APIs (libraries) for application developers to make softwares
IDNA2008-compliant, and also provides tools for system administrators
to process IDNs appropriately according to IDNA2008 specification.
The idnkit-2 is a toolkit revised by JPRS from the idnkit-1.0
developed by JPNIC, and it is released as an open source
free software modified to comply with IDNA2008.
idnkit-2 consists from its main part written in C and additional
API packages for other languages (Java, Python, and Perl).
WWW: http://jprs.co.jp/idn/index-e.html
PR: ports/162521
Submitted by: Rafal Lesniak <fbsd@grid.einherjar.de>
Feature safe: yes
following DDOS bug:
Recursive name servers are failing with an assertion:
INSIST(! dns_rdataset_isassociated(sigrdataset))
At this time it is not thought that authoritative-only servers
are affected, but information about this bug is evolving rapidly.
Because it may be possible to trigger this bug even on networks
that do not allow untrusted users to access the recursive name
servers (perhaps via specially crafted e-mail messages, and/or
malicious web sites) it is recommended that ALL operators of
recursive name servers upgrade immediately.
For more information see:
https://www.isc.org/software/bind/advisories/cve-2011-tbd
which will be updated as more information becomes available.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313
Feature safe: yes
APIs (libraries) for application developers to make softwares
IDNA2008-compliant, and also provides tools for system administrators
to process IDNs appropriately according to IDNA2008 specification.
The idnkit-2 is a toolkit revised by JPRS from the idnkit-1.0
developed by JPNIC, and it is released as an open source
free software modified to comply with IDNA2008.
idnkit-2 consists from its main part written in C and additional
API packages for other languages (Java, Python, and Perl).
WWW: http://jprs.co.jp/idn/index-e.html
PR: ports/162520
Submitted by: Rafal Lesniak <fbsd@grid.einherjar.de>
Feature safe: yes
Public Suffix Service is a Ruby domain name parser based on the Public Suffix
List.
The Public Suffix Service is a cross-vendor initiative to provide an accurate
list of domain name suffixes.
The Public Suffix Service is an initiative of the Mozilla Project, but is
maintained as a community resource. It is available for use in any software, but
was originally created to meet the needs of browser manufacturers.
A "public suffix" is one under which Internet users can directly register names.
Some examples of public suffixes are ".com", ".co.uk" and "pvt.k12.wy.us". The
Public Suffix List is a list of all known public suffixes.
WWW: http://www.simonecarletti.com/code/public_suffix_service/
WWW: https://github.com/weppos/public_suffix_service
WWW: https://rubygems.org/gems/public_suffix_service
Fixes:
======
Suppress IO::Socket::INET(6)::peerhost usage with TCP. On some systems
it doesn't work after receiving data.
Prevent TCP accepts from blocking on unfinished 3-way handshakes.
Named nameserver should be reachable by IPv6 too.
Typo that prevented TCP traffic from being replied from the same
socket as it was received on.
Suppress warnings of the deprecated use of qw as parentheses in
perl 5.14.
Gracefully handle corrupted incoming packets in Net::DNS::Nameserver.
Make Net::DNS::Resolver load even if /etc/resolv.conf is unreadable.
Assembly of segmented TCP traffic.
Fix documentation to reflect code behaviour where on successful packet
creation, the error should be ignored.
A Net::DNS::Nameserver without a NotifyHandler now responds NOTIMP
to NOTIFY requests.
Documentation now reflects Net::DNS::Packet construction behaviour.
Replace TSIG key with the signature of the whole packet when signing
a packet, even when the TSIG key is not the first in the additional
section.
Various typo fixes.
Enhancements:
=============
Allow ReplyHandlers to indicate that no answer should be returned
by the Net::DNS::Nameserver.
Use a class method ReplyHandler for classes inheriting from
Net::DNS::Nameserver.
New improved version of the check_soa script in the contrib section.
Removed dependency on Net::IP
Perform presentation to wire format conversion more efficiently.
Manage serial numbers in SOA records in a modular and extensible way.
Three modules are provided. Strictly sequential, Date Encoded and
Time Encoded. A contribution from Dick Franks.
