From owner-svn-ports-branches@freebsd.org Sun May 29 19:12:23 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2FD9CB5316E; Sun, 29 May 2016 19:12:23 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB3F913BE; Sun, 29 May 2016 19:12:22 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u4TJCMM5091338; Sun, 29 May 2016 19:12:22 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u4TJCLnl091333; Sun, 29 May 2016 19:12:21 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201605291912.u4TJCLnl091333@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Sun, 29 May 2016 19:12:21 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416121 - in branches/2016Q2/net-mgmt/cacti: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 May 2016 19:12:23 -0000 Author: pi Date: Sun May 29 19:12:21 2016 New Revision: 416121 URL: https://svnweb.freebsd.org/changeset/ports/416121 Log: MFH: r416066 net-mgmt/cacti: 0.8.8g -> 0.8.8h This is a security update for cacti to resolve SQL exploits. - upgrade to 0.8.8h codebase from vendor - fix SQL vulnerabilities including CVE-2016-3659 - fix USE_MYSQL -> USES:mysql - fix deprecated mysql php module requirement (use mysqli instead) - fix overwriting of failure/recovery dates after outages PR: 209809 Submitted by: Daniel Austin (maintainer) Security: CVE-2016-3659 Approved by: ports-secteam (junovitch) Added: branches/2016Q2/net-mgmt/cacti/files/patch-lib__functions.php - copied unchanged from r416066, head/net-mgmt/cacti/files/patch-lib__functions.php Modified: branches/2016Q2/net-mgmt/cacti/Makefile branches/2016Q2/net-mgmt/cacti/distinfo branches/2016Q2/net-mgmt/cacti/files/patch-install__index.php branches/2016Q2/net-mgmt/cacti/pkg-plist Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/net-mgmt/cacti/Makefile ============================================================================== --- branches/2016Q2/net-mgmt/cacti/Makefile Sun May 29 19:01:23 2016 (r416120) +++ branches/2016Q2/net-mgmt/cacti/Makefile Sun May 29 19:12:21 2016 (r416121) @@ -15,8 +15,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= rrdtool:databases/rrdtool -USES= cpe shebangfix -USE_MYSQL= yes +USES= cpe mysql shebangfix USE_PHP= mysqli pcre session sockets snmp xml WANT_PHP_WEB= yes NO_ARCH= yes Modified: branches/2016Q2/net-mgmt/cacti/distinfo ============================================================================== --- branches/2016Q2/net-mgmt/cacti/distinfo Sun May 29 19:01:23 2016 (r416120) +++ branches/2016Q2/net-mgmt/cacti/distinfo Sun May 29 19:12:21 2016 (r416121) @@ -1,2 +1,2 @@ -SHA256 (cacti-0.8.8g.tar.gz) = 3187bd5054ae4e54496bb23187f14c79a441fedcfd397a2d27cd60179f0dee33 -SIZE (cacti-0.8.8g.tar.gz) = 2584879 +SHA256 (cacti-0.8.8h.tar.gz) = 0673bd9513dad381c8bbb9133c721a32bc6422dc91c5a81de16e3cd32e4d0600 +SIZE (cacti-0.8.8h.tar.gz) = 2585226 Modified: branches/2016Q2/net-mgmt/cacti/files/patch-install__index.php ============================================================================== --- branches/2016Q2/net-mgmt/cacti/files/patch-install__index.php Sun May 29 19:01:23 2016 (r416120) +++ branches/2016Q2/net-mgmt/cacti/files/patch-install__index.php Sun May 29 19:12:21 2016 (r416121) @@ -1,5 +1,14 @@ ---- install/index.php.bak 2015-03-12 03:12:05.409276443 -0700 -+++ install/index.php 2015-03-12 03:14:17.596295374 -0700 +--- install/index.php.orig 2016-05-28 10:54:08.124059773 +0100 ++++ install/index.php 2016-05-28 10:54:34.252057818 +0100 +@@ -63,7 +63,7 @@ + } + + function verify_php_extensions() { +- $extensions = array("session", "sockets", "mysql", "xml"); ++ $extensions = array("session", "sockets", "mysqli", "xml"); + $ok = true; + $missing_extension = "

Error

+

The following PHP extensions are missing:

