[odc] Daily ports changes for 2012-03-21

ODC auto at squish.net
Thu Mar 22 07:00:24 GMT 2012 

OpenBSD ports changes summary for 2012-03-21
============================================

archivers/libzip                        audio/audacious
audio/audacious-plugins                 audio/hgd
audio/xmp                               multimedia/subrip
multimedia/subtitleripper               net
net/centerim                            net/maradns-deadwood
security/gnutls                         security/vpnc
sysutils/conky                          www/minitube
x11/vlc                                 

== archivers ========================================================= 01/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/archivers

libzip

  ~ Makefile                              ~ distinfo

  > SECURITY update to libzip 0.10.1
  > CVE-2012-1162 heap overflow on corrupted zip files
  > CVE-2012-1163 integer overflow
  > more info at http://www.openwall.com/lists/oss-security/2012/03/21/2
  > (sthen@)

== audio ============================================================= 02/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/audio

audacious

  ~ Makefile                              
  ~ patches/patch-src_libaudcore_Makefile
  + patches/patch-configure_ac            

  > Various fixes following audacious' update.
  > - For audacious:
  > devel/mcs is no longer a dependency
  > "--disable-sse2" configure flag no longer exists
  > libexecinfo is useless (backtrace() isn't used anywhere)
  > fix libpthread linkage ("-lpthread" -> "-pthread")
  > fix WANTLIB
  > - For audacious-plugins:
  > zap jack subpackage, since now Jack2>=1.9.7 is required
  > remove configure flags that no longer exist
  > do not pick hidden dependencies up if they're installed
  > fix libpthread linkage ("-lpthread" -> "-pthread")
  > fix configure failing to correctly detect required libraries due
  > to undefined references (wrong linking)
  > pass "--disable-ffaudio" to configure since it wants a ffmpeg newer
  > than the one we have
  > fix WANTLIB and CONFIGURE_ENV
  > - For xmp:
  > zap audacious subpackage: it's broken beyond any repair with audacious-3.2
  > OK ajacoutot@ (dcoppa@)

audacious-plugins

  - pkg/DESCR-jack                        - pkg/DESCR-main
  - pkg/PLIST-jack                        - pkg/PLIST-main
  ~ Makefile                              ~ patches/patch-configure_ac
  + pkg/DESCR                             + pkg/PLIST

  > Various fixes following audacious' update.
  > - For audacious:
  > devel/mcs is no longer a dependency
  > "--disable-sse2" configure flag no longer exists
  > libexecinfo is useless (backtrace() isn't used anywhere)
  > fix libpthread linkage ("-lpthread" -> "-pthread")
  > fix WANTLIB
  > - For audacious-plugins:
  > zap jack subpackage, since now Jack2>=1.9.7 is required
  > remove configure flags that no longer exist
  > do not pick hidden dependencies up if they're installed
  > fix libpthread linkage ("-lpthread" -> "-pthread")
  > fix configure failing to correctly detect required libraries due
  > to undefined references (wrong linking)
  > pass "--disable-ffaudio" to configure since it wants a ffmpeg newer
  > than the one we have
  > fix WANTLIB and CONFIGURE_ENV
  > - For xmp:
  > zap audacious subpackage: it's broken beyond any repair with audacious-3.2
  > OK ajacoutot@ (dcoppa@)

  ~ files/Makefile                        

  > Remove old cruft ("${MOWGLI_CFLAGS}"), missed in previous commit.
  > No bump needed. (dcoppa@)

hgd

  - patches/patch-configure               - patches/patch-hgd-netd_c
  - patches/patch-hgd-playd_c             ~ Makefile
  ~ distinfo                              

  > Update to hgd-0.5.3. A bugfix release. (edd@)

xmp

  - pkg/DESCR-audacious                   - pkg/PLIST-audacious
  ~ Makefile                              

  > Various fixes following audacious' update.
  > - For audacious:
  > devel/mcs is no longer a dependency
  > "--disable-sse2" configure flag no longer exists
  > libexecinfo is useless (backtrace() isn't used anywhere)
  > fix libpthread linkage ("-lpthread" -> "-pthread")
  > fix WANTLIB
  > - For audacious-plugins:
  > zap jack subpackage, since now Jack2>=1.9.7 is required
  > remove configure flags that no longer exist
  > do not pick hidden dependencies up if they're installed
  > fix libpthread linkage ("-lpthread" -> "-pthread")
  > fix configure failing to correctly detect required libraries due
  > to undefined references (wrong linking)
  > pass "--disable-ffaudio" to configure since it wants a ffmpeg newer
  > than the one we have
  > fix WANTLIB and CONFIGURE_ENV
  > - For xmp:
  > zap audacious subpackage: it's broken beyond any repair with audacious-3.2
  > OK ajacoutot@ (dcoppa@)

== multimedia ======================================================== 03/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/multimedia

subrip

  ~ Makefile                              ~ files/Makefile
  + patches/patch-vobsub_c                

  > switch to libc getline(3). (fgsch@)

subtitleripper

  ~ Makefile                              ~ patches/patch-Makefile

  > switch to libc getline(3). (fgsch@)

== net =============================================================== 04/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/net

net

  ~ Makefile                              

  > +centerim (ajacoutot@)

  ~ Makefile                              

  > +maradns-deadwood (sthen@)

centerim

  + distinfo                              + Makefile
  + pkg/DESCR                             + pkg/PLIST
  + patches/patch-connwrap_connwrap_c     + patches/patch-m4_iconv_m4
  + patches/patch-m4_gettext_m4           + patches/patch-configure_ac

  > New import:
  >	Import centerim-4.22.10.

maradns-deadwood

  + Makefile                              + distinfo
  + patches/patch-src_Makefile            + patches/patch-doc_dwood3rc
  + pkg/PLIST                             + pkg/DESCR
  + pkg/deadwood.rc                       

  > New import:
  >	import ports/net/maradns-deadwood, ok/tweak suggested by gsoares@

== security ========================================================== 05/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/security

gnutls

  ~ Makefile                              ~ distinfo

  > update to gnutls 2.2.18, OK ajacoutot@
  > - minitasn1: Upgraded to libtasn1 version 2.12 (pre-release).
  > - Corrected SRP-RSA ciphersuites when used under TLS 1.2.
  > - Fixed leaks in key generation. (sthen@)

vpnc

  ~ Makefile                              + patches/patch-sysdep_h

  > switch to libc getline(3). (fgsch@)

== sysutils ========================================================== 06/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/sysutils

conky

  ~ Makefile                              

  > Unbreak after audacious' update (dcoppa@)

== www =============================================================== 07/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/www

minitube

  ~ Makefile                              ~ distinfo
  ~ pkg/PLIST                             

  > Bugfix update to Minitube 1.7.1
  > ok pirofti@ (maintainer), sthen@ (dcoppa@)

== x11 =============================================================== 08/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/ports/x11

vlc

  ~ Makefile                              
  + patches/patch-modules_access_mms_mmstu_c
  + patches/patch-modules_access_rtsp_real_c
  + patches/patch-modules_demux_ty_c      + patches/patch-src_text_strings_c
  + patches/patch-src_text_unicode_c      

  > SECURITY:
  > - MMS: Fix stack overflow. SA-1201
  > - RealRTSP: Fix heap overflows. SA-1202
  > - ty: Fix out of bound read on corrupt files.
  > - Avoid char conversion in strchr().
  > - Fix surrogate detection.
  > from Brad (maintainer) (ajacoutot@)

===============================================================================

More information about the odc mailing list