notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

non port: x11/kdelibs4/files/patch-ocert-2009-015-khtml

Number of commits found: 2

Friday, 27 Nov 2009
01:44 miwi search for other commits by this committer
The KDE FreeBSD team is proud to announce the release of KDE 4.3.3
for FreeBSD.

For lists of bugfixes and improvements please see:
http://www.kde.org/announcements/changelogs/changelog4_3_1to4_3_2.php
http://www.kde.org/announcements/changelogs/changelog4_3_2to4_3_3.php

The KDE FreeBSD team would like to say thanks to all the helpers
and submitters.

Tested by:      pointyhat-exp-run (myself)
Original commit
Tuesday, 3 Nov 2009
09:45 miwi search for other commits by this committer
Secuirty Update:

Ark input sanitization errors:
The KDE archiving tool, Ark, performs insufficient validation
which leads to specially crafted archive files, using unknown
MIME types, to be rendered using a KHTML instance, this can
trigger uncontrolled XMLHTTPRequests to remote sites.

IO Slaves input sanitization errors:
KDE protocol handlers perform insufficient input validation, an
attacker can craft malicious URI that would trigger JavaScript
execution. Additionally the 'help://' protocol handler suffer
from directory traversal. It should be noted that the scope of
this issue is limited as the malicious URIs cannot be embedded
in Internet hosted content.

KMail input sanitization errors:
The KDE mail client, KMail, performs insufficient validation which
leads to specially crafted email attachments, using unknown MIME
types, to be rendered using a KHTML instance, this can trigger
uncontrolled XMLHTTPRequests to remote sites.

Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)
Approved by:    secteam (myself), portmgr
Security:      
http://www.vuxml.org/freebsd/6f358f5a-c7ea-11de-a9f3-0030843d3802.html
Original commit

Number of commits found: 2