    "; @@ -267,7 +267,7 @@ if (config_value_exists("path_cactilog")) { $input["path_cactilog"]["default"] = read_config_option("path_cactilog"); Copied: branches/2016Q2/net-mgmt/cacti/files/patch-lib__functions.php (from r416066, head/net-mgmt/cacti/files/patch-lib__functions.php) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q2/net-mgmt/cacti/files/patch-lib__functions.php Sun May 29 19:12:21 2016 (r416121, copy of r416066, head/net-mgmt/cacti/files/patch-lib__functions.php) @@ -0,0 +1,15 @@ +--- lib/functions.php.orig 2016-05-28 10:58:17.522042409 +0100 ++++ lib/functions.php 2016-05-28 11:00:31.399032747 +0100 +@@ -670,8 +670,10 @@ + $issue_log_message = false; + $ping_failure_count = read_config_option("ping_failure_count"); + $ping_recovery_count = read_config_option("ping_recovery_count"); +- $hosts[$host_id]["status_fail_date"] = '0000-00-00 00:00:00'; +- $hosts[$host_id]["status_rec_date"] = '0000-00-00 00:00:00'; ++ if ((!isset($hosts[$host_id]["status_fail_date"])) || ($hosts[$host_id]["status_fail_date"] == "")) ++ $hosts[$host_id]["status_fail_date"] = '0000-00-00 00:00:00'; ++ if ((!isset($hosts[$host_id]["status_rec_date"])) || ($hosts[$host_id]["status_rec_date"] == "")) ++ $hosts[$host_id]["status_rec_date"] = '0000-00-00 00:00:00'; + + if ($status == HOST_DOWN) { + /* update total polls, failed polls and availability */ Modified: branches/2016Q2/net-mgmt/cacti/pkg-plist ============================================================================== --- branches/2016Q2/net-mgmt/cacti/pkg-plist Sun May 29 19:01:23 2016 (r416120) +++ branches/2016Q2/net-mgmt/cacti/pkg-plist Sun May 29 19:12:21 2016 (r416121) @@ -348,6 +348,7 @@ %%CACTIDIR%%/install/0_8_8d_to_0_8_8e.php %%CACTIDIR%%/install/0_8_8e_to_0_8_8f.php %%CACTIDIR%%/install/0_8_8f_to_0_8_8g.php +%%CACTIDIR%%/install/0_8_8g_to_0_8_8h.php %%CACTIDIR%%/install/0_8_to_0_8_1.php %%CACTIDIR%%/install/index.php %%CACTIDIR%%/install/install_finish.gif From owner-svn-ports-branches@freebsd.org Sun May 29 22:08:47 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EC586B541A3; Sun, 29 May 2016 22:08:47 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B9ACA1A5F; Sun, 29 May 2016 22:08:47 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u4TM8kUS054429; Sun, 29 May 2016 22:08:46 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u4TM8kTp054427; Sun, 29 May 2016 22:08:46 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201605292208.u4TM8kTp054427@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Sun, 29 May 2016 22:08:46 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416128 - branches/2016Q2/security/clamav X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 May 2016 22:08:48 -0000 Author: delphij Date: Sun May 29 22:08:46 2016 New Revision: 416128 URL: https://svnweb.freebsd.org/changeset/ports/416128 Log: MFH: r416126 Update to 0.99.2. PR: ports/209384 Submitted by: Leonid Nevecherya Approved by: ports-secteam Modified: branches/2016Q2/security/clamav/Makefile branches/2016Q2/security/clamav/distinfo Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/security/clamav/Makefile ============================================================================== --- branches/2016Q2/security/clamav/Makefile Sun May 29 22:08:18 2016 (r416127) +++ branches/2016Q2/security/clamav/Makefile Sun May 29 22:08:46 2016 (r416128) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= clamav -PORTVERSION= 0.99.1 +PORTVERSION= 0.99.2 CATEGORIES= security MASTER_SITES= http://www.clamav.net/downloads/production/ Modified: branches/2016Q2/security/clamav/distinfo ============================================================================== --- branches/2016Q2/security/clamav/distinfo Sun May 29 22:08:18 2016 (r416127) +++ branches/2016Q2/security/clamav/distinfo Sun May 29 22:08:46 2016 (r416128) @@ -1,2 +1,2 @@ -SHA256 (clamav-0.99.1.tar.gz) = e144689122d3f91293808c82cbb06b7d3ac9eca7ae29564c5d148ffe7b25d58a -SIZE (clamav-0.99.1.tar.gz) = 15990867 +SHA256 (clamav-0.99.2.tar.gz) = 167bd6a13e05ece326b968fdb539b05c2ffcfef6018a274a10aeda85c2c0027a +SIZE (clamav-0.99.2.tar.gz) = 16067497 From owner-svn-ports-branches@freebsd.org Mon May 30 13:30:12 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 31859B53723; Mon, 30 May 2016 13:30:12 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E724E1DE5; Mon, 30 May 2016 13:30:11 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u4UDUBjB092887; Mon, 30 May 2016 13:30:11 GMT (envelope-from jbeich@FreeBSD.org) Received: (from jbeich@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u4UDUBAU092885; Mon, 30 May 2016 13:30:11 GMT (envelope-from jbeich@FreeBSD.org) Message-Id: <201605301330.u4UDUBAU092885@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jbeich set sender to jbeich@FreeBSD.org using -f From: Jan Beich Date: Mon, 30 May 2016 13:30:11 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416153 - in branches/2016Q2/games/burrtools: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 May 2016 13:30:12 -0000 Author: jbeich Date: Mon May 30 13:30:10 2016 New Revision: 416153 URL: https://svnweb.freebsd.org/changeset/ports/416153 Log: MFH: r416147 games/burrtools: switch back to clang on 10+ Fix undefined behavior on startup when parsing (embedded) config file written in Lua. Approved by: ports-secteam (junovitch) Added: branches/2016Q2/games/burrtools/files/patch-undefined - copied unchanged from r416147, head/games/burrtools/files/patch-undefined Modified: branches/2016Q2/games/burrtools/Makefile Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/games/burrtools/Makefile ============================================================================== --- branches/2016Q2/games/burrtools/Makefile Mon May 30 13:20:49 2016 (r416152) +++ branches/2016Q2/games/burrtools/Makefile Mon May 30 13:30:10 2016 (r416153) @@ -3,7 +3,7 @@ PORTNAME= burrtools PORTVERSION= 0.6.3 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= games MASTER_SITES= SF @@ -21,7 +21,6 @@ LIB_DEPENDS= libboost_system.so:devel/bo USES= gmake USE_XORG= x11 xt xext xmu xi USE_GL= glu -USE_GCC= yes # clang generates incorrect binaries: cause SIGILL GNU_CONFIGURE= yes CONFIGURE_ARGS= --disable-silent-rules @@ -37,12 +36,6 @@ DESKTOP_ENTRIES="BurrGui" "" "${PREFIX}/ OPTIONS_DEFINE= DOCS EXAMPLES -.include - -.if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1000024 -LDFLAGS+= -lc++ -.endif - post-patch: @${REINPLACE_CMD} -e \ 's|g++ |$$(CXX) | ; \ Copied: branches/2016Q2/games/burrtools/files/patch-undefined (from r416147, head/games/burrtools/files/patch-undefined) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q2/games/burrtools/files/patch-undefined Mon May 30 13:30:10 2016 (r416153, copy of r416147, head/games/burrtools/files/patch-undefined) @@ -0,0 +1,54 @@ +Found by -fsanitize=undefined as + + $ burrGui + lua/luaclass.cpp:60:17: runtime error: execution reached the end of a value-returning function without returning a value + +which with Clang leads to + + * thread #1: tid = 100272, 0x00000000005d0d2d burrGui`luaClass_c::doString(this=0x00007fffffffd6e0, code="windowposh = 600") + 125 at luaclass.cpp:61, stop reason = signal SIGILL: privileged instruction + frame #0: 0x00000000005d0d2d burrGui`luaClass_c::doString(this=0x00007fffffffd6e0, code="windowposh = 600") + 125 at luaclass.cpp:61 + 58 luaL_loadfile(L, fname) || lua_pcall(L, 0, 0, 0); + 59 } + 60 int luaClass_c::doString(const char *code) { + -> 61 luaL_loadbuffer(L, code, strlen(code), "line") || lua_pcall(L, 0, 0, 0); + 62 } + 63 + 64 /* functions that allow calling lua functions + (lldb) bt + * thread #1: tid = 100272, 0x00000000005d0d2d burrGui`luaClass_c::doString(this=0x00007fffffffd6e0, code="windowposh = 600") + 125 at luaclass.cpp:61, stop reason = signal SIGILL: privileged instruction + * frame #0: 0x00000000005d0d2d burrGui`luaClass_c::doString(this=0x00007fffffffd6e0, code="windowposh = 600") + 125 at luaclass.cpp:61 + frame #1: 0x0000000000416735 burrGui`configuration_c::parse(this=0x00000000008e5a18) + 165 at configuration.cpp:65 + frame #2: 0x0000000000416fbb burrGui`configuration_c::configuration_c(this=0x00000000008e5a18) + 939 at configuration.cpp:144 + frame #3: 0x0000000000417877 burrGui`::__cxx_global_var_init() + 23 at configuration.cpp:266 + frame #4: 0x00000000004178b9 burrGui`_GLOBAL__sub_I_configuration.cpp + 9 at configuration.cpp:0 + frame #5: 0x00000000006221e2 burrGui`__do_global_ctors_aux + 34 + frame #6: 0x000000000040e986 burrGui + +--- src/lua/luaclass.cpp.orig 2013-05-08 19:02:06 UTC ++++ src/lua/luaclass.cpp +@@ -54,10 +54,10 @@ bool luaClass_c::getBool(const char *nam + } + + /* functions to evaluate lua code */ +-int luaClass_c::doFile(const char *fname) { ++void luaClass_c::doFile(const char *fname) { + luaL_loadfile(L, fname) || lua_pcall(L, 0, 0, 0); + } +-int luaClass_c::doString(const char *code) { ++void luaClass_c::doString(const char *code) { + luaL_loadbuffer(L, code, strlen(code), "line") || lua_pcall(L, 0, 0, 0); + } + +--- src/lua/luaclass.h.orig 2013-05-08 19:02:06 UTC ++++ src/lua/luaclass.h +@@ -45,8 +45,8 @@ class luaClass_c { + bool getBool(const char *name); + + /* functions to evaluate lua code */ +- int doFile(const char *fname); +- int doString(const char *code); ++ void doFile(const char *fname); ++ void doString(const char *code); + + /* functions that allow calling lua functions + * From owner-svn-ports-branches@freebsd.org Tue May 31 16:13:00 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1BF41B56A43; Tue, 31 May 2016 16:13:00 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DD8311897; Tue, 31 May 2016 16:12:59 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u4VGCxVd088333; Tue, 31 May 2016 16:12:59 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u4VGCxgL088332; Tue, 31 May 2016 16:12:59 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201605311612.u4VGCxgL088332@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Tue, 31 May 2016 16:12:59 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416207 - branches/2016Q2/net-mgmt/cacti X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 May 2016 16:13:00 -0000 Author: pi Date: Tue May 31 16:12:58 2016 New Revision: 416207 URL: https://svnweb.freebsd.org/changeset/ports/416207 Log: net-mgmt/cacti: fix INDEX in quarterly branch - no USES=mysql allowed in the quarterly branch PR: 209809 Submitted by: antoine Approved by: ports-secteam (feld) Modified: branches/2016Q2/net-mgmt/cacti/Makefile Modified: branches/2016Q2/net-mgmt/cacti/Makefile ============================================================================== --- branches/2016Q2/net-mgmt/cacti/Makefile Tue May 31 15:57:12 2016 (r416206) +++ branches/2016Q2/net-mgmt/cacti/Makefile Tue May 31 16:12:58 2016 (r416207) @@ -15,8 +15,9 @@ LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= rrdtool:databases/rrdtool -USES= cpe mysql shebangfix +USES= cpe shebangfix USE_PHP= mysqli pcre session sockets snmp xml +USE_MYSQL= yes WANT_PHP_WEB= yes NO_ARCH= yes NO_BUILD= yes From owner-svn-ports-branches@freebsd.org Tue May 31 16:22:59 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DFB51B56D17; Tue, 31 May 2016 16:22:59 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BB2841E75; Tue, 31 May 2016 16:22:59 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u4VGMwGO092209; Tue, 31 May 2016 16:22:58 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u4VGMwC4092207; Tue, 31 May 2016 16:22:58 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201605311622.u4VGMwC4092207@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Tue, 31 May 2016 16:22:58 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416208 - branches/2016Q2/security/letsencrypt.sh X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 May 2016 16:23:00 -0000 Author: pi Date: Tue May 31 16:22:58 2016 New Revision: 416208 URL: https://svnweb.freebsd.org/changeset/ports/416208 Log: MFH: r412687 r415739 - Update to version 0.2.0 to unbreak PR: 209836 Reported by: Fabian Keil Approved by: Sascha Holzleiter (maintainer) Approved by: ports-secteam (delphij, junovitch) Modified: branches/2016Q2/security/letsencrypt.sh/Makefile branches/2016Q2/security/letsencrypt.sh/distinfo Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/security/letsencrypt.sh/Makefile ============================================================================== --- branches/2016Q2/security/letsencrypt.sh/Makefile Tue May 31 16:12:58 2016 (r416207) +++ branches/2016Q2/security/letsencrypt.sh/Makefile Tue May 31 16:22:58 2016 (r416208) @@ -1,7 +1,8 @@ # $FreeBSD$ PORTNAME= letsencrypt.sh -PORTVERSION= 0.0.0.20160229 +PORTVERSION= 0.2.0 +DISTVERSIONPREFIX= v CATEGORIES= security MAINTAINER= sascha@root-login.org @@ -14,7 +15,6 @@ RUN_DEPENDS= curl:ftp/curl USE_GITHUB= yes GH_ACCOUNT= lukas2511 -GH_TAGNAME= 2099c77 OPTIONS_SINGLE= SHELL OPTIONS_SINGLE_SHELL= BASH ZSH @@ -43,25 +43,30 @@ PORTDOCS_PLIST_FILES= %%PORTDOCS%%%%DOCS SUB_FILES= 000.letsencrypt.sh pkg-message SUB_LIST= PORTNAME=${PORTNAME} -PORTDOCS= README.md +PORTDOCS= README.md dns-verification.md domains_txt.md ecc.md hook_chain.md \ + import-from-official-client.md staging.md troubleshooting.md wellknown.md -SHEBANG_FILES= config.sh.example hook.sh.example letsencrypt.sh +SHEBANG_FILES= docs/examples/config.sh.example docs/examples/hook.sh.example letsencrypt.sh post-patch-ZSH-on: -. for p in config.sh.example hook.sh.example letsencrypt.sh - ${REINPLACE_CMD} '1 s/bash/zsh/' ${WRKSRC}/${p} +. for p in docs/examples/config.sh.example docs/examples/hook.sh.example letsencrypt.sh + ${REINPLACE_CMD} '1 s/bash/zsh/' ${WRKSRC}/${p} . endfor do-install: @${MKDIR} ${STAGEDIR}${ETCDIR}/.acme-challenges ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS} - ${INSTALL_DATA} ${WRKSRC}/config.sh.example ${STAGEDIR}${ETCDIR}/config.sh.example - ${INSTALL_DATA} ${WRKSRC}/hook.sh.example ${STAGEDIR}${ETCDIR}/hook.sh.example - ${INSTALL_DATA} ${WRKSRC}/domains.txt.example ${STAGEDIR}${ETCDIR}/domains.txt.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/config.sh.example ${STAGEDIR}${ETCDIR}/config.sh.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/hook.sh.example ${STAGEDIR}${ETCDIR}/hook.sh.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/domains.txt.example ${STAGEDIR}${ETCDIR}/domains.txt.example ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME} ${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES} post-install: ${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR} +. for d in dns-verification domains_txt ecc hook_chain import-from-official-client \ + staging troubleshooting wellknown + ${INSTALL_MAN} ${WRKSRC}/docs/${d}.md ${STAGEDIR}${DOCSDIR} +. endfor .include Modified: branches/2016Q2/security/letsencrypt.sh/distinfo ============================================================================== --- branches/2016Q2/security/letsencrypt.sh/distinfo Tue May 31 16:12:58 2016 (r416207) +++ branches/2016Q2/security/letsencrypt.sh/distinfo Tue May 31 16:22:58 2016 (r416208) @@ -1,2 +1,3 @@ -SHA256 (lukas2511-letsencrypt.sh-0.0.0.20160229-2099c77_GH0.tar.gz) = 37149924420a750033bcb5ae6c7bcf5652f1e0b233015f506a72f21355ebb85a -SIZE (lukas2511-letsencrypt.sh-0.0.0.20160229-2099c77_GH0.tar.gz) = 16266 +TIMESTAMP = 1463941305 +SHA256 (lukas2511-letsencrypt.sh-v0.2.0_GH0.tar.gz) = d6e25bbbfa14b87dea4999ecddfd441bbcdc1fd8b3160fa4c4a8ed412ee664e1 +SIZE (lukas2511-letsencrypt.sh-v0.2.0_GH0.tar.gz) = 19314 From owner-svn-ports-branches@freebsd.org Wed Jun 1 22:54:15 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B4E65B64270; Wed, 1 Jun 2016 22:54:15 +0000 (UTC) (envelope-from zi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 52882184C; Wed, 1 Jun 2016 22:54:15 +0000 (UTC) (envelope-from zi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u51MsEcZ075364; Wed, 1 Jun 2016 22:54:14 GMT (envelope-from zi@FreeBSD.org) Received: (from zi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u51MsEat075363; Wed, 1 Jun 2016 22:54:14 GMT (envelope-from zi@FreeBSD.org) Message-Id: <201606012254.u51MsEat075363@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: zi set sender to zi@FreeBSD.org using -f From: Ryan Steinmetz Date: Wed, 1 Jun 2016 22:54:14 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416262 - branches/2016Q2/security/vuxml X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jun 2016 22:54:15 -0000 Author: zi Date: Wed Jun 1 22:54:14 2016 New Revision: 416262 URL: https://svnweb.freebsd.org/changeset/ports/416262 Log: MFH: r416260 - Get vuln.xml in sync with head Approved by: ports-secteam (me) Modified: branches/2016Q2/security/vuxml/vuln.xml Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/security/vuxml/vuln.xml ============================================================================== --- branches/2016Q2/security/vuxml/vuln.xml Wed Jun 1 22:50:28 2016 (r416261) +++ branches/2016Q2/security/vuxml/vuln.xml Wed Jun 1 22:54:14 2016 (r416262) @@ -58,6 +58,2391 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + h2o -- use after free on premature connection close + + + h2o + 1.7.3 + + + + +

