- switch and force compiler to clang using the one from base on 9 and CURRENT, the one
from ports if not found in base
- now only build en_US version, all localisation are available through separated
ports.
- Graphite smart font is now used by default
- Rebundle boost to easier upgrading boost
- Rebundle mdds the one from the ports seems incompatible with clang
- Unbundle all the fonts
Thank you to jgh and Kuan-Chung Chiu <buganini@gmail.com> for testings and
feedback
Thank you to iXsystems for providing resources to build/test libreoffice
Vulnerability Details
=====================
Class: Cross-Site Request Forgery
Versions: 4.0.2 to 4.0.4, 4.1.1 to 4.2rc2
Fixed In: 4.0.5, 4.2
Description: Due to a lack of validation of the enctype form
attribute when making POST requests to xmlrpc.cgi,
a possible CSRF vulnerability was discovered. If a user
visits an HTML page with some malicious HTML code in it,
an attacker could make changes to a remote Bugzilla installation
on behalf of the victim's account by using the XML-RPC API
on a site running mod_perl. Sites running under mod_cgi
are not affected. Also the user would have had to be
already logged in to the target site for the vulnerability
to work.
References: https://bugzilla.mozilla.org/show_bug.cgi?id=725663
CVE Number: CVE-2012-0453
Approved by: skv (implicit)
This is an incremental update and should be much easier to handle than
the transition from 4.6.5 to 4.7.2 in the ports tree.
The official release notes can be found at
http://www.kde.org/announcements/announce-4.7.3.php.
Approved by: avilla (mentor), makc (mentor), portmgr (miwi)
Feature safe: yes
had both lines:
Author: ...
WWW: ....
So standardize on that, and move them to the end of the file when necessary.
Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.
s/AUTHOR/Author/
A few other various formatting issues
- Name
em@i.l
or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file.
4.7.2. The official release notes can be found at:
http://kde.org/announcements/announce-4.7.2.php
This release ships with many improvements. Read more about them here:
http://FreeBSD.kde.org/news.php#itemKDESC472availableinports
We'd like to say thanks to all testers and contributors, especially to
lwhsu@ for his effort on hosting our test packages.
PR: 156293 [1]
159219 [2]
160164 [3]
Submitted by: Oleg Sidorkin <osidorkin@gmail.com> [1]
Alvaro Castillo <gobledb@gmail.com> [2]
dkeav04@gmail.com [3]
Tested by: exp-run via pav
- Use DATADIR
- Use PLIST_DIRSTRY for DATADIR
- Explicitly list installing filenames
- Bump PORTREVISION for PORTNAME and PLIST change
- Sort PLIST
- Cosmetic change
- use DIST_SUBDIR for bugzilla and all translations
- sort pkg-plist (genplist)
OK from bugzilla maintainers per PM.
PR: ports/158766
Submitted by: ohauer
2011-05-01 german/citrix_xenapp: "crashes with f10"
2011-05-01 japanese/citrix_xenapp: "crashes with f10"
2011-05-01 net/citrix_xenapp: "crashes with f10"
2011-05-11 comms/gammu-python: since version 1.29.0 comms/gammu uses python by default
2011-05-01 java/gj: Upstream disapear and distfile is no more available
2011-05-09 net/ipv6socket_scrub: Upstream disapear and distfile is no more available
2011-05-13 graphics/lodju: depends on rep-gtk, which doesn't build anymore.
2011-05-01 www/mod_pubcookie: will be unsupported by ASF when 2.4.0 is release, migrate to 2.2.x+ now
2011-05-01 ftp/prozilla: Upstream disapear and distfile is no more available
2011-05-01 www/py-django11: Unsupported (no longer receive security updates or bugfixes)
2011-05-13 x11-toolkits/rep-gtk: missing rep-config from librep port broke the build.
2011-05-01 games/tnl: Upstream development has ceased, it doesn't work with newer CEGUI and is generally broken
2011-06-01 net/vnc2swf: Development is now superseded by deskutils/vnc2flv
Software Compilation: 4.6.2, codename "Congrats". Read the full
announcement here: http://kde.org/announcements/announce-4.6.2.php.
Special thanks to Raphael Kubo da Costa who ported the release.
be generated or checked, and will be silently ignored for now. Also,
generalize the MD5_FILE macro to DISTINFO_FILO.
