| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Changes: https://github.com/mikf/gallery-dl/releases/tag/v1.20.0
Reported by: GitHub (watch releases)
(cherry picked from commit 164ae7c43558fc9a8dea75e24048d2bc9d3acb8e)
|
|
|
|
| |
(cherry picked from commit d09c164918ccf4978acc1cfe9709c58ca173654a)
|
|
|
|
| |
(cherry picked from commit 1090472cdf1c710a0a8548b8862a8c8e0f998443)
|
|
|
|
|
|
| |
Security: ca982e2d-61a9-11ec-8be6-d4c9ef517024
MFH: 2021Q4
(cherry picked from commit e721e5aeffbd529fb28aeae0bf0b90b128a965e8)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Azure go-autorest project (https://github.com/Azure/go-autorest)
provides several go modules within the same tarball, but the Grafana
code requires different commits for several of those modules, hence
the same source appearing multiple times at different commmit hashes
in distinfo.
Unfortunately, with grafana 8.3.3, three of the go-autorest modules
required the same commit hash, leading to duplication in the distinfo.
This causes a problem when trying to download the distfiles the first
time -- a number of the downloads will fail. Repeatedly attempting to
download will succeed for one more of the various different versions
of the go-autorest distfile, until eventually everything has been
successfully downloaded.
Remove the duplicate items in distinfo so that first-time download
into a virgin distfiles directory does succeed. This means that the
result of `make makesum` cannot be used un-edited.
PR: 260537
Reported by: John D.
(cherry picked from commit dcd67527ab526dcb8683565796f1ac2e8b6bc6a7)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to 8.3.2 with moderate severity security fix (
https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/
)
ChangeLog: https://github.com/grafana/grafana/releases/tag/v8.3.2
Update to 8.3.3
Changelog: https://github.com/grafana/grafana/releases/tag/v8.3.3
PR: 260401, 260358
Reported by: Boris Korzun (maintainer), ohauer
Security: c2a7de31-5b42-11ec-8398-6c3be5272acd
Security: a994ff7d-5b3f-11ec-8398-6c3be5272acd
(cherry picked from commit 352b384cbd92272646c25e2583296770d8222dca)
|
|
|
|
|
|
|
| |
Release Notes:
https://www.mozilla.org/en-US/firefox/95.0.2/releasenotes/
(cherry picked from commit b1799d523a4c185d10a55ba1edb99a13e7ba341b)
|
|
|
|
|
|
|
|
|
|
| |
- patch from upstream
https://github.com/apache/mod_perl/commit/916376b4559d194ca618ce52c5a937fb000350be
PR: 260511
Approved by: fluffy
(cherry picked from commit fb780db214a3f007d5ccc5596e6762e94c6f95c2)
|
|
|
|
| |
(cherry picked from commit 4b750e33a6a5fb3b1f75709742abae903f2ae278)
|
|
|
|
|
|
|
| |
Changes: https://github.com/ytdl-org/youtube-dl/releases/tag/2021.12.17
Reported by: GitHub (watch releases)
(cherry picked from commit 347de090b97b010d43942e2f81cfa64974db387f)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/91.4.1/releasenotes/
(cherry picked from commit e5ff61315bb7a7b983acb1857b10fbddc94b9aa0)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/95.0.1/releasenotes/
(cherry picked from commit 01ec19a5fd8223e42d613c2130b3d99d264a9e6f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update fixes a couple of security issues. Quoting the ChangeLog:
- Security/Reliability:
- cgi_error_no_template(): Encode the template name to prevent
XSS (cross-side scripting) when Privoxy is configured to servce
the user-manual itself.
Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543.
Reported by: Artem Ivanov
- get_url_spec_param(): Free memory of compiled pattern spec
before bailing.
Reported by Joshua Rogers (Opera) who also provided the fix.
Commit 652b4b7cb0. OVE-20211201-0003. CVE-2021-44540.
- process_encrypted_request_headers(): Free header memory when
failing to get the request destination.
Reported by Joshua Rogers (Opera) who also provided the fix.
Commit 0509c58045. OVE-20211201-0002. CVE-2021-44541.
- send_http_request(): Prevent memory leaks when handling errors
Reported by Joshua Rogers (Opera) who also provided the fix.
Commit c48d1d6d08. OVE-20211201-0001. CVE-2021-44542.
