Commit graph

222 commits

Author SHA1 Message Date
markd
7be52deb21 Patches for CVE-2009-0689 and KDE advisory 20091027. 2009-12-13 19:43:51 +00:00
tnn
bc4502288e Add kludge to let it build on debian squeeze, where it failed with:
/usr/include/asm-generic/fcntl.h:117: error: redefinition of 'struct flock'
/usr/include/bits/fcntl.h:159: error: previous definition of 'struct flock'
(this is due to kdelibs including kernel headers for inotify)
Fingers crossed that this won't introduce regressions on $otherLinux.
2009-10-23 07:46:08 +00:00
wiz
5cecce41d7 Fix build with openssl-1.0. From markd.
Enable openssl again on NetBSD-current. Bump PKGREVISION.
2009-08-31 20:54:26 +00:00
wiz
06f78b63de Disable ssl support on NetBSD-5.99.15 and newer (openssl-1.0 snapshot)
because of incompatible changes (STACK removal etc.) until someone fixes
it.
2009-08-29 11:26:29 +00:00
sno
6f7368d4db bump revision because of graphics/jpeg update 2009-08-26 19:56:37 +00:00
markd
cdc746972c Fix for CVE-2009-1725 2009-08-18 11:57:33 +00:00
hasso
d281cecb9f Fix a serious security issue for platforms using kgrantpty (NetBSD isn't
such, but DragonFly is): ${SETUID_ROOT_PERMS} doesn't work for suid
kgrantpty, because the locate() method used to find the path to the binary
expects it to have a read permissions set.
2009-06-16 16:09:36 +00:00
joerg
af60c10a8f Convert @exec/@unexec to @pkgdir or drop it. 2009-06-14 22:06:39 +00:00
joerg
b02a0f888e Remove @dirrm entries from PLISTs 2009-06-14 18:24:43 +00:00
joerg
2d1ba244e9 Simply and speed up buildlink3.mk files and processing.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
2009-03-20 19:23:50 +00:00
markd
cb47f93189 Update to KDE 3.5.10
minor bugfixes
2008-08-27 11:59:13 +00:00
joerg
f605fec2db Mark as destdir ready. 2008-07-14 12:55:56 +00:00
abs
71c309f046 Add CONFLICTS= kdelibs4-[0-9]* 2008-06-12 12:51:27 +00:00
markd
4b94a83b92 Deal with openssl changes in -current. 2008-05-17 02:28:17 +00:00
markd
cf0c8a310c start_kdeinit multiple vulnerabilities - linux only
http://www.kde.org/info/security/advisory-20080426-2.txt
2008-04-27 04:14:32 +00:00
jlam
841dfa0e7a Convert to use PLIST_VARS instead of manually passing "@comment "
through PLIST_SUBST to the plist module.
2008-04-12 22:42:57 +00:00
markd
fe1f06f2c6 Update to kde 3.5.9
minor bugfixes.
2008-02-20 09:49:56 +00:00
joerg
f64c1d1265 Needs iceauth at runtime. Bump revision. Fixes PR 38007. 2008-02-12 12:20:44 +00:00
tnn
ad6ceadd25 Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
2008-01-18 05:06:18 +00:00
markd
e1a38464a5 Note pkgsrc as the distribution method, for the bug report wizard.
From Sergey Svishchev.  Bump PKG_REVISION.
2008-01-04 21:12:38 +00:00
wiz
a34ac258dd Bump PKGREVISION because openexr now depends on ilmbase. 2007-11-30 21:55:01 +00:00
markd
7a322c4130 Use zonetab package rather than doing it locally. 2007-11-13 11:19:18 +00:00
markd
cce2ab9b81 Update to KDE 3.5.8
core libs
* Small performance improvements.
* Reworked KCmdLineArgs::makeURL to make "kpdf a:b" work when a:b is an
  existing file in the current directory.
* Be more robust against addressbar spoofing.
* A hostname may resolve to multiple addresses. When connection to one
  timeouts, we should not immediately give up. Instead, we try the other
  addresses.
http ioslave
* Fix crash on broken servers.
* Fix Connection failed Url Frame Redirection.
* Fix session cookies not always accepted.
* Fix persistent cookies are treated like session cookies.
* Fix a cross-site cookie injection vulnerability.
* Fix for correctly propagating HTTP response headers > 8K.
* Fix http responses containing just a header cause Konqueror to wait
  indefinitely for a response.
* Fix problem with cookies in konqueror when server specified as IP adress.
* Fix per-site cookie policy does not apply to cookies set for subdomains.
KHTML
* Fix handling of font-variant:inherit.
* Fix GMail/Firefox yet again.
* Fix confused cursor shapes if mail and new-window links appear on the
  same page.
* Fix cannot type text into boxes on riteaid.com.
* Optimize descendant selector matching.
* Fix invalid placing of image.
* Default to "UTF-8" per section 2 of the draft W3C "The XMLHttpRequest
  Object" specification.
kjs
* Do not convert accented latin1 characters into undrawable char in
  websites using advanced JavaScript.
2007-10-20 10:36:14 +00:00
markd
1a758923e2 Updated version of Konqueror address bar spoofing fix
http://www.kde.org/info/security/advisory-20070914-1.txt
2007-09-21 20:45:52 +00:00
wiz
3528e06345 Fix paths for GConf, libglade, libart, libsigc++, lablgtk moves.
Bump PKGREVISION.
2007-09-21 13:03:25 +00:00
markd
95b42e1656 The Konqueror address bar is vulnerable to spoofing attacks
that are based on embedding white spaces in the url. In addition
the address bar could be tricked to show an URL which it is
intending to visit for a short amount of time instead of the
current URL.
http://www.kde.org/info/security/advisory-20070816-1.txt
Bump PKGREVISION for kdelibs3 and kdebase3
2007-09-02 04:33:59 +00:00
rillig
7f125459d8 Removed some code duplication from the buildlink3 files by using the new
pkg-build-options.mk procedure.
2007-05-30 08:54:28 +00:00
markd
702200929f Update to KDE 3.5.7
KHTML
* Implement heuristic cyr encoding detection.
* Implement support for textContent().
* Indicate near mouse pointer if a link wants to open a new browser window.
* Harmonize document.href and .pathname of about:blank windows with other
  browsers.
* Fix jumping to the top right before loading a new page.
* Make frame name lookup locale-independant.
* Make valueOf() and toString() accessible across sites.
* Make setValue() work on radio button and checkboxes.
* overrideMimeType() implementation.
* Fix various crashes and bugs.

