| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
|
|
* no need INSTALLATION_DIRS anymore
* MAKE_JOBS_SAFE now.
* some cosmetic fix.
|
|
|
|
|
|
|
|
|
|
The keys used are:
!: modified feature, -: deleted feature, +: new feature
1.5.20 (2009-06-14):
! $fcc_attach is a quadoption now
+ $honor_disposition to honor Content-Disposition headers
+ $search_context specifies number of context lines for search results
in pager/page-based menus
+ ssl_use_sslv2 defaults to no
+ uncolor works for header + body objects, too
+ the "flagged" and "replied" flags are enabled/supported for
POP when built with header caching
! browser correctly displays maildir's mtime
+ <set-flag> and <clear-flag> work in the pager, too
+ ~x pattern also matches against In-Reply-To
+ lower case patterns for string searches perform case-insensitive
search as regex patterns do (except IMAP)
+ $ssl_verify_dates controls whether mutt checks the validity period of
SSL certificates
+ $ssl_verify_hostname controls whether mutt will accept certificates whose
host names do not match the host name in the folder URL.
Disable temporarily mutt-compressed-mbox and mutt-xlabel as the patches are not
available for this version yet.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option.
|
|
|
|
|
|
|
|
|
|
* A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option.
|
|
#ifdef MMAP_NOT_AVAILABLE
/* Code which uses mmap, but with a comment saying we don't want to use it */
#endif
to
#if !defined(MMAP_NOT_AVAILABLE) && 0
/* Code which uses mmap, but with a comment saying we don't want to use it */
#endif
so system without mmap() also work...
|
|
|
|
immediately after reading the security announcement:
* SA-CORE-2009-007 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 6.12 release:
* - Patch #463450 by wulff: fixed documentation glitch.
* #193577 by Rob Loach, Damien Tournoud, andypost: JavaScript string split() function does not behave like PHP explode(); causes problems with multiple node body break tags
* #454992 by sun, bengtan: _drupal_flush_css_js() should not have 'q' as a possible CSS query character, since that is the Drupal path name character too
* #452704 by andypost, catch: Names of compressed CSS and JS files should have a prefix, so that names starting in ad* will not happen. Those are easily blocked by firewalls, Firefox's Adblock, etc.
* #468732 by andypost: cache_clear_all() mentioned cache_flush_delay incorrectly; it should say we use cache_lifetime
* #460420 by wulff, andypost: drupal_set_title() in forum_overview() is not needed; menu already sets the title and is localized
* #398902 by Nick Urban, alexanderpas, kscheirer: password equality checking was not using strict type checking; we should assume these are strings and compared character to character
* #479216 by jhedstrom: fix grammar in forum module messages
* #445748 by Dave Reid, dww: Fix module support for disabled module update status checking and do not track usage in that case.
* #465190 by Heine: The Anonymous name is a plain text setting, so it should be escaped properly for output.
* #246096 by Sutharsan, Pedro Lozano, mr.baileys, andypost: Actions set to run on cron were not actually triggered.
* #226479 by gpk, BrianV, catch: We should always show the node access rebuild button. The check on when to show it was fragile, so the button might not have been there when actually needed.
* #482646 by Dave Reid: For proper HTTP query simpletesting, we should pass on the instance identifier (database prefix).
* #197266 by ufku, lilou, Dave Reid, c960657, drewish: Save a query by only calling file_space_used() when a limit is provided.
* #408876 by Pasqualle, JamesAn: The 'serialize' Schema API property was used but not documented.
* #145733 by kepten, brianV: The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
* #373225 by jpulles, Josh Waihi: When changing columns, PostgreSQL needs explicit type casting to ensure that values are kept properly.
* #236657 by hctom, swentel: In system_clear_cache_submit(), the function arguments were swapped (but it did not affect how it actually worked).
* #243253 by Benjamin Melançon, dww: Update status should not attempt to request update data until a limit is reached. Fixed Drupal instances when drupal.org is down and gets less load on Drupal.org if data is not found.
* #339466 by patryk, c960657, alexanderpas: Remove url() wrapping from remote links and link in a more user friendly OpenID provider list.
* #461938 by grendzy, JamesAn: Use filter_xss_admin() on site name and site slogan, just like footer message and mission
* #455172 by budda, RoboPhred, andypost: Fix drupal_mail() documentation, so that it encourages to set the body of the email as an array (like core does).
* #329797 by berenddeboer, redndahead, danielb: The tablesort code did not account for possibly nested tables; only match immediate descendats, so elements of nested tables are not matched.
* #352121 by valthebald, Damien Tournoud, mr.baileys: The safe string check on translations should only be applied to the default textgroup. Strings in other textgroups such as blocks and menu items are displayed via escaping and filtering, and might contain arbitrary HTML.
|
|
|
|
immediately after reading the security announcement:
* SA-CORE-2009-007 Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 5.18 release:
* #212285 by wrwrwr: hr should be treated as a block level tag. Backport by alexanderpas.
* #145733 by kepten, brianV: The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
|
|
|
|
-use tempfile module function instead of os.tmpfile() so getmail obeys TMPDIR
and similar environment variables. Thanks: Stefan Baehring.
|
|
by joerg.
|
|
|
|
Changes since 1.3.0
-------------------
* Fixed duplicate/missing breakpoints (bug #5965).
* Fixed swapped flags in TOC parsing code (bug #4831).
* Fixed option handling code (bug #4180).
Changes since 1.2
-----------------
* Build system has been rewritten using automake/autoconf.
* Added append, prepend, and split pregap modes to cuebreakpoints.
* Fixed possible compilation error with Bison.
* All tools accept long options.
* Programs exit if --input-format or --output-format is an illegal value.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MP3FS is a read-only FUSE filesystem which transcodes audio formats
(currently FLAC) to MP3 on the fly when opened and read. This was
written to enable using a FLAC collection with software and/or
hardware which only understands MP3.
It is also a novel alternative to traditional MP3 encoder applications.
Just use your favorite file browser to select the files you want
encoded and copy them somewhere!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422
From rails git commit 056ddbdcfb07f0b5c7e6ed8a35f6c3b55b4ab489.
|
