| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
ChangeLog: https://github.com/openresty/lua-nginx-module/compare/v0.10.21...v0.10.22
Bump PKGREVISIONs.
|
|
|
|
|
|
ELinks 0.15.1
* about:config
* option --always-load-config #137
* compilation fixes on Windows #140
* added ui.background_char #142
* sample build scripts and docker files
* experimental DGI support
* DOS port based on links code
* configurable Accept-Header #143
* minor compilation fixes
ELinks 0.15.0
* Serbian translation update
ELinks 0.15.0rc2
Released on 2021-12-19
* Serbian translation update
* HOME_ETC
ELinks 0.15.0rc1
* removed -Wno-pointer-sign from CFLAGS
* close stdin before calling a background program (sgerwk)
and options related to it #108, #109, #110, #113
* gemini protocol and text/gemini mime type
* changed rendering of blockquote element
* avoid tmpfile in lua (sgerwk) #115, #118
* console.log in js (mtatton) #93
* localstorage (mtatton) #98
* options document.browse.search.beginning_only
document.browse.search.ignore_history
ui.double_esc
* ui.temperature.* to show temperature of CPU
* document.plain.fixup_tables
* enhanced ecmascript code. Added QuickJS
* Notes on ECMAScript:
requires C++ compiler, sqlite3, libxml++5 >= 5.0.1.GIT
and either mozjs78-dev or QuickJS-2021-03-27
Most sites don't work, some crash. Some workarounds were implemented:
a) ECMAScript is disabled by default
b) ~/.elinks/allow.txt and ~/.elinks/disallow.txt with url prefixes
c) Added toggle-ecmascript action. You can bind it to some key
* other small fixes
|
|
We likely need this anyway since WebKit requires GCC 8 at minimum,
but forcing pkgsrc libgcc to be used (and thus bypassing the one
built with the custom build system in NetBSD that doesn't include
__fixdfti on aarch64) may be a useful workaround for PR toolchain/57022
|
|
|
|
Does not build in any bulk builds since June, dead upstream
Replacement collective.zopeedit could be packaged if someone is interested
|
|
Security Vulnerabilities fixed in Firefox ESR 102.3
#CVE-2022-3266: Out of bounds read when decoding H264
#CVE-2022-40959: Bypassing FeaturePolicy restrictions on transient pages
#CVE-2022-40960: Data-race when parsing non-UTF-8 URLs in threads
#CVE-2022-40958: Bypassing Secure Context restriction for cookies with
__Host and __Secure prefix
#CVE-2022-40956: Content-Security-Policy base-uri bypass
#CVE-2022-40957: Incoherent instruction cache when building WASM on ARM64
#CVE-2022-40962: Memory safety bugs fixed in Firefox 105 and Firefox ESR
102.3
|
|
Add official patches for security fix to CVE-2022-41317 and CVE-2022-41318.
Bump PKGREVISION.
|
|
This update contains fix for CVE-2022-41317 and CVE-2022-41318.
Changes in squid-5.7 (05 Sep 2022):
- Regression Fix: Typo in manager ACL
- Bug 5186: noteDestinationsEnd check failed: transportWait
- Bug 5160: Test suite fails with -flto=auto
- Bug 3193 pt2: NTLM decoder truncating strings
- Bug 5133: OpenSSL 3.0 support
- ext_session_acl: fix TDB key lookup
- forward_max_tries: Do not count discarded connections
- ... and many compile and debugging fixes
|
|
|
|
Fix portability issue while here.
|
|
4.5.1 (2022-09-15)
==================
- Disable unsafe math optimizations in C code.
|
|
v0.5.0
Bump bundled llhttp to 6.0.9
fixes CVE-2022-32213, CVE-2022-32214, CVE-2022-32215
Test and build against Python 3.11
|
|
upstream changes
----------------
Dotclear 2.23.1 - 2022-08-13
===========================================================
* Fix: Adding a new comment was buggy (front/back)
Dotclear 2.23 - 2022-08-13
===========================================================
* PHP 7.4+ is required, PHP 8.0/8.1 compliance
* Remove Iconset management
* Admin UI: Harmonize font size on different support (laptop, tablet, mobile)
* Admin UX: Group more logically buttons on CKEditor toolbar
* Core: New constant DC_DEFAULT_THEME, set to 'berlin'
* Core: Use predefined constants for post statuses (dcBlog::POST_*)
* Core: Use predefined constants for comment statuses (dcBlog::COMMENT_*)
* Core: Deprecated global $core (or $GLOBALS['core']), use dcCore::app() instead
* Core: Deprecated global $_ctx, use dcCore::app()->ctx instead
* Core: Deprecated global $_lang, use dcCore::app()->lang instead
* Core: Deprecated global $mod_files, use dcCore::app()->cache['mod_files'] instead
* Core: Deprecated global $mod_ts, use dcCore::app()->cache['mod_ts'] instead
* Core: Deprecated global $_menu, use dcCore::app()->menu instead
* Core: Deprecated global $__resources, use dcCore::app()->resources instead
* Core: REST server now accepts JSON format (experimental)
* Fix: Use relative URL for attachments as far as possible
* Fix: Remove select hiding mechanism when help is displayed
* Fix: Loading of modules (plugins/themes) in safe mode
* Fix: Message position on Quick entry submit (dashboard)
* Fix: Select appearance on Safari (webkit engine)
* Lib: Update CKEditor to 4.19.1
* Lib: Update Codemirror to 5.65.7
* Various bugs, a11y concerns and typos fixed
* Some locales and cosmetic adjustments
* Warning: Internet Explorer is not more officially supported (may still work weirdly)
|
|
3.149.0 (2022-09-16)
* Feature - Updated Aws::SSO::Client with the latest API changes.
