2015-11-26 audio/pecl-id3: Broken for more than 6 months
2015-11-26 dns/geta: Broken for more than 6 months
2015-11-26 finance/openerp-web: Broken for more than 6 months
2015-11-26 devel/py-async: Further using of this module is not encouraged by upstream
2015-11-26 chinese/kon2: Depends on expiring chinese/cce
2015-11-26 games/linux-skulltag: Depends on expiring audio/linux-fmodapi
2015-11-26 archivers/wzip: Broken for more than 6 months
2015-11-26 databases/sybtcl: Broken for more than 6 months
2015-11-26 biology/povchem: Broken for more than 6 months
2015-11-26 audio/btc: Broken for more than 6 months
2015-11-26 astro/wmglobe: Broken for more than 6 months
2015-11-26 graphics/pyro: Broken for more than 6 months
2015-11-26 graphics/jpeg2ps: Broken for more than 6 months
2015-11-26 chinese/gugod-clean: Broken for more than 6 months
2015-11-26 comms/bforce: Broken for more than 6 months
2015-11-26 cad/geda-docs: Broken for more than 6 months
2015-11-26 chinese/cwtexttf: Broken for more than 6 months
2015-11-26 comms/zmtx-zmrx: Broken for more than 6 months
2015-11-26 astro/sky2000: Broken for more than 6 months
2015-11-26 deskutils/libopensync-plugin-file: Broken for more than 6 months
2015-11-26 databases/sqlite-ext-mobigroup: Broken for more than 6 months
2015-11-26 chinese/bg5ps: Broken for more than 6 months
2015-11-26 deskutils/x-tile: Broken for more than 6 months
2015-11-26 graphics/pure-gl: Broken for more than 6 months
2015-11-26 audio/dvda-author: Broken for more than 6 months
2015-11-26 chinese/oxim: Broken for more than 6 months
2015-11-26 editors/spe: Broken for more than 6 months
2015-11-26 audio/mpdscribble: Broken for more than 6 months
2015-11-26 cad/geda-symcheck: Broken for more than 6 months
2015-11-26 audio/linux-fmodapi: Broken for more than 6 months
2015-11-26 audio/pure-audio: Broken for more than 6 months
2015-11-26 editors/bpatch: Broken for more than 6 months
2015-11-26 benchmarks/geekbench: Broken for more than 6 months
2015-11-26 graphics/icoconvert: Broken for more than 6 months
2015-11-26 cad/geda-utils: Broken for more than 6 months
2015-11-26 deskutils/tomboy-plugin-wordcount: Broken for more than 6 months
2015-11-26 graphics/sketch: Broken for more than 6 months
2015-11-26 ftp/spegla: Broken for more than 6 months
2015-11-26 graphics/clutter-box2d: Broken for more than 6 months
2015-11-26 audio/scmpc: Broken for more than 6 months
2015-11-26 ftp/gnusget: Broken for more than 6 months
2015-11-26 comms/gpsk31: Broken for more than 6 months
2015-11-26 cad/geda-gschem: Broken for more than 6 months
2015-11-26 audio/ampache: Broken for more than 6 months
2015-11-26 cad/slffea: Broken for more than 6 months
2015-11-26 audio/cripple: Broken for more than 6 months
2015-11-26 cad/geda-gattrib: Broken for more than 6 months
2015-11-26 cad/findhier: Broken for more than 6 months
2015-11-26 biology/njplot: Broken for more than 6 months
2015-11-26 audio/wmmp: Broken for more than 6 months
2015-11-26 x11/avant-window-navigator: Broken for more than 6 months
2015-11-26 cad/geda-netlist: Broken for more than 6 months
2015-11-26 deskutils/libopensync-plugin-sunbird: Broken for more than 6 months
2015-11-26 biology/ortep3: Broken for more than 6 months
2015-11-26 astro/aa: Broken for more than 6 months
2015-11-26 french/belote: Broken for more than 6 months
2015-11-26 converters/p5-String-SetUTF8: Broken for more than 6 months
2015-11-26 cad/geda-examples: Broken for more than 6 months
2015-11-26 editors/yasnippet: Broken for more than 6 months
2015-11-26 audio/musica: Broken for more than 6 months
2015-11-26 graphics/rubyphoto: Broken for more than 6 months
2015-11-26 german/bsdpaste: Broken for more than 6 months
2015-11-26 audio/amrcoder: Broken for more than 6 months
2015-11-26 sysutils/bashburn: Broken for more than 6 months
2015-11-26 editors/e93: Broken for more than 6 months
2015-11-26 audio/tepsonic: Broken for more than 6 months
2015-11-26 astro/ephem: Broken for more than 6 months
