summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* mail/thunderbird: update to 91.11.0 (rc1)Christoph Moench-Tegeder2022-06-232-4/+4
| | | | | | | Release Notes (soon): https://www.thunderbird.net/en-US/thunderbird/91.11.0/releasenotes/ (cherry picked from commit ddadb168b08dc8fb27416b5d1383d5439973a8d8)
* www/firefox-esr: update to 91.11.0 (rc2)Christoph Moench-Tegeder2022-06-232-4/+5
| | | | | | | Release Notes (soon): https://www.mozilla.org/en-US/firefox/91.11.0/releasenotes/ (cherry picked from commit 5a62cc1b71a0bc09d8716c28a33858d9edd765e5)
* www/firefox: update to 102.0 (rc2)Christoph Moench-Tegeder2022-06-232-4/+5
| | | | | | | Release Notes (soon): https://www.mozilla.org/en-US/firefox/102.0/releasenotes/ (cherry picked from commit e52621b536f999421b4dff15d307fc9391b28bd9)
* graphics/engauge-digitizer: Fix buildYuri Victorovich2022-06-221-1/+3
| | | | | | | | openjpeg.h wasn't found. Reported by: fallout (cherry picked from commit 77dff5bd868790fb078f8d2a38a5ad783daadd8c)
* graphics/mesa-devel: update to 22.1.b.3404Jan Beich2022-06-232-5/+5
| | | | | Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/9ca0c0b4b40...deb36dc6c2e (cherry picked from commit 13a22d6d428546b6999a8cc97f15c7410fa3d4fd)
* x11-servers/xwayland-devel: update to 21.0.99.1.211Jan Beich2022-06-232-5/+5
| | | | | Changes: https://gitlab.freedesktop.org/xorg/xserver/-/compare/7cdcdfea0...b9b33d88e (cherry picked from commit e0b2bfa92c1bd15aac5773f8a44a039cd61b498e)
* devel/jenkins-lts: Update to 2.346.1Li-Wen Hsu2022-06-232-4/+4
| | | | | | | | MFH: 2022Q2 Security: 25be46f0-f25d-11ec-b62a-00e081b7aa2d Sponsored by: The FreeBSD Foundation (cherry picked from commit ddaf3bfe279e3d02f0cac59080ee017ae6eb6e6a)
* devel/jenkins: Update to 2.356Li-Wen Hsu2022-06-232-4/+4
| | | | | | | | MFH: 2022Q2 Security: 25be46f0-f25d-11ec-b62a-00e081b7aa2d Sponsored by: The FreeBSD Foundation (cherry picked from commit 22bd4a02d202295805e2287c50db14a8dc795758)
* security/openssh-portable: Fix some capsicum issuesBryan Drewery2022-06-224-48/+113
| | | | | | | | | - Brings in latest changes from base. See patches for details. - Version 9.0 is being worked on but I wanted to fix this issue before proceeding with bigger changes. PR: 263753 (cherry picked from commit 272dd07a309c086a4bc97dc015ef7faf4fbf89ca)
* devel/nspr: update to 4.34Jan Beich2022-06-222-4/+4
| | | | | | | Changes: https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/e9q0AqO8t2k Reported by: Repology (cherry picked from commit 431c06db12e438b0fa1a767f9d028911d32b57d0)
* www/firefox-esr: update to 91.11.0 (rc1)Christoph Moench-Tegeder2022-06-222-4/+4
| | | | | | | Release Notes (soon): https://www.mozilla.org/en-US/firefox/91.11.0/releasenotes/ (cherry picked from commit 2f7b603e814fc0234ddda5833686c2262644e717)
* www/firefox: update to 102.0 (rc1)Christoph Moench-Tegeder2022-06-223-2618/+2649
| | | | | | | Release Notes (soon): https://www.mozilla.org/en-US/firefox/102.0/releasenotes/ (cherry picked from commit 1bf197ea1f66b2c08685cdad35c88d74fc6b8035)
* security/nss: update to 3.79Jan Beich2022-06-222-4/+4
| | | | | | | Changes: https://hg.mozilla.org/projects/nss/shortlog/NSS_3_79_RTM Reported by: Repology (cherry picked from commit 57937c6df9434b504e601ac2f36314f1cd80721f)
* security/sudo: Update to 1.9.11p3Renato Botelho2022-06-222-4/+4
| | | | | | Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit c6a7564417b0fccb7a243921d4646983adf66a5f)
* security/sudo: Update to 1.9.11p2 -- Fix regressionsCy Schubert2022-06-222-4/+4
