20:00 antoine 

Mark asterisk14 FORBIDDEN, this release is so ancient that it is not listed
in security advisovies from digium anymore
Deprecate this port and dependent ports

Prodded by:	flo
With hat:	portmgr

 

11:06 antoine 

Mark broken: Fails to configure or build

Fails to configure on 8 and 9:
checking if OpenH323 version 1.19.0 is compatible with chan_h323... yes
checking OpenH323 build option... opt
checking OpenH323 installation validity... no
configure: ***
configure: *** The OPENH323 installation on this system appears to be broken.
configure: *** Either correct the installation, or run configure
configure: *** including --without-h323
===>  Script "configure" failed unexpectedly.

Fails to build on 10:
g++47  -o asterisk -Wl,--export-dynamic -Wl,--version-script,asterisk.exports
-D_THREAD_SAFE -pthread  -L/usr/local/lib -pipe -O2 -pipe
-Wl,-rpath=/usr/local/lib/gcc47 -fno-strict-aliasing
-Wl,-rpath=/usr/local/lib/gcc47 -L/usr/local/lib -Wl,-rpath=/usr/local/lib/gcc47
-L/usr/local/lib/gcc47 -L/usr/local/lib -L/usr/local/lib -L/usr/local/lib
-Wl,-rpath=/usr/local/lib/gcc47 -L/usr/local/lib/gcc47 -L/usr/local/lib
-Wl,-rpath,/usr/lib:/usr/local/lib -Wl,-rpath=/usr/local/lib/gcc47
-L/usr/local/lib/gcc47 -L/usr/local/lib -L/usr/local/share/pwlib//lib
-L/usr/local/lib abstract_jb.o acl.o aescrypt.o aeskey.o aestab.o alaw.o app.o
ast_expr2.o ast_expr2f.o asterisk.o astfd.o astmm.o astobj2.o audiohook.o
autoservice.o callerid.o cdr.o channel.o chanvars.o cli.o config.o cryptostub.o
db.o devicestate.o dial.o dns.o dnsmgr.o dsp.o enum.o file.o fixedjitterbuf.o
frame.o fskmodem.o global_datastores.o http.o image.o indications.o io.o
jitterbuf.o loader.o logger.o manager.o md5.o netsock.o pbx
o plc.o poll.o privacy.o rtp.o say.o sched.o sha1.o slinfactory.o srv.o
stdtime/localtime.o strcompat.o tdd.o term.o test.o threadstorage.o translate.o
udptl.o ulaw.o utils.o editline/libedit.a  buildinfo.o -ltermcap  -lm -lcrypto 
-lh323_r -lpt_r -lldap -llber -lldap_r -lpthread -lssl -lcrypto -lexpat -pthread
-L/usr/local/lib
/usr/local/bin/ld: asterisk: local symbol `__progname' in /usr/lib/crt1.o is
referenced by DSO
/usr/local/bin/ld: final link failed: Bad value
collect2: error: ld returned 1 exit status
gmake[2]: *** [asterisk] Error 1

Reported by:	pkg-fallout

 

22:10 bapt 

Add NO_STAGE all over the place in preparation for the staging support (cat:
net)

 

16:26 sunpoet 

- Update to 7.31.0
- Bump PORTREVISION for ftp/curl shlib change
- Add TEST_DEPENDS
- Convert to new options framework
- Adjust options:
  - Add COOKIES
  - Add CYASSL, NSS, POLARSSL, THREADED_RESOLVER, TLS_SRP [1]
  - Add GSSAPI and SPNEGO [2]
  - Remove KERBEROS4
  - Rename LIBIDN to IDN
  - Remove TRACKMEMORY [1]
- Sort option handler
- Add SLAVEDIRS: ftp/curl-hiphop
- Cosmetic change
- Cleanup Makefile header
- While I'm here, fix typo (PORTREVSION) in x11-wm/ede/Makefile

Changes:	http://curl.haxx.se/changes.html
PR:		ports/172325 (-exp run), ports/177369 (based on) [1]
Submitted by:	Hirohisa Yamaguchi <umq@ueo.co.jp> [1], hrs (via email) [2]
Exp run by:	miwi

 

12:51 bapt 

Convert to new options framework

 

11:32 bapt 

Convert USE_BISON to USES= bison

It brings bison as a build dependency in case it is set the following way:
USES= bison or USES= bison:build

it brings bison as a run dependency in case it is set the following way:
USES= bison:run

it brings bison both as a run and build dependency in case it the set the
following way:
USES= bison:both

While here trim some headers
Convert some USE_GNOME= gnomehack to USES= pathfix

 

22:12 linimon 

Force numerous ports that fail to build with clang over to instead always
rely on gcc.  The patch uses the new USE_GCC=any code in Mk/bsd.gcc.mk to
accomplish this.

The ports chosen were ports that blocked 2 or more ports from building with
clang.  (There are several hundred other ports that still fail to build with
clang, even with this patch.  This is merely one step along the way.)

