| Age | Commit message (Collapse) | Author |
|---|
|
Details:
- Bugfix release, see
https://github.com/traefik/traefik/releases/tag/v2.11.5
- Fixes an Azure Identity Libraries Elevation of Privilege
Vulnerability, as described in
https://github.com/traefik/traefik/security/advisories/GHSA-rvj4-q8q5-8grf
MFH: 2024Q2
Security: CVE-2024-35255
(cherry picked from commit 6b4fc3fddc586d5734f6ec014308c0568c822552)
|
|
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/f19ddef76c4...0d1813837ba
(cherry picked from commit f6672ffddd80cecc9f7f95f3601fd0df5a5c4d34)
|
|
Release Notes:
https://www.thunderbird.net/en-US/thunderbird/115.12.2/releasenotes/
(cherry picked from commit aa8bc1246873b8bec16bd0763a0e05a2a9908bc6)
|
|
MFH: 2024Q2
Security: aa2b65e4-2f63-11ef-9cab-4ccc6adda413
(cherry picked from commit 0f4290c640f535b5fe7c9248c4c4ce7990ed4e1c)
|
|
This unfortunately makes use of the Qt private API, so it has to be
rebuilt with each Qt update.
(cherry picked from commit 7e63ffcc5a8ccaad386ce8ecd4d3800d910e45bf)
|
|
MFH: 2024Q2
(cherry picked from commit 85b42eed6e6194b3d756915aa06a3458cc93ccd7)
|
|
June 19, 2024
We have released Qt 6.7.2. As a patch release, Qt 6.7.2 does not
introduce new features but contains more than 200 bug fixes, security
updates, and other improvements on the top of the Qt 6.7.1 release.
See more information about the most important changes and bug fixes
from the Qt 6.7.2 release note.
Announcement: https://www.qt.io/blog/qt-6.7.2-released
Release note: https://code.qt.io/cgit/qt/qtreleasenotes.git/about/qt/6.7.2/release-note.md
MFH: 2024Q2
Security: c5415838-2f52-11ef-9cab-4ccc6adda413
(cherry picked from commit 5435b47d7da84c666299388c4eee90db0a557097)
|
|
Update devel/pyside2* and devel/shiboken to 5.15.14
Update devel/qt5-script* and www/qt5-webengine to 5.15.17
Release note: https://code.qt.io/cgit/qt/qtreleasenotes.git/about/qt/5.15.14/release-note.md
(cherry picked from commit 72a628f271410ef9de913e203d69495011f6234c)
|
|
ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.11/Changes.rst#overview-of-changes-in-2611
Security: 142c538e-b18f-40a1-afac-c479effadd5c
Security: CVE-2024-5594
Security: CVE-2024-28882
MFH: 2024Q2
(cherry picked from commit 97a30e46bd0b9fecac92207e719f58247a198c98)
|
|
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/75777f1dc83...f19ddef76c4
(cherry picked from commit f558721194b8b5bfbc7bf9d914402ded0c8627a1)
|
|
Changes: https://gitlab.com/veloren/veloren/-/compare/e4cd939eb...d6d9c2ca5
(cherry picked from commit 288d91be811488c74ef4e32697745416e79a3ec7)
|
|
Changelog:
https://tomcat.apache.org/tomcat-10.1-doc/changelog.html#Tomcat_10.1.25_(schultz)
MFH: 2024Q2
(cherry picked from commit 03f48934110f1fe6628910379e8998bf364bba78)
|
|
Changelog:
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.90_(remm)
MFH: 2024Q2
(cherry picked from commit 3e65a40aa3956ed33c408886715dc5de55f8931e)
|
|
Security: https://vuxml.freebsd.org/freebsd/453aa0fc-2d91-11ef-8a0f-a8a1599412c6.html
|
|
CVE-2024-24789: the archive/zip package's handling of certain types of invalid
zip files differs from the behavior of most zip implementations. This
misalignment could be exploited to create an zip file with contents that vary
depending on the implementation reading the file.
