| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* Sync with www/seamonkey
|
|
Changelog:
Fixed in SeaMonkey 2.13.2
MFSA 2012-90 Fixes for Location object issues
MFSA 2012-67 Installer will launch incorrect executable following new installation
Fixed in SeaMonkey 2.13.1
MFSA 2012-89 defaultValue security checks not applied
MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)
|
|
|
|
a) lang/see support was removed (see below)
b) lang/spidermonkey and wip/spidermonkey185 aren't recognized
ELinks 0.12pre6
---------------
Security fix:
* bug 1124, CVE-2012-4545: Do not delegate GSSAPI credentials in HTTP
Negotiate or GSS-Negotiate authentication. Reported by Marko Myllynen.
(ELinks 0.12pre1 was the first release that supported GSSAPI; earlier
releases are not vulnerable.)
Fixed crashes and hangs:
* critical bug 943: Don't let user JavaScripts call any methods of
``elinks.action'' in tabs that do not have the focus. If a tab was
closed with ``elinks.action.tab_close'' while it had pop-up windows,
ELinks could crash; as a precaution, don't allow other actions
either. (ELinks 0.12pre1 was the first release that supported
``elinks.action''.)
* critical bug 1083: Avoid an infinite loop when trying to decompress
malformed data. Caused by the bug 1068 fix in ELinks 0.12pre3.
* Fix a possible crash or information disclosure on big-endian 64-bit
systems using HTTP Negotiate or GSS-Negotiate authentication.
Incompatibilities:
* Dropped support for SEE. (ELinks 0.12pre1 was the first release
that supported SEE.)
* Guile 2.0.0 (released on 2011-02-16) changed its license to
LGPLv3-or-later, which is not compatible with the GPLv2 that covers
ELinks. Also, Guile has deprecated many of the functions that
ELinks calls.
Other changes:
* major bug 764: Correctly initialize options on big-endian 64-bit
systems.
* bug 983: Give preference to the Content-Type specified in the HTTP
header over that specified via the HTML meta tag.
* bug 1084: Allow option names containing '+' and '*' in the option
manager.
* bug 1112: Map most numeric character references € ... Ÿ
to graphical characters also when the output charset is UTF-8.
(ELinks 0.12pre1 was the first release that supported UTF-8 as the
terminal charset, and ELinks 0.12pre5 was the first release that
supported UTF-8 as the dump charset.)
* minor bug 1113: Fix a small memory leak if a mailcap file is malformed.
* minor bug 1114: Decode SGML entities and NCRs only once in link/@title
and other attributes.
* build: Fix several warnings reported by GCC 4.7.1. Harmless at
runtime but could break the build if configured --enable-debug.
(This version does not fix all such warnings.)
|
|
|
|
this switches to the 1.10 release branch, no useful changelog available
|
|
Enhancements:
- support for include directive
- added support for HTTPS backends
- support for SNI via multiple Cert directives (thanks to Joe Gooch)
Bug fixes:
- fixed problem with long input lines in http.c
- keep sessions for disabled back-ends, continue using them until the time-out
- fixed memory leak in session removal
- fix for possible request smuggling by using multiple headers
- changed long to long long for support of requests larger than 2GB
|
|
|
|
|
|
0.17
handle /(de)?objectify_text/ for <script> extraction
(Stanislaw Pusep)
0.16
commit 07b40205fd03564d476eff7675e9f19196939f2f
Author: Oleg G <verdrehung@gmail.com>
Date: Sat Mar 31 13:26:11 2012 +0700
added few methods to support Web::Query
|
|
5.03 2012-09-22
Release by Christopher J. Madsen
[THINGS THAT MAY BREAK YOUR CODE OR TESTS]
* as_HTML no longer indents <textarea> (Tomohiro Hosaka) (RT #70385)
[FIXES]
* as_trimmed_text did not accept '0' for extra_chars
[DOCUMENTATION]
* Explain that as_text never adds whitespace (RT #66498)
* Explain what extra_chars can contain for as_trimmed_text.
|
|
2012-02-18 LWP-Protocol-https 6.03
Skip test if offline [RT#74163]
Typo fixes
Restore perl-5.8.1 compatibility.
