UPDATE: fonts/vlgothic 20141206p0 -> 20200720
ok?
Index: Makefile
===
RCS file: /cvs/ports/fonts/vlgothic/Makefile,v
retrieving revision 1.3
diff -u -p -r1.3 Makefile
--- Makefile12 Jul 2019 20:46:13 - 1.3
+++ Makefile5 May 2021 01:29:48 -
@@ -2,10 +2,10 @@
COMMENT = Japanese gothic TrueType fonts from Vine Linux
-V =20141206
+V =20200720
DISTNAME = VLGothic-$V
PKGNAME = vlgothic-$V
-REVISION = 0
+REVISION =
CATEGORIES = fonts japanese x11
@@ -14,7 +14,7 @@ HOMEPAGE =http://vlgothic.dicey.org/
#BSD
PERMIT_PACKAGE=Yes
-MASTER_SITES = ${MASTER_SITE_OSDN_JP:=vlgothic/62375/}
+MASTER_SITES = ${MASTER_SITE_OSDN_JP:=vlgothic/73361/}
EXTRACT_SUFX = .tar.bz2
NO_BUILD = Yes
Index: distinfo
===
RCS file: /cvs/ports/fonts/vlgothic/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo2 Nov 2017 18:19:52 - 1.1.1.1
+++ distinfo5 May 2021 01:29:48 -
@@ -1,2 +1,2 @@
-SHA256 (VLGothic-20141206.tar.bz2) =
JStMP69szzFXY+Ah7aziGDcBVOOY2V+5erzhyoMlVWw=
-SIZE (VLGothic-20141206.tar.bz2) = 4952134
+SHA256 (VLGothic-20200720.tar.bz2) =
yl+Tlkfhf3V4nhYtcSdPxjf/TEHNKMHU6Ufd9n/f6Q0=
+SIZE (VLGothic-20200720.tar.bz2) = 4948096
--
SASANO Takayoshi (JG1UAA)
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2021/05/04 17:18:31 Modified files: devel/jdk : Makefile Log message: Add jdk/16 to build
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2021/05/04 17:16:48 Log message: Import jdk-16.0.0.36.1v0 The OpenJDK SDK software includes tools useful for developing and testing programs written in the Java programming language and running on the Java platform. okay ian@ looks good sthen@ Status: Vendor Tag: kurt Release Tags: kurt_20210504 N ports/devel/jdk/16/Makefile N ports/devel/jdk/16/distinfo N ports/devel/jdk/16/pkg/DESCR N ports/devel/jdk/16/pkg/README N ports/devel/jdk/16/pkg/PLIST N ports/devel/jdk/16/pkg/PFRAG.aot N ports/devel/jdk/16/pkg/PFRAG.ci N ports/devel/jdk/16/patches/patch-make_common_NativeCompilation_gmk N ports/devel/jdk/16/files/cacerts No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2021/05/04 16:03:06 Modified files: sysutils/ruby-puppet/6: Makefile distinfo sysutils/ruby-puppet/6/patches: patch-lib_puppet_defaults_rb Log message: Update to Puppet 6.22.1 https://puppet.com/docs/puppet/6.22/release_notes_puppet.html
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 15:35:41 Modified files: mail/mutt : Makefile distinfo mail/mutt/pkg : PLIST Log message: update to mutt-2.0.7
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sol...@cvs.openbsd.org 2021/05/04 15:33:46 Modified files: games/openttd : Makefile distinfo Log message: Update to openttd-1.11.2 ok paco@
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: giova...@cvs.openbsd.org2021/05/04 14:56:20 Modified files: sysutils/ruby-puppet/5: Makefile sysutils/ruby-puppet/pkg: puppetmaster.rc Log message: sync puppetmaster rcscript with latest changes to puppet rc script fixes "rcctl puppetmaster check" ok kn@
Re: games/openra: update to 20210321
On Tue, May 04, 2021 at 09:52:16PM +0200, Tobias Heider wrote: > On Mon, May 03, 2021 at 03:58:01PM -0600, Thomas Frohwein wrote: > > Hi, > > > > Here is a diff that updates OpenRA to the latest version 20210321. The > > heavy lifting was done by patrick@; I added the nuget dependencies and > > the workaround for the dllmap config files. > > > > bcallah@: would appreciate if both distfiles could be hosted on the > > nycbug mirror again. > > > > Unfortunately the msbuild ports don't get nicer, so some dark magic is > > required once again to make it work: > > > > - nuget-openra-20210321.tar.xz is just an archive of the dependencies > > fetched by nuget run with a working internet connection. I checked > > that this builds with network interface down. > > - DLLMAP_FILES doesn't work anymore because the the *.config files with > > dllmap are built "on the fly" during the install goal. Best option I > > could come up with (that doesn't hardcode the library versions like > > the included script configure-system-libraries.sh tries to do) was to > > copy the correct files from $FILESDIR (they are all trivial and > > small). > > - The build system (MSBuild or mono) erros with LangVersion 7.3; but > > lowering it to 7.2 allows it to build without problems. > > > > Tested in a brief single-player mission with Red Alert, and I checked > > that the multiplayer lobby shows available servers/games. > > > > ok? comments? > > We tested the multiplayer with RA and CNC without problems. > Patrick didn't stand a chance. > > ok tobhe@ Sigh... Every. Single. Time. ok patrick@
Re: games/openra: update to 20210321
On Mon, May 03, 2021 at 03:58:01PM -0600, Thomas Frohwein wrote: > Hi, > > Here is a diff that updates OpenRA to the latest version 20210321. The > heavy lifting was done by patrick@; I added the nuget dependencies and > the workaround for the dllmap config files. > > bcallah@: would appreciate if both distfiles could be hosted on the > nycbug mirror again. > > Unfortunately the msbuild ports don't get nicer, so some dark magic is > required once again to make it work: > > - nuget-openra-20210321.tar.xz is just an archive of the dependencies > fetched by nuget run with a working internet connection. I checked > that this builds with network interface down. > - DLLMAP_FILES doesn't work anymore because the the *.config files with > dllmap are built "on the fly" during the install goal. Best option I > could come up with (that doesn't hardcode the library versions like > the included script configure-system-libraries.sh tries to do) was to > copy the correct files from $FILESDIR (they are all trivial and > small). > - The build system (MSBuild or mono) erros with LangVersion 7.3; but > lowering it to 7.2 allows it to build without problems. > > Tested in a brief single-player mission with Red Alert, and I checked > that the multiplayer lobby shows available servers/games. > > ok? comments? We tested the multiplayer with RA and CNC without problems. Patrick didn't stand a chance. ok tobhe@
Re: ruby27 vs Puppet
On Tue, May 04, 2021 at 11:16:04AM +0200, Giovanni Bechis wrote: > In the previous diff we forgot about puppetmaster that now has the same > problem, > ok for this diff ? Of course, thanks.
Re: [embargoed security update] mail/exim -> 4.94.2
On 04/05/2021 17:28, Stuart Henderson wrote: On 2021/05/04 16:55, Renaud Allard wrote: Please consider the attached patch to solve the opendmarc issue. Given that opendmarc broke their API and the new one has no documentation, exim devs are currently checking what could be done, so this is not the official patch from exim devs. I have tested it and got no issues so far. On 5/4/21 4:45 PM, Renaud Allard wrote: Indeed, probably, sorry for the noise. But I also saw we have an issue with opendmarc 1.4+. They changed the API... I am currently trying to find a solution. I had tested with the older version only on the build machine. Hmm yes..committed here: https://github.com/trusteddomainproject/OpenDMARC/commit/dbd87868f2ca9c2ef11529cd757d1cc5ab228833 Are you happy enough with your patch or should I backout opendmarc? All I can say is that it seems to work for me (dmarc is enabled in my config). In case we backout opendmarc, we still put back a CVE in it. So I am not sure this is a good idea. And, obviously, we can't leave exim with all those CVE. smime.p7s Description: S/MIME Cryptographic Signature
Re: [embargoed security update] mail/exim -> 4.94.2
Please consider the attached patch to solve the opendmarc issue.
Given that opendmarc broke their API and the new one has no
documentation, exim devs are currently checking what could be done, so
this is not the official patch from exim devs. I have tested it and got
no issues so far.
On 5/4/21 4:45 PM, Renaud Allard wrote:
Indeed, probably, sorry for the noise.
But I also saw we have an issue with opendmarc 1.4+. They changed the
API... I am currently trying to find a solution. I had tested with the
older version only on the build machine.
On 5/4/21 4:43 PM, Stuart Henderson wrote:
btw there wasn't need for quite so many pings.
