| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
2.8.1
What’s new in the WebKitGTK+ 2.8.1 release?
Handle keep-alive connections in GStreamer HTTP source element.
Fix a crash in DOMObjectCache when a wrapped object owned by the cache is unreffed by the user.
Fix rendering of drag and drop icon.
Fix the build with REDIRECTED_XCOMPOSITE_WINDOW disabled in X11 platform.
Fix the build with Wayland target enabled.
Fix the build for HPPA.
2.8
Highlights of the WebKitGTK+ 2.8.0 release
Initial gestures support.
HTML5 notifications.
User script messages.
HTML5 color input.
APNG support.
Performance improvements.
Playing audio notification signal.
Web view background colors.
and lots of changes in the 2.6 series; major changes in 2.6 were:
Highlights of the WebKitGTK+ 2.6.0 release
WebKit1 API has been removed.
Switch to CMake build system.
Binary version bump to make WebKit1 and WebKit2 parallel installable.
Several API changes.
The DOM bindings API has been split into stable and unstable parts.
Support for browser plugins using GTK+3, leaving the GTK+2
dependency optional for building a plugin process with support
for GTK+2 plugins.
HighDPI support for non-accelerated compositing contents.
Dynamic user agent string depending on the site.
User scripts API.
|
|
|
|
|
|
space for the next major version.
WebKit is an open source web browser engine. WebKit is also the name of
the Mac OS X system framework version of the engine that's used by
Safari, Dashboard, Mail, and many other OS X applications. WebKit's HTML
and JavaScript code began as a branch of the KHTML and KJS libraries
from KDE.
This is the GTK2+ port of the engine of the 2.4 series.
|
|
but two pkgsrc patches are included.
|
|
Upstream changes:
2.10 2015-06-22
[DOCUMENTATION]
- Kwalitee improvements in distribution
|
|
Upstream changes:
1.3140 2015-07-03
- Promote 1.3139 to non-trial release.
[ STATISTICS ]
- code churn: 1 file changed, 17 insertions(+), 9 deletions(-)
1.3139 2015-06-25
[ BUG FIXES ]
- Reverted caching of session, as it can cause problem when the user
is using 'session->destroy' (GH#1120).
- Reverted loading config from hash. (GH#1121)
[ STATISTICS ]
- code churn: 9 files changed, 55 insertions(+), 249 deletions(-)
|
|
|
|
uhttpmock is a project for mocking web service APIs which use HTTP
or HTTPS. It provides a library, libuhttpmock, which implements
recording and playback of HTTP request-response traces.
|
|
|
|
This package contains language packs for www/firefox38.
|
|
|
|
Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.
It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up
windows.
Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.
This package tracks 38 ESR.
|
|
Update DEPENDS
Upstream changes:
1.0037 2015-06-19 10:01:31 PDT
[Improvements]
- Lint: Support HTTP/2 in SERVER_PROTOCOL (kazuho) #511
- Bump HTTP::Headers::Fast dependency #512
|
|
Upstream changes:
0.18 2015-06-19T06:06:14Z
- import content_type_charset from HTTP::Headers. #5
(miyagawa)
|
|
Upstream changes:
Moodle-2.9.1
Highlights
A lot of work has been done in dealing with unexpected grade changes in the gradebook which some users have experienced when upgrading from Moodle 2.7 to 2.8 or 2.9. See the user documentation Grades min max and Gradebook calculation changes for details.
MDL-48618 - Dealing with unexpected changes to grades after upgrading to Moodle 2.8
MDL-49257 - Adjusting weights when extra credit item is present causes unexpected behaviour
MDL-48239 - Changing the maximum grade of items with calculation to the value different from 100
Another release highlight is the introduction of the authorised access to the YouTube repository. After upgrading you will need to enter an API key from YouTube into your site's YouTube repository settings.
MDL-50176 - Authenticated access to the YouTube repository
Functional changes
MDL-50089 - Gradebook export now respects aggregate only non-empty grades for percentage and letter
MDL-48467 - Atto: Clean the html even if submitting the form when Atto is in html view mode
API changes
MDL-49022 - sync_users must trigger event core\event\user_updated
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
Fixes and improvements
MDL-50177 - Upgrading assignments in 2.7/2.8 works even when conditional access is used
MDL-39353 - Connection to a hub from behind a proxy server
MDL-49742 - Enrolled users page no longer displays sorting by fields that are not used in user identity
MDL-47787 - After deleting a quiz, its question categories and questions remain in the database
MDL-49764 - Fixed gradebook UI inconsistencies in Internet Explorer
MDL-49885 - The course overview block can now be added to Dashboard
MDL-50675 - Display Wikimedia repository thumbnails (caused by the change in Wikimedia API)
MDL-50091 - Fixed fatal error in gradebook singleview after a module has been uninstalled
MDL-48664 - Messaging contacts paging bar no longer expands and overlaps other text
MDL-50092 - User unenrollment is now working with IMS Enterprise
MDL-49560 - SOAP web service now works with token
MDL-50004 - Fix coursename and enrolment icons in category combo on Frontpage
MDL-50646 - Site default language should be set as the language for new users
MDL-50394 - Grade to pass no longer throws an error when a decimal point separator is used
MDL-50276 - Added missing new line separator in plain text e-mails from the forum
MDL-49061 - The activity completion report in a course correctly shortens headers when multi language filter is used
MDL-50275 - Added missing version bump after risk bitmap change in MDL-49941
MDL-50380 - Fixed missing parameter error when editing files in wiki
|
|
since these files contains XSS problem.
