summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2022-11-12user/tmux: bump { 3.0a --> 3.3a }. fixes #369.Zach van Rijn1-3/+3
2022-11-12system/perl-dbi: patch CVE-2014-10402. fixes #378.Zach van Rijn2-3/+102
2022-11-12user/cups: bump { 2.4.1 --> 2.4.2 }. fixes #844.Zach van Rijn1-2/+2
2022-11-12user/raptor2: apply upstream CVE patches. fixes #366.Zach van Rijn3-4/+78
2022-11-12user/openjpeg: bump { 2.3.1 --> 2.5.0 }. fixes #329.Zach van Rijn4-236/+5
2022-11-12user/imagemagick: bump { 7.0.8.68 --> 7.1.0.52 }. fix typo. fixes #319.Zach van Rijn1-5/+5
2022-11-12user/jasper: bump { 2.0.16 --> 2.0.33 }. fixes #253. closes !549.Zach van Rijn1-5/+7
This is the latest 2.x release. There are now 3.x and 4.x releases. The CVEs are now mitigated, but there's more bumping/testing to do.
2022-11-12user/unbound: bump { 1.9.6 --> 1.17.0 }. fixes #291.Zach van Rijn1-4/+4
2022-11-12user/nsd: bump { 4.3.2 --> 4.6.1 }. fixes #291.Zach van Rijn1-2/+2
2022-11-12user/ctags: switch { exuberant --> universal } implementation. fixes #270.Zach van Rijn1-10/+21
2022-11-11user/poppler: bump { 22.06.0 --> 22.11.0 }. fixes #842.Zach van Rijn1-3/+3
2022-11-11user/fastjar: add patch for CVE-2010-{0831,2322} and updater. fixes #136, #841.Zach van Rijn4-36/+98
2022-11-11user/mcpp: pull miscellaneous patches. fixes #169.Zach van Rijn4-5/+103
2022-11-11user/audiofile: multiple CVE patches. fixes #124.Zach van Rijn8-2/+543
2022-11-06user/slang: bump { 2.3.2 --> 2.3.3 }. fixes #765.Zach van Rijn1-2/+2
2022-11-05user/a52dec: bump { 0.7.4 --> 0.8.0 }. fixes #793.Zach van Rijn4-55/+19
2022-11-04user/gsl: disable 'complex' test for ppc. closes #764.Zach van Rijn1-1/+9
2022-11-04user/gsl: selectively disable optimizations. disable one test. fixes #763.Zach van Rijn1-2/+27
2022-11-04user/libffcall: move to 'experimental/'. see #761.Zach van Rijn2-0/+0
2022-11-03user/libetonyek: use explicit MDDS version. fixes #827.Zach van Rijn1-2/+3
We need to be explicit with the MDDS version (major.minor only). The default of 1.5 only worked by coincidence, and there does not appear to be a mechanism to automatically detect a compatible one. This (0.1.10) is the latest release as of writing. ./configure.ac: AS_HELP_STRING([--with-mdds=1.5|1.4|1.2|1.0|0.x], [Specify which version of mdds to use (1.5 is the default)]),
2022-11-03user/liborcus: bump { 0.15.3 --> 0.17.2 }. fixes #825.Zach van Rijn1-9/+10
2022-11-03user/libixion: bump { 0.15.0 --> 0.17.0 }. update upstream URL. fixes #824.Zach van Rijn2-33/+8
2022-11-03user/mdds: bump { 1.5.0 --> 2.0.3 }. fixes #823.Zach van Rijn1-5/+5
2022-11-03user/minizip: bump { 1.2.12 --> 1.2.13 }. fixes #822.Zach van Rijn1-2/+2
2022-11-01system/expat: bump { 2.4.9 --> 2.5.0 }. fixes #821.Zach van Rijn1-2/+4
2022-11-01system/adelie-keys: relbump for rc3 (signing with keys contained within).Zach van Rijn1-1/+1
2022-11-01system/adelie-keys: all new keys.Zach van Rijn20-140/+187
2022-11-01system/zlib: bump { 1.2.12 --> 1.2.13 }. fixes #820.Zach van Rijn3-83/+3
2022-10-31scripts/deplist: add 'cmd:xsltproc' exception. do not scan 'legacy/' repo.Zach van Rijn2-1/+2
2022-10-21user/openvpn 2.5.7Lee Starnes1-2/+2
2022-10-21user/strongswan 5.9.8Lee Starnes1-2/+4
2022-10-21system/curl: bump { 7.83.1 --> 7.85.0 }. fixes #813.Zach van Rijn1-3/+3
2022-10-21system/curl: pull in nghttp2 development package. fixes #819.Zach van Rijn1-2/+2
See commit d045b5bca8cd983b9512fd45e19d2c5770323a32.
2022-10-21user/dovecot: update checksum. fixes #818.Zach van Rijn1-1/+1
2022-10-21user/alpine: bump { 2.25 --> 2.26 }. update URLs. fixes #817.Zach van Rijn1-5/+9
2022-10-21user/ftmenu: use canonical source tarball URL.Zach van Rijn1-2/+1
2022-10-21system/mpfr3: use canonical source tarball URL.Zach van Rijn1-2/+1
2022-10-21user/fbset: use distfiles. fixes #816.Zach van Rijn1-1/+2
2022-10-21user/numactl: bump { 2.0.14 --> 2.0.15 }.Zach van Rijn3-25/+15
2022-10-21system/libaio: re-enable test 18. see #405.Zach van Rijn1-2/+1
2022-10-21system/expat: bump { 2.48 --> 2.49 }. fixes #814.Zach van Rijn1-2/+4
2022-10-21system/nss: bump { 3.78 --> 3.82 }.Zach van Rijn1-2/+2
This is needed for newer versions of Thunderbird and Firefox.
2022-10-21system/nspr: bump { 4.33 --> 4.34 }.Zach van Rijn1-3/+3
2022-10-21user/cbindgen: bump { 0.14.2 --> 0.24.3 }. become maintainer.Zach van Rijn1-77/+90
This is needed for newer versions of Thunderbird and Firefox.
2022-10-21user/xf86-video-qxl: patch libdrm include. fixes #792.Zach van Rijn2-3/+31
2022-10-21user/xf86-video-vmware: patch to reorder headers. fixes #791.Zach van Rijn2-3/+66
2022-10-21user/horizon: bump { 0.9.6 --> 0.9.7 }.Zach van Rijn1-2/+2
2022-10-21user/nmap: disable broken tests. fixes #716.Zach van Rijn2-3/+19
Refer to this discussion: https://seclists.org/nmap-dev/2012/q4/373 These two tests ('-' and ',') are "expected to fail" but pass. As a matter of unblocking progress on RC3, disabling. We can revisit this later as needed.
2022-10-21user/gnupg: bump { 2.2.23 --> 2.2.39 }. disable compressed packets.Zach van Rijn3-17/+178
see also: https://dev.gnupg.org/D556
2022-10-21Update gc to 8.2.2Ivan Maidanski1-6/+3