- update to 0.5.8
- backport upstream svn r3871 to let it build with latest gtk+2
- switch to xulrunner 1.9.x (breaks gecko backend while here)
- don't try to create a dbus server socket in a non-existent dir
It is still badly broken, as upstream doesn't seem to care about
shipping working stuff... but at least it builds and packages.
A CCK content field which lets you add a complete link to your content
types; including URL, title, and optionally a target attribute. The
link module is a one-stop content link "field" type for CCK.
ok landry@
- use SUBST_CMD instead of perl -pi -e
- use ${LOCALBASE}/${TRUEPREFIX}/${X11BASE} instead of the handpatched
_XXX_ ones
- harmonize default systemwide plugins/extensions search path to
lib/mozilla/{plugins,extensions} as done in other mozilla ports
- use SUBST_CMD instead of perl -pi -e
- use ${LOCALBASE}/${TRUEPREFIX}/${X11BASE} instead of the handpatched
_XXX_ ones
- harmonize default systemwide plugins/extensions search path to
lib/mozilla/{plugins,extensions} as done in other mozilla ports, but
keep lib/mozilla-plugins added to MOZ_PLUGIN_PATH atm.
harmonize default search paths for systemwide mozilla extensions and
plugins to ${LOCALBASE}/lib/mozilla/{plugins,extensions}. The
install.rdf files take care anyway of telling with which mozapp an xpi
extension is compatible.
it breaks loading png icons through gdk_pixbuf_new_from_file as gtk is
linked with systemwide png. This went unnoticed so far as firefox always
shipped a fallback xpm icon, but this is not the case anymore, so now
gtk_window_set_icon_list() is not called anymore, and the window manager
shows the default icon for firefox windows in taskbar/tasklists..
So add graphics/netpbm as a build dependency, do the necessary netpbm
magic in do-install to create the default.xpm from mozicon128.png, and
patch widget/src/gtk2/nsWindow.cpp to not try to load png icons.
While here fix icon path in desktop file, and add a comment about why we
don't use systemwide png.
www/firefox36 mostly by martynas@ and naddy@.
Note that the java plugin from devel/jdk currently doesn't work with this
version of firefox, in the meantime users really needed it will have to
use www/firefox35.
ok naddy@
The rules module allows site administrators to define conditionally
executed actions based on occurring events (known as reactive or ECA
rules).
ok landry@
Those days, the trend is to write/use minimal browsers that work in a
terminal. vteplugin takes the opposite direction and allows you to use
terminals in your npapi-compatible-bloated-web-browser, ie any
gecko/webkit web browser. It uses XEmbed to bundle a vte window in a
browser tab.
The Node Relationships module provides methods to complete two way
relationships between content types enhancing the features of node
reference fields by adding 'Node reference extras' and 'Automatic
back references'.
ok espie@ and landry@
This module provides an API to render an iframe within a modal dialog
based on the jQuery UI Dialog plugin. You should not install this module
unless another module requires you to, or you wish to use it for your
own custom modules.
ok espie@ and landry
A wrapper module around the jQuery UI effects library that lets module
developers add swooshy, swishy effects to their code. This is a utility
module that won't do anything on its own. See README.txt for how your
module can use it to add jQuery UI effects to your pages.
ok landry@ and espie@
Check uri instead of physical path for directory redirect.
Should fix alias handling for "/foo" => "/var/www/";
http://example.com/foo should result in a redirect to
http://example.com/foo/
Mollify is a web file manager for publishing and managing files
hosted in a web server of your choice. Different users can have
access to different files and with different permissions.
"This is a bug fix release to correct some issues with 2.9. If you are
using postgres DO NOT install Views 2.9. Install 2.10 instead. If you
are not experiencing these issues with 2.9 then you do not need to
update."
ok espie@
The CategoryTree extension provides a dynamic view of the wiki's category
structure as a tree. It uses AJAX to load parts of the tree on demand.
ok landry@
3.5/thunderbird 3 codebase. See for details:
http://www.seamonkey-project.org/releases/seamonkey2.0.4/
Backing up your profile before upgrading is recommended..
Update also largely based on www/firefox35 port.
