Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Jan 13, 2011
  1. Revert erroneous commit to branch pkgsrc-2010Q3.

    jkunz authored
    Sorry for the inconvenience.
  2. Update to version 0.3.4

    jkunz authored
    Changes:
    Bug     #11:
    Fix screenshot rotation for 60SCx
    Request #12:
    add driver for Forerunner 305
  3. Update to version 0.17.0.

    jkunz authored
    Changes:
    * French Cadastre plugin
    * Bing Maps plugin
    * GDAL raster background plugin
    * Printing and exporting to PDF/raster/SVG
    * Extrude interaction for ways
    * Filter system
    * Toolbar editor (create/modify tollbars)
    * Allow to align background image with <SPACE>+pan
    * When opening/importing, always fallback to GDAL if available. Allows to open most GDAL supported geomtery files.
    * Styles : allow to texture areas with an icon
    * Auto-add "source" tag when drawing over a background map; define the value in the WMS and TMS editors
    * New command line options: "--ignore-preferences" && "--reset-preferences"
    * "--importag-tags-as-is" command-line switch to prevent adding underscores to imported tags
    * When creating a way or area, press "C" to close the current way
    * New preference: "Allow node/way creation in select mode". When checked, allows double-click to create a node and double-click on a node to start a way in select mode.
    * Snap to angle functionality when creating way: keeping "o" pressed snap to 45� angles, "h" snap to 30� angles
    * Ability to enter and select multiple OSM servers in preferences
    * Use Nominatim (http://nominatim.openstreetmap.org/) for place name lookup due to gazetteer closure
    * Support for XAPI
    * Allow to rename a layer by double-clicking on its name
    * If a shapefile do not provide its projection, ask the user for it and do not crash
    * "Set view projection to layer's" action added to image layers; set the main projection to the one of the layer
    * Tool to align edges to regularly spaced angles (can orthogonalise buildings)
    * Join areas tool
    * Add a "portable" mode to merkaartor via command-line ("-p") or build setting ("PORTABLE=1")
    * Add a "Find" button to the Feature dock. Press "Reset" to revert to list current features.
Commits on Jan 8, 2011
  1. Pullup ticket #3319.

    tron authored
  2. Pullup ticket #3319 - requested by taca

    tron authored
    lang/php5: security update
    lang/php53: security update
    
    Revisions pulled up:
    - lang/php5/Makefile.common			1.45
    - lang/php5/distinfo				1.83
    - lang/php5/distinfo				1.84
    - lang/php5/patches/patch-ab			1.6
    - lang/php5/patches/patch-ab			delete
    - lang/php53/Makefile.common			1.4
    - lang/php53/distinfo				1.9
    - lang/php53/patches/patch-ar			1.1
    ---
    Module Name:	pkgsrc
    Committed By:	jklos
    Date:		Thu Jan  6 22:13:24 UTC 2011
    
    Modified Files:
    	pkgsrc/lang/php5: distinfo
    Added Files:
    	pkgsrc/lang/php5/patches: patch-ab
    
    Log Message:
    Fix VAX floating point handling in zend_strtod.c.
    ---
    Module Name:	pkgsrc
    Committed By:	taca
    Date:		Fri Jan  7 09:16:28 UTC 2011
    
    Modified Files:
    	pkgsrc/lang/php5: Makefile.common distinfo
    Removed Files:
    	pkgsrc/lang/php5/patches: patch-ab
    
    Log Message:
    Update php5 pacakge to 5.2.17.
    
    * patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.
    
    06 Jan 2010, PHP 5.2.17
    - Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
      Rasmus)
    ---
    Module Name:	pkgsrc
    Committed By:	taca
    Date:		Fri Jan  7 09:20:16 UTC 2011
    
    Modified Files:
    	pkgsrc/lang/php53: Makefile.common distinfo
    Added Files:
    	pkgsrc/lang/php53/patches: patch-ar
    
    Log Message:
    Update php53 pacakge to 5.3.5.
    
    * Add fix for VAX floating point handling (Bug #53682), r307192 from
      PHP's repositry.  (It is in PHP 5.2.17 but not in 5.3.5).
    
    06 Jan 2011, PHP 5.3.5
    - Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus)
  3. Pullup ticket #3317 and #3318.

    tron authored
  4. Pullup ticket #3317 - requested by taca

    tron authored
    www/contao29: security update
    
    Revisions pulled up:
    - www/contao29/Makefile				1.8-1.10
    - www/contao29/Makefile.version			1.3-1.4
    - www/contao29/distinfo				1.4-1.6
    ---
    Module Name:	pkgsrc
    Committed By:	taca
    Date:		Thu Dec  2 13:32:45 UTC 2010
    
    Modified Files:
    	pkgsrc/www/contao29: Makefile Makefile.version distinfo
    
    Log Message:
    Update contao29 package to 2.9.2.
    
