because they're provided as "default gem" since Ruby 2.6.
We provide "default gem"s as gem ports rather than a part of lang/ruby*
port. files/patch-tool_rbinstall.rb makes not to install such default gems
however hollow wrapper scripts bin/{irb,ri,rdoc} and their manpages were
still left.
This commit intend to move out such wrapper scripts and manpages to gem
ports completely.
PR: 243888
Submitted by: Yasuhiro KIMURA <yasu@utahime.org> (initial revision)
meta (myself)
Differential Revision: https://reviews.freebsd.org/D23514
Target "cmTC_73213" requires the language dialect "CXX17" , but CMake does
not know the compile flags to use to enable it.
Approved by: portmgr (tier-2 blanket)
https://kde.org/info/security/advisory-20200312-1.txt:
Overview
========
Okular can be tricked into executing local binaries via specially crafted
PDF files.
This binary execution can require almost no user interaction.
No parameters can be passed to those local binaries.
We have not been able to identify any binary that will cause actual damage,
be it in the hardware or software level, when run without parameters.
We remain relatively confident that for this issue to do any actual damage,
it has to run a binary specially crafted. That binary must have been deployed
to the user system via another method, be it the user downloading it directly
as an email attachment, webpage download, etc. or by the system being already
compromised.
Solution
========
- Update to Okular >= 1.10.0
- or apply the following patch:
6a93a033b4
Workaround
==========
There's no real workaround other than not opening PDF files from untrusted sources.
Credits
=======
Thanks to Mickael Karatekin from Sysdream Labs for the discovery and to
Albert Astals Cid for the fix.
Security: c3600a64-64ea-11ea-bdff-e0d55e2a8bf9
https://kde.org/info/security/advisory-20200312-1.txt:
Overview
========
Okular can be tricked into executing local binaries via specially crafted
PDF files.
This binary execution can require almost no user interaction.
No parameters can be passed to those local binaries.
We have not been able to identify any binary that will cause actual damage,
be it in the hardware or software level, when run without parameters.
We remain relatively confident that for this issue to do any actual damage,
it has to run a binary specially crafted. That binary must have been deployed
to the user system via another method, be it the user downloading it directly
as an email attachment, webpage download, etc. or by the system being already
compromised.
Solution
========
- Update to Okular >= 1.10.0
- or apply the following patch:
6a93a033b4
Workaround
==========
There's no real workaround other than not opening PDF files from untrusted sources.
Credits
=======
Thanks to Mickael Karatekin from Sysdream Labs for the discovery and to
Albert Astals Cid for the fix.
/dev/stdin is a non-portable non-POSIX extension having different
semantics on different operating systems. zininfo(1) exits with 9 when
/dev/stdin is supplied on FreeBSD. In fact, unzip(1) explicitly documents
that it does not support reading from stdin.
[1] https://lists.reproducible-builds.org/pipermail/diffoscope/2020-March/002632.html
PR: 244750
Submitted by: Michael Osipov <michael.osipov siemens com>
MFH: 2020Q1
Sort knobs, configure arguments, and sub list.
This release improves the functionality related to
proxying and static media asset handling, please visit
http://mailman.nginx.org/pipermail/unit/2020-March/000195.html
to get more details.
<ChangeLog>
*) Feature: basic load-balancing support with round-robin.
*) Feature: a "fallback" option that performs an alternative action if a
request can't be served from the "share" directory.
*) Feature: reduced memory consumption by dumping large request bodies
to disk.
*) Feature: stripping UTF-8 BOM and JavaScript-style comments from
uploaded JSON.
*) Bugfix: negative address matching in router might work improperly in
combination with non-negative patterns.
*) Bugfix: Java Spring applications failed to run; the bug had appeared
in 1.10.0.
*) Bugfix: PHP 7.4 was broken if it was built with thread safety
enabled.
*) Bugfix: compatibility issues with some Python applications.
</ChangeLog>
As now (only) python3 is supported, also change the USES python statement and
remove the deprecation warning.
PR: 244731
Submitted by: Klaus Aehlig <aehlig@linta.de> (maintainer)
Removes unused imports and unused variables from Python code. It makes use of
pyflakes to do this.
By default, autoflake only removes unused imports for modules that are part of
the standard library. (Other modules may have side effects that make them
unsafe to remove automatically.) Removal of unused variables is also disabled
by default.
WWW: https://github.com/myint/autoflake
PR: 244759
Submitted by: Goran Mekić <meka@tilda.center>
ChangeLog: https://github.com/jhspetersson/fselect/releases/tag/0.6.9
* added SUBSTRING or SUBSTR function
* added LEN as a synonym for LENGTH function
* extract EXIF data from HEIF files
* added device, inode, blocks, and hardlinks fields (Linux only)
* bugfixes
PR: 244700
Submitted by: vulcan@wired.sh (maintainer)