| | | | | | | | | | | | | | Major changes between sudo 1.9.11p2 and 1.9.11p1: * Fixed a compilation error on Linux/x86_64 with the x32 ABI. * Fixed a regression introduced in 1.9.11p1 that caused a warning when logging to sudo_logsrvd if the command returned no output. PR: 264643 Approved by: garga (maintainer) (cherry picked from commit 7c653e8c86389002306179a31568c64090f89b56)
* security/sudo: Update to 1.9.11p1Cy Schubert2022-06-222-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Major changes between sudo 1.9.11p1 and 1.9.11: * Correctly handle EAGAIN in the I/O read/right events. This fixes a hang seen on some systems when piping a large amount of data through sudo, such as via rsync. Bug #963. * Changes to avoid implementation or unspecified behavior when bit shifting signed values in the protobuf library. * Fixed a compilation error on Linux/aarch64. * Fixed the configure check for seccomp(2) support on Linux. * Corrected the EBNF specification for tags in the sudoers manual page. GitHub issue #153. Major changes between sudo 1.9.11 and 1.9.10: * Fixed a crash in the Python module with Python 3.9.10 on some systems. Additionally, "make check" now passes for Python 3.9.10. * Error messages sent via email now include more details, including the file name and the line number and column of the error. Multiple errors are sent in a single message. Previously, only the first error was included. * Fixed logging of parse errors in JSON format. Previously, the JSON logger would not write entries unless the command and runuser were set. These may not be known at the time a parse error is encountered. * Fixed a potential crash parsing sudoers lines larger than twice the value of LINE_MAX on systems that lack the getdelim() function. * The tests run by "make check" now unset the LANGUAGE environment variable. Otherwise, localization strings will not match if LANGUAGE is set to a non-English locale. Bug #1025. * The "starttime" test now passed when run under Debian faketime. Bug #1026. * The Kerberos authentication module now honors the custom password prompt if one has been specified. * The embedded copy of zlib has been updated to version 1.2.12. * Updated the version of libtool used by sudo to version 2.4.7. * Sudo now defines _TIME_BITS to 64 on systems that define __TIMESIZE in the header files (currently only GNU libc). This is required to allow the use of 64-bit time values on some 32-bit systems. * Sudo's "intercept" and "log_subcmds" options no longer force the command to run in its own pseudo-terminal. It is now also possible to intercept the system(3) function. * Fixed a bug in sudo_logsrvd when run in store-first relay mode where the commit point messages sent by the server were incorrect if the command was suspended or received a window size change event. * Fixed a potential crash in sudo_logsrvd when the "tls_dhparams" configuration setting was used. * The "intercept" and "log_subcmds" functionality can now use ptrace(2) on Linux systems that support seccomp(2) filtering. This has the advantage of working for both static and dynamic binaries and can work with sudo's SELinux RBAC mode. The following architectures are currently supported: i386, x86_64, aarch64, arm, mips (log_subcmds only), powerpc, riscv, and s390x. The default is to use ptrace(2) where possible; the new "intercept_type" sudoers setting can be used to explicitly set the type. * New Georgian translation from translationproject.org. * Fixed creating packages on CentOS Stream. * Fixed a bug in the intercept and log_subcmds support where the execve(2) wrapper was using the current environment instead of the passed environment pointer. Bug #1030. * Added AppArmor integration for Linux. A sudoers rule can now specify an APPARMOR_PROFILE option to run a command confined by the named AppArmor profile. * Fixed parsing of the "server_log" setting in sudo_logsrvd.conf. Non-paths were being treated as paths and an actual path was treated as an error. PR: 264554 Approved by: garga (maintainer) (cherry picked from commit 7e42695954c2c1fe0ecdc9ff98323d1a6e9a53f0)
