Permalink
Commits on Mar 30, 2013
  1. Pullup tickets #4103 and #4104.

    tron
    tron committed Mar 30, 2013
  2. Pullup ticket #4103 - requested by taca

    tron
    tron committed Mar 30, 2013
    net/bind99: security update
    
    Revisions pulled up:
    - net/bind99/Makefile                                           1.21-1.23
    - net/bind99/distinfo                                           1.12-1.14
    - net/bind99/options.mk                                         1.5-1.6
    - net/bind99/patches/patch-configure                            1.4
    
    ---
       Module Name:	pkgsrc
       Committed By:	jperkin
       Date:		Wed Feb  6 23:24:19 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind99: Makefile
    
       Log Message:
       PKGREVISION bumps for the security/openssl 1.0.1d update.
    
    ---
       Module Name:	pkgsrc
       Committed By:	wiz
       Date:		Sat Mar  2 20:33:35 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind96: Makefile
    
       Log Message:
       Bump PKGREVISION for mysql default change to 55.
    
    ---
       Module Name:    pkgsrc
       Committed By:   pettai
       Date:           Sat Feb  9 00:14:34 UTC 2013
    
       Modified Files:
               pkgsrc/net/bind99: distinfo options.mk
    
       Log Message:
       Updated rrl patch version + source
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar 26 22:12:14 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind99: Makefile distinfo
       	pkgsrc/net/bind99/patches: patch-configure
    
       Log Message:
       Update bind99 to 9.9.2pl2 (BIND 9.9.2-P2).
    
       	--- 9.9.2-P2 released ---
    
       3516.	[security]	Removed the check for regex.h in configure in order
       			to disable regex syntax checking, as it exposes
       			BIND to a critical flaw in libregex on some
       			platforms. [RT #32688]
    
    ---
       Module Name:	pkgsrc
       Committed By:	pettai
       Date:		Wed Mar 27 12:08:24 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind99: distinfo options.mk
    
       Log Message:
       Also update the corresponding RRL patch + distinfo file
  3. Pullup ticket #4104 - requested by taca

    tron
    tron committed Mar 30, 2013
    net/bind98: security update
    
    Revisions pulled up:
    - net/bind98/Makefile                                    1.27 via patch
    - net/bind98/distinfo                                    1.19-1.20 via patch
    - net/bind98/options.mk                                  1.5 via patch
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar 26 22:12:56 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind98: Makefile distinfo
    
       Log Message:
       Update bind98 to 9.8.4pl2 (BIND 9.8.4-P2).
    
       	--- 9.8.4-P2 released ---
    
       3516.	[security]	Removed the check for regex.h in configure in order
       			to disable regex syntax checking, as it exposes
       			BIND to a critical flaw in libregex on some
       			platforms. [RT #32688]
  4. Pullup tickets #4105, #4106 and #4107.

    tron
    tron committed Mar 30, 2013
  5. Pullup ticket #4107 - requested by obache

    tron
    tron committed Mar 30, 2013
    emulators/suse121_libxml2: security update
    
    Revisions pulled up:
    - emulators/suse121_libxml2/Makefile                            1.6
    - emulators/suse121_libxml2/distinfo                            1.6
    
    ---
       Module Name:	pkgsrc
       Committed By:	obache
       Date:		Sat Mar 30 09:31:15 UTC 2013
    
       Modified Files:
       	pkgsrc/emulators/suse121_libxml2: Makefile distinfo
    
       Log Message:
       Update libxml2 RPM to 2.7.8+git20110708-3.20.1 for CVE-2013-0338.
    
       Bump PKGREVISION.
  6. Pullup ticket #4106 - requested by taca

    tron
    tron committed Mar 30, 2013
    net/isc-dhclient4: security update
    net/isc-dhcp4: security update
    net/isc-dhcpd4: security update
    net/isc-dhcrelay4: security update
    
    Revisions pulled up:
    - net/isc-dhclient4/Makefile                                    1.7
    - net/isc-dhcp4/Makefile                                        1.9-1.10
    - net/isc-dhcp4/Makefile.common                                 1.18-1.19
    - net/isc-dhcp4/distinfo                                        1.14-1.15
    - net/isc-dhcpd4/Makefile                                       1.7
    
    ---
       Module Name:	pkgsrc
       Committed By:	jperkin
       Date:		Wed Feb  6 23:24:19 UTC 2013
    
       Modified Files:
       	pkgsrc/net/isc-dhcp4: Makefile
    
       Log Message:
       PKGREVISION bumps for the security/openssl 1.0.1d update.
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Fri Jan 11 13:35:58 UTC 2013
    
       Modified Files:
       	pkgsrc/net/isc-dhclient4: Makefile
       	pkgsrc/net/isc-dhcp4: Makefile.common distinfo
       	pkgsrc/net/isc-dhcpd4: Makefile
    
       Log Message:
       Update ISC DHCP to 4.2.5.
    
       Changes are too many to write here, please refer RELNOTES.
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar 26 16:25:06 UTC 2013
    
       Modified Files:
       	pkgsrc/net/isc-dhcp4: Makefile Makefile.common distinfo
    
       Log Message:
       Update ISC DHCP packages to 4.2.5p1 (4.2.5-P1).
       	isc-dhclient4
       	isc-dhcp4
       	isc-dhcpd4
       	isc-dhcrelay4
  7. Pullup ticket #4105 - requested by taca

    tron
    tron committed Mar 30, 2013
    net/bind97: security patch
    
    Revisions pulled up:
    - net/bind97/Makefile                                           1.25-1.27
    
    ---
       Module Name:	pkgsrc
       Committed By:	jperkin
       Date:		Wed Feb  6 23:24:19 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind97: Makefile
    
       Log Message:
       PKGREVISION bumps for the security/openssl 1.0.1d update.
    
    ---
       Module Name:	pkgsrc
       Committed By:	wiz
       Date:		Sat Mar  2 20:33:35 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind97: Makefile
    
       Log Message:
       Bump PKGREVISION for mysql default change to 55.
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Wed Mar 27 00:34:32 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind97: Makefile
    
       Log Message:
       Disable use of regex.h for fixing CVE-2013-2266.
    