|
|
|
|
Upstream changes:
2012-10-21 HTTP-Message 6.06
Gisle Aas (2):
More forgiving test on croak message [RT#80302]
Added test for multipart parsing
Mark Overmeer (1):
Multipart end boundary doesn't need match a complete line [RT#79239]
_______________________________________________________________________________
2012-10-20 HTTP-Message 6.05
Gisle Aas (5):
Updated ignores
No need to prevent visiting field values starting with '_'
Report the correct croak caller for delegated methods
Disallow empty field names or field names containing ':'
Make the extra std_case entries local to each header
_______________________________________________________________________________
2012-09-30 HTTP-Message 6.04
Gisle Aas (5):
Updated repository URL
Avoid undef warning for empty content
Teach $m->content_charset about JSON
Use the canonical charset name for UTF-16LE (and frieds)
Add option to override the "(no content)" marker of $m->dump
Christopher J. Madsen (2):
Use IO::HTML for <meta> encoding sniffing
mime_name was introduced in Encode 2.21
Tom Hukins (1):
Remove an unneeded "require"
Ville Skytt. (1):
Spelling fixes.
chromatic (1):
Sanitized PERL_HTTP_URI_CLASS environment variable.
Martin H. Sluka (1):
Add test from RT#77466
Father Chrysostomos (1):
Fix doc grammo [RT#75831]
|
|
This is maintenance releases and contain bug fixes only and please release
note for detail changes: <http://wiki.typo3.org/wiki/TYPO3_4.7.5>.
|
|
This is maintenance releases and contain bug fixes only and please release
note for detail changes: <http://wiki.typo3.org/wiki/TYPO3_4.6.13>.
|
|
THis is maintenance releases and contain bug fixes only and please release
note for detail changes: <http://wiki.typo3.org/wiki/TYPO3_4.5.20>.
|
|
Changelog
=========
Since 2.2-rc
----------------
bugfix: calendar monthly view performance upgrades.
bugfix: translation tool for plugins fixed.
bugfix: email html signature puts br tags when composing email.
bugfix: Person email modification does not work.
bugfix: Prevent double task completion (when double clicking on complete link).
bugfix: Fixed company edit link from people tree.
Since 2.2-beta
----------------
bugfix: several fixes in custom reports display.
bugfix: custom reports csv/pdf export always show status column.
bugfix: dashboard activity widget does not control permissions correctly.
bugfix: dashboard activity widget shows username instead of person complete name.
bugfix: subworkspace creation does not inherit color.
bugfix: email autoclassification does not classify attachments.
bugfix: email view shows wrong "To" value when "To" field is empty or undefined.
bugfix: unclassified mails allows to subscribe other users.
bugfix: error when forwarding another user's account emails with attachments.
bugfix: several fixes in email classification functions.
bugfix: company comments are not displayed.
bugfix: dashboard's tasks widget breaks right widgets when scrolling (only in chrome).
bugfix: permissions check in Administration/Dimensions.
bugfix: css is being printed in csv exported reports.
bugfix: error subscribing users when instantiating templates with milestones and subtasks.
bugfix: don't use $this in static functions.
bugfix: archiving and unarchiving members is not done in a transaction.
bugfix: permissions in dimension member selectors.
bugfix: cannot set task's due date to 12:30 PM, always sets the same time but AM.
bugfix: tasks drag and drop losses some attributes.
usability: mouseover highlight on member properties/restrictions tables.
Since 2.1
----------------
bugfix: several fixes in repetitive tasks.
bugfix: quick add of tasks does not subscribe creator.
bugfix: google calendar import fixed.
bugfix: fixed event deletion.
bugfix: fixed email account sharing.
bugfix: fixed AM/PM issue when selecting task's dates.
bugfix: special characters in workspace when adding from quick add.
bugfix: error 500 in workspaces dashboard.
bugfix: error when searching emails by "From" field in advanced search.
bugfix: 1.7 -> 2.x upgrade fixed subtasks.
bugfix: permissions in user's card.
bugfix: task's drag and drop edition bugfixes.
bugfix: task's quick add does not keep the task name when switching to complete edition.
bugfix: several LDAP integration fixes.
bugfix: fixed contact phones display in list.
bugfix: config option descriptions added.
bugfix: user email is not required.
bugfix: milestone selector does not show all available milestones.
bugfix: person email cannot be edited.
bugfix: disabled users are shown in subscribers and invited people.
bugfix: permission groups upgrade does not set type.
bugfix: Javascript problems in IE.
bugfix: issues with breadcrumbs with special characters.
