This patch is part of the HTDIG integration patch already. [1]
Also correct namazurc file path in pkg-message, bumping PORTREVISION.
PR: 207876 [1]
Submitted by: David Siebörger [1]
As seen in similar deadbeef plugins, this port is unsafe because it
starts building assemble object files before confirming the build
directory (gtk3) has been created.
attrs is an MIT-licensed Python package with class decorators
that ease the chores of implementing the most common attribute-related
object protocols without writing dull boilerplate code again and again.
WWW: https://github.com/hynek/attrs
PR: 207853
Submitted by: Axel.Rau@Chaos1.DE
Changes:
- Fix use-after-free issue during SMP
- Updated Spanish, German, Norwegian Bokmål translations
- New Danish translation
- The Windows binary has been linked with updated versions of libotr,
libgcrypt, libgpg-error, and other supporting libraries
MFH: 2016Q1
Security: CVE-2015-8833
Security: http://www.vuxml.org/freebsd/77e0b631-e6cf-11e5-85be-14dae9d210b8.html
We've recently started receiving pkg-fallout emails because qt4-mysql-plugin
is failing to build in HEAD. It turns out we were using some custom-made
Makefile.bsd files to drive the builds, and they did not always register all
dependencies between the files correctly.
Fix it by switching to a proper qmake build that uses the .pro files shipped
with Qt4 itself: they can be used without running the `configure' script
almost as if they were not part of the Qt distribution itself. By doing this
we can stop having our own Makefiles and also stop setting a lot of
variables in the port Makefiles.
While here, consolidate most of the variable setting into a single
Makefile.sqldrivers in devel/qt4 (like we already do for devel/qt5) so that
each of the qt4-*-plugin ports only need to set a few values such as the
plugin name and additional USES or includes that might be necessary.
Bump PORTREVISION because we now include the debug versions of the plugins
in PLIST_FILES when the ports are built with WITH_DEBUG=yes (they were
already shipped before, but not registered in the plists).
This is an enhancement release that contains a bug fix.
Description of bug:
If synth is launched from mountpoint of the ports directory
(e.g. /usr/ports), it may malfunction with strange messages such
as "invalid origins" and printing strange symbols to the screen
along with parts of a directory.
As a result, Synth now detects this launch location (as it already
did with /usr/local) and refuses to run until the current directory
is changed outside of the ports tree.
Enhancement 1:
It is now possible to remove alternate profiles. When more than
one profile exists, a menu option "<" appears that provides the
user with an opportunity to remove one to all inactive profiles
from the configuration. The man page has been updated as well.
Enhancement 2:
Synth will automatically convert any directory inputs on the
configure command to the true path. For example, if somebody types
in "/usr/xports" for the ports directory, but that's just a
symbolic link to /vcs/freebsd-ports", the entry will automatically
convert to its true resolved path (e.g. /vcs/freebsd-ports). This
enables the cwd detection of the bug fix above to always work.
Changes:
* Fix an integer overflow bug that can cause a heap buffer overflow (and
from there remote code execution) on 64-bit platforms
* Fix possible free() of an uninitialized pointer
* Be stricter about parsing v3 fragments
* Add a testsuite ("make check" to run it), but only on Linux for now,
since it uses Linux-specific features such as epoll
* Fix a memory leak when reading a malformed instance tag file
* Protocol documentation clarifications
MFH: 2016Q1
Security: CVE-2016-2851
