kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
389698 commits 42 branches 80 tags 2.7 GiB
Commit graph

22865 commits

Author SHA1 Message Date
Mathieu Arnold
84d968fb05 USES=shebangfix. 
Sponsored by:	Absolight
 2016-03-01 14:40:41 +00:00
Matthew Seaman
5868371f68 Document the latest round of phpMyAdmin vulnerabilities. Lots of XSS 
problems, and a man-in-the-middle attack on API calls to GitHub.
 2016-03-01 07:30:20 +00:00
Jason Unovitch
7f1d8e21bf Document wireshark multiple vulnerabilities 
Security:	CVE-2016-2522
Security:	CVE-2016-2523
Security:	CVE-2016-2524
Security:	CVE-2016-2525
Security:	CVE-2016-2526
Security:	CVE-2016-2527
Security:	CVE-2016-2528
Security:	CVE-2016-2529
Security:	CVE-2016-2530
Security:	CVE-2016-2531
Security:	CVE-2016-2532
Security:	https://vuxml.FreeBSD.org/freebsd/45117749-df55-11e5-b2bd-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/42c2c422-df55-11e5-b2bd-002590263bf5.html
 2016-03-01 03:00:41 +00:00
Mikhail Teterin
94506ae216 security/pdfcrack: update to 0.15 (redo r409827) 2016-03-01 02:53:06 +00:00
Mikhail Teterin
9514d769d3 Back out r409827 to restore old history 2016-03-01 02:49:56 +00:00
Mikhail Teterin
8140c328dd Add a tool for brute-force cracking PDF-passwords (both user and 
owner ones).
 2016-02-29 21:22:48 +00:00
Bryan Drewery
32641bdf90 - Update to 7.2p1 
- Mark X509 and KERB_GSSAPI as BROKEN.

Changelog: http://www.openssh.com/txt/release-7.2

With help from:	brnrd
 2016-02-29 18:36:57 +00:00
Raphael Kubo da Costa
fe2e23cbdd Update security/pinentry and slave ports to 0.9.7. 
From pinentry's NEWS file:
  Noteworthy changes in version 0.9.7 (2015-12-07)
  ------------------------------------------------
  * Fix regressions in the Qt pinentry.
  * Fix minor problems pinnetyr-tty.
  * New option --invisible-char.

  Noteworthy changes in version 0.9.6 (2015-09-10)
  ------------------------------------------------
  * Many improvements for the dump tty pinentry.
  * Use the standard GTK+-2 text entry widget instead of our outdated
    and back-then-it-was-more-secure text widget.
  * Use the standard Qt text widget.
  * Allow for building a static Qt variant.
  * Fix regression in w32 pinentry.

Compare to 0.9.5, the biggest change from a ports perspective is improved
support for libc++ in pinentry-qt, as upstream got rid of its custom entry
widget that only worked with libstdc++. This allows the Makefile to be
simplified and pinentry-qt4 to be built with libc++.

There is also an option to build a Qt5-based version of pinentry, but I did
not add the new port in this patch.

PR:		207567
Approved by:	makc (maintainer)
 2016-02-29 18:35:00 +00:00
Dmitry Marakasov
cc6c7225d9 - Add LICENSE 
- Cosmetic fixes, remove unused LIBNET_CONFIG line
- Switch to options helpers
 2016-02-29 17:20:51 +00:00
Mathieu Arnold
f350bae837 Add acme-tiny, a tiny script to issue and renew TLS certs from Let's Encrypt. 
Sponsored by:	Absolight
 2016-02-29 17:11:11 +00:00
Bryan Drewery
bdd004278b Remove security/openssh-portable-devel since it is outdated, insecure, 
and no longer needed.
 2016-02-29 16:51:11 +00:00
Wen Heping
b64292a8c2 - Update DEPENDS 
Submitted by:	rkoberman@gmail.com(via email)
Approved by:	maintainer(implicity)
 2016-02-29 02:22:42 +00:00
Steve Wills
47904e7568 security/honeybadger: Update to 0.0.0.2016022301 
PR:		207442
Submitted by:	Shawn Webb <shawn.webb@hardenedbsd.org> (maintainer)
 2016-02-29 01:25:31 +00:00
Sergey A. Osokin
d2953d7885 Update www/tomcat7 version. 2016-02-28 22:50:53 +00:00
Mark Felder
61d4dc226a Update tomcat vuxml entry 
CVE-2015-5346 does not affect Tomcat 6.
 2016-02-28 22:10:09 +00:00
Mark Felder
23c34078e9 Document additional tomcat vulnerabilities 
Security:	CVE-2015-5346
Security:	CVE-2015-5351
Security:	CVE-2016-0763
 2016-02-28 21:44:55 +00:00
Mark Felder
528172af9b Update documented tomcat vulnerabiltiies 2016-02-28 21:37:30 +00:00
Mark Felder
79705af288 Document tomcat vulnerabilities 
Security:	CVE-2016-0714
 2016-02-28 20:50:20 +00:00
Palle Girgensohn
e2f67a8795 Update xerces-c3 and shibboleth to latest versions 
The update in xerces fixes a buffer overflow security problem that exposes the
possibility of a denial of service attack, and could conceivably result in
remote code execution.

