| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
to trigger/signal a rebuild for the transition 5.8.8 -> 5.10.0.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=...").
|
|
* fix regression in the 'as text' download view (issue #373)
Version 1.0.6 (released 16-Sep-2008)
* security fix: ignore arbitrary user-provided MIME types (issue #354)
* fix bug in regexp search filter when used with sticky tag (issue #346)
* fix bug in handling of certain 'co' output (issue #348)
* fix regexp search filter template bug
* fix annotate code syntax error
* fix mod_python import cycle (issue #369)
|
|
|
|
Server(tm) and Microsoft Internet Explorer(tm). While it is not really
secure, it offers background authentication (the workstation logon
credentials of users are passed through to the web server). This feature is
widely used in intranets based on these Microsoft products.
This module is implementing NTLM authentication for Apache on Unix
platforms. It is available free of charges under the BSD License.
|
|
|
|
|
|
|
|
Michael-John Turner per pkgsrc-wip (needed for totem's youtube browser)
|
|
|
|
|
|
2008-10-10
Release 5.817
Gisle Aas (16):
Should store "wire" headers field names with _ without translation.
Test HTTP::Request->parse().
Restore pre-5.815 behaviour of returning "400 Bad Request" [RT#39694]
Rename the HTTP::Status constants to have HTTP_ prefix
Detection of unsupported schemes was broken [RT#37637]
Allow tainted methods to be forwarded to HTTP::Headers [RT#38736]
Add strict mode to HTML::Form
Fix test now that less warnings are generated.
Add content_is_xml method
Make split_header_words() lower case returned tokens/keys
Avoid invoking AUTOLOAD on object destruction [RT#39852]
Add decode() method to HTTP::Message
Add encode() method to HTTP::Message
Allow multiple fields to be set with push_header().
Make content_type and content_is_xhtml methods faster
Faster push_header()
2008-09-29
Release 5.816
Gisle Aas (2):
Add missing binmode() [RT#39668]
Doc tweaks
2008-09-24
Release 5.815
Gisle Aas (23):
We don't need to build the docs to run the tests.
Style tweaks.
The jigsaw service isn't up to much good these days.
HTTP::Cookies produces warnings for undefined cookie param names [RT#38480]
Typo fix; HTTP::Message will never include x-bzip2 in Accept-Encoding [RT#38617]
Added HTTP::Config module
Add methods to configure processing handlers.
100 Continue response not complete.
Use 3-arg open when response content to files.
Make the show_progress attribute official (by documenting it).
Start using handlers for driving the inner logic of LWP::UserAgent.
Expose the content_is_html and content_is_xhtml methods from HTTP::Headers.
Make credentials method able to get/set values.
An auth handler per realm.
Match proxy setting for request.
Set up separate handler for adding proxy authentication.
Add request_preprepare to be able to initialize proxy early enough.
Smarter get_my_handler() that can also create handlers.
Refactor; introduce run_handlers method
Pass in handler hash to the handler callback.
Don't let version=1 override behaviour if specified with a plan Set-Cookie header.
Remove handler when we don't have a username/password for the realm.
Make tests use Test.pm
Bron Gondwana (2):
Double-check that username or password has changed after a failed login.
Update Digest Authen to subclass Basic.
Ondrej Hanak (1):
Avoid running out of filehandles with DYNAMIC_FILE_UPLOAD.
Todd Lipcon (1):
Fixed parsing of header values starting with ':' [RT#39367]
amire80 (1):
Documentation typo fixes [RT#38203]
|
|
(10 Oct 2008, from /branches/1.5.x)
http://svn.collab.net/repos/svn/tags/1.5.3
User-visible changes:
* Allow switch to continue after deleting locally modified dirs (issue #2505)
* Update bash_completion to be compatible with 1.5 (r32900, -11, -12)
* Improve 'svn merge' execution time by 30% on Windows (r33447)
* Reuse network sessions during 'svn merge', improving performance (r33476)
* Improve temp file creation time on Windows (r33464)
* Greatly improve merge performance (r29969, r32463, r33013, -016, -022, -112)
* Improve file IO performance on Windows (r33178, -85)
* fixed: merging files with spaces in name (r33109, -121, -369)
* fixed: incorrect relative externals expansion (r33109, -121, -369)
* fixed: 'svn mv' hangs and consumes infinite memory (r33201, -12)
* fixed: correctness regression in 'svn log -g' (issue #3285)
* fixed: current early bailout of 'svn log -g' (r32977)
Developer-visible changes:
* Allow the tests to run as non-administrator on Windows Vista (r31203)
* Allow out-of-tree build of bindings on BSD (r32409)
* Translate messages in svn_fs_util.h (r32771)
* fixed: bindings test for Perl 5.10 (r31546)
* fixed: building bindings and C API tests with VS2008 (r32012)
* fixed: svn_ra_replay API over ra_serf (r33173)
|
|
Pkgsrc changes:
- does not support Module::Build anymore.
