summaryrefslogtreecommitdiff
path: root/www
AgeCommit message (Collapse)AuthorFilesLines
2012-12-20Consistently return a value.joerg2-4/+13
2012-12-20Update to version 5.0.1.spz2-13/+14
Upstream changelog: 5.0.1: This release fixes two security vulnerabilities in Roller, listed below: CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability CVE-2012-2381: Apache Roller Cross-Site-Scripting (XSS) vulnerability 5.0: What's new in Roller 5.0: https://cwiki.apache.org/confluence/display/ROLLER/What's+new+in+Roller+5.0
2012-12-20Update drupal6 to 6.27 fixed security problem.taca3-7/+25
* Add a possible fix of SA4931, too. Drupal 6.27, 2012-12-19 ---------------------- - Fixed security issues (multiple vulnerabilities), see SA-CORE-2012-004.
2012-12-20Update drupal7 to 7.18 fixed security problem.taca3-8/+8
* Fix misspelling in options.mk Drupal 7.18, 2012-12-19 ----------------------- - Fixed security issues (multiple vulnerabilities). See SA-CORE-2012-004.
2012-12-19prevent using lang/ruby, it will conflict with pkg_alternatives.obache1-2/+4
2012-12-19I forgot to update distinfo after small fix to patches/patch-tools_cachemgr.c.taca1-2/+2
2012-12-18Update opera to 12.12.obache2-17/+17
Release notes Release date: 2012-12-18 Opera 12.12 is a recommended upgrade offering security and stability enhancements. Fixes and Stability Enhancements since Opera 12.11 General and User Interface * Several general fixes and stability improvements * New option `Delete settings and data for all extensions' option (off by default) in the Delete Private Data dialog * Corrected an issue where using the 'Delete Private Data' dialog could delete extension and settings data * Redesigned the 'Delete Private Data' dialog to be more usable with small screens * Fixed an issue where quitting Opera while in fullscreen mode could cripple the interface on the next start-up Security * Fixed an issue where malformed GIF images could allow execution of arbitrary code; see our advisory http://www.opera.com/support/kb/view/1038/ * Fixed an issue where repeated attempts to access a target site could trigger address field spoofing, as reported by Masato Kinugawa; see our advisory http://www.opera.com/support/kb/view/1040/ UNIX-only * Fixed an issue where private data could be disclosed to other computer users, or be modified by them, as reported by Jann Horn; see our advisory http://www.opera.com/support/kb/view/1039/
2012-12-17Add a libidn option (defaulting to on) which allows libidn support to beagc2-5/+11
turned off in www/curl. Modify the curl package to be aware of the libidn option. Ensure default is on. No functional change, so no version number bump.
2012-12-17Update thin to 1.5.0.taca2-6/+6
== 1.5.0 Knife * Fix compilation under Ubuntu 12.04 with -Werror=format-security option. * Raise an error when no PID file. * Prevent duplicate response headers. * Make proper response on exception [MasterLambaster]. * Automatically close idling pipeline connections on server stop [MasterLambaster].
2012-12-17Update ruby-unicorn to 4.5.0.taca3-106/+10
=== unicorn 4.5.0 - check_client_connection option / 2012-12-07 22:59 UTC The new check_client_connection option allows unicorn to detect most disconnected local clients before potentially expensive application processing begins. This feature is useful for applications experiencing spikes of traffic leading to undesirable queue times, as clients will disconnect (and perhaps even retry, compounding the problem) before unicorn can even start processing the request. To enable this feature, add the following line to a unicorn config file: check_client_connection true This feature only works when nginx (or any other HTTP/1.0+ client) is on the same machine as unicorn. A huge thanks to Tom Burns for implementing and testing this change in production with real traffic (including mitigating an unexpected DoS attack). ref: http://mid.gmane.org/CAK4qKG3rkfVYLyeqEqQyuNEh_nZ8yw0X_cwTxJfJ+TOU+y8F+w@mail.gmail.com This release fixes broken Rainbows! compatibility in 4.5.0pre1. === unicorn 4.5.0pre1 - check_client_connection option / 2012-11-29 23:48 UTC The new check_client_connection option allows unicorn to detect most disconnected clients before potentially expensive application processing begins. This feature is useful for applications experiencing spikes of traffic leading to undesirable queue times, as clients will disconnect (and perhaps even retry, compounding the problem) before unicorn can even start processing the request. To enable this feature, add the following line to a unicorn config file: check_client_connection true A huge thanks to Tom Burns for implementing and testing this change in production with real traffic (including mitigating an unexpected DoS attack). === unicorn 4.4.0 - minor updates / 2012-10-11 09:11 UTC Non-regular files are no longer reopened on SIGUSR1. This allows users to specify FIFOs as log destinations. TCP_NOPUSH/TCP_CORK is no longer set/unset by default. Use :tcp_nopush explicitly with the "listen" directive if you wish to enable TCP_NOPUSH/TCP_CORK. Listen sockets are now bound _after_ loading the application for preload_app(true) users. This prevents load balancers from sending traffic to an application server while the application is still loading. There are also minor test suite cleanups.
