[odc] Daily ports changes for 2005-11-01
ODC
auto at squish.net
Wed Nov 2 07:05:52 GMT 2005
OpenBSD ports changes summary for 2005-11-01
============================================
archivers/gcpio audio
audio/wsoundprefs audio/wsoundserver
biology/nutdb databases/db
devel/horde editors/abiword
games/abuse games/moon-buggy
games/moria games/omega
games/zangband infrastructure/build
infrastructure/mk infrastructure/plist
mail/clamsmtp mail/fetchmail
mail/getmail mail/imap-uw
mail/milter-regex mail/milter-spamd
mail/py-milter mail/smtp-vilter
misc/logjam misc/magicpoint
net/arpd net/crawl
net/curl net/ngrep
net/openvpn net/py-curl
net/silc-server net/tclcurl
net/uucp net/weex
net/wget print
print/psdim security/clamav
security/cyrus-sasl2 sysutils/cfengine
www/mediawiki www/mozilla
www/mozilla-firefox www/p5-WWW-Curl
www/php4 www/php5
www/phpldapadmin www/phppgadmin
www/squid x11/mlterm
x11/windowmaker x11/xloadimage
== archivers ========================================================= 01/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/archivers
gcpio
~ Makefile + patches/patch-copyin_c
+ patches/patch-copypass_c
TAGGED OPENBSD_3_8
> Debian/Ubuntu patches for CAN-2005-1111 (chmod races) and
> CAN-2005-1229 (path traversal)
> ok brad@ (sturm@)
== audio ============================================================= 02/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/audio
audio
~ Makefile
> -wsoundserver
> -wsoundprefs (wilfried@)
wsoundprefs
- Makefile - distinfo
- patches/patch-src_Imakefile - patches/patch-src_PLFunctions_c
- patches/patch-src_SoundEvents_c - patches/patch-src_SystemInfo_c
- patches/patch-src_WSoundPrefs_c - patches/patch-src_WSoundPrefs_h
- patches/patch-src_WSoundPrefs_man - patches/patch-src_tiff_Imakefile
- patches/patch-src_xpm_Imakefile - pkg/DESCR
- pkg/PLIST
> obsolete ports, no master site, doesn't work with newer windowmaker
> (wilfried@)
wsoundserver
- Makefile - distinfo
- files/WMSound - patches/patch-configure
- patches/patch-configure_in - patches/patch-util_wsoundplay_c
- patches/patch-wslib_Makefile_in - patches/patch-wslib_audio_voxware_c
- patches/patch-wslib_config_c - patches/patch-wslib_error_c
- patches/patch-wslib_info_c - patches/patch-wslib_misc_c
- patches/patch-wslib_path_c - patches/patch-wslib_plfunctions_c
- patches/patch-wslib_wsound_h - pkg/DESCR
- pkg/PFRAG.shared - pkg/PLIST
> obsolete ports, no master site, doesn't work with newer windowmaker
> (wilfried@)
== biology =========================================================== 03/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/biology
nutdb
~ Makefile ~ patches/patch-Makefile
~ patches/patch-nut.1
> - Fix some file modes here as well.
> - update-patches while I'm here
> - bump PKGNAME
> ok niallo@ (bernd@)
== databases ========================================================= 04/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/databases
db
~ v3/Makefile ~ v3/patches/patch-dist_Makefile_in
~ v3/patches/patch-dist_configure ~ v4/Makefile
~ v4/patches/patch-dist_Makefile_in ~ v4/patches/patch-dist_configure
> - fix file modes for some files
> - bump PKGNAMES
> v3: "looks good" espie@, ok niallo@
> v4: ok niallo@ (bernd@)
== devel ============================================================= 05/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/devel
horde
~ Makefile ~ pkg/PLIST
> Make sure files are installed with the correct uid/gid. (mbalmer@)
== editors =========================================================== 06/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/editors
abiword
~ Makefile ~ distinfo
TAGGED OPENBSD_3_8
> update to abiword 2.2.11
> RTF import stack-based buffer overflow / CESA-2005-004 - rev 1.
