Sounds like you have done this, but several reports have been made of this >> recently. All were "fixed" by rebuilding virtualbox-ose-kmod. Always >> rebuild all kernel modules that are in ports when rebuilding the kernel, >> preferably by adding the appropriate PORTS_MODULES to /etc/src.conf. >> -- >> Kevin Oberman, Network Engineer, Retired >> E-mail: rkoberman@gmail.com > > Won't this will be a problem if people use official packages (built on > 10.x-RELEASE) on a system running -stable? Wouldn't it mean an ABI was > violated? The KBI (kernel binary interface that the kernel modules use) is not part of the promised stability, only the userland ABI is guaranteed to stay compatible. -Kimmo From owner-freebsd-ports@FreeBSD.ORG Fri May 29 18:59:12 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8702F709 for ; Fri, 29 May 2015 18:59:12 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: from quine.pinyon.org (quine.pinyon.org [65.101.5.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5FADC1157 for ; Fri, 29 May 2015 18:59:11 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: by quine.pinyon.org (Postfix, from userid 122) id 9D6E1160298; Fri, 29 May 2015 11:59:10 -0700 (MST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on quine.pinyon.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.0 Received: from feyerabend.n1.pinyon.org (feyerabend.n1.pinyon.org [10.0.10.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by quine.pinyon.org (Postfix) with ESMTPSA id 75EC3160219; Fri, 29 May 2015 11:59:08 -0700 (MST) Message-ID: <5568B6FC.60700@pinyon.org> Date: Fri, 29 May 2015 11:59:08 -0700 From: "Russell L. Carter" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Kevin Oberman CC: FreeBSD Ports ML Subject: Re: 10/stable virtualbox-ose crashes References: <55689D79.3090907@pinyon.org> In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 18:59:12 -0000 Hi Kevin, On 05/29/15 10:38, Kevin Oberman wrote: > On Fri, May 29, 2015 at 10:10 AM, Russell L. Carter > wrote: > > Hi, > kldload vboxsrv crashes recent 10/stables. Last known working > kernel/module pair is from May 5th. > > Not sure what is the optimal next step, suggestions welcome. > > > Sounds like you have done this, but several reports have been made of Where were these reports made? Next time I'll look it up there first. > this recently. All were "fixed" by rebuilding virtualbox-ose-kmod. > Always rebuild all kernel modules that are in ports when rebuilding the > kernel, preferably by adding the appropriate PORTS_MODULES to /etc/src.conf. I just perused "pkg info -D virtualbox-ose" and don't see a mention of this, it might be a good idea to add the PORTS_MODULES bit to that message. Hmm, nvidia-driver-* doesn't have it either. googling, I see: "You can place a list in /etc/src.conf like this: PORTS_MODULES= emulators/virtualbox-ose-kmod sysutils/fusefs-kmod x11/nvidia-driver which will cause those modules to be built and installed with all the proper matching stuff at the same time as buildkernel and installkernel." I maintain my packages with poudriere. I build the world+kernel on another system and install via NFS onto the poudriere package builder. poudriere keeps its own world in a chroot, of course. But it doesn't build a kernel. Which src.conf should the PORTS_MODULES be added to? Thanks the help, Russell > Kevin Oberman, Network Engineer, Retired > E-mail: rkoberman@gmail.com > From owner-freebsd-ports@FreeBSD.ORG Fri May 29 21:15:46 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7138EB30 for ; Fri, 29 May 2015 21:15:46 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-ie0-x22d.google.com (mail-ie0-x22d.google.com [IPv6:2607:f8b0:4001:c03::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3BB0C1543 for ; Fri, 29 May 2015 21:15:46 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: by iepj10 with SMTP id j10so72177602iep.3 for ; Fri, 29 May 2015 14:15:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=bnqBsAS973uFe3oAFmCx6pnl+F37gO4p+zIUVgYfC7Y=; b=utgMsqZAojw+uwOGcrpKE+GXyl5vMsi8ELd2znOaDFm5EWMzGOWK/sBzCNc12wqY7B kMraiobCVqPPFqmFmpFqj15nfixE3MQQ9bd3kBiFc+02u1Y6+HWaS5scBZa6rMGoZ7KV hnLYXeqlloeu5qhBR9s+tVWvWU6524FQjsUNg3Q2nFbWPxIVkNsuv83sCXkyFpKePFO4 ik/SRInhAAPdUwt+aoRRmoc6Ovyu3q1MkjTjIpP5e/FJ0Se43x4rNIvbo2RiFB4jdm0P