2012-12-17Update ruby-sass to 3.2.3.taca3-7/+14
3.2.3 * sass --watch no longer crashs when a file in a watched directory is deleted. * Allow @extend within bubbling nodes such as @media. * Fix various JRuby incompatibilities and test failures. * Work around a performance bug that arises from using @extend with deeply-nested selectors. 3.2.2 * Add a --poll option to force sass --watch to use the polling backend to Listen. * Fix some error reporting bugs related to @import. * Treat protocol-relative URLs in @imports as static URLs, just like http and https URLs. * Improve the error message for misplaced simple selectors. * Fix an option-handling bug that was causing errors with the Compass URL helpers. * Fix a performance issue with @import that only appears when ActiveSupport is loaded. * Fix flushing of actions to stdout. Thanks to Russell Davis (http://github.com/russelldavis). * Fix the documentation for the max() function. * Fix a @media parsing bug. Deprecations -- Must Read! * Sass will now print a warning when it encounters a single @import statement that tries to import more than one file. For example, if you have @import "screen" and both screen.scss and _screen.scss exist, a warning will be printed. This will become an error in future versions of Sass.
2012-12-17Remove ruby-jquery-rails10 since ruby-jquery-rails supports all Ruby ontaca4-49/+0
Rails versions.
2012-12-17Delete ruby-jquery-rails10.taca1-2/+1
2012-12-17Update ruby-jquery-rails to 2.1.4.taca3-10/+8
* Now this package support all Ruby on Rails packages. ## 2.1.4 (26 November 2012) - Updated to jQuery 1.8.3 - Updated to jQuery UI 1.9.2 - Rails 4 compatibility - Rails 3.0 compatibility - Rails 3.1 (without asset pipeline) compatibility ## 2.1.3 (24 September 2012) - Updated to latest jquery-ujs - Updated to jQuery 1.8.2
2012-12-17Change ruby-jquery-rails20 to ruby-jquery-rails.taca1-2/+2
2012-12-17Move ruby-jquery-rails to ruby-jquery-rails20.taca4-3/+3
2012-12-17Update ruby-net-http-persistent to 2.8.taca2-6/+6
=== 2.8 / 2012-10-17 * Minor enhancements * Added Net::HTTP::Persistent::detect_idle_timeout which can be used to determine the idle timeout for a host. * The read timeout may now be updated for every request. Issue #33 by Mislav Marohnić * Added NO_PROXY support. Pull Request #31 by Laurence Rowe. * Added #cert and #key aliases for Net::HTTP compatibility. Pull request #26 by dlee. * The artifice gem now disables SSL session reuse to prevent breakage of testing frameworks. Pull Request #29 by Christopher Cooke. * Disabled Net::HTTP::Persistent::SSLReuse on Ruby 2+. This feature is now built-in to Net::HTTP. * Bug fixes * Socket options are set again following connection reset. Pull request #28 by cmaion. * #shutdown now works even if no connections were made. Pull Request #24 by James Tucker. * Updated test RSA key size to 1024 bits. Bug #25 by Gunnar Wolf. * The correct host:port are shown in the exception when a proxy connection fails. Bug #30 by glebtv.
