FreeBSD Monitor
2015-07-01 02:44:28
- Use correct flag for SSE instructions
- Enable SSE on amd64 by default

PR: 200411
Submitted by: [email protected], [email protected] (maintainer)
2015-07-01 01:34:09
Update 4.2.8p2 --> 4.2.8p3

Special thanks to delphij@ for the prep work.

Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0
2015-07-01 01:04:24
databases/libmemcached: revert using --with-pic

This wasn't necessary

Pointyhat to: swills
Reported by: tijl, bapt
2015-07-01 01:03:03
databases/p5-Memcached-libmemcached: improve patch

The patch to Makefile.PL needed to also replace $Config{lib_ext} (which
defaults to ".a") with ".so" so that we link against the right thing. This
avoids the need to patch databases/libmemcached.

While here, also avoid hard coding the path to PREFIX and split out the
libstdc++ to libc++ patch, avoiding duplication.

Pointyhat to: swills
Reported by: tijl, bapt
2015-07-01 00:27:37
Update to 1.12.4.

PR: ports/201192
Submitted by: maintainer (Torsten Z?hlsdorff)
2015-07-01 00:09:31
Document games/wesnoth authentication information disclosure vulnerability.

PR: 201105
Submitted by: Jason Unovitch
Freebsd Updating
The default kernel entropy-processing algorithm is now
Fortuna, replacing Yarrow.

Assuming you have 'device random' in your kernel config
file, the configurations allow a kernel option to override
this default. You may choose *ONE* of:

options RANDOM_YARROW # Legacy /dev/random algorithm.
options RANDOM_DUMMY # Blocking-only driver.

If you have neither, you get Fortuna. For most people,
read no further, Fortuna will give a /dev/random that works
like it always used to, and the difference will be irrelevant.

If you remove 'device random', you get *NO* kernel-processed
entopy at all. This may be acceptable to folks building
embedded systems, but has complications. Carry on reading,
and it is assumed you know what you need.

*PLEASE* read random(4) and random(9) if you are in the
habit of tweeking kernel configs, and/or if you are a member
of the embedded community, wanting specific and not-usual
behaviour from your security subsystems.

NOTE!! If you use RANDOM_DUMMY and/or have no 'device
random', you will NOT have a functioning /dev/random, and
many cryptographic features will not work, including SSH.
You may also find strange behaviour from the random(3) set
of library functions, in particular sranddev(3), srandomdev(3)
and arc4random(3). The reason for this is that the KERN_ARND
sysctl only returns entropy if it thinks it has some to
share, and with RANDOM_DUMMY or no 'device random' this
will never happen.
2015-06-30 23:56:39
- Document CVE-2015-3258 (cups-filters buffer overflow vulnerability)

PR: 201134
Submitted by: [email protected]
Differential Revision:
2015-06-30 22:59:36
- Switch to new github home [1]

PR: 201173 [1]
Submitted by: [email protected] [1]
Differential Revision:
2015-06-30 22:54:44
- Switch to new github home

PR: 201174
Submitted by: [email protected]
Differential Revision:
2015-06-30 22:53:28
accessibility/speech-dispatcher: remove NLS option

Building the port without NLS failed as the configure script still
required the gettext tools.

PR: 201221
2015-06-30 21:51:56
- Fix build on 10.x i386:

gsm0610_rpe.c:81:10: error: invalid operand for instruction
" movq %[gsm_H],%%mm1;\n"

Submitted by: pkg-fallout
Approved by: portmgr blanket
Differential Revision:
2015-06-30 21:49:29
Bump PORTREVISION in cmake and cmake-gui after r391009.

Make sure the generated binaries have the right entry for in
the ELF headers.

PR: 200969
2015-06-30 21:47:57
- Update to 1.0.70

PR: 201134
Submitted by: [email protected] (maintainer)
Differential Revision:
2015-06-30 21:43:04
Properly version

Fix the problem described in bug 200969: currently, is not
properly versioned by SCons; in other words, there's no SONAME in the
library's ELF header, which confuses the linker when creating binaries that
link against it.

Solve it by using InstallVersionedLib(), available since SCons 2.3.0: this
call is able to properly version the shared library the way we need it.
Since there is no support for actually installing the files outside the
build directory, we have to recreate the required symlinks ourselves in the
Makefile. Another related change is that we now create the libraries with
the proper names instead of doing that in the Makefile.

I'm (ab)using the maintainer's approval given to bug 200939, as swills's
latest patch includes this change as well.

PR: 200969
PR: 201057
Approved by: [email protected] (maintainer)
2015-06-30 21:25:24
Fix build when AUTHLIB is enabled by partly reverting an upstream
change which depends on a newer courier-authlib verison.