PR: 279781
Reported by: stb@lassitu.de (maintainer)
MFH: 2024Q2
Security: CVE-2024-24789
(cherry picked from commit be43fb2830c94e23e0d9aa49ef9b982b0ab31e2c)
|
|
Changelog:
https://tomcat.apache.org/tomcat-11.0-doc/changelog.html#Tomcat_11.0.0-M21_(markt)
MFH: 2024Q2
(cherry picked from commit 70ffe82e6c16c3e38f74f83c80c776bb20008ff2)
|
|
Release Notes:
https://www.thunderbird.net/en-US/thunderbird/115.12.1/releasenotes/
(cherry picked from commit 880fe300a6168ffbdd1d4c89b3ff5e3c1e96a9be)
|
|
Release Notes (soon):
https://www.mozilla.org/en-US/firefox/127.0.1/releasenotes/
(cherry picked from commit c8111805c98b2c0e4920792369368b570604616c)
|
|
- Bump PORTREVISION for package change
Obtained from: https://github.com/metaopt/optree/commit/9a613a705ee18e18784ba3a16b2786f56f9c74d2 (based on)
(cherry picked from commit 97dea13acee55a5c5ab4cd6ac1294c3ef3f42e1f)
|
|
It's a direct commit. py-python-dateutil is not in the 2024Q2, so change
it back to py-dateutil while preserving required version limitation change.
Approved by: portmgr (antoine)
Differential Revision: https://reviews.freebsd.org/R11:eb44fa832b1272ee0eb8273e13bc2dac348278c2
|
|
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/13dc2a28ce1...75777f1dc83
(cherry picked from commit e0861e7ef8cae155be026835f02d0320f384b09f)
|
|
Changes: https://gitlab.freedesktop.org/xorg/xserver/-/compare/a4d298d85...32e16082c5
(cherry picked from commit 66f8e5d9924219fa24ae34c57fc5e46c4679bce7)
|
|
Reported by: fallout
(cherry picked from commit eb44fa832b1272ee0eb8273e13bc2dac348278c2)
|
|
Details:
- Bugfix release addressing unexpected behavior with IPv4-mapped IPv6
addresses, see
https://github.com/traefik/traefik/releases/tag/v2.11.4
MFH: 2024Q2
Security: CVE-2024-24790
https://github.com/traefik/traefik/security/advisories/GHSA-7jmw-8259-q9jx
(cherry picked from commit b9c0a36b4514546dc3b3ccafa0e00c17c0119bfc)
|
|
Details:
- Bugfix release, see
https://mkvtoolnix.download/doc/NEWS.md
MFH: 2024Q2
(cherry picked from commit eeaa3942361cb6b0fe34411bc1792695ce850f20)
|
|
- remove now obsolete patch
- security fix for an anticipated protocol weakness
Changelog: https://github.com/rosenpass/rosenpass/releases/tag/v0.2.2
MFH: 2024Q2
(cherry picked from commit 3692e105f5975081bb871b326698e15507b18ed4)
|
|
Add missing pkg-plist entries after my rushed and pointy-hat-worthy
commit 353079b68987. [1] I was under the impression that this version
just contained the security fixes and didn't do my due diligence.
To sort of make up for it:
Add other missing pkg-plist entries if kuserfeedback is installed and
add it as a dependency.
Potentially improve wayland support by adding plasma-wayland-protocols
and wayland-protocols as build dependencies.
Add PIPEWIRE option and patch out auto-detection. Enable by default as
x11/plasma5-plasma-desktop also enables PIPEWIRE by default.
Remove ancient CONFLICTS.
PR: 279744 [1]
Reported by: jbeich [1]
MFH: 2024Q2
(cherry picked from commit c75e3897416092ecd7dd255114dae100734524d7)
|
|
This corrects the shlib version and propagates to other packages via
CMake that depend on the exact version of plasma5-breeze as their own,
like plasma5-plasma-workspace.
