| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changelog:
* Page Source now has line numbers
* Line breaks are now supported in the title attribute
* Improvements to "Find in Page" to center search result
* URLs pasted into the download manager window are now automatically downloaded
* Support for the text-align-last CSS property has been added
* Various security fixes
* Some TinyMCE-based editors failed to load (739141)
|
|
the fdpass module.
|
|
Upstream changes:
Highlights
MDL-27891 Tag flagging is now logged
Functional changes
MDL-31095 Quiz max grade maintained when adding and removing questions
MDL-30031 Quiz Adaptive mode ignores invalid answers without penalty
Security issues
MSA-12-0013 - Database activity export permission issue
MSA-12-0014 - Password and Web services issue
MSA-12-0015 - Backup and private files issue
MSA-12-0016 - Default repository capabilities issue
MSA-12-0017 - Personal information leak issue
MSA-12-0018 - Course information leak in Gradebook export
MSA-12-0019 - Overview report and hidden course issue
MSA-12-0020 - Forum subscription permission issue
MSA-12-0021 - Course information leak through tags
MSA-12-0022 - Security conflict in Web services
Fixes and improvements
MDL-31248 Change to RC4 encryption is now backwards compatible
- Note: all users will need to log in to set a new cookie after this update
MDL-31213 Problem with new password form was fixed
MDL-29254 Problem adding blog entries after an update from 1.9 was resolved
MDL-22896 Forum messages with ampersands are now sent correctly by email
MDL-27793 Login names now appear consistently in all themes across all languages
MDL-26037 When importing in a site with lots of courses, all courses are checked
MDL-30484 Regrading quiz causes essay attachments to disappear
MDL-28364 Correct import formats accepted when importing questions
MDL-31407 Quiz grades are saved properly when the submitter is not the user taking the quiz
MDL-31876, MDL-31495 Quiz performance improvements have been made
|
|
Three external libraries included in WordPress received security updates:
* Plupload (version 1.5.4), which WordPress uses for uploading media.
* SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
* SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.
WordPress 3.3.2 also addresses:
* Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
* Cross-site scripting vulnerability when making URLs clickable.
* Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.
|
|
some improvements and clarify LICENSE.
|
|
|
|
bump pkgrev
|
|
Update Japanese language files.
|
|
2012-02-18 WWW-RobotRules 6.02
Restore perl-5.8.1 compatiblity.
|
|
2012-02-16 Net-HTTP 6.03
Restore blocking override for Net::SSL [RT#72790]
Restore perl-5.6 compatiblity.
|
|
2012-02-16 LWP-MediaTypes 6.02
Update the media.types database
Restore perl-5.6 compatiblity.
|
|
Restore perl-5.8.1 compatiblity.
|
|
2012-02-16 HTTP-Message 6.03
Support 'bzip2' as alternative to Content-Encoding: x-bzip2. Some
servers seem to return it.
Make newlines in forms be "\r\n" terminated.
Added some more status codes.
Restore perl-5.8.1 compatiblity.
|
|
2012-03-30 HTTP-Date 6.02
Added support for parsing dates with (faulty) double TZ spec [RT#75150]
Doc tweaks.
2012-02-15 HTTP-Date 6.01
Restore perl-5.6 compatiblity. Drop MacOS (classic) support.
|
|
If you bind localhost, don't trust gethostbyaddr() to resolve the
address. [RT#67247]
Restore perl-5.8.1 compatiblity.
|
|
Restore 5.8.1 compatiblity.
|
|
2012-03-25 Gisle Aas <gisle@ActiveState.com>
Release 1.60
Gisle Aas (3):
Merge pull request #4 from hiratara/fix-repourl
Updated repository URL
Avoid failure if the local hostname is 'foo' [RT#75519]
Masahiro Honma (1):
Fix the URL of the repository.
Matt Lawrence (1):
Do not reverse the order of new parameters
Peter Rabbitson (1):
Fix RT#59274 - courtesy of a stupid 5.8.[12] join bug
|
|
|
|
firewall for nginx.
|
|
* Remove dead link from plugins/teximg. Closes: #664885
* inline: When the pagenames list includes pages that do not exist, skip
them.
* meta: Export author information in html <meta> tag. Closes: #664779
Thanks, Martin Michlmayr
* notifyemail: New plugin, sends email notifications about new and
changed pages, and allows subscribing to comments.
* Added a "changes" hook. Renamed the "change" hook to "rendered", but
the old hook name is called for now for back-compat.
* meta: Support keywords header. Closes: #664780
Thanks, Martin Michlmayr
* passwordauth: Fix url in password recovery email to be absolute.
* httpauth: When it's the only auth method, avoid a pointless and
confusing signin form, and go right to the httpauthurl.
* rename: Allow rename to be started not from the edit page; return to
the renamed page in this case.