Bump PKGREVISION.
|
|
See https://bugs.webkit.org/show_bug.cgi?id=119565
|
|
* ext_edirectory_userip_acl: fix uninitialized variable
* Do not blindly forward cache peer CONNECT responses.
* Bug 3483: assertion failed store.cc:1866: 'isEmpty()'
* Use relative-URL in errorpage.css for SN.png
* Bug 4193: Memory leak on FTP listings
* Bug 4274: ssl_crtd.8 not being installed
* Fix CONNECT failover to IPv4 after trying broken IPv6 servers
* Bug 4183: segfault when freeing https_port clientca on reconfigure or exit.
* TLS: Disable client-initiated renegotiation
* Translations: add Spanish US dialect alias
* Cleanup: replace __DATE__ and __TIME__ macros
* Fix assertion String.cc:221: "str"
* Fix assertion comm.cc:759: "Comm::IsConnOpen(conn)" in ConnStateData::getSslContextDone
* Bug 3875: bad mimeLoadIconFile error handling
* Support custom OIDs in *_cert ACLs
* Bug 3329: The server side pinned connection is not closed properly
|
|
|
|
|
|
2015-07-01 e7376af [RELEASE] Release of TYPO3 6.2.14 (TYPO3 Release Team)
2015-07-01 0f3fb37 #59231 [SECURITY] Add hook to implement login protection methods (Nicole Cordes)
2015-07-01 2973b57 #67538 [SECURITY] Disallow access to fallback storage '0' (Nicole Cordes)
2015-07-01 8546772 #67458 [SECURITY] XSS in 3rd party library Flowplayer (Wouter Wolters)
2015-07-01 9be2f6b #34107 [SECURITY] Encode link text properly in typolink (Nicole Cordes)
2015-07-01 7695d91 #59211 [SECURITY] XSS in Filelist (Markus Bucher)
2015-07-01 4f6e84b #59258 [SECURITY] Regenerate session id upon login if needed (Helmut Hummel)
2015-07-01 bff9fa5 #56644 [SECURITY] Prevent edit of file metadata of files with no access (Marc Bastian Heinrichs)
2015-07-01 fac6e13 #67799,#67775 [TASK] Travis: container based and no composer self-update (Christian Kuhn)
2015-07-01 ca0df84 #67835 [BUGFIX] Use single quotes in query for values in EXT:workspaces (Andreas Fernandez)
2015-07-01 e742451 #67867 [BUGFIX] Duplicate XLIFF identifiers (Xavier Perseguers)
2015-07-01 af872e2 #65205 [BUGFIX] Load language file for error messages (Nicole Cordes)
2015-07-01 1f19bb5 #66895 [BUGFIX] Correction of Filelink of FAL in linkvalidator (Pierre Boivin)
2015-07-01 603edc3 #67837 [BUGFIX] 1st level cache for ``QueryResult::count()`` (Mathias Brodala)
2015-06-30 a5bec24 #16840 [BUGFIX] hmenu.special = list must evaluate showAccessRestrictedPages (Gilles FOUET)
2015-06-30 f151333 #67834 [BUGFIX] Fix SQL error in IndexSearchRepository (Tim Schreiner)
2015-06-29 d9d1754 #67779 [TASK] Travis: Add github oauth token (Anja Leichsenring)
2015-06-29 abbfcac [FOLLOWUP][BUGFIX] Only count items in ForViewHelper when ``iteration`` argument is set (Anja Leichsenring)
2015-06-29 3db88fe #67801 [BUGFIX] Only count items in ForViewHelper when ``iteration`` argument is set (Mathias Brodala)
2015-06-26 e1198d9 #67770 [BUGFIX] Fix wrong variable spelling in RteHtmlParser (Markus Klein)
2015-06-26 0f4157b #50231 [BUGFIX] Increase lifetime of cache_rootline (Christian Kuhn)
2015-06-25 53d22b5 #67238 [BUGFIX] Avoid race conditions in typo3temp/Cache (Bernhard Kraft)
2015-06-25 ed1948d #67735 [BUGFIX] Make ext_update working (Markus Klein)
2015-06-25 583eb67 #67703 [BUGFIX] Cleanup AbstractExceptionHandler and fix variable access (Mathias Schreiber)
2015-06-23 9d8c63b #67697 [TASK] Bump class alias loader version (Helmut Hummel)
2015-06-23 0edaed8 #67696 [TASK] Bump composer installer version (Helmut Hummel)
2015-06-23 25aa461 #67466 [TASK] Improve "Overwrite files" message (Alina Fleser)
2015-06-22 8d2fc92 #67620 [BUGFIX] Illegal string offset in DataPreprocessor (Wouter Wolters)
2015-06-22 2f9eca0 #24858 [BUGFIX] "fixed_lgd_cs" may crash in eID environment (Benjamin Mack)
