aboutsummaryrefslogtreecommitdiff
path: root/www
Commit message (Collapse)AuthorAgeFilesLines
* MFH: r369267Johannes Jost Meixner2014-09-262-7/+10
| | | | | | | | | | | | | Backport Adobe's Flash upgrade to fix twelve vulnerabilities. While here, set maintainer to emulation@ in line with r369160. Approved by: swills (mentor) Approved by: portmgr (erwin) Security: ca44b64c-4453-11e4-9ea1-c485083ca99c Notes: svn path=/branches/2014Q3/; revision=369304
* MFH: r369245Rene Ladan2014-09-252-5/+5
| | | | | | | | | | Update www/chromium to 37.0.2062.124 to fix the NSS vulnerability. Security: http://vuxml.freebsd.org/freebsd/bd2ef267-4485-11e4-b0b7-00262d5ed8ee.html Approved by: portmgr (erwin) Notes: svn path=/branches/2014Q3/; revision=369246
* MFH: r367846Rene Ladan2014-09-102-5/+5
| | | | | | | | | | | | www/chromium: update to 37.0.2062.120 Obtained from: FreeBSD Chromium Project Security: http://vuxml.freebsd.org/freebsd/36a415c8-3867-11e4-b522-00262d5ed8ee.html Approved by: ports-secteam (zi) Notes: svn path=/branches/2014Q3/; revision=367854
* MFH: r366226Rene Ladan2014-09-10226-760/+1098
| | | | | | | | | | | | Update www/chromium to 37.0.2062.94 Obtained from: freebsd-chromium@ (especially Carlos Medina) Security: http://www.vuxml.org/freebsd/fd5f305d-2d3d-11e4-aa3d-00262d5ed8ee.html Approved by: portmgr (erwin, on 2014-08-27) Notes: svn path=/branches/2014Q3/; revision=367852
* MFH: r367227Olli Hauer2014-09-036-527/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - update to 2.2.29 - use PTHREAD_LIBS/CFLAGS instead -pthread Changes with Apache 2.2.29 http://www.apache.org/dist/httpd/CHANGES_2.2.29 *) Corrected docs/manual pages for new MergeTrailers directive and other out of date documentation. [William Rowe] Changes with Apache 2.2.28 *) SECURITY: CVE-2014-0118 (cve.mitre.org) [1] mod_deflate: The DEFLATE input filter (inflates request bodies) now limits the length and compression ratio of inflated request bodies to avoid denial of service via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst. [Yann Ylavic, Eric Covener] *) SECURITY: CVE-2014-0231 (cve.mitre.org) [1] mod_cgid: Fix a denial of service against CGI scripts that do not consume stdin that could lead to lingering HTTPD child processes filling up the scoreboard and eventually hanging the server. By default, the client I/O timeout (Timeout directive) now applies to communication with scripts. The CGIDScriptTimeout directive can be used to set a different timeout for communication with scripts. [Rainer Jung, Eric Covener, Yann Ylavic] *) SECURITY: CVE-2014-0226 (cve.mitre.org) [1] Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. [Joe Orton, Eric Covener, Jeff Trawick] *) SECURITY: CVE-2013-5704 (cve.mitre.org) [2] core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior. [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener] *) core: Detect incomplete request and response bodies, log an error and forward it to the underlying filters. PR 55475. [Yann Ylavic] *) mod_deflate: Handle Zlib header and validation bytes received in multiple chunks. PR 46146. [Yann Ylavic] *) mod_proxy: Don't reuse a SSL backend connection whose requested SNI differs. PR 55782. [Yann Ylavic] *) mod_deflate: Fix inflation of files larger than 4GB. PR 56062. [Lukas Bezdicka <social v3.sk>] *) mod_dav: Fix improper encoding in PROPFIND responses. PR 56480. [Ben Reser] *) mod_ssl: Extend the scope of SSLSessionCacheTimeout to sessions resumed by TLS session resumption (RFC 5077). [Rainer Jung] *) mod_proxy_ajp: Forward local IP address as a custom request attribute like we already do for the remote port. [Rainer Jung] *) mod_deflate: Don't fail when flushing inflated data to the user-agent and that coincides with the end of stream ("Zlib error flushing inflate buffer"). PR 56196. [Christoph Fausak <christoph fausak glueckkanja.com>] *) mod_cache, mod_disk_cache: With CacheLock