ports, for the ports that are built both on ruby 1.8 and ruby 1.9,
switch the category Makefiles to explicitly list the ruby18 FLAVOR
instead of the ruby19 FLAVOR.
Also, for home_run, fastri, and fastercsv, explicitly build only the
ruby 1.8 version of the port. These libraries can run on ruby 1.9, but
it doesn't make sense to build a ruby 1.9 version by default.
FLAVOR and FLAVORS set to ruby18, so attempting to build them without a
FLAVOR set still builds the ruby 1.8 version.
Remove MAINTAINER at his request.
- remove useless patch to gfx/thebes/Makefile.in adding -lpangox-1.0 to
EXTRA_DSO_LDOPTS, this was maybe useful before ffx 3.0, but mozilla
stopped using pangox between 2.0 and 3.0. See for the last traces of
pangox.h use : https://bugzilla.mozilla.org/show_bug.cgi?id=528941. See
also bugs #323671/#338446
- backport the patch from #528941 to remove useless pangox.h inclusion
from www/firefox35.
- remove the RUN_DEPENDS on pangox-compat
- bump all corresponding REVISIONS
- while here, make sure all moz ports depend on latest nspr 4.9.2 since
it'll be a requirement for upcoming gecko 16 releases
The situation is this: even when we --disable-gtk-doc, if gtk-doc is
actually installed at configure stage, tools like gtkdoc-rebase will be
picked up and run during the install target. That is bad because the
gtk-doc package may have been removed by then, especially during dpb(1)
bulks (we explicitely disable support for it so why should it stay...).
So for now, let's add the following env to configure whenever we use
--disable-gtk-doc, until a bettersolution is found...
CONFIGURE_ENV +=ac_cv_path_GTKDOC_CHECK="" \
ac_cv_path_GTKDOC_REBASE="" \
ac_cv_path_GTKDOC_MKPDF=""
* Unbreak custom URI handling
* Fix display of about:favorites with no favorites
* Prevent using back on an about:secviolation page from returning back
to the exact same page that triggered the cert warning.
* Fix build with glib 2.30.0
* Kill a crash when using older libsoup versions
* Sync the preloaded HSTS list with Chromium's
Tested on amd64.
Ok kili@
- allow multiple AddHeader directives
- fixed memory leak in config/AddHeader
- fixed memory leak in DH
- fixed problem in SNI certificate storage
- changed long to long long for support of requests larger than 2GB
- added parsing for certificate CN
- fixed problem in task enqueing
- fixed small problem in Makefile
And others, while here, GROFF is not needed and patches applied
upstream.
Ok 'Looks fine' aja@
separate from the version in the base OS which deliberately does not include
the mail proxy and additional modules. rc.d/enginx script is added (not
rc.d/nginx to avoid conflicting with base). Lua module is also supported.
Most of the work done by william@, with a few tweaks by me and ok william.
README could use more work and as pointed out by ajacoutot we need to
review permissions of the tmp directory, but the diff is already long enough.
@pkgpath markers are set to update from the 1.0.x packages to 1.2.x (with or
without the passenger flavour as appropriate).
GLPI is the Information Resource-Manager with an additional
Administration- Interface. You can use it to build up a database with an
inventory for your company (computer, software, printers...). It has
enhanced functions to make the daily life for the administrators easier,
like a job-tracking-system with mail-notification and methods to build a
database with basic information about your network-topology.
ok aja@
* [NEW] force_https setting and https command to force a given domain
to always use HTTPS
* [NEW] Use force_https to provide a preloaded HSTS list to help avoid
the ssl stripping attack. Sites in this list are taken from
Chromium's preloaded HSTS list, and additional domains added by the
xombrero authors.
* Add a workaround to fix a GTK focus bug until it has been fixed
upstream (see https://bugzilla.gnome.org/show_bug.cgi?id=677329)
* Modify the about:allthethings output to a more C-like syntax
* Remove the usage of relying on some deprecated webkitgtk signals
* Prevent spitting out warnings of deprecated gcrypt functions when
building
* Prevent a crash when using editsrc on about:blank or any other blank
page
* Many various code cleanups
And more.
Ok pascal@
* Fixed base64::decode() return "" if input ends with garbage and no
padding.
* Fixed segmentation fault when logger failed to open log file.
* Added new file allocation method called 'trunc'. --file-allocation
option can now take new value 'trunc'. 'trunc' uses ftruncate()
system call or platform-specific counterpart to truncate a file to a
specified length.