Provide a configurable IdleTimeout for Net::DNS::Namserver.
audio/shoutcast Unfetchable; website rearranged
audio/linux-shoutcast Unfetchable; website rearranged
chinese/scim-chewing Does not configure
converters/py-cjkcodecs Integrated into every python version in the tree
databases/kpogre Does not compile
deskutils/mhc Does not fetch
deskutils/org-mode.el6 Does not fetch
deskutils/gemcal Does not fetch
devel/erlang-thrift Does not build
dns/domtools Does not fetch
editors/richtext Does not compile
games/vultures-claw Does not fetch
games/bomb Does not fetch
games/lgeneral-data Bad plist
games/linux-enemyterritory-jaymod Does not fetch
games/xphotohunter Does not fetch
graphics/gimpshop Fails to patch
graphics/lightspark-devel Does not compile
graphics/xmms-plazma Does not fetch
graphics/py-cgkit Does not fetch, does not compile on ia64, powerpc, or sparc64
japanese/rxvt Does not fetch, fails to build with new utmpx
japanese/epic4 Some distfiles do not fetch
java/jde Does not fetch
java/kaffe Does not fetch
korean/gdick HTMLs from the Yahoo! Korea Dictionary cannot be parsed, other runtime problems
korean/hanterm-xf86 Does not compile
korean/stardict2-dict-kr Does not fetch
lang/p5-JavaScript Does not fetch
lang/TenDRA Website disappeared; last release 2006, Does not compile on recent FreeBSD-9
mail/freepops Does not build
mail/itraxp Does not build
misc/tellico Leaves file behind on deinstall
net/gsambad Does not fetch
net/nocatauth-gateway Uses a UID registered to another port
net/nocatauth-server Uses a UID registered to another port
net/libosip2 Does not fetch
net/kmuddy Does not fetch
net/netboot Does not build
net-mgmt/jffnms Does not fetch
net-p2p/frostwire Does not fetch
net-p2p/azureus Does not fetch
news/cleanscore Does not fetch
news/nntpswitch Does not fetch
news/p5-NewsLib Does not fetch
russian/cyrproxy Does not fetch
science/gerris Does not fetch
security/opensaml Does not fetch
sysutils/wmbattery Does not fetch
sysutils/cpuburn No more public distfiles
textproc/tei-guidelines-p4 Does not fetch
textproc/tei-p4 Does not fetch
textproc/py-hyperestraier Does not fetch
textproc/tdtd.el Does not fetch
textproc/tei-lite Does not fetch
www/phpwiki13 Does not fetch
www/p5-Apache-Scoreboard Depends on mod_perl
www/p5-B-LexInfo Broken due the new mod_perl2 API
www/phpwiki Does not fetch
www/smb2www Apache13 is deprecated, migrate to 2.2.x+ now
www/spip Checksum is changing daily
www/monkey Does not fetch
x11-toolkits/jdic Does not fetch
x11-toolkits/py-kde Does not compile
had both lines:
Author: ...
WWW: ....
So standardize on that, and move them to the end of the file when necessary.
Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.
s/AUTHOR/Author/
A few other various formatting issues
- Name
em@i.l
or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file.
my ports in the past 3 weeks while ports were broken on any 10.x
machines, which means I'm unable to maintain them. So let people know
that there's no available support for them until things are back to
normal (which also means that anyone with spare time will be able
to fix them without getting approval).
Upgrade to new upstream regression fix release 2.59:
Fix regression in 2.58 which caused failure to start up
with some combinations of dnsmasq config and IPv6 kernel
network config. Thanks to Brielle Bruns for the bug
report.
Improve dnsmasq's behaviour when network interfaces are
still doing duplicate address detection (DAD). Previously,
dnsmasq would wait up to 20 seconds at start-up for the
DAD state to terminate. This is broken for bridge
interfaces on recent Linux kernels, which don't start DAD
until the bridge comes up, and so can take arbitrary
time. The new behaviour lets dnsmasq poll for an arbitrary
time whilst providing service on other interfaces. Thanks
to Stephen Hemminger for pointing out the problem.
Note the 2.59.tar.lzma tarball causes the startup banner to print
2.59rc1 which I deem harmless.
