CasperJS is an open source navigation scripting & testing utility
written in Javascript for the PhantomJS WebKit headless browser and
SlimerJS (Gecko). It eases the process of defining a full navigation
scenario and provides useful high-level functions, methods & syntactic
sugar for doing common tasks such as:
defining & ordering browsing navigation steps
filling & submitting forms
clicking & following links
capturing screenshots of a page (or part of it)
testing remote DOM
logging events
downloading resources, including binary ones
writing functional test suites, saving results as JUnit XML
scraping Web contents
sthen@ found that the mailcap mechanism can spawn a viewer. Rename
the hardcoded /etc/mailcap and ~/.mailcap files to /dev/null and
disable the ability to undo that via a config file. lynx copes by
offering to download files with MIME types it can't handle itself.
fcambus found that "lynx index.html" + typing e spawns an editor.
Hardcode "no_editor = TRUE" before pledge() and tweak manpage.
Most of this is by fcambus (MAINTAINER).
/dev/null bit from me, based on a hint from sthen@.
ok sthen@ on previous version
https://groups.google.com/forum/#!topic/golang-announce/9eqIHqaWvck
"Go's crypto libraries passed certain parameters unchecked to the
underlying big integer library, possibly leading to extremely
long-running computations, which in turn makes Go programs vulnerable to
remote denial of service attacks. Programs using HTTPS client
certificates or the Go SSH server libraries are both exposed to this
vulnerability.
This is CVE-2016-3959 and was addressed by this change:
https://golang.org/cl/21533
Thanks to David Wong for identifying this issue."
ok sthen@ Ian McWilliam
CVE-2015-5370 (Multiple errors in DCE-RPC code)
CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
CVE-2016-2112 (LDAP client and server don't enforce integrity)
CVE-2016-2113 (Missing TLS certificate validation)
CVE-2016-2114 ("server signing = mandatory" not enforced)
CVE-2016-2115 (SMB IPC traffic is not integrity protected)
CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
See https://www.samba.org/samba/history/samba-4.3.8.html for more
information.
While here:
* add proj to RUN_DEPENDS (libproj is dlopen'ed on the fly by
proj.py, and if not found it would fallback to py-proj). Prompted after
a mail by attila
* add py-requests, py-shapely and py-gdal to TEST_DEPENDS
* fix python shebang in tests - now only 5 tests should fail