On 2021/05/04 15:47, Renaud Allard wrote:
Embargo has been removed, it's time to commit :)
For further reference a list of related CVEs:
Local vulnerabilities
- CVE-2020-28007: Link attack in Exim's log directory
- CVE-2020-28008: Assorted attacks in Exim's spool directory
- CVE-2020-28014: Arbitrary PID file creation
- CVE-2020-28011: Heap buffer overflow in queue_run()
- CVE-2020-28010: Heap out-of-bounds write in main()
- CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()
- CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()
- CVE-2020-28015: New-line injection into spool header file (local)
- CVE-2020-28012: Missing close-on-exec flag for privileged pipe
- CVE-2020-28009: Integer overflow in get_stdinput()
Remote vulnerabilities
- CVE-2020-28017: Integer overflow in receive_add_recipient()
- CVE-2020-28020: Integer overflow in receive_msg()
- CVE-2020-28023: Out-of-bounds read in smtp_setup_msg()
- CVE-2020-28021: New-line injection into spool header file
(remote)
- CVE-2020-28022: Heap out-of-bounds read and write in
extract_option()
- CVE-2020-28026: Line truncation and injection in
spool_read_header()
- CVE-2020-28019: Failure to reset function pointer after BDAT
error
- CVE-2020-28024: Heap buffer underflow in smtp_ungetc()
- CVE-2020-28018: Use-after-free in tls-openssl.c
- CVE-2020-28025: Heap out-of-bounds read in
pdkim_finish_bodyhash()
On 5/4/21 8:20 AM, Renaud Allard wrote:
ping: the disclosure will take place today (2021-05-04 13:30 UTC)
On 5/2/21 10:49 AM, Renaud Allard wrote:
Hi,
There was a problem in exim 4.94.1, so there is now 4.94.2 which
solves the issue. Embargo dates are the same.
Best Regards
On 28/04/2021 08:53, Renaud Allard wrote:
Hello,
Here is an diff to update exim to 4.94.1. This is a very
important security update.
Unfortunately, this update is embargoed so that "distro" package
maintainers have the time to publish the packages. This means
the source tar.gz is not available before 2021-05-04 13:30 UTC.
I don't know how we could provide packages for -stable before
the tar is published. I can build them for 6.8, but I can't sign
them or build for 6.9 yet.
It solves the following CVE:
- CVE-2020-28007
- CVE-2020-28008
- CVE-2020-28009
- CVE-2020-28010
- CVE-2020-28011
- CVE-2020-28012
- CVE-2020-28013
- CVE-2020-28014
- CVE-2020-28015
- CVE-2020-28016
- CVE-2020-28017
- CVE-2020-28018
- CVE-2020-28019
- CVE-2020-28020
- CVE-2020-28021
- CVE-2020-28022
- CVE-2020-28023
- CVE-2020-28024
- CVE-2020-28025
- CVE-2020-28026
- CVE-2021-27216
Best Regards
Index: patches/patch-src_dmarc_c
===
RCS file: patches/patch-src_dmarc_c
diff -N patches/patch-src_dmarc_c
--- /dev/null 1 Jan 1970 00:00:00 -
+++ patches/patch-src_dmarc_c 4 May 2021 14:51:38 -
@@ -0,0 +1,14 @@
+$OpenBSD$
+
+Index: src/dmarc.c
+--- src/dmarc.c.orig
src/dmarc.c
+@@ -446,7 +446,7 @@ if (!dmarc_abort && !sender_host_authenticated)
+ vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL :
+ DMARC_POLICY_DKIM_OUTCOME_NONE;
+ libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain,
+- dkim_result, US"");
++ sig->selector, dkim_result, US"");
+ DEBUG(D_receive)
+ debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain);
+ if (libdm_status != DMARC_PARSE_OKAY)
smime.p7s
Description: S/MIME Cryptographic Signature
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: t...@cvs.openbsd.org2021/05/04 12:54:22 Modified files: devel : Makefile Log message: +sharness
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: t...@cvs.openbsd.org2021/05/04 12:53:01 Log message: Import devel/sharness 1.1.0, ok inoguchi Sharness is a portable shell library to write, run, and analyze automated tests for Unix programs. Since all tests output TAP, the Test Anything Protocol, they can be run with any TAP harness. Status: Vendor Tag: tb Release Tags: tb_20210503 N ports/devel/sharness/Makefile N ports/devel/sharness/distinfo N ports/devel/sharness/pkg/DESCR N ports/devel/sharness/pkg/PLIST N ports/devel/sharness/patches/patch-Makefile N ports/devel/sharness/patches/patch-test_Makefile No conflicts created by this import
Re: [embargoed security update] mail/exim -> 4.94.2
Indeed, probably, sorry for the noise. But I also saw we have an issue with opendmarc 1.4+. They changed the API... I am currently trying to find a solution. I had tested with the older version only on the build machine. On 5/4/21 4:43 PM, Stuart Henderson wrote: btw there wasn't need for quite so many pings. On 2021/05/04 15:47, Renaud Allard wrote: Embargo has been removed, it's time to commit :) For further reference a list of related CVEs: Local vulnerabilities - CVE-2020-28007: Link attack in Exim's log directory - CVE-2020-28008: Assorted attacks in Exim's spool directory - CVE-2020-28014: Arbitrary PID file creation - CVE-2020-28011: Heap buffer overflow in queue_run() - CVE-2020-28010: Heap out-of-bounds write in main() - CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() - CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() - CVE-2020-28015: New-line injection into spool header file (local) - CVE-2020-28012: Missing close-on-exec flag for privileged pipe - CVE-2020-28009: Integer overflow in get_stdinput() Remote vulnerabilities - CVE-2020-28017: Integer overflow in receive_add_recipient() - CVE-2020-28020: Integer overflow in receive_msg() - CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() - CVE-2020-28021: New-line injection into spool header file (remote) - CVE-2020-28022: Heap out-of-bounds read and write in extract_option() - CVE-2020-28026: Line truncation and injection in spool_read_header() - CVE-2020-28019: Failure to reset function pointer after BDAT error - CVE-2020-28024: Heap buffer underflow in smtp_ungetc() - CVE-2020-28018: Use-after-free in tls-openssl.c - CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() On 5/4/21 8:20 AM, Renaud Allard wrote: ping: the disclosure will take place today (2021-05-04 13:30 UTC) On 5/2/21 10:49 AM, Renaud Allard wrote: Hi, There was a problem in exim 4.94.1, so there is now 4.94.2 which solves the issue. Embargo dates are the same. Best Regards On 28/04/2021 08:53, Renaud Allard wrote: Hello, Here is an diff to update exim to 4.94.1. This is a very important security update. Unfortunately, this update is embargoed so that "distro" package maintainers have the time to publish the packages. This means the source tar.gz is not available before 2021-05-04 13:30 UTC. I don't know how we could provide packages for -stable before the tar is published. I can build them for 6.8, but I can't sign them or build for 6.9 yet. It solves the following CVE: - CVE-2020-28007 - CVE-2020-28008 - CVE-2020-28009 - CVE-2020-28010 - CVE-2020-28011 - CVE-2020-28012 - CVE-2020-28013 - CVE-2020-28014 - CVE-2020-28015 - CVE-2020-28016 - CVE-2020-28017 - CVE-2020-28018 - CVE-2020-28019 - CVE-2020-28020 - CVE-2020-28021 - CVE-2020-28022 - CVE-2020-28023 - CVE-2020-28024 - CVE-2020-28025 - CVE-2020-28026 - CVE-2021-27216 Best Regards smime.p7s Description: S/MIME Cryptographic Signature
Re: [update] games/openttd
On Tue, 04 May 2021, Solene Rapenne wrote: > This updates openttd to 1.11.2, only fixes > > https://cdn.openttd.org/openttd-releases/1.11.2/changelog.txt > > Index: Makefile > === > RCS file: /home/reposync/ports/games/openttd/Makefile,v > retrieving revision 1.71 > diff -u -p -r1.71 Makefile > --- Makefile 27 Apr 2021 18:54:08 - 1.71 > +++ Makefile 3 May 2021 20:23:22 - > @@ -2,9 +2,9 @@ > > COMMENT= open source clone of the game Transport Tycoon Deluxe > > -V = 1.11.0 > +V = 1.11.2 > DISTNAME = openttd-$V-source > -PKGNAME =openttd-1.11.0 > +PKGNAME =openttd-$V > > CATEGORIES= games > > Index: distinfo > === > RCS file: /home/reposync/ports/games/openttd/distinfo,v > retrieving revision 1.38 > diff -u -p -r1.38 distinfo > --- distinfo 27 Apr 2021 18:54:08 - 1.38 > +++ distinfo 3 May 2021 20:23:36 - > @@ -1,2 +1,2 @@ > -SHA256 (openttd/openttd-1.11.0-source.tar.xz) = > XmUYTgc2i6Gvpi27PjWrrubE2mcw/0vJ60RH1TNjx6g= > -SIZE (openttd/openttd-1.11.0-source.tar.xz) = 6805420 > +SHA256 (openttd/openttd-1.11.2-source.tar.xz) = > D7qTWiqBX0/ozW3C4q4z9ydpU4cxIo+EimOzpulILm0= > +SIZE (openttd/openttd-1.11.2-source.tar.xz) = 6783972 Builds and works for me on amd64. ok paco@ -- Paco Esteban. 0x5818130B8A6DBC03
Re: postfix: disable snapshot?
