* Enabled TCP_NODELAY
* Don't use AC_FUNC_MMAP
* Added --force-save option.
* Get the correct uploaded data size
* Made --http-no-cache false by default
* Fixed memory leak in AsyncNameResolver
* Fixed resource leak in XmlParser and GenericParser
* Reset iostream format state
* gnutls: Added more status checking when verifying peer
* Content-Disposition parser conforming to RFC 6266.
* Reworked download/upload statistics calculation
* Added --rpc-save-upload-metadata option
* Perform SSL/TLS handshake after checking whether connection is
established
* Fixed bug that --enable-mmap won't work if MultiDiskAdaptor is used
* RPC over SSL/TLS transport
* aria2rpc: Added appendUri command
* Don't send Proxy-Connection header field
* Don't set SNI hostname if it does not include "." for GNUTLS
* Disable SSL/TLS compression with OpenSSL
* Pause download even if download is completed
* Use execlp() instead of execl()
Ok remi@ (ex-maintainer)
swiggle is a small command line tool that generates HTML pages,
including thumbnail indexes, for given images (a so called
"web gallery"). It's intended to be easy to use, and since
it is written in C, it's quite speedy.
with feedback from ajacoutot@ and sthen@
ok sthen@ and Sergey Bronnikov (MAINTAINER
- Fixes bug #814101 - Font Issue
- Reverted user agent change (was bug #588909) causing some website
incompatibilities, see #815743
- Readd the --with-system-jpeg locally (to remove in 18), and remove all the
configure_env/args/build_depends stuff that moved to moz.port.mk.
- add @pkgpath/@conflict markers to update www/firefox35 users to the
latest and greatest !
You served us well but you're EOL'ed upstream since 18 months, and your
only reason d'etre was the java plugin from jdk 1.6. But those days this
one doesnt receive updates from oracle, and icedtea-web seems to do a
good job at running java crapplets.
Users will be upgraded for free to www/mozilla-firefox !
General agreement/yays from ajacoutot@ tobiasu@ dcoppa@ krw@ kurt@
- Add gtar to BUILD_DEPENDS everywhere in moz.port.mk, since fx 18 will
start using gtar-only options. Ditto for unzip, used during install.
- special-case the deps for firefox/thunderbird/seamonkey, since those
are maintained on the long-term. Only those need to depend on the
latest and greatest nss/nspr.
- move the '--relax LDFLAGS for ppc' to moz.port.mk
- move the 'yasm BUILD_DEPENDS for i385/amd64' to moz.port.mk
- move more common CONFIGURE_ARGS to moz.port.mk (libevent,gio,bz2,gconf..)
- fix MODMOZ_WANTLIB wrt nss/nspr majors
- ensure we depend on sqlite3>=21, needed for fx/tb 18
- use --with-system-jpeg only in firefox36/sunbird/fennec/xulrunner,
fx/tb 18 will have to use its bundled libjpeg-turbo (#791305)
- bump REVISIONs for the WANTLIB/LIB_DEPENDS change.
This is merged from work by myself and Matthias Pitzl @ genua, thanks to
Rodolfo Gouveia for testing with NTLM.
Flavours have been removed:
- the external helper programs for NTLM/LDAP are now in subpackages:
squid-ldap and squid-ntlm.
- SNMP support is built by default in Squid 3.x so this has moved
to the main package (no external dependencies for this).
Forgot to cvs rm patch-configure_in, leading to a packaging failure
since libmozgnome.so was forcedly disabled by the patch.
Reported by sthen@ and nigel@
No bump since it didnt package, and the PLIST doesnt change anyway.
- see http://www.seamonkey-project.org/releases/seamonkey2.14/ for details.
- tidy up WANTLIB/CONFIGURE_ARGS
- enable the gio/libnotify interaction. If libnotify is found at
runtime, a popup will show incoming messages notification/download complete.
- install an icon in pixmaps/ for the desktop file, like in ffx/tb
- fix desktop file Exec line so that an argument can be passed to seamonkey
- remove patch-mozilla_browser_app_profile_firefox_js, this is spar^Wseamonkey!
