- Add zh-xmms to CONFLICTS.
- Convert USE_GNOME=desktopfileutils and USE_GMAKE to USES.
- Make USE_GL conditional on the SPEC option.
- Make gettext conditional on new NLS option.
- Only set USE_AUTOTOOLS for the RUSXMMS_PATCHES option.
- Remove LIBS from CONFIGURE_ENV. Set LDFLAGS instead.
- Add missing xorg dependencies.
- Add xmms_cv_newpcm_driver=yes to CONFIGURE_ARGS. The configure test
fails on recent version of FreeBSD but the code it enables is still
relevant. Without it you cannot select a different output device.
- Remove SUB_FILES. None of the files require substitutions.
- Remove IPV6 from OPTIONS_DEFAULT. It's implicit.
- Don't exclude SIMD option from amd64.
- Use option helpers like OPTIONS_SUB, opt_CONFIGURE_ENABLE, etc.
- Install stripped libraries when !defined(WITH_DEBUG).
- Use new style LIB_DEPENDS.
- Add aclocal, autoheader and libtoolize to USE_AUTOTOOLS to fully
regenerate the build infrastructure. This fixes a lot of warnings
and allows some patches to be removed.
- Add USE_OPENSSL for RUSXMMS_PATCHES option.
- Fix the SIMD option on all architectures by removing the post-extract
target.
- Remove the message about the RUSXMMS_PATCHES option. This is from
before there were option dialogs.
- Use the same cp command as in the script included with rusxmms instead
of INSTALL_DATA.
- Remove the ALSA test from configure with REINPLACE_CMD instead of a
patch (RUSXMMS_PATCHES case).
- Remove old libtool macros from acinclude.m4. Libtoolize adds new
macros.
- Remove MKDIR_P patching. No longer needed after running aclocal.
- Patch configure to disable ALSA (not RUSXMMS_PATCHES case).
- Fix po/Makefile.in.in with REINPLACE_CMD instead of a patch.
- Fix assembly source code files to support clang:
* Remove comments that begin with a single slash.
* Replace 'fist' instruction with 'fists' and 'fistp' with 'fistps'.
* Append '.section ".note.GNU-stack","",@progbits' to every file to
say they don't require an executable stack. These files are
compiled with -Wa,--noexecstack which clang supports but the ancient
binutils in FreeBSD base does not so without this change xmms runs
with an executable stack when compiled with base gcc.
- Support staging.
- Remove extra-patch-Visualization_Makefile.am. It's not needed when
passing VISUALIZATION_PLUGINS to configure.
- Rename patch-gcc41 to patch-General-ir-ir.c and modify it to keep the
variables static, but mark keepGoing volatile.
- Remove patch-aclocal.m4. Not needed when running aclocal.
- Remove patch-configure.in. The PTHREAD_LIBS related changes are no
longer needed and ALSA change is handled in the Makefile.
- Remove patch-ltmain.sh. Not needed with staging.
- Remove patch-po-Makefile.in.in. Handled in Makefile.
- Remove patch-xmms-config.in. Not 100% sure about this. It doesn't
affect xmms itself. Perhaps some plugins need it but I'd rather fix
those plugins then.
- Add patch-xmms-i18n.h.in. It's needed when NLS option is disabled.
- Remove pkg-message.in. All supported versions of FreeBSD have unzip
in base.
- Rename xmms.desktop.in to xmms.desktop to reflect that it doesn't
require substitutions.
- Adjust pkg-plist for OPTIONS_SUB, NLS option, staging and
USES=desktop-file-utils.
chinese/xmms, russian/xmms:
- Minor cleanups.
PR: ports/183165
Approved by: "Chris Petrik" <c.petrik.sosa@gmail.com> (maintainer)
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry
4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013
Summary
=======
Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:
* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
can lead to a bug being edited without the user consent.
* A CSRF vulnerability in attachment.cgi can lead to an attachment
being edited without the user consent.
* Several unfiltered parameters when editing flagtypes can lead to XSS.
* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
field values in tabular reports can lead to XSS.
All affected installations are encouraged to upgrade as soon as
possible.
[1] even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend
Security: vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
CVE-2013-1733
CVE-2013-1734
CVE-2013-1742
CVE-2013-1743
- While I'm here, add LICENSE and NO_STAGE
Determine positions for hyphens inside words based on Text::Hyphen
WWW: http://search.cpan.org/dist/Text-Hyphen-RU/
PR: ports/180317
Submitted by: Anes Mukhametov <anes@anes.su>
Unfortunately, this also affects some ports using QT3 as a GUI toolkit.
Changes to infrastructure files:
- bsd.kde.mk : obsolete, remove
- bsd.qt.mk : note that a CONFLICTS_BUILD line can probably go after a while
- CHANGES : document the removals from bsd.port.mk
- KNOBS : remove KDE and QT (KDE4 and QT4 should be used instead)
- MOVED : add the removed ports
PR: ports/180745
Submitted by: rene
Approved by: portmgr (bapt)
Exp-run by: bapt
- Remove an entry from all plists that slipped under radar and made
packaging fail.
- Properly save the OPTIONS defined by the user in the l10n ports. [1]
Quoting bapt, master of all things ports:
That is because misc/kde4-l10n/files/bsd.l10n.mk is totally wrong it does
...
.include <bsd.port.pre.mk>
...
.include <bsd.port.options.mk>
...
.include <bsd.port.post.mk>
First the right order in that case should be:
...
.include <bsd.port.options.mk>
...
.include <bsd.port.pre.mk>
...
.include <bsd.port.post.mk>
Second in that case (kde) the pre.mk/post.mk can be removed just keeping
the options.mk and given that we now have the helpers options.mk can also
be removed.
The check for variables in OPTIONS_DEFINE is also useless (already done
by the framework) defining OPTIONS_DEFINE and OPTIONS_DEFAULT to some
empty values is also useless.
No PORTREVISION bump because the generated packages do not change regardless
of the changes/fixes in behavior here.
Reported by: avg [1]
Submitted by: bapt [1]
Proudly brought to you by the KDE on FreeBSD team. We're sorry to ship two
KDE updates in just a few days, but the work on 4.10.5 was very light
compared to 4.10.4 so it was ready much faster.
The release announcement can be found in [1].
[1] http://www.kde.org/announcements/announce-4.10.5.php
The biggest news for us on FreeBSD is that the Ruby bindings should work
with Ruby 1.9 now.
I will probably add a note to UPDATING later about this, but as avilla@
pointed out, the clang support we mentioned that was improved in 4.10.4
requires a rebuild of the ports that depend on kdelibs4. Most of them are
covered by this update, but those which are not part of the Software
Compilation need to be rebuilt manually to make sure the previous issues
(proper symbol visibility being the most annoying of them) are solved.
With commits from avilla@, makc@, rakuco@ and Schaich Alonso.
The upstream announcement can be found in [1].
[1] http://www.kde.org/announcements/announce-4.10.4.php
clang support should be more stable now, with clang being recognized by
kdelibs4 and being passed the correct flags to build other ports.
Additionally, all ports being committed have been verified to build with
-CURRENT's clang 3.3 on an amd64 tinderbox (special thanks go to swills@ for
providing it).
Work on the newly-released 4.10.5 will begin shortly.
- s/CONFLICTS/CONFLICTS_INSTALL/
- use easier CONFLICT notation (future proof)
- trim Makefile.common header
- update russian/bugzilla42 language template to version 4.2.6