no one has stepped up to deal with:
archivers/pecl-phar Vulnerable since 2011-01-13
comms/libsyncml Depends on devel/libsoup22, which is FORBIDDEN
databases/mysql323-server Vulnerable since 2006-10-29
databases/mysql323-client Vulnerable since 2006-10-29
databases/mysql323-scripts Vulnerable since 2006-10-29
databases/mysql40-server Vulnerable since 2006-10-29
databases/mysql40-client Vulnerable since 2006-10-29
databases/mysql40-scripts Vulnerable since 2006-10-29
databases/p5-DBD-mysql40
Depends on databases/mysql40-server, which is FORBIDDEN
deskutils/buoh Depends on devel/libsoup22, which is FORBIDDEN
deskutils/libopensync-plugin-syncml
Depends on comms/libsyncml, which is DEPRECATED
devel/libsoup22 Vulnerable since 2011-07-28
dns/bind9-sdb-ldap Vulnerable since 2011-06-04
dns/bind9-sdb-postgresql Vulnerable since 2011-06-04
ftp/wgetpro Vulnerable since 2004-12-14
games/quake2forge Vulnerable since 2005-01-21
graphics/linux-tiff Vulnerable since 2004-10-13
japanese/mutt Vulnerable since 2007-07-29
japanese/asterisk14-sounds Depends on net/asterisk14, which is FORBIDDEN
net/asterisk14 Vulnerable since 2011-06-25
net/isc-dhcp31-client Vulnerable since 2011-04-10
net/isc-dhcp31-server Vulnerable since 2011-04-10
net/isc-dhcp31-relay Vulnerable since 2011-04-10
net/asterisk-app-ldap Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-app-notify Depends on net/asterisk14, which is FORBIDDEN
net/asterisk-oh323
Depends on net/asterisk14, which is FORBIDDEN, does not compile on sparc64
net/asterisk14-addons Depends on net/asterisk14, which is FORBIDDEN
net/astfax Depends on net/asterisk14, which is FORBIDDEN
net-mgmt/nagios2 Vulnerable since 2009-06-30
www/gforge Vulnerable since 2005-08-09
www/linux-flashplugin7 Vulnerable since at least 2008-05-30
www/opera-devel Vulnerable since 2010-06-25, does not fetch
www/plone3 Vulnerable and unsupported upstream
www/serendipity-devel Vulnerable since 2008-04-25
www/ziproxy Vulnerable since 2010-06-15
www/asterisk-gui Depends on net/asterisk14, which is FORBIDDEN
x11-toolkits/linux-pango Vulnerable since 2009-05-13
This version of nsd is end of life since 2007 and unsupported.
See the details at http://nlnetlabs.nl/projects/nsd/nsd-v2.html.
The current version also contains a vulnerability. It is much
more sensible to move to a supported version (as available in
the port dns/nsd).
PR: ports/161122
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
DEPRECATED without EXPIRATION_DATE, and the ports that depend
on them.
audio/mt-daapd
Use audio/firefly instead
databases/p5-DBIx-Class-Validation
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
devel/p5-Class-Data-Accessor
Please consider using p5-Class-Accessor-Grouped or p5-Moose
graphics/libflash
gplflash is no longer supported. Please use gnash instead
graphics/flashplayer
Depends on DEPRECATED graphics/libflash
japanese/p5-FormValidator-Simple-Plugin-Number-Phone-JP
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
net/p5-OAuth-Lite
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
net-mgmt/py-snmp
use net-mgmt/py-snmp4 instead
net-mgmt/py-twistedSNMP
Relies on net-mgmt/py-snmp, which is DEPRECATED
net-p2p/gift
unmaintained upstream for several years
net-p2p/giftcurs
unmaintained upstream for several years
net-p2p/giftoxic
unmaintained upstream for several years
net-p2p/giftui
unmaintained upstream for several years
net-p2p/apollon
Depends on net-p2p/gift, which is DEPRECATED
textproc/p5-FormValidator-Simple
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/flashplugin-mozilla
gplflash is no longer supported. Please use graphics/gnash, \
www/p5-HTML-Widget
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/p5-Catalyst-Plugin-AutoRestart
Depends on devel/p5-Class-Data-Accessor, which is DEPRECATED
www/p5-Catalyst-Example-InstantCRUD
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/p5-Catalyst-Plugin-FormValidator-Simple
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
www/p5-Catalyst-Plugin-HTML-Widget
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/asterisk-fop
Depends on www/flashplugin-mozilla which is DEPRECATED
www/p5-Handel
Depends on textproc/p5-FormValidator-Simple, which is DEPRECATED
www/p5-DBIx-Class-HTMLWidget
Depends on www/p5-HTML-Widget, which is DEPRECATED
www/p5-HTML-Widget-DBIC
Disappear from CPAN
x11-wm/fvwm24
No longer supported by fvwm.org
radns is an IPv6 DNS server address autoconfiguration client. It
listens for IPv6 Router Advertisements with the Recursive DNS Server
(RDNSS) and the DNS Search List (DNSSL) options and stores the search
list and address(es) in a file in the same syntax as resolv.conf(5).
WWW: http://hack.org/mc/hacks/radns/
PR: ports/159626
Submitted by: Michael Cardell Widerkrantz <mc@hack.org>
