mykola/freebsd-ports
1
0
Fork 0
forked from Lainports/freebsd-ports
Code Pull requests Activity
371869 commits 1 branch 0 tags 6.7 GiB
Commit graph

21494 commits

Author SHA1 Message Date
Dmitry Marakasov
4d5e2f4edb - Fix shebangs 
Approved by:	portmgr blanket
MFH:		2015Q3 (blanket)
 2015-07-14 19:59:09 +00:00
Jimmy Olgeni
7923381cc6 Add security/elixir-comeonin, a password hashing library for Elixir. 2015-07-14 14:31:42 +00:00
Tijl Coosemans
f16f896af3 Use the correct package name for linux-*-flashplugin 
Reported by:	pluknet
 2015-07-14 12:14:01 +00:00
Max Brazhnikov
3dafeaacf5 security/pinentry: 
- Fix build: libassuan is now mandatory dependence
- Explicitly disable GNOME 3 and Emacs versions

MFH:		2015Q3
 2015-07-14 09:14:41 +00:00
Koop Mast
ab8a200529 Use correct <tag> to mark all versions vulnerable. 2015-07-14 08:48:55 +00:00
Koop Mast
3c4341b2cf Add newest flash vulnerabilities CVE-2015-5122 and CVE-2015-5123. 
No fixed version of flash available yet.
 2015-07-14 08:39:50 +00:00
Mark Felder
d0b5c0de83 Document php sqlite3 use-after-free vulnerability 
Change previous entry title to be hyphenated
 2015-07-13 21:05:39 +00:00
Mark Felder
ec3ca64d19 Document php spl use-after-free vulnerability 
No CVE assigned yet
 2015-07-13 21:00:47 +00:00
Mark Felder
81036778fa Document PHP arbitrary code execution. No CVE assigned yet. 
Fix missing blockquote URL in previous entry
 2015-07-13 20:55:38 +00:00
Mark Felder
70252280ce php 5.4 package name is php5, not php54 
Security:	36bd352d-299b-11e5-86ff-14dae9d210b8
 2015-07-13 20:53:37 +00:00
Mark Felder
9bab088577 Document CVE-2015-3152 "BACKRONYM" vulnerability 
PHP resolved in recent releases
MySQL has fixed in 5.7 branch and did not backport to older branches
MariaDB resolved in 5.5.44 and 10.0.20
Percona has not included a fix in any release (5.1, 5.5, or 5.6)

Security:	CVE-2015-3152
 2015-07-13 20:46:04 +00:00
Jung-uk Kim
c65a352eb1 - Update to 0.9.5. 
- Disable LIBSECRET option for GTK2 by default.  It does not work and broke
Thunderbird/Enigmail for me.

Approved by:	makc (maintainer)
MFH:		2015Q3
 2015-07-13 16:45:52 +00:00
Mark Felder
a98f3e6b76 hadoop2 and oozie ports fetch a version of tomcat that is vulnerable 
Security:	25e0593d-13c0-11e5-9afb-3c970e169bc2
Security:	CVE-2014-0230
Security:	CVE-2014-7810
 2015-07-13 13:25:36 +00:00
Jimmy Olgeni
ecf3f773f2 Document CSRF remote execution vulnerability for devel/ipython (CVE pending). 
PR:		201515
Submitted by:	Jason Unovitch
 2015-07-13 08:39:07 +00:00
Mark Felder
a438971041 Document freeradius vulnerability 
PR:		201059
Security:	CVE-2015-4680
 2015-07-13 04:21:14 +00:00
Mark Felder
fef08f60a8 Correct range for non-devel version of v8 
PR:		201450
Security:	864e6f75-2372-11e5-86ff-14dae9d210b8
 2015-07-13 04:08:32 +00:00
Dmitry Marakasov
7b64072cbd - Drop @dirrm* from plist 
Approved by:	portmgr blanket
 2015-07-12 23:55:32 +00:00
Dmitry Marakasov
32e2983554 - Modernize plist 
- Modernize BROKEN

Approved by:	portmgr blanket
 2015-07-12 23:05:37 +00:00
Dmitry Marakasov
a685146479 - Drop @dirrm* from plist 
Approved by:	portmgr blanket
 2015-07-12 23:04:41 +00:00
Dmitry Marakasov
c738ae7af0 - Drop @dirrm* from plist 
Approved by:	portmgr blanket
 2015-07-12 23:03:17 +00:00
Dmitry Marakasov
db5dedcf32 - Switch to @sample 
- Drop @dirrm* from plist
 2015-07-12 22:30:25 +00:00
Mark Felder
aafc1833ae CVE-2015-5380 also affects v8 and v8-devel 
PR:		201450
Security:	864e6f75-2372-11e5-86ff-14dae9d210b8
Security:	CVE-2015-5380
 2015-07-12 22:30:24 +00:00
Dmitry Marakasov
90b7eeea4d - Drop @dirrm* from plist 
Approved by:	portmgr blanket
 2015-07-12 21:54:59 +00:00
Dmitry Marakasov
fba5c42d88 - Switch to @sample 
- Drop @dirrm* from plist

Approved by:	portmgr blanket
 2015-07-12 21:54:50 +00:00
Mark Felder
c1cdfdbf57 Advisory URL was identical; remove duplicate 2015-07-12 20:00:10 +00:00
Mark Felder
654b4c1614 PowerDNS discovered the fix for CVE-2015-1868 was not complete in the 
previous releases.

