From owner-svn-ports-branches@FreeBSD.ORG Mon Oct 6 15:25:29 2014
Return-Path:
Delivered-To: svn-ports-branches@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id 5185DECE;
Mon, 6 Oct 2014 15:25:29 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
[IPv6:2001:1900:2254:2068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id 3D7C0BB6;
Mon, 6 Oct 2014 15:25:29 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s96FPTAl043533;
Mon, 6 Oct 2014 15:25:29 GMT (envelope-from garga@FreeBSD.org)
Received: (from garga@localhost)
by svn.freebsd.org (8.14.9/8.14.9/Submit) id s96FPTif043532;
Mon, 6 Oct 2014 15:25:29 GMT (envelope-from garga@FreeBSD.org)
Message-Id: <201410061525.s96FPTif043532@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: garga set sender to
garga@FreeBSD.org using -f
From: Renato Botelho
Date: Mon, 6 Oct 2014 15:25:29 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
svn-ports-branches@freebsd.org
Subject: svn commit: r370187 - branches/2014Q4/sysutils/ucspi-tcp
X-SVN-Group: ports-branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Mon, 06 Oct 2014 15:25:29 -0000
Author: garga
Date: Mon Oct 6 15:25:28 2014
New Revision: 370187
URL: https://svnweb.freebsd.org/changeset/ports/370187
QAT: https://qat.redports.org/buildarchive/r370187/
Log:
MFH: r370153
- Fix build with option IPV6 disabled
PR: 193827
Submitted by: kyuupichan@gmail.com
Approved by: ports-secteam (zi@)
Modified:
branches/2014Q4/sysutils/ucspi-tcp/Makefile
Directory Properties:
branches/2014Q4/ (props changed)
Modified: branches/2014Q4/sysutils/ucspi-tcp/Makefile
==============================================================================
--- branches/2014Q4/sysutils/ucspi-tcp/Makefile Mon Oct 6 15:18:10 2014 (r370186)
+++ branches/2014Q4/sysutils/ucspi-tcp/Makefile Mon Oct 6 15:25:28 2014 (r370187)
@@ -108,6 +108,8 @@ PATCH_SITES+= ${MASTER_SITE_LOCAL:S/$/:
PATCH_SITE_SUBDIR+= garga/ucspi-tcp/:rss,ssl,rbl2smtpd
post-patch:
+ @${REINPLACE_CMD} -e 's/^extern int errno;/#include /' \
+ ${WRKSRC}/error.h
.if ${PORT_OPTIONS:MSSL}
@${REINPLACE_CMD} -e 's|#INCS=-I/usr/local/include|INCS=-I${OPENSSLBASE}/include|g; \
s|-lcrypto|-L${OPENSSLBASE}/lib |g' \
From owner-svn-ports-branches@FreeBSD.ORG Mon Oct 6 19:29:16 2014
Return-Path:
Delivered-To: svn-ports-branches@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id C711CB78;
Mon, 6 Oct 2014 19:29:16 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
[IPv6:2001:1900:2254:2068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id 9962DCB5;
Mon, 6 Oct 2014 19:29:16 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s96JTGaH061190;
Mon, 6 Oct 2014 19:29:16 GMT (envelope-from riggs@FreeBSD.org)
Received: (from riggs@localhost)
by svn.freebsd.org (8.14.9/8.14.9/Submit) id s96JTGKB061188;
Mon, 6 Oct 2014 19:29:16 GMT (envelope-from riggs@FreeBSD.org)
Message-Id: <201410061929.s96JTGKB061188@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: riggs set sender to
riggs@FreeBSD.org using -f
From: Thomas Zander
Date: Mon, 6 Oct 2014 19:29:16 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
svn-ports-branches@freebsd.org
Subject: svn commit: r370215 - branches/2014Q4/devel/allegro
X-SVN-Group: ports-branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Mon, 06 Oct 2014 19:29:16 -0000
Author: riggs
