| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
|
|
Bump revision.
|
|
Most notably this version includes fixes for
http://secunia.com/advisories/20365/
and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903
The fix for the latter was provided in PR pkg/33616 by Cedric
Devillers, cedric dot devillers at script dottt univ-paris7 dot fr,
and is not part of the upstream version 4.1.20.
* Changes since last packaged version (4.1.19)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-20.html for me details):
This is a security fix release for the previous production release
family. This release includes the security fix described later in
this section and a few other changes to resolve build problems,
relative to the last official MySQL release (4.1.19).
Bugs fixed:
- Security fix: An SQL-injection security hole has been found in
multi-byte encoding processing. The bug was in the server, incorrectly
parsing the string escaped with the mysql_real_escape_string() C
API function. (CVE-2006-2753, Bug#8378)
This vulnerability was discovered and reported by Josh Berkus
<josh@postgresql.org> and Tom Lane <tgl@sss.pgh.pa.us> as part of
the inter-project security collaboration of the OSDB consortium.
- The patch for Bug#8303 broke the fix for Bug#8378 and was undone.
(In string literals with an escape character (\) followed by a
multi-byte character that has a second byte of (\), the literal
was not interpreted correctly. The next byte now is escaped, not
the entire multi-byte character. This means it a strict reverse of
the mysql_real_escape_string() function.)
- The client libraries had not been compiled for position-indpendent
code on Solaris-SPARC and AMD x86_64 platforms. (Bug#13159, Bug#14202,
Bug#18091)
- Running myisampack followed by myisamchk with the --unpack option
would corrupt the auto_increment key. (Bug#12633)
|
|
with CHECK_INTERPRETER=yes. Bumped PKGREVISION.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
the pkglint warning:
As {INSTALL,DEINSTALL}_TEMPLATE is modified using "+=", its name
should indicate plural.
This does make the variables a bit more suggestive of the fact that they
hold lists of values.
|
|
This avoids the need for a confusing line of the form:
DEINSTALL_TEMPLATE+= path/to/INSTALL
in the package Makefile, and actually removes the need to specify it
altogether since by convention, the existence of the DEINSTALL script
is enough to add it to DEINSTALL_TEMPLATE.
|
|
Fixed variable ref errors in adodb-ado5.inc.php in _query().
Mysqli setcharset fix using method_exists().
The adodb-perf.inc.php CreateLogTable() code now works for user-defined table names.
Error in ibase_blob_open() fixed. See
http://phplens.com/lens/lensforum/msgs.php?id=14997
Active Record
============
Now we only update fields that have changed, using $this->_original.
We do not include auto_increment fields in replace(). Thx Travis Cline
Added ADODB_ACTIVE_CACHESECS.
|
|
Mostly bug fixes from 3.8.
- Use string methods instead of deprecated string functions.
- Only use SQL-standard way of escaping quotes.
- Added the functions escape_string() and escape/unescape_bytea()
(as suggested by Charlie Dyson and Kavous Bojnourdi a long time ago).
- Reverted code in clear() method that set date to current.
- Added code for backwards compatibility in OID munging code.
- Reorder attnames tests so that "interval" is checked for before "int."
- If caller supplies key dictionary, make sure that all has a namespace.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Changes since 2.3.23:
* Fixed slapd syncrepl timestamp bug (delta-sync/cascade) (ITS#4567)
* Fixed slapd-bdb/hdb non-root users adding suffix/root entries (ITS#4552)
* Re-fixed slapd-ldap improper free bug in exop (ITS#4550)
* Fixed slapd-ldif assert bug (ITS#4568)
* Fixed slapo-syncprov crash under glued database (ITS#4562)
Note that since the clients and libraries didn't change, openldap-server still
depends on openldap-client>=2.3.23 (to ease updates of client applications).
|
|
|
|
|
|
|
|
i386 assembler.
|
|
|
|
|
|
|
|
|
|
|
|
While going through the tree, fix some more packages which had similiar
issues with too strict conflicts, bump the revisions of those.
|
|
This upgrade fixes the SQL injection vulnerability reported in SA20365.
|
|
This module provides a wrapper for the DB_File module, adding locking.
When you need locking, simply use this module in place of DB_File and
add an extra argument onto the tie command specifying if the file should
be locked for reading or writing.
|
|
|
|
Makefile.
|
|
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
|
|
|
|
|
|
and failover.
The big picture for the development of Slony-I is a master-slave system that
includes all features and capabilities needed to replicate large databases to
a reasonably limited number of slave systems.
Slony-I is a system for data centers and backup sites, where the normal mode
of operation is that all nodes are available
|
|
packages. Convert LDAP-based applications to depend on openldap-client, and
bump PKGREVISION for those that depend on it by default.
|
|
(in HTML).
|
|
now split off. This package contains only the slapd and slurpd servers.
Please note that both slapd and slurpd now run unprivileged by default (as
slapd:ldap and slurpd:ldap, respectively). An upgrade scenaria is described
in MESSAGE. This change addresses PR pkg/31959.
|
|
split off. This package contains only the client tools and libraries, and the
manpages.
LDAP-based applications should depend on this package, not databases/openldap
(anymore).
|
|
(and add a -doc component), which I'll import in a minute. This package is now
nothing but a meta-package, depending on those three. Take over MAINTAINERship
(ok with joerg). Add an inet6 option to -client and -server (PR pkg/33524).
Bump PKGREVISION.
|
|
|
