[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2012Q2 2012-09-04T20:30:25Z 2012-09-04T20:30:25Z tron tron 2012-09-04T20:30:25Z urn:sha1:64f75fbe47719ff9c8d4488bf7b02fc9147a56d3 mail/roundcube: security update Revisions pulled up: - mail/roundcube/MESSAGE 1.7 - mail/roundcube/Makefile 1.44-1.46 - mail/roundcube/PLIST 1.24 - mail/roundcube/distinfo 1.25 --- Module Name: pkgsrc Committed By: fhajny Date: Wed Jul 25 11:24:21 UTC 2012 Modified Files: pkgsrc/mail/roundcube: Makefile Log Message: Make package more portable by pre-creating destination for pax --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 16:19:41 UTC 2012 Modified Files: pkgsrc/mail/roundcube: MESSAGE Makefile Log Message: Some tweak in MESSAGE. * Note UPGRADING document which describes update process. * Remove note for older package. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Tue Aug 21 15:26:32 UTC 2012 Modified Files: pkgsrc/mail/roundcube: Makefile PLIST distinfo Log Message: Update roundcube to 0.8.1. Fixes two XSS issue. Here is quote from changelog of 0.8.1, please refer CHAGNGELOG file for full changes from 0.7.2. - Fix bug where domain name was converted to lower-case even with login_lc=false (#1488593) - Fix lower-casing email address on replies (#1488598) - Fix line separator in exported messages (#1488603) - Fix XSS issue where plain signatures wasn't secured in HTML mode (#1488613) - Fix XSS issue where href="javascript:" wasn't secured (#1488613) - Fix impossible to create message with empty plain text part (#1488610) - Fix stripped apostrophes when replying in plain text to HTML message (#1488606) - Fix inactive Save search option after advanced search (#1488607) - Fix Remove from group option is active for contact search result (#1488608) - Disable autocapitalization in login form on iPad/iPhone (#1488609) - Fix focus on the list when list row is clicked (#1488600) - Added separate From and To columns apart from smart From/To column (#1486891) - Fix fallback to Larry skin when configured skin isn't available (#1488591) - Fix (workaround) delete operations with some versions of memcache (#1488592) - Fix (disable) request validation for spell and spell_html actions 2012-08-20T08:22:28Z sbd sbd 2012-08-20T08:22:28Z urn:sha1:365434ac006bd5e22558dd4e00c1dbcd06645607 Ruby on Rails 3.2.8 security update Revisions pulled up: - databases/ruby-activerecord32/distinfo 1.6 - devel/ruby-activemodel32/distinfo 1.6 - devel/ruby-activesupport32/distinfo 1.6 - devel/ruby-railties32/distinfo 1.6 - lang/ruby/rails.mk 1.30 - mail/ruby-actionmailer32/distinfo 1.6 - www/ruby-actionpack32/distinfo 1.6 - www/ruby-activeresource32/distinfo 1.6 - www/ruby-rails32/distinfo 1.6 --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:37:06 UTC 2012 Modified Files: pkgsrc/lang/ruby: rails.mk Log Message: Start update of Ruby on Rails 3.2.8. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:38:09 UTC 2012 Modified Files: pkgsrc/devel/ruby-activesupport32: distinfo Log Message: Update ruby-activesupport32 to 3.2.8. ## Rails 3.2.8 (Aug 9, 2012) ## * Fix ActiveSupport integration with Mocha > 0.12.1. *Mike Gunderloy* * Reverted the deprecation of ActiveSupport::JSON::Variable. *Rafael Mendonça França* --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:38:41 UTC 2012 Modified Files: pkgsrc/devel/ruby-activemodel32: distinfo Log Message: Update ruby-activemodel32 to 3.2.8. ## Rails 3.2.8 (Aug 9, 2012) ## * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:40:00 UTC 2012 Modified Files: pkgsrc/www/ruby-actionpack32: distinfo Log Message: Update ruby-actionpack32 to 3.2.8. ## Rails 3.2.8 (Aug 9, 2012) ## * There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the helper doesn't correctly handle malformed html. As a result an attacker can execute arbitrary