| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Bump PKGREVISION of www/drupal and www/drupal6 to reflect this change.
|
|
and CVE-2012-0053 taken from Apache SVN repository.
|
|
1.0.2:
Bug Fixes
Fix bug in scheduling on POST request.
Fix permissions on user create via external auth.
Add a default min_age for external binds.
Other Changes
Prevent external binds from being created/updated if curl is missing.
Add check to setup page to test whether curl is installed.
Allow for silly programs that send content-type XML with a GET request.
Support use of HTTP_AUTHORIZATION in addition to AUTHORIZATION cgi.
Handle VCARD adr/tel/email which have multiple types.
Set the default URL to the default calendar name rather than /home/
Enable the file upload for addressbook collections.
Handle addressbook import along with calendar import.
Write UID and REV property n VCARD if they are missing.
Update translations to current transifex translations.
1.0.1:
Bug Fixes
Fix missing braces the /tools.php script.
Other Changes
Update translations to current transifex translations.
1.0.0:
Functionality Enhancements
Handle DELETE scheduling actions.
Bug Fixes
Handle bound resources correctly in sync-collection report.
When creating an external bind don't consider local host as external
Fix logic error in hide_TODO setting.
Make hide_alarm work on bound resources.
Correct bug in sync-collection report response.
Fix BIT24 casting for the LDAP driver.
Fix for MOVE into a bound location.
Correctly calculate the next alarm time.
Make sync-collection handle new format for sync token.
Don't allow a / in the UID to infect the path on import.
Fix propfind depth:1 on bind to external url
Correct handling of empty CardDAV:address-data element in request.
Fix handling of active flag for general external authentication mechanisms.
Fix LDAP user creation where memcached support is off.
Fix handling of numeric usernames.
Other Changes
Catch missing-xml in request separately from invalid-xml.
Add the "CardDAV" word into DAViCal's description.
Improve expand performance by only doing expansion if we know we need it.
Use supplied content_type even on zero-length requests.
Strip URL-unfriendly characters from UID before using it as URL segment.
Slightly more helpful 403 response.
Remove password from LDAP log messages.
Tooltips for schedule-deliver and schedule-send.
Current localisations from Transifex.
Update e-mail address to current one, mention wiki.
Force output buffers to be flushed, if they're turned on.
Update refresh-alarms script to newer style initialisation.
Update website to reflect new default calendar name.
Rationalise confidential event rewriting.
Add the $c->hide_alarms functionality into DAVResource class.
Allow LDAP sync to work if the date is reasonable and no 'format_updated' is set.
We don't need to test for the PostgreSQL non-PDO drivers now.
Switch out deprecated LDAP mappings before we use them anywhere.
Add test for PHP filter module and wiki links for each test.
External bind changes, added a clean up button, urls now show for external collections and added a few strings for translation
|
|
Fixed in 7.24.0 - January 24 2012
Release contains security-related bug fix
Changes:
* CURLOPT_QUOTE: SFTP supports the '*'-prefix now
* CURLOPT_DNS_SERVERS: set name servers if possible
* Add support for using nettle instead of gcrypt as gnutls backend
* CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes
* Added CURLOPT_ACCEPTTIMEOUT_MS
* configure: add symbols versioning option --enable-versioned-symbols
Bugfixes:
* curl was vulnerable to a data injection attack for certain protocols CVE-2012-0036
* curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL
* SSL session share: move the age counter to the share object
* -J -O: use -O name if no Content-Disposition header comes!
