Age | Commit message (Collapse) | Author | Files | Lines |
|
databases/phpmyadmin security update
Revisions pulled up:
- databases/phpmyadmin/Makefile 1.96
- databases/phpmyadmin/distinfo 1.57
---
Module Name: pkgsrc
Committed By: tron
Date: Fri Dec 23 08:07:44 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 3.4.9. Changes since 3.4.8:
- bug #3442028 [edit] Inline editing enum fields with null shows
no dropdown
- bug #3442004 [interface] DB suggestion not correct for user with
underscore
- bug #3438420 [core] Magic quotes removed in PHP 5.4
- bug #3398788 [session] No feedback when result is empty
(signon auth_type)
- bug #3384035 [display] Problems regarding ShowTooltipAliasTB
- bug #3306875 [edit] Can't rename a database that contains views
- bug #3452506 [edit] Unable to move tables with triggers
- bug #3449659 [navi] Fast filter broken with table tree
- bug #3448485 [GUI] Firefox favicon frameset regression
- [core] Better compatibility with mysql extension
- [security] Self-XSS on export options (export server/database/table),
see PMASA-2011-20
- [security] Self-XSS in setup (host parameter), see PMASA-2011-19
|
|
databases/phpmyadmin: security update
Revisions pulled up:
- databases/phpmyadmin/Makefile 1.95
- databases/phpmyadmin/distinfo 1.56
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Fri Dec 2 23:39:30 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 3.4.8. Changes since 3.4.7.1:
- bug #3425230 [interface] enum data split at space char (more space to edi=
t)
- bug #3426840 [interface] ENUM/SET editor can't handle commas in values
- bug #3427256 [interface] no links to browse/empty views and tables
- bug #3430377 [interface] Deleted search results remain visible
- bug #3428627 [import] ODS import ignores memory limits
- bug #3426836 [interface] Visual column separation
- bug #3428065 [parser] TRUE not recognized by parser
+ patch #3433770 [config] Make location of php-gettext configurable
- patch #3430291 [import] Handle conflicts in some open_basedir situations
- bug #3431427 [display] Dropdown results - setting NULL does not work
- patch #3428764 [edit] Inline edit on multi-server configuration
- patch #3437354 [core] Notice: Array to string conversion in PHP 5.4
- [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the
view name in main panel db Structure page
- bug #3439292 [core] Fail to synchronize column with name of keyword
- bug #3425156 [interface] Add column after drop
- [interface] Avoid showing the password in phpinfo()'s output
- bug #3441572 [GUI] 'newer version of phpMyAdmin' message not shown in IE8
- bug #3407235 [interface] Entering the key through a lookup window does no=
t reset NULL
- [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
- [security] Self-XSS on database names (Operations/rename), see PMASA-2011=
-18
- [security] Self-XSS on column type (Create index), see PMASA-2011-18
- [security] Self-XSS on column type (table Search), see PMASA-2011-18
- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18
To generate a diff of this commit:
cvs rdiff -u -r1.94 -r1.95 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -u -r1.55 -r1.56 pkgsrc/databases/phpmyadmin/distinfo
|
|
databases/phpldapadmin security fix
Revisions pulled up:
- databases/phpldapadmin/Makefile 1.32
- databases/phpldapadmin/distinfo 1.11
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Nov 17 12:44:02 UTC 2011
Modified Files:
pkgsrc/databases/phpldapadmin: Makefile distinfo
Log Message:
Update phpldapadmin to 1.2.2.
RELEASE NOTES
-------------
This is a minor release update to fix some bugs that were discovered after the
release of 1.2.1.1.
There are some security fixes in this release - I suggest you upgrade your
version of PLA to avoid any exploits.