3.148.0 (2022-09-15)
* Feature - Updated Aws::SSO::Client with the latest API changes.
3.147.0 (2022-09-14)
* Feature - Updated Aws::SSO::Client with the latest API changes.
3.146.0 (2022-09-13)
* Feature - Updated Aws::SSO::Client with the latest API changes.
3.145.0 (2022-09-12)
* Feature - Updated Aws::SSO::Client with the latest API changes.
|
|
1.631.0 (2022-09-15)
* Feature - Updated the partitions source data the determines the AWS
service regions and endpoints.
1.630.0 (2022-09-14)
* Feature - Updated the partitions source data the determines the AWS
service regions and endpoints.
1.629.0 (2022-09-13)
* Feature - Updated the partitions source data the determines the AWS
service regions and endpoints.
|
|
Changes in release 0.32.4:
* Fix Digest regression in allowing implicit algorithm= (issue #88)
* Fix Digest to safely allow spaces in usernames (without userhash)
* ne_ssl_trust_default_ca() now uses the system's trusted CAs
with GnuTLS where supported (matching behaviour of OpenSSL)
|
|
* Update comment about TCP_INFO on OpenBSD
* [mod_ajp13] fix crash with bad response headers (fixes #3170)
* [core] handle RDHUP when collecting chunked body
* [core] tweak streaming request body to backends
* [core] handle ENOSPC with pwritev() (#3171)
* [core] manually calculate off_t max (fixes #3171)
* [autoconf] force large file support (#3171)
* [multiple] quiet coverity warnings using casts
* [meson] add license keyword to project declaration
|
|
upstream changes:
-----------------
* [9.1.0-beta1] Security: Choose Lookup params per auth module (CVE-2022-31107)
* [9.0.3] Chore: Fix CVE-2020-7753. #51752, @jackw
* [9.0.3] Chore: Fix CVE-2021-3807. #51753, @jackw
* [9.0.3] Chore: Fix CVE-2021-3918. #51745, @jackw
* [9.0.3] Chore: Fix CVE-2021-43138. #51751, @jackw
* [9.0.3] Chore: Fix CVE-2022-0155. #51755, @jackw
* [9.0.3] Security: Fixes for CVE-2022-31107 and CVE-2022-31097
* https://github.com/grafana/grafana/blob/v9.1.5/CHANGELOG.md
|
|
This is required to correctly handle alloca(), which isn't in libc on
this particular variant, and is only handled by the compiler under
the gnu* variants.
|
|
Changes:
2.36.8
======
- Fix jumpy elements when scrolling GitLab and other web sites.
- Fix WebKitWebView:web-process-terminated signal not being emitted
for the first web view when sandboxing is enabled.
- Fix hang when opening HTML <select> elements in GTK4 builds.
- Fix kinetic scrolling with elements that use overflow scrolling.
- Fix several crashes and rendering issues.
|
|
2.19.0 (2022-09-14)
Features
* Allow SVG 1.0 color keyword names in CSS attributes. These colors are
part of the CSS Color Module Level 3 recommendation released 2022-01-18.
[#243]
|
|
1.12.0 (2022-09-16)
* Improve exception message for missing value #131
* :rule_set_exceptions option added #132
|
|
Correct dependency to net/ruby-connection_pool.
Bump PKGREVISION.
|
|
Changes:
1.2
---
* Unset a newly introduced option in libgit2 that do not allow different users
from reading the git repository. This is not a security issue for stagit.
See also the related page:
https://github.blog/2022-04-12-git-security-vulnerability-announced/
* Add a workaround comment in the Makefile for distros or packagers using an
older libgit2 version (Void Linux, Debian, etc).
|
|
functions explicitly.