Tested on i386/amd64/sparc64/powerpc by myself and on alpha by naddy@
ok naddy@
trouble for autoconf 2.62+; remove this workaround which now causes
the build to fail. No bump as the package doesn't change from the
version which last built successfully.
Build failure noticed by naddy@. 'make it so' jasper@, Brad ok.
MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop
MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray
MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection
MFSA 2010-16 Crashes with evidence of memory corruption
The Puppet Dashboard is a Puppet web interface that provides node
management and reporting tools. Nodes can be exported in YAML format,
allowing the dashboard to be used as an external node classification
tool.
ok bernd@
installed, needed for the admin interface. ok ajacoutot@
- install blank sample logfiles, rather than make them a copy of
the sample index.html
- unbreak sample rc.local lines in MESSAGE-main (foo-bar isn't
a valid shell variable, foo_bar is)
all found by Rod Whitworth, thanks!
MFSA 2010-05 XSS hazard using SVG document and binary Content-Type
MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain
MFSA 2010-03 Use-after-free crash in HTML parser
MFSA 2010-01 Crashes with evidence of memory corruption
Also fix some corrupted $OpenBSD keywords, pointed out by sthen@
ok sthen@
breaking cd /usr/ports && SUBDIR=some/path make something for
category makefiles. While there, also put spaces around += uniformously.
okay naddy@, jasper@
and show how to check. This should change sometime, but the
fix is fiddly and for now we should let people know. Committing
now to make sure something is in pre-4.7.
Discussed with pval, this diff ok jasper@ landry@
http://www.vupen.com/english/advisories/2010/0090
(thanks fgsch@ for the link/notice)
Update to cherokee-0.99.39.
Remove debug FLAVOR and use ifdef DEBUG.
Add rrdtool to run_depends.
Byte-compile python modules so that they are registered in the PLIST.
Be careful as cherokee is not started using ${PREFIX}/sbin/cherokee, not
cherokee-guardian anymore.
Fernando Quintero (maintainer) ok
MESSAGE tweak and ok sthen@, ok jasper@
The purpose of the templating engine is to provide web application
developers, who need to separate program code and design (HTML code) of
their web application projects, with a templating tool that can be
easily used by cooperating webdesigners who have no programming skills.
Templating language provided by the engine is inspired by Perl
templating module HTML::Template. Templates created for HTML::Template
can be used with this engine in case they do not violate character case
rules of htmltmpl.
This package includes easydoc, a module which uses the templating engine
to generate HTML documentation from docstrings embedded in source files
of Python modules.
(needed by GNOME Development Monitor which I'm currently working on)
This extension works with MediaWiki instances setup behind HTTP
authentication. It pulls usernames from $_SERVER['PHP_AUTH_USER'].
The extension will then either log the user on to MediaWiki if the
user name exists in the database or create a new user if it does not.
"ok with me" jasper@, "yeah hell import it" landry@
Community-ID is an OpenID implementation in PHP which is OpenID 2.0
compliant. Users can keep track of their trusted sites and manage them.
For Community-ID administrators statistics are available to track
registration of new users, authorized users per day or the number of
trusted sites. Administrators can set the site in maintenance mode or
send emails to all registered users.
StatusNet (formerly Laconica) is a Free and Open Source microblogging
platform. It helps people in a community, company or group to exchange
short (140 character) messages over the Web. Users can choose which
people to "follow" and receive only their friends' or colleagues' status
messages. It provides a similar service to sites like Twitter, Jaiku,
Yammer, and Plurk.
not hooking it up to the builds yet, as it will need some more tweaking
to set up.
"This release contains a couple new features, including additional weekly
overtime policy types and accrual milestone rollover limits, as well as
several bugfixes."
MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption
Net::SFTP::Foreign is a Perl client for the SFTP protocol version 3 as
defined in the SSH File Transfer Protocol IETF draft.
It uses any compatible ssh command installed on the system (for
instance, OpenSSH ssh) to establish the secure connection to the remote
server.
It is a lightweight alternative to p5-Net-SFTP.
