| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Class: Cross-Site Scripting
Versions: 2.17.2 and higher
Description: When using the "Format for Printing" view of a bug (or
the "Long Format" of a bug list, which is the same thing),
there was a cross-site scripting hole--arbitrary text
from a particular URL parameter could be injected into the
page without filtering.
|
|
as some headers are already included. Define _GNU_SOURCE early...
|
|
buildlink3.mk. I am currently fixing x11/nucleo, and without this
pkg-config gets very upset.
|
|
Using -pipe takes too much memory.
|
|
especially critical if aalib isn't actually installed on the building system!
Fixes builds of Gimp plug-ins where PKG_DEFAULT_OPTIONS+=-aalib
XXX There are a few other options here that should get the same treatment.
|
|
|
|
|
|
|
|
into ``normal form'': If the contained files are identical, the
produced zip archive will always be the same, byte-wise.
|
|
|
|
|
|
|
|
add user-destdir support.
Changes from 0.9.8 to 0.10.1:
2007-05-28 James Livingston <doclivingston@gmail.com>
* configure.ac: bump version for the release
* NEWS:
2007-05-28 James Livingston <doclivingston@gmail.com>
* plugins/audioscrobbler/rb-audioscrobbler.c:
(rb_audioscrobbler_init), (rb_audioscrobbler_timeout_cb),
(rb_audioscrobbler_do_handshake), (rb_audioscrobbler_submit_queue),
(rb_audioscrobbler_preferences_sync),
(rb_audioscrobbler_gconf_changed_cb): don't crash if the
username/password isn't set. Fixes #426312
2007-05-28 James Livingston <doclivingston@gmail.com>
* plugins/ipod/rb-ipod-source.c: (rb_ipod_source_constructor),
(rb_ipod_load_songs): fix a crasher, closes #441444
* plugins/audioscrobbler/Makefile.am: fix the build.
2007-05-23 James Livingston <doclivingston@gmail.com>
patch by: Bastien Nocera <hadess@hadess.net>
* plugins/generic-player/rb-generic-player-source.c:
(handle_playlist_entry_cb), (load_playlist_file):
* plugins/iradio/rb-iradio-source.c: (handle_playlist_entry_cb),
(rb_iradio_source_add_from_playlist):
* shell/rb-playlist-manager.c: (handle_playlist_entry_cb),
(rb_playlist_manager_parse_file):
* shell/rb-shell-player.c: (playlist_entry_cb),
(open_location_thread):
* shell/rb-shell.c: (handle_playlist_entry_cb),
(rb_shell_load_uri):
* sources/rb-playlist-source.c:
(rb_playlist_source_save_playlist): Convert to using the new
totem-pl-parser API, with a compile-time fallback on the old API
2007-05-20 Jonathan Matthew <jonathan@kaolin.wh9.net>
* podcast/rb-podcast-manager.c: (rb_podcast_manager_shutdown):
Take a copy of the download list; otherwise, cancelling jobs
modifies the list while it's being iterated. Fixes #404169.
2007-05-08 Christophe Fergeau <teuf@gnome.org>
* plugins/visualizer/rb-visualizer-plugin.c:
(rb_visualizer_plugin_dispose): remove timeout callback in dispose,
fixes bug #436355
2007-05-07 Jonathan Matthew <jonathan@kaolin.wh9.net>
* rhythmdb/rhythmdb-query-model.c:
(rhythmdb_query_model_base_rows_reordered):
Only process reordered entries that are in the child model.
Fixes #436329.
2007-04-28 Jonathan Matthew <jonathan@kaolin.wh9.net>
* plugins/jamendo/jamendo/JamendoSource.py:
* plugins/magnatune/magnatune/MagnatuneSource.py:
Cancel outstanding async transfers when the source is deleted,
rather than trying to close the target file, which won't actually
do anything anyway. Fixes #434003.
2007-04-26 Jonathan Matthew <jonathan@kaolin.wh9.net>
* bindings/python/rhythmdb.override:
Check that an entry was actually passed to db.entry_get().
Fixes #432949.