    Version 2.9.2 (2010-12-02)
    --------------------------
    - Updated TCPDF to version 5.9.023 (#2686)
    - Updated MooTools Core to version 1.2.5 (#2545)
    - Updated TinyMCE to version 3.3.9.2 (#2702)
    - Updated mediaboxAdvanced to version 1.2.5 (#2701)
    - Added: allow external images in HTML newsletters (#2396)
    - Added: added insert tags for acronyms and abbreviations (#2478)
    - Added: add class "sibling" to pages on the same level in the navigation menu (#2419)
    - Fixed: do not allow insert tags in comments (#2499)
    - Fixed: check for custom layout sections during the theme import
    - Fixed: only send the comments notification once (#2407)
    - Fixed: skipping the first item of a news list did not work correctly (#2488)
    - Fixed: allow column width 0 in page layouts (#2554)
    - Fixed: consider the protocol when loading scripts from the Google CDN (#2450)
    - Fixed: textareas in the back end were cut off in Opera (#2404)
    - Fixed: the task history could not be collapsed (#2424)
    - Fixed: the link insert tags showed the page title instead of the page name (#2371)
    - Fixed: do not show empty fieldset legends in the form generator (#2625)
    - Fixed: preserve curly brackets when replacing simple tokens (#2597)
    - Fixed: the style sheet importer did not support some CSS3 selectors (#2566)
    - Fixed: textual date insert tags were not replaced when loaded from cache (#2644)
    - Fixed: the image insert tag did not output the image dimensions (#2529)
    - Fixed: clear the $_GET array after rendering the event list module (#2445)
    - Fixed: do not aggregate style sheets with a @font-face selector (#2443)
    - Fixed: news insert tags did not handle entities correctly (#2604)
    - Fixed: do not show the FTP and database passwords in the install tool (#2417)
    - Fixed: minor fixes for the TimePeriod widget (#2477)
    - Fixed: update the CSS files after an old version of a record has been restored (#2524)
    - Fixed: custom page templates were not shown in "override all" mode (#2494)
    - Fixed: incorrect event sorting (#2675)
    - Fixed: do not execute hooks in the extension manager (#2448)
    - Fixed: check for existing files when renaming files in the file manager (#2610)
    - Fixed: check redirect pages for circular references (#2704)
    - Fixed: fixed a few minor spelling issues (#2403)
    - Fixed some minor issues
    ---
    odule Name:	pkgsrc
    Committed By:	taca
    Date:		Thu Dec  2 15:41:30 UTC 2010
    
    Modified Files:
    	pkgsrc/www/contao29: Makefile distinfo
    
    Log Message:
    Due to a serious bug of installtool, Contao 2.9.2 has repackaged.
    
    So, introduce DIST_SUBDIR and Bump PKGREVISION.
    ---
    Module Name:	pkgsrc
    Committed By:	taca
    Date:		Thu Jan  6 13:19:08 UTC 2011
    
    Modified Files:
    	pkgsrc/www/contao29: Makefile Makefile.version distinfo
    
    Log Message:
    Update contao29 (and implicitly contao29-example) pacakge to 2.9.3.
    
    Version 2.9.3 (2011-01-06)
    --------------------------
    - Fixed: custom templates were not always shown in "override all" mode (#2725)
    - Fixed: prevent the X_FORWARDED_FOR header against XSS attacks (#2751)
    - Fixed: preserve the selector fields in the personal data module (#2609)
    - Fixed: skip mounted folders in the file manager if they do not exist (#2708)
    - Fixed: the quick navigation modules failed to work when aliases were
      disabled (#2718)
    - Fixed some minor issues
  5. Pullup ticket #3318 - requested by taca

    tron authored
    www/typolight28: security patch
    
    Revisions pulled up:
    - www/typolight28/Makefile			1.12
    - www/typolight28/distinfo			1.10
    - www/typolight28/patches/patch-ae		1.1
    - www/typolight28/patches/patch-af		1.1
    ---
    Mommitted By:	taca
    Date:		Thu Jan  6 14:23:41 UTC 2011
    
    Modified Files:
    	pkgsrc/www/typolight28: Makefile distinfo
    Added Files:
    	pkgsrc/www/typolight28/patches: patch-ae patch-af
    
    Log Message:
    Add the same patch of Comment module as Contao 2.9.3.
    Changes are derived from Conao's repository.
    
    Bump PKGREVISION.
Commits on Jan 5, 2011
  1. Pullup ticket #3316

    sbd authored
  2. Pullup ticket #3316 - requested by tron

    sbd authored
    Security patch for wireshark
    
    Revisions pulled up:
    - pkgsrc/net/wireshark/Makefile			1.58
    - pkgsrc/net/wireshark/distinfo			1.38
    - pkgsrc/net/wireshark/patches/patch-SA42767	1.1
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	tron
       Date:		Tue Jan  4 15:39:34 UTC 2011
    
       Modified Files:
       	pkgsrc/net/wireshark: Makefile distinfo
       Added Files:
       	pkgsrc/net/wireshark/patches: patch-SA42767
    
       Log Message:
       Add patch from the Wireshark SVN repository to fix the security
       vulnerability reported in SA42767 which affects the ENTTEC dissector.
Commits on Jan 3, 2011
  1. Pullup ticket #3315

    sbd authored
  2. Pullup ticket #3315 - requested by taca

    sbd authored
    www/geeklog security fix
    
    Revisions pulled up:
    - pkgsrc/www/geeklog/Makefile		1.29, 1.30
    - pkgsrc/www/geeklog/PLIST		1.14
    - pkgsrc/www/geeklog/distinfo		1.15, 1.16
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Nov  4 15:52:10 UTC 2010
    
       Modified Files:
       	pkgsrc/www/geeklog: Makefile PLIST distinfo
    
       Log Message:
       Update www/geeklog package to 1.7.1.
    
