notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

Two new features

Two new features were added on 2020-05-30:
  1. Repology links - each port now has a link to repology.org. See issue 148 for details.
  2. Ports I maintain report - port maintainers can now subscribe to a daily report of commits to the ports they maintain. See Watch ports I maintain at Report Subscriptions. Details at issue 138
Search FreshPorts using Google
not searching src

The FreshPorts Search


Include deleted ports Case sensitive search Sort by:
Include /src tree
Output format:
HTML
Plain Text
Maximum Effort Minimal output
Branch:

Notes

  • Case sensitivity is ignored for "sounds like" and output is ordered by the soundex.
  • When searching on 'Message ID', the type of match is ignored.
  • When searching on 'Commit Message' only 'containing' is used.
  • When searching by 'Under a pathname', your path must start with something like /ports/, /doc/, or /src/. All commits under that point will be returned. The selected match type is ignored and defaults to 'Starts with'.
  • Searching for 'sounds like' is only valid for Committer, Maintainer, Package Name, and Port Name.
Number of commits: 54
Thu, 7 May 2020
[ 17:31 cem ] Original commit 
dwarves 1.17 devel files touched by this commit Debugging Information Manipulation Tools (pahole & friends)
devel/dwarves: Add new port

Approved by:	jrm
Differential Revision:	https://reviews.freebsd.org/D24746
Wed, 6 May 2020
[ 17:32 cem ] Original commit 
elfutils 0.179 devel files touched by this commit Library for manipulating ELF files and partial implementation of binutils
kcov 37_1 devel files touched by this commit Coverage checker for ELF, Bash, and Python programs
elfutils: Update to latest 0.179

Bump portrevision in kcov, which depends on elfutils ABI.

Discussed with:	asomers, mat
Approved by:	jrm
Differential Revision:	https://reviews.freebsd.org/D24614
Sun, 12 Apr 2020
[ 20:23 cem ] Original commit 
libxfce4menu 4.14.1_1 x11 files touched by this commit Widgets library for the Xfce desktop environment
x11/libxfce4menu: Fix leaked keygrabs when layout changes

As diagnosed by Jethro Nederhof, xfce-shortcuts-grabber.c attempts to update
grabbed key shortcuts when xkeyboard layout changes. Unfortunately, it had no
memory of which keycodes it has actually grabbed. Instead, it attempted to
ungrab the *new* keycode, which obviously doesn't actually ungrab those codes.

This went unnoticed for some time, probably because nothing collided with
important keys. Recently, a default PrintScreen shortcut was added to Xfce,
which for whatever reason seems to collide with Up in initial layout. When the
kbd layout changes, the shortcut ungrabs the *new* Printscreen keycode and then
re-grabs the same keycode, leaving the Up keycode grabbed.

Fix this by giving xfce-shortcuts-grabber some memory of which keycodes it has
grabbed. When it grabs a key, it remembers the keycode it grabbed in the
XfceKey object. When it ungrabs a key, it ungrabs the keycodes in the XfceKey
object, rather than those for the new keyboard layout.

PR:		244290
Reported by:	Aryeh Friedman <aryeh.friedman AT gmail.com>, many others
Approved by:	madpilot
Differential Revision:	https://reviews.freebsd.org/D24338
Wed, 8 Apr 2020
[ 00:22 cem ] Original commit 
chromium 80.0.3987.163_1 www  Deprecated Expiration Date files touched by this commit Google web browser based on WebKit
www/chromium: Un-remove v4l video capture support

This support was removed in r416521. The revision message did not document the
removal nor justify patching out a major port feature.

This restores that support.

The earlier revision should probably be audited for other patches which (a) add
update burden to this already huge port and (b) remove expected functionality.

PR:		245250
Submitted by:	Tamas Szakaly <sghctoma AT gmail.com>
Reported by:	yuri@
Approved by:	jrm
Differential Revision:	https://reviews.freebsd.org/D24330
Sat, 4 Apr 2020
[ 20:16 cem ] Original commit 
chromium 80.0.3987.163 www  Deprecated Expiration Date files touched by this commit Google web browser based on WebKit
www/chromium: update to 80.0.3987.163

Approved by:	jrm, mikael, rene
Security:	CVE-2020-6450 CVE-2020-6451 CVE-2020-6452
Differential Revision:	https://reviews.freebsd.org/D24290
Wed, 25 Mar 2020
[ 01:43 cem ] Original commit 
chromium 80.0.3987.149 www  Deprecated Expiration Date files touched by this commit Google web browser based on WebKit
www/chromium: update to 80.0.3987.149

The Chrome stable channel has been updated to 80.0.3987.149[1].

