Commit Graph

869 Commits

Author SHA1 Message Date
reinhard
1e8bfc57fc use jdk-1.3; thx ian@, nino@
*) bump NEED_VERSION
*) fix docs location

with jdk-1.2 tomcat breaks with:
Starting service Tomcat-Standalone
Apache Tomcat/4.0.2
SIGSEGV   11*  segmentation violation
        stackpointer=0xdfbfcbdc
OUCH: nested memory code, to 1 levels.
2002-03-29 11:10:54 +00:00
wilfried
eabe27475e add minor number to sharedlib, ok espie@ 2002-03-27 13:29:15 +00:00
brad
c9c1b5e165 module name was wrong from the very beginning thus the module was not
being removed on deinstall.
2002-03-26 03:19:43 +00:00
brad
829a7b6a31 don't try to remove the sub-dir
libdata/perl5/site_perl/${MACHINE_ARCH}-openbsd/Bundle
2002-03-26 02:53:38 +00:00
matt
e44d12be40 Upgrade to 2.5.1b1, as it's got a few important fixes, and nobody
knows if 2.5.1 is going to come out in time for the release.

Also add my patch to fix setuid support (not used by default) and
set our own version string to distinguish this from an "official"
Zope release.
2002-03-26 02:50:23 +00:00
brad
b5fbf38e7c need to specify some more libs when linking, now this links properly on ELF sytems. 2002-03-25 14:56:54 +00:00
brad
911db34a86 upgrade to 20020311 snapshot of konqueror-embedded
--
Ok'd by: maintainer
2002-03-25 00:35:41 +00:00
pvalchev
4c9c414733 oops 2002-03-24 18:53:16 +00:00
pvalchev
ae4fbee629 huh? sync with new version 2002-03-24 18:33:46 +00:00
peter
3591c8a318 enable p5-Apache-ASP 2002-03-22 15:28:10 +00:00
peter
3d84d50d69 Initial import of Apache::ASP 2.31
"Apache::ASP provides an Active Server Pages port to the Apache Web
Server with Perl scripting only, and enables developing of dynamic
web applications with session management and embedded perl code."
2002-03-22 08:49:29 +00:00
espie
d900d189e1 Bump NEED_VERSION 2002-03-21 21:25:50 +00:00
brad
39748ff848 upgrade to Squid 2.5.PRE5 2002-03-21 21:17:54 +00:00
espie
5b37289c23 md5->distinfo 2002-03-21 19:59:18 +00:00
brad
df3237cd16 These ports are only useable on i386. 2002-03-21 14:21:30 +00:00
form
f77f85dd37 upgrade to 5.22
SECURITY ADVISORY                                      20th March 2002
----------------------------------------------------------------------
Program: analog
Versions: all versions prior to 5.22
Operating systems: all
----------------------------------------------------------------------
Yuji Takahashi discovered a bug in analog which allows a cross-site
scripting type attack.

It is easy for an attacker to insert arbitrary strings into any web
server logfile. If these strings are then analysed by analog, they can
appear in the report. By this means an attacker can introduce
arbitrary Javascript code, for example, into an analog report produced
by someone else and read by a third person. Analog already attempted
to encode unsafe characters to avoid this type of attack, but the
conversion was incomplete.

Although it is not known that this bug has been exploited, it is easy
to exploit, and all users are advised to upgrade to version 5.22 of
analog immediately. The URL for analog is http://www.analog.cx/
I apologise for the inconvenience.

Thank you to Yuji Takahashi, Motonobu Takahashi and Takayuki Matsuki
for their help with this bug.