- for the other patches removed/added, same comments as for ffx apply
- see http://www.mozilla.org/en-US/firefox/17.0/releasenotes/ for details
- enable the gio/libnotify interaction, since it brings no additional
dep. libnotify will be dlopened at runtime if present, and gio is
already in the dependency chain. The latter will interact with the gio mime
database for file associations, and firefox will ask the user if he
wants to register it as the default http:// handler. The former will
show a notify popup upon download completion, among others.
- add build depends on yasm in i386/amd64 for webm
- remove patch-browser_app_profile_firefox_js, the updater is already disabled
- remove gstreamer patches from #776838, #777696 & #747257, merged upstream
- remove ipc_message_utils.h patch from #775428, commited upstream
- remove mozalloc.cpp patch, <sys/types.h> is already included above
- remove xpcshell hang patchset from #706955, cant reproduce anymore
- remove patch-security_manager_ssl_src_Makefile_in, unneeded
- remove OS.File extra logging from #785200, merged upstream
- add patch-toolkit_system_gnome_nsGIOService_cpp, workaround for
#805202 (libgio-2.0.so dlopening), to be removed in fx 19
- remove xpcom arm patch from #783875, merged upstream
ok sthen@
- take maintainership from Douglas Santos <dsantos@hydroxyl.org>
- add ldap flavor for loginname to username translation via ldap
feedback from and ok sthen@
AWStats is a free powerful and featureful tool that generates
advanced web, streaming, ftp or mail server statistics, graphically.
This log analyzer works as a CGI or from command line and shows you
all possible information your log contains, in few graphical web
pages. It uses a partial information file to be able to process
large log files, often and quickly. It can analyze log files from
all major server tools like Apache log files (NCSA combined/XLF/ELF
log format or common/CLF log format), WebStar, IIS (W3C log format)
and a lot of other web, proxy, wap, streaming servers, mail servers
and some ftp servers.
with help and ok ajacoutot@ sthen@
Heap-based buffer overflow after triggering event attached to applet
pointed out by jasper@
Other issues in some java applets are being worked on and will be fixed soon.
GitList allows you to browse repositories using your favorite browser,
viewing files under different revisions, commit history and diffs.
GitList is free and open source software, written in PHP, on top of
Silex and the Twig template engine.
feedback/ok ajacoutot@
- add a gtk3 flavor to be used by webkit-gtk3 browsers, tested with
midori-gtk3. Mozilla doesnt care which version is installed and works
with both. Webkit only sees icedtea if the gtk version match..
- fix javaws shebang to use bash (pointed out by jiri b)
Vegas aims to solve the simple problem of creating executable versions
of Sinatra/Rack apps. It includes a class Vegas::Runner that wraps
Rack/Sinatra applications and provides a simple command line interface
and launching mechanism.
ok jeremy@
- ui problem with large enums
- fix possible problem where default_timezone isn't set in php ini
(this one probably doesn't affect us, seems to be php 5.4+ only)
this version has as many security holes as a sieve and users of tikiwiki
on openbsd would've just extracted the distfile instead of an ancient port,
ok aja@
Problem reported and tests from giovann@ and Jean Gerard
(jg at rilk.com).
finally OK giovanni@
same applies to the just updated SOPE, where I hit the go button
just too fast ;)
and the line with the unregister.sh script down to the bottom of
the plist. Silences all the blurb about ".../*.haddock doesn't exist
or isn't a file."
diff submitted by Ryan Boggs (MAINTAINER), thanks!
This update fixes a security issue related to host header poisoning.
more details at: ttps://www.djangoproject.com/weblog/2012/oct/17/security/
(it wants Data.Serialize.IEEE754).
Bump the other ports where necessary (because their haskell package
signatures changed).
Suggestion about bumps, and ok kili@
for ruby scripts, so they work correctly without setting up
symlinks manually. Use nginx 1.2.3 for standalone version.