Users of Shibboleth or any other service usingi the xerces-c3 xml library are
recommended to upgrade promptly.

URL:	http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
Security:	CVE-2016-0729
 2016-02-28 18:55:43 +00:00
Edward Tomasz Napierala
3c451d4993 Update security/certificate-transparency to 20160102. 
Sponsored by:	The FreeBSD Foundation
 2016-02-28 18:30:44 +00:00
Palle Girgensohn
c2db06e6ae Document vulnerability i xerces-c3 
Security:	CVE-2016-0729
 2016-02-28 18:15:13 +00:00
Jason Unovitch
a9d78963ca Revise Squid entry with CVE assignment and SQUID-2016:2 advisory reference 
PR:		207454
Reported by:	Pavel Timofeev <timp87@gmail.com>
Security:	CVE-2016-2569
Security:	CVE-2016-2570
Security:	CVE-2016-2571
Security:	https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html
 2016-02-28 00:50:12 +00:00
Mark Felder
13b83ba4dd Document django vulnerability 
Security:	CVE-2016-2048
 2016-02-28 00:48:27 +00:00
Jason Unovitch
79c6d5f9f4 Document Xen Security Advisories (XSAs 167, 168, 170) 
Security:	CVE-2016-1570
Security:	CVE-2016-1571
Security:	CVE-2016-2271
Security:	https://vuxml.FreeBSD.org/freebsd/7ed7c36f-ddaf-11e5-b2bd-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/80adc394-ddaf-11e5-b2bd-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/81f9d6a4-ddaf-11e5-b2bd-002590263bf5.html
 2016-02-28 00:29:10 +00:00
Mark Felder
1e90f8e2c2 Document moodle vulnerabilities 
Security:	CVE-2016-0724
Security:	CVE-2016-0725
 2016-02-28 00:25:10 +00:00
Raphael Kubo da Costa
92e49b279b Update to 1.4.0. 
PR:		207520
Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
 2016-02-27 23:49:23 +00:00
Raphael Kubo da Costa
b088ca94eb Update to 1.4.0. 
PR:		207519
Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
 2016-02-27 23:47:07 +00:00
Kurt Jaeger
42846e4f09 security/openvpn-devel: 201548 -> 201607 
- update to the latest development snapshot

PR:		207489
Submitted by:	ecrist@secure-computing.net (maintainer)
 2016-02-27 20:28:25 +00:00
Kurt Jaeger
5b8cf315a9 security/letsencrypt.sh: periodic script needs to find curl in $PATH 
PR:		207532
Reported by:	mjl@luckie.org.nz
Submitted by:	Sascha Holzleiter <sascha@root-login.org> (maintainer)
 2016-02-27 17:29:05 +00:00
Hajimu UMEMOTO
342be81f93 Move PLIST_FILES for plugins into cyrus-sasl2/Makefile.common. 2016-02-27 17:02:11 +00:00
Baptiste Daroussin
1e9d509cb7 When linking nss uses plain CC and does not pass CFLAGS 
Append the path to the ports binutils on amd64 to CC so linking actually uses
the expected binutils

This fixes build with binutils 2.26
 2016-02-27 13:39:40 +00:00
TAKATSU Tomonari
ba0d7d26ac - Update to 0.9.2 2016-02-27 12:12:45 +00:00
Hajimu UMEMOTO
90e622d893 Move the common part of the cyrus-sasl2 separated ports into 
Makefile.common, to make further maintenance easier.
 2016-02-27 05:15:57 +00:00
Mark Felder
fe86f9e06b Document multimedia/pitivi vulnerability 
Security:	CVE-2015-0855
 2016-02-26 16:16:21 +00:00
Mark Felder
de92a33931 Document graphics/giflib vulnerability 
Security:	CVE-2015-7555
 2016-02-26 15:50:41 +00:00
Kubilay Kocak
755f7c8540 security/py-{acme,letsencrypt}: Update to 0.4.0 
Common:

- Update PORTVERSION and distinfo checksum (0.4.0) [1]
- Update and sort RUN_DEPENDS to match setup.py:install_requires

security/py-acme:

- Update COMMENT to match setup.py:description=
- Add LICENSE_FILE
- Remove spurious USES=gmake dependency

PR:		207306 [1]
Submitted by:	Piotr Kubaj <pkubaj anongoth pl> [1]
Approved by:	koobs (maintainer, letsencrypt), cpm (maintainer, acme)
 2016-02-26 12:41:45 +00:00
Hajimu UMEMOTO
629168f305 Revert r409585 to avoid dependency loop. 
I've completely forgot this issue.

