kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
350356 commits 42 branches 80 tags 2.7 GiB
Commit graph

20114 commits

Author SHA1 Message Date
Bryan Drewery
33e5a12d5b Fix bash entries to also mark bash-static vulnerable 2014-10-01 22:57:16 +00:00
Bryan Drewery
15015e6b02 Document CVE-2014-6277 and CVE-2014-6278 for bash. 2014-10-01 22:30:59 +00:00
Bryan Drewery
ca11fc5279 - Document CVE-2014-7187 fixed in bash-4.3.27_1 2014-10-01 22:12:11 +00:00
Matthew Seaman
a763414630 Document the latest phpMyAdmin vulnerability. 
- while here fix the '>' breakage in the rsyslogd entry.

Security:	3e8b7f8a-49b0-11e4-b711-6805ca0b3d42
 2014-10-01 21:25:46 +00:00
Tijl Coosemans
0bda2cf7ad - Convert to USES=autoreconf 
- Remove USES=libtool:build because this port does not use libtool
 2014-10-01 10:11:33 +00:00
Bryan Drewery
a703832b9e Document CVE-2014-7186 for bash 2014-10-01 03:40:03 +00:00
Baptiste Daroussin
1446608ec7 Convert to USES=horde 
Fix pear-Horde_core options
Use options helpers where possible
 2014-09-30 22:14:59 +00:00
Brad Davis
b210b76fd9 - Document sysutils/rsyslog vulnerabilities CVE-2014-3634 
Reviewed by:	bdrewery@
 2014-09-30 20:09:32 +00:00
John Marino
2ab3cf8b2c security/libbeid: Add <stdlib.h> header for malloc 
The existing patch removed "<malloc.h>" but didn't provide "<stdlib.h>".
Adjust to compound patch to fix that oversight.

FWIW, the extra work to partially fix a patch is one reason I don't like
one-patch-many-files.  It's not the only reason.
 2014-09-30 18:34:58 +00:00
Sunpoet Po-Chuan Hsieh
ffae57f93e - Pet portlint: move USES=pear downward 2014-09-30 15:23:23 +00:00
Marcus von Appen
5b550ab827 service_identity aspires to give you all the tools you need 
for verifying whether a certificate is valid for the intended
purposes.

In the simplest case, this means host name verification.
However, service_identity implements RFC 6125 fully and
plans to add other relevant RFCs too.

WWW: https://github.com/pyca/service_identity

PR:		193930
Submitted by:	Axel Rau <axel.rau@chaos1.de>
 2014-09-30 14:04:34 +00:00
Rene Ladan
67eb00ba41 Remove expired ports: 
2014-08-31 net/libnet10: Superseded by net/libnet
2014-09-30 net/despoof: Depends on expired net/libnet10
2014-09-30 sysutils/gpkgdep: Requires old pkg_info
2014-09-30 security/vida: Depends on expired net/libnet10
2014-09-30 net/nemesis: Depends on expired net/libnet10
2014-09-30 net-mgmt/sing: Depends on expired net/libnet10
2014-09-30 net-mgmt/gps: Depends on expired net/libnet10
2014-09-30 net/ttlscan: Depends on expired net/libnet10
2014-09-30 security/zombiezapper: Depends on expired net/libnet10
2014-09-30 dns/dnshijacker: Depends on expired net/libnet10
2014-09-30 net/xboxproxy: Depends on expired net/libnet10
2014-09-30 net-mgmt/scdp: Depends on expired net/libnet10
2014-09-30 net-mgmt/angst: Depends on expired net/libnet10
2014-09-30 security/py-otr: Abandoned upstream
2014-09-30 net-p2p/cdonkey: depends on deprecated db41 version
 2014-09-30 12:28:26 +00:00
Vanilla I. Shu
d7be309e30 Add pam_ocra 1.0, RFC6287 (OCRA) PAM module. 
PR:		ports/194024
Submitted by:	Stefan Grundmann
 2014-09-30 04:15:22 +00:00
Bryan Drewery
e7ca3763f8 Document shells/fish vulnerabilities 2014-09-29 23:34:30 +00:00
Olli Hauer
a4d0af628e - adopt new pkg-plist style 2014-09-28 19:01:08 +00:00
Olli Hauer
963a62e890 - remove useless PORT_OPTIONS:MDOCS check 
- /PLIST_DIRSTRY/PLIST_DIRS/
 2014-09-28 18:53:40 +00:00
Antoine Brodin
5f233f2943 Move back to version 0.17.0 and take maintainership, new versions do not 
work with the version of metasploit currently in the tree
 2014-09-27 21:17:16 +00:00
Steve Wills
22986aca28 security/rubygem-metasploit_data_models: update to 0.20.1 
PR:		193818
Submitted by:	JR Aquino <tanawts@gmail.com> (maintainer)
 2014-09-27 21:01:24 +00:00
Johannes Jost Meixner
cfbcc3d9da security/linux-c6-nss: update to 3.16.1 
Upgrade linux-c6-nss to 3.16.1, due to CVE-2014-1568.
While there, add SRC_DISTFILES necessary due to licensing that did not make it
to r368845.

