[ 22:36 Mark Felder (feld)  ]

• expat2 2.1.1_2 textproc     XML 1.0 parser written in C

MFH: r417847

textproc/expat2: Patch vulnerability

This patch resolves a vulnerability that may still exist due to
compiler optimizations. The previous patches for CVE-2015-1283 and
CVE-2015-2716 may not work as intended in some situations.

Security:	CVE-2016-4472

Approved by:	ports-secteam (with hat)

[ 19:19 Jan Beich (jbeich)  ]

• firefox 47.0.1,1 www     Web browser based on the browser portion of Mozilla
• firefox-i18n 47.0.1 www   Localized interface for Firefox

MFH: r417698

www/firefox: update to 47.0.1

Changes:	https://www.mozilla.org/firefox/47.0.1/releasenotes/
Approved by:	ports-secteam (junovitch)

[ 18:14 Jason Unovitch (junovitch)  ]

• tomcat-native 1.2.7 www   Tomcat native library
• tomcat7 7.0.70 www     Open-source Java web server by Apache, 7.x branch
• tomcat8 8.0.36 www     Open-source Java web server by Apache, 8.x branch

MFH: r417360

- Update tomcat-native to 1.2.7 release.
- Update tomcat7 to 7.0.70 release.
- Update tomcat8 to 8.0.36 release.

PR:		209669
Submitted by:	geoffroy desvernay <dgeo@centrale-marseille.fr>
Approved by:	ports-secteam (with hat)
Security:	CVE-2016-3092
Security:	https://vuxml.FreeBSD.org/freebsd/cbceeb49-3bc7-11e6-8e82-002590263bf5.html

[ 23:27 Jason Unovitch (junovitch)  ]

• wordpress 4.5.3 japanese     State-of-the-art semantic personal publishing platform

MFH: r417505

japanese/wordpress: update 4.5.2 -> 4.5.3

Approved by:	ports-secteam (with hat)
Security:	CVE-2016-5832
Security:	CVE-2016-5833
Security:	CVE-2016-5834
Security:	CVE-2016-5835
Security:	CVE-2016-5836
Security:	CVE-2016-5837
Security:	CVE-2016-5838
Security:	CVE-2016-5839
Security:	https://vuxml.FreeBSD.org/freebsd/bfcc23b6-3b27-11e6-8e82-002590263bf5.html

[ 23:22 Jason Unovitch (junovitch)  ]

• wordpress 4.5.3 german     State-of-the-art semantic personal publishing platform

MFH: r417503

german/wordpress: update 4.5.2 -> 4.5.3

Approved by:	ports-secteam (with hat)
Security:	CVE-2016-5832
Security:	CVE-2016-5833
Security:	CVE-2016-5834
Security:	CVE-2016-5835
Security:	CVE-2016-5836
Security:	CVE-2016-5837
Security:	CVE-2016-5838
Security:	CVE-2016-5839
Security:	https://vuxml.FreeBSD.org/freebsd/bfcc23b6-3b27-11e6-8e82-002590263bf5.html

[ 23:21 Jason Unovitch (junovitch)  ]

• wordpress 4.5.3 russian     State-of-the-art semantic personal publishing platform

MFH: r417369

- Update to 4.5.3 [1]
- While here: [2]
  - Fix LICENSE
  - Switch to options helpers and fix some minor style nits (silence mkdirs)

PR:		210480 [1]
Submitted by:	9267096@gmail.com (maintainer) [1]
Approved by:	portmgr blanket [2]
Security:	CVE-2016-5832
Security:	CVE-2016-5833
Security:	CVE-2016-5834
Security:	CVE-2016-5835
Security:	CVE-2016-5836
Security:	CVE-2016-5837
Security:	CVE-2016-5838
Security:	CVE-2016-5839
Security:	https://vuxml.FreeBSD.org/freebsd/bfcc23b6-3b27-11e6-8e82-002590263bf5.html

Approved by:	ports-secteam (with hat)

[ 23:18 Jason Unovitch (junovitch)  ]

• wordpress 4.5.3,1 www     State-of-the-art semantic personal publishing platform

MFH: r417500

www/wordpress: update 4.5.2 -> 4.5.3

Approved by:	ports-secteam (with hat)
Security:	CVE-2016-5832
Security:	CVE-2016-5833
Security:	CVE-2016-5834
Security:	CVE-2016-5835
Security:	CVE-2016-5836
Security:	CVE-2016-5837
Security:	CVE-2016-5838
Security:	CVE-2016-5839
Security:	https://vuxml.FreeBSD.org/freebsd/bfcc23b6-3b27-11e6-8e82-002590263bf5.html

[ 22:20 Jason Unovitch (junovitch)  ]

• php70 7.0.8 lang     PHP Scripting Language

MFH: r417495

lang/php70: update 7.0.7 -> 7.0.8

PR:		210491
Reported by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Submitted by:	Philip Jocks <freebsdbugs@filis.org>
Approved by:	ports-secteam (with hat)
Security:	CVE-2015-8874
Security:	CVE-2016-5766
Security:	CVE-2016-5767
Security:	CVE-2016-5768
Security:	CVE-2016-5769
Security:	CVE-2016-5770
Security:	CVE-2016-5771
Security:	CVE-2016-5772
Security:	CVE-2016-5773
Security:	https://vuxml.FreeBSD.org/freebsd/66d77c58-3b1d-11e6-8e82-002590263bf5.html

[ 22:20 Jason Unovitch (junovitch)  ]

• php56 5.6.23 lang     PHP Scripting Language

MFH: r417493

lang/php56: update 5.6.22 -> 5.6.23

PR:		210502
Submitted by:	Philip Jocks <freebsdbugs@filis.org>
Approved by:	ports-secteam (with hat)
Security:	CVE-2015-8874
Security:	CVE-2016-5766
Security:	CVE-2016-5767
Security:	CVE-2016-5768
Security:	CVE-2016-5769
Security:	CVE-2016-5770
Security:	CVE-2016-5771
Security:	CVE-2016-5772
Security:	CVE-2016-5773
Security:	https://vuxml.FreeBSD.org/freebsd/66d77c58-3b1d-11e6-8e82-002590263bf5.html

[ 22:19 Jason Unovitch (junovitch)  ]