KJS
* Support named function expressions.
* Support for localeCompare() function.
* Caller property implementation.
* Improvements:
* Unreserve class keyword as it's often used as an identifier by JS
  programmers.
* Disable UTF-8 validation in libPCRE, since it's incredibly slow.
* Support unicode escape sequences in identifier names.
* Parse null characters.
* toExponential() fix for negative numbers.
* Fixed off-by-one digit error in toFixed().

Kate
* Update cmake highlighter.
* Fix bug in search and replace, placeholder did not work correctly.
* Make cursor in inactive views behave correctly.
* Update selection after paste.
* Multiple views are usable again.

Kimgio
* Fix buffer overflow during writing xview files.
2007-05-23 12:57:37 +00:00
markd
041dc97fd0 ioslave PASV port scanning vulnerability (CVE-2007-1564) fix.
plus fix against KJS for similar issue to the Qt UTF-8 overlong sequence
decoding vulnerability.  Bump PKGREVISION.
2007-04-06 12:59:17 +00:00
wiz
601583c320 Whitespace cleanup, courtesy of pkglint.
Patch provided by Sergey Svishchev in private mail.
2007-02-22 19:26:05 +00:00
abs
3694510bfe add a mirror for the post-3.5.6-kdelibs.diff patchfile 2007-02-07 20:38:04 +00:00
markd
ea17d46add khtml/konqueror title XSS vulnerability
http://www.kde.org/info/security/advisory-20070206-1.txt
Bump PKGREVISION.
2007-02-07 12:17:18 +00:00
markd
4d2ad6c776 Reverting r617941. This fixes jumping to the top right before loading a
new page in konqueror and also fixes page loading time increase.
From KDE SVN.  Bump PKGREVISION.
2007-02-05 19:32:17 +00:00
markd
2afa4ad7ff Update to KDE 3.5.6
KHTML
* Treat specific attribute values case-insensitively during style matching.
  With these changes, KHTML becomes the first rendering engine to thoroughly
  pass the 578 tests of the excellent Automated CSS3 Selectors Testsuite
  (http://www.css3.info/selectors-test).
* Implement CSS3 extension text-overflow: ellipsis.
* Implement overflow-x/y as many websites use it now.
* Fix overflow sometimes not painted/repainted.
* Fix incorrect margin for some tables.
* Fix crashes on some AJAX pages.
* Fix background no-repeat image wrapping.
* Fix instanceof ecma operator not working on DOM objects.
* Fix some pages appearing empty or missing content.
* Fix table caption rendering on some pages.
* Make innerText much faster fixing freezes on some web pages.
* Fix crash on javascript manipulated tables.
* Fix all links gettinh underlined while hovering over just one link on
  some malformed web pages.
* Let floats overflow the left border when they should.
* Fix cursor in input field not disappearing when setting focus to another
  input field.
* Prevent crash-inducing recursion of detach due to blur events happening
  when widgets with focus get destroyed.
* Fix border collapse not working in tables.
* Fix ∉ displayed as ¬in;.
* Make max-height and max-width: none work correctly.
* Fix memory leak when using deleteRule.
* Fix crash when resolving a stylesheet imported from external one.
* Fix an infinite relayout on msdn.
* Fix computed line-height beign incorrect.
* Fix crash race on various sites with popup ads.
* Reset hover text when mouse leaves khtml view.
* Whenever the content changes, recheck if the mouse cursor shall show
  some other shape to correctly match it to the content below it.
* Immediately redraw visited links with the respective color when the
  page got loaded and inserted into the history.
* Fix tables sometimes intruding floats on dynamic restyle.
* Fix conflicting priorities in font shorthand parsing leading to wrong
  line-height computation.
* Do not crash when finding backwards.
* Fix infinite recursion happening when changing style from
  overflow:scroll to auto.
* Fix initial size of input type=FILE form control.
* Make vertical-align text-top/bottom CSS 2.1 compliant.
* Fix ecma alert() dialog formatting it's output as a single huge line
  without line breaks.