* protocol_connect: show verbose connect and set connect time
* query-part: ignore the URI part for given protocols
* gnutls: only translate winsock errors for old versions
* POP3: fix end of body detection
* POP3: detect when LIST returns no mails
* TELNET: improved treatment of options
* configure: add support for pkg-config detection of libidn
* CyaSSL 2.0+ library initialization adjustment
* multi interface: only use non-NULL socker function pointer
* call opensocket callback properly for active FTP
* don't call close socket callback for sockets created with accept()
* differentiate better between host/proxy errors
* SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5
* multi: handle timeouts on DNS servers by checking for new sockets
* CURLOPT_DNS_SERVERS: fix return code
* POP3: fixed escaped dot not being stripped out
* OpenSSL: check for the SSLv2 function in configure
* MakefileBuild: fix the static build
* create_conn: don't switch to HTTP protocol if tunneling is enabled
* multi interface: fix block when CONNECT_ONLY option is used
* Fix connection reuse for TLS upgraded connections
* multiple file upload with -F and custom type
* multi interface: active FTP connections are no longer blocking
* Android build fix
* timer: restore PRETRANSFER timing
* libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM
* appconnect time fixed for non-blocking connect ssl backends
* do not include SSL handshake into time spent waiting for 100-continue
* handle dns cache case insensitive
* use new host name casing for subsequent HTTP requests
* CURLOPT_RESOLVE: avoid adding already present host names
* SFTP mkdir: use correct permission
* resolve: don't leak pre-populated dns entries
* --retry: Retry transfers on timeout and DNS errors
* negotiate with SSPI backend: use the correct buffer for input
* SFTP dir: increase buffer size counter to avoid cut off file names
* TFTP: fix resending (again)
* c-ares: don't include getaddrinfo-using code
* FTP: CURLE_PARTIAL_FILE will not close the control channel
* win32-threaded-resolver: stop using a dummy socket
* OpenSSL: remove reference to openssl internal struct
* OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled
* OpenSSL: fix PKCS#12 certificate parsing related memory leak
* OpenLDAP: fix LDAP connection phase memory leak
* Telnet: Use correct file descriptor for telnet upload
* Telnet: Remove bogus optimisation of telnet upload
* URL parse: user name with ipv6 numerical address
* polarssl: show cipher suite name correctly with 1.1.0
* polarssl: havege_rand is not present in version 1.1.0 WARNING, we still use the old API which is said to be
insecure
* gnutls: enforced use of SSLv3
|
|
Fixes build failure on NetBSD/amd64, reported by Dieter Roelants via private mail.
|
|
|
|
clisp.h requires libintl.h
|
|
Mon Jan 23 14:02:26 CET 2012
Fixed double-free if specified cipher was not valid (during
MHD_daemon_start). Releasing 0.9.18. -CG
Thu Jan 19 22:11:12 CET 2012
Switch to non-blocking sockets for all systems but Cygwin
(we already used non-blocking sockets for GNU/Linux); also
use non-blocking sockets on Cygwin for HTTPS as this is
required to avoid DoS-by-partial-record via gnutls. On
Cygwin, #1824 implies that we need to use blocking sockets
for HTTP on Cygwin for now. -CG
Thu Jan 19 17:46:05 CET 2012
Fixing use of uninitialized 'earliest_deadline' variable in
MHD_get_timeout which can lead to returning an incorrect
(too early) timeout (#2085). -tclaveirole
Thu Jan 19 13:31:27 CET 2012
Fixing digest authentication for GET requests with URI arguments
(#2059). -CG
Sat Jan 7 17:30:48 CET 2012
Digest authentication expects nonce count in base 16, not base 10
(#2061). -tclaveirole
Thu Jan 5 22:01:37 CET 2012
Partial fix for #2059, digest authentication with GET arguments. -CG
Thu Dec 1 15:22:57 CET 2011
Updated authorization_example.c to actually demonstrate the current
MHD API. -SG
Mon Nov 21 18:51:30 CET 2011
Added option to suppress generation of the 'Date:' header to be
used on embedded systems without RTC. Documented the new option
and the configure options. -CG
|
|
Bump PKGREVISIONs
|
|
* distutils pkg, register egg-info.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
* distutils pkg, register egg-info.
* while here, sort PLIST.
Bump PKGREVISION.
|
|
|
|
* distutils pkg, register egg-info.
Bump PKGREVISION.
|
|
|
|
|
|
Bump PKGREVISION.
|
|
|
|
* no compiler languages is required to build.
* `/usr/bin/env python' shebang are also be handled with REPLACE_PYTHON.
* distutils pkg, register egg-info.
* add an patch for python27, from upstream repo.
Bump PKGREVISION.
|
|
|
|
in the literal copy. The original is just too bogus. Bump revision.
|
|
ChangeLog:
0.44 Mon Apr 4 16:59:59 EST 2011
* Fix tests to run in a FreeBSD Jail - Tom Hukins [rt.cpan.org #49807]
|
|
ChangeLog:
v0.46 (released 2012/01/11):
* improvements
HTTP::DAV should now be working with more WebDAV servers.
We are more flexible in what content types we consider to be XML.
Thanks Ron1 and Adam for the feedback and patches.
v0.45 (released 2011/09/18):
* bug fixes
- Fixed RT #69439 (http://rt.cpan.org/Public/Bug/Display.html?id=69439),
insecure /tmp files handling in dave client.
