In OpenSSL versions prior to 1.1.0 these functions initialised and
de-initialised this table. From OpenSSL 1.1.0 they are deprecated.
No explicit initialisation or de-initialisation is required.
Bump PORTREVSION on all consumers. ABI-breaking changes were introduced and
recompile of consumers is necessary.
Remove unused cryptopp dependency from devel/xeus. Upstream migrated to OpenSSL
several releases ago. [1]
[1] c98c44c174
Changes: https://www.cryptopp.com/release840.html
This appears to be an older project that has no autoconf stanza for riscv64.
Approved by: portmgr (tier-2 blanket)
Obtained from: lonesome.com build testing
January 09, 2021. KDE today announces the release of KDE Frameworks 5.78.0.
KDE Frameworks are 83 addon libraries to Qt which provide a wide variety of
commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks release announcement.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and pred
Full Changelog:
https://kde.org/announcements/kde-frameworks-5.78.0
PR: 252591
Exp-run by: antoine
After discussion with the author, the license terms of kzip where updated to
allow repackaging and redistribution of the original binaries by non-commercial
projects that distribute it freely.
http://advsys.net/ken/utils.htm#pngoutkziplicense
- Update the LICENCE_* in the port
- Add a license file with the lew license terms displayed in the website
- Update LEGAL accordingly
Noteworthy changes:
* POSIX extended format headers do not include PID by default
* --delay-directory-restore works for archives with reversed member ordering
* Fix extraction of a symbolic link hardlinked to another symbolic link
* Wildcards in exclude-vcs-ignore mode don't match slash
* Fix the --no-overwrite-dir option
* Fix handling of chained renames in incremental backups
* Link counting works for file names supplied with -T
* Accept only position-sensitive (file-selection) options in file list files
- Use FreeBSD static binary instead of linux one
- Take maintenership for this port
- Update Makefile to make portlint happy
Major changes:
* hardening options enabled during compilation
In file included from /wrkdirs/usr/ports/archivers/pecl-rar/work-php73/rar-4.2.0/rararch.c:44:
/wrkdirs/usr/ports/archivers/pecl-rar/work-php73/rar-4.2.0/php_compat.h:15: error: redefinition of typedef 'handler_this_t'
/wrkdirs/usr/ports/archivers/pecl-rar/work-php73/rar-4.2.0/php_compat.h:15: error: previous declaration of 'handler_this_t' was here
/wrkdirs/usr/ports/archivers/pecl-rar/work-php73/rar-4.2.0/php_compat.h:19: error: redefinition of typedef 'rar_obj_ref'
/wrkdirs/usr/ports/archivers/pecl-rar/work-php73/rar-4.2.0/php_compat.h:19: error: previous declaration of 'rar_obj_ref' was here
/wrkdirs/usr/ports/archivers/pecl-rar/work-php73/rar-4.2.0/php_compat.h:46: error: redefinition of typedef 'zpp_s_size_t'
/wrkdirs/usr/ports/archivers/pecl-rar/work-php73/rar-4.2.0/php_compat.h:46: error: previous declaration of 'zpp_s_size_t' was here
MFH: 2021Q1
Upstream announce: https://xfce.org/about/news/?post=1608595200
This XFCE release dropped support for GTK2 plugins and also dropped
GTK2 from all components.
WARNING: please check UPDATING before upgrading your packages. In
case of problems also read the libexo pkg-message.
Due to this some panel plugins and libraries will be removed since
they cannot compile anymore:
- print/xfce4-print
- x11/xfce4-quicklauncher-plugin
- x11/xfce4-wmdock-plugin
- x11-toolkits/libxfce4gui
These further components also fail to build or work and are being
marked BROKEN, deprecated and marked for removal:
- science/xfce4-equake-plugin
- x11/xfce4-embed-plugin
- deskutils/orage
- deskutils/xfce4-volumed [1]
deskutils/xfce4-notes-plugin will be also marked BROKEN, but there
is active development in it's upstream repository and a fixed release
is expected soon.
deskutils/xfce4-generic-slider will also be marked broken, since
it fails to compile. [2]
Thanks also to riggs, Olivier Duchateau <duchateau.olivier@gmail.com>
and the people in Approved and Reviewed lines below for help and
contributions.
Reviewed by: woodsb02
Approved by: sergey.dyatko@gmail.com (maintainer) [1],
ehaupt [2]
Differential Revision: https://reviews.freebsd.org/D27846
This is a brown paperbag release to fix a single regression in 4.16.1
which causes rpmbuild to crash if hostname is not resolvable, and an
accidental soname bump introduced in now withdrawn 4.16.1.1.