       Geeklog History/Changes:
    
       Oct 31, 2010 (1.7.1)
       ------------
    
       - Fixed description of $index parameter for STORY_renderArticle (bug #0001203)
         [Dirk]
       - The number of successfully imported users was always reported as 0 for the
         "Batch Add" option in the User Manager (bug #0001211) [Ivy, Dirk]
       - Fixed a bug in the MS SQL changeDESCRIBE method to properly prefix the proper
         sql query string [Randy]
    
       - Updated Hebrew language files, provided by LWC
       - New Italian language files for the Links plugin, provided by Rouslan Placella
       - Updated Italian language files for the Static Pages plugin, provided by
         Rouslan Placella
    
       Calendar Plugin
       ---------------
       - Fixed an SQL error when returning search results for the Personal Calendar
         (bug #0001195) [Dirk]
    
       Oct 10, 2010 (1.7.1rc1)
       ------------
    
       - If content from an Autotag produces another Autotag it will be executed (to a
         maximum of 5 times) [Tom]
       - Themes can now have their own display functions for the start and end of
         Blocks. (Feature #0001188) [Tom]
       - Reverted a change in 1.7.0 that would send a Content-Type header when calling
         COM_refresh since this conflicts with some plugins (e.g. the Forum) [Dirk]
       - Fixed wrong view after posting a comment on a poll (bug #0001080, patch
         provided by Wojtek Szkutnik)
       - Fixed language in the dropdown for the permanent cookie in the Configuration
         (bug #0001117, patch provided by Eric Brisco)
       - Added cancel and delete buttons to comment edit and submission forms when
         needed. (Feature #0000981) [Tom]
       - Reverted parts of the changes for bug #0001057: Do _not_ escape curly braces
         when displaying a block's content (bug #0001156). If you run into the problem
         that words in curly braces inside blocks are interpreted as template
         variables, simply add a space after the opening and/or the closing brace
         [Dirk]
       - Autotags can now be inserted directly into template files.
         (Feature #0001181) [Tom]
       - Plugins are able to control moderation and return a string to be displayed.
         (Feature #0000619 patch provided by jmucchiello)
       - Admin lists can now display a 0 in a column instead of being blank
         (bug #0001060 patch provided by jmucchiello)
       - Fixed "Show & Hide Boxes" option in My Account (reported by Pushkar) [Dirk]
       - Display the topic name (instead of the topic id) in the list of draft stories
         (bug #0001171) [Dirk]
       - Fixed COM_formatTimeString to correctly handle intervals bigger than 4 weeks
         (bug #0001158) [Dirk]
       - Call PLG_templateSetVars for the Advanced Search form [Dirk]
       - Make sure we keep the current status of the user's Advanced Editor option
         even when Advanced Editor is disabled for the site (Thanks, Markus) [Dirk]
       - Comment submissions for plugins were missing the type [Dirk]
       - In the Group Editor, hide the 'Apply "Default Group" change' option until the
         state of the "Default Group" checkbox changes (feature request #0001116,
         patch provided by Dushyant Tiwari)
       - Fixed handling of $LANG_DIRECTION in the install script (cf. bug #0000871)
       - Fixed query highlighting in articles - didn't work for queries that contained
         characters filtered by COM_applyFilter [Dirk]
    
       - Updated Japanese language file, provided by the Geeklog.jp group
       - New and updated French (France) language files, provided by Ben
       - Updated Hebrew language file for the Links plugin, provided by LWC
    
       Static Pages Plugin
       -------------------
       - Call up the Advanced Editor when enabled (bug #0001147, patch provided by
         Samuel Leathers)
       - A Static Page can now be marked as a template and used by other Static Pages.
         (Feature #0001085) [Tom]
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Mon Jan  3 01:57:25 UTC 2011
    
       Modified Files:
       	pkgsrc/www/geeklog: Makefile distinfo
    
       Log Message:
       Update geeklog package to 1.7.1.1 (1.7.1sr1), security fix.
    
       Jan 2, 2011 (1.7.1sr1)
       ------------
    
       This release addresses the following security issue:
    
       Aung Khant of the YGN Ethical Hacker Group reported an XSS in the admin's
       configuration panel.
Commits on Dec 31, 2010
  1. Pullup ticket #3314

    sbd authored
  2. Pullup ticket #3314 - requested by morr

    sbd authored
    wordpress critical security update.
    
    Revisions pulled up:
    - www/wordpress/Makefile	1.14
    - www/wordpress/distinfo	1.10
    
    -------------------------------------------------------------------------
    Module Name:	pkgsrc
    Committed By:	morr
    Date:		Thu Dec 30 22:27:45 UTC 2010
    
    Modified Files:
    	pkgsrc/www/wordpress: Makefile distinfo
    
    Log Message:
    Critical security update.
    ChangeLog:
    
    * Fix XSS vulnerabilities in the KSES library: Don't be case sensitive
      to attribute names. Handle padded entities when checking for bad
      protocols. Normalize entities before checking for bad protocols in
      esc_url().
Commits on Dec 30, 2010
  1. Pullup ticket #3313

    sbd authored
  2. Pullup ticket #3313 - requested by tron

    sbd authored
    Security patch for "sysutils/dbus"
    
    Revisions pulled up:
    - sysutils/dbus/Makefile			1.50
    - sysutils/dbus/distinfo			1.36
    - sysutils/dbus/patches/patch-CVE-2010-4352-1	1.1
    - sysutils/dbus/patches/patch-CVE-2010-4352-2	1.1
    - sysutils/dbus/patches/patch-CVE-2010-4352-3	1.1
    - sysutils/dbus/patches/patch-CVE-2010-4352-4	1.1
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	tron
       Date:		Wed Dec 29 10:49:21 UTC 2010
    
       Modified Files:
       	pkgsrc/sysutils/dbus: Makefile distinfo
       Added Files:
       	pkgsrc/sysutils/dbus/patches: patch-CVE-2010-4352-1
       	    patch-CVE-2010-4352-2 patch-CVE-2010-4352-3 patch-CVE-2010-4352-4
    
       Log Message:
       Add fix for vulnerability reported in CVE-2010-4352 (SA42580) taken
       from the "dbus" GIT repository.
Commits on Dec 23, 2010
  1. Pullup tickets 3309, 3310, 3311 and 3312

    sbd authored
  2. Pullup ticket #3311 - requested by taca

    sbd authored
    pkgsrc/www/typo3 security fix
    
    Revisions pulled up:
    - pkgsrc/www/typo3/Makefile	1.27
    - pkgsrc/www/typo3/PLIST	1.16
    - pkgsrc/www/typo3/distinfo	1.20
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Dec 16 15:35:34 UTC 2010
    
       Modified Files:
       	pkgsrc/www/typo3: Makefile PLIST distinfo
    
       Log Message:
       Update typo3 package to 4.4.5.
    
