| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
openjpeg.h wasn't found.
Reported by: fallout
(cherry picked from commit 77dff5bd868790fb078f8d2a38a5ad783daadd8c)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/9ca0c0b4b40...deb36dc6c2e
(cherry picked from commit 13a22d6d428546b6999a8cc97f15c7410fa3d4fd)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/xorg/xserver/-/compare/7cdcdfea0...b9b33d88e
(cherry picked from commit e0b2bfa92c1bd15aac5773f8a44a039cd61b498e)
|
|
|
|
|
|
|
|
| |
MFH: 2022Q2
Security: 25be46f0-f25d-11ec-b62a-00e081b7aa2d
Sponsored by: The FreeBSD Foundation
(cherry picked from commit ddaf3bfe279e3d02f0cac59080ee017ae6eb6e6a)
|
|
|
|
|
|
|
|
| |
MFH: 2022Q2
Security: 25be46f0-f25d-11ec-b62a-00e081b7aa2d
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 22bd4a02d202295805e2287c50db14a8dc795758)
|
|
|
|
|
|
|
|
|
| |
- Brings in latest changes from base. See patches for details.
- Version 9.0 is being worked on but I wanted to fix this issue
before proceeding with bigger changes.
PR: 263753
(cherry picked from commit 272dd07a309c086a4bc97dc015ef7faf4fbf89ca)
|
|
|
|
|
|
|
| |
Changes: https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/e9q0AqO8t2k
Reported by: Repology
(cherry picked from commit 431c06db12e438b0fa1a767f9d028911d32b57d0)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/91.11.0/releasenotes/
(cherry picked from commit 2f7b603e814fc0234ddda5833686c2262644e717)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/102.0/releasenotes/
(cherry picked from commit 1bf197ea1f66b2c08685cdad35c88d74fc6b8035)
|
|
|
|
|
|
|
| |
Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_79_RTM
Reported by: Repology
(cherry picked from commit 57937c6df9434b504e601ac2f36314f1cd80721f)
|
|
|
|
|
|
| |
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit c6a7564417b0fccb7a243921d4646983adf66a5f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Major changes between sudo 1.9.11p2 and 1.9.11p1:
* Fixed a compilation error on Linux/x86_64 with the x32 ABI.
* Fixed a regression introduced in 1.9.11p1 that caused a warning
when logging to sudo_logsrvd if the command returned no output.
PR: 264643
Approved by: garga (maintainer)
(cherry picked from commit 7c653e8c86389002306179a31568c64090f89b56)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Major changes between sudo 1.9.11p1 and 1.9.11:
* Correctly handle EAGAIN in the I/O read/right events. This fixes
a hang seen on some systems when piping a large amount of data
through sudo, such as via rsync. Bug #963.
* Changes to avoid implementation or unspecified behavior when
bit shifting signed values in the protobuf library.
* Fixed a compilation error on Linux/aarch64.
* Fixed the configure check for seccomp(2) support on Linux.
* Corrected the EBNF specification for tags in the sudoers manual
page. GitHub issue #153.
Major changes between sudo 1.9.11 and 1.9.10:
* Fixed a crash in the Python module with Python 3.9.10 on some
systems. Additionally, "make check" now passes for Python 3.9.10.
* Error messages sent via email now include more details, including
the file name and the line number and column of the error.
Multiple errors are sent in a single message. Previously, only
the first error was included.
* Fixed logging of parse errors in JSON format. Previously,
the JSON logger would not write entries unless the command and
runuser were set. These may not be known at the time a parse
error is encountered.
* Fixed a potential crash parsing sudoers lines larger than twice
the value of LINE_MAX on systems that lack the getdelim() function.
* The tests run by "make check" now unset the LANGUAGE environment
variable. Otherwise, localization strings will not match if
LANGUAGE is set to a non-English locale. Bug #1025.
* The "starttime" test now passed when run under Debian faketime.
Bug #1026.
* The Kerberos authentication module now honors the custom password
prompt if one has been specified.
* The embedded copy of zlib has been updated to version 1.2.12.
* Updated the version of libtool used by sudo to version 2.4.7.
* Sudo now defines _TIME_BITS to 64 on systems that define __TIMESIZE
in the header files (currently only GNU libc). This is required
to allow the use of 64-bit time values on some 32-bit systems.
* Sudo's "intercept" and "log_subcmds" options no longer force the
command to run in its own pseudo-terminal. It is now also
possible to intercept the system(3) function.
* Fixed a bug in sudo_logsrvd when run in store-first relay mode
where the commit point messages sent by the server were incorrect
if the command was suspended or received a window size change
event.
* Fixed a potential crash in sudo_logsrvd when the "tls_dhparams"
configuration setting was used.