* remove: Support removing of pages in the transient underlay. (smcv)
* inline, trail: The pagenames parameter is now a list of absolute
pagenames, not relative wikilink type names. This is necessary to fix
a bug, and makes pagenames more consistent with the pagespec used
in the pages parameter. (smcv)
* link: Fix renaming wikilinks that contain embedded urls.
* graphviz: Handle self-links.
* trail: Improve CSS, also display trail links at bottom of page,
and a bug fix. (smcv)
Add dependency on p5-HTML-Tree, suggested by Matthias Rampke in PR pkg/45688.
|
|
|
|
XXX It would be nice if lessons were learned and no new cases of
XXX multiple versions with the same base name were introduced...
|
|
* Many bugfixes
* Translation updates
|
|
* Bugfixes
* Many improvements
|
|
|
|
* Disable mod_proxy_html explicitly.
Changes with Apache 2.4.2
*) SECURITY: CVE-2012-0883 (cve.mitre.org)
envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
current working directory to be searched for DSOs. [Stefan Fritsch]
*) mod_slotmem_shm: Honor DefaultRuntimeDir [Jim Jagielski]
*) mod_ssl: Fix crash with threaded MPMs due to race condition when
initializing EC temporary keys. [Stefan Fritsch]
*) mod_proxy: Add the forcerecovery balancer parameter that determines if
recovery for balancer workers is enforced. [Ruediger Pluem]
*) Fix MPM DSO load failure on AIX. [Jeff Trawick]
*) mod_proxy: Correctly set up reverse proxy worker. PR 52935.
[Petter Berntsen <petterb gmail.com>]
*) mod_sed: Don't define PATH_MAX to a potentially undefined value, causing
compile problems on GNU hurd. [Stefan Fritsch]
*) core: Add ap_runtime_dir_relative() and DefaultRuntimeDir.
[Jeff Trawick]
*) core: Fix breakage of Listen directives with MPMs that use a
per-directory config. PR 52904. [Stefan Fritsch]
*) core: Disallow directives in AllowOverrideList which are only allowed
in VirtualHost or server context. These are usually not prepared to be
called in .htaccess files. [Stefan Fritsch]
*) core: In AllowOverrideList, do not allow 'None' together with other
directives. PR 52823. [Stefan Fritsch]
*) mod_slotmem_shm: Support DEFAULT_REL_RUNTIMEDIR for file-based shm.
[Jim Jagielski]
*) core: Fix merging of AllowOverrideList and ContentDigest.
[Stefan Fritsch]
*) mod_request: Fix validation of the KeptBodySize argument so it
doesn't always throw a configuration error. PR 52981 [Eric Covener]
*) core: Add filesystem paths to access denied / access failed messages
AH00035 and AH00036. [Eric Covener]
*) mod_dumpio: Properly handle errors from subsequent input filters.
PR 52914. [Stefan Fritsch]
*) Unix MPMs: Fix small memory leak in parent process if connect()
failed when waking up children. [Joe Orton]
*) "DirectoryIndex disabled" now undoes DirectoryIndex settings in
the current configuration section, not just previous config sections.
PR 52845. [Eric Covener]
*) mod_xml2enc: Fix broken handling of EOS buckets which could lead to
response headers not being sent. PR 52766. [Stefan Fritsch]
*) mod_ssl: Properly free the GENERAL_NAMEs. PR 32652. [Kaspar Brand]
*) core: Check during config test that directories for the access
logs actually exist. PR 29941. [Stefan Fritsch]
*) mod_xml2enc, mod_proxy_html: Enable per-module loglevels.
[Stefan Fritsch]
*) mod_filter: Fix segfault with AddOutputFilterByType. PR 52755.
[Stefan Fritsch]
*) mod_session: Sessions are encoded as application/x-www-form-urlencoded
strings, however we do not handle the encoding of spaces properly.
Fixed. [Graham Leggett]
*) Configuration: Example in comment should use a path consistent
with the default configuration. PR 52715.
[Rich Bowen, Jens Schleusener, Rainer Jung]
*) Configuration: Switch documentation links from trunk to 2.4.
[Rainer Jung]
*) configure: Fix out of tree build using apr and apr-util in srclib.
[Rainer Jung]
|
|
*) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
|
|
* Support for time zones
* Support for in-browser testing frameworks
* Updated default project layout and manage.py
* Custom project and app templates
* Improved WSGI support
* Improved password hashing
* HTML5 doctype
* List filters in admin interface
* Multiple sort in admin interface
* New ModelAdmin methods
More...
|
|
changes:
-new options, minor improvements
-bugfixes
|
|
Contains fix for XSS, https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/.