2015-11-26 chinese/cce: Broken for more than 6 months
2015-11-26 graphics/qcread: Broken for more than 6 months
2015-11-26 databases/py-sqlkit: Broken for more than 6 months
2015-11-26 databases/usogres: Broken for more than 6 months
2015-11-26 cad/libgeda: Broken for more than 6 months
2015-11-26 chinese/p5-Lingua-ZH-BPMFConvert: Broken for more than 6 months
2015-11-26 french/alphabet_sounds_fr: Broken for more than 6 months
2015-11-26 deskutils/mrundlg: Broken for more than 6 months
2015-11-26 databases/erlang-mysql: Broken for more than 6 months
2015-11-26 graphics/linux-XnViewMP: Broken for more than 6 months
2015-11-26 deskutils/akamaru: Broken for more than 6 months
2015-11-26 dns/p5-Net-DNS-ZoneCheck: Broken for more than 6 months
2015-11-26 astro/dgpsip: Broken for more than 6 months
2015-11-26 databases/pecl-handlersocket: Broken for more than 6 months
2015-11-26 audio/cymbaline: Broken for more than 6 months
2015-11-26 french/dico: Broken for more than 6 months
2015-11-26 comms/qpage: Broken for more than 6 months
2015-11-26 audio/sonice: Broken for more than 6 months
2015-11-26 cad/geda-symbols: Broken for more than 6 months
2015-11-26 databases/java-mybatis: Broken for more than 6 months
2015-11-26 databases/openbase-jdbc: Broken for more than 6 months
2015-11-27 www/mediawiki119: Please upgrade to mediawiki-1.25
2015-11-28 www/R-cran-Rpad: Unmaintained upstream
o Users whose login name is not an email address could not log in on
installations which use LDAP to authenticate users.
o If a mandatory custom field was hidden, it was not possible to create a
new bug or to edit existing ones.
o A user editing his login name to point to a non-existent email address
could cause Bugzilla to stop working, causing a denial of service.
o Emails generated during a transaction made PostgreSQL stop working.
o Bugs containing a comment with a reference to a bug ID larger than 2^31
could not be displayed anymore using PostgreSQL.
o Emails sent by Bugzilla are now correctly encoded as UTF-8.
o The date picker in the "Time Summary" page was broken.
o If Test::Taint or any other Perl module required to use the JSON-RPC API
was not installed or was too old, the UI to tag comments was displayed
anyway, you could tag comments, but tags were not persistent (they were
lost on page reload). Now the UI to tag comments is not displayed at all
until the missing Perl modules are installed and up-to-date.
o Custom fields of type INTEGER now accept negative integers.
MFH: 2015Q3
Security: CVE-2015-4499
Security: ea893f06-5a92-11e5-98c0-20cf30e32f6d
Unfortunately, LibreOffice project completely dropped support for pre-C++11
compilers and libraries since 4.4. Therefore, we cannot easily build it on
FeeBSD 9.x any more unless the system was rebuilt with WITH_CLANG_IS_CC and
WITH_LIBCPLUSPLUS. If user is unable to upgrade the system for some reason,
the old port, i.e., 4.3.7, is still available from devel/libreoffice4 (with
no language packs).
- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.
While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.
Also, replace some EXTRACT_SUFX occurences with USES=tar:*.
Checked by: make fetch-urlall-list
With hat: portmgr
Sponsored by: Absolight
The PHP developers stopped providing security patches for the 5.3
branch on 14 August 2014. They "strongly urge" to upgrade to current
versions "as using older versions may expose you to security
vulnerabilities and bugs that have been fixed in more recent versions"
of PHP.
The PHP53 branch was released from maintainership today, so it's being
deprecated with removal set for 15 April 2015.
There were only 8 ports limited to php53, six of which were pecl- ports.
These ports must be upgraded to use a later version of php (5.6 is
recommended) soon, or they will be removed with php53.
Note that all 8 ports incorrectly set the PHP_DEFAULT_VERSION, so this
was changed to use IGNORE_WITH_PHP instead while here.