PR: 149657
Submitted by: rene
Approved by: portmgr
Tested on: pointyhat i386 7-exp
Mediathek searches the archives of several German speakingTV stations (ARD,
ZDF, Arte, 3Sat, MDR, NDR, ORF, SF), downloads, manages and plays their
archived video footage and podcasts.
3Sat, MDR, NDR, ORF, SF), lädt Beiträge mit einem Programm eigener Wahl und
kann Themen als Abos anlegen und neue Beiträge automatisch downloaden. Es gibt
auch eine Möglichkeit, Podcast zu verwalten und zu downloaden.
Major changes:
Kexi now returns back
New import filters for MS OOXML (Office 2007) Formats
Improved OO.org and MS Office traditional formats compatibility
Improved stability at all
Discussed with: miwi, itetcu
Approved by: portmgr (erwin)
Feature safe: yes
The GIMP User Manual is distributed as a set of HTML pages for use
with the internal GIMP help browser or any web browser.
WWW: http://docs.gimp.org/
PR: ports/145650, ports/145652
Submitted by: SimaMoto, RyoTa <liangtai.s4 at gmail.com>
PR: ports/136065 ports/127469
Submitted by: N.J. Mann <njm@njm.me.uk> and Aldis Berjoza <killasmurf86@gmail.com>
- Early identify port CONFLICTS
PR: 137855
Submitted by: Piotr Smyrak <smyru@heron.pl>
- Add --no-same-permissions to the EXTRACT_AFTER_ARGS command.
Tijl Coosemans has been reported an issue that when root is extracting from the
tarball, and the tarball contains world writable files
(sysutils/policykit as an example), there is a chance that the files
gets changed by malicious third parties right after the extraction,
which makes it possible to inject code into the package thus compromise
the system.
Submitted by: Tijl Coosemans <tijl@coosemans.org> Xin LI (delphij@)
- Fix some whitespaces
Tested with: exp-run
e-mail addresses from the pkg-descr file that could reasonably
be mistaken for maintainer contact information in order to avoid
confusion on the part of users looking for support. As a pleasant
side effect this also avoids confusion and/or frustration for people
who are no longer maintaining those ports.
Austrian Bank Account Numbers. All currently defined test methods
by Deutsche Bundesbank (March 2009: 00 to D3) are implemented.
This port only installs the PHP module.
WWW: http://www.informatik.hs-mannheim.de/konto_check/
PR: ports/137661
Feature safe: yes
Submitted by: Dominik Brettnacher <domi at nonsensss.de>
a bugfix, translation and maintenance update. Release note can be found
at http://kde.org/announcements/announce-4.3.1.php
We would like to thank all our contributors and testers. My personal
thanks to miwi and makc for coaching me through my first KDE commit.
for FreeBSD. The official KDE 4.3.0 (Codename: "Caizen") release
notes can be found at:
http://kde.org/announcements/4.3/index.php.
We'd like to say thanks to all helpers and submitters.
Tested by: pointyhat-exp-run (pav/miwi)
. remove an "A" flag from FETCH_ARGS (SF seems to use a new
technology to redirect distfiles, a fetch ends up with
the message "Moved Temporarily");
. adjust WWW address to a new one at pkg-descr.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.
It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.
With help: marcus and kwm
Pointyhat-exp: a few times by pav
Tested by: pgollucci, "Romain Tartière" <romain@blogreen.org>, and
a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by: marcus
Approved by: portmgr
2009-07-07 audio/gai-visual-audio: abandoned project, does not build
2009-07-05 devel/linxt: Use devel/roboctl instead.
2007-08-22 german/citrix_ica: Use net/citrix_ica
2007-08-22 japanese/citrix_ica: Use net/citrix_ica
2009-06-30 mail/bogofilter-qdbm: Migrate to bogofilter-tc instead
2009-06-27 mail/xc-mail: depends on a port that expired in 2007
2009-07-01 www/trac-blog: Not supported anymore for trac > 0.10; use FullBlogPlugin instead
2009-07-01 www/trac-restrictedarea: Not supported anymore; functionality included in trac since 0.11
Critical vulnerabilities have been identified in Adobe Reader
9.1.1 and Acrobat 9.1.1 and earlier versions. These
vulnerabilities would cause the application to crash and could
potentially allow an attacker to take control of the affected
system.