PR:		207512
 2016-02-26 11:27:30 +00:00
Kubilay Kocak
50798bfc7e security/py-oauthlib: Update 1.0.3 
- Update PORTVERSION and distinfo checksum (1.0.3)
- Update COMMENT to more closely match setup.py:description=
- Update TEST dependencies and test target
- Remove TESTS option bits accordingly
- Move mock to only Python 2.x TEST_DEPENDS
- Enable NO_ARCH (architecture independent)
- Add LICENSE_FILE
 2016-02-26 10:53:49 +00:00
Kubilay Kocak
e19decc67a security/py-libnacl: Update to 1.4.4 
- Update PORTVERSION and distinfo checksum (1.4.4)
- Update test target
- Enable NO_ARCH (architecture independent)
- Regenerate setup.py
 2016-02-26 09:17:52 +00:00
Kubilay Kocak
e450c301ed security/py-cpe: Update to 1.2.0 
- Update PORTVERSION and distinfo checksum (1.2.0)
- Enable building with Python 3.x
- Correct LICENSE (LGPL3)
- Enable NO_ARCH (architecture independent)
- Update COMMENT to match setup.py:summary=
- Add test target

Changes:

  https://github.com/nilp0inter/cpe/blob/develop/NEWS.txt
 2016-02-26 09:02:39 +00:00
Hajimu UMEMOTO
6d181df987 OPTIONSfy ANONYMOUS authentication. 
On by default.
 2016-02-26 08:59:39 +00:00
Dirk Meyer
64e12330a8 - set dependency to libmilter, bump PORTREVISION 2016-02-26 08:47:18 +00:00
Hajimu UMEMOTO
718dd9ecd9 Add OPTIONS for the separeted cyrus-sasl2 ports. 2016-02-26 07:51:37 +00:00
Hajimu UMEMOTO
4bc3dd8ab6 Use gssapi related descriptions in bsd.options.desc.mk. 2016-02-26 06:51:47 +00:00
Mark Felder
f5e88e1857 Document drupal vulnerabilities 
PR:		207467
Security:	https://www.drupal.org/SA-CORE-2016-001
 2016-02-25 15:36:20 +00:00
Dmitry Marakasov
a274b094df - Clarify LICENSE 
- Add LICENSE_FILE
- Fix build with disabled NLS
 2016-02-25 14:16:10 +00:00
Li-Wen Hsu
79918e1a85 Document Jenkins Security Advisory 2016-02-24 2016-02-25 05:25:10 +00:00
Mark Felder
4e551fb530 vuxml: Update entry for graphics/jasper 
These vulnerabilities are resolved in 1.900.1_16

Security:	http://www.vuxml.org/freebsd/006e3b7c-d7d7-11e5-b85f-0018fe623f2b.html
Security:	http://www.vuxml.org/freebsd/f1692469-45ce-11e5-adde-14dae9d210b8.html
 2016-02-24 20:27:40 +00:00
Jason Unovitch
90bc9b39d5 Document squid remote DoS in HTTP response processing 
PR:		207454
Reported by:	Pavel Timofeev <timp87@gmail.com>
Security:	https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html
 2016-02-24 11:46:09 +00:00
Hajimu UMEMOTO
c0f7910237 Add Cyrus SASL SRP authentication plugin. 
Requested by:	Kyle Amon <amonk__at__backwatcher.com>
 2016-02-24 10:39:50 +00:00
Dmitry Marakasov
cb91d14ef6 - Switch to options helpers 2016-02-23 23:25:00 +00:00
Martin Wilke
448b4fd87f - Update to 1.228 
PR:		206415
Submitted by:	maintainer
 2016-02-23 10:41:06 +00:00
Martin Wilke
86fcdba1b0 - Update to 1.2.0 2016-02-23 10:00:49 +00:00
Danilo Egea Gondolfo
9ffaee51a2 - Update to 20160222 2016-02-23 02:29:47 +00:00
Wen Heping
a14de550f1 - Update to 0.11 
Changes: http://search.cpan.org/src/ETHER/Crypt-Random-Source-0.11/Changes

PR:		207408
Submitted by:	dereckson@espace-win.org(maintainer)
 2016-02-23 01:39:20 +00:00
Jan Beich
565591eddf security/nss: update to 3.22.1 
Changes:	https://hg.mozilla.org/projects/nss/rev/4f727a27da00
MFH:		2016Q1 (maybe security)
 2016-02-22 14:16:50 +00:00
Jason Unovitch
741c92cec3 security/afl: update 2.02b -> 2.03b 
PR:		207391
Submitted by:	Tobias Kortkamp <t@tobik.me> (maintainer)
 2016-02-22 11:24:41 +00:00
Jason Unovitch
5f7a18d2fd security/keepassx2: update 2.0 -> 2.0.2 
PR:		207126
Submitted by:	Thibault Payet <monwarez@mailoo.org>
Approved by:	Eric Camachat <eric@camachat.org> (maintainer)
 2016-02-22 11:23:35 +00:00
Jason Unovitch
6add66db19 Document bsh remote code execution vulnerability 
PR:		207334
Submitted by:	pfg (maintainer)
Security:	CVE-2016-2510
Security:	https://vuxml.FreeBSD.org/freebsd/9e5bbffc-d8ac-11e5-b2bd-002590263bf5.html
 2016-02-21 15:25:57 +00:00
Jason Unovitch
8c080fd580 Document libsrtp DoS via crafted RTP header vulnerability 
PR:		207003
Reported by:	pi
Security:	CVE-2015-6360
Security:	https://vuxml.FreeBSD.org/freebsd/6171eb07-d8a9-11e5-b2bd-002590263bf5.html
 2016-02-21 14:55:47 +00:00
Jason Unovitch
42785e7bfc Respace entry so `make validate' passes 2016-02-21 14:54:03 +00:00
Dirk Meyer
bc45e02be0 - add jasper -- multiple vulnerabilities 
- fix version for CVE-2015-5221
 2016-02-20 14:01:59 +00:00
Kurt Jaeger
14165262f0 security/afl: 1.96.b -> 2.02b 
Changes:
- Add new LLVM option which adds afl-clang-fast and afl-clang-fast++.
  Enabled by default, but broken on FreeBSD 9.
- The PLOT_SUPPORT option was broken in r405132 because of a typo in
  its RUN_DEPENDS.  Gnuplot is only required by afl-plot which will
  quit with an error alerting the user if it isn't installed, so
  instead of fixing the typo we remove it instead.  Added a
  pkg-message suggesting to install gnuplot if afl-plot is wanted.