Changes since version 1.01:
===========================
1.03 2008-08-07
Forgot the Changelog for 1.02. Oops.
1.02 2008-08-07
Added support for strict HTML output. Fixes #34378. Thanks JUERD
and SIGZERO for the report and VRK for the patch that fixes it.
|
|
created or not. Packages that include other ELP's buildlink3.mk must define
EMACS_BUILDLINK. Other packages don't create wrappers, which reduces build
time a lot.
|
|
|
|
Rose::HTMLx::Form::Field::Serial is a subclass of
Rose::HTML::Form::Field::Hidden. It exists simply to isolate a
particular kind of form field that should not be updated via form
but may need to be passed as a param or viewed in a (x)html serialized
format. The namespace is reserved in the event that future
functionality may be added, but mostly to uniquely identify this
field type for use with Rose::DBx::Garden.
|
|
|
|
Internationlization for Catalyst apps - Supports mo/po files and
Maketext classes under your applications I18N namespace.
|
|
Catalyst is an elegant web application framework, extremely flexible yet
extremely simple. It's similar to Ruby on Rails, Spring (Java) and
Maypole, upon which it was originally based.
Catalyst follows the Model-View-Controller (MVC) design pattern, allowing
you to easily separate concerns, like content, presentation and flow control,
into separate modules. This separation allows you to modify code that handles
one concern without affecting code that handles the others. Catalyst promotes
re-use of existing Perl modules that already handle common web application
concerns well.
|
|
* Add Norwegian Bokmal (book language) support.
* Fix Ukrainian/UKRAINE language's PLIST.
|
|
make "/etc/rc.d/apache restart" work more reliable and fix PR pkg/39713 by
Martti Kuparinen.
Bump package revision because of this fix.
|
|
|
|
----
v3.3
----
[jan] Fix synchronization issues with Blackberry clients (bug 6949).
[mms] Fix setting the horde user when using application authentication with
realms (bug 6749).
[jan] Fix user name conversion with user hooks in the permissions interfaces
(bug 6371).
[jan] Provide all settings for the read server in split SQL configuration
(Request #7024).
[jan] Improve HTML to text filter.
[mjr] Hierarchical SQL Share driver now correctly removes all children when
removing a share (Bug: 7347).
[mjr] Fix an issue with various date/time fields in horde form that was causing
erroneous validation errors.
[cjh] Sign parameters to go.php with an HMAC based on a new secret key
configuration value, to prevent using go.php as an open referrer.
[cjh] Make logout tokens only valid for a configurable length of time.
--------
v3.3-RC1
--------
[mms] Fix garbage collection handling on SQL session handler backends.
[mjr] Change MDB2 sequence names to 'id' in SQL share driver (bug 7240).
[cjh] When a URL is supplied for pass-through after logging in, go to that URL
in mobile browsers instead of going to the mobile portal (bug 6332).
[mms] Memcache session handler no longer writes data with a lifetime.
[cjh] Add DIMP to the horde LDAP OIDs and hordePerson objectclass (bug 7243).
[mms] Update FCKeditor to v2.6.3.
[jan] Use global mailer configuration when sending alarm emails
(adrieder@sbox.tugraz.at, bug 7058).
[jan] Reset background colors when resetting the category form (bug 7226).
[jan] Improve Funambol contacts support (Requests #7099, #7100).
[jan] Correctly parse GEO tags in vCard 2.1 data (bug 6563).
[jan] Remove Horde portal link from application menus (bug 7221).
[cjh] Create a driver for signups, allowing backends other than DataTree
(Duck <duck@obala.net>, Request #7161).
