Next | Query returned 54 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2023-11-07 23:38:10 by Thomas Klausner | Files touched by this commit (112)
Log message:
*: latest py-sphinx only support Python 3.9+
   2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247)
Log message:
*: recursive bump for Python 3.11 as new default
   2023-06-06 14:42:56 by Taylor R Campbell | Files touched by this commit (1319)
Log message:
Mass-change BUILD_DEPENDS to TOOL_DEPENDS outside mk/.

Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).

No change to BUILD_DEPENDS as used correctly inside buildlink3.

As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html
   2022-11-14 20:29:13 by Tobias Nygren | Files touched by this commit (4) | Package updated
Log message:
varnish: update to 7.2.1

Security
  fixes VSV00011 Varnish HTTP/2 Request Forgery Vulnerability
VEXT
  Support Varnish Extensions
Parameters
  Duration values (with a unit in seconds) can optionally take a duration unit
Other changes in varnishd
  The metadata VMODs exposes to Varnishd has changed to a non-binary format
Changes to VCL
  ESI sub-requests can no longer inherit req.http.transfer-encoding
Bundled VMODs
  std: add std.now() and std.timed_call()
  cookie: generated headers no longer have a spurious trailing semi-colon
varnishlog
  The Begin log records may contain a 4th field with the sub-level of sub-tasks.
  The -k option from varnishlog is now available in varnishncsa.
varnishstat
  MAIN.fetch_no_thread renamed to MAIN.bgfetch_no_thread
  MAIN.shm_bytes added
   2022-09-23 11:07:23 by Thomas Klausner | Files touched by this commit (1)
Log message:
varnish: fix buildlink3.mk to provide header files
   2022-09-04 14:04:02 by Tobias Nygren | Files touched by this commit (2) | Package updated
Log message:
varnish: update to 7.1.1

Fixes CVE-2022-38150 VSV00009

In order to execute an attack, the attacker would have to be able to
influence the HTTP/1 responses that the Varnish Server receives from
its configured backends. A successful attack would cause the Varnish
Server to assert and automatically restart.
   2022-07-09 00:07:34 by Thomas Klausner | Files touched by this commit (1)
Log message:
varnish: does not support python 2.x
   2022-06-30 13:19:02 by Nia Alarie | Files touched by this commit (524)
Log message:
*: Revbump packages that use Python at runtime without a PKGNAME prefix
   2022-04-13 00:13:36 by Tobias Nygren | Files touched by this commit (3) | Package updated
Log message:
varnish: update to 7.1.0

Noteworthy changes:
- New VCL timestamp variables have been added
- Some deprecated parameters and command-line options removed
- Regex literals can now be concatenated strings
- New STRING strftime(TIME time, STRING format) function for UTC formatting
   2022-03-11 21:35:40 by Tobias Nygren | Files touched by this commit (2) | Package updated
Log message:
varnish: update to 7.0.2

fix VSV00008 Varnish HTTP/1 Request Smuggling Vulnerability

Next | Query returned 54 messages, browsing 1 to 10 | Previous