Date: Mon Oct 6 19:29:15 2014
New Revision: 370215
URL: https://svnweb.freebsd.org/changeset/ports/370215
QAT: https://qat.redports.org/buildarchive/r370215/
Log:
MFH: r370198
- Fix build when DOCS option is deselected
While on it:
- Remove @dirrm entries from pkg-plist
PR: 192491
Submitted by: arcade@b1t.name
Approved by: portmgr (erwin), maintainer timeout
Modified:
branches/2014Q4/devel/allegro/Makefile
branches/2014Q4/devel/allegro/pkg-plist
Directory Properties:
branches/2014Q4/ (props changed)
Modified: branches/2014Q4/devel/allegro/Makefile
==============================================================================
--- branches/2014Q4/devel/allegro/Makefile Mon Oct 6 19:24:56 2014 (r370214)
+++ branches/2014Q4/devel/allegro/Makefile Mon Oct 6 19:29:15 2014 (r370215)
@@ -88,10 +88,6 @@ post-patch:
@${REINPLACE_CMD} -e 's|jack_client = jack_client_new(jack_client_name);|jack_client = jack_client_open(jack_client_name, (jack_options_t)0, NULL);|' \
${WRKSRC}/src/unix/jack.c
.endif
-.if ! ${PORT_OPTIONS:MDOCS}
- @${REINPLACE_CMD} -e 's|add_subdirectory(docs)|#add_subdirectory(docs)|' \
- ${WRKSRC}/CMakeLists.txt
-.endif
post-install:
@${INSTALL_MAN} ${WRKSRC}/docs/man/*.3 ${STAGEDIR}${MAN3PREFIX}/man/man3/
Modified: branches/2014Q4/devel/allegro/pkg-plist
==============================================================================
--- branches/2014Q4/devel/allegro/pkg-plist Mon Oct 6 19:24:56 2014 (r370214)
+++ branches/2014Q4/devel/allegro/pkg-plist Mon Oct 6 19:29:15 2014 (r370215)
@@ -1060,11 +1060,3 @@ man/man3/xor_mode.3.gz
man/man3/xwin_set_window_name.3.gz
%%DEMOS%%%%EXAMPLES%%share/pixmaps/shooter.png
%%DEMOS%%%%EXAMPLES%%share/pixmaps/skater.png
-@dirrm lib/allegro/%%SHLIB_VER%%
-@dirrm lib/allegro
-@dirrm include/allegrogl/GLext
-@dirrm include/allegrogl
-@dirrm include/allegro/platform
-@dirrm include/allegro/internal
-@dirrm include/allegro/inline
-@dirrm include/allegro
From owner-svn-ports-branches@FreeBSD.ORG Tue Oct 7 06:54:50 2014
Return-Path:
Delivered-To: svn-ports-branches@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
[IPv6:2001:1900:2254:206a::19:1])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id CEE38591;
Tue, 7 Oct 2014 06:54:50 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
[IPv6:2001:1900:2254:2068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id A096BECB;
Tue, 7 Oct 2014 06:54:50 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s976so87094567;
Tue, 7 Oct 2014 06:54:50 GMT (envelope-from bapt@FreeBSD.org)
Received: (from bapt@localhost)
by svn.freebsd.org (8.14.9/8.14.9/Submit) id s976sogn094565;
Tue, 7 Oct 2014 06:54:50 GMT (envelope-from bapt@FreeBSD.org)
Message-Id: <201410070654.s976sogn094565@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: bapt set sender to bapt@FreeBSD.org
using -f
From: Baptiste Daroussin
Date: Tue, 7 Oct 2014 06:54:50 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
svn-ports-branches@freebsd.org
Subject: svn commit: r370274 - in branches/2014Q4/ports-mgmt/pkg: . files
X-SVN-Group: ports-branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Tue, 07 Oct 2014 06:54:50 -0000
Author: bapt
Date: Tue Oct 7 06:54:49 2014
New Revision: 370274
URL: https://svnweb.freebsd.org/changeset/ports/370274
QAT: https://qat.redports.org/buildarchive/r370274/
Log:
