- Remove s/gawk/awk/ patches and introduce build time dependecy to gawk
because one of the scripts uses `strftime' which is not available in
our base systems awk.
Approved by: portmgr (clement)
that do not need the modeline support to disable it, since it contained
remote vulnerabilities.
Reviewed by: simon
Approved by: portsmgr (blanket, secteam), obrien (maintainer)
injection vulnerability" entry since they contain an embedded version of
pear-XML_RPC.
Fix typo in body of the latest xpdf entry (note: no modified date bump
as this is a minor typo fix which does change <affects>).
Approved by: portmgr (blanket, VuXML)
Security: CAN-2005-2101
Security: http://www.kde.org/info/security/advisory-20050815-1.txt
Security: langen2kvtml uses known filenames in /tmp which allow a
local attacker to overwrite files writeable by the
user (manually) invoking the conversion script.
Approved by: portmgr (marcus)
2. openoffice-1.1 crashes for second invocation; some file is missing.
this is exactly same as #i22253#, and fortunately OOo worked for some
older version I don't remember.
PR: 84787 [2]
Submitted by: Jack L.[1], achix mantzix <achix@smadev.internal.net> [2]
and Jens Ressack <rehsack@liwing.de> [2]
Approved by: portmgr(clement)
Fix building of lang/erlang as dependency of net/ejabberd.
Take maintainership (requested by former maintainer).
Approved by: portmgr (clement), gonzo@univ.kiev.ua (former maintainer)
libgadu, at least not any in any current version, and from looking at
the gnugadu code there is no direct indication that this code should
actually be vulnerable to the other libgadu vulnerabilities. [1]
The gaim part of libgadu -- multiple vulnerabilities was fixed in
1.4.0_1. [2]
Polish translation clue: pjd [1]
General clue by: markus [2]
Not enough checking: simon
Approved by: portmgr (blanket, VuXML)
<snip>
Cdrdao changes:
o SECURITY FIX: cdrdao now gives up its root privileges after setting
up real-time scheduling, as well as before saving settings through
the --save option. This fixes a potential local root exploit when
cdrdao is installed with the +s chmod flag. Using --save now also
forces an early exit after the settings are saved.
o Added MP3 and Ogg Vorbis file support (through respectively the
libmad and libvorbis libraries). cdrdao will decode the MP3 and
Ogg files into temporary WAV files that will be deleted upon exit
(unless the new option --keep is used). The directory used to
store those temporary WAV files can be specified with the --tmpdir
option (default is /tmp).
o Improved native CUE file support: replaced old incomplete existing
parser with the one from Matthias Czapla's excellent
cue2toc. Added support for cutting binary files.
o Added --rspeed option to manually set the device reading speed. Be
warned not all devices support this.
o Packaged scsilib library upgraded from cdrtools 2.01 (previously
was from 2.01a31).
o Added --no-mode2-mixed option. Don't read a MODE2 disk as
MODE2_FORM_MIXED, only read MODE2_FORM1 or MODE2_FORM2 (Matthieu
Castet).
o Added help for little-known drive-info command.
GCDMaster changes:
o MP3 and Ogg Vorbis support: you can drag and drop .mp3, .m3u and
.ogg files from Nautilus into the sample display window.
o Switched to gtkmm24 API. Improved file browsers.
o CUE files support.
o Sound output now uses libao library.
o Added 'Select All' item in menu.
o Added 'Eject' button to progress dialog.
o Bug fixes (sample selection weirdness, couldn't close window during
play, problems with gcdmaster command-line argument, crashes with
multiple project windows, drive status not reported correctly).
<snip>
Note that the FreeBSD ports doesn't install cdrdao setuid root so you are
not vulnerable by default.
- Fix building on FreeBSD 7.
- Turn on the usage of mlockall(2) again as it no longer causes negative side
effects on FreeBSD >= 502113.
Requested by: will [1]
Approved by: portmgr (linimon)
Security: http://vuxml.freebsd.org/d51a7e6e-c546-11d9-9aed-000e0c2e438a.html
a warning was printed.
A mounted procfs is a runtime dependency of valgrind, but since the
implementation of automatic suppression file generation the valgrind
binary is run in the post-install stage.
- An exception needs to be made for the ports cluster: The machine compiling
the list of IGNOREd ports does not have a mounted /proc, so the check (and
the generation of supression files is disabled there).
Users who want to suppress false positives in valgrinds output should build
the port instead of installing the package (so the rules can be customized to
their specific installation).
Reported by: Paul Ledbetter III <aeacides@gmail.com>
Approved by: portmgr (kris)
