| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
www/apache22: security update
Revisions pulled up:
- www/apache22/Makefile 1.102
- www/apache22/distinfo 1.60
---
Module Name: pkgsrc
Committed By: adam
Date: Tue Sep 9 08:11:48 UTC 2014
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Log Message:
Changes 2.4.10
*) SECURITY: CVE-2014-0117 (cve.mitre.org)
mod_proxy: Fix crash in Connection header handling which
allowed a denial of service attack against a reverse proxy
with a threaded MPM.
*) SECURITY: CVE-2014-3523 (cve.mitre.org)
Fix a memory consumption denial of service in the WinNT MPM (used in all Windows
installations). Workaround: AcceptFilter <protocol> {none|connect}
*) SECURITY: CVE-2014-0226 (cve.mitre.org)
Fix a race condition in scoreboard handling, which could lead to
a heap buffer overflow.
*) SECURITY: CVE-2014-0118 (cve.mitre.org)
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to avoid
denial of sevice via highly compressed bodies. See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst.
*) SECURITY: CVE-2014-0231 (cve.mitre.org)
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server. By
default, the client I/O timeout (Timeout directive) now applies to
communication with scripts. The CGIDScriptTimeout directive can be
used to set a different timeout for communication with scripts.
*) mod_ssl: Extend the scope of SSLSessionCacheTimeout to sessions
resumed by TLS session resumption (RFC 5077).
*) mod_deflate: Don't fail when flushing inflated data to the user-agent
and that coincides with the end of stream ("Zlib error flushing inflate
buffer").
*) mod_proxy_ajp: Forward local IP address as a custom request attribute
like we already do for the remote port.
*) core: Include any error notes set by modules in the canned error
response for 403 errors.
*) mod_ssl: Set an error note for requests rejected due to
SSLStrictSNIVHostCheck.
*) mod_ssl: Fix issue with redirects to error documents when handling
SNI errors.
*) mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer
larger keys and support up to 8192-bit keys.
*) mod_dav: Fix improper encoding in PROPFIND responses.
*) WinNT MPM: Improve error handling for termination events in child.
*) mod_proxy: When ping/pong is configured for a worker, don't send or
forward "100 Continue" (interim) response to the client if it does
not expect one.
*) mod_ldap: Be more conservative with the last-used time for
LDAPConnectionPoolTTL.
*) mod_ldap: LDAP connections used for authn were not respecting
LDAPConnectionPoolTTL.
*) mod_proxy_fcgi: Fix occasional high CPU when handling request bodies.
*) event MPM: Fix possible crashes (third-party modules accessing c->sbh)
or occasional missed mod_status updates under load.
*) mod_authnz_ldap: Support primitive LDAP servers do not accept
filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
filter "none" to be specified in AuthLDAPURL.
*) mod_deflate: Fix inflation of files larger than 4GB.
*) mod_deflate: Handle Zlib header and validation bytes received in multiple
chunks.
*) mod_proxy: Allow reverse-proxy to be set via explicit handler.
*) ab: support custom HTTP method with -m argument.
*) mod_proxy_balancer: Correctly encode user provided data in management
interface.
*) mod_proxy_fcgi: Support iobuffersize parameter.
*) mod_auth_form: Add a debug message when the fields on a form are not
recognised.
*) mod_cache: Preserve non-cacheable headers forwarded from an origin 304
response.
*) mod_proxy_wstunnel: Fix the use of SSL connections with the "wss:"
scheme.
*) mod_socache_shmcb: Correct counting of expirations for status display.
Expirations happening during retrieval were not counted.
*) mod_cache: Retry unconditional request with the full URL (including the
query-string) when the origin server's 304 response does not match the
conditions used to revalidate the stale entry.
*) mod_alias: Stop setting CONTEXT_PREFIX and CONTEXT_DOCUMENT environment
variables as a result of AliasMatch.
*) mod_cache: Don't add cached/revalidated entity headers to a 304 response.
*) mod_proxy_scgi: Support Unix sockets. ap_proxy_port_of_scheme():
Support default SCGI port (4000).
*) mod_cache: Fix AH00784 errors on Windows when the the CacheLock directive
is enabled.
*) mod_expires: don't add Expires header to error responses (4xx/5xx),
be they generated or forwarded.
*) mod_proxy_fcgi: Don't segfault when failing to connect to the backend.
(regression in 2.4.9 release)
*) mod_authn_socache: Fix crash at startup in certain configurations.
*) mod_ssl: restore argument structure for "exec"-type SSLPassPhraseDialog
programs to the form used in releases up to 2.4.7, and emulate
a backwards-compatible behavior for existing setups.
*) mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
OCSP requests should use a nonce to be checked against the responder's
one.
*) mod_ssl: "SSLEngine off" will now override a Listen-based default
and does disable mod_ssl for the vhost.
*) mod_lua: Enforce the max post size allowed via r:parsebody()
*) mod_lua: Use binary comparison to find boundaries for multipart
objects, as to not terminate our search prematurely when hitting
a NULL byte.
*) mod_ssl: add workaround for SSLCertificateFile when using OpenSSL
versions before 0.9.8h and not specifying an SSLCertificateChainFile
(regression introduced with 2.4.8).
*) mod_ssl: bring SNI behavior into better conformance with RFC 6066:
no longer send warning-level unrecognized_name(112) alerts,
and limit startup warnings to cases where an OpenSSL version
without TLS extension support is used.
*) mod_proxy_html: Avoid some possible memory access violation in case of
specially crafted files, when the ProxyHTMLMeta directive is turned on.
*) mod_auth_form: Make sure the optional functions are loaded even when
the AuthFormProvider isn't specified.
*) mod_ssl: avoid processing bogus SSLCertificateKeyFile values
(and logging garbled file names).
*) mod_ssl: fix merging of global and vhost-level settings with the
SSLCertificateFile, SSLCertificateKeyFile, and SSLOpenSSLConfCmd
directives.
*) mod_headers: Allow the "value" parameter of Header and RequestHeader to
contain an ap_expr expression if prefixed with "expr=".
*) rotatelogs: Avoid creation of zombie processes when -p is used on
Unix platforms.