* The "intercept" and "log_subcmds" functionality can now use
ptrace(2) on Linux systems that support seccomp(2) filtering.
This has the advantage of working for both static and dynamic
binaries and can work with sudo's SELinux RBAC mode. The following
architectures are currently supported: i386, x86_64, aarch64,
arm, mips (log_subcmds only), powerpc, riscv, and s390x. The
default is to use ptrace(2) where possible; the new "intercept_type"
sudoers setting can be used to explicitly set the type.
* New Georgian translation from translationproject.org.
* Fixed creating packages on CentOS Stream.
* Fixed a bug in the intercept and log_subcmds support where
the execve(2) wrapper was using the current environment instead
of the passed environment pointer. Bug #1030.
* Added AppArmor integration for Linux. A sudoers rule can now
specify an APPARMOR_PROFILE option to run a command confined by
the named AppArmor profile.
* Fixed parsing of the "server_log" setting in sudo_logsrvd.conf.
Non-paths were being treated as paths and an actual path was
treated as an error.
PR: 264554
Approved by: garga (maintainer)
(cherry picked from commit 7e42695954c2c1fe0ecdc9ff98323d1a6e9a53f0)
|
|
|
|
|
|
|
|
|
|
|
| |
This a followup to commit 3ee710e0b22309a7e87c71b87bf5510aa8678ed8
sudo-1.9.11 have moved plugins manpages from section 8 to section 5
Pointy hat to: cy
Approved by: portmgr blanket
(cherry picked from commit 39c8b4fa2e8fc9df650ab9863761c637898a0bbb)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Major changes between sudo 1.9.11 and 1.9.10:
* Fixed a crash in the Python module with Python 3.9.10 on some
systems. Additionally, "make check" now passes for Python 3.9.10.
* Error messages sent via email now include more details, including
the file name and the line number and column of the error.
Multiple errors are sent in a single message. Previously, only
the first error was included.
* Fixed logging of parse errors in JSON format. Previously,
the JSON logger would not write entries unless the command and
runuser were set. These may not be known at the time a parse
error is encountered.
* Fixed a potential crash parsing sudoers lines larger than twice
the value of LINE_MAX on systems that lack the getdelim() function.
* The tests run by "make check" now unset the LANGUAGE environment
variable. Otherwise, localization strings will not match if
LANGUAGE is set to a non-English locale. Bug #1025.
* The "starttime" test now passed when run under Debian faketime.
Bug #1026.
* The Kerberos authentication module now honors the custom password
prompt if one has been specified.
* The embedded copy of zlib has been updated to version 1.2.12.
* Updated the version of libtool used by sudo to version 2.4.7.
* Sudo now defines _TIME_BITS to 64 on systems that define __TIMESIZE
in the header files (currently only GNU libc). This is required
to allow the use of 64-bit time values on some 32-bit systems.
* Sudo's "intercept" and "log_subcmds" options no longer force the
command to run in its own pseudo-terminal. It is now also
possible to intercept the system(3) function.
* Fixed a bug in sudo_logsrvd when run in store-first relay mode
where the commit point messages sent by the server were incorrect
if the command was suspended or received a window size change
event.
* Fixed a potential crash in sudo_logsrvd when the "tls_dhparams"
configuration setting was used.
* The "intercept" and "log_subcmds" functionality can now use
ptrace(2) on Linux systems that support seccomp(2) filtering.
This has the advantage of working for both static and dynamic
binaries and can work with sudo's SELinux RBAC mode. The following
architectures are currently supported: i386, x86_64, aarch64,
arm, mips (log_subcmds only), powerpc, riscv, and s390x. The
default is to use ptrace(2) where possible; the new "intercept_type"
sudoers setting can be used to explicitly set the type.
* New Georgian translation from translationproject.org.
* Fixed creating packages on CentOS Stream.
* Fixed a bug in the intercept and log_subcmds support where
the execve(2) wrapper was using the current environment instead
of the passed environment pointer. Bug #1030.
* Added AppArmor integration for Linux. A sudoers rule can now
specify an APPARMOR_PROFILE option to run a command confined by
the named AppArmor profile.
* Fixed parsing of the "server_log" setting in sudo_logsrvd.conf.
Non-paths were being treated as paths and an actual path was
treated as an error.
PR: 264515
Approved by: garga (maintainer)
(cherry picked from commit 3ee710e0b22309a7e87c71b87bf5510aa8678ed8)
|
|
|
|
|
| |
Security: https://vuxml.freebsd.org/freebsd/b2a4c5f1-f1fe-11ec-bcd2-3065ec8fd3ec.html
(cherry picked from commit 80ffbf089df7cc8d4b4879e23f6816fc7e338f7f)
|
|
|
|
|
|
|
| |
PR: 264618
MFH: 2022Q2 (security blanket)
Security: CVE-2022-23935
(cherry picked from commit 37712655fcaaaa0d99082c17db774f63cbd878a8)
|
|
|
|
| |
(cherry picked from commit 4723912355c23bfcedb1e54182985cac7d0e4d48)
|
|
|
|
|
|
|
|
|
|
|
| |
These patches were removed to sync with base where in fact base was
missing these patches and base should have been synced with the ports.
