Ark input sanitization errors:
The KDE archiving tool, Ark, performs insufficient validation
which leads to specially crafted archive files, using unknown
MIME types, to be rendered using a KHTML instance, this can
trigger uncontrolled XMLHTTPRequests to remote sites.
IO Slaves input sanitization errors:
KDE protocol handlers perform insufficient input validation, an
attacker can craft malicious URI that would trigger JavaScript
execution. Additionally the 'help://' protocol handler suffer
from directory traversal. It should be noted that the scope of
this issue is limited as the malicious URIs cannot be embedded
in Internet hosted content.
KMail input sanitization errors:
The KDE mail client, KMail, performs insufficient validation which
leads to specially crafted email attachments, using unknown MIME
types, to be rendered using a KHTML instance, this can trigger
uncontrolled XMLHTTPRequests to remote sites.
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)
Approved by: secteam (myself), portmgr
Security: http://www.vuxml.org/freebsd/6f358f5a-c7ea-11de-a9f3-0030843d3802.html
a bugfix, translation and maintenance update. Release note can be found
at http://kde.org/announcements/announce-4.3.1.php
We would like to thank all our contributors and testers. My personal
thanks to miwi and makc for coaching me through my first KDE commit.
- rework KDE4_BUILDENV
All ports:
- remove needless post-extract target
- make patches relative to ${PATCH_WRKSRC}
- clean up
- bump PORTREVISION when required
databases/akonadi:
- replace dependency on boost-python-libs with boost-libs
(finally, boost-pyhton does not conflict with boost \o/)
deskutils/kdepim*:
- replace boost-python-libs with boost-libs
- reduce dependencies
- respect PREFIX
- fix build with qt3 installed
misc/kdeedu4:
- add dependency on astro/xplanet (for KStars)
misc/kdeutils4:
- add dependency on devel/qca (for okteta)
- make dependency on kdebase non-optional
multimedia/kdemultimedia4:
- add optional support for PulseAudio
x11/kdebase4:
- remove needless dependency on kdebase4-runtime
x11/kdebase4-runtime, x11/kdebase4-workspace
- remove extra CMAKE_ARGS to fix build for qt3/kde3 users
x11/kdelibs4
- remove needless dependencies
- remove extra CMAKE_ARGS to fix build for qt3/kde3 users
for FreeBSD. The official KDE 4.3.0 (Codename: "Caizen") release
notes can be found at:
http://kde.org/announcements/4.3/index.php.
We'd like to say thanks to all helpers and submitters.
Tested by: pointyhat-exp-run (pav/miwi)
See original release announcement for details:
http://kde.org/announcements/announce-4.2.3.php
New ports:
devel/kdebindings4:
Meta port of KDE bindings for C#, Java, PHP, Python and Ruby.
Currently only Python bindings are supported.
devel/kdebindings4-python, devel/kdebindings4-python-krosspython,
devel/kdebindings4-python-pykde4:
Python bindings for KDE.
print/kdeutils4-printer-applet:
printer-applet is a system tray utility. It shows current print jobs,
shows printer warnings and errors and shows when printers that have
been plugged in for the first time are being auto-configured by
hal-cups-utils. It replaces kjobviewer in KDE 3.
print/system-config-printer-kde
A port of Gnome system-config-printer to KDE.
multimedia/phonon port has been split into phonon itself, phonon-xine
and phono-gstreamer backends. After updating phonon port you have
to install at least one backend. phonon-xine backend is recommended
for KDE.
for FreeBSD. The official KDE 4.2.0 (Codename: "The Answer") release
notes can be found at:
http://kde.org/announcements/4.2/index.php.
New supported languages include Arabic, Icelandic, Basque,
Hebrew, Romanian, Tajik and several Indian languages (Bengali India,
Gujarati, Kannada, Maithili, Marathi) indicating a rise in popularity in
this part of Asia.
New ports for KDE 4.2.0:
arabic/kde4-l10n Arabic
hebrew/kde4-l10n Hebrew
misc/kde4-l10n-bn_IN Bengali (India)
misc/kde4-l10n-eu Basque
misc/kde4-l10n-gu Gujarati
misc/kde4-l10n-is Icelandic
misc/kde4-l10n-kn Kannada
misc/kde4-l10n-mai Maithili
misc/kde4-l10n-mr Marathi
misc/kde4-l10n-ro Romanian
misc/kde4-l10n-tg Tajik
math/eigen2 Lightweight library for vector and matrix math
graphics/kipi-plugins-kde4 KDE4 kipi graphics plugins
sysutils/policykit-kde PolicyKit manager for KDE
Unfortunately FreeBSD 6.4 support is dropped.