The complete list of changes is available at:
https://lists.privoxy.org/pipermail/privoxy-announce/2021-December/000009.html
PR: 260290
MFH: 2021Q4
Security: 897e1962-5d5a-11ec-a3ed-040e3c3cf7e7
(cherry picked from commit dec093e215760204b994f01511820348f21cf1be)
|
|
|
|
|
|
| |
MFH: 2021Q4
Security: 0dcf68fa-5c31-11ec-875e-901b0e9408dc
(cherry picked from commit a367a9d74e892047f8929a5dbfcd50855c1313a4)
|
|
|
|
| |
(cherry picked from commit 0f1667fbaa05d91ee3a787cd75e72658e81d5ca2)
|
|
|
|
|
|
| |
- Designate configuration file as such, there is now one
(cherry picked from commit c594388688870ee4d2191a67778e1e8cfb3ada67)
|
|
|
|
| |
(cherry picked from commit c4540ba5dbda6a7b88546651d195a182d90a368f)
|
|
|
|
| |
(cherry picked from commit 5afcb83dccf1cb12addeb6334ad5e21fc2170f59)
|
|
|
|
|
|
|
|
| |
Approved by: maintainer (implicit, version bump, as per PR 258262)
MFH: 2021Q4
Security: 0dcf68fa-5c31-11ec-875e-901b0e9408dc
(cherry picked from commit ff439c00057b5ba53ca84b1289bae2e2d51d2613)
|
|
|
|
|
|
| |
Approved by: maintainer (implicit, version bump, as per PR 258262)
(cherry picked from commit 0ccc5aabe3388f077d9829cdd743330217deb5e9)
|
|
|
|
|
|
| |
Approved by: maintainer (implicit, version bump, as per PR 258262)
(cherry picked from commit e4a6d525d22234d417e18a5c865a0c4044a3f6e2)
|
|
|
|
|
|
| |
Approved by: maintainer (implicit, version bump, as per PR 258262)
(cherry picked from commit 399a9542533197ba9b805fcd81f72994c465ca2a)
|
|
|
|
|
|
| |
Approved by: maintainer (implicit, version bump, as per PR 258262)
(cherry picked from commit 8dcfe73b5b761d836eb7b4a6a88c94d4e61e7338)
|
|
|
|
| |
(cherry picked from commit 9e8b1a213de9dd04d8cb1365f3704195f3356a74)
|
|
|
|
|
|
| |
Approved by: maintainer (implicit, version bump, as per PR 258262)
(cherry picked from commit 11f7005347b2cb49379a229dd3074454e7e1b1cc)
|
|
|
|
|
| |
PR: ports/259638
(cherry picked from commit 9e29bc87e91191f9fccb9428fdbcca83fa87a64e)
|
|
|
|
| |
(cherry picked from commit fa91f5445b0a7d26afc1c7390b3a06b97763b370)
|
|
|
|
| |
(cherry picked from commit 9be82b2f413287fcb193ec19b23b1ed62f3fc2d7)
|
|
|
|
| |
(cherry picked from commit c331737cdb1ffde81f03f6d2b8f524838ef46e60)
|
|
|
|
| |
(cherry picked from commit 861e390e2557a2c38555d2e9186f2f8387c07ecb)
|
|
|
|
| |
(cherry picked from commit 77f4b2da757eac76d40af4426fcd97d3190b6505)
|
|
|
|
|
|
|
|
|
|
|
| |
Changes: https://github.com/ruby/cgi/commits/v0.3.1
PR: 260034
Approved by: maintainer timeout (> 2 weeks)
Security: CVE-2021-41816
Security: CVE-2021-41819
MFH: 2021Q4
(cherry picked from commit cf62eea7a5fde939ee4961a22155eb476253fea6)
|
|
|
|
|
| |
Changes: https://github.com/ruby/cgi/commits/master
(cherry picked from commit 4c76c94d3431877142a8a1d3a3723efdb65b1abf)
|
|
|
|
|
|
|
|
|
|
|
| |
* Add "do-test" target to make future QA easier.
Changelog:
https://github.com/jazzband/django-tinymce/releases/tag/3.4.0
MFH: 2021Q4
(cherry picked from commit 41886a54b11adefacbfad557a780cba386b9b7d9)
|
|
|
|
|
|
|
|
|
|
|
| |
as firefox needs matching wasi-compiler-rt, embedded llvm in
rust and llvm for building and wasi-compiler-rt installs it's files
in a path depending on it's full distversion, we need to know
llvm/clang's full version. it's not possible to derive that
programatically, as the required llvm version may not be installed
at the time firefox' Makefile is being parsed.