MFH: r370273
Fix a regression that made some plist errors non fatal
Reported by: antoine
Added:
branches/2014Q4/ports-mgmt/pkg/files/patch-plist-non-fatal
- copied unchanged from r370273, head/ports-mgmt/pkg/files/patch-plist-non-fatal
Modified:
branches/2014Q4/ports-mgmt/pkg/Makefile
Directory Properties:
branches/2014Q4/ (props changed)
Modified: branches/2014Q4/ports-mgmt/pkg/Makefile
==============================================================================
--- branches/2014Q4/ports-mgmt/pkg/Makefile Tue Oct 7 06:53:49 2014 (r370273)
+++ branches/2014Q4/ports-mgmt/pkg/Makefile Tue Oct 7 06:54:49 2014 (r370274)
@@ -2,7 +2,7 @@
PORTNAME= pkg
DISTVERSION= 1.3.8
-PORTREVISION= 2
+PORTREVISION= 3
_PKG_VERSION= ${DISTVERSION}
CATEGORIES= ports-mgmt
MASTER_SITES= \
Copied: branches/2014Q4/ports-mgmt/pkg/files/patch-plist-non-fatal (from r370273, head/ports-mgmt/pkg/files/patch-plist-non-fatal)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2014Q4/ports-mgmt/pkg/files/patch-plist-non-fatal Tue Oct 7 06:54:49 2014 (r370274, copy of r370273, head/ports-mgmt/pkg/files/patch-plist-non-fatal)
@@ -0,0 +1,31 @@
+diff --git libpkg/pkg_ports.c libpkg/pkg_ports.c
+index 33a29d0..21182b4 100644
+--- libpkg/pkg_ports.c
++++ libpkg/pkg_ports.c
+@@ -1141,7 +1141,7 @@ int
+ ports_parse_plist(struct pkg *pkg, const char *plist, const char *stage)
+ {
+ char *line = NULL;
+- int ret = EPKG_OK;
++ int ret, rc = EPKG_OK;
+ struct plist *pplist;
+ FILE *plist_f;
+ size_t linecap = 0;
+@@ -1162,6 +1162,8 @@ ports_parse_plist(struct pkg *pkg, const char *plist, const char *stage)
+ if (line[linelen - 1] == '\n')
+ line[linelen - 1] = '\0';
+ ret = plist_parse_line(pkg, pplist, line);
++ if (rc == EPKG_OK)
++ rc = ret;
+ }
+
+ free(line);
+@@ -1185,7 +1187,7 @@ ports_parse_plist(struct pkg *pkg, const char *plist, const char *stage)
+
+ plist_free(pplist);
+
+- return (ret);
++ return (rc);
+ }
+
+ int
From owner-svn-ports-branches@FreeBSD.ORG Tue Oct 7 11:23:30 2014
Return-Path:
Delivered-To: svn-ports-branches@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
[IPv6:2001:1900:2254:206a::19:1])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id C5EFC8E3;
Tue, 7 Oct 2014 11:23:30 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
[IPv6:2001:1900:2254:2068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id 95EC6F20;
Tue, 7 Oct 2014 11:23:30 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s97BNUT0025447;
Tue, 7 Oct 2014 11:23:30 GMT (envelope-from amdmi3@FreeBSD.org)
Received: (from amdmi3@localhost)
by svn.freebsd.org (8.14.9/8.14.9/Submit) id s97BNU6j025445;
Tue, 7 Oct 2014 11:23:30 GMT (envelope-from amdmi3@FreeBSD.org)
Message-Id: <201410071123.s97BNU6j025445@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: amdmi3 set sender to
amdmi3@FreeBSD.org using -f
From: Dmitry Marakasov
Date: Tue, 7 Oct 2014 11:23:30 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
svn-ports-branches@freebsd.org
Subject: svn commit: r370294 - in branches/2014Q4/graphics/devil: . files
X-SVN-Group: ports-branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Tue, 07 Oct 2014 11:23:30 -0000
Author: amdmi3
Date: Tue Oct 7 11:23:29 2014
New Revision: 370294
URL: https://svnweb.freebsd.org/changeset/ports/370294
QAT: https://qat.redports.org/buildarchive/r370294/