* improvements
- Added -tmpdir option to dave client.
- Reorganized distribution layout to match usual CPAN practice
- Removed remains of svn-era ($Id and such...)
v0.44 (released 2011/06/19):
* bug fixes
- Fixed RT #68936 (http://rt.cpan.org/Public/Bug/Display.html?id=68936),
Fixed errors() method that would bomb out when the "_errors" attribute
wasn't initialized. Thanks to Michael Lackoff for reporting.
v0.43 (released 2011/04/12):
* bug fixes
- Fixed RT #38677 (http://rt.cpan.org/Public/Bug/Display.html?id=38677),
Intercept correctly 405 (Method now allowed) errors and report them
to the clients.
v0.42 (released 2010/11/07):
* bug fixes
- Fixed RT #60457 (http://rt.cpan.org/Public/Bug/Display.html?id=60457),
Added and documented possibility to pass your own custom HTTP headers.
- Fixed errors in the code examples in the synopsis.
|
|
|
|
ChangeLog:
0.15
* Add additional methods to better match
HTML::TreeBuilder::XPath::Node API:
- exists($xpath)
- find($elem_name)
- findvalues($xpath)
- findnodes_as_string($xpath)
- findnodes_as_strings($xpath)
(genehack)
0.14
* added workaround for Web::Scraper 0.36
(tokuhirom)
|
|
updated to 0.14
ChangeLog:
0.14 Mon Jan 16 22:00:00 GMT 2012
- Also allow single quotes in attribute expressions,
as seems to be allowed
per http://www.w3.org/TR/CSS2/syndata.html
0.13 Sun Jan 15 18:52:00 GMT 2012
- Added C<prefix> option to add a prefix like C<xhtml>,
contributed by Toby Inkster
This closes RT #73719
0.12 Thu Nov 24 22:13:00 GMT 2011
- Add tests and fix negated selectors as reported
by Nilson Santos Figueiredo Junior
|
|
ChangeLog:
0.09 2011-04-01 16:35:50 Europe/London
- Basic conversion to Dist::Zilla/git
- Tidies to keep Perl::Critic happier
- Removed use of naked filehandles
- Reworked tests to not use predicable temp file name
- Collapsed duplicate code to a single version
- Various documentation tweaks
- Change of maintainer as PODMASTER cannot be contacted
|
|
ChangeLog:
2011-10-15 Release 3.69
Gisle Aas (4):
Documentation fix; encode_utf8 mixup [RT#71151]
Make it clearer that there are 2 (actually 3) options for handing "UTF-8 garbage"
Github is the official repo
Can't be bothered to try to fix the failures that occur on perl-5.6
Barbie (1):
fix to TokeParser to correctly handle option configuration
Jon Jensen (1):
Aesthetic change: remove extra ;
Ville Skyttä (1):
Trim surrounding whitespace from extracted URLs.
|
|
ChangeLog:
2.10 Tue Dec 6 11:16:16 CST 2011
HTML::Lint is now explicitly licensed under Artistic License 2.0,
instead of the vague "same terms as Perl itself."
[FIXES]
Tags that were self-closed were being ignored. For example, if you had
<img src="blah.jpg" />
then HTML::Lint would ignore the tag. This has been fixed.
|
|
ChangeLog:
5.90007 - 2011-11-22 20:35:00
New features:
- Implement a match_captures hook which, if it exists on an action,
is called with the $ctx and \@captures and is expected to return
true to continue the chain matching and false to stop matching.
This can be used to implement action classes or roles which match
conditionally (for example only matching captures which are integers).
Bug fixes:
- Lighttpd script name fix is only applied for lighttpd versions
< 1.4.23. This should fix non-root installs of lighttpd in versions
over that.
- Prepare_action is now inside a try {} block, so that requests containing
bad unicode can be appropriately trapped by
Catalyst::Plugin::Unicode::Encoding
5.90006 - 2011-10-25 09:18:00
New features:
- A new 'run_options' class data method has been added to Catalyst.pm
This is used to store all the options passed by scripts, allowing
application authors to add custom options to their scripts then
get them passed through to the application.
Doumentation:
- Clarify that if you manually write your own .psgi file, then optional
proxy support (via the using_frontend_proxy config value) will not be
enabled unless you explicitly apply the default middlewares from
Catalyst, or you apply the middleware manually.
