freebsd-ports

Author	SHA1	Message	Date
Yuri Victorovich	d4cfa5e93d	archivers/zchunk: Update 1.1.6 -> 1.1.7	2020-09-30 06:10:08 +00:00
Baptiste Daroussin	8a016444ba	First batch at upgrading gnome to 3.36/3.38 Update evolution-dataserver to 3.38.0 and because of ABI breakage update ports depending on it Update bijiben to 3.38.0 Update gnome-calendar to 3.38.0 Update gnome-contacts to 3.38 Update gnome-maps to 3.38.0 Patch gnome-todo to work with newer evolution-dataserver (patched obtained from OpenBSD/Archlinux) Update evolution to 3.38.0 Update evolution-ews to 3.38.0 (among changes it brings support for office365) Update folks to 0.14.0 Update cheese to 3.38.0 Update aisleriot to 3.22.9 Update five-or-more to 3.22.2 Update fastream to 0.2.9 Update gnome-control-center to 3.36.4 Update gnmoe-settings-daemon to 3.38.0 Update meld to 3.21.0 Update gnome-desktop to 3.38.0 and because of ABI breakage bump portrevision of all dependant ports not touched by this update Update gnome-session to 3.38.0 Update gnome-shell to 3.36.6, now run depends on gdm Update gnome-shell-extensions to 3.36.3 Update mutter to 3.36.6	2020-09-29 12:07:28 +00:00
Yuri Victorovich	6b7a401312	New port: archivers/nfpm: Simple deb, rpm and apk packager written in Go	2020-09-28 04:25:22 +00:00
Yuri Victorovich	5e2dbf17b7	New port: archivers/zchunk: Compressed file format that splits the file into independent chunks	2020-09-25 21:38:13 +00:00
Mark Linimon	126c0c184c	Canonicalize CFLAGS across all variants of powerpc64. Approved by: portmgr (tier-2 blanket)	2020-09-25 19:52:04 +00:00
Mark Linimon	a25203fd7d	Also enable on powerpc64le. Approved by: portmgr (tier-2 blanket)	2020-09-24 20:26:13 +00:00
Baptiste Daroussin	28919153df	Update to 1.4 While here disable gtk-doc	2020-09-24 08:52:18 +00:00
Sunpoet Po-Chuan Hsieh	8af4f72f74	Remove LZMALIB option	2020-09-20 18:56:57 +00:00
Sunpoet Po-Chuan Hsieh	9e5b3c760a	Update LICENSE_PERMS: remove *-sell	2020-09-19 15:34:57 +00:00
Baptiste Daroussin	18aeec12aa	update to 3.38.0	2020-09-16 13:26:47 +00:00
Baptiste Daroussin	d12afb8c2d	Udpate to 1.24.1	2020-09-16 13:09:44 +00:00
Sunpoet Po-Chuan Hsieh	1004031072	Update to 0.38 Changes: https://metacpan.org/changes/distribution/Archive-Tar-Wrapper	2020-09-14 17:46:10 +00:00
Tobias C. Berner	a15b53b58d	Update KDE Frameworks to 5.74.0 September 06, 2020. KDE today announces the release of KDE Frameworks 5.74.0. KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the KDE Frameworks web page. This release is part of a series of planned monthly releases making improvements available to developers in a quick and predictable manner. Full announcement: https://kde.org/announcements/kde-frameworks-5.74.0 PR: 249277 Exp-run: antoine	2020-09-14 17:45:34 +00:00
Wen Heping	e5b75ffbe4	- Update to 2.1.1	2020-09-12 22:38:20 +00:00
Jason E. Hale	52a173da7f	archivers/libunrar5: Update to 5.9.4 - Use ${RLN} to install shared library symlink - Update WWW PR: 249263 Submitted by: Niclas Carlsson <n_carlsson@outlook.com>	2020-09-12 03:44:32 +00:00
Hiroki Sato	20b86586db	Update to 1.0.7. This also fixes the -fno-common issue.	2020-09-10 22:33:49 +00:00
Rainer Hurling	f6c06f8c9a	Change the maintainer entry in rhurlin's ports After I got a commit bit for ports, it is time now to change the maintainers entry in all 'owned' ports. Approved by: tcberner (mentor) Differential Revision: https://reviews.freebsd.org/D26398	2020-09-10 19:17:38 +00:00
Tobias C. Berner	a2cb94c52a	Update KDE Applications (release-service) to 20.08.1	2020-09-03 14:48:14 +00:00