Heads up on curl issues from Peter Ljung via william@
- see http://www.seamonkey-project.org/releases/seamonkey2.13/ for details
- remove patch-mozilla_build_unix_mozilla_in, useless since bin/seamonkey
is not a script anymore since a while
- remove patch-mozilla_build_unix_run-mozilla_sh, seamonkey can be directly
debugged in gdb now. update README accordingly
- fix plugin path in README
- see http://www.mozilla.org/en-US/firefox/16.0/releasenotes/ for details
- install an icon into share/pixmaps to fix desktop file icon path
- garbage collect patch-browser_installer_Makefile_in, and
patch-browser_installer_package-manifest_in, were from upstream
- remove patch-build_unix_mozilla_in, useless since bin/firefox is not a
script anymore since a while
- remove patch-build_unix_run-mozilla_sh, firefox can be directly
debugged in gdb now. update README accordingly
- remove patch-config_autoconf_mk_in, XCFLAGS are already passed
- update patch-content_media_gstreamer_nsGStreamerReader_cpp to fix
gstreamer on BE archs (#777696)
- update patch-extensions_spellcheck_hunspell_src_mozHunspell_cpp after
nsILocalFile api removal
- remove useless patch-gfx_thebes_Makefile_in pangox patch
- fix PLIST to use proper MOZILLA_VERSION instead of beta MOZILLA_VER
on the whole gstreamer gang which are only uses by web browsers to
display audio/video.
So remove RUN_DEPENDS, it'll be explicitely added to webkit browsers
with a small comment so that maintainers of such browsers can decide
which gstreamer dependencies they need/want.
ok landry@ (maintainer)
* Fixes some issues in the admin area where some older browsers (IE7,
in particular) may slow down, lag, or freeze.
* Fixes the use of multiple trackback URLs in a post.
Prevents improperly sized images from being uploaded as headers from
the customizer.
* Ensures proper error messages can be shown to PHP4 installs.
(WordPress requires PHP 5.2.4 or later.)
* Fixes handling of oEmbed providers that only return XML responses.
* Addresses pagination problems with some category permalink
structures.
* Adds more fields to be returned from the XML-RPC wp.getPost method.
* Avoids errors when updating automatically from very old versions of
WordPress (pre-3.0).
* Fixes problems with the visual editor when working with captions.
Tested on i386.
Ok merdely@
ports, for the ports that are built both on ruby 1.8 and ruby 1.9,
switch the category Makefiles to explicitly list the ruby18 FLAVOR
instead of the ruby19 FLAVOR.
Also, for home_run, fastri, and fastercsv, explicitly build only the
ruby 1.8 version of the port. These libraries can run on ruby 1.9, but
it doesn't make sense to build a ruby 1.9 version by default.
FLAVOR and FLAVORS set to ruby18, so attempting to build them without a
FLAVOR set still builds the ruby 1.8 version.
Remove MAINTAINER at his request.
- remove useless patch to gfx/thebes/Makefile.in adding -lpangox-1.0 to
EXTRA_DSO_LDOPTS, this was maybe useful before ffx 3.0, but mozilla
stopped using pangox between 2.0 and 3.0. See for the last traces of
pangox.h use : https://bugzilla.mozilla.org/show_bug.cgi?id=528941. See
also bugs #323671/#338446
- backport the patch from #528941 to remove useless pangox.h inclusion
from www/firefox35.
- remove the RUN_DEPENDS on pangox-compat
- bump all corresponding REVISIONS
- while here, make sure all moz ports depend on latest nspr 4.9.2 since
it'll be a requirement for upcoming gecko 16 releases
The situation is this: even when we --disable-gtk-doc, if gtk-doc is
actually installed at configure stage, tools like gtkdoc-rebase will be
picked up and run during the install target. That is bad because the
gtk-doc package may have been removed by then, especially during dpb(1)
bulks (we explicitely disable support for it so why should it stay...).
So for now, let's add the following env to configure whenever we use
--disable-gtk-doc, until a bettersolution is found...