       Bump PKGREVISION.
Commits on Mar 17, 2013
  1. Pullup tickets #4099, #4100 and #4101.

    tron
    tron committed Mar 17, 2013
  2. Pullup ticket #4099 - requested by kim

    tron
    tron committed Mar 17, 2013
    net/proftpd: security update
    
    Revisions pulled up:
    - net/proftpd/Makefile                                          1.72
    - net/proftpd/PLIST                                             1.24
    - net/proftpd/distinfo                                          1.40
    - net/proftpd/patches/patch-ab                                  deleted
    - net/proftpd/patches/patch-ac                                  deleted
    
    ---
       Module Name:    pkgsrc
       Committed By:   kim
       Date:           Fri Mar 15 13:34:32 UTC 2013
    
       Modified Files:
               pkgsrc/net/proftpd: Makefile PLIST distinfo
       Removed Files:
               pkgsrc/net/proftpd/patches: patch-ab patch-ac
    
       Log Message:
       Updated net/proftpd to 1.3.4c:
       - addresses CVE-2012-6095 <http://bugs.proftpd.org/show_bug.cgi?id=3841>
  3. Pullup ticket #4100 - requested by tez

    tron
    tron committed Mar 17, 2013
    lang/perl5: security patch
    
    Revisions pulled up:
    - lang/perl5/Makefile                                           1.198
    - lang/perl5/distinfo                                           1.95
    - lang/perl5/patches/patch-CVE-2013-1667                        1.1
    
    ---
       Module Name:    pkgsrc
       Committed By:   tez
       Date:           Fri Mar  8 21:28:18 UTC 2013
    
       Modified Files:
               pkgsrc/lang/perl5: Makefile distinfo
       Added Files:
               pkgsrc/lang/perl5/patches: patch-CVE-2013-1667
    
       Log Message:
       add patch for CVE-2013-1667 from:
        https://bugzilla.redhat.com/show_bug.cgi?id=912276
       bump PKGREVISION
  4. Pullup ticket #4101 - requested by tez

    tron
    tron committed Mar 17, 2013
    textproc/libxml2: security patch
    
    Revisions pulled up:
    - textproc/libxml2/Makefile                                     1.123
    - textproc/libxml2/distinfo                                     1.98
    - textproc/libxml2/patches/patch-CVE-2013-0338-CVE-2013-0339    1.1
    
    ---
       Module Name:    pkgsrc
       Committed By:   tez
       Date:           Fri Mar  8 23:59:31 UTC 2013
    
       Modified Files:
               pkgsrc/textproc/libxml2: Makefile distinfo
       Added Files:
               pkgsrc/textproc/libxml2/
       patches: patch-CVE-2013-0338-CVE-2013-0339
    
       Log Message:
       Fix for CVE-2013-0338 & CVE-2013-0339
    
       from
       https://git.gnome.org/browse/libxml2/commit/?id=23f05e0c33987d6605387b300c4be5da2120a7ab
    
       bump PKGREVISION
Commits on Mar 16, 2013
  1. HOMEPAGE gone, update (gna).

    gdt
    gdt committed Mar 16, 2013
Commits on Mar 13, 2013
  1. Pullup tickets #4097 and #4098.

    tron
    tron committed Mar 13, 2013
  2. Pullup ticket #4098 - requested by obache

    tron
    tron committed Mar 13, 2013
    multimedia/adobe-flash-plugin10.1: security update
    
    Revisions pulled up:
    - multimedia/adobe-flash-plugin10.1/Makefile                    1.26
    - multimedia/adobe-flash-plugin10.1/distinfo                    1.17
    
    ---
       Module Name:	pkgsrc
       Committed By:	obache
       Date:		Wed Mar 13 13:08:42 UTC 2013
    
       Modified Files:
       	pkgsrc/multimedia/adobe-flash-plugin10.1: Makefile distinfo
    
       Log Message:
       Update adoble-flash-plugin101 to 10.3.183.68 for APSB-13-09.
  3. Pullup ticket #4097 - requested by obache

    tron
    tron committed Mar 13, 2013
    multimedia/adobe-flash-plugin11: security update
    
    Revisions pulled up:
    - multimedia/adobe-flash-plugin11/Makefile                      1.14
    - multimedia/adobe-flash-plugin11/distinfo                      1.13
    
    ---
       Module Name:	pkgsrc
       Committed By:	obache
       Date:		Wed Mar 13 13:07:40 UTC 2013
    
       Modified Files:
       	pkgsrc/multimedia/adobe-flash-plugin11: Makefile distinfo
    
       Log Message:
       Update adoble-flash-plugin11 to 11.2.202.275 for APSB-13-09.
Commits on Mar 12, 2013
  1. Pullup ticket #4096.

    tron
    tron committed Mar 12, 2013
  2. Pullup ticket #4096 - requested by obache

    tron
    tron committed Mar 12, 2013
    emulators/suse121_qt4: security update
    
    Revisions pulled up:
    - emulators/suse121_qt4/Makefile                                1.4
    - emulators/suse121_qt4/distinfo                                1.4
    
    ---
       Module Name:	pkgsrc
       Committed By:	obache
       Date:		Tue Mar 12 11:25:18 UTC 2013
    
       Modified Files:
       	pkgsrc/emulators/suse121_qt4: Makefile distinfo
    
       Log Message:
       Update libqt4 rpm to 4.7.4-19.21.1 for CVE-2013-0254.
    
       Bump PKGREVISION.
Commits on Mar 9, 2013
  1. Pullup ticket #4089.

    tron
    tron committed Mar 9, 2013
  2. Pullup ticket #4089 - requested by jym

    tron
    tron committed Mar 9, 2013
    security/stunnel: security update
    
    Revisions pulled up:
    - security/stunnel/Makefile                              1.80,1.82 via patch
    - security/stunnel/distinfo                              1.36-1.37
    
    ---
       Module Name:    pkgsrc
       Committed By:   jym
       Date:           Tue Jan  8 23:45:40 UTC 2013
    
       Modified Files:
               pkgsrc/security/stunnel: Makefile distinfo
    
       Log Message:
       Update to 4.54. Changelog:
    
       New Win32 features
               FIPS module updated to version 2.0.
               OpenSSL DLLs updated to version 1.0.1c.
               zlib DLL updated to version 1.2.7.
               Engine DLLs added: 4758cca, aep, atalla, capi, chil, cswift, gmp, gost,
       nuron, padlock, sureware, ubsec.
    