enabled, responses with a Vary header might not get the benefit of the thundering herd protection due to an incorrect internal cache key. PR 50317. [Ruediger Pluem, Jan Kaluza, Yann Ylavic] *) mod_rewrite: Support session cookies with the CO= flag when later parameters are used. The doc for this implied the feature had been backported for quite some time. PR56014 [Eric Covener] *) mod_cache: Don't remove stale cache entries that cannot be conditionally revalidated. This prevents the thundering herd protection from serving stale responses during a revalidation. PR 50317. [Eric Covener, Jan Kaluza, Ruediger Pluem] *) core: Increase TCP_DEFER_ACCEPT socket option to from 1 to 30 seconds. PR 41270. [Dean Gaudet <dean arctic org>] [1] CVE issues already fixed since FreeBSD-ports r362845 [2] new CVE-2013-5704 issue fixed in 2.2.29 Approved by: portmgr (erwin@) Security: f927e06c-1109-11e4-b090-20cf30e32f6d Security: CVE-2013-5704 Notes: svn path=/branches/2014Q3/; revision=367234
* MFH: r365572Antoine Brodin2014-08-218-27/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update all Django ports to new security releases On August 20, the Django team issued new security releases addressing multiple vulnerabilities [1]. Update all of our Django ports accordingly: - www/py-django: Update to 1.6.6 - www/py-django14: Update to 1.4.14 - www/py-django15: Update to 1.5.9 - www/py-django-devel: Update to 1.7 release candidate 3 While I'm here: - Switch to USES=python and USE_PYTHON=<features> - Deprecate OPTIONSFILE - Add CPE information - Add LICENSE_FILE - Tweak HTMLDOCS option description And for www/py-django-devel: - Switch to GITHUB for distribution files [1] https://www.djangoproject.com/weblog/2014/aug/20/security/ Approved by: lwhsu (maintainer) Security: 3c5579f7-294a-11e4-99f6-00e0814cab4e Notes: svn path=/branches/2014Q3/; revision=365594
* MFH: r365378Dmitry Marakasov2014-08-202-0/+4
| | | | | | | | | - Fix plist for WITH_DBI case Approved by: portmgr Notes: svn path=/branches/2014Q3/; revision=365463
* Attempt to fix build by reverting bits not planned to be MFC'dBryan Drewery2014-08-201-1/+5
| | | | Notes: svn path=/branches/2014Q3/; revision=365431
* MFH: r365341Rene Ladan2014-08-187-8/+96
| | | | | | | | | | | | | | | | | | | | www/chromium: Enable build on FreeBSD < 10 and enable file chooser dialog [1]. - Spell out full path to /sbin/sysctl [2] - Build with OpenSSL from base to avoid a link conflict on FreeBSD < 10 - Fix build with libusb on FreeBSD < 10 [3] - Fix build with GCC 4.7 (for 8.4 / 9.1) - Bump PORTREVISION PR: 192742 [1] Submitted by: cmt@burggraben.net [1] Submitted by: J. R. Oldroyd [2] Submitted by: db@ [3] Approved by: portmgr (erwin) Notes: svn path=/branches/2014Q3/; revision=365350
* MFH: r365002Rene Ladan2014-08-151-1/+1
| | | | | | | | | Fix installation on i386 where mksnapshot is called mksnapshot.ia32 initially. Approved by: portmgr (erwin) Notes: svn path=/branches/2014Q3/; revision=365023
* MFH: r364870Rene Ladan2014-08-15220-980/+1536
| | | | | | | | | | | | | | | | | | | | | - Update to 36.0.1985.143 and unforbid - Use a lot of ports dependencies instead of bundled versions (idea from Gentoo Linux) - Make patches more compatible with OpenBSD - Add note about Python (only relevant for DIY builds) - Install more icons into PREFIX/share/icons/hicolor/XxY/apps/ - Mute mkdir in installation - Install mksnapshot binary - Do not install bundled protoc binary Obtained from: Gentoo, OpenBSD, various contributors in freebsd-chromium@ Security: http://www.vuxml.org/freebsd/df7754c0-2294-11e4-b505-000c6e25e3e9.html Approved by: portmgr (erwin) Notes: svn path=/branches/2014Q3/; revision=365022
* MFH: r364481Olli Hauer2014-08-113-23/+23
| | | | | | | | | | | | | | | | | - adjust default modules, changed during the last revisions + SESSION_DBD + SLOTMEM_SHM (e.g neeed for mod_ajp) - CERN_META - Use OPTION desc. from modules/config.m4 to match upstream - bump PORTREVISION with hat apache@ Approved by: portmgr (mat@) Notes: svn path=/branches/2014Q3/; revision=364660
