- proper WWWOWN and WWWGRP usage
- ETCDIR usage; config files are now in ${PREFIX}/etc/maia/
- template files are probably going to be edited by the users. Now
they're in ${ETCDIR}/templates/
- STAGE support
- MYSQLSERVER option is now: USE_MYSQL= server
- PGSQLSERVER option is now: USE_PGSQL= server
- lots of cleanup
- several installation tasks should not have been silenced (prefixed
with @)
- rc script passes rclint
- rc script handles the creation of several important directories in
start_precmd
- config files and templates are not overwritten on port upgrade if they
have been modified
PR: ports/185452
Approved by: swills (mentor)
discerning. Pond messages are asynchronous, but are not a record; they expire
automatically a week after they are received. Pond seeks to prevent leaking
traffic information against everyone except a global passive attacker.
Pond is experimental software! DO NOT USE IT FOR ANYTHING REAL!!!
Use security/gnupg instead.
!!! THIS INSTALLS THE POND SERVER ONLY, NOT THE CLIENT !!!
WWW: https://github.com/agl/pond/
told us exactly what was wrong. I redid the entry and
just took out the ul/li structure and replaced it with
regular paragraphs. It might be worth investigating
to use the FreeBSD SA that got released because of this
as the main text, which is best suited imo.
Hat: secteam
- update internal liblua from 5.2.2 -> 5.2.3
- bump PORTREVISION
[1] nmap use static lua for nmap, nping and ncat, after
build lua is no longer needed.
This fixes problems like ports failing to build if the port
is already installed [1]
- Bump PORTREVISION of affected ports
- Support the install target in bsd.go.mk
- STAGE support for free!
PR: ports/180003 [1]
Perl was recently added as a build tool for gnutls, and immediately the
port fails to build on systems that do not have the /usr/bin/perl
symlink. The cause is harded perl path of "/usr/bin/perl". Shebangfix
will fix a couple of these, REINPLACE_CMD will fix the other. Committed
under the new "Just fix it" blanket, but it was tested in redports.
- Update HACKAGE_SITE to follow changes in upstream
- MAKE_ENV now sets LC_ALL and DESTDIR for Haskell Cabal ports
- Further minor cosmetical changes: replace USE_GMAKE with USES, get rid of
${DO_NADA}, some refactoring
Obtained from: FreeBSD Haskell
the iconv changes (basically GHCi was rendered unusable)
- Fix build for x11-toolkits/hs-wxc, while here
- Bump port revision for all Haskell Cabal ports as they have to be rebuilt
PR: ports/184806
Reported by: many
Obtained from: FreeBSD Haskell
MFH: 2014Q1
- Fix installation without NLS [2]
- Require gmake and perl for build because in some
occasions it will rebuild the documentation that
works in a proper way with gmake only and needs perl
- Bump PORTREVISION
Security: CVE-2013-2116
Reported by: mat [2]
This is a security fix and it is important to update, since it might lead to
a privilege escalation if the X server is run as root (which is the default)
Security: CVE-2013-6462
- Add STAGE support [1]
- Remove SNORTSAM support due to lack of upstream support [1]
- Makefile cleanup [1]
- Use new configure magic [1]
PR: ports/185274 [1]
Submitted by: ohauer@ [1]
and chase base GCC changes (Objective-C no longer build in 9+, uses port),
and make a few other changes, to fix the build. [1]
While here:
- support staging
- strip installed .so file unless under WITH_DEBUG regime
- convert NOPORTEXAMPLES to optionsNG, too
PR: ports/175692
Submitted by: snb@ (maintainer) [1]
- Update MASTER_SITES
- Convert LICENSE from BSD to BSD2CLAUSE
- Convert LIB_DEPENDS to new syntax
- Add stage support
- Add STATIC as option
PR: ports/185258
Submitted by: Matt Stofko <matt@mjslabs.com> (maintainer)
2013-12-30 security/dazuko: Currently, the project has not an active development and maintainer
2013-12-31 mail/p5-Mail-SPF-Query: Use mail/p5-Mail-SPF instead
2013-12-31 x11-fonts/etlfonts: master site gone
2013-12-31 net/gateway6: Unsupported upstream, consider using net/gogoc
The port has moved to github and py-yara is no longer a separate tarball
for distribution. It is now bundled with the yara code. At some point I
want to make py-yara not depend directly upon yara. This way you can get
just the python bindings without needing to install yara itself.