CONFIGURE_ENV +=ac_cv_path_GTKDOC_CHECK="" \
ac_cv_path_GTKDOC_REBASE="" \
ac_cv_path_GTKDOC_MKPDF=""
* Unbreak custom URI handling
* Fix display of about:favorites with no favorites
* Prevent using back on an about:secviolation page from returning back
to the exact same page that triggered the cert warning.
* Fix build with glib 2.30.0
* Kill a crash when using older libsoup versions
* Sync the preloaded HSTS list with Chromium's
Tested on amd64.
Ok kili@
- allow multiple AddHeader directives
- fixed memory leak in config/AddHeader
- fixed memory leak in DH
- fixed problem in SNI certificate storage
- changed long to long long for support of requests larger than 2GB
- added parsing for certificate CN
- fixed problem in task enqueing
- fixed small problem in Makefile
And others, while here, GROFF is not needed and patches applied
upstream.
Ok 'Looks fine' aja@
separate from the version in the base OS which deliberately does not include
the mail proxy and additional modules. rc.d/enginx script is added (not
rc.d/nginx to avoid conflicting with base). Lua module is also supported.
Most of the work done by william@, with a few tweaks by me and ok william.
README could use more work and as pointed out by ajacoutot we need to
review permissions of the tmp directory, but the diff is already long enough.
@pkgpath markers are set to update from the 1.0.x packages to 1.2.x (with or
without the passenger flavour as appropriate).
GLPI is the Information Resource-Manager with an additional
Administration- Interface. You can use it to build up a database with an
inventory for your company (computer, software, printers...). It has
enhanced functions to make the daily life for the administrators easier,
like a job-tracking-system with mail-notification and methods to build a
database with basic information about your network-topology.
ok aja@
* [NEW] force_https setting and https command to force a given domain
to always use HTTPS
* [NEW] Use force_https to provide a preloaded HSTS list to help avoid
the ssl stripping attack. Sites in this list are taken from
Chromium's preloaded HSTS list, and additional domains added by the
xombrero authors.
* Add a workaround to fix a GTK focus bug until it has been fixed
upstream (see https://bugzilla.gnome.org/show_bug.cgi?id=677329)
* Modify the about:allthethings output to a more C-like syntax
* Remove the usage of relying on some deprecated webkitgtk signals
* Prevent spitting out warnings of deprecated gcrypt functions when
building
* Prevent a crash when using editsrc on about:blank or any other blank
page
* Many various code cleanups
And more.
Ok pascal@
* Fixed base64::decode() return "" if input ends with garbage and no
padding.
* Fixed segmentation fault when logger failed to open log file.
* Added new file allocation method called 'trunc'. --file-allocation
option can now take new value 'trunc'. 'trunc' uses ftruncate()
system call or platform-specific counterpart to truncate a file to a
specified length.
* Added TLS SNI support.
Ok rpointel@ (maintainer)
High-level cross-protocol url-grabber.
Using urlgrabber, data can be fetched in three basic ways:
urlgrab(url) copy the file to the local filesystem
urlopen(url) open the remote file and return a file object
(like urllib2.urlopen)
urlread(url) return the contents of the file as a string
ok aja@
Mozilla Sync server allows bookmarks, tabs, settings, addons, passwords
and history to be shared across several mozilla instances. Most work
done before previous lock, polished last month and finally here it is!
See https://support.mozilla.org/en-US/kb/how-do-i-set-up-firefox-sync
and the provided README for how to set it up properly.
ok sthen@ on a previous version.
- see http://www.seamonkey-project.org/releases/seamonkey2.12/
- garbage collect nsSound.cpp, the original one uses libcanberra
properly and thus sndio.
- remove patch from #750620, merged upstream (mfbt/double-conversion)
- remove patches from #691898, merged upstream (yarr jit ppc)
- remove useless crashreporter patch, we don't have breakpad
- see http://www.mozilla.org/en-US/firefox/15.0/releasenotes/
- add -Os hack to fix a relocation error when linking on ppc (as was
done in tb since 10..)
- garbage collect nsSound.cpp, the original one uses libcanberra
properly and thus sndio.