PR: 264238
Fixes: b8477825c2dc42f6c595697a36f593c71f39fbad
c86f32d652eb9dd023049122d8ca37cb13ed07b6
MFH: 2022Q2
(cherry picked from commit 05a849eec9d949b3de32e464570cefbabcd64702)
|
|
|
|
|
|
|
|
|
| |
b8477825c2dc42f6c595697a36f593c71f39fbad removed some non-IBSS patches.
Restore them. We only want to remove the patches that make IBSS use
ADHOC mode.
Fixes: b8477825c2dc42f6c595697a36f593c71f39fbad
(cherry picked from commit c86f32d652eb9dd023049122d8ca37cb13ed07b6)
|
|
|
|
|
|
|
| |
FreeBSD's WPA does support IBSS mode. Remove the hack that forces ADHOC
mode when IBSS is requested.
(cherry picked from commit b8477825c2dc42f6c595697a36f593c71f39fbad)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit 9f3f41a2d27b2018068b9d4c54502a55a8cd343a)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit ac47da76dc061b6eeb4e2b38ef7676d3b8f017a4)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit f183d0432ba5fe9cb06da12593c4c958124cf643)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit 033186cbc065e7a4d2a0d685af288090aa9d9e5d)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit f0089128404290b76d2e6e21c19e842431550d4f)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit e22465db8b6a49e1e0c2754645a036e3cc7de4bc)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit 023d2c907b347af4d4a3f58b9428ed333c9a2474)
|
|
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
(cherry picked from commit 2519bf6ea07f8e5435407c2b9cffda98b343be74)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
hostapd calls pcap_next(3) to read the next packet off the wlan interface.
pcap_next() returns a pointer to the packet header but does not indicate
success or failure. Unfortunately this results in an infinite loop (100%
CPU) when the wlan device disappears, i.e. when a USB wlan device is
manually removed or a USB error results in the device removal. However
pcap_next_ex(3) does return success or failure. To resolve this we use
pcap_next_ex(), forcing hostapd to exit when the error is encountered.
An error message is printed to syslog or stderr when debugging (-d flag)
is enabled. Unfortunately wpa_printf() only works when debugging is enabled.
PR: 253608
Reported by: Damjan Jovanovic <damjan.jov@gmail.com>,
bz (privately)
MFH: 2022Q2
(cherry picked from commit c586ac04eb662dea00ab81b226fa3e41a5110b21)
|
|
|
|
| |
(cherry picked from commit 9137f807f695dd109bf64a5857cbc7bb22b193ad)
|
|
|
|
| |
(cherry picked from commit bffe961d466fd17d1d5f364817afd17486da5cd8)
|
|
|
|
|
|
|
|
|
|
|
| |
The current wpa_supplicant and hostapd have an issue with AR9285.
For the time being bring back wpa_supplicant 2.9 as
security/wpa_supplicant29 and hostpd 2.9 as net/hostapd29 for those
cases that have an issue with wpa_supplicant/hostpad2.10 (in base and
in ports)
PR: 264238
(cherry picked from commit 7150a0c9b1014e445a8266c9080d0bf4738dcc9c)
|
|
|
|
|
| |
Changes: https://github.com/cbsd/cbsd/releases/tag/v13.1.1
(cherry picked from commit 6295bac14600171f1bbce8ffc494edcb79fe6d01)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security
SOLR-15871: Update Log4J to 2.17.1
SOLR-15961: Fix bug in PKIAuthenticationPlugin that can cause a request to fail with 401 Unauthorized instead of re-fetching expired remote keys from other nodes.
SOLR-14569: Configuring a shardHandlerFactory on the /select requestHandler results in HTTP 401 when searching on alias in secured Solr.