2015-06-22 396595f #67563 [BUGFIX] Render correct menu item for broken shortcut (Andreas Wolf)
2015-06-21 0d0b502 #23270 [BUGFIX] Correctly handle forceTypeValue = 0 (Benjamin Mack)
2015-06-20 75114d6 #22774 [BUGFIX] Sorting ignored in "Template Overview" (Reinhard Führicht)
2015-06-19 ec1d0cb #67413 [BUGFIX] Don't force lowercase on SQL SET() values (Stephan Großberndt)
2015-06-18 af4c2a0 #66352 [BUGFIX] Properly resolve link format to page type (Daniel Schmidt)
2015-06-18 e903c84 #67432 [BUGFIX] Check if file exists before deletion (Christoph Lehmann)
2015-06-18 88f3653 #67543 [BUGFIX] Fix check for import / export folder (Alexander Stehlik)
2015-06-18 9e228bc #67599 [BUGFIX] Use single quotes for password check (Andreas Fernandez)
2015-06-18 28bdc45 #65563 [BUGFIX] File metadata can't be edited inline (Benjamin Mack)
2015-06-18 ee8c8b9 #67586 [TASK] Add basic unit tests for ContentObjectRenderer::typoLink (Nicole Cordes)
2015-06-17 0b7dee6 #56296 [BUGFIX] Properly escape option value for groups (Wouter Wolters)
2015-06-17 77ac8f2 #64654 [BUGFIX] Fix SQL error on recursive TypoScript template inclusion (Andreas Fernandez)
2015-06-17 856ca19 #60261 [BUGFIX] Add "tx_felogin" folder in "uploads" folder during install (Jonathan IROULIN)
2015-06-16 d4ee83c #53034 [BUGFIX] Always use MCRYPT_DEV_URANDOM if using mcrypt (Helmut Hummel)
2015-06-15 4eff898 #67463 [BUGFIX] Scheduler now throws OutOfBoundsException on SQL query error (Mathias Schreiber)
2015-06-15 c90515e #64429 [TASK] Remove version number from generator tag (Wouter Wolters)
2015-06-11 af1b31b #67408 [TASK] Nail down php 5.6 instantiation issues in tests (Christian Kuhn)
2015-06-10 0d91bf6 #67383 [BUGFIX] Check $http_response_headers in GeneralUtility::getUrl() (Andreas Fernandez)
|
|
|
|
Changelog:
Git v2.4.5 Release Notes
========================
Fixes since v2.4.4
------------------
* The setup code used to die when core.bare and core.worktree are set
inconsistently, even for commands that do not need working tree.
* There was a dead code that used to handle "git pull --tags" and
show special-cased error message, which was made irrelevant when
the semantics of the option changed back in Git 1.9 days.
* "color.diff.plain" was a misnomer; give it 'color.diff.context' as
a more logical synonym.
* The configuration reader/writer uses mmap(2) interface to access
the files; when we find a directory, it barfed with "Out of memory?".
* Recent "git prune" traverses young unreachable objects to safekeep
old objects in the reachability chain from them, which sometimes
showed unnecessary error messages that are alarming.
* "git rebase -i" fired post-rewrite hook when it shouldn't (namely,
when it was told to stop sequencing with 'exec' insn).
Also contains typofixes, documentation updates and trivial code
clean-ups.
Git v2.4.4 Release Notes
========================
Fixes since v2.4.3
------------------
* l10n updates for German.
* An earlier leakfix to bitmap testing code was incomplete.
* "git clean pathspec..." tried to lstat(2) and complain even for
paths outside the given pathspec.
* Communication between the HTTP server and http_backend process can
lead to a dead-lock when relaying a large ref negotiation request.
Diagnose the situation better, and mitigate it by reading such a
request first into core (to a reasonable limit).
* The clean/smudge interface did not work well when filtering an
empty contents (failed and then passed the empty input through).
It can be argued that a filter that produces anything but empty for
an empty input is nonsense, but if the user wants to do strange
things, then why not?