To0tCq5lYRNqQlWrfOs66W7S1ZwLtmBbMOqCMqycgdm4IjzBYdYJIgf9XDtA5EuFey7l LxaQ== MIME-Version: 1.0 X-Received: by 10.50.23.116 with SMTP id l20mr6622543igf.13.1432934145247; Fri, 29 May 2015 14:15:45 -0700 (PDT) Received: by 10.36.121.86 with HTTP; Fri, 29 May 2015 14:15:45 -0700 (PDT) In-Reply-To: <556746A4.4090208@FreeBSD.org> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> Date: Fri, 29 May 2015 17:15:45 -0400 Message-ID: Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) From: Robert Simmons To: "freebsd-ports@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 21:15:46 -0000 On Thu, May 28, 2015 at 12:47 PM, Bryan Drewery wrote: > I think the VUXML database needs to be simpler to contribute to. Only a > handful of committers feel comfortable touching the file. We have also > had the wrong pervasive mentality by committers and users that the vuxml > database should only have an entry if there is a committed fix. This is > totally wrong. These CVE are _already public_ in all of these cases. > Users deserve to know that there is a known issue with a package they > have installed. I can understand how the mentality grew to what it is > with some people, but the fact that there is not an update doesn't > change that the user's system is insecure and needs to be dealt with. If > the tool can't reliably report issues then it is not worth trusting. > TL;DR; the file needs to be simpler. I know there is an effort to use > CPE but I'm not too familiar with where it is going. > > As for maintainers tracking upstream mailing lists, this is hard. I'm > subscribed to a lot of lists and can't keep up with all of the traffic. > > The RedHat security team and reporting is very impressive. Don't forget > that they are a funded company though. Perhaps the FreeBSD Foundation > needs to fund a fulltime security officer that is devoted to both Ports > and Src. Just the Ports piece is easily a fulltime job. It seems from this thread that we have a group of people who are passionate enough about fixing this problem. How do we find out who the members of the Ports Secteam are? Once we know that, I'd say that at least some of the people on this thread are willing to join the Ports Secteam (myself included). How do we join the team? Once the team has new and energized members, I would envision the team then working through the problems that have been outlined in this thread and putting together a plan for fixing them. From owner-freebsd-ports@FreeBSD.ORG Fri May 29 21:19:11 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E0528E49 for ; Fri, 29 May 2015 21:19:11 +0000 (UTC) (envelope-from kob6558@gmail.com) Received: from mail-ig0-x232.google.com (mail-ig0-x232.google.com [IPv6:2607:f8b0:4001:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A853D159D for ; Fri, 29 May 2015 21:19:11 +0000 (UTC) (envelope-from kob6558@gmail.com) Received: by igbsb11 with SMTP id sb11so24368193igb.0 for ; Fri, 29 May 2015 14:19:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=z8ACgIduVkRIqaAeZiSpo/pisKpDn/Lmk3rRjYHA0fU=; b=NZv0lQUCF4SALlXI2FWtiRAvlp0DurDkzVI3+2Nr08EUIWllIrLDDxV6meKw4n0e4l Azg09xaBSXjcYojAgHVy5WP4LmfNsHvaryDyqKEeymg4cercNoejUpLT5hqVjL8VzpcJ YXfNZGiSTI/3sTORB6mzN/PU2q2opCpkGT0n0qq6deYu6A7pjTT6/OgLynaTz7EbvSbL hdi4g27gD7994tkbB+hgX03ZqZ7W6Oz3SghLvipn4/EFCIig9kx2vttMavkcodRcTenV StH9HrLooR37X81AdHBacghogXN6yDBz497++JinhiiKtp/oB7aDJlv4wN/0djiyOwdO 8sPw== MIME-Version: 1.0 X-Received: by 10.50.57.112 with SMTP id h16mr6522625igq.35.1432934350953; Fri, 29 May 2015 14:19:10 -0700 (PDT) Sender: kob6558@gmail.com Received: by 10.107.46.134 with HTTP; Fri, 29 May 2015 14:19:10 -0700 (PDT) In-Reply-To: <5568B6FC.60700@pinyon.org> References: <55689D79.3090907@pinyon.org> <5568B6FC.60700@pinyon.org> Date: Fri, 29 May 2015 14:19:10 -0700 X-Google-Sender-Auth: HU0lV4xN-aVEHSimXPtwGcZ9Ivo Message-ID: Subject: Re: 10/stable virtualbox-ose crashes From: Kevin Oberman To: "Russell L. Carter" Cc: FreeBSD Ports ML Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 21:19:12 -0000 On Fri, May 29, 2015 at 11:59 AM, Russell L. Carter wrote: > Hi Kevin, > > On 05/29/15 10:38, Kevin Oberman wrote: > >> On Fri, May 29, 2015 at 10:10 AM, Russell L. Carter > > wrote: >> >> Hi, >> kldload vboxsrv crashes recent 10/stables. Last known working >> kernel/module pair is from May 5th. >> >> Not