[jan] Fix displaying images with the image form field.
[mjr] Fix issue with hierarchical SQL share driver that caused permissons to
erroneously be denied when the share contained group permissions and was
instantiated by a listShares call.
[mjr] Fix issue with hierarchical SQL share driver that caused any child shares
to be orphaned when the parent share was moved in the hierarchy.
[mjr] Fix issue with SQL share drivers that was causing permission checks to
fail under certain conditions by no longer explicitly storing owner
permissions in the Perms backend.
[cjh] Fix overwriting a variable in the tableset_html VarRenderer
(Paul Roy <proy@corom.ca>, bug 7120).
[mms] Fix MIME encoding when using the ISO-2022-JP charset (bug 1621).
[jan] Fix SQL Share driver not using the correct database when using different
databases in Horde applications (bug 6997).
[cjh] Fix SQL portability in Share_sql driver (bug 7084).
[jan] Fix synchronizing large amounts of data split across several SyncML
messages.
[jan] Add Basque translation (Euskal Herriko Unibertsitatea EHU/UPV
<xabier.arrieta@ehu.es>).
[cjh] Fix Horde_Lock::getLockInfo (duck@obala.net, Bub #7046).
[cjh] Fix SQL portability in Group_sql driver (bug 7075).
[jan] Fix PAM authentication driver, but also mark it as deprecated (bug 6982).
[mjr] Fix issue with native SQL Share driver that caused filtering shares by
attributes to fail.
[jan] Fix synchronization of event alarms with Funambol clients (bug 7003).
[jan] Correctly detect Funambol clients on Blackberry devices (bug 6995).
[mjr] Remove all user application permissions and group memberships from storage
when removing the user from the system (Bug: 6999)
[cjh] Call the postauthenticate hook in Auth::setAuth(), and allow the
postauthenticate hook to cause setAuth() to fail. Allows postauthenticate
to fire on any event, including transparent authentication, that could
result in a user being successfully logged in.
[jan] Improve attribute support and charset conversion in vCard viewer.
[jan] Show photos in vCard object if provided with an URL.
[mjr] Remove permissions from storage also when removing a share.
[jan] Add Horde_Form fields for string arrays and PGP and S/MIME keys.
[jan] Only show Add Permission icons in permissions interface where adding
them is possible.
[mjr] Fix issue in Horde_Image that was causing erratic results when cropping
images.
[jan] Fix validation of phone fields marked as required (bug 6948).
[mms] Fix quoting periods in display part of e-mail address (bug 6899).
[mms] Fix error checking when parsing an undisclosed recipients mail header
and using an older version of PEAR::Mail (bug 6930).
[jan] Return to portal after editing or deleting blocks directly from there.
|
|
The 6th maintenance release of Plone 3.1 is now available. The important
changes since version 3.1.5.1 are:
* Improve handling of stale catalog entries encountered during folder
reordering.
* Fix the silent failure of the group membership management of users via
the user membership form.
* Restore icons for the language control panel in the 3.0.1 to 3.0.2
migration.
* Fix test for automatically generated ids to handle content types with
a dot in their name.
* By default, keep the styling when managing portlets separate from the
styling when viewing the portlets, to improve usability with custom
themes.
* Hide link to the dashboard from the personal preferences page if the
user is not allowed to view the dashboard.
* Improve styling in MS Internet Explorer.
* Fix non XML syntax compliant ids in content menus.
* Correct problems with Firefox 3.0 and kupu.
The following packages and products were upgrades as part of this
release:
* Products.kupu 1.4.12
* Products.CMFPlone 3.1.6
* plone.app.contentmenu 1.1.5
More information about this release and links to installers can be found
at http://plone.org/products/plone/releases/3.1.6
|
|
* News
This release is a bugfix release.
Full ChangeLog is too large to write here please refer:
http://wiki.typo3.org/index.php/TYPO3_4.2.2
|
|
immediately after reading the security announcement:
* SA-2008-060 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 6.4 release:
* - Patch 246143 by bjaspan, Damien Tournoud: make sure updates are run in numeric order, not in definition order.
* - Patch 221230 by Heine: convert requirement error on update to requirement warning.
* - Patch 252430 by quicksketch: allow base theme prefix in preprocessor function names to correct expected behavior.