                                                        Stephen Turner
                                         analog-author@lists.isite.net
2002-03-20 13:09:29 +00:00
couderc
216311823b Update comment, thanks jcs@ 2002-03-20 11:43:52 +00:00
brad
670c14f805 remove section which disables optimization, our compiler does not seem to have this bug. also fixes build on powerpc. 2002-03-19 15:20:07 +00:00
couderc
f8df742085 Add dillo 2002-03-18 14:39:23 +00:00
couderc
2c898eca3f Initial import of www/dillo
--
Dillo is a graphical web browser that's completely written in C,
very fast, small in code and binary. It basically depends on GTK+,
and renders a good subset of HTML, frames are managed same as lynx,
no jvm, no javascript.
2002-03-18 14:31:20 +00:00
espie
694ee2b937 Move konqueror-embedded files out of the way, so that no conflict is left. 2002-03-18 04:11:20 +00:00
espie
bacf19755d Fix (forgot to run update-patches) 2002-03-18 03:24:34 +00:00
brad
a1fd9c6a8f Enable these modules on alpha, powerpc and sparc64. 2002-03-17 05:04:36 +00:00
brad
ffb48943d1 Enable these modules on alpha, powerpc and sparc64. 2002-03-17 04:55:03 +00:00
espie
3a34c2326a Fix https 2002-03-17 00:57:53 +00:00
brad
f774579827 It's a bit unusual when I see in the Squid log that I'm supposedly running
i386-unknown-freebsd3.5 when I'm actually on a powerpc-unknown-openbsd3.0
system, turns out there is a stale auto-generated autoconf.h in the
distfile.
2002-03-16 19:05:26 +00:00
brad
10c5d0f6cd enable SEPARATE_BUILD 2002-03-16 18:18:30 +00:00
espie
58801953c6 +konqueror-embedded 2002-03-15 23:11:19 +00:00
espie
092ce92a3f snapshot of konqueror-embedded. Lean and mean.
Todo: fix things that don't work, like https. Look at core dumps.
Remove conflict with kdebase by renaming stuff.
2002-03-15 22:22:38 +00:00
danh
ba4c9ffd1e change strcat -> strlcat, strcpy -> strlcpy, sprintf -> snprintf 2002-03-15 20:50:04 +00:00
danh
572ea22601 mark BROKEN; security hole, contains buffer overflow 2002-03-15 17:43:14 +00:00
reinhard
079c738705 *) update to jserv 3.2.4 (sync with jakarta-tomcat 3.2.4)
*) mark BROKEN:
HANDLER THREAD PROBLEM: java.net.SocketException: Resource temporarily unavailable: Resource temporarily unavailable
java.net.SocketException: Resource temporarily unavailable: Resource temporarily unavailable
        at java.net.SocketInputStream.socketRead(Native Method)
        at java.net.SocketInputStream.read(SocketInputStream.java:90)
        at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
        at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
        at org.apache.tomcat.service.connector.AJP12RequestAdapter.readNextRequest(Ajp12ConnectionHandler.java:233)
        at org.apache.tomcat.service.connector.Ajp12ConnectionHandler.processConnection(Ajp12ConnectionHandler.java:147)
        at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
        at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
        at java.lang.Thread.run(Thread.java:484)
2002-03-12 13:04:31 +00:00
reinhard
d8b5eee351 update to jakarta-tomcat 3.2.4 2002-03-12 12:57:28 +00:00
matt
cc4b42317d add zope-cmf 2002-03-12 02:57:43 +00:00
matt
e91d90caea add zope-cmf-1.2 2002-03-12 02:55:18 +00:00
naddy
a629aca91d fix distfile fetching for m17n flavor 2002-03-11 23:00:24 +00:00
naddy
5d4f4c933b Update to 0.3 and m17n-20020311. 2002-03-11 18:36:42 +00:00
naddy
5732519f3c Rename setpgrp() macro to avoid clash with function prototype.
This makes the m17n flavor build again.
2002-03-10 15:20:05 +00:00
brad
e710bfd4c3 add powerpc support, mostly related to ELF. 2002-03-10 07:44:43 +00:00
brad
dc1d731a87 drop the ampersand in the example 2002-03-09 18:11:16 +00:00
avsm
13141e0740 upgrade to php-4.1.2
closes a security issue in multipart form handling (buffer overflow)

temporarily disable the freetds flavour, since the m4 patch cannot
seem to be regenerated
2002-03-03 12:13:29 +00:00
form
c8e6ea89c9 upgrade to 5.21 2002-03-01 10:07:25 +00:00
brad
db7d8cd8ce - fix CONFIGURE_ARGS option to enable removal policies (heap)
- enable diskd
2002-03-01 04:36:29 +00:00
couderc
eb2180b8dd update maintainer 2002-02-28 20:06:27 +00:00
naddy
0190479afb Ping-pong. File descriptor sharing across rfork() is safely available
again, so re-enable asynchronous DNS lookups.
2002-02-27 18:43:34 +00:00
brad
53bf90fee3 security fixes
PHP supports multipart/form-data POST requests (as described in RFC1867)
known as POST fileuploads. Unfourtunately there are several flaws in the
php_mime_split function that could be used by an attacker to execute
arbitrary code.
- broken boundary check
- arbitrary heap overflow
--
Ok'd by: maintainer
2002-02-27 16:31:59 +00:00
naddy
d8c69489f7 +reportmagic 2002-02-27 01:02:58 +00:00
naddy
b2aa01ab84 Import reportmagic 2.13l; submitted by Sam Smith <s@msmith.net>.
This program is an add-on for Analog, which produces nice looking
reports from the analysis of your logfiles. It does not require
Analog to be installed, merely the output from analog to be available
2002-02-27 01:01:57 +00:00
brad
2a4d9f706b - rearrange
- pass in PKGNAME so the errors and icons notice/install messages do not
have some unexpected spaces
2002-02-21 21:03:52 +00:00
brad
ad5edec476 checksums changed for 2.5.PRE4, minor fix. 2002-02-21 16:53:07 +00:00