*) mod_authnz_fcgi: New module to enable FastCGI authorizer
applications to authenticate and/or authorize clients.
*) mod_proxy: Do not try to parse the regular expressions passed by
ProxyPassMatch as URL as they do not follow their syntax.
*) mod_reqtimeout: Resolve unexpected timeouts on keepalive requests
under the Event MPM.
*) mod_proxy_fcgi: Fix sending of response without some HTTP headers
that might be set by filters.
*) mod_proxy_html: Do not delete the wrong data from HTML code when a
"http-equiv" meta tag specifies a Content-Type behind any other
"http-equiv" meta tag.
*) mod_proxy: Don't reuse a SSL backend connection whose requested SNI
differs.
*) Add suspend_connection and resume_connection hooks to notify modules
when the thread/connection relationship changes. (Should be implemented
for any third-party async MPMs.)
*) mod_proxy_wstunnel: Don't issue AH02447 and log a 500 on routine
hangups from websockets origin servers.
*) mod_proxy_wstunnel: Don't pool backend websockets connections,
because we need to handshake every time.
*) mod_lua: Redesign how request record table access behaves,
in order to utilize the request record from within these tables.
*) mod_lua: Add r:wspeek for peeking at WebSocket frames.
*) mod_lua: Log an error when the initial parsing of a Lua file fails.
*) mod_lua: Reformat and escape script error output.
*) mod_lua: URL-escape cookie keys/values to prevent tainted cookie data
from causing response splitting.
*) mod_lua: Disallow newlines in table values inside the request_rec,
to prevent HTTP Response Splitting via tainted headers.
*) mod_lua: Remove the non-working early/late arguments for
LuaHookCheckUserID.
*) mod_lua: Change IVM storage to use shm
*) mod_lua: More verbose error logging when a handler function cannot be
found.
|
|
www/squid3: security update
Revisions pulled up:
- www/squid3/Makefile 1.34-1.36
- www/squid3/distinfo 1.22-1.23
- www/squid3/files/squid.sh 1.2
---
Module Name: pkgsrc
Committed By: adam
Date: Wed Jul 2 08:48:27 UTC 2014
Modified Files:
pkgsrc/www/squid3: Makefile distinfo
Log Message:
Changes 3.4.6:
Docs: external_acl_type documentation lies for cache=n option
Non https connectiona on SSL-bump enabled port may stuck
Do not leak implicit ACLs during reconfigure.
Assure that when LruMap::memLimit_ is set to 0 no entries stored on LruMap
Portability: use 64-bit for X-Cache-Age header
Windows: fix various libip build issues
Windows: rename TcpLogger::connect
Windows: rename ConnOpener::connect
Change order of BSD-specific network includes so that they are properly picked up
Do not leak ex_data for SSL state that survived reconfigure.
Do not register the same Cache Manager action more than once
Fix leaked TcpAcceptor job on reconfiguration
Fix leak of ACLs related to adaptation access rules
Bug 4056: assertion MemPools[type] from netdbExchangeStart()
Bug 4065: round-robin neighbor selection with unequal weights
Bug 4050: Segfault in CommSelectEngine::checkEvents on helper response
Fix segfault setting up server SSL connnection
Regression: segfault logging with %tg format specifier
SourceFormat Enforcement
---
Module Name: pkgsrc
Committed By: adam
Date: Thu Aug 28 16:52:02 UTC 2014
Modified Files:
pkgsrc/www/squid3: Makefile distinfo
Log Message:
Changes 3.4.7:
kerberos_ldap_group: Fix 'error during setup of Kerberos credential cache'
Ignore Range headers with unidentifiable byte-range values
Use v3 for fake certificate if we add _any_ certificate extension.
Fix regression in rev.13156
Fix %USER_CA_CERT_* and %CA_CERT_ external_acl formating codes
Enable compile-time override for MAXTCPLISTENPORTS
ntlm_sspi_auth: fix various build errors
negotiate_wrapper: vfork is not portable
Windows: fix iphlpapi.h include case-sensitivity
Windows: correct libsspwin32 API for SSP_LogonUser()
negotiate_sspi_auth: Portability fixes for MinGW
ext_lm_group_acl: portability fixes for MinGW
SourceFormat Enforcement
Bug 4080: worker hangs when client identd is not responding
Bug 3966: Add KeyEncipherment when ssl-bump substitues RSA for EC.
Reduce cache_effective_user was leaking $HOME memory
---
Module Name: pkgsrc
Committed By: tron
Date: Fri Aug 29 11:13:46 UTC 2014
Modified Files:
pkgsrc/www/squid3: Makefile
pkgsrc/www/squid3/files: squid.sh
Log Message:
Get "/etc/rc.d/squid status" and "/etc/rc.d/squid restart" to work again
under NetBSD (and other platforms using "/etc/rc.subr"?).
Bump package revision because of this fix.
|
|
www/drupal6; security update
Revisions pulled up:
- www/drupal6/Makefile 1.49
- www/drupal6/distinfo 1.32
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Aug 8 15:54:21 UTC 2014
Modified Files:
pkgsrc/www/drupal6: Makefile distinfo
Log Message:
Update drupal6 to 6.33.
Drupal 6.33, 2014-08-06
----------------------
- Fixed security issues (denial of service). See SA-CORE-2014-004.
|
|
www/drupal7: security update
Revisions pulled up:
- www/drupal7/Makefile 1.28
- www/drupal7/PLIST 1.10
- www/drupal7/distinfo 1.21
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Aug 8 15:53:33 UTC 2014
Modified Files:
pkgsrc/www/drupal7: Makefile PLIST distinfo
Log Message:
Update drupal7 to 7.31.
Drupal 7.31, 2014-08-06
----------------------
- Fixed security issues (denial of service). See SA-CORE-2014-004.
Drupal 7.30, 2014-07-24
-----------------------
- Fixed a regression introduced in Drupal 7.29 that caused files or images
attached to taxonomy terms to be deleted when the taxonomy term was edited
and resaved (and other related bugs with contributed and custom modules).
- Added a warning on the permissions page to recommend restricting access to
the "View site reports" permission to trusted administrators. See
DRUPAL-PSA-2014-002.