2007-04-21 Bastien Nocera <hadess@hadess.net>
* metadata/rb-metadata-gst.c: (rb_metadata_gst_load_tag):
Don't replace a string with another shorter version of it, avoids
problems with ID3v1 tags being preferred to ID3v2 tags when they
have the same data (Closes: #428276)
2007-04-21 Jonathan Matthew <jonathan@kaolin.wh9.net>
* plugins/audiocd/rb-audiocd-source.c: (metadata_cb):
Apparently metadata_cb can be called with no error set and
albums == NULL. Don't crash in this case. Fixes #414864.
2007-04-21 Jonathan Matthew <jonathan@kaolin.wh9.net>
* plugins/rb-python-module.c: (rb_python_module_init_python):
Disable pyg* log hooks, since they appear to cause crashes when used
from multiple threads, and they're annoying anyway. Probably fixes
#429687.
2007-04-19 Jonathan Matthew <jonathan@kaolin.wh9.net>
patch mostly by: Irene Huang <Irene.Huang@sun.com>
* plugins/visualizer/rb-visualizer-plugin.c:
(rb_visualizer_plugin_window_title_change_cb):
Be kind to c libraries that don't like NULL strings. Fixes #418886.
2007-04-14 Christophe Fergeau <teuf@gnome.org>
* plugins/ipod/rb-ipod-source.c: apply patch from trunk rev 4977
which the previous commit depends on. Fixes bug #386662 some more.
2007-04-03 Christophe Fergeau <teuf@gnome.org>
* plugins/ipod/rb-ipod-source.c: (impl_move_to_trash): call
schedule_save instead of directly calling itdb_save after
removing a file, this makes sure file deletion works on iPod
shuffles as well. Initial patch by William
<will@johnstonclan.net>, fixes bug #386662
============ Version 0.10.0
2007-04-02 James Livingston <doclivingston@gmail.com>
* configure.ac: bump version.
* NEWS: add news
2007-03-29 James Livingston <doclivingston@gmail.com>
* lib/rb-util.c: (rb_string_list_contains):
* lib/rb-util.h:
* sources/rb-removable-media-source.c: (impl_paste): backport the
change to hack around our having application/x-id3 for MP3s.
2007-03-26 James Livingston <doclivingston@gmail.com>
* data/glade/playlist-save.glade: make the playlist format combo
not be so huge. Fixes #419153
2007-03-20 Jonathan Matthew <jonathan@kaolin.wh9.net>
* plugins/visualizer/rb-fake-visualizer.c: (rb_fake_vis_chain):
Set a timestamp on the first frame. Should fix some seeking
problems.
2007-03-20 James Livingston <doclivingston@gmail.com>
patch by: Adam Zimmerman <adam_zimmerman@sfu.ca>
* plugins/magnatune/magnatune/TrackListHandler.py: handle the
release date being not an integer. Fixes #414980
2007-03-20 James Livingston <doclivingston@gmail.com>
* lib/rb-file-helpers.c: (_gnomevfs_info_unreadable),
(rb_uri_handle_recursively_cb):
* rhythmdb/rhythmdb-private.h:
* rhythmdb/rhythmdb.c: (rhythmdb_init), (rhythmdb_finalize),
(rhythmdb_add_uri_with_type): make files starting with a dot not
get added. Again. Fixes #395124
2007-03-20 Jonathan Matthew <jonathan@kaolin.wh9.net>
* metadata/Makefile.am:
* metadata/rb-metadata-dbus-client.c: (start_metadata_service):
Apply the program name transform to the metadata helper name and
pass it in as a preprocessor symbol so we can find it when
configured with --program-suffix etc. Fixes #419874.
2007-03-20 Irene Huang <irene.huang@sun.com>
* shell/main.c: (main): Should call gdk_threads_enter/leave
after gdk_threads_init in main. Fixes bug # 420444.
2007-03-11 James Livingston <doclivingston@gmail.com>
* plugins/artdisplay/rhythmbox-missing-artwork.svg: replace with a
GPL-licenced vesion by Jakub Steiner, since CC-BY-SA licencing
apparently has issues with GPL-licenced programs.
