Three Kate plugins written in Python migrated to Python 3 and thus
are not available for the moment.
kdelibs-4.x deconflicted with kdebindings-3.x, and kde-runtime-4.x
deconflicted with kdebase-3.x. Most notable change is the renaming
of kreadconfig and kwriteconfig by appending a "4" suffix to them.
All ports in CVS and in WIP repo are checked for usage of all renamed
binaries, but anything else could be broken. Sorry.
KWin renamed in kde-workspace again, to avoid conflict with
KFourInLine.
Default dependencies that came from kde4.port.mk now have additional
restriction ",<5". KDE Frameworks won't hit CVS during current cycle
but it's better to be proactive.
a crafted query against an NSEC3-signed zone, causing the server to exit.
Affects authoritative nameservers serving at least one NSEC3-signed zone.
Does not affect recursive-only servers, or auth servers which do not serve
NSEC3-signed zones.
New download link for server list
(upstream git commit 458e2c2f0d245eca88e9fea48e66bd40036162f4)
If successfully downloaded a server list, and are not connected at
the moment, try to connect.
This happens when no server met is available on startup.
(upstream git commit 41e0edaed86c9be58ae372e419e2cc02cebfa243)
Fix the blasted DoNetworkRearrange()
upstream git commits:
f2307fa12faf9cec62ba85ea02a3abd41b28c86b
mldonkey_importer.pl can import an unlimited number of files
(upstream git commit c7667a3e341c2499b0c9a7299f5b05096247556d)
notable changes:
- workaround for XML POST issues with authgroups (full fix in a future
release, but this interim release has been made to avoid an ABI break)
- fix potential memory corruption which could be triggered by a malicious server
you want a RADIUS server...
Note that radiusd-cistron will also hit the Attic unless someone still
uses it, since its homepage also states that it's now unmaintained and
one should use freeradius instead :)
while traversing inpt_queue. Fix botch in previous commit by
initializing next and prev once each, rather than prev twice and next
not at all. Eliminate 'skip:' and use 'continue' instead, since code
after 'skip:' was pointless. Nuke now unused variable 'head'.
* please refer to http://activemq.apache.org/activemq-590-release.html for an overview of new features/
bugfixes, including the new hawtio console.
if you updated permissions in jetty-realm.properties, apply the same in users.properties for the
new hawtio console (<hostname>:8161/hawtio/) !
Tor 0.2.4.20 fixes potentially poor random number generation for users
who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their
torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors,
and 4) have no state file in their DataDirectory (as would happen on
first start). Users who generated relay or hidden service identity
keys in such a situation should discard them and generate new ones.
(no CVE assigned yet)
share/config.kcfg/ to share/config.kcfg.kde3/. Tested on i386, including
run-time tests (not for all apps, though).
After this commit, there are only two conflicting files in kdelibs 3.x and
4.x packages left - to be solved soon.
spurring from espie@
CVE-2013-7106, CVE-2013-7107 https://dev.icinga.org/issues/5250
The icinga web gui is susceptible to several buffer overflow flaws,
which can be triggered as a logged on user. A remote attacker may
utilize a CSRF (cross site request forgery) attack vector against a
logged in user to exploit this flaw remotely.
CVE-2013-7108 https://dev.icinga.org/issues/5251
The icinga web gui are susceptible to an "off-by-one read" error
resulting from an improper assumption in the handling of user submitted
CGI parameters. [..] by sending a specially crafted cgi parameter,
the check routine can be forced to skip the terminating null pointer
and read the heap address right after the end of the parameter list.
Depending on the memory layout, this may result in a memory corruption
condition/crash or reading of sensitive memory locations.
Changelog:
* Fix for quote marks in private messages (thanks @jnm)
* -dontautoreply is a comma-separated list of names you don't want to
auto-reply to. Useful for users you don't want to interact with by mistake
Special thanks to Bhagya Bantwal of Sourcefire for a patch to fix
crashes on sparc64 on first alert.
Tested on sparc64 by Markus; tested on amd64, i386, and macppc by me.
It is currently used in Amarok 2 and Clementine to retrieve a
directory of podcasts and to synchronize podcast subscriptions with
gpodder.net.
This is a dependency for upcoming Clementine 1.2 update.
Input from and okay nigel@
In this release, four "fat" packages were split:
* kdeadmin
* kdenetwork
* kdesdk
* kdetoys
To make updates reliable, we provide corresponding meta-packages now.
Many new patches in x11/kde4 correspond to the linking problems detected.
Those are planned to integrate upstream but probably we'll have to keep
some of them until KDE 5.
For information about major KDE 4.11 features, look at the official site:
http://www.kde.org/announcements/4.11/
Kopete Jingle support is disabled for now, until googletalk-call gets
cured from permanent coredumping.
This update involved a lot of help and patience for my mistakes from
many people, including ajacoutot@, espie@, naddy@... but most of the
times this was landry@ who definitely deserves personal "thank you"!
with a couple of commercial dyndns providers which are also covered by
other software such as net/ddclient, net/inadyn, net/no-ip.
At the request of Mitja (maintainer), nobody complained on ports@ (and
it can always be fished out of the attic if needed).