Fernando Apesteguía	50d7bb0740	archivers/tar-stream-chunker: Update to 1.0.7 ChangeLog: https://github.com/ihoro/tar-stream-chunker/releases/tag/1.0.7 This is a fix for the -fno-common issue. PR: 249073 Submitted by: igor.ostapenko@pm.me (maintainer) MFH: 2020Q3 (build fix, -fno-common)	2020-09-03 12:26:02 +00:00
Stefan Eßer	84c8a297da	Update master sites Seems this old, legacy software has been removed from the vendor site. Only macOS and Windows versions are still available from stuffit.com. A few mirrors exist, including on the Wayback machine, but that one does not seem to offen a suitable direct download link. Therefore, small mirror sites have been selected that currently offer the Linux version - a quick search did not result in any better mirrors. The PORT_REVISION is not incremented since there is no other change than the download address - packages need not be rebuilt.	2020-09-03 06:59:21 +00:00
Danilo Egea Gondolfo	63fb19083c	- Update to 0.5.4.15 - Default GTK version to gtk3 to match the version used by xfce - Remove the GTK version from COMMENT - This version also fixes the build with clang11 Submitted by: woodsb02 Differential Revision: D25520	2020-08-31 12:25:08 +00:00
Piotr Kubaj	b8ed0ec141	archivers/par2cmdline: fix build on GCC architectures Use C++11 compiler: cc1plus: error: unrecognized command line option "-std=c++11"	2020-08-30 19:14:22 +00:00
Sunpoet Po-Chuan Hsieh	51499886b8	Update to 1.0.9 - Change MASTER_SITES to CHEESESHOP - Update LICENSE Changes: https://github.com/google/brotli/releases	2020-08-30 07:14:57 +00:00
Guido Falsi	b2294ed3f4	Fix file-roller built with clang11 -fno-common on recent head. Approved by: portmgr (fixit blanket)	2020-08-28 22:35:09 +00:00
Renato Botelho	61a1313619	archivers/sharutils: Fix build with -fno-common Sponsored by: Rubicon Communications, LLC (Netgate)	2020-08-28 17:41:34 +00:00
Tobias C. Berner	054311d725	archivers/ark: fix vulnerability in tar extraction KDE Project Security Advisory ============================= Title: Ark: maliciously crafted TAR archive with symlinks can install files outside the extraction directory. Risk Rating: Important CVE: CVE-2020-24654 Versions: ark <= 20.08.0 Author: Elvis Angelaccio <elvis.angelaccio@kde.org> Date: 27 August 2020 Overview ======== A maliciously crafted TAR archive containing symlink entries would install files anywhere in the user's home directory upon extraction. Proof of concept ================ For testing, an example of malicious archive can be found at https://github.com/jwilk/traversal-archives/releases/download/0/dirsymlink.tar Impact ====== Users can unwillingly install files like a modified .bashrc, or a malicious script placed in ~/.config/autostart. Workaround ========== Before extracting a downloaded archive using the Ark GUI, users should inspect it to make sure it doesn't contain symlink entries pointing outside the extraction folder. The 'Extract' context menu from the Dolphin file manager shouldn't be used. Solution ======== Ark 20.08.1 skips maliciously crafted symlinks when extracting TAR archives. Alternatively, `8bf8c5ef07` can be applied to previous releases. Credits ======= Thanks to Fabian Vogt for reporting this issue and for fixing it. MFH: 2020Q3 Security: CVE-2020-24654	2020-08-28 05:47:31 +00:00
Jason E. Hale	42874042f0	archivers/urbackup-client: Remove build fixes for security/cryptopp >= 6.0.0 that have since been incorporated upstream.	2020-08-27 17:01:34 +00:00
Jason E. Hale	0cf7c2041b	archivers/urbackup-server: Remove build fixes for security/cryptopp >= 6.0.0 that have since been incorporated upstream.	2020-08-27 17:01:02 +00:00