* Make "git stash something --help" error out, so that users can
safely say "git stash drop --help".
* Clarify that "log --raw" and "log --format=raw" are unrelated
concepts.
* Catch a programmer mistake to feed a pointer not an array to
ARRAY_SIZE() macro, by using a couple of GCC extensions.
Also contains typofixes, documentation updates and trivial code
clean-ups.
|
|
* Sync with firefox-39.0.
|
|
Changelog:
New Share Hello URLs with social networks
New Project Silk: Smoother animation and scrolling (Mac OS X)
New Support for 'switch' role in ARIA 1.1 (web accessibility)
New SafeBrowsing malware detection lookups enabled for downloads (Mac OS X and Linux)
New Support for new Unicode 8.0 skin tone emoji
Changed Removed support for insecure SSLv3 for network communications
Changed Disable use of RC4 except for temporarily whitelisted hosts
Changed The malware detection service for downloads now covers common Mac file types (Bug 1138721)
Changed of displaying dashed lines is improved (Mac OS X) (Bug 1123019)
HTML5 List-style-type now accepts a string value
HTML5 Enable the Fetch API for network requests from dedicated, shared and service workers
HTML5 Cascading of CSS transitions and animations now matches the current spec
HTML5 Implement <link rel="preconnect">allowing anticipation of a future connection without revealing any information
HTML5 Added support for CSS Scroll Snap Points
Developer Drag and drop enabled for nodes in Inspector markup view
Developer Webconsole input history persists even after closing the toolbox
Developer Cubic bezier tooltip now shows a gallery of timing-function presets for use with CSS animations
Developer localhost is now available offline for WebSocket connections
Fixed Improve performance for IPv6 fallback to IPv4
Fixed Fix incomplete downloads being marked as complete by detecting broken HTTP1.1 transfers
Fixed The Security state indicator on a page now correctly ignores loads caused by previous pages
Fixed Fixed an issue where a Hello conversation window would sometimes fail to open
Fixed A regression that could lead to Flash not displaying has been fixed
Fixed Update to NSS 3.19.2
Fixed Various security fixes
Fixed in Firefox 39
2015-71 NSS incorrectly permits skipping of ServerKeyExchange
2015-70 NSS accepts export-length DHE keys with regular DHE cipher suites
2015-69 Privilege escalation in PDF.js
2015-68 OS X crash reports may contain entered key press information
2015-67 Key pinning is ignored when overridable errors are encountered
2015-66 Vulnerabilities found through code inspection
2015-65 Use-after-free in workers while using XMLHttpRequest
2015-64 ECDSA signature validation fails to handle some signatures correctly
2015-63 Use-after-free in Content Policy due to microtask execution error
2015-62 Out-of-bound read while computing an oscillator rendering range in Web Audio
2015-61 Type confusion in Indexed Database Manager
2015-60 Local files or privileged URLs in pages can be opened into new tabs
2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
|
|
|
|
mail/seamonkey-enigmail supercedes this.
|
|
http://mail-index.netbsd.org/tech-pkg/2015/06/29/msg015105.html
|
|
|
|
|
|
2015-06-25 Karen Etheridge <ether@cpan.org>
Release 1.68
Kent Fredric:
- Sort hash keys to make generated query predictable
Slaven Rezic:
- Add new tests for path segments
Brendan Byrd:
- Add sftp scheme
|
|
|
|
|
|
Curl and libcurl 7.43.0
Public curl releases: 147
Command line options: 176
curl_easy_setopt() options: 219
Public functions in libcurl: 58
Contributors: 1291
This release includes the following changes:
o Added CURLOPT_PROXY_SERVICE_NAME[11]
o Added CURLOPT_SERVICE_NAME[12]
o New curl option: --proxy-service-name[13]
o Mew curl option: --service-name [14]
o New curl option: --data-raw [5]
o Added CURLOPT_PIPEWAIT [15]
o Added support for multiplexing transfers using HTTP/2, enable this
with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING [16]
o HTTP/2: requires nghttp2 1.0.0 or later
o scripts: add zsh.pl for generating zsh completion
o curl.h: add CURL_HTTP_VERSION_2
This release includes the following bugfixes:
o CVE-2015-3236: lingering HTTP credentials in connection re-use [30]
o CVE-2015-3237: SMB send off unrelated memory contents [31]
o nss: fix compilation failure with old versions of NSS [1]
o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
o Curl_ossl_init: load builtin modules [2]
o configure: follow-up fix for krb5-config [3]
o sasl_sspi: Populate domain from the realm in the challenge [4]
o netrc: support 'default' token
o README: convert to UTF-8
o cyassl: Implement public key pinning
o nss: implement public key pinning for NSS backend
o mingw build: add arch -m32/-m64 to LDFLAGS
o schannel: Fix out of bounds array [6]
o configure: remove autogenerated files by autoconf
o configure: remove --automake from libtoolize call
o acinclude.m4: fix shell test for default CA cert bundle/path
o schannel: fix regression in schannel_recv [7]
o openssl: skip trace outputs for ssl_ver == 0 [8]
