FreshBSD

Make sure no extra OpenCV libraries are picked up during linking.
Reduces WANTLIB-kipi back to something realistic. Went upstream already.

okay sthen@

Nitpicking: set actual test names. Doesn't affect actual testing.

committing under sthen@'s okay for portcheck

Missing function name between "&&" and arguments.

okay sthen@ since portcheck doesn't affect actual release

Fix FULLPKGNAME handling, it should be subpackage-dependent.

okay sthen@ since portcheck doesn't affect actual release

Entry for cherokee CVE-2014-4668.

Update ansible to 1.6.7 which fixes these CVEs:

- CVE-2014-4966 (lookup function)
- CVE-2014-4967 (action arguments)

Noted by and OK jasper@
OK naddy@

MFC security fix for CVE-2014-4668.  ok jasper@

Original log message:
  The LDAP authenticator considered successful LDAP bindings as a proper
  authentication, without checking the length of the user's password.
  But the LDAP server configuration might allow password-less bindings
  to retrieve public information. ok naddy@

Add files from parent branch HEAD:
        www/cherokee/patches/patch-cherokee_validator_ldap_c

SECURITY fix for CVE-2014-4668.  The LDAP authenticator considered
successful LDAP bindings as a proper authentication, without checking
the length of the user's password.  But the LDAP server configuration
might allow password-less bindings to retrieve public information.
ok naddy@

add www/p5-CGI-Application CVE-2013-7329

Update www/p5-CGI-Application for CVE-2013-7329
Fix RT 84403 - 'Security problem: missing "start" mode dumps ENV to output
page'
https://github.com/markstos/CGI--Application/pull/15

While here remove groff and fix runtime depends.
www/p5-CGI-PSGI is optional, include it as people nowadays run PSGI and are
moving away from MOD_PERL.

From maintainer Ian McWilliam

do not pick up gmkdir in configure; ok espie@

add a run dep for urlwatch on lynx, ok jasper@

quirk for exim vuln fix, reminded by espie

w3m -> lynx

req. by naddy@

Fix WANTLIB.

update to Exim 4.83, fixes CVE-2014-2972 - more information at
https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html

ok naddy@

This port needs a major update to work with Mono3; it seems we will not
have time to properly do this before lock so mark BROKEN.

ok jasper@ sthen@ robert@

fix a remnant of MULTI_PACKAGES reorg, a few years ago: there's no reason
to count LIB_DEPENDS and WANTLIB in build-deps, only the actual subpackaged
version count (reminder: even single package ports are actually multi-packaged,
with SUBPACKAGE=-, hence we will count LIB_DEPENDS- and WANTLIB-).

This was actually a discrepancy between manual builds and dpb builds, as the
output of dump-vars won't show plain LIB_DEPENDS. This caused a bit of
confusion wrt multimedia/mlt. Hence the actual fix.

Better fix for missing dependency, similar to devel/kdevelop one.

Even better patch for missing dependency, operating at source file level.

Install missing @sample files; this unbreaks mono-basic.

ok sthen@ robert@ (maintainer)

add -lexecinfo and remove the patch disabling backtrace() support, registering
the dependency (thus fixing an unregistered build dependency on execinfo.h and
adding support for the functionality). Build problem reported by naddy@,
ok jsg@ jasper@

Unbreak after mono update (from Arch Linux).

ok espie@

Do not pick up OpenCV if found.

noticed by naddy@ and sthen@, ok naddy@

Remove a dead link from the README.
From misc.nick at gmx dot com, ok dcoppa@ naddy@

Missing LIB_DEPENDS on nepomuk-core.

Detailed explanation: port-lib-depends-check won't complain, because this
port have RDEP on kde-runtime, which in turn has itself nepomuk-core as
a dependency. But at the build time RDEPs aren't installed, and sooner or
later things would break... And this finally happened at naddy@'s.

    Fix accessing the calendar on i386, bug introduced when i386 was switched to use 
clang.
    
    OK jasper@

Depend on lynx instead of w3m (which depends on boehm-gc that is broken
on some arches).

ok sthen@

Update minitube to 2.2 after the youtube API changes.
ok espie@ jca@.

Tweak documentation according to recent rc changes.

ok jasper@

Remove net/unbound. It's been unlinked for a while and is now in base.

prodded by and ok sthen@, ok jasper@

add bozohttpd

Prevent the nrpe children from cleaning up the pidfile on
accept(2)/getpeername(2) errors, from Ubuntu.  ok sthen@

Security fix for CVE-2014-5015
bozohttpd: basic http authentication bypass

ok benoit@ (MAINTAINER), sthen@

Security update to bozohttpd-20140708, addresses CVE-2014-5015

ok benoit@ (MAINTAINER), sthen@

Security fix for CVE-2014-4909,
transmission peer communication vulnerability

bdep on desktop-file-utils, ok landry

Re-do the fix for "ui_custom_include_paths.h", should work now
(continues to work without problems on i386...)

Also, fix fallout from some recent headers tweaking in base.

Both fixes are build-time only, so no REVISION bump.

add net/transmission to the cve list; prodded/ok espie@

Add a note about updating KDE artwork packages on xscreensaver update.

okay sthen@

Do not output "Default dictionary has been set to `british'" each time the
pkg is updated; because that is not true.
Tweak the @exec line.
Move MESSAGE into a README.

after a comment by guenther@ on icb

regen plist to include the openbsd implementation for the partitions fact...oops.

update to 2.84: fix peer communication vulnerability
also tested by gonzalo@

apply patch from upstream to effectively unbreak augtool, as the xymon_alerting
lens was failing.

rc.conf* aren't shell scripts anymore, but don't match the simplevars lens'
format either, so just make them simplelines instead.

Unbreak after recent mono upgrade.

Remove patch that should have been removed in previous, reminded by
nigel@ & kent spillner, dunno why it applied first i tried...

drupal6 updates: core 6.3.2 (security update), date 2.10, filefield 3.13
ok espie@

Drop some uneeded stuffs.