       Other new features
               "session" option renamed to more readable "sessionCacheTimeout". The
       old name remains accepted for backward compatibility.
               New service-level "sessionCacheSize" option to control session cache
       size.
               New service-level option "reset" to control whether TCP RST flag is
       used to indicate errors. The default value is "reset = yes".
               New service-level option "renegotiation" to disable SSL renegotiation.
       This feature is based on a public-domain patch by Janusz Dziemidowicz.
               New FreeBSD socket options: IP_FREEBIND, IP_BINDANY, IPV6_BINDANY (thx
       to Janusz Dziemidowicz).
               New parameters to configure TLS v1.1/v1.2 with OpenSSL version 1.0.1 or
       higher (thx to Henrik Riomar).
    
       Bugfixes
               Fixed "Application Failed to Initialize Properly (0xc0150002)" error.
               Fixed missing SSL state debug log entries.
               Fixed a race condition in libwrap code resulting in random stalls (thx
       to Andrew Skalski).
               Session cache purged at configuration file reload to reduce memory
       leak. Remaining leak of a few kilobytes per section is yet to be fixed.
               Fixed regression bug in "transparent = destination" functionality (thx
       to Stefan Lauterbach). This bug was introduced in stunnel 4.51.
               "transparent = destination" is now a valid endpoint in inetd mode.
               "delay = yes" fixed to work even if specified *after* "connect" option.
               Multiple "connect" targets fixed to also work with delayed resolver.
               The number of resolver retries of EAI_AGAIN error has been limited to 3
       in order to prevent infinite loops.
    
       Fix some directory owner/group rights and take over maintainership as I
       use it almost daily.
    
    ---
       Module Name:    pkgsrc
       Committed By:   jym
       Date:           Wed Mar  6 22:50:31 UTC 2013
    
       Modified Files:
               pkgsrc/security/stunnel: Makefile distinfo
    
       Log Message:
       Update stunnel to 4.55. Critical update that fixes CVE-2013-1762.
    
       Changelog:
    
       Version 4.55, 2013.03.03, urgency: HIGH:
    
           Security bugfix
               OpenSSL updated to version 1.0.1e in Win32/Android builds.
               Buffer overflow vulnerability fixed in the NTLM authentication of the
       CONNECT protocol negotiation. See [10]https://www.stunnel.org/CVE-2013-1762.html
    
       for details.
           New features
               SNI wildcard matching in server mode.
               Terminal version of stunnel (tstunnel.exe) build for Win32.
           Bugfixes
               Fixed write half-close handling in the transfer() function (thx to
       Dustin Lundquist).
               Fixed EAGAIN error handling in the transfer() function (thx to Jan Bee).
               Restored default signal handlers before execvp() (thx to Michael
       Weiser).
               Fixed memory leaks in protocol negotiation (thx to Arthur Mesh).
               Fixed a file descriptor leak during configuration file reload (thx to
       Arthur Mesh).
               Closed SSL sockets were removed from the the transfer() c->fds poll.
               Minor fix in handling exotic inetd-mode configurations.
               WCE compilation fixes.
               IPv6 compilation fix in protocol.c.
               Windows installer fixes.
  3. pullup 4094

    spz
    spz committed Mar 9, 2013
  4. Pullup ticket #4094 - requested by wen

    spz
    spz committed Mar 9, 2013
    www/mediawiki: security update
    
    Revisions pulled up:
    - www/mediawiki/Makefile                                        1.27
    - www/mediawiki/PLIST                                           1.13
    - www/mediawiki/distinfo                                        1.18
    
    -------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   wen
       Date:           Fri Mar  8 07:57:29 UTC 2013
    
       Modified Files:
               pkgsrc/www/mediawiki: Makefile PLIST distinfo
    
       Log Message:
       Update to 1.20.3
    
       Upstream changes:
       MediaWiki 1.20.3
    
       This is a security and maintenance release of the MediaWiki 1.20 branch.
       Changes since 1.20.2
       New preference type - 'api'. Preferences of this type are not shown on
       Special:Preferences, but are still available via the action=options
       API. (Unbreaks MLEB.)
       (bug 44010) Context is passed to UserGetLanguageObject.
       The recursion guard on RequestContext::getLanguage() was weakened.
       (bug 40585) Don't drop 'step="any"' in HTML input fields.
       (bug 44024) Fixed problems in ObjectCache when using XCache.
       (bug 44010) FauxRequest leaked cookie data from primary request.
       (bug 44135/bug 42441) Pass '2' instead of 'true' to CURLOPT_SSL_VERIFYHOST
       (bug 43518) API action=unblock should return the user name, not the
       full user object
       (Bug 45355) Prevent read of arbitrary files through mwdoc-filter.php
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.26 -r1.27 pkgsrc/www/mediawiki/Makefile
       cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/mediawiki/PLIST
       cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/mediawiki/distinfo
  5. pullup 4091, 4092 and 4093

    spz
    spz committed Mar 9, 2013
  6. Pullup ticket #4093 - requested by taca

    spz
    spz committed Mar 9, 2013
    www/typo3_47: security update
    
    Revisions pulled up:
    - www/typo3_47/Makefile                                         1.9-1.10
    - www/typo3_47/PLIST                                            1.6
    - www/typo3_47/distinfo                                         1.7-1.8
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar  5 13:59:04 UTC 2013
    
       Modified Files:
       	pkgsrc/www/typo3_47: Makefile PLIST distinfo
    
       Log Message:
       Update typo3_47 to 4.7.8.
    
