- switch and force compiler to clang using the one from base on 9 and CURRENT, the one
from ports if not found in base
- now only build en_US version, all localisation are available through separated
ports.
- Graphite smart font is now used by default
- Rebundle boost to easier upgrading boost
- Rebundle mdds the one from the ports seems incompatible with clang
- Unbundle all the fonts
Thank you to jgh and Kuan-Chung Chiu <buganini@gmail.com> for testings and
feedback
Thank you to iXsystems for providing resources to build/test libreoffice
Vulnerability Details
=====================
Class: Cross-Site Request Forgery
Versions: 4.0.2 to 4.0.4, 4.1.1 to 4.2rc2
Fixed In: 4.0.5, 4.2
Description: Due to a lack of validation of the enctype form
attribute when making POST requests to xmlrpc.cgi,
a possible CSRF vulnerability was discovered. If a user
visits an HTML page with some malicious HTML code in it,
an attacker could make changes to a remote Bugzilla installation
on behalf of the victim's account by using the XML-RPC API
on a site running mod_perl. Sites running under mod_cgi
are not affected. Also the user would have had to be
already logged in to the target site for the vulnerability
to work.
References: https://bugzilla.mozilla.org/show_bug.cgi?id=725663
CVE Number: CVE-2012-0453
Approved by: skv (implicit)
- Add USE_PHP=curl [2]
- Use files/pkg-message.in: show value of WWWDIR [2]
PR: ports/163644 [1]
Submitted by: Mihail Timofeev <9267096@gmail.com> [1]
Takefu <takefu@airport.fm> [2]
* russian/apache13
* russian/apache13-modssl
Ports have reached EXPIRATION_DATE
Approved by lev@ (maintainer) via PM.
with hat apache@
Approved by: lev@ (maintainer) via PM
Feature safe: yes
* There are no patches from upstream and already existing
exploids in the wild.
- ru-apache13 ports have long outstanding issues and are far
behind last apache13 patches.
with hat apache@
Feature safe: yes
This is an incremental update and should be much easier to handle than
the transition from 4.6.5 to 4.7.2 in the ports tree.
The official release notes can be found at
http://www.kde.org/announcements/announce-4.7.3.php.
Approved by: avilla (mentor), makc (mentor), portmgr (miwi)
Feature safe: yes
audio/shoutcast Unfetchable; website rearranged
audio/linux-shoutcast Unfetchable; website rearranged
chinese/scim-chewing Does not configure
converters/py-cjkcodecs Integrated into every python version in the tree
databases/kpogre Does not compile
deskutils/mhc Does not fetch
deskutils/org-mode.el6 Does not fetch
deskutils/gemcal Does not fetch
devel/erlang-thrift Does not build
dns/domtools Does not fetch
editors/richtext Does not compile
games/vultures-claw Does not fetch
games/bomb Does not fetch
games/lgeneral-data Bad plist
games/linux-enemyterritory-jaymod Does not fetch
games/xphotohunter Does not fetch
graphics/gimpshop Fails to patch
graphics/lightspark-devel Does not compile
graphics/xmms-plazma Does not fetch
graphics/py-cgkit Does not fetch, does not compile on ia64, powerpc, or sparc64
japanese/rxvt Does not fetch, fails to build with new utmpx
japanese/epic4 Some distfiles do not fetch
java/jde Does not fetch
java/kaffe Does not fetch
korean/gdick HTMLs from the Yahoo! Korea Dictionary cannot be parsed, other runtime problems
korean/hanterm-xf86 Does not compile
korean/stardict2-dict-kr Does not fetch
lang/p5-JavaScript Does not fetch
lang/TenDRA Website disappeared; last release 2006, Does not compile on recent FreeBSD-9
mail/freepops Does not build
mail/itraxp Does not build
misc/tellico Leaves file behind on deinstall
net/gsambad Does not fetch
net/nocatauth-gateway Uses a UID registered to another port
net/nocatauth-server Uses a UID registered to another port
net/libosip2 Does not fetch
net/kmuddy Does not fetch
net/netboot Does not build
net-mgmt/jffnms Does not fetch
net-p2p/frostwire Does not fetch
net-p2p/azureus Does not fetch
news/cleanscore Does not fetch
news/nntpswitch Does not fetch
news/p5-NewsLib Does not fetch
russian/cyrproxy Does not fetch
science/gerris Does not fetch
security/opensaml Does not fetch
sysutils/wmbattery Does not fetch
sysutils/cpuburn No more public distfiles
textproc/tei-guidelines-p4 Does not fetch
textproc/tei-p4 Does not fetch
textproc/py-hyperestraier Does not fetch
textproc/tdtd.el Does not fetch
textproc/tei-lite Does not fetch
www/phpwiki13 Does not fetch
www/p5-Apache-Scoreboard Depends on mod_perl
www/p5-B-LexInfo Broken due the new mod_perl2 API
www/phpwiki Does not fetch
www/smb2www Apache13 is deprecated, migrate to 2.2.x+ now
www/spip Checksum is changing daily
www/monkey Does not fetch
x11-toolkits/jdic Does not fetch
x11-toolkits/py-kde Does not compile
had both lines:
Author: ...
WWW: ....
So standardize on that, and move them to the end of the file when necessary.
Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.
s/AUTHOR/Author/
A few other various formatting issues
- Name
em@i.l
or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file.
my ports in the past 3 weeks while ports were broken on any 10.x
machines, which means I'm unable to maintain them. So let people know
that there's no available support for them until things are back to
normal (which also means that anyone with spare time will be able
to fix them without getting approval).
4.7.2. The official release notes can be found at:
http://kde.org/announcements/announce-4.7.2.php
This release ships with many improvements. Read more about them here:
http://FreeBSD.kde.org/news.php#itemKDESC472availableinports
We'd like to say thanks to all testers and contributors, especially to
lwhsu@ for his effort on hosting our test packages.
PR: 156293 [1]
159219 [2]
160164 [3]
Submitted by: Oleg Sidorkin <osidorkin@gmail.com> [1]
Alvaro Castillo <gobledb@gmail.com> [2]
dkeav04@gmail.com [3]
Tested by: exp-run via pav
- This can be changed later as needed, if at all, either way we won't remove them
until after 9.0 is released.
With Hat: apache@
Reported by: dvl via freshports