On 5/3/2021 9:16 AM, Stuart Henderson wrote: The 2020-06-27 snapshot was the last release from the Postfix 3.6 branch that supported SSL libraries older than OpenSSL 1.1.1. Should we disable building snapshot releases to prevent users from installing a version which is currently a dead-end for us? (Alternatively it would be possible to build a snapshot version using OpenSSL 1.1.1 rather than LibreSSL, but the sasl2/ldap/mysql/pgsql flavours would need to be disabled; that might be preferable for some users as it would allow using DANE..) Just disable it for now. Index: Makefile === RCS file: /cvs/ports/mail/postfix/Makefile,v retrieving revision 1.49 diff -u -p -r1.49 Makefile --- Makefile17 Nov 2014 15:26:53 - 1.49 +++ Makefile3 May 2021 13:15:09 - @@ -10,13 +10,13 @@ SUBDIR += stable,pgsql SUBDIR += stable,pgsql,sasl2 SUBDIR += stable,sasl2 -SUBDIR += snapshot -SUBDIR += snapshot,ldap -SUBDIR += snapshot,ldap,sasl2 -SUBDIR += snapshot,mysql -SUBDIR += snapshot,mysql,sasl2 -SUBDIR += snapshot,pgsql -SUBDIR += snapshot,pgsql,sasl2 -SUBDIR += snapshot,sasl2 +#SUBDIR += snapshot +#SUBDIR += snapshot,ldap +#SUBDIR += snapshot,ldap,sasl2 +#SUBDIR += snapshot,mysql +#SUBDIR += snapshot,mysql,sasl2 +#SUBDIR += snapshot,pgsql +#SUBDIR += snapshot,pgsql,sasl2 +#SUBDIR += snapshot,sasl2 .include Index: snapshot/Makefile === RCS file: /cvs/ports/mail/postfix/snapshot/Makefile,v retrieving revision 1.330 diff -u -p -r1.330 Makefile --- snapshot/Makefile 23 Dec 2020 21:17:59 - 1.330 +++ snapshot/Makefile 3 May 2021 13:15:09 - @@ -1,5 +1,7 @@ # $OpenBSD: Makefile,v 1.330 2020/12/23 21:17:59 sthen Exp $ +BROKEN= outdated; newer versions require OpenSSL 1.1.1 API + VERSION= 3.6-20200627 REVISION= 0
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2021/05/04 11:52:18 Modified files: devel/kf5/solid: Makefile Log message: Add run-dependency on openbsdisks2 to support UDisks2 service
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2021/05/04 11:49:38 Modified files: sysutils : Makefile Log message: Add openbsdisks2
Re: [embargoed security update] mail/exim -> 4.94.2
Embargo has been removed, it's time to commit :) For further reference a list of related CVEs: Local vulnerabilities - CVE-2020-28007: Link attack in Exim's log directory - CVE-2020-28008: Assorted attacks in Exim's spool directory - CVE-2020-28014: Arbitrary PID file creation - CVE-2020-28011: Heap buffer overflow in queue_run() - CVE-2020-28010: Heap out-of-bounds write in main() - CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() - CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() - CVE-2020-28015: New-line injection into spool header file (local) - CVE-2020-28012: Missing close-on-exec flag for privileged pipe - CVE-2020-28009: Integer overflow in get_stdinput() Remote vulnerabilities - CVE-2020-28017: Integer overflow in receive_add_recipient() - CVE-2020-28020: Integer overflow in receive_msg() - CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() - CVE-2020-28021: New-line injection into spool header file (remote) - CVE-2020-28022: Heap out-of-bounds read and write in extract_option() - CVE-2020-28026: Line truncation and injection in spool_read_header() - CVE-2020-28019: Failure to reset function pointer after BDAT error - CVE-2020-28024: Heap buffer underflow in smtp_ungetc() - CVE-2020-28018: Use-after-free in tls-openssl.c - CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() On 5/4/21 8:20 AM, Renaud Allard wrote: ping: the disclosure will take place today (2021-05-04 13:30 UTC) On 5/2/21 10:49 AM, Renaud Allard wrote: Hi, There was a problem in exim 4.94.1, so there is now 4.94.2 which solves the issue. Embargo dates are the same. Best Regards On 28/04/2021 08:53, Renaud Allard wrote: Hello, Here is an diff to update exim to 4.94.1. This is a very important security update. Unfortunately, this update is embargoed so that "distro" package maintainers have the time to publish the packages. This means the source tar.gz is not available before 2021-05-04 13:30 UTC. I don't know how we could provide packages for -stable before the tar is published. I can build them for 6.8, but I can't sign them or build for 6.9 yet. It solves the following CVE: - CVE-2020-28007 - CVE-2020-28008 - CVE-2020-28009 - CVE-2020-28010 - CVE-2020-28011 - CVE-2020-28012 - CVE-2020-28013 - CVE-2020-28014 - CVE-2020-28015 - CVE-2020-28016 - CVE-2020-28017 - CVE-2020-28018 - CVE-2020-28019 - CVE-2020-28020 - CVE-2020-28021 - CVE-2020-28022 - CVE-2020-28023 - CVE-2020-28024 - CVE-2020-28025 - CVE-2020-28026 - CVE-2021-27216 Best Regards smime.p7s Description: S/MIME Cryptographic Signature
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2021/05/04 11:46:51 Log message: Import openbsdisks2-0.2.1beta Comment: UDisks2 service implementation for OpenBSD Description: A UDisks2 service implementation for OpenBSD forked from FreeBSD (bsdutils/bsdisks). OpenBSDisks2 provides a simple DBus org.freedesktop.UDisks2 service. It only provides readable properties for the UDisks2.Drive, UDisks2.Block and UDisks2.Filesystem interfaces. UDisks2 is an abstraction for enumerating disk and storage devices and performing operations on them. Maintainer: Rafael Sadowski WWW: https://github.com/sizeofvoid/openbsdisks2 Test, feedack and OK namn@ Status: Vendor Tag: rsadowski Release Tags: rsadowski_20210504 N ports/sysutils/openbsdisks2/Makefile N ports/sysutils/openbsdisks2/distinfo N ports/sysutils/openbsdisks2/pkg/DESCR N ports/sysutils/openbsdisks2/pkg/PLIST N ports/sysutils/openbsdisks2/pkg/README No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2021/05/04 11:34:57 Modified files: x11/kde-plasma : Makefile.inc x11/kde-plasma/breeze: distinfo x11/kde-plasma/breeze-grub: distinfo x11/kde-plasma/breeze-gtk: distinfo x11/kde-plasma/kdecoration: distinfo x11/kde-plasma/oxygen: distinfo Log message: Update KDE Plasma to 5.21.5
Re: GIMP patch: add memory dashboard support
On Sat, May 01, 2021 at 01:12:55PM +0200, Marc Espie wrote:
> Simple and straightforward enough. A bit approximative probably but better
> than nothing.
>
> (if it looks fine, I'll try upstreaming this)
>
> Index: Makefile
> ===
> RCS file: /cvs/ports/graphics/gimp/stable/Makefile,v
> retrieving revision 1.144
> diff -u -p -r1.144 Makefile
> --- Makefile 1 Apr 2021 10:01:06 - 1.144
> +++ Makefile 1 May 2021 11:11:42 -
> @@ -3,6 +3,7 @@
> COMMENT= GNU Image Manipulation Program
>
> DISTNAME = gimp-2.10.24
> +REVISION = 0
>
> .for i in gimp gimpbase gimpcolor gimpconfig gimpmath gimpmodule \
> gimpthumb gimpui gimpwidgets
> Index: patches/patch-app_widgets_gimpdashboard_c
> ===
> RCS file: patches/patch-app_widgets_gimpdashboard_c
> diff -N patches/patch-app_widgets_gimpdashboard_c
> --- /dev/null 1 Jan 1970 00:00:00 -
> +++ patches/patch-app_widgets_gimpdashboard_c 1 May 2021 11:11:42 -
> @@ -0,0 +1,52 @@
> +$OpenBSD$
> +
> +Index: app/widgets/gimpdashboard.c
> +--- app/widgets/gimpdashboard.c.orig
> app/widgets/gimpdashboard.c
> +@@ -2512,6 +2512,46 @@ gimp_dashboard_sample_memory_available (GimpDashboard
> + variable_data->value.size = ms.ullAvailPhys;
> + }
> +
> ++#elif defined(__OpenBSD__)
> ++#include
> ++#include
> ++#include
> ++
> ++static void
> ++gimp_dashboard_sample_memory_used (GimpDashboard *dashboard,
> ++ Variable variable)
> ++{
> ++ GimpDashboardPrivate *priv = dashboard->priv;
> ++ VariableData *variable_data = >variables[variable];
> ++ struct rusage rusage;
> ++
> ++ variable_data->available = FALSE;
> ++
> ++ if (getrusage(RUSAGE_SELF, ) == -1)
> ++return;
> ++ variable_data->available = TRUE;
> ++ variable_data->value.size = (guint64)(rusage.ru_maxrss * 1024);
> ++}
> ++
> ++static void
> ++gimp_dashboard_sample_memory_available (GimpDashboard *dashboard,
> ++Variable variable)
> ++{
> ++ GimpDashboardPrivate *priv= dashboard->priv;
> ++ VariableData *variable_data = >variables[variable];
> ++ int mib[] = {CTL_HW, HW_PHYSMEM64};
> ++ int64_t result;
> ++ size_t sz = sizeof(int64_t);
> ++
> ++
> ++ variable_data->available = FALSE;
> ++
> ++ if (sysctl(mib, 2, , , NULL, 0) == -1)
> ++return;
> ++ variable_data->available = TRUE;
> ++ variable_data->value.size = (guint64)result;
> ++}
> ++
> + #else /* ! G_OS_WIN32 && ! PLATFORM_OSX */
> + static void
> + gimp_dashboard_sample_memory_used (GimpDashboard *dashboard,
>
>
Just in case you want to test-drive it: it's not really hidden. The dashboard
is at the bottom of Windows/Dockable Dialogs/Dashboard
In case you're looking for a specific feature in gimp, you can search for
things by name using "/" (yeah, they added a search feature a few releases
back).