       2013-02-14  e83abe1                  [RELEASE] Release of TYPO3 4.7.8 (TYPO3 Release Team)
       2013-02-14  71ef699  #44099          [BUGFIX] L10n fallback does not work for TS labels (Xavier Perseguers)
       2013-02-14  f2aeff0  #44273          [BUGFIX] L10n fallback does not work for ExtJS in BE (Xavier Perseguers)
       2013-02-14  a930bdf                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-02-14  915bf76  #42084          [BUGFIX] Allow "en" as language key (Xavier Perseguers)
       2013-02-08  efbce7b                  [TASK] Raise submodule pointer (Christian Kuhn)
       2013-02-07  f1c43bb  #34129          [BUGFIX][Cache][PDO] Duplicate cache entry possible (Leon Dietsch)
       2013-02-03  a0cf1c9  #36364          [BUGFIX] IE9 compatibility clear cache menu (Andreas Kiessling)
       2013-02-02  44942df  #44416          [BUGFIX] Hook call modifyDBRow in ContentContentObject (Alina Fleser)
       2013-02-02  9dba7d3  #43886          [BUGFIX] Fix misspelling in RTE meta menu (Tomita Militaru)
       2013-02-02  b088faa  #38505          [BUGFIX] load TCA before manipulation (Jigal van Hemert)
       2013-02-01  c81aa5f  #28606          [BUGFIX] add check for empty form values in FORM View (Christian Kuhn)
       2013-01-31  850a316  #45050          [TASK] DataHandler::getAutoVersionId() should be public (Oliver Hader)
       2013-01-28  d8c61c6  #44892          [BUGFIX] Possible warning in about module (Christian Kuhn)
       2013-01-27  dcb3a23  #42845          [BUGFIX] Quick Edit triggers warnings of missing key uid (Philipp Gampe)
       2013-01-26  d2d5127                  [TASK] Raise submodule pointer (Christian Kuhn)
       2013-01-25  3845cc6  #39680          [BUGFIX] Fix warnings in em on tab Maintenance (Philipp Gampe)
       2013-01-25  9eca09b  #19938,#23324,  [BUGFIX] EXT:felogin: Multiple bugs with preserveGETvars (Jigal van Hemert)
       2013-01-25  c62aca6  #44145          [BUGFIX] Correct TCA inclusion for uploads rendering (Georg Ringer)
       2013-01-24  04f83a8  #43874          [BUGFIX] array_merge_recursive_overrule: __UNSET for array values (Sebastian Michaelsen)
       2013-01-24  b8d869c  #38240          [BUGFIX] Update description on changed error reporting defaults (Mario Rimann)
       2013-01-24  78bc877  #43919          [BUGFIX] Fix typos in stdWrap_crop description (Wouter Wolters)
       2013-01-24  05d35ee  #44152          [TASK] Add save only button to Scheduler task (Lorenz Ulrich)
       2013-01-12  db6aad0  #38135          [BUGFIX] Apc Cache backend has side effects (Daniel Pötzinger)
       2013-01-04  f515d66  #44301          [BUGFIX] Invalid call to t3lib_TCEmain::processRemapStack() (Oliver Hader)
       2013-01-04  abd5389                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-01-02  84b978f  #42092          [BUGFIX] Suggest wizard is behind form inputs (Xavier Perseguers)
       2013-01-01  728ad7c  #44263          [BUGFIX] phpdoc: $urlParameters can be a string (Stefan Neufeind)
       2012-12-20  34af104  #34964          [BUGFIX] FE session records are never removed (Steffen Müller)
       2012-12-20  63c8b8d  #32278          [BUGFIX] INTincScript_loadJSCode() causes PHP warnings (Markus Klein)
       2012-12-20  4658cd9  #43426          [BUGFIX] Fix broken logo file in Install Tool (Tomita Militaru)
       2012-12-10  de4c85d  #43603          [BUGFIX] Enable the RTE with WebKit version 534 on iOS and Android (Stanislas Rolland)
       2012-12-10  4167917  #43766          [BUGFIX] IE9 crashes after saving with RTE (Stanislas Rolland)
       2012-12-10  bab481b  #38472          [BUGFIX] Remove HTML in RuntimeException from sysext 'install' (Philipp Gampe)
       2012-12-06  082fd0c  #39287          [BUGFIX] Compatibility fix for get_html_translation_table() (Michael Stucki)
       2012-12-01  4c8eb91  #25113          [BUGFIX] Fix wrong column title in web>list for field colpos (Martin Kästner)
       2012-12-01  5b03172  #43470          [BUGFIX] SqlParser: trim all kinds of whitespaces (Stefan Neufeind)
       2012-11-30  7605a68  #43459          [TASK] Remove typo3.pageModule.js (Falk Kühnel)
       2012-11-30  fcd137b  #42292          [BUGFIX] Installer: Reference images wrong (Christian Kuhn)
       2012-11-29  b69a525  #41608          [BUGFIX] Page Information shows incorrect number of total hits (Andrew Moore)
       2012-11-29  c0221e9  #42908          [BUGFIX] Old logo on "Install Tool is locked" page (Nikolas Schmidt-Voigt)
       2012-11-29  f0d8ed0  #32515          [BUGFIX] Form values with newlines escaped in email (Helmut Hummel)
       2012-11-27  c308d1d  #42236          [TASK] openid: Update php-openid to 2.2.2 (Stefan Neufeind)
       2012-11-24  2656dd8  #43264          [BUGFIX] Hide version selector if workspaces are used (Helmut Hummel)
       2012-11-23  912603d  #35787          [BUGFIX] Subject field in FormWizard (Florian Scholz)
       2012-11-21  c790dbd                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2012-11-20  7c02b0c  #33700          [BUGFIX] Invalid behavior of search for integer in Backend search (Soren Malling)
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/typo3_47/Makefile
       cvs rdiff -u -r1.5 -r1.6 pkgsrc/www/typo3_47/PLIST
       cvs rdiff -u -r1.6 -r1.7 pkgsrc/www/typo3_47/distinfo
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Wed Mar  6 14:25:27 UTC 2013
    
       Modified Files:
       	pkgsrc/www/typo3_47: Makefile distinfo
    
       Log Message:
       Update typo3_47 to 4.7.9 (TYPO3 4.7.9).
    
       2013-03-06  fb3f3b6                  [RELEASE] Release of TYPO3 4.7.9 (TYPO3 Release Team)
       2013-03-06  d816f5b                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-03-06  85a52fe  #28587          [SECURITY] Open redirection with jumpurl (Franz G. Jahn)
       2013-02-17  236defa  #40085          [BUGFIX] Invalid RSA key when submitting form twice (Benjamin Mack)
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/typo3_47/Makefile
       cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/typo3_47/distinfo
  7. Pullup ticket #4092 - requested by taca

    spz
    spz committed Mar 9, 2013
    www/typo3_46: security update
    
    Revisions pulled up:
    - www/typo3_46/Makefile                                         1.18-1.19
    - www/typo3_46/PLIST                                            1.10
    - www/typo3_46/distinfo                                         1.16-1.17
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar  5 13:56:23 UTC 2013
    
       Modified Files:
       	pkgsrc/www/typo3_46: Makefile PLIST distinfo
    
       Log Message:
       Update typo3_46 to 4.6.16.
    