2007-03-10 Jonathan Matthew <jonathan@kaolin.wh9.net>
* plugins/power-manager/rb-power-manager-plugin.c:
(proxy_destroy_cb), (create_dbus_proxy), (inhibit), (uninhibit),
(impl_activate):
Use dbus_g_proxy_new_for_name_owner instead of
dbus_g_proxy_new_for_name so dbus doesn't start g-p-m if it's not
already running. Recreate the dbus proxy as required. Fixes
#416213.
2007-03-09 James Livingston <doclivingston@gmail.com>
* rhythmdb/rhythmdb-tree.c: (rhythmdb_tree_parser_end_element),
(rhythmdb_tree_save), (rhythmdb_tree_entry_type_registered): hold
the entries lock when accessing the unknown-entries map.
Fixes #416024
2007-03-06 Jonathan Matthew <jonathan@kaolin.wh9.net>
* plugins/visualizer/rb-visualizer-plugin.c: (find_xoverlay),
(bus_sync_message_cb), (rb_visualizer_plugin_window_id_notify_cb),
(update_window):
Check we actually found an x overlay interface before trying to use
it.
2007-03-03 James Livingston <doclivingston@gmail.com>
* lib/rb-util.c: (rb_assert_locked), (rb_threads_init),
(rb_str_in_strv):
* lib/rb-util.h: add util function which asserts that a lock
is being held (only works on systems where GMutex isn't recursive)
* rhythmdb/rhythmdb-tree.c: (unparent_entries),
(rhythmdb_tree_finalize), (set_entry_album),
(rhythmdb_tree_entry_new_internal), (get_or_create_genre),
(get_or_create_artist), (get_or_create_album),
(remove_entry_from_album), (rhythmdb_tree_entry_set),
(rhythmdb_tree_entry_delete), (remove_one_song),
(rhythmdb_tree_entry_delete_by_type): take the tree lock in other
paths, and use the above function to ensure the lock is being held.
Fixes #393642 and probably others
2007-03-03 James Livingston <doclivingston@gmail.com>
patch by: Alex "weej" Jones <alex@weej.com>
* plugins/audioscrobbler/Makefile.am:
* plugins/audioscrobbler/as-icon.svg:
* plugins/audioscrobbler/rb-audioscrobbler-plugin.c:
(impl_activate):
* plugins/audioscrobbler/rb-lastfm-source.c:
(rb_lastfm_source_init): Use audioscrobbler logo for the source,
which the last.fm guys have said is fine. Fixes #409164
2007-03-02 James Livingston <doclivingston@gmail.com>
patch by: Andreas Hanke <andreas.hanke@gmx-topmail.de>
* configure.ac:
* macros/acinclude.m4: remove use of AS_AC_EXPAND. Fixes #413301
2007-03-02 James Livingston <doclivingston@gmail.com>
patch mostly by: Christophe Fergeau <teuf@gnome.org>
* plugins/rb-plugins-engine.c: (rb_plugins_engine_load):
* sources/rb-sourcelist.c: (rb_sourcelist_source_to_iter),
(rb_sourcelist_visible_source_to_iter): fix more leaks
2007-03-02 James Livingston <doclivingston@gmail.com>
* plugins/rb-plugin-manager.c: (plugin_manager_view_cell_cb): don't
crash if the plugin has NULL for the name, just emit a critical
warning. Fixes #413206
2007-03-02 James Livingston <doclivingston@gmail.com>
patch by: Christophe Fergeau <teuf@gnome.org>
* plugins/audiocd/rb-audiocd-plugin.c:
(rb_audiocd_plugin_mount_volume): fix a leak
2007-03-02 James Livingston <doclivingston@gmail.com>
* lib/rb-file-helpers.c: (rb_canonicalise_uri): don't crash.
* podcast/rb-podcast-manager.c:
(rb_podcast_manager_download_file_info_cb): generate proper URIs.