People, please be aware that we use the FreeBSD Documentation Primer
and that there are style rules we have to follow. If you are in
doubt please consult me and I am more then willing to help.
Hat: secteam
Setuptools is the preferred method to manage Python distributions after
many changes to the packaging ecosystem over the past couple of years.
Only ports using USE_PYDISTUTILS= yes are affected by this commit, ports using
USE_PYDISTUTILS= easy_install remains the same however this usage is now
deprecated and should be converted to USE_PYDISTUTILS= yes.
Some Python distributions do not work with setuptools out of the box because
they extend the install command from distutils and not setuptools, and
so they need to be patched accordingly.
pip (which leverages setuptools) works around the issue by using eggs, however
we want to get rid of those as well, as support for "flat" installation is
unavailable or has other issues associated with it.
This work allows us to unify how python packages are built, ensure that Python
distributions are installed consistently, reduces complexity for Python port
maintainers and paves the way for simplifying the Python ports framework in
the future.
With hat on: python
Reviewed by: koobs, antoine
Exp-run: bdrewery
Approved by: bdrewery (portmgr)
2013-12-01 audio/liteamp: Dead upstream since 2004, does not build with clang
2013-12-08 security/opieprint: No more active upstream
2013-12-08 security/bubblegum: No more active upstream
2013-12-08 security/snortsms: Not active since several years.
2013-12-08 sysutils/hammerhead: Development no more active
2013-12-13 net-p2p/libtorrent-rasterbar-15-python: Unusable, development ceased
2013-12-13 graphics/openexr_ctl: Now distributed with ampasCTL-1.5
Update to nss 3.15.3.1
Update firefox-esr and thunderbird to 24.2.0
Update firefox to 26.0
Update seamonkey to 2.23
- catch up with directory renames since USES=webplugins was introduced;
fixes plugins not being automatically enabled after install
- linux-firefox and linux-seamonkey can play HTML5 audio [2][3] and
measure about:memory usage, again
- dom.ipc.plugins.enabled->true no longer crash linux-firefox which makes
some flash sites work again; as there's no nspluginwrapper in-between
the infamous "youtube issue" never occurs
- install DEBUG with symbols [3] and describe the option better [4]
- enable dumping about:memory upon kill -65, kill -66 and GC/CC log
upon kill -67 to a file under /tmp directory; linux-firefox uses
kill -34, kill -35 and kill -36 respectively
PR: ports/183861 [1]
PR: ports/184006 [2]
PR: ports/169896 [3]
PR: ports/184285 [3]
PR: ports/184286 [4]
Security: dd116b19-64b3-11e3-868f-0025905a4771
In collaboration with: Jan Beich <jbeich@tormail.org>
- Install ruby bits in a sensible place.
- Convert to new OPTIONS framework.
- Remove dependency on Perl, nothing in the sources needs it.
- Use new LIB_DEPENDS format.
PR: ports/184519
Submitted by: mat
Approved by: maintainer
Adjust the newly created krb5-maint with a new portname and conflicts.
Krb5-maint is a maintenance release for those who wish to use the previous
release of krb5. krb5-maint remains at 1.11.3.
Adjust CONFLICTS in security/heimdal and security/srp to account for the
newly repocopied krb5-maint.
Adjust security/Makefile to include krb5-maint.
(maintenance release) in preparation for krb5 1.11.3 --> 1.2 update.
Krb5-maint is a maintenance release for those who wish to use the previous
release of MIT krb5.
twisted can be configured with the arguments run or build to replace
the previous USE_TWISTED_RUN and USE_TWISTED_BUILD knobs. The twisted
components can be added as comma-separated arguments. If you previously
wrote
USE_TWISTED= yes
USE_TWISTED= conch names
USE_TWISTED_RUN= yes
you now would write
USES= twisted
USES= twisted:conch,names
USES= twisted:run
This OPTION is non-functional as it requires hardware support and libdag from
Endace, which is not available in, nor recommended to be built via the ports
tree.
This OPTION also incorrectly added CONFIGURE_ARGS without adding any
LIB_DEPENDS, which broke configure: during build when the option was enabled.
Reported by: mat (via pkg-fallout, via IRC)
service (server) using forcefully crashed aircrafts.
While here, reduce the diffs between other OpenTTD's VuXML entries; and
limit build logs verbosity to bulk package builders (or batch builds).
PR: ports/184434, ports/184435
Submitted by: Ilya A. Arkhipov
Security: CVE-2013-6411
This is a maintenance release that fixes a serious bug in the built-in HTTP
server. It was discovered that the handle_request() routine did not properly
perform input sanitization which led into a number of security
vulnerabilities.
