1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-29 01:13:08 +00:00
Mirror of the FreeBSD ports git repo https://git.FreeBSD.org/ports.git .
Go to file
Olli Hauer de51be0645 - update to latest release [1]
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry

4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
  can lead to a bug being edited without the user consent.

* A CSRF vulnerability in attachment.cgi can lead to an attachment
  being edited without the user consent.

* Several unfiltered parameters when editing flagtypes can lead to XSS.

* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
  field values in tabular reports can lead to XSS.

All affected installations are encouraged to upgrade as soon as
possible.

[1]  even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend

Security:	vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
		CVE-2013-1733
		CVE-2013-1734
		CVE-2013-1742
		CVE-2013-1743
2013-10-17 19:35:22 +00:00
accessibility Update Qt to 4.8.5 and Qt Creator to 2.8.0. 2013-10-13 23:15:50 +00:00
arabic Support stage. 2013-09-25 15:50:40 +00:00
archivers Fix pkg-plist, when DOCS is set 2013-10-16 17:50:14 +00:00
astro - Support staging 2013-10-17 01:19:58 +00:00
audio - Update from 0.5.4 to 0.5.5 2013-10-17 18:21:55 +00:00
benchmarks - Changed tabs to spaces in pkg-descr 2013-10-02 16:16:21 +00:00
biology - Switch to build with lang/ruby19 2013-10-10 18:08:34 +00:00
cad Update to 2.2.5 2013-10-14 19:53:58 +00:00
chinese - Convert to staging 2013-10-15 21:27:37 +00:00
comms - Backport patch to fix build of py-libimobiledevice. 2013-10-14 01:43:16 +00:00
converters - Support staging 2013-10-17 01:16:42 +00:00
databases Add p5-Bucardo 4.5.0, asynchronous PostgreSQL replication system. 2013-10-17 13:44:04 +00:00
deskutils Do generate documentation if asked. 2013-10-16 14:00:56 +00:00
devel - update to latest release [1] 2013-10-17 19:35:22 +00:00
dns dns/inadyn-mt: fix wrong install path 2013-10-16 12:16:14 +00:00
editors - Convert to USES+=tk 2013-10-17 09:36:36 +00:00
emulators - Update to 4.0.0 2013-10-16 07:16:57 +00:00
finance - Update to 2.13.0 2013-10-17 14:52:37 +00:00
french Update to version 4.5.15. 2013-10-09 13:56:49 +00:00
ftp - Add SSP support 2013-10-15 17:36:34 +00:00
games Fix build on 10.0 2013-10-17 06:19:32 +00:00
german - update to latest release [1] 2013-10-17 19:35:22 +00:00
graphics Mark as deprecated. 2013-10-17 10:44:26 +00:00
hebrew Add NO_STAGE all over the place in preparation for the staging support (cat: hebrew) 2013-09-20 18:41:52 +00:00
hungarian Add NO_STAGE all over the place in preparation for the staging support (cat: hungarian) 2013-09-20 18:43:02 +00:00
irc - Convert to staging 2013-10-16 03:11:32 +00:00
japanese - update to latest release [1] 2013-10-17 19:35:22 +00:00
java Allow adding extra patches from slave ports. 2013-10-16 20:40:27 +00:00
Keywords
korean Update Qt to 4.8.5 and Qt Creator to 2.8.0. 2013-10-13 23:15:50 +00:00
lang Fix unnecessicary and sometimes wrong RUN_DEPENDS on lang/gcc. 2013-10-17 18:57:57 +00:00
mail update to 5.7.0 2013-10-17 09:28:55 +00:00
math - Update from 1.7.0 to 1.7.1 [1] 2013-10-16 23:10:15 +00:00
misc Properly support staging after r330463. 2013-10-17 19:22:58 +00:00
Mk Fix staging to rubygems 2013-10-17 16:45:07 +00:00
multimedia Add missing man pages to the plist 2013-10-17 15:51:25 +00:00
net - fix INDEX building s/)/}/ 2013-10-17 16:47:58 +00:00
net-im - Convert unmaintained ports to USES=qmake 2013-10-13 13:03:03 +00:00
net-mgmt Actually do stage support 2013-10-16 13:03:53 +00:00
net-p2p - update to 0.11 2013-10-16 21:03:48 +00:00
news - Update to 2.18 [1] 2013-10-17 15:54:33 +00:00
