freebsd-ports

Author	SHA1	Message	Date
Thomas Zander	a3377806e5	MFH: r359687 Add vuln entries for mplayer and mencoder for CVE-2014-4610 (integer overflow in ffmpeg's lzo code) Approved by: portmgr(miwi), mentors (implicit)	2014-06-28 13:14:00 +00:00
Koop Mast	b8b480ecc4	MFH: r357772 Document dbus local dos Approved by: portmgr (miwi)	2014-06-14 14:10:12 +00:00
Rene Ladan	b8bfc20b5c	MFH: r357427 Document new vulnerabilities in www/chromium < 35.0.1916.153 Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es> Obtained from: http://www.googlechromereleases.blogspot.nl/ Also merge entries for mozilla, openssl, gnutls (2), mumble (2), and linux-flashplugin Approved by: portmgr (erwin)	2014-06-11 08:30:01 +00:00
Bryan Drewery	f442a5656b	MFH: r356401 - Update to 3.1.25 This fixes a security issue: http://www.gnutls.org/security.html#GNUTLS-SA-2014-3 Security: 027af74d-eb56-11e3-9032-000c2980a9f3	2014-06-05 17:59:31 +00:00
Bryan Drewery	ccf86e45ef	MFH: r356632 Update to 1.0.1h. Approved by: so (ports-security@ blanket) Security: 5ac53801-ec2e-11e3-9cf3-3c970e169bc2	2014-06-05 17:56:13 +00:00
Bryan Drewery	6b910f4097	MFH: r352928 - Security patch Security: CVE-2014-0198 Security: http://seclists.org/oss-sec/2014/q2/232 Security: https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 Obtained from: OpenBSD	2014-06-05 17:55:38 +00:00
Bryan Drewery	7d58e9457e	MFH: r356535 Patch CVE-2014-3466 to prevent memory corruption due to server hello parsing. Skipped PORTREVISION 5 which made several framework updates not needed here. Obtained from: `688ea6428a` Security: CVE-2014-3466, 9733c480-ebff-11e3-970b-206a8a720317	2014-06-05 17:54:33 +00:00
Koop Mast	efd1fe640d	MFH: r355040 Document a bunch of openjpeg vulnabilities. Approved by: portmgr (erwin@)	2014-05-24 17:37:04 +00:00
Antoine Brodin	22a2e91227	MFH: r354745 - Fix build with clang Reported by: pkg-fallout Approved by: portmgr (self)	2014-05-21 14:14:43 +00:00
Antoine Brodin	3ff578725c	MFH: r354691 xmllint from new libxml2 seems to be stricter than it used to be Disable it so that man pages can be generated Submitted by: maintainer Approved by: portmgr (self)	2014-05-21 08:26:43 +00:00
Rene Ladan	2efb4b3692	MFH: r354686 Document new vulnerabilities in www/chromium < 35.0.1916.114 Obtained from: http://googlechromereleases.blogspot.nl/ Approved by: portmgr (erwin)	2014-05-21 05:31:27 +00:00
Johan van Selst	d7ffd4f3a0	MFH: r354346 Add missing run-time dependency Submitted by: des Approved by: portmgr (erwin)	2014-05-17 20:17:25 +00:00
Rene Ladan	03b941c732	MFH: r354037 Describe new vulnerabilities in www/chromium < 34.0.1847.137 Obtained from: http://googlechromereleases.blogspot.nl/ Also merge entries for: - libXfont < 1.4.7_3 - libxml2 < 2.8.0_5 - openssl >= 1.0.1 < 1.0.1_12 - qt4-xml < 4.8.6 - strongswan < 5.1.3 - mohawk < 2.0.12 - chromium < 34.0.1847.132 - mozilla/firefox < 29.0 / 24.5.0 (esr), seamonkey < 2.26, thunderbird < 24.5 Approved by: portmgr (erwin)	2014-05-14 11:41:40 +00:00
Li-Wen Hsu	990ea362d5	MFH: r351931 Document Django 2014-04-21 vulnerabilty MFH: r351932 - Update to 1.6.3 Security: 59e72db2-cae6-11e3-8420-00e0814cab4e MFH: r351933 - Update to 1.5.6 Security: 59e72db2-cae6-11e3-8420-00e0814cab4e MFH: r351934 - Update to 1.4.11 Security: 59e72db2-cae6-11e3-8420-00e0814cab4e MFH: r351935 - Update to 20140423 snapshot Security: 59e72db2-cae6-11e3-8420-00e0814cab4e MFH: r351938 Fix Django package names Submitted by: mat MFH: r351944 - Add missing distinfo [1] - Trim unneeded PYDISTUTILS_PKGNAME Notified by: swills [1] MFH: r352013 Add back pakcage ranges for people have ancient packages Notified by: mat Approved by: portmgr (mat)	2014-04-24 16:20:30 +00:00