Security:	64e6006e-f009-11e4-98c6-000c292ee6b8
Security:	CVE-2015-5470
 2015-07-12 19:58:27 +00:00
Mark Felder
9ddc4d79f1 Add note on how to use the new html functionality 2015-07-12 19:40:33 +00:00
Mark Felder
5eaff4b827 Add ability to produce html files for vuxml entries 
This will allow committers to test complex vuxml entries before
submission.

A special thanks to hrs for responding to my plea for this feature

Submitted by:	hrs
 2015-07-12 19:40:07 +00:00
Sunpoet Po-Chuan Hsieh
77a41ef2cb - Add NO_ARCH 2015-07-12 16:07:05 +00:00
John Marino
d856fd137b security/wpa_supplicant: Address security issue (2015-5) 
There was a vulnerability to the WPS_NFC option which is off by default.
The port is being bumped anyway since people using that option will want
the latest version.

PR:		201432
Submitted by:	Jason Unovitch
 2015-07-12 11:22:10 +00:00
Olli Hauer
3f0bbd593b - refelct mod_wsgi3 => mod_wsgi3 update 
- bump PORTREVISION

PR:		201023
Submitted by:	ohauer
 2015-07-12 10:11:33 +00:00
Baptiste Daroussin
73cace0ff5 - Add xen-tools to the list of packages fixed in existing 
XSA-135 / CVE-2015-3209 entry

PR:		201416
Submitted by:	Jason Unovitch <jason.unovitch@gmail.com>
 2015-07-11 17:29:02 +00:00
Baptiste Daroussin
f16fce7ed0 Document all recent xen-kernel and xen-tools security issues 
PR:		201416
Submitted by:	Jason Unovitch <jason.unovitch@gmail.com>
 2015-07-11 17:21:34 +00:00
Vanilla I. Shu
620b4b07c3 Upgrade to 0.025. 2015-07-11 16:31:32 +00:00
Thomas Zander
265ba28a9b - Revive security/chkrootkit 
- Update to upstream version 0.50
- Port has a new maintainer: Lacey Powers <lacey.leanne@gmail.com>

PR:		201297
Submitted by:	lacey.leanne@gmail.com (maintainer)
Reviewed by:	koobs
 2015-07-11 14:40:19 +00:00
Baptiste Daroussin
89cabfa8a6 Document a few pivotx vulnerabilities 2015-07-11 10:14:05 +00:00
Mark Felder
9707ab0395 Update squid entry to reflect new range of affected versions 
Still waiting on CVE assignment

PR:		201374
Security:	150d1538-23fa-11e5-a4a5-002590263bf5
 2015-07-10 13:53:58 +00:00
Dirk Meyer
395843634f - add more manpage links 2015-07-10 13:32:26 +00:00
Xin LI
bee941dbd5 Document wpa_supplicant WPS_NFC option payload length validation 
vulnerability

PR:		201432
Submitted by:	Jason Unovitch
 2015-07-10 00:31:38 +00:00
Xin LI
185c899a20 Document OpenSSL alternative chains certificate forgery vulnerability. 2015-07-09 23:13:27 +00:00
Dirk Meyer
e33a63f84c - Security update to 1.0.2d 
Security: http://openssl.org/news/secadv_20150709.txt
 2015-07-09 20:54:36 +00:00
Li-Wen Hsu
c943e4c8ed - Correct the version range of www/py-django-devel 2015-07-09 16:42:32 +00:00
Mark Felder
2ffcf208a8 document django vulnerabilities 
Security:	37ed8e9c-2651-11e5-86ff-14dae9d210b8
Security:	CVE-2015-5143
Security:	CVE-2015-5144
Security:	CVE-2015-5145
 2015-07-09 15:59:11 +00:00
Mark Felder
35aa5ec869 node and iojs vuln now has a CVE assigned 
Security:	864e6f75-2372-11e5-86ff-14dae9d210b8
Security:	CVE-2015-5380
 2015-07-09 15:23:23 +00:00
Ryan Steinmetz
1a8dc51550 - Update to 5.20 2015-07-09 15:23:21 +00:00
Koop Mast
cf62f99b9c Drop .la files. 
Approved by:	maintainer via IRC
Differential Revision:	https://reviews.freebsd.org/D3011
 2015-07-09 08:04:32 +00:00
Dirk Meyer
d85867e946 - update to 1.0.26 2015-07-08 20:48:51 +00:00
Bernard Spil
ac5722cc60 security/libressl: Update to 2.2.1 
* Minor update from OpenBSD LibreSSL-portable
  * Bumps all SHLIB versions
  * Bumps OPENSSL_SHLIBVER in bsd.openssl.mk
  * Adds UPDATING entry for SHLIB version bump
  * MFH as 2.2.0 already closes several vulns

Changes:

  ftp://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.1-relnotes.txt

Differential revision:	https://reviews.freebsd.org/D2963
Reviewed by:	vsevolod (maintainer/mentor), koobs (mentor)
Approved by:	vsevolod (maintainer/mentor), koobs (mentor)
MFH:		2015Q3
 2015-07-08 19:27:47 +00:00
Tijl Coosemans
1f96f19ce0 Document Adobe Flash Plugin vulnerability (CVE-2015-5119) 2015-07-08 18:58:38 +00:00
Mark Felder
4a43dc4b78 Fix other no-op formatting mistakes for the roundcube entry 
Security:	038a5808-24b3-11e5-b0c8-bf4d8935d4fa
 2015-07-08 17:26:05 +00:00