| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
=== 2.0.14 ===
7 Mar 2011
- Bug Fixes:
* 491. 302 redirect on some gsessionids
* 501. Remove support for deprecated Maps Data API.
* 462. Bug in samples/analytics/data_feed_demo.py (using segments)
* 482. String exception in service.py
* 414. http proxy url containing properly formatted user-name and password not accepted
- Turn on SSL for Codesearch, Photos, Project Hosting, Analytics,
Contacts, Marketplace Licensing, and Docs.
- Add batch default URL to the Contacts API and clean the sample code. (issue4000058)
- Added support for Content API for Shopping
- Added Calendar V2 API support
- Add Google Marketplace Licensing API to the Gdata Python Client
- Added patch from Alexandre Vivien that fixes calendar resource email support that somehow went missing in a previous release.
=== 2.0.13 ===
16 Nov 2010 (revision 902:73f3fbb5ea88)
- Bug Fixes:
* Issue 315: Correctly constructs queries based on categories for Blogger APIs.
* Issue 323: YouTubeUserQuery constructor passes incorrect overridden parameter to base class.
- Accept proxy username and password in http(s)_proxy environment variables.
- Adding support for specifying URI to v3 docs client.
- Adding tests for revisions for arbitrary file types in Documents List API.
- Google Base, added bucket node to attributes.
- Adding ContainsSampledData XML Element to Analytics Data Feed and updating samples
=== 2.0.12 ===
17 Sep 2010 (revision 892:e949a7cf9a31)
- Bug Fixes:
* Issue 437: PATCH request generates incorrect Content-Type
* Issue 428: get_blog_name() does not correctly handle blog URLs containing hyphens
* Issue 443: Packages should contain gdata.apps.audit in setup.py
* Issue 430: Lots of memory usage when uploading big video files
* Issue 423: gdata.contacts.client.ContactsClient.get_profiles_feed() broken
- Turn on SSL be default for the spreadsheet API
- Added support for new Analytics feeds
- All V3 code and development has been out of this project and into http://code.google.com/p/google-api-python-client/
- Added partial support for the YouTube API in v2
=== 2.0.11 ===
Jul 29, 2010 (revision fa49231cc8)
- Added the following new APIs:
* Apps Audit APIs from Jay Lee
* Apps Organization from Alexandre Vivien
* Added Email Settings API client library v2.0 from Claudio Cherubino
- Fixes to file permissions for samples.
- Fixing a broken calendar resource client from r983, removing a superfluous call to MakeResourceFeedUri(), adding regression tests for edit links.
- Abstracting out AppsProperty so that it's usable by other libs. Thanks to Claudio Cherubino <ccherubino@google.com> for this change.
- Added optional change_password parameter to AppsService.CreateUser
- Fixing minor bugs in analytics samples
- http://codereview.appspot.com/1677050 Switch default connection type back to non-SSL connections.
- Switch the repository from subversion to mercurial
- Added OAuth test cases thanks Samuel Cyprian
- Many APIs now use SSL, and some require it, so the following APIs now default to using HTTPS:
* Spreadsheets
* Sites
* Calendar Resource
=== 2.0.10 ===
May 12, 2010 (revision 980)
- Add check for liveness of proxy in live tests. Also add in upload-diffs.py to make using codereview.appspot.com easier.
- Patch from Alexandre Vivien adds the ResourceEmail attribute to CalendarResourceEntry
- Adding new single page methods to apps.groups.service. Thanks Jeremy Selier!
- Cleanup in service GetWithRetries. Thanks Will Charles!
- Adding much more test coverage for calendar_resource.client.
- Fixing Calendar Resource get_resource to use correct feed URI generator. Thanks to Alexandre Vivien for reporting.
- Adds support for Blogger Pages. Thanks Wiktor Gworek!
|
|
some commands are supported additionally.
|
|
Changes from previous:
0.35 Mon Sep 26 18:40:06 PDT 2011
- Added support for comments() XPath #3 (Perlover)
0.34 Thu Feb 24 09:35:12 PST 2011
- Skip xml_simple.t if LibXML is not there (omega)
0.33 Thu Feb 17 09:12:55 PST 2011
- Remove failing invalid XPath tests
|
|
|
|
XSS vulnerability.
Bump PKGREVISION.
|
|
changes:
-JavaScriptCore library can be used independently
-New DOM methods
-API extensions: spell checking, local storage database path
-bugfixes
|
|
Changes from previous:
2010-12-06 Dave Cross <dave@dave.org.uk>
* lib/WWW/Shorten.pm: Bump version number for release.
* bin/shorten: Be far more intelligent about the code that allows the user to
choose which service to use.
* MANIFEST.SKIP: Added MYMETA.yml to MANIFEST.SKIP.
* bin/shorten: Default to using a service that we currently support.