Sergey A. Osokin	90c2d3aac3	Update from 1.0.7 to 1.0.9. <Security note> Please consider updating brotli to version 1.0.9 (latest). Version 1.0.9 contains a fix to "integer overflow" problem. This happens when "one-shot" decoding API is used (or input chunk for streaming API is not limited), input size (chunk size) is larger than 2GiB, and input contains uncompressed blocks. After the overflow happens, `memcpy` is invoked with a gigantic `num` value, that will likely cause the crash. </Security note>	2020-08-27 14:45:38 +00:00
Christian Weisgerber	9467e58d8b	Actually bump PORTREVISION after fixing -fno-common build.	2020-08-24 14:56:43 +00:00
Christian Weisgerber	b757cfa8e7	Remove superfluous declaration to fix build with -fno-common. Reported by: pkg-fallout Obtained from: upstream	2020-08-23 21:30:56 +00:00
Sunpoet Po-Chuan Hsieh	67c199a641	Update version requirement of RUN_DEPENDS	2020-08-23 19:41:29 +00:00
Xin LI	a31b2fa3c3	Fix build. MFH: 2020Q3 (build fix)	2020-08-20 04:43:54 +00:00
Sunpoet Po-Chuan Hsieh	479b8ebb02	Change build system from gmake to meson - Use upstream release tarball - Add OPTIMIZED_CFLAGS and TEST options - Remove valgrind test - Bump PORTREVISION for package change PR: 247100 Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net>	2020-08-19 16:26:38 +00:00
Ganael LAPLANCHE	b0525991c8	Change upstream and update to much newer version 0.8.1 A test target has also been added to the port. Changelog: https://github.com/Parchive/par2cmdline/blob/master/ChangeLog PR: 248681 Submitted by: Paul Holmanskikh <freebsd@pkholm.com>	2020-08-19 10:10:37 +00:00
Rene Ladan	b6cb229310	Remove deprecated ports: 2020-08-15 archivers/py-backports.lzma: Uses deprecated version of python 2020-08-15 archivers/py-bup: Uses deprecated version of python 2020-08-15 archivers/py-librtfcomp: Uses deprecated version of python 2020-08-15 audio/blop-lv2: Uses deprecated version of python 2020-08-15 audio/bs2b-lv2: Uses deprecated version of python 2020-08-15 audio/py-gmusicproxy: Uses deprecated version of python 2020-08-15 audio/py-karaoke: Uses deprecated version of python 2020-08-15 audio/py-openal: Uses deprecated version of python 2020-08-15 audio/py-py-jack: Uses deprecated version of python 2020-08-15 audio/py-xmms2: Uses deprecated version of python 2020-08-15 audio/triceratops-lv2: Uses deprecated version of python 2020-08-15 biology/py-biom-format: Uses deprecated version of python 2020-08-15 comms/py-bulksms: Uses deprecated version of python 2020-08-15 comms/py-gammu: Uses deprecated version of python 2020-08-15 databases/py-geoalchemy: Uses deprecated version of python 2020-08-15 databases/py-htsql-mysql: Uses deprecated version of python 2020-08-15 databases/py-htsql-pgsql: Uses deprecated version of python 2020-08-15 databases/py-mysql2pgsql: Uses deprecated version of python 2020-08-15 databases/py-oursql: Uses deprecated version of python 2020-08-15 databases/py-pyPgSQL: Uses deprecated version of python 2020-08-15 databases/py-pyhs: Uses deprecated version of python 2020-08-15 databases/py-pytc: Uses deprecated version of python 2020-08-15 databases/py-riak: Uses deprecated version of python 2020-08-15 databases/py-umemcache: Uses deprecated version of python 2020-08-15 devel/py-Breve: Uses deprecated version of python 2020-08-15 devel/py-PyODE: Uses deprecated version of python 2020-08-15 devel/py-akismet: Uses deprecated version of python 2020-08-15 devel/py-aspects: Uses deprecated version of python 2020-08-15 devel/py-backports.tempfile: Uses deprecated version