PR:		207236
Submitted by:	Tobias Kortkamp <t@tobik.me> (maintainer)
 2016-02-20 08:00:53 +00:00
Steve Wills
dba3e74d6b security/honeybadger: add port 
PR:		207315
Submitted by:	Shawn Webb <shawn.webb@hardenedbsd.org> (with modifications)
 2016-02-19 21:38:23 +00:00
Bernard Spil
b6425f1b0f security/letsencrypt.sh: Update to 2016-02-17 
- Update to latest version
  - Includes upstream fix for cleanup command [1]
  - Add PORTDOCS

https://github.com/lukas2511/letsencrypt.sh/pull/137 [1]

Reviewed by:	sascha_root-login.org (maintainer), koobs (mentor)
Approved by:	sascha_root-login.org (maintainer), koobs (mentor)
Differential Revision:	D5297
 2016-02-19 19:30:35 +00:00
Pietro Cerutti
3aa486ecf3 security/gnupg: ldap module needs gcrypt too 2016-02-19 18:06:14 +00:00
Pietro Cerutti
4970f902db security/gnupg: fix build when NLS is disabled 2016-02-19 16:38:36 +00:00
Raphael Kubo da Costa
97dab04820 Regenerate distinfo information for gnupg-2.1.11.tar.bz2.sig. 
This fixes `make fetch'.

The actual hash and sizes are different, as mentioned in the associated PR.
I have also checked it manually, and verified the tarball's signature with
`gpg --verify gnupg-2.1.11.tar.bz2.sig gnupg-2.1.11.tar.bz2'.

I don't understand how this happened, but it looks similar to bug 202312.

PR:		207327
Submitted by:	Trond.Endrestol@ximalas.info
 2016-02-19 11:12:53 +00:00
Jun Kuriyama
90211c4907 Update to 2.1.11 (minor fixes, with upstream patch). 2016-02-19 06:25:34 +00:00
Mark Felder
3d9bd39ed6 Document that graphics/silgraphite is also vulnerable 
Security:	http://www.vuxml.org/freebsd/8f10fa04-cf6a-11e5-96d6-14dae9d210b8.html
 2016-02-18 23:08:33 +00:00
Rene Ladan
c6919a4dd4 Document new vulnerability in www/chromium < 48.0.2564.116 
Obtained from:	http://googlechromereleases.blogspot.nl/2016/02/stable-channel-update_18.html
 2016-02-18 21:23:58 +00:00
Martin Wilke
5a67738f00 - Ignore php70 
- While here remove old php gruft
 2016-02-18 14:47:05 +00:00
Dmitry Marakasov
a3eb97e2e1 - Switch to options helpers 
- Add NO_ARCH
 2016-02-18 09:48:06 +00:00
Jason Unovitch
5c2bcb3929 Document Linux glibc crash/code execution via crafted DNS responses 
PR:		207272
Submitted by:	Johannes Jost Meixner <johannes@meixner.dk>
Security:	CVE-2015-7547
Security:	https://vuxml.FreeBSD.org/freebsd/2dd7e97e-d5e8-11e5-bcbd-bc5ff45d0f28.html
 2016-02-18 03:04:39 +00:00
Jason Unovitch
1d91359d70 Revise earlier Squid entry with official Squid SA as a reference 
PR:		203186
Security:	https://vuxml.FreeBSD.org/freebsd/d3a98c2d-5da1-11e5-9909-002590263bf5.html
 2016-02-18 02:20:24 +00:00
Jason Unovitch
6f4e84f84d Document Squid SSL/TLS processing remote DoS 
PR:		207294
Security:	CVE-2016-2390
Security:	https://vuxml.FreeBSD.org/freebsd/56562efb-d5e4-11e5-b2bd-002590263bf5.html
 2016-02-18 02:16:14 +00:00
Matthias Andree
ee8b19e7e6 Install openssl-1.0.cnf as well (EasyRSA-3.0 specific). 
Originally install it as ${DATADIR}/*.example and mark it as @sample in
pkg-plist, so that it gets copied to the real file name on installation,
and will not be removed if modified by the user.

