| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r509786, r509788, r509790, r509795, r509799, r509800, r509801, r509805,
r509852, r509853, r510385, r510930, r511571, r511572, r511576, r511594,
r511595, r511597, r511647, r511702, r511746, r511748, r511900
Merge linux-c7 fixes and prerequisite updates. This is mostly about
missing dependencies and making ALSA OSS plugin work.
Approved by: ports-secteam (blanket)
Notes:
svn path=/branches/2019Q3/; revision=512491
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gecko: don't require gconf on non-Gnome2 desktops
Take advantage of lazy bindings by not requiring runtime dependency.
DBus is required under Wayland (Gecko-specific) and for MIME handling
but GConf2 is useless outside of Gnome2. So, only use GConf2 if it's
already installed (similar to PulseAudio).
PR: 240323
Approved by: ports-secteam blanket
Notes:
svn path=/branches/2019Q3/; revision=511178
|
|
|
|
|
|
|
|
|
| |
www/firefox: bump required rust version after r509978
Approved by: ports-secteam blanket
Notes:
svn path=/branches/2019Q3/; revision=511173
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
iThe PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 11.5, 10.10,
9.6.15, 9.5.19, and 9.4.24, as well as the third beta of PostgreSQL 12.
This release fixes two security issues in the PostgreSQL server, two
security issues found in one of the PostgreSQL Windows installers, and
over 40 bugs reported since the previous release.
Users should install these updates as soon as possible.
A Note on the PostgreSQL 12 Beta
================================
In the spirit of the open source PostgreSQL community, we strongly
encourage you to test the new features of PostgreSQL 12 in your database
systems to help us eliminate any bugs or other issues that may exist.
While we do not advise you to run PostgreSQL 12 Beta 3 in your
production environments, we encourage you to find ways to run your
typical application workloads against this beta release.
Your testing and feedback will help the community ensure that the
PostgreSQL 12 release upholds our standards of providing a stable,
reliable release of the world's most advanced open source relational
database.
Security Issues
===============
Two security vulnerabilities have been closed by this release:
* CVE-2019-10208: `TYPE` in `pg_temp` executes arbitrary SQL during
`SECURITY DEFINER` execution
Versions Affected: 9.4 - 11
Given a suitable `SECURITY DEFINER` function, an attacker can execute
arbitrary SQL under the identity of the function owner. An attack
requires `EXECUTE` permission on the function, which must itself contain
a function call having inexact argument type match. For example,
`length('foo'::varchar)` and `length('foo')` are inexact, while
`length('foo'::text)` is exact. As part of exploiting this
vulnerability, the attacker uses `CREATE DOMAIN` to create a type in a
`pg_temp` schema. The attack pattern and fix are similar to that for
CVE-2007-2138.
Writing `SECURITY DEFINER` functions continues to require following the
considerations noted in the documentation:
https://www.postgresql.org/docs/devel/sql-createfunction.html#SQL-CREATEFUNCTION-SECURITY
The PostgreSQL project thanks Tom Lane for reporting this problem.
* CVE-2019-10209: Memory disclosure in cross-type comparison for hashed
subplan
Versions Affected: 11
In a database containing hypothetical, user-defined hash equality operators, an
attacker could read arbitrary bytes of server memory. For an attack to become
possible, a superuser would need to create unusual operators. It is possible
for operators not purpose-crafted for attack to have the properties that enable
an attack, but we are not aware of specific examples.
The PostgreSQL project thanks Andreas Seltenreich for reporting this problem.
Approved by: ports-secteam@
Notes:
svn path=/branches/2019Q3/; revision=509493
|
|
|
|
|
|
|
|
|
|
|
|
| |
bsd.sites.mk: Update xorg mirrors
Update the xorg mirrors list, removing dead mirrors, and sort the list to
prioritize https sites over http sites.
Approved by: ports-secteam (joneum)
Notes:
svn path=/branches/2019Q3/; revision=509176
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Force ports depending on a fetch target to actually run checksum.
This prevents an improbable MITM attack on dependencies where the target
is "fetch" and the port is built manuallt. (Which means a port depends
on a dependency being fetched, but not built or anything else.) In this
case, as the target is only "fetch", the distribution files of the
dependency are not checked against the dependency's distinfo file. One
could, in theory, impersonate the dependency's master site and provide a
malicious distribution file.