• php55 5.5.37 lang     PHP Scripting Language

MFH: r417491

lang/php55: update 5.5.36 -> 5.5.37

Approved by:	ports-secteam (with hat)
Security:	CVE-2015-8874
Security:	CVE-2016-5766
Security:	CVE-2016-5767
Security:	CVE-2016-5768
Security:	CVE-2016-5769
Security:	CVE-2016-5770
Security:	CVE-2016-5771
Security:	CVE-2016-5772
Security:	CVE-2016-5773
Security:	https://vuxml.FreeBSD.org/freebsd/66d77c58-3b1d-11e6-8e82-002590263bf5.html

[ 17:08 Vasil Dimov (vd)  ]

• wget 1.18 ftp     Retrieve files from the Net via HTTP(S) and FTP

MFH: r417188 r417282 r417417

ftp/wget: Upgrade from 1.16.3_1 to 1.18

PR:		210421 [1], 210512
Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com> [1]
Security:	CVE-2016-4971

ftp/wget: fix compilation when IDN and NLS are disabled

PR:		210441
Submitted by:	Helge Oldach <freebsd@oldach.net>

Change AUTHOR: entry in UPDATING to committer

Suggested by:	koobs@

Approved by:	ports-secteam

[ 21:14 Mark Felder (feld)  ]

• libarchive 3.2.1,1 archivers     Library to create and read several streaming archive formats

MFH: r417400

archivers/libarchive: Update to 3.2.1

This release resolves several vulnerabilities.

PR:		210493
Security:	CVE-2015-8934
Security:	CVE-2016-4300
Security:	CVE-2016-4301
Security:	CVE-2016-4302

Approved by:	ports-secteam (with hat)

[ 15:44 Mark Felder (feld)  ]

• piwik 2.16.1 www     Open Source Web Analytics Software Program

MFH: r416928 r417366

www/piwik: Upgrade from 2.16.0 to 2.16.1

- Add missing depends
- The update also contains security fixes.

Changes: http://piwik.org/changelog/piwik-2-16-1/

PR:          210458
Approved by: pi (mentor)

Approved by:	ports-secteam (with hat)

[ 12:22 Matthew Seaman (matthew)  ]

• phpmyadmin 4.6.3 databases     Set of PHP-scripts to manage MySQL over the web

MFH: r417350

Security update to 4.6.3

See:  PMSA-2016-19 -- PMSA-2016-28 inclusive
https://www.phpmyadmin.net/security/

vuXML to follow

Approved by:	ports-secteam (junovitch)

[ 10:44 Torsten Zuehlsdorff (tz)  ]

• gitlab 8.5.13 www     Web GUI for managing git repositories

www/gitlab: Update from 8.5.12 to 8.5.13

- Prevent unauthorized access to other projects build traces
- Forbid scripting for wiki files

Approved by: ports-secteam (junovitch), junovitch (mentor)

[ 10:15 Renato Botelho (garga)  ]

• sudo 1.8.17p1 security     Allow others to run commands as root

MFH: r417338

Update security/sudo to 1.8.17p1

Sponsored by:	Rubicon Communications (Netgate)
Approved by:	ports-secteam (junovitch)

[ 16:41 Mark Felder (feld)  ]

• redshift 1.7_1 accessibility   Adjusts the color temperature of your screen

MFH: r417321

accessibility/redshift: Fix warnings

USE_XORG is required for proper dependency declaration

Differential Revision:	https://reviews.freebsd.org/D6883

Approved by:	ports-secteam (with hat)

[ 17:13 Rene Ladan (rene)  ]

• chromium 51.0.2704.103 www     Google web browser based on WebKit

MFH: r416869 r417184

www/chromium: fix build on 9.3-amd64

www/chromium: update to 51.0.2704.103

X-MFH-with:	r416869
Security:	http://vuxml.freebsd.org/freebsd/d59ebed4-34be-11e6-be25-3065ec8fd3ec.html

Approved by:	ports-secteam (feld)

[ 06:13 Dirk Meyer (dinoex)  ]

• openssl 1.0.2_14 security     SSL and crypto library

MFH: r417176

- fix possible integer overflow and application crash
Security: CVE-2016-2177

Approved by:	portmgr (Mark Felder)

[ 19:53 Cy Schubert (cy)  ]

• sudo 1.8.17 security     Allow others to run commands as root

MFH: r417158

Update 1.8.16 --> 1.8.17

PR:		210407
Submitted by:	cy@
Approved by:	garga@

Approved by:	ports-secteam@ (feld@)

[ 19:14 Mark Felder (feld)  ]

• libxslt 1.1.29 textproc     The XSLT C library for GNOME

MFH: r417174

textproc/libxslt: Update to 1.1.29

Changelog:
https://git.gnome.org/browse/libxslt/commit/NEWS?id=9a1b3ddf6034aa2f6a30b4b7ea4bfc3c4037cd58

Absent from the Changelog are the CVEs Google discovered, CVE-2016-1683
and CVE-2016-1684. This library needs to be updated to ensure
www/chromium is no longer vulnerable to these CVEs. Additionally the
changelog notes a fix for CVE-2015-7995, but we solved that previously
with a patch to the port.

PR:		210298
Security:	CVE-2016-1683
Security:	CVE-2016-1684

Approved by:	ports-secteam (with hat)

[ 18:04 Mark Felder (feld)  ]

• linux-oracle-jre18 8.92 java      Oracle Java 8 Runtime Environment for Linux

MFH: r413802

. Update to 8u92

Approved by:	ports-secteam (with hat)
PR:		209984

[ 18:03 Mark Felder (feld)  ]

• linux-oracle-jdk18 8.92 java     Oracle Java 8 Development Kit for Linux

MFH: r413801

. Update to 8u92

Approved by:	ports-secteam (with hat)
PR:		209984

[ 11:11 Carlos J. Puga Medina (cpm)  ]

• libgcrypt 1.7.1 security     General purpose crypto library based on code used in GnuPG

MFH: r413860 r417040

- Update to 1.7.0
- Remove unneeded patches (applied upstream)
- Fix inline assembler error on 9.x
- Fix pkg-plist

Changelog: https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000386.html

PR:		208907
Approved by:	junovitch (mentor)
Exp-run:	antoine
Differential Revision:	D5989

- Update to 1.7.1

(Only the first 15 lines of the commit message are shown above )

[ 10:52 Carlos J. Puga Medina (cpm)  ]

• malo-firmware-kmod 3.0.0.39 net    Marvell Libertas 88W8335 IEEE 802.11b/g Firmware Kernel Module

MFH: r416650

- Update MASTER_SITES
- Update MAINTAINER to my @FreeBSD.org address

Reviewed by:	amdmi3, junovitch (mentors)
Approved by:	junovitch (mentor)
Differential Revision:	D6774

Approved by:	ports-secteam (junovitch)

[ 06:42 Ruslan Makhmatkhanov (rm)  ]

• python27 2.7.11_3 lang     Interpreted object-oriented programming language
• python33 3.3.6_5 lang      Interpreted object-oriented programming language
• python34 3.4.4_3 lang     Interpreted object-oriented programming language
• python35 3.5.1_3 lang     Interpreted object-oriented programming language

MFH: r417019

lang/python[xx]: backport upstream fix for CVE-2016-5636

Add patch for integer overflow in zipimport module to all our python ports.