Submitted by:	Michele Possamai (e-mail kept private)
 2016-02-17 20:36:46 +00:00
Mark Felder
2c0d4e29a8 Document databases/adminer vulnerabilities 2016-02-17 17:23:24 +00:00
Olivier Cochard
dacef126af Update my email for ports I maintain 
Approved by:	jadawin
Differential Revision:	https://reviews.freebsd.org/D5309
 2016-02-17 10:42:08 +00:00
Mathieu Arnold
50e9cc8f2a lang/p5-Scalar-Util-Numeric was already there at devel/p5-Scalar-Util-Numeric. 
Pointy hat to:	adamw
Sponsored by:	Absolight
 2016-02-17 09:35:54 +00:00
Adam Weinberger
33329a7b29 Add security/p5-Crypt-XTEA, and its dependency lang/p5-Scalar-Util-Numeric. 
Crypt::XTEA implements the fast and light XTEA cipher that supports the
Crypt::CBC interface.

https://metacpan.org/pod/Crypt::XTEA

Scalar::Util::Numeric implements some scalar classification routines
with an XS module.

https://metacpan.org/pod/Scalar::Util::Numeric
 2016-02-17 04:23:00 +00:00
Jason Unovitch
4afaf01c5f security/strongswan: enable options to increase usefulness of default pkg 
- Enable PKI, SWANCTL, and VICI options (no external dependencies)
- Document IMPLIES dependency on VICI for SWANCTL; mention in SWANCTL_DESC
- Bump PORTREVISION

PR:		205438
Reported by:	Nick B <nicblais@clkroot.net>
Submitted by:	strongswan@Nanoteq.com (maintainer)
 2016-02-17 02:34:05 +00:00
Jung-uk Kim
8fee180476 Correct CVE numbers for recent Flash vulnerabilities. 2016-02-16 22:48:43 +00:00
Adam Weinberger
027c34e3b9 Add LICENSE info, and donate to the perl collective. 2016-02-16 18:08:42 +00:00
Bernard Spil
2428ad4471 security/letsencrypt.sh: Update to 2015-02-15 
Reviewed by:	feld (mentor)
Approved by:	feld (mentor)
Differential Revision:	D5288
 2016-02-16 08:15:53 +00:00
Carlos J. Puga Medina
071a12b872 - Update libgcrypt to 1.6.5 
- Change LICENSE since support has been added for "or later" variants of GNU licenses.
- Remove needless patch-cipher_salsa20.c

Changes:
  https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html

PR:		207107
Approved by:	junovitch (mentor)
 2016-02-16 02:52:56 +00:00
Carlos J. Puga Medina
874cf54aae Document libgcrypt side-channel attack on ECDH 
PR:		207107
Security:	CVE-2015-7511
Security:	https://vuxml.FreeBSD.org/freebsd/95b92e3b-d451-11e5-9794-e8e0b747a45a.html
 2016-02-16 02:40:27 +00:00
Jason Unovitch
ef7d4b4805 Document xdelta3 buffer overflow vulnerability 
PR:		207174
Security:	CVE-2014-9765
Security:	https://vuxml.FreeBSD.org/freebsd/f1bf28c5-d447-11e5-b2bd-002590263bf5.html
 2016-02-16 01:00:25 +00:00
Bernard Spil
801f2d0c7a security/letsencrypt.sh: Fix periodic script 
- Bump portrevision to force rebuild/-install

Differential Revision:	D5264
 2016-02-15 19:25:47 +00:00
Martin Wilke
34b7e601d3 - Update Description from previous commit. 
PR:		207207
Suggested by:   Jan Beich
 2016-02-15 15:31:03 +00:00
Martin Wilke
d25d6f42dc - Document firefox -- Same-origin-policy violation using Service Workers with plugins 
PR:		20720
Submitted by:	Christoph Moench-Tegeder
 2016-02-15 15:18:25 +00:00
Martin Wilke
e630e52bb5 Welcome php 7.0.3 
Changelog:
    http://php.net/ChangeLog-7.php#7.0.0
    http://php.net/ChangeLog-7.php#7.0.1
    http://php.net/ChangeLog-7.php#7.0.2
    http://php.net/ChangeLog-7.php#7.0.3

I'd like to thanks:
  Kurt Jaeger
  Matthias Breddin
  Rainer Duffner
  Victor van Vlaardingen
  Torsten Zuehlsdorff
  Franco Fichtner
  and all helpers and testers from ports@.
 2016-02-15 14:34:26 +00:00
Bernard Spil
1f0ef506ec security/letsencrypt.sh: Fix periodic script 
- Add missing `then`

Reviewed by:	sascha_root-login.org (maintainer), feld (mentor)
Approved by:	sascha_root-login.org (maintainer), feld (mentor)
Differential Revision:	D5264
 2016-02-15 14:21:51 +00:00
Jason Unovitch
8b78c7a2c4 Add CVE to the OpenSSH 7.0.p1 entry and also mention CVE-2015-6565 
Security:	CVE-2015-6563
Security:	CVE-2015-6564
Security:	CVE-2015-6565
Security:	https://vuxml.FreeBSD.org/freebsd/2920c449-4850-11e5-825f-c80aa9043978.html
 2016-02-14 21:18:39 +00:00
Rene Ladan
d5ce1f73bc Remove PHP 5.4 from the Ports Tree, it expired upstream in 2015-Q3 and the 
ports expired last month.

