| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changes since 1.3.21:
Galeon 2.0 is now formally out. So we don't need to tell you how 1.3.x
is actually stable anymore. :-)
2.0.1 "Look what we found."
- Works with Mozilla 1.7.5+, Seamonkey 1.0+, Firefox 1.0.x and 1.5+, and
xulrunner 1.8+.
- Find toolbar ported from Epiphany. TypeAheadFind now works properly
with firefox.
- Bug fixes: 325501, 322668, 326813.
2.0.0 "One for the road."
- Works with mozilla 1.7.5+, 1.8a3 and up; Firefox 1.0.x and 1.5
- Embedded http error message pages. (If mozilla support them)
- Security Device Manager button in security prefs.
- Delete key works in Personal Data Manager.
- Support for multimedia keyboard keys like Back and Forward.
- Other bug fixes. (http://tinyurl.com/7zqb7)
|
|
_XOPEN_SOURCE in some files. The latter definition had hidden the type
definition for fd_set.
|
|
flup is a collection of modules for the Python Web Server Gateway
Interface, including support for AJP 1.3, FastCGI and SCGI. It also
offers a basic middleware.
|
|
config.layout file instead of CONFIGURE_ARGS, to avoid defining things
twice. No actual change, since the paths are still the same.
Added all necessary variables to BUILD_DEFS, as reported by pkglint.
|
|
changes: minor bugfixes
|
|
|
|
|
|
|
|
|
|
|
|
HTTP::Lite is a stand-alone lightweight HTTP/1.1 implementation
for perl. It is not intended as a replacement for the fully-features
LWP module. Instead, it is intended for use in situations where
it is desirable to install the minimal number of modules to achieve
HTTP support, or where LWP is not a good candidate due to CPU
overhead, such as slower processors. HTTP::Lite is also significantly
faster than LWP.
|
|
Bump PKGREVISON
|
|
This release address a series of locally exploitable security problems
discovered since PHP 4.4.3. All PHP users are encouraged to upgrade to this
release as soon as possible.
This release provides the following security fixes:
* Added missing safe_mode/open_basedir checks inside the error_log(),
file_exists(), imap_open() and imap_reopen() functions.
* Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems.
* Fixed possible open_basedir/safe_mode bypass in cURL extension.
* Fixed overflow in GD extension on invalid GIF images.
* Fixed a buffer overflow inside sscanf() function.
* Fixed memory_limit restriction on 64 bit system.
|
|
|
|
Major changes compared to Horde 3.1.2 are:
* Security Fixes
- Closed an XSS problem in index.php and improved protection against
phishing attempts.
* Bugfixes and improvements
- Added Kolab group ACL support.
- Improved import of date and time fields.
- Fixed synchronization support.
- Updated Catalan, German and Slovenian translations.
The full list of changes (from version 3.1.2) can be viewed here:
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.252&r2=1.515.2.261&ty=h
|
|
- Add GEEKLOG_SITEBASE to BUILD_DEFS.
No functional changes.
|
|
Many changes from 2.6. See http://zope.org/Products/Zope/2.9.4/CHANGES.txt
for details of the 2.9 branch changes.
|
|
|
|
|
|
|
|
to fix https:// URLs broken with update of security/p5-IO-Socket-SSL
to 0.997 - behaviour was a null socket object returned in LWP::Agent
which was a joy to track down. Remember: "hidden perl dependencies
can expose you to perl code which may make your eyes bleed"
|
|
|
|
|
|
|
|
|
|
RFC 2865 RADIUS Servers.
Features:
* Supports popular RADIUS Servers including OpenRADIUS, FreeRADIUS and
commercial servers.
* Distributed Authentication Cache using apr_memcache.
* Local Authentication Cache using DBM.
* Uses standard HTTP Basic Authentication, unlike mod_auth_radius which uses
cookies for sessions.
|
|
All PHP 4.x users are encouraged to upgrade to this release as soon as possible.
The security issues resolved include the following:
* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the tempnam()
function.
* Improved safe_mode check for the error_log() function.
* Fixed cross-site scripting inside the phpinfo() function.
The release also includes about 20 bug fixes and an upgraded PCRE library
(version 6.6).
For a full list of changes in PHP 4.4.3, see the ChangeLog:
http://www.php.net/ChangeLog-4.php#4.4.3
This also contains a fix for CVE-2006-4020 (SA21403)
|
|
Version 7.15.5 (7 August 2006)
Daniel (2 August 2006)
- Mark Lentczner fixed how libcurl was not properly doing chunked encoding
if the header "Transfer-Encoding: chunked" was set by the application.
http://curl.haxx.se/bug/view.cgi?id=1531838
Daniel (1 August 2006)
- Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror()
an unknown error number on glibc systems.
http://curl.haxx.se/bug/view.cgi?id=1532289
Daniel (31 July 2006)
- *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified
prototypes: they both now provide the number of running handles back to the
calling function. It makes the functions resemble the good old
curl_multi_perform() more and provides a nice way to know when the multi
handle goes empty.
ALERT2: don't use the curl_multi_socket*() functionality in anything
production-like until I say it's somewhat settled, as I suspect there might
be some further API changes before I'm done...
Daniel (28 July 2006)
- Yves Lejeune fixed so that replacing Content-Type: when doing multipart
formposts work exactly the way you want it (and the way you'd assume it
works).
Daniel (27 July 2006)
- David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
control and data connection, as the existing --ftp-ssl option only requests
it.
- [Hiper-related work] Added a function called curl_multi_assign() that will
set a private pointer added to the internal libcurl hash table for the
particular socket passed in to this function:
CURLMcode curl_multi_assign(CURLM *multi_handle,
curl_socket_t sockfd,
void *sockp);
'sockp' being a custom pointer set by the application to be associated with
this socket. The socket has to be already existing and in-use by libcurl,
like having already called the callback telling about its existance.
The set hashp pointer will then be passed on to the callback in upcoming
calls when this same socket is used (in the brand new 'socketp' argument).
Daniel (26 July 2006)
- Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
tool option named --ftp-alternative-to-user. It provides a mean to send a
particular command if the normal USER/PASS approach fails.
- Michael Jerris added magic that builds lib/curllib.vcproj automatically for
newer MSVC.
Daniel (25 July 2006)
- Georg Horn made the transfer timeout error message include more details.
Daniel (20 July 2006)
- David McCreedy fixed a build error when building libcurl with HTTP disabled,
problem added with the curl_formget() patch.
Daniel (17 July 2006)
- Jari Sundell did some excellent research and bug tracking, figured out that
we did wrong and patched it: When nodes were removed from the splay tree,
and we didn't properly remove it from the splay tree when an easy handle was
removed from a multi stack and thus we could wrongly leave a node in the
splay tree pointing to (bad) memory.
Daniel (14 July 2006)
- David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared
for FTP ASCII transfers.
Daniel (8 July 2006)
- Ates Goral pointed out that libcurl's cookie parser did case insensitive
string comparisons on the path which is incorrect and provided a patch that
fixes this. I edited test case 8 to include details that test for this.
- Ingmar Runge provided a source snippet that caused a crash. The reason for
the crash was that libcurl internally was a bit confused about who owned the
DNS cache at all times so if you created an easy handle that uses a shared
DNS cache and added that to a multi handle it would crash. Now we keep more
careful internal track of exactly what kind of DNS cache each easy handle
uses: None, Private (allocated for and used only by this single handle),
Shared (points to a cache held by a shared object), Global (points to the
global cache) or Multi (points to the cache within the multi handle that is
automatically shared between all easy handles that are added with private
caches).
Daniel (4 July 2006)
- Toshiyuki Maezawa fixed a problem where you couldn't override the
Proxy-Connection: header when using a proxy and not doing CONNECT.
Daniel (24 June 2006)
- Michael Wallner added curl_formget(), which allows an application to extract
(serialise) a previously built formpost (as with curl_formadd()).
Daniel (23 June 2006)
- Arve Knudsen found a flaw in curl_multi_fdset() for systems where
curl_socket_t is unsigned (like Windows) that could cause it to wrongly
return a max fd of -1.
Daniel (20 June 2006)
- Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
to send or receive data. This kind of adds the the command line tool's
option --limit-rate to the library.
The rate limiting logic in the curl app is now removed and is instead
provided by libcurl itself. Transfer rate limiting will now also work for -d
and -F, which it didn't before.
Daniel (19 June 2006)
- Made -K on a file that couldn't be read cause a warning to be displayed.
Daniel (13 June 2006)
- Dan Fandrich implemented --enable-hidden-symbols configure option to enable
-fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl
binary and speeds up dynamic linking by hiding all the internal symbols from
the symbol table.
|
|
shortly.
|
|
|
|
|
|
web-server to become a RADIUS client for authentication and accounting
requests. You will, however, need to supply your own RADIUS server to
perform the actual authentication.
|
|
Bug fixes and support for apache2.
XXX: compilation for apache2 works, but installation fails -- if you
know apxs, please take a look:
apxs:Error: Sorry, cannot determine bootstrap symbol name.
apxs:Error: Please specify one with option `-n'.
|
|
|
|
see:
http://www.opera.com/docs/changelogs/linux/901/
|
|
* Improvements:
- Added a View Journal button to the LiveJournal Friends dialog
- Refresh Recent Entries menu after posting or updating an entry
- Use D-BUS to detect current music
* Fixes:
- Correctly fetch LiveJournal attributes
- Compilation fixes for OpenBSD and GCC 2.95
- Expand username compatibility
- Fix several double mnemonics
- Improve XML-RPC compatibility
- Support HTTP redirections
- Resolve problem opening draft entries
- Numerous fixes for Atom/Blogger 2.0
* Translations:
- Added Nepali translation (Pawan Chitrakar)
- Added Lithuanian translation (Žygimantas Beručka)
- Added Catalan translation (Gil Forcada)
- Added Vietnamese translation (Clytie Siddall)
- Added Finnish translation (Ilkka Tuohela)
- Added French translation (Jeff Coquery)
- Added Russian translation (Valek Filippov)
- Updated Czech translation (Miloslav Trmac)
- Updated German translation (Frank Arnold)
- Updated Dutch translation (Vincent van Adrighem)
- Updated Simplified Chinese translation (Funda Wang)
- Updated Bulgarian translation (Yavor Doganov)
- Updated Swedish translation (Daniel Nylander)
- Updated Spanish translation (Francisco Javier F. Serrador)
|
|
NetBSD 3.0_STABLE/i386 bulk build.
|
|
Only change appears to be a fix for an XSS bug
|
|
GNU extension. Depend on GNU coreutils and hardcode the path to
GNU sort.
|
|
changes: translation updates
|
|
changes:
-bugfixes
-translation updates
|
|
changes:
* Fixes a uninitialized value bug
-some dbus related changes not relevant for the pkg yet
-fix for 64bit issue
-manpage update
|
|
Just one change:
- Fixed an issue with playing Windows Media content
|
|
- Fixed an issue with playing Windows Media content
|
|
|
|
0.9.6
------
- Plugins were creatd in toolbar even if they were asked not to in pop up
windows, fixed.
- Fixed Window Orphan and New Window popups so that they don't display
menubars and other uwanted contents.
- Implemented ContentHandler so that we dont see Mozilla's ugly File picker
which did not work for save even! - Now we display our own file picker and
then redirect for mozilla download for those users who opt to use Mozilla's
own MIME info/downloading or direct to user's own downloader.
0.9.5
-----
- Plugin compile was broken, fixed.
- Changed a plugin function (skipstone_load_url) to (skipstone_load_url_cb)
to distinguish from skipstone's internal message.
- Distribution cleanups.
XXX We really should make this package compile with recent firefox/seamonkey
versions, otherwise it will soon become unusable (with mozilla no longer
being maintained). I had a patch to make it compile with Firefox 1.0.x,
but it no longer works for Firefox 1.5.x.
|
|
|
|
|
|
A WikiWikiWeb is a collaborative hypertext environment, with an
emphasis on easy access to and modification of information. MoinMoin
is a Python WikiClone that allows you to easily set up your own wiki,
only requiring a Python installation.
|
|
Changes:
* Improved stability
* Several security fixes (see below)
* A bug was introduced in SeaMonkey 1.0.2 that sometimes caused the URL bar to
stop working properly when switching tabs. This has been fixed. (Bug 332874)
* If you have more bookmarks on your personal toolbar than there is space for,
the ">>" overflow icon will now display more reliably (Bug 338803)
* If you choose to update SeaMonkey when it notifies you that an update is
available, the update page will load in a more useful browser window (with
navigation buttons and toolbars) (Bug 334903)
Security fixes:
MFSA 2006-56 chrome: scheme loading remote content
MFSA 2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5)
MFSA 2006-54 XSS with XPCNativeWrapper(window).Function(...)
MFSA 2006-53 UniversalBrowserRead privilege escalation
MFSA 2006-52 PAC privilege escalation using Function.prototype.call
MFSA 2006-51 Privilege escalation using named-functions and redefined "new Object()"
MFSA 2006-50 JavaScript engine vulnerabilities
MFSA 2006-49 Heap buffer overwrite on malformed VCard
MFSA 2006-48 JavaScript new Function race condition
MFSA 2006-47 Native DOM methods can be hijacked across domains
MFSA 2006-46 Memory corruption with simultaneous events
MFSA 2006-45 Javascript navigator Object Vulnerability
MFSA 2006-44 Code execution through deleted frame reference
For a detailed ChangeLog, see:
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.0.3/changelog.html
|
