Commit graph

195162 commits

Author SHA1 Message Date
jnemeth
ade64d0368 sendmail is incompatible with current versions of databases/db4
as the latter is now threaded, so delete the option
2012-12-28 05:27:06 +00:00
taca
5ead227eb4 Note update of mail/squirrelmail package to 1.4.23pre14345. 2012-12-28 04:04:10 +00:00
taca
fff65a0a96 Update squirrelmail to 1.4.23pre14345, snap shot from squirrelmail's
repository.  Approved by wiz@.

* Now work well with PHP 5.4 and later.

Version 1.4.23 - SVN
--------------------
  - Added capability to issue SEARCH commands in literal format (so that
    non-ASCII search terms are handled RFC-correctly).
  - Fixed hook name clash: new "smtp_auth" hook added in version 1.4.22
    has been renamed to "smtp_authenticate"
  - Added SASL PLAIN mechanism for IMAP logins; backported from version
    1.5.2.
  - Prevent syslog warning in call_user_func_array() call when no
    arguments given.  Patch from Jean-Philippe Guerard (#3309935).
  - Changed the read_body_menu_top hook from concat_hook_function to
    do_hook_function (plugin authors please note)
  - Always ensure that the Reply-To header is a full email address in
    outgoing messages
  - Fixed issue with Noselect mailboxes being clickable in folder list
  - Made performance improvements in mailbox listing
  - Attachment filename extensions changed from ".msg" to ".eml"
  - Unified address book searches somewhat: file-backed address books now
    search in each field individually; database-backed address books now
    search in fields other than first/last name (nickname, email); LDAP-
    backed address books now search in common name fields as well as by
    email address (cn, sn, givenname, mail)
  - You may now enable LDAP-backed address books to be listed (using
    the "List all" button on the address search screen accessed via
    the "Addresses" button on the compose screen) by adding
    "$ldap_abook_allow_listing = TRUE;" (without quotes) to
    config/config_local.php (previously, this required editing of a
    file).
  - Added ability to control browser rendering mode (quirks versus
    standards) - see the $browser_rendering_mode setting in
    config/config.php or the "4. General Options ==> 19. Browser
    rendering mode" setting in the configuration tool (#3240356).
  - Added "search_index_before" hook (analog of the "mailbox_index_before"
    hook)
  - Made performance improvements in security token handling
  - Improvements for compatibility with PHP 5.4.
  - Added option that allows users to have replies to their own
    messages sent to the recipient of the previous message (#3520988).
2012-12-28 04:03:34 +00:00
dholland
d854cdcb36 Stuff from the past few days. 2012-12-28 03:13:01 +00:00
dholland
a3dfc1076f Fix legacy C. Pass -Wall -W -Wmissing-declarations -Wwrite-strings on
gcc45.

   - avoid implicit int, declare void functions void
   - return values from non-void functions
   - put most external declarations properly in header files
   - use some static and const
   - fix up a big mess with function pointer casting
   - use standard includes, don't provide own decls of standard functions
   - use types matching libc when providing own malloc, printf, and putchar
   - use <ctype.h> functions correctly
   - silence assorted compiler warnings
   - fix some bugs exposed by compiler warnings
   - don't intentionally exercise signed overflow
   - remove some unused items
   - add patch comments to other patch (patch-aa)

As this includes several fixes and removes some undefined behavior on
a commonly reachable code path, bump PKGREVISION.
2012-12-28 03:03:08 +00:00
wiz
69210f6ad3 Updated devel/boost-jam to 1.52.0nb1 2012-12-27 21:45:49 +00:00
wiz
daf4204a91 Fix path to Jambase. From Richard Palo in PR 47320.
Bump PKGREVISION.
2012-12-27 21:45:40 +00:00
bsiegert
f4e5cfe47e Add #ifdef __OpenBSD__ to some of the patches, to fix compilation on
OpenBSD and MirBSD.

