Permalink
Commits on Dec 30, 2008
  1. ticket #2618

    rtr committed Dec 30, 2008
  2. pullup ticket #2618 - requested by tron

    imap-uw: update package for security fix
    
    revisions pulled up:
    pkgsrc/mail/imap-uw/Makefile	1.128,1.129
    pkgsrc/mail/imap-uw/PLIST	1.16
    pkgsrc/mail/imap-uw/distinfo	1.35
    
       Module Name:    pkgsrc
       Committed By:   obache
       Date:           Mon Dec  1 11:03:50 UTC 2008
    
       Modified Files:
               pkgsrc/mail/imap-uw: Makefile PLIST
    
       Log Message:
       Also install dummy.h.
       It is included from flocksim.h, required by some platforms.  PR 40075.
    
       Bump PKGREVISION.
    
       While here, marked as MAKE_JOBS_SAFE=no
    
       ------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   tron
       Date:           Mon Dec 29 16:29:50 UTC 2008
    
       Modified Files:
               pkgsrc/mail/imap-uw: Makefile distinfo
    
       Log Message:
       Update "imap-uw" package to version 2007e.
       This version is a maintenance release, consisting primarily of bugfixes to
       problems discovered in the release that affected a small number of users
       plus a security fix for users of the RFC822BUFFER routines.
    
       Approved by Thomas Klausner.
    rtr committed Dec 30, 2008
Commits on Dec 29, 2008
  1. Pullup tickets #2615 and #2617.

    tron committed Dec 29, 2008
  2. Pullup ticket #2615 - requested by he

    p5-SOAP-Lite: build fix
    
    Revisions pulled up:
    - net/p5-SOAP-Lite/Makefile		1.23 via patch
    ---
    Module Name:	pkgsrc
    Committed By:	he
    Date:		Thu Dec 18 20:56:09 UTC 2008
    
    Modified Files:
    	pkgsrc/net/p5-SOAP-Lite: Makefile
    
    Log Message:
    Update from version 0.710.08nb2 to 0.710.08nb3.
    
    Pkgsrc changes:
     o Add dependency on perl>=5.10 or p5-version.
       When pulled up to pkgsrc-2008Q3 this should fix PR#39773.
    tron committed Dec 29, 2008
  3. Pullup ticket #2617 - requested by bouyer

    sympa: security update
    
    Revisions pulled up:
    - mail/sympa/Makefile			1.38 (via patch)
    - mail/sympa/PLIST			1.7 (via patch)
    - mail/sympa/distinfo			1.11 (via patch)
    ---
    Module Name:	pkgsrc
    Committed By:	bouyer
    Date:		Sat Dec 20 19:02:12 UTC 2008
    
    Modified Files:
    	pkgsrc/mail/sympa: Makefile PLIST distinfo
    
    Log Message:
    Update sympa to 5.4.4. Bug fixes (including SQL injestion and privilege
    escalation vulnerabilities) and updated translations:
        * Sympa was not fully compliant to the RFC 2616, leading for example
          to possible unwanted list deletion by administrators using prefetching
          tools. This was fixed by replacing all the threatening GET requests
          by POST requests;
        * Use of sprint() function for creating SQL queries lead to possible
          SQL injection through cookie manipulation;
        * The use of files in /tmp lead to vulnerabilities.
    tron committed Dec 29, 2008
Commits on Dec 17, 2008
  1. Pullup ticket #2612.

    tron committed Dec 17, 2008
  2. Pullup ticket #2612 - tnn

    firefox3: security update
    
    Revisions pulled up:
    - www/firefox3/Makefile			1.10 (via patch)
    - www/firefox3/distinfo			1.10
    - www/firefox3/patches/patch-dm		delete
    ---
    Module Name:	pkgsrc
    Committed By:	tnn
    Date:		Wed Dec 17 15:43:01 UTC 2008
    
    Modified Files:
    	pkgsrc/www/firefox3: Makefile distinfo
    Removed Files:
    	pkgsrc/www/firefox3/patches: patch-dm
    