javascript through the use of specially crafted malformed html. *Marek from Nethemba (www.nethemba.com) & Santiago Pastorino* * When a "prompt" value is supplied to the `select_tag` helper, the "prompt" value is not escaped. If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks. Vulnerable code will look something like this: select_tag("name", options, :prompt => UNTRUSTED_INPUT) *Santiago Pastorino* --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:41:02 UTC 2012 Modified Files: pkgsrc/databases/ruby-activerecord32: distinfo Log Message: Update ruby-activerecord32 to 3.2.8. ## Rails 3.2.8 (Aug 9, 2012) ## * Do not consider the numeric attribute as changed if the old value is zero and the new value is not a string. Fixes #7237. *Rafael Mendonça França* * Removes the deprecation of `update_attribute`. *fxn* * Reverted the deprecation of `composed_of`. *Rafael Mendonça França* * Reverted the deprecation of `*_sql` association options. They will be deprecated in 4.0 instead. *Jon Leighton* * Do not eager load AR session store. ActiveRecord::SessionStore depends on the abstract store in Action Pack. Eager loading this class would break client code that eager loads Active Record standalone. Fixes #7160 *Xavier Noria* * Do not set RAILS_ENV to "development" when using `db:test:prepare` and related rake tasks. This was causing the truncation of the development database data when using RSpec. Fixes #7175. *Rafael Mendonça França* --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:41:37 UTC 2012 Modified Files: pkgsrc/www/ruby-activeresource32: distinfo Log Message: Update ruby-activeresource32 to 3.2.8. ## Rails 3.2.8 (Aug 9, 2012) ## * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:42:14 UTC 2012 Modified Files: pkgsrc/mail/ruby-actionmailer32: distinfo Log Message: Update ruby-actionmailer32 to 3.2.8. ## Rails 3.2.8 (Aug 9, 2012) ## * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:43:08 UTC 2012 Modified Files: pkgsrc/devel/ruby-railties32: distinfo Log Message: Update ruby-railties32 to 3.2.8. ## Rails 3.2.8 (Aug 9, 2012) ## * ERB scaffold generator use the `:data => { :confirm => "Text" }` syntax instead of `:confirm`. *Rafael Mendonça França* --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 12:44:30 UTC 2012 Modified Files: pkgsrc/www/ruby-rails32: distinfo Log Message: Update ruby-rails32 to 3.2.8. This is a meta-like package and no changes. 2012-08-20T08:19:36Z sbd sbd 2012-08-20T08:19:36Z urn:sha1:a3490635e097ae6187565d2964a53648159df645 Ruby on Rails 3.1.8 security update Revisions pulled up: - databases/ruby-activerecord31/distinfo 1.6 - devel/ruby-activemodel31/distinfo 1.6 - devel/ruby-activesupport31/distinfo 1.7 - devel/ruby-railties31/distinfo 1.6 - lang/ruby/rails.mk 1.29 - mail/ruby-actionmailer31/distinfo 1.6 - www/ruby-actionpack31/distinfo 1.7 - www/ruby-activeresource31/distinfo 1.6 - www/ruby-rails31/distinfo 1.6 --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:32:52 UTC 2012 Modified Files: pkgsrc/lang/ruby: rails.mk Log Message: Start Ruby on Rails 3.1.8. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:33:18 UTC 2012 Modified Files: pkgsrc/devel/ruby-activesupport31: distinfo Log Message: Update ruby-activesupport31 to 3.1.8. ## Rails 3.1.8 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:33:48 UTC 2012 Modified Files: pkgsrc/devel/ruby-activemodel31: distinfo Log Message: Update ruby-activemodel31 to 3.1.8. ## Rails 3.1.8 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:34:38 UTC 2012 Modified Files: pkgsrc/www/ruby-actionpack31: distinfo Log Message: Update ruby-actionpack31 to 3.1.8. ## Rails 3.1.8 (Aug 9, 2012) * There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the helper doesn't correctly handle malformed html. As a result an attacker can execute