Fixes #411189
2007-03-01 Alex Lancaster <alexl@users.sourceforge.net>
Patch partially by: Edward Rudd <eddie@omegaware.com>:
* plugins/magnatune/magnatune/MagnatuneSource.py
(MagnatuneSource.purchase_album):
Pass in artist and album name to dialog correctly. Use
set_markup() to italicise album name. Fixes #412931.
2007-03-01 Alex Lancaster <alexl@users.sourceforge.net>
Patch partially by: Kjell Braden <fnord@abwesend.de>:
* plugins/jamendo/jamendo-loading.glade:
Fix typos. Fixes #413640.
2007-02-26 Jonathan Matthew <jonathan@kaolin.wh9.net>
* plugins/daap/rb-daap-src.c: (rb_daap_src_open):
Fix libsoup compatibility properly, so it actually works with
2.2.98 and earlier as well as 2.2.99 and newer. Fixes #410940.
2007-02-25 James Livingston <doclivingston@gmail.com>
* plugins/rb-plugins-engine.c: (rb_plugins_engine_load): handle keys
being missing from the .rb-plugin file without crashing.
Fixes #411558
2007-02-25 James Livingston <doclivingston@gmail.com>
* plugins/daap/rb-daap-share.c: (message_get_session_id),
(message_get_revision_number): check that there is a query part
in the URI before trying to use it. Fixes #411783
2007-02-25 James Livingston <doclivingston@gmail.com>
patch by: Julien Puydt <julien.puydt@laposte.net>
* plugins/jamendo/jamendo/JamendoSource.py: improve error handling.
Fixes #411038
2007-02-25 James Livingston <doclivingston@gmail.com>
* sources/rb-browser-source.c: (rb_browser_source_class_init):
don't try to use a popup menu that doesn't exist. Fixes #411703
2007-02-25 James Livingston <doclivingston@gmail.com>
patch by: Nguyen Thai Ngoc Duy <pclouds@gmail.com>
* plugins/artdisplay/artdisplay/CoverArtDatabase.py: import GError.
Fixes #411122
2007-02-25 James Livingston <doclivingston@gmail.com>
patch by: Og Maciel <ogmaciel@ubuntu.com>
* plugins/magnatune/magnatune/MagnatuneSource.py: fix a typo
having a '.' instead of a '?'. Fixes #411584
2007-02-25 James Livingston <doclivingston@gmail.com>
patch by: Gilles Dartiguelongue <dartigug@esiee.fr>
* metadata/Makefile.am: fix parallel builds. Fixes #411145
2007-02-24 James Livingston <doclivingston@gmail.com>
patch by: Gilles Dartiguelongue <dartigug@esiee.fr>
* widgets/Makefile.am: unbreak LDFLAGS="-Wl,--as-needed". Fixes
#411141, and maybe #380411
2007-02-22 James Livingston <doclivingston@gmail.com>
* shell/rb-shell-clipboard.c: (rb_shell_clipboard_sync): fix
crasher, fixes #410601
2007-02-22 Jonathan Matthew <jonathan@kaolin.wh9.net>
* rhythmdb/rhythmdb-property-model.c:
(rhythmdb_property_model_insert),
(rhythmdb_property_model_delete_prop):
Emit row-changed signals when property counts change.
|
|
|
|
As per the comment in xf86drm.h, this should be reflected here, as we
now use atomic_cas_uint() in drm_atomic.h.
|
|
|
|
been solved a different way. Back out it's addition to the PLIST.
|
|
|
|
Changes since 2.2.9:
* 0000676: PostgreSQL 8.3 compatibility (# 676)
* 0000685: Duplicate key errors and other insertion problems ( #685, #686)
|
|
|
|
insecure temp file creation vulnerability in dvips. Fixes CVE-2007-5935,
CVE-2007-5936 and CVE-2007-5937. Bump PKGREVISION.
|
|
|
|
|
|
changes: some fixes and cleanup
|
|
changes:
-build system improvements
-Fixed bug where a FILEPOS was copied FPOS_POS_BITS octets instead of
FPOS_POS_LEN octets.
