| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
this Makefile.common.
|
|
these Makefiles include seamonkey-bin-nightly/Makefile.common which
just include seamonkey-bin/Makefile.common which already has user-destdir
support.
|
|
|
|
has already been altered to support user-destdir, so we just need to turn
it on in these packages.
|
|
|
|
* security fix: omit commits of all-forbidden files from query results
* security fix: disallow direct URL navigation to hidden CVSROOT folder
* security fix: strip forbidden paths from revision view
* security fix: don't traverse log history thru forbidden locations
* security fix: honor forbiddenness via diff view path parameters
* new 'forbiddenre' regexp-based path authorization feature
* fix root name conflict resolution inconsistencies (issue #287)
* fix an oversight in the CVS 1.12.9 loginfo-handler support
* fix RSS feed content type to be more specific (issue #306)
* fix entity escaping problems in RSS feed data (issue #238)
* fix bug in tarball generation for remote Subversion repositories
* fix query interface file-count-limiting logic
* fix query results plus/minus count to ignore forbidden files
* fix blame error caused by 'svn' unable to create runtime config dir
|
|
|
|
* 208700 by pwolanin. Fix bad backport of #194579. Modified to use Form API.
* 118569 by bevan: document how should one set RewriteBase, if under a VirtualDocumentRoot. Backport by Bart Jansens.
* Patch 115606 by Junyor, thesaint_02: added support for PHP 5.2's 'recoverable fatal errors'.
* 209409 by Heine, webernet, dww: more accurate register globals value checking
|
|
the right terminal library.
Bump the PKGREVISION of www/w3m and www/w3m-img to 2.
|
|
Bump the PKGREVISION to 5.
+ Add full DESTDIR support.
|
|
2008-02-29 Andy Lester
* Release 3.20 -- Added <div> to the list of p_closure_barriers.
|
|
http://trac.lighttpd.net/trac/attachment/ticket/1562/Fix-372-and-1562.patch
in order to fix CVE-2008-0983. Bump PKGREVISION
|
|
them at will.
|
|
=== RELEASE 2.1pre33 ===
Thu Jan 31 21:11:40 MET 2008 mikulas:
Fixed memory leak when there was an error in decompression
Thu Dec 27 23:37:03 MET 2007 mikulas:
Support few more keycodes on ANSI terminal (PAGE UP, PAGE DOWN and few
F* keys)
Wed Dec 26 03:43:35 cet 2007 mikulas:
Disable smb:// URLs on OS/2, fork+threads can cause crashes in EMX
Besides, there's no usable smb client program anyway
Tue Dec 25 01:44:28 MET 2007 mikulas (sponsored by Dondor Ltd.):
A .nsi file to make Windows installer with Nullsoft scriptable install
Mon Dec 24 01:44:11 MET 2007 mikulas:
Fixed a bug that strings with spaces could not be passed from command
line
Mon Dec 24 00:43:57 MET 2007 mikulas:
Socks 4A support (so that Links can be used with tor without
intermediate proxy)
Thu Dec 20 05:40:22 cet 2007 mikulas:
The previous Windows fix broke opening new windows on OS/2
|
|
per PR pkg/36144
(just compile-tested because I don't have a Kerberos installation)
|
|
include:
+ Add full DESTDIR support.
+ Split out package options into a separate options.mk file.
* Fix some cgi header processing
* Add simple Range: header processing
|
|
|
|
security/libssh2 package.
Changes:
o --data-urlencode
o CURLOPT_PROXY_TRANSFER_MODE
o --no-keepalive - now curl does connections with keep-alive enabled by
default
o --socks4a added (proxy type CURLPROXY_SOCKS4A for libcurl)
o --socks5-hostname added (CURLPROXY_SOCKS5_HOSTNAME for libcurl)
o curl_easy_pause()
o CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA
o --keepalive-time
o curl --help output was re-ordered
This release includes the following bugfixes:
o curl-config --features and --protocols show the correct output when built
with NSS, and also when SCP, SFTP and libz are not available
o free problem in the curl tool for users with empty home dir
o curl.h version 7.17.1 problem when building C++ apps with MSVC
o SFTP and SCP use persistent connections
o segfault on bad URL
o variable wrapping when using absolutely huge send buffer sizes
o variable wrapping when using debug callback and the HTTP request wasn't sent
in one go
o SSL connections with NSS done with the multi-interface
o setting a share no longer activates cookies
o Negotiate now works on auth and proxy simultanouesly
o support HTTP Digest nonces up to 1023 letters
o resumed ftp upload no longer requires the read callback to return full
buffers
o no longer default-appends ;type= on FTP URLs thru proxies
o SSL session id caching
o POST with callback over proxy requiring NTLM or Digest
o Expect: 100-continue flaw on re-used connection with POSTs
o build fix for MSVC 9.0 (VS2008)
o Windows curl builds failed file truncation when retry downloading
o SSL session ID cache memory leak
o bad connection re-use check with environment variable-activated proxy use
o --libcurl now generates a return statement as well
o socklen_t is no longer used in the public includes
o time zone offsets from -1400 to +1400 are now accepted by the date parser
o allows more spaces in WWW/Proxy-Authenticate: headers
o curl-config --libs skips /usr/lib64
o range support for file:// transfers
o libcurl hang with huge POST request and request-body read from callback
o removed extra newlines from many error messages
o improved pipelining
o improved OOM handling for data url encoded HTTP POSTs when read from a file
o test suite could pick wrong tool(s) if more than one existed in the PATH
o curl_multi_fdset() failed to return socket while doing CONNECT over proxy
o curl_multi_remove_handle() on a handle that is in used for a pipeline now
break that pipeline
o CURLOPT_COOKIELIST memory leaks
o progress meter/callback during http proxy CONNECT requests
o auth for http proxy when the proxy closes connection after first response
|
|
Ok xtraeme@
|
|
|
|
to wait for testing not-finished releases.