    Log Message:
    Update to firefox3-3.0.5.
    pkgsrc changes:
    - drop the external sqlite3 dependency and add --disable-system-sqlite,
      until the linkage issues have been resolved. (both external and
    internal sqlite3 were linked previously.)
    - remove patch-dm which doesn't seem to be needed.
      (was inherited from firefox2, hardcoded a /usr/pkg run path)
    
    upstream changes:
    - Fixed several security issues.
    - Fixed several stability issues.
    - Official releases for the Bengali, Esperanto, Galician, Hindi, and
    Latvian languages are now available.
    - Replaced the End-User License Agreement with a new "Know Your Rights"
    info bar on initial install.
    - When installing multiple signed XPIs simultaneously, previous
    versions of Firefox would fail.
    - Fixed several issues found in the accessibility implementation.
    - Added the ability to send OS-specific system notes in the crash
    reporter.
    tron committed Dec 17, 2008
  3. ticket #2611

    rtr committed Dec 17, 2008
  4. pullup ticket #2611 - requested by tron

    mplayer, gmplayer, mencoder: security and vcd support patches
    
    revisions pulled up:
    pkgsrc/multimedia/gmplayer/Makefile			1.72, 1.73
    pkgsrc/multimedia/gmplayer/distinfo			1.58, 1.59
    pkgsrc/multimedia/mencoder/Makefile			1.40, 1.41
    pkgsrc/multimedia/mplayer-share/distinfo		1.55, 1.56
    pkgsrc/multimedia/mplayer-share/patches/patch-an	1.1
    pkgsrc/multimedia/mplayer-share/patches/patch-ca	1.1
    pkgsrc/multimedia/mplayer/Makefile			1.62, 1.63
    
       Module Name:    pkgsrc
       Committed By:   wiz
       Date:           Mon Oct 20 07:40:00 UTC 2008
    
       Modified Files:
               pkgsrc/multimedia/gmplayer: Makefile distinfo
               pkgsrc/multimedia/mencoder: Makefile
               pkgsrc/multimedia/mplayer: Makefile
               pkgsrc/multimedia/mplayer-share: distinfo
       Added Files:
               pkgsrc/multimedia/mplayer-share/patches: patch-an
    
       Log Message:
       Add a patch for better VCD support from Sergey Svishchev.
       Fixes PR 20549.
    ------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   tron
       Date:           Mon Dec 15 15:37:59 UTC 2008
    
       Modified Files:
               pkgsrc/multimedia/gmplayer: Makefile distinfo
               pkgsrc/multimedia/mencoder: Makefile
               pkgsrc/multimedia/mplayer: Makefile
               pkgsrc/multimedia/mplayer-share: distinfo
       Added Files:
               pkgsrc/multimedia/mplayer-share/patches: patch-ca
    
       Log Message:
       Add security patch from MPlayer SVN repository to fix a buffer overflow
       in the TwinVQ media file decoder.
    rtr committed Dec 17, 2008
Commits on Dec 16, 2008
  1. ticket #2609

    rtr committed Dec 16, 2008
  2. pullup ticket #2609 - requested by tron

    phpmyadmin: update package
    
    revisions pulled up:
    pkgsrc/databases/phpmyadmin/Makefile	1.78
    pkgsrc/databases/phpmyadmin/distinfo	1.40
    
       Module Name:    pkgsrc
       Committed By:   tron
       Date:           Mon Dec 15 09:11:49 UTC 2008
    
       Modified Files:
               pkgsrc/databases/phpmyadmin: Makefile distinfo
    
       Log Message:
       Update "phpmyadmin" package to version 2.11.9.4. Changes since 2.11.9.3:
       - [security] possible XSRF on several pages
    rtr committed Dec 16, 2008
Commits on Dec 8, 2008
  1. Pullup ticket #2606.

    tron committed Dec 8, 2008
  2. Pullup ticket #2606 - requested by ghen

    powerdns: security update
    
    Revision pulled up:
    - net/powerdns/Makefile.common		1.5
    - net/powerdns/distinfo			1.7
    ---
    Module Name:	pkgsrc
    Committed By:	ghen
    Date:		Mon Dec  8 12:26:57 UTC 2008
    
    Modified Files:
    	pkgsrc/net/powerdns: Makefile.common distinfo
    
    Log Message:
    Update to PowerDNS 2.9.21.2.
    