arbitrary javascript through the use of specially crafted malformed html. *Marek from Nethemba (www.nethemba.com) & Santiago Pastorino* * When a "prompt" value is supplied to the `select_tag` helper, the "prompt" value is not escaped. If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks. Vulnerable code will look something like this: select_tag("name", options, :prompt => UNTRUSTED_INPUT) *Santiago Pastorino* --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:35:20 UTC 2012 Modified Files: pkgsrc/databases/ruby-activerecord31: distinfo Log Message: Update ruby-activerecord31 to 3.1.8. ## Rails 3.1.8 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:36:35 UTC 2012 Modified Files: pkgsrc/www/ruby-activeresource31: distinfo Log Message: Update ruby-activeresource31 to 3.1.8. ## Rails 3.1.8 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:37:22 UTC 2012 Modified Files: pkgsrc/mail/ruby-actionmailer31: distinfo Log Message: Update ruby-actionmailer31 to 3.1.8. ## Rails 3.1.8 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:37:52 UTC 2012 Modified Files: pkgsrc/devel/ruby-railties31: distinfo Log Message: Update ruby-railties31 to 3.1.8. ## Rails 3.1.8 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 10:38:45 UTC 2012 Modified Files: pkgsrc/www/ruby-rails31: distinfo Log Message: Update ruby-rails31 to 3.1.8. This is a meta-like package and no changes. 2012-08-20T07:54:04Z sbd sbd 2012-08-20T07:54:04Z urn:sha1:51a622c60111da3d312e5cc3f1483f5dd5b2c4ee Ruby on Rails 3.0.17 security update. Revisions pulled up: - databases/ruby-activerecord3/distinfo 1.15 - devel/ruby-activemodel/distinfo 1.15 - devel/ruby-activesupport3/distinfo 1.16 - devel/ruby-railties/distinfo 1.15 - lang/ruby/rails.mk 1.28 - mail/ruby-actionmailer3/distinfo 1.17 - www/ruby-actionpack3/distinfo 1.16 - www/ruby-activeresource3/distinfo 1.15 - www/ruby-rails3/distinfo 1.16 --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:44:22 UTC 2012 Modified Files: pkgsrc/lang/ruby: rails.mk Log Message: Start update of Ruby on Rails 3.0.17. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:44:58 UTC 2012 Modified Files: pkgsrc/devel/ruby-activesupport3: distinfo Log Message: Update ruby-activesupport3 to 3.0.17. ## Rails 3.0.17 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:45:45 UTC 2012 Modified Files: pkgsrc/devel/ruby-activemodel: distinfo Log Message: Update ruby-activemodel to 3.0.17. ## Rails 3.0.17 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:46:45 UTC 2012 Modified Files: pkgsrc/www/ruby-actionpack3: distinfo Log Message: Update ruby-actionpack3 to 3.0.17 ## Rails 3.0.17 (Aug 9, 2012) * There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the helper doesn't correctly handle malformed html. As a result an attacker can execute arbitrary javascript through the use of specially crafted malformed html. *Marek from Nethemba (www.nethemba.com) & Santiago Pastorino* * When a "prompt" value is supplied to the `select_tag` helper, the "prompt" value is not escaped. If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks. Vulnerable code will look something like this: select_tag("name", options, :prompt => UNTRUSTED_INPUT) *Santiago Pastorino* --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:47:45 UTC 2012 Modified Files: pkgsrc/databases/ruby-activerecord3: distinfo Log Message: Update ruby-activerecord3 to 3.0.17. ## Rails 3.0.17 (Aug 9, 2012) * Fix type_to_sql with text and limit on mysql/mysql2 (GH #7252) --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:48:26 UTC 2012 Modified Files: pkgsrc/mail/ruby-actionmailer3: distinfo Log Message: Update ruby-actionmailer3 to 3.0.17. ## Rails 3.0.17 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:49:01 UTC 2012 Modified Files: pkgsrc/devel/ruby-railties: distinfo Log Message: Update ruby-railties to 3.0.17. ## Rails 3.0.17 (Aug 9, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 12 09:50:41 UTC 2012 Modified Files: pkgsrc/www/ruby-rails3: distinfo Log Message: Update ruby-rails3 to 3.0.17. This is a meta-like package and no changes. --- Module Name: pkgsrc Committed By: taca Date: Wed Aug 15 15:58:23 UTC 2012 Modified Files: pkgsrc/www/ruby-activeresource3: distinfo Log Message: Oops, missed from commit for ruby-activeresource3. 