head 1.38; access; symbols pkgsrc-2026Q1:1.34.0.2 pkgsrc-2026Q1-base:1.34 pkgsrc-2025Q4:1.31.0.2 pkgsrc-2025Q4-base:1.31 pkgsrc-2025Q3:1.28.0.2 pkgsrc-2025Q3-base:1.28 pkgsrc-2025Q2:1.26.0.2 pkgsrc-2025Q2-base:1.26 pkgsrc-2025Q1:1.24.0.2 pkgsrc-2025Q1-base:1.24 pkgsrc-2024Q4:1.23.0.4 pkgsrc-2024Q4-base:1.23 pkgsrc-2024Q3:1.23.0.2 pkgsrc-2024Q3-base:1.23 pkgsrc-2024Q2:1.20.0.2 pkgsrc-2024Q2-base:1.20 pkgsrc-2024Q1:1.17.0.2 pkgsrc-2024Q1-base:1.17 pkgsrc-2023Q4:1.15.0.2 pkgsrc-2023Q4-base:1.15 pkgsrc-2023Q3:1.10.0.2 pkgsrc-2023Q3-base:1.10 pkgsrc-2023Q2:1.6.0.2 pkgsrc-2023Q2-base:1.6 pkgsrc-2023Q1:1.2.0.2 pkgsrc-2023Q1-base:1.2; locks; strict; comment @# @; 1.38 date 2026.05.12.09.43.13; author jperkin; state Exp; branches; next 1.37; commitid uBh5dXa2UybYxvFG; 1.37 date 2026.05.12.09.16.22; author jperkin; state Exp; branches; next 1.36; commitid L0eHBQo4yQZwovFG; 1.36 date 2026.05.07.18.50.07; author bsiegert; state Exp; branches; next 1.35; commitid MMrI2EXGAt3HJUEG; 1.35 date 2026.04.08.05.45.10; author bsiegert; state Exp; branches; next 1.34; commitid FFJx9trbRMg7k7BG; 1.34 date 2026.03.06.21.08.04; author bsiegert; state Exp; branches 1.34.2.1; next 1.33; commitid AQtIeR1eh5qvuXwG; 1.33 date 2026.02.24.08.45.38; author bsiegert; state Exp; branches; next 1.32; commitid IrpU9bGVDwSIHBvG; 1.32 date 2026.01.15.19.54.55; author bsiegert; state Exp; branches; next 1.31; commitid Zuo9UmMrkrU4HwqG; 1.31 date 2025.12.02.19.25.21; author bsiegert; state Exp; branches; next 1.30; commitid 269raRGxaHJBWRkG; 1.30 date 2025.10.16.18.00.02; author bsiegert; state Exp; branches; next 1.29; commitid RAGpkHmyeYCUYOeG; 1.29 date 2025.10.08.06.54.37; author bsiegert; state Exp; branches; next 1.28; commitid 5p46uH9RJXSFyJdG; 1.28 date 2025.09.06.13.17.11; author bsiegert; state Exp; branches; next 1.27; commitid cojusOdnRBFGHE9G; 1.27 date 2025.08.31.10.03.00; author bsiegert; state Exp; branches; next 1.26; commitid SdH7Ppgppxg5PR8G; 1.26 date 2025.06.06.14.01.39; author bsiegert; state Exp; branches; next 1.25; commitid JbNcx43ItkrmUPXF; 1.25 date 2025.04.05.18.51.28; author bsiegert; state Exp; branches; next 1.24; commitid 5KX0APffNjdlvTPF; 1.24 date 2025.03.07.20.54.30; author bsiegert; state Exp; branches 1.24.2.1; next 1.23; commitid rfTPfnLphAPl7bMF; 1.23 date 2024.09.06.18.48.58; author bsiegert; state Exp; branches; next 1.22; commitid sM1YPLxu37gUgMoF; 1.22 date 2024.08.11.15.57.11; author bsiegert; state Exp; branches; next 1.21; commitid Q02ZqKpOSdvP9qlF; 1.21 date 2024.07.03.06.59.33; author bsiegert; state Exp; branches; next 1.20; commitid clKUvbmZS6C5rmgF; 1.20 date 2024.06.13.13.47.10; author bsiegert; state Exp; branches; next 1.19; commitid JAoDOmAvI7TNkPdF; 1.19 date 2024.06.01.14.03.02; author bsiegert; state Exp; branches; next 1.18; commitid ffwNZJIDPPV5OhcF; 1.18 date 2024.04.05.19.14.11; author bsiegert; state Exp; branches; next 1.17; commitid eg3d1kDRSryvmZ4F; 1.17 date 2024.02.07.14.51.00; author bsiegert; state Exp; branches; next 1.16; commitid 7gDVHFycBNsGLvXE; 1.16 date 2024.01.10.19.14.40; author bsiegert; state Exp; branches; next 1.15; commitid UV9PAPQbNGpZ7WTE; 1.15 date 2023.12.24.12.36.17; author bsiegert; state Exp; branches; next 1.14; commitid y54BZKBrIzpAsIRE; 1.14 date 2023.12.05.19.46.16; author bsiegert; state Exp; branches; next 1.13; commitid U47ig27ZDVHCsjPE; 1.13 date 2023.11.10.15.45.21; author bsiegert; state Exp; branches; next 1.12; commitid o3oFzjmXZZyOV4ME; 1.12 date 2023.10.29.14.48.21; author bsiegert; state Exp; branches; next 1.11; commitid jWdavz5Nyqs70xKE; 1.11 date 2023.10.15.12.04.32; author bsiegert; state Exp; branches; next 1.10; commitid ty8v2zrF0XsQxIIE; 1.10 date 2023.09.08.19.06.12; author bsiegert; state Exp; branches 1.10.2.1; next 1.9; commitid c6lIkxn2TQcc40EE; 1.9 date 2023.08.26.16.31.38; author bsiegert; state Exp; branches; next 1.8; commitid g2P4Ffplg5e8DjCE; 1.8 date 2023.07.23.05.51.54; author iquiw; state Exp; branches; next 1.7; commitid MvRB4p1EmMNBbTxE; 1.7 date 2023.07.15.10.53.07; author bsiegert; state Exp; branches; next 1.6; commitid AvpTGe7iqymJ6TwE; 1.6 date 2023.06.03.01.32.06; author iquiw; state Exp; branches; next 1.5; commitid WP6vp619ywV6mrrE; 1.5 date 2023.05.05.19.37.41; author bsiegert; state Exp; branches; next 1.4; commitid QnXJTC5u3Ar9iOnE; 1.4 date 2023.05.05.06.47.56; author iquiw; state Exp; branches; next 1.3; commitid BhMl42uiooxg2KnE; 1.3 date 2023.04.05.20.47.56; author bsiegert; state Exp; branches; next 1.2; commitid otfbJh3QwD1ZDXjE; 1.2 date 2023.03.08.13.38.55; author bsiegert; state Exp; branches; next 1.1; commitid zjDge6tGIbvHakgE; 1.1 date 2023.02.22.11.58.24; author jperkin; state Exp; branches; next ; commitid 5Jqv6KtslkK04weE; 1.34.2.1 date 2026.04.22.14.32.16; author maya; state Exp; branches; next ; commitid iDHLLUhOplH6NXCG; 1.24.2.1 date 2025.04.05.20.45.13; author maya; state Exp; branches; next ; commitid ts1uPa8RLrwE7UPF; 1.10.2.1 date 2023.10.22.18.44.18; author spz; state Exp; branches; next 1.10.2.2; commitid F5xCMl0v6Vo6xEJE; 