* - merge apache backportsOlli Hauer2014-07-248-43/+584
| | | | | | | | | - do not merge new apache default version (Mk/bsd.apache.mk) Approved by: portmgr (erwin@) Notes: svn path=/branches/2014Q3/; revision=362850
* MFH: r361314Olli Hauer2014-07-209-88/+84
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - strip - remove obsolete apache-*-2.2.* conflict - add modules.d to EXAMPLESDIR - always install DOC (remove Makefile hack) - bump PORREVISION - sort pkg-plist MFH: r361316 - revert conflict (apache22 has MPM sub ports) MFH: r362041 Use modern LIB_DEPENDS on non default options Submitted by: ohauer MFH: r362371 - security update to release 2.4.10 - add OPTION for new mod_authnz_fcgi module - s/libluajit.so/libluajit-5.1.so/ (there is no libluajit.so) - backport for mod_lua: Don't quote values in cookies Make IE happy again [#56734] http://svn.apache.org/viewvc?view=revision&revision=1611744 - disable sanity check on demand [1] Release Notes: http://www.apache.org/dist/httpd/CHANGES_2.4.10 Approved by: portmgr (erwin@) PR: 191398 [1] Submitted by: Robert Schulze <rs@bytecamp.net> Security: 4364e1f1-0f44-11e4-b090-20cf30e32f6d CVE-2014-0117 CVE-2014-3523 CVE-2014-0226 CVE-2014-0118 CVE-2014-0231 Notes: svn path=/branches/2014Q3/; revision=362382
* MFH: r362322Rene Ladan2014-07-206-62/+61
| | | | | | | | | | | | | | Update to 2.26.1 PR: 191184 Submitted by: Jan Beich Approved by: gecko (flo) Security: http://www.vuxml.org/freebsd/888a0262-f0d9-11e3-ba0c-b4b52fce4ce8.html Approved by: portmgr (erwin) Notes: svn path=/branches/2014Q3/; revision=362331
* MFH: r362124Rene Ladan2014-07-171-1/+2
| | | | | | | | | | | | | | Add CPE information. The vendor is "The Chromium Project" as shown on [1], Google is the vendor of the Google Chrome browser which is derived from the open source Chromium browser. [1] http://www.chromium.org/Home Approved by: portmgr (erwin) Notes: svn path=/branches/2014Q3/; revision=362127
* MFH: r360311Steve Wills2014-07-0210-26/+24
| | | | | | | | | | - Update rails and friend to 3.2.19 Security: CVE-2014-3482 Security: CVE-2014-3483 Notes: svn path=/branches/2014Q3/; revision=360322
* MFH: r360281Antoine Brodin2014-07-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | Mark BROKEN, fails to stage cd src; /usr/bin/make install cd modules; /usr/bin/make ../mkinstalldirs /usr/local/oops /usr/local/oops/DB /usr/local/oops/storages /usr/local/etc/oops/tables /usr/local/libexec/oops mkdir /usr/local/oops mkdir /usr/local/oops/DB mkdir /usr/local/oops/storages mkdir /usr/local/etc/oops mkdir /usr/local/etc/oops/tables mkdir /usr/local/libexec/oops if [ "Xoops" != "X" ]; then /usr/sbin/chown oops /usr/local/oops/DB; fi chown: oops: illegal user name *** [mkinstalldirs] Error code 1 Reported by: pkg-fallout Approved by: portmgr (self) Notes: svn path=/branches/2014Q3/; revision=360283
* - StagifyBernhard Froehlich2014-07-012-41/+27
| | | | | | | | | | - Use @sample - Replace NOPORTDOCS - Use new syntax for optional run dependency - Bump PORTREVISION Notes: svn path=/head/; revision=359974
* Update to version 2.0.6.Dmitry Sivachenko2014-07-012-3/+3
| | | | Notes: svn path=/head/; revision=359973
* Update to version 2.0.6.Dmitry Sivachenko2014-07-012-3/+3
| | | | Notes: svn path=/head/; revision=359972
* multiple: avoid RUN_DEPENDS=${BUILD_DEPENDS} anti-patternEitan Adler2014-07-011-1/+2
| | | | | | | | | | The ports infrastructure may insert additional content into the BUILD_DEPENDS variable which is not supposed to be a run depend. Approved by: portmgr (bapt) Notes: svn path=/head/; revision=359963
* www/py-aiohttp: Update to 0.8.2Kubilay Kocak2014-07-012-3/+3