Bug fixes:
- Fix issue due to perl internals bugs in 5.8 and 5.10 (not present in
other perl versions) require can pass the context inappropriately,
meaning that some methods of loading classes can fail due to void
context being passed throuh to make_immutable, causing it to not return
a value.
This bug caused loading Catalyst::Script::XXX to fail and is fixed
both by bumping the Class::Load dependency, and also adding an explicit
'1;' to the end of the classes, avoiding the context issue.
- Fix using_frontend_proxy support in mod_perl by using the psgi wrapped
in default middleware in mod_perl context, rather than the raw psgi.
5.90005 - 2011-10-22 13:35:00
New features:
- $c->uri_for_action can now take an array of CaptureArgs and Args
If you have an action which has both, then you can now say:
$c->uri_for_action('/myaction', [@captures, @args]);
whereas before you had to say:
$c->uri_for_action('/myaction', [@captures], @args);
The previous form is still supported, however in many cases it is
easier for the application code to not have to differentiate between
the two.
- Catalyst::ScriptRunner has been enhanced so that it will now
load and apply traits, making it easier to customise.
- MyApp::TraitFor::Script (if it exists) will be applied to all
scripts in the application.
- MyApp::TraitFor::Script::XXXX will be applied to the relevant script
(for example MyApp::TraitFor::Script::Server will be applied to
MyApp::Script::Server if it exists, or Catalyst::Script::Server
otherwise).
Documentation:
- Document how to get the vhost of the request in $c->req->hostname
to avoid confusion
- Remove documentation showing Global / Regex / Private actionsi
as whilst these still exist (and work), they are not recommended.
- Remove references to the -Engine flag.
- Remove references to the deprecated Catalyst->plugin method
- Spelling fixed (and tested) throughout the documentation
- Note that wrapping the setup method will not work with method modifiers
and provide an alternative.
5.90004 - 2011-10-11 17:12:00
Bug fixes:
- Don't guess engine class names when setting an engine through
MyApp->engine_class.
5.90003 - 2011-10-05 08:32:00
Bug fixes:
- Make default body reponses for 302s W3C compliant. RT#71237
- Fix issue where groups of attributes to override controller actions
in config would be (incorrectly) overwritten, if the parser for that
attribute mangled the contents of the attribute. This was found
with Catalyst::Controller::ActionRole, where Does => [ '+Foo' ]
would be transformed to Does => [ 'Foo' ] and written back to config,
whereas Does => '+Foo' would not be changed in config. RT#65463
Enhancements:
- Set a matching Content-type for the redirect if Catalyst sets the
body. This is for compatibility with a WatchGuard Firewall.
Backward compatibility fixes:
- Restore (an almost empty) Catalyst::Engine::HTTP to the dist for old
scripts which explictly require Catalyst::Engine::HTTP
Documentation fixes:
- Document Catalyst::Plugin::Authentication fails tests unless
you use the latest version with Catalyst 5.9
- Clarify that prepare is called as a class method
- Clarify use of uri_for further. RT#57011
|
|
Changelog:
1.47 Oct 21, 2011
[ BUG FIXES ]
- Silenced an uninitalized value warning from ApacheHandler with newer
versions of Perl. RT #61900.
1.46 Aug 1, 2011
[ DOCS ]
- Mention Mason 2 in documentation
|
|
Bump PKGREVISION.
|
|
Bump PKGREVISION.
|
|
-data injection attack for certain protocols (CVE-2012-0036)
-SSL CBC IV vulnerability (OpenSSL related, CVE-2011-3389)
bump PKGREV
|
|
* distutils pkg, register egg-info.
Bump PKGREVISION.
|
|
(change to register distutils egg-info)
Version 7.19.0 [requires libcurl-7.19.0 or better]
--------------
* Added CURLFILE, ADDRESS_SCOPE and ISSUERCERT options,
as well as the APPCONNECT_TIME info.
* Added PRIMARY_IP info (patch by
Yuhui H <eyecat at gmail.com>).
* Added support for curl_easy_reset through a
new 'reset' method on curl objects
(patch by Nick Pilon <npilon at oreilly.com>).
* Added support for OPENSOCKET callbacks.
See 'tests/test_opensocket.py' for example
usage (patch by Thomas Hunger <teh at camvine.com>).
Version 7.18.2
--------------
* Added REDIRECT_URL info and M_MAXCONNECTS option
(patch by Yuhui H <eyecat at gmail.com>).
* Added socket_action() method to CurlMulti objects.
