mports

Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
security update clamav

security patch for libexif

    • -0
    • +86
    /graphics/libexif/files/patch-CVE-2019-9278
    • -0
    • +35
    /graphics/libexif/files/patch-chromium-7344-and-14543
    • -0
    • +24
    /graphics/libexif/files/patch-chromium-8884
update vuxml file and modernize.

add several new dns ports including adns, whoseip and zonenotify.

    • -0
    • +21
    /dns/whoseip/Makefile
    • -0
    • +28
    /dns/zonenotify/Makefile
    • -0
    • +2
    /dns/zonenotify/distinfo
    • -0
    • +4
    /dns/zonenotify/pkg-descr
bind 9.14 is deprecated.

    • -26
    • +0
    /dns/bind914/files/BIND.chroot.dist
    • -20
    • +0
    /dns/bind914/files/BIND.chroot.local.dist
    • -42
    • +0
    /dns/bind914/files/extrapatch-bind-tools
    • -51
    • +0
    /dns/bind914/files/extrapatch-no-bind-tools
    • -11
    • +0
    /dns/bind914/files/localhost-forward.db
    • -13
    • +0
    /dns/bind914/files/localhost-reverse.db
    • -380
    • +0
    /dns/bind914/files/named.conf.in
  1. … 6 more files in changeset.
update bind 9.11.21

    • -0
    • +235
    /dns/bind911/files/extrapatch-bind-lmdb-lock
Update bind to 9.16.5

New Features

New rndc command rndc dnssec -status shows the current DNSSEC policy and keys in use, the key states, and rollover status. [GL #1612]

Bug Fixes

A race condition could occur if a TCP socket connection was closed while named was waiting for a recursive response. The attempt to send a response over the closing connection triggered an assertion failure in the function isc__nm_tcpdns_send(). [GL #1937]

A race condition could occur when named attempted to use a UDP interface that was shutting down. This triggered an assertion failure in uv__udp_finish_close(). [GL #1938]

Fix assertion failure when server was under load and root zone had not yet been loaded. [GL #1862]

named could crash when cleaning dead nodes in lib/dns/rbtdb.c that were being reused. [GL #1968]

named crashed on shutdown when a new rndc connection was received during shutdown. This has been fixed. [GL #1747]

The DS RRset returned by dns_keynode_dsset() was used in a non-thread-safe manner. This could result in an INSIST being triggered. [GL #1926]

Properly handle missing kyua command so that make check does not fail unexpectedly when CMocka is installed, but Kyua is not. [GL #1950]

The primary and secondary keywords, when used as parameters for check-names, were not processed correctly and were being ignored. [GL #1949]

rndc dnstap -roll <value> did not limit the number of saved files to <value>. [GL !3728]

The validator could fail to accept a properly signed RRset if an unsupported algorithm appeared earlier in the DNSKEY RRset than a supported algorithm. It could also stop if it detected a malformed public key. [GL #1689]

The blackhole ACL was inadvertently disabled for client queries. Blocked IP addresses were not used for upstream queries but queries from those addresses could still be answered. [GL #1936]

    • -0
    • +236
    /dns/bind916/files/extrapatch-bind-lmdb-lock
    • -3
    • +3
    /dns/bind916/files/extrapatch-bind-tools
    • -11
    • +6
    /dns/bind916/files/extrapatch-no-bind-tools
update to curl 7.72.0

try to do something with this

    • -1
    • +1
    /sysutils/gnome-system-monitor/Makefile
lets try to disable wayland

    • -1
    • +1
    /sysutils/gnome-control-center/Makefile
Update apache to 2.4.46

Changes with Apache 2.4.46

*) SECURITY: CVE-2020-11984 (cve.mitre.org)

mod_proxy_uwsgi: Malicious request may result in information disclosure

or RCE of existing file on the server running under a malicious process

environment. [Yann Ylavic]

*) SECURITY: CVE-2020-11993 (cve.mitre.org)

mod_http2: when throttling connection requests, log statements

where possibly made that result in concurrent, unsafe use of

a memory pool. [Stefan Eissing]

*) SECURITY:

mod_http2: a specially crafted value for the 'Cache-Digest' header

request would result in a crash when the server actually tries

to HTTP/2 PUSH a resource afterwards.

[Stefen Eissing, Eric Covener, Christophe Jaillet]

*) mod_proxy_fcgi: Fix build warnings for Windows platform

Changes with Apache 2.4.45

*) mod_http2: remove support for abandoned http-wg draft

<https://datatracker.ietf.org/doc/draft-kazuho-h2-cache-digest/>.

[Stefan Eissing]

Changes with Apache 2.4.44

*) mod_proxy_uwsgi: Error out on HTTP header larger than 16K (hard

protocol limit). [Yann Ylavic]

*) mod_http2:

Fixes <https://github.com/icing/mod_h2/issues/200>:

"LimitRequestFields 0" now disables the limit, as documented.