Freeze exception granted by wiz.
2012-12-27 21:04:11 +00:00
ryoon
d0fe134fce Fix build on Solaris. 2012-12-27 20:38:22 +00:00
ryoon
f89bcd8961 Fix build on Solaris. 2012-12-27 20:19:35 +00:00
ryoon
515ca620b2 Mark MAKE_JOBS_SAFE=no, detected in SmartOS bulk build. 2012-12-27 20:12:26 +00:00
ryoon
1eeaf13b46 Updated editors/emacs22 to 22.3nb24
Updated editors/emacs22-nox11 to 22.3nb3
2012-12-27 17:53:30 +00:00
ryoon
540aa107fa Bump PKGREVISION.
Sync with editors/emacs22's update.
2012-12-27 17:50:26 +00:00
ryoon
ce590bc2c4 Bump PKGREVISION.
Meke NetBSD use openpty() like emacs24.
This fixes gnupg error invoked from mail/mew when decrypting.
2012-12-27 17:48:29 +00:00
bsiegert
f0935bc5f5 Unbreak on MirBSD and OpenBSD.
Freeze exception granted by Greg Troxel.
2012-12-27 17:01:23 +00:00
darcy
b01651f98f Correction to category of last viewvc update. 2012-12-27 16:35:16 +00:00
darcy
b349b63a18 Updated devel/viewvc to 1.1.17 2012-12-27 12:58:34 +00:00
darcy
a335880343 Update to 1.1.17.
Clears TODO item.

Version 1.1.17 (released 25-Oct-2012)

  * fix exception caused by uninitialized variable usage (issue #516)

Version 1.1.16 (released 24-Oct-2012)

  * security fix: escape "extra" diff info to avoid XSS attack (issue #515)
  * add 'binary_mime_types' configuration option and handling (issue #510)
  * fix 'select for diffs' persistence across log pages (issue #512)
  * remove lock status and filesize check on directories in remote SVN views
  * fix bogus 'Annotation of' page title for non-annotated view (issue #514)

Version 1.1.15 (released 22-Jun-2012)

  * security fix: complete authz support for remote SVN views (issue #353)
  * security fix: log msg leak in SVN revision view with unreadable copy source
  * fix several instances of incorrect information in remote SVN views
  * increase performance of some revision metadata lookups in remote SVN views
  * fix RSS feed regression introduced in 1.1.14

Version 1.1.14 (released 12-Jun-2012)

  * fix annotation of svn files with non-URI-safe paths (issue #504)
  * handle file:/// Subversion rootpaths as local roots (issue #446)
  * fix bug caused by trying to case-normalize anon usernames (issue #505)
  * speed up log handling by reusing tokenization results (issue #506)
  * add support for custom review log markup rules (issue #429)

Version 1.1.13 (released 23-Jan-2012)

  * fix svndbadmin failure on deleted paths under Subversion 1.7 (issue #499)
  * fix annotation of files in svn roots with non-URI-safe paths
  * fix stray annotation warning in markup display of images
  * more gracefully handle attempts to display binary content (issue #501)

Version 1.1.12 (released 03-Nov-2011)

  * fix path display in patch and certain diff views (issue #485)
  * fix broken cvsdb glob searching (issue 486)
  * allow svn revision specifiers to have leading r's (issue #441, #448)
  * allow environmental override of configuration location (issue #494)
  * fix exception HTML-escaping non-string data under WSGI (issue #454)
  * add links to root logs from roots view (issue #470)
  * use Pygments lexer-guessing functionality (issue #495)
2012-12-27 12:56:36 +00:00
wiz
7d6849bb23 + aria2-1.16.1, doxygen-1.8.3, dvdstyler-2.3.5, milter-greylist-4.4.1
[pkg/47369], xf86-video-intel-2.20.17.
2012-12-27 12:17:22 +00:00
dholland
4a861a6f6b Clean up legacy C.
Now passes gcc -Wall -Wextra -Wmissing-declarations -Wwrite-strings on gcc45.
May build with clang now too.

Changes:
   - use standard headers
   - don't declare own errno, fopen(), getenv(), or malloc()
   - declare own functions
   - declare void functions void
   - avoid implicit int
   - use C89
   - use some const
   - use some static
   - fix signed/unsigned mismatches
   - call execl() properly
   - don't cast return value of malloc
   - initialize struct sigaction correctly
   - use <ctype.h> functions correctly
   - don't index arrays with (signed) char
   - don't put function declarations inside function bodies
   - patch up two uninitialized variables
   - silence some compiler warnings that are not bugs
   - remove some unused objects
and:
   - add patch comments for preexisting patches
   - correct some minor pkglint