Also: it's one of those professional programs (not kidding) which has
a huge learning curve. I did import "grokking-the-gimp" a few years ago.
I'm probably going to decommission it at some point, because it's very
much behind the curve.
If you want to learn gimp "in depth", there's this guy (Davies Media
Design) on youtube who is posting amazing videos.
He is partly responsible for me taking an interest back in that program
and improving a few details which were sub-par in our port. Not quite free
software, but definitely a great community resource, showing that GIMP can
go head-to-head with Illustrator on many many tasks.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 10:45:48 Modified files: devel/quirks : Tag: OPENBSD_6_9 Makefile Log message: noop bump of REVISION to workaround the stable build machines copying the file for the quirks package from 6.9 release.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: t...@cvs.openbsd.org2021/05/04 10:34:03 Modified files: net/mosquitto : Makefile Added files: net/mosquitto/patches: patch-lib_options_c Log message: net/mosquitto: avoid upcoming build failure Use OpenSSL 1.1.1 code path that uses SSL_CTX_up_ref() instead of handrolling it. This way mosquitto will continue to build after an upcoming libssl bump.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 10:06:41 Modified files: emulators/qemu : Makefile Log message: add missing BDEP on shells/bash ===> Faking installation for qemu-6.0.0 env: bash: No such file or directory env: bash: No such file or directory env: bash: No such file or directory env: bash: No such file or directory (GIT="git" "/pobj/qemu-6.0.0/qemu-6.0.0/scripts/git-submodule.sh" ignore ) env: bash: No such file or directory
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 10:05:46 Modified files: devel/kdiff3 : Makefile Log message: add missing BDEP on boost
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 09:48:53 Modified files: mail/exim : Makefile Added files: mail/exim/patches: patch-src_dmarc_c Log message: exim: add a patch from maintainer to workaround API change in opendmarc
Re: Update to redis-6.2.3
> *** [err]: client tracking don't cause eviction feedback loop in
> tests/unit/maxmemory.tcl
> Expected '0' to be between to '200' and '300' (context: type eval line 48 cmd
> {assert_range [r dbsize] 200 300} proc ::test)
All tests pass for me on amd64 (multiple runs) and on sparc64. As
mentioned on ICB, this failure could be a ulimit issue related to
not using PORTS_PRIVSEP.
Given the security impact, it would probably be a good idea to backport
this to -stable. The diff to 6.2.1 is relatively small and looks sane to
me.
ok tb
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: t...@cvs.openbsd.org2021/05/04 09:31:25 Modified files: textproc/wkhtmltopdf: Makefile textproc/wkhtmltopdf/patches: patch-qt_src_network_ssl_qsslsocket_openssl_cpp patch-qt_src_network_ssl_qsslsocket_openssl_symbols_cpp patch-qt_src_network_ssl_qsslsocket_openssl_symbols_p_h Log message: textproc/wkhtmltopdf: avoid upcoming build failure Remove much of the patching to force the OpenSSL 1.0.x code path. This way the code uses accessors and will continue building when we switch some structs in libssl to opaque. This adds and removes some symbols in wkhtmltox, so bump major. ok Frank Groeneveld (maintainer)
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 09:29:54 Modified files: mail/opendmarc : Makefile Log message: opendmarc-1.4.1 includes an API+ABI change, bump .so major
Re: [embargoed security update] mail/exim -> 4.94.2
On 2021/05/04 16:55, Renaud Allard wrote:
> Please consider the attached patch to solve the opendmarc issue.
> Given that opendmarc broke their API and the new one has no documentation,
> exim devs are currently checking what could be done, so this is not the
> official patch from exim devs. I have tested it and got no issues so far.
>
> On 5/4/21 4:45 PM, Renaud Allard wrote:
> > Indeed, probably, sorry for the noise.
> > But I also saw we have an issue with opendmarc 1.4+. They changed the
> > API... I am currently trying to find a solution. I had tested with the
> > older version only on the build machine.
Hmm yes..committed here:
https://github.com/trusteddomainproject/OpenDMARC/commit/dbd87868f2ca9c2ef11529cd757d1cc5ab228833
Are you happy enough with your patch or should I backout opendmarc?
> Index: patches/patch-src_dmarc_c
> ===
> RCS file: patches/patch-src_dmarc_c
> diff -N patches/patch-src_dmarc_c
> --- /dev/null 1 Jan 1970 00:00:00 -
> +++ patches/patch-src_dmarc_c 4 May 2021 14:51:38 -
> @@ -0,0 +1,14 @@
> +$OpenBSD$
> +
> +Index: src/dmarc.c
> +--- src/dmarc.c.orig
> src/dmarc.c
> +@@ -446,7 +446,7 @@ if (!dmarc_abort && !sender_host_authenticated)
> + vs == PDKIM_VERIFY_INVALID ?
> DMARC_POLICY_DKIM_OUTCOME_TMPFAIL :
> + DMARC_POLICY_DKIM_OUTCOME_NONE;
> + libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain,
> +- dkim_result, US"");
> ++ sig->selector, dkim_result,
> US"");
> + DEBUG(D_receive)
> + debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain);
> + if (libdm_status != DMARC_PARSE_OKAY)
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: t...@cvs.openbsd.org2021/05/04 09:25:22 Modified files: lang/swi-prolog: Makefile Added files: lang/swi-prolog/patches: patch-packages_ssl_ssl4pl_c Log message: lang/swi-prolog: avoid upcoming build breakage Remove two #if defined(LIBRESSL_VERSION_NUMBER) to take the OpenSSL 1.1.1 code path. This way swi-prolog will continue building once we will have made some structs opaque in libssl. ok edd (maintainer)
Re: games/openra: update to 20210321
On Mon 03/05/2021 15:58, Thomas Frohwein wrote: > Hi, > > Here is a diff that updates OpenRA to the latest version 20210321. The > heavy lifting was done by patrick@; I added the nuget dependencies and > the workaround for the dllmap config files. > > bcallah@: would appreciate if both distfiles could be hosted on the > nycbug mirror again. > > Unfortunately the msbuild ports don't get nicer, so some dark magic is > required once again to make it work: > > - nuget-openra-20210321.tar.xz is just an archive of the dependencies > fetched by nuget run with a working internet connection. I checked > that this builds with network interface down. > - DLLMAP_FILES doesn't work anymore because the the *.config files with > dllmap are built "on the fly" during the install goal. Best option I > could come up with (that doesn't hardcode the library versions like > the included script configure-system-libraries.sh tries to do) was to > copy the correct files from $FILESDIR (they are all trivial and > small). > - The build system (MSBuild or mono) erros with LangVersion 7.3; but > lowering it to 7.2 allows it to build without problems. > > Tested in a brief single-player mission with Red Alert, and I checked > that the multiplayer lobby shows available servers/games. > > ok? comments? Run tested (mainly openra-ra/openra-ra-server) on amd64 while playing against two teens who will be in desperate need of a new home IF they keep on defeating me. OK bket@
Re: [embargoed security update] mail/exim -> 4.94.2
btw there wasn't need for quite so many pings. On 2021/05/04 15:47, Renaud Allard wrote: > Embargo has been removed, it's time to commit :) > > For further reference a list of related CVEs: > > Local vulnerabilities > - CVE-2020-28007: Link attack in Exim's log directory > - CVE-2020-28008: Assorted attacks in Exim's spool directory > - CVE-2020-28014: Arbitrary PID file creation > - CVE-2020-28011: Heap buffer overflow in queue_run() > - CVE-2020-28010: Heap out-of-bounds write in main() > - CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() > - CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() > - CVE-2020-28015: New-line injection into spool header file (local) > - CVE-2020-28012: Missing close-on-exec flag for privileged pipe > - CVE-2020-28009: Integer overflow in get_stdinput() > Remote vulnerabilities > - CVE-2020-28017: Integer overflow in receive_add_recipient() > - CVE-2020-28020: Integer overflow in receive_msg() > - CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() > - CVE-2020-28021: New-line injection into spool header file (remote) > - CVE-2020-28022: Heap out-of-bounds read and write in extract_option() > - CVE-2020-28026: Line truncation and injection in spool_read_header() > - CVE-2020-28019: Failure to reset function pointer after BDAT error > - CVE-2020-28024: Heap buffer underflow in smtp_ungetc() > - CVE-2020-28018: Use-after-free in tls-openssl.c > - CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() > > On 5/4/21 8:20 AM, Renaud Allard wrote: > > ping: the disclosure will take place today (2021-05-04 13:30 UTC) > > > > On 5/2/21 10:49 AM, Renaud Allard wrote: > > > Hi, > > > > > > There was a problem in exim 4.94.1, so there is now 4.94.2 which > > > solves the issue. Embargo dates are the same. > > > > > > Best Regards > > > > > > On 28/04/2021 08:53, Renaud Allard wrote: > > > > Hello, > > > > > > > > Here is an diff to update exim to 4.94.1. This is a very > > > > important security update. > > > > > > > > Unfortunately, this update is embargoed so that "distro" package > > > > maintainers have the time to publish the packages. This means > > > > the source tar.gz is not available before 2021-05-04 13:30 UTC. > > > > I don't know how we could provide packages for -stable before > > > > the tar is published. I can build them for 6.8, but I can't sign > > > > them or build for 6.9 yet. > > > > > > > > It solves the following CVE: > > > > > > > > - CVE-2020-28007 > > > > - CVE-2020-28008 > > > > - CVE-2020-28009 > > > > - CVE-2020-28010 > > > > - CVE-2020-28011 > > > > - CVE-2020-28012 > > > > - CVE-2020-28013 > > > > - CVE-2020-28014 > > > > - CVE-2020-28015 > > > > - CVE-2020-28016 > > > > - CVE-2020-28017 > > > > - CVE-2020-28018 > > > > - CVE-2020-28019 > > > > - CVE-2020-28020 > > > > - CVE-2020-28021 > > > > - CVE-2020-28022 > > > > - CVE-2020-28023 > > > > - CVE-2020-28024 > > > > - CVE-2020-28025 > > > > - CVE-2020-28026 > > > > - CVE-2021-27216 > > > > > > > > Best Regards > > >
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 08:42:48 Modified files: mail/postfix : Makefile mail/postfix/snapshot: Makefile Log message: Disable postfix/snapshot for now, it is currently stuck at 2020-06-27 as newer versions on the 3.6 branch require OpenSSL 1.1.1. ok Brad (maintainer).
