FreshPorts has everything you want to know about FreeBSD software, ports, packages, applications, whatever term you want to use.

Fix build.

Sponsored by:	Absolight

mail/mutt: fix Makefile for -lite

PR:		208694
Submitted by:	[email protected] (maintainer)

multimedia/x264: add FFMS and LSMASH options

Switch to LSMASH by default to follow vendor configure behavior.

Approved by:	koobs (maintainer, via private mail)
Differential Revision:	https://reviews.freebsd.org/D5861

multimedia/x264: correct LAVF option description

LAVF only supports demuxing via libavformat.

Approved by:	koobs (maintainer, via private mail)
Differential Revision:	https://reviews.freebsd.org/D5863

multimedia/{,lib}x264: modernize

- Convert to option helpers
- Convert to USES=localbase + respect CPPFLAGS
- Convert to USES=shebangfix (can be zsh->bash symlink)
- Simplify SLAVE_PORT conditionals into ?=, += and !target()
- Drop unnecessary `cd` before PGO sample
- Drop no longer necessary .include <bsd.port.options.mk>

Approved by:	koobs (maintainer, via private mail)
Differential Revision:	https://reviews.freebsd.org/D5862

multimedia/libx264: drop unused pkg-descr

$ make -V DESCR
/usr/ports/multimedia/libx264/../x264/pkg-descr

Approved by:	portmgr blanket

multimedia/x264: make options actually affect dependencies

Approved by:	koobs (maintainer, via private mail)
Differential Revision:	https://reviews.freebsd.org/D5860

- Update to 1.21
- Add LICENSE
- Switch to USES=localbase

Support "make test" by defining TEST_TARGET. [1]

Define LICENSE.

Remove regression-test target in favor of the framework "make test"
feature. (ports/CHANGES 20150928)

Submitted by:	jbeich@ [1]

Update to version 1.2.1.

PR:		208739
Submitted by:	kbowling

Fix port when BUREMOVE is not defined

Switch the cloudabi-toolchain port over to llvm-devel.

Farnsworth: "Good news, everyone!" The latest revisions of LLVM trunk
not only have a version of LLD that creates usable binaries for x86-64
and aarch64, it also does a better job at creating Position Independent
Executables than the GNU linker.

Because PIE is going to become pretty important for some of the upcoming
projects (emulation on other OSes), I'd like to go ahead and switch the
cloudabi-toolchain port over to the latest snapshot of LLVM. My goal is
to revert back to a stable version (3.9) when available.

Switching to LLD involves patching up the Binutils ports to no longer
install the GNU linker (and remove the linker scripts that it uses). We
can then simply add a couple of extra symlinks to cloudabi-toolchain to
point to the LLD binary.

At the same time, let's switch over to using the ELF toolchain tools on
FreeBSD 11. That way we can even drop the dependency on Binutils on
those systems.

Reviewed by:	bapt, emaste
Differential Revision:	https://reviews.freebsd.org/D5874

- Set CAIRO_SVG and KML as default options

Suggested by:	[email protected](via email)

CentOS ports: for c6_64, install 32bit libraries alongside

PR:		206943
Submitted by:	xmj

Remove redundant MAN1 definition.

- Update to 6.700.4

Add third-party upstream check module.

PR:	208380

Add a convenience 'regression-test' target.

Update Samba ports to versions 4.2.11 and 4.3.8 respectivelly, to address
BadLock vulnerability(http://badlock.org).

Security:	CVE-2016-2118

This is routine update for the Samba supplimentary libraries, bumping them to
the versions that commonly acceptable by recent Samba ports, in particular,
samba44.

Update llvm-devel to a recent snapshot.

compiler-rt-devel remains BROKEN.

Un-deprecate [1], but block db48.

Reported by: adamw@ [1]

- Fix shebangs

Approved by:	portmgr blanket

devel/py-botocore: 1.4.5 -> 1.4.11
devel/awscli: 1.10.14 -> 1.10.20

botocore:
  https://github.com/boto/botocore/blob/develop/CHANGELOG.rst

awscli:
  https://aws.amazon.com/releasenotes/CLI?browse=1

PR:		208382
Submitted by:	Bradley T. Hughes <[email protected]>
Approved by:	[email protected] (maintainer)

mail/thunderbird: update to 45.0 (rc1)

Changes:	https://www.mozilla.org/thunderbird/45.0/releasenotes/
Security:	92d44f83-a7bf-41cf-91ee-3d1b8ecf579f
MFH:		2016Q2

Remove accidentally leftover ${PORTSDIR} vars in *_DEPENDS

Reported by:	jbeich

Update to 1.74.

Changes: http://cpansearch.perl.org/src/MIKEM/Net-SSLeay-1.74/Changes

Multiple vulnerabilities in Samba.
[CVE-2015-5370] Errors in Samba DCE-RPC code can lead to denial of service
(crashes and high cpu consumption) and man in the middle attacks.
[CVE-2016-2110] The feature negotiation of NTLMSSP is not downgrade protected. A
man in the middle is able to clear even required flags,
    especially NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL.
[CVE-2016-2111] When Samba is configured as Domain Controller it allows remote
attackers to spoof the computer name of a secure channel's endpoints,
    and obtain sensitive session information, by running a crafted application
and leveraging the ability to sniff network traffic.
[CVE-2016-2112] A man in the middle is able to downgrade LDAP connections to no
integrity protection.
[CVE-2016-2113] Man in the middle attacks are possible for client triggered LDAP
connections (with ldaps://) and ncacn_http connections (with https://).
[CVE-2016-2114] Due to a bug Samba doesn't enforce required smb signing, even if
explicitly configured.
[CVE-2016-2115] The protection of DCERPC communication over ncacn_np (which is
the default for most the file server related protocols) is inherited
    from the underlying SMB connection.
[CVE-2016-2118] a.k.a. BADLOCK. A man in the middle can intercept any DCERPC
traffic between a client and a server in order to impersonate the client
    and get the same privileges as the authenticated user account. This is most
problematic against active directory domain controllers.
Security:	CVE-2015-5370
		CVE-2016-2110
		CVE-2016-2111
		CVE-2016-2112
		CVE-2016-2113
		CVE-2016-2114
		CVE-2016-2115
		CVE-2016-2118
Sponsored by:	Micro$oft

14 vulnerabilities affecting 41 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities