03:48 Muhammad Moinur Rahman (bofh) 

security/libotr: Moved man to share/man

Approved by:    portmgr (blanket)

    0b4b9ae

21:10 Stefan Eßer (se) 

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.

There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.

The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.

Approved by:		portmgr (tcberner)

    b7f0544

21:40 Stefan Eßer (se) 

*/*: Remove redundant '-*' from CONFLICTS definitions

The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").

Approved by: portmgr (blanket)

    04b9da4

08:09 Mathieu Arnold (mat) 

One more small cleanup, forgotten yesterday.
Reported by:	lwhsu

    cf118cc

14:31 Mathieu Arnold (mat) 

Remove # $FreeBSD$ from Makefiles.

    305f148

10:08 amdmi3 

- Remove always-true/false conditions after FreeBSD 9, 10.1, 10.2 EOL

Approved by:	portmgr blanket

 

14:25 mat 

Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight

 

22:37 feld 

security/libotr: Update to 4.1.1

Changes:
* Fix an integer overflow bug that can cause a heap buffer overflow (and
from there remote code execution) on 64-bit platforms
* Fix possible free() of an uninitialized pointer
* Be stricter about parsing v3 fragments
* Add a testsuite ("make check" to run it), but only on Linux for now,
since it uses Linux-specific features such as epoll
* Fix a memory leak when reading a malformed instance tag file
* Protocol documentation clarifications

MFH:		2016Q1
Security:	CVE-2016-2851

 

18:46 pi 

security/libgcrypt: 1.6.1 -> 1.6.2, bump depends

Changes:
- src/sexp.c (do_vsexp_sscan): Return error for invalid args.
- cipher/md.c (_gcry_md_info): Fix a segv in case of calling
  with wrong parameters.
- cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
  error code, possible NULL deref in call to prime generator.
- cipher/dsa.c (generate): Take care of new return code.
- cipher/elgamal.c (generate): Change to return an error code.  Take
	care of _gcry_generate_elg_prime return code.
- ecc: Support the non-standard 0x40 compression flag for EdDSA.
- mpi: Extend the internal mpi_get_buffer.
- mpi: Fix regression for powerpc-apple-darwin detection.
- Fix bug inhibiting the use of the sentinel attribute in src/gcrypt.h.in
- Fix building for the x32 target without asm modules in
  mpi/generic/mpi-asm-defs.h: Use a fixed value for the x32 ABI.
- Fix ARM assembly when building __PIC__
- mpi: Fix a subtle bug setting spurious bits with in mpi_set_bit.
  * mpi/mpi-bit.c (_gcry_mpi_set_bit, _gcry_mpi_set_highbit): Clear
    allocated but not used bits before resizing.
  * tests/t-mpi-bits.c (set_bit_with_resize): New.
- Use internal malloc function in fips.c.
  * src/fips.c (check_binary_integrity): s/gcry_malloc/xtrymalloc/.
- pubkey: Re-map all deprecated RSA algo numbers.
- cipher: Fix possible NULL dereference in cipher/md.c for being NULL.
- Fix ARMv6 detection when CFLAGS modify target CPU architecture.

PR:		193264
Approved by:	cpm@fbsd.es (maintainer)

 

22:44 cs 

- Update to 4.1.0
- Use striping
- Please portlint
- Bump PORTREVISION

 

20:54 cs 

Add CPE

 

03:57 pi 

security/libgcrypt: 1.5.3_3 -> 1.6.1

- Update to 1.6.1
- Remove some unneeded patches
- Fix pkg-plist
- report configure bug upstream
  https://bugs.g10code.com/gnupg/issue1668
- report API breakage downstream and find that MacPorts had the same issue
  https://rt.cpan.org/Ticket/Display.html?id=97201
- bump PORTREVISION for dependent ports (approx. 100 ports)
- Thanks to exp-run by antoine@ to find ports that break
- patch ports that would otherwise break
  security/shishi with PR 192164 is already committed
  [1] devel/ccrtp
  [2] editors/abiword
  [3] security/p5-Crypt-GCrypt

PR:		191256, 192162 [1], 192163 [2], 192166 [3]
Submitted by:	Carlos Jacobo Puga Medina <cjpugmed@gmail.com>
Approved by:	maintainer timeout, antoine (exp-run), portmgr (implicit)

 

19:56 tijl 

- Remove build dependency on pkgconf.
- USES=libtool pathfix.
- Reenable -fstack-protector.  There was only ever a problem on FreeBSD
  i386 <10 which can be fixed by adding -lssp_nonshared to LDFLAGS like
  Mk/bsd.ssp.mk does.