of python 2020-08-15 devel/py-backports.weakref: Uses deprecated version of python 2020-08-15 devel/py-cfgparse: Uses deprecated version of python 2020-08-15 devel/py-ciphon: Uses deprecated version of python 2020-08-15 devel/py-cjson: Uses deprecated version of python 2020-08-15 devel/py-clonedigger: Uses deprecated version of python 2020-08-15 devel/py-cuisine: Uses deprecated version of python 2020-08-15 devel/py-deliciousapi: Uses deprecated version of python 2020-08-15 devel/py-dialog: Uses deprecated version of python 2020-08-15 devel/py-efl: Uses deprecated version of python 2020-08-15 devel/py-ezpyinline: Uses deprecated version of python 2020-08-15 devel/py-fsm: Uses deprecated version of python 2020-08-15 devel/py-gdbgui: Uses deprecated version of python 2020-08-15 devel/py-gearman: Uses deprecated version of python 2020-08-15 devel/py-generate: Uses deprecated version of python 2020-08-15 devel/py-geotypes: Uses deprecated version of python 2020-08-15 devel/py-gitosis: Uses deprecated version of python 2020-08-15 devel/py-google-apputils: Uses deprecated version of python 2020-08-15 devel/py-hghooks: Uses deprecated version of python 2020-08-15 devel/py-instant: Uses deprecated version of python 2020-08-15 devel/py-jcc: Uses deprecated version of python 2020-08-15 devel/py-json-py: Uses deprecated version of python 2020-08-15 devel/py-json-sempai: Uses deprecated version of python 2020-08-15 devel/py-jsonlib: Uses deprecated version of python 2020-08-15 devel/py-jsonlib2: Uses deprecated version of python 2020-08-15 devel/py-jsonrpclib: Uses deprecated version of python 2020-08-15 devel/py-kayako: Uses deprecated version of python 2020-08-15 devel/py-kid: Uses deprecated version of python 2020-08-15 devel/py-kjbuckets: Uses deprecated version of python 2020-08-15 devel/py-kqueue: Uses deprecated version of python 2020-08-15 devel/py-log4py: Uses deprecated version of python 2020-08-15 devel/py-mwlib.ext: Uses deprecated version of python 2020-08-15 devel/py-mx-experimental: Uses deprecated version of python 2020-08-15 devel/py-option_merge: Uses deprecated version of python 2020-08-15 devel/py-prioritized_methods: Uses deprecated version of python 2020-08-15 devel/py-protocols: Uses deprecated version of python 2020-08-15 devel/py-ptrace: Uses deprecated version of python 2020-08-15 devel/py-pydoop: Uses deprecated version of python 2020-08-15 devel/py-pyke: Uses deprecated version of python 2020-08-15 devel/py-pymtbl: Uses deprecated version of python 2020-08-15 devel/py-pyshapelib: Uses deprecated version of python 2020-08-15 devel/py-pytemplate: Uses deprecated version of python 2020-08-15 devel/py-python2-pythondialog: Uses deprecated version of python 2020-08-15 devel/py-pyutil: Uses deprecated version of python 2020-08-15 devel/py-pyvalid: Uses deprecated version of python 2020-08-15 devel/py-pyxml2obj: Uses deprecated version of python 2020-08-15 devel/py-qpid: Uses deprecated version of python 2020-08-15 devel/py-repoze.what-pylons: Uses deprecated version of python 2020-08-15 devel/py-repoze.who-friendlyform: Uses deprecated version of python 2020-08-15 devel/py-robotframework-ride: Uses deprecated version of python 2020-08-15 devel/py-ruamel.ordereddict: Uses deprecated version of python 2020-08-15 devel/py-sanetime: Uses deprecated version of python 2020-08-15 devel/py-selectors34: Uses deprecated version of python 2020-08-15 devel/py-sqlcc: Uses deprecated version of python 2020-08-15 devel/py-statgrab: Uses deprecated version of python 2020-08-15 devel/py-tconfpy: Uses deprecated version