2012-04-17 7bec4f3 [RELEASE] Release of TYPO3 4.6.8 (TYPO3 v4 Release Team)
2012-04-17 e894089 #34348 [SECURITY] XSS in exception handler (Oliver Klee)
2012-04-17 da929e3 [TASK] Raise submodule pointer (TYPO3 v4 Release Team)
2012-04-15 4fb406e #36027 [BUGFIX] Localisation update doesn't work (Sebastian Fischer)
2012-04-14 a444816 #34742 [TASK] Change hardcoded URL to constant (dkd-egerer Sascha Egerer)
2012-04-14 32017dc #33497,#34897 [BUGFIX] t3lib_http_Request can not be loaded in frontend (Philipp Gampe)
2012-04-13 efe107e #34923 [BUGFIX] Hardcoded variable in CookieJar.php (Philipp Gampe)
2012-04-12 f1bb34c #32581 [BUGFIX] Slider doesn't work in IE9 (Jigal van Hemert)
2012-04-12 88135a6 #35202 [BUGFIX] Fix the unit tests to work with PHPUnit 3.6 (Oliver Klee)
2012-04-12 f68a85e #34860,#33685 [BUGFIX] Results from live search and opendocs can't be opened (Stefan Galinski)
2012-04-12 fbde347 #35905 [BUGFIX] Failing test in autoloader with phpunit 3.6 (Christian Kuhn)
2012-04-12 fed2e3c #35897 [BUGFIX] Failing test in caching framework memcache backend (Christian Kuhn)
2012-04-11 87e9436 #35847 [BUGFIX] t3lib_div::getUrl() providing wrong error information (Ingo Renner)
2012-04-11 7825e7a #35272 [BUGFIX] Enable XClassing of t3lib_install by replacing new (Kay Strobach)
2012-04-11 51d1dcf #35126 [BUGFIX] Use state "excludeFromUpdates" in update check (Jigal van Hemert)
2012-04-10 e1c402f #35257 [BUGFIX] ext_icon.gif for EXT:impexp (Georg Ringer)
2012-04-08 f4e9e59 #34695 [BUGFIX] missing parameter for implode (Jigal van Hemert)
2012-04-05 80946db #31831 [BUGFIX] "Allowed excludefields" misses non-tt_content FlexForms (Kai Vogel)
2012-04-05 bd038d6 #32517 [BUGFIX] Set filename to downloaded resource in t3lib_compressor (Morton Jonuschat)
2012-03-29 2df8eda #34625 [BUGFIX] preg_spliti should be preg_split (Georg Ringer)
|
|
Contains fix for XSS, https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/.
2012-04-17 7bd7fa7 [RELEASE] Release of TYPO3 4.5.15 (TYPO3 v4 Release Team)
2012-04-17 34cd65d #34348 [SECURITY] XSS in exception handler (Oliver Klee)
2012-04-17 03ed1e3 [TASK] Raise submodule pointer (TYPO3 v4 Release Team)
2012-04-15 bd08193 #36027 [BUGFIX] Localisation update doesn't work (Sebastian Fischer)
2012-04-14 455c288 #34742 [TASK] Change hardcoded URL to constant (dkd-egerer Sascha Egerer)
2012-04-13 d92797c #24884 [BUGFIX] Saving Page Tree states issues in large environments (cybercraft)
2012-04-12 89232cd #35202 [BUGFIX] Fix the unit tests to work with PHPUnit 3.6 (Oliver Klee)
2012-04-12 573c480 #34860,#33685 [BUGFIX] Results from live search and opendocs can't be opened (Stefan Galinski)
2012-04-12 df51e20 #35897 [BUGFIX] Failing test in caching framework memcache backend (Christian Kuhn)
2012-04-11 174d81f #35847 [BUGFIX] t3lib_div::getUrl() providing wrong error information (Ingo Renner)
2012-04-11 8d9854c #35272 [BUGFIX] Enable XClassing of t3lib_install by replacing new (Kay Strobach)
2012-04-10 d5b2b13 #35257 [BUGFIX] ext_icon.gif for EXT:impexp (Georg Ringer)
2012-04-08 f9fe38e #34695 [BUGFIX] missing parameter for implode (Jigal van Hemert)
2012-04-05 c49f742 #31831 [BUGFIX] "Allowed excludefields" misses non-tt_content FlexForms (Kai Vogel)
2012-03-29 2a25362 #34625 [BUGFIX] preg_spliti should be preg_split (Georg Ringer)
2012-03-28 a2b1f8c #25021 [BUGFIX] Creating new pages via drag'n'drop respects page TS (Philipp Kitzberger)
|
|
|
|
* Add some modules like apache22
* Fix lua option build
|
|
bugfixes.
|
|
The lua option is disabled by default.
|
|
|
|
|
|
|
|
|
|
The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
This package tracks 2.4.x release.
|
|
|
|
builds on several contributed code bases (nWidgets, Burstlib, f(m)),
which is why we refer to it sometimes as a "unified" toolkit. Dojo
aims to solve some long-standing historical problems with DHTML
which prevented mass adoption of dynamic web application development.
