Update to 1.13.6.
This is a bug fix release.
* Improve some error messages
* Improve documentation
* Allow a principal with nonexistent policy to bypass the minimum
password lifetime check, consistent with other aspects of
nonexistent policies
* Fix a rare KDC denial of service vulnerability when anonymous client
principals are restricted to obtaining TGTs only [CVE-2016-3120]
Security: 62d45229-4fa0-11e6-9d13-206a8a720317
Security: CVE-2016-3120
Approved by: ports-secteam (feld)
Import several patches recently merged upstream.
- Fix fork following to honor 'detach-on-fork'
- Fix vfork following to post a fake vfork_done event to fix breakpoints
in vfork parents (a real vfork_done event is pending but requires kernel
changes currently in review).
- Fix x86 debug registers to work with multiple threads (PR 157755)
- Add support for 'info auxv' on both live processes and cores.
- Add support for 'catch syscall'. Note that catching system calls by
names requires parsing an XML file mapping system call names to
numbers. The port now installs the XML syscall files to the data
directory. In addition, the EXPAT option is now enabled by default as
expat is used to parse the XML files.
- Handle version 1a of NT_PRPSINFO notes which include the pr_pid field.
- Replace patch-sigev with upstream version. Note that upstream GDB
doesn't define SIGLIBRT on older OS versions, so do that in the port
Makefile instead.
- Use PT_GET_EVENT_MASK/PT_SET_EVENT_MASK (new in 12).
- Fix a bug where fork and LWP events weren't enabled in new child
processes when following child processes after a fork.
- Handle "real" vfork done events via PTRACE_VFORK (new in 12).
- Bump PORTREVISION.
PR: 157755, 210874, 211254
Approved by: ports-secteam (feld)
devel/onscripter: update to 20160726 while fixing
====> Running Q/A tests (stage-qa)
Error: /usr/local/bin/nsaconv is linked to /usr/local/lib/libjpeg.so.8 from graphics/jpeg-turbo but it is not declared as a dependency
Warning: you need USES+=jpeg
Approved by: ports-secteam (feld)
Update to 1.14.3.
This is a bug fix release.
* Improve some error messages
* Improve documentation
* Allow a principal with nonexistent policy to bypass the minimum
password lifetime check, consistent with other aspects of
nonexistent policies
* Fix a rare KDC denial of service vulnerability when anonymous client
principals are restricted to obtaining TGTs only [CVE-2016-3120]
Security: 62d45229-4fa0-11e6-9d13-206a8a720317
Security: CVE-2016-3120
Approved by: ports-secteam@ (feld@)
net-p2p/deluge: update to 1.3.13
- update to 1.3.13
- switch to option helpers
- add creatiion of .python-eggs for deluge_web - this resolves
installation of plugins for deluge_web [1]
This release also fixing Scheduler plugin as reported by dbn@ [2], so
this is the reason for MFH request.
Changes: http://dev.deluge-torrent.org/wiki/ChangeLog#Deluge1.3.1320July2016
PR: 207558 [2]
Submitted by: Marlon Leerkotte <mrleerkotte@protonmail.com> [1] (private mail)
Reported by: dbn [2]
Approved by: ports-secteam (feld)
Apply r402343 to other gnome@ ports restoring r297047 behavior
- Invoke pkg-config(1) instead of checking manually
- Convert to ECHO_MSG which can be silenced
PR: 166279
Approved by: portmgr blanket
Approved by: ports-secteam (feld)
Upgrade to upstream svn revision r1753426, which includes the fix for
CVE-2016-1513.
Regenerate distinfo to add TIMESTAMP.
Security: 72f71e26-4f69-11e6-ac37-ac9e174be3af
Approved by: ports-secteam (feld)
graphics/gegl3: apply r386216 + previous commit
- Bundled poly2tri-c is under BSD3CLAUSE
- Only V4L still uses LGPL20+ code
- More (but not all) operations/common/*.c are under GPLv3
While here define CPE information.
Approved by: portmgr blanket
Approved by: ports-secteam blanket
graphics/gegl: clarify LICENSE
A quick grep(1) of *.c files reveals:
LGPL20 files are
gegl/buffer/gegl-id-pool.c
operations/external/v4lutils/v4lutils.c
GPLv3 files are
bin/gegl.c
bin/gegl-path-spiro.c
bin/gegl-path-smooth.c
bin/gegl-options.c
gegl/buffer/gegl-cache.c
All GPL license headers have
..., or (at your option) any later version.
Approved by: portmgr blanket
Approved by: ports-secteam blanket
audio/libaudiofile: track flac dependency
====> Running Q/A tests (stage-qa)
Error: /usr/local/lib/libaudiofile.so.1.0.0 is linked to /usr/local/lib/libFLAC.so.8 from audio/flac but it is not declared as a dependency
Warning: you need LIB_DEPENDS+=libFLAC.so:audio/flac
PR: 206888
Submitted by: jkim
Approved by: portmgr blanket, maintainer timeout (6 months)
Approved by: ports-secteam blanket
Update to 2016f. [1]
While there, clean things up a bit and really do staging.
PR: 211260 [1]
Submitted by: devel stasyan com
With hat: portmgr
Sponsored by: Absolight
- allow reproducible build
- set EXPIRATION_DATE to 2017-07-01 [1]
[1] Upstream propose EoL of apache 2.2.x during the next 12 months
See discussion on dev@apache list.
Approved by: ports-secteam (feld@)
FreeBSD's regexec() libc function is more restrictive than the linux
one and will not accept an empty expression.
Add patch (from PR) to fix this problem.
PR: 211187
Submitted by: Dmitry Vagin <daemon.hammer at ya.ru>
Approved by: ports-secteam (feld)
Adjust dependencies to fix `make stage-qa'.
Error: /usr/local/lib/libtelepathy-qt4-farstream.so.2.0.9.6.1 is linked to /usr/local/lib/libgobject-2.0.so.0 from devel/glib20 but it is not declared as a dependency
Warning: you need USE_GNOME+=glib20
Error: /usr/local/lib/libtelepathy-qt4-farstream.so.2.0.9.6.1 is linked to /usr/local/lib/libglib-2.0.so.0 from devel/glib20 but it is not declared as a dependency
Warning: you need USE_GNOME+=glib20
Error: /usr/local/lib/libtelepathy-qt4-farstream.so.2.0.9.6.1 is linked to /usr/local/lib/libintl.so.8 from devel/gettext-runtime but it is not declared as a dependency
Warning: you need USES+=gettext
Approved by: ports-secteam (junovitch, implicit)