       2013-02-14  2385b8d                  [RELEASE] Release of TYPO3 4.6.16 (TYPO3 Release Team)
       2013-02-14  fc50341  #44099          [BUGFIX] L10n fallback does not work for TS labels (Xavier Perseguers)
       2013-02-14  ffcf2db  #44273          [BUGFIX] L10n fallback does not work for ExtJS in BE (Xavier Perseguers)
       2013-02-14  1788e32                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-02-14  2c4bffa  #42084          [BUGFIX] Allow "en" as language key (Xavier Perseguers)
       2013-02-08  81ac8ac                  [TASK] Raise submodule pointer (Christian Kuhn)
       2013-02-07  57756d5  #34129          [BUGFIX][Cache][PDO] Duplicate cache entry possible (Leon Dietsch)
       2013-02-03  6c3bef2  #36364          [BUGFIX] IE9 compatibility clear cache menu (Andreas Kiessling)
       2013-02-02  0af6da1  #44416          [BUGFIX] Hook call modifyDBRow in ContentContentObject (Alina Fleser)
       2013-02-02  df59226  #43886          [BUGFIX] Fix misspelling in RTE meta menu (Tomita Militaru)
       2013-02-02  a06d3c6  #38505          [BUGFIX] load TCA before manipulation (Jigal van Hemert)
       2013-02-01  928f016  #28606          [BUGFIX] add check for empty form values in FORM View (Christian Kuhn)
       2013-01-31  3367c8b  #45050          [TASK] DataHandler::getAutoVersionId() should be public (Oliver Hader)
       2013-01-27  50e3610  #42845          [BUGFIX] Quick Edit triggers warnings of missing key uid (Philipp Gampe)
       2013-01-27  80b80a0                  [TASK] Raise submodule pointer (Christian Kuhn)
       2013-01-25  4c8c176  #39680          [BUGFIX] Fix warnings in em on tab Maintenance (Philipp Gampe)
       2013-01-25  1502773  #44145          [BUGFIX] Correct TCA inclusion for uploads rendering (Georg Ringer)
       2013-01-24  4b792b9  #38240          [BUGFIX] Update description on changed error reporting defaults (Mario Rimann)
       2013-01-24  cf7af09  #43919          [BUGFIX] Fix typos in stdWrap_crop description (Wouter Wolters)
       2013-01-11  86c97ee  #38135          [BUGFIX] Apc Cache backend has side effects (Daniel Pötzinger)
       2013-01-04  26fdc3f  #44301          [BUGFIX] Invalid call to t3lib_TCEmain::processRemapStack() (Oliver Hader)
       2013-01-04  6648447                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-01-02  aa893a0  #42092          [BUGFIX] Suggest wizard is behind form inputs (Xavier Perseguers)
       2013-01-01  1d523bd  #44263          [BUGFIX] phpdoc: $urlParameters can be a string (Stefan Neufeind)
       2012-12-20  d4d9e0d  #34964          [BUGFIX] FE session records are never removed (Steffen Müller)
       2012-12-20  48d51a1  #32278          [BUGFIX] INTincScript_loadJSCode() causes PHP warnings (Markus Klein)
       2012-12-20  2456037  #43426          [BUGFIX] Fix broken logo file in Install Tool (Tomita Militaru)
       2012-12-10  0b2288d  #38472          [BUGFIX] Remove HTML in RuntimeException from sysext 'install' (Philipp Gampe)
       2012-12-01  1f5fe25  #25113          [BUGFIX] Fix wrong column title in web>list for field colpos (Martin Kästner)
       2012-12-01  f808df4  #43470          [BUGFIX] SqlParser: trim all kinds of whitespaces (Stefan Neufeind)
       2012-11-30  26d0e1a  #43459          [TASK] Remove typo3.pageModule.js (Falk Kühnel)
       2012-11-30  646c546  #42292          [BUGFIX] Installer: Reference images wrong (Christian Kuhn)
       2012-11-30  8684a61  #41608          [BUGFIX] Page Information shows incorrect number of total hits (Andrew Moore)
       2012-11-29  7c81671  #42908          [BUGFIX] Old logo on "Install Tool is locked" page (Nikolas Schmidt-Voigt)
       2012-11-29  04b2e6c  #32515          [BUGFIX] Form values with newlines escaped in email (Helmut Hummel)
       2012-11-27  c667e98  #42236          [TASK] openid: Update php-openid to 2.2.2 (Stefan Neufeind)
       2012-11-24  ba065d9  #33813          [BUGFIX] Wizard in HTML element moved to t3editor (Georg Ringer)
       2012-11-24  c1a2299  #32890          [BUGFIX] Livesearch toolbar should close others (Tolleiv Nietsch)
       2012-11-24  c17a292  #43264          [BUGFIX] Hide version selector if workspaces are used (Helmut Hummel)
       2012-11-23  a81bdec  #35787          [BUGFIX] Subject field in FormWizard (Florian Scholz)
       2012-11-21  683a356                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2012-11-20  8e85043  #33700          [BUGFIX] Invalid behavior of search for integer in Backend search (Soren Malling)
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/typo3_46/Makefile
       cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/typo3_46/PLIST
       cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/typo3_46/distinfo
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Wed Mar  6 14:24:29 UTC 2013
    
       Modified Files:
       	pkgsrc/www/typo3_46: Makefile distinfo
    
       Log Message:
       Update typo3_46 to 4.6.17 (TYPO3 4.6.17).
    
       2013-03-06  e0d3f5a                  [RELEASE] Release of TYPO3 4.6.17 (TYPO3 Release Team)
       2013-03-06  425ff87                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-03-06  da32bbb  #28587          [SECURITY] Open redirection with jumpurl (Franz G. Jahn)
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/typo3_46/Makefile
       cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/typo3_46/distinfo
Commits on Mar 8, 2013
  1. Pullup ticket #4091 - requested by taca

    spz
    spz committed Mar 8, 2013
    www/typo3_45: security update
    
    Revisions pulled up:
    - www/typo3_45/Makefile                                         1.19-1.20
    - www/typo3_45/PLIST                                            1.9
    - www/typo3_45/distinfo                                         1.16-1.17
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar  5 13:57:48 UTC 2013
    
       Modified Files:
       	pkgsrc/www/typo3_45: Makefile PLIST distinfo
    
       Log Message:
       Update typo3_45 to 4.5.23.
    