Log:
MFH: r370262
- Fix segfault (1)
- Fix duplicate PORTREVISION
PR: 194154 (1)
Submitted by: rndfax@yandex.ru
Approved by: portmgr
Added:
branches/2014Q4/graphics/devil/files/patch-src-IL__src__il_alloc.c
- copied unchanged from r370262, head/graphics/devil/files/patch-src-IL__src__il_alloc.c
Modified:
branches/2014Q4/graphics/devil/Makefile
Directory Properties:
branches/2014Q4/ (props changed)
Modified: branches/2014Q4/graphics/devil/Makefile
==============================================================================
--- branches/2014Q4/graphics/devil/Makefile Tue Oct 7 10:52:10 2014 (r370293)
+++ branches/2014Q4/graphics/devil/Makefile Tue Oct 7 11:23:29 2014 (r370294)
@@ -3,9 +3,8 @@
PORTNAME= devil
PORTVERSION= 1.7.8
-PORTREVISION= 36
+PORTREVISION= 18
PORTEPOCH= 1
-PORTREVISION= 17
CATEGORIES= graphics
MASTER_SITES= SF/openil/DevIL/${PORTVERSION}
DISTNAME= DevIL-${PORTVERSION}
Copied: branches/2014Q4/graphics/devil/files/patch-src-IL__src__il_alloc.c (from r370262, head/graphics/devil/files/patch-src-IL__src__il_alloc.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2014Q4/graphics/devil/files/patch-src-IL__src__il_alloc.c Tue Oct 7 11:23:29 2014 (r370294, copy of r370262, head/graphics/devil/files/patch-src-IL__src__il_alloc.c)
@@ -0,0 +1,11 @@
+--- src-IL/src/il_alloc.c.orig 2009-03-08 10:10:09.000000000 +0300
++++ src-IL/src/il_alloc.c 2014-10-07 01:39:56.201078445 +0400
+@@ -123,7 +123,7 @@
+ {
+ if (ptr)
+ {
+-#ifdef MM_MALLOC
++#if defined(VECTORMEM) && defined(MM_MALLOC)
+ _mm_free((void*)ptr);
+ #else
+ #if defined(VECTORMEM) & !defined(POSIX_MEMALIGN) & !defined(VALLOC) & !defined(MEMALIGN) & !defined(MM_MALLOC)
From owner-svn-ports-branches@FreeBSD.ORG Tue Oct 7 17:54:08 2014
Return-Path:
Delivered-To: svn-ports-branches@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
[IPv6:2001:1900:2254:206a::19:1])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id 92C6171A;
Tue, 7 Oct 2014 17:54:08 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
[IPv6:2001:1900:2254:2068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id 6333D792;
Tue, 7 Oct 2014 17:54:08 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s97Hs8iY021799;
Tue, 7 Oct 2014 17:54:08 GMT (envelope-from amdmi3@FreeBSD.org)
Received: (from amdmi3@localhost)
by svn.freebsd.org (8.14.9/8.14.9/Submit) id s97Hs7rK021797;
Tue, 7 Oct 2014 17:54:07 GMT (envelope-from amdmi3@FreeBSD.org)
Message-Id: <201410071754.s97Hs7rK021797@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: amdmi3 set sender to
amdmi3@FreeBSD.org using -f
From: Dmitry Marakasov
Date: Tue, 7 Oct 2014 17:54:07 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
svn-ports-branches@freebsd.org
Subject: svn commit: r370383 - in branches/2014Q4/graphics/gimageview: . files
X-SVN-Group: ports-branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Tue, 07 Oct 2014 17:54:08 -0000
Author: amdmi3
Date: Tue Oct 7 17:54:07 2014
New Revision: 370383
URL: https://svnweb.freebsd.org/changeset/ports/370383
QAT: https://qat.redports.org/buildarchive/r370383/
Log:
MFH: r370352
- Fix checking unitialized variable
- While here, add LICENSE
PR: 194210
Submitted by: enslay@gmail.com
Approved by: portmgr (bdrewery)
Added:
branches/2014Q4/graphics/gimageview/files/patch-plugins__image_view__gimv_mplayer.c
