This patch resolves a vulnerability that may still exist due to
compiler optimizations. The previous patches for CVE-2015-1283 and
CVE-2015-2716 may not work as intended in some situations.
MFH: 2016Q2
Security: CVE-2016-4472
The LUA_{LIB,INC}DIR variables point to the default Lua version
specified in ports (in this case 5.2) or by the user.
When multiple versions of Lua are installed (in this case 5.2 and 5.3),
libucl's ./configure auto-detects Lua 5.3 (or perhaps the latest version
available), which is a mismatch against those in the provided
include/library paths:
checking for a Lua interpreter with version >= 5.1... lua53 <-- detected
checking for lua53... /usr/local/bin/lua53
checking for lua53 version... 5.3
...
checking for Lua header version... 5.2 <-- Passed by LUA_INCDIR
checking if Lua header version matches 5.3... no
This change explicitly specifies the version of the Lua interpreter we
want to use, which appears to sufficienty influence the behaviour of the
./configure macros.
PR: 209887
Reported by: olgeni
MFH: 2016Q2
Fix this error:
===> Checking for items in STAGEDIR missing from pkg-plist
Error: Orphaned: share/xsl/docbook-ns/svn-commit.tmp
No revbump is necessary because the extra file is unwanted and
wasn't packaged. This allows stage QA checks to pass
approved by: just-fix-it
The last change submitted or approved by Horia in Bugzilla dates back to
September 2015. Since then, all commits to his ports were landed by others
after the maintainer timeout period expired (see r383744, r405055, r405057,
r400461 and r414655, for example).
Horia did show interest in coming back after I sent a private email a few
months ago, but since nothing has changed it is better to reassign his ports
back to the heap.
Differential Revision: https://reviews.freebsd.org/D5980
/wrkdirs/usr/ports/textproc/groff/work/groff-1.22.2/src/devices/gropdf/pdfmom: not found
gmake[3]: *** [Makefile.sub:117: examples/letter.pdf] Error 127
While there, remove the bsd.port.pre/post inclusion.
Sponsored by: Absolight
Beautiful Soup is a Python library designed for quick turnaround projects like
screen-scraping.
Three features make it powerful:
Beautiful Soup provides a few simple methods and Pythonic idioms for
navigating, searching, and modifying a parse tree: a toolkit for dissecting
a document and extracting what you need. It doesn't take much code to write
an application.
Beautiful Soup automatically converts incoming documents to Unicode and
outgoing documents to UTF-8. You don't have to think about encodings, unless
the document doesn't specify an encoding and Beautiful Soup can't detect one.
Then you just have to specify the original encoding.
Beautiful Soup sits on top of popular Python parsers like lxml and html5lib,
allowing you to try out different parsing strategies or trade speed for
flexibility.
WWW: https://www.crummy.com/software/BeautifulSoup/
Submitted by: me
Reviewed by: amdmi3, feld (mentors)
Approved by: amdmi3, feld (mentors)
Differential Revision: D6937
This only affects "Created by" lines with one exception: devel/uclcmd. There the maintainer is changed. This was overlooked in r416918.
Approved by: junovitch (mentor)
Changelog: https://git.gnome.org/browse/libxslt/commit/NEWS?id=9a1b3ddf6034aa2f6a30b4b7ea4bfc3c4037cd58
Absent from the Changelog are the CVEs Google discovered, CVE-2016-1683
and CVE-2016-1684. This library needs to be updated to ensure
www/chromium is no longer vulnerable to these CVEs. Additionally the
changelog notes a fix for CVE-2015-7995, but we solved that previously
with a patch to the port.
PR: 210298
MFH: 2016Q2
Security: CVE-2016-1683
Security: CVE-2016-1684
The update of misc/rubygem-mime-types break this port, because it is not allowed to work with mime-types version >= 3. I removed this limitation since the port works fine with newer version of mime-types.
Approved by: swills (mentor)
Changelog:
* Fix regression in support for file comparisons from pipes
* Add open build service directories to the version control filter
* Add darcs to list of loaded plugins
* Fix the dark style
* Windows build fixes
Turns out that env(1) knows how to parse a properly quoted string
using -S "string", it makes the double eval used for the fetch
command to be unnecessary.
This is because running:
eval "foo $(escape $bar)"
is silly when this works:
foo $bar
So remove escaping and quoting, and sillyness.
PR: 210198
Submitted by: mat
Exp-run by: antoine
Sponsored by: The FreeBSD Foundation, Absolight
Differential Revision: https://reviews.freebsd.org/D6779
We will merge the clucene-qt5 (package: qt5-clucene) with the
qt5-help port in order to simplify building Qt 5 and its dependencies.
clucene-qt5 is only required by qt5-help anyway, so there is no
real need to keep it split off.
Qt 5.7 ports will have those two ports merged and the clucene-qt5
port will expire with Qt 5.7 ports.
PR: 210202
Submitted by: Ralf Nolden <nolden@kde.org> (kde)