* security/sudo: fix packaging with PYTHON option enabled (+)Dima Panov2022-06-221-1/+1
| | | | | | | | | | | This a followup to commit 3ee710e0b22309a7e87c71b87bf5510aa8678ed8 sudo-1.9.11 have moved plugins manpages from section 8 to section 5 Pointy hat to: cy Approved by: portmgr blanket (cherry picked from commit 39c8b4fa2e8fc9df650ab9863761c637898a0bbb)
* security/sudo: Update to 1.9.11Cy Schubert2022-06-223-5/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Major changes between sudo 1.9.11 and 1.9.10: * Fixed a crash in the Python module with Python 3.9.10 on some systems. Additionally, "make check" now passes for Python 3.9.10. * Error messages sent via email now include more details, including the file name and the line number and column of the error. Multiple errors are sent in a single message. Previously, only the first error was included. * Fixed logging of parse errors in JSON format. Previously, the JSON logger would not write entries unless the command and runuser were set. These may not be known at the time a parse error is encountered. * Fixed a potential crash parsing sudoers lines larger than twice the value of LINE_MAX on systems that lack the getdelim() function. * The tests run by "make check" now unset the LANGUAGE environment variable. Otherwise, localization strings will not match if LANGUAGE is set to a non-English locale. Bug #1025. * The "starttime" test now passed when run under Debian faketime. Bug #1026. * The Kerberos authentication module now honors the custom password prompt if one has been specified. * The embedded copy of zlib has been updated to version 1.2.12. * Updated the version of libtool used by sudo to version 2.4.7. * Sudo now defines _TIME_BITS to 64 on systems that define __TIMESIZE in the header files (currently only GNU libc). This is required to allow the use of 64-bit time values on some 32-bit systems. * Sudo's "intercept" and "log_subcmds" options no longer force the command to run in its own pseudo-terminal. It is now also possible to intercept the system(3) function. * Fixed a bug in sudo_logsrvd when run in store-first relay mode where the commit point messages sent by the server were incorrect if the command was suspended or received a window size change event. * Fixed a potential crash in sudo_logsrvd when the "tls_dhparams" configuration setting was used. * The "intercept" and "log_subcmds" functionality can now use ptrace(2) on Linux systems that support seccomp(2) filtering. This has the advantage of working for both static and dynamic binaries and can work with sudo's SELinux RBAC mode. The following architectures are currently supported: i386, x86_64, aarch64, arm, mips (log_subcmds only), powerpc, riscv, and s390x. The default is to use ptrace(2) where possible; the new "intercept_type" sudoers setting can be used to explicitly set the type. * New Georgian translation from translationproject.org. * Fixed creating packages on CentOS Stream. * Fixed a bug in the intercept and log_subcmds support where the execve(2) wrapper was using the current environment instead of the passed environment pointer. Bug #1030. * Added AppArmor integration for Linux. A sudoers rule can now specify an APPARMOR_PROFILE option to run a command confined by the named AppArmor profile. * Fixed parsing of the "server_log" setting in sudo_logsrvd.conf. Non-paths were being treated as paths and an actual path was treated as an error. PR: 264515 Approved by: garga (maintainer) (cherry picked from commit 3ee710e0b22309a7e87c71b87bf5510aa8678ed8)