> CAN-2005-2972: Fix several stack-based buffer overflows in the RTF importer
> reported by Chris Evans
> ok brad@ (sturm@)
== games ============================================================= 07/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/games
abuse
~ Makefile ~ pkg/PLIST
> - fix modes of some files in the package
> - bump PKGNAME
> ok bernd@ (niallo@)
moon-buggy
~ Makefile ~ patches/patch-Makefile_in
~ pkg/PLIST + pkg/MESSAGE
> Fix setgid games and clean up related areas. (naddy@)
moria
~ Makefile ~ pkg/PLIST
> - fix modes of some files in the package
> - bump PKGNAME
> ok bernd@ (niallo@)
omega
~ Makefile ~ pkg/PLIST
> - fix modes of some files in the package
> - juggle some variables around so version changing and pkgname bumping is
> easier in future.
> - bump PKGNAME
> ok bernd@ (niallo@)
zangband
~ Makefile ~ pkg/PLIST
> - fix modes of some files in the package
> - bump PKGNAME
> ok bernd@ (niallo@)
== infrastructure ==================================================== 08/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/infrastructure
build
~ out-of-date
> Add a quick (-q) option for the impatient people. But look out! If you
> use the -q option, out-of-date looks for changed package names but not
> for changed package signatures!
> If you want to see ALL of you outdated packages, don't use -q.
> "go ahead, commit" espie@ (bernd@)
~ dolock
> create LOCKDIR if it doesn't already exist
> ok espie@ (sturm@)
mk
~ bsd.port.mk
> add comment so that we can grep for _internal-XXX-depends targets. (espie@)
~ bsd.port.mk
> new target, show-required-by, that can give you a full list of everything
> a port will affect.
> name by mbalmer@ (espie@)
~ bsd.port.mk
> set PACKAGING before computing RUN and LIB_DEPENDS, so that the needed
> packages are built JIT.
> noticed by sturm@ (espie@)
~ bsd.port.mk
> fix weird recursion lock issue... the way the rest of the file deals with
> them.
> `looks much cleaner to me and this one I understand' sturm@ (espie@)
plist
~ amd64 ~ sparc
~ sparc64 ~ vax
> minor fix; 10x jlouis at mongers.orgvalchev@)
== mail ============================================================== 09/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/mail
clamsmtp
~ Makefile
> Add milter to WANTLIB (mbalmer@)
~ Makefile
> Revert my last change. (mbalmer@)
fetchmail
~ Makefile + patches/patch-fetchmailconf
TAGGED OPENBSD_3_8
> MFC:
> Fix the latest security issue in fetchmailconf.
> http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt
> "passwords are written to a world-readable file"
> ok brad@ (sturm@)
getmail
~ Makefile + patches/patch-getmail
TAGGED OPENBSD_3_8
> MFC
> disable FutureWarnings to work around a bug in python 2.3.5
> ok brad (sturm@)
imap-uw
~ Makefile ~ distinfo
TAGGED OPENBSD_3_8
> MFC:
> Update to version 2004g.
> Security information: This fixes a a remote vulnerability where a
> registered
> user potentially could execute code on the mailserver.
> ok brad (sturm@)
milter-regex
~ Makefile
> Add milter to WANTLIB. (mbalmer@)
milter-spamd
~ Makefile
> Add milter to WANTLIB (mbalmer@)
py-milter
~ Makefile
> libmilter WANTLIB (pvalchev@)
smtp-vilter
~ Makefile
> Add milter to WANTLIB (mbalmer@)
== misc ============================================================== 10/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/misc
logjam
~ Makefile
TAGGED OPENBSD_3_8
> bump PKGNAMEs to not fall behind 3.7 (sturm@)
magicpoint
~ Makefile
> working master site. (fgsch@)
== net =============================================================== 11/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/net
arpd
~ Makefile
> missing wantlib (espie@)
crawl
~ Makefile
> missing libevent (espie@)
curl
- patches/patch-ltmain_sh ~ Makefile
~ distinfo ~ pkg/PFRAG.shared
+ patches/patch-lib_Makefile_in
TAGGED OPENBSD_3_8
> MFC:
> Update to 7.15.0.
> libcurl's NTLM function could overflow a stack-based buffer if given
> a too long user name or domain name. CAN-2005-3185.
> ok brad (sturm@)
ngrep
~ Makefile + patches/patch-ngrep_8
> remove a blank line which produces a blank page with nroff.
> help and 'looks fine' jmc@, ok espie@ (aanriot@)
openvpn
~ Makefile
> Fix some file modes. Bump PKGNAME.