* Build.PL, lib/WWW/Shorten.pm: Added Config::Auto to list of dependencies
(it's used by the shorten program). Bumped version for release.
|
|
Now pbulk_scan no longer refuses to countenance this package, so it
can run to completion and build other stuff. I don't think this
package builds anyway...
|
|
|
|
probably wanted, so let's keep it.
|
|
subdir.
|
|
Changes from previous:
1.34 2011-09-16 09:02:00
- Bump required version of Catalyst to 5.9
- Merge psgi support. catalyst.pl will now generate a default
myapp.psgi file with the default middlewares applied.
- Fix scripts being generated mode 0700, rather than 0755
- Fix duplicate 'use Test::More' statement in generated components.
- Fix Pod for catalyst_ignore function in Module::Install::Catalyst
RT#68563
1.33 2011-03-24 15:10:00
- Fix a regression introduced in 1.32 that caused Catalyst::Restarter
to not work at all.
1.32 2011-03-22 09:17:00
- Fix RT#65907: missing build require: Test::Exception
- Fix RT#57019: Fix bundling of File::Copy::Recursive in inc/
by Module::Install::Catalyst
1.31 2011-01-20 01:08:00
- Fix for copying generated files into installed apps + tests
to ensure it keeps working. abraxxa++
- Make Pod tests author only
1.30 2011-01-11 23:54:00
- Increased Catalyst::Plugin::ConfigLoader dependency to 0.30
- Include File::Copy::Recursive in inc/ when building a dist of an
application.
1.29 2011-01-11 23:51:00
- Add documentation for the --proc_title option to the generated
fastcgi scripts
- Don't bother with the BEGIN { use_ok dance for created tests
- the test will fail to compile (and ergo fail) using just use,
and that's less typing (and less copy-pasting)
- Split method for creating tests into multiple methods to allow
subclasses to override the generation of some tests.
- Allow the author to be defined in the call to ->new to help things
which want to call Catalyst::Helper programatically.
- Remove $VERSION = eval $VERSION handwave in generated code as:
- Gives a perl critic violation.
- If you're shipping a dev release, best practice is you should do
it by renaming the tarball, rather than having a _ in the VERSION.
- Allow catalyst.pl . to work for already created applications
when in the application's directory.
- Note that plugin order is important in the generated skeleton.
- Don't pollute M::I plugin detector with GetOptions symbol from
GetOpt::Long
- Fix typo in share/script/myapp_server.pl.tt (RT #58475)
|
|
Changes from previous:
5.9002 3 Sept 2011 - Tutorial
- Switch to 'catalyst' vs. 'root' user in VM
- Add notes about X Windows installation
- Misc small adjustments
5.9001 2 Sept 2011
- Tutorial:
- Migrate Tutorial to use of a downloadable Virtual Machine
- Switch tutorial to Catalyst::Plugin::StatusMessage (vs. flash
and query parameters)
- Switch to use of local::lib
- Add "next chapter links" (RT #31164)
- Test all the tutorial code and make sure it's all working
- Lots of other Tutorial cleanup
- Update to Catalyst 5.9 and latest versions of all modules
- Clean up RT ticket queue (#68379, 68377, 68376, etc.)
- Other misc fixes/changes
5.9000 16 Aug 2011
- Copy editing to make more sense in deployment documentation.
5.8901 7 Aug 2011 - TRIAL RELEASE
- Added Catalyst::Manual::Deployment containing the documentation
which used to be in Catalyst::Engine::*, updated for the
new PSGI engine.
5.8008 2 Aug 2011
- Tutorial chaper 3
- Remove note about hacking tests to require MyApp so that MyApp->path_to
works. Application components should compile independently, and
therefore explain this and show configuring components from the
app class.
- Tutorial appendix
- Fix confusing mix of singular and plural table names in the MySQL
section to be plural, as per the rest of the tutorial.
- Cookbook
- Remove suggestion to generate RSS feeds using Template Toolkit.
This is a horrible idea, and it's very very easy to generate an
invalid feed.
5.8007 29 Feb 2011
- Tutorial
- Switch to use of DBIx::Class::PassphraseColumn for hashed & salted
passwords. It's much more flexible than the previously used
DBIx::Class::EncodedColumn.
5.8006 29 Feb 2011
- Fix metadata to refer to the new git repository
- Cookbook
- Small fixes and typos
- Tutorial
- Various typo fixes.
- RT #57989: typo
- RT #61486: correct instructions for MySQL
- RT #62095: prevent XSS
- RT #62095: persistent message on /login
- RT #63057: typo
- RT #64087: typos
- RT #64126: Use precise name of licence
- RT #64126: typos
- RT #67820: fix relationship decleration
- Do not recommend FastMmap
- DevelopmentProcess
- RT #62610: typo
5.8005 27 Oct 2010
- Tutorial:
- Add DATABASE CONFIG SWITCHING USING MULTIPLE CONFIG FILES section
- Critical bugfix on index page.
|
|
|
|
|
|
* fix some compiler warnings
* reset support for requests with no body
|
|
and other documents.
|
|
|
|
|
|
= 1.2.7 (backports release) / Not Yet Released
Custom changes:
* Fix Ruby 1.8.6 issue with Accept header parsing. (Konstantin Haase)
Backported from 1.3.0:
* Ignore `to_ary` on response bodies. Fixes compatibility to Rails 3.1.