o gnutls: properly retrieve certificate status
o netrc: Read in text mode when cygwin [9]
o winbuild: Document the option used to statically link the CRT [10]
o FTP: Make EPSV use the control IP address rather than the original host
o FTP: fix dangling conn->ip_addr dereference on verbose EPSV
o conncache: keep bundles on host+port bases, not only host names
o runtests.pl: use 'h2c' now, no -14 anymore
o curlver: introducing new version number (checking) macros
o openssl: boringssl build brekage, use SSL_CTX_set_msg_callback [17]
o CURLOPT_POSTFIELDS.3: correct variable names [18]
o curl_easy_unescape.3: update RFC reference [19]
o gnutls: don't fail on non-fatal alerts during handshake
o testcurl.pl: allow source to be in an arbitrary directory
o CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy
o SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description [20]
o parse_proxy: switch off tunneling if non-HTTP proxy [21]
o share_init: fix OOM crash
o perl: remove subdir, not touched in 9 years
o CURLOPT_COOKIELIST.3: Add example
o CURLOPT_COOKIE.3: Explain that the cookies won't be modified [22]
o CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain [23]
o FAQ: How do I port libcurl to my OS?
o openssl: Use TLS_client_method for OpenSSL 1.1.0+
o HTTP-NTLM: fail auth on connection close instead of looping [24]
o curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT [25]
o curl_getdate.3: update RFC reference
o curl_multi_info_read.3: added example
o curl_multi_perform.3: added example
o curl_multi_timeout.3: added example
o cookie: Stop exporting any-domain cookies [26]
o openssl: remove dummy callback use from SSL_CTX_set_verify()
o openssl: remove SSL_get_session()-using code
o openssl: removed USERDATA_IN_PWD_CALLBACK kludge
o openssl: removed error string #ifdef
o openssl: Fix verification of server-sent legacy intermediates [27]
o docs: man page indentation and syntax fixes
o docs: Spelling fixes
o fopen.c: fix a few compiler warnings
o CURLOPT_OPENSOCKETFUNCTION: return error at once [28]
o schannel: Add support for optional client certificates
o build: Properly detect OpenSSL 1.0.2 when using configure
o urldata: store POST size in state.infilesize too [29]
o security:choose_mech remove dead code
o rtsp_do: remove dead code
o docs: many HTTP URIs changed to HTTPS
o schannel: schannel_recv overhaul [32]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Alessandro Ghedini, Alexander Dyagilev, Anders Bakken, Anthony Avina,
Ashish Shukla, Bert Huijben, Brian Chrisman, Brian Prodoehl, Chris Araman,
Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg,
Dmitry Eremin-Solenikov, Drake Arconis, Egon Eckert, Frank Meier, Fred Stluka,
Gisle Vanem, Grant Pannell, Isaac Boukris, Jens Rantil, Joel Depooter,
Kamil Dudka, Linus Nielsen Feltzing, Linus Nielsen Feltzing Feltzing,
Liviu Chircu, Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh,
Patrick Monnerat, Patrick Rapin, Paul Howarth, Paul Oliver, Rafayel Mkrtchyan,
Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, Tomas Tomecek, Viktor Szakáts,
Ville Skyttä, Yehezkel Horowitz,
(43 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
[1] = http://curl.haxx.se/mail/lib-2015-04/0095.html
[2] = https://github.com/bagder/curl/pull/206
[3] = https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
[4] = https://github.com/bagder/curl/pull/141
[5] = https://github.com/bagder/curl/issues/198
[6] = http://curl.haxx.se/mail/lib-2015-04/0199.html
[7] = https://github.com/bagder/curl/issues/244
[8] = https://github.com/bagder/curl/issues/219
[9] = https://github.com/bagder/curl/pull/258
[10] = https://github.com/bagder/curl/issues/254
[11] = http://curl.haxx.se/libcurl/c/CURLOPT_PROXY_SERVICE_NAME.html
[12] = http://curl.haxx.se/libcurl/c/CURLOPT_SERVICE_NAME.html
[13] = http://curl.haxx.se/docs/manpage.html#--proxy-service-name
[14] = http://curl.haxx.se/docs/manpage.html#--service-name
[15] = http://curl.haxx.se/libcurl/c/CURLOPT_PIPEWAIT.html
[16] = http://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html
[17] = https://github.com/bagder/curl/issues/275
[18] = https://github.com/bagder/curl/issues/281
[19] = https://github.com/bagder/curl/issues/282
[20] = https://github.com/bagder/curl/issues/267
[21] = http://curl.haxx.se/mail/lib-2015-05/0056.html
[22] = http://curl.haxx.se/mail/lib-2015-05/0115.html
[23] = http://curl.haxx.se/mail/lib-2015-05/0137.html
[24] = https://github.com/bagder/curl/issues/256
[25] = https://github.com/bagder/curl/pull/258#issuecomment-107093055
[26] = https://github.com/bagder/curl/issues/292
[27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
[28] = http://curl.haxx.se/mail/lib-2015-06/0047.html
[29] = http://curl.haxx.se/mail/lib-2015-06/0019.html
[30] = http://curl.haxx.se/docs/adv_20150617A.html
[31] = http://curl.haxx.se/docs/adv_20150617B.html
[32] = https://github.com/bagder/curl/issues/244
|
|
|
|
Upstream changes:
6.12 2015-06-18
- Welcome to the Mojolicious core team Dan Book.
