| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Changes since 0.12.5:
- Fix some coverity issues.
- lazy-create XML namespaces so only used-ones are declared.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=705564
- https://bugzilla.gnome.org/show_bug.cgi?id=730590
- https://bugzilla.gnome.org/show_bug.cgi?id=730591
- https://bugzilla.gnome.org/show_bug.cgi?id=731033
All contributors to this release:
- Jens Georg <mail@jensge.org>
|
|
|
|
CVE-2014-3879:
- Better dynamic loader, supports specifying modules without ".so"
prefix.
- Improve documentation.
- openpam_subst, openpam_readword and openpam_readlinev helpers
- PAM_HOST item for better password prompts
- user_prompt, authtok_prompt and oldauthtok_prompt module options
- pamtest(1) program for testing policies and modules
|
|
|
|
|
|
Upstream changes:
Networkx-1.8.1
Release date: 4 August 2013
Bugfix release for missing files in source packaging
Networkx-1.8
Release date: 28 July 2013
Highlights
Faster (linear-time) graphicality tests and Havel-Hakimi graph generators
Directed Laplacian matrix generator
Katz centrality algorithm
Functions to generate all simple paths
Improved shapefile reader
More flexible weighted projection of bipartite graphs
Faster topological sort, decendents and ancestors of DAGs
Scaling parameter for force-directed layout
Bug Fixes
Error with average weighted connectivity for digraphs, correct normalized laplacian with self-loops, load betweenness for single node graphs, isolated nodes missing from dfs/bfs trees, normalize HITS using l1, handle density of graphs with self loops
Cleaner handling of current figure status with Matplotlib, Pajek files now don't write troublesome header line, default alpha value for GEXF files, read curved edges from yEd GraphML
|
|
|
|
|
|
- caching framework may expose private data and/or allow cache poisoning
- stricter checking for valid URLs when redirecting based on user input,
e.g. on the login page
|
|
- irssi-0.8.16 [pkg/48866] (done)
|
|
|
|
Version 3.3.2 (2014-06-04)
--------------------------
### Fixed
Add the media query to the style sheets in debug mode (see #7070).
### Fixed
Disable the debug mode in the extension creator (see #7068).
### Fixed
Convert image source insert tags in the back end preview (see #7065).
### Fixed
Render all root nodes in the page and file picker (see #6844).
### Fixed
Add the "scssphp-compass" library to support Compass functions.
### Fixed
Support adding multiple TinyMCE instances to the same page (see #7061).
|
|
|
|
Version 3.2.11 (2014-06-04)
---------------------------
### Fixed
Make `$this->locationLabel` available in the event list (see #7030).
### Fixed
Correctly set the root page title (see #7023).
### Fixed
Only show the sort hint if there is more than one element (see #6935).
### Fixed
Try to raise the PHP limits upon file synchronization (see #7035).
|
|
|
|
|
|
|
|
depend on mail/qmail, so ${QMAILDIR} may not exist at build time.
Patch out overzealous configure checks.
|
|
|
|
lang/g95 is built with NetBSD current's GCC 4.8.3. Thank you, asau@.
|
|
|
|
|
|
|
|
! XS.xs
+ t/06-nonstr.t
Addressed: RT#94793: encodeURIComponent can't encode integer values
https://rt.cpan.org/Ticket/Display.html?id=94793
! t/03-hashu.t
No longer skips tests 4-6 for Test::Harness->VERSION > 3
! Makefile.PL
Pulled: https://github.com/dankogai/p5-uri-escape-xs/pull/4
! lib/URI/Escape/XS.pm
Pulled: https://github.com/dankogai/p5-uri-escape-xs/pull/3
|
|
|
|
- fixed: IO::Socket::SSL related warning (GitHub issue #3)
- fixed: "500 Can't read entity body" with IO::Socket:SSL (GitHub issue #4)
|
|
|
|
- Fixed a remotely exploitable hole, please update ASAP
|
|
|
|
- Some tests added in 1.09 would fail on a Perl without a 64-bit
gmtime(). Reported by Jerome Eteve. RT #95345.
- A call to ->truncate( to => 'week' ) could fail but leave the object
changed. RT #93347.