(Konstantin Haase)
* `Sinatra.run!` now prints to stderr rather than stdout. (Andrew Armenia)
* Automatic `app_file` detection now works in directories containing brackets
(Konstantin Haase)
* Improved documentation. (Emanuele Vicentini, Peter Higgins, Takanori
Ishikawa, Konstantin Haase)
* Also specify charset in Content-Type header for JSON. (Konstantin Haase)
* Rack handler names will not be converted to lower case internally, this
allows you to run Sinatra with custom Rack handlers, like Kirk or Mongrel2.
Example: `ruby app.rb -s Mongrel2` (Konstantin Haase)
* Fix uninitialized instance variable warning. (David Kellum)
* Command line options now complain if value passed to `-p` is not a valid
integer. (Konstantin Haase)
* Fix handling of broken query params when displaying exceptions. (Luke
Jahnke)
|
|
|
|
== Ruby-GNOME2 1.0.3: 2011-09-19
This is a bug fix release of 1.0.2.
=== Changes
==== Ruby/GLib2
* Fixes
* [#3411234] Supported RubyGems 1.8.6.
[Tobias Pfeiffer, Kouhei Sutou]
=== Thanks
* Tobias Pfeiffer
== Ruby-GNOME2 1.0.2: 2011-09-18
This is a bug fix release of 1.0.1.
=== Changes
==== Ruby/GLib2
* Fixes
* [#3411204] Supported RubyGems 1.8.6.
[Tobias Pfeiffer, Kouhei Sutou]
==== Ruby/GTK2
* Fixes
* Fixed the default theme on Windows.
[ashbb, Kouhei Sutou]
=== Thanks
* Tobias Pfeiffer
* ashbb
== Ruby-GNOME2 1.0.1: 2011-09-18
This is a bug fix release of 1.0.0.
=== Changes
==== Ruby/GLib2
* Improvements
* GLib::IOChannel.open supports Windows.
[OBATA Akio, Kouhei Sutou]
* Added RVAL2STRV_FREE(), CSTRFILENAME2RVAL(),
RVAL2STRV, STRV2RVAL(), G_REPLACE_SET_PROPERTY(),
G_REPLACE_GET_PROPERTY() and G_REPLACE_ACTION().
[Nikolai Weibull]
* Fixes
* GLib::IOChannelWin32Socket.new uses raw socket handle
not file descriptor.
[NAKAMURA Usaku, Kouhei Sutou]
==== Ruby/GTK2
* Fixes
* [#3383158] removed non LANG=C characters to be
buildable on LANG=C environment.
[Antonio Terceiro, Kouhei Sutou]
* Fixed Gtk::FileFilter#add_custom crash.
[Jeff Moore, Kouhei Sutou]
* Fixed initialization order.
[ashbb, Kouhei Sutou]
==== Ruby/GooCanvas
* Improvements
* Supported binary bundled gem.
[HAYASHI Kentaro]
==== Ruby/GtkSourceView2
* Fixes
* Fixed bundled binary directory path on Windows.
[HAYASHI Kentaro]
==== Ruby/GtkMozEmbed
* Deprecated.
=== Thanks
* Antonio Terceiro
* OBATA Akio
* NAKAMURA Usaku
* HAYASHI Kentaro
* Jeff Moore
* ashbb
* Nikolai Weibull
|
|
|
|
Drastically improved memory handling for certain use cases
Added a new rendering backend to speed up Canvas operations on Windows systems
Bookmark and password changes now sync almost instantly when using Firefox Sync
The 'http://' URL prefix is now hidden by default
Added support for text-overflow: ellipsis
Added support for the Web Timing specification
Enhanced support for MathML
The WebSocket protocol has been updated from version 7 to version 8
Added an opt-in system for users to send performance data back to Mozilla
to improve future versions of Firefox
Fixed several stability issues
Fixed several security issues
|
|
* Bug fixes.
|
|
Polish language files are updated for Contao 2.10.1.
|
|
|
|
|
|
|
|
release notes.
|
|
- Deprecated direct hash access to the flash in
Mojolicious::Controller.
- Added EXPERIMENTAL group function to Mojolicious::Lite.
- Added EXPERIMENTAL build_frame and parse_frame methods to
Mojo::Transaction::WebSocket.
- Added EXPERIMENTAL accepts attribute to Mojo::IOLoop::Server.