- Numerous API documentation improvements.
- Additional automated test coverage.
|
|
www/serf: security update
Revisions pulled up:
- www/serf/Makefile 1.31
- www/serf/distinfo 1.17
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat Aug 16 12:11:53 UTC 2014
Modified Files:
pkgsrc/www/serf: Makefile distinfo
Log Message:
Update to 1.3.7:
Serf 1.3.7 [2014-08-11, from /tags/1.3.7, r2411]
Handle NUL bytes in fields of an X.509 certificate. (r2393, r2399)
|
|
www/apache24: security update
Revisions pulled up:
- www/apache24/Makefile 1.30
- www/apache24/PLIST 1.16
- www/apache24/distinfo 1.15
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Jul 23 10:34:02 UTC 2014
Modified Files:
pkgsrc/www/apache24: Makefile PLIST distinfo
Log Message:
Update "apache24" package to version 2.4.10. Changes since 2.4.9:
- SECURITY: CVE-2014-0117 (cve.mitre.org)
mod_proxy: Fix crash in Connection header handling which
allowed a denial of service attack against a reverse proxy
with a threaded MPM. [Ben Reser]
- SECURITY: CVE-2014-0226 (cve.mitre.org)
Fix a race condition in scoreboard handling, which could lead to
a heap buffer overflow. [Joe Orton, Eric Covener]
- SECURITY: CVE-2014-0118 (cve.mitre.org)
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to avo=
id
denial of sevice via highly compressed bodies. See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst. [Yann Ylavic, Eric Covener]
- SECURITY: CVE-2014-0231 (cve.mitre.org)
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server. By
default, the client I/O timeout (Timeout directive) now applies to
communication with scripts. The CGIDScriptTimeout directive can be
used to set a different timeout for communication with scripts.
[Rainer Jung, Eric Covener, Yann Ylavic]
- mod_ssl: Extend the scope of SSLSessionCacheTimeout to sessions
resumed by TLS session resumption (RFC 5077). [Rainer Jung]
- mod_deflate: Don't fail when flushing inflated data to the user-agent
and that coincides with the end of stream ("Zlib error flushing inflate
buffer"). Bug 56196. [Christoph Fausak <christoph fausak glueckkanja.com>]
- mod_proxy_ajp: Forward local IP address as a custom request attribute
like we already do for the remote port. [Rainer Jung]
- core: Include any error notes set by modules in the canned error
response for 403 errors. [Jeff Trawick]
- mod_ssl: Set an error note for requests rejected due to
SSLStrictSNIVHostCheck. [Jeff Trawick]
- mod_ssl: Fix issue with redirects to error documents when handling
SNI errors. [Jeff Trawick]
- mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer
larger keys and support up to 8192-bit keys. [Ruediger Pluem,
Joe Orton]
- mod_dav: Fix improper encoding in PROPFIND responses. Bug 56480.
[Ben Reser]
- WinNT MPM: Improve error handling for termination events in child.
[Jeff Trawick]
- mod_proxy: When ping/pong is configured for a worker, don't send or
forward "100 Continue" (interim) response to the client if it does
not expect one. [Yann Ylavic]
- mod_ldap: Be more conservative with the last-used time for
LDAPConnectionPoolTTL. Bug 54587 [Eric Covener]
- mod_ldap: LDAP connections used for authn were not respecting
LDAPConnectionPoolTTL. Bug 54587 [Eric Covener]
- mod_proxy_fcgi: Fix occasional high CPU when handling request bodies.
[Jeff Trawick]
- event MPM: Fix possible crashes (third-party modules accessing c->sbh)
or occasional missed mod_status updates under load. Bug 56639.
[Edward Lu <Chaosed0 gmail com>]
- mod_authnz_ldap: Support primitive LDAP servers do not accept
filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
filter "none" to be specified in AuthLDAPURL. [Eric Covener]
- mod_deflate: Fix inflation of files larger than 4GB. Bug 56062.
[Lukas Bezdicka <social v3.sk>]
- mod_deflate: Handle Zlib header and validation bytes received in multiple
chunks. Bug 46146. [Yann Ylavic]
- mod_proxy: Allow reverse-proxy to be set via explicit handler.
[ryo takatsuki <ryotakatsuki gmail com>]
- ab: support custom HTTP method with -m argument. Bug 56604.
[Roman Jurkov <winfinit gmail.com>]
- mod_proxy_balancer: Correctly encode user provided data in management
interface. Bug 56532 [Maksymilian, <max cert.cx>]
- mod_proxy_fcgi: Support iobuffersize parameter. [Jeff Trawick]
- mod_auth_form: Add a debug message when the fields on a form are not
recognised. [Graham Leggett]
- mod_cache: Preserve non-cacheable headers forwarded from an origin 304
response. Bug 55547. [Yann Ylavic]
- mod_proxy_wstunnel: Fix the use of SSL connections with the "wss:"
scheme. Bug 55320. [Alex Liu <alex.leo.ca gmail.com>]
- mod_socache_shmcb: Correct counting of expirations for status display.
Expirations happening during retrieval were not counted. [Rainer Jung]
- mod_cache: Retry unconditional request with the full URL (including the
query-string) when the origin server's 304 response does not match the
conditions used to revalidate the stale entry. [Yann Ylavic].
- mod_alias: Stop setting CONTEXT_PREFIX and CONTEXT_DOCUMENT environment
variables as a result of AliasMatch. [Eric Covener]
- mod_cache: Don't add cached/revalidated entity headers to a 304 response.
Bug 55547. [Yann Ylavic]
- mod_proxy_scgi: Support Unix sockets. ap_proxy_port_of_scheme():
Support default SCGI port (4000). [Jeff Trawick]
- mod_expires: don't add Expires header to error responses (4xx/5xx),
be they generated or forwarded. Bug 55669. [Yann Ylavic]
- mod_proxy_fcgi: Don't segfault when failing to connect to the backend.
(regression in 2.4.9 release) [Jeff Trawick]
- mod_authn_socache: Fix crash at startup in certain configurations.