While I'm here, get rid of -f flag in ${RM} invocation, because ${RM} already
expands to rm -f, so in result we are getting something like:

/bin/rm -f -f
/wrkdirs/usr/ports/lang/python35/work/stage/usr/local/lib/libpython3.so

PR:		210325
Submitted by:	 Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security:	1d0f6852-33d8-11e6-a671-60a44ce6887b
With hat:	python

Approved by:	ports-secteam (junovitch)

[ 02:58 Jason Unovitch (junovitch)  ]

• linux-c6-flashplugin11 11.2r202.626 www      Adobe Flash Player NPAPI Plugin

MFH: r417098

www/linux-*-flashplugin: update 11.2r202.577 -> 11.2r202.626

PR:		209592
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Approved by:	ports-secteam (with hat)
Security:	CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013,
		CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017,
		CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021,
		CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025,
		CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029,
		CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033,
		CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099,
		CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103,

(Only the first 15 lines of the commit message are shown above )

[ 14:39 Jan Beich (jbeich)  ]

• blitz++ 0.9_8 math   C++ class library for scientific computing

MFH: r416999

math/blitz++: unbreak build on 11.0 and dragonfly

./arrays-expr.texi:718: unknown command `erf'

PR:		199527
Reported by:	pkg-fallout
Approved by:	maintainer timeout (1 year)
Approved by:	ports-secteam (feld)

[ 14:39 jbeich  ]

• blitz++ 0.9_8 math   C++ class library for scientific computing

MFH: r416999

math/blitz++: unbreak build on 11.0 and dragonfly

./arrays-expr.texi:718: unknown command `erf'

PR:		199527
Reported by:	pkg-fallout
Approved by:	maintainer timeout (1 year)
Approved by:	ports-secteam (feld)

[ 05:00 Thomas Zander (riggs)  ]

• charmap 0.2_5 deskutils   Character map for GNUstep

MFH: r417045

Unbreak build, distfile is available at different location

PR:		210034
Submitted by:	lightside@gmx.com

Approved by:	ports-secteam (build fix blanket)

[ 01:33 Jason Unovitch (junovitch)  ]

• drupal7 7.44 www     Database driven web content management system (CMS)

MFH: r416328 r416557 (partial, leave out USES=mysql conversion) r416989

www/drupal7: update 7.43 -> 7.44 [1]

- Reset maintainer by his own request [2]
- Fix license
- Pet portlint

PR:		210317 [1]
PR:		209998 [2]
Approved by:	ports-secteam (with hat)
Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com> [1]
Submitted by:	simon.wright@gmx.net (maintainer) [2]
Security:	https://vuxml.FreeBSD.org/freebsd/7932548e-3427-11e6-8e82-002590263bf5.html

[ 11:10 Bernard Spil (brnrd)  ]

• libressl-devel 2.3.6 security     Free version of the SSL/TLS protocol forked from OpenSSL

security/libressl-devel: Update to 2.3.6

Approved by:	ports-secteam (feld)
Security:	6f0529e2-2e82-11e6-b2ec-b499baebfeaf
Security:	01d729ca-1143-11e6-b55e-b499baebfeaf

[ 11:08 Bernard Spil (brnrd)  ]

• libressl 2.2.9 security     Free version of the SSL/TLS protocol forked from OpenSSL

security/libressl: Update to 2.2.9

Submitted by:	Piotr Kubaj <pkubaj@anongoth.pl>
Reviewed by:	brnrd
Approved by:	ports-secteam (feld)
Security:	6f0529e2-2e82-11e6-b2ec-b499baebfeaf
Security:	CVE-2016-2178

[ 23:07 Mathieu Arnold (mat)  ]

• bind910 9.10.4P1 dns     BIND DNS suite with updated DNSSEC and DNS64
• bind99 9.9.9P1 dns     BIND DNS suite with updated DNSSEC and DNS64

MFH: r412619 r412619 r415831 r415882

Mainly: update to 9.9.9-P1 and 9.10.4-P1.

There are bug fixes and small security issues that need addressing.

Sponsored by:	Absolight

[ 01:50 Jason Unovitch (junovitch)  ]

• botan110 1.10.13 security   Portable, easy to use, and efficient C++ crypto library

MFH: r416873

security/botan110: update 1.10.12 -> 1.10.13

PR:		209594
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Submitted by:	Lapo Luchini <lapo@lapo.it> (maintainer)
Approved by:	ports-secteam (with hat)
Security:	CVE-2015-7827
Security:	CVE-2016-2849
Security:	https://vuxml.FreeBSD.org/freebsd/ac0900df-31d0-11e6-8e82-002590263bf5.html

[ 19:24 Mark Felder (feld)  ]

• openssl 1.0.2_13 security     SSL and crypto library

MFH: r416823

- Fix DSA, preserve BN_FLG_CONSTTIME
Security: CVE-2016-2178

Approved by:	ports-secteam (with hat)

[ 15:43 Jason Helfman (jgh)  ]

• xlockmore 5.46_1 x11   Like XLock session locker/screen saver, but just more

MFH: r416638 r416686

- add/enable xinerama support (default)

- fix for MESAGL
/usr/local/include/FTGL/ftgl.h:32:10: fatal error: 'ft2build.h' file not found
Reported by:	dhw

Approved by:	ports-secteam (with hat)

[ 13:21 Renato Botelho (garga)  ]

