02:06 timur 

Add deprecation date for the port. Officialy it's discontinued from 2018-03-13

 

21:00 timur 

Security update for samba45, samba46, samba47 ports to address CVE-2018-1050 and
CVE-2018-1057.

As AD DC doesn't work in samba46 and was broken again in samba 4.7.4 - the
attack vector is quite narrow.

Security:	CVE-2018-1050
		CVE-2018-1057
Sponsored by:	iXsystems Inc.

 

11:10 antoine 

Reduce dependency on the python2 metaport

PR:		225752
Submitted by:	Yasuhiro KIMURA

 

15:50 mat 

Convert Python ports to FLAVORS.

  Ports using USE_PYTHON=distutils are now flavored.  They will
  automatically get flavors (py27, py34, py35, py36) depending on what
  versions they support.

  There is also a USE_PYTHON=flavors for ports that do not use distutils
  but need FLAVORS to be set.  A USE_PYTHON=noflavors can be set if
  using distutils but flavors are not wanted.

  A new USE_PYTHON=optsuffix that will add PYTHON_PKGNAMESUFFIX has been
  added to cope with Python ports that did not have the Python
  PKGNAMEPREFIX but are flavored.

  USES=python now also exports a PY_FLAVOR variable that contains the
  current python flavor.  It can be used in dependency lines when the
  port itself is not python flavored.  For example, deskutils/calibre.

  By default, all the flavors are generated.  To only generate flavors
  for the versions in PYTHON2_DEFAULT and PYTHON3_DEFAULT, define
  BUILD_DEFAULT_PYTHON_FLAVORS in your make.conf.

  In all the ports with Python dependencies, the *_DEPENDS entries MUST
  end with the flavor so that the framework knows which to build/use.
  This is done by appending '@${PY_FLAVOR}' after the origin (or
  @${FLAVOR} if in a Python module with Python flavors, as the content
  will be the same).  For example:

    RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}six>0:devel/py-six@${PY_FLAVOR}

PR:		223071
Reviewed by:	portmgr, python
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D12464

 

02:44 timur 

Security update for CVE-2017-15275 and CVE-2017-14746

Security:	CVE-2017-15275
		CVE-2017-14746
Sponsored by:	iXsystems Inc.

 

03:47 timur 

Update Samba4 ports to 4.6.8, 4.5.14 and 4.4.16 respectivelly to address
security flaws:

o  CVE-2017-12150 (SMB1/2/3 connections may not require signing where
   they should)
o  CVE-2017-12151 (SMB3 connections don't keep encryption across DFS
      redirects)
o  CVE-2017-12163 (Server memory information leak over SMB1)

Security:	CVE-2017-12150
		CVE-2017-12151
		CVE-2017-12163

 

13:51 timur 

Samba 4.6.6, 4.5.12 and 4.4.15 Security update for the CVE-2017-11103: Orpheus'
Lyre KDC-REP service name validation in Heimdal

Security:	CVE-2017-11103

 

13:46 sunpoet 

Update devel/readline to 7.0 patch 3

- Bump PORTREVISION for shlib change

Changes:	https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
		https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
		https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision:	https://reviews.freebsd.org/D11172
PR:		219947
Exp-run by:	antoine

 

14:53 timur 

Urgent upgrade of the Samba 4.[4-6] ports to address RCE in the Samba
code(CVE-2017-7494). All versions starting from 3.5+ are affected.

Security:	CVE-2017-7494

 

21:11 timur 

Upgrade Samba4[4-6] ports to fix regression with "follow symlinks = no". Remove
dependency from the external p5-Parse-Pidl as it may break provisioning(and
more).

PR:		218255

 

20:33 timur 

Few libraries were missing from the plist, breaking AC_DC. Also, apparently,
upstream also forgot to link few libraries with the libsamba-debug-samba4.so,
breaking those as well.

 

00:53 timur 

Eliminate use of external p5-Parse-Pidl, as 4.4-, 4.5 and 4.6 are incompatiable
in the output cross the Samba versions.

 

02:53 timur 

SAMBA4_SUBPORT wasn't guarded in all sections of Makefile, making p5-Parse-Pidl
fail with newer versions of Samba.

 

23:44 timur 

Add net/samba45 port version 4.5.7 to address CVE-2017-2619

Security:	CVE-2017-2619