Bug 56371. (regression in 2.4.7) [Jan Kaluza]
- mod_ssl: restore argument structure for "exec"-type SSLPassPhraseDialog
programs to the form used in releases up to 2.4.7, and emulate
a backwards-compatible behavior for existing setups. [Kaspar Brand]
- mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
OCSP requests should use a nonce to be checked against the responder's
one. Bug 56233. [Yann Ylavic, Kaspar Brand]
- mod_ssl: "SSLEngine off" will now override a Listen-based default
and does disable mod_ssl for the vhost. [Joe Orton]
- mod_lua: Enforce the max post size allowed via r:parsebody()
[Daniel Gruno]
- mod_lua: Use binary comparison to find boundaries for multipart
objects, as to not terminate our search prematurely when hitting
a NULL byte. [Daniel Gruno]
- mod_ssl: add workaround for SSLCertificateFile when using OpenSSL
versions before 0.9.8h and not specifying an SSLCertificateChainFile
(regression introduced with 2.4.8). Bug 56410. [Kaspar Brand]
- mod_ssl: bring SNI behavior into better conformance with RFC 6066:
no longer send warning-level unrecognized_name(112) alerts,
and limit startup warnings to cases where an OpenSSL version
without TLS extension support is used. Bug 56241. [Kaspar Brand]
- mod_proxy_html: Avoid some possible memory access violation in case of
specially crafted files, when the ProxyHTMLMeta directive is turned on.
Follow up of Bug 56287 [Christophe Jaillet]
- mod_auth_form: Make sure the optional functions are loaded even when
the AuthFormProvider isn't specified. [Graham Leggett]
- mod_ssl: avoid processing bogus SSLCertificateKeyFile values
(and logging garbled file names). Bug 56306. [Kaspar Brand]
- mod_ssl: fix merging of global and vhost-level settings with the
SSLCertificateFile, SSLCertificateKeyFile, and SSLOpenSSLConfCmd
directives. Bug 56353. [Kaspar Brand]
- mod_headers: Allow the "value" parameter of Header and RequestHeader to
contain an ap_expr expression if prefixed with "expr=3D". [Eric Covener]
- rotatelogs: Avoid creation of zombie processes when -p is used on
Unix platforms. [Joe Orton]
- mod_authnz_fcgi: New module to enable FastCGI authorizer
applications to authenticate and/or authorize clients.
[Jeff Trawick]
- mod_proxy: Do not try to parse the regular expressions passed by
ProxyPassMatch as URL as they do not follow their syntax.
Bug 56074. [Ruediger Pluem]
- mod_reqtimeout: Resolve unexpected timeouts on keepalive requests
under the Event MPM. Bug 56216. [Frank Meier <frank meier ergon ch>]
- mod_proxy_fcgi: Fix sending of response without some HTTP headers
that might be set by filters. [Jim Riggs <jim riggs.me>]
- mod_proxy_html: Do not delete the wrong data from HTML code when a
"http-equiv" meta tag specifies a Content-Type behind any other
"http-equiv" meta tag. Bug 56287 [Micha Lenk <micha lenk info>]
- mod_proxy: Don't reuse a SSL backend connection whose requested SNI
differs. Bug 55782. [Yann Ylavic]
- Add suspend_connection and resume_connection hooks to notify modules
when the thread/connection relationship changes. (Should be implemented
for any third-party async MPMs.) [Jeff Trawick]
- mod_proxy_wstunnel: Don't issue AH02447 and log a 500 on routine
hangups from websockets origin servers. Bug 56299
[Yann Ylavic, Edward Lu <Chaosed0 gmail com>, Eric Covener]
- mod_proxy_wstunnel: Don't pool backend websockets connections,
because we need to handshake every time. Bug 55890.
[Eric Covener]
- mod_lua: Redesign how request record table access behaves,
in order to utilize the request record from within these tables.
[Daniel Gruno]
- mod_lua: Add r:wspeek for peeking at WebSocket frames. [Daniel Gruno]
- mod_lua: Log an error when the initial parsing of a Lua file fails.
[Daniel Gruno, Felipe Daragon <filipe syhunt com>]
- mod_lua: Reformat and escape script error output.
[Daniel Gruno, Felipe Daragon <filipe syhunt com>]
- mod_lua: URL-escape cookie keys/values to prevent tainted cookie data
from causing response splitting.
[Daniel Gruno, Felipe Daragon <filipe syhunt com>]
- mod_lua: Disallow newlines in table values inside the request_rec,
to prevent HTTP Response Splitting via tainted headers.
[Daniel Gruno, Felipe Daragon <filipe syhunt com>]
- mod_lua: Remove the non-working early/late arguments for
LuaHookCheckUserID. [Daniel Gruno]
- mod_lua: Change IVM storage to use shm [Daniel Gruno]
- mod_lua: More verbose error logging when a handler function cannot be
found. [Daniel Gruno]
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/www/apache24/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/apache24/PLIST
cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/apache24/distinfo
|
|
www/drupal6: security update
Revisions pulled up:
- www/drupal6/Makefile 1.48
- www/drupal6/distinfo 1.31
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jul 17 03:57:57 UTC 2014
Modified Files:
pkgsrc/www/drupal6: Makefile distinfo
Log Message:
Update drupal6 to 6.32, security fix release.
Drupal 6.32, 2014-07-16
----------------------
- Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-003.
|
|
www/drupal7: security update
Revisions pulled up:
- www/drupal7/Makefile 1.27
- www/drupal7/distinfo 1.20
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jul 17 03:57:10 UTC 2014
Modified Files:
pkgsrc/www/drupal7: Makefile distinfo
Log Message:
Update drupal7 to 7.29, security fix release.
Drupal 7.29, 2014-07-16
----------------------
- Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-003.
|
|
databases/ruby-activerecord32: security update
devel/ruby-activemodel32: security update
devel/ruby-activesupport32: security update
devel/ruby-railties32: security update
mail/ruby-actionmailer32: security update
www/ruby-actionpack32: security update
www/ruby-activeresource32: security update
Revisions pulled up:
- databases/ruby-activerecord32/distinfo 1.17
- devel/ruby-activemodel32/distinfo 1.17
- devel/ruby-activesupport32/distinfo 1.17
- devel/ruby-railties32/distinfo 1.17
- lang/ruby/rails.mk 1.49
- mail/ruby-actionmailer32/distinfo 1.17
- www/ruby-actionpack32/distinfo 1.17
- www/ruby-activeresource32/distinfo 1.17
- www/ruby-rails32/distinfo 1.17
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:36:35 UTC 2014
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails to 3.2.19.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:38:16 UTC 2014
Modified Files:
pkgsrc/devel/ruby-activesupport32: distinfo
Log Message:
Update ruby-activesupport32 to 3.2.19.