(cherry picked from commit dcc6b13daedf095da6572c27af69713ee551cb81)
|
|
|
|
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/95.0/releasenotes/
This firefox release includes a not-yet-released snapshot of dav1d,
which is not fully API-compatible with the released version. Switch
to the bundled dav1d/aom until dav1d released have caught up.
(cherry picked from commit f4c07f1834f70e7359c290415aaf47727cda042a)
|
|
|
|
|
|
|
|
| |
Reported by: pkg-fallout@FreeBSD.org
PR: 258942
MFH: 2021Q$
(cherry picked from commit 29c0aa77578b766ac518e948c76834869e9813e5)
|
|
|
|
|
|
|
|
| |
Reported by: pkg-fallout@FreeBSD.org
PR: 258942
MFH: 2021Q4
(cherry picked from commit 33c764690e3e249e2c6481fd1ec8d26e14845e78)
|
|
|
|
|
|
|
| |
Changes: https://github.com/mikf/gallery-dl/releases/tag/v1.19.3
Reported by: GitHub (watch releases)
(cherry picked from commit ab68a82e372d5a8e7861568149d1c5e33109db57)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/91.4.0/releasenotes/
(cherry picked from commit 948157a880bb7626a72845f8e13e7a38943ffa19)
|
|
|
|
|
|
|
| |
Release Notes:
https://www.mozilla.org/en-US/firefox/94.0.2/releasenotes/
(cherry picked from commit 3f41fb83794edb8db22b4edb0a1f53e1cff61253)
|
|
|
|
|
|
|
|
|
| |
Changelog: https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/
PR: 259597
MFH: 2021Q4 (security)
Security: 757ee63b-269a-11ec-a616-6c3be5272acd
(cherry picked from commit 09c1162b8dd0e293c93ff2a2a81b2d54b57729e3)
|
|
|
|
|
|
|
|
| |
To make it possible to easily import py-pyjwt v2.x move the current port
to a versioned directory. Bump consumers after rename of the dependency.
PR: 254038
(cherry picked from commit e6ec12f6646f71fe84268d21f3a6901191ebf60e)
|
|
|
|
| |
(cherry picked from commit 0a78adfedb8646dedfeca3262a4a0ac79e861224)
|
|
|
|
|
|
|
|
|
|
| |
libpipewire is used on demand via dlopen(). Currently, only enabled
for WebRTC getUserMedia (screen capture) under Wayland.
https://searchfox.org/mozilla-release/rev/e2929d8cad28/third_party/libwebrtc/webrtc/modules/desktop_capture/screen_capturer_linux.cc#28
PR: 259621
(cherry picked from commit f0a3f8e66866cb022f8405a4a2772836a1f06de7)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Should work on wlroots-based compositors. For example,
# pkg install firefox sway pam_xdg xdg-desktop-portal-wlr xdg-desktop-portal
# sysrc seatd_enable=YES
# service seatd start
# echo 'session optional pam_xdg.so notroot runtime' >>/etc/pam.d/system
$ exit # log out to pick up XDG_RUNTIME_DIR
<new login>
$ export XDG_CURRENT_DESKTOP=sway
$ export MOZ_ENABLE_WAYLAND=1
$ dbus-daemon --session --fork --address=unix:runtime=yes
$ sway
<GUI session>
$ dbus-update-activation-environment --all
$ daemon -f pipewire
$ firefox https://mozilla.github.io/webrtc-landing/gum_test.html
<click on "Screen Capture">
<select "Use operating system settings">
<click on "Allow" button>
<select via cursor the desired screen (output display)>
<notice the screen mirrored on the web page>
(cherry picked from commit 4dd7526ead6681463d6744d5f5d1940cb2fad551)
|
|
|
|
|
|
|
| |
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/94.0.2/releasenotes/
(cherry picked from commit bdfaa870b3567067ad32ea2211f25c70b5859560)
|
|
|
|
| |
(cherry picked from commit 7d8b2f843b6b29342c7f84814056a47d214d4f71)
|
|
|
|
| |
(cherry picked from commit 6d7015e212c797121061bf04db7a01f018fca6ac)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
careful testing revealed that the microphone worked "sometimes",
with the "not working" state manifesting as follows: pulseaudio sees
a signal from the microphone but firefox (and it's components) fails
to show up on pulseaudio's source-outputs and firefox gets no audio
signal.
Applying the patch from upstream 1735905 seems to improve matters
greatly.
PR: 257639
Reported by: many
Obtained from: https://bugzilla.mozilla.org/show_bug.cgi?id=1735905
(cherry picked from commit 2af447c8bac175a02de64aad1e36ad849df2f57f)
|