<borja@codigo23.net>, ok abieber@ - apologies for the extra copies of
WebKit and Qt but they are stripped-down so not horribly slow to build,
and have various fixes that phantomjs upstream haven't been able to get
into the various libraries yet.
"PhantomJS is a headless WebKit scriptable with a JavaScript API.
It has fast and native support for various web standards: DOM
handling, CSS selector, JSON, Canvas, and SVG."
(useful for various things including automated testing of web sites,
and screen scraping of complex web apps)
Work around upstream regression causing rake/rdoc/ri to not work by
copying the real executables over the rubygems shims.
Fix the #! lines on the executables.
The old ant based tests no longer work, and the new maven tests
require downloading tons of packages at runtime, so punt and mark
NO_TEST=Yes and stop downloading the -src tarball.
libosinfo is a GObject based library API for managing information about
operating systems, hypervisors and the (virtual) hardware devices they
can support. It includes a database containing device metadata and
provides APIs to match/identify optimal devices for deploying an
operating system on a hypervisor.
<...>
Needs to figure out why our libtool(1) fails miserably...
ok jasper@
- simplify SNDIO_WaitAudio (do as others backends do)
- remove the rate negotiation, which predates sndiod
these tweaks that don't change the bahavior.
ok bcallah@
CVE-2013-7106, CVE-2013-7107 https://dev.icinga.org/issues/5250
The icinga web gui is susceptible to several buffer overflow flaws,
which can be triggered as a logged on user. A remote attacker may
utilize a CSRF (cross site request forgery) attack vector against a
logged in user to exploit this flaw remotely.
CVE-2013-7108 https://dev.icinga.org/issues/5251
The icinga web gui are susceptible to an "off-by-one read" error
resulting from an improper assumption in the handling of user submitted
CGI parameters. [..] by sending a specially crafted cgi parameter,
the check routine can be forced to skip the terminating null pointer
and read the heap address right after the end of the parameter list.
Depending on the memory layout, this may result in a memory corruption
condition/crash or reading of sensitive memory locations.