> ok sturm@ (bernd@)
py-curl
~ Makefile
TAGGED OPENBSD_3_8
> bump PKGNAMEs to not fall behind 3.7 (sturm@)
silc-server
~ Makefile + patches/patch-apps_silcd_silcd_c
TAGGED OPENBSD_3_8
> MFC:
> fix insecure temp file creation as noted on BugTraq.
> corrected version from SILC CVS
> ok brad@ (sturm@)
tclcurl
~ Makefile
TAGGED OPENBSD_3_8
> bump PKGNAMEs to not fall behind 3.7 (sturm@)
uucp
~ Makefile ~ pkg/PLIST
> fix setuid uucp (naddy@)
weex
~ Makefile + patches/patch-src_log_c
TAGGED OPENBSD_3_8
> MFC:
> SECURITY:
> Fix remote format string bug; from Ulf Harnhammar <metaur at telia.com > ok brad@ (sturm@)
wget
~ Makefile ~ distinfo
~ patches/patch-configure
TAGGED OPENBSD_3_8
> MFC:
> update to wget-1.10.2
> This fixes a NTLM username buffer overflow vulnerability.
> ok brad (sturm@)
== print ============================================================= 12/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/print
print
~ Makefile
> Add psdim (alek@)
psdim
+ Makefile + distinfo
+ pkg/PLIST + pkg/DESCR
+ patches/patch-src_psdim_c
> New import:
> Import psdim 1.4
== security ========================================================== 13/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/security
clamav
~ Makefile ~ distinfo
~ patches/patch-configure
TAGGED OPENBSD_3_8
> MFC:
> Update to version 0.87.
> Notes: This version fixes vulnerabilities in handling of UPX and FSG
> compressed
> executables. Support for PE files, Zip and Cabinet archives has been
> improved
> and other small bugfixes have been made. The new option
> "--on-outdated-execute"
> allows freshclam to run a command when system reports a new engine version.
> ok brad@ (sturm@)
~ Makefile
TAGGED OPENBSD_3_8
> bump PKGNAMEs to not fall behind 3.7 (sturm@)
~ Makefile
TAGGED OPENBSD_3_8
> libmilter is now a shared lib. Add it to WANTLIB and bump the package
> name.
> Reported by espie@ (mbalmer@)
cyrus-sasl2
~ Makefile
+ patches/patch-utils_sasldblistusers2_8
+ patches/patch-utils_saslpasswd2_8
> remove blank lines which produce blank pages with nroff.
> help and 'looks fine' jmc@, ok espie@ (aanriot@)
== sysutils ========================================================== 14/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/sysutils
cfengine
~ Makefile ~ pkg/PLIST
TAGGED OPENBSD_3_8
> don't install vicf, it seems to have a security problem and is about to
> be removed from cfengine
> ok brad@ (sturm@)
== www =============================================================== 15/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/www
mediawiki
~ Makefile
> Fix some file modes. Discovered by espies check-mode script.
> Bump PKGNAME accordingly.
> ok niallo@ (bernd@)
mozilla
~ Makefile ~ distinfo
~ patches/patch-xpfe_bootstrap_mozilla_in
~ pkg/PFRAG.gtk2 ~ pkg/PFRAG.gtk2-devel
~ pkg/PLIST
+ patches/patch-gfx_src_gtk_nsScreenGtk_cpp
TAGGED OPENBSD_3_8
> update to Mozilla 1.7.12, fixes several security vulnerabilities
> Mozilla.org bug 210658:
> Fix hanging with non-standard HTML elements parsererror, sourcetext.
> ok brad (sturm@)
mozilla-firefox
~ Makefile ~ pkg/PLIST
+ files/bug307259.js
+ patches/patch-htmlparser_public_nsHTMLTagList_h
+ patches/patch-htmlparser_src_COtherElements_h
+ patches/patch-htmlparser_src_nsElementTable_cpp
+ patches/patch-htmlparser_src_nsHTMLTags_cpp
+ patches/patch-htmlparser_tools_gentags_pl
TAGGED OPENBSD_3_8
> SECURITY: disable IDN due to buffer overflow (CAN-2005-2871)
> https://addons.mozilla.org/messages/307259.html
> Mozilla.org bug 210658:
> Fix hanging with non-standard HTML elements parsererror, sourcetext.
