Age | Commit message (Collapse) | Author | Files | Lines |
|
security update for phpmyadmin
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.38
- pkgsrc/databases/phpmyadmin/distinfo 1.16
Module Name: pkgsrc
Committed By: tron
Date: Mon Nov 21 13:47:42 UTC 2005
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.6.4pl4. Changes since
version 2.6.4pl3:
- css/phpmyadmin.css.php: Do not use common header file, as there is
nothing common at all.
- libraries/header_http.inc.php: Always send text/html content type.
- libraries/db_table_exists.lib.php, libraries/header_http.inc.php,
transformation_wrapper.php: Use define rather than variable for
conditional paths.
This fixes the security vulnerability reported in PMASA-2005-6.
|
|
security fix for libgda
Revisions pulled up:
- pkgsrc/databases/libgda/Makefile 1.15
- pkgsrc/databases/libgda/distinfo 1.16
- pkgsrc/databases/libgda/patches/patch-ag 1.1
Module Name: pkgsrc
Committed By: drochner
Date: Wed Oct 26 10:08:24 UTC 2005
Modified Files:
pkgsrc/databases/libgda: Makefile distinfo
Added Files:
pkgsrc/databases/libgda/patches: patch-ag
Log Message:
fix potential format string vulnerability (CAN-2005-2958), from debian
|
|
security update for phpmyadmin
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.37
- pkgsrc/databases/phpmyadmin/distinfo 1.15
Module Name: pkgsrc
Committed By: tron
Date: Sun Oct 30 12:54:35 UTC 2005
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile distinfo
Log Message:
Update "phpmyadmin" package to version 2.6.4-pl3. This version fixes
the security vulnerability reported in PMASA-2005-5.
|
|
security update for phpmyadmin
Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.36
- pkgsrc/databases/phpmyadmin/PLIST 1.12
- pkgsrc/databases/phpmyadmin/distinfo 1.14
Module Name: pkgsrc
Committed By: tron
Date: Wed Oct 12 11:51:10 UTC 2005
Modified Files:
pkgsrc/databases/phpmyadmin: Makefile PLIST distinfo
Log Message:
Update "phpmyadmin" package to version 2.6.4-pl2. This version fixes
the security vulnerability reported in PMASA-2005-4.
Addresses PR pkg/31561 by Zafer Aydogan.
|
|
|
|
'CPPFLAGS=...' overriding its value. Fixes PR pkg/30030 by Idar Tollefsen.
Allowed by agc@ during freeze.
|
|
|
|
and referrals are used together (http://secunia.com/advisories/15906/)
mostly from Adrian Portelli, tested by me
(The most recent version 242 kills the system completely if the LDAP
server is not running -- endless connection retries.)
|
|
|
|
of "ldopts" used to link in the embedded perl interpreter. This fixes
PR pkg/31293.
The PostgreSQL configure code tries to be extra-clever with only using
its own logic for determining which directories to add to the rpath.
However, we don't really need PostgreSQL's configure to do this since
the Perl config already provides the full set of flags for linking,
including the appropriate rpath flags, and the rpaths flags determined
by Perl (at least in pkgsrc) are guaranteed to match the ones needed
PostgreSQL to link the plperl.so module.
Bump the PKGREVISION of databases/postgresql80-plperl to 1.
|
|
(definition is identical on PHP4), so that this compiles with PHP5
allow the package to build with PHP5 too, bump package revision
|
|
|
|
|
|
(XXX could be made on Linux and Solaris too)
|
|
|
|
- Use ${ECHO} instead of echo.
|
|
so prevent interactions with bash and gawk packages or tools wrappers
Update maintainer address, and bump PKGREVISION, binary packages may contain references to bash or gawk
|
|
|
|
|
|
|
|
changes:
-Added support for client/server-side certificates.
-Improved visual feedback when bad filenames are entered.
-Bugfixes
-Updated translations
|
|
changes:
1) it fixes crashes with empty/near-empty databases
2) it fixes a few performance bottlenecks, most notably for larger
databases
|
|
changes:
-import improvements (eg from webpages)
-bugfixes
-keyboard shortcuts added
-UI improvements
|
|
changes:
* Addition of a spelling checker if python-gnome-extras is installed
* Thumbnails are generated for objects other than images if an appropriate
thumbnailer is found the the GCONF database.
* Enhanced Descendant Chart report that allows better control over the
formatting of the report
* Added support for new %n format in addition to $n, which will cause the
line to be removed if a text match is not made.
* Bug fixes, bug fixes, bug fixes, and bug fixes.
|
|
Important changes from PyGreSQL 3.6.2 to PyGreSQL 3.7
- Fixes to quoting function.
- Use Python datetime if mxDatetime is not available.
- Add checks for valid database connection to methods.
- Improved namespace support, handle search_path correctly.
- Removed old dust and unnessesary imports, added docstrings.
- Internal sql statements as one-liners, smoothed out ugly code.