* Avoid a node DoS on bad plugin (CVE-2013-6359)
* Avoid an OOM in HTML generation on bad multigraph data (CVE-2013-6048)
OK sthen@ with the reminder to fix substitue-confvar-inline target
"allow local as", extended filters, bugfixes and more.
Note these incompatible changes:
- IBGP is multihop by default.
- Changes primary address selection on BSD to the first one.
- Integers in filters are handled as unsigned.
- ISO 8601 time formats used by default.
- Import of device routes from kernel protocol allowed.
- Last state change now tracks just protocol state change.
- Minor changes to default router ID calculation.
Fix pre-allocation in CDownloadQueue::CopyFileList
(upstream git commit f8f0eca00153b508831fce03c385fb2fb1c8ae66)
Don't log a critical line on startup if statistics.dat is missing
(upstream git commit 2de1d5fa97de56625459362cc6ccfd94dbf1c044)
Less writing of known files list during hashing (every 3000MB instead
of 300): files have become larger and hashing faster.
(upstream git commit f9b504a11ba7fabde6c7a63184edeeeb15ec7f66)
into some sort of interchangeable subpackages. The idea is that each version
of KDE being installed picks up it's own version of locale-specific package
by default, and KDE4's one doesn't update to KDE3's one automatically, but
can replace it on explicit pkg_add call.
Most of the Makefiles are bumps needed after splitting x11/kde4/libs.
This is a part of KDE3/4 deconflicting work.
hardly tested by landry@ in a bulk build
Jingle support in kopete-4.11.3. The kdenetwork-4.10.5 could also use it
for the same thing, but my tests showed that Jingle doesn't work there, so
no point in enabling it.
oRTP - a Real-time Transport Protocol (RFC3550) stack under LGPL.
It implements the RFC3550 (RTP) with a easy to use API with high and
low level access and features:
* Support for multiples profiles, AV profile (RFC3551) being
the one by default.
* A packet scheduler for sending and recieving "on time", according
to their timestamp. Scheduling is optionnal, RTP sessions can remain
not scheduled.
* Mutiplexing I/O, so that hundreds of RTP sessions can be scheduled
by a single thread.
* Adaptive jitter algorithm for a receiver to adapt to the clockrate
of the sender.
* Supports part of RFC2833 for telephone events over RTP.
* The API is well documented using doxygen.
* RTCP messages sent periodically since 0.7.0 (compound packet
including sender report or receiver report + SDES).
* An API to parse incoming RTCP packets.
okay landry@
have become pretty useless nowadays (and the pkg tools do not display
them anyway).
Some which contained valuable information have been turned into READMEs.
ok jasper@ sthen@
input/ok naddy@
Note that this now uses cairo for graphics generation and pango/fontconfig
for text rendering; if you are using this in a chroot jail (for cgi/php
scripts, etc) you will need to take additional steps to install the relevant
files. A script is provided to copy the relevant libraries and support files;
see /usr/local/share/doc/pkg-readmes/rrdtool-1.4.8 for more details.
* share/apps => share/apps.kde3
* share/doc/HTML => share/doc/HTML.kde3
This is a part of KDE3/4 deconflicting work.
Build tested in a bulk by landry@, also sat over a week on ports@.
Run-time tested with some KDE3 apps, including KMail, taxipilot, yakuake...
"do it" landry@
source file. They cannot include it, because the kernel route
structure has a name conflict with the openvpn route structure.
The obvious solution is to rename the openvpn route. According to
the sources, NetBSD and FreeBSD and Dragonfly also suffer from that.
This change is needed for an upcoming routing message change. We
do not want to patch the port each time when we change the system
header file.
Test and OK sthen@
Clamz is a little command-line program to download MP3 files from
Amazon.com's music store. It is intended to serve as a substitute for
Amazon's official MP3 Downloader, which is not free software (and
therefore is only available in binary form for a limited set of
platforms.) Clamz can be used to download either individual songs or
complete albums that you have purchased from Amazon.
OSPF-API, and discard malformed LSAs which don't cause a problem for
quagga itself but when passed to other implementations can trigger
http://www.kb.cert.org/vuls/id/229804 (i.e. to limit the distribution
of such bad LSAs).
the .UR/.UE block. They contain a few man(7) syntax errors, but groff
doesn't help in that respect, so drop USE_GROFF. No other change, no bump.
OK naddy@ benoit@ (etherape MAINTAINER)
automatically is bad. To change that, a few ports must be adapted.
Do an explicit #include <netinet6/in6_var.h> when it is needed.
OK ajacoutot@
Commit the remaining ports that were blocked by an cvs commit error
in devel/jdk/1.7/patches.
- update MASTER_SITES
- regen patch
- setup chroot by default
- add rc script
- add README describing how to use it
help and feedback from sthen@ and ajacoutot@, thanks!
ok sthen
changes, and now uses the system zlib.
https://rsync.samba.org/ftp/rsync/src/rsync-3.1.0-NEWS
Clean up some cruft:
* Dropped the -T from --with-rsh. No tty allocation is the default
for ssh, and if somebody sets RequestTTY in .ssh/config, they should
get what they want.
* Removed pointless SECURITY file.
* Replaced the outdated DESCR text with the description from the man page.
ok espie@