1.10.2.2 date 2023.12.06.12.08.52; author spz; state Exp; branches; next ; commitid fLEciuttqVQKToPE; desc @@ 1.38 log @packer: Revert due to stupid license shenanigans. Add a note for the next unlucky person to find when they try to update. @ text @# $NetBSD: Makefile,v 1.36 2026/05/07 18:50:07 bsiegert Exp $ # # XXX: Note that newer versions use an unacceptable license. # DISTNAME= packer-1.9.5 PKGREVISION= 22 CATEGORIES= sysutils MASTER_SITES= ${MASTER_SITE_GITHUB:=hashicorp/} GITHUB_TAG= v${PKGVERSION_NOREV} MAINTAINER= iquiw@@NetBSD.org HOMEPAGE= https://www.packer.io/ COMMENT= Tool for creating identical machine images for multiple platforms LICENSE= mpl-2.0 EXTRACT_USING= bsdtar .include "go-modules.mk" GO_BUILD_PATTERN= . GO_XFLAG_PREFIX= -X github.com/hashicorp/packer/version GO_LDFLAGS+= ${GO_XFLAG_PREFIX}.Version=${PKGVERSION_NOREV} INSTALLATION_DIRS+= bin do-build: ${RUN}${_ULIMIT_CMD} cd ${WRKSRC} && ${PKGSRC_SETENV} ${MAKE_ENV} \ ${GO} install -v -ldflags ${GO_LDFLAGS:Q} ${GO_BUILD_PATTERN} do-install: ${INSTALL_PROGRAM} ${WRKDIR}/.gopath/bin/packer ${DESTDIR}${PREFIX}/bin .include "../../lang/go/go-module.mk" .include "../../mk/bsd.pkg.mk" @ 1.37 log @packer: Update to 1.15.3. Around 800 lines of changes since 1.9.5, see the upstream changelog at https://github.com/hashicorp/packer/blob/main/CHANGELOG.md for full details. @ text @d2 3 d6 2 a7 1 DISTNAME= packer-1.15.3 @ 1.36 log @Revbump all Go packages after go126 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.35 2026/04/08 05:45:10 bsiegert Exp $ d3 1 a3 2 DISTNAME= packer-1.9.5 PKGREVISION= 21 @ 1.35 log @Revbump all Go packages after security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.34 2026/03/06 21:08:04 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 20 @ 1.34 log @Revbump all Go packages after go126 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.33 2026/02/24 08:45:38 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 19 @ 1.34.2.1 log @Revbump all Go packages after go126 security fix @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.34 2026/03/06 21:08:04 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 20 @ 1.33 log @Revbump all Go packages after default version bump @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.32 2026/01/15 19:54:55 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 18 @ 1.32 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31 2025/12/02 19:25:21 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 17 @ 1.31 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.30 2025/10/16 18:00:02 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 16 @ 1.30 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.29 2025/10/08 06:54:37 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 15 @ 1.29 log @Revbump all Go packages after go125 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.28 2025/09/06 13:17:11 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 14 @ 1.28 log @Revbump all Go packages after go125 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.27 2025/08/31 10:03:00 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 13 @ 1.27 log @Revbump all Go packages after moving to go125 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.26 2025/06/06 14:01:39 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 12 @ 1.26 log @Revbump all Go packages after go124 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.25 2025/04/05 18:51:28 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 11 @ 1.25 log @Belated revbump for all Go packages after go124 update I forgot to do the revbump again, sorry for doing it so late after the update. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.24 2025/03/07 20:54:30 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.24 log @Revbump all Go packages after go124 update I realize I forgot to do the revbump after updating the default Go version to 1.24, so let's do that now. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.23 2024/09/06 18:48:58 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 9 @ 1.24.2.1 log @Pulup ticket #6952 - Update PKGREVISION for all Go packages. Go had a security update to one of the builtin libraries. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.24 2025/03/07 20:54:30 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.23 log @Revbump all Go packages after go122 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.22 2024/08/11 15:57:11 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 8 @ 1.22 log @Revbump all Go packages after update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.21 2024/07/03 06:59:33 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 7 @ 1.21 log @Revbump all Go packages after go122 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.20 2024/06/13 13:47:10 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 6 @ 1.20 log @Revbump all Go packages after go122 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.19 2024/06/01 14:03:02 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 5 @ 1.19 log @Revbump all Go packages, default Go version is now 1.22. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18 2024/04/05 19:14:11 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.18 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.17 2024/02/07 14:51:00 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.17 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.16 2024/01/10 19:14:40 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.16 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.15 2023/12/24 12:36:17 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.15 log @packer: update to 1.9.5 and add security fix This is the last version before the change to a non-free license. This fixes the following vulnerability: Vulnerability #1: GO-2023-2402 Man-in-the-middle attacker can compromise integrity of secure channel in golang.org/x/crypto More info: https://pkg.go.dev/vuln/GO-2023-2402 Module: golang.org/x/crypto Found in: golang.org/x/crypto@@v0.0.0-20220622213112-05595931fe9d Fixed in: golang.org/x/crypto@@v0.17.0 1.9.3 core/docs: Clarify the expected usage of the packer init command for HCL2 template builds. core/hcp: Add support for project-level service principals. A user connecting with a project level service principals must provide a valid HCP_PROJECT_ID in order to connect. core: A new Docker image packer:release-full has been added for all supported architectures. The release-full image includes Packer and all the official plugins pre-installed in its environment. core: Add enhanced support to Packer telemetry for bundle plugins usage. 1.9.4 Bug fix: When invoking Packer with the CHECKPOINT_DISABLE environment variable the telemetry reporter is left uninitialized in order to disable telemetry reporting. Any method calls on the nil reporter is expected to check if the reporter is active or in NOOP mode. The SetBundledUsage function, introduced in Packer 1.9.2, failed to perform a nil check before attempting to modify an attribute, causing Packer to fail when telemetry is disabled. This release fixes this issue by introducing such a check. 1.9.5 Bump github.com/go-jose/go-jose/v3 to address GO-2023-2334. Add VirtualBox as known plugin prefix to prevent endless bundled plugin warning. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.14 2023/12/05 19:46:16 bsiegert Exp $ d4 1 @ 1.14 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.13 2023/11/10 15:45:21 bsiegert Exp $ d3 1 a3 2 DISTNAME= packer-1.9.2 PKGREVISION= 6 @ 1.13 log @Revbump all Go packages after go121 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.12 2023/10/29 14:48:21 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 5 @ 1.12 log @Revbump all Go packages because go121 is now the default @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.11 2023/10/15 12:04:32 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.11 log @Revbump all Go packages after go120 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 2023/09/08 19:06:12 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.10 log @Revbump all Go packages after go120 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2023/08/26 16:31:38 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.10.2.1 log @Pullup ticket #6812 - requested by bsiegert lang/go120: security update lang/go: version info update audio/gospt: RevBump audio/ymuse: RevBump chat/coyim: RevBump chat/gomuks: RevBump chat/matterircd: RevBump chat/senpai: RevBump chat/ssh-chat: RevBump databases/go-ldap: RevBump databases/influxdb: RevBump databases/mongo-tools: RevBump databases/mysqld_exporter: RevBump databases/postgres_exporter: RevBump databases/prometheus: RevBump databases/promscale: RevBump databases/sqlc: RevBump databases/timescaledb-tune: RevBump devel/asmfmt: RevBump devel/conftest: RevBump devel/errcheck: RevBump devel/fq: RevBump devel/git-lfs: RevBump devel/go-ed25519: RevBump devel/go-gocode: RevBump devel/go-golang-lru: RevBump devel/go-gopkgs: RevBump devel/go-goptlib: RevBump devel/go-goreturns: RevBump devel/go-gox: RevBump devel/go-impl: RevBump devel/go-logrus: RevBump devel/go-nbreader: RevBump devel/go-pty: RevBump devel/go-review: RevBump devel/go-siphash: RevBump devel/go-staticcheck: RevBump devel/go-swagger: RevBump devel/go-sys: RevBump devel/go-tools: RevBump devel/go-wire: RevBump devel/go-xerrors: RevBump devel/golangci-lint: RevBump devel/golint: RevBump devel/gomodifytags: RevBump devel/gopls: RevBump devel/goredo: RevBump devel/gotags: RevBump devel/gotests: RevBump devel/govulncheck: RevBump devel/lazygit: RevBump devel/mob: RevBump devel/nancy: RevBump devel/opa: RevBump devel/packr: RevBump devel/reftools: RevBump devel/regal: RevBump devel/revive: RevBump devel/shfmt: RevBump devel/syft: RevBump editors/micro: RevBump filesystems/kubo: RevBump graphics/gif2png: RevBump lang/joker: RevBump mail/opensmtpd-filter-rspamd: RevBump mail/opensmtpd-filter-senderscore: RevBump mail/postforward: RevBump meta-pkgs/bulk-test-essential: RevBump misc/exercism: RevBump net/amazon-ecs-cli: RevBump net/amfora: RevBump net/bombadillo: RevBump net/croc: RevBump net/czds: RevBump net/dnscontrol: RevBump net/dnscrypt-proxy2: RevBump net/gh: RevBump net/go-dnstap: RevBump net/go-net: RevBump net/go-websocket: RevBump net/gunison: RevBump net/gvproxy: RevBump net/hub: RevBump net/ipget: RevBump net/kubectl: RevBump net/libquic: RevBump net/mangos: RevBump net/nats-server: RevBump net/obfs4proxy: RevBump net/rclone: RevBump net/stern: RevBump net/syncthing: RevBump net/terraform-provider-archive: RevBump net/terraform-provider-aws: RevBump net/terraform-provider-kubernetes: RevBump net/terraform-provider-local: RevBump net/terraform-provider-null: RevBump net/terraform-provider-random: RevBump net/terraform-provider-template: RevBump net/terraform-provider-vultr: RevBump net/terraform: RevBump net/tut: RevBump net/vultr-cli: RevBump pkgtools/pkglint: RevBump security/2fa: RevBump security/age: RevBump security/amass: RevBump security/authelia: RevBump security/cfssl: RevBump security/dnsx: RevBump security/go-asn1-ber: RevBump security/go-crypto: RevBump security/go-getpass: RevBump security/go-mkcert: RevBump security/gopass: RevBump security/httpx: RevBump security/nuclei: RevBump security/oauth2c: RevBump security/osv-scanner: RevBump security/subfinder: RevBump security/tlsx: RevBump security/trufflehog: RevBump security/vault: RevBump shells/elvish: RevBump shells/oh-my-posh: RevBump sysutils/beats: RevBump sysutils/consul: RevBump sysutils/direnv: RevBump sysutils/fzf: RevBump sysutils/goreman: RevBump sysutils/lf: RevBump sysutils/node_exporter: RevBump sysutils/packer: RevBump sysutils/podman: RevBump sysutils/restic: RevBump sysutils/vultr: RevBump textproc/glow: RevBump textproc/go-kr-text: RevBump textproc/go-md2man: RevBump textproc/go-mmark: RevBump textproc/go-text: RevBump textproc/miller: RevBump textproc/sift: RevBump www/apisprout: RevBump www/caddy: RevBump www/gitea: RevBump www/go-ffuf: RevBump www/go-minify: RevBump www/gotosocial: RevBump www/grafana: RevBump www/hugo: RevBump www/jira-cli: RevBump www/mycorrhiza: RevBump www/pup: RevBump www/restish: RevBump www/shoutrrr: RevBump Revisions pulled up: - lang/go/version.mk 1.190,1.192 - lang/go120/PLIST 1.9 - lang/go120/distinfo 1.10-1.11 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Sat Oct 7 18:09:35 UTC 2023 Modified Files: pkgsrc/lang/go: version.mk pkgsrc/lang/go120: PLIST distinfo Log Message: go120: update to 1.20.9 (security). cmd/go: line directives allows arbitrary execution during build "//line" directives can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compliation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploting this issue significantly more complex. This is CVE-2023-39323 and Go issue https://go.dev/issue/63211. View the release notes for more information: https://go.dev/doc/devel/release#go1.20.9 To generate a diff of this commit: cvs rdiff -u -r1.189 -r1.190 pkgsrc/lang/go/version.mk cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/go120/PLIST cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/distinfo ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Sun Oct 15 11:02:08 UTC 2023 Modified Files: pkgsrc/lang/go: version.mk pkgsrc/lang/go120: distinfo Log Message: go120: update to 1.20.10 (security) net/http: rapid stream resets can cause excessive work A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded to the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit. New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 v0.17.0, for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function. This is CVE-2023-39325 and Go issue https://go.dev/issue/63417. This is also tracked by CVE-2023-44487. To generate a diff of this commit: cvs rdiff -u -r1.191 -r1.192 pkgsrc/lang/go/version.mk cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/go120/distinfo @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 2023/09/08 19:06:12 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.10.2.2 log @Pullup ticket #6822 - requested by bsiegert lang/go120: security update lang/go121: security update lang/go: metadata update audio/gospt: revision bump audio/ymuse: revision bump chat/coyim: revision bump chat/gomuks: revision bump chat/matterircd: revision bump chat/senpai: revision bump chat/ssh-chat: revision bump databases/go-ldap: revision bump databases/influxdb: revision bump databases/mongo-tools: revision bump databases/mysqld_exporter: revision bump databases/postgres_exporter: revision bump databases/prometheus: revision bump databases/promscale: revision bump databases/sqlc: revision bump databases/timescaledb-tune: revision bump devel/asmfmt: revision bump devel/conftest: revision bump devel/errcheck: revision bump devel/fq: revision bump devel/git-lfs: revision bump devel/go-ed25519: revision bump devel/go-gocode: revision bump devel/go-golang-lru: revision bump devel/go-gopkgs: revision bump devel/go-goptlib: revision bump devel/go-goreturns: revision bump devel/go-gox: revision