       Quote from http://wiki.typo3.org/wiki/TYPO3_4.4.5, prease refer the
       page for more detail.
    
       Due to several security issues found in the TYPO3 Core, there was a combined
       release of TYPO3 4.2.16, 4.3.9 and 4.4.5.
       Find more details in the security bulletin:
       http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/
  3. Pullup ticket #3310 - requested by taca

    sbd authored
    pkgsrc/www/horde security fix
    
    Revisions pulled up:
    - pkgsrc/www/horde/Makefile		1.70, 1.71
    - pkgsrc/www/horde/PLIST		1.25
    - pkgsrc/www/horde/distinfo		1.28, 1.29
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	adam
       Date:		Wed Nov 10 12:46:53 UTC 2010
    
       Modified Files:
       	pkgsrc/www/horde: Makefile PLIST distinfo
    
       Log Message:
       Changes 3.3.10:
       * Fix searching DataTree elements (groups) if backend charset is different
         from interface charset
       * Fix accessing IMAP ACLs that contain non-alphanumeric characters
       * Avoid fatal errors when using DateTime with not properly configured PHP 5.3+
       * Fix importing recurrence exceptions from vCalendar 1.0.
       * Fix preferences management regression
       * Fix conversion of all-day events and certain yearly recurring events for
         Funambol clients.
       * Fix memcache cache regression.
       * Fix SyncML page sometimes deleting more anchors than selected.
    
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Dec 16 03:38:32 UTC 2010
    
       Modified Files:
       	pkgsrc/www/horde: Makefile distinfo
    
       Log Message:
       Update horde pacakge to 3.3.11.
    
       Fixing http://secunia.com/advisories/42355/.
    
       -------
       v3.3.11
       -------
    
       [mms] SECURITY: Fix XSS when viewing details of a vCard (Bug #9357).
       [jan] Fix exporting recurrence exceptions to vCalendar 1.0.
       [jan] Skip event status synchronization with Outlook, which is broken.
       [jan] Don't send SIF data to recent Funambol clients, unless requested.
       [jan] Log all queries and errors by the history library.
  4. Pullup ticket #3309 - requested by taca

    sbd authored
    Revisions pulled up:
    - pkgsrc/textproc/php-intl/Makefile		1.2
    - pkgsrc/textproc/php-intl/distinfo		1.2
    - pkgsrc/textproc/php-intl/patches/patch-aa	1.2
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Dec 16 03:37:28 UTC 2010
    
       Modified Files:
       	pkgsrc/textproc/php-intl: Makefile distinfo
       	pkgsrc/textproc/php-intl/patches: patch-aa
    
       Log Message:
       Update php-intl package to 1.1.2.
    
       Changelog says only "* Bugfixes" but it is really fix CVE-2010-4409.
  5. Pullup ticket #3312 - requested by taca

    sbd authored
    pkgsrc/lang/{php5,php53} security fixes
    
    Revisions pulled up:
    - pkgsrc/databases/php-mysql/Makefile		1.14
    - pkgsrc/databases/php-mysqli/Makefile		1.3
    - pkgsrc/databases/php-pdo_mysql/Makefile	1.12
    - pkgsrc/lang/php5/Makefile			1.80, 1.81
    - pkgsrc/lang/php5/Makefile.common		1.43, 1.44
    - pkgsrc/lang/php5/distinfo			1.80, 1.81, 1.82
    - pkgsrc/lang/php5/patches/patch-ak		1.8, deleted
    - pkgsrc/lang/php5/patches/patch-bf		1.1, deleted
    - pkgsrc/lang/php5/patches/patch-bg		1.1, deleted
    - pkgsrc/lang/php53/Makefile			1.5, 1.6
    - pkgsrc/lang/php53/Makefile.common		1.3
    - pkgsrc/lang/php53/distinfo			1.7, 1.8
    - pkgsrc/lang/php53/patches/patch-ab		1.3
    - pkgsrc/lang/php53/patches/patch-am		1.1, deleted
    - pkgsrc/lang/php53/patches/patch-an		1.1, deleted
    - pkgsrc/lang/php53/patches/patch-ao		1.1, deleted
    - pkgsrc/lang/php53/patches/patch-ap		1.1, deleted
    - pkgsrc/lang/php53/patches/patch-aq		1.1, deleted
    - pkgsrc/mail/php-imap/Makefile			1.21, 1.22
    - pkgsrc/www/ap-php/Makefile			1.24
    - pkgsrc/www/php-eaccelerator/Makefile		1.13
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Nov 25 03:43:50 UTC 2010
    
       Modified Files:
       	pkgsrc/lang/php53: Makefile distinfo
       Added Files:
       	pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
    
       Log Message:
       - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016
       - CVE-2010-3710 (a part of SA41724)
       	http://svn.php.net/viewvc?view=revision&revision=303779
       - CVE-2010-3870 (a part of SA41724)
       	http://svn.php.net/viewvc?view=revision&revision=304959
       - CVE-2010-4150 (php-imap)
       	http://svn.php.net/viewvc?view=revision&revision=305032
       - CVE-2010-4156 (SA42135)
       	http://svn.php.net/viewvc?view=revision&revision=305214
    