As a couple of these things fixed bugs (e.g. the execl calls), bump
PKGREVISION.
2012-12-27 06:13:20 +00:00
dholland
189c033e70 Fix typo and note that TECO is a 'classic' text editor. 2012-12-27 06:03:41 +00:00
dholland
a770ddc146 Pass around input buffer lengths properly and don't use gets().
PKGREVISION -> 11 for this and previous changes.
2012-12-27 00:23:21 +00:00
dholland
2a2f0cd6ed Some minor fixups. 2012-12-27 00:20:56 +00:00
dholland
29ecbe422e Fix up return types for clang. Fix problem this exposed calling XFlush()
with the wrong (no) arguments.
2012-12-26 22:31:31 +00:00
dholland
caec8ecf6a sort 2012-12-26 22:29:59 +00:00
dholland
a1bbfc17fd When looking inside FILE, don't assume that platforms without specific
handling that are using gcc are also using glibc. Might fix the Solaris
build.

XXX: looking inside FILE is gross, someone should sort this out
XXX: in collaboration with upstream.
2012-12-26 21:55:37 +00:00
dholland
baf7a72c82 Patch inline usage. 2012-12-26 21:41:52 +00:00
dholland
90bd3c7c82 Doesn't actually build using python-3.x 2012-12-26 21:30:05 +00:00
dholland
54b8e64764 Don't attempt -lsocket except on Solaris. 2012-12-26 21:25:57 +00:00
ryoon
340e03f79b ${CC} is used in configuration. 2012-12-26 21:24:26 +00:00
dholland
ffcaa87697 Fix legacy C. Passes gcc -Wall and should build on clang too.
This fixes at least one bug on some platforms (misuse of utime(3)) so
bump PKGREVISION.
2012-12-26 21:21:38 +00:00
ryoon
17fca1a719 Add some tools to USE_TOOLS, fix build on SmartOS etc.
patch and bdftopcf is used in distribution Makefile.
2012-12-26 21:14:06 +00:00
ryoon
c20156048e Fix build on Solaris without /usr/bin/ccs/ar. 2012-12-26 18:51:47 +00:00
asau
aa73205697 Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-12-26 18:46:00 +00:00
ryoon
126ff0539d * Fix build on Solaris
* Patches are regen
2012-12-26 17:12:57 +00:00
darcy
6a65e971ae Updatde bogofilter to 1.2.3. 2012-12-26 17:01:03 +00:00
darcy
dd6c94875a Upgrade to 1.2.3.
Fixes:
	2012-10-24
	* Update configure.ac to avoid autoconf 2.68 warnings, by
	  (a) quoting the first AC_RUN_IFELSE argument, an
	      AC_LANG_PROGRAM(), with [ ], and
	  (b) providing an explicit "true" assumption for Berkeley DB
	      capabilities to avoid cross-compilation warnings.

	2012-10-22
	* Security bugfix for CVE-2012-5468 (bogofilter-SA-2012-01):
	  Fix a heap corruption in base64 decoder on invalid input.
	  Analysis and patch by Julius Plenz <plenz@cis.fu-berlin.de>.

	2011-01-02
	* Added bogofilter-faq-bg.html, a Bulgarian translation of the FAQ.
	  (thanks to Albert Ward)

	2010-10-29
	* Mark "Berkeley DB 5.1.19: (August 27, 2010)" supported.
2012-12-26 16:58:27 +00:00
wiz
14a0ecbee1 + awesome-3.5, feh-2.8, gettext-0.18.2, gnumeric-1.12,
libmicrohttpd-0.9.24, liferea-1.8.11, stella-3.7.5, tea-33.5.0.
2012-12-26 14:12:01 +00:00
jaapb
337dc5be2d Corrected build failure with clang, slightly cleaned up Makefile
(USE_LANGUAGES, put dependencies in alphabetic order)
2012-12-26 10:27:14 +00:00
jaapb
bbb9579366 Corrected build failure with clang, and added comments to patches. 2012-12-26 10:24:16 +00:00
mef
bce8d3b64b Fix for gcc-4.7 (DragonFryBSD 3.3),
getting g++: unrecognized option '-pthread-lrt'.
The original sed script eats space chars around '-lpthread',
This is apparently upstream bug and report are already sent.

