- Update to latest stable version 2.4.2
- Add UPDATING entry
- Remove OPENSSL_VERSION_NUMBER patch
- Change post-install targets to post-stage where possible
- Bump libcrypto version in version.mk
PR: 211701
- Fix in CegoNet::connect, the global vars __dateTimeFormat,
__currencySymbol and __decimalPoint are set up now to appropriate
defaults
Submitted by: Bjoern Lemke <lemke@lemke-it.com>
Be more explicit in the title of the PostgreSQL entry as to the nature
of the vulnerabilities. Remove possibly subjective description of the
severity (minor) from the title, err on the side of allow users to make
the assessment based on their environments instead.
Approved by: feld (ports-secteam)
versions of our database system, including 9.5.4, 9.4.9, 9.3.14, 9.2.18 and
9.1.23. This release fixes two security issues. It also patches a number of
other bugs reported over the last three months. Users who rely on security
isolation between database users should update as soon as possible. Other users
should plan to update at the next convenient downtime.
If you are using the ICU patch, please consult UPDATING.
Improve periodic cleanup, suggested by claudius (at) ambtec.de. [1]
PR: 210941 [1]
Security: CVE-2016-5423, CVE-2016-5424
NASTRAN is the NASA Structural Analysis System, a finite element analysis
program (FEA) completed in the early 1970's. It was the first of its kind
and opened the door to computer-aided engineering.
For reference, the Wikipedia keeps some description of this historical
package:
https://en.wikipedia.org/wiki/Nastran
PR: 211739
Approved by: koobs
Growl is a MACOSX application that listen to notifications sent by
applications and displays them on the desktop using different display
styles. Net_Growl offers the possibility to send notifications to Growl
from your PHP application through network communication using UDP.
Sponsored by: Rubicon Communications (Netgate)
Remove support of Rails 3 since we are obsoleting this version from the
ports-tree. This fixes the fallout-message to ruby@.
Also DEPRECATE rubygem-devise-rails4 in favor of rubygem-devise
and adjust dependencies of security/rubygem-devise-two-factor and
www/gitlab.
Approved by: pi (mentor)
People always go to the end and see that it's 999 and that we must be
out of entries. Now, they'll just have to pick a free entry.
Generated with (should be idempotent):
awk -F: '$3>=100 && $3 < 1000 && $3 != old+1 && !/^#/ {while (old+1 <= $3-1) {old=old+1; print "# free: "old}} /^# free/ {next} {print; old=$3}' UIDs
Discussed with: swills (on irc)
Sponsored by: Absolight
We're exceptionnaly using the latest release candidates for this, Perl
5.22.3 and 5.24.1 were about to be released when CVE-2016-1238 hit the
fan, so we feel confident that EVERYTHING WILL BE FINE.
- lang/perl5.24 goes to 5.24.1-RC2.
- lang/perl5.22 goes to 5.22.3-RC2.
- lang/perl5.20 goes to 5.20.3_14.
- lang/perl5.18 goes to 5.18.3_23
PR: 211561
Reported by: Sevan Janiyan
MFH: 2016Q3
Security: CVE-2016-1238
Sponsored by: Absolight
- Update PORTVERSION and distinfo checksum (4.1.5)
- Update pkg-plist accordingly (library minor version bump)
- Update MASTER_SITES (upstream moved to GitHub releases)
- Add MANPAGES option and dependencies (xmlto/asciidoc (sorry!) as they
now need to be built. Add OPTIONS_SUB and update pkg-plist accordingly
- Re-patch configure after minor updates since 4.1.4
- Sort pkg-plist
PR: 211306 (part two of two)
Submitted by: Eric Camachat <eric camachat org>
Tools for generating IP based Geo-block-ing and Geo-routing tables in
order to configure the system's firewall and/or routing facilities
In general, routing is determined by destination IP addresses, and access
control by the firewall is established by selectors that can be attrib-
uted to incoming and outgoing IP packets, like physical interfaces on
which the packets are going, source and target IP addresses, protocol
types, port numbers, content types and content, etc. The Geo-location
would be just another selector, but this information is not carried
explicitly with IP packets, however, it can be obtained using an IP
address as a key for looking-up the location in an IP database.
Online databases do exist, but these are usually limited to single queries
and in addition the look-up in an online database is by far too slow for
even thinking about being utilized at the firewall level, where IP packets
need to be processed in a microsecond time scale. Therefore, a locally
maintained Geo-location database is indispensable in the given respect.
The System's own routing and filtering tables can be configured to do
these tasks if there is a source of the appropriate data. The ipdbtools(1)
are designed to provide this data and to assist managing and using it.
WWW: https://cyclaero.github.io/ipdb/
PR: 211744
Submitted by: cyclaero@gmail.com
databases/cego: 2.30.21 -> 2.30.23
lfcbase:
- Improvements for BigDecimal class
All values are normalized now and stored now with non trailing zeros
cego:
- Fixes for cast operations regarding values for type fixed
- Fix in CegoClient, global vars __currencySymbol and __decimalPoint
still have not been set up correctly, done in the same way as for
CegoMain on server side
- Added verify005.sql to dbcheck suite to verify cast operations
Submitted by: Bjoern Lemke <lemke@lemke-it.com>
command-line options. According to POSIX, string comparisons (and
hence sorting) are to be performed based on the locale's collating
order. Alas GNU AWK only does so in POSIX mode, whereas starting
with FreeBSD 11 we do so by default, running into a bug (or false
assumption) with that script used by GCC.
Setting MAKE_ARGS such that AWK is always invoked in the C locale
works around this bug.
PR: 211742
Submitted by: jkim