       2013-02-14  de390e0                  [RELEASE] Release of TYPO3 4.5.23 (TYPO3 Release Team)
       2013-02-14  63a1e27                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-02-09  c9ef82d  #24248          [BUGFIX] t3lib_iconWorks must check if array exists before using it (Jigal van Hemert)
       2013-02-09  83f1185  #32686          [BUGFIX] BE user switch impossible when in adminOnly mode (Philipp Kitzberger)
       2013-02-09  3d289da  #34460          [BUGFIX] Excludefieds must exclude admin only tables (Georg Ringer)
       2013-02-09  6d006e2  #33214          [BUGFIX] TypoLink: absolute urls when installed in subfolder (Nils Seinschedt)
       2013-02-08  50372c5                  [TASK] Raise submodule pointer (Christian Kuhn)
       2013-02-07  6c8214e  #34129          [BUGFIX][Cache][PDO] Duplicate cache entry possible (Leon Dietsch)
       2013-02-03  cf0fb91  #36364          [BUGFIX] IE9 compatibility clear cache menu (Andreas Kiessling)
       2013-02-02  05d9084  #44416          [BUGFIX] Hook call modifyDBRow in ContentContentObject (Alina Fleser)
       2013-02-02  6f5e19f  #43886          [BUGFIX] Fix misspelling in RTE meta menu (Tomita Militaru)
       2013-02-02  b1a5a4b  #38505          [BUGFIX] load TCA before manipulation (Jigal van Hemert)
       2013-01-31  05c879f  #45050          [TASK] DataHandler::getAutoVersionId() should be public (Oliver Hader)
       2013-01-28  9c32684  #31027          [BUGFIX] Load date-time picker in scheduler module (Christian Kuhn)
       2013-01-27  8ff08c4  #42845          [BUGFIX] Quick Edit triggers warnings of missing key uid (Philipp Gampe)
       2013-01-27  d808455                  [TASK] Raise submodule pointer (Christian Kuhn)
       2013-01-25  ede6862  #39680          [BUGFIX] Fix warnings in em on tab Maintenance (Philipp Gampe)
       2013-01-25  1e0c188  #44145          [BUGFIX] Correct TCA inclusion for uploads rendering (Georg Ringer)
       2013-01-24  2b64b11  #38240          [BUGFIX] Update description on changed error reporting defaults (Mario Rimann)
       2013-01-24  e16d0f1  #43919          [BUGFIX] Fix typos in stdWrap_crop description (Wouter Wolters)
       2013-01-12  306b134  #38135          [BUGFIX] Apc Cache backend has side effects (Daniel Pötzinger)
       2013-01-04  44f7fdd  #44301          [BUGFIX] Invalid call to t3lib_TCEmain::processRemapStack() (Oliver Hader)
       2013-01-04  ea7de49                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-01-02  94fb5a7  #42092          [BUGFIX] Suggest wizard is behind form inputs (Xavier Perseguers)
       2013-01-01  04fca2a  #44263          [BUGFIX] phpdoc: $urlParameters can be a string (Stefan Neufeind)
       2012-12-20  da58b20  #34964          [BUGFIX] FE session records are never removed (Steffen Müller)
       2012-12-20  3ed1ba5  #32278          [BUGFIX] INTincScript_loadJSCode() causes PHP warnings (Markus Klein)
       2012-12-10  ec03f10  #43603          [BUGFIX] Enable the RTE with WebKit version 534 on iOS and Android (Stanislas Rolland)
       2012-12-10  10688b1  #38472          [BUGFIX] Remove HTML in RuntimeException from sysext 'install' (Philipp Gampe)
       2012-12-01  236e831  #25113          [BUGFIX] Fix wrong column title in web>list for field colpos (Martin Kästner)
       2012-12-01  339f739  #43470          [BUGFIX] SqlParser: trim all kinds of whitespaces (Stefan Neufeind)
       2012-11-30  1666d38  #43459          [TASK] Remove typo3.pageModule.js (Falk Kühnel)
       2012-11-30  8892bbe  #42292          [BUGFIX] Installer: Reference images wrong (Christian Kuhn)
       2012-11-30  9716cf8  #41608          [BUGFIX] Page Information shows incorrect number of total hits (Andrew Moore)
       2012-11-29  209d607  #42908          [BUGFIX] Old logo on "Install Tool is locked" page (Nikolas Schmidt-Voigt)
       2012-11-27  e87270e  #42236          [TASK] openid: Update php-openid to 2.2.2 (Stefan Neufeind)
       2012-11-24  7199e5d  #34098          [TASK] Group excludefields by table (Johannes Feustel)
       2012-11-24  971145f  #43264          [BUGFIX] Hide version selector if workspaces are used (Helmut Hummel)
       2012-11-21  8402d9b                  [TASK] Raise submodule pointer (TYPO3 Release Team)
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/typo3_45/Makefile
       cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/typo3_45/PLIST
       cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/typo3_45/distinfo
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Wed Mar  6 14:23:39 UTC 2013
    
       Modified Files:
       	pkgsrc/www/typo3_45: Makefile distinfo
    
       Log Message:
       Update typo3_45 to 4.5.24 (TYPO3 4.5.24).
    
       2013-03-06  3cbef1f                  [RELEASE] Release of TYPO3 4.5.24 (TYPO3 Release Team)
       2013-03-06  79e2370                  [TASK] Raise submodule pointer (TYPO3 Release Team)
       2013-03-06  71135d8  #28587          [SECURITY] Open redirection with jumpurl (Franz G. Jahn)
       2013-03-01  0d77b86  #25003          [BUGFIX] Check minitems for TCAtree (Georg Ringer)
       2013-03-01  796680a  #34371          [BUGFIX] Keep hyphens in custom HTML5 attributes (Jigal van Hemert)
       2013-02-25  06571e6  #45570          Revert "[BUGFIX] FE session records are never removed" (Oliver Hader)
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/typo3_45/Makefile
       cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/typo3_45/distinfo
  2. pullups 4088 and 4090

    spz
    spz committed Mar 8, 2013
  3. Pullup ticket #4090 - requested by tron

    spz
    spz committed Mar 8, 2013
    net/wireshark: security update
    
    Revisions pulled up:
    - net/wireshark/Makefile                                        1.97
    - net/wireshark/distinfo                                        1.63
    - net/wireshark/patches/patch-ae                                deleted
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	tron
       Date:		Thu Mar  7 12:44:11 UTC 2013
    
       Modified Files:
       	pkgsrc/net/wireshark: Makefile distinfo
       Removed Files:
       	pkgsrc/net/wireshark/patches: patch-ae
    