of python 2020-08-15 devel/py-terminable_thread: Uses deprecated version of python 2020-08-15 devel/py-trace2html: Uses deprecated version of python 2020-08-15 devel/py-tvrage: Uses deprecated version of python 2020-08-15 devel/py-tw.forms: Uses deprecated version of python 2020-08-15 devel/py-uncompyle2: Uses deprecated version of python 2020-08-15 devel/py-yum-metadata-parser: Uses deprecated version of python 2020-08-15 devel/rubygem-warden127: No longer needed 2020-08-15 dns/py-dnschain: Uses deprecated version of python 2020-08-15 dns/py-idnkit2: Uses deprecated version of python 2020-08-15 games/colobot: Uses deprecated version of python 2020-08-15 games/endgame-singularity: Uses deprecated version of python 2020-08-15 games/katawa-shoujo: Uses deprecated version of RenPy 2020-08-15 games/pyfa: Uses deprecated version of python 2020-08-15 games/renpy6: Uses deprecated version of python 2020-08-15 games/solarwolf: Uses deprecated version of python 2020-08-15 games/thudboard: Uses deprecated version of python 2020-08-15 graphics/djvusmooth: Uses deprecated version of python 2020-08-15 graphics/py-glewpy: Uses deprecated version of python 2020-08-15 graphics/py-openexr: Uses deprecated version of python 2020-08-15 graphics/py-poppler: Uses deprecated version of python 2020-08-15 graphics/py-pygooglechart: Uses deprecated version of python 2020-08-15 graphics/py-sane: Uses deprecated version of python 2020-08-15 graphics/py-stltools: Uses deprecated version of python 2020-08-15 graphics/sk1: Uses deprecated version of python 2020-08-15 japanese/py-mecab: Uses deprecated version of python 2020-08-15 japanese/py-tegaki-gtk: Uses deprecated version of python 2020-08-15 lang/py-mx-base: Uses deprecated version of python 2020-08-15 mail/mailpile: Uses deprecated version of python 2020-08-15 math/py-ffc: Uses deprecated version of python 2020-08-15 math/py-fiat: Uses deprecated version of python 2020-08-15 math/py-nzmath: Uses deprecated version of python 2020-08-15 math/py-pymc: Uses deprecated version of python 2020-08-15 math/py-ufl: Uses deprecated version of python 2020-08-15 misc/py-socli: Uses deprecated version of python 2020-08-15 misc/py-yolk: Uses deprecated version of python 2020-08-15 multimedia/py-flvlib: Uses deprecated version of python 2020-08-15 net/py-gspreadsheet: Uses deprecated version of python 2020-08-15 net/py-libnet: Uses deprecated version of python 2020-08-15 net/py-netlib: Uses deprecated version of python 2020-08-15 net/py-pynmsg: Uses deprecated version of python 2020-08-15 net/py-rainbowstream: Uses deprecated version of python 2020-08-15 net/py-wolframalpha: Uses deprecated version of python 2020-08-15 net-im/empathy: Uses deprecated version of python 2020-08-15 net-im/farsight2: Uses deprecated version of python 2020-08-15 net-im/py-xmpppy: Uses deprecated version of python 2020-08-15 net-im/telepathy-farsight: Uses deprecated version of python 2020-08-15 net-im/telepathy-python: Uses deprecated version of python 2020-08-15 net-im/telepathy-rakia: Uses deprecated version of python 2020-08-15 net-mgmt/py-pynsca: Uses deprecated version of python 2020-08-15 net-mgmt/py-yapsnmp: Uses deprecated version of python 2020-08-15 net-p2p/py-py2play: Uses deprecated version of python 2020-08-15 news/py-yenc: Uses deprecated version of python 2020-08-15 print/py-pyscript: Uses deprecated version of python 2020-08-15 print/py-stapler: Uses deprecated version of python 2020-08-15 print/py-trml2pdf: Uses deprecated version of python 2020-08-15 science/py-PyQuante: Uses deprecated version of