- Major improvements in classic pg module.
|
|
|
|
Introduce a BUILD_DEFS for using a www server other than apache
Use ROOT_GROUP
Bump to nb5
|
|
|
|
This is a PHP 4 compatible SQLite 2.x module (the same module comes bundled
with PHP 5 and is available as databases/php5-sqlite).
|
|
and MAKE_DIRS:
* There is no need to set PKG_SYSCONFDIR as the concept is quite
meaningless for PHP applications. Simply copy the CONF_FILES
from the examples directory into ${PREFIX}/share/phppgadmin/conf.
* Use REQD_DIRS instead of MAKE_DIRS since these directories are
under ${PREFIX} and we want to always create/remove these
directories regardless of the value of PKG_CONFIG.
Bump the PKGREVISION to 1 due to changes in the +INSTALL and +DEINSTALL
scripts.
|
|
commit. Thanks to Matthew Luckie who notified me via private mail.
|
|
ChangeLog:
* Fix for PHP 4.4.0's new strict references
* Small improvement to Opera browser detection in the tree
* Fix listing of opaque functions in 7.2
* Fix listing of opclasses and functions pre 7.3
|
|
|
|
Changes from 1.9.1 are too huge, please see web page:
http://ar.rubyonrails.org/files/CHANGELOG.html.
|
|
want to install. Patch from salo@ in private email.
No functional change.
|
|
Changes:
2005-08-22
version 2.7
* add constants for Mysql#options: Mysql::OPT_GUESS_CONNECTION,
Mysql::OPT_USE_EMBEDDED_CONNECTION,
Mysql::OPT_USE_REMOTE_CONNECTION, Mysql::SET_CLIENT_IP
* test.rb: for 4.0.x, 5.0.x
2005-08-16
version 2.7-beta3
* add Mysql::Stmt#bind_result
2005-08-02
version 2.7-beta2
* BUG: mysql.c.in: fetch_hash: nil value doesn't exist in
hash. (Thanks Stefan Kaes)
* add constant Mysql::VERSION.
* add Mysql#prepare
2005-07-24
version 2.7-beta
* add Mysql#stmt_init method
* add Mysql::Stmt, Mysql::Time, Mysql::RowOffset class
* add Mysql::Error#sqlstate method
* change offset value to Mysql::RowOffset object that is used
by Mysql::Result#row_seek,row_tell
2005-07-31
version 2.6.3
* add constant Mysql::VERSION.
2005-07-26
version 2.6.2
* BUG: mysql.c.in: fetch_hash: nil value doesn't exist in
hash. (Thanks Stefan Kaes)
2005-06-28
version 2.6.1
* mysql.c.in: fix to compile error on MacOSX.
|
|
library after lang/lua was libtoolized in lua-5.0.2nb4.
|
|
Re-do how .orig files are handled by pax as this wasn't working as expected
Ride the previous package bump
|
|
Bump to nb4
|
|
|
|
|
|
on p5-perl-ldap
bump PKGREVISION
|
|
Fix up previous handling of new patch as suggested by salo@ in private email.
Bump PKGREVISION
|
|
Make it use the option framework, to enable/disable abook and gnupg plugins and
dependancies
fix PR 29879, applying the appended patch
approved by cube@
|
|
total number of groups
doesn't make much of a difference for standard systems with
NGROUPS==_SC_NGROUPS_MAX, but someone might change this
|
|
|
|
Bump to nb2
|
|
-support the "getgroupmembership" nsswitch invocation
bump PKGREVISION
|
|
Security fix for two XSS security issues
Lots of other changes, a brief summary includes:
> Improvements:
> Foreign-key dropdowns can be more customized
> Export: configurable filename templates
> Display column comments while editing data
> Transformations: new hexadecimal mode
> HTTP auth: support FastCGI
> Themes: can now have different theme per server
> OLD_PASSWORD in the list of functions
> Better messages when checking numerical input
> Allow adding DROP TABLE when copying databases
> Better support of information_schema
> Various interface CSS improvements
> Tree subgroups in left panel database selector
> Documentation: links and anchors to every FAQ item
> Table comments move to page header
> Export: configurable default charset
> Removed warning about PmaAbsoluteUri not set
> Fixes:
> Database search in MySQL 5.0.x on fields without a charset
> Invalid "normal" cursor style
> Browsing state when deleting multiple rows
> Support bigger queries in print view, insert row, export results
> Unsaved changes to relations were lost when changing display field
> Exporting under IE 6 (Windows XP SP2)
> Better catching of parse errors in config file
> XSS on the cookie-based login panel
> Show all while browsing foreign values
> Escaping of special characters in ENUM or SET
> XSS on table creation page
> Using mysqli extension with MySQL 4.0.x
> "empty result set" message was sometimes not returned
> Incorrect message "You should define a primary key"
> Abide cfg['Lang'] settings even if using MySQL > 4.1.x
|
|
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180
Patch by adrianp@.
ChangeLog from gnats CSV:
* Makefile.in (install-gnats-tools, install-gnats-bin): Removed chown
and chmod entries for setting binaries suid. CAN-2005-2180 advisory.
gen-index as setuid root can overwrite any system file.
Bump PKGREVISION to 1.
|