* Added TLS SNI support.
Ok rpointel@ (maintainer)
High-level cross-protocol url-grabber.
Using urlgrabber, data can be fetched in three basic ways:
urlgrab(url) copy the file to the local filesystem
urlopen(url) open the remote file and return a file object
(like urllib2.urlopen)
urlread(url) return the contents of the file as a string
ok aja@
Mozilla Sync server allows bookmarks, tabs, settings, addons, passwords
and history to be shared across several mozilla instances. Most work
done before previous lock, polished last month and finally here it is!
See https://support.mozilla.org/en-US/kb/how-do-i-set-up-firefox-sync
and the provided README for how to set it up properly.
ok sthen@ on a previous version.
- see http://www.seamonkey-project.org/releases/seamonkey2.12/
- garbage collect nsSound.cpp, the original one uses libcanberra
properly and thus sndio.
- remove patch from #750620, merged upstream (mfbt/double-conversion)
- remove patches from #691898, merged upstream (yarr jit ppc)
- remove useless crashreporter patch, we don't have breakpad
- see http://www.mozilla.org/en-US/firefox/15.0/releasenotes/
- add -Os hack to fix a relocation error when linking on ppc (as was
done in tb since 10..)
- garbage collect nsSound.cpp, the original one uses libcanberra
properly and thus sndio.
- remove patch from #750620, merged upstream (mfbt/double-conversion)
- remove patches from #747257, merged upstream (gstreamer fix)
- remove patches from #691898, merged upstream (yarr jit ppc)
CVE-2012-4377 Stored XSS via a File::link to a non-existing image
CVE-2012-4378 Multiple DOM-based XSS flaws due improper filtering of
uselang parameter
CVE-2012-4379 CSRF tokens, available via API, not protected when
X-Frame-Options headers used
CVE-2012-4380 Did not prevent account creation for IP addresses
blocked with GlobalBlocking
CVE-2012-4381 Password saved always to the local MediaWiki database
CVE-2012-4382 Metadata about blocks
feedback/OKs from aja@ william@ jasper@ giovanni@ kevlo@
- move MESSAGE to README.
- add missing dep on php-mysqli.
- change the unpack/fake-install method to use the standard
extract infrastructure.
- @sample contrib/htaccess into .htaccess so apache can use it by
default if allowoverride is enabled. this does some basic user-agent
checks to reduce the risk of phpmyadmin sites showing up in
search engines.
- provide an @sample'd apache config file which enables use of
the .htaccess file and restricts access to localhost. talk about
this in README so people know what's going on. (phpMyAdmin has
a history of security-related bugs, but because it's rather
commonly used it's much better to have it in ports so that
it can be updated easily; these changes make the default
installation safer).
building the static binary. Fixes build problem reported by nigel@ since the
glib-2.0.pc now (correctly) only lists pthread in Libs.private not in Libs.
ok ajacoutot@
A Gravatar is a Globally Recognized Avatar for a given email address.
This allows you to have a global picture associated with your email
address. You can look up the Gravatar for any email address by
constructing a URL to get the image from gravatar.com. This module
does that.
OK sthen@
* Use proper status codes for "Bad request" (and similar) error messages.
* Negative values in some config options leading to strange situations.
* Path disclosure through error messages in search.php (and others).
* Subscriptions were handled incorrectly when merging or splitting topics.
* Ignore BBCodes in search strings.
* The Technetium style had an issue with resizing images.
* Renaming users would unban them.
And others http://fluxbb.org/forums/viewtopic.php?id=6328
While here, the extract part is not needed.
Ok aja@.
* [NEW] Implement a new setting, do_not_track, to set the Do Not Track
HTTP header. This setting is disabled by default in normal mode and
enabled in whitelist mode.
* Fix the keybindings in the example config so they properly represent
the default values in the source code.
* Add some additional paranoia in the input focus code to prevent a
segfault on some sites (most notably, pnc.com).
* Fix a bug where HSTS would never be enabled if referer_mode = always
* Fix the build when debugging is enabled
* Show a warning when the binary could not be run when executing a
program based on a MIME type, except for the special "donothing"
binary name.
Tested by severals.
Ok aja@ gsoares@
- see http://www.seamonkey-project.org/releases/seamonkey2.11/
- remove the -rpath hack, not needed since matthew's ld.so fix from
12/06
- backport cset from #750620 to fix ppc (and other exotic archs) build.