Pietro Cerutti	998983a54e	MFH: r351375 - Unbreak by disabling MD2 and RC5 Reported by: pkg-fallout Approved by: portmgr	2014-04-23 12:12:39 +00:00
Bryan Drewery	d24cbd8bd5	MFH: r351191 - fix a 4 year old "use-after-free" problem https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_openssl.patch Obtained from: OpenBSD	2014-04-23 01:42:11 +00:00
Bryan Drewery	217362f6f9	MFH: r350193 Move message to pkg-message	2014-04-08 14:10:00 +00:00
Bryan Drewery	544a9ccda2	MFH: r350192 Add missed warning from r350191	2014-04-08 14:09:19 +00:00
Bryan Drewery	dd836ce6f0	MFH: r350191 - Update to 0.2.18 [1] - Remove need for npm at install time [2] - No longer bundle deps [2] - Add big warning on how little this project should be trusted 4 versions since previous 0.2.0 had security fixes, some of which were regresions from the chain. Non-security-marked fixes not listed here, see changelog [1]. 0.2.4 (2014-03-29) SECURITY NOTICE This release was flawed since it did not pull it dependencies with it. 0.2.7 (2014-03-29) SECURITY BUGFIX The previous releases, v0.2.5 and v0.2.6, had broken verification for website proofs. Fixed with an upgrade to proofs v0.0.15 0.2.13 (2014-04-01) SECURITY BUGFIX Don't show the GPG script used to generated keys when specifying -d, since it contains the users's password 0.2.14 (2014-04-02) SECURITY BUGFIX Sanity-check the server's proof text, in case it's cheating. Check to make sure that the only plausible proof is the one that we made, and that others aren't coming along for the ride. This check comes via keybase-proofs @v0.0.20. Changelog [1]: https://github.com/keybase/node-client/compare/v0.2.0...v0.2.18#diff-2 Submitted by: thierry [2]	2014-04-08 14:08:12 +00:00
Bryan Drewery	35e361a798	MFH: r350612 Add mingw32-openssl.	2014-04-08 14:04:16 +00:00
Bryan Drewery	7bf9b367dc	MFH: r350560 Add more information for OpenSSL bug	2014-04-08 02:28:25 +00:00
Bryan Drewery	f5d856aa59	MFH: r350559 - Sort references - Add link to heartbleed.com that has a lot of useful information	2014-04-08 02:27:43 +00:00
Bryan Drewery	7262a12b70	MFH: r350550 - Document Openssl vulnerabilities Security: CVE-2014-0160 Security: CVE-2014-0076 Security: https://www.openssl.org/news/secadv_20140407.txt	2014-04-07 22:08:12 +00:00
Bryan Drewery	fae1406099	MFH: r350548 - Update to 1.0.1g Changes: - Fix for CVE-2014-0160 - Add TLS padding extension workaround for broken servers. - Fix for CVE-2014-0076 Security: CVE-2014-0160 Security: CVE-2014-0076 Security: https://www.openssl.org/news/secadv_20140407.txt With hat: portmgr	2014-04-07 21:48:07 +00:00
Antoine Brodin	5476a67b95	MFH: r350421 Distfile rerolled with a license file and some examples Approved by: portmgr (self)	2014-04-07 17:10:53 +00:00
Mathieu Arnold	75060a9d29	MFH: r350089 Fix SoftHSM's umask handling (upstream patch) Approved by: maintainer Obtained from: https://github.com/opendnssec/SoftHSMv1/pull/11 Sponsored by: Absolight	2014-04-04 10:48:45 +00:00