bugfix: VCard import/export fixed.
bugfix: cannot delete workspace with apostrophe.
bugfix: fixed "enters" issue in tasks description wysisyg editor.
bugfix: File copy makes two copies.
bugfix: permissions fixed for submembers.
bugfix: when updating a file, does not subscribe the updater user.
bugfix: milestones display diferent dates in milestone view and task list.
bugfix: "assigned to" filter in tasks does not work properly.
bugfix: cannot archive dimension members.
bugfix: cannot archive several tasks at once.
feature: activity widget.
feature: new workspace and tag selectors.
feature: add timeslot entries to application_logs.
feature: complete parent tasks asks to complete child tasks.
usability: sort email panel by "to" column.
usability: changes in advanced search for email fields.
usability: can change imported calendar names.
usability: email with attachments classification process upgraded.
usability: linked objects selector can filter by workspace and tags.
system: CKEditor updated.
system: translation module upgraded - translate plugins files.
system: German, Russian and French languages upgraded.
|
|
Release notes
Maintenance and security release of the Drupal 7 series.
This release fixes security vulnerabilities. Sites are urged to upgrade
immediately after reading the security announcement:
SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and
Information disclosure
No other fixes are included.
|
|
Fixed security issues:
* Host header poisoning
* Documentation of HttpOnly cookie option
|
|
* recentchangesdiff: fix further breakage to the template from 3.20120725
|
|
* monochrome: New theme, contributed by Jon Dowland.
* rst: Ported to python 3, while still also being valid python 2.
Thanks, W. Trevor King
* Try to avoid a situation in which so many ikiwiki cgi wrapper programs
are running, all waiting on some long-running thing like a site rebuild,
that it prevents the web server from doing anything else. The current
approach only avoids this problem for GET requests; if multiple cgi's
run GETs on a site at the same time, one will display a "please wait"
page for a configurable number of seconds, which then redirects to retry.
To enable this protection, set cgi_overload_delay to the number of
seconds to wait. This is not enabled by default.
* Add back a 1em margin between archivepage divs.
* recentchangesdiff: Correct broken template that resulted in duplicate
diff icons being displayed, and bloated the recentchanges page with
inline diffs when the configuration should have not allowed them.
|
|
|
|
Remove uid code; similar to changes done to mod_perl-2.x, see
https://rt.cpan.org/Public/Bug/Display.html?id=77129
|
|
|
|
mj_turner and jihbed.
A comprehensive Python HTTP client library that supports many features left out
of other HTTP libraries.
Features:
o HTTP and HTTPS
o Keep-Alive
o Authentication
o Caching
o All Methods
o Redirects
o Compression
o Lost update support
o Unit Tested
|
|
|
|
Bottle is a fast, simple and lightweight WSGI micro web-framework for Python.
|
|
* Sync with firefox-10.0.9
|
|
Changelog:
Fixed in Firefox ESR 10.0.9
MFSA 2012-89 defaultValue security checks not applied
Fixed in Firefox ESR 10.0.8
MFSA 2012-87 Use-after-free in the IME State Manager
MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer
MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer
MFSA 2012-84 Spoofing and script injection through location.hash
MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties
MFSA 2012-82 top object and location property accessible by plugins
MFSA 2012-81 GetProperty function can bypass security checks
MFSA 2012-79 DOS and crash with full screen and history navigation
MFSA 2012-77 Some DOMWindowUtils methods bypass security checks
MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8)
MFSA 2012-59 Location object can be shadowed using Object.defineProperty
|
|
Update Japanese language file again.
|
|
* Sync with seamonkey-2.13
|
|
|
|
* Update enigmail to 1.4.5
* Update Mozilla Lightning to 1.8
Changelog:
SeaMonkey-specific changes
None.
Mozilla platform changes
JavaScript responsiveness has been improved through incremental garbage collection.
CSS3 Animations, Transitions, Transforms and Gradients have been unprefixed.
MD5 is no longer supported as a hash algorithm in digital signatures.
The Opus codec is now support by default.
The reverse CSS3 animation direction has been implemented.
Per tab reporting is now available in about:memory.