sure what is the optimal next step, suggestions welcome. >> >> >> Sounds like you have done this, but several reports have been made of >> > > > Where were these reports made? Next time I'll look it up there first. > > this recently. All were "fixed" by rebuilding virtualbox-ose-kmod. >> Always rebuild all kernel modules that are in ports when rebuilding the >> kernel, preferably by adding the appropriate PORTS_MODULES to >> /etc/src.conf. >> > > I just perused "pkg info -D virtualbox-ose" and don't see a mention of > this, it might be a good idea to add the PORTS_MODULES bit to that > message. Hmm, nvidia-driver-* doesn't have it either. > > googling, I see: > > "You can place a list in /etc/src.conf like this: > > PORTS_MODULES= emulators/virtualbox-ose-kmod sysutils/fusefs-kmod > x11/nvidia-driver > > which will cause those modules to be built and installed with all the > proper matching stuff at the same time as buildkernel and > installkernel." > > I maintain my packages with poudriere. I build the world+kernel on > another system and install via NFS onto the poudriere package builder. > poudriere keeps its own world in a chroot, of course. But it doesn't > build a kernel. Which src.conf should the PORTS_MODULES be added to? > > Thanks the help, > Russell > If you run stable or current, I would not use packages for kernel modules. Build them from ports. They have nothing to link to, so the issues with mixing ports and packages should not arise. I don't know any sane way other than this to deal with kernel modules on stable or head. -- Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com From owner-freebsd-ports@FreeBSD.ORG Fri May 29 22:05:40 2015 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 081DFF4A for ; Fri, 29 May 2015 22:05:40 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from gw.catspoiler.org (cl-1657.chi-02.us.sixxs.net [IPv6:2001:4978:f:678::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 906E7113F for ; Fri, 29 May 2015 22:05:39 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2]) by gw.catspoiler.org (8.13.3/8.13.3) with ESMTP id t4TM0nJI073864; Fri, 29 May 2015 15:00:53 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Message-Id: <201505292200.t4TM0nJI073864@gw.catspoiler.org> Date: Fri, 29 May 2015 15:00:49 -0700 (PDT) From: Don Lewis Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) To: rsimmons0@gmail.com cc: freebsd-ports@FreeBSD.org In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 22:05:40 -0000 On 29 May, Robert Simmons wrote: > On Thu, May 28, 2015 at 12:47 PM, Bryan Drewery wrote: >> I think the VUXML database needs to be simpler to contribute to. Only a >> handful of committers feel comfortable touching the file. We have also >> had the wrong pervasive mentality by committers and users that the vuxml >> database should only have an entry if there is a committed fix. This is >> totally wrong. These CVE are _already public_ in all of these cases. >> Users deserve to know that there is a known issue with a package they >> have installed. I can understand how the mentality grew to what it is >> with some people, but the fact that there is not an update doesn't >> change that the user's system is insecure and needs to be dealt with. If >> the tool can't reliably report issues then it is not worth trusting. >> TL;DR; the file needs to be simpler. I know there is an effort to use >> CPE but I'm not too familiar with where it is going. >> >> As for maintainers tracking upstream mailing lists, this is hard. I'm >> subscribed to a lot of lists and can't keep up with all of the traffic. >> >> The RedHat security team and reporting is very impressive. Don't forget >> that they are a funded company though. Perhaps the FreeBSD Foundation >> needs to fund a fulltime security officer that is devoted to both Ports >> and Src. Just the Ports piece is easily a fulltime job. > > It seems from this thread that we have a group of people who are > passionate enough about fixing this problem. > > How do we find out who the members of the Ports Secteam are? Once we > know that, I'd say that at least some of the people on this thread are > willing to join the Ports Secteam (myself included). How do we join > the team? Ports Secteam really should be documented here: , but it is not. From owner-freebsd-ports@FreeBSD.ORG Fri May 29 22:16:37 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E2979389 for ; Fri, 29 May 2015 22:16:37 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: from quine.pinyon.org (quine.pinyon.org [65.101.5.