- Added TO_JSON method to Mojo::Collection. (wttw)
- Added find_packages function to Mojo::Loader.
- Fixed bug in Mojo::Message where multipart content would get downgraded
unnecessarily.
|
|
4.21 2015-06-16
- Fix regression of tmpFileName when calling with a plain string (GH #178,
thanks to Simon McVittie for the report and fix)
|
|
sourceforge.jp is renamed to osdn.jp.
However its mirror sites are not ready for osdn.jp.
|
|
|
|
-apache-mpm-worker is set.
And fix PLIST mismatch error.
|
|
Changes with nginx 1.8.0 21 Apr 2015
*) 1.8.x stable branch.
Changes with nginx 1.7.12 07 Apr 2015
*) Feature: now the "tcp_nodelay" directive works with backend SSL
connections.
*) Feature: now thread pools can be used to read cache file headers.
*) Bugfix: in the "proxy_request_buffering" directive.
*) Bugfix: a segmentation fault might occur in a worker process when
using thread pools on Linux.
*) Bugfix: in error handling when using the "ssl_stapling" directive.
*) Bugfix: in the ngx_http_spdy_module.
Changes with nginx 1.7.11 24 Mar 2015
*) Change: the "sendfile" parameter of the "aio" directive is
deprecated; now nginx automatically uses AIO to pre-load data for
sendfile if both "aio" and "sendfile" directives are used.
*) Feature: experimental thread pools support.
*) Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
"scgi_request_buffering", and "uwsgi_request_buffering" directives.
*) Feature: request body filters experimental API.
*) Feature: client SSL certificates support in mail proxy.
*) Feature: startup speedup when using the "hash ... consistent"
directive in the upstream block.
*) Feature: debug logging into a cyclic memory buffer.
*) Bugfix: in hash table handling.
*) Bugfix: in the "proxy_cache_revalidate" directive.
*) Bugfix: SSL connections might hang if deferred accept or the
"proxy_protocol" parameter of the "listen" directive were used.
*) Bugfix: the $upstream_response_time variable might contain a wrong
value if the "image_filter" directive was used.
*) Bugfix: in integer overflow handling.
*) Bugfix: it was not possible to enable SSLv3 with LibreSSL.
*) Bugfix: the "ignoring stale global SSL error ... called a function
you should not call" alerts appeared in logs when using LibreSSL.
*) Bugfix: certificates specified by the "ssl_client_certificate" and
"ssl_trusted_certificate" directives were inadvertently used to
automatically construct certificate chains.
Changes with nginx 1.7.10 10 Feb 2015
*) Feature: the "use_temp_path" parameter of the "proxy_cache_path",
"fastcgi_cache_path", "scgi_cache_path", and "uwsgi_cache_path"
directives.
*) Feature: the $upstream_header_time variable.
*) Workaround: now on disk overflow nginx tries to write error logs once
a second only.
*) Bugfix: the "try_files" directive did not ignore normal files while
testing directories.
*) Bugfix: alerts "sendfile() failed" if the "sendfile" directive was
used on OS X; the bug had appeared in 1.7.8.
*) Bugfix: alerts "sem_post() failed" might appear in logs.
*) Bugfix: nginx could not be built with musl libc.
*) Bugfix: nginx could not be built on Tru64 UNIX.
Changes with nginx 1.7.9 23 Dec 2014
*) Feature: variables support in the "proxy_cache", "fastcgi_cache",
"scgi_cache", and "uwsgi_cache" directives.
*) Feature: variables support in the "expires" directive.
*) Feature: loading of secret keys from hardware tokens with OpenSSL
engines.
*) Feature: the "autoindex_format" directive.
*) Bugfix: cache revalidation is now only used for responses with 200
and 206 status codes.
*) Bugfix: the "TE" client request header line was passed to backends
while proxying.