2012-12-17Update ruby-rack-test to 0.6.2.taca2-6/+6
== 0.6.2 / 2012-09-27 * Minor enhancements * Support HTTP PATCH method (Marjan Krekoten' #33) * Preserve the exact query string when possible (Paul Grayson #63) * Add a #delete method to CookieJar (Paul Grayson #63) * Bug fixes * Fix HTTP Digest authentication when the URI has query params * Don't append default ports to HTTP_HOST (David Lee #57)
2012-12-17Update ramaze to 2012.12.08.taca3-67/+17
Changes are too many to write here, please refer CHANGELOG.
2012-12-17Update ruby-innate to 2012.12.taca3-9/+9
Changes are too many to write here, please refer CHANGELOG.
2012-12-17Update ruby-csspool to 3.0.2.taca3-7/+10
== 3.0.2 * New Features * Support IE Safe Hacks [stereobooster] * Bugfixes * Fix #23 - set up CSSPool.CSS so it can read files. [Mike Tierney]
2012-12-17Not MAKE_JOBS_SAFE.dholland1-1/+2
2012-12-17Updated "squid31" package to version 3.1.22. Changes sinc 3.1.20:tron2-7/+6
- Bug 3622: peerClearRRStart scheduling multiple events - Bug 3615: configure check for default max number of FDs is broken - Bug 3607: --enable-auth documented default action incorrect - Bug 3593: socket failure: Address family not supported by protocol - Bug 3584: Detection of setresuid() is broken - Bug 3568: Consolidate external_acl_type config dumping and add missing %% - Bug 3564: eCAP not supporting CoAP URI schemes - Bug 3484: Docs: sslproxy_cert_error example flawed - Bug 3462: Delay Pools and ICAP - Bug 3133: better fix: Memory leak handling requests for sites that don't exist - Bug 2976: ERR_INVALID_URL for transparently captured requests when reconfiguring - Silence IOS 15.1 unknown capabilities messages. - Account for Store disk client quota when bandwidth-limiting the server. - ... and several documentation fixes - ... and several compile fixes
2012-12-17Add a patch for SQUID-2012_1.txt.taca3-3/+131
Bump PKGREVISION.
2012-12-17Added www/deforaos-surfer (version 0.2.6)khorben1-1/+2
2012-12-17Imported wip/deforaos-surfer, the DeforaOS web browser, underkhorben5-0/+71
www/deforaos-surfer (version 0.2.6)
2012-12-16Update to version 3.5.morr3-214/+258
Highlights * New Media Manager + Beautiful interface: A streamlined, all-new experience + Create galleries faster with drag-and-drop reordering, inline caption editing, and simplified controls + Insert multiple images at once with Shift/Ctrl+click * New Default Theme - Twenty Twelve + Simple, flexible, elegant + Mobile-first, responsive design + Gorgeous Open Sans typeface + Uses the latest Theme Features * Admin Enhancements + New Welcome Screen + Retina-Ready (HiDPI) Admin + Hide Link Manager for new installs + Better accessibility for screenreaders, touch devices, and keyboard users + More polish on admin screens, including a new color picker * For Developers + WP_Comment_Query and WP_User_Query accept now meta queries just like WP_Query + Meta queries now support querying for objects without a particular meta key + Post objects are now instances of a WP_Post class, which improves performance and caching + Multisite's switch_to_blog() is now significantly faster and more reliable + WordPress has added the Underscore and Backbone JavaScript libraries + TinyMCE, jQuery, jQuery UI, and SimplePie have all been updated to the latest versions + Image Editing API for cropping, scaling, etc., that uses ImageMagick as well as GD + XML-RPC: Now always enabled and supports fetching users, managing post revisions, searching + New "show_admin_column" parameter for register_taxonomy() allows automatic creation of taxonomy columns on associated post-types.
2012-12-16Update to 0.7.7:wiz2-6/+6
0.7.7 More fixes for App Engine, now less likely to swallow important exceptions. Adding proxy_info_from_* methods to Python3. Reviewed in https://codereview.appspot.com/6588078/. Added GeoTrust cert Make httplib2.Http() instances pickleable. Reviewed in https://codereview.appspot.com/6506074/ The following issues have been fixed: 229 python3 httplib2 clobbers multiple headers of same key 230 Expose meaningful exception for App Engine URLFetch ResponseTooLargeError 231 Expose App Engine URLFetch DeadlineExceededError for debugging purposes
2012-12-16Update ruby-rails32 to 3.2.9.taca1-4/+4
This is a kind of meta-package and all changes are depending Ruby on Rails related packages.