The patch fixes
<https://gitlab.com/davical-project/davical/-/issues/271>.
|
|
Django 3.2.15 fixes a security issue with severity “high”
CVE-2022-36359: Potential reflected file download vulnerability in FileResponse¶
An application may have been vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename was derived from user-supplied input. The filename is now escaped to avoid this possibility.
|
|
<ChangeLog>
*) Change: increased the applications' startup timeout.
*) Change: disallowed abstract Unix domain socket syntax in non-Linux
systems.
*) Feature: basic statistics API.
*) Feature: customizable access log format.
*) Feature: more HTTP variables support.
*) Feature: forwarded header to replace client address and protocol.
*) Feature: ability to get dynamic variables.
*) Feature: support for abstract Unix sockets.
*) Feature: support for Unix sockets in address matching.
*) Feature: the $dollar variable translates to a literal "$" during
variable substitution.
*) Bugfix: router process could crash if index file didn't contain an
extension.
*) Bugfix: force SCRIPT_NAME in Ruby to always be an empty string.
*) Bugfix: when isolated PID numbers reach the prototype process host
PID, the prototype crashed.
*) Bugfix: the Ruby application process could crash on SIGTERM.
*) Bugfix: the Ruby application process could crash on SIGINT.
*) Bugfix: mutex leak in the C API.
</ChangeLog>
|
|
|
|
Only supports python 2.x, no users in pkgsrc.
|
|
Only supports python 2.x
Newer version in wip; needs updating to latest version.
|
|
|
|
|
|
Changes in release 0.32.3:
* Improvements and fixes to Windows build (Chun-wei Fan)
* Fix finding pkg-config when cross-compiling (Hugh McMaster)
* Fix Digest cnonce entropy sources in non-SSL builds
* Fix cases where Digest usernames were rejected as non-ASCII
* Fix build failures with OpenSSL 1.1 on some platforms
|
|
|
|
Update DEPENDS
Upstream changes:
1.000000 2022-08-17 18:19:05Z
- This module is no longer considered to be beta
- Document that Everywhere can be used with the -M switch (GH#22) (Olaf
Alders)
- Recognise subtype soap+xml (GH#25) (David Precious)
- Drop dependency on URI::Query
|
|
Upstream changes:
1.5 2020-10-06 00:54:06Z
* Added cookie jar capability to non-server usage (Torsten Raudssus)
|
|
Upstream changes:
0.036 2022-01-16 04:11:38Z
- use http rather than https URIs in network tests
0.035 2022-01-15 03:45:06Z
- fix network test that failed due to a broken redirect service
|
|
Upstream changes:
0.18 2022-06-20 16:44:43 PDT
- Support max_redirect: 0 (skaji) #23
|
|
Upstream changes:
Changes for version 6.37 - 2022-06-14
Support for Brotli "br" encoding (GH#163) (trizen and Julien Fiegehenn)
Don't test Perl > 5.32 on Windows in GH Actions (GH#174) (Olaf Alders)
|
|
Upstream changes:
0.014 2022-07-25 09:45:56-04:00 America/New_York
- No changes from 0.013
0.013 2022-07-17 10:13:20-04:00 America/New_York (TRIAL RELEASE)
[FIXED]
- Cookie last access time is updated when a cookie is retrieved; this has
no functional effect but is consistent with RFC 6265.
|
|
Upstream changes:
1.08 Wed 07 Sep 2022
- <frame> and <iframe> are no longer on the list of self-closing tags.
Thanks to Graham Knop for catching this
- Updated packaging
1.07 Thu 01 Sep 2022
- No functional changes
- POD error fix
1.06 Wed 31 Aug 2022
- Updated packaging and package metadata
- Minimum Perl version requirement raised to 5.6
- New shortcut methods for HTML5 tags as well as previously missing tags:
applet article aside audio bdi blink canvas center data datalist details
dialog dir embed figcaption figure font footer header hgroup keygen main
mark marquee menu menuitem meter nav nobr output picture portal progress
rb rp rt rtc ruby s section slot source strike summary template time
track u video wbr xmp
|
|
Upstream changes:
0.9520 Mon Nov 29 22:01:58 EET 2021
- added pcre2 support (old pcre support stil exists)
- closed rt.cpan.org #140119 - pcre2 support
0.9521 Thu Dec 2 09:09:51 EET 2021
- closed rt.cpan.org #109255 - urlencode shouldn't encode '\'.
0.9522 Mon Dec 6 19:25:43 EET 2021
- fixed memory leak in perl wrapper code. libhtmltmplpro
was not affected by it.
- closed rt.cpan.org #78121 - 'I found a memory leak'
0.9523 Wed Dec 15 02:05:11 EET 2021
- fixed memory leak in perl wrapper code. libhtmltmplpro
was not affected by it.