We'd like to say thanks for feedback and help to:
Matt Tosto, Kris Moore, stickibit, David Johnson, Markus Brueffer,
David Naylor, Thomas Schlesinger, Warren Liddell, Thomas Abthorpe,
Diego Depaoli, Mats Andreassen, portmgr for exp-run and repocopies.
- Bump PORTREVISION for all ports depending on libglut since the shlib
version number went from 4 to 3.
- Bump PORTREVISION for all ports depending on libXaw as libXaw.so.8 isn't
installed anymore.
- Couple of ports fixes (mostly missing xorg components added to USE_XORG).
for FreeBSD. The official KDE 4.1.1 release notes can be found at
http://www.kde.org/announcements/changelogs/changelog4_1to4_1_1.php.
KDE Community ships sirst translation and service release of the 4.1
dree desktop, containing numerous bugfixes, Performance Improvements
and Translation Updates.
Pretty much all applications have received the developers' attention,
resulting in a long list of bugfixes and improvements. The most significant
changes are:
* Significant performance, interaction and rendering correctness
improvements in KHTML and Konqueror, KDE's web browser
* User interaction, rendering and stability fixes in Plasma,
the KDE4 desktop shell
* PDF backend fixes in the document viewer Okular
* Fixes in Gwenview, the image viewer's thumbnailing, more
robust retrieval and display of images with broken metadata
* Stability and interaction fixes in KMail
New Ports:
- graphics/kcoloredit
* KColorEdit is a palette files editor. It can be used
for editing color palettes and for color choosing and
naming.
- graphics/kgraphviewer
* KGraphViewer is a GraphViz DOT graph viewer for KDE. The
GraphViz programs are free-software layout engines for graphs.
KGraphViewer displays the graphs in a modern, user-friendly GUI
with all the power of a well integrated KDE application.
- graphics/kiconedit
* KIconEdit is designed to help create icons for KDE using the standard
icon palette.
- graphics/skanlite
* Skanlite is a simple image scanning application that does nothing
more than scan and save images. Skanlite can open a save dialog for
every image scanned or save the images immediately in a specified
directory with auto-generated names and format. The user can also
choose to show the scanned image before saving.
for FreeBSD. The official KDE 4.1.0 release notes can be found at
http://www.kde.org/announcements/4.1/.
Some note:
* Prefix
KDE4 will be install into a custom prefixes namely ${LOCALBASE}/kde4.
KDE4 and KDE3 can co-exist
* Sound
For sound to work, it is necessary to have dbus and hal enabled
in your system. Please see the respective documentation on how
to enable these.
For more Informations see the HEADS UP at ports@ and kde-freebsd@
or our wiki page http://wiki.freebsd.org/KDE4/Install.
Have fun!
The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).
PR: ports/124340
Submitted by: edwin@
Approved by: portmgr (pav)
- Remove USE_XLIB/USE_X_PREFIX/USE_XPM in favor of USE_XORG
- Remove X11BASE support in favor of LOCALBASE or PREFIX
- Use USE_LDCONFIG instead of INSTALLS_SHLIB
- Remove unneeded USE_GCC 3.4+
Thanks to all Helpers:
Dmitry Marakasov, Chess Griffin, beech@, dinoex, rafan, gahr,
ehaupt, nox, itetcu, flz, pav
PR: 116263
Tested on: pointyhat
Approved by: portmgr (pav)
Together, they fix a regression in Kicker's taskbar applet which would
no longer group Konsole windows in 3.5.7.
Reported by: Dwayne MacKinnon <dmk@ncf.ca>
- Correct ejecting of mounted volumes (unmount before eject).
- Mounting of removable media drives (such as CD-ROM drives)
listed in /etc/fstab (removes checking linux's "user" mount option).
- Polling floppy drives over the mount state (FreeBSD HAL doesn't do this).
- Informing the fileview when HAL notifies that mounting is completed.
- Mounting cdrom volume in locale charset. Note: Requires cd9660_iconv!
PR: ports/108949
Submitted by: Maxim Samsonov <xors@sendmail.ru>
- Disable polling of nfs shares in the fstabbackend. Mounting/Unmounting
is broken and the polling can cause DBus aborts that take kded with
them.