Adjust Mk/bsd.php.mk

Reviewed by:	antoine, marino
Approved by:	portmgr (antoine)
Differential Revision:	https://reviews.freebsd.org/D5278
 2016-02-14 19:21:31 +00:00
Palle Girgensohn
04917a1bbd Correct URL. 2016-02-14 19:11:35 +00:00
Koop Mast
b93a80c992 The FreeBSD GNOME team proudly presents GNOME 3.18 for FreeBSD. 
The offical GNOME 3.18 release notes can be found at
https://help.gnome.org/misc/release-notes/3.18/

This update doesn't contain the glib/gtk c++ bindings which will
be done in a another update due to the requirement on c++11 and the
amount of fallout this probably will give.

GDM is still at version 3.16 due to some issues.

Bump mate-themes to use the gtk 3.18 version of the themes.

Thanks to Antoine Brodin for running the exp-runs.

This release was made possible by the following people:
  Gustau Perez
  Ting-Wei_Lan

PR:	207006
 2016-02-14 18:57:53 +00:00
Bernard Spil
196391f259 security/letsencrypt.sh: Update to 2016-02-12 
- Update to 2016-02-16
  - Add options for ZSH
  - Change periodic script to weekly
    - Add unprivileged renewal option
    - Add privileged post-script option

PR:		206976
Reviewed by:	feld (mentor), koobs (mentor), sascha (maintainer)
Approved by:	sascha (maintainer), feld (mentor)
Differential Revision:	D5264
 2016-02-14 18:29:04 +00:00
Rene Ladan
90c4f1a64f Deprecate ports that are incompatible with both PHP 5.5 and PHP 5.6 and set 
the expiration date to next month:

devel/pecl-inclued
security/pecl-taint
www/eaccelerator
www/pecl-APC

Submitted by:	antoine (via IRC)
Approved by:	portmgr (antoine)
 2016-02-14 17:32:17 +00:00
Martin Wilke
4855a7aade - Fix formating 2016-02-14 14:46:06 +00:00
Bernard Spil
2baf23e640 security/vuxml: Add entry for www/nghttp2 < 1.7.1 
- Out of memory error in nghttpd, nghttp, and libnghttp2_asio
    applications

Reviewed by:	feld (secteam, mentor)
Approved by:	feld (secteam, mentor)
Depends on:	D5218
Differential Revision:	D5271
 2016-02-14 14:39:55 +00:00
Jason Unovitch
d5cb36ef78 Document cross-site scripting vulnerabilities in Horde Groupware 
Security:	CVE-2015-8807
Security:	CVE-2016-2228
Security:	https://vuxml.FreeBSD.org/freebsd/3aa8b781-d2c4-11e5-b2bd-002590263bf5.html
 2016-02-14 02:59:02 +00:00
Jason Unovitch
0a341f8d35 Fix dnscrypt-proxy reference URL (ihttps -> https) 2016-02-14 01:55:27 +00:00
Palle Girgensohn
5e11290bff Document security problems in PostgreSQL 
Security:	CVE-2016-0773, CVE-2016-0766
 2016-02-13 22:35:55 +00:00
Jason Unovitch
a41cc39564 Reflect QEMU DoS vulnerabilities now fixed in qemu-sbruno/qemu-user-static 
PR:		205813
Security:	CVE-2015-8345
Security:	CVE-2015-8567
Security:	CVE-2015-8568
Security:	CVE-2015-8613
Security:	CVE-2015-8619
Security:	CVE-2015-8701
Security:	https://vuxml.FreeBSD.org/freebsd/1384f2fd-b1be-11e5-9728-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/62ab8707-b1bc-11e5-9728-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/9ad8993e-b1ba-11e5-9728-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/b3f9f8ef-b1bb-11e5-9728-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/b56fe6bb-b1b1-11e5-9728-002590263bf5.html
 2016-02-13 22:28:41 +00:00
Adam Weinberger
2c3a83cd5e Update to 0.160410. Note that the dependencies have all changed for this 
version. Crypt::PBKDF2 switched from Moose to Moo/Type::Tiny/strictures.
Also, register a Digest::SHA3 dependency.

Changes: https://metacpan.org/changes/distribution/Crypt-PBKDF2
 2016-02-13 18:17:28 +00:00
Adam Weinberger
7ef62312f8 Add security/p5-Digest-SHA3, a NIST SHA3 implementation and perl interface. 2016-02-13 18:12:24 +00:00
Dirk Meyer
6d63d735ca - mark options ASM broken on sparc64 
PR:		204527
 2016-02-13 09:48:26 +00:00
Dirk Meyer
15ff0ca966 - split libmilter from sendmail into a seperate port 
- bump PORTREVISION
Submitted by:	matthew (Matthew Seaman)
 2016-02-13 09:03:15 +00:00
Ruslan Makhmatkhanov
437bc2aeb5 security/py-python-openid: adopt port 
- switch to CHEESESHOP and update checksum (no code changes, metadata only)
- take maintainership
- add LICENSE, NO_ARCH, sort USE_PYTHON
- update WWW urls
 2016-02-12 21:57:20 +00:00
Ruslan Makhmatkhanov
3abcf03666 security/py-openid: rename to security/py-python-openid 
Rename to match upstream name.
 2016-02-12 21:53:57 +00:00
Ruslan Makhmatkhanov
5609a922c3 security/py-keyring: update to 8.3 
- update to 8.3

Since version 8.0, they have split some of the backends into a separate package
(security/py-keyrings.alt), so change this port options accordingly.