| | | | | | | | | | | | | | - Update to 0.8.2 Changes: 22-06-2014 * Make ProxyConnector.proxy immutable property. * Make UnixConnector.path immutable property. * Fix resource leak for aiohttp.request() with implicit connector. * Rename Connector's reuse_timeout to keepalive_timeout. Notes: svn path=/head/; revision=359956
* Remove entry for a removed portBaptiste Daroussin2014-06-301-1/+0
| | | | Notes: svn path=/head/; revision=359916
* Removed unmaintained upstream xemacs ports and dependenciesBaptiste Daroussin2014-06-302-414/+0
| | | | Notes: svn path=/head/; revision=359910
* - Add LICENSESunpoet Po-Chuan Hsieh2014-06-302-1/+3
| | | | | | | - Use single space after WWW: Notes: svn path=/head/; revision=359899
* - Support stagingVeniamin Gvozdikov2014-06-301-8/+7
| | | | Notes: svn path=/head/; revision=359897
* - Take maintainershipSunpoet Po-Chuan Hsieh2014-06-3013-13/+13
| | | | Notes: svn path=/head/; revision=359884
* Update to 4.3.4 release.Alex Dupre2014-06-302-3/+3
| | | | Notes: svn path=/head/; revision=359856
* Remove expired ports:Rene Ladan2014-06-3010-123/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 2014-06-30 www/trac-TracDuplicates: Broken for more than 5 months 2014-06-30 mail/hotwayd: Protocol changed, software unusable 2014-06-30 mail/ilohamail-devel: Upstream disappeared 2014-06-30 games/tyrquake: Broken for more than 5 months 2014-06-30 net/gkrellmqst: GKrellM 1.X is no longer being developed, consider using 2.X. 2014-06-30 security/p5-Jifty-Plugin-OpenID: Broken for more than 5 months 2014-06-30 games/sumwars: Broken for more than 5 months 2014-06-30 audio/ruby-esound: Broken for more than 5 months 2014-06-30 x11-toolkits/py-pyqwt: Broken for more than 5 months 2014-06-30 net-im/ysm: Broken for more than 5 months 2014-06-30 net-mgmt/send: Broken for more than 5 months 2014-06-30 net/p5-Jifty-Plugin-Authentication-Ldap: Broken for more than 5 months 2014-06-30 net-p2p/bittyrant: Broken for more than 5 months 2014-06-30 sysutils/gkrellm: GKrellM 1.X is no longer being developed, consider using 2.X. 2014-06-30 audio/gkrellmms: GKrellM 1.X is no longer being developed, consider using 2.X. 2014-06-30 audio/gkrellmvolume: GKrellM 1.X is no longer being developed, consider using 2.X. 2014-06-30 misc/gkrellmlaunch: GKrellM 1.X is no longer being developed, consider using 2.X. 2014-06-30 misc/gkrellmfmonitor: GKrellM 1.X is no longer being developed, consider using 2.X. 2014-06-30 misc/gkrellshoot: GKrellM 1.X is no longer being developed, consider using 2.X. 2014-06-30 polish/sms2: sms2 is no longer being developed, consider using alternative software. 2014-06-30 x11-toolkits/py-wmdockapps: Crufty and nothing depends on this 2014-06-30 audio/tagger: Ancient, unmaintained 2014-06-30 www/mod_wsgi2: No longer supported, please use www/mod_wsgi3 instead 2014-06-30 security/botan: Botan 1.8 have known bugs and is no longer supported upstream, migrate to security/botan110 Notes: svn path=/head/; revision=359811
* multiple: reset gslin's maintainerEitan Adler2014-06-3018-18/+18
| | | | | | | | | | | By request of Gea-Suan Lin <gslin@gslin.org> - reset ports to ports@FreeBSD. Gea-Suan Lin's work is much appreciated. Approved by: portmgr (implicit) (not really, skipping NO_STAGE check) Notes: svn path=/head/; revision=359802
* - Refactor to supporting stagingSahil Tandon2014-06-292-14/+14
| | | | | | | | PR: 190114 Submitted by: Joseph Benden <joe@thrallingpenguin.com> Notes: svn path=/head/; revision=359788
* Set explicit expiration date.Dmitry Morozovsky2014-06-291-0/+1
| | | | | | | Reminded by: bapt Notes: svn path=/head/; revision=359764
* Put this port to deprecated state, and reset maintainership:Dmitry Morozovsky2014-06-291-2/+2
| | | | | | | | | - development stalled long ago - it does not build with contemporary clang - domain name hosting distfiles has been expired Notes: svn path=/head/; revision=359759
* - Update to 4.0.4TAKATSU Tomonari2014-06-293-13/+19
| | | | | | | - Make use of PLIST_SUB and pkg-plist instead of TMPPLIST Notes: svn path=/head/; revision=359747