The ports that could in theory be affected are russian/gd, ukrainian/gd,
and ukrainian/webalizer. They are only affected when building manually,
as when building with poudriere, the *-depends target do not have
network access, and the build would fail if the distribution files are
not already present. (From the dependencies being built normally, where
checksum would have ran.)
The detail is described here:
https://www.reddit.com/r/BSD/comments/br62hm/freebsd_cryptographic_bypass_and_mitmbased/
Reported by: emaste (on IRC)
Reviewed by: swills emaste antoine
Differential Revision: https://reviews.freebsd.org/D21230
Notes:
svn path=/branches/2019Q3/; revision=508820
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make it clear that <version-spec> is a declarative not imperative
specification to declare what version of Python a port or software
*supports*, not the versions it should *use*.
The version that gets selected is a function of Python.mk, DEFAULT_VERSIONS
which change over time, and can be overridden or otherwise set by the user.
While I'm here, add a special note about bare USES=python (without a
<version-spec>), which is likely to be deprecated at some point down the
line. In the meantime, describe what the semantics of not specifying a
<version-spec> entails, and encourage minimisation of its use where
appropriate.
Approved by: koobs (python, maintainer)
Notes:
svn path=/head/; revision=505730
|
|
|
|
| |
Notes:
svn path=/head/; revision=505727
|
|
|
|
|
|
|
|
|
|
|
| |
Changes: https://www.mozilla.org/firefox/68.0/releasenotes/
PR: 238087
Security: 0592f49f-b3b8-4260-b648-d1718762656c
MFH: 2019Q2
Differential Revision: https://reviews.freebsd.org/D20391
Notes:
svn path=/head/; revision=505639
|
|
|
|
|
|
|
|
|
|
| |
PR: 238365
Submitted by: ale
Exp-run by: antoine
Approved by: portmgr (antoine)
Notes:
svn path=/head/; revision=505549
|
|
|
|
|
|
|
|
| |
Suggested by: cem
Sponsored by: DellEMC
Notes:
svn path=/head/; revision=505522
|
|
|
|
| |
Notes:
svn path=/head/; revision=505443
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Switch mesa over to use llvm80 instead of llvm60. Make it use the
global LLVM_DEFAULT instead of deciding for ourself which llvm version
to use. [1]
Fix build of lang/beginet [1]
Add patch from upstream to fix build of devel/libclc. The patch is taken
from the git mirror of devel/libclc rather than the SVN repo, for
convenience.
Add a patch from mesa upstream preventing certain error messages when using
amdgpu [2]
Add a notice to bsd.default-versions.mk asking that the graphics team be
informed before the llvm version is changed.
Enable llvm and gallium on MIPS. As far as I can tell, this used to
be the default before this change.
Bump portrevisions since dependencies changed.
PR: 230789 [1], [2]
Submitted by: jbeich [1], tobik [2]
Obtained from: FreeBSD Graphics Team development repo
https://github.com/FreeBSDDesktop/freebsd-ports/commits/feature/mesa-llvm80
Sponsored by: B3 Init (zeising)
Notes:
svn path=/head/; revision=505425
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows for port testing with lang/go-devel via GO_PORT, setting
up the Go build environment in a single place, and is step one in
simplifying Go ports that often define too complicated do-build
targets themselves.
USES=go gains new arguments 'run' to add lang/go to RUN_DEPENDS and
'no_targets' for ports with composite builds that call 'go' themselves
and do not need the do-build/do-install targets of USES=go.
PR: 238849
Submitted by: dg@syrec.org (also D20745)
Reviewed by: mat, tobik
Exp-run by: antoine
Differential Revision: https://reviews.freebsd.org/D20746
Notes:
svn path=/head/; revision=505321
|
|
|
|
|
|
|
|
|
| |
PR: 238142
Submitted by: sunpoet (myself)
Approved by: maintainer (timeout, 1 month)
Notes:
svn path=/head/; revision=505173
|
|
|
|
|
|
|
|
|
| |
Submitted by: rene
Reviewed by: mat, tcberner
Differential Revision: https://reviews.freebsd.org/D20725
Notes:
svn path=/head/; revision=505150
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This file originated from Isilon's codebase. When I upstreamed it
originally I refactored it to a broken version. This is now the
working version.
