kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
388658 commits 42 branches 80 tags 2.7 GiB
Commit graph

22756 commits

Author SHA1 Message Date
Mathieu Arnold
f350bae837 Add acme-tiny, a tiny script to issue and renew TLS certs from Let's Encrypt. 
Sponsored by:	Absolight
 2016-02-29 17:11:11 +00:00
Bryan Drewery
bdd004278b Remove security/openssh-portable-devel since it is outdated, insecure, 
and no longer needed.
 2016-02-29 16:51:11 +00:00
Wen Heping
b64292a8c2 - Update DEPENDS 
Submitted by:	rkoberman@gmail.com(via email)
Approved by:	maintainer(implicity)
 2016-02-29 02:22:42 +00:00
Steve Wills
47904e7568 security/honeybadger: Update to 0.0.0.2016022301 
PR:		207442
Submitted by:	Shawn Webb <shawn.webb@hardenedbsd.org> (maintainer)
 2016-02-29 01:25:31 +00:00
Sergey A. Osokin
d2953d7885 Update www/tomcat7 version. 2016-02-28 22:50:53 +00:00
Mark Felder
61d4dc226a Update tomcat vuxml entry 
CVE-2015-5346 does not affect Tomcat 6.
 2016-02-28 22:10:09 +00:00
Mark Felder
23c34078e9 Document additional tomcat vulnerabilities 
Security:	CVE-2015-5346
Security:	CVE-2015-5351
Security:	CVE-2016-0763
 2016-02-28 21:44:55 +00:00
Mark Felder
528172af9b Update documented tomcat vulnerabiltiies 2016-02-28 21:37:30 +00:00
Mark Felder
79705af288 Document tomcat vulnerabilities 
Security:	CVE-2016-0714
 2016-02-28 20:50:20 +00:00
Palle Girgensohn
e2f67a8795 Update xerces-c3 and shibboleth to latest versions 
The update in xerces fixes a buffer overflow security problem that exposes the
possibility of a denial of service attack, and could conceivably result in
remote code execution.

Users of Shibboleth or any other service usingi the xerces-c3 xml library are
recommended to upgrade promptly.

URL:	http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
Security:	CVE-2016-0729
 2016-02-28 18:55:43 +00:00
Edward Tomasz Napierala
3c451d4993 Update security/certificate-transparency to 20160102. 
Sponsored by:	The FreeBSD Foundation
 2016-02-28 18:30:44 +00:00
Palle Girgensohn
c2db06e6ae Document vulnerability i xerces-c3 
Security:	CVE-2016-0729
 2016-02-28 18:15:13 +00:00
Jason Unovitch
a9d78963ca Revise Squid entry with CVE assignment and SQUID-2016:2 advisory reference 
PR:		207454
Reported by:	Pavel Timofeev <timp87@gmail.com>
Security:	CVE-2016-2569
Security:	CVE-2016-2570
Security:	CVE-2016-2571
Security:	https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html
 2016-02-28 00:50:12 +00:00
Mark Felder
13b83ba4dd Document django vulnerability 
Security:	CVE-2016-2048
 2016-02-28 00:48:27 +00:00
Jason Unovitch
79c6d5f9f4 Document Xen Security Advisories (XSAs 167, 168, 170) 
Security:	CVE-2016-1570
Security:	CVE-2016-1571
Security:	CVE-2016-2271
Security:	https://vuxml.FreeBSD.org/freebsd/7ed7c36f-ddaf-11e5-b2bd-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/80adc394-ddaf-11e5-b2bd-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/81f9d6a4-ddaf-11e5-b2bd-002590263bf5.html
 2016-02-28 00:29:10 +00:00
Mark Felder
1e90f8e2c2 Document moodle vulnerabilities 
Security:	CVE-2016-0724
Security:	CVE-2016-0725
 2016-02-28 00:25:10 +00:00
Raphael Kubo da Costa
92e49b279b Update to 1.4.0. 
PR:		207520
Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
 2016-02-27 23:49:23 +00:00
Raphael Kubo da Costa
b088ca94eb Update to 1.4.0. 
PR:		207519
Submitted by:	Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
 2016-02-27 23:47:07 +00:00
Kurt Jaeger
42846e4f09 security/openvpn-devel: 201548 -> 201607 
- update to the latest development snapshot

