From owner-svn-ports-all@freebsd.org Mon Jun 29 10:43:55 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 616C1345860; Mon, 29 Jun 2020 10:43:55 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49wPHH1xB5z4dNG; Mon, 29 Jun 2020 10:43:55 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 25CF326388; Mon, 29 Jun 2020 10:43:55 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 05TAhtoh028189; Mon, 29 Jun 2020 10:43:55 GMT (envelope-from mandree@FreeBSD.org) Received: (from mandree@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 05TAhs7i028187; Mon, 29 Jun 2020 10:43:54 GMT (envelope-from mandree@FreeBSD.org) Message-Id: <202006291043.05TAhs7i028187@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mandree set sender to mandree@FreeBSD.org using -f From: Matthias Andree Date: Mon, 29 Jun 2020 10:43:54 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r540768 - in branches/2020Q2/security/putty: . files X-SVN-Group: ports-branches X-SVN-Commit-Author: mandree X-SVN-Commit-Paths: in branches/2020Q2/security/putty: . files X-SVN-Commit-Revision: 540768 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jun 2020 10:43:55 -0000 Author: mandree Date: Mon Jun 29 10:43:54 2020 New Revision: 540768 URL: https://svnweb.freebsd.org/changeset/ports/540768 Log: MFH: r540716 r540718 r540719 security/putty*: upgrade to 0.74 security fix release Changelog: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html among them are these two---and more bugfixes beyond not listed here: * Security fix: if an SSH server accepted an offer of a public key and then rejected the signature, PuTTY could access freed memory, if the key had come from an SSH agent. * Security feature: new config option to disable PuTTY's dynamic host key preference policy, if you prefer to avoid giving away to eavesdroppers which hosts you have stored keys for. Security: 6190c0cd-b945-11ea-9401-2dcf562daa69 Security: CVE-2020-14002 Security: FZI-2020-5 security/putty*: rename and update LICENCE from tarball. Approved by: ports-secteam (joneum@) [540716] Approved by: ports-secteam (blanket, metadata update) [540718, 540719] Added: branches/2020Q2/security/putty/files/LICENCE - copied unchanged from r540718, head/security/putty/files/LICENCE Deleted: branches/2020Q2/security/putty/files/LICENSE Modified: branches/2020Q2/security/putty/Makefile branches/2020Q2/security/putty/distinfo Directory Properties: branches/2020Q2/ (props changed) Modified: branches/2020Q2/security/putty/Makefile ============================================================================== --- branches/2020Q2/security/putty/Makefile Mon Jun 29 10:23:30 2020 (r540767) +++ branches/2020Q2/security/putty/Makefile Mon Jun 29 10:43:54 2020 (r540768) @@ -1,7 +1,8 @@ # $FreeBSD$ PORTNAME= putty -PORTVERSION= 0.73 +PORTVERSION= 0.74 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PORTVERSION}/ \ ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/ @@ -11,30 +12,37 @@ COMMENT= Secure shell and telnet client # test plan: test ALL 4 GSSAPI_* options, ALL 3 GTK options, WITH_DEBUG=yes build. LICENSE= MIT -LICENSE_FILE= ${FILESDIR}/LICENSE +LICENSE_FILE= ${FILESDIR}/LICENCE USES= cpe gmake pkgconfig +CPE_VENDOR= simon_tatham -WRKSRC= ${WRKDIR}/${DISTNAME}/unix -PATCH_WRKSRC= ${WRKDIR}/${DISTNAME} MAKEFILE= Makefile.gtk -CPE_VENDOR= simon_tatham +CONFLICTS_INSTALL?= pssh-[0-9]* putty-gtk2-[0-9]* putty-nogtk-[0-9]* -PLIST_FILES= bin/plink bin/pscp bin/psftp bin/puttygen -PLIST_FILES+= man/man1/plink.1.gz man/man1/pscp.1.gz man/man1/psftp.1.gz man/man1/puttygen.1.gz +PATCH_WRKSRC= ${WRKDIR}/${DISTNAME} +WRKSRC= ${WRKDIR}/${DISTNAME}/unix -OPTIONS_RADIO= TOOLKIT -OPTIONS_RADIO_TOOLKIT= GTK2 GTK3 -OPTIONS_DEFAULT=GSSAPI_BASE GTK3 -OPTIONS_SINGLE= GSSAPI_SELECT -OPTIONS_SINGLE_GSSAPI_SELECT= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT +PLIST_FILES= bin/plink \ + bin/pscp \ + bin/psftp \ + bin/puttygen \ + man/man1/plink.1.gz \ + man/man1/pscp.1.gz \ + man/man1/psftp.1.gz \ + man/man1/puttygen.1.gz -CONFLICTS_INSTALL?