The issue involves the security of the indexes of ZCatalog objects. A flaw
in the security settings of ZCatalog allows anonymous users to call arbitrary
methods of catalog indexes. The vulnerability also allows untrusted code to
do the same.
--
From: MAINTAINER
- include the domxml extension as a subpackage
- include some extra modules with PEAR which also disappeared
- only link against freetype1, not freetype2
from a buffer overflow.
- Pick up any plugins in lib/ns-plugins by default.
Issue pointed out by David Krause <openbsd@davidkrause.com>.
Principal changes ok kevlo@
Users are advised to install the www/flashplugin port for Flash support.
--
tinyproxy is a GPLed, lightweight HTTP/SSL proxy. Designed from the ground
up to be fast and yet small, it is an ideal solution for sites where a
full-featured HTTP proxy is required, but the system resources required to
run a more demanding HTTP proxy are unavailable. tinyproxy is fully compatible
with all existing web browsers, and has a number of useful features.
- patch for snmp to link with libdes
- stop libtool from helpfully mangling the ld.so hints file with
crap from the ports build directory by removing the finish_command
- MESSAGE file reflects phpxs command
- ltmain patch no longer needed
- move the php.ini extension lines to the end of the file
- introduce a new 'phpxs' command which enables/disables
modules from a shell without needing to manually edit php.ini
- libphp4.so now installs into the same module dir as the extensions
- php4-enable is now done by 'phpxs -s' so remove it
tested by wilfried@, feedback from naddy@
