| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- squid-2.5.STABLE9-LDAP_SUN_SDK.patch
- squid-2.5.STABLE9-2GB.patch
Bump PKGREVISION.
|
|
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-33 Javascript "lambda" replace exposes memory contents
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
|
|
* Add one more offcial patch:
- 2005-04-05 23:05 (Cosmetic) should syslog to daemon facility not local4
* One patch updated, so update DIST_SUBDIR through DIST_STAMP change.
* Add aufs to --enable-storeio configuration.
TODO: use <bsd.options.mk> frame work and allow to use
--enable-pf-transparent which is mutual exclusive parameter
with --enable-ipf-transparent.
|
|
|
|
|
|
|
|
share/htdig/common/root2word.db
share/htdig/common/word2root.db
with md5 checksums, because they get changed too often; use
@unexec ${RM} instead.
Bump PKGREVISION for thus fixed PLIST.
|
|
itself. Okayed by the maintainer, taya@.
|
|
|
|
|
|
new Acrobat 7 reader.
|
|
gets restarted when "/etc/rc.d/apache restart" is used. This fixes
PR pkg/24179 for the "apache" package.
Based on a similar change for the apache2 package.
Bump PKGREVISION.
|
|
gets restarted when "/etc/rc.d/apache restart" is used. This fixes
PR pkg/24179 for the "apache2" package.
|
|
|
|
|
|
been renamed to firefox-bin.
|
|
package to match.
There are no firefox gtk1 binary packages for linux any longer, so
no need to keep two different -bin packages around.
This way it also matches the non-bin firefox packages.
|
|
|
|
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-33 Javascript "lambda" replace exposes memory contents
MFSA 2005-34 javascript: PLUGINSPAGE code execution
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
|
|
the following security issues:
MFSA 2005-33 Javascript "lambda" replace exposes memory contents
MFSA 2005-34 javascript: PLUGINSPAGE code execution
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
|
|
not available yet but it includes security fixes for e.g. SA14821.
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
|
|
|
|
to fix binary packages.
|
|
to fix binary packages.
|
|
* Bug-fixes and improvements
|
|
bump PKGREVISION.
fix PR pkg/29595
|
|
- added mkcert to help with certificate creation
|
|
|
|
conditionals and buildlink logic, and convert to standard DEPENDS
|
|
|
|
This is a maintenance release that in addition to over 70 non-critical
bug fixes addresses several security issues inside the exif and
fbsql extensions as well as the unserialize(), swf_definepoly()
and getimagesize() functions. All Users of PHP are strongly
encouraged to upgrade to this release.
Bugfix release
* Crash in bzopen() if supplied path to non-existent file.
* DOM crashing when attribute appended to Document.
* unserialize() float problem on non-English locales.
* Crash in msg_send() when non-string is stored without being serialized.
* Possible infinite loop in imap_mail_compose().
* Fixed crash in chunk_split(), when chunklen > strlen.
* session_set_save_handler crashes PHP when supplied non-existent object ref.
* Memory leak in zend_language_scanner.c.
* Compile failures of zend_strtod.c.
* Fixed crash in overloaded objects & overload() function.
* cURL functions bypass open_basedir.
PHP4 also doesn't bundle PEAR Net_Socket and Net_SMTP anymore now.
|
|
taken from the ap-ssl package (which is for apache 1.3.x).
|
|
Changes since 7.1 according to
http://wp.netscape.com/eng/mozilla/ns7/relnotes/7.html:
* Popup Window Controls have been improved to block mouseover pop-ups and
limit the number of pop-ups when popup window controls preference is set
to off.
* Password Manager allows you to display saved passwords.
* vCard support in Netscape Mail.
* Improvements to Palm Sync.
* Table Editing controls in Composer.
* New Macromedia? Flash 7 plugin for Windows.
* Improvements in browser rendering speed and application start-up.
* Improvements in standards support.
|
|
Fri Apr 1 10:20:14 JST 2005 sugi@nemui.org
* Include errno.h
Fri Apr 1 08:09:13 JST 2005 aredridel@nbtsc.org
* Report actual errors
Adds reporting of errors fcgi experiences. Credit to David Heinemier Hansson
for discovery.