Full release note: https://rpm.org/wiki/Releases/4.16.1.2
2020-12-31 ./net/php72-soap: Security Support ends on 30 Nov 2020
2020-12-31 ./net/php72-sockets: Security Support ends on 30 Nov 2020
2020-12-31 ./net/php72-xmlrpc: Security Support ends on 30 Nov 2020
2020-12-31 ./net/php72-ldap: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-xmlwriter: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-pspell: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-enchant: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-wddx: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-xsl: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-dom: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-ctype: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-xml: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-simplexml: Security Support ends on 30 Nov 2020
2020-12-31 ./textproc/php72-xmlreader: Security Support ends on 30 Nov 2020
2020-12-31 ./graphics/php72-gd: Security Support ends on 30 Nov 2020
2020-12-31 ./graphics/php72-exif: Security Support ends on 30 Nov 2020
2020-12-31 ./mail/php72-imap: Security Support ends on 30 Nov 2020
2020-12-31 ./www/php72-opcache: Security Support ends on 30 Nov 2020
2020-12-31 ./www/mod_php72: Security Support ends on 30 Nov 2020
2020-12-31 ./www/php72-session: Security Support ends on 30 Nov 2020
2020-12-31 ./www/php72-tidy: Security Support ends on 30 Nov 2020
2020-12-31 ./security/php72-filter: Security Support ends on 30 Nov 2020
2020-12-31 ./security/php72-sodium: Security Support ends on 30 Nov 2020
2020-12-31 ./security/php72-hash: Security Support ends on 30 Nov 2020
2020-12-31 ./security/php72-openssl: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-shmop: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-tokenizer: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-sysvshm: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-gettext: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-readline: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-pcntl: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-json: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-sysvmsg: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-sysvsem: Security Support ends on 30 Nov 2020
2020-12-31 ./devel/php72-intl: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pdo_sqlite: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pdo_mysql: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pgsql: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pdo_pgsql: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-odbc: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pdo_odbc: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-mysqli: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-interbase: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pdo_firebird: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pdo: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-dba: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-pdo_dblib: Security Support ends on 30 Nov 2020
2020-12-31 ./databases/php72-sqlite3: Security Support ends on 30 Nov 2020
2020-12-31 ./ftp/php72-curl: Security Support ends on 30 Nov 2020
2020-12-31 ./ftp/php72-ftp: Security Support ends on 30 Nov 2020
2020-12-31 ./misc/php72-calendar: Security Support ends on 30 Nov 2020
2020-12-31 ./math/php72-bcmath: Security Support ends on 30 Nov 2020
2020-12-31 ./math/php72-gmp: Security Support ends on 30 Nov 2020
2020-12-31 ./archivers/php72-zip: Security Support ends on 30 Nov 2020
2020-12-31 ./archivers/php72-phar: Security Support ends on 30 Nov 2020
2020-12-31 ./archivers/php72-zlib: Security Support ends on 30 Nov 2020
2020-12-31 ./archivers/php72-bz2: Security Support ends on 30 Nov 2020
2020-12-31 ./net-mgmt/php72-snmp: Security Support ends on 30 Nov 2020
./lang/php72-extensions
2020-12-31 ./lang/php72: Security Support ends on 30 Nov 2020
2020-12-31 ./converters/php72-mbstring: Security Support ends on 30 Nov 2020
2020-12-31 ./converters/php72-recode: Security Support ends on 30 Nov 2020
2020-12-31 ./converters/php72-iconv: Security Support ends on 30 Nov 2020
2020-12-31 ./sysutils/php72-posix: Security Support ends on 30 Nov 2020
2020-12-31 ./sysutils/php72-fileinfo: Security Support ends on 30 Nov 2020
Since r558913 Python 3.8 incorporates BPO-42604 [1] which changed the
shared libs naming scheme. This means "EXT_SUFFIX" is now derived from
SOABI and yields with Python 3.8 to ".cpython-38.so" instead of ".so".
The affected ports strip the libaries in the "post-install" target via
hardcoded path(s) and the build fails at the end because the new extension
is not expected at this place.
Remedy the issue by adding wildcards to these paths. This should also
prepare the ports for future Python releases, which will use the new shared
libs naming scheme.
[1] https://bugs.python.org/issue42604
PR: 252057
Reported by: John Kennedy
Reviewed by: fluffy, koobs
Approved by: koobs (python)
December 12, 2020. KDE today announces the release of KDE Frameworks 5.77.0.
KDE Frameworks are 83 addon libraries to Qt which provide a wide variety of
commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks release announcement.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Announcement:
https://kde.org/announcements/kde-frameworks-5.77.0/
PR: 251792
Exp-run by: antoine
- astro/libkgeomap has been removed as there are no consumers left
- deskutils/kdepim-apps-libs has been reintegrated into other ports
There are a handful of new ports available:
- astro/kosmindoormap: Library and QML component for rendering multi-level OSM indoor maps
- deskutils/itinerary: KDE Itinerary is a digital travel assistant
- devel/kpublictransport: Access realtime public transport data
- graphics/kontrast: Color contrast checker
- textproc/markdownpart: KPart for rendering Markdown content
Hard-float 'd' ABI can't be used for a target that doesn't support the D instruction set extension (ignoring target-abi)
ld: error: lto.tmp: cannot link object files with different floating-point ABI
Approved by: portmgr (tier-2 blanket)
November 07, 2020. KDE today announces the release of KDE Frameworks 5.76.0.