       Bump PKGREVISION.
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Nov 25 03:44:16 UTC 2010
    
       Modified Files:
       	pkgsrc/lang/php5: Makefile distinfo
       Added Files:
       	pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
    
       Log Message:
       - CVE-2010-4150 (php-imap)
       	http://svn.php.net/viewvc?view=revision&revision=305032
       - CVE-2010-3710 (a part of SA41724)
       	http://svn.php.net/viewvc?view=revision&revision=303885
       - CVE-2010-3870 (a part of SA41724)
       	http://svn.php.net/viewvc?view=revision&revision=305055
    
       Bump PKGREVISION.
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Nov 25 03:45:19 UTC 2010
    
       Modified Files:
       	pkgsrc/mail/php-imap: Makefile
    
       Log Message:
       Bump REVISION since CVE-2010-4150 fix was added.
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Mon Dec 13 13:15:46 UTC 2010
    
       Modified Files:
       	pkgsrc/lang/php5: Makefile Makefile.common distinfo
       Removed Files:
       	pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
    
       Log Message:
       Update php5 package to 5.2.15 (PHP 5.2.15):
    
       The PHP development team would like to announce the immediate
       availability of PHP 5.2.15. This release marks the end of support for
       PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.
    
       This release focuses on improving the security and stability of the
       PHP 5.2.x branch with a small number, of predominatly security fixes.
    
       Security Enhancements and Fixes in PHP 5.2.15:
    
       * Fixed extract() to do not overwrite $GLOBALS and $this when using
         EXTR_OVERWRITE.
       * Fixed crash in zip extract method (possible CWE-170).
       * Fixed a possible double free in imap extension.
       * Fixed possible flaw in open_basedir (CVE-2010-3436).
       * Fixed NULL pointer dereference in
         ZipArchive::getArchiveComment. (CVE-2010-3709).
       * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
         large amount of data).
    
       Key enhancements in PHP 5.2.15 include:
    
       * Fixed bug #47643 (array_diff() takes over 3000 times longer than php
         5.2.4).
       * Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
         with SoapClient object).
       * To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
         migration guide available on http://php.net/migration53, details the changes
         between PHP 5.2 and PHP 5.3.
    
       For a full list of changes in PHP 5.2.15 see the ChangeLog at
       http://www.php.net/ChangeLog-5.php#5.2.15.
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Mon Dec 13 13:16:37 UTC 2010
    
       Modified Files:
       	pkgsrc/lang/php53: Makefile Makefile.common distinfo
       	pkgsrc/lang/php53/patches: patch-ab
       Removed Files:
       	pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
    
       Log Message:
       Update lang/php53 package to 5.3.4 (PHP 5.3.4).
    
       The PHP development team is proud to announce the immediate release of PHP
       5.3.4. This is a maintenance release in the 5.3 series, which includes a large
       number of bug fixes.
    
       Security Enhancements and Fixes in PHP 5.3.4:
    
       * Fixed crash in zip extract method (possible CWE-170).
       * Paths with NULL in them (foo\0bar.txt) are now considered as invalid
         (CVE-2006-7243).
       * Fixed a possible double free in imap extension (Identified by Mateusz
         Kocielski). (CVE-2010-4150).
       * Fixed NULL pointer dereference in
         ZipArchive::getArchiveComment. (CVE-2010-3709).
       * Fixed possible flaw in open_basedir (CVE-2010-3436).
       * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
       * Fixed symbolic resolution support when the target is a DFS share.
       * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
         large amount of data) (CVE-2010-3710).
    
       Key Bug Fixes in PHP 5.3.4 include:
    
       * Added stat support for zip stream.
       * Added follow_location (enabled by default) option for the http stream
         support.
       * Added a 3rd parameter to get_html_translation_table. It now takes a charset
         hint, like htmlentities et al.
       * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend
         multibyte at runtime.
       * Multiple improvements to the FPM SAPI.
       * Over 100 other bug fixes.
    
       For users upgrading from PHP 5.2 there is a migration guide available here,
       detailing the changes between those releases and PHP 5.3.
    
       For a full list of changes in PHP 5.3.4, see the ChangeLog. For source
       downloads please visit our downloads page, Windows binaries can be found on
       windows.php.net/download/.
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Mon Dec 13 13:18:20 UTC 2010
    
       Modified Files:
       	pkgsrc/databases/php-mysql: Makefile
       	pkgsrc/databases/php-mysqli: Makefile
       	pkgsrc/databases/php-pdo_mysql: Makefile
       	pkgsrc/mail/php-imap: Makefile
       	pkgsrc/www/ap-php: Makefile
       	pkgsrc/www/php-eaccelerator: Makefile
    
       Log Message:
       Reset PKGREVISION by update of base PHP version.
    
    -------------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Thu Dec 16 14:20:45 UTC 2010
    
       Modified Files:
       	pkgsrc/lang/php5: Makefile.common distinfo
    
       Log Message:
       Update php5 pacakge to 5.2.16:
    
       PHP 5.2.16 Released!
    
       The PHP development team would like to announce the immediate availability of
       PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
       PHP 5.2 are encouraged to upgrade to PHP 5.3.
    
       This release focuses on addressing a regression in open_basedir implementation
       introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
       retrieval when the server is down. All users who have upgraded to 5.2.15 and
       are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
       5.3.4.
    
       To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
       migration guide available on http://php.net/migration53, details the changes
       between PHP 5.2 and PHP 5.3.
    