PR: 198150
The kde@ team presents KDE SC 4.14.3, the last planed release
of the KDE SC 4 series.
In addition to the updates provided by the KDE SC developers, this
update also addresses numerous FreeBSD and PORTS specific
issues, found and solved by the kde@ team and area51 testers,
most notorously Tobias C. Berner <tcberner@gmail.com>
PR: 197751
PR: 197871
PR: 184996
Reviewed by: rakuco (mentor)
Differential: https://reviews.freebsd.org/D1950
- Bump PORTREVISION for dependency change
- While I'm here, fix check-plist error
====> Checking for pkg-plist issues (check-plist)
===> Parsing plist
===> Checking for items in STAGEDIR missing from pkg-plist
Error: Orphaned: BBBike/tmp/.keep_me
===> Checking for items in pkg-plist which are not in STAGEDIR
===> Error: Plist issues found.
*** Error code 1
Stop.
make: stopped in /usr/ports/german/BBBike
====>> Error: check-plist failures detected
USE_KDE4=kdehier component has been deprecated, new components added:
baloo - Baloo core libraries
baloo-widgets - Baloo widgets library
kfilemetadata - KDE library for extracting file metadata
New ports:
graphics/kqtquickcharts - QtQuick plugin to render interactive charts
misc/artikulate - Pronunciation trainer for KDE
(not usable currently, links to both
GStreamer 1.x and 0.10.x via dependencies)
sysutils/baloo[-widgets] - KDE framework for searching and
managing user metadata
sysutils/kfilemetadata - Library for extracting file metadata
l10n ports:
- Farsi (Persian) and Indonesian translations has been readded
- Vietnamese didn't pass threshold for inclusion into release
astro/kstars:
- switch dependency from math/eigen2 to math/eigen3
- add PYKDE option for updating supernovae data
deskutils/kdepim4:
- update dependencies: add libkgapi and baloo,
remove now needless clucene, link-grammar, strigi
- add patch to fix build with gcc42
- update COMMENT and description for all KDE PIM ports
devel/ruby-krossruby:
- remove BROKEN, it builds with ruby 2.x now
editors/kate:
- add patch to disable memory-hungry build of the kate tests [1]
graphics/okular:
- add dependency on graphics/libkscreen
math/cantor:
- add optional dependency on lang/luajit for LuaJIT backend
- fix gfortran detection [2]
misc/kdehier4:
- adapt to new pkg world. Now the purpose of kdehier4 only
to link some stuff between KDE4_PREFIX and LOCALBASE.
science/kalzium:
- switch dependency from math/eigen2 to math/eigen3
- add dependence on science/chemical-mime-data
x11-themes/kdeartwork4
- switch dependency from math/eigen2 to math/eigen3
among other changes:
- drop deprecated USE_KDE4=kdehier
- drop @dirrm from plist
- clean up pkg-descr
- convert to options helpers
- other portlint fixes
The area51 repository features commits by alonso, rakuco and myself.
PR: 187150 [1]
Reported by: pe.freethread@live.com
Patch by: Tobias Berner <tcberner@gmail.com>
PR: 180674 [2]
Reported by: torsten.eichstaedt@web.de
PR: 194316
Exp-run: antoine
- Convert to USES=libtool and bump dependent ports
- Add INSTALL_TARGET=install-strip
- Remove patches that renamed include directories and libraries so they
didn't conflict with early development versions of glib/gtk 2.0
GCC 4.2 in FreeBSD 8.X/9.X base is now too old to compile OpenEXR, so
GCC-based systems will upgrade to the default ports compiler (GCC 4.7
currently.)
Add two patches to OpenEXR to permit building it in a live system with
the older OpenEXR version installed. Bug report filed to upstream Github
at https://github.com/openexr/openexr/issues/130
Couple OpenEXR more tightly to ilmbase and require its exact .so
version.
Add UPDATING note, and bump PORTREVISION of all dependent ports.
Proto-STAGE hugin-devel, and mark it IGNORE because hugin is newer.
Approved by: portmgr (implicit for bumping PORTREVISION on unstaged ports)
- Speed staging phase by really installing to the stagedir directly
- Rework to use predefined targets for build and install
- Strip binaries
- Remove now unnecessary dependencies on autotools
- Add patches to fix crashes with icu 53.1
Starting with perl 5.20, they're not installed any more if empty,
and on FreeBSD, they're (always ?) empty.