2012-12-16Update ruby-activeresource32 to 3.2.9.taca1-4/+4
## Rails 3.2.9 (unreleased) ## * No changes.
2012-12-16Update ruby-actionpack32 to 3.9.2.taca2-7/+7
## Rails 3.2.9 (unreleased) ## * Clear url helpers when reloading routes. *Santiago Pastorino* * Revert the shorthand routes scoped with `:module` option fix This added a regression since it is changing the URL mapping. This makes the stable release backward compatible. *Rafael Mendonça França* * Revert the `assert_template` fix to not pass with ever string that matches the template name. This added a regression since people were relying on this buggy behavior. This will introduce back #3849 but this stable release will be backward compatible. Fixes #8068. *Rafael Mendonça França* * Revert the rename of internal variable on ActionController::TemplateAssertions to prevent naming collisions. This added a regression related with shoulda-matchers, since it is expecting the [instance variable @layouts](https://github.com/thoughtbot/shoulda-matchers/blob/9e1188eea68c47d9a56ce6280e45027da6187ab1/lib/shoulda/matchers/action_controller/render_with_layout_matcher.rb#L74). This will introduce back #7459 but this stable release will be backward compatible. Fixes #8068. *Rafael Mendonça França* * Accept :remote as symbolic option for `link_to` helper. *Riley Lynch* * Warn when the `:locals` option is passed to `assert_template` outside of a view test case Fix #3415 *Yves Senn* * Rename internal variables on ActionController::TemplateAssertions to prevent naming collisions. @partials, @templates and @layouts are now prefixed with an underscore. Fix #7459 *Yves Senn* * `resource` and `resources` don't modify the passed options hash Fix #7777 *Yves Senn* * Precompiled assets include aliases from foo.js to foo/index.js and vice versa. # Precompiles phone-<digest>.css and aliases phone/index.css to phone.css. config.assets.precompile = [ 'phone.css' ] # Precompiles phone/index-<digest>.css and aliases phone.css to phone/index.css. config.assets.precompile = [ 'phone/index.css' ] # Both of these work with either precompile thanks to their aliases. <%= stylesheet_link_tag 'phone', media: 'all' %> <%= stylesheet_link_tag 'phone/index', media: 'all' %> *Jeremy Kemper* * `assert_template` is no more passing with what ever string that matches with the template name. Before when we have a template `/layout/hello.html.erb`, `assert_template` was passing with any string that matches. This behavior allowed false positive like: assert_template "layout" assert_template "out/hello" Now it only passes with: assert_template "layout/hello" assert_template "hello" Fixes #3849. *Hugolnx* * Handle `ActionDispatch::Http::UploadedFile` like `Rack::Test::UploadedFile`, don't call to_param on it. Since `Rack::Test::UploadedFile` isn't API compatible this is needed to test file uploads that rely on `tempfile` being available. *Tim Vandecasteele* * Respect `config.digest = false` for `asset_path` Previously, the `asset_path` internals only respected the `:digest` option, but ignored the global config setting. This meant that `config.digest = false` could not be used in conjunction with `config.compile = false` this corrects the behavior. *Peter Wagenet* * Fix #7646, the log now displays the correct status code when an exception is raised. *Yves Senn* * Fix handling of date selects when using both disabled and discard options. Fixes #7431. *Vasiliy Ermolovich* * Fix select_tag when option_tags is nil. Fixes #7404. *Sandeep Ravichandran* * `javascript_include_tag :all` will now not include `application.js` if the file does not exists. *Prem Sichanugrist* * Support cookie jar options (e.g., domain :all) for all session stores. Fixes GH#3047, GH#2483. *Ravil Bayramgalin* * Performance Improvement to send_file: Avoid having to pass an open file handle as the response body. Rack::Sendfile will usually intercept the response and just uses the path directly, so no reason to open the file. This performance improvement also resolves an issue with jRuby encodings, and is the reason for the backport, see issue #6844. *Jeremy Kemper & Erich Menge*
2012-12-16Reset PKGREVISION.ryoon1-2/+1
2012-12-16Update to 7.0.34ryoon3-8/+8