## Rails 3.2.19 (Jul 2, 2014) ##
* Make sure Active Support configurations are applied correctly.
Before this change configuration set using `config.active_support`
would not be set.
*Rafael Mendon=E7a Fran=E7a*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:38:50 UTC 2014
Modified Files:
pkgsrc/devel/ruby-activemodel32: distinfo
Log Message:
Update ruby-activemodel32 to 3.2.19.
## Rails 3.2.19 (Jul 2, 2014) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:40:52 UTC 2014
Modified Files:
pkgsrc/www/ruby-activeresource32: distinfo
Log Message:
Update ruby-activeresource32 to 3.2.19.
## Rails 3.2.19 (Jul 2, 2014) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:41:43 UTC 2014
Modified Files:
pkgsrc/www/ruby-actionpack32: distinfo
Log Message:
Update ruby-actionpack32 to 3.2.19.
## Rails 3.2.19 (Jul 2, 2014) ##
* Fix regression when using `ActionView::Helpers::TranslationHelper#t=
ranslate` with
`options[:raise]`.
This regression was introduced at ec16ba75a5493b9da972eea08bae630eb=
a35b62f.
*Shota Fukumori (sora_h)*
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:42:15 UTC 2014
Modified Files:
pkgsrc/mail/ruby-actionmailer32: distinfo
Log Message:
Update ruby-actionmailer32 to 3.2.19.
## Rails 3.2.19 (Jul 2, 2014) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:42:48 UTC 2014
Modified Files:
pkgsrc/devel/ruby-railties32: distinfo
Log Message:
Update ruby-railties32 to 3.2.19.
## Rails 3.2.19 (Jul 2, 2014) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:43:50 UTC 2014
Modified Files:
pkgsrc/www/ruby-rails32: distinfo
Log Message:
Update ruby-rails32 to 3.2.19.
This is meta package like ruby gem.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 6 07:40:12 UTC 2014
Modified Files:
pkgsrc/databases/ruby-activerecord32: distinfo
Log Message:
Update ruby-activerecord32 to 3.2.19, security fix.
## Rails 3.2.19 (Jul 2, 2014) ##
* Fix SQL Injection Vulnerability in 'bitstring' quoting.
Fixes CVE-2014-3482.
*Rafael Mendonḋ®a Franḋ®a*
|
|
www/php-sugarcrm: security update
Revisions pulled up:
- www/php-sugarcrm/Makefile 1.8
- www/php-sugarcrm/distinfo 1.4
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jul 2 09:13:02 UTC 2014
Modified Files:
pkgsrc/www/php-sugarcrm: Makefile
Log Message:
Update php-sugarcrm to 6.5.17, security release.
Quote from http://www.providentcrm.com/news/sugarcrm-6-5-17-patch-list/.
1. Module scanner now blocks two additional functions:
simplexml_load_file and simplexml_load_string
2. JS Security Fix in Emails -- changing AJAX call from GET to POST.
3. XML Handling -- Additional error handling and libxml_disable_entity_loader
is now set to true.
4. Users module -- Additional checking on un-authorised access to other users
profile, plus Bugfix for password field.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jul 3 01:32:50 UTC 2014
Modified Files:
pkgsrc/www/php-sugarcrm: distinfo
Log Message:
Forgot to commit distinfo.
|
|
www/contao33: installation fix
Revisions pulled up:
- www/contao33/INSTALL 1.1
- www/contao33/Makefile 1.4
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jul 2 09:10:26 UTC 2014
Modified Files:
pkgsrc/www/contao33: Makefile
Added Files:
pkgsrc/www/contao33: INSTALL
Log Message:
INSTALL was missing from this package when I first imported it to pkgsrc.
Bump PKGREVISION.
|
|
|
|
Changelog:
1.11 12/21/2013
Minor parser bugfixes
Fix upgrading from older tt-rss versions
Minor performance improvements
Other bugfixes
API: fix labels not applying because API call expected labels in wrong format
1.12 03/21/2014
Parser / misc bugfixes
Default theme update
Traditional Chinese (zh_TW) translation
Various comics plugins merged into af_comics
|
|
|
|
* I gave up subdirectory installation with nginx... (MESSAGES)
Changelog:
Version 6.0.4 June 23rd 2014
Fixed a security issue (Will be disclosed two weeks after this release)
Several LDAP fixes and improvements
Add deprecated warning to load function
File scanner fixes
Heart beat fixes
Encryption fixes for some corner cases
Fix conflict dialog translations
Fix button text overflow
Fix search with Oracle
Php upload errors are written to log
OCS status code fixes
Add PostgreSQL version warning
Version 6.0.3 April 29rd 2014
Several security fixes. (Will be disclosed 2 weeks after the release)
Appframework extensions to improve the compatibility with 3rdparty apps
LDAP performance improvements
Fix updating of email adresses from LDAP
Fix WebDAV timestamp format handling
Disable internet connection check if a proxy is configured
Fix a potential file chunking problem on a server that is running out of storage
Do not expire file chunks while checking their existence
Fix loading of authentication apps in any case
Performance improvements by reducing the number of chmod operations.
Make the trusted domain upgrade feature more robust.
Don't allow creating a "Shared" folder.