       Log Message:
       Update "wireshark" package to version 1.8.6. Changes since 1.8.5:
       - Bug Fixes
          The following vulnerabilities have been fixed.
            o wnpa-sec-2013-10
              The TCP dissector could crash. (Bug 8274)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2475
            o wnpa-sec-2013-11
              The HART/IP dissectory could go into an infinite loop. (Bug
              8360)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2476
            o wnpa-sec-2013-12
              The CSN.1 dissector could crash. Discovered by Laurent Butti.
              (Bug 8383)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2477
            o wnpa-sec-2013-13
              The MS-MMS dissector could crash. Discovered by Laurent Butti.
              (Bug 8382)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2478
            o wnpa-sec-2013-14
              The MPLS Echo dissector could go into an infinite loop.
              Discovered by Laurent Butti. (Bug 8039)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2479
            o wnpa-sec-2013-15
              The RTPS and RTPS2 dissectors could crash. Discovered by
              Alyssa Milburn. (Bug 8332)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2480
            o wnpa-sec-2013-16
              The Mount dissector could crash. Discovered by Alyssa Milburn.
              (Bug 8335)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2481
            o wnpa-sec-2013-17
              The AMPQ dissector could go into an infinite loop. Discovered
              by Moshe Kaplan. (Bug 8337)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2482
            o wnpa-sec-2013-18
              The ACN dissector could attempt to divide by zero. Discovered
              by Alyssa Milburn. (Bug 8340)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2483
            o wnpa-sec-2013-19
              The CIMD dissector could crash. Discovered by Moshe Kaplan.
              (Bug 8346)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2484
            o wnpa-sec-2013-20
              The FCSP dissector could go into an infinite loop. Discovered
              by Moshe Kaplan. (Bug 8359)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2485
            o wnpa-sec-2013-21
              The RELOAD dissector could go into an infinite loop.
              Discovered by Even Jensen. (Bug 8364)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2486
              CVE-2013-2487
            o wnpa-sec-2013-22
              The DTLS dissector could crash. Discovered by Laurent Butti.
              (Bug 8380)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2488
          The following bugs have been fixed:
            o Lua pinfo.cols.protocol not holding value in postdissector.
              (Bug 6020)
            o data combined via ssl_desegment_app_data not visible via
              "Follow SSL Stream" only decrypted ssl data tabs. (Bug 6434)
            o HTTP application/json-rpc should be decoded/shown as
              application/json. (Bug 7939)
            o Maximum value of 802.11-2012 Duration field should be 32767.
              (Bug 8056)
            o Voice RTP player crash if player is closed while playing. (Bug
              8065)
            o Display Filter Macros crash. (Bug 8073)
            o RRC RadioBearerSetup message decoding issue. (Bug 8290)
            o R-click filters add ! in front of field when choosing "apply
              as filter>selected". (Bug 8297)
            o BACnet - Loop Object - Setpoint-Reference property does not
              decode correctly. (Bug 8306)
            o WMM TSPEC Element Parsing is not done is wrong due to a wrong
              switch case number. (Bug 8320)
            o Incorrect RTP statistics (Lost Packets indication not ok).
              (Bug 8321)
            o Registering ieee802154 dissector for IEEE802.15.4 frames
              inside Linux SLL frames. (Bug 8325)
            o Version Field is skipped while parsing WMM_TSPEC causing wrong
              dissecting (1 byte offset missing) of all fields in the TSPEC.
              (Bug 8330)
            o [BACnet] UCS-2 strings longer than 127 characters do not
              decode correctly. (Bug 8331)
            o Malformed IEEE80211 frame triggers DISSECTOR_ASSERT. (Bug
              8345)
            o Decoding of GSM MAP SMS Diagnostics. (Bug 8378)
            o Incorrect packet length displayed for Flight Message Transfer
              Protocol (FMTP). (Bug 8407)
            o Netflow dissector flowDurationMicroseconds nanosecond
              conversion wrong. (Bug 8410)
            o BE (3) AC is wrongly named as "Video" in (qos_acs). (Bug 8432)
       - Updated Protocol Support
         ACN, AMQP, ASN.1 PER, BACnet, CIMD, CSN.1, DOCSIS TLVs, DTLS,
         FCSP, FMP/NOTIFY, FMTP, GSM MAP SMS, HART/IP, IEEE 802.11, IEEE
         802.15.4, JSON, Linux SLL, LTE RRC, Mount, MPLS Echo, Netflow,
         RELOAD, RSL, RTP, RTPS, RTPS2, SABP, SIP, SSL, TCP
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.96 -r1.97 pkgsrc/net/wireshark/Makefile
       cvs rdiff -u -r1.62 -r1.63 pkgsrc/net/wireshark/distinfo
       cvs rdiff -u -r1.3 -r0 pkgsrc/net/wireshark/patches/patch-ae
  4. Pullup ticket #4088 - requested by tron

    spz
    spz committed Mar 8, 2013
    www/apache22: security update
    
    Revisions pulled up:
    - www/apache22/Makefile                                         1.87
    - www/apache22/PLIST                                            1.22
    - www/apache22/distinfo                                         1.54
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	tron
       Date:		Sun Mar  3 20:05:04 UTC 2013
    
       Modified Files:
       	pkgsrc/www/apache22: Makefile PLIST distinfo
    
       Log Message:
       Update "apache" package to version 2.2.24. Changes since 2.2.23:
       - SECURITY: CVE-2012-3499 (cve.mitre.org)
         Various XSS flaws due to unescaped hostnames and URIs HTML output in
         mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
         [Jim Jagielski, Stefan Fritsch, Niels Heinen <heinenn google com>]
       - SECURITY: CVE-2012-4558 (cve.mitre.org)
         XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
         Niels Heinen <heinenn google com>]
       - mod_rewrite: Stop merging RewriteBase down to subdirectories
         unless new option 'RewriteOptions MergeBase' is configured.
         Merging RewriteBase was unconditionally turned on in 2.2.23.
         Bug Report 53963. [Eric Covener]
       - mod_ssl: Send the error message for speaking http to an https port using
         HTTP/1.0 instead of HTTP/0.9, and omit the link that may be wrong when
         using SNI. Bug Report 50823. [Stefan Fritsch]
       - mod_ssl: log revoked certificates at level INFO
         instead of DEBUG. Bug Report 52162. [Stefan Fritsch]
       - mod_proxy_ajp: Support unknown HTTP methods. Bug Report 54416.
         [Rainer Jung]
       - mod_dir: Add support for the value 'disabled' in FallbackResource.
         [Vincent Deffontaines]
       - mod_ldap: Fix regression in handling "server unavailable" errors on
         Windows.  Bug Report 54140.  [Eric Covener]
       - mod_ssl: fix a regression with the string rendering of the "UID" RDN
         introduced in 2.2.15. Bug Report 54510. [Kaspar Brand]
       - ab: add TLS1.1/TLS1.2 options to -f switch, and adapt output
         to more accurately report the negotiated protocol. Bug Report 53916.
         [Nicol=E1s Pernas Maradei <nico emutex com>, Kaspar Brand]
       - mod_cache: Explicitly allow cache implementations to cache a 206 Partial
         Response if they so choose to do so. Previously an attempt to cache a 206
         was arbitrarily allowed if the response contained an Expires or
         Cache-Control header, and arbitrarily denied if both headers were missing.
         Currently the disk and memory cache providers do not cache 206 Partial
         Responses. [Graham Leggett]
       - core: Remove unintentional APR dependency introduced with
         Apache 2.2.22. [Eric Covener]
       - core: Use a TLS 1.0 close_notify alert for internal dummy connection if
         the chosen listener is configured for https. [Joe Orton]
       - mod_ssl: Add new directive SSLCompression to disable TLS-level
         compression. Bug Report 53219. [Bj=F6rn Jacke <bjoern j3e de>, Stefan Fri=
       tsch]
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.86 -r1.87 pkgsrc/www/apache22/Makefile
       cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/apache22/PLIST
       cvs rdiff -u -r1.53 -r1.54 pkgsrc/www/apache22/distinfo
Commits on Mar 5, 2013
  1. Pullup ticket #4086.

