*) mark BROKEN:
HANDLER THREAD PROBLEM: java.net.SocketException: Resource temporarily unavailable: Resource temporarily unavailable
java.net.SocketException: Resource temporarily unavailable: Resource temporarily unavailable
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:90)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at org.apache.tomcat.service.connector.AJP12RequestAdapter.readNextRequest(Ajp12ConnectionHandler.java:233)
at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection(Ajp12ConnectionHandler.java:147)
at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
at java.lang.Thread.run(Thread.java:484)
closes a security issue in multipart form handling (buffer overflow)
temporarily disable the freetds flavour, since the m4 patch cannot
seem to be regenerated
PHP supports multipart/form-data POST requests (as described in RFC1867)
known as POST fileuploads. Unfourtunately there are several flaws in the
php_mime_split function that could be used by an attacker to execute
arbitrary code.
- broken boundary check
- arbitrary heap overflow
--
Ok'd by: maintainer
This program is an add-on for Analog, which produces nice looking
reports from the analysis of your logfiles. It does not require
Analog to be installed, merely the output from analog to be available
From Kenneth J. Hendrickson <Kenneth.Hendrickson@Home.com>, PR #2285.
* md5 -> distinfo
* Remove a SECURITY file that doesn't document any security issues.
Hironori Sakamoto found some vulnerabilities in w3m support scripts,
such as multipart.cgi, w3mman2html.cgi and w3mhelp.cgi. Attacker
could run arbitrary commands on user's machine with user's privilege
by using malicious html pages.
DSO's on. This is so we don't get tripped up on archs that do not have DSO
support yet (i.e. ELF-based archs & static only archs).
--
Pointed out by pval@'s macppc broken ports list
--
- fixes a possible security issue as posted to BugTraq (unconfirmed,
exploitability unknown)
- tmpnam() -> mkstemp() in htpasswd
- kqueue() fixes
- a number of other fixes and improvements
to be installed inside the main Zope tree.
--
Page Templates are a web page generation tool. They help programmers
and designers collaborate in producing dynamic web pages for Zope
web applications. Designers can use them to maintain pages without
having to abandon their tools, while preserving the work required
to embed those pages in an application.
The goal of Page Templates is natural workflow. A designer will use
a WYSIWYG HTML editor to create a template, then a programmer will
edit it to make it part of an application. If required, the designer
can load the template back into his editor and make further changes
to its structure and appearance. By taking reasonable steps to
preserve the changes made by the programmer, he will not disrupt
the application.
WWW: ${HOMEPAGE}
w3m is a pager/text-based WWW browser. This is the multilingualization
(m17n) version.
It used to be a flavor of www/w3m but the different versions keep diverging.
Radical pruning to make this port manageable again:
- Remove image and m17n flavors. The corresponding functionality
may eventually return in some other form.
- Rename kanji flavor to "japanese".
* Fix wayward indentation introduced in 1.0.4 which caused -browser
to fail.
* Note that SURFRAW_browser was made obsolete in 1.0.4.
SURFRAW_text_browser and SURFRAW_graphical_browser replace its
functionality.
* State extra clearly the format of ~/.surfraw.conf.
- regress
- add zope-instance relative path support
- do optimizing compile on python files too, like lang/python, and use optimized in default zope-instance start script