This update includes 13 security fixes, including 9 Sev:High reports from
external researchers.

[1]:
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html

PR:		245019
Approved by:	jrm
Security:	yes
Differential Revision:	https://reviews.freebsd.org/D24169
Wed, 11 Mar 2020
[ 19:59 cem ] Original commit 
chromium 80.0.3987.132 www  Deprecated Expiration Date files touched by this commit Google web browser based on WebKit
www/chromium: Fix aarch64 by reapplying r527876

It was lost in the 80.x update, unfortunately. Mea culpa.

Reported by:	mikael
Discussed with:	jrm
Approved by:	mikael
Differential Revision:	https://reviews.freebsd.org/D24026
Mon, 9 Mar 2020
[ 01:53 cem ] Original commit 
chromium 80.0.3987.132 www  Deprecated Expiration Date files touched by this commit Google web browser based on WebKit
www/chromium: Reduce build log spam

Avoid build log spam by disabling a noisy and purely false-positive warning
in targeted locations. The Clang static analysis of pthread locking
primitives assumes they are not wrapped (as well as relatively simple
locking use). These headers simply wrap the underlying primitives and tickle
hundreds of false positives with deep include stacks that spam build logs.

Approved by:	jrm
Differential Revision:	https://reviews.freebsd.org/D24000
Sun, 8 Mar 2020
[ 19:44 cem ] Original commit 
chromium 80.0.3987.132 www  Deprecated Expiration Date files touched by this commit Google web browser based on WebKit
www/chromium: update to 80.0.3987.132

This addresses some security issues, including at least one Google admits was
being exploited in the wild.  For more, see:
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html

PR:		244625
Approved by:	jrm, rene
Security:	CVE-2020-6407, CVE-2020-6418 (in the wild), CVE-2020-6420
Differential Revision:	https://reviews.freebsd.org/D23984
Wed, 12 Feb 2020
[ 16:18 cem ] Original commit 
vuxml 1.1_4 security files touched by this commit Vulnerability and eXposure Markup Language DTD
security/vuxml: Document sysutils/grub2-bhyve escalations

Mitigated in r525916.

admbugs:	948
Reported by:	Reno Robert <renorobert AT gmail.com>
Approved by:	bapt
MFH:		2020Q1 (bapt)
[ 15:32 cem ] Original commit 
grub2-bhyve 0.40_8 sysutils files touched by this commit Grub-emu loader for bhyve
sysutils/grub2-bhyve: Neutralize privileged guest commands

GRUB was designed to run in a trusted environment, where anyone with access
to grub2.cfg could also modify grub itself.  In grub2-bhyve, we have
modified it to run in host context, but interpret the commands of guest
grub2.cfg.  This means we have to worry about malicious guests.

This patch addresses two escalation vectors: font-loading, and the direct
'read', 'write', 'in', and 'out' commands (which read/write arbitrary
addresses).  Both reported by Reno Robert.

Disable font-loading by neutering the command.  It is believed to be non-
essential and there is at least one buffer overflow in the font loading
code.

Disable reading and writing host memory and IO ports.  It is believed to be
non-essential.

admbugs:	948
Reported by:	Reno Robert <renorobert AT gmail.com>
Approved by:	bapt
MFH:		2010Q1 (bapt)
Security:	yes
Number of commits: 54
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
typo3-10Aug 04
typo3-9Aug 04
libX11Aug 01
xephyrAug 01
xorg-dmxAug 01
xorg-nestserverAug 01
xorg-serverAug 01
xorg-vfbserverAug 01
xwaylandAug 01
python38Jul 31
arkJul 30
chromiumJul 28
freerdpJul 28
libsndfileJul 28
zeekJul 28

13 vulnerabilities affecting 77 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2020-08-04 10:33:08


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 40256
Broken 91
Deprecated 599
Ignore 326
Forbidden 5
Restricted 147
No CDROM 76
Vulnerable 20
Expired 3
Set to expire 570
Interactive 0
new 24 hours 2
new 48 hours10
new 7 days42
new fortnight74
new month141

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2020 Dan Langille. All rights reserved.