Fixed several stability issues.
|
|
Changelog:
FIXED
16.0.1: Vulnerability outlined here
https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
NEW
Firefox on Mac OS X now has preliminary VoiceOver support turned on by default
NEW
Initial web app support (Windows/Mac/Linux)
NEW
Acholi and Kazakh localizations added
CHANGED
Improvements around JavaScript responsiveness through incremental garbage collection
DEVELOPER
New Developer Toolbar with buttons for quick access to tools, error count for the Web Console, and a new command line for quick keyboard access
DEVELOPER
CSS3 Animations, Transitions, Transforms and Gradients unprefixed in Firefox 16
DEVELOPER
Recently opened files list in Scratchpad implemented
FIXED
16.0.1: Vulnerability outlined here
https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
FIXED
Debugger breakpoints do not catch on page reload (783393)
FIXED
No longer supporting MD5 as a hash algorithm in digital signatures (650355)
FIXED
Opus support by default (772341)
FIXED
Reverse animation direction has been implemented (655920)
FIXED
Per tab reporting in about:memory (687724)
FIXED
User Agent strings for pre-release Firefox versions now show only major version (728831)
|
|
|
|
SSH: added agent based authentication
ftp: active conn, allow application to set sockopt after accept() call with CURLSOCKTYPE_ACCEPT
multi: add curl_multi_wait()
metalink: Added support for Microsoft Windows CryptoAPI
md5: Added support for Microsoft Windows CryptoAPI
parse_proxy: treat "socks://x" as a socks4 proxy
socks: Added support for IPv6 connections through SOCKSv5 proxy
Bugfixes:
WSAPoll disabled on Windows builds due to its bugs
segfault on request retries
curl-config: parentheses fix
VC build: add define for openssl
globbing: fix segfault when >9 globs were used
fixed a few clang-analyzer warnings
metalink: change code order to build with gnutls-nettle
gtls: fix build failure by including nettle-specific headers
change preferred HTTP auth on a handle previously used for another auth
file: use fdopen() to avoid race condition
Added DWANT_IDN_PROTOTYPES define for MSVC too
verbose: fixed (nil) output of hostnames in re-used connections
metalink: Un-broke the build when building --with-darwinssl
curl man page cleanup
Avoid leak of local device string when reusing connection
Curl_socket_check: fix return code for timeout
nss: do not print misleading NSS error codes
configure: remove the --enable/disable-nonblocking options
darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
NTLM: re-use existing connection better
schannel crash on multi and easy handle cleanup
SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
mk-ca-bundle: detect start of trust section better
gnutls: do not fail on non-fatal handshake errors
SMTP: only send SIZE if supported
ftpserver: respond with a 250 to SMTP EHLO
ssh: do not crash if MD5 fingerprint is not provided by libssh2
winbuild: Added support for building with SPNEGO enabled
metalink: Fixed validation of binary files containing EOF
setup.h: fixed for MS VC10 build
cmake: use standard findxxx modules for cmake v2.8+
HTTP_ONLY: disable more protocols
Curl_reconnect_request: clear pointer on failure
https.c example: remember to call curl_global_init()
metalink: Filter resource URLs by type
multi interface: CURLOPT_LOW_SPEED_* fix during rate limitation
curl_schannel: Removed buffer limit and optimized buffer strategy
|
|
this switches to the 1.8 release branch
|
|
changes:
-improvements to UI and download behavior
-bugfixes
pkgsrc change: use vala-0.18 to build
|
|
|
|
OCaml HTTP is a simple OCaml library for creating HTTP daemons. It is largely
inspired by Perl's HTTP:: modules family.
|
|
|
|
The build failure may be caused by the new perl 5.16 rather than gcc47.
Revert last patch.
|
|
|
|
GCC 4.7 requires variable declaration before use.
|
|
---------------------
* When "git am" is fed an input that has multiple "Content-type: ..."
header, it did not grok charset= attribute correctly.
* Even during a conflicted merge, "git blame $path" always meant to
blame uncommitted changes to the "working tree" version; make it
more useful by showing cleanly merged parts as coming from the other
branch that is being merged.
* "git blame MAKEFILE" run in a history that has "Makefile" but not
"MAKEFILE" should say "No such file MAKEFILE in HEAD", but got
confused on a case insensitive filesystem and failed to do so.
* "git fetch --all", when passed "--no-tags", did not honor the
"--no-tags" option while fetching from individual remotes (the same
issue existed with "--tags", but combination "--all --tags" makes
much less sense than "--all --no-tags").
