OpenBSD ports changes summary for 2016-11-27 to 2016-12-04 inclusive ====================================================================
audio/libxmp audio/milkytracker audio/ncmpcpp converters/p5-Net-IDN-Encode databases databases/p5-DBD-mysql databases/py-sqlparse devel devel/cargo devel/cmake devel/git devel/libgsf devel/meson devel/p5-Config-IniFiles devel/premake4 devel/py-country devel/py-spark-parser devel/py-tox devel/quirks devel/subversion editors/vim editors/vim-spell emulators/hatari emulators/snes9x games/sdlpop games/slash games/teeworlds geo/qgis graphics/digikam-kde4 graphics/jpeg graphics/opencv graphics/p5-GD-Graph graphics/tiff graphics/ttfautohint graphics/vigra infrastructure/db lang/mruby mail mail/dovecot mail/dovecot-antispam mail/dovecot-pigeonhole mail/mozilla-thunderbird mail/neomutt mail/offlineimap mail/rmilter mail/roundcubemail mail/rspamd mail/thunderbird-i18n math/hdf5 meta/tor-browser multimedia/gstreamer1 net net/arm net/bro net/igmpproxy net/libpsl net/libstrophe net/monitoring-plugins net/openconnect net/openvpn net/profanity net/py-boto3 net/py-botocore net/py-libcloud net/py-socks net/rrdtool net/tor print/cups-filters productivity/baikal security/libsrtp security/stunnel sysutils sysutils/augeas sysutils/awscli sysutils/collectd sysutils/google-cloud-sdk sysutils/lsof sysutils/py-ghmi sysutils/riemann-c-client telephony/asterisk telephony/baresip textproc/highlight textproc/the_silver_searcher www/firefox-esr www/firefox-esr-i18n www/firefox-i18n www/goaccess www/kcgi www/links+ www/mozilla-firefox www/netsurf www/py-requests www/tor-browser x11/dbus x11/gnome x11/gtksourceview3 x11/kde4 == audio ============================================================= 01/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/audio libxmp - patches/patch-src_mix_paula_c ~ Makefile ~ distinfo ~ patches/patch-Makefile_in ~ patches/patch-src_common_h > Update libxmp to 4.4.1. > This is a bugfix release, no bump needed. > OK ajacoutot@ (fcambus@) milkytracker ~ Makefile > Update HOMEPAGE. (fcambus@) ncmpcpp ~ Makefile + patches/patch-src_actions_cpp + patches/patch-src_configuration_cpp + patches/patch-src_lyrics_cpp + patches/patch-src_tag_editor_cpp + patches/patch-src_tiny_tag_editor_cpp + patches/patch-src_window_h > Show detailed error message if writing tags fails > (upstream git commit 3868e32b9216e14247e0534061d1d02f3b8ab65d) > Show meaningful error message if MPD_PORT is not a number > (upstream git commit 8dde3944ee1878a7f26dd24bfe5e31f4e72c05b1) > lyrics: fix loading of files with DOS line endings > (upstream git commit dac0d4602f810d8f43e18beefdd43068e40308c3) > window: prevent ncurses from defining macros > (upstream git commit 6b73f0ebe1c05cb2b3b6973662e7b6c95eba4530) (dcoppa@) == converters ======================================================== 02/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/converters p5-Net-IDN-Encode ~ Makefile + patch-lib_Net_IDN_Punycode_xs > With the canaries turned on in malloc.conf, running the regression > tests of p5-Net-IDN-Encode crashed the Perl process. There was no > proper protection against heap overflow in the XS part. Grow the > destination string in encode_punycode() and decode_punycode() before > writing to it. This has to be checked every time. > Take maintainer. > OK jca@ (bluhm@) == databases ========================================================= 03/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/databases databases ~ Makefile > + py-sqlparse,python3 (danj@) p5-DBD-mysql ~ Makefile ~ distinfo > Security update to 4.041, fixes CVE-2016-1251 > spotted by afresh1@, thanks (giovanni@) ~ Makefile + patches/patch-dbdimp_c TAGGED OPENBSD_6_0 > backport fix for CVE-2016-1251 to 4.037 > ok afresh1@ (giovanni@) py-sqlparse ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-sqlparse-0.2.2 and add a py3 flavor (danj@) == devel ============================================================= 04/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/devel devel ~ Makefile > +meson (ajacoutot@) ~ Makefile > +premake4 (jca@) cargo ~ Makefile > Explicitely mark cargo as ONLY_FOR_ARCHS=amd64, as lang/rust is being > worked on for i386, but cargo will need more work... (landry@) cmake ~ Makefile ~ distinfo ~ patches/patch-CMakeLists_txt ~ patches/patch-Modules_CMakeCInformation_cmake ~ patches/patch-Modules_CMakeCXXInformation_cmake ~ patches/patch-Modules_CMakeDetermineJavaCompiler_cmake ~ patches/patch-Modules_CMakeFortranInformation_cmake ~ patches/patch-Modules_CMakeUnixFindMake_cmake ~ patches/patch-Modules_Compiler_G95-Fortran_cmake ~ patches/patch-Modules_Compiler_GNU-Fortran_cmake ~ patches/patch-Modules_Compiler_GNU_cmake ~ patches/patch-Modules_FindBoost_cmake ~ patches/patch-Modules_FindJNI_cmake ~ patches/patch-Modules_FindJava_cmake ~ patches/patch-Modules_FindKDE3_cmake ~ patches/patch-Modules_FindLua_cmake ~ patches/patch-Modules_FindMPEG2_cmake ~ patches/patch-Modules_FindMPEG_cmake ~ patches/patch-Modules_FindPythonInterp_cmake ~ patches/patch-Modules_FindPythonLibs_cmake ~ patches/patch-Modules_FindQt3_cmake ~ patches/patch-Modules_FindQt4_cmake ~ patches/patch-Modules_FindQt_cmake ~ patches/patch-Modules_FindRuby_cmake ~ patches/patch-Modules_FindSDL_cmake ~ patches/patch-Modules_FindTCL_cmake ~ patches/patch-Modules_FindTclStub_cmake ~ patches/patch-Modules_FindTclsh_cmake ~ patches/patch-Modules_FindWish_cmake ~ patches/patch-Modules_FindXMLRPC_cmake ~ patches/patch-Modules_Qt4ConfigDependentSettings_cmake ~ patches/patch-Source_CMakeLists_txt ~ patches/patch-Source_cmComputeLinkInformation_cxx ~ patches/patch-Source_cmGeneratorTarget_cxx ~ patches/patch-Source_cmTarget_cxx ~ patches/patch-Source_cmake_cxx ~ patches/patch-Source_kwsys_SystemTools_cxx ~ patches/patch-Tests_CMakeTests_ModuleNoticesTest_cmake_in ~ patches/patch-Tests_RunCMake_CMakeLists_txt ~ patches/patch-bootstrap ~ pkg/PLIST + patches/patch-Source_cmMessenger_cxx > Update to CMake-3.7.0 > Thanks to naddy@ who ran a bulk build with it (dcoppa@) ~ Makefile ~ distinfo ~ pkg/PLIST > Bugfixing update to cmake-3.7.1 (dcoppa@) git ~ Makefile ~ distinfo ~ patches/patch-Makefile ~ patches/patch-gitweb_gitweb_perl ~ patches/patch-t_test-lib_sh ~ pkg/PLIST-x11 + patches/patch-t_t1450-fsck_sh + patches/patch-t_t4062-diff-pickaxe_sh > Update to git-2.11.0 and fix some tests to make the testsuite run. > ok benoit@ (dcoppa@) libgsf ~ Makefile ~ distinfo > Update to libgsf-1.14.41. (ajacoutot@) meson + Makefile + distinfo + pkg/DESCR + pkg/PLIST > New import: > Import meson-0.36.0. p5-Config-IniFiles ~ Makefile ~ distinfo > update to p5-Config-IniFiles-2.94 (jasper@) premake4 + Makefile + distinfo + patches/patch-build_gmake_unix_Premake4_make + patches/patch-src_base_os_lua + pkg/PLIST + pkg/DESCR + files/scripts.c > New import: > Import premake, a build configuration tool ~ Makefile > Err, port mostly from Solene Rapenne, who also takes maintainership. (jca@) py-country ~ Makefile ~ distinfo > Update to py-country 16.11.27.1 (shadchin@) py-spark-parser ~ Makefile ~ distinfo > Update to py-spark-parser 1.5.1 (shadchin@) py-tox ~ Makefile ~ distinfo > Update to py-tox-2.5.0 (danj@) quirks ~ Makefile ~ files/Quirks.pm > Move lsof to the Attic. > Requires kmem access, is so coupled to the system internals that it > needs a /usr/src/sys checkout, and breaks regularly due to changes in > base. People used to it should be told to use fstat(1) & friends > instead. > ok landry@ sthen@ dcoppa@ (jca@) subversion ~ Makefile ~ distinfo > Update to Apache Subversion 1.9.5. (stsp@) ~ Makefile + patches/patch-subversion_libsvn_ra_serf_xml_c + patches/patch-subversion_libsvn_subr_xml_c + patches/patch-tools_server-side_mod_dontdothat_mod_dontdothat_c TAGGED OPENBSD_6_0 > For 6.0-stable: Patch CVE-2016-8734. > Already fixed in -current as part of update to Subversion 1.9.5. (stsp@) == editors =========================================================== 05/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/editors vim ~ Makefile > add a comment about vim-spell and major versions (sthen@) vim-spell ~ Makefile.inc ~ distinfo > Sync editors/vim-spell with editors/vim update to 8.0. > ok sthen@ (stsp@) == emulators ========================================================= 06/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/emulators hatari ~ Makefile > Restrict to i386 amd64 powerpc arm, as per src/cpu/sysdeps.h > http://build-failures.rhaalovely.net//sparc64/2016-11-21/emulators/hatari.l > og (jca@) snes9x ~ Makefile > Add another hqx failure to the list... (bentley@) == games ============================================================= 