- Added EXPERIMENTAL profile helper.
- Added EXPERIMENTAL binary support to Mojo::Transaction::WebSocket.
- Updated WebSocket implementation to ietf-16.
- Changed default upgrade timeout of Hypnotoad from 30 to 60 seconds.
- Improved accept performance of all built-in servers by up to 1000%
with the EV backend.
- Improved connection_timeout method in Mojo::IOLoop by allowing it
to be called as a class method.
- Improved documentation.
- Improved CSS of some built-in templates.
- Improved resilience of HTTP parser.
- Fixed CSS of built-in exception template.
- Fixed close event bug in Mojo::IOLoop.
- Fixed small redirect_to bug. (judofyr, sri)
- Fixed small attribute selector bug in Mojo::DOM::CSS.
- Fixed small unicode bug in Mojolicious::Plugin::EPRenderer.
- Fixed a few small route bugs.
- Fixed Perl 5.8.7 compatibility.
- Fixed typos.
1.98 2011-09-14 00:00:00
- Removed Mojo::Server::FastCGI so it can be maintained as a separate
distribution.
- Added EXPERIMENTAL mojo_lib_dir and slurp_rel_file methods to
Mojo::Home.
- Improved host condition to work in more environments.
- Improved CSS of all built-in templates.
- Improved documentation. (rhaen, sri)
- Improved test command to run tests in alphabetical order.
(viliampucik)
- Improved non-blocking resolver by allowing it to be disabled.
- Improved DATA templates by removing a whitespace requirement.
- Improved tests.
- Fixed small name generation bug in Mojolicious::Plugin::Config.
- Fixed small bug in cookie jar.
- Fixed small plugin loader bug.
- Fixed Hypnotoad to clean up lock files.
- Fixed small bug that caused exceptions to be logged twice.
1.97 2011-09-03 00:00:00
- Improved unicode handling to be more correct and less forgiving.
- Fixed typos.
1.96 2011-09-02 00:00:00
- Updated jQuery to version 1.6.3.
- Fixed Mojo::IOLoop to ignore SIGPIPE.
1.95 2011-09-01 00:00:00
- Improved cookie generation slightly. (cosimo, sri)
- Improved documentation.
- Fixed Mojo::IOLoop to not ignore SIGPIPE.
- Fixed typos. (akron)
1.94 2011-08-27 00:00:00
- Fixed lite_app and plugin generators.
- Fixed typos.
1.93 2011-08-27 00:00:00
- Added EXPERIMENTAL support for escaped tags to Mojo::Template.
- Improved Morbo to ignore dotfiles.
- Improved documentation.
- Fixed trimming bug in Mojo::Template.
- Fixed a few small bugs in Mojo::Template.
- Fixed small version detection bug in Mojo::Cookie.
1.92 2011-08-26 00:00:00
- Improved documentation.
- Fixed quoting bug in Mojo::Cookie.
1.91 2011-08-25 00:00:00
- Added EXPERIMENTAL support for cloning Mojo::Message::Request
objects.
- Improved redirect support in Mojo::UserAgent to be closer to
commonly used browsers.
- Improved documentation.
1.90 2011-08-24 00:00:00
- Improved respond_to to automatically render an empty 204 response
for unknown formats.
- Improved render_exception and render_not_found to use the current
format if available. (alnewkirk)
- Improved documentation.
1.89 2011-08-23 00:00:00
- Improved Mojo::Home portability. (omega)
- Improved documentation.
1.88 2011-08-23 00:00:00
- Added EXPERIMENTAL split method to Mojo::ByteStream.
- Improved documentation.
- Fixed small bug in Mojo::JSON.
1.87 2011-08-23 00:00:00
- Added EXPERIMENTAL app method to Mojo::Command.
- Added EXPERIMENTAL t helper to Mojolicious::Plugin::TagHelpers.
- Made tag helper a little smarter.
- Made camelize a little smarter.
- Improved documentation.
- Fixed small route rendering bug.
1.86 2011-08-21 00:00:00
- Deprecated camel case command modules and lowercased all the
built-in ones.
- Added EXPERIMENTAL support for testing WebSockets with Test::Mojo.
- Added GET/POST parameter support to respond_to.
- Made class_to_file slightly smarter.
- Improved documentation.
1.85 2011-08-20 00:00:00
- Fixed a url_for bug where captures would be ignored.
1.84 2011-08-19 00:00:00
- Added EXPERIMENTAL first, reverse, shuffle and sort methods to
Mojo::Collection.
- Improved documentation.
- Fixed small test portablity bug.
1.83 2011-08-19 00:00:00
- Renamed filter method in Mojo::Collection to grep.
- Improved documentation.
1.82 2011-08-19 00:00:00
- Added EXPERIMENTAL filter method to Mojo::Collection.
- Removed while and until methods from Mojo::Collection.
- Improved documentation.