* "git log/diff/format-patch --stat" showed the "N line(s) added"
comment in user's locale and caused careless submitters to send
patches with such a line in them to projects whose project language
is not their language, mildly irritating others. Localization to
the line has been disabled for now.
* "git log --all-match --grep=A --grep=B" ought to show commits that
mention both A and B, but when these three options are used with
--author or --committer, it showed commits that mention either A or
B (or both) instead.
* The subcommand to remove the definition of a remote in "git remote"
was named "rm" even though all other subcommands were spelled out.
Introduce "git remote remove" to remove confusion, and keep "rm" as
a backward compatible synonym.
Also contains a handful of documentation updates.
|
|
Update Japanese language files.
|
|
Changelog:
The Apache Tomcat Project is proud to announce the release of version 7.0.30
of Apache Tomcat. This release contains numerous bug fixes and improvements
compared to version 7.0.29. The notable changes include:
* Significantly reduced memory footprint during web application start while
Servlet 3.0 annotation and SCI scanning is in progress.
* Adds support for scanning of classes that use Java 7 specific byte code
for Servlet 3.0 annotation and SCI scanning.
* Improvements to DIGEST and FORM authentication.
Full details of these changes, and all the other changes, are available in the
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html .
|
|
2.0.7 June 5, 2012
Fix breakage caused by removal of PL_uid et al from perl 5.16.0. Patch from
rt.cpan.org #77129. [Zefram]
2.0.6 April 24, 2012
Preserve 5.8 compatibility surrounding use of MUTABLE_CV [Adam Prime]
Move code after declarations to keep MSVC++ compiler happy. [Steve Hay]
Adopt modperl_pcw.c changes from httpd24 branch. [Torsten Foertsch]
Pool cleanup functions must not longjmp. Catch these exceptions and turn
them into warnings. [Torsten Foertsch]
Fix a race condition in our tipool management.
See http://www.gossamer-threads.com/lists/modperl/dev/104026
Patch submitted by: SalusaSecondus <salusa@nationstates.net>
Reviewed by: Torsten Foertsch
Ensure that MP_APXS is set when building on Win32 with MP_AP_PREFIX,
otherwise the bundled Reload and SizeLimit builds will fail to find a
properly configured Test environment.
[Steve Hay]
Fix a few REFCNT bugs.
Patch submitted by: Niko Tyni <ntyni@debian.org>
Reviewed by: Torsten Foertsch
Correct the initialization of the build config in ModPerl::MM. The global
variable was only being set once on loading the module, which was before
Apache2::BuildConfig.pm had been written, leading to cwd and MP_LIBNAME
being unset when writing the Reload and SizeLimit makefiles.
[Steve Hay]
Discover apr-2-config from Apache 2.4 onwards. [Gozer]
Apache 2.4 and onwards doesn't require linking the MPM module directly in
the httpd binary anymore. APXS lost the MPM_NAME query, so we can't assume
a given MPM anymore. Introduce a fake MPM 'dynamic' to represent this.
[Torsten Foertsch, Gozer]
Perl 5.14 brought a few changes in Perl_sv_dup() that made a threaded apache
segfault while cloning interpreters.
[Torsten Foertsch]
PerlIOApache_flush() and mpxs_Apache2__RequestRec_rflush() now no longer throw
exceptions when modperl_wbucket_flush() fails if the failure was just a reset
connection or an aborted connection. The failure is simply logged to the error
log instead. This should fix cases of httpd.exe crashing when users press the
Stop button in their web browsers.
[Steve Hay]
Fixed a few issues that came up with LWP 6.00:
- t/response/TestAPI/request_rec.pm assumes HTTP/1.0 but LWP 6 uses 1.1
- t/api/err_headers_out.t fails due to a bug somewhere in LWP 6
- t/filter/TestFilter/out_str_reverse.pm sends the wrong content-length header
[Torsten Foertsch]
Bugfix: Apache2::ServerUtil::get_server{description,banner,version} cannot
be declared as perl constants or they won't reflect added version components
if Apache2::ServerUtil is loaded before the PostConfig phase. Now, they
are ordinary perl functions. [Torsten Foertsch]
Check for the right ExtUtils::Embed version during build [Torsten Foertsch]
Take a lesson from rt.cpan.org #66085 and pass LD_LIBRARY_PATH if mod_env
is present. Should prevent test failures on some platforms.
[Fred Moyer]
|
|
|