|
|
in case certificates are not installed reported by David Holland
|
|
|
|
This is API incompatible to pkgsrc/www/librest, and can coexist.
|
|
=== RELEASE 2.6 ===
Sat Apr 7 03:54:41 CEST 2012 mikulas:
Fixed reads and writes out of memory in the xbm decoder
It may have security implications
Mon Apr 2 05:34:15 CEST 2012 mikulas:
Fixed character set in the window title in X11
Fri Mar 30 05:10:32 CEST 2012 mikulas:
Check EINTR after each syscall to work around non-working SA_RESTART
on some old Unices
Wed Mar 28 22:11:23 CEST 2012 mikulas:
Fixed access out of allocated memory in the graphics renderer.
It may have security implications --- although just two characters
('-' and 0) were written to the unallocated area.
Tue Mar 27 21:49:38 CEST 2012 mikulas:
Fixed an infinite loop in usemap when invalid html tag was processed
Sun Mar 25 04:46:43 CEST 2012 mikulas:
Fixed a crash if the user runs links with pipe on stdin
Sun Mar 25 02:42:11 MET 2012 mikulas:
Fixed inefficiency when moving or dragging mouse over big documents
Sat Mar 24 01:26:05 CET 2012 mikulas:
Fixed inefficiency when displaying documents with long lines
Wed Mar 7 23:02:27 CET 2012 mikulas:
Fix copy and paste of Unicode characters to/from Xwindow
clipboard
Tue Feb 28 21:04:51 CET 2012 mikulas:
Fixed visual glitches in the select box in text-mode UTF-8
Sun Feb 26 18:31:17 MET 2012 mikulas:
Use key ' to move forward
Thu Feb 23 23:13:35 CET 2012 mikulas:
Fixed access out of memory when pasting too long string from
a clipboard
Thu Feb 23 00:52:09 CET 2012 mikulas:
The NSS encryption library can cause browser lockup. Add a warning.
The user should use OpenSSL instead of NSS.
Wed Feb 22 23:11:45 CET 2012 mikulas:
Fix for big endian Xserver
Tue Feb 21 03:03:33 MET 2012 mikulas:
Restrict textarea and input field width to screen size minus margins
Tue Feb 21 00:29:09 CET 2012 mikulas:
Fixed saving formatted document when UTF-8 is used
Sun Feb 19 22:24:20 MET 2012 mikulas:
Fixed a crash if the user selected "Frame at full-screen" in the menu
and there was no page displayed in the current frame
Mon Feb 13 19:35:07 MET 2012 mikulas:
Reload bookmarks if some other Links instance changes them
Mon Feb 13 18:37:41 MET 2012 mikulas:
Fixed some messages about decompression errors when http authentication
and compression was used at the same time
Sun Feb 12 18:32:26 MET 2012 mikulas:
Display filename and percentage in the download menu
Sun Feb 12 17:50:01 MET 2012 mikulas:
Fixed divide-by-zero crash in the download code
Sun Feb 12 15:22:12 MET 2012 mikulas:
Continue downloads to partially downloaded file
Tue Feb 7 07:13:49 MET 2012 mikulas:
Add information about versions of libraries
Tue Feb 7 00:39:28 cet 2012 mikulas:
Fixed visual glitches in the list editor
Sun Feb 5 20:35:43 cet 2012 mikulas:
Fixed integer overflows if file cache has more than 2GB
Mon Jan 23 21:54:19 MET 2012 mikulas:
Don't compact <br> tags inside <pre> (fixes line numbers in
source code viewer on github)
Mon Jan 23 03:23:07 CET 2012 mikulas:
Support non-english keyboard in the Xwindow driver
Sun Jan 15 01:42:59 cet 2012 mikulas:
When opening a new window, copy html options from the existing session
Sat Jan 14 22:59:53 cet 2012 mikulas:
Support #! translation according to Google specification
Thu Jan 5 02:43:42 CET 2012 mikulas:
Fixed reading of a freed memory if the user deletes a user program
while a query box with user programs is displayed
Fri Dec 30 15:34:11 MET 2011 mikulas:
Allow the user to set local IP address
Thu Dec 29 18:41:51 MET 2011 mikulas:
Allow the user to change colors
|
|
${PLIST.eggfile} from PLISTs and support code from lang/python.
|
|
Remove devel/py-ctypes (only needed by and supporting python24).
Remove PYTHON_VERSIONS_ACCEPTED and PYTHON_VERSIONS_INCOMPATIBLE
lines that just mirror defaults now.
Miscellaneous cleanup while editing all these files.
|
|
course unless fixed. As far as anyone has been able to figure out so
far, this is actually an older version of devel/SOPE.
|
|
|