    Tim Newsha reports:

    +
    +

    When H2O tries to disconnect a premature HTTP/2 connection, it + calls free(3) to release memory allocated for the connection and + immediately after then touches the memory. No malloc-related + operation is performed by the same thread between the time it calls + free and the time the memory is touched. Fixed by Frederik + Deweerdt.

    +
    + +     + + https://h2o.examp1e.net/vulnerabilities.html + + + 2016-05-17 + 2016-06-01 + +     + + + nginx -- a specially crafted request might result in worker process crash + + + nginx + 1.4.01.10.1 + + + nginx-devel + 1.3.91.11.1 + + + + +

    Maxim Dounin reports:

    +
    +

    A problem was identified in nginx code responsible for saving + client request body to a temporary file. A specially crafted + request might result in worker process crash due to a NULL + pointer dereference while writing client request body to a + temporary file.

    +
    + +     + + http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html + CVE-2016-4450 + + + 2016-05-31 + 2016-05-31 + +     + + + cacti -- multiple vulnerabilities + + + cacti + 0.8.8h + + + + +

    The Cacti Group, Inc. reports:

    +
    +

    Changelog

    +
      +
    • bug:0002667: Cacti SQL Injection Vulnerability
      • +
    • bug:0002673: CVE-2016-3659 - Cacti graph_view.php SQL Injection + Vulnerability
      • +
    • bug:0002656: Authentication using web authentication as a user + not in the cacti database allows complete access (regression)
      • +
    +
    + +     + + CVE-2016-3659 + http://www.cacti.net/release_notes_0_8_8h.php + http://bugs.cacti.net/view.php?id=2673 + http://seclists.org/fulldisclosure/2016/Apr/4 + http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html + + + 2016-04-04 + 2016-05-28 + +     + + + openvswitch -- MPLS buffer overflow + + + openvswitch + 2.3.2_1 + + + + +

    Open vSwitch reports:

    +
    +

    Multiple versions of Open vSwitch are vulnerable to remote buffer + overflow attacks, in which crafted MPLS packets could overflow the + buffer reserved for MPLS labels in an OVS internal data structure. + The MPLS packets that trigger the vulnerability and the potential for + exploitation vary depending on version:

    +

    Open vSwitch 2.1.x and earlier are not vulnerable.

    +

    In Open vSwitch 2.2.x and 2.3.x, the MPLS buffer overflow can be + exploited for arbitrary remote code execution.

    +

    In Open vSwitch 2.4.x, the MPLS buffer overflow does not obviously lead + to a remote code execution exploit, but testing shows that it can allow a + remote denial of service. See the mitigation section for details.

    +

    Open vSwitch 2.5.x is not vulnerable.

    +
    + +     + + CVE-2016-2074 + + + 2016-03-28 + 2016-05-29 + +     + + + chromium -- multiple vulnerabilities + + + chromium + chromium-npapi + chromium-pulse + 51.0.2704.63 + + + + +

    Google Chrome Releases reports:

    +
    +

    42 security fixes in this release, including:

    +
      +
    • [590118] High CVE-2016-1672: Cross-origin bypass in extension + bindings. Credit to Mariusz Mlynski.
      • +
    • [597532] High CVE-2016-1673: Cross-origin bypass in Blink. + Credit to Mariusz Mlynski.
      • +
    • [598165] High CVE-2016-1674: Cross-origin bypass in extensions.i + Credit to Mariusz Mlynski.
      • +
    • [600182] High CVE-2016-1675: Cross-origin bypass in Blink. + Credit to Mariusz Mlynski.
      • +
    • [604901] High CVE-2016-1676: Cross-origin bypass in extension + bindings. Credit to Rob Wu.
      • +
    • [602970] Medium CVE-2016-1677: Type confusion in V8. Credit to + Guang Gong of Qihoo 360.
      • +
    • [595259] High CVE-2016-1678: Heap overflow in V8. Credit to + Christian Holler.
      • +
    • [606390] High CVE-2016-1679: Heap use-after-free in V8 + bindings. Credit to Rob Wu.
      • +
    • [589848] High CVE-2016-1680: Heap use-after-free in Skia. + Credit to Atte Kettunen of OUSPG.
      • +
    • [613160] High CVE-2016-1681: Heap overflow in PDFium. Credit to + Aleksandar Nikolic of Cisco Talos.
      • +
    • [579801] Medium CVE-2016-1682: CSP bypass for ServiceWorker. + Credit to KingstonTime.
      • +
    • [583156] Medium CVE-2016-1683: Out-of-bounds access in libxslt. + Credit to Nicolas Gregoire.
      • +
    • [583171] Medium CVE-2016-1684: Integer overflow in libxslt. + Credit to Nicolas Gregoire.
      • +
    • [601362] Medium CVE-2016-1685: Out-of-bounds read in PDFium. + Credit to Ke Liu of Tencent's Xuanwu LAB.
      • +
    • [603518] Medium CVE-2016-1686: Out-of-bounds read in PDFium. + Credit to Ke Liu of Tencent's Xuanwu LAB.
      • +
    • [603748] Medium CVE-2016-1687: Information leak in extensions. + Credit to Rob Wu.
      • +
    • [604897] Medium CVE-2016-1688: Out-of-bounds read in V8. + Credit to Max Korenko.
      • +
    • [606185] Medium CVE-2016-1689: Heap buffer overflow in media. + Credit to Atte Kettunen of OUSPG.
      • +
    • [608100] Medium CVE-2016-1690: Heap use-after-free in Autofill. + Credit to Rob Wu.
      • +
    • [597926] Low CVE-2016-1691: Heap buffer-overflow in Skia. + Credit to Atte Kettunen of OUSPG.
      • +
    • [598077] Low CVE-2016-1692: Limited cross-origin bypass in + ServiceWorker. Credit to Til Jasper Ullrich.
      • +
    • [598752] Low CVE-2016-1693: HTTP Download of Software Removal + Tool. Credit to Khalil Zhani.
      • +
    • [603682] Low CVE-2016-1694: HPKP pins removed on cache + clearance. Credit to Ryan Lester and Bryant Zadegan.
      • +
    • [614767] CVE-2016-1695: Various fixes from internal audits, + fuzzing and other initiatives.
      • +
    +
    + +     + + CVE-2016-1672 + CVE-2016-1673 + CVE-2016-1674 + CVE-2016-1675 + CVE-2016-1672 + CVE-2016-1677 + CVE-2016-1678 + CVE-2016-1679 + CVE-2016-1680 + CVE-2016-1681 + CVE-2016-1682 + CVE-2016-1683 + CVE-2016-1684 + CVE-2016-1685 + CVE-2016-1686 + CVE-2016-1687 + CVE-2016-1688 + CVE-2016-1689 + CVE-2016-1690 + CVE-2016-1691 + CVE-2016-1692 + CVE-2016-1693 + CVE-2016-1694 + CVE-2016-1695 + http://googlechromereleases.blogspot.nl/2016/05/stable-channel-update_25.html + + + 2016-05-25 + 2016-05-28 + +     + + + chromium -- multiple vulnerabilities + + + chromium + chromium-npapi + chromium-pulse + 50.0.2661.102 + + + + +

    Google Chrome Releases reports:

    +
    +

    5 security fixes in this release, including:

    +
      +
    • [605766] High CVE-2016-1667: Same origin bypass in DOM. Credit + to Mariusz Mlynski.
      • +
    • [605910] High CVE-2016-1668: Same origin bypass in Blink V8 + bindings. Credit to Mariusz Mlynski.
      • +
    • [606115] High CVE-2016-1669: Buffer overflow in V8. Credit to + Choongwoo Han.
      • +
    • [578882] Medium CVE-2016-1670: Race condition in loader. Credit + to anonymous.
      • +
    • [586657] Medium CVE-2016-1671: Directory traversal using the + file scheme on Android. Credit to Jann Horn.
      • +
    +
    + +     + + CVE-2016-1667 + CVE-2016-1668 + CVE-2016-1669 + CVE-2016-1670 + CVE-2016-1671 + http://googlechromereleases.blogspot.nl/2016/05/stable-channel-update.html + + + 2016-05-11 + 2016-05-28 + +     + + + chromium -- multiple vulnerablities + + + chromium + chromium-npapi + chromium-pulse + 50.0.2661.94 + + + + +

    Google Chrome Releases reports:

    +
    +

    9 security fixes in this release, including:

    +
      +
    • [574802] High CVE-2016-1660: Out-of-bounds write in Blink. + Credit to Atte Kettunen of OUSPG.
      • +
    • [601629] High CVE-2016-1661: Memory corruption in cross-process + frames. Credit to Wadih Matar.
      • +
    • [603732] High CVE-2016-1662: Use-after-free in extensions. + Credit to Rob Wu.
      • +
    • [603987] High CVE-2016-1663: Use-after-free in Blink's V8 + bindings. Credit to anonymous.
      • +
    • [597322] Medium CVE-2016-1664: Address bar spoofing. Credit to + Wadih Matar.
      • +
    • [606181] Medium CVE-2016-1665: Information leak in V8. Credit + to HyungSeok Han.
      • +
    • [607652] CVE-2016-1666: Various fixes from internal audits, + fuzzing and other initiatives.
      • +
    +
    + +     + + CVE-2016-1660 + CVE-2016-1661 + CVE-2016-1662 + CVE-2016-1663 + CVE-2016-1664 + CVE-2016-1665 + CVE-2016-1666 + http://googlechromereleases.blogspot.nl/2016/04/stable-channel-update_28.html + + + 2016-04-28 + 2016-05-28 + +     + + + php -- multiple vulnerabilities + + + php70-gd + php70-intl + 7.0.7 + + + php56 + php56-gd + 5.6.22 + + + php55 + php55-gd + php55-phar + 5.5.36 + + + + +

    The PHP Group reports:

    +
    +
    • Core: +
        +
      • Fixed bug #72114 (Integer underflow / arbitrary null write in + fread/gzread). (CVE-2016-5096) (PHP 5.5/5.6 only)
        • +
      • Fixed bug #72135 (Integer Overflow in php_html_entities). + (CVE-2016-5094) (PHP 5.5/5.6 only)
        • +
      • +
    • GD: +
        +
      • Fixed bug #72227 (imagescale out-of-bounds read). + (CVE-2013-7456)
        • +
      • +
    • Intl: +
        +
      • Fixed bug #72241 (get_icu_value_internal out-of-bounds read). + (CVE-2016-5093)
        • +
      • +
    • Phar: +
        +
      • Fixed bug #71331 (Uninitialized pointer in + phar_make_dirstream()). (CVE-2016-4343) (PHP 5.5 only)
        • +
      • +
    +
    + +     + + CVE-2016-5096 + CVE-2016-5094 + CVE-2013-7456 + CVE-2016-5093 + CVE-2016-4343 + ports/209779 + http://php.net/ChangeLog-7.php#7.0.7 + http://php.net/ChangeLog-5.php#5.6.22 + http://php.net/ChangeLog-5.php#5.5.36 + + + 2016-05-26 + 2016-05-28 + +     + + + phpmyadmin -- XSS and sensitive data leakage + + + phpmyadmin + 4.6.04.6.2 + + + + +

    The phpmyadmin development team reports:

    +
    +

    Description

    +

    Because user SQL queries are part of the URL, sensitive + information made as part of a user query can be exposed by + clicking on external links to attackers monitoring user GET + query parameters or included in the webserver logs.