* CVE-2012-4431 is fixed in 7.0.32 Changelog: Tomcat 7.0.34 (markt) 2012-12-12 Catalina fix 53871: Improve error message if annotation scanning fails during web application start due to poor configuration or illegal cyclic inheritance with the application's classes. (markt) fix Fix unit test for AccessLogValve when using non-GMT time zone. (rjung) fix 54170: Ensure correct registration of Filters and Servlets in the JMX registry if the Filter or Servlet name includes a character that must be quoted if used in an ObjectName value. (markt) add Add new attribute renameOnRotate to the AccessLogValve. (rjung) fix 54190: Correct unit tests for BASIC authentication so that session timeout is correctly tested. Also refactor unit test to make it easier to add additional tests. Patch by Brian Burch. (markt) fix 54220: Ensure the ErrorReportValve only generates an error report if the error flag on the response has been set. (markt) fix Simplify time zone handling in the access log valve and correctly handle various edge cases for non-standard DST changes. (markt) Web applications fix 54198: Clarify that HttpServletResponse.sendError(int) results in an HTML response by default. (markt) fix 54207: Correct JNDI factory package name in Javadoc for org.apache.naming.java.javaURLContextFactory. (markt) jdbc-pool code Fix a handful of Eclipse warnings in the JDBC pool source code including the warnings reported in 53565. (markt) fix 54150: Make sure that SlowQueryReportJmx mbean deregistered during webapp shutdown. Reported by Alex Franken. (kfujino) fix 54194: Make sure that connection pool mbean is not registered when jmxEnabled is false. Patch provided by tobias.gierke. (kfujino) Other update Update to Eclipse JDT Compiler 4.2.1. (markt) Tomcat 7.0.33 (markt) 2012-11-21 Catalina add 53960, 54115: Extensions to HttpClient test helper class. Patches by Brian Burch. (markt/kkolinko) fix 53993: Avoid a possible NPE in the AccessLogValve when the session ID is logged and a session is invalidated. (markt) fix Add support for LAST_ACCESS_AT_START system property to PersistentManager. (kfujino) add Update MIME type mapping with additional / updated mime.types from the Apache web server. (markt) fix 54007: Fix a memory leak that prevented deletion of a context.xml file associated with a Context that had failed to deploy. Also fix the problems uncovered with undeploying such a Context once the leak had been fixed and the file could be deleted. (markt) fix 54044: Correct bug in timestamp cache used by logging (including the access log valve) that meant entries could be made with an earlier timestamp than the true timestamp. (markt) fix 54054: Do not share shell environment variables between multiple instances of the CGI servlet. (markt) fix 54060: Use a simple parser rather than a regular expression to parse HTTP Digest authentication headers so the header is correctly parsed. The new approach is also faster and generates less garbage. (markt) fix 54068: Rewrite the web fragment ordering algorithm to resolve multiple issues that resulted in incorrect ordering or failure to find a correct, valid order. (markt) update The HTTP header parser added to address 52811 has been removed and replaced with the light-weight HTTP header parser created to address 54060. The new parser includes a work-around for a bug in the Adobe Acrobat Reader 9.x plug-in for Microsoft Internet Explorer that was identified when the old parser was introduced (53814). fix 54076: Add an alternative work-around for clients that use SPNEGO authentication and expect the authenticated user to be cached per connection (Tomcat only does this if an HTTP session is available). (markt) fix 54087: Correctly handle (ignore) invalid If-Modified-Since header rather than throwing an exception. (markt) fix 54096: In web.xml, <env-entry> should accept any type that has a constructor that takes a single String or char. (markt) add 54127: Add support for sending a WebSocket Ping. Patch provided by Sean Winterberger. (markt) fix In FormAuthenticator: If it is configured to change Session IDs, do the change before displaying the login form. (kkolinko) fix Ensure AsyncListener.timeout() and AsyncListener.complete() are called with the correct thread context class loader. (fhanik) fix 54123: If an asynchronous request times out without any AsyncListeners defined, a 500 error will be triggered. (markt) fix 54124: Correct provided value of request attribute javax.servlet.async.request_uri and add missing request attribute javax.servlet.async.path_info. (markt) add Add denyStatus initialization parameter to CsrfPreventionFilter, allowing to customize the HTTP status code