07/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/games sdlpop ~ Makefile > Don't attempt to build on BE archs. > http://build-failures.rhaalovely.net//sparc64/2016-11-21/games/sdlpop.log > (jca@) slash ~ Makefile ~ distinfo + patches/patch-include_global_h > Usable MASTER_SITES for the nethack distfiles. > Slash-Unix still has a broken MASTER_SITES, it should probably be > mirrored by someone who cares. (jca@) ~ Makefile > patch-include_global_h fixes a bug with wide terminals, bump REVISION > Problem reported by Solene Rapenne (jca@) teeworlds ~ Makefile ~ distinfo ~ pkg/PLIST > SECURITY update to teeworlds-0.6.4 > Add a workaround for powerpc while here. > From Donovan Watteau (maintainer). (jca@) ~ patches/patch-src_engine_client_sound_cpp > regen patch (jca@) ~ Makefile + patches/patch-src_engine_client_client_cpp + patches/patch-src_engine_shared_snapshot_h TAGGED OPENBSD_6_0 > SECURITY fix for CVE-2016-9400. (jca@) ~ patches/patch-src_engine_client_client_cpp ~ patches/patch-src_engine_shared_snapshot_h TAGGED OPENBSD_6_0 > CVE id and url to upstream commit (jca@) == geo =============================================================== 08/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/geo qgis ~ Makefile ~ distinfo ~ patches/patch-cmake_FindGDAL_cmake ~ patches/patch-cmake_FindGEOS_cmake ~ patches/patch-cmake_FindPostgres_cmake ~ patches/patch-src_app_qgisapp_cpp ~ patches/patch-src_core_CMakeLists_txt ~ pkg/PLIST + patches/patch-src_gui_qgisgui_h > Bugfix update to qgis 2.18.1 (landry@) == graphics ========================================================== 09/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/graphics digikam-kde4 ~ Makefile > Add alternative MASTER_SITES. Our digikam version was moved to Attic > by upstream. > Noticed by Rafael Sadowski, thanks! > Committed on behalf of zhuk@ (kirby@) jpeg ~ Makefile + patches/patch-simd_jsimd_powerpc_c > Enable Altivec acceleration in libjpeg-turbo for the PPC CPUs which support > it - detection is done at runtime. > Patch from Donovan Watteau, thanks! > ok sthen@ (landry@) opencv ~ Makefile ~ distinfo ~ patches/patch-apps_haartraining_CMakeLists_txt ~ patches/patch-cmake_OpenCVDetectPython_cmake ~ patches/patch-modules_core_include_opencv2_core_version_hpp ~ pkg/PLIST-docs ~ pkg/PLIST-java ~ pkg/PLIST-main > update to opencv-2.4.13, from maintainer Rafael Sadowski with a few tweaks > by me > and ok with him. (sthen@) p5-GD-Graph ~ Makefile ~ distinfo > Update to p5-GD-Graph-1.54. (benoit@) tiff - patches/patch-libtiff_tif_next_c - patches/patch-libtiff_tif_pixarlog_c - patches/patch-tools_gif2tiff_c ~ Makefile ~ distinfo ~ patches/patch-Makefile_in ~ patches/patch-libtiff_tif_extension_c ~ patches/patch-libtiff_tif_getimage_c ~ patches/patch-libtiff_tif_luv_c ~ patches/patch-man_Makefile_in ~ patches/patch-test_Makefile_in ~ patches/patch-tools_Makefile_in ~ pkg/PLIST > Update to 4.0.7. > * Multiple security fixes, including > CVE-2016-3622, CVE-2014-8127, CVE-2016-9273, CVE-2016-9448, > MSVR 35094, MSVR 35095, MSVR 35105 > * Remove obsolete tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, > ycbcr (naddy@) - patches/patch-libtiff_tif_next_c - patches/patch-libtiff_tif_pixarlog_c - patches/patch-tools_gif2tiff_c ~ Makefile ~ distinfo ~ patches/patch-Makefile_in ~ patches/patch-libtiff_tif_compress_c ~ patches/patch-libtiff_tif_extension_c ~ patches/patch-libtiff_tif_getimage_c ~ patches/patch-libtiff_tif_luv_c ~ patches/patch-man_Makefile_in ~ patches/patch-test_Makefile_in ~ patches/patch-tools_Makefile_in ~ pkg/PLIST + patches/patch-libtiff_tif_dir_c + patches/patch-libtiff_tif_dirinfo_c TAGGED OPENBSD_6_0 > Update to 4.0.7. > * Multiple security fixes, including > CVE-2016-3622, CVE-2014-8127, CVE-2016-9273, CVE-2016-9448, > MSVR 35094, MSVR 35095, MSVR 35105 > * Remove obsolete tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, > ycbcr > Minor patches to maintain ABI compatibility with 4.0.6. (naddy@) - patches/patch-libtiff_tif_next_c - patches/patch-libtiff_tif_pixarlog_c - patches/patch-tools_gif2tiff_c ~ Makefile ~ distinfo ~ patches/patch-Makefile_in ~ patches/patch-libtiff_tif_compress_c ~ patches/patch-libtiff_tif_extension_c ~ patches/patch-libtiff_tif_getimage_c ~ patches/patch-libtiff_tif_luv_c ~ patches/patch-man_Makefile_in ~ patches/patch-test_Makefile_in ~ patches/patch-tools_Makefile_in ~ pkg/PLIST + patches/patch-libtiff_tif_dir_c + patches/patch-libtiff_tif_dirinfo_c TAGGED OPENBSD_5_9 > Update to 4.0.7. > * Multiple security fixes, including > CVE-2016-3622, CVE-2014-8127, CVE-2016-9273, CVE-2016-9448, > MSVR 35094, MSVR 35095, MSVR 35105 > * Remove obsolete tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, > ycbcr > Minor patches to maintain ABI compatibility with 4.0.6. (naddy@) ~ Makefile TAGGED OPENBSD_5_9 > bump REVISION to clearly distinguish this from the -stable package, > which has a different shared library major version; ok jca@ kili@ (naddy@) ttfautohint ~ Makefile ~ distinfo > update to ttfautohint-1.6 (jasper@) vigra ~ Makefile > Fix typo in CONFIGURE_ARGS to prevent picking up math/hdf5 and breaking > bulk builds. > Reported by naddy@, thanks! (kirby@) == infrastructure ==================================================== 10/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/infrastructure db ~ user.list > +rmilter (sthen@) == lang ============================================================== 11/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang mruby ~ Makefile > Broken on sparc64 > http://build-failures.rhaalovely.net//sparc64/2016-11-21/lang/mruby.log > (jca@) == mail ============================================================== 12/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail mail ~ Makefile > +rmilter (sthen@) dovecot ~ Makefile ~ distinfo ~ patches/patch-doc_mkcert_sh ~ patches/patch-src_lib-dcrypt_dcrypt-openssl_c ~ patches/patch-src_lib-ssl-iostream_dovecot-openssl-common_c ~ pkg/PLIST-server > update to dovecot-2.2.27, and use https HOMEPAGE. From Brad. > CVE-2016-8652 (the version in 6.0 isn't affected): "If auth-policy > component has been activated in Dovecot, then remote user can use > SASL authentication to crash auth component. Workaround is to disable > auth-policy component until fix is in place." (sthen@) dovecot-antispam ~ Makefile ~ patches/patch-doc_dovecot-antispam_7_txt > http->https, from Brad. > also fix the local patch to the input file generating dovecot-antispam(7), > which resulted in minor corruption in a table (from me). (sthen@) dovecot-pigeonhole ~ Makefile > http->https, from Brad. > also fix the local patch to the input file generating dovecot-antispam(7), > which resulted in minor corruption in a table (from me). (sthen@) mozilla-thunderbird ~ Makefile ~ distinfo > Security update to thunderbird 45.5.1. > See https://www.mozilla.org/en-US/thunderbird/45.5.1/releasenotes/ > (landry@) neomutt ~ Makefile ~ distinfo ~ pkg/PLIST > update to neomutt-20161126 (sthen@) offlineimap ~ Makefile ~ distinfo > Update to offlineimap-7.0.10 > from maintainer Remi Locherer (jca@) rmilter + Makefile + distinfo + patches/patch-CMakeLists_txt + patches/patch-contrib_http-parser_CMakeLists_txt + patches/patch-contrib_xxhash_CMakeLists_txt + patches/patch-hiredis_CMakeLists_txt + patches/patch-rmilter_conf_sample + patches/patch-contrib_lc-btrie_CMakeLists_txt + patches/patch-contrib_zstd_CMakeLists_txt + patches/patch-src_upstream_c + pkg/DESCR + pkg/PLIST + pkg/rmilter.rc > New import: > import ports/mail/rmilter, testing/tweaks Johan Huldtgren, review/ok > jca ~ Makefile > avoid unnecessary >80col line (sthen@) roundcubemail ~ Makefile ~ distinfo ~ patches/patch-config_defaults_inc_php ~ pkg/PLIST > update to roundcubemail-1.2.3 (sthen@) ~ Makefile ~ distinfo ~ patches/patch-config_defaults_inc_php ~ pkg/PLIST ~ pkg/README TAGGED OPENBSD_6_0 > MFC update to roundcubemail-1.2.3 (and sync README changes etc). > Note that the update to 1.2.2 added a new directory containing index.php > and > various symlinks to the only files which need to be served directly; it is > strongly recommended that you use this new > /var/www/roundcubemail/public_html > dir instead of /var/www/roundcubemail as your document root. This > simplifies > your webserver configuration to exclude non-public files - logs etc - and > is > especially helpful if using a web server that does not use .htaccess. > (sthen@) ~ Makefile ~ pkg/PLIST TAGGED OPENBSD_6_0 > /var/www/roundcubemail/db should have been owned by root:www; pointed out > by > Philippe Leledy via ajacouot@ (sthen@) rspamd ~ Makefile ~ distinfo ~ patches/patch-src_libserver_html_c ~ patches/patch-src_libserver_url_c ~ pkg/PLIST > update to rspamd-1.4.0, from Brad (sthen@) - patches/patch-src_libserver_html_c - patches/patch-src_libserver_url_c > remote zero-byte files (sthen@) ~ Makefile ~ distinfo ~ patches/patch-CMakeLists_txt ~ pkg/PLIST > update to rspamd-1.4.1 (sthen@) ~ Makefile + patches/patch-contrib_aho-corasick_CMakeLists_txt + patches/patch-contrib_hiredis_CMakeLists_txt + patches/patch-contrib_http-parser_CMakeLists_txt + patches/patch-contrib_lc-btrie_CMakeLists_txt + patches/patch-contrib_libottery_CMakeLists_txt + patches/patch-contrib_linenoise_CMakeLists_txt + patches/patch-contrib_lpeg_CMakeLists_txt + patches/patch-contrib_xxhash_CMakeLists_txt + patches/patch-contrib_zstd_CMakeLists_txt > get rid of some forced -O3 (sthen@) thunderbird-i18n ~ Makefile.inc ~ distinfo > Security update to thunderbird 45.5.1. > See https://www.mozilla.org/en-US/thunderbird/45.5.1/releasenotes/ > (landry@) == math ============================================================== 13/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/math hdf5 ~ Makefile ~ distinfo > Update to HDF5 1.8.18 > OK pirofti@ (feinerer@) == meta ============================================================== 14/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/meta tor-browser ~ Makefile > Update to tor-browser 6.0.7, patching CVE-2016-9079 (Use-after-free in > SVG Animation). > updates: > - https-everywhere to 5.2.7 > - noscript to 2.9.5.2 > - tor-launcher to 0.2.9.4 > - torbutton to 1.9.5.12 > From MAINTAINER attila // stalphonsos // com. (landry@) == multimedia ======================================================== 15/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/multimedia gstreamer1 - py-gstreamer/patch-gst_flx_gstflxdec_c ~ Makefile.inc ~ core/Makefile ~ core/distinfo ~ plugins-bad/Makefile ~ plugins-bad/distinfo ~ plugins-base/Makefile ~ plugins-base/distinfo ~ plugins-good/Makefile ~ plugins-good/distinfo ~ plugins-libav/distinfo ~ plugins-libav/patch-gst-libs_ext_libav_configure ~ plugins-ugly/distinfo ~ py-gstreamer/distinfo > Bump the gstreamer1 stack to version 1.10.2. (ajacoutot@) == net =============================================================== 16/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net net ~ Makefile > - introduce a flavour for a version of openconnect with fewer dependencies > (no smartcard/libproxy support, etc) > - update DESCR (sthen@) arm ~ Makefile > Drop dep on lsof, which will soon leave the ports tree. > Note that weakening the security of the system to make lsof work > actually resulted in the arm process hanging, so it is actually a gain. > (jca@) bro ~ Makefile ~ pkg/PLIST > Needs gfind to run some of the bro scripts. > @sample local-logger.bro which was forgotten after the update to 2.5. > reported by Daniel Thayer, thanks! (ajacoutot@) - patches/patch-aux_broctl_bin_broctl_in ~ Makefile ~ pkg/README > Drop the setrlimit patch, it's not needed anymore; prodded by Daniel Thayer > http -> https in README while here. (ajacoutot@) igmpproxy ~ Makefile ~ pkg/README > Misc. tweaks > - kill the end of README > - more precise license marker > - adjust whitespace > - enforce LDFLAGS > - add NO_TEST > ok markus (maintainer) (jca@) libpsl ~ Makefile ~ distinfo ~ patches/patch-src_psl2c_c ~ pkg/PLIST > Update to libpsl-0.15.0 and take maintainership. (jca@) libstrophe - patches/patch-Makefile_am - patches/patch-configure_ac ~ Makefile ~ distinfo > Update libstrophe to 0.9.1. Initial diff from Rafael Sadowski, > improved version from sthen > ok feinerer (tb@) monitoring-plugins ~ Makefile ~ distinfo ~ pkg/DESCR-dbi ~ pkg/DESCR-fping ~ pkg/DESCR-game ~ pkg/DESCR-ldap ~ pkg/DESCR-mysql ~ pkg/DESCR-pgsql ~ pkg/DESCR-samba ~ pkg/DESCR-snmp + pkg/DESCR-radius + pkg/PLIST-radius > update to monitoring-plugins-2.2 > enable radius plugin (using radcli library) while there (sthen@) openconnect ~ Makefile ~ pkg/DESCR > - introduce a flavour for a version of openconnect with fewer dependencies > (no smartcard/libproxy support, etc) > - update DESCR (sthen@) openvpn - patches/patch-Makefile_in ~ Makefile ~ distinfo ~ patches/patch-configure ~ patches/patch-include_Makefile_in ~ patches/patch-sample_sample-config-files_server_conf ~ patches/patch-sample_sample-config-files_static-home_conf ~ patches/patch-sample_sample-config-files_static-office_conf ~ pkg/PLIST > Update to openvpn-2.3.13 > ChangeLog at https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23 > ok sthen@ (maintainer) (jca@) ~ Makefile > Take maintainership > Discussed with sthen@ (jca@) profanity ~ Makefile ~ distinfo ~ patches/patch-configure_ac ~ pkg/PLIST + pkg/patch-tests_unittests_tools_stub_http_upload_c > update profanity to 0.5.0. From Rafael Sadowski > ok feinerer (tb@) py-boto3 ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-boto3-1.4.2. (ajacoutot@) py-botocore ~ Makefile ~ distinfo > Update to py-botocore-1.4.79. (ajacoutot@) ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-botocore-1.4.80. (ajacoutot@) ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-botocore-1.4.81. (ajacoutot@) py-libcloud ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-libcloud-1.4.0. (ajacoutot@) py-socks ~ Makefile ~ distinfo > Update to py-socks 1.6.4 (shadchin@) rrdtool ~ Makefile > Enable tests > Two tests are currently failing (reason unknown). > ok sthen@ (maintainer) (jca@) ~ Makefile + patches/patch-src_rrd_graph_helper_c + patches/patch-src_rrd_lastupdate_c + patches/patch-src_rrd_tool_c > Fix some time_t warnings, potentially harmful on 32 bits archs. > ok sthen@ (maintainer) (jca@) tor ~ Makefile ~ distinfo > Update to tor 0.2.8.10. (pascal@) == print ============================================================= 17/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/print cups-filters ~ Makefile ~ distinfo ~ pkg/PLIST > Update to cups-filters-1.12.0. (ajacoutot@) == productivity ====================================================== 18/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/productivity baikal - pkg/patch-Specific_virtualhosts_baikal_nginx ~ Makefile ~ distinfo ~ pkg/PLIST ~ pkg/README > Update to baikal-0.4.6 > from Remi Locherer (jca@) == security ========================================================== 19/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/security libsrtp ~ Makefile ~ distinfo + patches/patch-crypto_cipher_cipher_c + patches/patch-crypto_rng_rand_source_c > update to libsrtp-1.5.4, switch to libressl crypto primitives, sprinkle > some arc4random (sthen@) ~ Makefile > switch back to own crypto primitives, asterisk autoconf needs whacking > first (sthen@) stunnel ~ Makefile ~ distinfo > update to 5.38 (gsoares@) == sysutils ========================================================== 20/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/sysutils sysutils ~ Makefile > +riemann-c-client (landry@) ~ Makefile > Move lsof to the Attic. > Requires kmem access, is so coupled to the system internals that it > needs a /usr/src/sys checkout, and breaks regularly due to changes in > base. People used to it should be told to use fstat(1) & friends > instead. > ok landry@ sthen@ dcoppa@ (jca@) augeas - patches/patch-lenses_csv_aug ~ Makefile ~ distinfo ~ patches/patch-man_augparse_1 ~ pkg/PLIST > - update to augeas-1.7.0 > * includes a new lens for opendkim.conf (jasper@) awscli ~ Makefile ~ distinfo > Update to awscli-1.11.22. (ajacoutot@) ~ Makefile ~ distinfo > Update to awscli-1.11.23. (ajacoutot@) ~ Makefile ~ distinfo ~ pkg/PLIST > Update to awscli-1.11.24. (ajacoutot@) collectd ~ Makefile ~ patches/patch-src_processes_c + patches/patch-src_swap_c + patches/patch-src_tcpconns_c > Use KVM_NO_FILES to unbreak processes and swap plugins. > The tcpconns plugin needs more work, using kvm_getfiles(3) or sysctl(3). > Prodded by landry@ (jca@) - patches/patch-configure - patches/patch-src_libcollectdclient_Makefile_in ~ Makefile ~ distinfo ~ patches/patch-Makefile_in ~ patches/patch-src_Makefile_in ~ patches/patch-src_collectd_conf_in ~ patches/patch-src_daemon_Makefile_in ~ patches/patch-src_pf_c ~ patches/patch-src_processes_c ~ patches/patch-src_swap_c ~ patches/patch-src_tcpconns_c ~ pkg/PLIST-main + pkg/DESCR-riemann + pkg/PLIST-riemann > Update to collectd 5.6.2. > - put the write_riemann plugin in its own subpackage, depending on > riemann-c-client. > - disable protobuf-c detection/dependency, used by two plugins we dont > enable (pinba and grpc) > - fix some WANTLIB > - the processes and tcpconns plugin still seem to be busted, calling > kvm_openfiles with