Approved by:	swills (mentor)
Differential Revision:	https://reviews.freebsd.org/D846
Security:	48108fb0-751c-4cbb-8f33-09239ead4b55
 2014-09-27 06:00:09 +00:00
Antoine Brodin
6a2aa2c75c Revert broken non-conversion to USES=pear 2014-09-27 05:46:27 +00:00
Antoine Brodin
2ebcb95cdb Fix stage violation (and allow staging as regular user) 2014-09-26 20:47:35 +00:00
Johannes Jost Meixner
af93a5d189 Add linux-c6-nss-3.15.1 package to the NSS vulnerability report. 
Approved by:	swills (mentor)
 2014-09-26 17:34:26 +00:00
Johannes Jost Meixner
6a6123d47e Add linux_base-c6-6.5 package to the bash vulnerability report. 
Approved by:	swills (mentor)
 2014-09-26 17:05:38 +00:00
Baptiste Daroussin
b34b625042 Convert to USES=pear 2014-09-26 09:05:59 +00:00
Bryan Drewery
a7b1fd362d The 2nd bash issue was reassigned to CVE-2014-7169: 
http://seclists.org/oss-sec/2014/q3/685

Reported by:	jkim
 2014-09-25 16:22:06 +00:00
Tijl Coosemans
dcc338fc9c Remove hack now that USES=pathfix no longer modifies configure (r369260) 2014-09-25 15:47:25 +00:00
Bryan Drewery
f0256b1c19 Update bash entry for CVE-2014-3659 
Security:	CVE-2014-3659
Security:	ca44b64c-4453-11e4-9ea1-c485083ca99c
 2014-09-25 15:44:00 +00:00
Tijl Coosemans
a6d2f30533 - Set CPPFLAGS and LIBS in a number of ports so configure can find libintl.h 
and libintl.so.  This fixes a problem where DATADIRNAME gets an incorrect
  value which causes locale files to be installed in the wrong place.
- The only configure checks that still need to be patched are related
  to intltool so move DATADIRNAME patching from USES=pathfix to
  USE_GNOME=intlhack.

- games/klavaro: remove excessive dependencies
- japanese/libskk: add INSTALL_TARGET=install-strip
- math/libqalculate: add INSTALL_TARGET=install-strip and remove pthread
  patching
- multimedia/freetuxtv: remove excessive dependencies
- science/gramps: fix shared-mime-info use

Exp-run by:	antoine
Approved by:	portmgr (antoine)
 2014-09-25 15:18:27 +00:00
Eygene Ryabinkin
7d75c62abd VuXML entry 48108fb0-751c-4cbb-8f33-09239ead4b55: expanded details 
Reviewed by:	des@
 2014-09-25 13:29:38 +00:00
Johannes Jost Meixner
e1e8f53b39 www/linux-*-flashplugin11: Fix multiple security vulnerabilities 
Adobe has discovered multiple security vulnerabilities in Flash
linux-*-flashplugin-11.2r202.400. Ugrade the two Linux ports to
version .406, which fixes these.

