| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
initial comma when it expands to empty is a GCC extension. Avoid it.
|
|
|
|
Upstream changelog:
5.0.1:
This release fixes two security vulnerabilities in Roller, listed below:
CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability
CVE-2012-2381: Apache Roller Cross-Site-Scripting (XSS) vulnerability
5.0:
What's new in Roller 5.0:
https://cwiki.apache.org/confluence/display/ROLLER/What's+new+in+Roller+5.0
|
|
* Add a possible fix of SA4931, too.
Drupal 6.27, 2012-12-19
----------------------
- Fixed security issues (multiple vulnerabilities), see SA-CORE-2012-004.
|
|
* Fix misspelling in options.mk
Drupal 7.18, 2012-12-19
-----------------------
- Fixed security issues (multiple vulnerabilities). See SA-CORE-2012-004.
|
|
|
|
|
|
Release notes
Release date: 2012-12-18
Opera 12.12 is a recommended upgrade offering security and stability enhancements.
Fixes and Stability Enhancements since Opera 12.11
General and User Interface
* Several general fixes and stability improvements
* New option `Delete settings and data for all extensions' option (off by
default) in the Delete Private Data dialog
* Corrected an issue where using the 'Delete Private Data' dialog could delete
extension and settings data
* Redesigned the 'Delete Private Data' dialog to be more usable with small
screens
* Fixed an issue where quitting Opera while in fullscreen mode could cripple
the interface on the next start-up
Security
* Fixed an issue where malformed GIF images could allow execution of arbitrary code; see our advisory
http://www.opera.com/support/kb/view/1038/
* Fixed an issue where repeated attempts to access a target site could trigger
address field spoofing, as reported by Masato Kinugawa; see our advisory
http://www.opera.com/support/kb/view/1040/
UNIX-only
* Fixed an issue where private data could be disclosed to other computer
users, or be modified by them, as reported by Jann Horn; see our advisory
http://www.opera.com/support/kb/view/1039/
|
|
turned off in www/curl.
Modify the curl package to be aware of the libidn option. Ensure default
is on.
No functional change, so no version number bump.
|
|
== 1.5.0 Knife
* Fix compilation under Ubuntu 12.04 with -Werror=format-security option.
* Raise an error when no PID file.
* Prevent duplicate response headers.
* Make proper response on exception [MasterLambaster].
* Automatically close idling pipeline connections on server stop [MasterLambaster].
|
|
=== unicorn 4.5.0 - check_client_connection option / 2012-12-07 22:59 UTC
The new check_client_connection option allows unicorn to detect
most disconnected local clients before potentially expensive
application processing begins.
This feature is useful for applications experiencing spikes of
traffic leading to undesirable queue times, as clients will
disconnect (and perhaps even retry, compounding the problem)
before unicorn can even start processing the request.
To enable this feature, add the following line to a unicorn
config file:
check_client_connection true
This feature only works when nginx (or any other HTTP/1.0+
client) is on the same machine as unicorn.
A huge thanks to Tom Burns for implementing and testing this
change in production with real traffic (including mitigating
an unexpected DoS attack).
ref: http://mid.gmane.org/CAK4qKG3rkfVYLyeqEqQyuNEh_nZ8yw0X_cwTxJfJ+TOU+y8F+w@mail.gmail.com
This release fixes broken Rainbows! compatibility in 4.5.0pre1.
=== unicorn 4.5.0pre1 - check_client_connection option / 2012-11-29 23:48 UTC
The new check_client_connection option allows unicorn to detect
most disconnected clients before potentially expensive
application processing begins.
This feature is useful for applications experiencing spikes of
traffic leading to undesirable queue times, as clients will
disconnect (and perhaps even retry, compounding the problem)
before unicorn can even start processing the request.
To enable this feature, add the following line to a unicorn
config file:
check_client_connection true
A huge thanks to Tom Burns for implementing and testing this
change in production with real traffic (including mitigating
an unexpected DoS attack).
=== unicorn 4.4.0 - minor updates / 2012-10-11 09:11 UTC
Non-regular files are no longer reopened on SIGUSR1. This
allows users to specify FIFOs as log destinations.
TCP_NOPUSH/TCP_CORK is no longer set/unset by default. Use
:tcp_nopush explicitly with the "listen" directive if you wish
to enable TCP_NOPUSH/TCP_CORK.
Listen sockets are now bound _after_ loading the application for
preload_app(true) users. This prevents load balancers from
sending traffic to an application server while the application
is still loading.
There are also minor test suite cleanups.
|
|
3.2.3
* sass --watch no longer crashs when a file in a watched directory is deleted.
* Allow @extend within bubbling nodes such as @media.
* Fix various JRuby incompatibilities and test failures.
* Work around a performance bug that arises from using @extend with
deeply-nested selectors.
3.2.2
* Add a --poll option to force sass --watch to use the polling backend to
Listen.
* Fix some error reporting bugs related to @import.
* Treat protocol-relative URLs in @imports as static URLs, just like http and
https URLs.
* Improve the error message for misplaced simple selectors.
* Fix an option-handling bug that was causing errors with the Compass URL
helpers.
* Fix a performance issue with @import that only appears when ActiveSupport is
loaded.
* Fix flushing of actions to stdout. Thanks to Russell Davis
(http://github.com/russelldavis).
* Fix the documentation for the max() function.
* Fix a @media parsing bug.
Deprecations -- Must Read!
* Sass will now print a warning when it encounters a single @import statement
that tries to import more than one file. For example, if you have @import
"screen" and both screen.scss and _screen.scss exist, a warning will be
printed. This will become an error in future versions of Sass.
|
|
Rails versions.
|
|
|
|
* Now this package support all Ruby on Rails packages.
## 2.1.4 (26 November 2012)
- Updated to jQuery 1.8.3
- Updated to jQuery UI 1.9.2
- Rails 4 compatibility
- Rails 3.0 compatibility
- Rails 3.1 (without asset pipeline) compatibility
## 2.1.3 (24 September 2012)
- Updated to latest jquery-ujs
- Updated to jQuery 1.8.2
|
|
|
|
|
|
=== 2.8 / 2012-10-17
* Minor enhancements
* Added Net::HTTP::Persistent::detect_idle_timeout which can be used to
determine the idle timeout for a host.
* The read timeout may now be updated for every request. Issue #33 by
Mislav Marohnić
* Added NO_PROXY support. Pull Request #31 by Laurence Rowe.
* Added #cert and #key aliases for Net::HTTP compatibility. Pull request
#26 by dlee.
* The artifice gem now disables SSL session reuse to prevent breakage of
testing frameworks. Pull Request #29 by Christopher Cooke.
* Disabled Net::HTTP::Persistent::SSLReuse on Ruby 2+. This feature is now
built-in to Net::HTTP.
* Bug fixes
* Socket options are set again following connection reset. Pull request #28
by cmaion.
* #shutdown now works even if no connections were made. Pull Request #24 by
James Tucker.
* Updated test RSA key size to 1024 bits. Bug #25 by Gunnar Wolf.
* The correct host:port are shown in the exception when a proxy connection
fails. Bug #30 by glebtv.
|
|
== 0.6.2 / 2012-09-27
* Minor enhancements
* Support HTTP PATCH method (Marjan Krekoten' #33)
* Preserve the exact query string when possible (Paul Grayson #63)
* Add a #delete method to CookieJar (Paul Grayson #63)
* Bug fixes
* Fix HTTP Digest authentication when the URI has query params
* Don't append default ports to HTTP_HOST (David Lee #57)
|
|
Changes are too many to write here, please refer CHANGELOG.
|
|
Changes are too many to write here, please refer CHANGELOG.
|
|
== 3.0.2
* New Features
* Support IE Safe Hacks [stereobooster]
* Bugfixes
* Fix #23 - set up CSSPool.CSS so it can read files. [Mike Tierney]
|
|
|
|
- Bug 3622: peerClearRRStart scheduling multiple events
- Bug 3615: configure check for default max number of FDs is broken
- Bug 3607: --enable-auth documented default action incorrect
- Bug 3593: socket failure: Address family not supported by protocol
- Bug 3584: Detection of setresuid() is broken
- Bug 3568: Consolidate external_acl_type config dumping and add missing %%
- Bug 3564: eCAP not supporting CoAP URI schemes
- Bug 3484: Docs: sslproxy_cert_error example flawed
- Bug 3462: Delay Pools and ICAP
- Bug 3133: better fix: Memory leak handling requests for sites that don't
exist
- Bug 2976: ERR_INVALID_URL for transparently captured requests when
reconfiguring
- Silence IOS 15.1 unknown capabilities messages.
- Account for Store disk client quota when bandwidth-limiting the server.
- ... and several documentation fixes
- ... and several compile fixes
|
|
Bump PKGREVISION.
|
|
|
|
www/deforaos-surfer (version 0.2.6)
|
|
Highlights
* New Media Manager
+ Beautiful interface: A streamlined, all-new experience
+ Create galleries faster with drag-and-drop reordering,
inline caption editing, and simplified controls
+ Insert multiple images at once with Shift/Ctrl+click
* New Default Theme - Twenty Twelve
+ Simple, flexible, elegant
+ Mobile-first, responsive design
+ Gorgeous Open Sans typeface
+ Uses the latest Theme Features
* Admin Enhancements
+ New Welcome Screen
+ Retina-Ready (HiDPI) Admin
+ Hide Link Manager for new installs
+ Better accessibility for screenreaders, touch devices, and
keyboard users
+ More polish on admin screens, including a new color picker
* For Developers
+ WP_Comment_Query and WP_User_Query accept now meta queries
just like WP_Query
+ Meta queries now support querying for objects without a
particular meta key
+ Post objects are now instances of a WP_Post class, which
improves performance and caching
+ Multisite's switch_to_blog() is now significantly faster and
more reliable
+ WordPress has added the Underscore and Backbone JavaScript
libraries
+ TinyMCE, jQuery, jQuery UI, and SimplePie have all been
updated to the latest versions
+ Image Editing API for cropping, scaling, etc., that uses
ImageMagick as well as GD
+ XML-RPC: Now always enabled and supports fetching users,
managing post revisions, searching
+ New "show_admin_column" parameter for register_taxonomy()
allows automatic creation of taxonomy columns on associated post-types.
|
|
0.7.7
More fixes for App Engine, now less likely to swallow important exceptions.
Adding proxy_info_from_* methods to Python3. Reviewed in https://codereview.appspot.com/6588078/.
Added GeoTrust cert
Make httplib2.Http() instances pickleable. Reviewed in https://codereview.appspot.com/6506074/
The following issues have been fixed:
229 python3 httplib2 clobbers multiple headers of same key
230 Expose meaningful exception for App Engine URLFetch ResponseTooLargeError
231 Expose App Engine URLFetch DeadlineExceededError for debugging purposes
|
|
This is a kind of meta-package and all changes are depending Ruby on Rails
related packages.
|
|
## Rails 3.2.9 (unreleased) ##
* No changes.
|
|
## Rails 3.2.9 (unreleased) ##
* Clear url helpers when reloading routes.
*Santiago Pastorino*
* Revert the shorthand routes scoped with `:module` option fix
This added a regression since it is changing the URL mapping.
This makes the stable release backward compatible.
*Rafael Mendonça França*
* Revert the `assert_template` fix to not pass with ever string that matches the template name.
This added a regression since people were relying on this buggy behavior.
This will introduce back #3849 but this stable release will be backward compatible.
Fixes #8068.
*Rafael Mendonça França*
* Revert the rename of internal variable on ActionController::TemplateAssertions to prevent
naming collisions. This added a regression related with shoulda-matchers, since it is
expecting the [instance variable @layouts](https://github.com/thoughtbot/shoulda-matchers/blob/9e1188eea68c47d9a56ce6280e45027da6187ab1/lib/shoulda/matchers/action_controller/render_with_layout_matcher.rb#L74).
This will introduce back #7459 but this stable release will be backward compatible.
Fixes #8068.
*Rafael Mendonça França*
* Accept :remote as symbolic option for `link_to` helper. *Riley Lynch*
* Warn when the `:locals` option is passed to `assert_template` outside of a view test case
Fix #3415
*Yves Senn*
* Rename internal variables on ActionController::TemplateAssertions to prevent
naming collisions. @partials, @templates and @layouts are now prefixed with an underscore.
Fix #7459
*Yves Senn*
* `resource` and `resources` don't modify the passed options hash
Fix #7777
*Yves Senn*
* Precompiled assets include aliases from foo.js to foo/index.js and vice versa.
# Precompiles phone-<digest>.css and aliases phone/index.css to phone.css.
config.assets.precompile = [ 'phone.css' ]
# Precompiles phone/index-<digest>.css and aliases phone.css to phone/index.css.
config.assets.precompile = [ 'phone/index.css' ]
# Both of these work with either precompile thanks to their aliases.
<%= stylesheet_link_tag 'phone', media: 'all' %>
<%= stylesheet_link_tag 'phone/index', media: 'all' %>
*Jeremy Kemper*
* `assert_template` is no more passing with what ever string that matches
with the template name.
Before when we have a template `/layout/hello.html.erb`, `assert_template`
was passing with any string that matches. This behavior allowed false
positive like:
assert_template "layout"
assert_template "out/hello"
Now it only passes with:
assert_template "layout/hello"
assert_template "hello"
Fixes #3849.
*Hugolnx*
* Handle `ActionDispatch::Http::UploadedFile` like `Rack::Test::UploadedFile`, don't call to_param on it. Since
`Rack::Test::UploadedFile` isn't API compatible this is needed to test file uploads that rely on `tempfile`
being available.
*Tim Vandecasteele*
* Respect `config.digest = false` for `asset_path`
Previously, the `asset_path` internals only respected the `:digest`
option, but ignored the global config setting. This meant that
`config.digest = false` could not be used in conjunction with
`config.compile = false` this corrects the behavior.
*Peter Wagenet*
* Fix #7646, the log now displays the correct status code when an exception is raised.
*Yves Senn*
* Fix handling of date selects when using both disabled and discard options.
Fixes #7431.
*Vasiliy Ermolovich*
* Fix select_tag when option_tags is nil.
Fixes #7404.
*Sandeep Ravichandran*
* `javascript_include_tag :all` will now not include `application.js` if the file does not exists. *Prem Sichanugrist*
* Support cookie jar options (e.g., domain :all) for all session stores.
Fixes GH#3047, GH#2483.
*Ravil Bayramgalin*
* Performance Improvement to send_file: Avoid having to pass an open file handle as the response body. Rack::Sendfile
will usually intercept the response and just uses the path directly, so no reason to open the file. This performance
improvement also resolves an issue with jRuby encodings, and is the reason for the backport, see issue #6844.
*Jeremy Kemper & Erich Menge*
|
|
|
|
* CVE-2012-4431 is fixed in 7.0.32
Changelog:
Tomcat 7.0.34 (markt) 2012-12-12
Catalina
fix 53871: Improve error message if annotation scanning fails during web application start due to poor configuration or illegal cyclic inheritance with the application's classes. (markt)
fix Fix unit test for AccessLogValve when using non-GMT time zone. (rjung)
fix 54170: Ensure correct registration of Filters and Servlets in the JMX registry if the Filter or Servlet name includes a character that must be quoted if used in an ObjectName value. (markt)
add Add new attribute renameOnRotate to the AccessLogValve. (rjung)
fix 54190: Correct unit tests for BASIC authentication so that session timeout is correctly tested. Also refactor unit test to make it easier to add additional tests. Patch by Brian Burch. (markt)
fix 54220: Ensure the ErrorReportValve only generates an error report if the error flag on the response has been set. (markt)
fix Simplify time zone handling in the access log valve and correctly handle various edge cases for non-standard DST changes. (markt)
Web applications
fix 54198: Clarify that HttpServletResponse.sendError(int) results in an HTML response by default. (markt)
fix 54207: Correct JNDI factory package name in Javadoc for org.apache.naming.java.javaURLContextFactory. (markt)
jdbc-pool
code Fix a handful of Eclipse warnings in the JDBC pool source code including the warnings reported in 53565. (markt)
fix 54150: Make sure that SlowQueryReportJmx mbean deregistered during webapp shutdown. Reported by Alex Franken. (kfujino)
fix 54194: Make sure that connection pool mbean is not registered when jmxEnabled is false. Patch provided by tobias.gierke. (kfujino)
Other
update Update to Eclipse JDT Compiler 4.2.1. (markt)
Tomcat 7.0.33 (markt) 2012-11-21
Catalina
add 53960, 54115: Extensions to HttpClient test helper class. Patches by Brian Burch. (markt/kkolinko)
fix 53993: Avoid a possible NPE in the AccessLogValve when the session ID is logged and a session is invalidated. (markt)
fix Add support for LAST_ACCESS_AT_START system property to PersistentManager. (kfujino)
add Update MIME type mapping with additional / updated mime.types from the Apache web server. (markt)
fix 54007: Fix a memory leak that prevented deletion of a context.xml file associated with a Context that had failed to deploy. Also fix the problems uncovered with undeploying such a Context once the leak had been fixed and the file could be deleted. (markt)
fix 54044: Correct bug in timestamp cache used by logging (including the access log valve) that meant entries could be made with an earlier timestamp than the true timestamp. (markt)
fix 54054: Do not share shell environment variables between multiple instances of the CGI servlet. (markt)
fix 54060: Use a simple parser rather than a regular expression to parse HTTP Digest authentication headers so the header is correctly parsed. The new approach is also faster and generates less garbage. (markt)
fix 54068: Rewrite the web fragment ordering algorithm to resolve multiple issues that resulted in incorrect ordering or failure to find a correct, valid order. (markt)
update The HTTP header parser added to address 52811 has been removed and replaced with the light-weight HTTP header parser created to address 54060. The new parser includes a work-around for a bug in the Adobe Acrobat Reader 9.x plug-in for Microsoft Internet Explorer that was identified when the old parser was introduced (53814).
fix 54076: Add an alternative work-around for clients that use SPNEGO authentication and expect the authenticated user to be cached per connection (Tomcat only does this if an HTTP session is available). (markt)
fix 54087: Correctly handle (ignore) invalid If-Modified-Since header rather than throwing an exception. (markt)
fix 54096: In web.xml, <env-entry> should accept any type that has a constructor that takes a single String or char. (markt)
add 54127: Add support for sending a WebSocket Ping. Patch provided by Sean Winterberger. (markt)
fix In FormAuthenticator: If it is configured to change Session IDs, do the change before displaying the login form. (kkolinko)
fix Ensure AsyncListener.timeout() and AsyncListener.complete() are called with the correct thread context class loader. (fhanik)
fix 54123: If an asynchronous request times out without any AsyncListeners defined, a 500 error will be triggered. (markt)
fix 54124: Correct provided value of request attribute javax.servlet.async.request_uri and add missing request attribute javax.servlet.async.path_info. (markt)
add Add denyStatus initialization parameter to CsrfPreventionFilter, allowing to customize the HTTP status code used for denied requests. (kkolinko)
fix 54141: Increase the permitted number of nested Realm levels from 2 to 3 by default and make the limit configurable via a system property. (markt)
fix Revert occasional API change in BaseDirContext class that was done in 7.0.32. Methods should not be final. (kkolinko)
fix Prevent failures in the AccessLogValve when running under a SecurityManager and the first request received is an asynchronous one. (markt)
Coyote
fix Correct an issue that prevented WebSockets from being used over SSL when using the HTTP NIO connector. (markt)
fix 54022: Ensure the Comet END event is triggered on client disconnect with APR/native on Windows Vista/2k8 or later. Patch provided by Douglas Beachy. (markt)
fix 54067: Ensure responses with 1xx response codes are correctly marked as not containing an entity body. This caused an issue for some WebSocket clients when an Transfer-Encoding header was sent with the 101 (HTTP upgrade) response. (markt)
Jasper
code 53867: Optimise the XML escaping provided by the PageContext implementation. Based on a patch by Sheldon Shao. (markt)
code 53896: Use an optimised CompositeELResolver for Jasper that skips resolvers that are known to be unable to resolve the value. Patch by Jarek Gawor. (markt)
fix 53986: Correct a regression introduced by the fix for 53713. JSP comments that ended with the sequence ---%> (or any similar sequence with a odd number of - characters) was not correctly parsed. (markt)
fix 54011: Fix a bug in the tag plug-in for <c:out> that triggered a JSP compilation error if the escapeXml attribute was used. Patch provided by Sheldon Shao. (markt)
code Follow up to 5401. Simplify generated code for <c:out>. Based on a patch by Sheldon Shao. (markt)
fix 54012: Fix a bug in the tag plug-in infrastructure that meant the <c:set> triggered a JSP compilation error when used in a tag file. Based on a patch provided byx 54144: Fix a bug in the tag plug-in for <c:out> that meant that if the value of the tag evaluated to a java.io.Reader object then it was not correctly handled. (markt)
Cluster
fix Add getSessionIdsFull operation to mbeans-descriptor. listSpplications
add 54143: Add display of the memory pools usage (including PermGen) to the Status page of the Manager web application. (kkolinko)
Tribes
fix 54045: Make sure getMembers() returns available member when TcpFailureDetector fix Revert multiple operation support for the JMXProxyServlet pending further discussion. (schultz)
fix CVE-2012-4431: Fix bypass of CsrfPreventionFilter when there is no session. Improve session management in the filter. (kkolinko)
Web apit servlets (JSP and default) are marked as override-able when using embedded mode. (markt)
fix When the DefaultServlet is under heavy load, the HTTP header parser added to address 52811 generates large amounts of garbage and uses significant CPU time. A cache has been added that significantly reduces the overhead of this parser. (markt)
fix 53854: Make directory listings work correctly when aliases are used. (markt)
Jasper
code 53713: Performance improvement of up to four times faster parsing of JSP pages. Patch provided by Sheldon Shao. (markt)
Cluster
add Make the cluster members and the cluster deployer associated with the cluster accessible via JMX. (markt)
fix Fix a behavior of TcpPingInterceptor#uhread. If set to false, ping thread is never started. (kfujino)
Web applications
add Improve the documentation web application to clarify the difference between the tag and version parameters when using text interface of the Manager web application. (markt)
add Make sessions saved in the Store associated with a Manager that extends PersistentManager optionally visible (via the showProxySessions Servlet initialisation parameter in web.xml) to the Manager web application. (markt)
|
|
|
|
* Language
** Generalized client values in server code
** Injections into client sections
* Tools
** Added eliom-destillery for generating project scaffolds
** Support Eliom interface files (.eliomi) in eliomc, eliomdep
** eliomdep: Generate dependencies between eliom-modules
** eliomc: infer only with option -infer, drop option -noinfer
** eliomc: Basic support for -i on eliom-files
** eliom{c,dep,opt},js_of_eliom: -dump to output the intermediate code
** eliomc,js_of_eliom: always open Eliom_pervasives in eliom files
* API
** Eliom_pervasives.server_function to easily access the from the client
** Get current state of a scope
** Module to access values of Eliom references in external states
(Eliom_state.Ext)
** Scope names are now named scope hierarchies
** Iterate the scope hierarchy (group > session > client > request)
** Adding Eliom_parameter.(type_checker, neopt)
** Add functions to insert html5 in atom feeds
** Eliom_tools.{F,D}.html to ease creation of head-tag
** Eliom_tools.wrap_handler as an easy alernative to
Eliom_registration.Customize
** Test for initial request of a client on the server
* Changed server behaviour
** Eliom_state.discard_everything now also discards request state
** Don't send nodes as data when they are part of the document
* Changed client behaviour
** Show progress cursor during navigation with change_page
** Improved error messages
** Fail on the client when a [server_function] or call_caml_service
fails on the server
* Bugfixes
** Allow % for injections directly after parentheses
* Support dropped for
** Xhtml
** OCamlDuce
** Eliom_compatibility_2_1
* A myriade of bugfixes
|
|
* Relative filenames when not running as daemon
* Small change in ocsigen_lib: encoding of parameters with "
* fix Ocsigen_http_client.get_url (and other) first "/" was missing
* Installation: Do not try to chown files to a different user
* Fix error on make logrotate
* redirectmod: fixing default to permanent (as written in manual)
* Minor additions in the API
Also, the package was updated, mostly to use PLIST_VARS.
|
|
|
|
new and iimproved features, plus security and stability enhancements.
|
|
|
|
SOY CMS is flexible and plugin-based Contents Management System.
User interface is written in Japanese.
|
|
Bump PKGREVISION.
Noted by Edgar Fuß in PR 47288.
|
|
Bump PKGREVISION.
|
|
Security fixes:
* Host header poisoning
* Redirect poisoning
|
|
|
|
Version 1.8.3
-------------
This release mostly fixes support for IPv6, and also some security
bugs. Fixes to messages, etc. were also made.
Bugs resolved since version 1.8.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#91: Fix upstream proxy support
* BB#95: Fix FilterURLs with transparent proxy support
* BB#90: Fix bug in ACL netmask generation
Contributors
~~~~~~~~~~~~
Daniel Egger, John Horne, Michael Adam, Mukund Sivaraman.
Version 1.8.2
-------------
* Minor formatting changes and typo fixes were made.
Bugs resolved since version 1.8.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#69: INET6 not available when configured to Listen and Bind in v4,
and vice versa
* BB#74: tinyproxy unable to reopen log files after receiving HUP
* BB#78: Warn if configuration results in an open proxy
* BB#82: https access not working
* BB#83: run_tests.sh relies on $USER
* BB#84: Unaligned access error on ia64 and alpha
* BB#87: Unable to listen on ports less than 1024 (regression in 1.8.1)
* BB#88: Crashes when reloading configuration
* BB#89: tinyproxy leaks memory over time
Contributors
~~~~~~~~~~~~
Dmitry Semyonov, John van der Kamp, Jordi Mallach, Michael Adam,
Mukund Sivaraman.
Version 1.8.1
-------------
* Tinyproxy now drops `root` user privileges more quickly.
* The log and pid files are now stored in a sub-directory in `/var/`.
* A format string vulnerability was fixed.
* Minor formatting changes and typo fixes were made.
Bugs fixed since version 1.8.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#74: tinyproxy unable to reopen log files after receiving HUP
* BB#79: Make the testsuite uninteractive
* BB#80: Handle errors in testsuite
* BB#81: Listen directive doesn't work as expected
* BB#72: upstream support is not reported with tinyproxy -h
* BB#73: generated tinyproxy.conf has the wrong location for the html
file installation
Contributors
~~~~~~~~~~~~
Michael Adam, Mukund Sivaraman.
Version 1.8.0
-------------
* Tinyproxy now reloads its configuration upon SIGHUP signal.
* Tinyproxy reopens its log file (instead of truncation) upon SIGHUP
signal. This is to play more nicely with logrotate.
* File logging is now the default.
Syslog is chosen if and only if "SysLog Yes" is in the config,
i.e., a present "SysLog Yes" in the config file now overrides
any LogFile setting.
* The XTinyProxy option is now documented as a global boolean.
Before it was documented to build a list of sites to add a
X-Tinyproxy header for, but it was implemented as global boolean.
* A new config option AddHeader allows the user to configure a list of
custom headers to send in outgoing HTTP requests.
* A new config option DisableViaHeader allows the user to disable
sending of the "Via:" header.
* Tinyproxy is now IPv6 capable.
* The config option PidFile now has a compiled in default.
Bugs fixed since version 1.7.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#9: Add support for the IPv6 protocol
* BB#17: Add support for custom headers
* BB#55: Error message response omits body when request has a body
* BB#60: Add config option to disable Via header
* BB#61: SIGHUP does not refresh filter list
* BB#62: Make tinyproxy reload the config upon SIGHUP
* BB#64: Config parsing error with reverse proxy option
* BB#65: Format string compile warnings
* BB#67: ACL processing error with multiple Allow statements
Contributors
~~~~~~~~~~~~
David Shanks, Mathew Mrosko, Michael Adam, Mukund Sivaraman.
Version 1.7.1
-------------
* Fixed all warnings reported by GCC.
* The tinyproxy manpage has been extended and converted to asciidoc.
* There is a new tinyproxy.conf manpage that describes all the options.
* The build system has been considerably cleaned up.
* Various other bugs have been fixed.
Bugs fixed since version 1.7.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#2: Fix Tinyproxy for requests like www.site.com:8001
* BB#5: Move templates from the doc directory to its own directory
* BB#8: Update README, INSTALL, NEWS and the manpage
* BB#10: Do not filter out transfer-encoding header
* BB#18: Fix pointer aliasing issues
* BB#53: Add a GPLv2 COPYING file
Contributors
~~~~~~~~~~~~
Andrew Stribblehill, Jeremy Hinegardner, Matthew Dempsky, Michael Adam,
Mukund Sivaraman, Robert James Kaes.
Version 1.7.0
-------------
* There is now support for reverse proxying.
* Tinyproxy does not bundle a vendor regular expressions library
anymore. It uses the system installed regular expressions library.
* The documentation has been updated.
* Tinyproxy now contains some code optimizations such as the use of a
hashmap internally for looking up error pages.
* Various other bugs have been fixed.
Contributors
~~~~~~~~~~~~
Kim Holviala, Marc Silver, Robert James Kaes, Steven Young.
|
|
Add more missing dependencies.
0.41
- Bugfixes
0.4
- Written tests
- HTTP::Server::EV::PortListener module
- Rewritten disk IO code. Now it can use built in perl functions or IO::AIO module.
- Fixed segfault when uploading zero size file
- Multipart processing callbacks.
- Coro support
0.31
- Fixed non ARRAY reference error when cgi->param called in list context with nonexistent param name
- Added explicit type-casting, no more compiler warnings
- Little documentation fix
|
|
* filecheck: Fix bug that prevented File::MimeInfo::Magic from ever
being used.
* openid: Display openid in Preferences page as a comment, so it can be
selected in all browsers.
|
|
|
|
management and manipulation functionality as well as a complete photo gallery
solution. The 2.x release adds more effects, including reflections and
transparent watermarks. It also introduces the ImageModel abstract base class
allowing developers to easily integrated the Photologue core functionality into
their own models. Photologue embraces the Django admin and smoothly integrates
with photo thumbnails and effect previews.
|