Ok by jlam@.
|
|
that include this file - notably sunbird
|
|
when using binary packages.
Bump PKGREVISION
|
|
2.8.31: For Apache 1.3.41
2.8.30: Bug Fix
2.8.29: For Apache 1.3.39
|
|
|
|
Changes with Apache 1.3.41
*) SECURITY: CVE-2007-6388 (cve.mitre.org)
mod_status: Ensure refresh parameter is numeric to prevent
a possible XSS attack caused by redirecting to other URLs.
Reported by SecurityReason. [Mark Cox]
Changes with Apache 1.3.40 (not released)
*) SECURITY: CVE-2007-5000 (cve.mitre.org)
mod_imap: Fix cross-site scripting issue. Reported by JPCERT.
[Joe Orton]
*) SECURITY: CVE-2007-3847 (cve.mitre.org)
mod_proxy: Prevent reading past the end of a buffer when parsing
date-related headers. PR 41144.
With Apache 1.3, the denial of service vulnerability applies only
to the Windows and NetWare platforms.
[Jeff Trawick]
*) More efficient implementation of the CVE-2007-3304 PID table
patch. This fixes issues with excessive memory usage by the
parent process if long-running and with a high number of child
process forks during that timeframe. Also fixes bogus "Bad pid"
errors. [Jim Jagielski, Jeff Trawick]
Changes with Apache 1.3.39
*) SECURITY: CVE-2006-5752 (cve.mitre.org)
mod_status: Fix a possible XSS attack against a site with a public
server-status page and ExtendedStatus enabled, for browsers which
perform charset "detection". Reported by Stefan Esser. [Joe Orton]
*) SECURITY: CVE-2007-3304 (cve.mitre.org)
Ensure that the parent process cannot be forced to kill non-child
processes by checking scoreboard PID data with parent process
privately stored PID data. [Jim Jagielski]
*) mime.types: Many updates to sync with IANA registry and common
unregistered types that the owners refuse to register. Admins
are encouraged to update their installed mime.types file.
pr: 35550, 37798, 39317, 31483 [Roy T. Fielding]
There was no Apache 1.3.38
|
|
|
|
and Solaris. It relies on a proxy server, for all fetching. The preferred
proxy is Squid, however, DansGuardian should work with any proxy server.
|
|
"ncurses" option. "wide-curses" now just toggles whether we use
wide or narrow curses, which is a much simpler knob for users.
Bump the PKGREVISION to 5.
|
|
|
|
Changes Since Opera 9.25:
Security
--------
Fixed an issue where simulated text inputs could trick users into uploading
arbitrary files, as reported by Mozilla. See our advisory.
Image properties can no longer be used to execute scripts, as reported by
Max Leonov. See our advisory.
Fixed an issue where the representation of DOM attribute values could allow
cross site scripting, as reported by Arnaud.lb. See our advisory.
Miscellaneous
-------------
Fixed a stability issue found in Opera 9.0 to 9.25, when Opera connects
securely to Windows Server 2008 or other servers supporting the TLS
Certificate Status extension.
Additional stability fixes.
|
|
Quanta Plus
* Insert literal character entities if possible.
* List the plugin in the Open With context menu.
* Fix crashes when using XDebug.
* Do not keep an empty, Untitled document opened when opening new files.
* Fix crash when closing a plugin and no other document is opened.
* Make HTML forms work in the internal preview.
* Fix deadlock in CSS editor when the propery contains ":".
Kommander
* Support executing of widget slots.
* Add execute method for PushButton.
* Add possibility to pass parameters for ScriptObject.
* Add "return" command to get back the result of a ScriptObject.
* Add "createWidget" function for on-the-fly widget creation.
* Add "widgetExists" function.
* Add "execBackground" function.
* Add "connect/disconnect" function for on-the-fly signal/slot connection.
* Add indexed array functions
* Make "a="Label1"; a.setText("foo")" work.
* Add "TreeWidget.selectedIndexes".
* Add "Table.setCellWidget/cellWidget".
* Add "Table.selection" to get back the selection coordinates.
* New widgets: "AboutDialog, DatePicker, PopupMenu, ToolBox"
* Use the new parser by default for new dialogs.