KDE Frameworks are 70 addon libraries to Qt which provide a wide variety of
commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks release announcement.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Announcement:
https://kde.org/announcements/kde-frameworks-5.76.0/
PR: 251135
Exp-run by: antoine
2020-11-15 archivers/py-pyliblzma: Uses deprecated version of python
2020-11-15 databases/postgis23: Upstream no longer maintained
2020-11-15 databases/py-htsql: Uses deprecated version of python
2020-11-15 devel/bzr-fastimport: Uses deprecated version of python
2020-11-15 devel/py-ToscaWidgets: Uses deprecated version of python
2020-11-15 devel/py-calendar: Uses deprecated version of python
2020-11-15 devel/py-distorm: Uses deprecated version of python
2020-11-15 devel/py-fabric1: Uses deprecated version of python
2020-11-15 devel/py-rcsparse: Uses deprecated version of python
2020-11-15 devel/pyrex: Uses deprecated version of python
2020-11-15 japanese/py-tegaki: Uses deprecated version of python
2020-11-15 math/py-networkx1: Obsolete, please use math/py-networkx instead
2020-11-15 misc/py-progressbar231: Uses deprecated version of python
2020-11-15 multimedia/py-kaa-imlib2: Uses deprecated version of python
2020-11-15 multimedia/py-kaa-metadata: Uses deprecated version of python
2020-11-15 net-im/libtelepathy: Uses deprecated version of python
2020-11-15 security/py-mcrypt: Uses deprecated version of python
2020-11-15 www/py-beautifulsoup32: Uses deprecated version of python
2020-11-15 www/py-evernote: Uses deprecated version of python
2020-04-01 www/py-meld3: EOLed upstream
2020-11-15 www/py-requestbuilder: Uses deprecated version of python
2020-11-15 x11-toolkits/py-SquareMap: Uses deprecated version of python
jurisdiction. Patents are not necessarily related to the license and so
should not be connected to the license framework.
As a project we will officially remove all patent limitations within the
ports tree and leave it to the user or consumer to deal with their local
legislation to determine if they can use the software without legal
restrictions.
Approved by: core
- Merge changes made to unrar up to version 5.5.6.
- Support PHP 7.2, PHP 7.3 and PHP 7.4.
- Update to unrar 5.9.4
- Fix bug #76592: streaming unpacking of uncompressed files incomplete
Sponsored by: Netzkommune GmbH
Some of our projects release on their own timescale and some get released
en-masse. The 20.08.3 bundle of projects was released today with dozens of
bugfixes and will be available through app stores and distros soon. See the
20.08.3 releases page for details.
Some of the fixes in today’s releases:
* Gwenview no longer accidentally shows the thumbnail view as a separate window with newer Qt versions
* Sending SMS with KDEConnect has been restored
* Fixed a possible Okular crash when selecting text in annotations
Announcement:
https://kde.org/announcements/releases/2020-11-apps-update/
Changelog:
https://kde.org/announcements/fulllog_releases-20.08.3/
* Upgrade to 4.16.0
* add sqlite support
* remove deprecate config options
Major changes:
* Database backends:
* NDB backend promoted to stable
* New sqlite-based backend
* New experimental read-only BDB backend
* BDB database backend deprecated
* Powerful macro and %if expressions
* Optional MIME type based file classification
* Dependency generation by parametric macros
* A new version parsing and comparison API in C and Python
* Parallelise test-suite execution
* Clarify RPM license
PR: 250573
Submitted by: Brian Zou <zoujiaqing@gmail.com>
October 10, 2020. KDE today announces the release of KDE Frameworks 5.75.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Full Announcement & Changelog:
https://kde.org/announcements/kde-frameworks-5.75.0
PR: 250251
Exp-run by: antoine
Dozens of KDE apps are getting new releases from KDE’s release service. New
features, usability improvements, re-designs and bug fixes all contribute to
helping boost your productivity and making this new batch of applications more
efficient and pleasant to use.
Update evolution-dataserver to 3.38.0 and because of ABI breakage update ports
depending on it
Update bijiben to 3.38.0
Update gnome-calendar to 3.38.0
Update gnome-contacts to 3.38
Update gnome-maps to 3.38.0
Patch gnome-todo to work with newer evolution-dataserver (patched obtained from
OpenBSD/Archlinux)
Update evolution to 3.38.0
Update evolution-ews to 3.38.0 (among changes it brings support for office365)
Update folks to 0.14.0
Update cheese to 3.38.0
Update aisleriot to 3.22.9
Update five-or-more to 3.22.2
Update fastream to 0.2.9
Update gnome-control-center to 3.36.4
Update gnmoe-settings-daemon to 3.38.0
Update meld to 3.21.0
Update gnome-desktop to 3.38.0 and because of ABI breakage bump portrevision of
all dependant ports not touched by this update
Update gnome-session to 3.38.0
Update gnome-shell to 3.36.6, now run depends on gdm
Update gnome-shell-extensions to 3.36.3
Update mutter to 3.36.6
September 06, 2020. KDE today announces the release of KDE Frameworks 5.74.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Full announcement:
https://kde.org/announcements/kde-frameworks-5.74.0
PR: 249277
Exp-run: antoine
After I got a commit bit for ports, it is time now to change the maintainers entry in all 'owned' ports.
