PR: ports/136065 ports/127469
Submitted by: N.J. Mann <njm@njm.me.uk> and Aldis Berjoza <killasmurf86@gmail.com>
- Early identify port CONFLICTS
PR: 137855
Submitted by: Piotr Smyrak <smyru@heron.pl>
- Add --no-same-permissions to the EXTRACT_AFTER_ARGS command.
Tijl Coosemans has been reported an issue that when root is extracting from the
tarball, and the tarball contains world writable files
(sysutils/policykit as an example), there is a chance that the files
gets changed by malicious third parties right after the extraction,
which makes it possible to inject code into the package thus compromise
the system.
Submitted by: Tijl Coosemans <tijl@coosemans.org> Xin LI (delphij@)
- Fix some whitespaces
Tested with: exp-run
e-mail addresses from the pkg-descr file that could reasonably
be mistaken for maintainer contact information in order to avoid
confusion on the part of users looking for support. As a pleasant
side effect this also avoids confusion and/or frustration for people
who are no longer maintaining those ports.
Austrian Bank Account Numbers. All currently defined test methods
by Deutsche Bundesbank (March 2009: 00 to D3) are implemented.
This port only installs the PHP module.
WWW: http://www.informatik.hs-mannheim.de/konto_check/
PR: ports/137661
Feature safe: yes
Submitted by: Dominik Brettnacher <domi at nonsensss.de>
a bugfix, translation and maintenance update. Release note can be found
at http://kde.org/announcements/announce-4.3.1.php
We would like to thank all our contributors and testers. My personal
thanks to miwi and makc for coaching me through my first KDE commit.
for FreeBSD. The official KDE 4.3.0 (Codename: "Caizen") release
notes can be found at:
http://kde.org/announcements/4.3/index.php.
We'd like to say thanks to all helpers and submitters.
Tested by: pointyhat-exp-run (pav/miwi)
. remove an "A" flag from FETCH_ARGS (SF seems to use a new
technology to redirect distfiles, a fetch ends up with
the message "Moved Temporarily");
. adjust WWW address to a new one at pkg-descr.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.
It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.
With help: marcus and kwm
Pointyhat-exp: a few times by pav
Tested by: pgollucci, "Romain Tartière" <romain@blogreen.org>, and
a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by: marcus
Approved by: portmgr
2009-07-07 audio/gai-visual-audio: abandoned project, does not build
2009-07-05 devel/linxt: Use devel/roboctl instead.
2007-08-22 german/citrix_ica: Use net/citrix_ica
2007-08-22 japanese/citrix_ica: Use net/citrix_ica
2009-06-30 mail/bogofilter-qdbm: Migrate to bogofilter-tc instead
2009-06-27 mail/xc-mail: depends on a port that expired in 2007
2009-07-01 www/trac-blog: Not supported anymore for trac > 0.10; use FullBlogPlugin instead
2009-07-01 www/trac-restrictedarea: Not supported anymore; functionality included in trac since 0.11
Critical vulnerabilities have been identified in Adobe Reader
9.1.1 and Acrobat 9.1.1 and earlier versions. These
vulnerabilities would cause the application to crash and could
potentially allow an attacker to take control of the affected
system.
Security: http://www.adobe.com/support/security/bulletins/apsb09-07.html
Security: CVE-2009-0198
Security: CVE-2009-0509
Security: CVE-2009-0510
Security: CVE-2009-0511
Security: CVE-2009-0512
Security: CVE-2009-0888
Security: CVE-2009-0889
Security: CVE-2009-1855
Security: CVE-2009-1856
Security: CVE-2009-1857
Security: CVE-2009-1858
Security: CVE-2009-1859
Security: CVE-2009-1861
- CVE-2009-1492
The getAnnots Doc method in the JavaScript API in Adobe Reader
and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote
attackers to cause a denial of service (memory corruption) or
execute arbitrary code via a PDF file that contains an
annotation, and has an OpenAction entry with JavaScript code
that calls this method with crafted integer arguments.
- CVE-2009-1493
The customDictionaryOpen spell method in the JavaScript API in
Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to
cause a denial of service (memory corruption) or execute
arbitrary code via a PDF file that triggers a call to this
method with a long string in the second argument.
Security: CVE-2009-1492
Security: CVE-2009-1493
Security: http://www.adobe.com/support/security/bulletins/apsb09-06.html
- CVE-2009-1492
The getAnnots Doc method in the JavaScript API in Adobe Reader
and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote
attackers to cause a denial of service (memory corruption) or
execute arbitrary code via a PDF file that contains an
annotation, and has an OpenAction entry with JavaScript code
that calls this method with crafted integer arguments.
- CVE-2009-1493
The customDictionaryOpen spell method in the JavaScript API in
Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to
cause a denial of service (memory corruption) or execute
arbitrary code via a PDF file that triggers a call to this
method with a long string in the second argument.
Security: CVE-2009-1492
Security: CVE-2009-1493
Security: http://www.adobe.com/support/security/bulletins/apsb09-06.html