See 'tests/test_multi_socket_select.py' for example
usage (patch by Yuhui H <eyecat at gmail.com>).
* Added AUTOREFERER option.
* Allow resetting some list operations (HTTPHEADER,
QUOTE, POSTQUOTE, PREQUOTE) by passing an empty
list to setopt (patch by Jim Patterson).
Version 7.18.1
--------------
* Added POST301, SSH_HOST_PUBLIC_KEY_MD5,
COPYPOSTFIELDS and PROXY_TRANSFER_MODE options.
* Check for static libs in setup.py to better detect
whether libcurl was linked with OpenSSL or GNUTLS.
* PycURL is now dual licensed under the LGPL and
a license similar to the cURL license (an MIT/X
derivative).
|
|
* convert to use distutils.mk, register egg-info.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
0.25
- Upped versions added new servers and middleware components
also - re-order DEPENDS to match MYMETA.yml and change from *-[0-9] to >=X
|
|
1.3091 17.12.2011
[ BUG FIXES ]
* Reverting template() behavior by popular demand. (Damien Krotkine)
* GH #714: Run post-request hooks when custom continuations were created.
(Damien Krotkine)
* Always call write_session_id() to update expires. (David Precious)
[ ENHANCEMENTS ]
* GH #711, #652: Add server_tokens variable to allow removal of headers.
(John Wittkoski)
[ DOCUMENTATION ]
* GH #680: Document problems with multiple apps in Dancer using
Plack::Handler::Apache2 and recommend a workaround.
(Asaf Gordon, Pedro Melo)
* RT #73258: Spelling glitches. (Damyan Ivanov)
* Use ":script" instead of ":syntax" in Cookbook. (John Barrett)
* Typos in Deployment doc. (David Precious)
|
|
0.9985 Mon Oct 31 13:11:19 PDT 2011
[BUG FIXES]
- Short circuit Plack::Handler fallback to avoid %INC bugs in perl 5.8 (mst)
- Fixed Makefile.PL to avoid Test::SharedFork interferring with Module::Install (ambs)
|
|
0.14
- support for randomized reqs-per-child
- support for slow restart
- do not send Server header more than once per every response
|
|
patch-aa covered upstream
#-----------------------------------------------------------------------
# Version 2.23 - 21st January 2012
#------------------------------------------------------------------------
* Fixed bug RT#47929 which caused the XS Stash to die mysteriously when
calling code that used string evaluation (e.g. DateTime).
* Fixed bug RT#68722 so that list.defined('alpha') always returns false.
* Added the TRACE_VARS option to keep track of what variables are used
in a template. It's not documented yet. See t/trace_vars.t for an
example of use.
* Applied patch from RT#48989 to avoid Template::Plugin::Procedural
from adding target class' methods AUTOLOAD and new methods multiple
times (Jens Rehsack)
* Applied patch from RT#53451 to accept negative epoch times in
Template::Plugin::Date.
* Applied patch from Marc Remy to add $Template::Directive::WHILE_MAX
option to tpage.
|
|
version: 0.16
date: Mon Nov 7 18:49:56 PST 2011
changes:
- Anthony Cornehl++ implemented JSON and XML support. \o/
---
version: 0.15
date: Sat Nov 5 01:09:40 PDT 2011
changes:
- Use fixed TestML
---
version: 0.14
date: Fri Oct 21 18:31:56 PDT 2011
changes:
- Use Module::Package
- Add strict support
|
|
1.38 Fri Oct 28 10:12:48 CDT 2011
------------------------------------
[FIXES]
Now passes tests even if HTML::Lint is not installed.
There are no other changes in 1.38.
1.36 Thu Oct 27 00:09:21 CDT 2011
------------------------------------
[ENHANCEMENTS]
The $mech object autolint argument can now take an HTML::Lint object.
This lets you pass your own HTML::Lint object that does less stringent
checking than the one T:W:M creates.
|
|
20111103 Thu Nov 3 12:14:21 PDT 2011
Bug Fixes
* URI::URL::strict will no longer leak out of find() if the callback
or filter fails. [rt.cpan.org 71153] (Carl Chambers)
20111020 Thu Oct 20 17:31:56 PDT 2011
Bug Fixes
* Things which look like URIs, but aren't, are now properly escaped like
other text. [rt.cpan.org 71658]
New Features
* Balanced parens in URIs are no longer stripped. Example:
"http://example.com/foo(bar)" (Merten Falk)
|