- force-disable gconf in configure.in (bug #765556)
- remove the chunk from #763408, packaging was fixed
- see http://www.mozilla.org/en-US/firefox/14.0.1/releasenotes/
- enable H.264 video support through gstreamer. Mention that one needs to
manually install gstreamer-ffmpeg. Not all videos/sites will work.
- backport cset from #776838 & #747257 for various gst fixes.
- backport cset from #750620 to fix ppc (and other exotic archs) build.
- backport cset from #752895 to fix packaging issues.
- remove patch-content_xslt_src_base_txDouble_cpp, useless since mozilla
switched to mfbt/double-conversion.
- remove nss opening hack in Sync, it works fine without it.
- remove the -rpath hack, not needed since matthew's ld.so fix from 12/06
Zurmo is an open source CRM application written in PHP utilizing
jQuery, Yii Framework, and RedBeanPHP.
The goal with Zurmo is to provide an easy-to-use, easy-to-customize CRM
application that can be adapted to any business use case.
Special care has been taken to think through many different use cases
with a system designed to provide a high degree of flexibility, covering
a wide variety of use cases out of the box.
<...>
ok jasper@
Merged from diffs from myself, Rodolfo Gouveia and with an rc script from
giovanni@.
This is a security update, fixing CVE-2011-3348, CVE-2011-3368, CVE-2011-3607,
CVE-2011-4317, CVE-2012-0021, CVE-2012-0031 and CVE-2012-0053.
repoze.who is an identification and authentication framework for
arbitrary WSGI applications. it can be configured either as WSGI
middleware or as an API for use by an application.
Required by upcoming firefox sync server port.
ok rpointel@
Provides a CAPTCHA for Python using the reCAPTCHA service. Does not
require any imaging libraries because the CAPTCHA is served directly
from reCAPTCHA. Also allows you to securely obfuscate emails with
Mailhide. This functionality requires pycrypto. This library requires
two types of API keys. If you'd like to use the CAPTCHA, you'll need a
key from https://www.google.com/recaptcha/admin/create. For Mailhide,
you'll need a key from http://www.google.com/recaptcha/mailhide/apikey.
Required by upcoming firefox sync server port.
ok rpointel@
Nodes in block makes it possible to add nodes into a block. A number of
configurable blocks are generated which you can assign to a region.
Visibility settings of this block are automatically set to 'Show on only
the listed pages'. On the node content form, you define the weight and
visibility per node thus making it easier for content administration as
all your content is now in the same place. With this module, you don't
have to explain your customers how blocks work but is still able to
decide on which pages content must be rendered.
AT Commerce is fresh, professionally designed theme for eCommerce sites
with baked in support for the Commerce module and Ubercart.
Mobile eCommerce is supported using responsive design methods, so your
online store will display and work across mobile channels without any
extra work or effort.
Adaptivetheme is a powerful theme framework with smoking hot support for
responsive web design.
Adaptivetheme is the perfect start for themers, site builders and anyone
wanting to support the mobile web without additional development
overhead and cost.
Gives a site owner options to disable specific messages shown to end
users. The core drupal message system as offered by drupal_set_message
is an excellent way for modules to send out messages to the end users.
However not all drupal site owners are keen to show all the messages
sent out by drupal core and all modules to their users. This module
gives site administrators a reasonably powerful way to filter out
messages shown to the end users.
* [NEW] Custom keybound prompts (keybinding = :cmd,key)
* [NEW] Custom uri handling (custom_uri)
* [NEW] Setting to disable proxy at startup (http_proxy_disable)
* [NEW] Setting to cache HTTPS certificates and present warnings when
certificates change to help prevent MITM attacks (warn_cert_changes)
* [NEW] Tab number and proxy enabled notifications (statusbar_elems)
* [NEW] Setting to change default stylesheet used for the userstyle
and userstyle_global commands (usersytle)
* [NEW] Both userstyle and userstyle_global commands may take an
optional argument to a user-specified stylesheet
* [NEW] Setting to change the style of the statusbar to switch between
the page URL and title (statusbar_style)
* Runtime settings are unsettable with ':set setting ='
* Fix some display bugs with the statusbar
* HTML escape text before displaying with about:set, <file> now shows
correctly
* Fix unsetting the statusbar color when opening the command prompt
And a lot of others.
Tested on amd64.
