vulnerability:
- Add new info about vulnerable versions from NVIDIA.
- Add workaround.
- Add more references.
- Remove suggestion to move to "nv" driver now that we have a simpler
workaround.
Approved by: portmgr (secteam blanket)
Parts submitted by: mnag
details from Steffan Essers advisory about the implications of this
issue. The advisory was not public when this issue was initially
fixed.
Approved by: portmgr (secteam blanket)
were optional. The quicktime codecs are still vulnerable though, but we
rely on the conditional FORBIDDEN statement in the ports Makefile for this.
Approved by: portmgr (self), secteam (simon)
Note that I haven't actually had time to make a test system to reproduce
this on FreeBSD, but due to the nature of this issue and that there is a
PoC exploit in the advisory, I'm adding this entry due to "better safe
than sorry"...
Approved by: portmgr (secteam blanket)
amount of work by the FreeBSD GNOME Team and our testers.
On top of the usual GNOME update, we have taken this opportunity to move
GNOME from X11BASE to LOCALBASE. This means roughly 600 ports NOT part of
the GNOME Desktop also need to be changed. The bulk of the move was carried
out by ahze, mezz, and pav, but it would not have been possible without
cooperation from the FreeBSD KDE team who worked with us to make sure
GNOME and KDE can still coexist happily. We would also like to send a
shout out to kris and pointyhat for putting up with multiple test runs
until we got something that was solid.
Back to GNOME 2.16. This release brings a huge amount of new functionality
to FreeBSD. The standard release notes can be read at
http://www.gnome.org/start/2.16/ . But on top of what you will read there,
jylefort and marcus have completed work on a port of HAL to FreeBSD. This
will allow FreeBSD to take advantage of closer hardware interaction such
as auto-mounting CD-ROMs, USB drives, and music players; auto-playing
audio CDs; and managing laptop power consumption.
But where would this all be without our loyal testers and contributors?
Therefore, the FreeBSD GNOME team would like to thank the following users:
Phillip Neumann <pneumann@gmail.com>
tmclaugh
mux
Yuri Pankov <yuri.pankov@gmail.com>
chinsan
Thomas <freebsdlists@bsdunix.ch>
Brian Gruber <knightbg@yahoo.com>
Franz Klammer <klammer@webonaut.com>
Dominique Goncalves <dominique.goncalves@gmail.com>
Pascal Hofstee <caelian@gmail.com>
Yasuda Keisuke <kysd@po.harenet.ne.jp>
backyard <backyard1454-bsd@yahoo.com>
Andris Raugulis <endrju@null.lv> <endrju@null.lv>
Eric L. Chen <d9364104@mail.nchu.edu.tw>
Pawel Worach <pawel.worach@gmail.com>
QuiRK on #freebsd-gnome
Shane Bell <decept0@gmail.com>
luigi
sajd on #freebsd-gnome
sat
Chris Coleman <chrisc@vmunix.com>
kaeru on #freebsd-gnome
crsd_ via irc.freenode.org/#FreeBSD-GNOME
Joel Diaz <joeldiaz@mac.com>
Enjoy!
Approved by: portmgr (implicit, kris)
differences between the old and new files were entirely cosmetic. The
full diff is available in the Audit-Trail of the PR below.
PR: ports/104307
Submitted by: Frank J. Laszlo <laszlof@vonostingroup.com>
Approved by: portmgr (marcus)
(www.snort.org), an open source intrusion detection system.
The actual interface and GUI server are written in tcl/tk
(www.tcl.tk). Sguil also relies on other open source software
in order to function properly.
The sensor list includes security/barnyard, security/snort,
security/sancp, tcpdump (a part of the OS) and devel/tcltls as
well as lang/tcl84 and lang/tclX. Care has been taken to ensure
that everything you need to build a working sguil operation is
in the FreeBSD ports system or part of the OS already.
Sguil currently functions as an analysis interface and has
no snort sensor or rule management capabilities.
WWW: http://sguil.sourceforge.net/index.phppauls@utdallas.edu
PR: ports/95018
Submitted by: Paul Schmehl <pauls at utdallas.edu>
libpreludedb Changelog:
- Fix PostgreSQL schema update version 5.
- Only export symbol starting with preludedb_.
- Verbose error reporting in case of libpreludedb initialization failure.
PR: ports/104201
Submitted by: maintainer (Robin Gruyters)
to remove the stunnel user and group at all - just kill the package
deinstall script.
PR: 104028
Reported by: jan grant <jan.grant@bristol.ac.uk>,
Stephen Hurd <shurd@sasktel.net> (in private mail a while ago),
and, I think, many others
