FreeBSD Port: apache-2.0.63_2

2008-11-23 Thread Matt Tourtillott 

Hello Clement,

I am running a FreeBSD 7.0 64bit server with apache 2.0.63_2 port 
installed and the server is failing a PCI compliance issue with apache.


This is what they are saying

Synopsis : The remote web server is vulnerable to a cross-site scripting 
attack. Description : The mod_proxy_ftp module in the version of Apache 
installed on the remote host fails to properly sanitize user-supplied 
URL input before using it to generate dynamic HTML output. Using 
specially crafted requests for FTP URLs with globbing characters (such 
as asterisk, tilde, opening square bracket, etc), an attacker may be 
able to leverage this issue to inject arbitrary HTML and script code 
into a user's browser to be executed within the security context of the 
affected site. See also : http://www.rapid7.com/advisories/R7-0033 
http://www.securityfocus.com/archive/1/4 95180/100/0/threaded 
 
http://www.apache.org/dist/httpd/CHANGES _2.2.10 
 
http://httpd.apache.org/security/vulnera bilities_22.html 
 *Solution*: 
Either disable the affected module or upgrade to Apache version 2.2.10 
or later. *Risk Factor*: Medium  / CVSS Base Score : 4.3 
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE : CVE-2008-2939 BID : 30560 Other 
references : OSVDB:47474



I don't even have this module installed.  Do you know when 2.0.64 will 
be available in the ports tree or have any other suggestion that will 
help solve this issue?


Thanks,  Matt
MarkeTrends, inc.

[More]

I
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Openoffice.org 2.4 & 3.0

2008-11-23 Thread Cy Schubert 
Can Openoffice.org 2.4 and 3.0 coexist on the same system?

Also, importing spellcheck dictionaries into either version results in "bad 
tranfer url". Is there a solution to this?


-- 
Cheers,
Cy Schubert
<[EMAIL PROTECTED]>


___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Boost 1.37 released!

2008-11-23 Thread Alexander Churanov 
Hi folks!

This is a status update on boost-1.37 porting.

Currently port builds, installs and removes successfully. However, a PR is
not filed, because I've suddenly discovered the way 'boost-python' port
works. So, I've decided to take additional time for verifying that
'boost-python' is OK. I suspect that at present at least pkg-plist is not
complete. My estimate for completing the work is is 2-3 days from now.

For the future, I'd like to discuss the possibility of breaking boost into
pieces and installing them separately. The 'devel/boost-jam' port would
install bjam, the 'devel/boost/' port would install all but python-related
stuff, the 'devel/boost-python' port would add pyhon stuff to existing boost
installation, and 'devel/boost-build' would do something simiar to what it
does now. To my mind suggested approach would simplify understanding of how
to install boost. The user would ask a question like 'should I add python to
my boost installation' instead of 'is my boost built with python support or
not'. The only drawback I see is that several ports would require the same
source tarball.

For people interested in trying new port early current port tarball is
placed at http://www.driveway.com/n2g6d8k2m0

Alexander Churanov
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

zipios++ and gcc3 requirement

2008-11-23 Thread Aleš Katona 
Hello, in zipios++ port Makefile there's a comment before USE_GCC line saying:

# port don't strictly need it, but Wesnoth use it so must we

I think this is old info, I've installed Wesnoth before zipios++ (so it doesn't 
even depend on it) and zipios++ works with gcc4. As a testcase, enigma, which 
depends on it, works fine as well.

So unless there's any other reason, I propose to remove the USE_GCC line.

Thanks,

Ales Katona

P.S: If this is a ML, I'm not in it, please reply to my mail directly.
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: CFT: astro/boinc-setiathome-enhanced update

2008-11-23 Thread Rene Ladan 

Torfinn Ingolfsen schreef:

Hello,

On Sun, Nov 23, 2008 at 12:42 PM, Rene Ladan <[EMAIL PROTECTED]> wrote:

I've modified the Makefile at that point to read:

 34: CFLAGS+=   -I${LOCALBASE}/include -I${LOCALBASE}/include/BOINC
-L${LOCALBASE}/lib -O3 -mtune=native
+35: .if defined(CPUTYPE)
+36: CFLAGS+=   -march=${CPUTYPE}
+37: .endif


With this change, the build gets a little further, but then stops with:

/usr/local/include/BOINC/config.h:440:1: warning: "VERSION" redefined
In file included from gdata.cpp:28:
../sah_config.h:518:1: warning: this is the location of the previous definition
In file included from gdata.cpp:33:
gdata.h:39:20: error: reduce.h: No such file or directory
In file included from gdata.cpp:33:
gdata.h:148: error: 'REDUCED_ARRAY_DATA' does not name a type
gmake[2]: *** [seti_boinc-gdata.o] Error 1
gmake[2]: Leaving directory
`/usr/ports/astro/boinc-setiathome-enhanced/work/seti_boinc/client'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory
`/usr/ports/astro/boinc-setiathome-enhanced/work/seti_boinc'
gmake: *** [all] Error 2
*** Error code 2

Stop in /usr/ports/astro/boinc-setiathome-enhanced.
*** Error code 1

Stop in /usr/ports/astro/boinc-setiathome-enhanced.


The file reduce.h doesnt seem to be on my machine at all, and the
souce code cross reference at fxr.watson.org doesn't seem to know it
either: http://fxr.watson.org/fxr/find?string=reduce.h


Nope, this file is part of net/boinc-client.  The current port doesn't
install some files needed for the update.  I once copied them manually
to /usr/local/include/BOINC and completely forgot about that afterwards.

The required files are: reduce.h, graphics_data.h, graphics_api.h, and
boinc_gl.h.  The last three are probably only required when the
screensavers are built, which is currently disabled.  The files can be
found in /usr/ports/net/boinc-client/work/boinc-client-6.2.14/api
after `make patch'.


Thanks for testing it :)


No problem. :-)


Regards,
Rene
--
http://www.rene-ladan.nl/

GPG fingerprint = E738 5471 D185 7013 0EE0  4FC8 3C1D 6F83 12E1 84F6 
(subkeys.pgp.net)
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: CFT: astro/boinc-setiathome-enhanced update

2008-11-23 Thread Torfinn Ingolfsen 
Hello,

On Sun, Nov 23, 2008 at 12:42 PM, Rene Ladan <[EMAIL PROTECTED]> wrote:
> I've modified the Makefile at that point to read:
>
>  34: CFLAGS+=   -I${LOCALBASE}/include -I${LOCALBASE}/include/BOINC
> -L${LOCALBASE}/lib -O3 -mtune=native
> +35: .if defined(CPUTYPE)
> +36: CFLAGS+=   -march=${CPUTYPE}
> +37: .endif

With this change, the build gets a little further, but then stops with:

/usr/local/include/BOINC/config.h:440:1: warning: "VERSION" redefined
In file included from gdata.cpp:28:
../sah_config.h:518:1: warning: this is the location of the previous definition
In file included from gdata.cpp:33:
gdata.h:39:20: error: reduce.h: No such file or directory
In file included from gdata.cpp:33:
gdata.h:148: error: 'REDUCED_ARRAY_DATA' does not name a type
gmake[2]: *** [seti_boinc-gdata.o] Error 1
gmake[2]: Leaving directory
`/usr/ports/astro/boinc-setiathome-enhanced/work/seti_boinc/client'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory
`/usr/ports/astro/boinc-setiathome-enhanced/work/seti_boinc'
gmake: *** [all] Error 2
*** Error code 2

Stop in /usr/ports/astro/boinc-setiathome-enhanced.
*** Error code 1

Stop in /usr/ports/astro/boinc-setiathome-enhanced.


The file reduce.h doesnt seem to be on my machine at all, and the
souce code cross reference at fxr.watson.org doesn't seem to know it
either: http://fxr.watson.org/fxr/find?string=reduce.h

> Thanks for testing it :)

No problem. :-)
-- 
Regards,
Torfinn Ingolfsen
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

FreeBSD Port: cx88-1.0.2

2008-11-23 Thread Axel Burwitz 


Hi Jason,

I am trying to get my DVB-T card Hauppauge WinTV-HVR-1300 running with the  
CX88 driver sw, at the moment without success.


Knowledgeable guys in bsdforen.de advised me to contact you for help.

As pkg-descr says:

cx88 provides drivers for TV/radio capture cards based on
the Conexant CX23880/1/2/3 series of chips. This port
includes the cx88 kernel drivers as well as a simple app
for HDTV capture. It requires multimedia/libtuner for
channel selection and peripheral configuration.


and a

pciconf -lv gives:

[EMAIL PROTECTED]:4:3:0:   class=0x04 card=0x96010070 chip=0x880014f1  
rev=0x05 hdr=0x00

vendor = 'Conexant Systems, Inc.'
device = '23880 Conexant 23880 Video Capture (NTSC)'
class  = multimedia
subclass   = video
[EMAIL PROTECTED]:4:3:1:   class=0x048000 card=0x96010070 chip=0x881114f1  
rev=0x05 hdr=0x00

vendor = 'Conexant Systems, Inc.'
device = 'CX2388x TV Capture Chip'
class  = multimedia
[EMAIL PROTECTED]:4:3:2:   class=0x048000 card=0x96010070 chip=0x880214f1  
rev=0x05 hdr=0x00

vendor = 'Conexant Systems, Inc.'
device = 'CX2388x TV Capture Chip'
class  = multimedia


I compiled and loaded all cx88 parts:

freebsd# kldstat
Id Refs AddressSize Name
 1   23 0xc040 49ab80   kernel
 ...