- copied unchanged from r370352, head/graphics/gimageview/files/patch-plugins__image_view__gimv_mplayer.c
Modified:
branches/2014Q4/graphics/gimageview/Makefile
Directory Properties:
branches/2014Q4/ (props changed)
Modified: branches/2014Q4/graphics/gimageview/Makefile
==============================================================================
--- branches/2014Q4/graphics/gimageview/Makefile Tue Oct 7 17:52:38 2014 (r370382)
+++ branches/2014Q4/graphics/gimageview/Makefile Tue Oct 7 17:54:07 2014 (r370383)
@@ -3,13 +3,16 @@
PORTNAME= gimageview
PORTVERSION= 0.2.27
-PORTREVISION= 17
+PORTREVISION= 18
CATEGORIES= graphics
MASTER_SITES= SF/gtkmmviewer/${PORTNAME}/${PORTVERSION}
MAINTAINER= ports@FreeBSD.org
COMMENT= Yet another GTK+ based image viewer
+LICENSE= GPLv2 # or later
+LICENSE_FILE= ${WRKSRC}/COPYING
+
LIB_DEPENDS= libjpeg.so:${PORTSDIR}/graphics/jpeg \
libpng15.so:${PORTSDIR}/graphics/png
Copied: branches/2014Q4/graphics/gimageview/files/patch-plugins__image_view__gimv_mplayer.c (from r370352, head/graphics/gimageview/files/patch-plugins__image_view__gimv_mplayer.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2014Q4/graphics/gimageview/files/patch-plugins__image_view__gimv_mplayer.c Tue Oct 7 17:54:07 2014 (r370383, copy of r370352, head/graphics/gimageview/files/patch-plugins__image_view__gimv_mplayer.c)
@@ -0,0 +1,20 @@
+Fixes check on unitialized variable
+--- plugins/image_view/gimv_mplayer.c.orig 2004-09-29 03:42:14.000000000 -0500
++++ plugins/image_view/gimv_mplayer.c 2014-10-06 23:43:40.000000000 -0400
+@@ -1480,13 +1480,13 @@
+ gint i, len, size;
+ gchar *src, *end;
+
++ src = buf;
++ size = bufsize;
++
+ g_return_if_fail (buf && stock_buf);
+ g_return_if_fail (size > 0 || size < GIMV_MPLAYER_BUF_SIZE);
+ g_return_if_fail (remain_size);
+
+- src = buf;
+- size = bufsize;
+-
+ while (src && size >= 0) {
+ end = NULL;
+
From owner-svn-ports-branches@FreeBSD.ORG Tue Oct 7 21:04:19 2014
Return-Path:
Delivered-To: svn-ports-branches@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
[IPv6:2001:1900:2254:206a::19:1])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id 9CB2B27C;
Tue, 7 Oct 2014 21:04:19 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
[IPv6:2001:1900:2254:2068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id 816FBEE1;
Tue, 7 Oct 2014 21:04:19 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s97L4JUB015621;
Tue, 7 Oct 2014 21:04:19 GMT (envelope-from ohauer@FreeBSD.org)
Received: (from ohauer@localhost)
by svn.freebsd.org (8.14.9/8.14.9/Submit) id s97L4JRX015619;
Tue, 7 Oct 2014 21:04:19 GMT (envelope-from ohauer@FreeBSD.org)
Message-Id: <201410072104.s97L4JRX015619@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: ohauer set sender to
ohauer@FreeBSD.org using -f
From: Olli Hauer
Date: Tue, 7 Oct 2014 21:04:19 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
svn-ports-branches@freebsd.org
Subject: svn commit: r370398 - branches/2014Q4/security/vuxml
X-SVN-Group: ports-branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Tue, 07 Oct 2014 21:04:19 -0000
Author: ohauer
Date: Tue Oct 7 21:04:18 2014
New Revision: 370398
URL: https://svnweb.freebsd.org/changeset/ports/370398
QAT: https://qat.redports.org/buildarchive/r370398/
Log:
MFH: r369765
Document the latest phpMyAdmin vulnerability.