OK'ed by gdt@ and thanks marino@,
2012-12-26 06:50:27 +00:00
taca
6489ddb32d + freetype-2.4.11 [security]. 2012-12-26 04:25:42 +00:00
sbd
bdd4d801ac The PY_PLATNAME on Linux is now 'linux'. 2012-12-25 23:48:47 +00:00
sbd
ed7f7d59b3 configure needs the path to mkdir as its used in installed files. 2012-12-25 23:47:39 +00:00
ryoon
092e769ad4 Updated devel/mantis to 1.2.12 2012-12-25 21:49:46 +00:00
ryoon
069de1be7c Update to 1.2.12 from 1.1.7
* Set LICENSE and pkglint
* Change to 1.2.x branch
* Many security fixes shall be included, but I cannot specify them...

Changelog:
Full log: http://www.mantisbt.org/bugs/changelog_page.php

MantisBT Release Notes

1.2.12 Maintenance Release (2012-11-10)
-------------------------------------------------

MantisBT 1.2.12 resolves over 70 issues mainly in the following categories:
security, MS SQL and PostgreSQL databases support, Change Log page, custom
fields, installation, attachments, SOAP API, XML import/export plugin,
e-mail (including update of the PHPMailer library to version 5.2.1) and others.

In addition, it also brings several enhancements:
 - filter page now allows 'OR' logic and to query by notes' authors
 - improved e-mail logging (see #14630)
 - new 'EVENT_UPDATE_BUG_STATUS_FORM' plugin event
 - updated Admin Guide
 - translations in many languages

All installations that are currently running any 1.2.x or older version are
advised to upgrade to this release.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.11 Maintenance Release (2012-06-08)
-------------------------------------------------

MantisBT 1.2.11 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x or older version are
advised to upgrade to this release.

This release also contains numerous minor bug fixes to MantisBT,
SOAP API fixes, enhancements to the admin guide and improved translations in many
languages.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.10 Maintenance Release (2012-04-01)
-------------------------------------------------

MantisBT 1.2.10 is a maintenance release. All installations that are currently
running any 1.2.x version are advised to upgrade to this release.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.9 Maintenance Release (2012-03-03)
-------------------------------------------------

MantisBT 1.2.9 release delivers 92 fixes and improvements including security
fixes, new MantisBT logo, MantisTouch integration, MS SQL fixes, SOAP API
improvements, and others.  We recommend that all instances be upgraded to this
release.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.8 Security Release (2011-09-05)
-------------------------------------------------

MantisBT 1.2.8 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are advised to
upgrade to this release.

Paulino Calderon from Websec, High-Tech Bridge Security Research Lab and Paul
Richards discovered 3 vulnerabilities:
 - 1x local file inclusion (LFI)/directory traversal
 - 2x cross site scriptin (XSS)

These vulnerabilities could have very severe consequences for users of
MantisBT, particularly as a result of the local file inclusion vulnerability.
If an attacker can upload their own PHP script to the server as an attachment,
they may be able to execute this script using the LFI vulnerability.

Refer to issues #13191 and #13281 for detailed information.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.7 Security Release (2011-08-19)
-------------------------------------------------

MantisBT 1.2.7 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are advised to
upgrade to this release.

Net.Edit0r from BlACK Hat Group posted a vulnerability report for an XSS issue
in search.php. All MantisBT users (including anonymous users that are not
logged in to public bug trackers) could be impacted by this vulnerability.
Refer to issue #13245 for full details.

This release also contains numerous minor bug fixes to MantisBT and improved
translations in many languages.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.6 Maintenance Release (2011-07-26)
-------------------------------------------------

MantisBT 1.2.6 is a maintenance update for the stable 1.2.x branch. It is
recommended that all MantisBT users (including those still using 1.1.x or
earlier versions) upgrade to this latest release.

This release brings bug fixes and improvements across a range of MantisBT
features, especially the SOAP API, authentication, time tracking, and
billing areas. Documentation and translation updates are also included.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.5 Maintenance Release (2011-04-05)
-------------------------------------------------

MantisBT 1.2.5 is a maintenance update for the stable 1.2.x branch. It is
recommended that all MantisBT users (including those still using 1.1.x or
earlier versions) upgrade to this latest release.

This release brings improved translations in many languages as well as
numerous bug fixes across a range of MantisBT features.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.4 Security Release (2010-12-15)
-------------------------------------------------

MantisBT 1.2.4 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are advised to
upgrade to this release.

Gjoko Krstic of Zero Science Lab reported multiple vulnerabilities in the
admin/upgrade_unattended.php script. Issue #12607 provides more detail on the
vulnerabilities discovered. We thank Gjoko for his detailed assistance with
testing, patching and answering questions. Please note that the /admin/
directory should be removed from all MantisBT installations after the
installation or upgrade has been completed. This is particularly true for
MantisBT installations accessible over the Internet.