2012-08-12T14:48:59Z tron tron 2012-08-12T14:48:59Z urn:sha1:fb10d0cb734a817396934cd2183360fa1c9cd691 databases/ruby-activerecord32: security update devel/ruby-activemodel32: security update devel/ruby-activesupport32: security update devel/ruby-railties32: security update mail/ruby-actionmailer32: security update www/ruby-actionpack32: security update www/ruby-activeresource32: security update www/ruby-rails32: security update Revisions pulled up: - databases/ruby-activerecord32/distinfo 1.5 - devel/ruby-activemodel32/distinfo 1.5 - devel/ruby-activesupport32/distinfo 1.5 - devel/ruby-railties32/distinfo 1.5 - lang/ruby/rails.mk 1.27 - mail/ruby-actionmailer32/distinfo 1.5 - www/ruby-actionpack32/distinfo 1.5 - www/ruby-activeresource32/distinfo 1.5 - www/ruby-rails32/distinfo 1.5 --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:50:28 UTC 2012 Modified Files: pkgsrc/lang/ruby: rails.mk Log Message: Start update of Ruby on Rails 3.2.7. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:51:18 UTC 2012 Modified Files: pkgsrc/devel/ruby-activesupport32: distinfo Log Message: Update ruby-activesupport32 to 3.2.7. ## Rails 3.2.7 (unreleased) * Hash#fetch(fetch) is not the same as doing hash[key] * adds a missing require [fixes #6896] * make sure the inflection rules are loaded when cherry-picking active_support/core_ext/string/inflections.rb [fixes #6884] * Merge pull request #6857 from rsutphin/as_core_ext_time_missing_require * bump AS deprecation_horizon to 4.0 --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:52:25 UTC 2012 Modified Files: pkgsrc/devel/ruby-activemodel32: distinfo Log Message: Update ruby-activemodel32 to 3.2.7. ## Rails 3.2.7 (unreleased) * `validates_inclusion_of` and `validates_exclusion_of` now accept `:within` option as alias of `:in` as documented. * Fix the the backport of the object dup with the ruby 1.9.3p194. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:53:01 UTC 2012 Modified Files: pkgsrc/www/ruby-activeresource32: distinfo Log Message: Update ruby-activeresource32 to 3.2.7. ## Rails 3.2.7 (unreleased) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:53:46 UTC 2012 Modified Files: pkgsrc/databases/ruby-activerecord32: distinfo Log Message: Update ruby-activerecord32 to 3.2.7. ## Rails 3.2.7 (unreleased) ## * `:finder_sql` and `:counter_sql` options on collection associations are deprecated. Please transition to using scopes. *Jon Leighton* * `:insert_sql` and `:delete_sql` options on `has_and_belongs_to_many` associations are deprecated. Please transition to using `has_many :through` *Jon Leighton* * `composed_of` has been deprecated. You'll have to write your own accessor and mutator methods if you'd like to use value objects to represent some portion of your models. *Steve Klabnik* * `update_attribute` has been deprecated. Use `update_column` if you want to bypass mass-assignment protection, validations, callbacks, and touching of updated_at. Otherwise please use `update_attributes`. *Steve Klabnik* --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:55:32 UTC 2012 Modified Files: pkgsrc/www/ruby-actionpack32: distinfo Log Message: Update ruby-actionpack32 to 3.2.7. ## Rails 3.2.7 (unreleased) ## * Do not convert digest auth strings to symbols. CVE-2012-3424 * Bump Journey requirements to 1.0.4 * Add