1.81 2011-08-19 00:00:00
- Renamed Mojo::DOM::Collection to Mojo::Collection and added a few
new methods.
- Made Mojolicious::Plugins loader quite a bit smarter.
- Improved documentation.
- Improved Test::Mojo diagnostics.
1.80 2011-08-17 00:00:00
- Deprecated Mojolicious::Plugin::EpRenderer in favor of
Mojolicious::Plugin::EPRenderer.
- Deprecated Mojolicious::Plugin::EplRenderer in favor of
Mojolicious::Plugin::EPLRenderer.
- Deprecated Mojolicious::Plugin::I18n in favor of
Mojolicious::Plugin::I18N.
- Deprecated Mojolicious::Plugin::JsonConfig in favor of
Mojolicious::Plugin::JSONConfig.
- Deprecated Mojolicious::Plugin::PodRenderer in favor of
Mojolicious::Plugin::PODRenderer.
1.79 2011-08-17 00:00:00
- Added support for upper case relative plugin names. (lammel)
- Improved documentation.
1.78 2011-08-16 00:00:00
- Added EXPERIMENTAL modules Mojolicious::Command::Cpanify and
Mojolicious::Command::Generate::Plugin. (sri, yko, tempire)
- Improved documentation.
- Fixed "websocket_lite_app.t" to require Perl 5.10+.
- Fixed small empty cookie bug.
- Fixed small command bug.
|
|
Latvian language files are updated.
|
|
|
|
|
|
printf format and bump PKGREVISION for that.
|
|
wml/wml_common. Don't ask me why; however, make it do so correctly.
Otherwise it breaks trying to chmod nothing.
Fixes build with recent (or maybe not so recent, dunno how long this
has been broken) perl.
|
|
Version 0.74 -- 24 Sep 2011 <rafl@debian.org>
o Stop leaking information across requests when using the deprecated
and undocumented old FCGI interface. This is CVE-2011-2766.
o Only discard input stream if FCGI_KEEP_CONN is set in
FCGI_BeginRequestBody flags.
|
|
- fixed python --optimize
- moved old -j option to -J
- fixed threading in python-dbg
- fixed --manage-script-name
- make easy_install happy
uwsgi-0.9.8.5:
- fixed compatibility with multi app 0.9.6 syntax
|
|
|
|
General
* Update Tomcat-Native to 1.1.22. (jim)
* Fix CVE-2011-2729. Update to Commons Daemon 1.0.7. (markt)
* 33262: When using the Windows installer, the monitor is now auto-started for
the current user rather than all users to be consistent with menu item
creation. (markt)
* 40510: Provide an option within the Windows installer to create menu entries
for the current user or all users. (markt)
* 50949: Add the ability to specify the AJP port and the shutdown port when
using the Windows installer. (markt)
* 51135: Fix auto-detection of JAVA_HOME for 64-bit Windows platforms that only
have a 32-bit JVM installed when using the Windows installer. (markt)
Catalina
* 27988: Improve reporting of missing files. (markt)
* 28852: Add URL encoding where missing to parameters in URLs presented by Ant
tasks to the Manager application. Based on a patch by Stephane Bailliez.
(mark)
* 41179: Return 404 rather than 400 for requests to the ROOT context when no
ROOT context has been deployed. (markt)
* 50189: Once the application has finished writing to the response, prevent
further reads from the request since this causes various problems in the
connectors which do not expect this. (markt)
* Fix CVE-2011-2204. Prevent user passwords appearing in log files if a
runtime exception (e.g. OOME) occurs while creating a new user for a
MemoryUserDatabase via JMX. (markt)
* 51042: Don't trigger session creation listeners when a session ID is changed
as part of the authentication process. (markt)
* 51324: Improve handling of exceptions when flushing the response buffer to
ensure that the doFlush flag does not get stuck in the enabled state. Patch
provided by Jeremy Norris. (kkolinko)
* 51403: Avoid NullPointerException in JULI FileHandler if formatter is
misconfigured. (kkolinko)
* 51473: Fix concatenation of values in SecurityConfig.setSecurityProperty()
when the value provided by JRE is null. (kkolinko)
* 51550: Internal errors in Tomcat components that process requests before they
are passed to a web application, such as Authenticators, now return a 500
response rather than a 200 response. (markt)
* Add additional configuration options to the DIGEST authenticator. (markt)
Coyote
* Fix CVE-2011-2526. Protect against crashes (HTTP APR) if sendfile is
configured to send more data than is available in the file. (markt)
* 50394: Return -1 from read operation instead of throwing an exception when
encountering an EOF with the HTTP APR connector. (kkolinko)
* 50744: Skip the SSL configuration check on platforms where an unbounded
socket cannot be created. (kkolinko)
* 51073: Throw an exception and do not start the APR connector if it is
configured for SSL and an invalid value is provided for SSLProtocol. (markt)
* 51698: Fix CVE-2011-3190. Prevent AJP message injection. (markt)
Jasper
* 36362: Handle the case where tag file attributes (which can use any valid XML
name) have a name which is not a Java identifier. (markt)
* Fix possible threading issue in JSP compilation when development mode is
enabled. (markt)
Cluster
* 48717: Ensure session activation events are fired. (markt)
* 50771: Ensure HttpServletRequest#getAuthType() returns the name of the
authentication scheme if request has already been authenticated. (kfujino)
* 51647: Fix session replication when a session attribute is a Java dynamic
proxy. Based on a patch by Tomasz Skutnik. (markt)
Webapps
* 41498: Add the allRolesMode attribute to the Realm configuration page in the
documentation web application. (markt)
* Configure Security Manager How-To to include a copy of the actual
conf/catalina.policy file when the documentation is built, rather than
maintaining a copy of its content. (kkolinko)
* 48997: Fixed some typos and improve cross-referencing to the HTTP Connector
and APR documentation with the SSL How-To page of the documentation web
application. (markt)
Other
* Align jpda settings in catalina.bat with catalina.sh, tc6.0.x, tc7.0.x and
trunk. (markt)
* Clarify error messages in *.sh files to mention that if a script is not found
it might be because execute permission is needed. (kkolinko)
|
|
Upstream changelog:
Catalina
--------
add Allow to search the virtual paths before the webapp or after it.