PR:		207044
Submitted by:	Douglas Thrift <douglas@douglasthrift.net> (maintainer)
 2016-02-12 21:05:59 +00:00
Ruslan Makhmatkhanov
74aa54bc02 Alternate keyring backend implementations for use with the Python keyring 
package.

WWW: https://pypi.python.org/pypi/keyrings.alt

PR:		207046
Submitted by:	Douglas Thrift <douglas@douglasthrift.net>
 2016-02-12 21:03:10 +00:00
Ruslan Makhmatkhanov
4b01320702 security/py-pyscard: update to 1.9.2 
PR:		206994
Submitted by:	mp39590@gmail.com (maintainer)
 2016-02-12 20:43:10 +00:00
Raphael Kubo da Costa
c35f72ad71 Update to 2.31. 
Release notes: http://keepass.info/news/n160109_2.31.html

PR:		206787
Submitted by:	Ben Woods <woodsb02@gmail.com> (maintainer)
 2016-02-12 13:03:24 +00:00
Martin Wilke
8fdfbff602 - Update to 4.6.0 
PR:		206897
Submitted by:	ports fury
 2016-02-12 10:21:29 +00:00
Raphael Kubo da Costa
9437082cd0 Update to 5.6. 
v5.6:
- Added up/down example script for replacing default route (thanks to Zhuoyun
  Wei).
- Fixed documentation bug: .info was not installing.

v5.5:
- Ability to work on 32-bit platforms. sync/atomic library has some specific
  issues that caused panics on previous versions.

PR:		206979
Submitted by:	Sergey Matveev <stargrave@stargrave.org> (maintainer)
 2016-02-12 09:41:51 +00:00
Ruslan Makhmatkhanov
aea0a2a722 security/py-flask-httpauth: update to 2.7.1 2016-02-12 08:01:02 +00:00
Philippe Audeoud
ce024c87e0 - Update to 2.024 2016-02-11 08:33:08 +00:00
Koop Mast
67bdc6b065 Document feb 8, 2016 flash vulnerabilities. 
Security:	CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967,
		CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971,
		CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,
		CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979,
		CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983,
		CVE-2016-0984, CVE-2016-0985
 2016-02-10 13:08:13 +00:00
Martin Wilke
2e71d454f2 - Update to 4.0.2 
PR:		206792
Submitted by:	maintainer
 2016-02-10 02:08:09 +00:00
Mark Felder
f73c543b24 Document dns/dnscrypt-proxy vulnerability 
PR:		206938
 2016-02-10 00:10:40 +00:00
Mark Felder
fd96ddd26b Fix vuxml to pass make validate 
An errant newline from the last entry caused "Error 1"
 2016-02-10 00:07:45 +00:00
Rene Ladan
944ad1c2ef Document new vulnerabilities in www/chromium < 48.0.2564.109 
Obtained from:	http://googlechromereleases.blogspot.nl/2016/02/stable-channel-update_9.html
 2016-02-09 23:11:37 +00:00
Mark Felder
2c54e17926 Update graphics/graphite2 vulnerability details 
I found a more comprehensive blog entry by Talos
 2016-02-09 20:30:42 +00:00
Mark Felder
f0457c9544 Document graphics/graphite2 vulnerability 
Security:	CVE-2016-1521
 2016-02-09 20:23:32 +00:00
Mark Felder
1e3f8cda39 Fix duplicate "reports" in last entry 2016-02-09 17:07:03 +00:00
Mark Felder
9d048b8bdc Document net-mgmt/xymon-server vulnerabilities 
MFH:		2016Q1
Security:	CVE-2016-2054
Security:	CVE-2016-2055
Security:	CVE-2016-2056
Security:	CVE-2016-2057
Security:	CVE-2016-2058
 2016-02-09 17:01:02 +00:00
Martin Wilke
0bab4d7094 - Document php -- pcre vulnerability 2016-02-09 10:55:58 +00:00
Raphael Kubo da Costa
2a699255ef Document multiple vulnerabilities in graphics/py-imaging and graphics/py-pillow. 
Security:	CVE-2016-0740
Security:	CVE-2016-0775
 2016-02-09 10:39:56 +00:00
Jan Beich
7e6d923605 security/nss: update to 3.22 
Changes:	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.22_release_notes
PR:		207030
Submitted by:	Christoph Moench-Tegeder <cmt@burggraben.net>
 2016-02-09 00:09:37 +00:00
Carlos J. Puga Medina
9905a1a102 This patch fixes alignment of self-test context in salsa20 required 
for amd64 implementation.