* - Patch 245322 by mfb: fixed breadcrumb behavior.
* - Patch 287949 by Freso, Damien Tournoud: keep language icons in consistent order across nodes.
* - Patch 265899 by mfb: uri_brief mail token did not support https URLs.
* - Patch 272952 by NancyDru and chx: fixed documentation issue.
* - Patch 170310 by mfb, JohnAlbin: avoid SSL cookie getting over-written by non-SSL cookie.
* - Patch 243063 by GoofyX: fixed typo in context-sensitve help.
* - Patch 295152 by dww, Damien Tournoud, et al: fixed version comparison.
* - Patch 278759 by douggreen, fletchgqc: improved code comment.
* - Patch 276018 by mfb: extend the lifetime of temporary files.
* - Patch 228576 by sun: too ambiguous stylesheet in dblog.css when form_altering the watchdog table.
* - Patch 285309 by pwolanin: menu_name in hook_menu is ignored on updates.
* - Patch 261859 by rse, Damien Tournoud: make the trigger module work on PostgreSQL.
* - Patch 305436 by Damien Tournoud, lelutin: fixed unclosed <li> tag in the context-sensitive help.
Any many more. See http://drupal.org/node/318701 for all the details
|
|
immediately after reading the security announcement:
* SA-2008-060 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed in the 5.11 release:
* - Patch 265899 by mfb: uri_brief mail token did not support https URLs.
* - Patch 170310 by mfb, JohnAlbin: avoid SSL cookie getting over-written by non-SSL cookie.
* 296096 by Damien Tournoud. Fix 5.10 Postgres install & update.
* - Patch 246143 by bjaspan, Damien Tournoud: make sure updates are run in numeric order, not in definition order.
* 181831 by Rob Loach. Backport of #130630 by chx: provide an id on the form item wrapper div.
* 283026 by Damien Tournoud. Make user_authenticate from external source (for existing users) work with no server part.
* 298535 by mkalkbrenner. Correct HTTP status code for failed connection.
* 108717 by add1sun and neclimdul. Code style.
* - Patch 230932 by ryanlath: file_scan_directory() didn't scan the directory called '0'. Backport by cridenour.
* follow up to 280621 by lilou: the object tag was disallowed in a previous version in filter_xss_admin(), so disallow param as well, which is only meaningful inside an object tag
* 208270 reported by Dries, patch by jvandyk: it was not possible to clear the XML-RPC error cache, making it impossible to do multiple queries in one request. Add xmlrpc_clear_error() and slightly modify xmlrpc_error() to fix.
* - Patch 308549 by lyrincz, Dave Reid: fixed broken link in PHPdoc.
* 67895 patch by goba, tested by JirkaRybka and blackdog: move poll votes with poll options, when an option is removed, instead of dropping all old votes, solving an old data loss bug. Backport by dww.
* 312730 by Damien Tournoud. hook_requirements('install') should work for modules that don't reside in the main './modules' folder.
|
|
Don't call pkg_info to get the installed Emacs version; always use the
version matching EMACS_TYPE set by users. Be DEPENDS to it. This should
address pkg/37146 by Aleksey Cheusov.
While here convert some emacs lisp packages to user-destdir.
|
|
Pkgsrc changes:
o Add overlooked dependency on p5-Cache-Cache.
o Align two lines better.
|
|
Sat Sep 13 20:40:01 BST 2008 - surfraw 2.2.3
* Surfraw now defaults to graphical mode. See surfraw(1)
for how to change the default back.
* Search for default browsers during build.
This can be overridden by passing --with-text-browser=BROWSER
and --with-graphical-browser=BROWSER to ./configure.
* New elvis: piratebay, genportage. Thanks to J.R. Mauro.
* Detect which awk to use.
* Fixed slinuxdoc and webster.
* Removed bashisms.
* Fixed uninstall.
* Add --disable-sr option to ./configure to disable installing the
'sr' symbolic link, to avoid clashes with the SR programming language.
|
|
|
|
|
|
|
|
|
|
This version fixes bug where num_processors is not actually set from
mongrel_rails.
|
|
Changes since 2.2a5 [2008-05-03]:
- Added trend display pages.
- Dashboard style display for templates lacked links.