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D26398
Seems this old, legacy software has been removed from the vendor site.
Only macOS and Windows versions are still available from stuffit.com.
A few mirrors exist, including on the Wayback machine, but that one does
not seem to offen a suitable direct download link.
Therefore, small mirror sites have been selected that currently offer
the Linux version - a quick search did not result in any better mirrors.
The PORT_REVISION is not incremented since there is no other change than
the download address - packages need not be rebuilt.
- Default GTK version to gtk3 to match the version used by xfce
- Remove the GTK version from COMMENT
- This version also fixes the build with clang11
Submitted by: woodsb02
Differential Revision: D25520
KDE Project Security Advisory
=============================
Title: Ark: maliciously crafted TAR archive with symlinks can install files outside the extraction directory.
Risk Rating: Important
CVE: CVE-2020-24654
Versions: ark <= 20.08.0
Author: Elvis Angelaccio <elvis.angelaccio@kde.org>
Date: 27 August 2020
Overview
========
A maliciously crafted TAR archive containing symlink entries
would install files anywhere in the user's home directory upon extraction.
Proof of concept
================
For testing, an example of malicious archive can be found at
https://github.com/jwilk/traversal-archives/releases/download/0/dirsymlink.tar
Impact
======
Users can unwillingly install files like a modified .bashrc, or a malicious
script placed in ~/.config/autostart.
Workaround
==========
Before extracting a downloaded archive using the Ark GUI, users should inspect it
to make sure it doesn't contain symlink entries pointing outside the extraction folder.
The 'Extract' context menu from the Dolphin file manager shouldn't be used.
Solution
========
Ark 20.08.1 skips maliciously crafted symlinks when extracting TAR archives.
Alternatively, 8bf8c5ef07 can be applied to previous
releases.
Credits
=======
Thanks to Fabian Vogt for reporting this issue and for fixing it.
MFH: 2020Q3
Security: CVE-2020-24654
<Security note>
Please consider updating brotli to version 1.0.9 (latest).
Version 1.0.9 contains a fix to "integer overflow" problem. This
happens when "one-shot" decoding API is used (or input chunk for
streaming API is not limited), input size (chunk size) is larger
than 2GiB, and input contains uncompressed blocks. After the
overflow happens, `memcpy` is invoked with a gigantic `num`
value, that will likely cause the crash.
</Security note>
- Use upstream release tarball
- Add OPTIMIZED_CFLAGS and TEST options
- Remove valgrind test
- Bump PORTREVISION for package change
PR: 247100
Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2020-08-15 archivers/py-backports.lzma: Uses deprecated version of python
2020-08-15 archivers/py-bup: Uses deprecated version of python
2020-08-15 archivers/py-librtfcomp: Uses deprecated version of python
2020-08-15 audio/blop-lv2: Uses deprecated version of python
2020-08-15 audio/bs2b-lv2: Uses deprecated version of python
2020-08-15 audio/py-gmusicproxy: Uses deprecated version of python
2020-08-15 audio/py-karaoke: Uses deprecated version of python
2020-08-15 audio/py-openal: Uses deprecated version of python
2020-08-15 audio/py-py-jack: Uses deprecated version of python
2020-08-15 audio/py-xmms2: Uses deprecated version of python
2020-08-15 audio/triceratops-lv2: Uses deprecated version of python
2020-08-15 biology/py-biom-format: Uses deprecated version of python
2020-08-15 comms/py-bulksms: Uses deprecated version of python
2020-08-15 comms/py-gammu: Uses deprecated version of python
2020-08-15 databases/py-geoalchemy: Uses deprecated version of python
2020-08-15 databases/py-htsql-mysql: Uses deprecated version of python
2020-08-15 databases/py-htsql-pgsql: Uses deprecated version of python
2020-08-15 databases/py-mysql2pgsql: Uses deprecated version of python
2020-08-15 databases/py-oursql: Uses deprecated version of python
2020-08-15 databases/py-pyPgSQL: Uses deprecated version of python
2020-08-15 databases/py-pyhs: Uses deprecated version of python
2020-08-15 databases/py-pytc: Uses deprecated version of python
2020-08-15 databases/py-riak: Uses deprecated version of python
2020-08-15 databases/py-umemcache: Uses deprecated version of python
2020-08-15 devel/py-Breve: Uses deprecated version of python
2020-08-15 devel/py-PyODE: Uses deprecated version of python
2020-08-15 devel/py-akismet: Uses deprecated version of python
2020-08-15 devel/py-aspects: Uses deprecated version of python
2020-08-15 devel/py-backports.tempfile: Uses deprecated version of python
2020-08-15 devel/py-backports.weakref: Uses deprecated version of python