Kate
* Add actionscript highlighting.
* Add some pseudo-elements that khtml supports, but FireFox doesn't.
* Fix wrong indentation at top of source file in cstyle indenter.
* Fix memory leaks and accessing uninitialized variable.
* Fix endless loop in cstyle indenter.
* Fix crash using comment commands.
* Java Highlighting: Correctly highlight comments after import lines.

kdefx
* Change asterisks on passwords to bullets.

kdeprint
* Fix printing of files with accentuated characters in filename or in
  the path.
* Fix showing names of non local files in kprinter.

kio
* Don't crash when creating a job for an invalid URL.
* Hide the progress dialog while displaying the password dialog.
* Fix wrong "Couldn't receive DCOP signal" errors on RMB menu.
* Fix statusbar having more than one line.
* Fix possible data loss when using kioexec.

KJS
* Properly propagate some exception values.
* Fixed Number.toPrecision(n) calls on negative zero.
* Allow changing the internal value of invalid dates.
* Fix Unicode support in RegExp handling, and also be more robust
  vs. embedded nulls. Fixes problems with some cyrillic characters in
  gmail and makes google calendar somewhat work.
2007-01-26 02:44:27 +00:00
wiz
e5b04d25c0 Very belatedly bump PKGREVISION for all jasper dependencies because
of the shlib name change (!) during the update to 1.900.0.

Noted by Robert Elz in PR 35431.
2007-01-17 23:47:18 +00:00
joerg
5e43280b23 Replace mk/bsd.prefs.mk includes with bsd.fast.prefs.mk includes.
The redundant parsing of bsd.prefs.mk is mostly avoided now and
parse time e.g. for x11/kdebase3 gets reduced by up to 10%.
2006-12-12 21:52:34 +00:00
markd
a10787eef1 Fix a regression in html rendering. From KDE svn. Bump PKGREVISION. 2006-11-20 09:38:15 +00:00
markd
841a654e4b Add MESSAGE suggesting the creation of /tmp/.ICE-unix prior to starting
KDE.
2006-11-20 09:34:19 +00:00
markd
26f00a11aa Explicitly note files with SPECIAL_PERMS. 2006-11-20 09:32:02 +00:00
markd
090d929aae Use CHECK_PORTABILITY_SKIP for kate/tests/highlight.sh - its not a real
script.
2006-11-20 09:30:26 +00:00
markd
7fad8e3cef Make check-portability.sh happy. kate/tests/highlight.sh is not
runnable but fix the "test ==" anyway.
2006-10-15 11:25:19 +00:00
markd
016fb8c4a6 Update to KDE 3.5.5
Remove the USE_TOOLS+=gawk:pkgsrc for Solaris as bootstrap now provides
a suitable awk.