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B8D2C161B for ; Fri, 29 May 2015 22:16:37 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: by quine.pinyon.org (Postfix, from userid 122) id 8EE521602E2; Fri, 29 May 2015 15:16:36 -0700 (MST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on quine.pinyon.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from feyerabend.n1.pinyon.org (feyerabend.n1.pinyon.org [10.0.10.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by quine.pinyon.org (Postfix) with ESMTPSA id 83E06160219; Fri, 29 May 2015 15:16:33 -0700 (MST) Message-ID: <5568E541.4090309@pinyon.org> Date: Fri, 29 May 2015 15:16:33 -0700 From: "Russell L. Carter" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Kevin Oberman CC: FreeBSD Ports ML Subject: Re: 10/stable virtualbox-ose crashes References: <55689D79.3090907@pinyon.org> <5568B6FC.60700@pinyon.org> In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2015 22:16:38 -0000 On 05/29/15 14:19, Kevin Oberman wrote: > On Fri, May 29, 2015 at 11:59 AM, Russell L. Carter > wrote: [...] > I maintain my packages with poudriere. I build the world+kernel on > another system and install via NFS onto the poudriere package builder. > poudriere keeps its own world in a chroot, of course. But it doesn't > build a kernel. Which src.conf should the PORTS_MODULES be added to? > > Thanks the help, > Russell > > > If you run stable or current, I would not use packages for kernel > modules. Build them from ports. They have nothing to link to, so the > issues with mixing ports and packages should not arise. > > I don't know any sane way other than this to deal with kernel modules on > stable or head. Ah. Now we get to the interesting problems. virtualbox-ose-kmod is a runtime dependency of virtualbox-ose, and my understanding was (maybe wrong?) that poudriere will build packages for all dependencies, and then pkg install virtualbox-ose will install those dependencies. src.conf's PORTS_MODULES updates the specified ports using the local ports tree, correct? I will need to ensure poudriere's ports tree is the same as /usr/ports. Then thinking about separate world/kernel and package builders, that begins to look very high maintenance. Both world and poudriere packages building should probably live on the same system. NFS installs would then require exporting /usr/ports on the world/pkgs build system so that clients could install the updated ports kernel modules specified in PORTS_MODULES. Still, the problem remains about how to make sure the right thing happens so that poudriere's kernel module packages built as dependencies don't conflict with PORTS_MODULES kernel modules. Gack. I give up for now. Russell > -- > Kevin Oberman, Network Engineer, Retired > E-mail: rkoberman@gmail.com From owner-freebsd-ports@FreeBSD.ORG Sat May 30 10:10:17 2015 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E90B0C15 for ; Sat, 30 May 2015 10:10:17 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org (portscout.freebsd.org [IPv6:2001:1900:2254:206a::50:6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D710A16B3 for ; Sat, 30 May 2015 10:10:17 +0000 (UTC) (envelope-from portscout@FreeBSD.org) Received: from portscout.freebsd.org ([127.0.1.123]) by portscout.freebsd.org (8.14.9/8.14.9) with ESMTP id t4UAAH11097101 for ; Sat, 30 May 2015 10:10:17 GMT (envelope-from portscout@FreeBSD.org) Received: (from portscout@localhost) by portscout.freebsd.org (8.14.9/8.14.9/Submit) id t4UAAHOh097095; Sat, 30 May 2015 10:10:17 GMT (envelope-from portscout@FreeBSD.org) Message-Id: <201505301010.t4UAAHOh097095@portscout.freebsd.org> X-Authentication-Warning: portscout.freebsd.org: portscout set sender to portscout@FreeBSD.org using -f Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Date: Sat, 30 May 2015 10:10:17 +0000 From: portscout@FreeBSD.org To: ports@freebsd.org Subject: FreeBSD ports you maintain which are out of date X-Mailer: portscout/0.8.1 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2015 10:10:18 -0000 Dear port maintainer, The portscout new