Upstream is unmaintained for 18 years, needs patches to build, the
bundled libgfx doesn't build at all and the port is unmaintained as
well, therefore deprecate it. Also update WWW/MASTER_SITES to a location
that still exists, just in case someone wants to maintain the port.
Also deprecate graphics/libgfx, it's unmaintained for just as long and
also needs patches to build and x11/fireflies is the last remaining
consumer.
The following issues are addressed with these security updates:
- RT is vulnerable to unvalidated email headers in incoming email and the
mail-gateway REST interface.
This vulnerability is assigned CVE-2023-41259.
- RT is vulnerable to information leakage via response messages returned from
requests sent via the mail-gateway REST interface.
This vulnerability is assigned CVE-2023-41260.
- RT 5.0 is vulnerable to information leakage via transaction searches made by
authenticated users in the transaction query builder.
This vulnerability is assigned CVE-2023-45024.
- RT 5.0 can reveal information about data on various RT objects in errors and
other response messages to REST 2 requests.
The following issues are addressed with these security updates:
- RT is vulnerable to unvalidated email headers in incoming email and the
mail-gateway REST interface.
This vulnerability is assigned CVE-2023-41259.
- RT is vulnerable to information leakage via response messages returned from
requests sent via the mail-gateway REST interface.
This vulnerability is assigned CVE-2023-41260.
- RT 5.0 is vulnerable to information leakage via transaction searches made by
authenticated users in the transaction query builder.
This vulnerability is assigned CVE-2023-45024.
- RT 5.0 can reveal information about data on various RT objects in errors and
other response messages to REST 2 requests.
- security/wazuh-agent: Enable INOTIFY option by default. It enables Kevent
based real time monitoring. See some examples like use it at:
https://wazuh.com/blog/detecting-common-linux-persistence-techniques-with-wazuh/
- security/wazuh-manager: Add entries to pkg-message.in about FreeBSD SCA files
and FreeBSD decoders and rules files. I'll maintain update versions of these
files at https://github.com/alonsobsd/wazuh-freebsd
- security/wazuh-dashboard: Update project url to new one
- Othe minor modifications
<ChangeLog>
*) Feature: allow to set the HTTP response status in Wasm module.
*) Feature: allow uploads larger than 4GiB in Wasm module.
*) Bugfix: application process could crash while rewriting URLs with
query strings.
*) Bugfix: requests larger than about 64MiB could cause error in Wasm
module.
*) Bugfix: when using many headers in Java module some of them could be
corrupted due to memory realocation issue.
*) Bugfix: ServerRequest.destroy() implemented in Node.js module to make
it compatible with some frameworks that might use it.
*) Bugfix: chunk argument of ServerResponse.write() can now be a
Uint8Array to improve compatibility with Node.js 15.0.0 and above.
*) Bugfix: Node.JS unit-http NPM module now has appropriate default
paths for macOS/arm64 systems.
*) Bugfix: build on musl libc with clang.
</ChangeLog>
Update the libpfctl version for main (i.e. 15). We've removed DIOCGETSTATESV2
(unless COMPAT_FREEBSD14 is set), so make sure libpfctl uses the netlink
version.
Sponsored by: Rubicon Communications, LLC ("Netgate")
New windows were sometimes inappropirately resized when near the
bottom of the screen. This was due to the erroneous use of
setBottom() where moveBottom() was needed to move, rather than
resize the window.
In PR 274169 all *arr ports were switched to use 'USES+=libiconv' instead of a
hard dependency on the 'converters/libiconv' port. Turns out, this is
incorrect.
Specifically 'libMonoPosixHelper' (part of .NET) is compiled against the port,
and will break when the port is not installed (incompatible with the base
version of libiconv)
This patch moves all *arr ports back to RUN_DEPENDS on converters/libiconv
PR: 274532
Reported by: michiel@vanbaak.eu (maintainer)
armv7 still doesn't have it, so disable OpenMP there to make the port
build. The previous problem from PR 262208 seems to no longer occur.
Approved by: portmgr (build fix blanket)
MFH: 2023Q4
The update to 0.0.28 from PR 274213 did not include a file that sets
backend mode in new installations. If the backend is not set, the
application does not start.
This version includes the missing patch file, and also sets the
$BACKEND environment variable as a fallback. The application will
substitute it at runtime if required.
PR: 274213, 274529
Fixes: 714e7fb44f
gcc does not support -Wno-error=incompatible-function-pointer-types.
Only enable the warning for clang to fix various ports that fail to
build with error messages like
cc1: error: '-Wno-error=incompatible-function-pointer-types': no
option '-Wincompatible-function-pointer-types'; did you mean
'-Wincompatible-pointer-types'?
MFH: 2023Q4
Remove separate distfile for libtremotesf as it has been merged into
main tree.
Remove separate distfile for cpp-httplib as we can use www/cpp-httplib
now.
Note: despite Qt 6 support added, we can't use it right now as KDE
Framework 6 is also needed.
Release info: https://github.com/equeim/tremotesf2/releases/tag/2.5.0
PR: 274511
*Security fixes:
Fixed CVE-2023-42799, CVE-2023-42800, and CVE-2023-42801
From: https://github.com/moonlight-stream/moonlight-embedded/releases/tag/v2.6.1
*Optimize the experience of grabing the keyboard.
Now,Exclusive grab keyboard is the default behavior.But maybe it doesn't work on the Wayland WM.
Use Alt+Ctrl+Shift+Z to grab or ungrab keyboard.
*Optimize the experience of using the gamepad on FreeBSD.
Replace the libevdev drive gamepad with SDL to ensure maximum compatibility.
The rumble on the gamepad may not work.
*Update man page.
Explanation for changed patch files:
*patch-src_config.c:
*patch-src_config.h:
*patch-src_main.c:
*patch-src_input_sdl.c:
*patch-src_input_sdl.h:
Add -nosdl option and replace the libevdev drive gamepad with SDL.
*patch-src_input_evdev.c:
*patch-src_input_x11.c:
*patch-src_video_x11.c:
Add the way to ungrab the keyboard for x11* platform.
*patch-src_sdl.c:
*patch-src_sdl.h:
*patch-src_input_sdl.c:
Add the way to ungrab the keyboard for SDL platform.
PR: 274452
MFH: 2023Q4
Security: f8c2f741-6be1-11ee-b33a-a04a5edf46d9
Any produce binary of the gnat12 Ada compiler that had dependencies
on libstdc++ from this package would result in broken binaries
because no RUNPATH and no ldconfig paths were set up such that the
included libstdc++ would get found.
While we're at it, add the missing binutils dependency because the
compiler driver would find the GNU assembler that is hardcoded in
the Makefile.
PR: 274239
Signed-off-by: Nico Sonack <nsonack@herrhotzenplotz.de>
Approved by: thierry (maintainer timeout, two weeks)
MFH: 2023Q4
