Ark input sanitization errors:
The KDE archiving tool, Ark, performs insufficient validation
which leads to specially crafted archive files, using unknown
MIME types, to be rendered using a KHTML instance, this can
trigger uncontrolled XMLHTTPRequests to remote sites.
IO Slaves input sanitization errors:
KDE protocol handlers perform insufficient input validation, an
attacker can craft malicious URI that would trigger JavaScript
execution. Additionally the 'help://' protocol handler suffer
from directory traversal. It should be noted that the scope of
this issue is limited as the malicious URIs cannot be embedded
in Internet hosted content.
KMail input sanitization errors:
The KDE mail client, KMail, performs insufficient validation which
leads to specially crafted email attachments, using unknown MIME
types, to be rendered using a KHTML instance, this can trigger
uncontrolled XMLHTTPRequests to remote sites.
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)
Approved by: secteam (myself), portmgr
Security: http://www.vuxml.org/freebsd/6f358f5a-c7ea-11de-a9f3-0030843d3802.html
<http://www.videolan.org/security/sa0901.html>.
Also include fixes from PR ports/135018 to fix build when WITHOUT_X11 is
defined.
PR: ports/139114 (1) ports/135018 (2)
Submitted by: Christopher Key <cjk32 (at) cam.ac.uk> (1) Nick Triantos <nick-freebsd (at) triantos.com> (2)
Approved by: Joseph S. Atkinson <jsa.bsd (at) gmail.com> (maintainer)
Security: VideoLAN-SA-0901 (CVE Pending)
- New region: Asia/Novokuznetsk
- Kemerovo oblast' (Kemerovo region) in Russia will change current
time zone on 29 March 2010
- Add historical data for Hongkong 1941 - 1980
- Syria will go to winter time in the last weekend of October 2009.
decoration that allows notably to:
- resize window borders,
- change buttons size,
- hide the horizontal separator.
- select different title bar blending and frame border size depending on
the window title or name, in order to have better integration of GTK
based windows in the decoration style.
- add a size-grip handle in the bottom-right corner of windows. This is
particularly useful when the no-border option is selected.
WWW: http://www.kde-look.org/content/show.php/Nitrogen?content=99551
Approved by: miwi (mentor)
Plain "bison -d parse.y" outputs parse.tab.c instead of y.tab.c,
so y.tab.c is never regenerated, and the parser fix from patch 001
is effectively not applied.
PR: 139720
Approved by: maintainer timeout (4+2 weeks)
runs on Linux PC, including:
* A shared library with the IL core and a "reference" OpenMAX component
* A number of OpenMAX components which pass Khronos conformance tests
It is intended to show the usage of the IL API and to allow people to
start developing components.
WWW: http://omxil.sourceforge.net/index.html
PR: ports/139349
Submitted by: Thinker K.F. Li <thinker at branda.to>
It aims to give an interface to git repos that doesn't call out to git directly
but instead uses pure Python. It is based on the Python-Git module released by
James Westby.
WWW: http://samba.org/~jelmer/dulwich/
PR: ports/140027
Submitted by: Marco Broeder <marco.broeder at gmx.eu>
and pull from a Git server repository from Mercurial. This means you can
collaborate on Git based projects from Mercurial, or use a Git server as a
collaboration point for a team with developers using both Git and Mercurial.
The Hg-Git plugin can convert commits / changesets losslessly from one system
to another, so you can push via a Mercurial repository and another Mercurial
client can pull it and their changeset node ids will be identical - Mercurial
data does not get lost in translation.
This plugin is implemented entirely in Python - there are no Git binary
dependencies, you do not need to have Git installed on your system.
WWW: http://hg-git.github.com/
PR: ports/140025
Submitted by: Marco Broeder <marco.broeder at gmx.eu>