Changes:
kdeinit
* Add protection against poor Linux OOM-killer heuristic.
Kate
* Support Q_DECLARE_INTERFACE-macro when coding Qt-code
* Don't enter "word selection mode" without an actual selection.
* Fixed another stringAtPos(-1) call.
KHTML
* Heavy DHTML optimizations for the case where the changes in the style
  merely moves a layer, which is very common.
* Significant improvements in painting of inline elements, to be more
  compliant with CSS 2.1 - section 10.8.1 and Appendix E-2; also includes
  support for CSS 3 outline-offset.
* Support CSS3's hsv/hsva color values.
* Fixes to make the new yahoo photos site basically work: fix a bug in
  XML parser and emission of scroll event.
* Fix a regression in performance of background painting.
* Properly compute length of utf-8 data in XMLHttpRequest.
* Support parsing of attribute/>.
* Evaluate scripts in <iframe src="javascript:..."> properly. Fixes some
  of the product pages on amazon.com and the reader on freemail.hu.
* Permit faster auto-scrolling with the middle mouse button.
* Permit manually scrolling frames with keyboard et al. even if they have
  scrolling=no.
* Don't miss some of the attribute changes relevant for restyling.
* Properly restyle when when an anchor stop being a link of becomes one.
* Properly honor bottom padding on scrolled overflow.
* Honor no-repeat in background when background offset is negative.
* Fixes in application of padding to inline elements.
* Various memory leak fixes, in particular in the element from ID or name
  lookup caches, and some table and attribute node operations.
* Fix handling of <colgroup> elements without span attribute.
* Fixes in stacking order of elements with non-visible overflow.
* Fixing crash upon deleting cells from rows.
* Do not improperly reset text-align in tables in strict mode.
* Properly re-layout table caption if needed.
* Fixing two crashes in the capitalization code (regression).
* Fix crash on hover due to dangling placeholder box.
* Fix sometimes incorrect positioning of positioned elements having root
  as containing block.
* Fixed crash when characterSet is accessed on newly-created document.
* Fix regression in <label> support.
* Support the add method on the options collection.
* Properly discard malformed content properties.
* Parse 'align' attribute of iframes.
* Make sure to properly escape ampersands in right-click google search.
* Resetting a SELECT with no default selection should not select the
  first item if it's a multiple selection list.
* Do not let NodeIterators escape out of the root node.
* For percentage height calculation purposes, make body appear to have
  the same height as the viewport (quirk mode).
* Properly account for overflows induced by inline-blocks and text-shadows.
* Remove incorrect addition of borders to layers which made some links
  unclickable (regression).
* Fix mistake which made the viewport width be used instead of the root
  block width when calculating the document width (regression).
* Make sure that when display:compact blocks are merged into a host block,
  the height of the resulting block is at least that of the compact block.
* Do not limit single-line input elements to entry of 1024 characters.
* Do not try to run external VBScript; add the newly approved ECMAScript
  mimetypes.
* Fix bug involving first-letter property where text fragments would
  'disappear' (being offset far to the right or left) instead of breaking
  to next line.
* Allow instanceof to work on most DOM objects (partial fix).
kjs
* Parse dates with ',', '-' and ':' where whitespace was expected.
  Example: ",-:September,03,-:,2006, 13:53:02,-:"
* Do not crash when modifying an invalid date object.
* Fix locale-dependence in the parser, which resulted in floating point
  numbers getting misparsed in some locales.
kio
* Set m_bDeep in all KServiceGroup constructors, or it may be used
  uninitialized in load() and entries(). kbuildsycoca did this, and
  valgrind caught it.
kdecore
* Pick correctly the best icon size. Also make -1,-1 return the largest
  icon and not the first one (makes more sense and saying the first one
  is as good as saying a random one).
* Be explicit about windowInfo() args.
* NET::Override is old and hated.
* Add support for more icon contexts in the icon loader.
* Search for icons also in $XDG_DATA_DIRS.
* Fix KSharedConfig to actually share readonly configs.
kdefx
* - "features" is clobbered by the longjmp, so mark it as volatile to
  avoid that a clever compiler (gcc 4.2) optimizes reads away.
kdesu
* Add sudo support. See that bug for some remaining issues.
kdeui
* Don't draw a highlighting line above KPopupMenu title sections. It
  looks very out-of-place, especially when using styles with rounded
  PE_HeaderSections.
kdoctools
* Some extra entities required for 100% successful docs compilation.
kdeprint
* CUPS 1.2 support
* Show prettier urls.
knewstuff
* Unbreak "latest" and "most downloads" views.
* Fix memory leaks.
KWallet
* Fix deadlock with autocompletion popups.
* Associate wallet dialogs properly with main windows.
l10n
* Fix short date format for Turkish.
2006-10-12 10:31:04 +00:00
joerg
19a38774c3 Improve findMostRecent: when no minor version is available, assume it
is -1 and continue the comparision.
2006-09-11 19:03:50 +00:00
joerg
cedd86f930 Bump revision for SSL fix on DragonFly. 2006-09-11 09:11:04 +00:00
joerg
d436202c11 Use the NetBSD/OpenBSD shared library magic on DragonFly as well
to fix SSL usage. Problem reported on DragonFly's user list.
2006-09-11 09:10:01 +00:00
markd
0b937f987a Update to KDE 3.5.4
kdecore
* Fix compiling on Solaris.
kdeui
* Now KKeyChooser does not steal focus when created.
* Fixed the terrible flickering in KDateTable like for example when
  resizing Kicker.
kio
* Make move not do a copy and delete in some cases.
* Fix problem with inotify causing crashes...
KIOslave
* Fixed referrer not sent back to client when using https.
KHTML
* Lots of fixes
kjs
* Enumerate array properties in order of addition, matching other
  browsers.
* Support the "debugger" keyword.
kssl
* Increase usability of KIO KSSL dialog.
* Update netlock QA class certificate.
* Add startcom CA.
mimetypes
* Add *.tor pattern for bittorrent mimetype.
* Add x-mplayer2 (Microsoft media) mimetype.
2006-08-02 13:42:16 +00:00
jlam
c16221a4db Change the format of BUILDLINK_ORDER to contain depth information as well,
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.