    +

    Severity

    +

    We consider this to be non-critical.

    +
    +
    +

    Description

    +

    A specially crafted attack could allow for special HTML + characters to be passed as URL encoded values and displayed + back as special characters in the page.

    +

    Severity

    +

    We consider this to be non-critical.

    +
    + +     + + https://www.phpmyadmin.net/security/PMASA-2016-14/ + https://www.phpmyadmin.net/security/PMASA-2016-16/ + CVE-2016-5097 + CVE-2016-5099 + + + 2016-05-25 + 2016-05-25 + 2016-05-26 + +     + + + mediawiki -- multiple vulnerabilities + + + mediawiki123 + 1.23.14 + + + mediawiki124 + 1.24.6 + + + mediawiki125 + 1.25.6 + + + mediawiki126 + 1.26.3 + + + + +

    Mediawiki reports:

    +
    +

    Security fixes:

    +

    T122056: Old tokens are remaining valid within a new session

    +

    T127114: Login throttle can be tricked using non-canonicalized + usernames

    +

    T123653: Cross-domain policy regexp is too narrow

    +

    T123071: Incorrectly identifying http link in a's href + attributes, due to m modifier in regex

    +

    T129506: MediaWiki:Gadget-popups.js isn't renderable

    +

    T125283: Users occasionally logged in as different users after + SessionManager deployment

    +

    T103239: Patrol allows click catching and patrolling of any + page

    +

    T122807: [tracking] Check php crypto primatives

    +

    T98313: Graphs can leak tokens, leading to CSRF

    +

    T130947: Diff generation should use PoolCounter

    +

    T133507: Careless use of $wgExternalLinkTarget is insecure

    +

    T132874: API action=move is not rate limited

    +
    + +     + + https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html + + + 2016-05-20 + 2016-05-24 + +     + + + wpa_supplicant -- psk configuration parameter update allowing arbitrary data to be written + + + wpa_supplicant + 2.5_2 + + + + +

    Jouni Malinen reports:

    +
    +

    psk configuration parameter update allowing arbitrary data to be + written (2016-1 - CVE-2016-4476/CVE-2016-4477).

    +
    + +     + + CVE-2016-4476 + CVE-2016-4477 + /ports/209564 + http://w1.fi/security/2016-1/psk-parameter-config-update.txt + + + 2016-05-02 + 2016-05-20 + +     + + + expat -- denial of service vulnerability on malformed input + + + expat + 2.1.1 + + + + +

    Gustavo Grieco reports:

    +
    +

    The Expat XML parser mishandles certain kinds of malformed input + documents, resulting in buffer overflows during processing and error + reporting. The overflows can manifest as a segmentation fault or as + memory corruption during a parse operation. The bugs allow for a + denial of service attack in many applications by an unauthenticated + attacker, and could conceivably result in remote code execution.

    +
    + +     + + CVE-2016-0718 + ports/209360 + http://www.openwall.com/lists/oss-security/2016/05/17/12 + + + 2016-05-17 + 2016-05-20 + +     + + + Bugzilla security issues + + + bugzilla44 + 4.4.12 + + + bugzilla50 + 5.0.3 + + + + +

    Bugzilla Security Advisory

    +
    +

    A specially crafted bug summary could trigger XSS in dependency graphs. + Due to an incorrect parsing of the image map generated by the dot script, + a specially crafted bug summary could trigger XSS in dependency graphs.

    +
    + +     + + CVE-2016-2803 + https://bugzilla.mozilla.org/show_bug.cgi?id=1253263 + + + 2016-03-03 + 2016-05-17 + +     + + + OpenVPN -- Buffer overflow in PAM authentication and DoS through port sharing + + + openvpn + 2.3.11 + + + openvpn-polarssl + 2.3.11 + + + + +

    Samuli Seppänen reports:

    +
    +

    OpenVPN 2.3.11 [...] fixes two vulnerabilities: a port-share bug + with DoS potential and a buffer overflow by user supplied data when + using pam authentication.[...]

    +
    + +     + + https://sourceforge.net/p/openvpn/mailman/message/35076507/ + https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.11 + + + 2016-03-03 + 2016-05-14 + +     + + + imagemagick -- buffer overflow + + + ImageMagick + ImageMagick-nox11 + 6.9.4.1,1 + + + ImageMagick7 + ImageMagick7-nox11 + 7.0.0.0.b201507157.0.1.3 + + + + +

    ImageMagick reports:

    +
    +

    Fix a buffer overflow in magick/drag.c/DrawStrokePolygon().

    +
    + +     + + http://legacy.imagemagick.org/script/changelog.php + + + 2016-05-09 + 2016-05-13 + +     + + + jenkins -- multiple vulnerabilities + + + jenkins + 2.2 + + + jenkins2 + 2.2 + + + jenkins-lts + 1.651.1 + + + + +

    Jenkins Security Advisory:

    +
    +

    Description

    +
    SECURITY-170 / CVE-2016-3721
    +

    Arbitrary build parameters are passed to build scripts as environment variables

    +
    SECURITY-243 / CVE-2016-3722
    +

    Malicious users with multiple user accounts can prevent other users from logging in

    +
    SECURITY-250 / CVE-2016-3723
    +

    Information on installed plugins exposed via API

    +
    SECURITY-266 / CVE-2016-3724
    +

    Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration

    +
    SECURITY-273 / CVE-2016-3725
    +

    Regular users can trigger download of update site metadata

    +
    SECURITY-276 / CVE-2016-3726
    +

    Open redirect to scheme-relative URLs

    +
    SECURITY-281 / CVE-2016-3727
    +

    Granting the permission to read node configurations allows access to overall system configuration

    +
    + +     + + CVE-2016-3721 + CVE-2016-3722 + CVE-2016-3723 + CVE-2016-3724 + CVE-2016-3725 + CVE-2016-3726 + CVE-2016-3727 + https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11 + + + 2016-05-11 + 2016-05-12 + +     + + + perl5 -- taint mechanism bypass vulnerability + + + perl5 + 5.18.4_21 + 5.20.05.20.3_12 + 5.22.05.22.1_8 + + + perl5.18 + 5.18.05.18.4_21 + + + perl5.20 + 5.20.05.20.3_12 + + + perl5.22 + 5.22.05.22.1_8 + + + + +

    MITRE reports:

    +
    +

    Perl might allow context-dependent attackers to bypass the taint + protection mechanism in a child process via duplicate environment + variables in envp.