* www/chromium: update to 103.0.5060.53Robert Nagy2022-06-22338-3886/+5758
| | | | | Security: https://vuxml.freebsd.org/freebsd/b2a4c5f1-f1fe-11ec-bcd2-3065ec8fd3ec.html (cherry picked from commit 80ffbf089df7cc8d4b4879e23f6816fc7e338f7f)
* graphics/p5-Image-ExifTool: Update to 12.42Rafael Grether2022-06-213-4/+6
| | | | | | | PR: 264618 MFH: 2022Q2 (security blanket) Security: CVE-2022-23935 (cherry picked from commit 37712655fcaaaa0d99082c17db774f63cbd878a8)
* sysutils/py-salt: Update to 3004.2Kirill Ponomarev2022-06-213-16/+4
| | | | (cherry picked from commit 4723912355c23bfcedb1e54182985cac7d0e4d48)
* */*: Restore a missing wpa BSD driver patchCy Schubert2022-06-208-12/+256
| | | | | | | | | | | These patches were removed to sync with base where in fact base was missing these patches and base should have been synced with the ports. PR: 264238 Fixes: b8477825c2dc42f6c595697a36f593c71f39fbad c86f32d652eb9dd023049122d8ca37cb13ed07b6 MFH: 2022Q2 (cherry picked from commit 05a849eec9d949b3de32e464570cefbabcd64702)
* */*: Restore non-IBSS part of wpa patchesCy Schubert2022-06-208-4/+96
| | | | | | | | | b8477825c2dc42f6c595697a36f593c71f39fbad removed some non-IBSS patches. Restore them. We only want to remove the patches that make IBSS use ADHOC mode. Fixes: b8477825c2dc42f6c595697a36f593c71f39fbad (cherry picked from commit c86f32d652eb9dd023049122d8ca37cb13ed07b6)
* */*: FreeBSD's WPA does support IBSS modeCy Schubert2022-06-208-158/+4
| | | | | | | FreeBSD's WPA does support IBSS mode. Remove the hack that forces ADHOC mode when IBSS is requested. (cherry picked from commit b8477825c2dc42f6c595697a36f593c71f39fbad)
* security/wpa_supplicant-devel: Update to latest GH commitCy Schubert2022-06-202-5/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit 9f3f41a2d27b2018068b9d4c54502a55a8cd343a)
* net/hostapd-devel: Update to the latest GH commitCy Schubert2022-06-202-5/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit ac47da76dc061b6eeb4e2b38ef7676d3b8f017a4)
* net/hostapd-devel: Update to the latest GH commitCy Schubert2022-06-202-5/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit f183d0432ba5fe9cb06da12593c4c958124cf643)
* security/wpa_supplicant-devel: Update to latest GH commitCy Schubert2022-06-202-5/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit 033186cbc065e7a4d2a0d685af288090aa9d9e5d)
* net/hostapd-devel: Update to the latest GH commitCy Schubert2022-06-202-5/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit f0089128404290b76d2e6e21c19e842431550d4f)
* security/wpa_supplicant-devel: Update to latest GH commitCy Schubert2022-06-202-5/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit e22465db8b6a49e1e0c2754645a036e3cc7de4bc)
* security/wpa_supplicant-devel: Update to latest GH commitCy Schubert2022-06-203-20/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit 023d2c907b347af4d4a3f58b9428ed333c9a2474)
* net/hostapd-devel: Update to the latest GH commitCy Schubert2022-06-202-6/+5
| | | | | | Update to the latest w1.fi commit, proxied through my GH account. (cherry picked from commit 2519bf6ea07f8e5435407c2b9cffda98b343be74)
