From owner-svn-ports-head@FreeBSD.ORG Sat Feb 1 21:12:48 2014 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D0495398; Sat, 1 Feb 2014 21:12:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BB7F31F06; Sat, 1 Feb 2014 21:12:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id s11LCmwj071446; Sat, 1 Feb 2014 21:12:48 GMT (envelope-from bdrewery@svn.freebsd.org) Received: (from bdrewery@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id s11LClFD071439; Sat, 1 Feb 2014 21:12:47 GMT (envelope-from bdrewery@svn.freebsd.org) Message-Id: <201402012112.s11LClFD071439@svn.freebsd.org> From: Bryan Drewery Date: Sat, 1 Feb 2014 21:12:47 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r342212 - in head/ports-mgmt: pkg pkg-devel X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Feb 2014 21:12:49 -0000 Author: bdrewery Date: Sat Feb 1 21:12:47 2014 New Revision: 342212 URL: http://svnweb.freebsd.org/changeset/ports/342212 QAT: https://qat.redports.org/buildarchive/r342212/ Log: - Update pkg and pkg-devel to 1.2.6 This update includes a security update for possible arbitrary code execution from package manifest parsing. All users are advised to upgrade ASAP. The base pkg(7) was never affected by this. [1] Changes: * Fix libyaml head-based buffer overflow [1] * Fix pkg info -E support for ports, which namely affected net/openldap* usage. [2] * Fix packages registering themselves as dependencies [3] * Bash autocompletion fixes [4] * autoremove: Don't try to remove locked packages * Support 'pkg bootstrap -f', which will force a reinstall of pkg on FreeBSD 10.0+ * Fix %t timestamp formatter with %{...%} modifiers [5] * pkg info: Show date installed * Add $daily_status_security_pkgaudit_quiet to control 410.pkg-audit.in output verbosity level * Add an error when trying to update repository and none are defined [6] * Fix typos in manpages [7] Security: CVE-2013-6393 [1] Reported by: secteam (delphij) [1] PR: ports/184797 [2] Reported by: Pavel Timofeev [2], many Submitted by: smh@ [3] Submitted by: brd@ [4] Submitted by: Jamie Landeg Jones [5] Submitted by: Rodrigo Osorio [6] Submitted by: Michael Gehring, wblock [7] With hat: portmgr MFH: 2014Q1 Modified: head/ports-mgmt/pkg-devel/Makefile head/ports-mgmt/pkg-devel/distinfo head/ports-mgmt/pkg/Makefile head/ports-mgmt/pkg/distinfo Modified: head/ports-mgmt/pkg-devel/Makefile ============================================================================== --- head/ports-mgmt/pkg-devel/Makefile Sat Feb 1 20:53:19 2014 (r342211) +++ head/ports-mgmt/pkg-devel/Makefile Sat Feb 1 21:12:47 2014 (r342212) @@ -1,10 +1,12 @@ # $FreeBSD$ PORTNAME= pkg -DISTVERSION= 1.2.5 +DISTVERSION= 1.2.6 CATEGORIES= ports-mgmt -MASTER_SITES= http://files.etoilebsd.net/pkg/ \ +MASTER_SITES= \ http://mirror.shatow.net/freebsd/${PORTNAME}/ \ + http://miwibox.org/distfiles/${PORTNAME}/ \ + http://files.etoilebsd.net/pkg/ \ LOCAL/portmgr PKGNAMESUFFIX= -devel Modified: head/ports-mgmt/pkg-devel/distinfo ============================================================================== --- head/ports-mgmt/pkg-devel/distinfo Sat Feb 1 20:53:19 2014 (r342211) +++ head/ports-mgmt/pkg-devel/distinfo Sat Feb 1 21:12:47 2014 (r342212) @@ -1,2 +1,2 @@ -SHA256 (pkg-1.2.5.tar.xz) = ea6f1c95b8fcc1a017979949fc8f06f218f4412c5ec1ddcc4858d0b751759d6c -SIZE (pkg-1.2.5.tar.xz) = 1808040 +SHA256 (pkg-1.2.6.tar.xz) = 6c16c233986b1ff5268284c356ce870134f07f84710d61ec7033a3d729bdbbb0 +SIZE (pkg-1.2.6.tar.xz) = 1808860 Modified: head/ports-mgmt/pkg/Makefile ============================================================================== --- head/ports-mgmt/pkg/Makefile Sat Feb 1 20:53:19 2014 (r342211) +++ head/ports-mgmt/pkg/Makefile Sat Feb 1 21:12:47 2014 (r342212) @@ -1,10 +1,12 @@ # $FreeBSD$ PORTNAME= pkg -DISTVERSION= 1.2.5 +DISTVERSION= 1.2.6 CATEGORIES= ports-mgmt -MASTER_SITES= http://files.etoilebsd.net/pkg/ \ +MASTER_SITES= \ + http://miwibox.org/distfiles/${PORTNAME}/ \ http://mirror.shatow.net/freebsd/${PORTNAME}/ \ + http://files.etoilebsd.net/pkg/ \ LOCAL/portmgr MAINTAINER= portmgr@FreeBSD.org Modified: head/ports-mgmt/pkg/distinfo ============================================================================== --- head/ports-mgmt/pkg/distinfo Sat Feb 1 20:53:19 2014 (r342211) +++ head/ports-mgmt/pkg/distinfo Sat Feb 1 21:12:47 2014 (r342212) @@ -1,2 +1,2 @@ -SHA256 (pkg-1.2.5.tar.xz) = ea6f1c95b8fcc1a017979949fc8f06f218f4412c5ec1ddcc4858d0b751759d6c -SIZE (pkg-1.2.5.tar.xz) = 1808040 +SHA256 (pkg-1.2.6.tar.xz) = 6c16c233986b1ff5268284c356ce870134f07f84710d61ec7033a3d729bdbbb0 +SIZE (pkg-1.2.6.tar.xz) = 1808860