Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
Release 2.1.0 Sat March 24 2012
- Bug Fixes:
#1742315: Harmful XML_ParserCreateNS suggestion.
#2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
#1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
#1983953, 2517952, 2517962, 2649838:
Build modifications using autoreconf instead of buildconf.sh.
#2815947, #2884086: OBJEXT and EXEEXT support while building.
#1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
#2517938: xmlwf should return non-zero exit status if not well-formed.
#2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
#2855609: Dangling positionPtr after error.
#2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
#2958794: CVE-2012-1148 - Memory leak in poolGrow.
#2990652: CMake support.
#3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
#3206497: Unitialized memory returned from XML_Parse.
#3287849: make check fails on mingw-w64.
#3496608: CVE-2012-0876 - Hash DOS attack.
- Patches:
#1749198: pkg-config support.
#3010222: Fix for bug #3010819.
#3312568: CMake support.
#3446384: Report byte offsets for attr names and values.
- New Features / API changes:
Added new API member XML_SetHashSalt() that allows setting an intial
value (salt) for hash calculations. This is part of the fix for
bug #3496608 to randomize hash parameters.
When compiled with XML_ATTR_INFO defined, adds new API member
XML_GetAttributeInfo() that allows retrieving the byte
offsets for attribute names and values (patch #3446384).
Added CMake build system.
See bug #2990652 and patch #3312568.
Added run-benchmark target to Makefile.in - relies on testdata module
present in the same relative location as in the repository.
|
|
|
|
CVE-2012-1148.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
|
|
|
|
first kde4 version of this package in pkgsrc. Otherwise, the kde3
package can match, which causes difficulties.
|
|
|
|
|
|
- Added CIDR support to eggdrop. This includes accepting and matching b/e/I
masks and user hosts in cidr notation.
- Added a msg-rate config variable, to replace the current #define msgrate
in server.mod.
- Replaced most dns.mod preprocessor definitions with config variables.
- Added a configure option to set the handlen while keeping compatibility with
the older method of editing eggdrop.h directly.
- Explicitly offer both --enable-tcl-threads and --disable-tcl-threads
configure options that can forcefully enable or disable threaded Tcl
library support.
- Fixed a remote DoS in the CTCP parsing code introduced by the servmsg.c
buffer overflow patch by Nico Golde.
Reference: CVE-2009-1789
- Work around Tcl8.5.10 bug 3371644 (strings starting with # could crash
in Tcl_ConvertElement()).
- tcl_maskhost could crash the bot.
- Fixed a potential crash in read_lang() with lines > 512 characters in
language files. Added support for lines of unlimited size.
- Fixed dns.mod SIGBUS crashes on 64-bit Sparc.
- Fixed a crash when restarting, related to bind log.
|
|
|
|
On SunOS, gcc 4.6 and later enable c99 and XPG6 features for c++, but
the configure check for iconv uses plain c and gets a pre-XPG6 prototype
for iconv(). This inconsistency then leads to failure when building
preconv.
|
|
distinfo and patches.
|
|
* Fix build on FreeBSD 9.0
** Patches are borrowed from FreeBSD ports
** Split FreeBSD support from DragonFly/FreeBSD support
|
|
|
|
=== Changes since 1.17.2 ===
* (bug 22555) Remove or skip strip markers from tag hooks like <nowiki> in
core parser functions which operate on strings, such as padleft.
* (bug 34212) ApiBlock/ApiUnblock allow action to take place without a token
parameter present.
* (bug 34907) Fixed exposure of tokens through load.php that could have facilitated
CSRF attacks.
* (bug 35317) CSRF in Special:Upload.
|
|
|
|
|
|
|
|
|
|
added the ImageMagick dependency that was removed in 1.62 back in, presumably
by accident. Remove it again, as xlockmore-lite should not depend on
ImageMagick.
|
|
bacula-wx-client.
everyone, when regenerating patches, please make sure you aren't
expanding substitutions.
|
|
|
|
This package does a lot of storing of ints in pointers and thus
generates a lot of cast warnings; I believe the others are harmless.
|
|
on NetBSD current or probably -6 because of bpf issues, but now stands
a chance of being able to run on LP64 platforms and/or at all when that's
fixed.
|
|
DragonFly for kde-workspace4 is built using FreeBSD-specific files. In
the future, DragonFly probably needs its OS-specific directory. These
patches will fix all but one problem on DragonFly. They use macros so
no revbump is required.
The remaining is with cmake using the wrong include path for the QT4
tools mkspecs file qplatformdefs.h. How to best resolve that is still
being determined.
|
|
|
|
|
|
|
|
for CVE-2011-3045.
Bump PKGREVISION.
|
|
Fix "make package" on FreeBSD 9.0.
|
|
Sync with PLIST.
|
|
|
|
option it will give up root credentials too early
addresses PR pkg/46271 by John D. Baker
|
|
brasero-3.4.0, cheese-3.4.0, coreutils-8.16, eog-3.4.0,
eog-plugins-3.4.0, gawk-4.0.1, genius-1.0.15, glade-3.12.0,
gnome-3.4, gnome-games-3.4.0, gnome-keyring-3.4.0, gnupg2-2.0.19,
gthumb-2.14.3, gtk3-3.4.0, iodbc-3.52.8, libfolks-0.6.8,
libgnome-keyring-3.4.0, libgnomekbd-3.4.0.2, librep-0.92.2,
libwps-0.2.4, liferea-1.8.4, mousetweaks-3.4.0, mpg123-1.13.7,
openmpi-1.5.5, pango-1.30.0, phpmyadmin-3.4.10.2, py-gobject-3.2.0,
py-psycopg-2.4.5, rep-gtk-0.90.8, seahorse-3.4.0, snort-2.9.2.2,
sympa-6.1.9, tinc-1.0.18, totem-3.4.0, totem-pl-parser-3.4.0,
vala-0.16.0, vinagre-3.4.0, vino-3.4.0, webkit-gtk-1.8.0,
worker-2.19.2.
|
|
+ libdrm-2.4.33, xf86-video-ati-6.14.4, xkbevd-1.1.3 [unpackaged].
|
|
|
|
Changes are too may to write here but includes security fix CVE-2012-1571.
Add LICENSE, too.
|
|
|
|
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629.
[CVE-2012-0259] JPEG EXIF tag crash.
[CVE-2012-0260] Excessive memory use with JPEG restart markers.
[CVE-2012-1798] Copying of invalid memory when reading TIFF EXIF IFD.
Bump PKGREVISION.
|
|
|
|
Thank you, Mark Davies.
|
|
Though I couldn't actually persuade this package to build the kde gui.
|
|
|