- The value of ->jd() is now calculated based on ->mjd() instead of the other
way around. This reduces floating point errors a bit when calculating MJD,
and should have a neglible impact on the accuracy of JD. Reported by Anye
Li. RT #92972. See the ticket for a more detailed description of what this
fixes.
- Attempting to construct a DateTime object with a year >= 5000 and a time
zone other than floating or DST now issues a warning. This warning may go
away once DateTime::TimeZone is made much faster. Inspired by a bug report
from Lloyd Fournier. RT #92655.
|
|
|
|
- remove invalid Spiffy dependency provided by YAML (GitHub pull req 23)
- Force escaping of single '-' (GitHub pull req 22)
- Revert Mo from 0.38 to 0.31 - zefram++ reported it breaking cpan client
- Fixed tests to work under parallel testing -- kentnl
- Switched to dzil release process
- Fixed YAML loading on perl 5.8 (broken in YAML 0.85) by removing
5.10-specific regex construct. -- hobbs++
- Using latest Test::Builder tp fix
https://rt.cpan.org/Public/Bug/Display.html?id=90847
- Revert YAML::Mo for https://rt.cpan.org/Public/Bug/Display.html?id=90817
- Fix for https://rt.cpan.org/Ticket/Display.html?id=19838 where synopsis
in YAML::Dumper doesn't work as exptected.
- Thorsten++ https://rt.cpan.org/Public/Bug/Display.html?id=90593
- Upgrade to latest Mo
|
|
|
|
- Fix the tests for DateTime-Format-Mail-0.400.
|
|
|
|
* Documentation updates
* Allow disjointed CSV cell fragment lists
* Allow ref to scalar for csv (in => ...)
* Allow CODE ref to in attribute
* Allow * in fragment cellspec's bottom-right cell
* Fix possible fail in tests on Windows (Thanks Mithaldu for explaing)
* Only close file handles in csv () for files
* new callbacks for csv ()
* Allow case insensitive attributes and attribute aliases
(quote_always = always_quote)
* Enhanced the csv () function (diagnostics)
* Start callbacks support
* Minor doc fixes
* Make subclassing safer
* get_columns () with no argument now returns the empty list
instead of undef when no columns defined
* fragments (rfc7111) now also support AoH (was AoA only)
* Error code conflict for fragments resolved to 2013
* New function "csv" (not a method)
* Update copyright to 2014
* Implement RFC7111
|
|
|
|
* Fixed error in version number in META.yml
* Improvements to OCSP support: It turns out that some CA (like
Verisign) sign the OCSP response with the CA we have in the trust
store and don't attach this certifcate in the response. But OpenSSL
by itself only considers the certificates included in the response
and SSL_OCSP_response_verify added the certificates in the chain
too. Now, we also add the trusted CA from the store which signed
the lowest chain certificate, at least if we could not verify the
OCSP response without doing it. Patch from Steffen Ullrich. Thanks.
* Fixed some compiler warnings.
|
|
|
|
- RT #94974: I forgot that `return` just returns from the code block for
`catch`, not the subroutine so `filter_libs` was still trying to link
against various libraries even when Devel::CheckLib was not installed.
- Various minor fixes to C code
- Various fixes to the distribution such as manifest files, additional
tests, bundled module etc
- Address RT bugs #94828 and #79212
- REMINDER: make test WILL FAIL if your OpenSSL is vulnerable to Heartbleed.
- Add additional functions exposing information that can be obtained via
SSLeay_version.
- Add ability to query OpenSSL version, add test whether OpenSSL library
being used is vulnerable to the Heartbleed bug.
- Assorted fixes to Makefile.PL, most importantly to fix build problems with
Strawberry Perl.
- In Makefile.PL, use assert_lib to find the libraries against which we can
actually link rather than passing a big bowl of libs to WriteMakefile.
Bail out early if we can't link against any of the candidate libraries.
- Make sure t/02-live.t actually uses Net::SSL.
- Address RT bugs #88786, #88269, #78848, and #79477
- Makefile.PL now respects live-tests and no-live-tests, and allows library
and header locations to be specified via the command line arguments
libpath and incpath, respectively.