MFH: 2024Q2
(cherry picked from commit 89db557c2a0917847980afd5b47671a83bc8ce17)
|
|
Changelogs since 0.0.7b2:
https://github.com/iDebugAll/phonebox_plugin/releases/tag/v0.0.9
https://github.com/iDebugAll/phonebox_plugin/releases/tag/v0.0.8
MFH: 2024Q2
(cherry picked from commit 4daf2fbcaf9459a6a92869c18aca4b27d1f2af55)
|
|
MFH: 2024Q2
(cherry picked from commit 717f30b8e00e1a9b209fe49a82dfe0ad26c2cd7f)
|
|
MFH: 2024Q2
(cherry picked from commit b24868e7be03b2ce962ee5e9ead293c10dc15cfb)
|
|
MFH: 2024Q2
(cherry picked from commit 746fa696a12ef1ca798e36baf087f579375b8cd1)
|
|
MFH: 2024Q2
Security: a5c64f6f-2af3-11ef-a77e-901b0e9408dc
Security: CVE-2024-24789
Security: CVE-2024-24790
(cherry picked from commit 6b977b39442a498d115eebc767c61f4335588353)
|
|
MFH: 2024Q2
Security: a5c64f6f-2af3-11ef-a77e-901b0e9408dc
Security: CVE-2024-24789
Security: CVE-2024-24790
(cherry picked from commit 5de8e9d8ec867592adb0cfdf197dd946be96181b)
|
|
PR: 279728
MFH: 2024Q2 (security issue)
(cherry picked from commit 638793efa7ccb592897e18e6bcbb69b3e90bdf07)
|
|
(cherry picked from commit f80c8e344d4d8d666424888cdc369ec43c908931)
|
|
- install documentation
(cherry picked from commit bbafdb3bb75f0fc2db6fa6ccdfc2d27e26b22302)
|
|
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/2498d673827...13dc2a28ce1
(cherry picked from commit ffe9487476bacc96e714ad3e537142d2a8eed0d7)
|
|
Changes: https://github.com/diamondburned/dissent/releases/tag/v0.0.25
Reported by: GitHub (watch releases)
(cherry picked from commit f7de139fc305a6b7f6dd80b8c2111b6447f0f6a7)
|
|
Changes: https://github.com/hyprwm/xdg-desktop-portal-hyprland/releases/tag/v1.3.2
Reported by: GitHub (watch releases)
(cherry picked from commit 6482a6db7b5602a1cd59b6d993bba46398860754)
|
|
PR: 279673
Reported by: freebsd@omarpolo.com (maintainer)
MFH: 2023Q2 (security fix)
(cherry picked from commit 762409ed891a3ea897c4353a2beed08126e5603e)
|
|
Changelog:
* Fixed initialization fork for indexes on unlogged tables
MFH: 2024Q2
Sponsored by: P. Variablis
(cherry picked from commit 489a66d3687e3984471847fdf3f5e1e90eb8d212)
|
|
Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/f04bb494651...2498d673827
(cherry picked from commit 16f480b14b020b46d6d263bec09c0b6c1bfce697)
|
|
Changes: https://gitlab.com/veloren/veloren/-/compare/5c0299ef8...e4cd939eb
(cherry picked from commit 3039a8cdee361deec8a70d43519f7c143239d1e8)
|
|
Changes: https://github.com/Ferdi265/wl-mirror/releases/tag/v0.16.3
Reported by: GitHub (watch releases)
(cherry picked from commit e2cf8c6cdd869235f8453939e87ceedb81c530a8)
|
|
Changes: https://aomedia.googlesource.com/aom/+log/v3.8.2..v3.8.3
Security: CVE-2024-5493
(direct commit to 2024Q2 as 1319a8d09a6e is missing on the branch)
|
|
This release improves the --gauge dialog specifically.
Sponsored by: The FreeBSD Foundation
Closes: https://github.com/freebsd/freebsd-ports/pull/267
(cherry picked from commit 7be8b975e112d41d65ae6eec91b8863ad4d05887)
|
|
Upstream rerolled the distfile.
PR: 279688
Approved by: Naram Qashat <cyberbotx@cyberbotx.com> (maintainer, implicit), fixit
MFH: 2024Q2
(cherry picked from commit d5dd3b053e8542304b12354392122455f4802f88)
|
|
(cherry picked from commit ce12ada1b6b993005ddf0ae2ea275582136aabe8)
|
|
Changes: https://github.com/rbenv/ruby-build/releases/tag/v20240612
(cherry picked from commit 83b46a4f9e5bff2f3e095b20064424ab5b01968c)
|