2020-08-15 devel/py-cfgparse: Uses deprecated version of python
2020-08-15 devel/py-ciphon: Uses deprecated version of python
2020-08-15 devel/py-cjson: Uses deprecated version of python
2020-08-15 devel/py-clonedigger: Uses deprecated version of python
2020-08-15 devel/py-cuisine: Uses deprecated version of python
2020-08-15 devel/py-deliciousapi: Uses deprecated version of python
2020-08-15 devel/py-dialog: Uses deprecated version of python
2020-08-15 devel/py-efl: Uses deprecated version of python
2020-08-15 devel/py-ezpyinline: Uses deprecated version of python
2020-08-15 devel/py-fsm: Uses deprecated version of python
2020-08-15 devel/py-gdbgui: Uses deprecated version of python
2020-08-15 devel/py-gearman: Uses deprecated version of python
2020-08-15 devel/py-generate: Uses deprecated version of python
2020-08-15 devel/py-geotypes: Uses deprecated version of python
2020-08-15 devel/py-gitosis: Uses deprecated version of python
2020-08-15 devel/py-google-apputils: Uses deprecated version of python
2020-08-15 devel/py-hghooks: Uses deprecated version of python
2020-08-15 devel/py-instant: Uses deprecated version of python
2020-08-15 devel/py-jcc: Uses deprecated version of python
2020-08-15 devel/py-json-py: Uses deprecated version of python
2020-08-15 devel/py-json-sempai: Uses deprecated version of python
2020-08-15 devel/py-jsonlib: Uses deprecated version of python
2020-08-15 devel/py-jsonlib2: Uses deprecated version of python
2020-08-15 devel/py-jsonrpclib: Uses deprecated version of python
2020-08-15 devel/py-kayako: Uses deprecated version of python
2020-08-15 devel/py-kid: Uses deprecated version of python
2020-08-15 devel/py-kjbuckets: Uses deprecated version of python
2020-08-15 devel/py-kqueue: Uses deprecated version of python
2020-08-15 devel/py-log4py: Uses deprecated version of python
2020-08-15 devel/py-mwlib.ext: Uses deprecated version of python
2020-08-15 devel/py-mx-experimental: Uses deprecated version of python
2020-08-15 devel/py-option_merge: Uses deprecated version of python
2020-08-15 devel/py-prioritized_methods: Uses deprecated version of python
2020-08-15 devel/py-protocols: Uses deprecated version of python
2020-08-15 devel/py-ptrace: Uses deprecated version of python
2020-08-15 devel/py-pydoop: Uses deprecated version of python
2020-08-15 devel/py-pyke: Uses deprecated version of python
2020-08-15 devel/py-pymtbl: Uses deprecated version of python
2020-08-15 devel/py-pyshapelib: Uses deprecated version of python
2020-08-15 devel/py-pytemplate: Uses deprecated version of python
2020-08-15 devel/py-python2-pythondialog: Uses deprecated version of python
2020-08-15 devel/py-pyutil: Uses deprecated version of python
2020-08-15 devel/py-pyvalid: Uses deprecated version of python
2020-08-15 devel/py-pyxml2obj: Uses deprecated version of python
2020-08-15 devel/py-qpid: Uses deprecated version of python
2020-08-15 devel/py-repoze.what-pylons: Uses deprecated version of python
2020-08-15 devel/py-repoze.who-friendlyform: Uses deprecated version of python
2020-08-15 devel/py-robotframework-ride: Uses deprecated version of python
2020-08-15 devel/py-ruamel.ordereddict: Uses deprecated version of python
2020-08-15 devel/py-sanetime: Uses deprecated version of python
2020-08-15 devel/py-selectors34: Uses deprecated version of python
2020-08-15 devel/py-sqlcc: Uses deprecated version of python
2020-08-15 devel/py-statgrab: Uses deprecated version of python
2020-08-15 devel/py-tconfpy: Uses deprecated version of python
2020-08-15 devel/py-terminable_thread: Uses deprecated version of python
2020-08-15 devel/py-trace2html: Uses deprecated version of python
2020-08-15 devel/py-tvrage: Uses deprecated version of python
2020-08-15 devel/py-tw.forms: Uses deprecated version of python
2020-08-15 devel/py-uncompyle2: Uses deprecated version of python
2020-08-15 devel/py-yum-metadata-parser: Uses deprecated version of python
2020-08-15 devel/rubygem-warden127: No longer needed
2020-08-15 dns/py-dnschain: Uses deprecated version of python
2020-08-15 dns/py-idnkit2: Uses deprecated version of python
2020-08-15 games/colobot: Uses deprecated version of python
2020-08-15 games/endgame-singularity: Uses deprecated version of python
2020-08-15 games/katawa-shoujo: Uses deprecated version of RenPy
2020-08-15 games/pyfa: Uses deprecated version of python
2020-08-15 games/renpy6: Uses deprecated version of python
2020-08-15 games/solarwolf: Uses deprecated version of python
2020-08-15 games/thudboard: Uses deprecated version of python
2020-08-15 graphics/djvusmooth: Uses deprecated version of python
2020-08-15 graphics/py-glewpy: Uses deprecated version of python