PR:		207489
Submitted by:	ecrist@secure-computing.net (maintainer)
 2016-02-27 20:28:25 +00:00
Kurt Jaeger
5b8cf315a9 security/letsencrypt.sh: periodic script needs to find curl in $PATH 
PR:		207532
Reported by:	mjl@luckie.org.nz
Submitted by:	Sascha Holzleiter <sascha@root-login.org> (maintainer)
 2016-02-27 17:29:05 +00:00
Hajimu UMEMOTO
342be81f93 Move PLIST_FILES for plugins into cyrus-sasl2/Makefile.common. 2016-02-27 17:02:11 +00:00
Baptiste Daroussin
1e9d509cb7 When linking nss uses plain CC and does not pass CFLAGS 
Append the path to the ports binutils on amd64 to CC so linking actually uses
the expected binutils

This fixes build with binutils 2.26
 2016-02-27 13:39:40 +00:00
TAKATSU Tomonari
ba0d7d26ac - Update to 0.9.2 2016-02-27 12:12:45 +00:00
Hajimu UMEMOTO
90e622d893 Move the common part of the cyrus-sasl2 separated ports into 
Makefile.common, to make further maintenance easier.
 2016-02-27 05:15:57 +00:00
Mark Felder
fe86f9e06b Document multimedia/pitivi vulnerability 
Security:	CVE-2015-0855
 2016-02-26 16:16:21 +00:00
Mark Felder
de92a33931 Document graphics/giflib vulnerability 
Security:	CVE-2015-7555
 2016-02-26 15:50:41 +00:00
Kubilay Kocak
755f7c8540 security/py-{acme,letsencrypt}: Update to 0.4.0 
Common:

- Update PORTVERSION and distinfo checksum (0.4.0) [1]
- Update and sort RUN_DEPENDS to match setup.py:install_requires

security/py-acme:

- Update COMMENT to match setup.py:description=
- Add LICENSE_FILE
- Remove spurious USES=gmake dependency

PR:		207306 [1]
Submitted by:	Piotr Kubaj <pkubaj anongoth pl> [1]
Approved by:	koobs (maintainer, letsencrypt), cpm (maintainer, acme)
 2016-02-26 12:41:45 +00:00
Hajimu UMEMOTO
629168f305 Revert r409585 to avoid dependency loop. 
I've completely forgot this issue.

PR:		207512
 2016-02-26 11:27:30 +00:00
Kubilay Kocak
50798bfc7e security/py-oauthlib: Update 1.0.3 
- Update PORTVERSION and distinfo checksum (1.0.3)
- Update COMMENT to more closely match setup.py:description=
- Update TEST dependencies and test target
- Remove TESTS option bits accordingly
- Move mock to only Python 2.x TEST_DEPENDS
- Enable NO_ARCH (architecture independent)
- Add LICENSE_FILE
 2016-02-26 10:53:49 +00:00
Kubilay Kocak
e19decc67a security/py-libnacl: Update to 1.4.4 
- Update PORTVERSION and distinfo checksum (1.4.4)
- Update test target
- Enable NO_ARCH (architecture independent)
- Regenerate setup.py
 2016-02-26 09:17:52 +00:00
Kubilay Kocak
e450c301ed security/py-cpe: Update to 1.2.0 
- Update PORTVERSION and distinfo checksum (1.2.0)
- Enable building with Python 3.x
- Correct LICENSE (LGPL3)
- Enable NO_ARCH (architecture independent)
- Update COMMENT to match setup.py:summary=
- Add test target