*) Bugfix: the "proxy_pass", "fastcgi_pass", "scgi_pass", and
"uwsgi_pass" directives might not work correctly inside the "if" and
"limit_except" blocks.
*) Bugfix: the "proxy_store" directive with the "on" parameter was
ignored if the "proxy_store" directive with an explicitly specified
file path was used on a previous level.
*) Bugfix: nginx could not be built with BoringSSL.
Changes with nginx 1.7.8 02 Dec 2014
*) Change: now the "If-Modified-Since", "If-Range", etc. client request
header lines are passed to a backend while caching if nginx knows in
advance that the response will not be cached (e.g., when using
proxy_cache_min_uses).
*) Change: now after proxy_cache_lock_timeout nginx sends a request to a
backend with caching disabled; the new directives
"proxy_cache_lock_age", "fastcgi_cache_lock_age",
"scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
after which the lock will be released and another attempt to cache a
response will be made.
*) Change: the "log_format" directive can now be used only at http
level.
*) Feature: the "proxy_ssl_certificate", "proxy_ssl_certificate_key",
"proxy_ssl_password_file", "uwsgi_ssl_certificate",
"uwsgi_ssl_certificate_key", and "uwsgi_ssl_password_file"
directives.
*) Feature: it is now possible to switch to a named location using
"X-Accel-Redirect".
*) Feature: now the "tcp_nodelay" directive works with SPDY connections.
*) Feature: new directives in vim syntax highliting scripts.
*) Bugfix: nginx ignored the "s-maxage" value in the "Cache-Control"
backend response header line.
*) Bugfix: in the ngx_http_spdy_module.
*) Bugfix: in the "ssl_password_file" directive when using OpenSSL
0.9.8zc, 1.0.0o, 1.0.1j.
*) Bugfix: alerts "header already sent" appeared in logs if the
"post_action" directive was used; the bug had appeared in 1.5.4.
*) Bugfix: alerts "the http output chain is empty" might appear in logs
if the "postpone_output 0" directive was used with SSI includes.
*) Bugfix: in the "proxy_cache_lock" directive with SSI subrequests.
Changes with nginx 1.7.7 28 Oct 2014
*) Change: now nginx takes into account the "Vary" header line in a
backend response while caching.
*) Feature: the "proxy_force_ranges", "fastcgi_force_ranges",
"scgi_force_ranges", and "uwsgi_force_ranges" directives.
*) Feature: the "proxy_limit_rate", "fastcgi_limit_rate",
"scgi_limit_rate", and "uwsgi_limit_rate" directives.
*) Feature: the "Vary" parameter of the "proxy_ignore_headers",
"fastcgi_ignore_headers", "scgi_ignore_headers", and
"uwsgi_ignore_headers" directives.
*) Bugfix: the last part of a response received from a backend with
unbufferred proxy might not be sent to a client if "gzip" or "gunzip"
directives were used.
*) Bugfix: in the "proxy_cache_revalidate" directive.
*) Bugfix: in error handling.
*) Bugfix: in the "proxy_next_upstream_tries" and
"proxy_next_upstream_timeout" directives.
*) Bugfix: nginx/Windows could not be built with MinGW-w64 gcc.
Changes with nginx 1.7.6 30 Sep 2014
*) Change: the deprecated "limit_zone" directive is not supported
anymore.
*) Feature: the "limit_conn_zone" and "limit_req_zone" directives now
can be used with combinations of multiple variables.
*) Bugfix: request body might be transmitted incorrectly when retrying a
FastCGI request to the next upstream server.
*) Bugfix: in logging to syslog.
Changes with nginx 1.7.5 16 Sep 2014
*) Security: it was possible to reuse SSL sessions in unrelated contexts
if a shared SSL session cache or the same TLS session ticket key was
used for multiple "server" blocks (CVE-2014-3616).
*) Change: now the "stub_status" directive does not require a parameter.
*) Feature: the "always" parameter of the "add_header" directive.
*) Feature: the "proxy_next_upstream_tries",
"proxy_next_upstream_timeout", "fastcgi_next_upstream_tries",
"fastcgi_next_upstream_timeout", "memcached_next_upstream_tries",
"memcached_next_upstream_timeout", "scgi_next_upstream_tries",
"scgi_next_upstream_timeout", "uwsgi_next_upstream_tries", and
"uwsgi_next_upstream_timeout" directives.
*) Bugfix: in the "if" parameter of the "access_log" directive.
*) Bugfix: in the ngx_http_perl_module.
*) Bugfix: the "listen" directive of the mail proxy module did not allow
to specify more than two parameters.
*) Bugfix: the "sub_filter" directive did not work with a string to
replace consisting of a single character.
*) Bugfix: requests might hang if resolver was used and a timeout
occurred during a DNS request.