O_RDONLY|KVM_NO_FILES is apparently not enough. > Interestingly, swap plugin (using the same code) works ? > Based on a diff from Pavel Korovin for 5.6.1, thanks! (landry@) - patches/patch-src_swap_c > Kill useless patch. > This plugin uses swapctl(2), not kvm_getswapinfo(3) (which we don't > provide). (jca@) ~ Makefile ~ patches/patch-src_processes_c ~ patches/patch-src_tcpconns_c > Unbreak the kvm(3) calls used by the processes and tcpconns plugins. > - patch the correct kvm_open call to use KVM_NO_FILES. Also, use > kvm_openfiles instead, as was probably intended > - add a new implementation for tcpconns, based on kvm_getfiles instead > of peeking at kernel memory > ok landry@ (jca@) google-cloud-sdk ~ Makefile ~ distinfo ~ pkg/PLIST > Update to google-cloud-sdk-136.0.0. (ajacoutot@) lsof - Makefile - distinfo - patches/patch-Configure - patches/patch-dialects_n+obsd_dlsof_h - patches/patch-dialects_n+obsd_dnode_c - patches/patch-dialects_n+obsd_dproc_c - patches/patch-dialects_n+obsd_dstore_c - patches/patch-dialects_n+obsd_machine_h - patches/patch-lsof_8 - pkg/DESCR - pkg/PLIST > Move lsof to the Attic. > Requires kmem access, is so coupled to the system internals that it > needs a /usr/src/sys checkout, and breaks regularly due to changes in > base. People used to it should be told to use fstat(1) & friends > instead. > ok landry@ sthen@ dcoppa@ (jca@) py-ghmi ~ Makefile ~ distinfo > update to py-ghmi-1.0.13 (jasper@) riemann-c-client + distinfo + Makefile + pkg/DESCR + pkg/PLIST + patches/patch-src_cmd-send_c + patches/patch-Makefile_am > New import: > Import riemann-c-client 1.9.1, from Pavel Korovin. == telephony ========================================================= 21/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/telephony asterisk - patches/patch-res_res_rtp_asterisk_c ~ Makefile ~ distinfo ~ patch-configs_samples_asterisk_conf_sample ~ patch-configure_ac ~ pkg/PLIST-main > update to asterisk-13.13.0 (sthen@) baresip ~ rem/Makefile ~ rem/distinfo > Update to rem-0.5.0 (czarkoff@) == textproc ========================================================== 22/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/textproc highlight ~ Makefile ~ distinfo ~ pkg/PLIST > Update to highlight-3.33. (benoit@) the_silver_searcher ~ Makefile ~ distinfo ~ pkg/PLIST > update to the_silver_searcher-1.0.1, from maintainer Florian Stinglmayr, > tweak by me and ok with Florian. (sthen@) == www =============================================================== 23/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www firefox-esr ~ Makefile ~ distinfo > Security update to firefox-esr 45.5.1. > See https://www.mozilla.org/en-US/firefox/45.5.1/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ (link not > up yet). A javascript exploit for windows was found in the wild, and the > vulnerability could technically be exploited on other platforms.. (landry@) firefox-esr-i18n ~ Makefile.inc ~ distinfo > Security update to firefox-esr 45.5.1. > See https://www.mozilla.org/en-US/firefox/45.5.1/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ (link not > up yet). A javascript exploit for windows was found in the wild, and the > vulnerability could technically be exploited on other platforms.. (landry@) firefox-i18n ~ Makefile.inc ~ distinfo > Bugfix update to firefox 50.0.1. > See https://www.mozilla.org/en-US/firefox/50.0.1/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/ (landry@) ~ Makefile.inc ~ distinfo > Security update to firefox 50.0.2. > See https://www.mozilla.org/en-US/firefox/50.0.2/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ (link not > up yet). A javascript exploit for windows was found in the wild, and the > vulnerability could technically be exploited on other platforms.. (landry@) ~ distinfo > Fix botched distinfo (landry@) goaccess ~ Makefile ~ distinfo > update to goaccess-1.1.1 (kirby@) kcgi ~ Makefile ~ distinfo > Update kcgi to 0.9.2 > Fixes cookie handling and various typos. (jturner@) links+ ~ Makefile ~ distinfo ~ patches/patch-https_c > Update links+ to 2.14. > From maintainer Tim Meunier. (fcambus@) ~ Makefile ~ distinfo ~ patches/patch-html_c ~ patches/patch-https_c TAGGED OPENBSD_6_0 > SECURITY update to links-2.14 > Relevant changes: > * Limit keepalive of ciphers with 64-bit block size to mitigate > the SWEET32 attack > * Improved tor hardening - when the user toggles the "Only Proxies" option > (i.e. when connecting to tor), we reset certain other options to their > default values, so that it is not possible to identify user behind tor > based on the selected options. > * Security bug fixed: Don't load or render the content of > "407 Proxy Authentication Required" reply when using https proxy. > This avoids the FalseCONNECT attack. > Also, don't allow 401 and 407 responses to set cookies. > Tested on 6.0 by Tim Meunier (maintainer) (jca@) mozilla-firefox ~ Makefile ~ distinfo > Bugfix update to firefox 50.0.1. > See https://www.mozilla.org/en-US/firefox/50.0.1/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/ (landry@) ~ Makefile ~ distinfo > Security update to firefox 50.0.2. > See https://www.mozilla.org/en-US/firefox/50.0.2/releasenotes/ and > https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ (link not > up yet). A javascript exploit for windows was found in the wild, and the > vulnerability could technically be exploited on other platforms.. (landry@) netsurf - browser/patches/patch-Docs_netsurf-gtk_1 - browser/patches/patch-gtk_res_netsurf-gtk_desktop - browser/patches/patch-gtk_res_options_gtk2_ui - libnsfb/patches/patch-src_plot_24bpp_c - libnsfb/patches/patch-src_plot_32bpp-xbgr8888_c - libnsfb/patches/patch-src_plot_32bpp-xrgb8888_c - libnsfb/patches/patch-src_plot_h - libnsfb/patches/patch-framebuffer_Makefile_target ~ Makefile.inc ~ browser/Makefile ~ browser/distinfo ~ browser/pkg/PLIST ~ libcss/Makefile ~ libcss/distinfo ~ libdom/Makefile ~ libdom/distinfo ~ libnsbmp/Makefile ~ libnsbmp/distinfo ~ libnsfb/Makefile ~ libnsfb/distinfo ~ libnsgif/Makefile ~ libnsgif/distinfo ~ libnsutils/Makefile ~ libnsutils/distinfo ~ libparserutils/patches/patch-libparserutils_pc_in ~ libsvgtiny/Makefile ~ libsvgtiny/distinfo ~ libwapcaplet/Makefile ~ libwapcaplet/distinfo ~ netsurf-fb/Makefile ~ netsurf-fb/distinfo ~ nsgenbind/Makefile ~ nsgenbind/distinfo + nsgenbind/patch-frontends_gtk_res_options_gtk2_ui + nsgenbind/patch-frontends_framebuffer_Makefile + nsgenbind/patches/patch-src_nsgenbind-ast_c + nsgenbind/patches/patch-src_nsgenbind-ast_h + nsgenbind/patches/patch-src_nsgenbind-parser_y + nsgenbind/patches/patch-src_webidl-ast_c + nsgenbind/patches/patch-src_webidl-ast_h + nsgenbind/patches/patch-src_webidl-parser_y > Update to netsurf-3.6 and its accompanying libraries. > Note: upstream has renamed the main executable from "netsurf" to > "netsurf-gtk". (bentley@) + libnspsl/Makefile + libnspsl/distinfo + libnspsl/pkg/DESCR + libnspsl/pkg/PLIST > New import: > Import libnspsl-0.1.0. ~ Makefile ~ browser/Makefile ~ netsurf-fb/Makefile > Give the netsurf browsers a lib dependency on libnspsl. > (Used for cookie handling.) (bentley@) py-requests ~ Makefile ~ distinfo ~ pkg/PLIST > Update to py-requests 2.12.3. > ok ajacoutot@ (shadchin@) tor-browser ~ Makefile.inc ~ browser/Makefile ~ browser/distinfo ~ browser/files/extension-overrides.js ~ https-everywhere/Makefile ~ https-everywhere/distinfo ~ noscript/Makefile ~ noscript/distinfo ~ tor-launcher/Makefile ~ tor-launcher/distinfo ~ tor-launcher/patch-src_components_tl-process_js ~ torbutton/Makefile ~ torbutton/distinfo > Update to tor-browser 6.0.7, patching CVE-2016-9079 (Use-after-free in > SVG Animation). > updates: > - https-everywhere to 5.2.7 > - noscript to 2.9.5.2 > - tor-launcher to 0.2.9.4 > - torbutton to 1.9.5.12 > From MAINTAINER attila // stalphonsos // com. (landry@) == x11 =============================================================== 24/24 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/x11 dbus ~ Makefile ~ distinfo > Update to dbus-1.10.14. (ajacoutot@) gnome - builder/pkg/patch-libide_subprocess_ide-subprocess-launcher_c - builder/pkg/patch-plugins_terminal_gb-terminal-view_c ~ builder/Makefile ~ builder/distinfo ~ builder/pkg/PLIST > Update to gnome-builder-3.22.3. (ajacoutot@) gtksourceview3 ~ Makefile ~ distinfo > update to gtksourceview-3.22.2 (jasper@) kde4 ~ qyoto/patches/patch-cmake_CMakeCSharpInformation_cmake > Unbreak building with upcoming CMake-3.7.0 (policy CMP0054) (dcoppa@) =============================================================================== _______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