Debug files are purposely moved to LOCALBASE/lib/debug regardless
of what PREFIX is.
Sponsored by: DellEMC
Notes:
svn path=/head/; revision=505131
|
|
|
|
| |
Notes:
svn path=/head/; revision=505130
|
|
|
|
|
|
|
|
| |
It splits out symbols to PREFIX as well not LOCALBASE. Fix
check-stagedir.sh for that.
Notes:
svn path=/head/; revision=505129
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tuesday, 25 June 2019. Today KDE releases a Bugfix update to KDE Plasma 5,
versioned 5.16.2. Plasma 5.16 was released in June with many feature
refinements and new modules to complete the desktop experience.
This release adds a week's worth of new translations and fixes from KDE's
contributors. The bugfixes are typically small but important and include:
* Klipper Always restore the last clipbboard item. Commit.
* Discover: Improved notification identification for Snap applications.
* Notifications: Don't keep non-configurable notifications in history.
Announcement:
https://kde.org/announcements/plasma-5.16.2.php
The changelog can be found here:
https://kde.org/announcements/plasma-5.16.1-5.16.2-changelog.php
Notes:
svn path=/head/; revision=505128
|
|
|
|
|
|
|
|
| |
PR: 238747
Submitted by: Ting-Wei Lan <lantw44@gmail.com>
Notes:
svn path=/head/; revision=505069
|
|
|
|
|
|
|
| |
security/theonionbox requires py-futures>=3.2.
Notes:
svn path=/head/; revision=504981
|
|
|
|
|
|
|
|
|
|
|
| |
This is intended to be used for regression testing of USES=go ports
with lang/go-devel.
Submitted by: dg@syrec.org
Differential Revision: https://reviews.freebsd.org/D20570
Notes:
svn path=/head/; revision=504942
|
|
|
|
|
|
|
|
|
|
| |
real program
PR: 238719
Approved by: tcberner (mentor, implicit)
Notes:
svn path=/head/; revision=504637
|
|
|
|
|
|
|
|
| |
Announcement:
https://kde.org/announcements/plasma-5.16.1.php
Notes:
svn path=/head/; revision=504588
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Update XFCE Master sites list
Submitted by: olivierd
Reviewed by: mat
Approved by: portmgr (mat)
Differential Revision: https://reviews.freebsd.org/D8416
Notes:
svn path=/head/; revision=504557
|
|
|
|
|
|
|
|
| |
Announcement:
https://kde.org/announcements/plasma-5.16.0.php
Notes:
svn path=/head/; revision=504246
|
|
|
|
|
|
|
|
| |
Exp-run by: antoine
PR: 238414
Notes:
svn path=/head/; revision=504240
|
|
|
|
|
|
|
|
|
| |
in the tree aka GCC_DEFAULT. It should still work if one simply uses
it, but given that GCC 6 has been end-of-lifed last year and lang/gcc6
deprecated, let's not actively promote its usage any longer.
Notes:
svn path=/head/; revision=504198
|
|
|
|
|
|
|
| |
Obtained from: upstream (via Gentoo)
Notes:
svn path=/head/; revision=504160
|
|
|
|
|
|
|
|
| |
Need to do it still after stripping away @comment though.
The @dir handling could probably be improved as well somehow.
Notes:
svn path=/head/; revision=504140
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
executable into /bin/, that sets some environment variables to workaround
https://github.com/haskell/cabal/issues/5997
While there, update bunch of Haskell ports, install their data files.
PR: 237878
Reviewed by: tcberner
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D20556
Notes:
svn path=/head/; revision=504093
|
|
|
|
| |
Notes:
svn path=/head/; revision=504026
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
supports it.
Lzip offers better compression ratios and archival features compared to
more common .gz or .xz formats, and is being used by some software when
packaging their distfiles.