* */{wpa_supplicant*,hostapd*}: Fix wpa 100% CPU when USB wlan NIC removedCy Schubert2022-06-208-11/+116
| | | | | | | | | | | | | | | | | | | | hostapd calls pcap_next(3) to read the next packet off the wlan interface. pcap_next() returns a pointer to the packet header but does not indicate success or failure. Unfortunately this results in an infinite loop (100% CPU) when the wlan device disappears, i.e. when a USB wlan device is manually removed or a USB error results in the device removal. However pcap_next_ex(3) does return success or failure. To resolve this we use pcap_next_ex(), forcing hostapd to exit when the error is encountered. An error message is printed to syslog or stderr when debugging (-d flag) is enabled. Unfortunately wpa_printf() only works when debugging is enabled. PR: 253608 Reported by: Damjan Jovanovic <damjan.jov@gmail.com>, bz (privately) MFH: 2022Q2 (cherry picked from commit c586ac04eb662dea00ab81b226fa3e41a5110b21)
* net/hostapd29: fix PKGBASE collisionAntoine Brodin2022-06-201-0/+1
| | | | (cherry picked from commit 9137f807f695dd109bf64a5857cbc7bb22b193ad)
* security/wpa_supplicant29: fix PKGBASE collisionAntoine Brodin2022-06-201-0/+1
| | | | (cherry picked from commit bffe961d466fd17d1d5f364817afd17486da5cd8)
* */*: Bring back wpa_supplicant29 and hostapd29 as new portsCy Schubert2022-06-2032-0/+1661
| | | | | | | | | | | The current wpa_supplicant and hostapd have an issue with AR9285. For the time being bring back wpa_supplicant 2.9 as security/wpa_supplicant29 and hostpd 2.9 as net/hostapd29 for those cases that have an issue with wpa_supplicant/hostpad2.10 (in base and in ports) PR: 264238 (cherry picked from commit 7150a0c9b1014e445a8266c9080d0bf4738dcc9c)
* sysutils/cbsd: Update 13.1.1Kirill Ponomarev2022-06-203-4/+6
| | | | | Changes: https://github.com/cbsd/cbsd/releases/tag/v13.1.1 (cherry picked from commit 6295bac14600171f1bbce8ffc494edcb79fe6d01)
* textproc/apache-solr: update to 8.11.2Matthias Fechner2022-06-202-4/+4
| | | | | | | | | | | | | | | | | | | | | | Security SOLR-15871: Update Log4J to 2.17.1 SOLR-15961: Fix bug in PKIAuthenticationPlugin that can cause a request to fail with 401 Unauthorized instead of re-fetching expired remote keys from other nodes. SOLR-14569: Configuring a shardHandlerFactory on the /select requestHandler results in HTTP 401 when searching on alias in secured Solr. SOLR-16022: Enforce special character requirements on passwords with length less than 15 SOLR-16075: ShowFileHandler path parameter is now validated to be relative to instance conf dir in standalone mode Bugfixes SOLR-15849: Fix the connection reset problem caused by the incorrect use of 4LW with \n when monitoring zooKeeper status SOLR-16199: Improve query syntax construction for SQL LIKE clause with phrases and wildcards SOLR-16143: SolrConfig can miss updates from ZooKeeper when deleting and recreating file items Changelog: https://cwiki.apache.org/confluence/display/SOLR/ReleaseNote8_11_2 MFH: 2022Q2 (cherry picked from commit e7f839003a92a531cfdde48560bac7fc5e994aa3)
* multimedia/libva-intel-media-driver: unbreak fetch due to repo growthJan Beich2022-06-201-8/+8
| | | | | | | | | | | | | | | | | | | fetch: https://github.com/intel/media-driver/commit/4a6e36a98c0b.patch: size mismatch: expected 1239, actual 1241 -index 512ef17b9..e81b24859 100755 +index 512ef17b9f..e81b248590 100755 -index 20a3f4bd6..79c252abf 100644 +index 20a3f4bd64..79c252abfd 100644 -index 834a9f40b..7ec0dffdd 100644 +index 834a9f40b6..7ec0dffdd8 100644 -index 3149b20b0..4ce08840e 100755 +index 3149b20b09..4ce08840e4 100755 -index 2d1c3a9ae..8dbc05a5c 100755 +index 2d1c3a9ae0..8dbc05a5c4 100755 Reported by: vishwin (cherry picked from commit 45816798c94f37842f1c04cea7a8908571411543)