WWW::IndexParser is a module that uses LWP to fetch a URL from a web
server. It then attempts to parse this page as if it were an auto
generated index page. It returns an array of WWW::IndexParser::Entry
objects, one per entry in the directory index that it has found. Each
Entry has a set of methods: filename(), time(), size(), and others if
supported by the autoindex generated: type() and size_units().
i386 and amd64 supported.
Chromium is an open-source browser project that aims
to build a safer, faster, and more stable way for all
Internet users to experience the web. http://www.chromium.org/
This is version 4.0.251.0 with a tarball already including hundreds
of patches by myself, Sprewell, Ben Laurie and others from the original
FreeBSD effort. See homepage for more details and known issue:
http://sightly.net/peter/openbsd/chromium/
(right now, there are i386 & amd64 -current packages there that can
be pkg_add'ed, links to the FreeBSD page for more info, etc)
The patches are being cleaned up and sent upstream in chunks, the
goal will be to have a clean tarball eventually. I _just_ got this
working earlier this week so it may crash and burn (especially on
amd64 as some parts do not appear 64-bit clean), let me know.
"commit it and let's work on it in-tree" espie@, robert@ & others
MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-65 Crashes with evidence of memory corruption
This is a minimal screen scraping interface to the Drupal admin pages.
Its primary purpose (at the moment) is to provide a means to automate
drupal core upgrades.
Most of the methods in this class depend on English strings from the
pages' value fields, because WWW::Mechanize doesn't use id fields as
selectors. Thus, this module will most likely not work for sites with
a backend set to any non-English language.
ok jasper@ and landry@
Markdown is a text-to-HTML conversion tool for web writers. Markdown
allows you to write using an easy-to-read, easy-to-write plain text
format, then convert it to structurally valid XHTML (or HTML).
PHP-Markdown is a port to PHP of the original Markdown program by John
Gruber.
as for security/nss:
SHA1_Update conflicts with openssl which may be dynamically loaded
at runtime via libcups or libgssapi so causing a crash due to using
the wrong binding. So rename here to avoid conflict.
ok jasper@ sthen@
Provides German translation of drupal6.
If you install this module prior to configuring drupal, thanks
to autolocale, the installation itself will be available in German!
ok sthen@ and landry@
Change the content type of your posts while editing them.
This module is extremely simple and *only* changes the node
type in the database column. That is all. It does not convert
any CCK fields or change other things about the node.
Only use it when you know *exactly* what you're doing!
ok espie@ and jasper@ ports-wise
Please note:
Users upgrading from a prior release should review Blogsum/Config.pm.dist
for new settings to merge with their local Blogsum/Config.pm.
pretty fucking awesome merdely@
From http://wordpress.org/development/2009/11/wordpress-2-8-6-security-release/:
2.8.6 fixes two security problems that can be exploited by registered,
logged in users who have posting privileges. If you have untrusted
authors on your blog, upgrading to 2.8.6 is recommended.
The first problem is an XSS vulnerability in Press This discovered by
Benjamin Flesch. The second problem, discovered by Dawid Golunski, is
an issue with sanitizing uploaded file names that can be exploited in
certain Apache configurations. Thanks to Benjamin and Dawid for finding
and reporting these.
This module strips scripting constructs out of HTML, leaving as much
non-scripting markup in place as possible. This allows web applications
to display HTML originating from an untrusted source without
introducing XSS (cross site scripting) vulnerabilities.
Change the content type of your posts while editing them.
This module is extremely simple and *only* changes the node
type in the database column. That is all. It does not convert
any CCK fields or change other things about the node.
Only use it when you know *exactly* what you're doing!
ok espie@ and jasper@ ports-wise
SabreDAV allows you to easily add WebDAV support to a PHP application.
It is meant to cover the entire standard, and attempts to allow integration
using an easy to understand API.
with comments from ajacoutot@
This LDAP integration module allows users to authenticate against a
configurable Lightweight Directory Access Protocol directory. This
is useful for organizations which have an existing organizational
directory with usernames and passwords, and want Drupal to be able
to authenticate against it.
ok'd-portswise by landry@ and sthen@, tested in production by me.
surf is a minimalistic web browser using webkit, in the spirit of
dwm/suckless.org softwares. It supports the Xembedded protocol which
makes it possible to embed it into another application. Furthermore
one can point surf to another URI by setting its XProperties.