CHANGES SINCE 1.2.1.1
---------------------
dece0f4 Release 1.2.2
d58f011 Language Translation merge from launchpad
696c266 Additional fix for SF Feature #3387473
2d018aa SF Feature #3387473 - Support for schema discovery using OpenLDAP's cn=config DN
cddf783 Add an alert when RFC3866 tags are being used
1e1fcab SF Bug #3398344 - Import LDIF overwrites entries
d8ab7fc SF Patch #3391547 - Option for minmal mode
56830f1 SF Patch #3391389 - Option to initially open the tree
6c8b623 SF Patch #3391371 - Fix for schema link deactivation
7fc4f0c SF Patch #3391039 - Remove eval commands from PHP code
059b83b SF Bug #3391046 - Loading entries with many attributes is very slow
4089ffa SF Bug #3392644 - Cannot authenticate if password starts or ends with spaces
c57a927 Disable supplied modifiction templates, it confused too many people
d5744b0 SF Bug #3370546 - AjaxEnabled create and delete entry fails on IE9
76e6dad SF Bug #3417184 - PHP Code Injection Vulnerability
5d4245f SF Bug #3395004 - config.php.example refers to lang/en.php
80d027d SF Bug #3373466 - Unable to define force_may attributes
64668e8 Remove XSS vulnerabilty in debug code
caeba72 SF Bug #3355722 - Issue in MultiList attribute type
0782730 SF Bug #3355732 - Cosmetic issue in functions.php -> get_icon()
446faf7 FIX SASL configuration example
afa4a95 Fix SASL implementation - enabled GSSAPI
5987194 SF Bug #3304785 - posixGroup creation template uses cn instead of uid
ddb5ed0 Enabled hiding base DNs that users dont have access to
7649b9b SF Feature #3298820 - Only custom templates
|
|
databases/phpmyadmin security update
Revisions pulled up:
- databases/phpmyadmin/Makefile 1.93-1.94
- databases/phpmyadmin/distinfo 1.54-1.55
---
Module Name: pkgsrc
Committed By: tron
Date: Mon Oct 24 07:14:48 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 3.4.7. Changes since version 3.4.6:
- bug #3418610 [interface] Links in navigation when
$cfg['MainPageIconic'] = false
- bug #3418849 [interface] Inline edit shows dropdowns even after closing
- bug [view] View renaming did not work
- bug [navi] Wrong icon for view (MySQL 5.5)
- bug #3420229 [doc] Missing documentation section
- bug #3423725 [pdf] Broken PDF file when exporting database to PDF
- [core] Allow to set language in URL
- bug #3425184 [doc] Fix links to PHP documentation
- bug #3426031 [export] Export to bzip2 is not working
---
Module Name: pkgsrc
Committed By: tron
Date: Sun Nov 13 09:10:25 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Updatep "phpmyadmin" package to version 3.4.7.1. Changes since 3.4.7:
- [security] Fixed possible local file inclusion in XML import (CVE-2011-4107).
|
|
databases/phpmyadmin security update
Revisions pulled up:
- databases/phpmyadmin/Makefile 1.92
- databases/phpmyadmin/distinfo 1.53
---
Module Name: pkgsrc
Committed By: tron
Date: Tue Oct 18 14:58:28 UTC 2011
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 3.4.6. Changes since version 3.4.5:
Welcome to phpMyAdmin 3.4.6, a bugfix and minor security release.
Please refer to the upcoming PMASA-2011-15 and -16 announcements on
http://www.phpmyadmin.net/home_page/security/.
|
|
databases/py-mssql: build fix
Revisions pulled up:
- databases/py-mssql/distinfo 1.4
- databases/py-mssql/patches/patch-mssqldbmodule_c 1.1
---
Module Name: pkgsrc
Committed By: dholland
Date: Fri Oct 14 04:14:36 UTC 2011
Modified Files:
pkgsrc/databases/py-mssql: distinfo
Added Files:
pkgsrc/databases/py-mssql/patches: patch-mssqldbmodule_c
Log Message:
Fix build with current freetds.
|
|
|
|
bulk build logs provided by joerg.
|
|
|
|
|
|
Release 1.13
Fix for incorrect UTF8 handling when retrieving UNICODE data (Jean-Pierre Rupp).
Release 1.12
Bug/Typo/Compatibility fixes with various versions of OpenClient.
Experimental: Handle in/out parameters (Merijn Broeren)
Release 1.11
Remove reliance on PERL_POLLUTE.
Add better support for utf8 (Dave Rolsky)
Release 1.10
Handle 15.x datatypes correctly.
Add LONGMS date format symbol to handle microseconds for bigdatetime.
Add support for CS_LONGCHAR_TYPE (Mark Aufflick)
Document syb_isdead().