- Suppressed undefined variable warnings (courtesy of Martin Schuster).
- Replace "missing" graphs with "unknown" icon (courtesy of R.P. Aditya).
- Rcs module now(?) needs more to be untainted (reported by "Matt Perry).
|
|
|
|
|
|
* recentchanges: Fix redirects to non-page files.
* aggregate: Avoid uninitialized value warnings for pages with no recorded
ctime.
* attachment: Add admin() pagespec to test if the uploading user is a wiki
admin.
* git: Fix handling of utf-8 filenames in recentchanges.
* tag: Make edit link for new tags ensure that the tags are created
inside tagbase, when it's set.
* template: Make edit link for new templates ensure the page is located
under toplevel templates directory.
* htmlscrubber: Add a config setting that can be used to disable the
scrubber acting on a set of pages.
* Expand usage message and add --help. Closes: #[500344]
* Beautify urls used in various places. (smcv)
* Export pagetitle, titlepage, linkpage.
* htmltidy: Avoid returning undef if tidy fails. Also avoid returning the
untidied content if tidy crashes. In either case, it seems best to tidy
the content to nothing.
* htmltidy: Avoid spewing tidy errors to stderr.
* Reorganize index file, add a format version field. Upgrades to the new
index format should be transparent.
* Add %wikistate, which is like %pagestate except not specific to a given
page, and is preserved across rebuilds.
* editpage: Be more aggressive (and less buggy) about cleaning up
temporary files rendered during page preview.
* Add an indexpages option, which causes foo/index.mdwn to be the source
for page foo when foo.mdwn doesn't exist. Also, when it's enabled,
creating a new page will save it to foo/index.mdwn by default.
Closes: #[474611]
(Sponsored by The TOVA Company.)
* httpauth: Document that ikiwiki.cgi has to be in a directory subject to
authentication. Closes: #[500524]
* inline: Fix handling of rootpage that doesn't exist.
* attachment: Support adding attachments to pages even as they are being
created.
* remove, rename: Allow acting on attachments as a page is being created.
* Updated French translation. Closes: #[500929]
* progress: Display an error if the progress cannot be parsed, and allow
the percent parameter to only optionally end with "%".
* Fix reversion in use of ikiwiki -verbose -setup with a setup file that
enables syslog. Setup output is once again output to stdout in this
case.
* edittemplate: Default new page file type to the same type as the template.
(willu)
* edittemplate: Add "silent" parameter. (Willu)
* edittemplate: Link to template, to allow creating it. (Willu)
* editpage: Add a missing check that the page name contains only legal
characters, in addition to the existing check for pruned filenames.
* Print a debug message if a page has multiple source files.
* Add keepextension parameter to htmlize hook. (Willu)
* rename, remove: Don't rely on a form parameter to tell whether the page
should be treated as an attachment.
* rename: Add support for moving SubPages of a page when renaming it.
(Sponsored by The TOVA Company.)
* rename: Hide type field from rename form when renaming attachments.
|
|
* Update Czech, Slovak and Ukrainian translations.
|
|
* Update Italian and Ukrainian translations.
|
|
pkgsrc change
* Add README and sample additional apatch's configuration fratment.
* Fix dependency line for php-gd.
==========================
TYPOlight webCMS CHANGELOG
==========================
Version 2.6.1 (2008-09-20)
--------------------------
- Added content element "article alias"
- Added interface "uploadable" for file upload widgets
- Added optgroups to the TinyMCE "typolinks" file drop-down menu
- Added forum/helpdesk hook to template "member_grouped"
- Added month names to calendar templates (#27)
- Added workaround for PCRE unicode word boundary limitation (#65)
- Added callbacks "executePreActions" and "executePostActions" (#16)
- Added option to send personalized mails to the newsletter module (#108)
- Added a variable timeout between each newsletter sending cycle (#56)
- Added a "check all" box to all checkbox widgets (#32)
- Replaced back end multi-filter with a more efficient implementation
- Replaced all Template objects with FrontendTemplate or BackendTemplate (#64)
- Improved preview pane to show only members with a username
- Improved search algorithm to check for duplicate content URLs (#98)
- Fixed issue with external PHP templates breaking insert tags (#12)
- Fixed issue with domains containing "www" in multi-domain mode (#73)
- Fixed issue with wrong newsletter URLs when page alias usage is disabled (#26)
- Fixed issue with ambiguous image names in HTML newsletters (#84)
- Fixed issue with wrong color in dpSyntaxHighlighter (#30)
- Fixed issue with backlinks not working on cached pages (#15)
- Fixed issue with MySQL convertig aliases starting with a digit (#82)
- Fixed issue with incorrect download URLs (#24)
- Fixed a few spelling issues (#110)
- Fixed a few minor bugs
|
|
|
|
Mod_Mono is an Apache 1.3/2.0/2.2 module that provides ASP.NET support for the
web's favorite server, Apache.