While there, assign www/linux-c6-flashplugin11 to emulation@
in order to match r369160.

PR:		193904
Differential Revision:	https://reviews.freebsd.org/D831
Submitted by:	Jung-uk Kim
Approved by:	koobs (mentor)
MFH:		2014Q3
Security:	ca44b64c-4453-11e4-9ea1-c485083ca99c
 2014-09-25 12:48:21 +00:00
Alex Kozlov
467b3df7dd - Remove obsolete @dirrm(try) 
- Convert PLIST_DIRSTRY to PLIST_DIRS
 2014-09-25 11:35:43 +00:00
Beat Gaetzi
1b3bcb097d - Update ca_root_nss to 3.17.1 
- Update thunderbird to 31.1.2
- Update seamonkey to 2.29.1
- Update firefox to 32.0.3
- Update firefox-esr to 31.1.1
- Update libxul to 24.8.1

Submitted by:	Jan Beich
Security:	http://www.vuxml.org/freebsd/48108fb0-751c-4cbb-8f33-09239ead4b55.html
 2014-09-25 11:08:06 +00:00
Brendan Fabeny
c6c8d4dea4 Update tor to 0.2.4.24 and tor-devel to 0.2.5.8-rc 2014-09-25 10:36:23 +00:00
Dag-Erling Smørgrav
f884047cb4 fix 2014-09-25 07:45:16 +00:00
Dag-Erling Smørgrav
46f042b4d0 Add entry for the NSS signature forgery bug. 
PR:		193906
MFH:		2014Q3
Security:	CVE-2014-1568
 2014-09-25 07:43:17 +00:00
Dag-Erling Smørgrav
ac51ae3af9 Upgrade to 3.17.1 
PR:		193906
MFH:		2014Q3
Security:	CVE-2014-1568
 2014-09-25 07:40:33 +00:00
Rene Ladan
9e4133005f Document new vulnerability in www/chromium < 37.0.2062.124 
Obtained from:	http://googlechromereleases.blogspot.nl/
MFH:		2014Q3
 2014-09-25 07:34:52 +00:00
Raphael Kubo da Costa
2c2f3a2f60 Add entry for net/krfb (CVE-2014-6055). 2014-09-24 21:22:02 +00:00
Antoine Brodin
27c849768f - Allow staging as a regular user 
- Bump portrevision as a directory didn't have intended owner
 2014-09-24 18:41:36 +00:00
Xin LI
60ee221669 Document bash remote code execution vulnerability. 2014-09-24 18:07:12 +00:00
Eitan Adler
4ea635fd2d Hand back my ports to the pool. 
Ports require time and TLC which I no longer have.
 2014-09-24 06:00:09 +00:00
Dmitry Marakasov
5bac2f9c7d - Drop @dirrm* from plist 
- simplify
 2014-09-23 17:33:18 +00:00
Vsevolod Stakhov
b5e0e00240 - Upgrade to 0.7.1. 
No incompatible API changes were introduced, so dependant ports revision bump is
not required.

PR:		193790
Submitted by:	thierry
 2014-09-23 11:41:03 +00:00
Baptiste Daroussin
d37f71d368 Simplify plist 
Strip binaries
 2014-09-23 10:26:29 +00:00
Baptiste Daroussin
7557cfb0b7 Simplify plist 2014-09-23 09:48:28 +00:00
Baptiste Daroussin
d5b55742d3 Simplify plist 2014-09-23 09:46:40 +00:00
Baptiste Daroussin
f972be4eb9 Simplify plist 2014-09-23 09:43:38 +00:00
Baptiste Daroussin
01f4ee6b98 Simplify plist 2014-09-23 09:42:43 +00:00
Baptiste Daroussin
347f7e5d6b Simplify plist 2014-09-23 09:40:45 +00:00
Baptiste Daroussin
2c29d05801 Simplify plist 2014-09-23 09:39:20 +00:00