Fixed "select all" + download on public page
Fix share as link with email multiple users
Reset time of last update feed polling to fix the updater
Share API fixes
Admin option for public upload with encryption enabled
Fix CIFS with home shares
Detect a missing "data" directory mount
Fix the filesize calculation of encrypted files
Fixes in the OpenStack support
Fixes in the SWIFT support
Don't block PHP sessions during download
Fix sharing oc addressbooks
Several ownCloud Documents improvements and fixes
Several smaller bugfixes
|
|
|
|
Tomcat 6.0.41
=============
Jasper
------
fix 56529: Avoid NoSuchElementException while handling attributes
with empty string value in custom tags. Based on a patch
provided by Hariprasad Manchi. (violetagg/kkolinko)
Tomcat 6.0.40 not released
============================
Catalina
--------
fix 56027: Add more options for managing FIPS mode in the
AprLifecycleListener. (schultz/kkolinko)
fix 56082: Fix a concurrency bug in JULI's LogManager
implementation. (markt)
fix 56236: Enable Tomcat to work with alternative Servlet and
JSP API JARs that package the XML schemas in such as way as
to require a dependency on the JSP API before enabling
validation for web.xml. Tomcat has no such dependency. (markt)
fix Change the default value of the xmlBlockExternal attribute
of Context elements. It is now true. (kkolinko)
fix Don't log to standard out in SSLValve. (kkolinko/markt)
code Use StringBuilder in DefaultServlet. (kkolinko)
fix 56275: Allow web applications to be stopped cleanly even
if filters throw exceptions when their destroy() method is
called. (markt/kkolinko)
fix Redefine the globalXsltFile initialisation parameter of the
DefaultServlet as relative to CATALINA_BASE/conf or
CATALINA_HOME/conf. Prevent user supplied XSLTs used by the
DefaultServlet from defining external entities. (markt)
fix Add a work around for validating XML documents (often TLDs)
that use just the file name to refer to refer to the JavaEE
schema on which they are based. (kkolinko)
fix 56369: Ensure that removing an MBean notification listener
reverts all the operations performed when adding an MBean
notification listener. (markt)
fix Only create XML parsing objects if required and fix associated
potential memory leak in the default Servlet. (markt)
fix Ensure that a TLD parser obtained from the cache has the
correct value of blockExternal. (markt/kkolinko)
add Extend XML factory, parser etc. memory leak protection to
cover some additional locations where, theoretically, a
memory leak could occur. (markt)
add Add the org.apache.naming package to the packages requiring
code to have the defineClassInPackage permission when running
under a security manager. (markt)
add Add the org.apache.naming.resources package to the packages
requiring code to have the accessClassInPackage permission
when running under a security manager. (markt)
fix Make the naming context tokens for containers more robust.
Require RuntimePermission when introducing a new token.
(markt/kkolinko)
Coyote
------
fix Improve processing of chuck size from chunked headers.
Avoid overflow and use a bit shift instead of a multiplication
as it is marginally faster. (markt/kkolinko)
fix Fix possible overflow when parsing long values from a byte
array. (markt)
update 56363: Update to version 1.1.30 of Tomcat Native library.
The minimum required version of this library for APR connector
is now 1.1.30. (kkolinko)
Jasper
------
fix Change the default behaviour of JspC to block XML external
entities by default. (kkolinko)
fix Restore the validateXml option to Jasper that was previously
renamed validateTld. Both options are now supported.
validateXml controls the validation of web.xml files when
Jasper parses them and validateTld controls the validation
of *.tld files when Jasper parses them. (markt)
fix 54475: Add Java 8 support to SMAP generation for JSPs.
Patch by Robbie Gibson. (markt)
fix 56010: Don't throw an IllegalArgumentException when
JspFactory.getPageContext is used with JspWriter.DEFAULT_BUFFER.
Based on a patch by Eugene Chung. (markt)
fix 56265: Do not escape values of dynamic tag attributes
ontaining EL expressions. (kkolinko)
fix 56283: Add support for running Tomcat 6 with ecj-P20140317-1600.jar
(as drop-in replacement for ecj-4.3.1.jar). Add support for
value "1.8" for the compilerSourceVM and compilerTargetVM
options. Note that ecj-P20140317-1600.jar can only be used
when running with Java 6 or later. The "1.8" options make
sense only when running with Java 8 (or later). (kkolinko)
fix 56334: Fix a regression in the handling of back-slash escaping
introduced by the fix for 55735. (markt/kkolinko)
fix Correct the handling of back-slash escaping in the EL parser
and no longer require that \$ or \# must be followed by { in
order for the back-slash escaping to take effect. (markt)
Cluster
-------
code Refactor AbstractReplicatedMap and related classes to enable
Tomcat 6 to be compiled using Java 8. (markt)
Web applications
----------------
add 56093: Documentation for SSLValve. (markt/kkolinko)
fix Correct documentation on Windows service options, aligning
it with Apache Commons Daemon documentation. (kkolinko)
add Add support for version-major, version-major-minor tags in
documentation XSLT, to simplify documentation backports. (kkolinko)
fix Fix target and rel attributes on links in documentation.
They were lost during XSLT transformation. (kkolinko)
Other
-----
code Remove svn keywords (such as $Id) from source files and
documentation. (kkolinko)
update Improvements to the Windows installer, to align it with
installing the sevice with service.bat. Use explicit memory
sizes (--JvmMs 128 Mb and --JvmMx 256 Mb). Specify log
directory path when ininstalling, so that the log file is
written to the Tomcat logs directory, instead of
"%SystemRoot%\System32\LogFiles\Apache". (kkolinko)
update 49993, 56143: Improve service.bat script. Allow it to be
launched from non-UAC console. The UAC prompt will be shown
only once. Now there is no need to run the command shell
with elevated privileges. Improve check for JAVA_HOME and
add support for JRE_HOME. Warn if neither "client" nor
"server" JVM is found. Align classpath, display name and
other options with the exe installer. Make command names
case-insensitive. Update documentation. (kkolinko)
|
|
|
|
Work around it.
|
|
|
|
|
|
This is a security update and approved by wiz@.
Upstream changes:
Changes since 1.22.7
(bug 65839) SECURITY: Prevent external resources in SVG files.
(bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all.
|
|
From ISIHARA Takanori in PR 48939.
Bump PKGREVISION.
|
|
* Sync with seamonkey-2.26.1
|
|
|
|
Changelog:
SeaMonkey-specific changes
The delimiter for forwarded messages can now be configured.
An option to not strip signatures on reply has been added to prevent top signatures from deleting the body.
