GCC 4.6.4 to GCC 4.7.3. This entails updating the lang/gcc port as
well as changing the default in Mk/bsd.default-versions.mk.
Part II, Bump PORTREVISIONs.
PR: 182136
Supported by: Christoph Moench-Tegeder <cmt@burggraben.net> (fixing many ports)
Tested by: bdrewery (two -exp runs)
deskutils/kdepim4:
- Add depedency on coreutils, kleopatra needs md5sum and sha1sum programs [1]
misc/kdehier4:
- add tests directory (r343428 commit to Templates/BSD.local.dist)
security/kwallet:
- moved to security/kwalletmanager (renamed upstream)
x11/kdelibs:
- remove workaround, which is not needed after global fix in
Mk/bsd.kde4.mk (r315373)
PR: ports/187259 [1]
Submitted by: Tobias Berner <tcberner@gmail.com>
Among changes:
- Switch KDE4_PREFIX to ${LOCALBASE}
- Remove now needless misc/kde4-shared-mime-info port
- Add stage support
- Remove ancient CONFLICTS (KDE 4.9 and less) and LATEST_LINK
- Squeeze MASTER_SITES/MASTER_SITE_SUBDIR
- Convert LIB_DEPENDS to new style
- Use options helpers
- Drop support for FreeBSD 7.x
- Remove Qt/KDE 3 related workarounds
- Remove local patches and use upstream version scheme for libraries
- sysutils/kdeadmin4, net/kdenetwork4, devel/kdesdk4,
and x11-clocks/kdetoys4 ports have been split.
- devel/kcachegrind is now a part of KDE SC [1]
- more logs in area51 repo...
New ports:
devel/kde-dev-scripts: KDE development scripts
devel/kde-dev-utils: KDE development utilities
games/klickety: Tetris themed solitaire
games/picmi: Single player logic-based puzzle game
textproc/libkomparediff2: Library to compare files and strings
The area51 repository features commits by Schaich Alonso, avilla, rakuco
and myself.
PR: ports/186491
Exp-run: by bdrewery
Approved by: beat (former maintainer) [1]
OPTIONS_DEFINE. This policy has been implemented only recently that's why we
have many ports violating this policy.
This patch adds the default options specified in the Porter's Handbook to
OPTIONS_DEFINE where they are being used. Ports maintained by
gnome@FreeBSD.org, kde@FreeBSD.org and x11@FreeBSD.org have been excluded.
Approved by: portmgr (bapt)
translations have been added (ca, da, el, en_GB, sl, pt_BR)
- Add stage support
- Update maintainer address
PR: based on ports/179681
Submitted by: RyoTa SimaMoto (maintainer)
- Require a new compiler to build Calligra.
- Make GTL really an option in Calligra.
- STAGEify.
- Use OPTIONS helpers.
- Set NO_ARCH for translation ports.
- Add translation port for Intelingua.
Calligra 2.7 release notes:
http://www.calligra.org/news/calligra-2-7-released
- Switched to automake 1.11.6, see CVE-2012-3386.
- #14669: Fixed extraction of CC from gmp.h.
- Fixed case of intermediate zero real or imaginary part in mpc_fma,
found by hydra with GMP_CHECK_RANDOMIZE=1346362345.
This is on top of the following changes from version 1.0
- Licence change towards LGPLv3+ for the code and GFDLv1.3+ (with no
invariant sections) for the documentation.
- 100% of all lines are covered by tests
- Renamed functions
. mpc_mul_2exp to mpc_mul_2ui
. mpc_div_2exp to mpc_div_2ui
- 0^0, which returned (NaN,NaN) previously, now returns (1,+0).
- Removed compatibility with K&R compilers, which was untestable due
to lack of such compilers.
- New functions
. mpc_log10
. mpc_mul_2si, mpc_div_2si
- Speed-ups
. mpc_fma
- Bug fixes
. mpc_div and mpc_norm now return a value indicating the effective
rounding direction, as the other functions.
. mpc_mul, mpc_sqr and mpc_norm now return correct results even if
there are over- or underflows during the computation.
. mpc_asin, mpc_proj, mpc_sqr: Wrong result when input variable has
infinite part and equals output variable is corrected.
. mpc_fr_sub: Wrong return value for imaginary part is corrected.
Convert to the new LIB_DEPENDS standard and remove hard-coded
.so versions from a couple of dependent ports.
Bump PORTREVISIONS of all dependent ports.
PR: 183141
Approved by: portmgr (bdrewery)
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry
4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013
Summary
=======
Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:
* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
can lead to a bug being edited without the user consent.
* A CSRF vulnerability in attachment.cgi can lead to an attachment
being edited without the user consent.
* Several unfiltered parameters when editing flagtypes can lead to XSS.
* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
field values in tabular reports can lead to XSS.
All affected installations are encouraged to upgrade as soon as
possible.
[1] even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend
Security: vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
CVE-2013-1733
CVE-2013-1734
CVE-2013-1742
CVE-2013-1743
Unfortunately, this also affects some ports using QT3 as a GUI toolkit.
Changes to infrastructure files:
- bsd.kde.mk : obsolete, remove
- bsd.qt.mk : note that a CONFLICTS_BUILD line can probably go after a while
- CHANGES : document the removals from bsd.port.mk
- KNOBS : remove KDE and QT (KDE4 and QT4 should be used instead)
- MOVED : add the removed ports
PR: ports/180745
Submitted by: rene
Approved by: portmgr (bapt)
Exp-run by: bapt