• sudo 1.8.16_1 security     Allow others to run commands as root

MFH: r416751

Add a patch to fix sudo bug #743 that causes a bug where it dereference
a NULL pointer when it looks up a negative cached entry which is stored
as a NULL passwd or group struct pointer

PR:		208198
Submitted by:	Fredrik Eriksson <fredrik.eriksson@loopia.se>
Obtained from:	https://www.sudo.ws/repos/sudo/rev/1d13341d53ec
Sponsored by:	Rubicon Communications (Netgate)
Approved by:	ports-secteam (feld)

[ 18:01 Jan Beich (jbeich)  ]

• mpop 1.2.5 mail   Small and fast POP3 client

MFH: r416734

mail/mpop: update to 1.2.5

Changes:	https://sourceforge.net/p/mpop/code/ci/6b5d23
Approved by:	ports-secteam (junovitch)

[ 16:22 Thomas Zander (riggs)  ]

• vlc 2.2.4,4 multimedia     Qt based multimedia player and streaming server

MFH: r415944 r416225 r416711

Update to upstream version 2.2.3

Differential Revision:	https://reviews.freebsd.org/D6373

Fix build with libc++ 3.8.0

VLC brings its own header for atomic operations which defines a whole
bunch of atomic macros, conflicting with the ones in the C++ standard
<atomic> header. This changeset works around those.

PR:		209722
Submitted by:	dim

(Only the first 15 lines of the commit message are shown above )

[ 01:17 Jason Unovitch (junovitch)  ]

• roundcube 1.1.5_1,1 mail     Fully skinnable XHTML/CSS webmail written in PHP

MFH: r414979 r416648

Update to 1.1.5 release.

Apply patch from upstream for cross-site scripting vulnerability

PR:		209841
Reported by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Approved by:	maintainer timeout (2 weeks)
Security:	CVE-2016-5103
Security:	https://vuxml.FreeBSD.org/freebsd/97e86d10-2ea7-11e6-ae88-002590263bf5.html

Approved by:	ports-secteam (with hat)

[ 15:57 Bartek Rutkowski (robak)  ]

• vm-bhyve 0.9.13 sysutils   Management system for bhyve virtual machines

MFH: r416547

sysutils/vm-bhyve: update 1.0.2 -> 1.0.4

- Bugfix release

PR:		210128
Submitted by:	<churchers@gmail.com> (maintainer)

Approved by:	ports-secteam

[ 03:44 Jason Unovitch (junovitch)  ]

• iperf3 3.1.3 benchmarks   Improved tool to measure TCP and UDP bandwidth

MFH: r416564

Update to iperf3, which addresses a buffer overflow vulnerability
on the iperf3 control channel.

Security:	CVE-2016-4303
Security:	https://vuxml.FreeBSD.org/freebsd/d6bbf2d8-2cfc-11e6-800b-080027468580.html
Sponsored by:	ESnet
Approved by:	ports-secteam (with hat)

[ 03:28 Jason Unovitch (junovitch)  ]

• expat2 2.1.1_1 textproc     XML 1.0 parser written in C

MFH: r416579

textproc/expat2: address two CVEs reported by upstream

PR:		210155
Reported by:	Sebastian Pipping <sebastian@pipping.org>
Approved by:	ports-secteam (with hat)
Security:	CVE-2012-6702
Security:	CVE-2016-5300
Security:	https://vuxml.FreeBSD.org/freebsd/c9c252f5-2def-11e6-ae88-002590263bf5.html

[ 19:12 Rene Ladan (rene)  ]

• chromium 51.0.2704.84_1 www     Google web browser based on WebKit

MFH: r416561

www/chromium: restore WebRTC audio via ALSA which got lost in last commit.

PR:		206480
Submitted by:	betso.net@gmail.com

Approved by:	ports-secteam (feld)

[ 05:31 Rene Ladan (rene)  ]

• chromium 51.0.2704.84 www     Google web browser based on WebKit

MFH: r416521

www/chromium: update to 51.0.2704.84

A lot of patch files are renamed in this update.

Submitted by:	Timothy Vaccarelli
Obtained from:	https://github.com/LeFroid/
Security:	http://vuxml.freebsd.org/freebsd/c039a761-2c29-11e6-8912-3065ec8fd3ec.html
Security:	http://vuxml.freebsd.org/freebsd/1a6bbb95-24b8-11e6-bd31-3065ec8fd3ec.html
Security:	http://vuxml.freebsd.org/freebsd/4dfafa16-24ba-11e6-bd31-3065ec8fd3ec.html
Security:	http://vuxml.freebsd.org/freebsd/7da1da96-24bb-11e6-bd31-3065ec8fd3ec.html
Security:	http://vuxml.freebsd.org/freebsd/6d8505f0-0614-11e6-b39c-00262d5ed8ee.html

Approved by:	ports-secteam (junovitch)

[ 20:34 Guido Falsi (madpilot)  ]

• asterisk11 11.22.0 net     Open Source PBX and telephony toolkit
• asterisk13 13.8.1 net     Open Source PBX and telephony toolkit

MFH: r416484

Force asterisk to use it's internal iLBC implementation.

This prevents asterisk configure script from being confused by
net/libilbc (which is not compatible) if installed on the system.

PR:		210074
Submitted by:	Nikolay <technotrance at list.ru>

Approved by:	ports-secteam (feld)

[ 20:33 Christoph Moench-Tegeder (cmt)  ]

• linux-thunderbird 45.1.1 mail     Mozilla Thunderbird is standalone mail and news that stands above
• thunderbird 45.1.1 mail     Mozilla Thunderbird is standalone mail and news that stands above
• thunderbird-i18n 45.1.1 mail   Localized interface for Thunderbird

MFH: r416485

Update thunderbird to 45.1.1, enigmail to 1.9.3

PR:		210061
Approved by:	jbeich (maintainer)
Approved by:	rene (mentor)

Approved by:	ports-secteam (feld@)

[ 18:29 Kurt Jaeger (pi)  ]

• cacti 0.8.8h_1 net-mgmt     Web-driven graphing interface for RRDTool

net-mgmt/cacti: fix version number in Makefile

PR:		209809
Submitted by:	Daniel Austin <freebsd-ports@dan.me.uk> (maintainer)
Approved by:	ports-secteam (junovitch)
MFH:		2016Q2

[ 12:04 Bartek Rutkowski (robak)  ]