Ok kili@ aja@
minor SHLIB bump
introduce SOGOLIBDIR variable to be used in PLIST, update hint from README:
Upgrade SOGo from < 1.3.16
=======================================
New password schemes were introduced. You may want to set the
userPasswordAlgorithm default, i.e.:
$ defaults write sogod userPasswordAlgorithm ssha
* checking: Catch any errors initializing the MIME database.
* checking: Fix writing temporary files.
* checking: Properly handle URLs with user/password information.
And others.
Delete --no-compile to build pyc and add devel/desktop-file-utils
Tested on i386.
Ok Amit Kulkarni (maintainer) aja@
* Fixes an issue where a theme's page templates were sometimes not detected.
* Addresses problems with some category permalink structures.
* Better handling for plugins or themes loading JavaScript incorrectly.
* Adds early support for uploading images on iOS 6 devices.
* Allows for a technique commonly used by plugins to detect a
network-wide activation.
* Better compatibility with servers running certain versions of PHP
(5.2.4, 5.4) or with uncommon setups (safe mode, open_basedir), which
had caused warnings or in some cases prevented emails from being sent.
* Privilege Escalation/XSS. Critical. Administrators and editors in
multisite were accidentally allowed to use unfiltered_html for 3.4.0.
And others, tested on i386 and amd64.
Ok merdely@ (maintainer) aja@
Bacula-Web is a web based tool written in PHP that provides a
summarized view of the bacula backup infrastructure. It obtain this
information from the bacula catalog's database.
This tool provides you informations on the last day jobs status, media
and pool usage, catalog size usage, etc.
ok jasper@
If the proxy server is running on the same subnet as the clients, the
return traffic from the proxy will go directly back to them without
ever hitting the firewall, which means the states will never get updated
and may fill-up your pflog(4) with blocked attempts. To circumvent this
the "no state" option needs to be specified for the route-to rule.
ok Brad, intput/ok sthen@ (maintainer)
"Desc: Input passed via the parameter 'sortby' is not properly
sanitised before being returned to the user or used in SQL queries.
This can be exploited to manipulate SQL queries by injecting
arbitrary SQL code. The param 'num' is vulnerable to a XSS issue
where the attacker can execute arbitrary HTML and script code in
a user's browser session in context of an affected site."
Security issues require admin login.
Don't redirect errors to /dev/null and don't return true(1)
unconditionally. Instead, don't check for the existence of index.theme.
This will allow us to catch errors that may be happening because of a
missing dependency in the chain.
Some hidden issues may appear, in which case please contact me.
discussed with and ok blind jasper@
here is the new port and the new stuff:
* Fix a bug where not the entire saved cert wouldn't be checked
* Add an include_config setting to load additional configuration
settings
* Add option to display when a download completes
* Rewrite mutex implementation to work around some bogus buggy mutex
implementation messages
* Make bunch of settings work in runtime vs start-of-day
* Add option to select search engine when used the first time
* Add ctrl-enter to prefix www. and postfix .com
* Add stop keybinding
* Fix a bunch of tiny bugs and general code improvement
OK sthen@
Fixes some bugs and a security issue (SA49330).
Many improvements and new features.
Now the MySQL user needs also the LOCK permission.
ok jasper@ on a previous diff
turnaround projects like screen-scraping.
Original diff against py-beutifoulsup from wen heping, converted to
a stand alone port after some discussion in ports@.
This program allows to see in real-time (top-like) or from the start of
the server, stats for get, set, delete, increment, decrement, evictions,
reclaimed, cas command, as well as server stats (network, items, server
version) with googlecharts and server internal configuration. You can go
further to see each server slabs, occupation, memory wasted and items (key
& value). Another part can execute commands on any memcached server: get,
set, delete, flush_all, as well as execute any commands (like stats) with
telnet.
Racktables is a web-based database for datacenter and server room asset
management. It helps document hardware assets, network addresses, space in
racks, networks configuration and more.
if the SingletonLock file is available and valid.
The problem is that when chrome crashes one of the destructors fail to
remove the lockfile and then when you start chrome again, it will
try to communicate with the old PID of the chromium main process, because
the SingletonLock file will point to `hostname`-PID_of_old_chromium and
since that process is not running anymore, startup will fail.
- install tar.gz source, and patch node-gyp to use it rather than
attempting to download from the 'net when building a native extension,
from Aaron Bieber (maintainer).
- set V=1 in node-gyp to avoid hiding compiler command lines
(from me, ok jasper).