* graphics/mesa-devel: update to 22.1.b.3251Jan Beich2022-06-192-5/+5
| | | | | Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/858cd2797c6...9ca0c0b4b40 (cherry picked from commit a37f6dd56a164cbd28fa414c35cc1a37603f7f07)
* textproc/py-ocrmypdf: Update to 13.4.7Kai Knoblich2022-06-183-6/+6
| | | | | | | | | | * Update WWW field to spare redirects. Changelog since 13.4.2: https://github.com/ocrmypdf/OCRmyPDF/blob/v13.4.7/docs/release_notes.rst MFH: 2022Q2 (cherry picked from commit 124a6ff0ea302c64d24d5787d82a828fd5c6bdcc)
* emulators/{catapult,openmsx}: update to 18.0Daniel Menelkir2022-06-185-14/+56
| | | | | | | | | | | ChangeLog: https://raw.githubusercontent.com/openMSX/openMSX/RELEASE_18_0/doc/release-notes.txt PR: 264702 Reported by: dmenelkir@gmail.com MFH: 2022Q2 (bugfix release) (cherry picked from commit 9a977dacf7c5cfb34907170d78327cc6deb41e69)
* audio/strawberry: update to 1.0.5Daniel Menelkir2022-06-182-4/+4
| | | | | | Changes: https://github.com/strawberrymusicplayer/strawberry/releases/tag/1.0.5 PR: 264703 (cherry picked from commit 61abe40475bcb496f17c0d677fb2e84f3fb8fded)
* graphics/mesa-devel: update to 22.1.b.3245Jan Beich2022-06-172-8/+5
| | | | | Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/d301883aba5...858cd2797c6 (cherry picked from commit 4178320ebadf686a58232ebd7af7a8f7d767fdfc)
* multimedia/ab-av1: update to 0.3.3Jan Beich2022-06-172-31/+28
| | | | | | | Changes: https://github.com/alexheretic/ab-av1/releases/tag/v0.3.3 Reported by: GitHub (watch releases) (cherry picked from commit 60ce303bb882aa62ddec6fdec165491059d8deb0)
* net/traefik: Update to upstream release 2.7.1Thomas Zander2022-06-172-4/+4
| | | | | | | | | | | Details: - Buxfix and documentation improvements, https://github.com/traefik/traefik/releases/tag/v2.7.1 - No known breaking configuration changes: https://doc.traefik.io/traefik/migration/v2/ MFH: 2022Q2 (cherry picked from commit 505cc55fdc65402c124754c04dd4a96ff628dc39)
* security/tor: Update 0.4.7.7 -> 0.4.7.8Yuri Victorovich2022-06-172-4/+4
| | | | | | Reported by: Tor Project notification (cherry picked from commit 4b03f85d7a63f521983071684bdd8f700418289e)
* databases/mongodb50: Update to 5.0.9Ronald Klop2022-06-172-15/+16
| | | | | | | | | | | | | | | | | ChangeLog: https://github.com/mongodb/mongo/releases/tag/r5.0.9 * Remove limits on number of LDAP connections per host * Detect namespace changes when refreshing Collection after yielding * Sharding an empty collection releases the critical section too early * Mongos fails to attach RetryableWrite Error Label For Command Interrupted In _parseCommand * Fix search near returning wrong key/value sometimes when key doesn't exist PR: 264341 Reported by: ulassayginim@gmail.com MFH: 2022Q2 (many bugfixes) (cherry picked from commit af13f94fea8c1df77c5a6451375c6f1afb91a6e5)
* sysutils/bhyve-rc: Fix writing to /dev/null in rc scriptBryan Drewery2022-06-162-3/+3
| | | | (cherry picked from commit 00ee9c96c68c854851905e3a7480fbe215efe722)
* www/rubygem-mechanize: Update to 2.8.5Po-Chuan Hsieh2022-06-162-4/+4
| | | | | | Changes: https://github.com/sparklemotion/mechanize/releases Security: CVE-2022-31033 (cherry picked from commit aa06ae53edda95e3e2665e482f1fabb89ae0b585)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-29 20:34:23 +0000