    This release consists of a single patch to address CVE-2008-5277.
    tron committed Dec 8, 2008
Commits on Dec 4, 2008
  1. Pullup ticket #2603.

    tron committed Dec 4, 2008
  2. Pullup ticket #2603 - requested by ahoka

    vlc: security update
    
    Revisions pulled up:
    - multimedia/vlc/Makefile		1.65
    - multimedia/vlc/Makefile		1.66
    - multimedia/vlc/Makefile		1.67
    - multimedia/vlc/PLIST			1.24
    - multimedia/vlc/distinfo		1.23
    - multimedia/vlc/distinfo		1.24
    - multimedia/vlc/options.mk		1.11
    ---
    Module Name:    pkgsrc
    Committed By:   ahoka
    Date:           Sat Nov  8 19:00:15 UTC 2008
    
    Modified Files:
            pkgsrc/multimedia/vlc: Makefile PLIST options.mk
    
    Log Message:
    Rework dependencies.
    Add some missing X11 lib and jpeg.
    Add theora support.
    ---
    Module Name:	pkgsrc
    Committed By:	ahoka
    Date:		Wed Dec  3 16:24:07 UTC 2008
    
    Modified Files:
    	pkgsrc/multimedia/vlc: Makefile distinfo
    
    Log Message:
    Changes between 0.9.6 and 0.9.8:
    - --------------------------------
    
     * Fixed buffer overflow in Real demuxer (SA-0811, CVE-2008-5276)
     * Bunch of small bugfixes.
    ---
    Module Name:	pkgsrc
    Committed By:	ahoka
    Date:		Thu Dec  4 14:03:11 UTC 2008
    
    Modified Files:
    	pkgsrc/multimedia/vlc: Makefile distinfo
    
    Log Message:
    Upstream bumped the version number for some reason,
    so follow the new distfile as the old one disappeared.
    
    No new changes were mentioned in the official changelog.
    tron committed Dec 4, 2008
  3. Pullup tickets #2604 and #2605.

    tron committed Dec 4, 2008
  4. Pullup ticket #2605 - requested by martti

    squirremal: security update
    
    Revisions pulled up:
    - mail/squirrelmail/Makefile			1.100-1.101
    - mail/squirrelmail/PLIST			1.28
    - mail/squirrelmail/buildlink3.mk		1.20
    - mail/squirrelmail/distinfo			1.49-1.50
    - mail/squirrelmail/options.mk			1.9
    ---
    Module Name:    pkgsrc
    Committed By:   taca
    Date:           Wed Nov 19 14:47:51 UTC 2008
    
    Modified Files:
             pkgsrc/mail/squirrelmail: Makefile distinfo options.mk
    
    Log Message:
    Update Japanese patch to squirrelmail-1.4.16-ja-20081013.
    No functional should be changed though.
    
    Bump PKGREVISION.
    ---
    Module Name:	pkgsrc
    Committed By:	martti
    Date:		Thu Dec  4 07:18:47 UTC 2008
    
    Modified Files:
    	pkgsrc/mail/squirrelmail: Makefile PLIST buildlink3.mk distinfo
    
    Log Message:
    Updated mail/squirrelmail to 1.4.17
    
    The SquirrelMail team is happy to announce the release of version 1.4.17.  The
    most notable change is a security fix that prevents certain specially-crafted
    hyperlinks within messages from executing cross-site scripting attacks.  For
    other details, see the ReleaseNotes file included in this release.  We advise
    all users of SquirrelMail software to upgrade.
    tron committed Dec 4, 2008
  5. Pullup ticket #2604 - requested by is

    libslang2: build fix for Solaris
    
    Revisions pulled up:
    - devel/libslang2/Makefile			1.2
    - devel/libslang2/distinfo			1.2
    - devel/libslang2/patches/patch-ae		1.2
    ---
    Module Name:	pkgsrc
    Committed By:	is
    Date:		Wed Dec  3 11:10:34 UTC 2008
    
    Modified Files:
    	pkgsrc/devel/libslang2: Makefile distinfo
    	pkgsrc/devel/libslang2/patches: patch-ae
    