    +
    + +     + + CVE-2016-2381 + ports/208879 + + + 2016-04-08 + 2016-05-10 + +     + + + wordpress -- multiple vulnerabilities + + + wordpress + 4.5.2,1 + + + de-wordpress + ja-wordpress + ru-wordpress + zh-wordpress-zh_CN + zh-wordpress-zh_TW + 4.5.2 + + + + +

    Helen Hou-Sandi reports:

    +
    +

    WordPress 4.5.2 is now available. This is a security release for + all previous versions and we strongly encourage you to update your + sites immediately.

    +

    WordPress versions 4.5.1 and earlier are affected by a SOME + vulnerability through Plupload, the third-party library WordPress + uses for uploading files. WordPress versions 4.2 through 4.5.1 are + vulnerable to reflected XSS using specially crafted URIs through + MediaElement.js, the third-party library used for media players. + MediaElement.js and Plupload have also released updates fixing + these issues.

    +
    + +     + + CVE-2016-4566 + CVE-2016-4567 + https://wordpress.org/news/2016/05/wordpress-4-5-2/ + http://www.openwall.com/lists/oss-security/2016/05/07/7 + + + 2016-05-06 + 2016-05-10 + +     + + + libarchive -- RCE vulnerability + + + libarchive + 3.2.0,1 + + + + +

    The libarchive project reports:

    +
    +

    Heap-based buffer overflow in the zip_read_mac_metadata function + in archive_read_support_format_zip.c in libarchive before 3.2.0 + allows remote attackers to execute arbitrary code via crafted + entry-size values in a ZIP archive.

    +
    + +     + + CVE-2016-1541 + https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7 + + + 2016-05-01 + 2016-05-09 + 2016-05-10 + +     + + + squid -- multiple vulnerabilities + + + squid + 3.0.03.5.18 + + + squid-devel + 4.0.04.0.10 + + + + +

    The squid development team reports:

    +
    +
    +
    Problem Description:
    +
    Due to incorrect data validation of intercepted HTTP + Request messages Squid is vulnerable to clients bypassing + the protection against CVE-2009-0801 related issues. This + leads to cache poisoning.
    +
    Severity:
    +
    This problem is serious because it allows any client, + including browser scripts, to bypass local security and + poison the proxy cache and any downstream caches with + content from an arbitrary source.
    +
    +
    +
    +
    +
    Problem Description:
    +
    Due to incorrect input validation Squid is vulnerable + to a header smuggling attack leading to cache poisoning + and to bypass of same-origin security policy in Squid and + some client browsers.
    +
    Severity:
    +
    This problem allows a client to smuggle Host header + value past same-origin security protections to cause Squid + operating as interception or reverse-proxy to contact the + wrong origin server. Also poisoning any downstream cache + which stores the response.
    +
    However, the cache poisoning is only possible if the + caching agent (browser or explicit/forward proxy) is not + following RFC 7230 processing guidelines and lets the + smuggled value through.
    +
    +
    +
    +
    +
    Problem Description:
    +
    Due to incorrect pointer handling and reference + counting Squid is vulnerable to a denial of service attack + when processing ESI responses.
    +
    Severity:
    +
    These problems allow a remote server delivering + certain ESI response syntax to trigger a denial of service + for all clients accessing the Squid service.
    +
    Due to unrelated changes Squid-3.5 has become + vulnerable to some regular ESI server responses also + triggering one or more of these issues.
    +
    +
    + +     + + CVE-2016-4553 + CVE-2016-4554 + CVE-2016-4555 + CVE-2016-4556 + http://www.squid-cache.org/Advisories/SQUID-2016_7.txt + http://www.squid-cache.org/Advisories/SQUID-2016_8.txt + http://www.squid-cache.org/Advisories/SQUID-2016_9.txt + + + 2016-05-06 + 2016-05-07 + 2016-05-09 + +     + + + ImageMagick -- multiple vulnerabilities + + + ImageMagick + ImageMagick-nox11 + 6.9.3.9_1,1 + + + ImageMagick7 + ImageMagick7-nox11 + 7.0.0.0.b201507157.0.1.0_1 + + + + +

    Openwall reports:

    +
    +

    Insufficient filtering for filename passed to delegate's command + allows remote code execution during conversion of several file + formats. Any service which uses ImageMagick to process user + supplied images and uses default delegates.xml / policy.xml, + may be vulnerable to this issue.

    +

    It is possible to make ImageMagick perform a HTTP GET or FTP + request

    +

    It is possible to delete files by using ImageMagick's 'ephemeral' + pseudo protocol which deletes files after reading.

    +

    It is possible to move image files to file with any extension + in any folder by using ImageMagick's 'msl' pseudo protocol. + msl.txt and image.gif should exist in known location - /tmp/ + for PoC (in real life it may be web service written in PHP, + which allows to upload raw txt files and process images with + ImageMagick).

    +

    It is possible to get content of the files from the server + by using ImageMagick's 'label' pseudo protocol.

    +
    + +     + + CVE-2016-3714 + CVE-2016-3715 + CVE-2016-3716 + CVE-2016-3717 + CVE-2016-3718 + http://www.openwall.com/lists/oss-security/2016/05/03/18 + https://imagetragick.com/ + + + 2016-05-03 + 2016-05-06 + 2016-05-07 + +     + + + jansson -- local denial of service vulnerabilities + + + jansson + 2.7_2 + + + + +

    QuickFuzz reports:

    +
    +

    A crash caused by stack exhaustion parsing a JSON was found.