-documentation improvements
|
|
|
|
There is a single crash fix in versions prior 1.1.19, in KLINE use. Opers on older versions are advised to avoid KLINE, and to use GLINE instead.
Minor server buffering enhancements (should be a bit faster on netburst and use less CPU for highly loaded servers)
Tempramental linking fix (thanks to djGrrr for helping finally track this down)
Upgrade at your leisure.
|
|
|
|
|
|
This release of Bazaar includes handy improvements to the speed of log and
status, new options for several commands, improved documentation, and better
hooks, including initial code for server-side hooks. A number of bugs have
been fixed, particularly in interoperability between different formats or
different releases of Bazaar over there network. There's been substantial
internal work in both the repository and network code to enable new features
and faster performance.
BUG FIXES:
* Pushing a branch in "dirstate" format (Branch5) over bzr+ssh would break
if the remote server was < version 1.2. This was due to a bug in the
RemoteRepository.get_parent_map() fallback code.
(John Arbash Meinel, Andrew Bennetts, #214894)
|
|
which is on per default), so remove it here
noticed by OBATA Akio, in response to PR pkg/38532
|
|
changes:
-many UI refinements
-New, faster python mpd interface
-bugfixes
|
|
|
|
|
|
|
|
- fixes youtube url regex
- misc cosmetic changes
|
|
From Daniel Horecki in PR #38570
|
|
|
|
author Tobias Oetiker.
|
|
|
|
|
|
this heimdal on 3.x.
Bump PKGREVISION.
|
|
files so doesn't try to rebuild a bunch of stuff after the compile of
the lisp file)
|
|
|
|
xemacs-current as well.
|
|
|
|
Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
Upgraded bundled PCRE to version 7.6
Key enhancements in PHP 5.2.6 include:
* Fixed two possible crashes inside the posix extension.
* Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=)
* Fixed bug 44141 (private parent constructor callable through static function).
* Fixed bug 43589 (a possible infinite loop in bz2_filter.c).
* Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call).
* Fixed bug 43201 (Crash on using uninitialized vals and __get/__set).
* Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
* Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class).
* Fixed bug 42736 (xmlrpc_server_call_method() crashes).
* Fixed bug 42369 (Implicit conversion to string leaks memory).
* Fixed bug 41562 (SimpleXML memory issue).
* Over 120 bug fixes.
See http://www.php.net/ChangeLog-5.php#5.2.6 for all the details
|
|
|
|
pkgsrc changes:
- Use the 'dep' version to install roundcube with no included dependencies
and instead manage it all through pkgsrc - suggestion from schmonz@
- Move the config files to ${PREFIX}/share/roundcube/config as it was
becomming difficult to manage them under ${PKG_SYSCONFDIR}
- Add the GUI installer scripts to the install so users can use it for the
initial setup and generation of the configuration files.
- Add a note to the roundcube.conf file about protection of the
installer directory once initially used.
- Don't assume apache is the only supported web server (because it's not)
we don't support any additional ones now but this will make integration
down the track easier if we do.
- Increased PKG_SUGGESTED_OPTIONS based on documentation in the INSTALL file.
- Add more required PHP options to roundcube.conf
Thanks to Dan Engholm for feedback on the package.
From the ChangeLog:
* Clear selection when selecting single item (1484942)
* Remove hard-coded image size in skin templates (1484893)
* Database schema improvements (dropped unnecessary indexes)
* Fixed creating a new folder with a comma in its name (1484681)
* Fixed sorting of messages when default mailbox is empty (1484317)
* Improve message previewpane - less loading (1484316)
* Fixed login form autocompletion (1484839)
* Fixed virtuser_query option for mdb2 backend (1484874)
* Fixed attachment resoting from Drafts when message body was empty (1484506)
* Fixed usage of ob_gzhandler (1484851)
* Fixed message part window in IE6 (1484610)
* Fixed decoding of mime-encoded strings (1484191)
* Fixed some iconv/mb_string problems (1484598)
* Correctly quote mailbox name when using in URL (1484313)
* Fixed "headers already sent" errors (1484860)
|
|
actually used. Bump PKGREVISION
|