Other changes:
   - Regenerate patches to make portlint(1) happy
   - Update MAINTAINER to my @FreeBSD.org address
   - Bump PORTREVISION

PR:		206919
Approved by:	junovitch (mentor)
 2016-02-08 20:54:10 +00:00
Antoine Brodin
8b2a23e265 Unbreak with new cracklib 
Reported by:	pkg-fallout
 2016-02-08 17:57:14 +00:00
Dmitry Marakasov
3675146836 - Mark BROKEN, does not build: 
verify.c:70:25: error: variable has incomplete type 'struct dsa_public_key'

Reported by:	pkg-fallout
Approved by:	portmgr blanket
 2016-02-08 15:20:27 +00:00
Philippe Audeoud
982b1ffe35 - Update to 1.20 2016-02-08 09:02:02 +00:00
Xin LI
9567fc068c 2015-12-31 security/polarssl: Upstream is ending support for 1.2.x 2016-02-07 09:58:59 +00:00
Xin LI
a8c411eaa0 Update to 1.2.19. 
Bugfix
   * Fix bug in certificate validation that caused valid chains to
     be rejected when the first intermediate certificate has
     pathLenConstraint=0. Found by Nicholas Wilson.
     Introduced in mbed TLS 1.3.15. #280
   * Removed potential leak in rsa_rsassa_pkcs1_v15_sign(), found
     by JayaraghavendranK. #372

MFH:	2016Q1
 2016-02-07 09:49:05 +00:00
Danilo Egea Gondolfo
f927e29a04 - Update to 20160204 2016-02-06 13:29:19 +00:00
Thomas Zander
e9fed5f764 Document remote denial of service in ffmpeg before 2.8.6 and 
mencoder / mplayer before 1.2.r20151219_3
 2016-02-06 11:23:58 +00:00
Vanilla I. Shu
9a4005e6c0 Update to 1.6.1. 2016-02-06 04:42:41 +00:00
Vanilla I. Shu
e897393092 Update to 1.6.1. 2016-02-06 04:42:26 +00:00
Jason Unovitch
7bc4044017 Update version of net/samba36 package to reflect it is still unpatched 
PR:		206808
Reported by:	Marcin Gryszkalis <mg@fork.pl>
Security:	CVE-2015-5252
Security:	CVE-2015-5296
Security:	CVE-2015-5299
Security:	https://vuxml.FreeBSD.org/freebsd/ef434839-a6a4-11e5-8275-000c292e4fd8.html
 2016-02-05 20:04:05 +00:00
Koop Mast
05b82b292f Document shotwell failure to validate TLS certificates. 
PR:		206807
 2016-02-05 16:32:09 +00:00
Cy Schubert
4f0c314e68 Fix Shared object "libcrack.so.2" not found, required by 
"cracklib-packer" pre-stage error.
 2016-02-05 14:02:37 +00:00
Cy Schubert
098a06a073 Update 2.9.4 --> 2.9.6 
Distfile has been moved from sourceforge to github.

Generate dictionary from github hosted word dictionary file instead of
in port.
 2016-02-05 07:05:11 +00:00
Erwin Lansing
d140eabacb - Update unbound to 1.5.7 
- Bump PORTREVISIOn on dependent ports

Some Upgrade Notes:

This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. For crypto in libunbound there is
libnettle support.

Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the
qname minimisation, and that will both stop privacy sensitive traffic
and reduce nonsense traffic to authority servers. So consider
enabling both. In this implementation IPv6 reverse lookups add
several labels per increment, because otherwise those lookups would be
very slow. [ Reference
https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 ]

More details at <http://unbound.net>

PR:		206347
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl>
Approved by:	maintainer timeout
Sponsored by:	DK Hostmaster A/S
 2016-02-04 15:58:30 +00:00
Koop Mast
298502fbcd Document webkit CVE-2014-1748. 
If people look at the announcement, CVE-2014-3192 is already fixed. This
CVE was against chromium, and the same code in 2.4.9 is in webkit trunk
so I assume it already fixed.

CVE-2013-6663 is for webkit < 2.4.0, and the rest of the CVE's are for
apple products without any attached patches.

PR:		205683
Obtained from:	http://webkitgtk.org/security/WSA-2015-0002.html
 2016-02-04 11:03:33 +00:00
Kubilay Kocak
5133b75bd7 security/py-rsa: Update to 3.3 (Fixes CVE-2016-1494) 
- Update PORTVERSION and distinfo checksum (3.3)
- Modernize TEST entries (test target, TEST_DEPENDS, et al)
- Update setup.py patch (zip_safe no longer needed)
- Add LICENSE_FILE
- Enable NO_ARCH

This version fixed a security vulnerability:

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1494

PR:		206746
Reported by:	Sevan Janiyan <venture37 geeklan co.uk>
Security:	e78bfc9d-cb1e-11e5-b251-0050562a4d7b
Security:	CVE-2016-1494
MFH:		2016Q1
 2016-02-04 10:39:48 +00:00
Kubilay Kocak
b3801075c3 security/vuxml: Add CVE-2016-1494 for security/py-rsa 
PR:		206746
Reported by:	 Sevan Janiyan <venture37 geeklan co.uk>
 2016-02-04 10:35:32 +00:00
Guido Falsi
ecc9d91a49 Document new asterisk ports vulnerabilities. 2016-02-04 09:25:09 +00:00