| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
* A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option.
|
|
#ifdef MMAP_NOT_AVAILABLE
/* Code which uses mmap, but with a comment saying we don't want to use it */
#endif
to
#if !defined(MMAP_NOT_AVAILABLE) && 0
/* Code which uses mmap, but with a comment saying we don't want to use it */
#endif
so system without mmap() also work...
|
|
|
|
immediately after reading the security announcement:
* SA-CORE-2009-007 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 6.12 release:
* - Patch #463450 by wulff: fixed documentation glitch.
* #193577 by Rob Loach, Damien Tournoud, andypost: JavaScript string split() function does not behave like PHP explode(); causes problems with multiple node body break tags
* #454992 by sun, bengtan: _drupal_flush_css_js() should not have 'q' as a possible CSS query character, since that is the Drupal path name character too
* #452704 by andypost, catch: Names of compressed CSS and JS files should have a prefix, so that names starting in ad* will not happen. Those are easily blocked by firewalls, Firefox's Adblock, etc.
* #468732 by andypost: cache_clear_all() mentioned cache_flush_delay incorrectly; it should say we use cache_lifetime
* #460420 by wulff, andypost: drupal_set_title() in forum_overview() is not needed; menu already sets the title and is localized
* #398902 by Nick Urban, alexanderpas, kscheirer: password equality checking was not using strict type checking; we should assume these are strings and compared character to character
* #479216 by jhedstrom: fix grammar in forum module messages
* #445748 by Dave Reid, dww: Fix module support for disabled module update status checking and do not track usage in that case.
* #465190 by Heine: The Anonymous name is a plain text setting, so it should be escaped properly for output.
* #246096 by Sutharsan, Pedro Lozano, mr.baileys, andypost: Actions set to run on cron were not actually triggered.
* #226479 by gpk, BrianV, catch: We should always show the node access rebuild button. The check on when to show it was fragile, so the button might not have been there when actually needed.
* #482646 by Dave Reid: For proper HTTP query simpletesting, we should pass on the instance identifier (database prefix).
* #197266 by ufku, lilou, Dave Reid, c960657, drewish: Save a query by only calling file_space_used() when a limit is provided.
* #408876 by Pasqualle, JamesAn: The 'serialize' Schema API property was used but not documented.
* #145733 by kepten, brianV: The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
* #373225 by jpulles, Josh Waihi: When changing columns, PostgreSQL needs explicit type casting to ensure that values are kept properly.
* #236657 by hctom, swentel: In system_clear_cache_submit(), the function arguments were swapped (but it did not affect how it actually worked).
* #243253 by Benjamin Melançon, dww: Update status should not attempt to request update data until a limit is reached. Fixed Drupal instances when drupal.org is down and gets less load on Drupal.org if data is not found.
* #339466 by patryk, c960657, alexanderpas: Remove url() wrapping from remote links and link in a more user friendly OpenID provider list.
* #461938 by grendzy, JamesAn: Use filter_xss_admin() on site name and site slogan, just like footer message and mission
* #455172 by budda, RoboPhred, andypost: Fix drupal_mail() documentation, so that it encourages to set the body of the email as an array (like core does).
* #329797 by berenddeboer, redndahead, danielb: The tablesort code did not account for possibly nested tables; only match immediate descendats, so elements of nested tables are not matched.
* #352121 by valthebald, Damien Tournoud, mr.baileys: The safe string check on translations should only be applied to the default textgroup. Strings in other textgroups such as blocks and menu items are displayed via escaping and filtering, and might contain arbitrary HTML.
|
|
|
|
immediately after reading the security announcement:
* SA-CORE-2009-007 Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 5.18 release:
* #212285 by wrwrwr: hr should be treated as a block level tag. Backport by alexanderpas.
* #145733 by kepten, brianV: The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
|
|
|
|
-use tempfile module function instead of os.tmpfile() so getmail obeys TMPDIR
and similar environment variables. Thanks: Stefan Baehring.
|
|
by joerg.
|
|
|
|
Changes since 1.3.0
-------------------
* Fixed duplicate/missing breakpoints (bug #5965).
* Fixed swapped flags in TOC parsing code (bug #4831).
* Fixed option handling code (bug #4180).