       For a full list of changes in PHP 5.2.16 see the ChangeLog at
       http://www.php.net/ChangeLog-5.php#5.2.16.
    
       ChangeLog:
    
       Version 5.2.16
    
       16-Dec-2010
    
       * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
         down). (gyp at balabit dot hu)
       * Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
Commits on Dec 19, 2010
  1. Pullup tickets 3307 and 3308

    sbd authored
  2. Pullup ticket #3308 - requested by drochner

    sbd authored
    security updates for freetype2
    
    Revisions pulled up:
     - pkgsrc/graphics/freetype2/Makefile	1.75-1.77
     - pkgsrc/graphics/freetype2/distinfo	1.37-1.39
    
    Files added:
     - pkgsrc/graphics/freetype2/patches/patch-ab	1.14, 1.15
     - pkgsrc/graphics/freetype2/patches/patch-ac	1.6
    
    -------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   drochner
       Date:           Fri Oct 22 16:14:13 UTC 2010
    
       Modified Files:
               pkgsrc/graphics/freetype2: Makefile distinfo
    
       Log Message:
       update to 2.4.3
       changes:
       A rendering regression of S-shaped cubic arcs (introduced in
       version 2.4.0) has been fixed. Besides that, a bunch
       of fixes have been applied to improve handling of broken fonts.
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.74 -r1.75 pkgsrc/graphics/freetype2/Makefile
       cvs rdiff -u -r1.36 -r1.37 pkgsrc/graphics/freetype2/distinfo
    
    -------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   drochner
       Date:           Wed Nov  3 11:56:37 UTC 2010
    
       Modified Files:
               pkgsrc/graphics/freetype2: Makefile distinfo
       Added Files:
               pkgsrc/graphics/freetype2/patches: patch-ab
    
       Log Message:
       add patch from upstream CVS to fix a possible buffer overflow
       when processing TrueType GX fonts (SA41738), bump PKGREVISION
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.75 -r1.76 pkgsrc/graphics/freetype2/Makefile
       cvs rdiff -u -r1.37 -r1.38 pkgsrc/graphics/freetype2/distinfo
       cvs rdiff -u -r0 -r1.14 pkgsrc/graphics/freetype2/patches/patch-ab
    
    -------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   drochner
       Date:           Wed Nov 24 18:44:55 UTC 2010
    
       Modified Files:
               pkgsrc/graphics/freetype2: Makefile distinfo
               pkgsrc/graphics/freetype2/patches: patch-ab
       Added Files:
               pkgsrc/graphics/freetype2/patches: patch-ac
    
       Log Message:
       add patch from upstream CVS to fix handling the "SHZ" bytecode instruction
       which could be exploited to cause a crash and potentially execute
       arbitrary code via a specially crafted font (CVE-2010-3814)
       bump PKGREV
       being here, add CVE reference to an older patch
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.76 -r1.77 pkgsrc/graphics/freetype2/Makefile
       cvs rdiff -u -r1.38 -r1.39 pkgsrc/graphics/freetype2/distinfo
       cvs rdiff -u -r1.14 -r1.15 pkgsrc/graphics/freetype2/patches/patch-ab
       cvs rdiff -u -r0 -r1.6 pkgsrc/graphics/freetype2/patches/patch-ac
  3. Pullup ticket #3307 - requested by shannonjr

    sbd authored
    security/pcsc-lite vulnerability
    
    Revisions pulled up:
     - pkgsrc/security/pcsc-lite/Makefile	1.9
     - pkgsrc/security/pcsc-lite/distinfo	1.9
    
    Files added:
     - pkgsrc/security/pcsc-lite/patches/patch-ac	1.5
    
    -------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   shannonjr
       Date:           Fri Dec 17 17:00:35 UTC 2010
    
       Modified Files:
               pkgsrc/security/pcsc-lite: Makefile distinfo
       Added Files:
               pkgsrc/security/pcsc-lite/patches: patch-ac
    
       Log Message:
       Backported security fix from Version 1.6.6 of pcsc-lite. The fix bounds the
       value of a pointer, prior to a memcpy(), to prevent a buffer overflow.
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/pcsc-lite/Makefile \
           pkgsrc/security/pcsc-lite/distinfo
       cvs rdiff -u -r0 -r1.5 pkgsrc/security/pcsc-lite/patches/patch-ac
Commits on Dec 14, 2010
  1. Pullup ticket #3301.

    tron authored
  2. Pullup ticket #3301 - requested by tnn

    tron authored
    devel/xulrunner: security update
    www/firefox: security update
    
    Revisions pulled up:
    - devel/xulrunner/Makefile			1.43,1.45
    - devel/xulrunner/PLIST				1.25-1.26
    - devel/xulrunner/dist.mk			1.17
    - devel/xulrunner/distinfo			1.39
    - devel/xulrunner/mozilla-common.mk		1.17-1.18
    - devel/xulrunner/patches/patch-pe		delete
    - www/firefox/Makefile				1.78,1.80
    ---
    Module Name:	pkgsrc
    Committed By:	joerg
    Date:		Wed Nov  3 01:22:36 UTC 2010
    
    Modified Files:
    	pkgsrc/devel/xulrunner: mozilla-common.mk
    
    Log Message:
    Requires sqlite3 3.7.1 now. Reported by cegger.
    ---
    Module Name:	pkgsrc
    Committed By:	tnn
    Date:		Sat Nov 13 11:54:44 UTC 2010
    
    Modified Files:
    	pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
    	pkgsrc/mail/thunderbird: Makefile
    	pkgsrc/www/firefox: Makefile
    	pkgsrc/www/seamonkey: Makefile
    
    Log Message:
    Reluctantly switch over to bundled cairo and pixman for mozilla
    packages, like other distros have recently done. Bump package revisions.
    