used for denied requests. (kkolinko) fix 54141: Increase the permitted number of nested Realm levels from 2 to 3 by default and make the limit configurable via a system property. (markt) fix Revert occasional API change in BaseDirContext class that was done in 7.0.32. Methods should not be final. (kkolinko) fix Prevent failures in the AccessLogValve when running under a SecurityManager and the first request received is an asynchronous one. (markt) Coyote fix Correct an issue that prevented WebSockets from being used over SSL when using the HTTP NIO connector. (markt) fix 54022: Ensure the Comet END event is triggered on client disconnect with APR/native on Windows Vista/2k8 or later. Patch provided by Douglas Beachy. (markt) fix 54067: Ensure responses with 1xx response codes are correctly marked as not containing an entity body. This caused an issue for some WebSocket clients when an Transfer-Encoding header was sent with the 101 (HTTP upgrade) response. (markt) Jasper code 53867: Optimise the XML escaping provided by the PageContext implementation. Based on a patch by Sheldon Shao. (markt) code 53896: Use an optimised CompositeELResolver for Jasper that skips resolvers that are known to be unable to resolve the value. Patch by Jarek Gawor. (markt) fix 53986: Correct a regression introduced by the fix for 53713. JSP comments that ended with the sequence ---%> (or any similar sequence with a odd number of - characters) was not correctly parsed. (markt) fix 54011: Fix a bug in the tag plug-in for <c:out> that triggered a JSP compilation error if the escapeXml attribute was used. Patch provided by Sheldon Shao. (markt) code Follow up to 5401. Simplify generated code for <c:out>. Based on a patch by Sheldon Shao. (markt) fix 54012: Fix a bug in the tag plug-in infrastructure that meant the <c:set> triggered a JSP compilation error when used in a tag file. Based on a patch provided byx 54144: Fix a bug in the tag plug-in for <c:out> that meant that if the value of the tag evaluated to a java.io.Reader object then it was not correctly handled. (markt) Cluster fix Add getSessionIdsFull operation to mbeans-descriptor. listSpplications add 54143: Add display of the memory pools usage (including PermGen) to the Status page of the Manager web application. (kkolinko) Tribes fix 54045: Make sure getMembers() returns available member when TcpFailureDetector fix Revert multiple operation support for the JMXProxyServlet pending further discussion. (schultz) fix CVE-2012-4431: Fix bypass of CsrfPreventionFilter when there is no session. Improve session management in the filter. (kkolinko) Web apit servlets (JSP and default) are marked as override-able when using embedded mode. (markt) fix When the DefaultServlet is under heavy load, the HTTP header parser added to address 52811 generates large amounts of garbage and uses significant CPU time. A cache has been added that significantly reduces the overhead of this parser. (markt) fix 53854: Make directory listings work correctly when aliases are used. (markt) Jasper code 53713: Performance improvement of up to four times faster parsing of JSP pages. Patch provided by Sheldon Shao. (markt) Cluster add Make the cluster members and the cluster deployer associated with the cluster accessible via JMX. (markt) fix Fix a behavior of TcpPingInterceptor#uhread. If set to false, ping thread is never started. (kfujino) Web applications add Improve the documentation web application to clarify the difference between the tag and version parameters when using text interface of the Manager web application. (markt) add Make sessions saved in the Store associated with a Manager that extends PersistentManager optionally visible (via the showProxySessions Servlet initialisation parameter in web.xml) to the Manager web application. (markt)
2012-12-16recursive bump from cyrus-sasl libsasl2 shlib major bump.obache40-70/+80
2012-12-15Updated www/eliom to version 3.0.3 (the latest). Changes include:jaapb4-26/+43