Add to Searchbar (search-engine autodiscovery) was implemented.
The location bar tooltip now shows the complete current URL in case it is displayed only partially.
See the changes page for a more complete overview.
Mozilla platform changes
The Gamepad API has been finalized and enabled (learn more).
navigator.plugins is no longer enumerable, for user privacy.
ECMAScript Internationalization API has been enabled.
'box-sizing' (dropping the -moz- prefix) has been implemented.
SharedWorker is now enabled by default.
CSS3 variables have been implemented.
Console object is now available in Web Workers.
Promises have been enabled by default.
<input type="number"> has been implemented and enabled.
<input type="color"> has been implemented and enabled.
Fixed several stability issues.
Fixed in SeaMonkey 2.26.1
MFSA 2014-54 Buffer overflow in Gamepad API
MFSA 2014-53 Buffer overflow in Web Audio Speex resampler
MFSA 2014-52 Use-after-free with SMIL Animation Controller
MFSA 2014-51 Use-after-free in Event Listener Manager
MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Fixed in SeaMonkey 2.26
MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript
MFSA 2014-46 Use-after-free in nsHostResolve
MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates
MFSA 2014-44 Use-after-free in imgLoader while resizing images
MFSA 2014-43 Cross-site scripting (XSS) using history navigations
MFSA 2014-42 Privilege escalation through Web Notification API
MFSA 2014-41 Out-of-bounds write in Cairo
MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video
MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
MFSA 2014-37 Out of bounds read while decoding JPG images
MFSA 2014-36 Web Audio memory corruption issues
MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
|
|
|
|
* Finnish translation is added and Latvian translation is removed.
* Example website (Music Academy) is removed from core distribution.
It is still available on Contao Extension Repository.
Version 3.2.12 (2014-06-18)
---------------------------
### Fixed
Replace insert tags in external redirect targets (see #6765).
### Fixed
Also apply the font settings to the ACE element (see #7103).
### Fixed
Show the placeholder image in the "edit file" dialog if the original image
exceeds the maximum dimensions supported by the GD library (see #7032).
### Fixed
Preserve whitespace before `<textarea>` tags when minifying code (see #7087).
### Fixed
Restore the PHP 5.3 compatibility of the listing module (see #7078).
### Fixed
Do not offer to drop tables or fields if the safe mode is active (see #7085).
### Fixed
Correctly detect binary fields during theme export (see #7079).
|
|
data any more. Approved by gdt@.
|
|
|
|
Version 3.3.3 (2014-06-18)
--------------------------
### Fixed
Convert insert tags before assigning the page title to the template (see #7097).
### Fixed
Correctly render images in TinyMCE in the newsletter module (see #7089).
|
|
with Perl 5.20.
|
|
|
|
usable with modern gcc.
Since the full "debug" version will behave differently to the standard
version (as it enables all the mozilla internal consistency checks, and
also drops compiler optimization), it is not very usefull when trying to
debug crashes that could be compiler bugs, or mozilla low level bugs -
so provide a new option "debug-info" that creates a debuggable, but
fully optimized version.
The result is best run from the pkgobj dir via the
work/build/dist/bin/run-mozilla script with options "-g ./firefox".
No changes to the default pkg generated.
|
|
restrictions, make the code generator issue explicit alignment requests.
|
|
=============
Version 4.2.4
=============
Version 4.2.4 of mod_wsgi can be obtained from:
https://github.com/GrahamDumpleton/mod_wsgi/archive/4.2.4.tar.gz
Bugs Fixed
----------
1. Fixed one off error in applying limit to the number of supplementary
groups allowed for a daemon process group. The result could be that if
more groups than the operating system allowed were specified to the option
``supplementary-groups``, then memory corruption or a process crash could
occur.
2. Improved error handling in setting up the current working directory and
group access rights for a process when creating a daemon process group. The
change means that if any error occurs that the daemon process group will be
restarted rather than allow it to keep running with an incorrect working
directory or group access rights.
New Features
------------
1. Added the ``--setup-only`` option to mod_wsgi express so that it is
possible to create the configuration when using the Django management command
``runmodwsgi`` without actually starting the server.
=============
Version 4.2.3
=============
Version 4.2.3 of mod_wsgi can be obtained from:
https://github.com/GrahamDumpleton/mod_wsgi/archive/4.2.3.tar.gz
Bugs Fixed
----------
1. The feature for starting mod_wsgi express using the Django management
command ``runmodwsgi`` was broken by the 4.2.2 release.
=============
Version 4.2.2
=============
Version 4.2.2 of mod_wsgi can be obtained from:
https://github.com/GrahamDumpleton/mod_wsgi/archive/4.2.2.tar.gz
Bugs Fixed
----------
1. The ``envvars`` file was being overwritten even if it existed and had
been modified.
New Features
------------
1. Output the location of the ``envvars`` file when using the
``setup-server`` command for ``mod_wsgi-express`` or if using the
``start-server`` command and the ``--envars-script`` option was being used.
2. Output the location of the ``apachectl`` script when using the
``setup-server`` command for ``mod_wsgi-express``.
=============
Version 4.2.1
=============
Version 4.2.1 of mod_wsgi can be obtained from:
https://github.com/GrahamDumpleton/mod_wsgi/archive/4.2.1.tar.gz
Bugs Fixed
----------
1. The auto generated configuration would not work with an Apache
installation where core Apache modules were statically compiled into Apache
rather than being dynamically loaded.
=============
Version 4.2.0
=============
Version 4.2.0 of mod_wsgi can be obtained from:
https://github.com/GrahamDumpleton/mod_wsgi/archive/4.2.0.tar.gz
New Features
------------
1. Added ``mod_wsgi.server_metrics()`` function which provides access to a
dictionary of data derived from the Apache worker scoreboard. In effect this
provides access to the same information that is used to create the Apache
server status page.
Note that if ``mod_status`` is not loaded into Apache, or the compile time
configuration of Apache prohibits the scoreboard from being available, this
function will return ``None``.
Also be aware that only partial information about worker status, and no
information about requests, will be returned if the ``ExtendedStatus``
directive is not also set to ``On``.