* Support shebang ("#!/path_to/kmdr-executor") in the beginning of the
.kmdr files. Running .kmdr files is possible directly if you make
them executable.
* Warn if a dialog file is not executable.
* Store Kommander version in the "VERSION/_VERSION" global variable.
* Add experimental Kommander KPart (Kommander dialogs can be embedded in
other KDE applications).
* Make "input_color" and "@Input.color" accept a default color argument.
* Make "TreeWidget.selection" work in multi selection mode.
* Make "TreeWidget.setSelection" show the selected item.
* Make "CheckBox.setChecked" accept as argument false, "false", true,
"true", 0 (meaning false), everything else meaning "true".
* Optionally quote the strings inserted via the function browser.
* Use combobox for booleans in the function browser.
* Use multiline insert box in function browser.
* Add highlighting for the new parser.
* Make possible to open more associated editors at once.
* Make it possible to run external script in a ScriptObject.
* "execute" DCOP call returns a string.
* The editor does not save the dialog on running.
* Create backup files every 5 minutes.
* Rework the plugin system.
* Set new functions only available to new parser such as createWidget
to not be shown in the function browser if the old parser is run.
* Show all available functions in the function browser.
* Insert the functions using the syntax of the new parser if #!kommander
is specified in the associated text.
* Return the result of a division in floating form if the result is not
an integer.
* Update the handbook.
* Install examples that are easily reachable from the editor.
* Fix "exit" command.
* Make "dcopid, pid, parentPid" work in the new parser.
* Fix problem with losing the parser type status in the editor when
working with multiple dialogs.
* "@Array.fromString" should append the new elements to the array, just
like it did before and how "array_fromString" does.
* Fix @eval for addition/substraction and handle division by zero.
* Process code written in external script using the old parser.
* Fix many cases when the code was executed altough it was in a codepath
that should not be executed.
* Fixed the bug in the input text dialog where entering a default value
returned the caption.
* Fix the for loop parsing if end < start.
|
|
Change log
* Various tests were enhanced to increase our test coverage
* Implement unlocking for content which does not use portal_factory
and for LinguaPlone translations.
* Add a method to cleanup persistent schemas from content objects
which were created by the 'update schema' feature from older
Archetypes releases. This is available through the ZMI.
* Correct removing of all roles from a group. This fixes This fixes 6994.
* Correct generation of session cookies for long userids. This fixes
problems with OpenID2 accounts.
* Correct handling of unicode arguments for
acl_users.enumerateUsers. This fixes zope-pas bug 189627.
* Kupu updates:
o Correct full screen mode. This fixes 7473.
o Correct intenal link insertion for IE. This fixes 7494.
o Correct stripping out of anchor to top of current page. This fixes 7680.
o The 'Home' link nows goes to the content root instead of the
Plone root. This fixes 7713.
o 'Link using UIDs' broke indexing of richt text fields with
non-ASCII characters. This fixes 7728.
o Update the flags and languages list. This fixes 7441.
o Revert internal change in language selector code in the
plone.app.i18n release from Plone 3.0.5 in the language
selector widget which broke LinguaPlone.
o Fix lock timeout which was set by default to 12 minutes, it is
now set to maxtimeout (71582788 minutes). This fixes 7358.
o Fix TypeError when an anonymous user locks content. This fixes 7246.
Updated packages
* archetypes.kss 1.2.6
* plone.app.i18n 1.0.3
* plone.app.controlpanel 1.0.4
* plone.app.linkintegrity 1.0.5
* plone.app.vocabularies 1.0.3
* plone.locking 1.0.5
* plone.session 1.2
* Archetypes 1.5.6
* CMF 2.1.1
* CMFPlone 3.0.6
* PloneLanguageTool 2.0.2
* PlonePAS 3.2
* PloneTranslations 3.0.11
* PluggableAuthService 1.5.3
* kupu 1.4.8
|
|
- Simplify PKGNAME.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Based on PR 38029, remove redundant PLIST and markd as DESTDIR ready.
I18N::AcceptLanguage matches language preference to available languages
per rules defined in RFC 2616, section 14.4: HTTP/1.1 - Header Field
Definitions - Accept-Language.
|
|
|
|
|
|
to run ASP.NET applications with minimal effort.
|
|
No package using "contrib" sub directory now and it is redundant.
If such a package exists on a platform, should use MOZ_DIR individually instead.
This change also fixes fetch problem of www/firefox-bin when MASTER_SITE_MOZILLA
is not defined in /etc/mk.conf.
|
|
|
|
There are many other changes. Please see CHANGELOG for the complete list:
http://dev.rubyonrails.org/browser/tags/rel_2-0-2/railties/CHANGELOG
|
|
|
|
Active Resource (ARes) connects business objects and Representational
State Transfer (REST) web services. It implements object-relational
mapping for REST webservices to provide transparent proxying
capabilities between a client (ActiveResource) and a RESTful service.
|
|
There have been too many changes. Please see CHANGELOG for the complete list:
http://dev.rubyonrails.org/browser/tags/rel_2-0-2/actionpack/CHANGELOG
|
