pre-build and post-build into do-build as requested by mat@.
Reviewed by: matthew (mentor)
Approved by: matthew (mentor)
Differential Revision: https://reviews.freebsd.org/D15287
https://www.kde.org/info/security/advisory-20180503-1.txt
CVE-2018-10380
The patches are taken from the git commits referred to in the
security notice, hence the unusual naming.
Approved by: tcberner (mentor, implicit)
Security: 83a548b5-4fa5-11e8-9a8e-001e2a3f778d
https://www.kde.org/info/security/advisory-20180503-1.txt
The port is not built by default through the regular KDE packages,
and has been in the ports tree only a week; the impact is expected
to be low.
Approved by: tcberner (mentor, implicit)
- North Korea switches back to +09 on 2018-05-05.
- The main format uses negative DST again, for Ireland etc.
- New 's' and 'd' suffixes in SAVE columns of Rule and Zone lines.
Also, remove unnecessary USE_LDCONFIG.
* gpg: New option --no-symkey-cache to disable the passphrase cache
for symmetrical en- and decryption.
* gpg: The ERRSIG status now prints the fingerprint if that is part
of the signature.
* gpg: Relax emitting of FAILURE status lines
* gpg: Add a status flag to "sig" lines printed with --list-sigs.
* gpg: Fix "Too many open files" when using --multifile. [#3951]
* ssh: Return an error for unknown ssh-agent flags. [#3880]
* dirmngr: Fix a regression since 2.1.16 which caused corrupted CRL
caches under Windows. [#2448,#3923]
* dirmngr: Fix a CNAME problem with pools and TLS. Also use a fixed
mapping of keys.gnupg.net to sks-keyservers.net. [#3755]
* dirmngr: Try resurrecting dead hosts earlier (from 3 to 1.5 hours).
* dirmngr: Fallback to CRL if no default OCSP responder is configured.
* dirmngr: Implement CRL fetching via https. Here a redirection to
http is explictly allowed.
* dirmngr: Make LDAP searching and CRL fetching work under Windows.
This stopped working with 2.1. [#3937]
* agent,dirmngr: New sub-command "getenv" for "getinfo" to ease
debugging.
FreeBSD as is (was fixed in master later). The patch which fixes the build
is actually larger than the functional difference between the two versions,
which is added support for Zen+ (Pinnacle Ridge) CPUs, so cherry-pick that
instead and instruct our dear portscout to ignore version 3.2.2 for now.
Reported by: portscout
artwork.c:448:19: error: use of undeclared identifier 'CODEC_FLAG_GLOBAL_HEADER'
dst->flags |= CODEC_FLAG_GLOBAL_HEADER;
^
transcode.c:29:10: fatal error: 'libavfilter/avfiltergraph.h' file not found
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
transcode.c:562:76: error: use of undeclared identifier 'CODEC_CAP_DELAY'
if (!(ctx->ofmt_ctx->streams[stream_index]->codec->codec->capabilities & CODEC_CAP_DELAY))
^
transcode.c:807:20: error: use of undeclared identifier 'CODEC_FLAG_GLOBAL_HEADER'
enc_ctx->flags |= CODEC_FLAG_GLOBAL_HEADER;
^
PR: 227726
Reported by: antoine (via exp-run)
ffmpeg_movie.c:978:29: error: no member named 'codec_name' in 'struct AVCodecContext'; did you mean 'coded_frame'?
} else if (decoder_ctx->codec_name[0] != '\0') {
^~~~~~~~~~
coded_frame
/usr/local/include/libavcodec/avcodec.h:2760:35: note: 'coded_frame' declared here
attribute_deprecated AVFrame *coded_frame;
^
ffmpeg_movie.c:978:43: error: invalid operands to binary expression ('AVFrame' (aka 'struct AVFrame') and 'int')
} else if (decoder_ctx->codec_name[0] != '\0') {
~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~
ffmpeg_movie.c:979:35: error: no member named 'codec_name' in 'struct AVCodecContext'
codec_name = decoder_ctx->codec_name;
~~~~~~~~~~~ ^
PR: 227726
Reported by: antoine (via exp-run)
linux/miro-segmenter.c:103:48: error: use of undeclared identifier 'CODEC_FLAG_GLOBAL_HEADER'
output_codec_context->flags |= CODEC_FLAG_GLOBAL_HEADER;
^
linux/miro-segmenter.c:270:46: error: no member named 'pts' in 'struct AVStream'
segment_time = (double)video_st->pts.val * video_st->time_base.num / video_st->time_base.den;
~~~~~~~~ ^
linux/miro-segmenter.c:273:46: error: no member named 'pts' in 'struct AVStream'
segment_time = (double)audio_st->pts.val * audio_st->time_base.num / audio_st->time_base.den;
~~~~~~~~ ^
PR: 227726
Reported by: antoine (via exp-run)
src/lib_ccx/ffmpeg_intgr.c:5:10: fatal error: 'libavfilter/avfiltergraph.h' file not found
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
PR: 227726
Reported by: antoine (via exp-run)
Major changes in 1.15.3 (2018-05-03)
====================================
This is a bug fix release.
* Fix flaws in LDAP DN checking, including a null dereference KDC
crash which could be triggered by kadmin clients with administrative
privileges [CVE-2018-5729, CVE-2018-5730].
* Fix a KDC PKINIT memory leak.
* Fix a small KDC memory leak on transited or authdata errors when
processing TGS requests.
* Fix a null dereference when the KDC sends a large TGS reply.
* Fix "kdestroy -A" with the KCM credential cache type.
* Fix the handling of capaths "." values.
* Fix handling of repeated subsection specifications in profile files
(such as when multiple included files specify relations in the same
subsection).
Major changes in 1.16.1 (2018-05-03)
====================================
This is a bug fix release.
* Fix flaws in LDAP DN checking, including a null dereference KDC
crash which could be triggered by kadmin clients with administrative
privileges [CVE-2018-5729, CVE-2018-5730].
* Fix a KDC PKINIT memory leak.
* Fix a small KDC memory leak on transited or authdata errors when
processing TGS requests.
* Fix a regression in pkinit_cert_match matching of client
certificates containing Microsoft UPN SANs.
* Fix a null dereference when the KDC sends a large TGS reply.
* Fix "kdestroy -A" with the KCM credential cache type.
* Allow validation of Microsoft PACs containing enterprise names.
* Fix the handling of capaths "." values.
* Fix handling of repeated subsection specifications in profile files
(such as when multiple included files specify relations in the same
subsection).