• milter-greylist-devel 4.6 mail   Unstable (dev) greylist milter for sendmail and postfix

MFH: r416320

mail/milter-greylist-devel: update 4.6a1 -> 4.6

- Fix runtime dependencies

PR:		209979
Submitted by:	Daniel Austin <freebsd-ports@dan.me.uk> (maintainer)

Approved by:	ports-secteam

[ 20:25 Jan Beich (jbeich)  ]

• firefox 47.0_1,1 www     Web browser based on the browser portion of Mozilla
• firefox-esr 45.2.0,1 www     Web browser based on the browser portion of Mozilla
• firefox-esr-i18n 45.2.0 www   Localized interface for Firefox
• firefox-i18n 47.0 www   Localized interface for Firefox
• libxul 45.2.0 www     Mozilla runtime package that can be used to bootstrap XUL+XPCOM apps
• linux-firefox 45.2.0,2 www     Web browser based on the browser portion of Mozilla

MFH: r416309 r416312 r416394

www/firefox: update to 47.0 (rc3) / 45.2esr

- Adjust firefox-esr-i18n for linux-firefox after r414580
- Unbreak DTRACE=on + DEBUG=on [1]
- Unbreak FFMPEG=off [2]

Changes:	https://www.mozilla.org/firefox/47.0/releasenotes/
Changes:	https://www.mozilla.org/firefox/45.2.0/releasenotes/
Security:	8065d37b-8e7c-4707-a608-1b0a2b8509c3
PR:		200845, 209952 [1], 209308 [2]
Approved by:	ports-secteam (feld, junovitch)

[ 19:57 Thomas Zander (riggs)  ]

• gdb 7.11.1 devel   GNU GDB of newer version than comes with the system
• gdb66 6.6_3 devel   GNU GDB of newer version than comes with the system

MFH: r416247 r416392

Make GDB build when basename() is POSIX compliant.

GDB's libiberty.h has a prototype of the basename() function it which
does not match the one that is part of POSIX, declared in libgen.h. This
is normally never visible, as GDB never includes libgen.h. On FreeBSD,
it unfortunately is, as our locally added copy of kgdb includes both.

Fix up libiberty.h to just include libgen.h. I'm currently discussing
with upstream how a clean fix should be done, but I guess that
requires more refactoring to the existing code. We'd better not bother
importing that and stick to this compact workaround.

Reviewed by:	bapt@, mi@, Luca Pizzamiglio

(Only the first 15 lines of the commit message are shown above )

[ 19:43 Thomas Zander (riggs)  ]

• chicken 4.11.0,1 lang     Scheme-to-C compiler

MFH: r416371

Update to upstream version 4.11.0

Extensive changelog on http://code.call-cc.org/releases/4.11.0/NEWS-4.11.0
including security fixes for Specialisation rules for string-{ref,set!},
bit-set?
and move-memory no longer use unchecked C functions which could
result in undefined behaviour, including buffer overruns.

While on it: Pet portlint

PR:		209810
Submitted by:	vmagerya@gmail.com (maintainer)
Reported by:	philneaton95@gmail.com

Approved by:	ports-secteam (junovitch)

[ 18:05 Jason Unovitch (junovitch)  ]

• openafs 1.6.18.20160101 net    AFS implementation from openafs.org

MFH: r415920

Update net/openafs to upstream 1.6.18

This includes the changes in 1.6.17, a security release.

PR:		209534
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Security:	CVE-2015-8312
Security:	CVE-2016-2860
Security:	CVE-2016-4536
Security:	https://vuxml.FreeBSD.org/freebsd/2e8fe57e-2b46-11e6-ae88-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/bcbd3fe0-2b46-11e6-ae88-002590263bf5.html
Approved by:	ports-secteam (with hat)

[ 17:44 Jason Unovitch (junovitch)  ]

• nginx 1.8.1_3,2 www     Robust and small WWW server
• nginx-devel 1.9.15_1 www     Robust and small WWW server

MFH: r412446 r412447 r412449 r412450 r412534 r412535 r412555 r412588 r412645
     r412858 r412862 r413165 r413379 r413380 r413662

Apply CVE-2016-4450 patches to www/nginx and www/nginx-devel following a sync
with r413662 from head before the major release updates to 1.10.x and 1.11.x
and configuration change requirement brought about by dynamic module support.

- Enable several vendor's modules to be in sync with vendor's
  original packages for some linux distros, please see
  http://nginx.org/en/linux_packages.html for details.
- Upgrade nginx-devel from 1.9.12 to 1.9.15; remove needless vendor patches.

Add/upgrade third-party modules:
o) Upgrade third-party brotli module from 86998c6 to 2fc6f12.
o) Add AWS proxy third-party module.

(Only the first 15 lines of the commit message are shown above )

[ 16:38 Jason Unovitch (junovitch)  ]

• ikiwiki 3.20160509 www     Wiki compiler

MFH: r415432

Update to 3.20160509.

PR:		209593
Reported by:	Sevan Janiyan
Security:	CVE-2016-4561
Sponsored by:	Absolight

Approved by:	ports-secteam (with hat)

[ 06:51 Cy Schubert (cy)  ]

• ntp-devel 4.3.93 net     The Network Time Protocol Distribution

MFH: r416299

Update 4.3.91 --> 4.3.93

Approved by:	ports-secteam@ (delphij)

[ 06:50 Cy Schubert (cy)  ]

• ntp 4.2.8p8 net     The Network Time Protocol Distribution

MFH: r416298

Update 4.2.8p7 --> 4.2.8p8

Approved by:	ports-secteam@ (delphij)

[ 22:55 Ryan Steinmetz (zi)  ]

• h2o 1.7.3 www     Optimized HTTP2 server with support for HTTP/1.x

MFH: r416261

- Update to 1.7.3

PR:		209926
Submitted by:	Dave Cottlehuber
Security:	65bb1858-27de-11e6-b714-74d02b9a84d5
Approved by:	ports-secteam (me)

[ 22:54 Ryan Steinmetz (zi)  ]

• vuxml 1.1_2 security   Vulnerability and eXposure Markup Language DTD

MFH: r416260

- Get vuln.xml in sync with head

Approved by:	ports-secteam (me)

[ 16:22 Kurt Jaeger (pi)  ]

• letsencrypt.sh 0.2.0 security   Pure BASH/ZSH Lets Encrypt client

MFH: r412687 r415739

- Update to version 0.2.0 to unbreak

PR:		209836
Reported by:	Fabian Keil <fk@fabiankeil.de>
Approved by:	Sascha Holzleiter <sascha@root-login.org> (maintainer)
Approved by:	ports-secteam (delphij, junovitch)

[ 16:12 Kurt Jaeger (pi)  ]

• cacti 0.8.8g_1 net-mgmt     Web-driven graphing interface for RRDTool

net-mgmt/cacti: fix INDEX in quarterly branch

- no USES=mysql allowed in the quarterly branch

PR:		209809
Submitted by:	antoine
Approved by:	ports-secteam (feld)

[ 13:30 Jan Beich (jbeich)  ]

• burrtools 0.6.3_3 games   Puzzle solver

MFH: r416147

games/burrtools: switch back to clang on 10+

Fix undefined behavior on startup when parsing (embedded) config file
written in Lua.