For example, "make show-buildlink3" in fonts/Xft2 displays:

	zlib
	fontconfig
	    iconv
	    zlib
	    freetype2
	    expat
	freetype2
	Xrender
	    renderproto
2006-07-08 23:10:35 +00:00
jlam
9430e49307 Track information in a new variable BUILDLINK_ORDER that informs us
of the order in which buildlink3.mk files are (recursively) included
by a package Makefile.
2006-07-08 22:38:58 +00:00
markd
a93d8a92d7 Update to KDE 3.5.3
Changes:
* KHTML
  o Don't crash when triple-clicking on a line that has :after or
    :before content, or anything that isn't in the DOM
  o Implement nondeterministic CSS matching
  o Do not crash if an old target got destroyed.
  o Fix static Y position of positioned objects in initial whitespace
    (3.5 regression).
  o Fontrendering: A few percent speedup by caching font scalability
    info
  o Konqueror will crash if a floated link uses :hover:before or
    :hover:after to create a positioned element.
  o Text selection misbehaves for devanagari.
  o Fix crash when hovering a HTML menu item
  o Don't crash when null pointer passed to removeEventListener
  o Prevent an infinite loop in parseToken() when dealing with broken
    HTML.
  o If we saved creating a renderer at attach. Create it if we later
    need it.
  o Don't allow to find text in password fields.
  o Improve XHTML CSS styling
  o Handle CSS restyling for all types of dynamic DOM changes and
    user interaction
  o Only repaint the expossed background when scrolling. Optimizes a
    few slow pages with unoptimized X11 drivers.
  o Speed-up painting and selections on pages with large tables.
  o Match better the error-handling capabilities of Firefox with
    respect to DL/DT/DD elements.
  o Added missing sanity check which caused crashes in caret mode on
    pgup/pgdn when there was no valid caret.
  o Make sure copyBlt doesn't fail because of different depth.
  o No other property depends on background-image, and applying it
    before the rest of the background short-hand breaks it under
    inheritance.
* KIO
  o Add media kioslave support to KFileDialog
  o KPropertiesDialog first renames the file, then allows all plugins
    to save their changes.
  o Make KDirSelectDialog work with media:/ and similar. Fixes JuK.
* KDEPrint
  o Fix usage of private methods in CUPS which broke KDEPrint with
    CUPS 1.2
  o Allow adding multiple file to the to-be-printed list.
  o No fax sent when special characters are included in the sender
    information
  o Kdeprintfax ignores paper size setting when using Hylafax
* KDE-UI
  o Use KConfigGroup to reset the config group automatically.
  o Give a possibility to disable spellchecking.
* KIO-Slaves
  o KIO-HTTP
  o  Keep the fragment when doing redirections. (the HTTP requests
     and redirections don't include fragments; it's a browser thing).
2006-06-01 13:39:10 +00:00
markd
ef4e992e52 Add applnk/Office directory. Bump PKGREVISION. 2006-05-15 10:57:23 +00:00