- These options can also be specified using the environment variables
CRYPT_SSLEAY_LIVE_TEST_WANTED
OPENSSL_LIB
OPENSSL_INC
- Also fixed a number of embarrasing logic errors and typos in Makefile.PL
which were introduced in previous 0.65_xx versions.
- Reorganize Makefile.PL to allow incpath and libpath command line
arguments. This attempts to address RT #88786, #88269, #79477, and #78848.
This was supposed to be the next step immediately after drastically
specifying Makefile.PL. But never got done.
- Also add encoded version number to openssl-version output.
- Address pull requests from GitHub and bug reports on RT. These address RT
issues #83764, #86425, #86819, #62133, #82715, #90803
|
|
|
|
1.992 2014/06/01
- set $! to undef before doing IO (accept, read..). On Winwdows a connection
reset could cause SSL read error without setting $!, so make sure we don't
keep the old value and maybe thus run into endless loop.
1.991 2014/05/27
- new option SSL_OCSP_TRY_STAPLE to enforce staple request even if
VERIFY_NONE
- work around for RT#96013 in peer_certificates
1.990 2014/05/27
- added option SSL_ocsp_staple_callback to get the stapled OCSP response
and verify it somewhere else
- try to fix warnings on Windows again (#95967)
- work around temporary OCSP error in t/external/ocsp.t
1.989 2014/05/24
- fix #95881 (warnings on windows), thanks to TMHALL
1.988 2014/05/17
- add transparent support for DER and PKCS#12 files to specify cert and key,
e.g. it will autodetect the format
- if SSL_cert_file is PEM and no SSL_key_file is given it will check if
the key is in SSL_cert_file too
1.987 2014/05/17
- fix t/verify_hostname_standalone.t on systems without usable IDNA or IPv6
#95719, thanks srchulo
- enable IPv6 support only if we have a usable inet_pton
- remove stale entries from MANIFEST (thanks seen[AT]myfairpoint[DOT]net)
1.986 2014/05/16
- allow IPv4 in common name, because browsers allow this too. But only for
scheme www/http, not for rfc2818 (because RC2818 does not allow this).
In default scheme IPv6 and IPv4 are allowed in CN.
Thanks to heiko[DOT]hund[AT]sophos[DOT]com for reporting the problem.
- Fix handling of public suffix. Add exemption for *.googleapis.com
wildcard, which should be better not allowed according to public suffix
list but actually is used.
- Add hostname verification test based on older test of chromium. But change
some of the test expectations because we don't want to support IP as SAN
DNS and because we enforce a public suffix list (and thus *.co.uk should
not be allowed)
|
|
|
|
* Make send_by_sendmail set sender like documentation says it does
(thanks, Michael Schout!)
|
|
|
|
* New/changed functionality:
* a single DNS resolver is created for the lifetime of the program,
rather than reinitializing the resolver for each new query.
* bugfixes:
* fix the error message given when an invalid algorithm is
specified in the construction of Mail::DKIM::Signer.
* avoid Perl warning about use of an undefined value in several
places (rt.cpan.org issue #82913).
* speed- improved performance of parsing the message into lines
(rt.cpan.org issue #77902). Patch by Mark Martinec.
* fix DNS queries to use the correct method (txtdata) of Net::DNS
(rt.cpan.org issue #83170). Patch by Mark Martinec.
* fix issue with getting wrong error codes when q= tag is empty
(issue #3011005)
* anti-abuse- prevent a message with thousands of signatures from
thrashing the whole computer (issue #3010997)
* memory usage- significantly reduced memory footprint for
processing a message with a large header and many signatures
* fix error message given when no KeyFile has been specified
(issue #1889690)
* API changes:
* global subroutines resolver() or enable_EDNS0() in module
Mail::DKIM::DNS can be called to specify non-default options
to Net::DNS::Resolver (see also rt.cpan.org issue #80425).
* the Canonicalization::finish_header() method now expects a
argument to be passed to it. In the unusual case that you are
using this method from your own code, please update your code.
|
|
|
|
- Check for valid module names. RT#94866 from TOBYINK.
- Changed used of die() to croak() RT#23113
- Fixed typo in pod (fschlich++)
- Added README
- Specified min version of perl 5.6.0
- Now "use warnings"
|