Also included with 1.2.4 are some bug fixes relating to fonts in the
MantisGraph plugin, SOAP API, CSV export, custom field values, relationship
graphs, fields on the manage user page, built-in time tracking and the
allow_reporter_close feature. This release includes updated translations for
many languages and improved installation documentation in doc/INSTALL.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.3 Security Release (2010-09-14)
-------------------------------------------------

MantisBT 1.2.3 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are advised to
upgrade to this release.

Issue #12312 covers an XSS vulnerability in the upstream NuSOAP library.
The fix has been applied to the library included in MantisBT releases, and a
patch has been submitted upstream for future releases of NuSOAP. See
http://www.mantisbt.org/bugs/view.php?id=12312 for further details.

Also included with 1.2.3 are another round of XSS fixes to MantisBT, improved
excel export, translation updates, and bug fixes to the SOAP API, installation,
plugin system, and email notifications.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.2 Security Release (2010-07-29)
-------------------------------------------------

MantisBT 1.2.2 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are advised to
upgrade to this release.

Issue #11952 covers a security fix to the display of inline attachments, where
"Arbitrary inline attachment rendering could lead to cross-domain scripting or
other browser attacks".  See http://www.mantisbt.org/bugs/view.php?id=11952
for further details and information.

Also included with 1.2.2 are a range of translation updates, regression fixes,
and bug fixes, including multiple SOAP API-related bugs and regressions.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.1 Maintenance Release (2010-04-23)
-------------------------------------------------

MantisBT 1.2.1 is a maintenance update for the stable 1.2.x branch. All
installations that are currently running any 1.1.x or 1.2.0 version are
advised to upgrade to this release.

Included with 1.2.1 are a range of bug fixes, translation updates, and general
improvements over the initial 1.2.0 release.  Highlights include an improved
installation, a fixed upgrade path from 1.1.x, fixes to the URL and path
detection, and updates to the plugin event system.

A full changelog for the 1.2.x series can be found on the official site. [1]


1.2.0 Stable Release (2010-02-22)
-------------------------------------------------

This release marks the first official release in the 1.2.x series of MantisBT.
1.2.0 is a major feature release for MantisBT, and includes many bugfixes and
enhancements over the 1.1.x stable branch.  All users of 1.1.x are highly
encouraged to upgrade as soon as possible.

There are many new features added to 1.2.0, including:

 - Converted the MantisBT Manual to Docbook format, and added a new Developer's
   Guide manual, both of which are compiled and included in every release

 - Implemented a plugin system with many plugins already released [2]

 - Global categories available to all projects, as well as project categories
   inheriting from parent projects to child projects;  both are optional

 - Tracked change history for textarea fields (Description, etc) and bug notes

 - Customizable sets of columns for View Issues page and export formats

 - Combined simple and advanced views into a single, configurable view that
   allows selecting exactly what fields to show or hide

 - Improved roadmap and changelog pages, including version release dates, and
   permalinks to individual versions

 - Marking versions as obsolete to hide them from the roadmap and changelog

 - More configuration options for rebranding MantisBT installations

 - Improved support for PostgreSQL databases

 - Improved support for UTF-8 localizations and content

 - Implemented custom search providers for Firefox and Internet Explorer

 - Implemented localized timestamps using according to user-preferred timezones


There have also been many improvements to the codebase beyond adding features:

 - Migrated to parameterised database queries throughout the codebase for both
   performance and security improvements

 - Added PHPDoc compatible documentation to all internal API's

 - Removed many hardcoded references to access levels and other enumerations,
   for improved customizability.

 - Migrated away from DATETIME fields to integer timestamps for timezone usage

 - All 3rd party code is now contained within the library/ path, including
   documentation on library versions and any patches applied

 - Initial support for MySQL 6 and PHP 5.3
2012-12-25 21:49:05 +00:00
jperkin
42100e17de Add socket libs on Solaris. 2012-12-25 21:16:24 +00:00
joerg
62db458536 Fix inline use. 2012-12-25 21:14:45 +00:00
joerg
36b2e0319e Use more void. 2012-12-25 21:14:17 +00:00
joerg
f73c46f348 Explicitly put clang into C++11 mode. 2012-12-25 21:13:42 +00:00