Update to redis-6.2.3
Hi,
Here's a diff to update to the latest redis release.
Changelogs:
https://github.com/redis/redis/releases/tag/6.2.2
https://github.com/redis/redis/releases/tag/6.2.3
6.2.2 Upgrade urgency: HIGH, if you're using ACL and pub/sub, CONFIG
REWRITE, or suffering from performance regression. see below.
6.2.3 Upgrade urgency: SECURITY, Contains fixes to security issues that
affect authenticated client connections. LOW otherwise.
Integer overflow in STRALGO LCS command (CVE-2021-29477):
An integer overflow bug in Redis version 6.0 or newer could be
exploited using the STRALGO LCS command to corrupt the heap and
potentially result in remote code execution. The integer overflow bug
exists in all versions of Redis starting with 6.0.
A test has been failing since 6.2.2:
!!! WARNING The following tests failed:
*** [err]: client tracking don't cause eviction feedback loop in
tests/unit/maxmemory.tcl
Expected '0' to be between to '200' and '300' (context: type eval line 48 cmd
{assert_range [r dbsize] 200 300} proc ::test)
Cleanup: may take some time... OK
And while there take maintainership.
Test reports/comments? OK?
Cheers,
Daniel
Index: Makefile
===
RCS file: /cvs/ports/databases/redis/Makefile,v
retrieving revision 1.121
diff -u -p -r1.121 Makefile
--- Makefile16 Mar 2021 21:18:38 - 1.121
+++ Makefile4 May 2021 13:57:43 -
@@ -2,10 +2,11 @@
COMMENT = persistent key-value database
-DISTNAME = redis-6.2.1
+DISTNAME = redis-6.2.3
CATEGORIES = databases
HOMEPAGE = https://redis.io/
-REVISION = 0
+
+MAINTAINER = Daniel Jakots
# BSD
PERMIT_PACKAGE = Yes
Index: distinfo
===
RCS file: /cvs/ports/databases/redis/distinfo,v
retrieving revision 1.94
diff -u -p -r1.94 distinfo
--- distinfo6 Mar 2021 17:42:12 - 1.94
+++ distinfo4 May 2021 13:57:43 -
@@ -1,2 +1,2 @@
-SHA256 (redis-6.2.1.tar.gz) = zSIlBQEsziCyVoL8qTHsk70hrpLLSr/nQs97dqqQdSA=
-SIZE (redis-6.2.1.tar.gz) = 2438367
+SHA256 (redis-6.2.3.tar.gz) = mO19UytelnH13wglu3Hw83SDoWVGNkBJOExj24dkUSs=
+SIZE (redis-6.2.3.tar.gz) = 2456050
Index: patches/patch-redis_conf
===
RCS file: /cvs/ports/databases/redis/patches/patch-redis_conf,v
retrieving revision 1.26
diff -u -p -r1.26 patch-redis_conf
--- patches/patch-redis_conf16 Mar 2021 21:18:38 - 1.26
+++ patches/patch-redis_conf4 May 2021 13:57:43 -
@@ -24,7 +24,7 @@ Index: redis.conf
# Close the connection after a client is idle for N seconds (0 to disable)
timeout 0
-@@ -172,6 +172,7 @@ tcp-keepalive 300
+@@ -182,6 +182,7 @@ tcp-keepalive 300
# of these, and will not implicitly use the system wide configuration.
#
# tls-ca-cert-file ca.crt
@@ -32,7 +32,7 @@ Index: redis.conf
# tls-ca-cert-dir /etc/ssl/certs
# By default, clients (including replica servers) on a TLS port are required
-@@ -205,14 +206,14 @@ tcp-keepalive 300
+@@ -215,14 +216,14 @@ tcp-keepalive 300
#
# tls-protocols "TLSv1.2 TLSv1.3"
@@ -49,7 +49,7 @@ Index: redis.conf
# information about the syntax of this string, and specifically for TLSv1.3
# ciphersuites.
#
-@@ -242,9 +243,9 @@ tcp-keepalive 300
+@@ -252,9 +253,9 @@ tcp-keepalive 300
# GENERAL
#
# By default Redis does not run as a daemon. Use 'yes' if you need it.
@@ -61,7 +61,7 @@ Index: redis.conf
# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
-@@ -269,14 +270,14 @@ daemonize no
+@@ -279,14 +280,14 @@ daemonize no
#
# When the server runs non daemonized, no pid file is created if none is
# specified in the configuration. When the server is daemonized, the pid file
@@ -78,7 +78,7 @@ Index: redis.conf
# Specify the server verbosity level.
# This can be one of:
-@@ -289,17 +290,18 @@ loglevel notice
+@@ -299,17 +300,18 @@ loglevel notice
# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
@@ -102,7 +102,7 @@ Index: redis.conf
# To disable the built in crash log, which will possibly produce cleaner core
# dumps when they are needed, uncomment the following:
-@@ -441,7 +443,7 @@ rdb-del-sync-files no
+@@ -451,7 +453,7 @@ rdb-del-sync-files no
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
@@ -111,7 +111,7 @@ Index: redis.conf
# REPLICATION
#
-@@ -941,6 +943,7 @@ acllog-max-len 128
+@@ -963,6 +965,7 @@ acllog-max-len 128
# limit
Re: [Update] cad/pcb2gcode 2.4.0
On Tue, Apr 27, 2021 at 03:40:50PM -0600, Tracey Emery wrote: > On Wed, Apr 14, 2021 at 10:18:52AM -0600, Tracey Emery wrote: > > Hello! > > > > This brings cad/pcb2gcode from 2.1.0 to 2.4.0. Everything runs fine on > > amd64. Newer release came out after I sent 2.3.0. > > > > For changes, please read here, as there are too many to list: > > https://github.com/pcb2gcode/pcb2gcode/releases > > > > Ok after lock release? > > > > ping > ping > > -- > > > > Tracey Emery > > > > Index: Makefile > > === > > RCS file: /cvs/ports/cad/pcb2gcode/Makefile,v > > retrieving revision 1.1.1.1 > > diff -u -p -u -r1.1.1.1 Makefile > > --- Makefile5 Nov 2020 20:37:31 - 1.1.1.1 > > +++ Makefile14 Apr 2021 15:56:12 - > > @@ -1,7 +1,7 @@ > > # $OpenBSD: Makefile,v 1.1.1.1 2020/11/05 20:37:31 tracey Exp $ > > > > COMMENT = tool for isolation, routing, and drilling of PCBs > > -V =2.1.0 > > +V =2.4.0 > > > > GH_ACCOUNT = pcb2gcode > > GH_PROJECT = pcb2gcode > > Index: distinfo > > === > > RCS file: /cvs/ports/cad/pcb2gcode/distinfo,v > > retrieving revision 1.1.1.1 > > diff -u -p -u -r1.1.1.1 distinfo > > --- distinfo5 Nov 2020 20:37:31 - 1.1.1.1 > > +++ distinfo14 Apr 2021 15:56:12 - > > @@ -1,2 +1,2 @@ > > -SHA256 (pcb2gcode-2.1.0.tar.gz) = > > 7lRvDgAug0NIYselohcaInYDjSOZCaCa2zbhSOfXMZo= > > -SIZE (pcb2gcode-2.1.0.tar.gz) = 4581572 > > +SHA256 (pcb2gcode-2.4.0.tar.gz) = > > XU8G9wQf4UoQh4C9uVOqUg9+VWdzp7n7hDXpuS/vYU0= > > +SIZE (pcb2gcode-2.4.0.tar.gz) = 7456824 > > Index: patches/patch-m4_geos_m4 > > === > > RCS file: /cvs/ports/cad/pcb2gcode/patches/patch-m4_geos_m4,v > > retrieving revision 1.1.1.1 > > diff -u -p -u -r1.1.1.1 patch-m4_geos_m4 > > --- patches/patch-m4_geos_m45 Nov 2020 20:37:31 - 1.1.1.1 > > +++ patches/patch-m4_geos_m414 Apr 2021 15:56:12 - > > @@ -6,12 +6,12 @@ $OpenBSD: patch-m4_geos_m4,v 1.1.1.1 202 > > Index: m4/geos.m4 > > --- m4/geos.m4.orig > > +++ m4/geos.m4 > > -@@ -76,7 +76,7 @@ AC_DEFUN([GEOS_INIT],[ > > +@@ -77,7 +77,7 @@ AC_DEFUN([GEOS_INIT],[ > > if $GEOS_CONFIG --libs >/dev/null 2>&1; then > > AC_MSG_RESULT(yes) > > HAVE_GEOS="yes" > > - GEOS_LIBS="`$GEOS_CONFIG --libs`" > > + GEOS_LIBS="`$GEOS_CONFIG --static-cclibs`" > > GEOS_C_LIBS="`$GEOS_CONFIG --ldflags` -lgeos_c" > > + GEOS_CC_LIBS="`$GEOS_CONFIG --ldflags` -lgeos" > > GEOS_CFLAGS="`$GEOS_CONFIG --cflags`" > > - GEOS_VERSION="`$GEOS_CONFIG --version`" > > -- > > Tracey Emery -- Tracey Emery
