| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fixed variable ref errors in adodb-ado5.inc.php in _query().
Mysqli setcharset fix using method_exists().
The adodb-perf.inc.php CreateLogTable() code now works for user-defined table names.
Error in ibase_blob_open() fixed. See
http://phplens.com/lens/lensforum/msgs.php?id=14997
Active Record
============
Now we only update fields that have changed, using $this->_original.
We do not include auto_increment fields in replace(). Thx Travis Cline
Added ADODB_ACTIVE_CACHESECS.
|
|
Mostly bug fixes from 3.8.
- Use string methods instead of deprecated string functions.
- Only use SQL-standard way of escaping quotes.
- Added the functions escape_string() and escape/unescape_bytea()
(as suggested by Charlie Dyson and Kavous Bojnourdi a long time ago).
- Reverted code in clear() method that set date to current.
- Added code for backwards compatibility in OID munging code.
- Reorder attnames tests so that "interval" is checked for before "int."
- If caller supplies key dictionary, make sure that all has a namespace.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Changes since 2.3.23:
* Fixed slapd syncrepl timestamp bug (delta-sync/cascade) (ITS#4567)
* Fixed slapd-bdb/hdb non-root users adding suffix/root entries (ITS#4552)
* Re-fixed slapd-ldap improper free bug in exop (ITS#4550)
* Fixed slapd-ldif assert bug (ITS#4568)
* Fixed slapo-syncprov crash under glued database (ITS#4562)
Note that since the clients and libraries didn't change, openldap-server still
depends on openldap-client>=2.3.23 (to ease updates of client applications).
|
|
|
|
|
|
|
|
i386 assembler.
|
|
|
|
|
|
|
|
|
|
|
|
While going through the tree, fix some more packages which had similiar
issues with too strict conflicts, bump the revisions of those.
|
|
This upgrade fixes the SQL injection vulnerability reported in SA20365.
|
|
This module provides a wrapper for the DB_File module, adding locking.
When you need locking, simply use this module in place of DB_File and
add an extra argument onto the tie command specifying if the file should
be locked for reading or writing.
|
|
|
|
Makefile.
|
|
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
|
|
|
|
|
|
and failover.
The big picture for the development of Slony-I is a master-slave system that
includes all features and capabilities needed to replicate large databases to
a reasonably limited number of slave systems.
Slony-I is a system for data centers and backup sites, where the normal mode
of operation is that all nodes are available
|
|
packages. Convert LDAP-based applications to depend on openldap-client, and
bump PKGREVISION for those that depend on it by default.
|
|
(in HTML).
|
|
now split off. This package contains only the slapd and slurpd servers.
Please note that both slapd and slurpd now run unprivileged by default (as
slapd:ldap and slurpd:ldap, respectively). An upgrade scenaria is described
in MESSAGE. This change addresses PR pkg/31959.
|
|
split off. This package contains only the client tools and libraries, and the
manpages.
LDAP-based applications should depend on this package, not databases/openldap
(anymore).
|
|
(and add a -doc component), which I'll import in a minute. This package is now
nothing but a meta-package, depending on those three. Take over MAINTAINERship
(ok with joerg). Add an inet6 option to -client and -server (PR pkg/33524).
Bump PKGREVISION.
|
|
|
|
|
|
the wrong permissions.
Bump PKGREVISION
|
|
can be used to enforce versions after having determined which are
suppported.
|
|
|
|
Lots of changes since last packaged version (4.1.15), please see:
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-18.html
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-17.html
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-16.html
Most notably this version includes a fix for
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
While here install more man pages and merge mysql4-client/patches/patch-ad
into mysql4-client/patches/patch-af.
|
|
Common to all versions:
* Change the server to reject invalidly-encoded multibyte characters
in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this
direction for some time, the checks are now applied uniformly to
all encodings and all textual input, and are now always errors not
merely warnings. This change defends against SQL-injection attacks
of the type described in CVE-2006-2313.
* Reject unsafe uses of \' in string literals As a server-side
defense against SQL-injection attacks of the type described in
CVE-2006-2314, the server now only accepts '' and not \' as a
representation of ASCII single quote in SQL string literals. By
default, \' is rejected only when client_encoding is set to a
client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is
the scenario in which SQL injection is possible. A new
configuration parameter backslash_quote is available to adjust
this behavior when needed. Note that full security against
CVE-2006-2314 may require client-side changes; the purpose of
backslash_quote is in part to make it obvious that insecure clients
are insecure.
* Modify libpq's string-escaping routines to be aware of encoding
considerations This fixes libpq-using applications for the
security issues described in CVE-2006-2313 and CVE-2006-2314.
Applications that use multiple PostgreSQL connections concurrently
should migrate to PQescapeStringConn() and PQescapeByteaConn() to
ensure that escaping is done correctly for the settings in use in
each database connection. Applications that do string escaping
"by hand" should be modified to rely on library routines instead.
* Fix some incorrect encoding conversion functions win1251_to_iso,
alt_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all
broken to varying extents.
* Clean up stray remaining uses of \' in strings (Bruce, Jan)
* Fix server to use custom DH SSL parameters correctly (Michael Fuhr)
* Fix various minor memory leaks
Additionally for 7.4.13 and later:
* Fix bug that sometimes caused OR'd index scans to miss rows they
should have returned
* Fix WAL replay for case where a btree index has been truncated
* Fix SIMILAR TO for patterns involving | (Tom)
* Fix for Bonjour on Intel Macs (Ashley Clark)
Additionally for 8.0.8 and 8.1.4:
* Fix SELECT INTO and CREATE TABLE AS to create tables in the
default tablespace, not the base directory (Kris Jurka)
* Fix problem with password prompting on some Win32 systems (Robert
Kinberg)
Additionally for 8.1.4:
* Fix weak key selection in pgcrypto (Marko Kreen)
Errors in fortuna PRNG reseeding logic could cause a predictable
session key to be selected by pgp_sym_encrypt() in some cases.