* - Remove textproc/ruby-hikidocTAKATSU Tomonari2014-06-291-1/+2
| | | | | | | | * Use textproc/rubygem-hikidoc instead - Bump PORTREVISION in www/tdiary, accordingly Notes: svn path=/head/; revision=359740
* - Add a workaround to fix conflicts with tests/__init__.pyMartin Wilke2014-06-281-0/+3
| | | | | | | Reported by: antoine Notes: svn path=/head/; revision=359716
* - Add a workaround to fix conflicts with tests/__init__.pyMartin Wilke2014-06-281-0/+3
| | | | | | | Reported by: antoine Notes: svn path=/head/; revision=359715
* - Add a workaround to fix conflicts with tests/__init__.pyMartin Wilke2014-06-281-0/+3
| | | | | | | Reported by: antoine Notes: svn path=/head/; revision=359714
* New port: www/py-flask-adminBartek Rutkowski2014-06-284-0/+30
| | | | | | | | | | | | | Flask-Admin is a batteries-included, simple-to-use Flask extension that lets you add admin interfaces to Flask applications. It is inspired by the django-admin package, but implemented in such a way that the developer has total control of the look, feel and functionality of the resulting application. Approved by: marino (mentor) Notes: svn path=/head/; revision=359709
* - update to 1.07Yen-Ming Lee2014-06-282-4/+4
| | | | | | | Changelog: http://cpansearch.perl.org/src/ALEXMV/LWP-UserAgent-Determined-1.07/ChangeLog Notes: svn path=/head/; revision=359705
* Remove non default dependency on expiring www/mod_wsgi2Antoine Brodin2014-06-281-4/+1
| | | | Notes: svn path=/head/; revision=359678
* Update to 20140505a.Xin LI2014-06-282-1/+64
| | | | Notes: svn path=/head/; revision=359677
* Mark BROKEN: Depends on conflicting py-sqlalchemy and py-sqlalchemy06Antoine Brodin2014-06-281-0/+2
| | | | Notes: svn path=/head/; revision=359674
* Mark BROKEN: Fails to compileAntoine Brodin2014-06-281-0/+2
| | | | | | | | | | | | | | | | | | | gcc: cc -I/usr/local/pike/7.8.866/include/pike -I/usr/local/pike/7.8.866/include/pike -I/wrkdirs/usr/ports/www/caudium14/work/Caudium-1.4.18/src/cmods -O2 -pipe -fno-strict-aliasing -I/wrkdirs/usr/ports/www/caudium14/work/Caudium-1.4.18/src/cmods/_Caudium/ -I. -c nb_send.c -o nb_send.o nb_send.c: In function 'push_callback': nb_send.c:95: error: request for member 'identifier_level' in something not a structure or union clang: cc -I/usr/local/pike/7.8.866/include/pike -I/usr/local/pike/7.8.866/include/pike -I/wrkdirs/usr/ports/www/caudium14/work/Caudium-1.4.18/src/cmods -O2 -pipe -fno-strict-aliasing -I/wrkdirs/usr/ports/www/caudium14/work/Caudium-1.4.18/src/cmods/_Caudium/ -I. -fPIC -c nb_send.c -o nb_send.o nb_send.c:95:43: error: member reference type 'struct inherit *' is a pointer; maybe you meant to use '->'? Pike_sp->subtype = no + Pike_fp->context.identifier_level; ~~~~~~~~~~~~~~~~^ -> Reported by: pkg-fallout Notes: svn path=/head/; revision=359673
* Update to 1.4.533 CVS snapshot on 2014/06/22.MANTANI Nobutaka2014-06-286-25/+37
| | | | | | | Support staging. Notes: svn path=/head/; revision=359666
* - Remove indefinite article from COMMENTTAKATSU Tomonari2014-06-283-25/+17
| | | | | | | | | | | | | | | - Add LICENSE - Convert USE_GMAKE to USES - Support STAGEDIR * Make PORTDOCS and PORTEXAMPLES unconditional to stage - Use PLIST_FILES instead of pkg-plist - Add OPTIONS_DEFINE - Unmute INSTALL_DATA, INSTALL_MAN and INSTALL_SCRIPT - Remove Author: from pkg-descr - Replace tab with a single space after WWW: in pkg-descr Notes: svn path=/head/; revision=359658
* - Stage supportMartin Wilke2014-06-282-15/+12
| | | | | | | | | - bzip -> USES PR: 190371 Notes: svn path=/head/; revision=359657
* - Stage supoortMartin Wilke2014-06-282-12/+7
| | | | | | | PR: 189925 Notes: svn path=/head/; revision=359656
* - Stage supportMartin Wilke2014-06-282-16/+22
| | | | | | | PR: 189936 Notes: svn path=/head/; revision=359655
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-24 18:04:52 +0000