installing vim scripts.
Vimana provides a command-line interface much like the aptitude
program on Debian Linux, for you to search, download, install, and
upgrade scripts from http://www.vim.org/ (vimonline site).
WWW: http://search.cpan.org/dist/Vimana/
PR: ports/138158
Submitted by: Gea-Suan Lin <gslin@gslin.org>
<ChangeLog>
*) Feature: the "proxy_bind", "fastcgi_bind", and "memcached_bind"
directives.
*) Feature: the "access" and the "deny" directives support IPv6.
*) Feature: the "set_real_ip_from" directive supports IPv6 addresses in
request headers.
*) Feature: the "unix:" parameter of the "set_real_ip_from" directive.
*) Bugfix: nginx did not delete unix domain socket after configuration
testing.
*) Bugfix: nginx deleted unix domain socket while online upgrade.
*) Bugfix: the "!-x" operator did not work.
Thanks to Maxim Dounin.
*) Bugfix: a segmentation fault might occur in a worker process, if
limit_rate was used in HTTPS server.
Thanks to Maxim Dounin.
*) Bugfix: a segmentation fault might occur in a worker process while
$limit_rate logging.
Thanks to Maxim Dounin.
*) Bugfix: a segmentation fault might occur in a worker process, if
there was no "listen" directive in "server" block; the bug had
appeared in 0.8.21.
</ChangeLog>
* cli_add_graph.patch - Fixes command line syntax help in cli/add_graph.php
* snmp_invalid_response.patch - Properly rejects invalid responses from snmp
* template_duplication.patch - Addresses issue when templates are duplicated
and then exported. A new command line utility has been added to repair
any corrupted templates.
Requested by: linimon
Ark input sanitization errors:
The KDE archiving tool, Ark, performs insufficient validation
which leads to specially crafted archive files, using unknown
MIME types, to be rendered using a KHTML instance, this can
trigger uncontrolled XMLHTTPRequests to remote sites.
IO Slaves input sanitization errors:
KDE protocol handlers perform insufficient input validation, an
attacker can craft malicious URI that would trigger JavaScript
execution. Additionally the 'help://' protocol handler suffer
from directory traversal. It should be noted that the scope of
this issue is limited as the malicious URIs cannot be embedded
in Internet hosted content.
KMail input sanitization errors:
The KDE mail client, KMail, performs insufficient validation which
leads to specially crafted email attachments, using unknown MIME
types, to be rendered using a KHTML instance, this can trigger
uncontrolled XMLHTTPRequests to remote sites.
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)
Approved by: secteam (myself), portmgr
Security: http://www.vuxml.org/freebsd/6f358f5a-c7ea-11de-a9f3-0030843d3802.html
<http://www.videolan.org/security/sa0901.html>.
Also include fixes from PR ports/135018 to fix build when WITHOUT_X11 is
defined.
PR: ports/139114 (1) ports/135018 (2)
Submitted by: Christopher Key <cjk32 (at) cam.ac.uk> (1) Nick Triantos <nick-freebsd (at) triantos.com> (2)
Approved by: Joseph S. Atkinson <jsa.bsd (at) gmail.com> (maintainer)
Security: VideoLAN-SA-0901 (CVE Pending)