Approved by:	ports-secteam (junovitch)

[ 22:08 Xin LI (delphij)  ]

• clamav 0.99.2 security     Command line virus scanner written entirely in C

MFH: r416126

Update to 0.99.2.

PR:		ports/209384
Submitted by:	Leonid Nevecherya <nevecherya gmail com>
Approved by:	ports-secteam

[ 19:12 Kurt Jaeger (pi)  ]

• cacti 0.8.8h_1 net-mgmt      Web-driven graphing interface for RRDTool

MFH: r416066

net-mgmt/cacti: 0.8.8g -> 0.8.8h

This is a security update for cacti to resolve SQL exploits.
- upgrade to 0.8.8h codebase from vendor
- fix SQL vulnerabilities including CVE-2016-3659
- fix USE_MYSQL -> USES:mysql
- fix deprecated mysql php module requirement (use mysqli instead)
- fix overwriting of failure/recovery dates after outages

PR:		209809
Submitted by:	Daniel Austin <freebsd-ports@dan.me.uk> (maintainer)
Security:	CVE-2016-3659
Approved by:	ports-secteam (junovitch)

[ 01:48 Jason Unovitch (junovitch)  ]

• php55 5.5.36 lang     PHP Scripting Language
• php56 5.6.22 lang     PHP Scripting Language
• php70 7.0.7 lang     PHP Scripting Language

MFH: r415304 r415818 r415970 r415971 r415972

- Really fix ZTS build with pthreads, required by threaded apache24
- Bump PORTREVISION due to dependency on thread library

Approved by:	miwi (mentor)

Simplify plist by using @sample

lang/php70: update 7.0.6 -> 7.0.7

Approved by:	ports-secteam (with hat)
Security:	CVE-2013-7456
Security:	CVE-2016-5093
Security:	https://vuxml.FreeBSD.org/freebsd/6b110175-246d-11e6-8dd3-002590263bf5.html

(Only the first 15 lines of the commit message are shown above )

[ 11:32 Bartek Rutkowski (robak)  ]

• node4 4.4.5 www     V8 JavaScript for client and server (4.x LTS)

MFH: r415933

www/node4: update 4.4.4 -> 4.4.5

- Bugfix release

PR:		209781
Submitted by:	Bradley T. Hughes <bradleythughes@fastmail.fm> (maintainer)

Approved by:	ports-secteam

[ 22:31 Matthew Seaman (matthew)  ]

• phpmyadmin 4.6.2 databases     Set of PHP-scripts to manage MySQL over the web

MFH: r415866

Security update to 4.6.2

ChangeLog:	https://www.phpmyadmin.net/files/4.6.2/

Security:	00ec1be1-22bb-11e6-9ead-6805ca0b3d42

Approved by:	ports-secteam (junovitch)

[ 13:11 Bartek Rutkowski (robak)  ]

• sympa 6.2.15 mail     Sympa is an electronic mailing list manager

MFH: r415714

mail/sympa: update 6.2.14 -> 6.2.15

- Bugfix release

PR:		209667
Submitted by:	Geoffroy Desvernay <dgeo@centrale-marseille.fr> (maintainer)

Approved by:	ports-secteam

[ 02:08 Wen Heping (wen)  ]

• mediawiki123 1.23.14 www   Wiki engine used by Wikipedia
• mediawiki125 1.25.6 www   Wiki engine used by Wikipedia
• mediawiki126 1.26.3 www   Wiki engine used by Wikipedia

MFH: r415702

- Update mediawiki to 1.26.3, 1.25.6 and 1.23.14
 (security update)

Approved by:	 ports-secteam( junovitch@)

[ 12:08 Bartek Rutkowski (robak)  ]

• powerdns 3.4.9 dns     Advanced DNS server with multiple backends including SQL

MFH: r415648

dns/powerdns: update 3.4.8 -> 3.4.9

- Bugfix release

PR:		209677
Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)

Approved by:	ports-secteam

[ 01:14 Jan Beich (jbeich)  ]

• fb-adb 1.4.4.124 devel   Better shell for Android devices

MFH: r415618

devel/fb-adb: unbreak c6_64 build after r411857

===>  Extracting for fb-adb-1.4.4.124
=> SHA256 Checksum OK for android-ndk-r10e-linux-x86_64.bin.
=> SHA256 Checksum OK for facebook-fb-adb-1.4.4-124-gb230619_GH0.tar.gz.
tar: Error opening archive: Unrecognized archive format
*** Error code 1

Approved by:	ports-secteam blanket

[ 19:42 Olli Hauer (ohauer)  ]

• postfix-current 3.2.20160515,4 mail   Experimental Postfix version

MFH: r415287

- update to 3.2-20160515

Changelog:

20160330
        The collate.pl script by Viktor Dukhovni for grouping Postfix
        logfile records into "sessions" based on queue ID and process
        ID information. Files: auxiliary/collate/*.

20160407
        Treat SASL_FAIL and SASL_NOMEM as temporary errors.
        Markus Benning. File: xsasl/xsasl_cyrus_server.c.