 96 0xc6813000 6000 cx88.ko
101 0xc681a000 6000 cx88video.ko
113 0xc682 3000 iicdev.ko
125 0xc6823000 3000 iicbus.ko
133 0xc6826000 4000 cx88i2c.ko
141 0xc682a000 8000 cx88audio.ko
151 0xc684d000 3000 cx88ir.ko
161 0xc6851000 5000 cx88mpeg.ko


principally I think the card is found by system:

pci4:  at device 3.0 (no driver attached)
pci4:  at device 3.1 (no driver attached)
pci4:  at device 3.2 (no driver attached)


I don't find any manual or doc for further analysis or steps.

Do you have any ideas how to proceed?

best regards
Axel




--

Opera 9.6 e-mail client FreeBSD 7.1
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: CFT: astro/boinc-setiathome-enhanced update

2008-11-23 Thread Rene Ladan 

Torfinn Ingolfsen schreef:

Hello,

FWIW, even if  I disable astropulse, the problems remains the same.
[EMAIL PROTECTED] make showconfig
===> The following configuration options are available for
boinc-setiathome-enhanced-6.03.4.28:
 SETI_APP=on "Install [EMAIL PROTECTED] binary"
 AP_APP=off "Install Astropulse binary"
===> Use 'make config' to modify these settings

Here are the last few lines from 'make':
configure: "--- Configuring SETI_BOINC 6.03 (client only) ---"
checking whether to enable maintainer-specific portions of Makefiles... no
checking for g++... g++
checking for C++ compiler default output file name...
configure: error: C++ compiler cannot create executables
See `config.log' for more details.
*** Error code 77

Stop in /usr/ports/astro/boinc-setiathome-enhanced.
*** Error code 1

Stop in /usr/ports/astro/boinc-setiathome-enhanced.


I believe the problem can be tracked to these lines in config.log:
configure:3290: checking for C++ compiler default output file name
configure:3312: g++ -O -pipe -I/usr/local/include
-I/usr/local/include/BOINC -L/usr/local/lib -O3 -mtune=native -march=
-fno-strict-aliasing -O -pipe -I/usr/local/include
-I/usr/local/include/BOINC -L/usr/local/lib -O3 -mtune=native -march=
-fno-strict-aliasing   -L/usr/local/lib conftest.cpp  >&5
cc1plus: error: missing argument to "-march="
cc1plus: error: missing argument to "-march="

No, I don't have CC or CXX set, neiher in /etc/make.conf nor in the environment.


My bad, I defined march=${CPUTYPE} at line 34 of the port Makefile.  Removing 
that
should hopefully enable you to build the port (both setiathome and astropulse).
/usr/share/mk/bsd.cpu.mk doesn't set a default CPUTYPE.

I've modified the Makefile at that point to read:

 34: CFLAGS+=   -I${LOCALBASE}/include -I${LOCALBASE}/include/BOINC 
-L${LOCALBASE}/lib -O3 -mtune=native
+35: .if defined(CPUTYPE)
+36: CFLAGS+=   -march=${CPUTYPE}
+37: .endif

Thanks for testing it :)

Regards,
Rene
--
http://www.rene-ladan.nl/

GPG fingerprint = E738 5471 D185 7013 0EE0  4FC8 3C1D 6F83 12E1 84F6 
(subkeys.pgp.net)
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ports/128999: [vuxml] [patch] update audio/streamripper to 1.64.0, fix CVE-2008-4829

2008-11-23 Thread miwi 
Synopsis: [vuxml] [patch] update audio/streamripper to 1.64.0, fix CVE-2008-4829

State-Changed-From-To: open->closed
State-Changed-By: miwi
State-Changed-When: Sun Nov 23 08:55:48 UTC 2008
State-Changed-Why: 
Committed. Thanks!

http://www.freebsd.org/cgi/query-pr.cgi?pr=128999
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"