|
|
Changes:
- GCC printf attributes for all printf like functions for better
compiler time warnings (Nikolai Kondrashov)
- Better support for other compilers for handling CPP variable
argument macros (Raphaël HUCK)
- Fix for some symlinking/hdf_get_obj bugs (Nikolai Kondrashov)
- Performance improvements to Perl wrapper (Sergey Skvortsov)
- New url_validate Clearsilver method (Mugdha Bendre @ Google)
- Quick Hello World example for using with FastCGI (Mike Tsao @ Google)
- Updates to the Ruby wrapper (Dan Janowski)
- Updates to the Java wrapper (Joe Walnes @ Google)
- Add support to Java wrapper for hooking the file loader
- Add string.crc builtin-function
- Make it easier to write XSS free clearsilver code
- Ability to setup file load hooks for cs and hdf files
- fix for non-thread safe nerr_init call (causes java jni wrapper to
core dump when server is started under heavy load)
- python egg support (if you have the egg version of distutils
installed)
- some parser edge case fixes.
- some cleanups to cgiwrap that make it easier to use with
fastcgi. fastcgi wrapper to come in the future.
|
|
safe to tie it to one specific version), so remove the dependency.
Dansguardian will work with any upstream web proxy; it requires a parent
proxy for the actual fetching, but we don't need to dictate which one.
|
|
Cheusov on pkgsrc-users.
|
|
This contains security fix: http://trac.lighttpd.net/trac/ticket/1774
- 1.4.20 -
* Fix mod_compress to compile with old gcc version (#1592)
* Fix mod_extforward to compile with old gcc version (#1591)
* Update documentation for #1587
* Fix #285 again: read error after SSL_shutdown (thx marton.illes@balabit.com) and clear the error queue before some other calls (CVE-2008-1531)
* Fix mod_magnet: enable "request.method" and "request.protocol" in lighty.env (#1308)
* Fix segfault for appending matched parts if there was no regex matching (just give empty strings) (#1601)
* Use data_response_init in mod_fastcgi x-sendfile handling for response.headers, fix a small "memleak" (#1628)
* Don't send empty Server headers (#1620)
* Fix conditional interpretation of core options
* Enable escaping of % and $ in redirect/rewrite; only two cases changed their behaviour: "%%" => "%", "$$" => "$"
* Fix accesslog port (should be port from the connection, not the "server.port") (#1618)
* Fix mod_fastcgi prefix matching: match the prefix always against url, not the absolute filepath (regardless of check-local)
* Overwrite Content-Type header in mod_dirlisting instead of inserting (#1614), patch by Henrik Holst
* Handle EINTR in mod_cgi during write() (#1640)
* Allow all http status codes by default; disable body only for 204,205 and 304; generate error pages for 4xx and 5xx (#1639)
* Fix mod_magnet to set con->mode = p->id if it generates content, so returning 4xx/5xx doesn't append an error page
* Remove lighttpd.spec* from source, fixing all problems with it ;-)
* Do not rely on PATH_MAX (POSIX does not require it) (#580)
* Disable logging to access.log if filename is an empty string
* Implement a clean way to open /dev/null and use it to close stdin/out/err in the needed places (#624)
* merge spawn-fcgi changes from trunk (from @2191)
* let spawn-fcgi propagate exit code from spawned fcgi application
* close connection after redirect in trigger_b4_dl (thx icy)
* close connection in mod_magnet if returned status code
* fix bug with IPv6 in mod_evasive (#1579)
* fix scgi HTTP/1.* status parsing (#1638), found by met@uberstats.com
* [tests] fixed system, use foreground daemons and waitpid
* [tests] removed pidfile from test system
* [tests] fixed tests needing php running (if not running on port 1026, search php in env[PHP] or /usr/bin/php-cgi)
* fixed typo in mod_accesslog (#1699)
