Temporary fix, but will stop the flurry of incoming PRs related.
PR: ports/161779 ports/161774 ports/161791 ports/161771 ports/161769
Submitted by: Many people, original fix suggested by Jason Helfman (jhelfman@e-e.com)
Approved by: portmgr (pav)
- Remove repcached patch and support
- Fix rc script for startup case [1]
PR: ports/161802 [1]
Submitted by: "Oleg A. Mamontov" <oleg@mamontov.net> [1]
for all active branches of the PostgreSQL object-relational database system,
including versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22.
All users are strongly urged to update their installations at the next
scheduled downtime.
URL: http://www.postgresql.org/about/news.1355
Cleanup ports. Better handling of the knob PG_USER.
Also add uuid to 9.0 and 9.1 contrib ports.
- make use of optimizations by default, where possible
(quad flavor to follow shortly, and mpi at a later date)
Suggestions and patches from: ache, C. Burns, wen
of security fixes in the announcement message and changelog, all of
the fixes were already applied in the previous port update (to
3.4.6-rc1). In fact, diff'ing the distfile tarballs between 3.4.6-rc1
and 3.4.6 shows that the only change is to update the version number.
Announcement message:
"Welcome to phpMyAdmin 3.4.6, a bugfix and minor security release.
Please refer to the upcoming PMASA-2011-15 and -16 announcements on
http://www.phpmyadmin.net/home_page/security.
Details will appear on http://phpmyadmin.net.
Marc Delisle, for the team"
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.4.6/phpMyAdmin-3.4.6.html/download
The advisories PMASA-15 and PMASA-16 still have not yet been published.
PR: ports/161709
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
no one has stepped up to deal with:
archivers/pecl-phar Vulnerable since 2011-01-13
comms/libsyncml Depends on devel/libsoup22, which is FORBIDDEN
databases/mysql323-server Vulnerable since 2006-10-29
databases/mysql323-client Vulnerable since 2006-10-29
databases/mysql323-scripts Vulnerable since 2006-10-29
databases/mysql40-server Vulnerable since 2006-10-29
databases/mysql40-client Vulnerable since 2006-10-29
databases/mysql40-scripts Vulnerable since 2006-10-29
databases/p5-DBD-mysql40
Depends on databases/mysql40-server, which is FORBIDDEN
deskutils/buoh Depends on devel/libsoup22, which is FORBIDDEN
deskutils/libopensync-plugin-syncml
Depends on comms/libsyncml, which is DEPRECATED
devel/libsoup22 Vulnerable since 2011-07-28
dns/bind9-sdb-ldap Vulnerable since 2011-06-04
dns/bind9-sdb-postgresql Vulnerable since 2011-06-04
ftp/wgetpro Vulnerable since 2004-12-14
games/quake2forge Vulnerable since 2005-01-21
graphics/linux-tiff Vulnerable since 2004-10-13
japanese/mutt Vulnerable since 2007-07-29
japanese/asterisk14-sounds Depends on net/asterisk14, which is FORBIDDEN
net/asterisk14 Vulnerable since 2011-06-25
net/isc-dhcp31-client Vulnerable since 2011-04-10
net/isc-dhcp31-server Vulnerable since 2011-04-10
net/isc-dhcp31-relay Vulnerable since 2011-04-10
net/asterisk-app-ldap Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-app-notify Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-oh323
Depends on net/asterisk14, which is FORBIDDEN, does not compile on sparc64
net/asterisk14-addons Depends on net/asterisk14, which is FORBIDDEN
net/astfax Depends on net/asterisk14, which is FORBIDDEN
net-mgmt/nagios2 Vulnerable since 2009-06-30
www/gforge Vulnerable since 2005-08-09
www/linux-flashplugin7 Vulnerable since at least 2008-05-30
www/opera-devel Vulnerable since 2010-06-25, does not fetch
www/plone3 Vulnerable and unsupported upstream
www/serendipity-devel Vulnerable since 2008-04-25
www/ziproxy Vulnerable since 2010-06-15
www/asterisk-gui Depends on net/asterisk14, which is FORBIDDEN
x11-toolkits/linux-pango Vulnerable since 2009-05-13