Fri Apr 1 08:08:07 JST 2005 aredridel@nbtsc.org
* FHS Include Paths
Wed Mar 30 21:45:11 JST 2005 sugi@nemui.org
* 16k+request-memleak
fix memory leak when 16k+/reqest.
from http://enigo.com/projects/iowa/fcgipatch.html
Wed Mar 30 21:43:02 JST 2005 sugi@nemui.org
* fix-check_stream_error
Simple fix in CHECK_STREAM_ERROR for Potential DoS
see http://groups-beta.google.com/group/comp.lang.ruby/browse_thread/thread/f51e79974a454b70/54fe207411e9eb05
for details.
|
|
|
|
Simple support for publishing Web Service APIs for Rails applications.
Supports SOAP and XML-RPC, as well as generating WSDL for SOAP
bindings.
|
|
|
|
Action Pack splits the response to a web request into a controller
part (performing the logic) and a view part (rendering a template).
This two-step approach is known as an action, which will normally
create, read, update, or delete (CRUD for short) some sort of model
part (often backed by a database) before choosing either to render a
template or redirecting to another action.
Action Pack implements these actions as public methods on Action
Controllers and uses Action Views to implement the template rendering.
Action Controllers are then responsible for handling all the actions
relating to a certain part of an application. This grouping usually
consists of actions for lists and for CRUDs revolving around a single
(or a few) model objects. So ContactController would be responsible
for listing contacts, creating, deleting, and updating contacts. A
WeblogController could be responsible for both posts and comments.
Action View templates are written using embedded Ruby in tags mingled
in with the HTML. To avoid cluttering the templates with code, a
bunch of helper classes provide common behavior for forms, dates, and
strings. And it's easy to add specific helpers to keep the separation
as the application evolves.
|
|
|
|
fixes "Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability"
See following pages for detail.
http://secunia.com/advisories/14820/
https://bugzilla.mozilla.org/show_bug.cgi?id=288688
Bump PKGREVISION.
|
|
Changes since 0.10.1:
0.10.2:
New features:
- Merge in the official debian packaging files so it is now easy to
build your own .deb files. Just apt-get install devscripts and run
debuild in the ELinks root directory.
- Add experimental Ruby scripting back-end. An example hooks file is
available in contrib/ruby/hooks.rb but it doesn't do anything
interesting yet.
Feature updates and improvements:
- Add LEDs info dialog. It can be opened using the Help menu and when
the LED display is clicked.
- Introduce a very simple ECMAScript pop-up window blocking mechanism.
Will show a 'P' in the LED indicators. Off by default.
- Add an example user style sheet and configuration file in contrib/.
- Add support for disabling extended horizontal scrolling, so it will
work like vertical scrolling. Requested by Russ Rowan.
- Optimize CSS style handling.
- Enable usage of the search history also for incremental link text
searching.
- Add a little help text to the terminal options dialog, which also
indicates the value of the TERM environment variable. Hopefully this
will help new users to figure out how configuration of terminals
works.
- When in cursor-routing mode, scroll the document as many rows or
columns as necessary rather than only be one row or one column.
- A few documentation updates.
Bugs fixed:
- Fix handling of forms embedded in table code. (bug 602)
- Alert about file saving error when -no-home was given.
- The default user style sheet is now applied correctly.
- Fix leak related to CSS being disabled and applying the default
style sheet.
- Fix underline rendering when using 256 colors.
- Localization fixes.
- Fix calling of get-proxy scripting hooks. Now they should work
again.
- When using the goto link number functionality in cursor-routing
mode, position the cursor on the newly selected link.
- Compile fixes for *BSD and IRIX systems. Reported by Nelson H. F. Beebe.
0.10.3:
New features:
- Merge the MingGW patches so that --dump should now work. The patches
also improves portability.
Feature updates and improvements:
- Change the behavior of an empty action attribute to be like Mozilla
which handles action="" as action="<current-URI>". (bug 615)
- The Perl hooks file is growing more and more insane thanks to Russ.
- Improve the reporting of errors related to the proxy configuration.
- Add toggle HTML/plain to the right click menu (aka. the tab menu),
and make it to not display reload/bookmark when no document is
available.
- Add a <base href=cwd /> element to the generated listing of local
directories.
- When the URL parameter to the Refresh HTTP-equiv is missing refresh
the current document.