Security: http://www.adobe.com/support/security/bulletins/apsb09-07.html
Security: CVE-2009-0198
Security: CVE-2009-0509
Security: CVE-2009-0510
Security: CVE-2009-0511
Security: CVE-2009-0512
Security: CVE-2009-0888
Security: CVE-2009-0889
Security: CVE-2009-1855
Security: CVE-2009-1856
Security: CVE-2009-1857
Security: CVE-2009-1858
Security: CVE-2009-1859
Security: CVE-2009-1861
- CVE-2009-1492
The getAnnots Doc method in the JavaScript API in Adobe Reader
and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote
attackers to cause a denial of service (memory corruption) or
execute arbitrary code via a PDF file that contains an
annotation, and has an OpenAction entry with JavaScript code
that calls this method with crafted integer arguments.
- CVE-2009-1493
The customDictionaryOpen spell method in the JavaScript API in
Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to
cause a denial of service (memory corruption) or execute
arbitrary code via a PDF file that triggers a call to this
method with a long string in the second argument.
Security: CVE-2009-1492
Security: CVE-2009-1493
Security: http://www.adobe.com/support/security/bulletins/apsb09-06.html
- CVE-2009-1492
The getAnnots Doc method in the JavaScript API in Adobe Reader
and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote
attackers to cause a denial of service (memory corruption) or
execute arbitrary code via a PDF file that contains an
annotation, and has an OpenAction entry with JavaScript code
that calls this method with crafted integer arguments.
- CVE-2009-1493
The customDictionaryOpen spell method in the JavaScript API in
Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to
cause a denial of service (memory corruption) or execute
arbitrary code via a PDF file that triggers a call to this
method with a long string in the second argument.
Security: CVE-2009-1492
Security: CVE-2009-1493
Security: http://www.adobe.com/support/security/bulletins/apsb09-06.html
See original release announcement for details:
http://kde.org/announcements/announce-4.2.3.php
New ports:
devel/kdebindings4:
Meta port of KDE bindings for C#, Java, PHP, Python and Ruby.
Currently only Python bindings are supported.
devel/kdebindings4-python, devel/kdebindings4-python-krosspython,
devel/kdebindings4-python-pykde4:
Python bindings for KDE.
print/kdeutils4-printer-applet:
printer-applet is a system tray utility. It shows current print jobs,
shows printer warnings and errors and shows when printers that have
been plugged in for the first time are being auto-configured by
hal-cups-utils. It replaces kjobviewer in KDE 3.
print/system-config-printer-kde
A port of Gnome system-config-printer to KDE.
both current (fc4) and future linux (f8) distributions at one
ports tree.
The patch contains full changes to ports/Mk files and all ports involved.
But only infrastructure is changed. The resulting packages are the same as
before. Hence no need to bump PORTREVISIONs.
The idea was taken from bsd.gnome.mk and others.
More than 130 ports are switched to follow a new linux infrastructure
introduced by changes to bsd.port.mk, bsd.linux-rpm.mk and a new
bsd.linux-apps.mk.
Thanks for all who was involved and helped me with this work.
And help from Alexander Leidinger was incredible.
Other changes are coming. Stay tuned!
PR: ports/132510
Submitted by: bsam (me)
Exp-run by: portmgr (pav)
multimedia/phonon port has been split into phonon itself, phonon-xine
and phono-gstreamer backends. After updating phonon port you have
to install at least one backend. phonon-xine backend is recommended
for KDE.
for FreeBSD. The official KDE 4.2.0 (Codename: "The Answer") release
notes can be found at:
http://kde.org/announcements/4.2/index.php.
New supported languages include Arabic, Icelandic, Basque,
Hebrew, Romanian, Tajik and several Indian languages (Bengali India,
Gujarati, Kannada, Maithili, Marathi) indicating a rise in popularity in
this part of Asia.
New ports for KDE 4.2.0:
arabic/kde4-l10n Arabic
hebrew/kde4-l10n Hebrew
misc/kde4-l10n-bn_IN Bengali (India)
misc/kde4-l10n-eu Basque
misc/kde4-l10n-gu Gujarati
misc/kde4-l10n-is Icelandic
misc/kde4-l10n-kn Kannada
misc/kde4-l10n-mai Maithili
misc/kde4-l10n-mr Marathi
misc/kde4-l10n-ro Romanian
misc/kde4-l10n-tg Tajik
math/eigen2 Lightweight library for vector and matrix math
graphics/kipi-plugins-kde4 KDE4 kipi graphics plugins
sysutils/policykit-kde PolicyKit manager for KDE
Unfortunately FreeBSD 6.4 support is dropped.