Changes since 1.2
-----------------
* Build system has been rewritten using automake/autoconf.
* Added append, prepend, and split pregap modes to cuebreakpoints.
* Fixed possible compilation error with Bison.
* All tools accept long options.
* Programs exit if --input-format or --output-format is an illegal value.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MP3FS is a read-only FUSE filesystem which transcodes audio formats
(currently FLAC) to MP3 on the fly when opened and read. This was
written to enable using a FLAC collection with software and/or
hardware which only understands MP3.
It is also a novel alternative to traditional MP3 encoder applications.
Just use your favorite file browser to select the files you want
encoded and copy them somewhere!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422
From rails git commit 056ddbdcfb07f0b5c7e6ed8a35f6c3b55b4ab489.
|
|
|
|
From http://bugs.gentoo.org/show_bug.cgi?id=270263
via roy
|
|
|
|
the MonoTorrent library, 0.70, which contains numerous bugfixes and
performance enhancements. Numerous minor bugfixes were also included.
|
|
|
|
This is a bugfix release to address a few reported issues and also a few
issues that were discovered via my own testing.
* Add a helper method which ensures all data is flushed to disk
* Added additional error handling to prevent malformed DHT messages
crashing the library
* Fixed issue when zeroing unused bits for torrents with an exact
multiple of 32 pieces
* Fixed issue where data could be written to the wrong file if a file
with the same name existed in multiple torrents
* Fixed the handling of torrents where the last file(s) are of zero
length
* Fixed regression with global download rate limiting
* Fixed a performance regression with the new piece picking pipeline
which resulted in lots of CPU cycles being used up on peers which
have not sent an unchoke message
|
|
|
|
Upstream changes:
0.36 Jul 8, 2009
- open2pty, open3 and open3pty where not handling transparent
options for open_ex, and other minor bugs
- pty handling in open_ex was broken
- expect sample added
|
|
|
|
- Updating package for p5 module LaTeX::Table from 0.9.15 to 0.9.16
- Adjusting license
Upstream changes:
0.9.16 Mon Jul 13 18:00:00 2009
- API change: header_sideways was kind of unnecessary.
- csv2pdf now uses templates and the longtable and ltxtable packages
- Perl::Critic passs with install Perl::Tidy (thanks Salvatore)
- removed Readonly dependency (thanks Wen)
|
|
|
|
- Updating package for p5 module GD.pm from 2.43 to 2.44
- Adjusting license according to main module POD
Upstream changes:
2.44 GD::Group now installed properly.
Quenched compiler warning caused by Newxs() calls.
|
|
|
|
- Updating package for p5 module Test::Pod from 1.26nb1 to 1.40
- Adjusting LICENSE and dependencies
Upstream changes:
1.40 - Sun Jul 12 23:32:11 CDT 2009
[THINGS THAT MAY BREAK YOUR CODE]
Test::Pod now requires Perl 5.8.0.
[ENHANCEMENTS]
Test::Pod now complains about the illegal construct L<text|url>.
Thanks to Paul Miller.
The list of directories to exclude is now much longer, and is
available in %Test::Pod::ignore_dirs. This list is right now:
'.bzr' => 'Bazaar',
'.git' => 'Git',
'.hg' => 'Mercurial',
'.pc' => 'quilt',
'.svn' => 'Subversion',
CVS => 'CVS',
RCS => 'RCS',
SCCS => 'SCCS',
_darcs => 'darcs',
_sgbak => 'Vault/Fortress',
|
|
|
|
- Updating package for p5 module Test::Inline from 2.210 to 2.211
- Adjusting dependencies, LICENSE and PERL5_MODULE_TYPE
Upstream changes:
2.211 Wed 15 Jul 2009
- Updating to Module::Install 0.91
- More complete removal of Class::Autouse
|
|
|
|
- Updating package for p5 module Test::ClassAPI from 1.05nb1 to 1.06
- Adjusting dependencies, LICENSE and PERL5_MODULE_TYPE
Upstream changes:
1.06 Mon 13 Jul 2009
- No functional changes
- Updating to Module::Install::DSL 0.91
- Updating to new author tests
- Updating minimum Perl version to 5.6
|
|
|