PR: 190681
Submitted by: mat
Exp-Run by: antoine
Sponsored by: Absolight
2014-05-31 net-im/mercury: MSN is dying and the domain mercury.im is down
2014-05-31 german/bsdgroup-firefox-searchplugin: bsdgroup.de no longer seems to exist
2014-05-31 german/bsdforen-firefox-searchplugin: No longer works after forum software update
Since FreeBSD 8.4 and FreeBSD 9.1 make(1) do support :tu and :tl as a
replacement for :U and :L (which has been marked as deprecated)
bmake which is the default on FreeBSD 10+ only support by default
:tu/:tl a hack has been added at the time to support :U and :L to ease
migration. This hack is now not necessary anymore
Note that this makes the ports tree incompatible with make(1) from
FreeBSD 8.3 or earlier
With hat: portmgr
KDE ports:
- Convert to USES=tar:xz
devel/p5-perlqt, multimedia/kdemultimedia4-ffmpegthumbs:
- Convert LIB_DEPENDS to new style
devel/p5-perlqt, devel/p5-perlkde:
- Don't remove directories installed by perl port
net/kdnssd:
- moved to net/zeroconf-ioslave (renamed upstream)
x11/kdelibs4:
- Clean up non-standard shared mime files and directories after deinstall
The area51 repository features commits by Alonso Schaich
<alonsoschaich@fastmail.fm> and makc.
2014-03-07 emulators/gxmame: Depends on deprecated emulators/xmame
2014-03-07 emulators/pyxmame: Depends on deprecated emulators/xmame
2014-03-07 emulators/xmess: No more public distfiles
2014-03-07 benchmarks/xdd: No more public distfiles
2014-03-07 chinese/srecite: No more public distfiles
2014-03-07 games/hlstats: No more public distfiles
2014-03-07 audio/teamspeak_server: No more public distfiles
2014-03-07 games/utserver: No more public distfiles
2014-03-07 databases/p5-hp200lx-db: No more public distfiles
2014-03-07 audio/teamspeak_client: No more public distfiles
2014-03-10 german/vtiger: Depends on expiring www/vtiger
2014-03-10 www/gallery: No more public distfiles
2014-03-10 www/vtiger: No more public distfiles
2014-03-10 net/linux-nx-client: No more public distfiles
2014-03-10 emulators/extract-xiso: No more public distfiles
2014-03-10 www/trac-wantedpages: No more public distfiles
2014-03-10 www/trac-ldap: No more public distfiles
2014-03-10 www/trac-codetags: No more public distfiles
2014-03-10 www/trac-addcomment: No more public distfiles
2014-03-10 www/trac-nav: No more public distfiles
2014-03-10 www/baikal: No more public distfiles
2014-03-10 www/trac-pagetopdf: No more public distfiles
2014-03-10 sysutils/logmon: No more public distfiles
2014-03-10 www/trac-simpleticket: No more public distfiles
2014-03-10 www/trac-wikinegotiator: No more public distfiles
2014-03-10 www/trac-pagelist: No more public distfiles
2014-03-10 www/trac-remind: No more public distfiles
2014-03-10 www/trac-macropost: No more public distfiles
2014-03-10 mail/vexim: No more public distfiles
2014-03-10 lang/rscheme: No more public distfiles
bsdforen-firefox-searchplugin : No longer works after forum software update
bsdgroup-firefox-searchplugin : bsdgroup.de no longer seems to exist
Submitted by: Stefan 'Steve' Tell <stefan.tell@crashmail.de>
Submitted by: (port author, via irc)
GCC 4.6.4 to GCC 4.7.3. This entails updating the lang/gcc port as
well as changing the default in Mk/bsd.default-versions.mk.
Part II, Bump PORTREVISIONs.