- while here fix the '>' breakage in the rsyslogd entry.
Security: 3e8b7f8a-49b0-11e4-b711-6805ca0b3d42
MFH: r369772
- Document CVE-2014-7187 fixed in bash-4.3.27_1
MFH: r369780
Document CVE-2014-6277 and CVE-2014-6278 for bash.
MFH: r369783
Fix bash entries to also mark bash-static vulnerable
MFH: r369787
Document Jenkins vulnerabilities
Security: CVE-2014-3661
Security: CVE-2014-3662
Security: CVE-2014-3663
Security: CVE-2014-3664
Security: CVE-2014-3680
Security: CVE-2014-3681
Security: CVE-2014-3666
Security: CVE-2014-3667
Security: CVE-2013-2186
Security: CVE-2014-1869
Security: CVE-2014-3678
Security: CVE-2014-3679
MFH: r369790
Fix Jenkins entry to note that XSS is an issue, not as compiler
MFH: r369791
Update grammar of DoS in Jenkins entry
MFH: r369793
Update Jenkins entry 549a2771-49cc-11e4-ae2c-c80aa9043978 to be readable.
MFH: r369853
- Update the rsyslog entry to reflect the new versions
Reviewed by: bdrewery
MFH: r369859
www/rt42 < 4.2.8 is vulnerable to shellshock related exploits through
its SMIME integration.
Security: 81e2b308-4a6c-11e4-b711-6805ca0b3d42
MFH: r369863
Fix rsyslog entry for pkgname matching
MFH: r370209
- document bugzilla security issues
Approved by: portmgr (erwin)
Modified:
branches/2014Q4/security/vuxml/vuln.xml
Directory Properties:
branches/2014Q4/ (props changed)
Modified: branches/2014Q4/security/vuxml/vuln.xml
==============================================================================
--- branches/2014Q4/security/vuxml/vuln.xml Tue Oct 7 20:40:20 2014 (r370397)
+++ branches/2014Q4/security/vuxml/vuln.xml Tue Oct 7 21:04:18 2014 (r370398)
@@ -57,11 +57,296 @@ Notes:
-->
+
+ Bugzilla multiple security issues
+
+
+ bugzilla44
+ 4.4.6
+
+
+
+
+ Bugzilla Security Advisory
+
+ Unauthorized Account Creation
+ An attacker creating a new Bugzilla account can override certain
+ parameters when finalizing the account creation that can lead to the
+ user being created with a different email address than originally
+ requested. The overridden login name could be automatically added
+ to groups based on the group's regular expression setting.
+ Cross-Site Scripting
+ During an audit of the Bugzilla code base, several places
+ were found where cross-site scripting exploits could occur which
+ could allow an attacker to access sensitive information.
+ Information Leak
+ If a new comment was marked private to the insider group, and a flag
+ was set in the same transaction, the comment would be visible to
+ flag recipients even if they were not in the insider group.
