fix for CVE-2011-4885 included in PHP 5.3.9
Note that the Suhosin extension (which is enabled by default in our packages)
mitigates against this problem
ok robert@ ajacoutot@
This solves some nasty 5.0 -> current update problems.
Up to 5.0, lots of php-using packages were depending on php-mysql-5.2.
So the dependencies would update to php-mysql-5.2 from current.
BUT the php-using packages are now depending on 5.3 -> internal conflict !
With this change, things work again. After the update, you end up with
php-mysql-5.2 AND php-mysql-5.3, you can then try pkg_delete -a to weed
out "unneeded" php*-5.2
okay sthen@, ajacoutot@
- deal with ldconfig shitz being run at fake install everywhere
- fix sprintf/strcpy usage in libestdc++ so we don't get a warning every time
we compile a C++ program
Everything brought up by espie@.
Stack overflow, only affects a very specific and unusual non-default
configuration: transparent cookie encryption enabled, HTTP response
splitting protection disabled, *and* a PHP application must allow
unfiltered user input to header() in order to be affected.
Good write-up at http://seclists.org/fulldisclosure/2012/Jan/295
ok robert@
CONFIG_SITE even if the FSF says no.
Also, finally get rid of the stage3 build/comparison, since apart from
taking build time, it's not really THAT useful unless you're specifically
debugging gcc.
libc.so from OpenBSD 5.0, and tweaks the ada scripts to LD_LIBRARY_PATH
the bundled library.
That way, we should be able to get away by providing a new bootstrap ways
less often (preferably every release, but things won't break if we do it
even LESS often).
- uncomment a couple of lines in the default php-fpm.conf so you
don't have to make any changes before it will start up
- add missing crypt_blowfish.h header to PLIST-main
ok robert@
matching the requirements of haskell-platform-2011.4.0.0.
Moving the xhtml library back to a separate port (www/hs-xhtml)
would be nice but it causes too much headache (like dependency
cycles with devel/haddock).
(from OpenBSD 5.0-release), thanks ajacoutot@ for hosting the distfile.
- check that the bootstrap egcc can actually run; the reason for failure
due to missing libs is now clear (previously it was a cryptic "C compiler
cannot create executables" type message during configure).
Suspending multithreaded programs built with ghc (including ghc
itself) should just work[tm] now. (Except for the bootstrapping
compiler which of course still uses the old code)
- fix conflict with speech-dispatcher
- fix gen-versions target
- i386 ethread compat
update to R14B04 from dlg@, rest by piotr sikora and me
tested with rabbitmq and ejabberd on amd64; sparc64 is still happy too
maintainer timed-out
Also include the compiler standard libraries under compiler-libs/, as this
is the convention adopted by other packaging (Debian, FreeBSD), and is used
by various utility software such as the Lwt interactive toplevel and some
of the graphical IDEs.
CoffeeScript is a little language that compiles into JavaScript.
Underneath all those awkward braces and semicolons, JavaScript has
always had a gorgeous object model at its heart. CoffeeScript is an
attempt to expose the good parts of JavaScript in a simple way.
The golden rule of CoffeeScript is: "It's just JavaScript". The code
compiles one-to-one into the equivalent JS, and there is no
interpretation at runtime. You can use any existing JavaScript library
seamlessly from CoffeeScript (and vice-versa). The compiled output is
readable and pretty-printed, passes through JavaScript Lint without
warnings, will work in every JavaScript implementation, and tends to run
as fast or faster than the equivalent handwritten JavaScript.
Feedback and OK jasper@
without any modifications to PATH. To run an ruby program that is
installed in jruby's bin directory (which no longer needs to be in the
PATH), use jruby -S program.