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 07:49:52 Modified files: mail/exim : Tag: OPENBSD_6_9 Makefile distinfo Log message: update to exim-4.94.2, from maintainer Renaud Allard Fixes many issues reported (with fixes) last year by Qualys, details will be available later at https://www.qualys.com/2021/05/04/21nails/21nails.txt Local vulnerabilities - CVE-2020-28007: Link attack in Exim's log directory - CVE-2020-28008: Assorted attacks in Exim's spool directory - CVE-2020-28014: Arbitrary PID file creation - CVE-2020-28011: Heap buffer overflow in queue_run() - CVE-2020-28010: Heap out-of-bounds write in main() - CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() - CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() - CVE-2020-28015: New-line injection into spool header file (local) - CVE-2020-28012: Missing close-on-exec flag for privileged pipe - CVE-2020-28009: Integer overflow in get_stdinput() Remote vulnerabilities - CVE-2020-28017: Integer overflow in receive_add_recipient() - CVE-2020-28020: Integer overflow in receive_msg() - CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() - CVE-2020-28021: New-line injection into spool header file (remote) - CVE-2020-28022: Heap out-of-bounds read and write in extract_option() - CVE-2020-28026: Line truncation and injection in spool_read_header() - CVE-2020-28019: Failure to reset function pointer after BDAT error - CVE-2020-28024: Heap buffer underflow in smtp_ungetc() - CVE-2020-28018: Use-after-free in tls-openssl.c - CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2021/05/04 07:49:04 Modified files: mail/exim : Makefile distinfo Log message: update to exim-4.94.2, from maintainer Renaud Allard Fixes many issues reported (with fixes) last year by Qualys, details will be available later at https://www.qualys.com/2021/05/04/21nails/21nails.txt Local vulnerabilities - CVE-2020-28007: Link attack in Exim's log directory - CVE-2020-28008: Assorted attacks in Exim's spool directory - CVE-2020-28014: Arbitrary PID file creation - CVE-2020-28011: Heap buffer overflow in queue_run() - CVE-2020-28010: Heap out-of-bounds write in main() - CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() - CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() - CVE-2020-28015: New-line injection into spool header file (local) - CVE-2020-28012: Missing close-on-exec flag for privileged pipe - CVE-2020-28009: Integer overflow in get_stdinput() Remote vulnerabilities - CVE-2020-28017: Integer overflow in receive_add_recipient() - CVE-2020-28020: Integer overflow in receive_msg() - CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() - CVE-2020-28021: New-line injection into spool header file (remote) - CVE-2020-28022: Heap out-of-bounds read and write in extract_option() - CVE-2020-28026: Line truncation and injection in spool_read_header() - CVE-2020-28019: Failure to reset function pointer after BDAT error - CVE-2020-28024: Heap buffer underflow in smtp_ungetc() - CVE-2020-28018: Use-after-free in tls-openssl.c - CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()
databases/py-sqlobject : Update to 3.9.1
Hi, ports@:
Here is a simple patch for databases/py-sqlobject to update to 3.9.1,
it build well and pass all tests on amd64-6.9 system.
No other ports depends on it.
Cheers !
wen
Index: Makefile
===
RCS file: /cvs/ports/databases/py-sqlobject/Makefile,v
retrieving revision 1.26
diff -u -p -r1.26 Makefile
--- Makefile19 Feb 2021 23:13:00 - 1.26
+++ Makefile4 May 2021 13:01:40 -
@@ -2,10 +2,9 @@
COMMENT = Object Relational Manager
-MODPY_EGG_VERSION =3.9.0
+MODPY_EGG_VERSION =3.9.1
DISTNAME = SQLObject-${MODPY_EGG_VERSION}
PKGNAME = py-sqlobject-${MODPY_EGG_VERSION}
-REVISION = 0
CATEGORIES = databases
Index: distinfo
===
RCS file: /cvs/ports/databases/py-sqlobject/distinfo,v
retrieving revision 1.10
diff -u -p -r1.10 distinfo
--- distinfo1 Jan 2021 11:22:56 - 1.10
+++ distinfo4 May 2021 13:01:40 -
@@ -1,2 +1,2 @@
-SHA256 (SQLObject-3.9.0.tar.gz) = YGlU3T4zN+QZMdKg1ADc/zECW4nKY4OW/FEPy90Lx68=
-SIZE (SQLObject-3.9.0.tar.gz) = 1079713
+SHA256 (SQLObject-3.9.1.tar.gz) = RQZBhN7Pf0LThnBOX0enDe5RfT5Em2EFBuF0Al+E2SE=
+SIZE (SQLObject-3.9.1.tar.gz) = 1312585
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2021/05/04 06:33:05 Modified files: sysutils/libvirt-python: Makefile distinfo Log message: Update to py3-libvirt-7.3.0.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2021/05/04 06:32:54 Modified files: sysutils/libvirt: Makefile distinfo sysutils/libvirt/patches: patch-meson_build patch-src_rpc_virnetsocket_c Log message: Update to libvirt-7.3.0.
Re: NEW: sysutils/openbsdisks2 - UDisks2 service implementation for OpenBSD
Rafael Sadowski writes: > On Sat Apr 24, 2021 at 01:23:56PM +0200, Rafael Sadowski wrote: >> >> I will fix this in 0.2.1b. >> > > 0.2.1beta attached Here is a diff with some more nits: - add comment explaining dbus,-suid as in sysutils/upower and sysutils/polkit - An --> A UDisks2 - "provides reading information on" was a bit clunky so I reworded it (I got "readable" from here: http://storaged.org/doc/udisks2-api/latest/gdbus-org.freedesktop.UDisks2.Drive.html) either with these tweaks or as originally attached, ok namn@ Index: Makefile === RCS file: /cvsnam/ports/sysutils/openbsdisks2/Makefile,v retrieving revision 1.2 diff -u -p -u -p -r1.2 Makefile --- Makefile4 May 2021 10:22:55 - 1.2 +++ Makefile4 May 2021 10:32:52 - @@ -21,6 +21,7 @@ MASTER_SITES =https://github.com/sizeof MODULES = devel/cmake \ x11/qt5 +# /usr/local/share/dbus-1/system-services/ RUN_DEPENDS += x11/dbus,-suid .include Index: pkg/DESCR === RCS file: /cvsnam/ports/sysutils/openbsdisks2/pkg/DESCR,v retrieving revision 1.1 diff -u -p -u -p -r1.1 DESCR --- pkg/DESCR 24 Apr 2021 09:01:07 - 1.1 +++ pkg/DESCR 4 May 2021 10:32:52 - @@ -1,9 +1,9 @@ -An UDisks2 service implementation for OpenBSD forked from FreeBSD +A UDisks2 service implementation for OpenBSD forked from FreeBSD (bsdutils/bsdisks). OpenBSDisks2 provides a simple DBus org.freedesktop.UDisks2 service. -It only provides reading information on UDisks2.Drive, UDisks2.Block and -UDisks2.Filesystem. +It only provides readable properties for the UDisks2.Drive, +UDisks2.Block and UDisks2.Filesystem interfaces. UDisks2 is an abstraction for enumerating disk and storage devices and performing operations on them.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2021/05/04 04:49:35 Modified files: devel/harfbuzz : Makefile distinfo Log message: Update to harfbuzz-2.8.1. Disable chafa support for now as it brings lots of dependencies.
