Static linked binaries, due to the fact that they're statically linked,
can pose a security risk should a library be updated and depending
software not be recompiled and linked. This was a hot topic on BUGTRAQ
about 25 years ago.
The default is to build static libraries so as not to alter the package
avoiding a POLA violation.
PR: 255735
Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net> (mostly)
Reported by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Reviewed by: cy
Tested by: cy
MFH: 2021Q2
Similar to armv6, armv7 fails to build jitterentropy-base.c without
optimization, falling flat on the #pragma GCC optimize statement.
Like armv6, avoid building jitterentropy-base.c altogether.
PR: 253698
Armv6 fails to build jitterentropy-base.c without optimization,
even though #pragma GCC optimization and #pragma clang optimization
are specified. For now brute force disable building the jitter
entropy generator on armv6.
PR: 253698
Submitted by: yani _ pi-greece.eu
Reported by: yani _ pi-greece.eu
After a discussion on the mailing list on moving manpages to
${PREFIX}/share/man for consistency with base where it is
installed in usr/share/man, it appeared the same should happen
to GNU info files which were installed under share in base and
not in ports.
Now texinfo is not in base on any of the supported version of FreeBSD
it is possible to proceed to this move and it is easier to do than
the manpage change.
Other benefit than consistency are less patching: all build tools but
cmake are expecting info files to be under share/info and cmake (patched here)
was having an exception for BSD so the patch makes FreeBSD case less
specific for them
Bump revision of all impacted ports
PR: 232907
exp-run by: antoine
Differential Revision: https://reviews.freebsd.org/D17816
- Improve comment in Makefile
- Provide more elaborate port description and update WWW in pkg-descr
Noteworthy changes in version 1.8.3
===================================
- Use blinding for ECDSA signing to mitigate a novel side-channel
attack. [#4011,CVE-2018-0495]
- Fix incorrect counter overflow handling for GCM when using an IV
size other than 96 bit. [#3764]
- Fix incorrect output of AES-keywrap mode for in-place encryption
on some platforms.
- Fix the gcry_mpi_ec_curve_point point validation function.
- Fix rare assertion failure in gcry_prime_check.
Release info at <https://dev.gnupg.org/T4016>.
For further details, see https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html
MFH: 2018Q2
Security: http://vuxml.freebsd.org/freebsd/9b5162de-6f39-11e8-818e-e8e0b747a45a.html
- Update libgcrypt to 1.7.7
- Silence all explicitly called commands
- Update WWW in pkg-descr: use https://
- Bump library version in pkg-plist
Noteworthy changes in version 1.7.7
* Bug fixes:
- Fix possible timing attack on EdDSA session key.
- Fix long standing bug in secure memory implementation which could
lead to a segv on free. [bug#3027].
PR: 219747
MFH: 2017Q2
Exp-run by: antoine
Noteworthy changes in version 1.7.6
* Bug fixes:
- Fix AES CTR self-check detected failure in the SSSE3 based
implementation.
- Remove gratuitous select before the getrandom syscall.
PR: 216305
MFH: 2017Q1
Exp-run by: antoine
- Update to 1.7.5
- Remove files useless to install from DOCS
- Remove patch since sparc v8 is not supported on FreeBSD
- Bump library version in pkg-plist
Changelog:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q4/000399.html
PR: 215236
Approved by: amdmi3 (mentor)
MFH: 2016Q4
Exp-run by: antoine
for amd64 implementation.
Other changes:
- Regenerate patches to make portlint(1) happy
- Update MAINTAINER to my @FreeBSD.org address
- Bump PORTREVISION
PR: 206919
Approved by: junovitch (mentor)
This fixes at least devel/ccrtp's build on 9.3, which is currently broken:
In file included from ccrtp/crypto/gcrypt/gcrypthmac.cpp:23:
/usr/local/include/gcrypt.h:509: error: comma at end of enumerator list
/usr/local/include/gcrypt.h:1346: error: comma at end of enumerator list
Makefile:571: recipe for target 'gcrypthmac.lo' failed
MFH'ing this is not necessary, this bug is only present in libgcrypt 1.6.4.
PR: 205000
Approved by: maintainer timeout (15 days)
- This patch was removed when updating to 1.6.4, so the patch needs
to be put back in order to solve the bug 204399.
PR: 204600
Submitted by: Carlos J. Puga Medina <cpm@fbsd.es> (maintainer)
for static linking. This affects emulators/qemu-user-static primarily
but will help anyone trying to statically link their applications.
Reviewed by: tijl cpm@fbsd.es (Maintainer)
- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.
While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.
Also, replace some EXTRACT_SUFX occurences with USES=tar:*.
Checked by: make fetch-urlall-list
With hat: portmgr
Sponsored by: Absolight
