Age | Commit message (Collapse) | Author | Files | Lines |
|
Pointed out by Geert Hendrickx in private e-mail.
|
|
* fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
--> fixed FastCGI header overrun in mod_fastcgi
* fixed hanging redirects with keep-alive due to missing
"Content-Length: 0" headers
* fixed crashing when using undefined environment variables in the config
* added dir-listing.set-footer in mod_dirlisting (#1277)
* added sending UID and PID for SIGTERM and SIGINT to the logs
* fixed compression of files < 128 bytes by disabling compression (#1241)
* fixed mysql server reconnects (#518)
* fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166)
* fixed crash on mixed EOL sequences in mod_cgi
* fixed key compare (#1287)
* fixed invalid char in header values (#1286)
* fixed invalid "304 Not Modified" on broken timestamps
--> fixed endless loop on shrinked files with sendfile() on BSD (#1289)
--> fixed counter overrun in ?auto in mod_status (#909)
* fixed too aggresive caching of nested conditionals (#41)
--> fixed possible overflow in unix-socket path checks on BSD (#713)
* fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
* fixed handling of duplicate If-Modified-Since to return 304
* fixed extracting status code from NPH scripts (#1125)
* removed config-check if passwd files exist (#1188)
* fixed crash when etags are disabled but the client sends one (#1322)
* fixed crash when freeing the config in mod_alias
* fixed server.error-handler-404 breakage from 1.4.16 (#1270)
* fixed entering 404-handler from dynamic content (#948)
* added more debug infos for FAM based stat-cache
The highlighted changes are security vulnerabilities that are fixed in
this release.
|
|
[2007/08/26] nspluginwrapper 0.9.91.5
Fix a memory leak in NPP_Destroy()
Fix DiamondX XEmbed example plugin
Fix focus problems (Debian bug #435912)
Add support for 64-bit plugins (Martin Stransky)
Add support for newer NPAPI 0.17 functions and variables
Add support for broken 64-bit Konqueror versions (run-time detect)
[2007/04/03] nspluginwrapper 0.9.91.4
Dont try to wrap native plugins
Fix build on NetBSD (David Brownlee)
Fix build on DragonFlyBSD (Steve OHara-Smith)
Fix build on Linux systems with SSP enabled by default (Kristian Hermansen)
|
|
|
|
* None of the source files seems to reference any function in libutil, so
remove it from the libraries linked into mini_httpd and mhtpasswd.
* Make this work on Solaris by linking mini_httpd with the usual
"-lnsl -lsocket" dance.
Bump PKGREVISION to 4 due to changed library linkage in the installed
binaries.
|
|
|
|
|
|
exist later had been embedded in config_vars.mk. PKGREVISION++
|
|
|
|
HTML::WikiConverter is an HTML to wiki converter capable of converting
HTML source into a variety of wiki dialects. It's aimed at folks
who are converting vanilla HTML websites into wikis.
The following dialects are supported:
DokuWiki
Kwiki
Markdown
MediaWiki
MoinMoin
Oddmuse
PbWiki
PhpWiki
PmWiki
SnipSnap
TikiWiki
UseMod
WakkaWiki
WikkaWiki
|
|
Object-oriented access to cascading stylesheets.
|
|
|
|
|
|
This update is a bug and security fix release. The following security
problem hasn't been fixed in "pkgsrc" before:
- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
parsing date-related headers.
|
|
to build bozohttpd.
* Use a custom do-install target to install the binary and the manpage.
* Replace the pre-build target with a subst framework class.
Bump the PKGREVISION to 1 now that we no longer build or install the
catman page.
|
|
|
|
to version 2.0.61.
This update is a bug and security fix release. The following security
problem hasn't been fixed in "pkgsrc" before:
- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
parsing date-related headers.
|
|
libcrypt.so and so just include <unistd.h> is enough to use crypt().
This doesn't work when the assumption fails. Since we always build
with SSL support in pkgsrc, just use the DES_crypt() from the OpenSSL
libraries.
|
|
and to support the "inet6" option instead.
Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files. Replace:
BUILD_DEFS+= USE_INET6
with
BUILD_DEFS+= IPV6_READY
and teach the README-generation tools to look for that instead.
This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
|
|
|
|
The Pound program is a reverse proxy, load balancer and HTTPS front-end
for Web server(s). Pound was developed to enable distributing the
load among several Web-servers and to allow for a convenient SSL wrapper
for those Web servers that do not offer it natively. Pound is a very
small program, easily audited for security problems. It can run as
setuid/setgid and/or in a chroot jail. Pound does not access the
hard-disk at all (except for reading the certificate file on start,
if required) and should thus pose no security threat to any machine.
|
|
When the svn option is enabled (as it is per default), depend on
subversion-base instead of subversion (only the svn executable is
needed).
Bump PKGREVISION.
|
|
|
|
A Perl implementation of the Facebook API, working off of the
canonical Java and PHP implementations. By default it uses JSON::Any
to parse the response returned by Facebook's server. There is an
option to return the raw response in either XML or JSON.
|
|
Changes to squid-2.6.STABLE16 (5 Sep 2007)
- Test for sys/capability.h linux include file to avoid failing on
linux systems missing libcap
- Release private objects on cache rebuild
- Segfault in clientBuildReplyHeader when http->entry == NULL
- Bug #2072: digest_pw_auth fails when using plaintext passwords
- Bug #2073: assertion failed: client_side.c:4175: "buf != NULL ||
!conn->body.request on POST
- Adjust default pconn timeouts to avoid shutting down connection while
child sends request
- Bug #1980: cache_peer monitortimeout not working
- Bug #1882: Parent responses are not cached if sibling returns 504
- More squid.conf reordering to get the dependencies between options
sorted proper
Changes to squid-2.6.STABLE15 (31 Aug 2007)
- The select() I/O loop got broken by the /dev/poll addition
(2.6.STABLE14)
- Bug #2017: Fails to work around broken servers sending just the HTTP
headers
- Bug #2023: Compile error with old GCC 2.x or other ANSI-C compilers
before C99
- squid.conf.default updated and reorganised in more sensible groups
- correct and document the syslog access_log format
- Armenian error pages translation
- digest_ldap_helper usage help updated
- Bug #1560: ftpSendPasv: getsockname(-1,..): (9) Bad file descriptor
- Improve delay pools in low traffic environment by checking timeouts
at a steady 1 second interval even when there is not much activity
- Don't request authentication on transparently intercepted
connections
- Cleanup linux capabilities for tproxy
- Bug #2003: 'via' config directive doesn't affect response headers
- Bug #1902: Adds Numeric Hit and invalid request counters to IP Cache
- Add missing $|=1 to squid_db_auth
- Bug #2050: Persistent connection dropped if cache has no
Content-Length
- Verify the URL on memory cache hits
- Bug #2057: NTLM stop work in messengers after upgrade to 2.6.STABLE14
- Bug #1972: Squid sets peers to down state when they are in fact
working.
- potential segmentation fault in storeLocateVary()
- Bug #2066: chdir after chroot
- Windows port: Fix compiler warnings when building Squid as
application (not Windows service mode)
- Spelling correction of received
|
|
|
|
New in 3.0.14:
* Build fix (Shire)
* Don't hook the upload hook if APC is disabled (Rasmus)
* Local shadow cache support (Gopal)
* Avoid uneccessary loops over op_arrays for "known" auto-globals (Gopal)
* Fix apc_add() to overwrite timed out user entries (Rasmus)
* Fix double inclusion of files with conditional classes in php4 (Gopal)
* Allocator fixes to reduce fragmentation (Gopal)
New in 3.0.13:
* PHP 5.2 file upload progress tracking support (Rasmus)
* Pthread mutex and spin locks (Shire)
* Recursive zval support for apc_fetch/_store (Shire, Gopal)
* apc.stat_ctime flag for ctime checks (Rasmus)
* Multiple key fetches with apc_fetch (Shire)
* Canary checks for shm memory deallocation (Gopal)
* Add hooks for external optimizer (Shire)
* Obsolete and remove apc optimizer (Gopal)
* APC info changes - cache insert rate, hit and miss rates (Shire)
* Fix apc_load_constants (Gopal)
* Rewrite dump opcode code to use vld (Gopal)
* Use apc_[ewn]print functions for error reporting (Shire)
* Auto global fixes and refactoring (Gopal, Shire)
* Fix memory leaks in object serialization (Ilia)
* Memory cleanup code for destructor order (Gopal)
* Win32 build fixes (Ilia, Wez)
* ZTS and Php 4 build fixes (Bjori)
* Add apc_add() function (Rasmus)
* Add optional limited flag to apc_sma_info() (Rasmus)
Also fixes:
PR: 33424 by FUKAUMI Naoki
|
|
changes: bugfixes
(I see that 1.4.0 is out, but prefer to wait for .1.)
|
|
bug fixes
|
|
php5) to fix build on Mac OS X
compilation confirmed on Mac OS X 10.4.10 and NetBSD 4.99.19
PR: 32397 by MOCHIDA Shuji
|
|
|
|
|
|
|
|
Get rid of t/live/validator test. Too much JavaScript madness
for it to be a sane LWP test.
|
|
=== RELEASE 2.1pre30 ===
Mon Aug 6 04:01:05 MET 2007 PROGMAN:
Fixed security bug in pre29 (not in any previous versions):
special characters in URL could be passed to a shell when spawning
user viewer
Sat Jul 28 02:28:15 MET 2007 PROGMAN:
Fixed needlessly large selection boxes in graphics mode
Mon Jul 16 02:41:18 MET 2007 mikulas:
Release mouse when spawning OS shell or user viewers
|
|
|
|
swish-e.
|
|
|
|
|
|
* Fixed four crash bugs found using Mozilla's jsfunfuzz tool.
* Fixed a stability issue with Speed Dial.
Security
* Fixed a JavaScript security issue discovered with Mozilla's
jsfunfuzz tool. See our advisory.
|
|
and ease-of-maintenance.
|
|
|
|
of an emulated operating system. Instead of proliferating things like
SUSE_VERSION_REQD, NETBSD_VERSION_REQD, SOLARIS_VERSION_REQD, etc., a
package can say:
EMUL_REQD= suse>=9.1 netbsd>=2.0 solaris>=10
all in one, succinct line.
|
|
matches the native operating system. Use it in place of checking
whether EMUL_DISTRO matches "native-*" as EMUL_DISTRO is no longer
defined after bsd.prefs.mk is included.
This should fix PR pkg/36823 by Robert Elz.
|
|
result. Bump revision.
|
|
|
|
depend upon to supply the Linux shared libraries already tell the user
this. The JDK packages also depend on the corresponding JRE package,
so they don't need to show the same message -- keep the message with
the JRE packages instead.
|
|
Changes:
0.33 2006-09-26
- When setting up tests with Apache::Test, if the user has apache2 we
need to make sure that they have the mod_apreq2.so library
available. If they don't, the live tests will be skipped. Based on a
patch from Derek Price. RT #21552.
0.32 2006-09-18
- Work around a (maybe) bug in Apache2::Cookie. Set -value to undef to
in Apach2::Cookie->new causes it to return undef, rather than a
cookie with no value. This meant that delete_session() caused an
"attempt to call method of undefined value" error. Reported by Derek
Price. RT #20992.
|
|
- bugfixes
- FileFilter is using fork/exec directly, avoiding possible shell escape
issues
- proximity suppor tfor matchs
- fix sparc64 issues
- switch to GPL as license with a special link clause
- make use of strcoll for sorting
|
|
to-be-added-soon portability check.
|