> (sturm@)
p5-WWW-Curl
~ Makefile
TAGGED OPENBSD_3_8
> bump PKGNAMEs to not fall behind 3.7 (sturm@)
php4
- patches/patch-ext_pcre_pcrelib_pcre_c
~ Makefile.inc ~ distinfo
~ core/Makefile ~ core/pkg/PLIST-pear
~ extensions/Makefile
> Update to PHP4 version 4.4.1.
> The complete changelog is available at
> http://www.php.net/ChangeLog-4.php#4.4.1
> SECURITY: This version fixes a vulnerability described in detail
> at http://www.hardened-php.net/advisory_202005.79.html and
> http://www.hardened-php.net/index.76.html
> ok robert@, bernd@ (mbalmer@)
~ extensions/Makefile
TAGGED OPENBSD_3_8
> bump PKGNAMEs to not fall behind 3.7 (sturm@)
php5
~ extensions/Makefile
TAGGED OPENBSD_3_8
> bump PKGNAMEs to not fall behind 3.7 (sturm@)
phpldapadmin
~ Makefile ~ distinfo
~ pkg/PLIST
TAGGED OPENBSD_3_8
> MFC:
> Update to version 0.9.7-rc1 and take maintainership with the former
> maintainers consent.
> SECURITY: This fixes the problems noted in
> http://securityfocus.com/archive/1/409624/30/0/threaded
> ok brad@ (sturm@)
phppgadmin
~ Makefile ~ distinfo
~ pkg/PLIST
TAGGED OPENBSD_3_8
> MFC:
> update to phpPgAdmin-3.5.5 in order to fix CAN-2005-2256
> ok brad@ (sturm@)
squid
~ Makefile ~ distinfo
~ pkg/PLIST
TAGGED OPENBSD_3_8
> MFC:
> upgrade to 2.5.STABLE11
> Alex Masterov has reported a vulnerability in Squid,
> which potentially can be exploited by malicious people
> to cause a DoS.
> The vulnerability is caused due to an unspecified error
> in the "sslConnectTimeout()" function after handling
> malformed requests. This may be exploited to crash Squid.
> CAN-2005-2796
> ok brad@ (sturm@)
== x11 =============================================================== 16/16 ==
http://www.openbsd.org/cgi-bin/cvsweb/ports/x11
mlterm
~ Makefile ~ pkg/PLIST
> Fix setgid utmp and use our libtool. (naddy@)
windowmaker
- patches/patch-WPrefs_app_po_bg_po - patches/patch-WPrefs_app_po_cs_po
- patches/patch-WPrefs_app_po_es_po - patches/patch-WPrefs_app_po_hr_po
- patches/patch-WPrefs_app_po_it_po - patches/patch-WPrefs_app_po_ru_po
- patches/patch-WPrefs_app_po_zh_CN_po
- patches/patch-WPrefs_app_po_zh_TW_Big5_po
- patches/patch-po_bg_po - patches/patch-po_cs_po
- patches/patch-po_el_po - patches/patch-po_it_po
- patches/patch-po_no_po - patches/patch-po_pl_po
- patches/patch-po_zh_TW_Big5_po - patches/patch-src_actions_c
- patches/patch-src_event_c - patches/patch-src_workspace_c
~ Makefile ~ distinfo
~ patches/patch-WINGs_Makefile_in ~ patches/patch-WINGs_wapplication_c
~ patches/patch-WPrefs_app_Menu_c ~ patches/patch-WPrefs_app_Paths_c
~ patches/patch-WindowMaker_Makefile_in
~ patches/patch-WindowMaker_menu ~ patches/patch-WindowMaker_plmenu
~ patches/patch-configure ~ patches/patch-ltmain_sh
~ patches/patch-util_Makefile_in ~ pkg/PFRAG.shared
~ pkg/PLIST ~ pkg/PLIST-lang
+ pkg/patch-WindowMaker_Defaults_WindowMaker_in
+ pkg/patch-wrlib_Makefile_in
> update to 0.92.0 (wilfried@)
xloadimage
- patches/patch-zio_c ~ Makefile
~ distinfo
TAGGED OPENBSD_3_8
> MFC:
> SECURITY:
> Update to Debian revision 15. Fixes buffer overflows for titles
> in NIFF format images.
> ok brad (sturm@)
===============================================================================
More information about the odc
mailing list