palm Add NO_STAGE all over the place in preparation for the staging support (cat: palm) 2013-09-20 22:33:41 +00:00
polish - Update to 20131013 2013-10-14 11:03:22 +00:00
ports-mgmt - Update to checkin ab7af29666 2013-10-17 15:30:58 +00:00
portuguese - Update to 20131006 2013-10-11 17:51:36 +00:00
print Tarball has been rerolled with the same version number. 2013-10-16 21:11:27 +00:00
russian - update to latest release [1] 2013-10-17 19:35:22 +00:00
science - Add dependency on pkgconfig when building with cairo support [1] 2013-10-17 18:49:09 +00:00
security - update to latest release [1] 2013-10-17 19:35:22 +00:00
shells Add 10.0 RCS dependency. 2013-10-10 17:53:33 +00:00
sysutils sysutils/gdisk: update to 0.8.8 2013-10-17 14:52:10 +00:00
Templates - login(3), logout(3), and logwtmp(3) were removed in base r202216 2013-09-03 11:39:21 +00:00
textproc - Fixed build with clang 2013-10-17 17:13:37 +00:00
Tools This one goes to 11. 2013-10-13 11:16:48 +00:00
ukrainian Fix NO_STAGE attribution 2013-09-22 18:05:04 +00:00
vietnamese Add NO_STAGE all over the place in preparation for the staging support (cat: vietnamese) 2013-09-20 23:20:31 +00:00
www Fix plist 2013-10-17 16:15:14 +00:00
x11 - Fix plist 2013-10-16 19:25:26 +00:00
x11-clocks - Convert to staging 2013-10-13 06:36:18 +00:00
x11-drivers - Support STAGEDIR 2013-10-14 07:29:35 +00:00
x11-fm - Update to 13.07.25.13 2013-10-15 07:43:07 +00:00
x11-fonts - Convert to USES+=tk 2013-10-14 14:19:49 +00:00
x11-servers Fix patches. Remove two unneeded ones, and add new patches to fix sparc64. 2013-09-29 23:46:47 +00:00
x11-themes - Support staging 2013-10-16 23:18:08 +00:00
x11-toolkits - Support staging 2013-10-17 01:24:56 +00:00
x11-wm - Get rid of MAN1 macro 2013-10-17 12:58:06 +00:00
CHANGES New USES=compiler 2013-10-08 18:55:37 +00:00
COPYRIGHT
GIDs - unbound was imported into base in r255597 with group 'unbound'. Chase 2013-10-03 11:02:37 +00:00
KNOBS ZOPE option knob should be going to bsd.options.desc.mk, not KNOBS. Fixing. 2013-09-23 14:01:51 +00:00
LEGAL No public distfiles available anymore, pkgname conflict with sysutils/tracker 2013-10-02 15:18:26 +00:00
Makefile - Disable portsnap make_index usage as it does not produce 2013-10-09 00:34:16 +00:00
MOVED - update to latest release [1] 2013-10-17 19:35:22 +00:00
README
UIDs - unbound was imported into base in r255597 with group 'unbound'. Chase 2013-10-03 11:02:37 +00:00
UPDATING New USES=compiler 2013-10-08 18:55:37 +00:00

This is the FreeBSD Ports Collection.  For an easy to use
WEB-based interface to it, please see:

	http://www.FreeBSD.org/ports

For general information on the Ports Collection, please see the
FreeBSD Handbook ports section which is available from:

	http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/ports.html
		for the latest official version
	or:
	The ports(7) manual page (man ports).

These will explain how to use ports and packages.

If you would like to search for a port, you can do so easily by
saying (in /usr/ports):


	make search name="<name>"
	or:
	make search key="<keyword>"

which will generate a list of all ports matching <name> or <keyword>.
make search also supports wildcards, such as:

	make search name="gtk*"

For information about contributing to FreeBSD ports, please see the Porter's
Handbook, available at:

	http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/porters-handbook/

NOTE:  This tree will GROW significantly in size during normal usage!
The distribution tar files can and do accumulate in /usr/ports/distfiles,
and the individual ports will also use up lots of space in their work
subdirectories unless you remember to "make clean" after you're done
building a given port.  /usr/ports/distfiles can also be periodically
cleaned without ill-effect.