Based on a submission from Tobias Ulmer some times ago on ports@, thanks!
WARNING: if you use both, update both. Especially if you use cck
node/user refs from a view, since that's broken with cck 2.5.
packages have an annotation to prevent this (@incompatibility) but it's
not yet implemented... ;-/
Acquia Marina is an advanced fixed-width theme, supporting 1, 2 or
3-column layouts with 15 collapsible block regions. It has an optional
drop-down primary links menu and advanced theme settings to customize
without coding. Icons for core and Views blocks are included.
It is cross-browser tested (in IE6/7, Opera, Safari, and Firefox)
and has a high attention to detail.
A plain textarea editor aiming to facilitate code writing for Drupal.
* Editor interface and functionality are completely
customizable through administration pages.
* It supports role based editor interfaces.
* It's possible to create image or text buttons.
* Buttons can be customized to generate code snippets,
html tags, bbcode tags etc.
This module integrates PHPMailer with Drupal, both as native
drupal_mail() wrapper, and as part of the Mime Mail module,
allowing you to send mail directly by SMTP (optionally with
authentication/encryption). Avoids sending mail with PHP's
mail() function (which needs /bin/sh in the chroot jail).
The TracNav macro implements a fully customizable navigation bar
for the Trac wiki engine.
The contents of the navigation bar is a wiki page itself and can
be edited like any other wiki page through the web interface. The
navigation bar supports hierarchical ordering of topics.
The design of TracNav mimics the design of the TracGuideToc that
was originally supplied with Trac. The drawback of TracGuideToc is
that it is not customizable without editing its source code and
that it does not support hierarchical ordering.
So, moodle needs a database, fine. No need to put flavors around it.
package-specs have ALTERNATIVES, so you can just depend on any of mysql and
postgresql, and you don't need a flavor for that...
things) do not run out of the box without the confelements.
We will merge confelements into the main gstreamer-plugins-good
package so that everything works out of the box.
compile, nor instructions on how to compile it, we can't update to
0.5.8, but at least we can backport gtk-entry code and callers from it.
This is ugly^Whackish^Whorrible, but at least it really works again.
While here, drop MAINTAINERship, i don't want to be responsible for that
pile of crap anymore.
bump major to be on the safe side, add commented-out entries for
gstreamer LIB/RUN_DEPENDS for the day we enable HTML5 video support.
midori/devhelp are happy with it..
Cntlm is an http proxy server, written in pure C, that allows you to
authenticate via the proprietary NTLM protocol, so you can use web
sites and web proxies that require NTLM/NTLMv2 authorization.
It was designed from scratch to be easy to use and easier to maintain,
and works inside or outside of the OpenBSD httpd chroot with no changes.
suggestions from and ok phessler@
for perl. It is not intended as a replacement for the
fully-featured LWP module. Instead, it is intended for use in
situations where it is desirable to install the minimal number of
modules to achieve HTTP support, or where LWP is not a good
candidate due to CPU overhead, such as slower processors.
HTTP::Lite is also significantly faster than LWP.
ok phessler@
including XSS (prefs, MIME viewer) and preventing overwriting of webserver-
accessible files (image form fields, e.g. with Turba). For more information
see http://lists.horde.org/archives/announce/2009/000512.html.
Thanks Vijay Sankar, Michiel van Baak and Daniel Levai for testing/feedback.
database tables, and see any discrepancy between what currently exists
and what is described (great tool for cleaning up after updates or
debugging existing problems).
note: this version of opera has font issue on OpenBSD, there are missing
MathML characters and some fonts, like Farsi(?), cannot be displayed at all.
I looked at it, but have no clue what to do about it.
Security Enhancements and Fixes in PHP 5.2.11:
* Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia)
* Fixed sanity check for the color index in imagecolortransparent(). (Pierre)
* Added missing sanity checks around exif processing. (Ilia)
* Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)
- reallow components to not have a label, use the key field for reference instead.
- "quizz-like" behavior: compare submissions against a default submission (only works for select fields so far)
Provides a simple, quick means of serializing perl memory structures
(including object data!) into a format that PHP can deserialize()
and access, and vice versa.