Handle 64bit builds with FreeTDS (Ian Grant/Hans Kristian Rosbach)
Add foreign_key_info & statistics_info (Jim Radford)
Change behavior of large fixed precision numeric types (money, bigint)
to be converted to a string internally and returned as such to the caller
(behavior similar to numeric/decimal). This can be reverted to the old behavior
by defining SYB_NATIVE_NUM.
|
|
|
|
* Make pg_options_to_table return NULL for an option with no value
* Fix memory leak at end of a GiST index scan
* Fix explicit reference to pg_temp schema in "CREATE TEMPORARY TABLE"
|
|
* Fix catalog cache invalidation after a "VACUUM FULL" or "CLUSTER"
on a system catalog
* Fix incorrect order of operations during sinval reset processing,
and ensure that TOAST OIDs are preserved in system catalogs
* Fix bugs in indexing of in-doubt HOT-updated tuples
* Fix multiple bugs in GiST index page split processing
* Fix possible buffer overrun in tsvector_concat()
* Fix crash in xml_recv when processing a "standalone" parameter
* Make pg_options_to_table return NULL for an option with no value
* Avoid possibly accessing off the end of memory in "ANALYZE" and in
SJIS-2004 encoding conversion
* Protect pg_stat_reset_shared() against NULL input
* Fix possible failure when a recovery conflict deadlock is detected
within a sub-transaction
* Avoid spurious conflicts while recycling btree index pages during
hot standby
* Shut down WAL receiver if it's still running at end of recovery
* Fix race condition in relcache init file invalidation
* Fix memory leak at end of a GiST index scan
* Fix memory leak when encoding conversion has to be done on incoming
command strings and "LISTEN" is active
* Fix incorrect memory accounting (leading to possible memory bloat)
in tuplestores supporting holdable cursors and plpgsql's RETURN
NEXT command
* Fix trigger WHEN conditions when both BEFORE and AFTER triggers exist
* more...
|
|
* Fix bugs in indexing of in-doubt HOT-updated tuples
* Fix multiple bugs in GiST index page split processing
* Fix possible buffer overrun in tsvector_concat()
* Fix crash in xml_recv when processing a "standalone" parameter
* Make pg_options_to_table return NULL for an option with no value
* Avoid possibly accessing off the end of memory in "ANALYZE" and in
SJIS-2004 encoding conversion
* Prevent intermittent hang in interactions of startup process with
bgwriter process
* Fix race condition in relcache init file invalidation
* Fix memory leak at end of a GiST index scan
* Fix incorrect memory accounting (leading to possible memory bloat)
in tuplestores supporting holdable cursors and plpgsql's RETURN
NEXT command
* Fix performance problem when constructing a large, lossy bitmap
* Fix join selectivity estimation for unique columns
* Fix nested PlaceHolderVar expressions that appear only in
sub-select target lists
* Allow nested EXISTS queries to be optimized properly
* Fix array- and path-creating functions to ensure padding bytes are zeroes
* Fix "EXPLAIN" to handle gating Result nodes within inner-indexscan subplans
* Work around gcc 4.6.0 bug that breaks WAL replay
* Fix dump bug for VALUES in a view
* Disallow SELECT FOR UPDATE/SHARE on sequences
This operation doesn't work as expected and can lead to failures.
* Fix "VACUUM" so that it always updates pg_class.reltuples/relpages
* more...
|
|
* Fix bugs in indexing of in-doubt HOT-updated tuples
* Fix multiple bugs in GiST index page split processing
* Fix possible buffer overrun in tsvector_concat()
* Fix crash in xml_recv when processing a "standalone" parameter
* Avoid possibly accessing off the end of memory in "ANALYZE" and in
SJIS-2004 encoding conversion
* Fix race condition in relcache init file invalidation
* Fix memory leak at end of a GiST index scan
* Fix performance problem when constructing a large, lossy bitmap
* Fix array- and path-creating functions to ensure padding bytes are zeroes
* Work around gcc 4.6.0 bug that breaks WAL replay
* Fix dump bug for VALUES in a view
* Disallow SELECT FOR UPDATE/SHARE on sequences
This operation doesn't work as expected and can lead to failures.
* Defend against integer overflow when computing size of a hash table
* Fix cases where "CLUSTER" might attempt to access already-removed
TOAST data
* Fix portability bugs in use of credentials control messages for
"peer" authentication
* Fix SSPI login when multiple roundtrips are required
* Fix typo in pg_srand48 seed initialization
* Avoid integer overflow when the sum of LIMIT and OFFSET values
exceeds 2^63
* Add overflow checks to int4 and int8 versions of generate_series()
* Fix trailing-zero removal in to_char()
* Fix pg_size_pretty() to avoid overflow for inputs close to 2^63
* In pg_ctl, support silent mode for service registrations on Windows
* Fix psql's counting of script file line numbers during COPY from a
different file
* more...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
the embedded server which is the only binary that requires the library.
No revision bump as there is no changed to the default binary package.
|
|
"bin/mysql_embedded". This fixes the build in pkgsrc developer mode.