    Log Message:
    Don't even try to install the .a for the loadable modules.
    Patch mostly suggested by bjs@.
    This fixes a build problem on Solaris.
    tron committed Dec 4, 2008
Commits on Dec 1, 2008
  1. ticket #2602

    rtr committed Dec 1, 2008
  2. pullup ticket #2602 - requested by bouyer

    sympa: fix master site
    
    revisions pulled up:
    pkgsrc/mail/sympa/Makefile	1.36
    
       Module Name:    pkgsrc
       Committed By:   bouyer
       Date:           Sun Nov 30 18:13:30 UTC 2008
    
       Modified Files:
               pkgsrc/mail/sympa: Makefile
    
       Log Message:
       Add missing trailing / to one of the MASTER_SITES
    rtr committed Dec 1, 2008
Commits on Nov 28, 2008
  1. Pullup ticket #2601.

    tron committed Nov 28, 2008
  2. Pullup ticket #2601 - requested by taca

    samba: security patch
    
    Revisions pulled up:
    - net/samba/Makefile			1.186
    - net/samba/Makefile.patches		1.9
    - net/samba/distinfo			1.65
    ---
    Module Name:	pkgsrc
    Committed By:	taca
    Date:		Fri Nov 28 03:17:58 UTC 2008
    
    Modified Files:
    	pkgsrc/net/samba: Makefile Makefile.patches distinfo
    
    Log Message:
    Add samba-3.0.32-CVE-2008-4314.patch.
    
    	http://www.samba.org/samba/security/CVE-2008-4314.html
    
    Bump PKGREVISION.
    tron committed Nov 28, 2008
Commits on Nov 27, 2008
  1. ticket #2600

    rtr committed Nov 27, 2008
  2. pullup ticket #2600 - requested by martti

    clamav: update package for fixes
    
    revisions pulled up:
    pkgsrc/mail/clamav/Makefile		1.89
    pkgsrc/mail/clamav/buildlink3.mk	1.18
    pkgsrc/mail/clamav/distinfo		1.56
    
       Module Name:    pkgsrc
       Committed By:   martti
       Date:           Thu Nov 27 06:07:49 UTC 2008
    
       Modified Files:
               pkgsrc/mail/clamav: Makefile buildlink3.mk distinfo
    
       Log Message:
       Updated mail/clamav to 0.94.2
    
       Lots of bug fixes, including
    
       * clamd: LogFileUnlock was not working correctly (bb#1304)
       * freshclam/manager.c: add support for http proxy in SubmitDetectionStats
         (bb#1284)
       * unit_tests/valgrind.supp: add more valgrind suppressions
       (bb#1283,#1286,#1294)
       * libclamav/readdb.c: fix handling of malformed ldb sigs (bb#1292)
       * freshclam/manager.c: improve reporting of server failures (bb#777)
       * clamscan/manager.c: fix double-slash when scanning the root dir (bb#1263)
       * libclamav/nsis: improve lateny (bb#1180)
       * libclamunrar/unrar.c: avoid rar_malloc warnings on damaged files (bb
       #1290)
       * libclamav/htmlnorm.c: fix memory leak (bb #1291)
    rtr committed Nov 27, 2008
  3. ticket #2599

    rtr committed Nov 27, 2008
  4. pullup ticket #2599 - requested by is

    slrn: update package for fixes
    
    revisions pulled up:
    pkgsrc/news/slrn/Makefile	1.43
    pkgsrc/news/slrn/distinfo	1.14
    
       Module Name:    pkgsrc
       Committed By:   is
       Date:           Wed Nov 26 14:30:04 UTC 2008
    
       Modified Files:
               pkgsrc/news/slrn: Makefile distinfo
    
       Log Message:
       Update to 0.9.9p1 - multiple fixes.
    rtr committed Nov 27, 2008
Commits on Nov 26, 2008
  1. ticket #2596

    rtr committed Nov 26, 2008
  2. pullup ticket #2596 - requested by tron

    libxml2: update and patch package for security fixes
    
    revisions pulled up:
    pkgsrc/textproc/libxml2/Makefile		1.97,1.98,1.99
    pkgsrc/textproc/libxml2/distinfo		1.69,1.70
    pkgsrc/textproc/libxml2/patches/patch-af	r0,1.3
    pkgsrc/textproc/libxml2/patches/patch-ag	r0,1.5
    pkgsrc/textproc/libxml2/patches/patch-ah	1.3
    