* replaced buffer_{append,copy}_string with the _len variant where possible (#1732) (thx crypt)
* case insensitive match for secdownload md5 token (#1710)
* Handle only HEAD, GET and POST in mod_dirlisting (same as in staticfile) (#1687)
* fixed mod_secdownload problem with unsigned time_t (#1688)
* handle EAGAIN and EINTR for freebsd sendfile (#1675)
* Use filedescriptor 0 for mod_scgi spawn socket, redirect STDERR to /dev/null (#1716)
* fixed round-robin balancing in mod_proxy (#1715)
* fixed EINTR handling for waitpid in mod_fastcgi
* mod_{fast,s}cgi: overwrite environment variables (#1722)
* inserted many con->mode checks; they should prevent two modules to handle the same request if they shouldn't (#631)
* fixed url encoding to encode more characters (#266)
* allow digits in [s]cgi env vars (#1712)
* fixed dropping last character of evhost pattern (#161)
* print helpful error message on conditionals in global block (#1550)
* decode url before matching in mod_rewrite (#1720)
* fixed conditional patching of ldap filter (#1564)
* Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/Server)
* fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1"
* fixed format string bugs in mod_accesslog for SYSLOG
* replaced fprintf with log_error_write in fastcgi debug
* fixed mem leak in ssi expression parser (#1753), thx Take5k
* hide some ssl errors per default, enable them with debug.log-ssl-noise (#397)
* do not send content-encoding for 304 (#1754), thx yzlai
* fix segfault for stat_cache(fam) calls with relative path (without '/', can be triggered by x-sendfile) (#1750)
* fix splitting of auth-ldap filter
* workaround ldap connection leak if a ldap connection failed (restarting ldap)
* fix auth.backend.ldap.bind-dn/pw problems (only read from global context for temporary ldap reconnects, thx ruskie)
* fix memleak in request header parsing (#1774, thx qhy)
* fix mod_rewrite memleak/endless loop detection (#1775, thx phy - again!)
* use decoded url for matching in mod_redirect (#1720)
|
|
|
|
2.4.6
*) Fix a bug I introduced in 2.4.4 that broke dynamic application
restarts. Reported by [Yar <yarodin gmail.com>]
2.4.4
*) Allow FastCgiServer and FastCgiExternal server directives
to be used within VirtualHosts (again). Add docs to explain
potential accessibility from other VirtualHosts.
[Rob Saccoccio <robs fastcgi.com>]
*) Check for a null filename in the request to prevent an NPE that
was occurring when a WebSphere Apache module was also in use.
[Fabian Pehla <fabian pehla.de>}
*) [AP2] Call ap_set_content_type() rather than setting the content_type
directly so that the AddOutputFilterByType directive can work correctly.
[Thomas 'Freaky' Hurst <tom.hurst clara.net>]
*) Don't use initializers for timeval structs because on 64bit
MVS there is a padding field in between tv_sec and tv_usec.
[Eric Covener <covener gmail.com>]
*) [AP2] Add support for nph (non parsed header) scripts.
[Peter Zijlstra <peterz nedstat.com>]
*) Abort the request if the client connection ends prematurely.
[Peter Zijlstra <peterz nedstat.com>]
*) Introduce the apr_* backward compatibility macros removed
in Apache 2.2. ["Daniel Smertnig" <daniel.smertnig gmail.com>]
*) Fix a problem (remove install-modules) in Makefile.AP2 under
Apache 2.2. ["Daniel Smertnig" <daniel.smertnig gmail.com>]
*) Don't count an application exit towards the number of
failures when doing restart backoff handling if the exit
status is 0. ["Rob Saccoccio" <robs fastcgi.com>]
*) [*nix] Don't use suexec when there is no user/group in effect.
This change is consistent with Apache2 handling. Identified
by ["Florian Effenberger" <floeff arcor.de>].
*) Add a -min-server-life option to the FastCgiConfig and
FastCgiServer directives to provide better control of the
restart backoff feature. ["Benjamin Osheroff" <ben gimbo.net>]
|
