On Tue, Sep 1, 2015, at 12:22, Max Brazhnikov wrote: > On Fri, 28 Aug 2015 13:42:06 -0700 (PDT) Alonso Schaich wrote: > > SVN commit 11418 by aschai: > > > > Disable JASPER usage > > > > JASPER was blacklisted due to it's security issues two weeks ago, and cannot > > be installed unless explicitly whitelisted by the user. Tell kdelibs not to > > use JASPER for the time being. > > > > The corresponding jasper issues are CVE-2015-5221 and CVE-2015-5203. > > Alonso! This commit changes nothing from the user perspective: the > packages are build from the official portstree, not area51! Please commit > security fixed to the ports directly and then to area51 if needed. Btw, > jasper port has been fixed already. > > Max
Hi This commit does not fix a security issue, it work arounds the fact that jasper could not be installed last week. I commited this to area51 because I had to reinstall multiple installations (hardware failure caused loss of all my build VMs). I'll revert this commit later, or turn JASPER into an option. _______________________________________________ kde-freebsd mailing list kde-freebsd@kde.org https://mail.kde.org/mailman/listinfo/kde-freebsd See also http://freebsd.kde.org/ for latest information