Bugs fixed:
- Fix opening of either single bookmarks or folders referring to URLs
without a slash at the end.
- Fix honouring of the Refresh-header when the loaded document is
empty.
- Fix CSS handling by reverting the proposed optimization introduced in
0.10.2.
- Fix displaying of ordered lists when <li> is not directly nested in
<ol>-elements.
- Build fixes on amd64.
- Fix the Perl get-proxy hook so that an undef return value from the
Perl hook results in the default proxy being used, as is supposed to
be the case with get-proxy hooks.
- Fix compile error related name clashes with the <locale.h> system
header.
- The debian package now really contains relevant documentation from
doc/.
- Only create $prefix/lib directory if the gettext code is going to
install a new charset.alias file.
- Truncate NNTP cache entries when ending connections.
0.10.4:
New features:
- Explicit keyboard accelerators were defined for buttons in
dialogue boxes and are now highlighted.
- Add support for bookmarks separators.
Feature updates and improvements:
- Switch to use a ``new'' FTP directory listing parser based on code
from GNU Wget. The switch is motivated by licensing issues with
ftpparse.[ch] files. (debian bug 300889)
- More hooks.pl updating by the new cvs commiter Russ Rowan.
- Change the verbose level to show warnings (debian bug 303083)
- Add FAQ from homepage in doc/ directory. (debian bug 301861)
- When block cursor terminal option is set, keep cursor at lower
right of screen in dialogs too. (bug 583)
- Use plural gettext message IDs, which make the resource info
dialog more readable.
- 'I' in the LEDs now mean "insert mode" and 'i' now mean modeless.
The change is due to document.browse.forms.insert_mode defaulting
to 1.
- Strip protocol part (ftp://, etc) also from proxy strings returned
from scripting hooks.
- Add option to control whether (expanded) folder states should be
stored when saving bookmarks (bookmarks.folder_state). Defaults to
on; the current behavior. (bug 642)
- Do not display terminal options help text when terminal height is
too low.
- Introduce the option infofiles.secure_save_fsync, which allows one
to configure whether secure file saving calls fsync(3).
- Move focus to the first widget when clearing a dialog.
- Add two new functions available from Lua scripts:
set_option(name, value) and and get_option(name).
Bugs fixed:
- Only add /dev/stdin to the URL list when no URLs was given on the
command line. Allow special files when /dev/stdin is added.
(debian bug 296976)
- Fix reading from /dev/stdin on Mac OS X. (bug 616)
- Fix Guile and Ruby detection, it was a quoting issue.
- Fix handling of empty cache entries in the HTML highlighting
engine.
- Fix redirection issues on newsnow.co.uk due to single quotes
enclosing of URL.
- Add dialog.checkbox-selected color to options. (bug 644)
- Decode the subject when handling mailto: links. There is still an
encoding problem when adding the subject to the command string.
- Fix displaying of accesskeys.
- Encode the base href URI when generating file listings. (bug 358)
|
|
Install into ${PREFIX}/tomcat5 in the same way as tomcat4 does, to avoid
conflicts with tomcat55.
|
|
fixes "Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability"
See following pages for detail.
http://secunia.com/advisories/14820/
https://bugzilla.mozilla.org/show_bug.cgi?id=288688
Bump PKGREVISION.
|
|
Release Notes for Clearsilver 0.9.14 03/08/2005
-------------------------------------
bugfix release
- one incompatible change: semi-public function cgi_html_ws_strip now
takes a second argument to set the level of stripping
- white space stripper now has two levels: 1 is the old debug level
(which doesn't strip whitespace at the beginning of a line) and the
second strips all duplicate whitespace
- fix for cgi_register_strfuncs missing for ruby/perl modules
- fix for color problems in generated images in imd with GD2
|
|
|
|
(I saw that my pkg/share/examples was not a directory but a Count
configuration file.)
|
|
|
|
Changes in 3.0.5, released 2005-01-22:
* Fixed links in human readable diff view when it's the default diff format.
* Submitting the option form preserves hidden user settings.
* Improvements related to tightly controlled setups such as SELinux.
* Configuration and configuration documentation improvements.
* Tab expansion fix for HTMLized views.
|
|
use different sub directory and bump package revision.
|
|
|
