This update addressed LPE and RCE vulnerabilities in OpenSMTPD (CVE-2020-7247)
https://www.openwall.com/lists/oss-security/2020/01/28/3
This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch
smtpd to new grammar") and allows an attacker to execute arbitrary shell
commands, as root:
- either locally, in OpenSMTPD's default configuration (which listens on
the loopback interface and only accepts mail from localhost);
- or locally and remotely, in OpenSMTPD's "uncommented" default
configuration (which listens on all interfaces and accepts external
mail).
PR: 243686
Reported by: authors via irc
MFH: 2020Q1
Relnotes: https://www.mail-archive.com/misc@opensmtpd.org/msg04850.html
Release 0.84.0:
core:
* Fix crash when converting from Unicode to ASCII-7
* Splash::scaleImageYdXu: Protect against crash if srcWidth is too big
* JBIG2Stream: fix potential crash in malformed documents
* JBIG2Stream: fix leak in reset() if called several times
* Internal code improvements
utils:
* pdfimages: Add error message if first page is larger then number of pages.
* pdfinfo: Improved paper size recognition
* pdfsig: Fix exit code when dumping signatures
* pdftocairo: Error out when even/odd selects 0 pages
* pdftohtml: Fix memory leak
* pdftoppm: Add an option to scale before rotate
* pdftoppm: Add -hide-annotations option
* pdftoppm: Error out when even/odd selects 0 pages
* pdftops: Improve -optimizecolorspace
qt5:
* Code cleanups
glib:
* Fix compiler warnings
Release 0.83.0
core:
* Improve when a file is recognized as Linearized
* Improve const-ness of the code
* Make code a bit more readable/maintanable
* Fix uninitialized memory uses in broken files
utils:
* pdffonts: Make code a bit more readable/maintanable
* pdftohtml: Make code a bit more readable/maintanable
qt5:
* Remove a bunch of unused internal functions
* trUtf8 -> tr (less warnings)
build system:
* make-glib-api-docs: switch to python3
PR: 243433
Exp-run by: antoine
- Some scenarios and list creation templates for "intranet" use
cases were made optional: They have been moved into samples/
- See also "upgrading notes" for details:
https://sympa-community.github.io/manual/upgrade/notes.html
There are special instructions when upgrading from 6.2.50 but
this version did not hit the ports tree.
PR: 243050
Submitted by: Geoffroy Desvernay <dgeo@centrale-marseille.fr> (maintainer)
Relnotes: https://github.com/sympa-community/sympa/releases/tag/6.2.52
Make way for textproc/py-html2tex to be updated to its latest version
2020.1.16 which supports only Python >= 3.5.
Move dependents that runs only with Python 2.7 to textproc/py-html2text2018.
Daemon which provides TLS client policy for Postfix via socketmap, according to
domain MTA-STS policy. Current support of RFC8461 is limited - daemon lacks
some minor features:
- Proactive policy fetch
- Fetch error reporting
- Fetch ratelimit (but actual fetch rate partially restricted with cache_grace config option).
Server has configurable cache backend which allows to store cached STS policies
in memory (internal), file (sqlite) or in Redis database (redis).
WWW: https://pypi.python.org/pypi/postfix-mta-sts-resolver
This update includes an Emacs major version change from 27.0.50 to 28.0.50.
Ports that may depend on editors/emacs-devel must chase this update
with a PORTREVISION bump.
Submitted by: ashish (maintainer)
Differential Revision: https://reviews.freebsd.org/D23012
It's possible that there are other architectures that luajit works on, but I couldn't test it.
PR: 243059
Approved by: vsevolod (maintainer)
MFH: 2020Q1 (fix build blanket)
While here I have also fixed portlint and poudriere testport complaints:
- add LICENSE
- add NO_ARCH
- remove DISTFILES definition to its default value
Submitted by: kargl (RE fix)
Approved by: antoine (implicit)
