from 4.2.0 to 4.2.2 inclusive. This is slightly unusual in the the
fix is applied to a completely different port
mail/p5-Email-Address-List which www/rt42 depends on..
Security: d1dfc4c7-8791-11e3-a371-6805ca0b3d42
told us exactly what was wrong. I redid the entry and
just took out the ul/li structure and replaced it with
regular paragraphs. It might be worth investigating
to use the FreeBSD SA that got released because of this
as the main text, which is best suited imo.
Hat: secteam
This is a security fix and it is important to update, since it might lead to
a privilege escalation if the X server is run as root (which is the default)
Security: CVE-2013-6462
People, please be aware that we use the FreeBSD Documentation Primer
and that there are style rules we have to follow. If you are in
doubt please consult me and I am more then willing to help.
Hat: secteam
Update to nss 3.15.3.1
Update firefox-esr and thunderbird to 24.2.0
Update firefox to 26.0
Update seamonkey to 2.23
- catch up with directory renames since USES=webplugins was introduced;
fixes plugins not being automatically enabled after install
- linux-firefox and linux-seamonkey can play HTML5 audio [2][3] and
measure about:memory usage, again
- dom.ipc.plugins.enabled->true no longer crash linux-firefox which makes
some flash sites work again; as there's no nspluginwrapper in-between
the infamous "youtube issue" never occurs
- install DEBUG with symbols [3] and describe the option better [4]
- enable dumping about:memory upon kill -65, kill -66 and GC/CC log
upon kill -67 to a file under /tmp directory; linux-firefox uses
kill -34, kill -35 and kill -36 respectively
PR: ports/183861 [1]
PR: ports/184006 [2]
PR: ports/169896 [3]
PR: ports/184285 [3]
PR: ports/184286 [4]
Security: dd116b19-64b3-11e3-868f-0025905a4771
In collaboration with: Jan Beich <jbeich@tormail.org>
service (server) using forcefully crashed aircrafts.
While here, reduce the diffs between other OpenTTD's VuXML entries; and
limit build logs verbosity to bulk package builders (or batch builds).
PR: ports/184434, ports/184435
Submitted by: Ilya A. Arkhipov
Security: CVE-2013-6411
This is a maintenance release that fixes a serious bug in the built-in HTTP
server. It was discovered that the handle_request() routine did not properly
perform input sanitization which led into a number of security
vulnerabilities.
An unauthenticated, remote attacker could exploit this flaw to execute
arbitrary commands on the remote host.
All users still using older versions are advised to upgrade to this version,
which resolves this issue.
Approved by: crees (maintainer, per PM)
Security: 620cf713-5a99-11e3-878d-20cf30e32f6d
- add vuxml entry
- let bindings ports load options file [2]
[1]
Version 1.8.5
(25 November 2013, from /branches/1.8.x)
http://svn.apache.org/repos/asf/subversion/tags/1.8.5
User-visible changes:
- Client-side bugfixes:
* fix externals that point at redirected locations (issues #4428, #4429)
* diff: fix assertion with move inside a copy (issue #4444)
- Server-side bugfixes:
* mod_dav_svn: Prevent crashes with some 3rd party modules (r1537360 et al)
* mod_dav_svn: canonicalize paths properly (r1542071)
* mod_authz_svn: fix crash of mod_authz_svn with invalid config (r1541432)
* hotcopy: fix hotcopy losing revprop files in packed repos (issue #4448)
- Other tool improvements and bugfixes:
* mod_dontdothat: Fix the uri parser (r1542069 et al)
Developer-visible changes:
- General:
* fix compilation with '--enable-optimize' with clang (r1534860)
* fix copmpilation with debug build of BDB on Windows (r1501656, r1501702)
* fix '--with-openssl' option when building on Windows (r1535139)
* add test to fail when built against broken ZLib (r1537193 et al)
- Bindings:
* swig-rb: fix tests to run without installing on OS X (r1535161)
* ctypes-python: build with compiler selected via configure (r1536537)
Version 1.7.14
(25 Nov 2013, from /branches/1.7.x)
http://svn.apache.org/repos/asf/subversion/tags/1.7.14
User-visible changes:
- Client- and server-side bugfixes:
* fix assertion on urls of the form 'file://./' (r1516806)
- Client-side bugfixes:
* upgrade: fix an assertion when used with pre-1.3 wcs (r1530849)
* ra_local: fix error with repository in Windows drive root (r1518184)
* fix crash on windows when piped command is interrupted (r1522892)
* fix externals that point at redirected locations (issues #4428, #4429)
* diff: fix incorrect calculation of changes in some cases (issue #4283)
* diff: fix errors with added/deleted targets (issues #4153, #4421)
- Server-side bugfixes:
* mod_dav_svn: Prevent crashes with some 3rd party modules (r1537360 et al)
* fix OOM on concurrent requests at threaded server start (r1527103 et al)
* fsfs: limit commit time of files with deep change histories (r1536790)
* mod_dav_svn: canonicalize paths properly (r1542071)
- Other tool improvements and bugfixes:
* mod_dontdothat: Fix the uri parser (r1542069 et al)
Developer-visible changes:
- Bindings:
* javahl: canonicalize path for streamFileContent method (r1524869)
[2]
- Set OPTIONS_NAME to let bindings ports load the new options file.
Leave OPTIONSFILE for now to load the old file on systems where
it hasn't been moved to the new location yet.
- Remove an old hack.
PR: ports/180612 [2]
Submitted by: Tijl Coosemans <tijl@FreeBSD.org>
Security: e3244a7b-5603-11e3-878d-20cf30e32f6d
CVE-2013-4505
CVE-2013-4558
- Document security issues with 1.8.26 and 1.8.27 (CVE-2013-4287 and CVE-2013-4363)
Security: 742eb9e4-e3cb-4f5a-b94e-0e9a39420600
Security: 54237182-9635-4a8b-92d7-33bfaeed84cd
