This one stopped working and such keys are personalized anyway.
Tweak README to suggest using .xsession/xenodom(1) in favour of
.xinitrc/startx(1) to set things up.
Result of minitube appearing broken.
Feedback OK bcallah
devhelp ships a single Python script which is a gedit plugin, nothing
else in devhelp requires Python at runtime.
Remove lang/python module usage; Both Python 3 (through meson) and 2
(through a secondary BUILD_DEPENDS in the chain) are pulled in during
build anyway.
gedit itself has a direct Python 3 as RUN_DEPENDS.
devhelp not having a Python RDEP allows installing the "xfce" meta package
without requiring Python 2.
Ok aja
PyPI projects that already list multiple supported Python versions cause
portgen(1) to generate a flavoured port; of leaving FLAVOR emtpy, opt for
the highest available version.
This makes it use FLAVOR?=python3 insteaf of FLAVOR?= (empty) if any
sypport higher than Python 2 is listed.
Note that PyPI projects listing either only one sypported version or none
at all are not effected by this diff.
OK afresh1 kmos
Kicad's PCB editor, its main feature, leads to segfaults. oce, whose
only consumer is Kicad, takes 53 hours to build in the lastest macppc
bulk. Mark them BROKEN to save bulk time.
While here move Kicad's homepage to https.
ok jca@ tracey@ sthen@
Security fixes:
- Cross-Site Scripting (XSS) via malicious HTML content
- CSRF attack can cause an authenticated user to be logged out
- Remote code execution via crafted config options
- Path traversal vulnerability allowing local file inclusion via crafted
'plugins' option
The latter two vulnerabilities are classified minor because they only
affect Roundcube installations with public access to the Roundcube
installer. That’s generally a high-risk situation and is expected to be
rare or practically non-existent in productive Roundcube deployments.
However, the fixes are done in core in order to also prevent from future
and yet unknown attack vectors.
Changelog at https://github.com/roundcube/roundcubemail/releases/tag/1.4.4
sthen@ reported that clisp sometimes fails to build, with an error at
MAP_ANON. Some tests, including MAP_ANON, might give a random 'no' when
their fixed addresses conflict with ASLR. Override to 'yes'.
ok sthen@
Alexei dot Malinin at mail dot ru reported a compiler warning that,
in my opinion, probably indicates a security vulnerability, but due
to an incomplete description of the affected feature in the
documentation, it is unclear how it should be fixed. The program
appears to be sloppily written, sloppily documented, and abandoned
upstream 15 years ago.
OK ajacoutot@ for deleting it.
more available.
Also backport an upstream commit so all archs use clock_gettime(2) to
get ticks, instead of architecture/implementation dependent code.
This fixes the build on powerpc.
OK bentley@ (maintainer) and jca@
clang defines __ppc__, unlike ports-gcc that was used previously, and
tries to make use of obsoleted Darwin (Mac OS X) flavored assembly code.
Use the C code instead, until upstream decides what to do about this.
Thanks a lot to gkoehler@ for further precisions!
While here, move HOMEPAGE to https.
OK bcallah@
Do not use the integrated assembler because it break the build.
jca@ proposed to include arm in the fix to give this arch a chance
to build it.
While here, move HOMEPAGE to https.
OK jca@
Just use /var/spool/mpd as the home dir but tweak the perms to prevent
group write access and avoid security(8) warnings. If you already have
mpd installed you might want to update the home dir by hand as
documented in the README.
Prompted by questions and diffs from chrisz@ and a report from Moises
Simon, input from ratchov@ and sthen@, ok sthen@
cpplint.py was only installed for leatherman developers purposes:
4af4e296f5
No need to attract people's attention towards this 10 years old python2
script with a MESSAGE.
ok kn@ sthen@
