| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
* Fixed four crash bugs found using Mozilla's jsfunfuzz tool.
* Fixed a stability issue with Speed Dial.
Security
* Fixed a JavaScript security issue discovered with Mozilla's
jsfunfuzz tool. See our advisory.
|
|
and ease-of-maintenance.
|
|
|
|
of an emulated operating system. Instead of proliferating things like
SUSE_VERSION_REQD, NETBSD_VERSION_REQD, SOLARIS_VERSION_REQD, etc., a
package can say:
EMUL_REQD= suse>=9.1 netbsd>=2.0 solaris>=10
all in one, succinct line.
|
|
matches the native operating system. Use it in place of checking
whether EMUL_DISTRO matches "native-*" as EMUL_DISTRO is no longer
defined after bsd.prefs.mk is included.
This should fix PR pkg/36823 by Robert Elz.
|
|
result. Bump revision.
|
|
|
|
depend upon to supply the Linux shared libraries already tell the user
this. The JDK packages also depend on the corresponding JRE package,
so they don't need to show the same message -- keep the message with
the JRE packages instead.
|
|
Changes:
0.33 2006-09-26
- When setting up tests with Apache::Test, if the user has apache2 we
need to make sure that they have the mod_apreq2.so library
available. If they don't, the live tests will be skipped. Based on a
patch from Derek Price. RT #21552.
0.32 2006-09-18
- Work around a (maybe) bug in Apache2::Cookie. Set -value to undef to
in Apach2::Cookie->new causes it to return undef, rather than a
cookie with no value. This meant that delete_session() caused an
"attempt to call method of undefined value" error. Reported by Derek
Price. RT #20992.
|
|
- bugfixes
- FileFilter is using fork/exec directly, avoiding possible shell escape
issues
- proximity suppor tfor matchs
- fix sparc64 issues
- switch to GPL as license with a special link clause
- make use of strcoll for sorting
|
|
to-be-added-soon portability check.
|
|
useful for category Makefiles, as opposed to bsd.pkg.subdir.mk, which is
also relevant for the top-level directory. Adjusted the category Makefiles.
|
|
Serf 0.1.2 [2007-6-18, r1114]
Enable thread-safety with OpenSSL (Issue 19)
Teach serfmake to install headers into include/serf-0.
Be more tolerant when servers close the connection without telling us.
Do not open the connection until we have requests to deliver.
Fix serfmake to produce the library that corresponds to the minor version.
Fix a memory leak with the socket bucket (Issue 14)
Fix uninitialized branch in serf_spider (Issue 15)
Serf 0.1.1 [2007-5-12, r1105]
Add SSL client certificate support
Implement optimized iovec reads for header buckets
Fix up 'make clean' and 'make distclean' (Issues 9, 10)
Add SERF_VERSION_AT_LEAST macro
Remove abort() calls (Issue 13)
|
|
Bump revision.
|
|
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
For more info, see http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1.4/
|
|
The main goal of the 0.96 release is to cleanup and stabilise the
features from 0.95.
Incompatible changes:
- constraint names changed in some cases, this can effect manage.py
reset on old databases
- some names in manage.py changed
- backslash escaping is done more consistently
- ENABLE_PSYCO is gone
Important changes:
- merge of newforms
- URLconf takes normal callables
- new test framework
- passwords for users can be entered as normal text in the admin
interface, no need to hash manually
In addition: dropped py-setuptools dependency.
|
|
- Support gzip compression of XHTML pages using the correct MIME type.
- Deprecate WSGI_SCRIPT_NAME and scriptName in scgi_base.
- Update servers to default to an empty QUERY_STRING if not present in
the environ
- Update gzip.py: compresslevel -> compress_level
- Change intra-package imports into absolute imports.
- Add forceCookieOutput attribute to SessionService to force Set-Cookie
output for the current request.
- Add UNIX domain socket support to scgi, scgi_fork, scgi_app.
- Add flup.client package which contains various WSGI -> connector
client implentations.
- Change mime-type matching algorithm in GzipMiddleware.
- Add cookieAttributes to SessionService to make it easier to customize
the generated cookie's attributes.
Switch to use the common egg framework and mark as DESTDIR safe.
|
|
- without-x doesn't make sense, remove option
- depend on libiconv and libidn
- quarantine to prevent changes to the normal LOCALEDIR -- this is
a stupid, non-standard version of gettext for no good reason
- fix mremap on NetBSD
Upstream changes:
- various crashes fixed
- fix use after free
- fix large file support for FTP listenings
- automatic HTML detection
Submitted by Blair Sadewitz, consider switching to links, please.
|
|
|
|
|
|
Linux kernel emulation <= 2.0.38. Also ensure that /lib is in
LD_LIBRARY_PATH so that the opera binary can find /lib/libpthread.so.0
in ${EMULDIR} and not NetBSD's /usr/lib/libpthread.so.0.
Bump the PKGREVISION to 1.
|
|
2007-07-31 Gisle Aas
Release 5.807
Apply patch correction from CPAN RT #26152
More laxed t/live/validator test.
|
|
|
|
the necessary dependence on the "suse_gtk2" package.
|
|
|
|
Based on packaged by Edgar Fuss in PR 36683.
Updated to 0.09, fixed dependency and fix PLIST.
This subclass of Template Toolkit supports multilingual templates:
templates that contain text in several languages.
<t>
<en>Hello!</en>
<fr>Bonjour !</fr>
</t>
|
|
pkgsrc chagnes
o Add "coss" option which enable COSS (Cyclic Object storage system).
Noted by Chris Ross on pkgsrc-users.
Changes to squid-2.6.STABLE14 (15 Jul 2007)
- squid.conf.default cleanup to have options in their proper sections.
