BSD Commit Log Search

   Updated textproc/py-pyphen, devel/py-jaraco.vcs

   py-jaraco.vcs: updated to 2.2.0

   v2.2.0

   Features

   - Remove check on minimum git version.


   v2.1.0

   Features

   - Added .get_timestamp method for retrieving the timestamp of a given revision.

   py-pyphen: updated to 0.15.0

   Version 0.15.0

   * Support Python 3.12, drop Python 3.7 support.
   * Add READMEs for dictionaries.
   * Add Basque hyphenation dictionary.
   * Update Catalan and Hungarian dictionaries.
   * Use Ruff instead of Flake8 and isort.

   doc: Updated mail/rspamd to 3.8.4nb1

   mail/rspamd: allow rc.d script to reload

   Bump PKGREVISION.

   doc/pkg-vulnerabilities: add CVE-2024-27282

   Add CVE-2024-27282 for ruby31-base, ruby32-base and ruby33.

   doc: Updated lang/ruby33 to 3.3.1

   lang/ruby33: update to 3.3.1

   This is security release.  Note CVE-2024-27280 and CVE-2024-27281 were
   already fixed by ruby31-base-3.3.0nb1.

   3.3.1 (2024-04-23)

   * CVE-2024-27282: Arbitrary memory address read vulnerability with Regex
     search
   * CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc

   doc: Updated lang/ruby32-base to 3.2.4

   lang/ruby32-base: update to 3.2.4

   This is security release.  Note CVE-2024-27280 and CVE-2024-27281 were
   already fixed by ruby31-base-3.2.3nb3.

   3.2.4 (2024-04-23)

   * CVE-2024-27282: Arbitrary memory address read vulnerability with Regex
     search
   * CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
   * CVE-2024-27280: Buffer overread vulnerability in StringIO

   forked-daapd: Exclude libinotify on SunOS

   messagelib: Exclude libinotify on SunOS

   doc/HOWTO-dev-crosscompile: Add a couple TODOs.

   akonadi: Add socket libraries on SunOS.

fceux: Add reference to CVE-2024-32258

   doc: Updated lang/ruby31-base to 3.1.5

   lang/ruby31-base: update to 3.1.5

   This is security release.  Note CVE-2024-27280 and CVE-2024-27281 were
   already fixed by ruby31-base-3.1.4nb3.

   3.1.5 (2024-04-23)

   Security release.

   * CVE-2024-27282: Arbitrary memory address read vulnerability with Regex
     search
   * CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
   * CVE-2024-27280: Buffer overread vulnerability in StringIO

   mk: fix termcap/terminfo detection issue when both are builtin

   Both termcap.builtin.mk and terminfo.builtin.mk used the same variable
   H_TERM for BUILTIN_FIND_HEADERS_VAR. This for some reason causes the
   logic to trip up in a specific scenario:
   when termcap.buildlink3.mk is included before terminfo.buildlink3.mk.

   When termcap was introduced as a dependency in audio/lame/buildlink3.mk
   in r1.12, then audio/libsndfile incorrectly started to depend on ncurses
   on NetBSD.

   Fix this by using a different variable name for the builtin detection.

   Support rc.d script reload command.

   Updated devel/py-virtualenv, devel/py-types-setuptools

   py-types-setuptools: updated to 69.5.0.20240423

   69.5.0.20240423 (2024-04-23)

   Add precise values for enum members where possible


   69.5.0.20240415 (2024-04-15)

   Ensure that distutils and setuptools._distutils stay consistent

   Update setuptools to 69.5.*

   py-virtualenv: updated to 20.26.0

   Bugfixes - 20.26.0
   allow builtin discovery to discover specific interpreters (e.g. python3.12) given an unspecific spec (e.g. python3)

libreswan-5: update to v5.0

* IKEv1:
  - globally disabled by default (ikev1-policy=drop); see RFC9395 [Daniel]
  - limit default cryptosuite [Andrew, Paul, Tuomo]
    IKE={AES_CBC,3DES_CBC}-{HMAC_SHA2_256,HMAC_SHA2_512HMAC_SHA1}-{MODP2048,MODP1536,DH19,DH31}
    ESP={AES_CBC,3DES_CBC}-{HMAC_SHA1_96,HMAC_SHA2_512_256,HMAC_SHA2_256_128}-{AES_GCM_16_128,AES_GCM_16_256}
    AH=HMAC_SHA1_96+HMAC_SHA2_512_256+HMAC_SHA2_256_128
  - remove support for Labeled IPsec [Andrew]
  - properly ignore dpdaction= [Andrew]
  - see also IKEv2 routing/revival changes
* IKEv2:
  - warn that fragmentation=force is ignored [Andrew]
  - avoid post-authentication crash on corrupt TS payload [Andrew]
  - support addresspool=v4/mask,v6/mask [Andrew]
  - support subnet=SELECTOR,... using a single Child SA [Andrew]
  - when non-MOBIKE never update NATed endpoint [#1492/Wofferl/Andrew]
  - fix revival of IKE_AUTH (first) Child SA [Andrew]
  - properly ignore dpdaction=, keyingtries= [Andrew]

    [68 lines not shown]

   mutt: remove legacy option support from 2019

   doc: Updated security/passphrase to 1.8.1

   passphrase: update to version 1.8.1

   Changelog:

   add man-dir option, in case it's not "share/"

   uhd: fix boost fallout. From upstream.

   remove redundant kernels and floppies from the space-starved i386 ISO

   Increase length of set description to 40 characters so recent additions fit.

   Ok: martin@

   Fixes PR install/58188 "sysinst fails to display status of base32 set"

   libcxxabi: fix for @adam forgot to add files/__config_site