rebar wants to download missing dependencies on the fly, but that won't work out
too good in the ports tree, so erlang.port.mk now removes those dependency declaration
sections.
Webmachine is an application layer that adds HTTP semantic awareness on
top of the excellent bit-pushing and HTTP syntax-management provided by
mochiweb, and provides a simple and clean way to connect that to your
application's behavior.
ok aja@
SilverStripe CMS is an open source web content management system used by
governments, businesses, and non-profit organisations around the world.
It is a power tool for professional web development teams, and web
content authors rave about how easy it is to use.
ok aja@
some checksum checks in the installer and it's becoming a maintenance
nightmare. People wanting to use it are better of downloading the
tarball directly and use the official installer/updater.
ok jasper@
- see http://www.seamonkey-project.org/releases/seamonkey2.16/
- fixes MFSA 2013-21->28
- provides a builtin pdf viewer (pdf.js)
- remove patch-mozilla_toolkit_system_gnome_nsGIOService_cpp (#805202), firefox
now properly links with gio instead of dlopening it
- remove patch-mozilla_toolkit_xre_nsXREDirProvider_cpp and
patch-mozilla_xpcom_io_nsAppFileLocationProvider_cpp, merged upstream (#803955)
- see http://www.mozilla.org/en-US/firefox/19.0/releasenotes/
- fixes MFSA 2013-21->28
- provides a builtin pdf viewer (pdf.js)
- remove patch-toolkit_system_gnome_nsGIOService_cpp (#805202), firefox
now properly links with gio instead of dlopening it
- remove patch-toolkit_xre_nsXREDirProvider_cpp and
patch-xpcom_io_nsAppFileLocationProvider_cpp, merged upstream (#803955)
https://www.djangoproject.com/weblog/2013/feb/19/security/
- Host header poisoning: an attacker could cause Django to generate
and display URLs that link to arbitrary domains.
- Formset denial-of-service: an attacker can abuse Django's tracking
of the number of forms in a formset to cause a denial-of-service attack.
- XML attacks: Django's serialization framework was vulnerable to
attacks via XML entity expansion and external references.
- Data leakage via admin history log: Django's admin interface could
expose supposedly-hidden information via its history log.
'JavaScript related stability issues' for a well known social
network site (bug #831626).
While here remove patch for #830303, commited upstream in
mozilla-release just after 18.0.1.
gconf_ping() will try to shutdown gconfd, but since installing pkg is
done as root, there is not gconfd nor dbus that can be started when
DISPLAY isn't set and an annoying warning is issued.
discussed with espie@
phpVirtualBox is an open source, AJAX implementation of the VirtualBox
user interface written in PHP. As a modern web interface, it allows you
to access and control remote VirtualBox instances.
<...>
ok jasper@ sthen@
- server-side request forgery vulnerability and remote port scanning
using pingbacks
(http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html)
- cross-site scripting via shortcodes and post content
- cross-site scripting vulnerability in the external library Plupload
ok merdely@
mod_jk is a DSO module for Apache2. It connects Apache to Tomcat.
mod_jk can be configured to off-load SSL processing to Apache, serve
static content for webapps and load balance multiple Tomcat servers.
ok kurt@
tweaks & ok sthen@
Fix handling of If-Modified-Since if If-None-Match is present (don't
return 412 for date parsing errors); follow current draft for HTTP/1.1,
which tells us to ignore If-Modified-Since if we have matching etags.
ok sthen@
#ifdef'd headers to be used and dpb was junking it thus breaking the build;
fix by improving detection for backtrace_symbol_fd / libexecinfo and
explicitly using it.
Changes since 2.3.3:
Version 2.3.5
- Fix an issue when creating the redirector report. Sarg was not
creating the unsorted file as expected. That regression was
introduced in sarg 2.3.4.
Version 2.3.4
- Fix an error occuring when serveral user's ID contain at least
two consecutive non alphanumeric characters. In that case, the
mangled file name is not unique. Thanks to Fabiola and Pecha for
reporting this bug.
- Remove a warning about the redirector file that can't be deleted
when it is not created.
ok ajacoutot@
- add an rc script
- fix incompatibility with pcre 8.3+, patch from Debian
- distfiles are now on sourceforge
- drop maintainer; no response to emails
ok abieber@
* Save gid option with --save-session option
* Added --gid option
* Use 64 bits random bytes as GID
* Fixed BitfieldMan::getOffsetCompletedLength overflow on 32-bit systems
* Changed console readout, making it more compact
* Compact readout when more than 1 simultaneous downloads are going on
* Console color output
* Logger: Simplified console output and change level format in log
Ok benoit@
out of date and subject to serious security vulnerabilities, updating
it causes a lot of ports churn for little benefit, and nobody has
offered to maintain it.
OK ajacoutot@, jcs@, jasper@
- see http://www.seamonkey-project.org/releases/seamonkey2.15/
- fixes MFSA 2013-01 -> 20
- build with clang on i386/amd64 and with gcc 4.6 on powerpc. Required
since upstream dropped support for gcc < 4.4.
- don't build against systemwide jpeg anymore since it now needs its
internal libjpeg-turbo.
- add a stub method to sydney_audio_sndio.c in post-patch.
- add patch-mozilla_toolkit_mozapps_installer_packager_mk to fix a tar
vs $(TAR) usage (bug #815793)
- remove patch-ipc_chromium_src_base_atomicops_h, not needed anymore
- remove enigmail genxpi patch, and to a SUBST_VARS dance with an
XPCOM_ABI variable for the consistent naming of the new internal
libsuprocess ipc lib.
- add an enigmail patch to link with -shared
- see http://www.mozilla.org/en-US/firefox/18.0/releasenotes/
- fixes MFSA 2013-14 -> 20
- build with clang on i386/amd64 and with gcc 4.6 on powerpc. Required
since upstream dropped support for gcc < 4.4.
- don't build against systemwide jpeg anymore since it now needs its
internal libjpeg-turbo.
- add a stub method to sydney_audio_sndio.c in post-patch. Cant add it
to the file in cvs directly otherwise it breaks other mozillas
- remove patch-ipc_chromium_src_base_atomicops_h, not needed anymore
ok sthen@