Although ``mod_status`` needs to be loaded, it is not necessary to enable
any URL to expose the server status page.
2. Added support for a platform plugin for New Relic to ``mod_wsgi-express``
which will report server status information up to New Relic if the
``--with-newrelic`` option is supplied when running mod_wsgi express.
That same option also enables the New Relic Python agent. If you only want
one or the other, you can instead use the ``--with-newrelic-agent`` and
``--with-newrelic-platform`` options.
The feature of ``mod_wsgi-express`` for reporting data up to the New Relic
Platform is dependent upon the separate ``mod_wsgi-metrics`` package being
installed.
|
|
Firefox 30.0 requires libvpx 1.30 or later.
|
|
|
|
|
|
Serf 1.3.6 [2014-06-09, from /tags/1.3.6, rxxxx]
Revert r2319 from serf 1.3.5: this change was making serf call handle_response
multiple times in case of an error response, leading to unexpected behavior.
|
|
Bugfixes
fixed support for repeated headers in lua plugin
fixed support for embedding config in OpenBSD and NetBSD
various fixes in the curl-based plugins
fixed milliseconds-based waits
fixed sharedarea poller
fixed stats server json escaper
fixed fastcgi parser and implemented eof management
improved fast on-demand mode
exclude avg_rt computation for static files
fixed variables support in uwsgi internal router
fixed websockets + keepalive ordering
disable SIGPIPE management in corutines-based loop-engines
fixed 64bit sharedarea management in 32bit systems
honour chmod/chown-socket in fd0 mode
hack for avoiding Safari iOS to make mess with keepalive
fixed log setup when both --logto and --log2
fixed mule_get_msg EAGAIN
signal_pidfile returns the right error code
fixed asyncio on OSX
New features
graceful reload of mule processes
SIGHUP is now sent to mules instead of directly killing them. You are free to trap/catch the signal in the code. If a mule does not die in the allowed "mercy time" (--mule-reload-mercy, default 60 seconds), SIGKILL will be sent.
return routing action
The new action will allow users to write simplified "break" clause.
For example, "return:403" is equivalent to "break:403 Forbidden", with response body "Forbidden".
The response body is quite useful for telling end users what goes wrong.
--emperor-no-blacklist
this new option, completely disables the blacklisting Emperor subsystem
Icecast2 protocol helpers
One of the upcoming unbit.com projects is a uWSGI based audio/video streaming server.
The plugin (should be released during europython 2014) already supports the Icecast2 protocol.
A bunch of patches have been added to the http router to support the icecast2 protocol.
For example the --http-manage-source option allows the HTTP router to honour SOURCE method requests, automatically placing them in raw mode.
--metrics-no-cores, --stats-no-cores, --stats-no-metrics
When you have hundreds (or thousands) of async cores, exposing metrics of them could be really slow.
Three new options have been added allowing you to disable the generation of core-related metrics and (eventually) their usage in the stats server.
sharedarea improvements
The sharedarea api continues to improve. Latest patches include support for mmapping device directly from the command line.
A funny way for testing it, is mapping the raspberrypi BCM2835 memory, the following example allows you to read the rpi system timer
uwsgi --sharedarea file=/dev/mem,offset=0x20003000,size=4096 ...
now you can read the 64bit value from the first (zero-based) sharedarea:
# read 64bit from 0x20003004
timer = uwsgi.sharedarea_read64(0, 0x04)
obviously, pay attention when accessing rpi memory, an error could crash the whole system !!!
UWSGI_GO_CHEAP_CODE
This exit code (15) can be raised by a worker to tell the master to not respawn it
PROXY1 support for the http router
The option --http-enable-proxy-protocol allows the HTTP router to understand PROXY1 protocol requests (like the ones made by haproxy or amazon elb)
reset_after_push for metrics
This metric attribute ensure that the matric value is reset to 0 (or its hardcoded initial_value) evry time the metric is pushed to some external system (like carbon, or statsd)
setremoteaddr
This routing action allows you to completely override the REMOTE_ADDR detected by protocol handlers:
[uwsgi]
; treat all requests as local
route-run = setremoteaddr:127.0.0.1
the resolve option
There are uWSGI options (or plugins) that do not automatically resolves dns name to ip addresses. This option allows you to map a placeholder to the dns resolution of a string:
[uwsgi]
; place the dns resolution of 'example.com' in the 'myserver' placeholder
resolve = myserver=example.com
subscribe2 = server=%(myserver),key=foobar
|
|
|
|
|
|
|
|
Various unit test helpers for WTForms forms.
|
|
* Sync with firefox24
|
|
Changelog:
Fixed in Firefox ESR 24.6
MFSA 2014-52 Use-after-free with SMIL Animation Controller
MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
|
|
|
|
Changes to GoAccess 0.8 - Tuesday, May 20, 2014
* Added APT-HTTP to the list of browsers.
* Added data persistence and ability to load data from disk.
* Added IE11 to the list of browsers.
* Added IEMobile to the list of browsers.
* Added multiple command line options.
* Added Nagios check_http to the list of browsers.
* Added parsing progress metrics - total requests / requests per second.
* Added the ability to parse a GeoLiteCity.dat to get the city given an IPv4.
* Change the way the configuration file is parsed. This will parse all
configuration options under ~/.goaccessrc or the specified config file and will
feed getopt_long with the extracted key/value pairs. This also allows the
ability to have comments on the config file which won't be overwritten.
* Ensure autoconf determines the location of ncurses headers.
* Fixed issue where geo_location_data was NULL.
* Fixed issue where GoAccess did not run without a tty allocated to it.
* Fixed potential memory leak on --log-file realpath().
* Fixed Solaris build errors.
* Implemented an on-memory hash database using Tokyo Cabinet. This implementation
allows GoAccess not to rely on GLib's hash table if one is needed.
* Implemented large file support using an on-disk B+ Tree database. This
implementation allows GoAccess not to hold everything in memory but instead it
uses an on-disk B+ Tree database.
* Trimmed leading and trailing whitespaces from keyphrases module.
|
|
* only_committed_changes could fail in a git repository merged
with git merge -s ours.
* Remove google from openid selector, per http://xkcd.com/1361/
|