- closed rt.cpan.org #140477 - 'Possible memory leak'
0.9524 Sun Jan 16 22:36:21 EET 2022
- fixed misprint in error message
- closed rt.cpan.org #140731 - 'Misprint'
|
|
Upstream changes:
Changes for version 0.26 - 2021-12-15
Fix typo in documentation for selector_to_xpath. It is equivalent to HTML::Selector::XPath->new(shift)->to_xpath(@_) Reported as RT 140473 by JDEGUEST
|
|
Upstream changes:
3.78 2022-03-28
* Remove unused variable (GH#26) (Michal Josef Špaček)
3.77 2022-03-14
* Update tests to remove HTML4 specific tags (GH#25) (Jess)
|
|
Upstream changes:
1.0050 2022-09-05 08:46:44 PDT
[BUG FIXES]
- Revert #660 where POST requests failed when Middleware::Static was used with a code in `path` (#683)
1.0049 2022-09-01 10:43:42 PDT
[IMPROVEMENTS]
- Fix typos in docs #659
- Test improvements, including moving from Travis CI to GitHub
- Restrict non-GET/HEAD requests to App::File #662
- Improved nginx FastCGI example #675
- Added documentation about port 5000 for MacOS Montery
- Added verify_SSL in Plack::LWPish #677
- Added 'force' option to IIS6ScriptNameFix #679
|
|
Latest release is 4.0.0, but ruby-redmine50 require before 4.0.
So, update to latest 3.x.
3.29.0 (2022-06-01)
We bring you 5 new exciting lexers in this release: Idris, Lean, Syzlang and
Syzprog lexer. There are also some fixes and improvements on Docker, Matlab
and Python lexer.
Furthermore, we have made some improvements in Rouge and Rouge CI. We are
now running Ruby 3.1 as part of our CI. As part of this release, we also
introduced Code of Conduct v2.1.
Thank you to all of the amazing contributors for your help and continuous
support!
3.30.0 (2022-07-30)
We bring you 3 new exciting lexers in this release: Isabelle, Meson and Nial
lexer. There are also some fixes and improvements on CPP, Dart, Groovy,
JavaScript, Pascal, PHP and TOML lexer.
Thank you to all of the amazing contributors for your help and continuous
support!
|
|
4.2.3 (2022-06-10)
* Fix http\Client::requeue() not updating response callback
|
|
3.2.5 (2022-02-25)
* Fixed gh-issue #123: Segfault with libcurl 7.81
3.3.0 (2022-06-10)
* Fix http\Client::requeue() not updating response callback
* Backport bug fixes and features from v4:
* Fixed configure reliably finding the right libcurl features available
* Fixed cookie handling with libcurl 7.77+ and consistently across all
supported libcurl versions (follow-up to gh issue #116)
* Fixed cookies failing with libcurl >= 7.77 (see gh issue #116)
* Fixed tests using $_ENV instead of getenv() to find executables in PATH
(see gh issue #113)
* Fixed configure on systems which do not provide icu-config
* Fixed gh-issue #89: Cookie handling cannot be disabled since v3.2.1
* Added http\Env::reset(): resets internal HTTP request cache (see gh issue
#90)
* Added request options:
* http\Client\Curl::$abstract_unix_socket
* http\Client\Curl::$altsvc
* http\Client\Curl::$altsvc_ctrl
* http\Client\Curl::$aws_sigv4
* http\Client\Curl::$doh_url
* http\Client\Curl::$dns_shuffle_addresses
* http\Client\Curl::$haproxy_protocol
* http\Client\Curl::$hsts
* http\Client\Curl::$hsts_ctrl
* http\Client\Curl::$http09_allowed
* http\Client\Curl::$maxage_conn
* http\Client\Curl::$pinned_publickey
* http\Client\Curl::$proxy_ssl
* http\Client\Curl::$socks5_auth
* http\Client\Curl::$tcp_fastopen
* http\Client\Curl::$tls13_ciphers
* http\Client\Curl::$xoauth2_bearer
* Added request option constants:
* http\Client\Curl\AUTH_AWS_SIGV4
* http\Client\Curl\AUTH_BEARER
* http\Client\Curl\AUTH_NONE
* http\Client\Curl\HTTP_VERSION_2_PRIOR_KNOWLEDGE
* http\Client\Curl\HTTP_VERSION_3
* http\Client\Curl\SSL_VERSION_MAX_*
* http\Client\Curl\SSL_VERSION_TLSv1_3
* Added library version constants:
* http\Client\Curl\Versions\BROTLI
* http\Client\Curl\Versions\CAINFO
* http\Client\Curl\Versions\CAPATH
* http\Client\Curl\Versions\HYPER
* http\Client\Curl\Versions\ICONV
* http\Client\Curl\Versions\NGHTTP2
* http\Client\Curl\Versions\QUIC
* http\Client\Curl\Versions\ZSTD
|