(Only the first 15 lines of the commit message are shown above )

[ 20:58 Jan Beich (jbeich)  ]

• chromium 49.0.2623.112 www     Google web browser based on WebKit

MFH: r415570

www/chromium: unbreak WebRTC microphone selection with PULSEAUDIO=off

Similar to r414386. No kernel ALSA is available to enumerate soundcards,
so assume sound(4) can always be used via ALSA plugins like "oss".
This partially reverts https://codereview.chromium.org/7888011/

PR:		206480
Reported by:	Betso <betso.net@gmail.com>
Reviewed by:	cem, cmt (briefly)
Approved by:	maintainer timeout (2 weeks)
Approved by:	ports-secteam (feld)

[ 01:49 Jason Unovitch (junovitch)  ]

• wordpress-zh_CN 4.5.2 chinese     State-of-the-art semantic personal publishing platform

MFH: r415539

chinese/wordpress-zh_CN: update 4.4.2 -> 4.5.2

PR:		209409
Approved by:	ports-secteam (with hat)
Security:	CVE-2016-4566
Security:	CVE-2016-4567
Security:	https://vuxml.FreeBSD.org/freebsd/3686917b-164d-11e6-94fa-002590263bf5.html

[ 01:39 Jason Unovitch (junovitch)  ]

• jansson 2.7_3 devel   C library for encoding, decoding, and manipulating JSON data

MFH: r415303

Fix issue to parse large flat json files.

PR:		209492
Reported by:	yuri@rawbw.com

Approved by:	ports-secteam (with hat)

[ 01:23 Jason Unovitch (junovitch)  ]

• wpa_supplicant 2.5_2 security     Supplicant (client) for WPA/802.1x protocols

MFH: r415527

security/wpa_supplicant: Add security patch set 2016-1

A vulnerability was found in how hostapd and wpa_supplicant writes the
configuration file update for the WPA/WPA2 passphrase parameter. If this
parameter has been updated to include control characters either through
a WPS operation (CVE-2016-4476) or through local configuration change
over the wpa_supplicant control interface (CVE-2016-4477), the resulting
configuration file may prevent the hostapd and wpa_supplicant from
starting when the updated file is used. In addition for wpa_supplicant,
it may be possible to load a local library file and execute code from
there with the same privileges under which the wpa_supplicant process
runs.

These patches were developed upstream and published as a response
to the security advisories CVE-2016-4476 and CVE-2016-4477.

PR:		209564
Requested by:	Sevan Janiyan
Security:	CVE-2016-4477
Security:	CVE-2016-4476
Security:	https://vuxml.FreeBSD.org/freebsd/967b852b-1e28-11e6-8dd3-002590263bf5.html
Approved by:	ports-secteam (with hat)

[ 01:08 Jason Unovitch (junovitch)  ]

• expat2 2.1.1 textproc     XML 1.0 parser written in C

MFH: r415534

textproc/expat2: update 2.1.0 -> 2.1.1

- Update USES for new release format
- Drop CVE-2015-1283 patch now included in this release
- Add patch for CVE-2016-0718

PR:		209360
Submitted by:	tijl
Approved by:	ports-secteam (with hat)
Security:	CVE-2016-0718
Security:	https://vuxml.FreeBSD.org/freebsd/57b3aba7-1e25-11e6-8dd3-002590263bf5.html

[ 22:34 Thomas Zander (riggs)  ]

• ffmpeg 2.8.6_3,1 multimedia     Realtime audio/video encoder/converter and streaming server

MFH: r415463

Fix runtime issue: libvdpau must be LIB_DEPENDS

PR:		209619
Submitted by:	walter@lifeforms.nl

Approved by:	ports-secteam (feld)

[ 06:06 Olli Hauer (ohauer)  ]

• postfix211 2.11.8,1 mail    Secure alternative to widely-used Sendmail

MFH: r415321

- update to 2.11.8

Changelog:
20160310
        Bugfix (introduced: Postfix 2.6): the Milter SMFIR_CHGFROM
        (replace sender) request lost the sender_bcc_maps address.
        Fixed by moving some record keeping to the sender output
        function.  Files: cleanup/cleanup_envelope.c,
        cleanup/cleanup_addr.c, cleanup/cleanup_milter.c,
        cleanup/cleanup.h, regression tests.

20160410
        Bugfix (introduced: Postfix 2.6): the "bad filetype"
        header_checks pattern falsely rejected Content-Mumble headers
        with ``name="example"; x-apple-part-url="example.com"''.
        Fixed by respecting the ";" separator between content
        attribute values.  Reported by Cedric Knight.  File:
        proto/header_checks.

20160515
        Portability: OpenBSD 6.0. Files: makedefs, util/sys_defs.h.

Approved by:	ports-secteam (junovitch@)

[ 02:04 Jan Beich (jbeich)  ]

• openra 20160508 games   Multiplayer re-envisioning of early RTS games by Westwood Studios

MFH: r414854

games/openra: update to 20160403

Changes:	https://github.com/OpenRA/OpenRA/wiki/Changelog#release-20160508
Approved by:	ports-secteam (junovitch)

[ 12:34 Olli Hauer (ohauer)  ]

• postfix 3.1.1,1 mail   Secure alternative to widely-used Sendmail

MFH: r415286

- update to 3.1.1

Changelog:

20160228
       Documentation: typos in postfix-tls-script(1) manpage.

20160327
       Documentation: line wrapping in postconf(1) manpage.

20160310
       Bugfix (introduced: Postfix 2.6): the Milter SMFIR_CHGFROM
       (replace sender) request lost the sender_bcc_maps address.

(Only the first 15 lines of the commit message are shown above )

[ 05:07 Li-Wen Hsu (lwhsu)  ]

• jenkins 2.3 devel     Open-source continuous integration server

MFH: r415046

- Update to 2.3

Security:	e387834a-17ef-11e6-9947-7054d2909b71

Approved by:	ports-secteam (junovitch)

[ 05:05 Li-Wen Hsu (lwhsu)  ]

• jenkins2 2.3 devel   Open-source continuous integration server

MFH: r415047

- Update to 2.3

Security:	e387834a-17ef-11e6-9947-7054d2909b71

Approved by:	ports-secteam (junovitch)

[ 05:03 Li-Wen Hsu (lwhsu)  ]

• jenkins-lts 1.651.2 devel     Open-source continuous integration server

MFH: r415048

- Update to 1.651.2

Security:	e387834a-17ef-11e6-9947-7054d2909b71
Approved by:	swills (implicitly)

Approved by:	ports-secteam (junovitch)

[ 23:09 Bernard Spil (brnrd)  ]

• squid 3.5.19 www     HTTP Caching Proxy

MFH: r415227

www/squid: Fix configure errors for libssl

  - Fix building with ports' OpenSSL/LibreSSL
  - Use GSSAPI descriptions from Mk/Uses/gssapi.mk
  - Use more OPTIONS features

PR:		208584
Submitted by:	timp87@gmail.com (maintainer)

Approved by:	portmgr (feld)

[ 19:14 Koop Mast (kwm)  ]

• ImageMagick7 7.0.1.3 graphics     Image processing tools

MFH: r415108

Update ImageMagick7 to 7.0.1.3.