support for optional root segments containing slashes * Fixed bug creating invalid HTML in select options * Show in log correct wrapped keys * Fix NumberHelper options wrapping to prevent verbatim blocks being rendered instead of line continuations. * ActionController::Metal doesn't have logger method, check it and then delegate * ActionController::Caching depends on RackDelegation and AbstractController::Callbacks --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:56:13 UTC 2012 Modified Files: pkgsrc/mail/ruby-actionmailer32: distinfo Log Message: Update ruby-actionmailer32 to 3.2.7. ## Rails 3.2.7 (unreleased) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:56:46 UTC 2012 Modified Files: pkgsrc/devel/ruby-railties32: distinfo Log Message: Update ruby-railties32 to 3.2.7. ## Rails 3.2.7 (unreleased) * Since Rails 3.2, use layout false to render no layout * Use strict_args_position! if available from Thor --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:57:33 UTC 2012 Modified Files: pkgsrc/www/ruby-rails32: distinfo Log Message: Update Update ruby-rails32 to 3.2.17. This is a meta-like package and no changes. 2012-08-12T14:26:14Z tron tron 2012-08-12T14:26:14Z urn:sha1:b7e53eb2cbde3212707e064fd9aa4ed02bab8b9c databases/ruby-activerecord31: security update devel/ruby-activemodel31: security update devel/ruby-activesupport31: security update devel/ruby-railties31: security update mail/ruby-actionmailer31: security update www/ruby-actionpack31: security update www/ruby-activeresource31: security update www/ruby-rails31: security update Revisions pulled up: - databases/ruby-activerecord31/distinfo 1.5 - devel/ruby-activemodel31/distinfo 1.5 - devel/ruby-activesupport31/distinfo 1.6 - devel/ruby-railties31/distinfo 1.5 - lang/ruby/rails.mk 1.26 - mail/ruby-actionmailer31/distinfo 1.5 - www/ruby-actionpack31/distinfo 1.6 - www/ruby-activeresource31/distinfo 1.5 - www/ruby-rails31/distinfo 1.5 --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:34:39 UTC 2012 Modified Files: pkgsrc/lang/ruby: rails.mk Log Message: Start update of Ruby on Rails 3.1.7. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:35:07 UTC 2012 Modified Files: pkgsrc/devel/ruby-activesupport31: distinfo Log Message: Update ruby-activesupport31 to 3.1.7. ## Rails 3.1.7 (Jul 26, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:35:47 UTC 2012 Modified Files: pkgsrc/devel/ruby-activemodel31: distinfo Log Message: Update ruby-activemodel31 to 3.1.7. ## Rails 3.1.7 (Jul 26, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:36:18 UTC 2012 Modified Files: pkgsrc/www/ruby-activeresource31: distinfo Log Message: Update ruby-activeresource31 to 3.1.7. ## Rails 3.1.7 (Jul 26, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:36:59 UTC 2012 Modified Files: pkgsrc/databases/ruby-activerecord31: distinfo Log Message: Update ruby-activerecord31 to 3.1.7. ## Rails 3.1.7 (Jul 26, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:38:13 UTC 2012 Modified Files: pkgsrc/www/ruby-actionpack31: distinfo Log Message: Update ruby-actionpack31 to 3.1.7. ## Rails 3.1.7 (Jul 26, 2012) * Do not convert digest auth strings to symbols. CVE-2012-3424 --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:38:47 UTC 2012 Modified Files: pkgsrc/mail/ruby-actionmailer31: distinfo Log Message: Update ruby-actionmailer31 to 3.1.7. ## Rails 3.1.7 (Jul 26, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:39:16 UTC 2012 Modified Files: pkgsrc/devel/ruby-railties31: distinfo Log Message: Update ruby-railties31 to 3.1.7. ## Rails 3.1.7 (Jul 26, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:41:23 UTC 2012 Modified Files: pkgsrc/www/ruby-rails31: distinfo Log Message: Update Update ruby-rails31 to 3.1.17. This is a meta-like package and no changes. 