Those interested in fixing these ports with clang, and have clang as their
default compiler, can simply set FORCE_BASE_CC_FOR_TESTING=yes.

For those who have gcc as their default compiler, this change is believed
to cause no change.

Hat:		portmgr
Tested with:	multiple runs on amd64-8-exp-bcm and 9-exp-clang, with various
		combinations of patch/no-patch and flag settings.

 

23:19 dougb 

Move the rc.d scripts of the form *.sh.in to *.in

Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op

20:15 naddy 

libogg.so.8: Bump PORTREVISION for ports that depend on libogg,
directly or indirectly (via libvorbis, libtheora).

05:26 dinoex 

- update png to 1.5.10

12:25 miwi 

- Chase unixODBC shlib bump

01:38 sobomax 

Assign maintainership to bamby@sippysoft.com, who does all technical work
on this port anyway and has more time to deal with any issues reported
(e.g. vulnerabilities, build failures etc).

23:38 sobomax 

Ressurect asterisk14 and upgrade to the latest 1.4.42, which should be
free of any known vulnerabilities.

22:30 dougb 

As previously advertised, complete removal of vulnerable ports that
no one has stepped up to deal with:

archivers/pecl-phar             Vulnerable since 2011-01-13
comms/libsyncml                 Depends on devel/libsoup22, which is FORBIDDEN
databases/mysql323-server       Vulnerable since 2006-10-29
databases/mysql323-client       Vulnerable since 2006-10-29
databases/mysql323-scripts      Vulnerable since 2006-10-29
databases/mysql40-server        Vulnerable since 2006-10-29
databases/mysql40-client        Vulnerable since 2006-10-29
databases/mysql40-scripts       Vulnerable since 2006-10-29
databases/p5-DBD-mysql40
                Depends on databases/mysql40-server, which is FORBIDDEN
deskutils/buoh                  Depends on devel/libsoup22, which is FORBIDDEN
deskutils/libopensync-plugin-syncml
                Depends on comms/libsyncml, which is DEPRECATED
devel/libsoup22                 Vulnerable since 2011-07-28
dns/bind9-sdb-ldap              Vulnerable since 2011-06-04
dns/bind9-sdb-postgresql        Vulnerable since 2011-06-04
ftp/wgetpro                     Vulnerable since 2004-12-14
games/quake2forge               Vulnerable since 2005-01-21
graphics/linux-tiff             Vulnerable since 2004-10-13
japanese/mutt                   Vulnerable since 2007-07-29
japanese/asterisk14-sounds      Depends on net/asterisk14, which is FORBIDDEN
net/asterisk14                  Vulnerable since 2011-06-25
net/isc-dhcp31-client           Vulnerable since 2011-04-10
net/isc-dhcp31-server           Vulnerable since 2011-04-10
net/isc-dhcp31-relay            Vulnerable since 2011-04-10
net/asterisk-app-ldap           Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-app-notify         Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-oh323
   Depends on net/asterisk14, which is FORBIDDEN, does not compile on sparc64
net/asterisk14-addons           Depends on net/asterisk14, which is FORBIDDEN
net/astfax                      Depends on net/asterisk14, which is FORBIDDEN
net-mgmt/nagios2                Vulnerable since 2009-06-30
www/gforge                      Vulnerable since 2005-08-09
www/linux-flashplugin7          Vulnerable since at least 2008-05-30
www/opera-devel                 Vulnerable since 2010-06-25, does not fetch
www/plone3                      Vulnerable and unsupported upstream
www/serendipity-devel           Vulnerable since 2008-04-25
www/ziproxy                     Vulnerable since 2010-06-15
www/asterisk-gui                Depends on net/asterisk14, which is FORBIDDEN
x11-toolkits/linux-pango        Vulnerable since 2009-05-13

09:24 dougb 

Mark FORBIDDEN the remaining ports that are vulnerable for more than
2 weeks according to portaudit (ranging from 23 days to 7 years).
The maintainers were notified by mail that this action would be taken
on 2011-09-03. (Ports for which maintainers responded have been/will be
dealt with separately.)

Also mark DEPRECATED ports that rely on the FORBIDDEN ports, and a few
ports that rely on those DEPRECATED ports.

22:26 amdmi3 

- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav

12:43 sylvio 

- Chase net-snmp shlib version bump.

11:54 fjoe 

Remove RUN_DEPENDS on dahdi.ko now that dahdi.ko is not provided by dahdi port.

01:32 delphij 

Chase after net/openldap24-server update.

Reminded by:    miwi

19:58 ade 

Clean up "current" versions of autotools components to further reduce
tree-churn on updates.

16:33 fjoe 

Fix installation into /var.

03:43 fjoe 

- Update to 1.4.37
- Switch from Zaptel to DAHDI

Approved by:    MAINTAINER

14:28 fjoe 

Rename asterisk 1.4 ports after repocopy.