       Module Name:    pkgsrc
       Committed By:   drochner
       Date:           Thu Oct 16 13:31:57 UTC 2008
    
       Modified Files:
               pkgsrc/textproc/libxml2: Makefile distinfo
       Removed Files:
               pkgsrc/textproc/libxml2/patches: patch-af patch-ag
    
       Log Message:
       update to 2.7.2
       changes:
       -Portability fix: fix solaris compilation problem, fix compilation
        if XPath is not configured in
       -Bug fixes: nasty entity bug introduced in 2.7.0, restore old behaviour
        when saving an HTML doc with an xml dump function,
        HTML UTF-8 parsing bug, fix reader custom error handlers
       -Improvement: xmlSave options for more flexibility to save
        as XML/HTML/XHTML, handle leading BOM in HTML documents
    
       ------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   drochner
       Date:           Fri Oct 17 16:06:04 UTC 2008
    
       Modified Files:
               pkgsrc/textproc/libxml2: Makefile
    
       Log Message:
       restore the without-threads config arg which I accidentally commented
       out in the last update, bump PKGREVISION
       fixes PR pkg/39755 by David A. Holland
    
       ------------------------------------------------------------------------
    
       Module Name:    pkgsrc
       Committed By:   tron
       Date:           Mon Nov 24 13:59:16 UTC 2008
    
       Modified Files:
               pkgsrc/textproc/libxml2: Makefile distinfo
       Added Files:
               pkgsrc/textproc/libxml2/patches: patch-af patch-ag patch-ah
    
       Log Message:
       Add fixes for security vulnerabilities reported in CVE-2008-4225 and
       CVE-2008-4226 from "libxml2" SVN repository. Bump package revision.
    rtr committed Nov 26, 2008
  3. ticket #2598

    rtr committed Nov 26, 2008
  4. pullup ticket #2598 - requested by tron

    wireshark: patch for security fixes
    
    revisions pulled up:
    pkgsrc/net/wireshark/Makefile		1.28
    pkgsrc/net/wireshark/distinfo		1.18
    pkgsrc/net/wireshark/patches/patch-ad	1.1
    
       Module Name:    pkgsrc
       Committed By:   tron
       Date:           Tue Nov 25 22:53:55 UTC 2008
    
       Modified Files:
               pkgsrc/net/wireshark: Makefile distinfo
       Added Files:
               pkgsrc/net/wireshark/patches: patch-ad
    
       Log Message:
       Add fix for infinite loop in SMTP dissector from Wireshark SVN repository.
       This addresses the security vulnerability reported in SA32840.
    rtr committed Nov 26, 2008
  5. Pullup ticket #2597.

    tron committed Nov 26, 2008
  6. Pullup ticket #2597 - requested by is

    thunderbird: security update
    thunderbird-gtk1: security update
    
    Revisions pulled up:
    - mail/thunderbird/Makefile-thunderbird.common	1.38
    - mail/thunderbird/distinfo			1.49
    ---
    Module Name:	pkgsrc
    Committed By:	is
    Date:		Mon Nov 24 17:19:13 UTC 2008
    
    Modified Files:
    	pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo
    
    Log Message:
    Upgrade to 2.0.0.18 (some security fix)
    tron committed Nov 26, 2008
Commits on Nov 24, 2008
  1. ticket #2595

    rtr committed Nov 24, 2008
  2. pullup ticket #2595 - requested by tron

    imlib2: add patch to fix buffer overflow
    
    revisions pulled up:
    pkgsrc/graphics/imlib2/Makefile		1.48
    pkgsrc/graphics/imlib2/distinfo		1.23
    pkgsrc/graphics/imlib2/patches/patch-aa	1.12
    
       Module Name:    pkgsrc
       Committed By:   tron
       Date:           Sun Nov 23 18:41:16 UTC 2008
    
       Modified Files:
               pkgsrc/graphics/imlib2: Makefile distinfo
       Added Files:
               pkgsrc/graphics/imlib2/patches: patch-aa
    
       Log Message:
       Add Debian patch to fix a buffer overflow in the XPM file loader.
       Bump package revision.
    rtr committed Nov 24, 2008
Commits on Nov 23, 2008
  1. Pullup ticket #2594.

    tron committed Nov 23, 2008