    tron
    tron committed Mar 5, 2013
  2. Pullup ticket #4086 - requested by kim

    tron
    tron committed Mar 5, 2013
    security/sudo: security update
    
    Revisions pulled up:
    - security/sudo/Makefile                                        1.140 via patch
    - security/sudo/distinfo                                        1.79
    - security/sudo/patches/patch-aa                                1.30
    - security/sudo/patches/patch-af                                1.29
    - security/sudo/patches/patch-ag                                1.20
    - security/sudo/patches/patch-pwutil.c                          deleted
    
    ---
       Module Name:    pkgsrc
       Committed By:   kim
       Date:           Fri Mar  1 14:24:59 UTC 2013
    
       Modified Files:
               pkgsrc/security/sudo: Makefile distinfo
               pkgsrc/security/sudo/patches: patch-aa patch-af patch-ag
       Removed Files:
               pkgsrc/security/sudo/patches: patch-pwutil.c
    
       Log Message:
       Upgrade to address CVE-2013-1775
    
       What's new in Sudo 1.7.10p7?
    
        * A time stamp file with the date set to the epoch by "sudo -k"
          is now completely ignored regardless of what the local clock is
          set to.  Previously, if the local clock was set to a value between
          the epoch and the time stamp timeout value, a time stamp reset
          by "sudo -k" would be considered current.
    
       What's new in Sudo 1.7.10p6?
    
        * The tty-specific time stamp file now includes the session ID
          of the sudo process that created it.  If a process with the same
          tty but a different session ID runs sudo, the user will now be
          prompted for a password (assuming authentication is required for
          the command).
    
       What's new in Sudo 1.7.10p5?
    
        * On systems where the controlling tty can be determined via /proc
          or sysctl(), sudo will no longer fall back to using ttyname()
          if the process has no controlling tty.  This prevents sudo from
          using a non-controlling tty for logging and time stamp purposes.
    
       What's new in Sudo 1.7.10?
    
        * If the user is a member of the "exempt" group in sudoers, they
          will no longer be prompted for a password even if the -k flag
          is specified with the command.  This makes "sudo -k command"
          consistent with the behavior one would get if the user ran "sudo
          -k" immediately before running the command.
    
        * The sudoers file may now be a symbolic link.  Previously, sudo
          would refuse to read sudoers unless it was a regular file.
    
        * The user/group/mode checks on sudoers files have been relaxed.
          As long as the file is owned by the sudoers uid, not world-writable
          and not writable by a group other than the sudoers gid, the file
          is considered OK.  Note that visudo will still set the mode to
          the value specified at configure time.
    
        * /etc/environment is no longer read directly on Linux systems
          when PAM is used.  Sudo now merges the PAM environment into the
          user's environment which is typically set by the pam_env module.
    
        * The initial evironment created when env_reset is in effect now
          includes the contents of /etc/environment on AIX systems and the
          "setenv" and "path" entries from /etc/login.conf on BSD systems.
    
        * On systems with an SVR4-style /proc file system, the /proc/pid/psinfo
          file is now uses to determine the controlling terminal, if possible.
          This allows tty-based tickets to work properly even when, e.g.
          standard input, output and error are redirected to /dev/null.
    
        * The sudoreplay command can now properly replay sessions where
          no tty was present.
    
        * Fixed a race condition that could cause sudo to receive SIGTTOU
          (and stop) when resuming a shell that was run via sudo when I/O
          logging (and use_pty) is not enabled.
Commits on Mar 4, 2013
  1. Pullup ticket #4087.

    tron
    tron committed Mar 4, 2013
  2. Pullup ticket #4087 - requested by tez

    tron
    tron committed Mar 4, 2013
    security/mit-krb5: security patch
    
    Revisions pulled up:
    - security/mit-krb5/Makefile                                    1.65 via patch
    - security/mit-krb5/distinfo                                    1.39
    - security/mit-krb5/patches/patch-plugins_preauth_pkinit_pkinit_crypto_openssl.c 1.1
    
    ---
       Module Name:    pkgsrc
       Committed By:   tez
       Date:           Thu Feb 28 14:19:37 UTC 2013
    
       Modified Files:
               pkgsrc/security/mit-krb5: Makefile distinfo
       Added Files:
               pkgsrc/security/mit-krb5/
       patches:
                   patch-plugins_preauth_pkinit_pkinit_crypto_openssl.c
    
       Log Message:
       Add patch for CVE-2013-1415 (SA52390)
Commits on Mar 2, 2013
  1. Pullup ticket #4085 - requested by obache

    tron
    tron committed Mar 2, 2013
    multimedia/adobe-flash-plugin11: security update
    
    Revisions pulled up:
    - multimedia/adobe-flash-plugin11/Makefile                      1.13
    - multimedia/adobe-flash-plugin11/distinfo                      1.12
    
    ---
       Module Name:	pkgsrc
       Committed By:	obache
       Date:		Thu Feb 28 10:32:37 UTC 2013
    
       Modified Files:
       	pkgsrc/multimedia/adobe-flash-plugin11: Makefile distinfo
    
       Log Message:
       Update adobe-flash-plugin11 to 11.2.202.273 for APSB13-08.
  2. Pullup tickets #4084 and #4085.

    tron
    tron committed Mar 2, 2013