Fixes <https://github.com/icing/mod_h2/issues/201>:

Do not count repeated headers with same name against the field

count limit. The are merged internally, as if sent in a single HTTP/1 line.

[Stefan Eissing]

*) mod_http2: Avoid segfaults in case of handling certain responses for

already aborted connections. [Stefan Eissing, Ruediger Pluem]

*) mod_http2: The module now handles master/secondary connections and has marked

methods according to use. [Stefan Eissing]

*) core: Drop an invalid Last-Modified header value coming

from a FCGI/CGI script instead of replacing it with Unix epoch.

[Yann Ylavic, Luca Toscano]

*) Add support for strict content-length parsing through addition of

ap_parse_strict_length() [Yann Ylavic]

*) mod_proxy_fcgi: ProxyFCGISetEnvIf unsets variables when expression

evaluates to false. PR64365. [Michael König <mail ikoenig.net>]

*) mod_proxy_http: flush spooled request body in one go to avoid

leaking (or long lived) temporary file. PR 64452. [Yann Ylavic]

*) mod_ssl: Fix a race condition and possible crash when using a proxy client

certificate (SSLProxyMachineCertificateFile).

[Armin Abfalterer <a.abfalterer gmail.com>]

*) mod_ssl: Fix memory leak in stapling code. PR63687. [Stefan Eissing]

*) mod_http2: Fixed regression that no longer set H2_STREAM_ID and H2_STREAM_TAG.

PR64330 [Stefan Eissing]

*) mod_http2: Fixed regression that caused connections to close when mod_reqtimeout

was configured with a handshake timeout. Fixes gitub issue #196.

[Stefan Eissing]

*) mod_proxy_http2: the "ping" proxy parameter

(see <https://httpd.apache.org/docs/2.4/mod/mod_proxy.html>) is now used

when checking the liveliness of a new or reused h2 connection to the backend.

With short durations, this makes load-balancing more responsive. The module

will hold back requests until ping conditions are met, using features of the

HTTP/2 protocol alone. [Ruediger Pluem, Stefan Eissing]

*) core: httpd is no longer linked against -lsystemd if mod_systemd

is enabled (and built as a DSO). [Rainer Jung]

*) mod_proxy_http2: respect ProxyTimeout settings on backend connections

while waiting on incoming data. [Ruediger Pluem, Stefan Eissing]

move up

use default

bump and use default.

try to fix build

add ldap extension

fix build on magus

    • -1
    • +1
    /benchmarks/compiler-benchmark/Makefile
Merge branch 'master' of github.com:MidnightBSD/mports

update json-c to 0.15

    • -56
    • +0
    /devel/json-c/files/patch-CMakeLists.txt
    • -14
    • +0
    /devel/json-c/files/patch-arraylist.c
    • -11
    • +0
    /devel/json-c/files/patch-json_object.c
    • -37
    • +0
    /devel/json-c/files/patch-linkhash.c
    • -52
    • +0
    /devel/json-c/files/patch-printbuf.c
update distinfo file

refit after gnomedocutils

    • -0
    • +11
    /sysutils/gconf-editor/files/patch-Makefile.in
    • -0
    • +62
    /sysutils/gconf-editor/files/patch-configure
    • -182
    • +0
    /sysutils/gconf-editor/pkg-plist
sadly drop drivel. We can't keep all the dependencies going and it's been dead upstream since 2013

drop mrparse

    • -12
    • +0
    /www/mrparse/files/patch-analog.cfg
    • -23
    • +0
    /www/mrparse/files/patch-src__Makefile
get rid of ancient port.

    • -11
    • +0
    /x11/dgs/files/patch-DPS_clients_makepsres_makepsres.c
    • -20
    • +0
    /x11/dgs/files/patch-doc-announce.tmpl.texi
    • -20
    • +0
    /x11/dgs/files/patch-doc-faq.tmpl.texi
    • -16
    • +0
    /x11/dgs/files/patch-gs__unix-gcc.mak.in
fix depends.

    • -4
    • +1
    /x11-drivers/xf86-video-fbdev/Makefile
update to gnome 3.x version

    • -11
    • +4
    /net/gnome-nettool/files/patch-src_info.c
    • -10
    • +0
    /net/gnome-nettool/files/patch-src_lookup.c
    • -15
    • +6
    /net/gnome-nettool/files/patch-src_netstat.c
    • -14
    • +18
    /net/gnome-nettool/files/patch-src_nettool.c
remove docutils

glade replaced glade3

    • -33
    • +0
    /devel/glade3/files/patch-configure
remove gnomedocutils

update to 0.8.2

drop test.