2020-08-15 graphics/py-openexr: Uses deprecated version of python
2020-08-15 graphics/py-poppler: Uses deprecated version of python
2020-08-15 graphics/py-pygooglechart: Uses deprecated version of python
2020-08-15 graphics/py-sane: Uses deprecated version of python
2020-08-15 graphics/py-stltools: Uses deprecated version of python
2020-08-15 graphics/sk1: Uses deprecated version of python
2020-08-15 japanese/py-mecab: Uses deprecated version of python
2020-08-15 japanese/py-tegaki-gtk: Uses deprecated version of python
2020-08-15 lang/py-mx-base: Uses deprecated version of python
2020-08-15 mail/mailpile: Uses deprecated version of python
2020-08-15 math/py-ffc: Uses deprecated version of python
2020-08-15 math/py-fiat: Uses deprecated version of python
2020-08-15 math/py-nzmath: Uses deprecated version of python
2020-08-15 math/py-pymc: Uses deprecated version of python
2020-08-15 math/py-ufl: Uses deprecated version of python
2020-08-15 misc/py-socli: Uses deprecated version of python
2020-08-15 misc/py-yolk: Uses deprecated version of python
2020-08-15 multimedia/py-flvlib: Uses deprecated version of python
2020-08-15 net/py-gspreadsheet: Uses deprecated version of python
2020-08-15 net/py-libnet: Uses deprecated version of python
2020-08-15 net/py-netlib: Uses deprecated version of python
2020-08-15 net/py-pynmsg: Uses deprecated version of python
2020-08-15 net/py-rainbowstream: Uses deprecated version of python
2020-08-15 net/py-wolframalpha: Uses deprecated version of python
2020-08-15 net-im/empathy: Uses deprecated version of python
2020-08-15 net-im/farsight2: Uses deprecated version of python
2020-08-15 net-im/py-xmpppy: Uses deprecated version of python
2020-08-15 net-im/telepathy-farsight: Uses deprecated version of python
2020-08-15 net-im/telepathy-python: Uses deprecated version of python
2020-08-15 net-im/telepathy-rakia: Uses deprecated version of python
2020-08-15 net-mgmt/py-pynsca: Uses deprecated version of python
2020-08-15 net-mgmt/py-yapsnmp: Uses deprecated version of python
2020-08-15 net-p2p/py-py2play: Uses deprecated version of python
2020-08-15 news/py-yenc: Uses deprecated version of python
2020-08-15 print/py-pyscript: Uses deprecated version of python
2020-08-15 print/py-stapler: Uses deprecated version of python
2020-08-15 print/py-trml2pdf: Uses deprecated version of python
2020-08-15 science/py-PyQuante: Uses deprecated version of python
2020-08-15 science/py-mlpy: Uses deprecated version of python
2020-08-15 science/py-ws2300: Uses deprecated version of python
2020-08-15 security/py-PF: Uses deprecated version of python
2020-08-15 security/py-cracklib: Uses deprecated version of python
2020-08-15 security/py-fteproxy: Uses deprecated version of python
2020-08-15 security/py-onetime: Uses deprecated version of python
2020-08-15 security/py-pydeep: Uses deprecated version of python
2020-08-15 security/py-slowaes: Uses deprecated version of python
2020-08-15 security/py-sslstrip: Uses deprecated version of python
2020-08-15 security/py-volatility: Uses deprecated version of python
2020-08-15 sysutils/py-analyzemft: Uses deprecated version of python
2020-08-15 sysutils/py-cdmi: Uses deprecated version of python
2020-08-15 sysutils/py-ezjailremote: Uses deprecated version of python
2020-08-15 sysutils/py-gmailfs-fuse: Uses deprecated version of python
2020-08-15 sysutils/py-ploy_ec2: Uses deprecated version of python
2020-08-15 sysutils/py-ploy_fabric: Uses deprecated version of python
2020-08-15 sysutils/py-scriptine: Uses deprecated version of python
2020-08-15 sysutils/py-superlance: Uses deprecated version of python
2020-08-15 textproc/py-bugzillatools: Uses deprecated version of python
2020-08-15 textproc/py-elib.intl: Uses deprecated version of python
2020-08-15 textproc/py-errorhandler: Uses deprecated version of python
2020-08-15 textproc/py-hyperestraier-python: Uses deprecated version of python
2020-08-15 textproc/py-pyes: Uses deprecated version of python
2020-08-15 textproc/py-pyhwp: Uses deprecated version of python
2020-08-15 textproc/py-sphinx_numfig: Uses deprecated version of python
2020-08-15 www/py-HTMLgen: Uses deprecated version of python
2020-08-15 www/py-albatross: Uses deprecated version of python
2020-08-15 www/py-amf: Uses deprecated version of python
2020-08-15 www/py-apachelog: Uses deprecated version of python
2020-08-15 www/py-aws-requests-auth: Uses deprecated version of python
2020-08-15 www/py-clientform: Uses deprecated version of python
2020-08-15 www/py-django-appmedia: Uses deprecated version of python
2020-08-15 www/py-django-evolution: Uses deprecated version of python
2020-08-15 www/py-fedex: Uses deprecated version of python