bump devel/go-impl: revision bump devel/go-logrus: revision bump devel/go-nbreader: revision bump devel/go-pty: revision bump devel/go-review: revision bump devel/go-siphash: revision bump devel/go-staticcheck: revision bump devel/go-swagger: revision bump devel/go-sys: revision bump devel/go-tools: revision bump devel/go-wire: revision bump devel/go-xerrors: revision bump devel/golangci-lint: revision bump devel/golint: revision bump devel/gomodifytags: revision bump devel/gopls: revision bump devel/goredo: revision bump devel/gotags: revision bump devel/gotests: revision bump devel/govulncheck: revision bump devel/lazygit: revision bump devel/mob: revision bump devel/nancy: revision bump devel/opa: revision bump devel/packr: revision bump devel/reftools: revision bump devel/regal: revision bump devel/revive: revision bump devel/shfmt: revision bump devel/syft: revision bump editors/micro: revision bump filesystems/kubo: revision bump graphics/gif2png: revision bump lang/joker: revision bump mail/opensmtpd-filter-rspamd: revision bump mail/opensmtpd-filter-senderscore: revision bump mail/postforward: revision bump misc/exercism: revision bump net/amazon-ecs-cli: revision bump net/amfora: revision bump net/bombadillo: revision bump net/croc: revision bump net/czds: revision bump net/dnscontrol: revision bump net/dnscrypt-proxy2: revision bump net/gh: revision bump net/go-dnstap: revision bump net/go-net: revision bump net/go-websocket: revision bump net/gunison: revision bump net/gvproxy: revision bump net/hub: revision bump net/ipget: revision bump net/kubectl: revision bump net/libquic: revision bump net/mangos: revision bump net/nats-server: revision bump net/obfs4proxy: revision bump net/rclone: revision bump net/stern: revision bump net/syncthing: revision bump net/terraform-provider-archive: revision bump net/terraform-provider-aws: revision bump net/terraform-provider-kubernetes: revision bump net/terraform-provider-local: revision bump net/terraform-provider-null: revision bump net/terraform-provider-random: revision bump net/terraform-provider-template: revision bump net/terraform-provider-vultr: revision bump net/terraform: revision bump net/tut: revision bump net/vultr-cli: revision bump pkgtools/pkglint: revision bump security/2fa: revision bump security/age: revision bump security/amass: revision bump security/authelia: revision bump security/cfssl: revision bump security/dnsx: revision bump security/go-asn1-ber: revision bump security/go-crypto: revision bump security/go-getpass: revision bump security/go-mkcert: revision bump security/gopass: revision bump security/httpx: revision bump security/nuclei: revision bump security/oauth2c: revision bump security/osv-scanner: revision bump security/subfinder: revision bump security/tlsx: revision bump security/trufflehog: revision bump security/vault: revision bump shells/elvish: revision bump shells/oh-my-posh: revision bump sysutils/beats: revision bump sysutils/consul: revision bump sysutils/direnv: revision bump sysutils/fzf: revision bump sysutils/goreman: revision bump sysutils/lf: revision bump sysutils/node_exporter: revision bump sysutils/packer: revision bump sysutils/podman: revision bump sysutils/restic: revision bump sysutils/vultr: revision bump textproc/glow: revision bump textproc/go-kr-text: revision bump textproc/go-md2man: revision bump textproc/go-mmark: revision bump textproc/go-text: revision bump textproc/miller: revision bump textproc/sift: revision bump www/apisprout: revision bump www/caddy: revision bump www/gitea: revision bump www/go-ffuf: revision bump www/go-minify: revision bump www/gotosocial: revision bump www/grafana: revision bump www/hugo: revision bump www/jira-cli: revision bump www/mycorrhiza: revision bump www/pup: revision bump www/restish: revision bump www/shoutrrr: revision bump Revisions pulled up: - lang/go/version.mk 1.194 - lang/go120/PLIST 1.10 - lang/go120/distinfo 1.12 - lang/go121/PLIST 1.4 - lang/go121/distinfo 1.4 - audio/gospt/Makefile by patch - audio/ymuse/Makefile by patch - chat/coyim/Makefile by patch - chat/gomuks/Makefile by patch - chat/matterircd/Makefile by patch - chat/senpai/Makefile by patch - chat/ssh-chat/Makefile by patch - databases/go-ldap/Makefile by patch - databases/influxdb/Makefile by patch - databases/mongo-tools/Makefile by patch - databases/mysqld_exporter/Makefile by patch - databases/postgres_exporter/Makefile by patch - databases/prometheus/Makefile by patch - databases/promscale/Makefile by patch - databases/sqlc/Makefile by patch - databases/timescaledb-tune/Makefile by patch - devel/asmfmt/Makefile by patch - devel/conftest/Makefile by patch - devel/errcheck/Makefile by patch - devel/fq/Makefile by patch - devel/git-lfs/Makefile by patch - devel/go-ed25519/Makefile by patch - devel/go-gocode/Makefile by patch - devel/go-golang-lru/Makefile by patch - devel/go-gopkgs/Makefile by patch - devel/go-goptlib/Makefile by patch - devel/go-goreturns/Makefile by patch - devel/go-gox/Makefile by patch - devel/go-impl/Makefile by patch - devel/go-logrus/Makefile by patch - devel/go-nbreader/Makefile by patch - devel/go-pty/Makefile by patch - devel/go-review/Makefile by patch - devel/go-siphash/Makefile by patch - devel/go-staticcheck/Makefile by patch - devel/go-swagger/Makefile by patch - devel/go-sys/Makefile by patch - devel/go-tools/Makefile by patch - devel/go-wire/Makefile by patch - devel/go-xerrors/Makefile by patch - devel/golangci-lint/Makefile by patch - devel/golint/Makefile by patch - devel/gomodifytags/Makefile by patch - devel/gopls/Makefile by patch - devel/goredo/Makefile by patch - devel/gotags/Makefile by patch - devel/gotests/Makefile by patch - devel/govulncheck/Makefile by patch - devel/lazygit/Makefile by patch - devel/mob/Makefile by patch - devel/nancy/Makefile by patch - devel/opa/Makefile by patch - devel/packr/Makefile by patch - devel/reftools/Makefile by patch - devel/regal/Makefile by patch - devel/revive/Makefile by patch - devel/shfmt/Makefile by patch - devel/syft/Makefile by patch - editors/micro/Makefile by patch - filesystems/kubo/Makefile by patch - graphics/gif2png/Makefile by patch - lang/joker/Makefile by patch - mail/opensmtpd-filter-rspamd/Makefile by patch - mail/opensmtpd-filter-senderscore/Makefile by patch - mail/postforward/Makefile by patch - misc/exercism/Makefile by patch - net/amazon-ecs-cli/Makefile by patch - net/amfora/Makefile by patch - net/bombadillo/Makefile by patch - net/croc/Makefile by patch - net/czds/Makefile by patch - net/dnscontrol/Makefile by patch - net/dnscrypt-proxy2/Makefile by patch - net/gh/Makefile by patch - net/go-dnstap/Makefile by patch - net/go-net/Makefile by patch - net/go-websocket/Makefile by patch - net/gunison/Makefile by patch - net/gvproxy/Makefile by patch - net/hub/Makefile by patch - net/ipget/Makefile by patch - net/kubectl/Makefile by patch - net/libquic/Makefile by patch - net/mangos/Makefile by patch - net/nats-server/Makefile by patch - net/obfs4proxy/Makefile by patch - net/rclone/Makefile by patch - net/stern/Makefile by patch - net/syncthing/Makefile by patch - net/terraform-provider-archive/Makefile by patch - net/terraform-provider-aws/Makefile by patch - net/terraform-provider-kubernetes/Makefile by patch - net/terraform-provider-local/Makefile by patch - net/terraform-provider-null/Makefile by patch - net/terraform-provider-random/Makefile by patch - net/terraform-provider-template/Makefile by patch - net/terraform-provider-vultr/Makefile by patch - net/terraform/Makefile by patch - net/tut/Makefile by patch - net/vultr-cli/Makefile by patch - pkgtools/pkglint/Makefile by patch - security/2fa/Makefile by patch - security/age/Makefile by patch - security/amass/Makefile by patch - security/authelia/Makefile by patch - security/cfssl/Makefile by patch - security/dnsx/Makefile by patch - security/go-asn1-ber/Makefile by patch - security/go-crypto/Makefile by patch - security/go-getpass/Makefile by patch - security/go-mkcert/Makefile by patch - security/gopass/Makefile by patch - security/httpx/Makefile by patch - security/nuclei/Makefile by patch - security/oauth2c/Makefile by patch - security/osv-scanner/Makefile by patch - security/subfinder/Makefile by patch - security/tlsx/Makefile by patch - security/trufflehog/Makefile by patch - security/vault/Makefile by patch - shells/elvish/Makefile by patch - shells/oh-my-posh/Makefile by patch - sysutils/beats/Makefile by patch - sysutils/consul/Makefile by patch - sysutils/direnv/Makefile by patch - sysutils/fzf/Makefile by patch - sysutils/goreman/Makefile by patch - sysutils/lf/Makefile by patch - sysutils/node_exporter/Makefile by patch - sysutils/packer/Makefile by patch - sysutils/podman/Makefile by patch - sysutils/restic/Makefile by patch - sysutils/vultr/Makefile by patch - textproc/glow/Makefile by patch - textproc/go-kr-text/Makefile by patch - textproc/go-md2man/Makefile by patch - textproc/go-mmark/Makefile by patch - textproc/go-text/Makefile by patch - textproc/miller/Makefile by patch - textproc/sift/Makefile by patch - www/apisprout/Makefile by patch - www/caddy/Makefile by patch - www/gitea/Makefile by patch - www/go-ffuf/Makefile by patch - www/go-minify/Makefile by patch - www/gotosocial/Makefile by patch - www/grafana/Makefile by patch - www/hugo/Makefile by patch - www/jira-cli/Makefile by patch - www/mycorrhiza/Makefile by patch - www/pup/Makefile by patch - www/restish/Makefile by patch - www/shoutrrr/Makefile by patch ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Fri Nov 10 15:39:34 UTC 2023 Modified Files: pkgsrc/lang/go: version.mk pkgsrc/lang/go120: PLIST distinfo pkgsrc/lang/go121: PLIST distinfo Log Message: Update go120 to 1.20.11 and go121 to 1.21.4 (security). These minor releases include 2 security fixes following the security policy: - path/filepath: recognize \??\ as a Root Local Device path prefix. On Windows, a path beginning with \??\ is a Root Local Device path equivalent to a path beginning with \\?\. Paths with a \??\ prefix may be used to access arbitrary locations on the system. For example, the path \??