python 2020-08-15 science/py-mlpy: Uses deprecated version of python 2020-08-15 science/py-ws2300: Uses deprecated version of python 2020-08-15 security/py-PF: Uses deprecated version of python 2020-08-15 security/py-cracklib: Uses deprecated version of python 2020-08-15 security/py-fteproxy: Uses deprecated version of python 2020-08-15 security/py-onetime: Uses deprecated version of python 2020-08-15 security/py-pydeep: Uses deprecated version of python 2020-08-15 security/py-slowaes: Uses deprecated version of python 2020-08-15 security/py-sslstrip: Uses deprecated version of python 2020-08-15 security/py-volatility: Uses deprecated version of python 2020-08-15 sysutils/py-analyzemft: Uses deprecated version of python 2020-08-15 sysutils/py-cdmi: Uses deprecated version of python 2020-08-15 sysutils/py-ezjailremote: Uses deprecated version of python 2020-08-15 sysutils/py-gmailfs-fuse: Uses deprecated version of python 2020-08-15 sysutils/py-ploy_ec2: Uses deprecated version of python 2020-08-15 sysutils/py-ploy_fabric: Uses deprecated version of python 2020-08-15 sysutils/py-scriptine: Uses deprecated version of python 2020-08-15 sysutils/py-superlance: Uses deprecated version of python 2020-08-15 textproc/py-bugzillatools: Uses deprecated version of python 2020-08-15 textproc/py-elib.intl: Uses deprecated version of python 2020-08-15 textproc/py-errorhandler: Uses deprecated version of python 2020-08-15 textproc/py-hyperestraier-python: Uses deprecated version of python 2020-08-15 textproc/py-pyes: Uses deprecated version of python 2020-08-15 textproc/py-pyhwp: Uses deprecated version of python 2020-08-15 textproc/py-sphinx_numfig: Uses deprecated version of python 2020-08-15 www/py-HTMLgen: Uses deprecated version of python 2020-08-15 www/py-albatross: Uses deprecated version of python 2020-08-15 www/py-amf: Uses deprecated version of python 2020-08-15 www/py-apachelog: Uses deprecated version of python 2020-08-15 www/py-aws-requests-auth: Uses deprecated version of python 2020-08-15 www/py-clientform: Uses deprecated version of python 2020-08-15 www/py-django-appmedia: Uses deprecated version of python 2020-08-15 www/py-django-evolution: Uses deprecated version of python 2020-08-15 www/py-fedex: Uses deprecated version of python 2020-08-15 www/py-formalchemy: Uses deprecated version of python 2020-08-15 www/py-frappe-bench: Uses deprecated version of python 2020-08-15 www/py-funkload: Uses deprecated version of python 2020-08-15 www/py-goobook: Uses deprecated version of python 2020-08-15 www/py-poster: Uses deprecated version of python 2020-08-15 www/py-pyquery: Uses deprecated version of python 2020-08-15 www/py-pysearch: Uses deprecated version of python 2020-08-15 www/py-pywebdav: Uses deprecated version of python 2020-08-15 www/py-slimmer: Uses deprecated version of python 2020-08-15 www/py-surl: Uses deprecated version of python 2020-08-15 www/py-tmdb3: Uses deprecated version of python 2020-08-15 www/py-trello: Uses deprecated version of python 2020-08-15 www/py-uliweb: Uses deprecated version of python 2020-08-15 www/py-wsgiauth: Uses deprecated version of python 2020-08-15 x11-toolkits/py-wax: Uses deprecated version of python 2020-08-15 x11-toolkits/py-wxPython-common: Uses deprecated version of python 2020-08-15 x11-toolkits/py-wxPython28-common: Uses deprecated version of python	2020-08-15 10:50:58 +00:00