2020-08-15 www/py-formalchemy: Uses deprecated version of python
2020-08-15 www/py-frappe-bench: Uses deprecated version of python
2020-08-15 www/py-funkload: Uses deprecated version of python
2020-08-15 www/py-goobook: Uses deprecated version of python
2020-08-15 www/py-poster: Uses deprecated version of python
2020-08-15 www/py-pyquery: Uses deprecated version of python
2020-08-15 www/py-pysearch: Uses deprecated version of python
2020-08-15 www/py-pywebdav: Uses deprecated version of python
2020-08-15 www/py-slimmer: Uses deprecated version of python
2020-08-15 www/py-surl: Uses deprecated version of python
2020-08-15 www/py-tmdb3: Uses deprecated version of python
2020-08-15 www/py-trello: Uses deprecated version of python
2020-08-15 www/py-uliweb: Uses deprecated version of python
2020-08-15 www/py-wsgiauth: Uses deprecated version of python
2020-08-15 x11-toolkits/py-wax: Uses deprecated version of python
2020-08-15 x11-toolkits/py-wxPython-common: Uses deprecated version of python
2020-08-15 x11-toolkits/py-wxPython28-common: Uses deprecated version of python
Dozens of KDE apps are getting new releases from KDE’s release service. New
features, usability improvements, re-designs and bug fixes all contribute to
helping boost your productivity and making this new batch of applications more
efficient and pleasant to use.
Full announcement:
https://kde.org/announcements/releases/2020-08-apps-update/
August 08, 2020. KDE today announces the release of KDE Frameworks 5.73.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Changelog:
https://kde.org/announcements/kde-frameworks-5.73.0
PR: 248534
Exp-run by: antoine
KDE Project Security Advisory
=============================
Title: Ark: maliciously crafted archive can install files outside the extraction directory.
Risk Rating: Important
CVE: CVE-2020-16116
Versions: ark <= 20.04.3
Author: Elvis Angelaccio <elvis.angelaccio@kde.org>
Date: 30 July 2020
Overview
========
A maliciously crafted archive with "../" in the file paths
would install files anywhere in the user's home directory upon extraction.
Proof of concept
================
For testing, an example of malicious archive can be found at
https://github.com/jwilk/traversal-archives/releases/download/0/relative2.zip
Impact
======
Users can unwillingly install files like a modified .bashrc, or a malicious
script placed in ~/.config/autostart
Workaround
==========
Users should not use the 'Extract' context menu from the Dolphin file manager.
Before extracting a downloaded archive using the Ark GUI, users should inspect it
to make sure it doesn't contain entries with "../" in the file path.
Solution
========
Ark 20.08.0 prevents loading of malicious archives and shows a warning message
to the users.
Alternatively,
0df592524f
can be applied to previous releases.
Credits
=======
Thanks to Dominik Penner for finding and reporting this issue and thanks to
Elvis Angelaccio and Albert Astals Cid for fixing it.
July 04, 2020. KDE today announces the release of KDE Frameworks 5.72.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Changelog:
https://kde.org/announcements/kde-frameworks-5.72.0.php?site_locale=en
- net/kdav became a framework and was therefore moved to net/kf5-kdav.
- thanks to adridg@ for fixing the fallout
Exp-run by: antoine
PR: 247907
committed by gabor@ back in 2011, only two of the proposed four patches
supplied were actually included; the patches for zoodel.c and zoopack.c
were somehow missed.
PR: 162804, 240982
June 06, 2020. KDE today announces the release of KDE Frameworks 5.71.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Announcement:
https://kde.org/announcements/kde-frameworks-5.71.0
Exp-run by: antoine
PR: 247240
These changes largely fall into just two categories:
1. Need textproc/gsed for GNU extensions
2. Extraneous escapes that can go away
For #1, there's a further subdivision into those that require autoconf magic
and those that can get away with BINARY_ALIAS=sed=${LOCALBASE}/bin/gsed.
-CURRENT will soon gain GNU extensions, but these will take longer to get to
all supported releases; we must switch them to gsed to ensure we're actually
properly building them as intended.
For #2, I've fixed these as I can and we should upstream these fixes.
PORTREVISION is bumped for all of the above, because we will almost
certainly build these differently when the replacements actually start
working.
These were all detected by the below-referenced exp-run [1]. The patch
included forbids many ordinary characters from being escaped, since we'll
later imbue those with special meanings. This has had the nice side effect
of picking up various things that we didn't handle properly, e.g. \t and \r
for tab and carriage return.