An unauthenticated, remote attacker could exploit this flaw to execute
arbitrary commands on the remote host.
All users still using older versions are advised to upgrade to this version,
which resolves this issue.
Approved by: crees (maintainer, per PM)
Security: 620cf713-5a99-11e3-878d-20cf30e32f6d
- Fix build on FreeBSD 8: depend on libmagic ABI version from ports
- While here, use new LIB_DEPENDS syntax
PR: ports/184194
PR: ports/184381
Submitted by: Craig Leres (maintainer)
Reported by: Mark Martinec and pkg-fallout
- Fix LDAP support
- Add STATIC option, builds static version of library
- Update MASTER_SITES and WWW
While I'm here:
- Switch to new LIB_DEPENDS format
- Use options helpers
- Allow staging
- Don't show pkg-message twice
PR: ports/184183
Submitted by: maintainer
- Support STAGEDIR
- While I'm here, convert to new options helper
Changes: https://pypi.python.org/pypi/keyring#changes
PR: ports/184270
Submitted by: Douglas William Thrift <douglas@douglasthrift.net> (maintainer)
Since this patch converts all affected ports, bsd.cran.mk no longer supports
NO_STAGE and errors out if NO_STAGE is set.
Exp-run: ports/184216
Reviewed by: bdrewery
Approved by: portsmgr, wen
- add vuxml entry
- let bindings ports load options file [2]
[1]
Version 1.8.5
(25 November 2013, from /branches/1.8.x)
http://svn.apache.org/repos/asf/subversion/tags/1.8.5
User-visible changes:
- Client-side bugfixes:
* fix externals that point at redirected locations (issues #4428, #4429)
* diff: fix assertion with move inside a copy (issue #4444)
- Server-side bugfixes:
* mod_dav_svn: Prevent crashes with some 3rd party modules (r1537360 et al)
* mod_dav_svn: canonicalize paths properly (r1542071)
* mod_authz_svn: fix crash of mod_authz_svn with invalid config (r1541432)
* hotcopy: fix hotcopy losing revprop files in packed repos (issue #4448)
- Other tool improvements and bugfixes:
* mod_dontdothat: Fix the uri parser (r1542069 et al)
Developer-visible changes:
- General:
* fix compilation with '--enable-optimize' with clang (r1534860)
* fix copmpilation with debug build of BDB on Windows (r1501656, r1501702)
* fix '--with-openssl' option when building on Windows (r1535139)
* add test to fail when built against broken ZLib (r1537193 et al)
- Bindings:
* swig-rb: fix tests to run without installing on OS X (r1535161)
* ctypes-python: build with compiler selected via configure (r1536537)
Version 1.7.14
(25 Nov 2013, from /branches/1.7.x)
http://svn.apache.org/repos/asf/subversion/tags/1.7.14
User-visible changes:
- Client- and server-side bugfixes:
* fix assertion on urls of the form 'file://./' (r1516806)
- Client-side bugfixes:
* upgrade: fix an assertion when used with pre-1.3 wcs (r1530849)
* ra_local: fix error with repository in Windows drive root (r1518184)
* fix crash on windows when piped command is interrupted (r1522892)
* fix externals that point at redirected locations (issues #4428, #4429)
* diff: fix incorrect calculation of changes in some cases (issue #4283)
* diff: fix errors with added/deleted targets (issues #4153, #4421)
- Server-side bugfixes:
* mod_dav_svn: Prevent crashes with some 3rd party modules (r1537360 et al)
* fix OOM on concurrent requests at threaded server start (r1527103 et al)
* fsfs: limit commit time of files with deep change histories (r1536790)
* mod_dav_svn: canonicalize paths properly (r1542071)
- Other tool improvements and bugfixes:
* mod_dontdothat: Fix the uri parser (r1542069 et al)
Developer-visible changes:
- Bindings:
* javahl: canonicalize path for streamFileContent method (r1524869)
[2]
- Set OPTIONS_NAME to let bindings ports load the new options file.
Leave OPTIONSFILE for now to load the old file on systems where
it hasn't been moved to the new location yet.
- Remove an old hack.
PR: ports/180612 [2]
Submitted by: Tijl Coosemans <tijl@FreeBSD.org>
Security: e3244a7b-5603-11e3-878d-20cf30e32f6d
CVE-2013-4505
CVE-2013-4558