SOLR-16022: Enforce special character requirements on passwords with length less than 15
SOLR-16075: ShowFileHandler path parameter is now validated to be relative to instance conf dir in standalone mode
Bugfixes
SOLR-15849: Fix the connection reset problem caused by the incorrect use of 4LW with \n when monitoring zooKeeper status
SOLR-16199: Improve query syntax construction for SQL LIKE clause with phrases and wildcards
SOLR-16143: SolrConfig can miss updates from ZooKeeper when deleting and recreating file items
Changelog:
https://cwiki.apache.org/confluence/display/SOLR/ReleaseNote8_11_2
MFH: 2022Q2
(cherry picked from commit e7f839003a92a531cfdde48560bac7fc5e994aa3)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fetch: https://github.com/intel/media-driver/commit/4a6e36a98c0b.patch: size mismatch: expected 1239, actual 1241
-index 512ef17b9..e81b24859 100755
+index 512ef17b9f..e81b248590 100755
-index 20a3f4bd6..79c252abf 100644
+index 20a3f4bd64..79c252abfd 100644
-index 834a9f40b..7ec0dffdd 100644
+index 834a9f40b6..7ec0dffdd8 100644
-index 3149b20b0..4ce08840e 100755
+index 3149b20b09..4ce08840e4 100755
-index 2d1c3a9ae..8dbc05a5c 100755
+index 2d1c3a9ae0..8dbc05a5c4 100755
Reported by: vishwin
(cherry picked from commit 45816798c94f37842f1c04cea7a8908571411543)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/858cd2797c6...9ca0c0b4b40
(cherry picked from commit a37f6dd56a164cbd28fa414c35cc1a37603f7f07)
|
|
|
|
|
|
|
|
|
|
| |
* Update WWW field to spare redirects.
Changelog since 13.4.2:
https://github.com/ocrmypdf/OCRmyPDF/blob/v13.4.7/docs/release_notes.rst
MFH: 2022Q2
(cherry picked from commit 124a6ff0ea302c64d24d5787d82a828fd5c6bdcc)
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://raw.githubusercontent.com/openMSX/openMSX/RELEASE_18_0/doc/release-notes.txt
PR: 264702
Reported by: dmenelkir@gmail.com
MFH: 2022Q2 (bugfix release)
(cherry picked from commit 9a977dacf7c5cfb34907170d78327cc6deb41e69)
|
|
|
|
|
|
| |
Changes: https://github.com/strawberrymusicplayer/strawberry/releases/tag/1.0.5
PR: 264703
(cherry picked from commit 61abe40475bcb496f17c0d677fb2e84f3fb8fded)
|
|
|
|
|
| |
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/d301883aba5...858cd2797c6
(cherry picked from commit 4178320ebadf686a58232ebd7af7a8f7d767fdfc)
|
|
|
|
|
|
|
| |
Changes: https://github.com/alexheretic/ab-av1/releases/tag/v0.3.3
Reported by: GitHub (watch releases)
(cherry picked from commit 60ce303bb882aa62ddec6fdec165491059d8deb0)
|
|
|
|
|
|
|
|
|
|
|
| |
Details:
- Buxfix and documentation improvements,
https://github.com/traefik/traefik/releases/tag/v2.7.1
- No known breaking configuration changes:
https://doc.traefik.io/traefik/migration/v2/
MFH: 2022Q2
(cherry picked from commit 505cc55fdc65402c124754c04dd4a96ff628dc39)
|
|
|
|
|
|
| |
Reported by: Tor Project notification
(cherry picked from commit 4b03f85d7a63f521983071684bdd8f700418289e)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog: https://github.com/mongodb/mongo/releases/tag/r5.0.9
* Remove limits on number of LDAP connections per host
* Detect namespace changes when refreshing Collection after yielding
* Sharding an empty collection releases the critical section too early
* Mongos fails to attach RetryableWrite Error Label For Command Interrupted
In _parseCommand
* Fix search near returning wrong key/value sometimes when key doesn't exist
PR: 264341
Reported by: ulassayginim@gmail.com
MFH: 2022Q2 (many bugfixes)
(cherry picked from commit af13f94fea8c1df77c5a6451375c6f1afb91a6e5)
|
|
|
|
| |
(cherry picked from commit 00ee9c96c68c854851905e3a7480fbe215efe722)
|
|
|
|
|
|
| |
Changes: https://github.com/sparklemotion/mechanize/releases
Security: CVE-2022-31033
(cherry picked from commit aa06ae53edda95e3e2665e482f1fabb89ae0b585)
|
|
|
|
|
|
| |
Changes: https://github.com/rack/rack/blob/2-2-stable/CHANGELOG.md
Security: CVE-2022-30122, CVE-2022-30123
(cherry picked from commit 7ae341b5b0146ce4be34f54941912d16b29345a0)
|
|
|
|
|
|
| |
Changes: https://github.com/rails/rails-html-sanitizer/releases
Security: CVE-2022-32209
(cherry picked from commit 4b00ec2723dbeadc9591dcdef08232184ca5774a)
|
|
|
|
|
|
| |
Changes: https://www.rarlab.com/rarnew.htm
Security: CVE-2022-30333
(cherry picked from commit bab9aff6d2b9de43e997d152646c9e13d774203a)
|