distfile checker has detected that one or more of your ports appears to be out of date. Please take the opportunity to check each of the ports listed below, and if possible and appropriate, submit/commit an update. If any ports have already been updated, you can safely ignore the entry. You will not be e-mailed again for any of the port/version combinations below. Full details can be found at the following URL: http://portscout.freebsd.org/ports@freebsd.org.html Port | Current version | New version ------------------------------------------------+-----------------+------------ textproc/apache-solr | 4.10.4 | 5.1.0 ------------------------------------------------+-----------------+------------ If any of the above results are invalid, please check the following page for details on how to improve portscout's detection and selection of distfiles on a per-port basis: http://portscout.freebsd.org/info/portscout-portconfig.txt Thanks. From owner-freebsd-ports@FreeBSD.ORG Sat May 30 17:50:26 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 46BF3C82 for ; Sat, 30 May 2015 17:50:26 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: from quine.pinyon.org (quine.pinyon.org [65.101.5.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 105BD1AE2 for ; Sat, 30 May 2015 17:50:25 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: by quine.pinyon.org (Postfix, from userid 122) id A7777160298; Sat, 30 May 2015 10:50:18 -0700 (MST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on quine.pinyon.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.0 Received: from feyerabend.n1.pinyon.org (feyerabend.n1.pinyon.org [10.0.10.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by quine.pinyon.org (Postfix) with ESMTPSA id EFE3516015F for ; Sat, 30 May 2015 10:50:15 -0700 (MST) Message-ID: <5569F857.1020202@pinyon.org> Date: Sat, 30 May 2015 10:50:15 -0700 From: "Russell L. Carter" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: Re: 10/stable virtualbox-ose crashes References: <55689D79.3090907@pinyon.org> <5568A5A6.7050804@egr.msu.edu> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2015 17:50:26 -0000 Hi, On 05/29/15 10:52, Kimmo Paasiala wrote: > On Fri, May 29, 2015 at 8:45 PM, Adam McDougall wrote: >> On 05/29/2015 13:38, Kevin Oberman wrote: >>> On Fri, May 29, 2015 at 10:10 AM, Russell L. Carter >>> wrote: >>> >>>> Hi, >>>> kldload vboxsrv crashes recent 10/stables. Last known working >>>> kernel/module pair is from May 5th. >>>> >>>> Not sure what is the optimal next step, suggestions welcome. >>>> >>> >>> Sounds like you have done this, but several reports have been made of this >>> recently. All were "fixed" by rebuilding virtualbox-ose-kmod. Always >>> rebuild all kernel modules that are in ports when rebuilding the kernel, >>> preferably by adding the appropriate PORTS_MODULES to /etc/src.conf. >>> -- >>> Kevin Oberman, Network Engineer, Retired >>> E-mail: rkoberman@gmail.com >> >> Won't this will be a problem if people use official packages (built on >> 10.x-RELEASE) on a system running -stable? Wouldn't it mean an ABI was >> violated? > > > The KBI (kernel binary interface that the kernel modules use) is not > part of the promised stability, only the userland ABI is guaranteed to > stay compatible. According to: http://blog.shatow.net/posts/2015-04-27-Poudriere-FreeBSD-Journal/ "Packages are built for the oldest release of each branch. These packages are supposed to be ABI/KBI compatible with all future releases on those branches as well as the STABLE branch for that release. This means that packages built for 8.3 will work on 8.4 but are not guaranteed to work on 9.x." After sleeping on the problem, I think that the simplest approach to managing the evolution of the KBI in stable is to mark packages that depend on the KBI, port kernel modules for instance, as dependent on poudriere's world source tree. Then when the source tree is updated, on the first subsequent bulk package build port kernel modules would be correctly updated. This would eliminate the maintenance complexity I outlined in previous messages that arises from maintaining port kernel modules outside of poudriere. I just verified that updating poudriere's source tree does not currently cause any port kernel modules to be rebuilt. Comments? Thanks, Russell