Approved by:	cs (maintainer)

 

21:36 cs 

- security/libotr: update to new LIB_DEPENDS, adjust conflicts
- security/libotr3: update to new LIB_DEPENDS, adjust conflicts, add staging
support

 

18:36 cs 

- Update mirrors
- Support staging

 

21:13 cs 

Take maintainership

 

22:55 bapt 

Add NO_STAGE all over the place in preparation for the staging support (cat:
security)

 

22:35 ak 

- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)

 

16:36 ehaupt 

Chase security/libgcrypt update

 

10:38 dougb 

Throw my ports back in the pool, and make my intentions clear for the
various ports that I've created.

I bid fond fare well
A chapter closes for me
What opens for you?

 

18:53 dougb 

silence reinplace command from last commit

 

07:54 dougb 

Work around a problem on stable/[89] with libotr generating an
"undefined reference to `__stack_chk_fail_local'" error. None
of the usual remedies work (such as making sure that gcc is used
instead of ld for the linker) so on those releases we simply
disable that option.

pointyhat logs confirm that pidgin-otr (the only consumer of libotr
atm) is failing on 8 and 9 with the same configure error that I am
seeing on 8, so this patch should at least allow it to build on those
releases.

Bump PORTREVISION for libotr to err on the side of caution.

While I'm here, remove a now-spurious mod to the pidgin-otr configure.

 

07:03 dougb 

Update libotr and pidgin-otr to 4.0.0

The main new features in 4.0.0:

* Support v3 of the OTR protocol

* The plugin now supports multiple OTR conversations with the same buddy
  who is logged in at multiple locations. In this case, a new OTR menu
  will appear, which allows you to select which session an outgoing
  message is indended for. Note that concurrent SMP authentications with
  the same buddy who is logged in multiple times is not yet supported
  (starting a second authentication will end the first).

* During a private conversation with a buddy, an incoming unencrypted
  message will now trigger the regular incoming message notifications.
  In Pidgin this includes showing the message in the top-right
  notification area, if it is normally configured to do so.

* When a private conversation begins, the plugin will indicate whether
  Pidgin is configured to log the conversation.

* By default, OTR conversations will not be logged by Pidgin.

* New translations.

* libotr API changes:

  - instance tags, to support multiple simultaneous logins

  - support for asynchronous private key generation

  - the ability to provide an "extra" symmetric key to applications
    (with forward secrecy)

  - applications can supply a formation conversion callback if they do
    not natively use XHTML-style UTF8 markup

  - error messages formerly provided by libotr are now handled using
    callbacks to the application, for better i18n support

  - otrl_message_sending now handles message fragmentation internally

 

08:39 dougb 

14 August 2012 libotr version 3.2.1 released

Versions 3.2.0 and earlier of libotr contain a small heap write overrun
(thanks to Justin Ferguson for the report), and a large heap read overrun
(thanks to Ben Hawkes for the report).

Add a vuxml entry, and tune up the notes about adding a new entry.

08:17 dougb 

Remove my personal web site from MASTER_SITES

07:13 dougb 

Revert the unauthorized conversion of pkg-config from a proper build dep
to the new macro (r301539). Convert pkg-config to pkgconf.

Add a build dep on pkgconf to pidgin-otr to handle libotr's .pc files

05:40 bapt 

new devel/pkgconf added to replace devel/pkg-config. new version of pkg-config
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility

This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG

it can take the following arguments:
 - yes (meaning build only dep)
 - build (meaning build only dep)
 - run (meaning run only dep)
 - both (meaning run and build dep)

From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.