PR: 182136
Supported by: Christoph Moench-Tegeder <cmt@burggraben.net> (fixing many ports)
Tested by: bdrewery (two -exp runs)
deskutils/kdepim4:
- Add depedency on coreutils, kleopatra needs md5sum and sha1sum programs [1]
misc/kdehier4:
- add tests directory (r343428 commit to Templates/BSD.local.dist)
security/kwallet:
- moved to security/kwalletmanager (renamed upstream)
x11/kdelibs:
- remove workaround, which is not needed after global fix in
Mk/bsd.kde4.mk (r315373)
PR: ports/187259 [1]
Submitted by: Tobias Berner <tcberner@gmail.com>
Among changes:
- Switch KDE4_PREFIX to ${LOCALBASE}
- Remove now needless misc/kde4-shared-mime-info port
- Add stage support
- Remove ancient CONFLICTS (KDE 4.9 and less) and LATEST_LINK
- Squeeze MASTER_SITES/MASTER_SITE_SUBDIR
- Convert LIB_DEPENDS to new style
- Use options helpers
- Drop support for FreeBSD 7.x
- Remove Qt/KDE 3 related workarounds
- Remove local patches and use upstream version scheme for libraries
- sysutils/kdeadmin4, net/kdenetwork4, devel/kdesdk4,
and x11-clocks/kdetoys4 ports have been split.
- devel/kcachegrind is now a part of KDE SC [1]
- more logs in area51 repo...
New ports:
devel/kde-dev-scripts: KDE development scripts
devel/kde-dev-utils: KDE development utilities
games/klickety: Tetris themed solitaire
games/picmi: Single player logic-based puzzle game
textproc/libkomparediff2: Library to compare files and strings
The area51 repository features commits by Schaich Alonso, avilla, rakuco
and myself.
PR: ports/186491
Exp-run: by bdrewery
Approved by: beat (former maintainer) [1]
OPTIONS_DEFINE. This policy has been implemented only recently that's why we
have many ports violating this policy.
This patch adds the default options specified in the Porter's Handbook to
OPTIONS_DEFINE where they are being used. Ports maintained by
gnome@FreeBSD.org, kde@FreeBSD.org and x11@FreeBSD.org have been excluded.
Approved by: portmgr (bapt)
translations have been added (ca, da, el, en_GB, sl, pt_BR)
- Add stage support
- Update maintainer address
PR: based on ports/179681
Submitted by: RyoTa SimaMoto (maintainer)
- Require a new compiler to build Calligra.
- Make GTL really an option in Calligra.
- STAGEify.
- Use OPTIONS helpers.
- Set NO_ARCH for translation ports.
- Add translation port for Intelingua.
Calligra 2.7 release notes:
http://www.calligra.org/news/calligra-2-7-released
- Switched to automake 1.11.6, see CVE-2012-3386.
- #14669: Fixed extraction of CC from gmp.h.
- Fixed case of intermediate zero real or imaginary part in mpc_fma,
found by hydra with GMP_CHECK_RANDOMIZE=1346362345.
This is on top of the following changes from version 1.0
- Licence change towards LGPLv3+ for the code and GFDLv1.3+ (with no
invariant sections) for the documentation.
- 100% of all lines are covered by tests
- Renamed functions
. mpc_mul_2exp to mpc_mul_2ui
. mpc_div_2exp to mpc_div_2ui
- 0^0, which returned (NaN,NaN) previously, now returns (1,+0).
- Removed compatibility with K&R compilers, which was untestable due
to lack of such compilers.
- New functions
. mpc_log10
. mpc_mul_2si, mpc_div_2si
- Speed-ups
. mpc_fma
- Bug fixes
. mpc_div and mpc_norm now return a value indicating the effective
rounding direction, as the other functions.
. mpc_mul, mpc_sqr and mpc_norm now return correct results even if
there are over- or underflows during the computation.
. mpc_asin, mpc_proj, mpc_sqr: Wrong result when input variable has
infinite part and equals output variable is corrected.
. mpc_fr_sub: Wrong return value for imaginary part is corrected.
Convert to the new LIB_DEPENDS standard and remove hard-coded
.so versions from a couple of dependent ports.
Bump PORTREVISIONS of all dependent ports.
PR: 183141
Approved by: portmgr (bdrewery)
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry
4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013
Summary
=======
Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:
* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
can lead to a bug being edited without the user consent.
* A CSRF vulnerability in attachment.cgi can lead to an attachment
being edited without the user consent.
* Several unfiltered parameters when editing flagtypes can lead to XSS.
* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
field values in tabular reports can lead to XSS.
All affected installations are encouraged to upgrade as soon as
possible.
[1] even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend
Security: vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
CVE-2013-1733
CVE-2013-1734
CVE-2013-1742
CVE-2013-1743