= pssh-[0-9]* putty-gtk2-[0-9]* putty-nogtk-[0-9]* +OPTIONS_DEFAULT= GSSAPI_BASE GTK3 +OPTIONS_RADIO= TOOLKIT +OPTIONS_RADIO_TOOLKIT= GTK2 GTK3 +OPTIONS_SINGLE= GSSAPI_SELECT +OPTIONS_SINGLE_GSSAPI_SELECT= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL \ + GSSAPI_MIT .include -CFLAGS+= -DBSD_PTYS -DOMIT_UTMP -DIPV6 -DHAVE_FUTIMES +CFLAGS+= -DBSD_PTYS -DHAVE_FUTIMES -DIPV6 -DOMIT_UTMP LDFLAGS+= -Wl,--as-needed .if (${PORT_OPTIONS:MGTK2} || ${PORT_OPTIONS:MGTK3}) && !defined(WITHOUT_X11) @@ -43,23 +51,31 @@ USE_XORG= x11 .if ${PORT_OPTIONS:MGTK2} USES+= gnome USE_GNOME= cairo gdkpixbuf2 gtk20 -MAKE_ARGS+= PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-2.0 x11 --cflags" +MAKE_ARGS+= GTK_CONFIG="pkg-config gtk+-2.0 x11 --cflags" \ + PUTTY_WITH_GTK=yes .endif .if ${PORT_OPTIONS:MGTK3} USES+= gnome USE_GNOME= cairo gdkpixbuf2 gtk30 -MAKE_ARGS+= PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-3.0 x11 --cflags" +MAKE_ARGS+= GTK_CONFIG="pkg-config gtk+-3.0 x11 --cflags" \ + PUTTY_WITH_GTK=yes .endif -PLIST_FILES+= bin/pageant bin/pterm bin/putty bin/puttytel -PLIST_FILES+= man/man1/pageant.1.gz man/man1/pterm.1.gz man/man1/putty.1.gz man/man1/puttytel.1.gz -PLIST_FILES+= share/pixmaps/putty.ico -DESKTOP_ENTRIES="PuTTY" \ - "${COMMENT}" \ - "${PREFIX}/share/pixmaps/${PORTNAME}.ico" \ - "${PORTNAME}" \ - "" \ - false +PLIST_FILES+= bin/pageant \ + bin/pterm \ + bin/putty \ + bin/puttytel \ + man/man1/pageant.1.gz \ + man/man1/pterm.1.gz \ + man/man1/putty.1.gz \ + man/man1/puttytel.1.gz \ + share/pixmaps/putty.ico +DESKTOP_ENTRIES= "PuTTY" \ + "${COMMENT}" \ + "${PREFIX}/share/pixmaps/${PORTNAME}.ico" \ + "${PORTNAME}" \ + "" \ + false .else MAKE_ARGS+= GTK_CONFIG=: .endif @@ -74,7 +90,7 @@ MAKE_ARGS+= KRB5CONFIG=${KRB5CONFIG} USES+= gssapi:mit,flags MAKE_ARGS+= KRB5CONFIG=${KRB5CONFIG} .else -_COMPAT= -DNO_GSSAPI +_COMPAT= -DNO_GSSAPI .endif _COMPAT+= -DOMIT_UTMP @@ -89,11 +105,11 @@ _COMPAT+= -DDEBUG # currently, but override it nonetheless. XFLAGS+= -Wno-error -MAKE_ARGS+= COMPAT="${_COMPAT}" \ - CC="${CC}" \ - XFLAGS="${XFLAGS}" \ +MAKE_ARGS+= CC="${CC}" \ + COMPAT="${_COMPAT}" \ INSTALL_DATA="${INSTALL_DATA}" \ - INSTALL_PROGRAM="${INSTALL_PROGRAM}" + INSTALL_PROGRAM="${INSTALL_PROGRAM}" \ + XFLAGS="${XFLAGS}" post-patch: @${REINPLACE_CMD} -e 's,prefix=/usr/local,prefix=${PREFIX},;\ Modified: branches/2020Q2/security/putty/distinfo ============================================================================== --- branches/2020Q2/security/putty/distinfo Mon Jun 29 10:23:30 2020 (r540767) +++ branches/2020Q2/security/putty/distinfo Mon Jun 29 10:43:54 2020 (r540768) @@ -1,3 +1,3 @@ -TIMESTAMP = 1571412224 -SHA256 (putty-0.73.tar.gz) = 3db0b5403fb41aecd3aa506611366650d927650b6eb3d839ad4dcc782519df1c -SIZE (putty-0.73.tar.gz) = 2459115 +TIMESTAMP = 1593350227 +SHA256 (putty-0.74.tar.gz) = ddd5d388e51dd9e6e294005b30037f6ae802239a44c9dc9808c779e6d11b847d +SIZE (putty-0.74.tar.gz) = 2476513 Copied: branches/2020Q2/security/putty/files/LICENCE (from r540718, head/security/putty/files/LICENCE) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q2/security/putty/files/LICENCE Mon Jun 29 10:43:54 2020 (r540768, copy of r540718, head/security/putty/files/LICENCE) @@ -0,0 +1,27 @@ +PuTTY is copyright 1997-2020 Simon Tatham. + +Portions copyright Robert de Bath, Joris van Rantwijk, Delian +Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry, +Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus +Kuhn, Colin Watson, Christopher Staite, Lorenz Diener, Christian +Brabandt, Jeff Smith, Pavel Kryukov, Maxim Kuznetsov, Svyatoslav +Kuzmich, Nico Williams, Viktor Dukhovni, and CORE SDI S.A. + +Permission is hereby granted, free of charge, to any person +obtaining a copy of this software and associated documentation files +(the "Software"), to deal in the Software without restriction, +including without limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of the Software, +and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE +FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF +CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.