We'd like to say thanks for feedback and help to:
Matt Tosto, Kris Moore, stickibit, David Johnson, Markus Brueffer,
David Naylor, Thomas Schlesinger, Warren Liddell, Thomas Abthorpe,
Diego Depaoli, Mats Andreassen, portmgr for exp-run and repocopies.
files, DTAUS is an abbreviation for DatenTraegerAUStausch and refers to a
special file format used by German credit institutes in order to manage money
exchanges between accounts and institutes.
Dieses Paket enthaelt ein Programm zur Verwaltung und Erstellung von DTA- bzw.
DTAUS-Dateien. Damit wird belegloser Datentraegeraustausch fuer Ueberweisungen,
Lastschriften, Lohnzahlungen in Euro mit Deutschen Banken automatisiert
realisiert. Als Grundlage dient eine leicht verstaendliche ASCII-Datei,
die in das DTA-Format uebersetzt wird.
LICENSE: GPL2 or later
WWW: http://www.infodrom.org/projects/dtaus/
for FreeBSD. The official KDE 4.1.1 release notes can be found at
http://www.kde.org/announcements/changelogs/changelog4_1to4_1_1.php.
KDE Community ships sirst translation and service release of the 4.1
dree desktop, containing numerous bugfixes, Performance Improvements
and Translation Updates.
Pretty much all applications have received the developers' attention,
resulting in a long list of bugfixes and improvements. The most significant
changes are:
* Significant performance, interaction and rendering correctness
improvements in KHTML and Konqueror, KDE's web browser
* User interaction, rendering and stability fixes in Plasma,
the KDE4 desktop shell
* PDF backend fixes in the document viewer Okular
* Fixes in Gwenview, the image viewer's thumbnailing, more
robust retrieval and display of images with broken metadata
* Stability and interaction fixes in KMail
New Ports:
- graphics/kcoloredit
* KColorEdit is a palette files editor. It can be used
for editing color palettes and for color choosing and
naming.
- graphics/kgraphviewer
* KGraphViewer is a GraphViz DOT graph viewer for KDE. The
GraphViz programs are free-software layout engines for graphs.
KGraphViewer displays the graphs in a modern, user-friendly GUI
with all the power of a well integrated KDE application.
- graphics/kiconedit
* KIconEdit is designed to help create icons for KDE using the standard
icon palette.
- graphics/skanlite
* Skanlite is a simple image scanning application that does nothing
more than scan and save images. Skanlite can open a save dialog for
every image scanned or save the images immediately in a specified
directory with auto-generated names and format. The user can also
choose to show the scanned image before saving.
of KDE 3.5.10 for FreeBSD. The official KDE 3.5.10 release
notes can be found at:
http://www.kde.org/announcements/announce-3.5.10.php
While not a very exciting release in terms of features,
3.5.10 brings a couple of nice bugfixes and translation
updates to those who choose to stay with KDE 3.5. The
fixes are thinly spread across KPDF with a number of crash
fixes, KGPG and probably most interesting various fixes
in kicker, KDE3's panel:
* Improved visibility on transparent backgrounds
* Themed arrow buttons in applets that were missing them
* Layout and antialiasing fixes in various applets
Approved by: portmgr (erwin/pav)
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk
- Remove CONFIGURE_TARGET hack in various bsd.*.mk
- USE_GNOME=gnometarget is now an no-op
Changes to individual ports, other than removing the CONFIGURE_TARGET hack:
= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
- comms/gnuradio
- science/abinit
- science/elmer-fem
- science/elmer-matc
- science/elmer-meshgen2d
- science/elmerfront
- science/elmerpost
= use x86_64 as ARCH
- devel/g-wrap
= other changes
- print/magicfilter
GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf
Total # of ports modified: 1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)
PR: 126524 (obsoletes 52917)
Submitted by: rafan
Tested on: two pointyhat 7-amd64 exp runs (by pav)
Approved by: portmgr (pav)
of KDE 3.5.9 for FreeBSD. The official KDE 3.5.9 release
notes can be found at:
http://www.kde.org/announcements/announce-3.5.9.php
After the KDE 4.1.0 import the team found time to make
KDE 3.5.9 ready for the Ports tree.