(rjung)
fix 27988: Improve reporting of missing files. (markt)
fix 28852: Add URL encoding where missing to parameters in URLs
presented by Ant tasks to the Manager application.
Based on a patch by Stephane Bailliez. (markt)
add 46252: Allow to specify character set to be used to write
the access log in AccessLogValve. (kkolinko)
add 48863: Provide an warning if there is a problem with a class
path entry but use debug level logging if it is expected due
to catalina home/base split. (kkolinko)
add 49180: Add an option to disable file rotation in JULI FileHandler.
(kkolinko)
fix 50189: Once the application has finished writing to the response,
prevent further reads from the request since this causes various
problems in the connectors which do not expect this. (markt)
fix 50700: Ensure that the override attribute of context parameters
is correctly followed. (markt)
fix 50734: Return 404 rather than 400 for requests to the ROOT
context when no ROOT context is deployed. Patch provided by
Violeta Georgieva. (markt)
fix 50751: When authenticating with the JNDI Realm, only attempt
to read user attributes from the directory if attributes are
required. (markt)
fix 50752: Fix typo in debug message in
org.apache.catalina.startup.Embedded. (markt)
fix 50855: Fix NPE on AuthenticatorBase.register() when debug
logging is enabled. (markt)
fix Correctly format the timestamp reported by version.[sh|bat].
(markt)
fix Remove unnecessary whitespace from MIME mapping entries in
global web.xml file. (markt)
fix 51042: Don't trigger session creation listeners when a
session ID is changed as part of the authentication process.
(markt)
add 51119: Add JAAS authentication support to the
JMXRemoteLifecycleListener. Patch provided by Neil Laurance.
(markt)
update Implement display of multiple request headers in AccessLogValve:
print not just the value of the first header, but of the all
of them, separated by commas. (kkolinko)
fix Correct the SSLValve so it returns the SSL key size as an
Integer rather than as a String. (markt)
fix 51162: Prevent possible NPE when removing a web application. (markt)
fix 51249: Improve system property replacement code in
ClassLoaderLogManager of Tomcat JULI to cover some corner
cases. (kkolinko)
fix 51315: Fix IAE when removing an authenticator valve from a
container. Patch provided by Violeta Georgieva. (markt)
fix 51324: Improve handling of exceptions when flushing the
response buffer to ensure that the doFlush flag does not get
stuck in the enabled state. Patch provided by Jeremy Norris.
(kkolinko)
fix 51348: Fix possible NPE when processing WebDAV locks. (markt)
add Add a container event that is fired when a session's ID is
changed, e.g. on authentication. (markt)
fix Fix CVE-2011-2204. Prevent user passwords appearing in log files
if a runtime exception (e.g. OOME) occurs while creating a
new user for a MemoryUserDatabase via JMX. (markt)
fix 51400: Avoid jvm bottleneck on String/byte[] conversion
triggered by a JVM bug. Based on patches by Dave Engberg and
Konstantin Preißer. (markt)
add 51403: Avoid NPE in JULI FileHandler if formatter is
misconfigured. (kkolinko)
update Create a directory for access log or error log (in AccessLogValve
and in JULI FileHandler) automatically when it is specified
as a part of the file name, e.g. in the prefix attribute.