This only affects non-OpenSSL-using builds.
* Make autovacuum visible in pg_stat_activity (Alvaro)
* Disable full_page_writes (Tom)
In certain cases, having full_page_writes off would cause crash
recovery to fail. A proper fix will appear in 8.2; for now it's
just disabled.
* Various planner fixes, particularly for bitmap index scans and
MIN/MAX optimization (Tom)
* Fix incorrect optimization in merge join (Tom)
Outer joins could sometimes emit multiple copies of unmatched
rows.
* Fix crash from using and modifying a plpgsql function in the same
transaction
* Improve qsort performance (Dann Corbit)
Currently this code is only used on Solaris.
* Improve pg_dump's handling of default values for domains
* Fix pg_dumpall to handle identically-named users and groups
reasonably (only possible when dumping from a pre-8.1 server) (Tom)
The user and group will be merged into a single role with LOGIN
permission. Formerly the merged role wouldn't have LOGIN
permission, making it unusable as a user.
* Fix pg_restore -n to work as documented (Tom)
|
|
Changes 0.9.1
This release fixes one particurly ugly bug affecting only MySQL users who
are first creating a database with 0.9 (and didn\'t already have a
database from an earlier release).
Changes 0.9
This release includes several new features, particularly extending what
information Krecipes holds for each recipe. These include:
* Multi-user and multi-criteria rating system
* Yield type and range
* Multiple preparation methods
* Ingredient ranges
* Stores the time a recipe is created, modified, and last accessed
Other significant features include:
* Rezkonv export
* Backup/restore
* Copy to Clipboard feature
* Interface to quickly paste ingredients into a recipe
|
|
Use CONF_FILES_PERMS to install the conf.php file
Don't use WWW_USER to set permissions as that assumes apache is always installed
Bump PKGREVISION
Fix binary packages (pointed out by salo@)
|
|
awkward.
|
|
|
|
Package does not need qt3-tools at run time, so remove the full
dependency and bump PKGREVISION.
|
|
|
|
library detection.
|
|
OpenLDAP 2.3.23 Release
Fixed slapd-ldap improper free bug (ITS#4550)
OpenLDAP 2.3.22 Release
Fixed libldap referral input destroy issue (ITS#4533)
Fixed libldap ldap_sort_entries tail bug (ITS#4536)
Fixed libldap default connection concurrency issue (ITS#4541)
Fixed libldap_r thread debug missing break
Fixed libldap_r tpool cleanup
Fixed liblutil strtoul(3) usage (ITS#4503)
Fixed liblutil time resolution issue (ITS#4514)
Updated ldapdelete(1) to stdout bug (ITS#4453)
Updated ldapsearch(1) BASE output (ITS#4504)
Fixed slapd backglue issue (ITS#4529)
Fixed slapd cn=config (ITS#4512)
Fixed slapd cn=config ACL application fix
Fixed slapd cn=config olcLimits (ITS#4515)
Fixed slapd dynacl tgrant/tdeny initialization
Fixed slapd runqueue use of freed memory (ITS#4517)
Fixed slapd slap_send_ldap_result bug (ITS#4499)
Fixed slapd thread pool init issue (ITS#4513)
Added slapd syncrepl mandatory searchbase check
Fixed slapd-bdb/hdb pre/post-read freeing (ITS#4532)
Fixed slapd-bdb/hdb pre/post-read unavailable issue (ITS#4538)
Fixed slapd-bdb/hdb referral issue (ITS#4548)
Fixed slapd-hdb IDL sort issue (ITS#4531)
Fixed slapd-ldap proxyAuthz of bound identity/override (ITS#4497)
Fixed slapd-ldap/meta protocol version propagation (ITS#4488)
Fixed slapd-ldap fd cleanup (ITS#4474)
Fixed slapd-ldif deadlock (ITS#4500)
Fixed slapd-shell lutil_atoi issue (ITS#4495)
Fixed slapadd cn=config issue (ITS#4194)
Fixed slapo-accesslog log purging issue (ITS#4505)
Added slapo-accesslog reqOld feature
Fixed slapo-auditlog missing return codes
Fixed slapo-ppolicy BER tags issue (ITS#4528)
Fixed slapo-ppolicy rebind bug (ITS#4516)
Fixed slapo-refint delete prohibit issue (ITS#4442)
Fixed slapo-syncprov MODs cause DELs (ITS#4423)
Fixed slapo-syncprov/syncrepl sessionlog issue (ITS#4534)
Added slapo-syncprov extra logging
Fixed slapo-translucent modifications (ITS#4527)
Fixed slurpd potential overflow issue
Build Environment
Fixed OSF1 compilation problem (ITS#4537)
Fixed test020-proxycache disabled debug issue (ITS#4491)
Fixed test033-glue-syncrepl overlay detection (ITS#4544)
Documentation
Fixed slapd(8) logging header reference (ITS#4509)
Clarified slapd.conf(5) "disable bind_anon" feature
|
|
|
|
|
|
Thanks to Yoshito Komatsu for feedback and testing
A summary of changes include:
This release fixes some minor bugs and some security alerts.
Code syntax fixing tests
HTML Validation fixes
Added support for binary attrs in templates & HTML Validation fixes
Few minor bug fixes.
Changed default login attribute back to "dn".
|