* Language ** Generalized client values in server code ** Injections into client sections * Tools ** Added eliom-destillery for generating project scaffolds ** Support Eliom interface files (.eliomi) in eliomc, eliomdep ** eliomdep: Generate dependencies between eliom-modules ** eliomc: infer only with option -infer, drop option -noinfer ** eliomc: Basic support for -i on eliom-files ** eliom{c,dep,opt},js_of_eliom: -dump to output the intermediate code ** eliomc,js_of_eliom: always open Eliom_pervasives in eliom files * API ** Eliom_pervasives.server_function to easily access the from the client ** Get current state of a scope ** Module to access values of Eliom references in external states (Eliom_state.Ext) ** Scope names are now named scope hierarchies ** Iterate the scope hierarchy (group > session > client > request) ** Adding Eliom_parameter.(type_checker, neopt) ** Add functions to insert html5 in atom feeds ** Eliom_tools.{F,D}.html to ease creation of head-tag ** Eliom_tools.wrap_handler as an easy alernative to Eliom_registration.Customize ** Test for initial request of a client on the server * Changed server behaviour ** Eliom_state.discard_everything now also discards request state ** Don't send nodes as data when they are part of the document * Changed client behaviour ** Show progress cursor during navigation with change_page ** Improved error messages ** Fail on the client when a [server_function] or call_caml_service fails on the server * Bugfixes ** Allow % for injections directly after parentheses * Support dropped for ** Xhtml ** OCamlDuce ** Eliom_compatibility_2_1 * A myriade of bugfixes
2012-12-15Updated www/ocsigen to its newest version, 2.2.0. Changes include:jaapb8-149/+185
* Relative filenames when not running as daemon * Small change in ocsigen_lib: encoding of parameters with " * fix Ocsigen_http_client.get_url (and other) first "/" was missing * Installation: Do not try to chown files to a different user * Fix error on make logrotate * redirectmod: fixing default to permanent (as written in manual) * Minor additions in the API Also, the package was updated, mostly to use PLIST_VARS.
2012-12-15Bump PKGREVISION from devel/nss 3.14.0.ryoon3-6/+6
2012-12-14Update opera to 12.11.obache3-18/+39
new and iimproved features, plus security and stability enhancements.
2012-12-13Add php-soycmsryoon1-1/+2
2012-12-13Import php54-soycms-1.4.0a as www/php-soycms.ryoon6-0/+2561
SOY CMS is flexible and plugin-based Contents Management System. User interface is written in Japanese.
2012-12-13Mark some test dependencies as BUILD_DEPENDS instead of full ones.wiz1-3/+5
Bump PKGREVISION. Noted by Edgar Fuß in PR 47288.
2012-12-13Fix CVE-2012-3505 using Debian patch.wiz5-2/+163
Bump PKGREVISION.
2012-12-13Changes 1.4.3:adam2-6/+6
Security fixes: * Host header poisoning * Redirect poisoning
2012-12-12Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.asau2-6/+2
2012-12-12Update to 1.8.3, provided by Antonio Huete in PR 47034.wiz9-114/+65
Version 1.8.3 ------------- This release mostly fixes support for IPv6, and also some security bugs. Fixes to messages, etc. were also made. Bugs resolved since version 1.8.2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * BB#91: Fix upstream proxy support * BB#95: Fix FilterURLs with transparent proxy support * BB#90: Fix bug in ACL netmask generation Contributors ~~~~~~~~~~~~ Daniel Egger, John Horne, Michael Adam, Mukund Sivaraman. Version 1.8.2 ------------- * Minor formatting changes and typo fixes were made. Bugs resolved since version 1.8.1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * BB#69: INET6 not available when configured to Listen and Bind in v4, and vice versa * BB#74: tinyproxy unable to reopen log files after receiving HUP * BB#78: Warn if configuration results in an open proxy * BB#82: https access not working * BB#83: run_tests.sh relies on $USER * BB#84: Unaligned access error on ia64 and alpha * BB#87: Unable to listen on ports less than 1024 (regression in 1.8.1) * BB#88: Crashes when reloading configuration * BB#89: tinyproxy leaks memory over time Contributors ~~~~~~~~~~~~ Dmitry Semyonov, John van der Kamp, Jordi Mallach, Michael Adam, Mukund Sivaraman. Version 1.8.1 ------------- * Tinyproxy now drops `root` user privileges more quickly. * The log and pid files are now stored in a sub-directory in `/var/`. * A format string vulnerability was fixed. * Minor formatting changes and typo fixes were made. Bugs fixed since version 1.8.