KDE 3.5.9 was released six months ago and 3.5.10 is coming
soon. We are not sure we have time to get 3.5.10 for FreeBSD
7.1/6.4 release, but we would have minimum 3.5.9 for those
people who prefer to stay with KDE3.
Of course Thanks to all Testers.
for FreeBSD. The official KDE 4.1.0 release notes can be found at
http://www.kde.org/announcements/4.1/.
Some note:
* Prefix
KDE4 will be install into a custom prefixes namely ${LOCALBASE}/kde4.
KDE4 and KDE3 can co-exist
* Sound
For sound to work, it is necessary to have dbus and hal enabled
in your system. Please see the respective documentation on how
to enable these.
For more Informations see the HEADS UP at ports@ and kde-freebsd@
or our wiki page http://wiki.freebsd.org/KDE4/Install.
Have fun!
| A critical vulnerability has been identified in Adobe Reader and
| Acrobat 8.1.2. This vulnerability would cause the application to
| crash and could potentially allow an attacker to take control of
| the affected system.
Security: CVE-2008-2641
Security: CVE-2008-0883
Security: http://www.adobe.com/support/security/bulletins/apsb08-15.html
The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).
PR: ports/124340
Submitted by: edwin@
Approved by: portmgr (pav)
- Remove USE_XLIB/USE_X_PREFIX/USE_XPM in favor of USE_XORG
- Remove X11BASE support in favor of LOCALBASE or PREFIX
- Use USE_LDCONFIG instead of INSTALLS_SHLIB
- Remove unneeded USE_GCC 3.4+
Thanks to all Helpers:
Dmitry Marakasov, Chess Griffin, beech@, dinoex, rafan, gahr,
ehaupt, nox, itetcu, flz, pav
PR: 116263
Tested on: pointyhat
Approved by: portmgr (pav)
http://blogs.adobe.com/acroread/2008/02/#a005029:
[General Issues]
* Font caching Issues: Various font caching issues are fixed in Reader
8.1.2, including the issue of fonts that were configured using
fontconfig not being picked up by the Reader to render documents
(reported by Novell).
* Problem with Dual-screen setup (Xinerama mode).: Issue number 4
listed on the Known Issues page for Reader 8.1.1.
* Document ordering and fullscreen mode: Issue has been fixed in
Reader 8.1.2.
* Font KozGoProVI-Medium.otf is missing in Japanese Reader: This issue
is fixed in Reader 8.1.2.
[Printing Related Issues]
* Incorrect orientation: Issues with printing PDF files containing
portrait and landscape pages have been fixed in Reader
8.1.2. Choosing "Auto Rotate and Center" will now print the pages in
their inherent orientation.
* Red wash on printing with HP CLJ 2605: A workaround for this has
been added in the preferences
($HOME/.adobe/Acrobat/8.0/Preferences/reader_prefs), namely
"brokenCRDs". This value is set to "false" by default and can be
modified to "true" if one faces the red background issue.
* Scaling issues: Problems with -shrink/-expand options in the command
line (Issue #1 listed on the Known Issues page for Reader 8.1.1) as
well as with "Custom" printing in the dialog have been fixed in
Reader 8.1.2.
* Reader does not remember last chosen printer across sessions: Last
chosen printer is now remembered between different sessions of the
Reader in 8.1.2 release.
* Cannot pipe PDF as input to acroread: PDF contents can be read from
stdin when using the -toPostScript option.
* Hardcoding of printer command: Earlier the printer command was
hardcoded in the reader binary. This has been fixed in Reader 8.1.2
to pick up the command from the PATH environment variable.
The highlight: TIPP10 works intelligent. The dictation reacts on
individual errors of the user. Keys, which are wrongly typed often,
will be dictated more often.
Visual help, various keyboard layouts, numerous settings and the
possibility to create own exercise dictates are easing the learning
process.
Main features:
- Intelligent exercise lessons
- Free and own lessons
- Scrolling text and virtual keyboard for help
- Extensive customization
- Performance appraisal
- Support of alternate keyboard layouts
- Multi platform
WWW:www.tipp10.de
PR: ports/119609
Submitted by: Heiner <h.eichmann at gmx.de>