Remove the delegate patch since it done in IM now.

Security:	82b702e0-1907-11e6-857b-00221503d280

Approved by:	ports-secteam (feld@)

[ 19:12 Koop Mast (kwm)  ]

• ImageMagick 6.9.4.1,1 graphics     Image processing tools (legacy version)

MFH: r415107

Update ImageMagick to 6.9.4.1.

Remove the delegate patch since it done in IM now.

Security:	82b702e0-1907-11e6-857b-00221503d280

Approved by:	ports-secteam (feld@)

[ 14:08 Gerald Pfeifer (gerald)  ]

• wine 1.8.1_3,1 emulators   Microsoft Windows compatibility environment

Fix the build on FreeBSD 9.x by backporting r413495 and r413496 from
mainline after a month:

  Force the use of GCC where it is the system compiler since
  COMPILER_VERSION will be 42 (the GCC version) even if clang
  is CHOSEN_COMPILER_TYPE in that case.

PR:		206527
Approved by:	portmgr (blanket for build fixes)

[ 13:33 Matthias Andree (mandree)  ]

• openvpn 2.3.11 security     Secure IP/Ethernet tunnel daemon

MFH: r412540 r412541 r415093 r415116

Work around 10.3-RELEASE's service(8) shortcomings (r412540)
and to fix /usr/sbin/service -R (r412541).

PR:		208534
Reported by:	allan@saddi.com

r415093 (2.3.11 upgrade) and r415116 (the polarssl fix-up) together:

Security upgrade to OpenVPN 2.3.11.

Quoting upstream maintainers' release notes:
"This release fixes two vulnerabilities: a port-share bug with DoS
potential and a buffer overflow by user supplied data when using pam

(Only the first 15 lines of the commit message are shown above )

[ 07:54 Thomas Zander (riggs)  ]

• gdb 7.11_2 devel   GNU GDB of newer version than comes with the system

MFH: r415176

Fix build with libreadline from base system (via BASE_READLINE OPTION)

PR:		209431
Submitted by:	luca.pizzamiglio@gmail.com (maintainer)
Approved by:	ports-secteam (build fix blanket)

[ 19:25 Bernard Spil (brnrd)  ]

• mariadb100-server 10.0.25 databases     Multithreaded SQL database (server)

MFH: r415024

databases/mariadb100-server: Fix package builder failures

  - Add dependency on OpenSSL from ports
  - As per PR206998 this fixes the relocation error [1]

[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206998#c102

PR:		209419

Approved by:	ports-secteam (junovitch)

[ 17:51 Bernard Spil (brnrd)  ]

• libressl 2.2.7 security     Free version of the SSL/TLS protocol forked from OpenSSL

security/libressl: Update to 2.2.7

  - Update fixing recent vulnerabilities

Security:	01d729ca-1143-11e6-b55e-b499baebfeaf
Approved by:	ports-secteam (feld)

[ 15:07 Matthew Seaman (matthew)  ]

• squid 3.5.19 www     HTTP Caching Proxy

MFH: r414987

Security update to 3.5.19

PR:		209334
Submitted by:	timp87@gmail.com (maintainer)
Security:	25e5205b-1447-11e6-9ead-6805ca0b3d42

Approved by:	ports-secteam (junovitch)

[ 17:46 Gordon Tetlow (gordon)  ]

• p4 2015.1.1384697 devel    Perforce client
• p4api 2015.1.1384697 devel    Perforce API (static libraries and header files)
• p4d 2015.1.1384697 devel    Perforce server
• p4ftpd 2015.1.1384697 devel    Perforce server
• p4p 2015.1.1384697 devel    Perforce server

MFH: r414920

Update various Perforce ports to 2015.1/1384697 due to micropatching.

Approved by:	mat (mentor, implicit)
Approved by:	ports-secteam (feld)

[ 11:02 Bartek Rutkowski (robak)  ]

• wordpress 4.5.2 russian     State-of-the-art semantic personal publishing platform

MFH: r414809

russian/wordpress: update 4.5.1 -> 4.5.2

- Bugfix update

PR:		209378
Submitted by:	Mihail Timofeev <9267096@gmail.com> (maintainer)

Approved by:	ports-secteam

[ 03:10 Jason Unovitch (junovitch)  ]

• perl5-devel 5.23.9.85_2 lang     Practical Extraction and Report Language
• perl5.18 5.18.4_21 lang      Practical Extraction and Report Language
• perl5.20 5.20.3_12 lang     Practical Extraction and Report Language
• perl5.22 5.22.1_8 lang     Practical Extraction and Report Language

MFH r412502 r412503 r413010 r413019 r413036 r413249 r413567:

Apply batch of Perl updates up to security issue fix.

Fix a Perl security issue.

PR:		208879
Reported by:	Sevan Janiyan
Security:	CVE-2016-2381
Sponsored by:	Absolight

Approved by:	ports-secteam (with hat)

[ 02:12 Jason Unovitch (junovitch)  ]

• mysql56-client 5.6.30 databases     Multithreaded SQL database (client)
• mysql56-server 5.6.30 databases     Multithreaded SQL database (server)

MFH: r413653

Update to 5.6.30 release.

PR:		209344
Reported by:	Fabiano Sidler <fabianosidler@swissonline.ch>
Approved by:	ports-secteam (with hat)
Security:	https://vuxml.FreeBSD.org/freebsd/8c2b2f11-0ebe-11e6-b55e-b499baebfeaf.html

[ 01:53 Jason Unovitch (junovitch)  ]

• wordpress 4.5.2 japanese     State-of-the-art semantic personal publishing platform

MFH: r414906

japanese/wordpress: update 4.4.2 -> 4.5.2

Approved by:	ports-secteam (with hat)
Security:	CVE-2016-4566
Security:	CVE-2016-4567
Security:	https://vuxml.FreeBSD.org/freebsd/3686917b-164d-11e6-94fa-002590263bf5.html