*) Bugfix: in the ngx_http_spdy_module when using with AIO.
*) Bugfix: a segmentation fault might occur in a worker process if the
"set" directive was used to change the "$http_...", "$sent_http_...",
or "$upstream_http_..." variables.
*) Bugfix: in memory allocation error handling.
Changes with nginx 1.7.4 05 Aug 2014
*) Security: pipelined commands were not discarded after STARTTLS
command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
*) Change: URI escaping now uses uppercase hexadecimal digits.
*) Feature: now nginx can be build with BoringSSL and LibreSSL.
*) Bugfix: requests might hang if resolver was used and a DNS server
returned a malformed response; the bug had appeared in 1.5.8.
*) Bugfix: in the ngx_http_spdy_module.
*) Bugfix: the $uri variable might contain garbage when returning errors
with code 400.
*) Bugfix: in error handling in the "proxy_store" directive and the
ngx_http_dav_module.
*) Bugfix: a segmentation fault might occur if logging of errors to
syslog was used; the bug had appeared in 1.7.1.
*) Bugfix: the $geoip_latitude, $geoip_longitude, $geoip_dma_code, and
$geoip_area_code variables might not work.
*) Bugfix: in memory allocation error handling.
Changes with nginx 1.7.3 08 Jul 2014
*) Feature: weak entity tags are now preserved on response
modifications, and strong ones are changed to weak.
*) Feature: cache revalidation now uses If-None-Match header if
possible.
*) Feature: the "ssl_password_file" directive.
*) Bugfix: the If-None-Match request header line was ignored if there
was no Last-Modified header in a response returned from cache.
*) Bugfix: "peer closed connection in SSL handshake" messages were
logged at "info" level instead of "error" while connecting to
backends.
*) Bugfix: in the ngx_http_dav_module module in nginx/Windows.
*) Bugfix: SPDY connections might be closed prematurely if caching was
used.
Changes with nginx 1.7.2 17 Jun 2014
*) Feature: the "hash" directive inside the "upstream" block.
*) Feature: defragmentation of free shared memory blocks.
*) Bugfix: a segmentation fault might occur in a worker process if the
default value of the "access_log" directive was used; the bug had
appeared in 1.7.0.
*) Bugfix: trailing slash was mistakenly removed from the last parameter
of the "try_files" directive.
*) Bugfix: nginx could not be built on OS X in some cases.
*) Bugfix: in the ngx_http_spdy_module.
Changes with nginx 1.7.1 27 May 2014
*) Feature: the "$upstream_cookie_..." variables.
*) Feature: the $ssl_client_fingerprint variable.
*) Feature: the "error_log" and "access_log" directives now support
logging to syslog.
*) Feature: the mail proxy now logs client port on connect.
*) Bugfix: memory leak if the "ssl_stapling" directive was used.
*) Bugfix: the "alias" directive used inside a location given by a
regular expression worked incorrectly if the "if" or "limit_except"
directives were used.
*) Bugfix: the "charset" directive did not set a charset to encoded
backend responses.
*) Bugfix: a "proxy_pass" directive without URI part might use original
request after the $args variable was set.
*) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
had appeared in 1.5.6.
*) Bugfix: if sub_filter and SSI were used together, then responses
might be transferred incorrectly.
*) Bugfix: nginx could not be built with the --with-file-aio option on
Linux/aarch64.
Changes with nginx 1.7.0 24 Apr 2014
*) Feature: backend SSL certificate verification.
*) Feature: support for SNI while working with SSL backends.
*) Feature: the $ssl_server_name variable.
*) Feature: the "if" parameter of the "access_log" directive.
|
|
|
|
|
|
otherwise bulk builds may get inconcistent versions installed.
|
|
Changelog:
* Add messaging.
* UI improvements including for Smartphone.
* Many improvements.
|
|
DEPENDS on php-posix and php-curl.
Based on PR pkg/49916 from hauke@.
|
|
Changelog:
Version 8.0.4 June 9th 2015
occ can now optionally run the update routines without disabling all third party apps
Database handling changes which should improve performance on big systems
better support for very old cURL versions (for QNAP users)
Extended X-Accel-Redirect functionality in nginx
Added work-around for file transfers on 32bit systems
Improved quota calculation
Many fixes and improvements to sharing
Several fixes to upgrade process
Fix deleted folders on client not showing up in trash
fix inability to delete files when quota is 0
Change WebDAV error to 500 instead of 403 on denying overwrite of read-only file
Fixed enforcing expiration date
Fix to Provisioning API
Fixing shared document editing by shared LDAP users
IE 8/9 fixes
Several smaller fixes
|
|
* Fix CVE-2015-3225.
* Only count files (not all form elements) against the Multipart File Limit.
* Work around a Rails incompatibility in our private API
|