+ Social Engineering
+ Search results can be exported as a CSV file which can then be
+ imported into external spreadsheet programs. Specially formatted
+ field values can be interpreted as formulas which can be executed
+ and used to attack a user's computer.
+
+
+
+
+ CVE-2014-1572
+ CVE-2014-1573
+ CVE-2014-1571
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1074812
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1075578
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1064140
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1054702
+
+
+ 2014-10-06
+ 2014-10-06
+
+
+
+
+ rt42 -- vulnerabilities related to shellshock
+
+
+ rt42
+ 4.2.04.2.8
+
+
+
+
+ Best Practical reports:
+
+ RT 4.2.0 and above may be vulnerable to arbitrary
+ execution of code by way of CVE-2014-7169, CVE-2014-7186,
+ CVE-2014-7187, CVE-2014-6277, or CVE-2014-6271 --
+ collectively known as "Shellshock." This vulnerability
+ requires a privileged user with access to an RT instance
+ running with SMIME integration enabled; it applies to both
+ mod_perl and fastcgi deployments. If you have already
+ taken upgrades to bash to resolve "Shellshock," you are
+ protected from this vulnerability in RT, and there is no
+ need to apply this patch. This vulnerability has been
+ assigned CVE-2014-7227.
+
+
+
+
+ http://blog.bestpractical.com/2014/10/security-vulnerability-in-rt-42x-cve-2014-7227.html
+ CVE-2014-7227
+
+
+ 2014-10-02
+ 2014-10-02
+
+
+
+
+ jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS
+
+
+ jenkins
+ 1.583
+
+
+ jenkins-lts
+ 1.565.3
+
+
+
+
+ Jenkins Security Advisory:
+
+ Description
+ SECURITY-87/CVE-2014-3661 (anonymous DoS attack through CLI
+ handshake)
+ This vulnerability allows unauthenticated users
+ with access to Jenkins' HTTP/HTTPS port to mount a DoS attack on
+ Jenkins through thread exhaustion.
+
+ SECURITY-110/CVE-2014-3662 (User name discovery)
+ Anonymous users can test if the user of a specific name exists or
+ not through login attempts.
+
+ SECURITY-127&128/CVE-2014-3663 (privilege escalation in job
+ configuration permission)
+ An user with a permission limited
+ to Job/CONFIGURE can exploit this vulnerability to effectively
+ create a new job, which should have been only possible for users
+ with Job/CREATE permission, or to destroy jobs that he/she does not
+ have access otherwise.
+
+ SECURITY-131/CVE-2014-3664 (directory traversal attack)
+ Users with Overall/READ permission can access arbitrary files in
+ the file system readable by the Jenkins process, resulting in the
+ exposure of sensitive information, such as encryption keys.
+
+ SECURITY-138/CVE-2014-3680 (Password exposure in DOM)
+ If a parameterized job has a default value in a password field,
+ that default value gets exposed to users with Job/READ permission.
+
+
+ SECURITY-143/CVE-2014-3681 (XSS vulnerability in Jenkins
+ core)
+ Reflected cross-site scripting vulnerability in Jenkins
+ core. An attacker can navigate the user to a carefully crafted URL
+ and have the user execute unintended actions.
+
+ SECURITY-150/CVE-2014-3666 (remote code execution from CLI)
+ Unauthenticated user can execute arbitrary code on Jenkins master
+ by sending carefully crafted packets over the CLI channel.
+
+ SECURITY-155/CVE-2014-3667 (exposure of plugin code)
+ Programs that constitute plugins can be downloaded by anyone with
+ the Overall/READ permission, resulting in the exposure of otherwise
+ sensitive information, such as hard-coded keys in plugins, if
+ any.
+
+ SECURITY-159/CVE-2013-2186 (arbitrary file system write)
+ Security vulnerability in commons fileupload allows
+ unauthenticated attacker to upload arbitrary files to Jenkins
+ master.