Earlier this happened only if it was specified with the
directory attribute. (kkolinko)
fix Log a failure if access log file cannot be opened. Improve
i18n of messages. (kkolinko)
fix Improve handling of URLs with path parameters and prevent
incorrect 404 responses that could occur when path parameters
were present. (kkolinko)
fix 51473: Fix concatenation of values in
SecurityConfig.setSecurityProperty(). (kkolinko)
fix 51509: Fix potential concurrency issue in CSRF prevention
filter that may lead to some requests failing that should not.
(markt)
fix 51588: Make it easier to extend the AccessLogValve to add
support for custom elements. (markt)
fix Unregister DataSource MBeans when web application stops. (kfujino)
add Add additional configuration options to the DIGEST
authenticator. (markt)
Coyote
------
fix Reduce level of log message for invalid URL parameters from
WARNING to INFO. (kkolinko)
add 48208: Provide an option to specify a custom trust manager
for BIO and NIO HTTP connectors using SSL. Based on a patch
by Luciana Moreira. (markt)
fix 49595: Protect against crashes when using the APR/native
connector. (jfclere)
fix 49929: Make sure flush packet is not send after END_RESPONSE
packet. (mturk/markt)
add 50887: Enable the provider to be configured when generating
SSL certs. Based on a patch by pknopp. (markt)
fix 51073: Throw an exception and do not start the APR connector
if it is configured for SSL and an invalid value is provided
for SSLProtocol. (markt)
fix Fix CVE 2011-2526. Protect against infinite loops (HTTP NIO)
and crashes (HTTP APR) if sendfile is configured to send more
data than is available in the file. (markt)
fix Prevent NPEs when a socket is closed in non-error conditions
after sendfile processing when using the HTTP NIO connector.
(markt)
fix 51515: Prevent immediate socket close when comet is used over
HTTPS. (markt)
Jasper
------
fix 36362: Handle the case where tag file attributes (which can
use any valid XML name) have a name which is not a Java
identifier. (markt)
fix 47371: Correctly coerce the empty string to zero when used
as an operand in EL arithmetic. Patch provided by gbt. (markt)
fix 50726: Ensure that the use of the genStringAsCharArray does
not result in String constants that are too long for valid
Java code. (markt)
fix 50895: Don't initialize classes created during the compilation
stage. (markt)
add 51124: Make Tomcat more robust if an OOME occurs. Usually
after an OOME all bets are off but this change appears to help
some users and the description of a 'recoverable' OOME in
the bug is a plausible one. Based on a patch by Ramiro. (markt)
fix 51177: Ensure Tomcat's MapELResolver and ListELResolver
always return Object.class for getType() as required by the
EL specification. (markt)
fix Correct possible threading issue in JSP compilation when
development mode is used. (markt)
add 51220: Add a system property to enable tag pooling with JSPs
that use a custom base class. Based on a patch by Dan Mikusa.
(markt)
add Broaden the exception handling in the EL Parser so that more
failures to parse an expression include the failed expression
in the exception message. Hopefully, this will help track
down the cause of 51088. (markt)
add Improve error reporting of Jasper compilation. (schultz)
Cluster
-------
fix 50646: Fix cluster message data corruption if message size
exceeds the underlying buffer size. Patch provided by
Olivier Costet. (markt)
fix 50771: Ensure HttpServletRequest#getAuthType() returns the
name of the authentication scheme if request has already been
authenticated. (kfujino)
fix 50950: Correct possible NotSerializableException for an
authenticated session when running with a security manager.
(markt)
fix 51306: Avoid NPE when handleSESSION_EXPIRED is processed while
handleSESSION_CREATED is being processed. (kfujino)
fix The change in session ID is notified to the container event
listener on the backup node in cluster. This notification is
controlled by notifyContainerListenersOnReplication. (kfujino)
Webapps
-------
fix 41498: Add the allRolesMode attribute to the Realm
configuration page in the documentation web application. (markt)
fix 48997: Fixed some typos and improve cross-referencing to the
HTTP Connector and APR documentation with the SSL How-To page
of the documentation web application. (markt)
fix 50804: Update links for Servlet 2.5 and JSP 2.1 Javadoc. (markt)
update Improve class loading documentation and logging documentation.
(kkolinko)
update Configure Security Manager How-To to include a copy of the
actual conf/catalina.policy file when the documentation is
built, rather than maintaining a copy of its content. (kkolinko)
fix 51147: Fix deployment via HTML Manager that was broken by
addition of CRSF protection. Patch provided by Alexis Hassler.