\c:\x is equivalent to the more common path c:\x. The filepath package did not recognize paths with a \??\ prefix as special. Clean could convert a rooted path such as \a\..\??\b into the root local device path \??\b. It will now convert this path into .\??\b. IsAbs did not report paths beginning with \??\ as absolute. It now does so. VolumeName now reports the \??\ prefix as a volume name. Join(`\`, `??`, `b`) could convert a seemingly innocent sequence of path elements into the root local device path \??\b. It will now convert this to \.\??\b. This is CVE-2023-45283 and https://go.dev/issue/63713. - path/filepath: recognize device names with trailing spaces and superscripts The IsLocal function did not correctly detect reserved names in some cases: reserved names followed by spaces, such as "COM1 ". "COM" or "LPT" followed by a superscript 1, 2, or 3. IsLocal now correctly reports these names as non-local. This is CVE-2023-45284 and https://go.dev/issue/63713. To generate a diff of this commit: cvs rdiff -u -r1.193 -r1.194 pkgsrc/lang/go/version.mk cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/go120/PLIST cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/go120/distinfo cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go121/PLIST pkgsrc/lang/go121/distinfo @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10.2.1 2023/10/22 18:44:18 spz Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.9 log @Revbump all Go packages after go120 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2023/07/23 05:51:54 iquiw Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.8 log @packer: update to 1.9.2 NOTES: * Vendored plugins within Packer have not been updated. Plugin releases occur on a regular basis to address issues and feature requests. Please note that in an upcoming version of Packer, we will remove the last bundled plugins from Packer. Users are encouraged to use packer init for HCL2 templates or packer plugins install with legacy JSON templates for installing external plugins. * Packer will now warn when using bundled plugins. This feature will be removed in a future version of the tool, so this warning is meant to bring awareness of the upcoming change, and help users update their templates. BUG FIXES: * Fixed a bug with how Packer was discovering plugins: in order to load plugins, Packer would recursively scan all the known directories in which we could have installed plugins. This caused unnecessary directory walks and slowdowns upon invocation. Packer will now only check for nested plugins within the directories used by commands such as packer init, or packer plugins install, or as defined in PACKER_PLUGIN_PATH. Refer to Packer's plugin directory documentation for details on how loading works. * The packer init subcommand now bundles all the missing installed plugins into one condensed warning, as opposed to one warning per missing plugin. PLUGINS: * packer-plugin-parallels: The Parallels plugin has been handed over to the Parallels team. New releases for this plugin are available at https://github.com/parallels/packer-plugin-parallels. This plugin is no longer being bundled in the Packer binary release. Existing references to the plugin will continue to work but users are advised to update the required_plugins block to use the new plugin source address. required_plugins { parallels = { source = "github.com/parallels/parallels" version = "~> 1" } } IMPROVEMENTS: * The hcl2_upgrade sub-command will now add required_plugins to the template generated from JSON for official plugins. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2023/07/15 10:53:07 bsiegert Exp $ d4 1 @ 1.7 log @Revbump all Go packages after go120 update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2023/06/03 01:32:06 iquiw Exp $ d3 1 a3 2 DISTNAME= packer-1.9.1 PKGREVISION= 1 @ 1.6 log @packer: update to 1.9.1 1.9.1 (June 1, 2023) BUG FIXES: * On May 16th 2023, HCP introduced multi-project support to the platform. In order to use multiple projects in your organization, you will need to update Packer to version 1.9.1 or above. Starting with 1.9.1, you may specify a project ID to push builds to with the HCP_PROJECT_ID environment variable. If no project ID is specified, Packer will pick the project with the oldest creation date. Older versions of Packer are incompatible with multi-project support on HCP, and builds will fail for HCP organizations with multiple projects on versions before 1.9.1. GH-12453 1.9.0 (May 31, 2023) NOTES: * Breaking Change: Iteration fingerprints used to be computed from the Git SHA of the repository where the template is located when running packer build. This changes with this release, and now fingerprints are automatically generated as a ULID. This implies that continuing an existing iteration will require users to define the fingerprint in the environment manually in order to adopt this behaviour, otherwise, by default, a new iteration will be created. This does not impact workflows