PR: 229925 [1]
Approved by: koobs (mentor)
Approved by: portmgr (blanket: trivial build fixes)
MFH: no (invasive risk)
Differential Revision: https://reviews.freebsd.org/D25185
May 02, 2020. KDE today announces the release of KDE Frameworks 5.70.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Announcement:
https://kde.org/announcements/kde-frameworks-5.70.0.php
PR: 246331
Exp-run by: antoine
From the changelog [1]:
Some of the fixes included in this release are:
* kio-fish: Only store password in KWallet if the user asked for it.
* The Umbrello Fixes for adding multiline c++ comment support.
* The scrolling behavior in the Okular document viewer has been
improved and is more usable with free-spinning mouse wheels
* A regression that sometimes caused the JuK music player to
crash on start has been fixed
* The Kdenlive video editor has received many stability updates,
including a fix to the DVD chapter creation and a fix that
improves the handling of timecodes, improved handling of missing
clips, draw “photo” frame on image clips to differentiate from
video clips., and previews in the timeline
* KMail now correctly handles existing maildir folders when adding
a new maildir profile and no longer crashes when adding too many
recipients
* Import and export of Kontact settings has been enhanced to include
more data
[1] https://kde.org/announcements/changelog-releases.php?version=20.04.1
- Builds with sbt instead of maven
- Java 11 compatible
- Testing moved to test target
- Builds in poudriere with openjdk8 and openjdk11
- All tests pass
- All databases/cassandra4 tests using snappy-java pass
PR: 246348
Submitted by: Angelo Polo <language.devel@gmail.com>
Relnotes: https://github.com/xerial/snappy-java/blob/master/Milestone.md
KDE's April 2020 Apps Update
A new bundle of KDE applications is here! In these releases, you can expect to
find more features, stability improvements, and more user-friendly tools that
will help you work more effectively.
There are dozens of changes to look forward to in most of your favorite
applications. Take Dolphin, for example. Windows Samba shares are now fully
discoverable.
On the topic of playing music: the Elisa music player is adding features by
leaps and bounds. This release brings a new “Now Playing” view, easy
accessibility through the system tray, and an option to minimize the playlist
whenever you want. Thanks to the recently-added visual shuffle mode, it’s much
easier to rearrange your music in the playlists.
These are just the highlights of what’s new in KDE’s applications this month.
Read on to find out about everything we’ve prepared for you.
Announcement:
https://kde.org/announcements/releases/2020-04-apps-update/
- Update to 1.4.4
- remove a whitespace before end of line in pkg-descr (pet portlint)
- delete files/patch-laz-perf_portable__endian.hpp patched upstream
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D24481
Ports using USES=lua:module or lua:flavors will be flavored. A range of
supported lua versions can be set using XX-YY (or XX-, or -YY, or simply ZZ)
for ports not supporting all lua versions.
USES=lua sets LUA_FLAVOR that needs to be used on all dependencies of
flavored lua ports, in a similar way as PHP or Python flavors.
PR: 245038
Submitted by: andrew tao11 riddles org uk
Reviewed by: mat, kevans, russ haley gmail com
Approved by: mat (portmgr)
Differential Revision: https://reviews.freebsd.org/D16494
April 11, 2020. KDE today announces the release of KDE Frameworks 5.69.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
Announcement:
https://kde.org/announcements/kde-frameworks-5.69.0.php
archivers/lib1541img:
- Library for creating and manipulating commodore 1541 disk images.
archivers/v1541commander:
- This application allows you to create and modify D64 disk images
for the Commodore 1541 floppy drive.
PR: 243966
Submitted by: Felix Palmen
Latest version of archivers/rpm4 uses GNU specific option
when calls xargs. This causes the proccess to fail.
This commit adds misc/findutils as a run dependency and
replaces xargs calls by its GNU variant gxargs.
Also Bump portrevision.
PR: 244606
Reported by: Brian Zou <zoujiaqing@gmail.com>
March 15, 2020. KDE today announces the release of KDE Frameworks 5.68.0.
KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.
This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.
[1] https://kde.org/announcements/kde-frameworks-5.68.0.php
PR: 244824
Exp-run by: antoine
lld 10 reports the following error:
ld: error: relocation R_PPC64_TOC16_LO cannot be used against symbol MatchFinder_GetNumAvailableBytes; recompile with -fPIC
>>> defined in LzFind.o
>>> referenced by LzFind.c
>>> LzFind.o:(MatchFinder_CreateVTable)
when GENERIC kernel is not used.
- Rebuild bootstrap (ppcx64 and ppc386) with new changes
- Bump PORTREVISION
PR: 239135
Reported by: fbsdbugs4 at sentry.org
- Bump PORTREVISION for package change
Duplicate USES=localbase blocks lz4 detection.
Before this commit, it fails to detect liblz4 as follows:
==> no liblz4, building zstd without .lz4 support
