From owner-cvs-all@FreeBSD.ORG  Mon Jun 25 01:10:44 2012
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 820881065676;
	Mon, 25 Jun 2012 01:10:44 +0000 (UTC)
	(envelope-from olgeni@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 53A028FC0A;
	Mon, 25 Jun 2012 01:10:44 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.4/8.14.4) with ESMTP id q5P1AiCJ081417;
	Mon, 25 Jun 2012 01:10:44 GMT
	(envelope-from olgeni@repoman.freebsd.org)
Received: (from olgeni@localhost)
	by repoman.freebsd.org (8.14.4/8.14.4/Submit) id q5P1AiYK081416;
	Mon, 25 Jun 2012 01:10:44 GMT (envelope-from olgeni)
Message-Id: <201206250110.q5P1AiYK081416@repoman.freebsd.org>
From: Jimmy Olgeni <olgeni@FreeBSD.org>
Date: Mon, 25 Jun 2012 01:10:44 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/www/yaws Makefile distinfo pkg-plist
 ports/www/yaws/files patch-man_yaws.conf.5 patch-scripts__gen-yaws
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the entire tree
	<cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jun 2012 01:10:44 -0000

olgeni      2012-06-25 01:10:44 UTC

  FreeBSD ports repository

  Modified files:
    www/yaws             Makefile distinfo pkg-plist 
    www/yaws/files       patch-man_yaws.conf.5 
  Added files:
    www/yaws/files       patch-scripts__gen-yaws 
  Log:
  Upgrade to version 1.93, which contains a security fix among other changes.
  
  From Erlyaws-list:
  
  "Use crypto:rand_bytes() instead of the cryptographically weak random
  module. Swedish security consultant and cryptographer Kalle
  Zetterlund discovered a way to - given a sequence of cookies produced
  by yaws_session_server - predict the next session id. Thus providing
  a gaping security hole into yaws servers that use the yaws_session_server
  to maintain cookie based HTTP sessions (klacke/kallez)"
  
  PR:             ports/169363
  Submitted by:   Kenji Rikitake <kenji.rikitake@acm.org>
  
  Revision  Changes    Path
  1.60      +11 -3     ports/www/yaws/Makefile
  1.40      +2 -2      ports/www/yaws/distinfo
  1.5       +4 -4      ports/www/yaws/files/patch-man_yaws.conf.5
  1.1       +20 -0     ports/www/yaws/files/patch-scripts__gen-yaws (new)
  1.37      +24 -4     ports/www/yaws/pkg-plist