where the fingerprint was defined through the HCP_PACKER_ITERATION_FINGERPRINT environment variable, and these builds will work exactly as they did before. GH-12172 * Breaking Change: Community-maintained plugins bundled with the Packer binary have been removed. These external plugin components are released independently of Packer core and can be installed directly by the user. Users relying on the external plugin components listed below should refer to the packer plugins sub-command and, if using HCL2, a required_plugins block to define a list of plugins for building a template. PLUGINS * Remove provisioner plugins for Chef, Converge, Puppet, Salt, and Inspec as vendored plugins. These plugins have been previously archived and not updated in release since being archived. These plugins can be installed using packer init or with the Packer plugins sub-command packer plugins install github.com/hashicorp/chef. GH-12374 * The following community plugins won't be bundled with Packer anymore: - Alicloud - CloudStack - HCloud - HyperOne - Hyper-V - JDCloud - LXC - LXD - NCloud - OpenStack - Proxmox - TencentCloud - Triton - Yandex GH-12436 Users: relying on these external plugin components should refer to the packer plugins sub-command and, if using HCL2, a required_plugins block to define a list of plugins to use for building a template. IMPROVEMENTS: * core/hcp: Now, fingerprints used by HCP Packer are randomly generated ULIDs instead of a Git SHA, and a new one is always generated, unless one is specified in the environment. GH-12172 BUG FIXES: * Fix LDFLAGS for release pipelines: Between Packer 1.8.5 and Packer 1.8.7, changes to the LDFLAGS in use for building the binaries for Packer had mistakenly removed some compilation flags, leading to the final binaries not being stripped. This change raised the size of the built binaries by as much as 45%. In this release, we fixed the LDFLAGS during compilation, yielding leaner binaries. * Bumped gopsutil to v3. This fixes a macOS intermittent crash reported by the community GH-12430 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2023/05/05 19:37:41 bsiegert Exp $ d4 1 @ 1.5 log @Revbump all Go packages after go120 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2023/05/05 06:47:56 iquiw Exp $ d3 1 a3 2 DISTNAME= packer-1.8.7 PKGREVISION= 1 @ 1.4 log @packer: update to 1.8.7 Pkgsrc changes: * Update MAINTAINER mail address. * Specify correct version number using ldflags. Upstream changes: PLUGINS * core: Migrate external Linode plugin to linode/packer-plugin-linode. * core: Migrate external UCloud plugin to ucloud/packer-plugin-ucloud. * core: Remove external plugin for Digital Ocean as a vendored plugin. * core: Remove external plugins for Profitbricks and 1&1 as vendored plugins. * docs: Add HCP Ready label to Oracle builder components. IMPROVEMENTS * cmd/console: Add config-type flag to command help. * core: Add enhanced support to Packer telemetry for HCL2. * Enhance zsh completion for the Packer command. BUG FIXES * cmd/hcl2_upgrade: Fix a crash when running the hcl2_upgrade command against a legacy JSON template containing user variables with an undefined variables block. * core: Bump github.com/hashicorp/hcp-sdk-go to 0.36.0. * core: Bump github.com/hashicorp/packer-plugin-sdk to 0.4.0 to address CVE-2023-0475, CVE-2022-41723. * core: Bump Go module version to 1.20 * core: Fix regression introduced in 1.8.6, where legacy JSON templates with custom builder names are outputted to STDOUT as uninterpolated user variables. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 2023/04/05 20:47:56 bsiegert Exp $ d4 1 @ 1.3 log @Revbump all Go packages after yesterday's go120 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 2023/03/08 13:38:55 bsiegert Exp $ d3 1 a3 2 DISTNAME= packer-1.8.6 PKGREVISION= 2 d8 1 a8 1 MAINTAINER= iku.iwasa@@gmail.com d18 2 a19 1 CHECK_RELRO_SKIP+= bin/packer d22 4 @ 1.2 log @Revbump all Go packages after go119 security update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1 2023/02/22 11:58:24 jperkin Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.1 log @packer: Import version 1.8.6. Originally packaged in wip by Iku Iwasa, updated and some minor fixes by myself. Packer is an open source tool for creating identical machine images for multiple platforms from a single source configuration. Packer is lightweight, runs on every major operating system, and is highly performant, creating machine images for multiple platforms in parallel. Packer does not replace configuration management like Chef or Puppet. In fact, when building images, Packer is able to use tools like Chef or Puppet to install software onto the image. A machine image is a single static unit that contains a pre-configured operating system and installed software which is used to quickly create new running machines. Machine image formats change for each platform. Some examples include AMIs for EC2, VMDK/VMX files for VMware, OVF exports for VirtualBox, etc. @ text @d1 1 a1 1 # $NetBSD$ d4 1 @