    Background:
    The cairo-1.10 update caused multiple regressions in firefox, such as
    flickering gif animations and crashes.
    Mozilla doesn't seem interested in fixing it on the stable branches:
      https://bugzilla.mozilla.org/show_bug.cgi?id=610107
    Other references:
      https://bugzilla.redhat.com/show_bug.cgi?id=628331
      http://bugs.gentoo.org/show_bug.cgi?id=337813
      https://bugzilla.mozilla.org/show_bug.cgi?id=597174
    
    This workaround is guaranteed to cause other problems in the long run;
    so we should attempt to switch back when we move to the mozilla-2.0
    branch.
    ---
    odule Name:	pkgsrc
    Committed By:	tnn
    Date:		Sat Dec 11 14:46:29 UTC 2010
    
    Modified Files:
    	pkgsrc/devel/xulrunner: Makefile PLIST dist.mk distinfo
    	pkgsrc/www/firefox: Makefile
    Removed Files:
    	pkgsrc/devel/xulrunner/patches: patch-pe
    
    Log Message:
    Update to firefox-3.6.13.
    
    MFSA 2010-84 XSS hazard in multiple character encodings
    MFSA 2010-83 Location bar SSL spoofing using network error page
    MFSA 2010-82 Incomplete fix for CVE-2010-0179
    MFSA 2010-81 Integer overflow vulnerability in NewIdArray
    MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
    MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
                 meta refresh
    MFSA 2010-78 Add support for OTS font sanitizer
    MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
    MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
    MFSA 2010-75 Buffer overflow while line breaking after document.write with
                 long string
    MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
Commits on Dec 12, 2010
  1. Pullup tickets #3302, #3303 and #3305.

    tron authored
  2. Pullup ticket #3303 - requested by tnn

    tron authored
    www/seamonkey: security update
    
    Revisions pulled up:
    - www/seamonkey/Makefile			1.42-1.43,1.45 via patch
    - www/seamonkey/distinfo			1.57-1.58
    ---
    Module Name:    pkgsrc
    Committed By:   tnn
    Date:           Sat Nov 13 10:54:49 UTC 2010
    
    Modified Files:
            pkgsrc/www/seamonkey: Makefile distinfo
    
    Log Message:
    Update to seamonkey-2.0.10.
    Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
    ---
    Module Name:    pkgsrc
    Committed By:   tnn
    Date:           Sat Nov 13 11:54:44 UTC 2010
    
    Modified Files:
            pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
            pkgsrc/mail/thunderbird: Makefile
            pkgsrc/www/firefox: Makefile
            pkgsrc/www/seamonkey: Makefile
    
    Log Message:
    Reluctantly switch over to bundled cairo and pixman for mozilla packages,
    like other distros have recently done. Bump package revisions.
    
    Background:
    The cairo-1.10 update caused multiple regressions in firefox, such as
    flickering gif animations and crashes.
    Mozilla doesn't seem interested in fixing it on the stable branches:
      https://bugzilla.mozilla.org/show_bug.cgi?id=610107
    Other references:
      https://bugzilla.redhat.com/show_bug.cgi?id=628331
      http://bugs.gentoo.org/show_bug.cgi?id=337813
      https://bugzilla.mozilla.org/show_bug.cgi?id=597174
    ---
    odule Name:	pkgsrc
    Committed By:	tnn
    Date:		Sun Dec 12 00:07:23 UTC 2010
    
    Modified Files:
    	pkgsrc/www/seamonkey: Makefile distinfo
    
    Log Message:
    Update to seamonkey-2.0.11.
    
    MFSA 2010-84 XSS hazard in multiple character encodings
    MFSA 2010-83 Location bar SSL spoofing using network error page
    MFSA 2010-82 Incomplete fix for CVE-2010-0179
    MFSA 2010-81 Integer overflow vulnerability in NewIdArray
    MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
    MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
    meta refresh
    MFSA 2010-78 Add support for OTS font sanitizer
    MFSA 2010-77 Crash and remote code execution using HTML tags inside a
    XUL tree MFSA 2010-76 Chrome privilege escalation with window.open and
    <isindex> element MFSA 2010-75 Buffer overflow while line breaking
    after document.write with long string
    MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
    
    Also:
    Fixes for a number of non-security-relevant crashes, increasing the
    stability of the whole platform and the Mail & Newsgroups part of
    SeaMonkey
  3. Pullup ticket #3302 - requested by tnn

    tron authored
    mail/thunderbird: security update
    
    Revisions pulled up:
    - mail/thunderbird/Makefile			1.61-1.62,1.64 via patch
    - mail/thunderbird/distinfo			1.76-1.77
    - mail/thunderbird/patches/patch-pe		delete
    ---
    Module Name:	pkgsrc
    Committed By:	tnn
    Date:		Sat Nov 13 11:05:05 UTC 2010
    
    Modified Files:
    	pkgsrc/mail/thunderbird: Makefile distinfo
    
    Log Message:
    Update to thunderbird-3.1.6.
    Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
    ---
    Module Name:	pkgsrc
    Committed By:	tnn
    Date:		Sat Nov 13 11:54:44 UTC 2010
    
    Modified Files:
    	pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
    	pkgsrc/mail/thunderbird: Makefile
    	pkgsrc/www/firefox: Makefile
    	pkgsrc/www/seamonkey: Makefile
    
    Log Message:
    Reluctantly switch over to bundled cairo and pixman for mozilla packages,
    like other distros have recently done. Bump package revisions.
    
