K 10
svn:author
V 8
bdrewery
K 8
svn:date
V 27
2014-02-01T21:12:47.614849Z
K 7
svn:log
V 1250
- Update pkg and pkg-devel to 1.2.6

  This update includes a security update for possible arbitrary code
  execution from package manifest parsing. All users are advised to
  upgrade ASAP. The base pkg(7) was never affected by this. [1]

Changes:
  * Fix libyaml head-based buffer overflow [1]
  * Fix pkg info -E support for ports, which namely affected
    net/openldap* usage. [2]
  * Fix packages registering themselves as dependencies [3]
  * Bash autocompletion fixes [4]
  * autoremove: Don't try to remove locked packages
  * Support 'pkg bootstrap -f', which will force a reinstall of pkg
    on FreeBSD 10.0+
  * Fix %t timestamp formatter with %{...%} modifiers [5]
  * pkg info: Show date installed
  * Add $daily_status_security_pkgaudit_quiet to control 410.pkg-audit.in
    output verbosity level
  * Add an error when trying to update repository and none are defined [6]
  * Fix typos in manpages [7]

Security:	CVE-2013-6393 [1]
Reported by:	secteam (delphij) [1]
PR:		ports/184797 [2]
Reported by:	Pavel Timofeev <timp87@gmail.com> [2], many
Submitted by:	smh@ [3]
Submitted by:	brd@ [4]
Submitted by:	Jamie Landeg Jones [5]
Submitted by:	Rodrigo Osorio [6]
Submitted by:	Michael Gehring, wblock [7]
With hat:	portmgr
MFH:		2014Q1

END