Alex Dupre	2d2a20b90e	Fix all mod_php entries. Please don't use the range <range><ge>0</ge></range>.	2014-04-01 08:46:41 +00:00
Antoine Brodin	be56622693	Update to 2.1.0.2	2014-03-31 17:57:50 +00:00
Dirk Meyer	ae1515c459	- add missing LIB_DEPENDS for forbidden option GMP	2014-03-30 19:37:22 +00:00
Carlo Strub	b1240ac8d6	Update to 0.2.7	2014-03-30 15:56:12 +00:00
Pawel Pekala	cdd26ae9f7	Update to version 1.777 PR: ports/188021 Submitted by: maintainer	2014-03-29 16:41:25 +00:00
Lars Engels	45e8cac944	Add an entry for CVE-2014-2386	2014-03-29 12:00:53 +00:00
Sunpoet Po-Chuan Hsieh	8041a4eac3	- Update to 0.14 Changes: http://search.cpan.org/dist/IO-Async-SSL/Changes	2014-03-29 08:54:19 +00:00
Brendan Fabeny	8fbf37ec53	Add an entry for CVE-2014-2270, and correct the indentation in the entry for CVE-2014-1943	2014-03-29 08:30:51 +00:00
Gabor Pali	8b1c971497	- Reroll and update bootstrap Haskell compilers to GHC 7.6.3 on 8.x and 9.x in order to prevent run-time breakage after the recent changes in libiconv - Bump port revision for lang/ghc and all dependents, as a consequence Obtained from: FreeBSD Haskell	2014-03-29 00:52:54 +00:00
Dirk Meyer	2f6d449998	- reset GREP_OPTIONS PR: 188030	2014-03-28 18:23:44 +00:00
Alex Dupre	b175cf634e	Fix mod_php5 entry.	2014-03-28 12:11:17 +00:00
Bryan Drewery	203239ffae	Add new port security/keybase. Keybase.io CLI client. Keybase will be a public directory of publicly auditable public keys. All paired, for convenience, with unique usernames. WWW: https://keybase.io	2014-03-28 00:00:42 +00:00
Matthias Andree	7b74753e36	Sort reference entries in 36f9ac43-b2ac-11e3-8752-080027ef73ec mail/trojita information leak. This should really be in the DTD or at least "make validate" if it's official requirement... Submitted by: remko	2014-03-27 19:50:32 +00:00
Renato Botelho	6161a9f3c9	Support stage	2014-03-27 18:37:25 +00:00
Emanuel Haupt	e0a17d558f	- Support staging - Use curly brackets - Remove an obsolete warning about potentially overwriting existing binaries	2014-03-27 12:53:16 +00:00
Antoine Brodin	0c186dcad5	- Stage support - Use USE_OCAMLFIND_PLIST instead of doing it manually	2014-03-26 22:36:46 +00:00
Antoine Brodin	1809968b52	Stage support	2014-03-26 21:53:01 +00:00
Antoine Brodin	b0f417a9b5	Stage support	2014-03-26 21:32:39 +00:00
Alex Dupre	7c2af9fa63	Update to 0.9.35 release with support for PHP 5.4+. PR: ports/187925 Submitted by: Reko Turja <reko.turja@liukuma.net>	2014-03-26 13:20:50 +00:00
Alex Dupre	3a4c21aab6	Update to v13.11.08 release.	2014-03-26 13:18:13 +00:00
Hajimu UMEMOTO	0e27ad08e5	Fix build with enabling SQLITE on recent 10-STABLE and later. Spotted by: Marc Fournier <scrappy__at__hub.org>	2014-03-25 14:55:39 +00:00
Guido Falsi	cabf98d829	Bump PORTREVISION, forgotten in previous commit. Noticed by: mat	2014-03-25 12:15:53 +00:00
Dirk Meyer	596ac59201	- update to 1.0.23 Reported by: Benjamin Podszun	2014-03-25 11:05:16 +00:00
Guido Falsi	f11cff3167	- Really disable iconv support when LIBICONV option is not selected [1] This fixes build on 10 and head when libiconv is installed and LIBICONV option is disabled While here: - Convert to USES gmake and USES tar [2] - Convert to new LIB_DEPENDS format [2] Reported by: Mike Harding <mvharding@gmail.com> (via email) Approved by: portmgr (bapt, implicit) [1] Approved by: implicit portmgr@ blanket approval [2]	2014-03-25 07:24:41 +00:00

1 2 3 4 5 ...

19014 commits