Tobias C. Berner	0edfaee1ed	KDE's August 2020 Apps Update Dozens of KDE apps are getting new releases from KDE’s release service. New features, usability improvements, re-designs and bug fixes all contribute to helping boost your productivity and making this new batch of applications more efficient and pleasant to use. Full announcement: https://kde.org/announcements/releases/2020-08-apps-update/	2020-08-13 17:10:30 +00:00
Danilo Egea Gondolfo	ee32013607	- Update to 1.9	2020-08-12 16:43:02 +00:00
Tobias C. Berner	232fa2c455	KDE Frameworks: update to 5.73.0 August 08, 2020. KDE today announces the release of KDE Frameworks 5.73.0. KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the KDE Frameworks web page. This release is part of a series of planned monthly releases making improvements available to developers in a quick and predictable manner. Changelog: https://kde.org/announcements/kde-frameworks-5.73.0 PR: 248534 Exp-run by: antoine	2020-08-09 15:25:19 +00:00
Sunpoet Po-Chuan Hsieh	2d84d081f3	Update to 2.096 Changes: https://metacpan.org/changes/distribution/IO-Compress-Lzop	2020-08-08 10:18:03 +00:00
Sunpoet Po-Chuan Hsieh	c5c523659c	Update to 2.096 Changes: https://metacpan.org/changes/distribution/IO-Compress-Lzma	2020-08-08 10:17:59 +00:00
Sunpoet Po-Chuan Hsieh	073f10951b	Update to 2.096 Changes: https://metacpan.org/changes/distribution/IO-Compress-Lzf	2020-08-08 10:17:54 +00:00
Sunpoet Po-Chuan Hsieh	79ae0fcd9d	Update to 2.096 Changes: https://metacpan.org/changes/distribution/IO-Compress	2020-08-08 10:17:49 +00:00
Sunpoet Po-Chuan Hsieh	a6ca4a45e6	Update to 2.096 Changes: https://metacpan.org/changes/distribution/Compress-Raw-Zlib	2020-08-08 10:17:44 +00:00
Sunpoet Po-Chuan Hsieh	085e14f768	Update to 2.096 Changes: https://metacpan.org/changes/distribution/Compress-Raw-Lzma	2020-08-08 10:17:39 +00:00
Sunpoet Po-Chuan Hsieh	b9c362a387	Update to 2.096 Changes: https://metacpan.org/changes/distribution/Compress-Raw-Bzip2	2020-08-08 10:17:34 +00:00
Li-Wen Hsu	b271041040	Update to 4.0 PR: 248457 Submitted by: Kevin Golding <ports@caomhin.org> (maintainer)	2020-08-04 03:27:18 +00:00
Jochen Neumeister	9abddf492b	Update to 0.1.11 Sponsored by: Netzkommune gmbH	2020-08-02 09:29:13 +00:00
Tobias C. Berner	6a36aec9de	archivers/ark: add missing bump after r543704	2020-07-30 04:36:26 +00:00
Tobias C. Berner	c689c7af7b	archivers/ark: security fix KDE Project Security Advisory ============================= Title: Ark: maliciously crafted archive can install files outside the extraction directory. Risk Rating: Important CVE: CVE-2020-16116 Versions: ark <= 20.04.3 Author: Elvis Angelaccio <elvis.angelaccio@kde.org> Date: 30 July 2020 Overview ======== A maliciously crafted archive with "../" in the file paths would install files anywhere in the user's home directory upon extraction. Proof of concept ================ For testing, an example of malicious archive can be found at https://github.com/jwilk/traversal-archives/releases/download/0/relative2.zip Impact ====== Users can unwillingly install files like a modified .bashrc, or a malicious script placed in ~/.config/autostart Workaround ========== Users should not use the 'Extract' context menu from the Dolphin file manager. Before extracting a downloaded archive using the Ark GUI, users should inspect it to make sure it doesn't contain entries with "../" in the file path. Solution ======== Ark 20.08.0 prevents loading of malicious archives and shows a warning message to the users. Alternatively, `0df592524f` can be applied to previous releases. Credits ======= Thanks to Dominik Penner for finding and reporting this issue and thanks to Elvis Angelaccio and Albert Astals Cid for fixing it.	2020-07-30 04:32:24 +00:00

1 2 3 4 5 ...

5837 commits