| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Changes:
https://github.com/tailscale/tailscale/releases/tag/v1.12.0
https://github.com/tailscale/tailscale/releases/tag/v1.12.1
|
|
|
|
| |
* Refactor MAN3 option plist generation
|
|
|
|
|
| |
Security: cbfd1874-efea-11eb-8fe9-036bd763ff35
Security: CVE-2021-36386
|
|
|
|
| |
Unfortunately I cannot give them the love they deserve at the moment.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Plasma 5.22 was released in June 2021 with many feature refinements and
new modules to complete the desktop experience.
This release adds three weeks' worth of new translations and fixes from
KDE's contributors. The bugfixes are typically small but important and
include:
* Discover: Address the keyboard shortcut tooltip.
* Sort Unsplash POTD image categories alphabetically.
* Info Center: Unbreak about CPU value when solid is missing a
product string.
[1] https://kde.org/announcements/plasma/5/5.22.4/
|
|
|
|
| |
PR: 257325
|
|
|
|
| |
PR: 257435
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The announcement as follows:
The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.2 and 1.18.4. Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.
Retrieving krb5-1.19.2 and krb5-1.18.4
======================================
You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
following URL:
https://kerberos.org/dist/
The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are:
https://web.mit.edu/kerberos/krb5-1.19/
https://web.mit.edu/kerberos/krb5-1.18/
Further information about Kerberos 5 may be found at the following
URL:
https://web.mit.edu/kerberos/
Triple-DES transition
=====================
Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type. In future releases, this encryption type will be disabled by
default and eventually removed.
Beginning with the krb5-1.18 release, single-DES encryption types have
been removed.
Major changes in 1.19.2 and 1.18.4 (2021-07-22)
===============================================
These are bug fix releases.
* Fix a denial of service attack against the KDC encrypted challenge
code [CVE-2021-36222].
* Fix a memory leak when gss_inquire_cred() is called without a
credential handle.
MFH: 2021Q3
Security: CVE-2021-36222
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The announcement as follows:
The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.2 and 1.18.4. Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.
Retrieving krb5-1.19.2 and krb5-1.18.4
======================================
You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
following URL:
https://kerberos.org/dist/
The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are:
https://web.mit.edu/kerberos/krb5-1.19/
https://web.mit.edu/kerberos/krb5-1.18/
Further information about Kerberos 5 may be found at the following
URL:
https://web.mit.edu/kerberos/
Triple-DES transition
=====================
Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type. In future releases, this encryption type will be disabled by
default and eventually removed.
Beginning with the krb5-1.18 release, single-DES encryption types have
been removed.
Major changes in 1.19.2 and 1.18.4 (2021-07-22)
===============================================
These are bug fix releases.
* Fix a denial of service attack against the KDC encrypted challenge
code [CVE-2021-36222].
* Fix a memory leak when gss_inquire_cred() is called without a
credential handle.
MFH: 2021Q3
Security: CVE-2021-36222
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The comment said ``INSTALL_TARGET=install-strip isn't working'', that
is, does not strip shared libraries as expected, while actually this is
not a bug but intended behavior, per this quote from the INSTALL file:
[...] Fortunately, the GNU autotools have built-in support for this
functionality, all you need to do is to specify "make install-strip"
instead of "make install". Note however that only executables are
stripped, libraries are not touched [...]
|
|
|
|
|
|
| |
W/out xmlto build is broken on some systems.
Reported by: fallout
|
|
|
|
| |
Reported by: portscout
|
|
|
|
| |
Reported by: portscout
|
|
|
|
|
|
|
| |
Changelog: https://github.com/Mastercard/pkcs11-tools/blob/v2.4.0/CHANGELOG.md
PR: 257348
Approved by: lwhsu (mentor, implicit)
|
|
|
|
| |
Changes: https://github.com/keybase/client/releases
|
|
|
|
| |
- While I'm here, update version requirement of RUN_DEPENDS
|
|
|
|
| |
Changes: https://github.com/onelogin/python3-saml/releases
|
|
|
|
|
| |
Changes: https://developers.yubico.com/libfido2/Release_Notes.html
https://github.com/Yubico/libfido2/blob/master/NEWS
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/eclipse/mosquitto/blob/d5ecd9f5aa98d42e7549eea09a71a23eef241f31/ChangeLog.txt
- If an authenticated client connected with MQTT v5 sent a malformed
CONNACK message to the broker a NULL pointer dereference occurred,
most likely resulting in a segfault.
PR: 255229
Reported by: Daniel Engberg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes since v4.8.0:
wolfSSL Release 4.8.1 (July 16, 2021)
Release 4.8.1 of wolfSSL embedded TLS has an OCSP vulnerability fix:
Vulnerabilities
* [High] OCSP verification issue when response is for a certificate with no
relation to the chain in question BUT that response contains the NoCheck
extension which effectively disables ALL verification of that one cert.
Users who should upgrade to 4.8.1 are TLS client users doing OCSP, TLS
server users doing mutual auth with OCSP, and CertManager users doing OCSP
independent of TLS. Thanks to Jan Nauber, Marco Smeets, Werner Rueschenbaum
and Alissa Kim of Volkswagen Infotainment for the report.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
While appropriate --with-ssl=${OPENSSLBASE} switch is passed to the
configure script, the SSLeay_version -> OpenSSL_version adjustment
was performed not relative to ${OPENSSLINC}, which is wrong. Also,
this check cannot be executed at `post-patch' because OpenSSL from
ports is not yet available at this early stage.
PR: 236820
|
|
|
|
|
|
|
| |
* Update Web Vault to 2.20.4b
PR: 256908
Approved by: Maintainer timeout
|
| |
|
|
|
|
| |
Update to the latest w1.fi commit, proxied through my GH account.
|
|
|
|
| |
Add a patch already in base.
|
|
|
|
|
| |
Changes: https://github.com/googleapis/google-auth-library-python/releases
https://github.com/googleapis/google-auth-library-python/blob/master/CHANGELOG.md
|
|
|
|
|
|
|
|
| |
- Bump PORTREVISION of dependent ports for shlib change
Changes: https://github.com/fmtlib/fmt/releases
PR: 257026
Exp-run by: antoine
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
- Update RHash to version 1.4.2
- Revert one change in the configure script which
breaks the build on FreeBSD (at least)
Reported by: portscout
|
| |
|
|
|
|
|
|
| |
- Update to 0.0.0.20210720
- Add pkg-message with usage warning
- Change www
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This github issue:
https://github.com/zeek/zeekctl/issues/35
complained about the lack of a local.zeek file on a fresh install;
adding @sample for local.zeek solves this.
Reported by: shadonet
|
|
|
|
|
|
|
|
| |
- Take maintainership
- Fix KEESHARE option
PR: 256797
Approved by: maintainer timeout (3 times)
|
| |
|
|
|
|
|
|
|
| |
- Change RUN_DEPENDS from rubygem-hkdf to rubygem-hkdf0
- Update version requirement of RUN_DEPENDS
Changes: https://github.com/zaru/webpush/blob/master/CHANGELOG.md
|
|
|
|
|
|
|
|
| |
- Add LICENSE_FILE
- Update WWW
Changes: https://github.com/dzaporozhets/six/blob/master/CHANGELOG
https://github.com/dzaporozhets/six/commits/master
|
|
|
|
|
|
| |
- Update WWW
Changes: https://github.com/ruby/openssl/blob/master/History.md
|
|
|
|
|
| |
Changes: https://github.com/omniauth/omniauth-saml/releases
https://github.com/omniauth/omniauth-saml/blob/master/CHANGELOG.md
|