+
+ SECURITY-149/CVE-2014-1869 (XSS vulnerabilities in
+ ZeroClipboard)
+ reflective XSS vulnerability in one of the
+ library dependencies of Jenkins.
+
+ SECURITY-113/CVE-2014-3678 (XSS vulnerabilities in monitoring
+ plugin)
Monitoring plugin allows an attacker to cause a
+ victim into executing unwanted actions on Jenkins instance.
+
+ SECURITY-113/CVE-2014-3679 (hole in access control)
+ Certain pages in monitoring plugin are visible to anonymous users,
+ allowing them to gain information that they are not supposed to.
+
+
+ Severity
+ SECURITY-87 is rated medium, as it results in the
+ loss of functionality.
+
+ SECURITY-110 is rated medium, as it results in a
+ limited amount of information exposure.
+
+ SECURITY-127 and SECURITY-128 are rated high. The
+ formed can be used to further escalate privileges, and the latter
+ results inloss of data.
+
+ SECURITY-131 and SECURITY-138 is rated critical.
+ This vulnerabilities results in exposure of sensitie information
+ and is easily exploitable.
+
+ SECURITY-143 is rated high. It is a passive
+ attack, but it can result in a compromise of Jenkins master or loss
+ of data.
+
+ SECURITY-150 is rated critical. This attack can
+ be mounted by any unauthenticated anonymous user with HTTP
+ reachability to Jenkins instance, and results in remote code
+ execution on Jenkins.
+
+ SECURITY-155 is rated medium. This only affects
+ users who have installed proprietary plugins on publicly accessible
+ instances, which is relatively uncommon.
+
+ SECURITY-159 is rated critical. This attack can
+ be mounted by any unauthenticated anonymous user with HTTP
+ reachability to Jenkins instance.
+
+ SECURITY-113 is rated high. It is a passive
+ attack, but it can result in a compromise of Jenkins master or loss
+ of data.
+
+
+
+
+ https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
+ CVE-2014-3661
+ CVE-2014-3662
+ CVE-2014-3663
+ CVE-2014-3664
+ CVE-2014-3680
+ CVE-2014-3681
+ CVE-2014-3666
+ CVE-2014-3667
+ CVE-2013-2186
+ CVE-2014-1869
+ CVE-2014-3678
+ CVE-2014-3679
+
+
+ 2014-10-01
+ 2014-10-01
+
+
+
+
+ bash -- remote code execution
+
+
+ bash
+ bash-static
+ 4.3.25_2
+
+
+
+
+ Note that this is different than the public "Shellshock"
+ issue.
+ Specially crafted environment variables could lead to remote
+ arbitrary code execution. This was fixed in bash 4.3.27, however
+ the port was patched with a mitigation in 4.3.25_2.
+
+
+
+ http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html
+ CVE-2014-6277
+ CVE-2014-6278
+
+
+ 2014-09-27
+ 2014-10-01
+
+
+
+
+ phpMyAdmin -- XSS vulnerabilities
+
+
+ phpMyAdmin
+ 4.2.04.2.9.1
+
+
+
+
+ The phpMyAdmin development team reports:
+
+ With a crafted ENUM value it is possible to trigger an
+ XSS in table search and table structure pages. This
+ vulnerability can be triggered only by someone who is
+ logged in to phpMyAdmin, as the usual token protection
+ prevents non-logged-in users from accessing the required
+ pages.
+
+
+
+
+ http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php
+ CVE-2014-7217
+
+
+ 2014-10-01
+ 2014-10-01
+
+
+
bash -- out-of-bounds memory access in parser
bash
+ bash-static
4.3.27_1
@@ -74,11 +359,18 @@ Notes:
possibly leading to arbitrary code execution when evaluating
untrusted input that would not otherwise be run as code.
+
+ An off-by-one error was discovered in the way Bash was handling
+ deeply nested flow control constructs. Depending on the layout of
+ the .bss segment, this could allow arbitrary execution of code that
+ would not otherwise be executed by Bash.
+