- remove patch from #750620, merged upstream (mfbt/double-conversion)
- remove patches from #747257, merged upstream (gstreamer fix)
- remove patches from #691898, merged upstream (yarr jit ppc)
CVE-2012-4377 Stored XSS via a File::link to a non-existing image
CVE-2012-4378 Multiple DOM-based XSS flaws due improper filtering of
uselang parameter
CVE-2012-4379 CSRF tokens, available via API, not protected when
X-Frame-Options headers used
CVE-2012-4380 Did not prevent account creation for IP addresses
blocked with GlobalBlocking
CVE-2012-4381 Password saved always to the local MediaWiki database
CVE-2012-4382 Metadata about blocks
feedback/OKs from aja@ william@ jasper@ giovanni@ kevlo@
- move MESSAGE to README.
- add missing dep on php-mysqli.
- change the unpack/fake-install method to use the standard
extract infrastructure.
- @sample contrib/htaccess into .htaccess so apache can use it by
default if allowoverride is enabled. this does some basic user-agent
checks to reduce the risk of phpmyadmin sites showing up in
search engines.
- provide an @sample'd apache config file which enables use of
the .htaccess file and restricts access to localhost. talk about
this in README so people know what's going on. (phpMyAdmin has
a history of security-related bugs, but because it's rather
commonly used it's much better to have it in ports so that
it can be updated easily; these changes make the default
installation safer).
building the static binary. Fixes build problem reported by nigel@ since the
glib-2.0.pc now (correctly) only lists pthread in Libs.private not in Libs.
ok ajacoutot@
A Gravatar is a Globally Recognized Avatar for a given email address.
This allows you to have a global picture associated with your email
address. You can look up the Gravatar for any email address by
constructing a URL to get the image from gravatar.com. This module
does that.
OK sthen@
* Use proper status codes for "Bad request" (and similar) error messages.
* Negative values in some config options leading to strange situations.
* Path disclosure through error messages in search.php (and others).
* Subscriptions were handled incorrectly when merging or splitting topics.
* Ignore BBCodes in search strings.
* The Technetium style had an issue with resizing images.
* Renaming users would unban them.
And others http://fluxbb.org/forums/viewtopic.php?id=6328
While here, the extract part is not needed.
Ok aja@.
* [NEW] Implement a new setting, do_not_track, to set the Do Not Track
HTTP header. This setting is disabled by default in normal mode and
enabled in whitelist mode.
* Fix the keybindings in the example config so they properly represent
the default values in the source code.
* Add some additional paranoia in the input focus code to prevent a
segfault on some sites (most notably, pnc.com).
* Fix a bug where HSTS would never be enabled if referer_mode = always
* Fix the build when debugging is enabled
* Show a warning when the binary could not be run when executing a
program based on a MIME type, except for the special "donothing"
binary name.
Tested by severals.
Ok aja@ gsoares@
- see http://www.seamonkey-project.org/releases/seamonkey2.11/
- remove the -rpath hack, not needed since matthew's ld.so fix from
12/06
- backport cset from #750620 to fix ppc (and other exotic archs) build.
- force-disable gconf in configure.in (bug #765556)
- remove the chunk from #763408, packaging was fixed
- see http://www.mozilla.org/en-US/firefox/14.0.1/releasenotes/
- enable H.264 video support through gstreamer. Mention that one needs to
manually install gstreamer-ffmpeg. Not all videos/sites will work.
- backport cset from #776838 & #747257 for various gst fixes.
- backport cset from #750620 to fix ppc (and other exotic archs) build.
- backport cset from #752895 to fix packaging issues.
- remove patch-content_xslt_src_base_txDouble_cpp, useless since mozilla
switched to mfbt/double-conversion.
- remove nss opening hack in Sync, it works fine without it.
- remove the -rpath hack, not needed since matthew's ld.so fix from 12/06
Zurmo is an open source CRM application written in PHP utilizing
jQuery, Yii Framework, and RedBeanPHP.