    +
    + +     + + http://www.openwall.com/lists/oss-security/2016/05/01/5 + http://www.openwall.com/lists/oss-security/2016/05/02/1 + CVE-2016-4425 + + + 2016-05-01 + 2016-05-04 + +     + + + OpenSSL -- multiple vulnerabilities + + + openssl + 1.0.2_11 + + + linux-c6-openssl + 1.0.1e_8 + *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-ports-branches@freebsd.org Wed Jun 1 22:55:11 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 44AF8B642AB; Wed, 1 Jun 2016 22:55:11 +0000 (UTC) (envelope-from zi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0E2F61966; Wed, 1 Jun 2016 22:55:10 +0000 (UTC) (envelope-from zi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u51MtAos075561; Wed, 1 Jun 2016 22:55:10 GMT (envelope-from zi@FreeBSD.org) Received: (from zi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u51MtAnK075559; Wed, 1 Jun 2016 22:55:10 GMT (envelope-from zi@FreeBSD.org) Message-Id: <201606012255.u51MtAnK075559@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: zi set sender to zi@FreeBSD.org using -f From: Ryan Steinmetz Date: Wed, 1 Jun 2016 22:55:10 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416263 - branches/2016Q2/www/h2o X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jun 2016 22:55:11 -0000 Author: zi Date: Wed Jun 1 22:55:09 2016 New Revision: 416263 URL: https://svnweb.freebsd.org/changeset/ports/416263 Log: MFH: r416261 - Update to 1.7.3 PR: 209926 Submitted by: Dave Cottlehuber Security: 65bb1858-27de-11e6-b714-74d02b9a84d5 Approved by: ports-secteam (me) Modified: branches/2016Q2/www/h2o/Makefile branches/2016Q2/www/h2o/distinfo Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/www/h2o/Makefile ============================================================================== --- branches/2016Q2/www/h2o/Makefile Wed Jun 1 22:54:14 2016 (r416262) +++ branches/2016Q2/www/h2o/Makefile Wed Jun 1 22:55:09 2016 (r416263) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= h2o -PORTVERSION= 1.7.1 +PORTVERSION= 1.7.3 DISTVERSIONPREFIX= v CATEGORIES= www Modified: branches/2016Q2/www/h2o/distinfo ============================================================================== --- branches/2016Q2/www/h2o/distinfo Wed Jun 1 22:54:14 2016 (r416262) +++ branches/2016Q2/www/h2o/distinfo Wed Jun 1 22:55:09 2016 (r416263) @@ -1,2 +1,3 @@ -SHA256 (h2o-h2o-v1.7.1_GH0.tar.gz) = a9488667f0b73a66d5ef593660f6c0f66311d6eb4bf9378c6b7e74ab7ec9eea2 -SIZE (h2o-h2o-v1.7.1_GH0.tar.gz) = 6546234 +TIMESTAMP = 1464774475 +SHA256 (h2o-h2o-v1.7.3_GH0.tar.gz) = 546bcde8aa3cf996d161d1e75aaad159d10fca1b3d368c4270f0674e8c78a213 +SIZE (h2o-h2o-v1.7.3_GH0.tar.gz) = 6541316 From owner-svn-ports-branches@freebsd.org Fri Jun 3 06:50:10 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5F273B68565; Fri, 3 Jun 2016 06:50:10 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2FCA41ECD; Fri, 3 Jun 2016 06:50:10 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u536o91F076110; Fri, 3 Jun 2016 06:50:09 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u536o9pN076108; Fri, 3 Jun 2016 06:50:09 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201606030650.u536o9pN076108@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Fri, 3 Jun 2016 06:50:09 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416300 - branches/2016Q2/net/ntp X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jun 2016 06:50:10 -0000 Author: cy Date: Fri Jun 3 06:50:09 2016 New Revision: 416300 URL: https://svnweb.freebsd.org/changeset/ports/416300 Log: MFH: r416298 Update 4.2.8p7 --> 4.2.8p8 Approved by: ports-secteam@ (delphij) Modified: branches/2016Q2/net/ntp/Makefile branches/2016Q2/net/ntp/distinfo Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/net/ntp/Makefile ============================================================================== --- branches/2016Q2/net/ntp/Makefile Fri Jun 3 06:26:59 2016 (r416299) +++ branches/2016Q2/net/ntp/Makefile Fri Jun 3 06:50:09 2016 (r416300) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= ntp -PORTVERSION= 4.2.8p7 +PORTVERSION= 4.2.8p8 CATEGORIES= net ipv6 MASTER_SITES= http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ \ http://archive.ntp.org/ntp4/ntp-4.2/ \ Modified: branches/2016Q2/net/ntp/distinfo ============================================================================== --- branches/2016Q2/net/ntp/distinfo Fri Jun 3 06:26:59 2016 (r416299) +++ branches/2016Q2/net/ntp/distinfo Fri Jun 3 06:50:09 2016 (r416300) @@ -1,2 +1,3 @@ -SHA256 (ntp-4.2.8p7.tar.gz) = 81d20c06a0b01abe3b84fac092185bf014252d38fe5e7b2758f604680a0220dc -SIZE (ntp-4.2.8p7.tar.gz) = 7175313 +TIMESTAMP = 1464934880 +SHA256 (ntp-4.2.8p8.tar.gz) = 2ab3d0b5f0456e6311dda1cc27ab75da108762773a19e46abd938bd9407b97ee +SIZE (ntp-4.2.8p8.tar.gz) = 7205710 From owner-svn-ports-branches@freebsd.org Fri Jun 3 06:51:02 2016 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8EA5FB685A1; Fri, 3 Jun 2016 06:51:02 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 60282102F; Fri, 3 Jun 2016 06:51:02 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u536p1NO077678; Fri, 3 Jun 2016 06:51:01 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u536p1tF077676; Fri, 3 Jun 2016 06:51:01 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201606030651.u536p1tF077676@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Fri, 3 Jun 2016 06:51:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r416301 - branches/2016Q2/net/ntp-devel X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jun 2016 06:51:02 -0000 Author: cy Date: Fri Jun 3 06:51:01 2016 New Revision: 416301 URL: https://svnweb.freebsd.org/changeset/ports/416301 Log: MFH: r416299 Update 4.3.91 --> 4.3.93 Approved by: ports-secteam@ (delphij) Modified: branches/2016Q2/net/ntp-devel/Makefile branches/2016Q2/net/ntp-devel/distinfo Directory Properties: branches/2016Q2/ (props changed) Modified: branches/2016Q2/net/ntp-devel/Makefile ============================================================================== --- branches/2016Q2/net/ntp-devel/Makefile Fri Jun 3 06:50:09 2016 (r416300) +++ branches/2016Q2/net/ntp-devel/Makefile Fri Jun 3 06:51:01 2016 (r416301) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= ntp -PORTVERSION= 4.3.91 +PORTVERSION= 4.3.93 CATEGORIES= net ipv6 MASTER_SITES= http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/ \ http://archive.ntp.org/ntp4/ntp-dev/ Modified: branches/2016Q2/net/ntp-devel/distinfo ============================================================================== --- branches/2016Q2/net/ntp-devel/distinfo Fri Jun 3 06:50:09 2016 (r416300) +++ branches/2016Q2/net/ntp-devel/distinfo Fri Jun 3 06:51:01 2016 (r416301) @@ -1,2 +1,3 @@ -SHA256 (ntp-dev-4.3.91.tar.gz) = 13eebf473d2720c1e50fcbe1d99f574b945565d202f76c52bf24b538ed695628 -SIZE (ntp-dev-4.3.91.tar.gz) = 7019622 +TIMESTAMP = 1464935130 +SHA256 (ntp-dev-4.3.93.tar.gz) = a07e73d7a3ff139bba33ee4b1110d5f3f4567465505d6317c9b50eefb9720c42 +SIZE (ntp-dev-4.3.93.tar.gz) = 7088564