2012-08-12T14:06:57Z tron tron 2012-08-12T14:06:57Z urn:sha1:de674122bc2d5f240bd896f7db450de236b013da databases/ruby-activerecord3: security update devel/ruby-activemodel: security update devel/ruby-activesupport3: security update devel/ruby-railties: security update mail/ruby-actionmailer3: security update mail/ruby-mail22/Makefile www/ruby-actionpack3: security update www/ruby-activeresource3: security update www/ruby-rails3: security update Revisions pulled up: - databases/ruby-activerecord3/distinfo 1.14 - devel/ruby-activemodel/distinfo 1.14 - devel/ruby-activesupport3/distinfo 1.15 - devel/ruby-railties/distinfo 1.14 - lang/ruby/rails.mk 1.25 - mail/ruby-actionmailer3/distinfo 1.16 - mail/ruby-mail22/Makefile 1.5 - www/ruby-actionpack3/distinfo 1.15 - www/ruby-activeresource3/distinfo 1.14 - www/ruby-rails3/distinfo 1.15 --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:20:08 UTC 2012 Modified Files: pkgsrc/lang/ruby: rails.mk Log Message: Start update of Ruby on Rails to 3.0.16. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:21:03 UTC 2012 Modified Files: pkgsrc/devel/ruby-activesupport3: distinfo Log Message: Update ruby-activesupport3 to 3.0.16. ## Rails 3.0.16 (Jul 26, 2012) * No changes. ## Rails 3.0.14 (Jun 12, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:21:54 UTC 2012 Modified Files: pkgsrc/devel/ruby-activemodel: distinfo Log Message: Update ruby-activemodel to 3.0.16. ## Rails 3.0.16 (Jul 26, 2012) * No changes. ## Rails 3.0.14 (Jun 12, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:22:56 UTC 2012 Modified Files: pkgsrc/www/ruby-activeresource3: distinfo Log Message: Update ruby-activeresource3 to 3.0.16. ## Rails 3.0.16 (Jul 26, 2012) * No changes. ## Rails 3.0.14 (Jun 12, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:24:29 UTC 2012 Modified Files: pkgsrc/www/ruby-actionpack3: distinfo Log Message: Update ruby-actionpack3 to 3.0.16. ## Rails 3.0.16 (Jul 26, 2012) * Do not convert digest auth strings to symbols. CVE-2012-3424 ## Rails 3.0.14 (Jun 12, 2012) * nil is removed from array parameter values CVE-2012-2694 --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:25:14 UTC 2012 Modified Files: pkgsrc/databases/ruby-activerecord3: distinfo Log Message: Update ruby-activerecord3 to 3.0.16. ## Rails 3.0.16 (Jul 26, 2012) * No changes. ## Rails 3.0.14 (Jun 12, 2012) * protect against the nesting of hashes changing the table context in the next call to build_from_hash. This fix covers this case as well. CVE-2012-2695 --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:25:49 UTC 2012 Modified Files: pkgsrc/mail/ruby-actionmailer3: distinfo Log Message: Update ruby-actionmailer3 to 3.0.16. ## Rails 3.0.16 (Jul 26, 2012) * No changes. ## Rails 3.0.14 (Jun 12, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:26:47 UTC 2012 Modified Files: pkgsrc/devel/ruby-railties: distinfo Log Message: Update ruby-railties to 3.0.16. ## Rails 3.0.16 (Jul 26, 2012) * No changes. ## Rails 3.0.14 (Jun 12, 2012) * No changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 12:27:36 UTC 2012 Modified Files: pkgsrc/www/ruby-rails3: distinfo Log Message: Update ruby-rails3 to 3.0.16. This is a meta-like package and no changes. --- Module Name: pkgsrc Committed By: taca Date: Tue Jul 31 13:02:49 UTC 2012 Modified Files: pkgsrc/mail/ruby-mail22: Makefile Log Message: Bump PKGREVISION to reflect dependency to devel/ruby-activesupport3. 