While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config

With Hat:	portmgr
Exp-runs by:	bapt (pointhat-west), beat (pointyhat)

06:52 dougb 

Change USE_GNOME= pkgconfig to a direct BUILD_DEPENDS for my ports

07:55 dougb 

Indicate my preference against bumping PORTREVISION in these ports
without a good reason

11:40 swills 

- Chase the libgcrypt shared lib version

07:34 ade 

Sync to new bsd.autotools.mk

11:52 ade 

Punt autoconf267->autoconf268

18:35 ade 

Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs

01:25 wxs 

Chase security/libgcrypt shlib bump.

PR:             ports/148755
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>

19:36 mezz 

-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.

It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.

With help:      marcus and kwm
Pointyhat-exp:  a few times by pav
Tested by:      pgollucci, "Romain Tartière" <romain@blogreen.org>, and
                a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by:    marcus
Approved by:    portmgr

19:51 dougb 

Where it matters, update regarding MAKE_JOBS_{UN}SAFE for my ports

13:01 rafan 

- Bump PORTREVISION due to share library version bump in security/libgcrypt

PR:              ports/127478

00:57 ade 

Conversion from (now defunct) autoconf-2.61 to autoconf-2.62

Tested by:      exp build run (erwin)

05:54 dougb 

Add my website to MASTER_SITES

05:49 dougb 

Update to version 3.2.0, released June 15th. The configuration and
"OTR button" functionality have been moved to a menu. Also, "Buddy
authentication has been revamped, based on the user study published
in SOUPS 2008." The old authentication methods are still allowed.

In this version support for pkgconfig has been added, and the
shared library version number has been bumped.

This port has 3 consumers, net-im/climm, security/kopete-otr, and
security/pidgin-otr. Maintainers of the first two have confirmed
that this update works for them. An update for pidgin-otr is next.

This has been tested against pidgin 2.4.2 and 2.4.3.

Finally, I'm taking over maintainership per agreement with the
current maintainer.

14:01 edwin 

Bump portrevision due to upgrade of devel/gettext.

The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).

PR:             ports/124340
Submitted by:   edwin@
Approved by:    portmgr (pav)

04:47 linimon 

Switch autoconf dependencies from 2.53 or 2.59 to 2.61.

PR:             ports/116639
Submitted by:   aDe

20:59 dougb 

Forced commit to note that the right PR number is 115665. 115664 is
related, and by the same submitter.

20:57 dougb 

1. Update to version 3.1.0
2. Add a verify target for the PGP signature, and download the signature

Approved by:    maintainer

PR:             ports/115664 (pkg-plist fix)
Submitted by:   Matthias Andree <matthias.andree@gmx.de>

14:12 jylefort 

Track libgpg-error shlib version change.

07:10 sergei 

- Chase libgpg-error version bump [1]
- Add explicit version to libgpg-error dependency where missing [2]
- Bump PORTREVISION [1]

Approved by:    maintainers (arved, lofi, novel,
                ports at mcdermottroe dot com) [1]
Suggested by:   novel, lofi [2]

01:04 clsung 

- s,INSTALLS_SHLIB,USE_LDCONFIG,g
- these include security/ sysutils/ textproc/ maintained by ports@

PR:             ports/101916
Submitted by:   Gea-Suan Lin <gslin_AT_gslin dot org>

10:40 ade 

Conversion to a single libtool environment.

Approved by:    portmgr (kris)

12:09 mnag 

Update to 3.0.0

PR:             92357
Submitted by:   Conor McDermottroe <ports@mcdermottroe.com> (maintainer)

06:52 ade 

Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.

14:22 pav 

- Fix plist

PR:             ports/80194
Submitted by:   Conor McDermottroe <ports@mcdermottroe.com> (maintainer)
Pointy hat to:  danfe

09:14 danfe 

Add libotr 2.0.1, the portable OTR Messaging Library and toolkit.

PR:             ports/79100
Submitted by:   Conor McDermottroe <ports(at)mcdermottroe.com>