Changes:

  https://github.com/nilp0inter/cpe/blob/develop/NEWS.txt
 2016-02-26 09:02:39 +00:00
Hajimu UMEMOTO
6d181df987 OPTIONSfy ANONYMOUS authentication. 
On by default.
 2016-02-26 08:59:39 +00:00
Dirk Meyer
64e12330a8 - set dependency to libmilter, bump PORTREVISION 2016-02-26 08:47:18 +00:00
Hajimu UMEMOTO
718dd9ecd9 Add OPTIONS for the separeted cyrus-sasl2 ports. 2016-02-26 07:51:37 +00:00
Hajimu UMEMOTO
4bc3dd8ab6 Use gssapi related descriptions in bsd.options.desc.mk. 2016-02-26 06:51:47 +00:00
Mark Felder
f5e88e1857 Document drupal vulnerabilities 
PR:		207467
Security:	https://www.drupal.org/SA-CORE-2016-001
 2016-02-25 15:36:20 +00:00
Dmitry Marakasov
a274b094df - Clarify LICENSE 
- Add LICENSE_FILE
- Fix build with disabled NLS
 2016-02-25 14:16:10 +00:00
Li-Wen Hsu
79918e1a85 Document Jenkins Security Advisory 2016-02-24 2016-02-25 05:25:10 +00:00
Mark Felder
4e551fb530 vuxml: Update entry for graphics/jasper 
These vulnerabilities are resolved in 1.900.1_16

Security:	http://www.vuxml.org/freebsd/006e3b7c-d7d7-11e5-b85f-0018fe623f2b.html
Security:	http://www.vuxml.org/freebsd/f1692469-45ce-11e5-adde-14dae9d210b8.html
 2016-02-24 20:27:40 +00:00
Jason Unovitch
90bc9b39d5 Document squid remote DoS in HTTP response processing 
PR:		207454
Reported by:	Pavel Timofeev <timp87@gmail.com>
Security:	https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html
 2016-02-24 11:46:09 +00:00
Hajimu UMEMOTO
c0f7910237 Add Cyrus SASL SRP authentication plugin. 
Requested by:	Kyle Amon <amonk__at__backwatcher.com>
 2016-02-24 10:39:50 +00:00
Dmitry Marakasov
cb91d14ef6 - Switch to options helpers 2016-02-23 23:25:00 +00:00
Martin Wilke
448b4fd87f - Update to 1.228 
PR:		206415
Submitted by:	maintainer
 2016-02-23 10:41:06 +00:00
Martin Wilke
86fcdba1b0 - Update to 1.2.0 2016-02-23 10:00:49 +00:00
Danilo Egea Gondolfo
9ffaee51a2 - Update to 20160222 2016-02-23 02:29:47 +00:00
Wen Heping
a14de550f1 - Update to 0.11 
Changes: http://search.cpan.org/src/ETHER/Crypt-Random-Source-0.11/Changes

PR:		207408
Submitted by:	dereckson@espace-win.org(maintainer)
 2016-02-23 01:39:20 +00:00
Jan Beich
565591eddf security/nss: update to 3.22.1 
Changes:	https://hg.mozilla.org/projects/nss/rev/4f727a27da00
MFH:		2016Q1 (maybe security)
 2016-02-22 14:16:50 +00:00
Jason Unovitch
741c92cec3 security/afl: update 2.02b -> 2.03b 
PR:		207391
Submitted by:	Tobias Kortkamp <t@tobik.me> (maintainer)
 2016-02-22 11:24:41 +00:00
Jason Unovitch
5f7a18d2fd security/keepassx2: update 2.0 -> 2.0.2 
PR:		207126
Submitted by:	Thibault Payet <monwarez@mailoo.org>
Approved by:	Eric Camachat <eric@camachat.org> (maintainer)
 2016-02-22 11:23:35 +00:00
Jason Unovitch
6add66db19 Document bsh remote code execution vulnerability 
PR:		207334
Submitted by:	pfg (maintainer)
Security:	CVE-2016-2510
Security:	https://vuxml.FreeBSD.org/freebsd/9e5bbffc-d8ac-11e5-b2bd-002590263bf5.html
 2016-02-21 15:25:57 +00:00