Re: [embargoed security update] mail/exim -> 4.94.2
ping: the disclosure will take place today (2021-05-04 13:30 UTC) On 5/2/21 10:49 AM, Renaud Allard wrote: Hi, There was a problem in exim 4.94.1, so there is now 4.94.2 which solves the issue. Embargo dates are the same. Best Regards On 28/04/2021 08:53, Renaud Allard wrote: Hello, Here is an diff to update exim to 4.94.1. This is a very important security update. Unfortunately, this update is embargoed so that "distro" package maintainers have the time to publish the packages. This means the source tar.gz is not available before 2021-05-04 13:30 UTC. I don't know how we could provide packages for -stable before the tar is published. I can build them for 6.8, but I can't sign them or build for 6.9 yet. It solves the following CVE: - CVE-2020-28007 - CVE-2020-28008 - CVE-2020-28009 - CVE-2020-28010 - CVE-2020-28011 - CVE-2020-28012 - CVE-2020-28013 - CVE-2020-28014 - CVE-2020-28015 - CVE-2020-28016 - CVE-2020-28017 - CVE-2020-28018 - CVE-2020-28019 - CVE-2020-28020 - CVE-2020-28021 - CVE-2020-28022 - CVE-2020-28023 - CVE-2020-28024 - CVE-2020-28025 - CVE-2020-28026 - CVE-2021-27216 Best Regards smime.p7s Description: S/MIME Cryptographic Signature
Re: [MAINTAINER UPDATE] graphics/openimageio -> 2.2.13.1
On Wed, Apr 28, 2021 at 08:16:33AM -0400, Dimitri Karamazov wrote:
> Update graphics/openimageio to 2.2.13.1
>
> Changelog:https://github.com/OpenImageIO/oiio/releases/tag/v2.2.13.1
>
> Build & Run tested with blender
>
Index: Makefile
===
RCS file: /cvs/ports/graphics/openimageio/Makefile,v
retrieving revision 1.53
diff -u -p -r1.53 Makefile
--- Makefile5 Apr 2021 14:13:39 - 1.53
+++ Makefile27 Apr 2021 09:22:59 -
@@ -11,7 +11,7 @@ COMMENT = library for reading and writi
GH_ACCOUNT = OpenImageIO
GH_PROJECT = oiio
GH_TAGNAME = Release-$V
-V =2.2.13.0
+V =2.2.13.1
DISTNAME = openimageio-${V}
SHARED_LIBS += OpenImageIO 10.0 # 2.2.13
Index: distinfo
===
RCS file: /cvs/ports/graphics/openimageio/distinfo,v
retrieving revision 1.12
diff -u -p -r1.12 distinfo
--- distinfo5 Apr 2021 14:13:39 - 1.12
+++ distinfo27 Apr 2021 09:22:59 -
@@ -1,2 +1,2 @@
-SHA256 (openimageio-2.2.13.0.tar.gz) =
/Lk419AGCBa60Y9i6+1uWh2VlVXbLp0oJUO0ZRkjd1U=
-SIZE (openimageio-2.2.13.0.tar.gz) = 29265725
+SHA256 (openimageio-2.2.13.1.tar.gz) =
f4EBJOhmrBStnBGwq1KKbtTI5ioZDMRKd+7YFZ9XQFw=
+SIZE (openimageio-2.2.13.1.tar.gz) = 29265740
Index: patches/patch-src_libutil_ustring_cpp
===
RCS file:
/cvs/ports/graphics/openimageio/patches/patch-src_libutil_ustring_cpp,v
retrieving revision 1.1
diff -u -p -r1.1 patch-src_libutil_ustring_cpp
--- patches/patch-src_libutil_ustring_cpp 23 Jan 2021 12:46:26 -
1.1
+++ patches/patch-src_libutil_ustring_cpp 27 Apr 2021 09:22:59 -
@@ -6,7 +6,7 @@ error: expected value in expression
Index: src/libutil/ustring.cpp
--- src/libutil/ustring.cpp.orig
+++ src/libutil/ustring.cpp
-@@ -293,7 +293,7 @@ struct libcpp_string__long {
+@@ -308,7 +308,7 @@ struct libcpp_string__long {
std::string::size_type __size_;
std::string::size_type __cap_;
};
@@ -15,7 +15,7 @@ Index: src/libutil/ustring.cpp
enum { libcpp_string__long_mask = 0x1ul };
#else // _LIBCPP_BIG_ENDIAN
enum { libcpp_string__long_mask = ~(std::string::size_type(~0) >> 1) };
-@@ -304,7 +304,7 @@ struct libcpp_string__long {
+@@ -319,7 +319,7 @@ struct libcpp_string__long {
std::string::size_type __size_;
std::string::pointer __data_;
};
Re: [MAINTAINER UPDATE] graphics/alembic -> 1.8.0
On Wed, Apr 28, 2021 at 09:03:13AM -0400, Dimitri Karamazov wrote:
> Update graphics/alembic to 1.8.0
>
> Changelog:https://github.com/alembic/alembic/releases/tag/1.8.0
>
> No dynamic export changes
> External reference changes:
> added:
> _ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEy
>
> Build & Run tested with blender
>
> regards,
> Dimitri
>
Index: Makefile
===
RCS file: /cvs/ports/graphics/alembic/Makefile,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 Makefile
--- Makefile26 Jan 2021 15:46:19 - 1.1.1.1
+++ Makefile28 Apr 2021 12:48:24 -
@@ -4,9 +4,9 @@ COMMENT=open framework for storing and
GH_ACCOUNT=alembic
GH_PROJECT=alembic
-GH_TAGNAME=1.7.16
+GH_TAGNAME=1.8.0
-SHARED_LIBS += Alembic 0.0 # 1.7
+SHARED_LIBS += Alembic 0.1 # 1.8
CATEGORIES=graphics
Index: distinfo
===
RCS file: /cvs/ports/graphics/alembic/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo26 Jan 2021 15:46:19 - 1.1.1.1
+++ distinfo28 Apr 2021 12:48:24 -
@@ -1,2 +1,2 @@
-SHA256 (alembic-1.7.16.tar.gz) = JSlYbIlFmvNNJ6NqsRStHUPa/UQGHmXPz8c7dFc3nnw=
-SIZE (alembic-1.7.16.tar.gz) = 855709
+SHA256 (alembic-1.8.0.tar.gz) = JQh1UccpeLRcK22DtD6zkUKA2MYVk7B0o3/lKXE42u0=
+SIZE (alembic-1.8.0.tar.gz) = 860886
Index: patches/patch-lib_Alembic_AbcCoreOgawa_StreamManager_cpp
===
RCS file:
/cvs/ports/graphics/alembic/patches/patch-lib_Alembic_AbcCoreOgawa_StreamManager_cpp,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 patch-lib_Alembic_AbcCoreOgawa_StreamManager_cpp
--- patches/patch-lib_Alembic_AbcCoreOgawa_StreamManager_cpp26 Jan 2021
15:46:19 - 1.1.1.1
+++ patches/patch-lib_Alembic_AbcCoreOgawa_StreamManager_cpp28 Apr 2021
12:48:24 -
@@ -2,11 +2,12 @@ $OpenBSD: patch-lib_Alembic_AbcCoreOgawa
ffsll not available on OpenBSD
lib/Alembic/AbcCoreOgawa/StreamManager.cpp.origTue Dec 1 15:36:46 2020
-+++ lib/Alembic/AbcCoreOgawa/StreamManager.cpp Tue Dec 1 15:37:15 2020
+Index: lib/Alembic/AbcCoreOgawa/StreamManager.cpp
+--- lib/Alembic/AbcCoreOgawa/StreamManager.cpp.orig
lib/Alembic/AbcCoreOgawa/StreamManager.cpp
@@ -45,6 +45,25 @@ namespace ALEMBIC_VERSION_NS {
// C++11 std::atomics version
- #if !defined( ALEMBIC_LIB_USES_TR1 ) && __cplusplus >= 201103L
+ #if __cplusplus >= 201103L
#define COMPARE_EXCHANGE( V, COMP, EXCH ) V.compare_exchange_weak( COMP,
EXCH, std::memory_order_seq_cst, std::memory_order_seq_cst )
+
+Alembic::Util::int64_t ffsll( Alembic::Util::int64_t iValue )
Re: ruby27 vs Puppet
On Sun, Mar 14, 2021 at 05:36:55PM +0100, Giovanni Bechis wrote:
> On Sat, Mar 13, 2021 at 02:33:48PM +0100, Klemens Nanni wrote:
> > On Sat, Mar 13, 2021 at 09:05:18AM +0100, Giovanni Bechis wrote:
> > > Hi,
> > > after updating to current I receive daily warnings that my Puppet client
> > > is not running.
> > > This is because ruby27 starts programs in a different way then ruby26.