Bump package revision because the dependence changed.
|
|
* The default thread-handling model in MySQL Server executes statements using
one thread per client connection.
* Commercial distributions of MySQL now include two plugins that enable MySQL
Server to use external authentication methods to authenticate MySQL users
* Important Change: Replication: The RESET SLAVE statement has been extended
with an ALL keyword.
* A new utility, mysql_plugin, enables MySQL administrators to manage which
plugins a MySQL server loads.
* Bugs fixed.
|
|
|
|
databases/libdbi-driver-sqlite3 directory. This fixes pkglint warnings
for databases/libdbi.
|
|
|
|
|
|
years, removing roadblocks to deploying new or ported applications on
PostgreSQL. These include:
* Synchronous Replication: enable high-availability with consistency across
multiple servers
* Per-Column Collations: support linguistically-correct sorting per database,
table or column.
* Unlogged Tables: greatly improves performance for ephemeral data
Our community of contributors innovates with cutting-edge features. Version 9.1
includes several which are new to the database industry, such as:
* K-Nearest-Neighbor Indexing: index on "distance" for faster location and text
search queries
* Serializable Snapshot Isolation: keeps concurrent transactions consistent
without blocking, using "true serializability"
* Writeable Common Table Expressions: execute complex multi-stage data updates
in a single query
* Security-Enhanced Postgres: deploy military-grade security and Mandatory
Access Control
|
|
- bug #3375325 [interface] Page list in navigation frame looks odd
- bug #3313235 [interface] Error div misplaced
- bug #3374802 [interface] Comment on a column breaks inline editing
- patch #3383711 [display] Order by a column in a view doesn't work in
some cases
- bug #3386434 [interface] Add missing space to server status
- [core] Remove library PHPExcel, due to license issues
- [export] Remove native Excel export modules (xls and xlsx formats)
- [import] Remove native Excel import modules (xls and xlsx formats)
- bug #3392920 [edit] BLOB emptied after editing another column
- [security] Fixed XSS in Inline Edit on save action, see PMASA-2011-14
- [security] Fixed XSS with db/table/column names, see PMASA-2011-14
|
|
|
|
|
|
The PostgreSQL BuildFarm is a distributed build system designed to
detect build failures of the source code of PostgreSQL on a large
collection of platforms and configurations. This is the client
software that enables to perform automated test builds and checks.
|
|
v0.12.1
- Fix issue with simple_uuid dependency.
- Fix issue with get_range & get_range_batch keeping all results when a block is given. Resolves Issue# 112.
v0.12.0 Changed thrift_client dependency to 0.7.0
|
|
=== 3.27.0 (2011-09-01)
* Add support for native prepared statements to the tinytds adapter
(jeremyevans)
* Add support for native prepared statements and stored procedures to the
mysql2 adapter (jeremyevans)
* Support dropping primary key, foreign key, and unique constraints on MySQL
via the drop_constraint :type option (jeremyevans)
* Add Sequel::SQLTime class for handling SQL time columns (jeremyevans)
* Typecast DateTime objects to Date for date columns (jeremyevans)
* When typecasting Date objects to timestamps, make the resulting objects
always have no fractional date components (jeremyevans)
* Add Model.dataset_module for simplifying many def_dataset_method calls
(jeremyevans)
* Make prepared_statements_safe plugin work on classes without datasets
(jeremyevans)
* Make Dataset#hash work correctly when referencing SQL::Expression instances
(jeremyevans)
* Handle allowed mass assignment methods correctly when including modules in
classes or extending instances with modules (jeremyevans)
* Fix Model#hash to work correctly with composite primary keys and with no
primary key (jeremyevans)
* Model#exists? now returns false without issuing a query for new model
objects (jeremyevans)
|
|
|
|
|
|
Add DragonFly entry to Makefile.shlib to allow client to build.
|
|
Add DragonFly entry to Makefile.shlib to allow client to build.
|
|
|
|
and -O3 is a safe compromise for GCC and Clang (which enables LTO with
-O4).
|
|
|
|
pgbouncer is a lightweight connection pooler for PostgreSQL that provides
the following features:
* Several levels of brutality when rotating connections.
* Low memory requirements.
* It is not tied to one backend server, the destination databases
can reside on different hosts.
* Supports online reconfiguration for most of the settings.
* Supports online restart/upgrade.
|
|
|
|
out by Alistair Crooks.
|
|
|
|
|
|
|
|
|