Ark input sanitization errors:
The KDE archiving tool, Ark, performs insufficient validation
which leads to specially crafted archive files, using unknown
MIME types, to be rendered using a KHTML instance, this can
trigger uncontrolled XMLHTTPRequests to remote sites.
IO Slaves input sanitization errors:
KDE protocol handlers perform insufficient input validation, an
attacker can craft malicious URI that would trigger JavaScript
execution. Additionally the 'help://' protocol handler suffer
from directory traversal. It should be noted that the scope of
this issue is limited as the malicious URIs cannot be embedded
in Internet hosted content.
KMail input sanitization errors:
The KDE mail client, KMail, performs insufficient validation which
leads to specially crafted email attachments, using unknown MIME
types, to be rendered using a KHTML instance, this can trigger
uncontrolled XMLHTTPRequests to remote sites.
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)
Approved by: secteam (myself), portmgr
Security: http://www.vuxml.org/freebsd/6f358f5a-c7ea-11de-a9f3-0030843d3802.html
- rework KDE4_BUILDENV
All ports:
- remove needless post-extract target
- make patches relative to ${PATCH_WRKSRC}
- clean up
- bump PORTREVISION when required
databases/akonadi:
- replace dependency on boost-python-libs with boost-libs
(finally, boost-pyhton does not conflict with boost \o/)
deskutils/kdepim*:
- replace boost-python-libs with boost-libs
- reduce dependencies
- respect PREFIX
- fix build with qt3 installed
misc/kdeedu4:
- add dependency on astro/xplanet (for KStars)
misc/kdeutils4:
- add dependency on devel/qca (for okteta)
- make dependency on kdebase non-optional
multimedia/kdemultimedia4:
- add optional support for PulseAudio
x11/kdebase4:
- remove needless dependency on kdebase4-runtime
x11/kdebase4-runtime, x11/kdebase4-workspace
- remove extra CMAKE_ARGS to fix build for qt3/kde3 users
x11/kdelibs4
- remove needless dependencies
- remove extra CMAKE_ARGS to fix build for qt3/kde3 users
multimedia/phonon port has been split into phonon itself, phonon-xine
and phono-gstreamer backends. After updating phonon port you have
to install at least one backend. phonon-xine backend is recommended
for KDE.
for FreeBSD. The official KDE 4.1.0 release notes can be found at
http://www.kde.org/announcements/4.1/.
Some note:
* Prefix
KDE4 will be install into a custom prefixes namely ${LOCALBASE}/kde4.
KDE4 and KDE3 can co-exist
* Sound
For sound to work, it is necessary to have dbus and hal enabled
in your system. Please see the respective documentation on how
to enable these.
For more Informations see the HEADS UP at ports@ and kde-freebsd@
or our wiki page http://wiki.freebsd.org/KDE4/Install.
Have fun!
- Remove USE_XLIB/USE_X_PREFIX/USE_XPM in favor of USE_XORG
- Remove X11BASE support in favor of LOCALBASE or PREFIX
- Use USE_LDCONFIG instead of INSTALLS_SHLIB
- Remove unneeded USE_GCC 3.4+
Thanks to all Helpers:
Dmitry Marakasov, Chess Griffin, beech@, dinoex, rafan, gahr,
ehaupt, nox, itetcu, flz, pav
PR: 116263
Tested on: pointyhat
Approved by: portmgr (pav)
Together, they fix a regression in Kicker's taskbar applet which would
no longer group Konsole windows in 3.5.7.
Reported by: Dwayne MacKinnon <dmk@ncf.ca>
- Correct ejecting of mounted volumes (unmount before eject).
- Mounting of removable media drives (such as CD-ROM drives)
listed in /etc/fstab (removes checking linux's "user" mount option).
- Polling floppy drives over the mount state (FreeBSD HAL doesn't do this).
- Informing the fileview when HAL notifies that mounting is completed.
- Mounting cdrom volume in locale charset. Note: Requires cd9660_iconv!
PR: ports/108949
Submitted by: Maxim Samsonov <xors@sendmail.ru>
- Disable polling of nfs shares in the fstabbackend. Mounting/Unmounting
is broken and the polling can cause DBus aborts that take kded with
them.
- Don't get confused by files and directories containing wildcard characters
(such as "[" and "]")
- Fix usage of wildcards in the location bar in filemanager mode
- Unmount CD-ROM devices before ejecting them.
Approved by: portmgr (linimon)
longer appear in the list, numbering of NFS filesystems should be okay now
and removable media should be mountable, unmountable and browseable - if
the user running KDE can mount them in the first place (i.e. vfs.usermount
and mountpoint ownership still required).
Obtained from: KDE SVN