> > >
> > > On OpenBSD 6.8 I have:
> > > $ ps auxww | grep puppet
> > > root 63876 0.0 10.2 82024 51836 ?? S Fri05PM0:05.56
> > > /usr/local/bin/ruby26 /usr/local/bin/puppet agent
> > > snb 29563 0.0 0.2 288 1252 p0 S+p 8:59AM0:00.00 grep
> > > puppet
> > >
> > > on OpenBSD 6.9-current:
> > > $ ps auxww | grep puppet
> > > root 91047 0.0 1.4 108760 56900 ?? S Fri07PM0:05.86
> > > /usr/local/bin/ruby27 -W0 /usr/local/bin/puppet agent
> > > root 81078 0.0 0.0 632 1544 p0 S+p 9:00AM0:00.01 grep
> > > puppet
> > Not sure, I think this is because sebastia added `-W0' in 5/Makefile:
> >
> > revision 1.33
> > date: 2021/01/18 22:26:11; author: sebastia; state: Exp; lines: +4
> > -2; commitid: V8KuIdf4R32pgNMt;
> > suppress the huge number of deprecation/obsolete warnings since Ruby 2.7
> >
> > > The "-W0" parameter breaks "rcctl ls failed" and a daily warning is sent.
> > > Is this a known issue ? I think other softwares may be affected.
> > I did not notice it because I'm using Puppet 6, but also without the
> > rc script, i.e. in a masterless setup.
> >
> > I think the diff below should have been part of sebastia's commit,
> > it is untested however; can you give this a try?
> >
> That diff fixes it.
> ok giovanni@ if sebastia@ agrees.
>
In the previous diff we forgot about puppetmaster that now has the same problem,
ok for this diff ?
Giovanni
Index: 5/Makefile
===
RCS file: /cvs/ports/sysutils/ruby-puppet/5/Makefile,v
retrieving revision 1.37
diff -u -p -r1.37 Makefile
--- 5/Makefile 16 Mar 2021 18:43:40 - 1.37
+++ 5/Makefile 4 May 2021 09:03:50 -
@@ -3,7 +3,7 @@
PORTROACH= limit:^5
VERSION= 5.5.22
-REVISION= 7
+REVISION= 8
RUN_DEPENDS+= databases/ruby-hiera3,${MODRUBY_FLAVOR} \
devel/ruby-gettext-setup,${MODRUBY_FLAVOR}>=0.28,<1 \
Index: pkg/puppetmaster.rc
===
RCS file: /cvs/ports/sysutils/ruby-puppet/pkg/puppetmaster.rc,v
retrieving revision 1.2
diff -u -p -r1.2 puppetmaster.rc
--- pkg/puppetmaster.rc 11 Jan 2018 19:27:10 - 1.2
+++ pkg/puppetmaster.rc 4 May 2021 09:03:50 -
@@ -6,7 +6,7 @@ daemon="${TRUEPREFIX}/bin/puppet master"
. /etc/rc.d/rc.subr
-pexp="${RUBY} ${daemon}${daemon_flags:+ ${daemon_flags}}"
+pexp="${RUBY} -W0 ${daemon}${daemon_flags:+ ${daemon_flags}}"
rc_reload=NO
rc_cmd $1
signature.asc
Description: PGP signature
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2021/05/04 02:40:17 Modified files: x11/gtk+4 : Makefile distinfo x11/gtk+4/patches: patch-gtk_gtkplacessidebar_c Log message: Update to gtk+4-4.2.1.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2021/05/04 02:25:13 Modified files: misc/hwdata: Makefile distinfo Log message: Update to hwdata-0.347.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2021/05/04 01:17:05 Modified files: devel/p5-Devel-NYTProf: Makefile distinfo Log message: update p5-Devel-NYTProf to 6.09
Ping: [update patch] smartmontools 7.1p0 -> 7.2
Am Wed, Apr 07, 2021 at 10:59:26AM +0200 schrieb Martin Ziemer:
> This patch updates smartmontools from 7.1p0 to 7.2.
>
> There are three changes imported from upstream to get smartmontools
> work on all my systems.
>
> Tested on four amd64 systems using sata or pata.
>
> Could not test using real scsi drives.
Index: Makefile
===
RCS file: /cvs/ports/sysutils/smartmontools/Makefile,v
retrieving revision 1.44
diff -u -p -r1.44 Makefile
--- Makefile1 Sep 2020 15:46:04 - 1.44
+++ Makefile7 Apr 2021 08:28:20 -
@@ -3,8 +3,7 @@
COMMENT= control and monitor storage systems using SMART
# XXX at update time check whether C++11 is actually needed
-DISTNAME= smartmontools-7.1
-REVISION= 0
+DISTNAME= smartmontools-7.2
CATEGORIES=sysutils
HOMEPAGE= https://www.smartmontools.org/
Index: distinfo
===
RCS file: /cvs/ports/sysutils/smartmontools/distinfo,v
retrieving revision 1.19
diff -u -p -r1.19 distinfo
--- distinfo19 Feb 2020 17:46:52 - 1.19
+++ distinfo7 Apr 2021 08:28:20 -
@@ -1,2 +1,2 @@
-SHA256 (smartmontools-7.1.tar.gz) =
P3NNLJneseSvYrJdlExiUt5wymTXZsTHKUVFouZZuEY=
-SIZE (smartmontools-7.1.tar.gz) = 971468
+SHA256 (smartmontools-7.2.tar.gz) =
XNmKJ+Y5MWi8aq6gcNnhzVUbD4mMUvZrL/Ll0nQRjNY=
+SIZE (smartmontools-7.2.tar.gz) = 992256
Index: patches/patch-os-openbsd_cpp
===
RCS file: patches/patch-os-openbsd_cpp
diff -N patches/patch-os-openbsd_cpp
--- /dev/null 1 Jan 1970 00:00:00 -
+++ patches/patch-os-openbsd_cpp7 Apr 2021 08:28:20 -
@@ -0,0 +1,38 @@
+$OpenBSD $
+
+Upstream r5213: Use correct devicename for autodetection
+Upstream r5214: Apply conversion to seconds for timeouts in scsi_pass_through
+Upstream r5215: fix SAT autodetection for the sd* devices
+
+--- os_openbsd.cpp Tue Oct 6 17:31:47 2020
os_openbsd.cpp.patched Wed Apr 7 09:39:24 2021
+@@ -266,7 +266,7 @@ bool openbsd_scsi_device::scsi_pass_through(scsi_cmnd_
+ sc.databuf = (char *)iop->dxferp;
+ sc.datalen = iop->dxfer_len;
+ sc.senselen = iop->max_sense_len;
+- sc.timeout = iop->timeout == 0 ? 6 : iop->timeout; /* XXX */
++ sc.timeout = (iop->timeout == 0 ? 60 : iop->timeout) * 1000;
+ sc.flags =
+ (iop->dxfer_dir == DXFER_NONE ? SCCMD_READ :
+ (iop->dxfer_dir == DXFER_FROM_DEVICE ? SCCMD_READ : SCCMD_WRITE));
+@@ -582,17 +582,17 @@ smart_device * openbsd_smart_interface::autodetect_sma
+ if (str_starts_with(test_name, net_dev_prefix)) {
+ test_name += strlen(net_dev_prefix);
+ if (!strncmp(net_dev_ata_disk, test_name, strlen(net_dev_ata_disk)))
+- return get_ata_device(test_name, "ata");
++ return get_ata_device(name, "ata");
+ if (!strncmp(net_dev_scsi_disk, test_name, strlen(net_dev_scsi_disk))) {
+ // XXX Try to detect possible USB->(S)ATA bridge
+ // XXX get USB vendor ID, product ID and version from sd(4)/umass(4).
+ // XXX check sat device via get_usb_dev_type_by_id().
+
+ // No USB bridge found, assume regular SCSI device
+- return get_scsi_device(test_name, "scsi");
++ return get_scsi_device(name, "");
+ }
+ if (!strncmp(net_dev_scsi_tape, test_name, strlen(net_dev_scsi_tape)))
+- return get_scsi_device(test_name, "scsi");
++ return get_scsi_device(name, "scsi");
+ }
+ // device type unknown
+ return 0;
Index: patches/patch-scsiata_cpp
===
RCS file: patches/patch-scsiata_cpp
diff -N patches/patch-scsiata_cpp
--- patches/patch-scsiata_cpp 1 Sep 2020 15:46:04 - 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -
@@ -1,16 +0,0 @@
-$OpenBSD $
-
-Add missing seconds to milliseconds conversion, hand picked from upstream
-9c2f3a38063c4c6837507373c4dc4c9b1e3e7e81 from 05.06.2020.
-
scsiata.cpp.orig Wed Dec 5 19:30:46 2018
-+++ scsiata.cppTue Sep 1 08:48:16 2020
-@@ -364,7 +364,7 @@ bool sat_device::ata_pass_through(const ata_cmd_in & i
- io_hdr.cmnd_len = passthru_size;
- io_hdr.sensep = sense;
- io_hdr.max_sense_len = sizeof(sense);
--io_hdr.timeout = SCSI_TIMEOUT_DEFAULT;
-+io_hdr.timeout = SCSI_TIMEOUT_DEFAULT * 1000;
-
- scsi_device * scsidev = get_tunnel_dev();
- if (!scsidev->scsi_pass_through(_hdr)) {