    Background:
    The cairo-1.10 update caused multiple regressions in firefox, such as
    flickering gif animations and crashes.
    Mozilla doesn't seem interested in fixing it on the stable branches:
      https://bugzilla.mozilla.org/show_bug.cgi?id=610107
    Other references:
      https://bugzilla.redhat.com/show_bug.cgi?id=628331
      http://bugs.gentoo.org/show_bug.cgi?id=337813
      https://bugzilla.mozilla.org/show_bug.cgi?id=597174
    
    This workaround is guaranteed to cause other problems in the long run;
    so we should attempt to switch back when we move to the mozilla-2.0 branch.
    ---
    Module Name:	pkgsrc
    Committed By:	tnn
    Date:		Sat Dec 11 14:34:41 UTC 2010
    
    Modified Files:
    	pkgsrc/mail/thunderbird: Makefile distinfo
    Removed Files:
    	pkgsrc/mail/thunderbird/patches: patch-pe
    
    Log Message:
    Update to thunderbird-3.1.7.
    
    - Several fixes to improve performance, stability and security
    - Several fixes to improve handling of large folder files stored
    locally.
    - Several fixes to improve corruption in local copy of IMAP mailboxes.
    
    - MFSA 2010-78 Add support for OTS font sanitizer
    - MFSA 2010-75 Buffer overflow while line breaking after document.write
    	       with long string
    - MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/
    1.9.1.16)
  4. Pullup ticket #3305 - requested by spz

    tron authored
    security/p5-IO-Socket-SSL: security updated
    
    Revisions pulled up:
    - security/p5-IO-Socket-SSL/Makefile		1.53-1.54
    - security/p5-IO-Socket-SSL/distinfo		1.38-1.39
    ---
    Module Name:	pkgsrc
    Committed By:	wiz
    Date:		Thu Dec	 2 12:25:05 UTC 2010
    
    Modified Files:
    	pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo
    
    Log Message:
    Update to 1.34:
    
    v1.34 2010.11.01
    - schema http for certificate verification changed to
      wildcards_in_cn=1, because according to rfc2818 this is valid and
      also seen in the wild
    - if upgrading socket from inet to ssl fails due to handshake problems
      the socket gets downgraded, but is still open.
      See https://rt.cpan.org/Ticket/Display.html?id=61466
    - deprecate kill_socket, just use close()
    ---
    Module Name:	pkgsrc
    Committed By:	gls
    Date:		Tue Dec	 7 20:15:01 UTC 2010
    
    Modified Files:
    	pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo
    
    Log Message:
    Update security/p5-IO-Socket-SSL to 1.35
    
    Security fix
    
    v1.35 2010.12.06
    - if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be
    verified as valid it will no longer fall back to VERIFY_NONE but throw
    an error. Thanks to Salvatore Bonaccorso and Daniel Kahn Gillmor for
    pointing out the problem, see also
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058
  5. Pullup ticket #3300 and #3304.

    tron authored
  6. Pullup ticket #3304 - requested by markd

    tron authored
    emulators/suse113_openssl: security patch
    
    Revisions pulled up:
    - emulators/suse113_openssl/Makefile		1.2
    - emulators/suse113_openssl/distinfo		1.2
    ---
    Module Name:	pkgsrc
    Committed By:	markd
    Date:		Sun Dec 12 09:58:21 UTC 2010
    
    Modified Files:
    	pkgsrc/emulators/suse113_openssl: Makefile distinfo
    
    Log Message:
    Update for CVE-2010-3864. Bump PKGREVISION.
  7. Pullup ticket #3300 - requested by morr

    tron authored
    www/wordpress: security update
    
    Revisions pulled up:
    - www/wordpress/Makefile			1.13
    - www/wordpress/distinfo			1.9
    ---
    Module Name:	pkgsrc
    Committed By:	morr
    Date:		Fri Dec 10 23:34:18 UTC 2010
    
    Modified Files:
    	pkgsrc/www/wordpress: Makefile distinfo
    
    Log Message:
    Security update to 3.0.3. Changes:
    
    Fixes issues in the XML-RPC remote publishing interface which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish or delete posts.
  8. pullup #3299

    spz authored
  9. Pullup ticket 3299 - requested by tez

    spz authored
    security fixes
    
    Revisions pulled up:
    - pkgsrc/security/mit-krb5/Makefile		1.50
    - pkgsrc/security/mit-krb5/distinfo		1.26
    
    Files added:
    pkgsrc/security/mit-krb5/patches/patch-ca
    pkgsrc/security/mit-krb5/patches/patch-cb
    pkgsrc/security/mit-krb5/patches/patch-cc
    pkgsrc/security/mit-krb5/patches/patch-cd
    
    -------------------------------------------------------------------------
       Module Name:    pkgsrc
       Committed By:   tez
       Date:           Fri Dec  3 20:11:31 UTC 2010
    
       Modified Files:
               pkgsrc/security/mit-krb5: Makefile distinfo
       Added Files:
               pkgsrc/security/mit-krb5/patches: patch-ca patch-cb patch-cc patch-cd
    
       Log Message:
       add fix for CVE-2010-1323 from
       http://web.mit.edu/kerberos/advisories/2010-007-patch-r15.txt
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.49 -r1.50 pkgsrc/security/mit-krb5/Makefile
       cvs rdiff -u -r1.25 -r1.26 pkgsrc/security/mit-krb5/distinfo
       cvs rdiff -u -r0 -r1.1 pkgsrc/security/mit-krb5/patches/patch-ca \
           pkgsrc/security/mit-krb5/patches/patch-cb \
           pkgsrc/security/mit-krb5/patches/patch-cc \
           pkgsrc/security/mit-krb5/patches/patch-cd
Something went wrong with that request. Please try again.