The goal with Zurmo is to provide an easy-to-use, easy-to-customize CRM
application that can be adapted to any business use case.
Special care has been taken to think through many different use cases
with a system designed to provide a high degree of flexibility, covering
a wide variety of use cases out of the box.
<...>
ok jasper@
Merged from diffs from myself, Rodolfo Gouveia and with an rc script from
giovanni@.
This is a security update, fixing CVE-2011-3348, CVE-2011-3368, CVE-2011-3607,
CVE-2011-4317, CVE-2012-0021, CVE-2012-0031 and CVE-2012-0053.
repoze.who is an identification and authentication framework for
arbitrary WSGI applications. it can be configured either as WSGI
middleware or as an API for use by an application.
Required by upcoming firefox sync server port.
ok rpointel@
Provides a CAPTCHA for Python using the reCAPTCHA service. Does not
require any imaging libraries because the CAPTCHA is served directly
from reCAPTCHA. Also allows you to securely obfuscate emails with
Mailhide. This functionality requires pycrypto. This library requires
two types of API keys. If you'd like to use the CAPTCHA, you'll need a
key from https://www.google.com/recaptcha/admin/create. For Mailhide,
you'll need a key from http://www.google.com/recaptcha/mailhide/apikey.
Required by upcoming firefox sync server port.
ok rpointel@
Nodes in block makes it possible to add nodes into a block. A number of
configurable blocks are generated which you can assign to a region.
Visibility settings of this block are automatically set to 'Show on only
the listed pages'. On the node content form, you define the weight and
visibility per node thus making it easier for content administration as
all your content is now in the same place. With this module, you don't
have to explain your customers how blocks work but is still able to
decide on which pages content must be rendered.
AT Commerce is fresh, professionally designed theme for eCommerce sites
with baked in support for the Commerce module and Ubercart.
Mobile eCommerce is supported using responsive design methods, so your
online store will display and work across mobile channels without any
extra work or effort.
Adaptivetheme is a powerful theme framework with smoking hot support for
responsive web design.
Adaptivetheme is the perfect start for themers, site builders and anyone
wanting to support the mobile web without additional development
overhead and cost.
Gives a site owner options to disable specific messages shown to end
users. The core drupal message system as offered by drupal_set_message
is an excellent way for modules to send out messages to the end users.
However not all drupal site owners are keen to show all the messages
sent out by drupal core and all modules to their users. This module
gives site administrators a reasonably powerful way to filter out
messages shown to the end users.
* [NEW] Custom keybound prompts (keybinding = :cmd,key)
* [NEW] Custom uri handling (custom_uri)
* [NEW] Setting to disable proxy at startup (http_proxy_disable)
* [NEW] Setting to cache HTTPS certificates and present warnings when
certificates change to help prevent MITM attacks (warn_cert_changes)
* [NEW] Tab number and proxy enabled notifications (statusbar_elems)
* [NEW] Setting to change default stylesheet used for the userstyle
and userstyle_global commands (usersytle)
* [NEW] Both userstyle and userstyle_global commands may take an
optional argument to a user-specified stylesheet
* [NEW] Setting to change the style of the statusbar to switch between
the page URL and title (statusbar_style)
* Runtime settings are unsettable with ':set setting ='
* Fix some display bugs with the statusbar
* HTML escape text before displaying with about:set, <file> now shows
correctly
* Fix unsetting the statusbar color when opening the command prompt
And a lot of others.
Tested on amd64.
Ok kili@ aja@
minor SHLIB bump
introduce SOGOLIBDIR variable to be used in PLIST, update hint from README:
Upgrade SOGo from < 1.3.16
=======================================
New password schemes were introduced. You may want to set the
userPasswordAlgorithm default, i.e.:
$ defaults write sogod userPasswordAlgorithm ssha
* checking: Catch any errors initializing the MIME database.
* checking: Fix writing temporary files.
* checking: Properly handle URLs with user/password information.
And others.
Delete --no-compile to build pyc and add devel/desktop-file-utils
Tested on i386.
Ok Amit Kulkarni (maintainer) aja@