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * BB#74: tinyproxy unable to reopen log files after receiving HUP * BB#79: Make the testsuite uninteractive * BB#80: Handle errors in testsuite * BB#81: Listen directive doesn't work as expected * BB#72: upstream support is not reported with tinyproxy -h * BB#73: generated tinyproxy.conf has the wrong location for the html file installation Contributors ~~~~~~~~~~~~ Michael Adam, Mukund Sivaraman. Version 1.8.0 ------------- * Tinyproxy now reloads its configuration upon SIGHUP signal. * Tinyproxy reopens its log file (instead of truncation) upon SIGHUP signal. This is to play more nicely with logrotate. * File logging is now the default. Syslog is chosen if and only if "SysLog Yes" is in the config, i.e., a present "SysLog Yes" in the config file now overrides any LogFile setting. * The XTinyProxy option is now documented as a global boolean. Before it was documented to build a list of sites to add a X-Tinyproxy header for, but it was implemented as global boolean. * A new config option AddHeader allows the user to configure a list of custom headers to send in outgoing HTTP requests. * A new config option DisableViaHeader allows the user to disable sending of the "Via:" header. * Tinyproxy is now IPv6 capable. * The config option PidFile now has a compiled in default. Bugs fixed since version 1.7.1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * BB#9: Add support for the IPv6 protocol * BB#17: Add support for custom headers * BB#55: Error message response omits body when request has a body * BB#60: Add config option to disable Via header * BB#61: SIGHUP does not refresh filter list * BB#62: Make tinyproxy reload the config upon SIGHUP * BB#64: Config parsing error with reverse proxy option * BB#65: Format string compile warnings * BB#67: ACL processing error with multiple Allow statements Contributors ~~~~~~~~~~~~ David Shanks, Mathew Mrosko, Michael Adam, Mukund Sivaraman. Version 1.7.1 ------------- * Fixed all warnings reported by GCC. * The tinyproxy manpage has been extended and converted to asciidoc. * There is a new tinyproxy.conf manpage that describes all the options. * The build system has been considerably cleaned up. * Various other bugs have been fixed. Bugs fixed since version 1.7.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * BB#2: Fix Tinyproxy for requests like www.site.com:8001 * BB#5: Move templates from the doc directory to its own directory * BB#8: Update README, INSTALL, NEWS and the manpage * BB#10: Do not filter out transfer-encoding header * BB#18: Fix pointer aliasing issues * BB#53: Add a GPLv2 COPYING file Contributors ~~~~~~~~~~~~ Andrew Stribblehill, Jeremy Hinegardner, Matthew Dempsky, Michael Adam, Mukund Sivaraman, Robert James Kaes. Version 1.7.0 ------------- * There is now support for reverse proxying. * Tinyproxy does not bundle a vendor regular expressions library anymore. It uses the system installed regular expressions library. * The documentation has been updated. * Tinyproxy now contains some code optimizations such as the use of a hashmap internally for looking up error pages. * Various other bugs have been fixed. Contributors ~~~~~~~~~~~~ Kim Holviala, Marc Silver, Robert James Kaes, Steven Young.
2012-12-12Update to 0.5, based on PR 47288 by Edgar Fuss.wiz2-7/+14
Add more missing dependencies. 0.41 - Bugfixes 0.4 - Written tests - HTTP::Server::EV::PortListener module - Rewritten disk IO code. Now it can use built in perl functions or IO::AIO module. - Fixed segfault when uploading zero size file - Multipart processing callbacks. - Coro support 0.31 - Fixed non ARRAY reference error when cgi->param called in list context with nonexistent param name - Added explicit type-casting, no more compiler warnings - Little documentation fix
2012-12-12Update to 3.20121212. From the changelog:schmonz3-7/+8
* filecheck: Fix bug that prevented File::MimeInfo::Magic from ever being used. * openid: Display openid in Preferences page as a comment, so it can be selected in all browsers.
2012-12-09Added www/py-django-tagging, www/py-django-photologueadam1-1/+3
2012-12-09Photologue is a reusable Django application that provides powerful imageadam4-0/+150
management and manipulation functionality as well as a complete photo gallery solution. The 2.x release adds more effects, including reflections and transparent watermarks. It also introduces the ImageModel abstract base class allowing developers to easily integrated the Photologue core functionality into their own models. Photologue embraces the Django admin and smoothly integrates with photo thumbnails and effect previews.
2012-12-09A generic tagging application for Django projects, which allows associationadam4-0/+87
of a number of tags with any Model instance and makes retrieval of tags simple