2012-06-29T14:56:16Z taca taca 2012-06-29T14:56:16Z urn:sha1:a7a488ce89e75d885fdab1b68cc5781c37ef2a5b Changes since Sylpheed 3.1.4 ---------------------------- [New features] * Each attachments on the message view now have graphical label and popup menu. * The UI for Attachments tab was changed to save the space. Users now also can do 'Save all' without switching the view. * The 'show_attach_tab' option (without UI), which reverts the attachments interface to the old one, was added. * Multiple keywords search of the quick search was implemented. * The context menu of the folder view and the summary view can be popped up using Menu key or Shift+F10. * Win32: IPv6 support was enabled again. * Win32: SylFilter is now also included in the installer. The default junk commands were also changed to sylfilter. * Win32: an option to play sound when new messages arrive was added. * Win32: The file selector now follows Windows shortcut (.lnk). [Improvements] * Number of maximum characters per line of configuration files was increased. * Compose window will not be closed if saving of message to outbox failed. * Sender's e-mail address became not guessable from generated Message-Id. * New plug-in APIs were added. * 'Account Preferences - Advanced - Put deleted messages in' account setting actually works now. * MIME debug output was modified. * Both filtered and original numbers of messages are displayed on the status label now. * The POP3 remote mailbox now supports SOCKS proxy. * The POP3 remote mailbox now retrieves headers from the newer messages (useful for slow connection). * The POP3 remote mailbox can now reload message headers after the loading is stopped. * News (NNTP) now supports SOCKS proxy. * The details of new message counts are displayed on the tooltip of the tray icon. * Address auto-completion now also matches to the subsequent part of the name of contacts. * On file selection dialog, the last selected folders are preserved between sessions now. * DNS lookup error is now distinguished from other connection errors. * The clip icon was replaced with more visible one on selected row. [Performance improvements] * The performance of reading cache files was improved by using memory mapped file (requires GTK+ >= 2.8). * Win32: the launch of Windows installer became faster. [Other changes] * Sylfilter command was added as a preset of junk filter program. * The blinking period of the tray icon was extended to 10 seconds. * 'Is shorter than' became the default for 'Age' filter condition. * The Japanse manual was updated, and the encoding of Japanese manual was changed to UTF-8 to prevent display failure on some browsers. [Bugfixes] * Queue control headers are removed when moving messages from queue folders to trash. * Duplicated keyboard accelerators on some dialogs were fixed. * The focus on quick search entry is not stolen by the refresh of summary. * The HTML parser was modified. * The check of IMAP AUTHENTICATE response was fixed. * The compilation failure with GLib 2.32 or later was fixed. * The bug that a MIME part that didn't have its name could not be saved was fixed. * Address autocomplete drop-down list with newer version of GTK+ was fixed (#52). * Line-space for auto-wrapped lines now reflects the line-space setting (#64). * Some minor fixes for IMAP were made. * Some memory leaks were fixed. * Other bugfixes were made. * Some compiler warnings were removed. * Win32: OpenSSL was updated to 0.9.8x. (0.9.8w in Sylpheed 3.1.4 is also not vulnerable) 2012-06-28T18:32:33Z schmonz schmonz 2012-06-28T18:32:33Z urn:sha1:6126deaeaa3b0aab62a188fa0998a12acd19657e - fix a nuisance stack trace that would be dumped if a connection failed in particular states. Thanks: Gary Schmidt. Updating this leaf package during the freeze for the bugfix. 2012-06-23T22:27:11Z dholland dholland 2012-06-23T22:27:11Z urn:sha1:ffd69b3e8fedb6d6b0264431b6848d56cb4702d3 error messages, always use strerror. While here, also correct warnings about implicit declaration of malloc ... which turned out to arise because someone patched stdlib.h into all the right places years ago, but for some bizarre reason decided the change should be OS-specific. grmbl.