(markt)
fix 51156: Ensure session expiration option is available in
Manager application was running web applications that were
defined in server.xml. (markt)
fix Correct the log4j configuration settings when defining
conversion patterns in the documentation web application. (markt)
fix Update Maven repository information in the documentation to
reflect current usage. (markt)
fix 51346: Update the documentation web application to make clear
the circumstances in which the RequestDumperValve will consume
the request's InputStream. Based on a patch by pid. (markt)
fix 51443: Document the notifySessionListenersOnReplication
attribute for the DeltaManager. (markt)
fix 51516: Correct documentation web application to show correct
system property name for changing the name of the SSO session
cookie. (markt)
update Update documentation to be even more explicit about the
implications of setting the path attribute on a Context element
in server.xml. (markt/kkolinko)
Other
-----
update Clarify error messages in *.sh files to mention that if a
script is not found it might be because execute permission
is needed. (kkolinko)
add 33262, 40510, 50949, 51135: Various improvements to the
Windows installer to be able to install several copies of
Tomcat 6 side by side. Allow to configure service name,
connector and shutdown ports. Allow to choose whether to
install Start menu shortcuts and Apache Tomcat monitor
application for all users or for the current one only.
Improve auto-detection of JAVA_HOME for 64-bit Windows
platforms: autoselect 32-bit JRE if it exists and 64-bit
one is not available. Improve server.xml file handling.
Fix uninstallation icon. (markt/kkolinko)
fix 50854: Add additional entries to the default catalina.policy
file to support running the manager web application from
CATALINA_HOME or CATALINA_BASE. (markt)
fix Update default download sources to use the central
Apache Maven 2 repository as some libraries have been removed
from the central Apache Maven 1 repository. (kkolinko)
fix 51155: Add comments to @deprecated tags that have none.
Patch provided by sebb. (kkolinko)
fix 51309: Correct logic in catalina.sh stop when using a PID
file to ensure the correct message is shown. Patch provided
by Caio Cezar. (markt)
update Update Apache Commons Pool to 1.5.6. (kkolinko)
update Update Apache Commons Daemon to 1.0.7. (kkolinko)
update At build time use two alternative download locations for
components downloaded from apache.org. (kkolinko)
|
|
|
|
Update French, Guarani and Japanese language files.
|
|
While here, fixes build with perl-5.14.
= 1.31 May 11, 2009
Fix static APACI build on Mac OS X. [Gozer]
Fix XSS vulnerability in Apache::Status reported by
Richard J. Brain, CVE-2009-0796
[Fred Moyer]
On Win32, mod_perl.h needs to include <malloc.h> before the perl
headers, at least when built with USE_ITHREADS
[Steve Hay]
Win32 needs PERL_SYS_INIT/PERL_SYS_TERM calls when built with
USE_ITHREADS [sic--that's different to USE_THREADS]. In fact,
they ought to be always called if they are defined
[Steve Hay]
Fix potential segfault when the environment contains
NULL values [Mike Schilli]
Fix static APACI build against newer apache-1.3.38+
[Gozer]
Fixed modules/regex.t test 4 on Win32
[Steve Hay]
Avoid possible segfault when PerlFreshRestart is On.
[Michael Rendell <michael@cs.mun.ca>]
Prevent segfault when running with perl >= 5.9.3
[Steve Hay]
Fix shared libary extensions on Win32 to be .dll not .so
[Nikolay Ananiev <ananiev@thegdb.com>]
Patch to mod_perl.dsp to remove /D _WINSOCK2API_ on Win32
for perl >= 5.8.6 [Steve Hay]
= 1.30 March 29, 2007
SECURITY: CVE-2007-1349 (cve.mitre.org)
fix unescaped variable interpolation in Apache::PerlRun
regular expression to prevent regex engine tampering.
reported by Alex Solovey
[Randal L. Schwartz <merlyn@stonehenge.com>, Fred Moyer <fred@redhotpenguin.com>]
sync Apache-SizeLimit with latest version from CPAN (0.91)
[Philip M. Gollucci, Philippe M. Chiasson]
Fix an Apache::(Registry|PerlRun) bug caused by special characters
in the url [kolya@mail.ru]
Display a more verbose message if Apache.pm can't be loaded
[Geoffrey Young]
Fix incorrect win32 detection in Apache::SizeLimit reported by
Matt Phillips <mphillips@virage.com> [Philippe M. Chiasson]
The print-a-scalar-reference feature is now deprecated and documented
as such [Stas]
fix "PerlSetVar Foo 0" so that $r->dir_config('Foo') returns 0, not undef
[Geoffrey Young]
for some reason .pm files during the modperl build see $ENV{PERL5LIB}
set in Makefile.PL, which is used for generating Makefiles, as
"PERL5LIB=/path:/another/path" instead of "/path:/another/path"
essentially rendering this env var useless. I'm not sure why, may be
MakeMaker kicks in somewhere. Trying to workaround by
s/PERL5LIB/PERL5LIB_ENV/, using anything that's not PERL5LIB. [Stas]
change $INC{$key} = undef; to delete $INC{$key}; in PerlFreshRestart
[Geoffrey Young]
Fix a bug in Makefile.PL for Win32 where it would, in
certain cases, pick up the wrong Perl include directory
[Steve Hay]
|
|
|
|
|
|
|
|
|
|
|
|
|
