Subject: CVS commit: [pkgsrc-2017Q1] pkgsrc/security
From: Benny Siegert
Date: 2017-06-13 20:41:37
Message id: 20170613184137.E7F44FAB5@cvs.NetBSD.org

Log Message:
Pullup ticket #5475 - requested by khorben
security/py-yara: security fix
security/yara: security fix

Revisions pulled up:
- security/py-yara/Makefile                                     1.5
- security/py-yara/PLIST                                        1.2
- security/py-yara/distinfo                                     1.5-1.7
- security/yara/Makefile                                        1.3
- security/yara/Makefile.common                                 1.5-1.8
- security/yara/PLIST                                           1.3
- security/yara/distinfo                                        1.6-1.8

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Mon May 15 15:27:31 UTC 2017

   Modified Files:
   	pkgsrc/security/py-yara: Makefile PLIST distinfo
   	pkgsrc/security/yara: Makefile Makefile.common PLIST distinfo

   Log Message:
   Update security/{,py-yara} to version 3.5.0

   The release notes mention:

      * Match length operator
   (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length)
      * Performance improvements
      * Less memory consumption while scanning processes
      * Exception handling when scanning memory blocks
      * Negative integers in meta fields
      * Added the --stack-size command-argument
      * Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE
   module
      * Functions rich_signature.toolid and rich_signature.version added to
   PE module
      * Lots of bug fixes

   The Python bindings are now released from a different tree, with the same
   versioning apparently though.

   "welcome to update" pettai@

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Mon May 15 15:34:12 UTC 2017

   Modified Files:
   	pkgsrc/security/yara: Makefile.common

   Log Message:
   Set myself as the maintainer

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Wed Jun  7 20:11:42 UTC 2017

   Modified Files:
   	pkgsrc/security/py-yara: distinfo
   	pkgsrc/security/yara: Makefile.common distinfo

   Log Message:
   Package yara 3.6.0

   In the release notes:
     * .NET module (Wesley Shields)
     * New features for ELF module (Jacob Baines)
     * Fix endianness issues (Hilko Bengen)
     * Function yr_compiler_add_fd added to libyara
     * MAX_THREADS limit can be arbitrarily increased (Emerson R. Wiley)
     * Added --fail-on-warnings command-line option
     * Multiple bug fixes

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Wed Jun  7 20:27:37 UTC 2017

   Modified Files:
   	pkgsrc/security/py-yara: distinfo
   	pkgsrc/security/yara: Makefile.common distinfo

   Log Message:
   Package yara 3.6.1

   In the release notes:

     * BUGFIX: Stack overflow caused by uncontrolled recursiveness
   (CVE-2017-9304)
     * BUGFIX: pe.overlay.size was undefined if the PE didn't have an
   overlay. Now it's set to 0 in those cases.
     * BUGFIX: Fix initalization issue that could cause a crash if rules
   compiled with a 32bit yarac is used with a 64bit yara.

Files:
RevisionActionfile
1.4.2.1modifypkgsrc/security/py-yara/Makefile
1.1.16.1modifypkgsrc/security/py-yara/PLIST
1.4.8.1modifypkgsrc/security/py-yara/distinfo
1.2.16.1modifypkgsrc/security/yara/Makefile
1.4.8.1modifypkgsrc/security/yara/Makefile.common
1.2.8.1modifypkgsrc/security/yara/PLIST
1.5.8.1modifypkgsrc/security/yara/distinfo