- documentation correction in the refresh_pattern ignore-auth option
- URI-escaping not uses the recommended upper-case hex codes
- refresh_pattern min-age 0 correted to really mean 0, and not 1 second
- Always use xisxxxx() Squid defined macros instead of ctype
functions.
- Kerberos SPNEGO/Negotiate helper for the negotiate scheme
- Database basic auth helper using Perl DBI to connect to most SQL DBs
- Solaris /dev/poll network I/O support
- configure fixes to make cross compilation somewhat easier
- Removed incorrect -a reference from http_port documentation
- Bug #1900: Double "squid -k shutdown" makes Squid restart again
- Bug #1968: Squid hangs occasionally when using DNS search paths
- Novell eDirectory digest auth helper (digest_edir_auth)
- Bug #1130: min-size option for cache_dir
- POP3 basic auth helper querying a POP3 server
- Cosmetic squid_ldap_auth fixes from Squid-3
- Bug #1085: Add no-wrap to cache manager HTML tables
- Automatically restart if number of available filedescriptors becomes
alarmingly low, preventing a situation where Squid would otherwise
permanently stop processing requests.
- Bug #2010: snmp_core.cc:828: warning: array subscript is above
array bounds
- Deal better with forwarding loops
|
|
So, bump PKGREVISION.
(I just forgot to commit.)
|
|
Bump PKGREVISION.
|
|
binaries and libraries.
Add dependencies on the base, gtk2 and x11 Linux modules, which provide
shared libraries needed by npviewer.bin.
Bump the PKGREVISION to 1.
|
|
custom code.
Adjust the installation commands to deal with different locations of the
extracted files from the RPMs.
|
|
"make emul-distinfo", thanks jlam!).
|
|
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.6/releasenotes/
|
|
|
|
firefox-bin-acroread* packages due to differences in how the
installed symlinks are managed.
|
|
XXX Doesn't work on x86_64 properly yet.
|
|
binary-only packages that require binary "emulation" on the native
operating system. Please see pkgsrc/mk/emulator/README for more
details.
* Teach the plist framework to automatically use any existing
PLIST.${EMUL_PLATFORM} as part of the default PLIST_SRC definition.
* Convert all of the binary-only packages in pkgsrc to use the
emulator framework. Most of them have been tested to install and
deinstall correctly. This involves the following cleanup actions:
* Remove use of custom PLIST code and use PLIST.${EMUL_PLATFORM}
more consistently.
* Simplify packages by using default INSTALL and DEINSTALL scripts
instead of custom INSTALL/DEINSTALL code.
* Remove "SUSE_COMPAT32" and "PKG_OPTIONS.suse" from pkgsrc.
Packages only need to state exactly which emulations they support,
and the framework handles any i386-on-x86_64 or sparc-on-sparc64
uses.
* Remove "USE_NATIVE_LINUX" from pkgsrc. The framework will
automatically detect when the package is installing on Linux.
Specific changes to packages include:
* Bump the PKGREVISIONs for all of the suse100* and suse91* packages
due to changes in the +INSTALL/+DEINSTALL scripts used in all
of the packages.
* Remove pkgsrc/emulators/suse_linux, which is unused by any
packages.
* cad/lc -- remove custom code to create the distinfo file for
all supported platforms; just use "emul-fetch" and "emul-distinfo"
instead.
* lang/Cg-compiler -- install the shared libraries under ${EMULDIR}
instead of ${PREFIX}/lib so that compiled programs will find
the shared libraries.
* mail/thunderbird-bin-nightly -- update to latest binary
distributions for supported platforms.
* multimedia/ns-flash -- update Linux version to 9.0.48 as the
older version is no longer available for interactive fetch.
* security/uvscan -- set LD_LIBRARY_PATH explicitly so that
it's not necessary to install library symlinks into
${EMULDIR}/usr/local/lib.
* www/firefox-bin-flash -- update Linux version to 9.0.48 as the
older version is no longer available for interactive fetch.
|
|
2007-07-17 Gisle Aas
Release 5.806
Added progress callback to LWP::UserAgent.
HTTP::Daemon didn't avoid content in responses to HEAD requests
Add support for HTTP Expect header to HTTP::Daemon (CPAN RT #27933)
Fix t/base/message.t so tests are skipped if Encode is not
installed. (CPAN RT #25286)
Add HTML::Tagset as a prerequisite to Makefile.PL
Do not clobber $_ in LWP::Protocol::nntp (CPAN RT #25132)
Fix lwp-download so it can download files with an "_" in the filename
(CPAN RT#26207)
Quiet complaints from HTML::HeadParser when dealing with undecoded
UTF-8 data. (CPAN RT#20274)
When both IO::Socket::SSL and Net::SSL are loaded, use the latter
(CPAN RT #26152)
Allows SSL to work much more reliably:
(CPAN RT #23372)
Allow text/vnd.wap.wml and application/vnd.oasis.opendocument.text
in content-type field in lwp-request (CPAN RT #26151)
Add default media type for XML in LWP::MediaTypes (CPAN RT #21093)
Added chunked test by Andreas J. Koenig
|
|
|
|
|
|
|
|
|
|
Fix two security issues:
http://drupal.org/node/162360
http://drupal.org/node/162361
|
|
Security fixes in this version:
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1.3/
|
|
|
|
Security fixes in this version:
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/
|
|
Clarify RESTRICTED (due to trademark issues), and add a comment
questioning if we also need to set LICENSE.
|
|
- various possible NULL pointer references
- two cases were uninitialised memory is used or memory could be
corrupted. This might be exploitable to execute arbitrary code.
- possible mod_access by-pass by appending /
- a local DOS by broken FastCGI handlers
|