Approved by: portmgr (rene)
Differential Revision: https://reviews.freebsd.org/D20619
Notes:
svn path=/head/; revision=504008
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This uses the same pattern we have in qa.sh. Rather than using file(1),
which reads the whole file and does too much magic, use readelf(1) which
bails out if the file lacks the proper ELF headers.
(This file is not yet used by anything)
Sponsored by: DellEMC
Notes:
svn path=/head/; revision=503998
|
|
|
|
| |
Notes:
svn path=/head/; revision=503958
|
|
|
|
|
|
|
|
|
|
| |
It can be used to overwrite the --path argument when calling `cargo
install` to point cargo to different local crates to install. This
might be necessary when ${WRKSRC}/Cargo.toml is only a virtual
manifest.
Notes:
svn path=/head/; revision=503890
|
|
|
|
|
|
|
|
| |
Approved by: portmgr (mat)
Differential Revision: https://reviews.freebsd.org/D20426
Notes:
svn path=/head/; revision=503781
|
|
|
|
|
|
|
| |
This puts all version information together in the port Makefiles.
Notes:
svn path=/head/; revision=503726
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds some new ports:
converters/linux-c7-fribidi required by x11-toolkits/linux-c7-pango.
graphics/linux-c7-libglvnd required by graphics/linux-c7-dri.
graphics/linux-c7-wayland required by graphics/linux-c7-dri.
print/linux-c7-freetype unbundled from emulators/linux_base-c7 because it
depends on graphics/linux-c7-png now.
Mesa OpenGL libraries in graphics/linux-c7-dri now support libglvnd (GL
Vendor-Neutral Dispatch library) which allows some applications to use
Mesa while others use Nvidia OpenGL. The x11/nvidia-driver* ports have
been changed so versions above 390.42 now use CentOS libglvnd and no longer
install a bundled copy.
PR: 229431
Submitted by: pkubaj (partly)
Notes:
svn path=/head/; revision=503722
|
|
|
|
|
|
|
| |
https://kde.org/announcements/announce-applications-19.04.2.php
Notes:
svn path=/head/; revision=503611
|
|
|
|
|
|
|
|
|
| |
shown on installation only.
Differential Revision: https://reviews.freebsd.org/D20510
Notes:
svn path=/head/; revision=503575
|
|
|
|
|
|
|
|
| |
PR: 238320
Submitted by: Jeroen Pulles
Notes:
svn path=/head/; revision=503508
|
|
|
|
|
|
|
| |
With hat: portmgr
Notes:
svn path=/head/; revision=503475
|
|
|
|
|
|
|
| |
the tree. The default for GCC remains version 8 for the time being.
Notes:
svn path=/head/; revision=503446
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remain backward compatible but use ucl for the pkg-messages, which allows to:
- append messages one after the other
- only print message on delete, install, upgrade from a version to another
If pkg-message starts with a [ we consider it should be a valid ucl file
The format is the following:
[
{ message: "Always print" },
{ message: "package being removed", type: remove },
{ message: "package being installed", type: install },
{ message: "package is being upgraded", type: upgrade },
{ message: "Upgrading from lower than 1.0", maximum_version: "1.0", type: upgrade },
{ message: "Upgrading from higher than 1.0", minimum_version: "1.0", type: upgrade },
{ message: "Upgrading from >1.0 < 3.0", maximum_version: "3.0", minimum_version: "1.0",
]
Because it is ucl one can use some sugar like:
[
{ message = <<EOD
formatted
message 'with fancy things'
EOD
},
}
Submitted by: bapt
Reviewed by: bapt, mat
Differential Revision: https://reviews.freebsd.org/D19310
Notes:
svn path=/head/; revision=503385
|
|
|
|
|
|
|
|
| |
USE_GCC=9 (the latter of which should only be used if unavoidable)
are now supported.
Notes:
svn path=/head/; revision=503289
|
|
|
|
|
|
|
|
|
| |
Since devel/py-promise requires 3.6.4+, the minimal version is set to 3.6.4.
With hat: python
Notes:
svn path=/head/; revision=503133
|
|
|
|
|
|
|
|
| |
PR: 238172
Approved by: portmgr (rene)
Notes:
svn path=/head/; revision=502941
|
|
|
|
|
|
|
| |
With hat: portmgr
Notes:
svn path=/head/; revision=502870
|