<ChangeLog>
*) Security: memory corruption might occur in a worker process on 32-bit
platforms while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0088); the bug had appeared in 1.5.10.
Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Feature: the $ssl_session_reused variable.
*) Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9.
Thanks to Lucas Molas.
*) Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used on 32-bit platforms; the bug had
appeared in 1.5.10.
*) Bugfix: the $upstream_status variable might contain wrong data if the
"proxy_cache_use_stale" or "proxy_cache_revalidate" directives were
used.
Thanks to Piotr Sikora.
*) Bugfix: a segmentation fault might occur in a worker process if
errors with code 400 were redirected to a named location using the
"error_page" directive.
*) Bugfix: nginx/Windows could not be built with Visual Studio 2013.
</ChangeLog>
<ChangeLog>
*) Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9.
Thanks to Lucas Molas.
*) Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections.
</ChangeLog>
deskutils/kdepim4:
- Add depedency on coreutils, kleopatra needs md5sum and sha1sum programs [1]
misc/kdehier4:
- add tests directory (r343428 commit to Templates/BSD.local.dist)
security/kwallet:
- moved to security/kwalletmanager (renamed upstream)
x11/kdelibs:
- remove workaround, which is not needed after global fix in
Mk/bsd.kde4.mk (r315373)
PR: ports/187259 [1]
Submitted by: Tobias Berner <tcberner@gmail.com>
Instead of removing the -Wno-unknown-warning-option, split this out in a
Clang specific version and a GCC specific version (yay).
Submitted by: George Mitchell via freebsd-ports
Alberto Villa (avilla@) has done all the hard work to create Qt 5 ports.
Trivial update from 5.2.0-beta1 to 5.2.1 by me.
Special thanks for Adriaan de Groot <groot@kde.org> for his assistance for
Qt-5.2.0 update.
Approved by: portmgr (bapt) (for Mk/bsd.port.mk)
- clarify license (BSD3C)
- do not use easy_install for installation and convert to auto-generated packing list
- add staging support
- install examples into staging area uncoditionally and remove EXAMPLES option
- remove inclusion of devel/py-virtualenv/files/py3k-fix-pkg-plist.inc - it's implemented in bsd.python.mk
Approved by: portmgr (blanket)
Changes:
Version 10.29
- Supports IPv6 clients.
Version 10.28
- Fixed: QS_ClientEventLimit did overwrite counters of other
clients if multiple events have been configured.
Version 10.27
- qslog features the option "-pu" and "-puc" used to gather
request information on a per URL basis.
- Fixed: Wrong includes within the support utilities.
- Extends QS_ClientSerialize max. timeout from 1 to 5 minutes.
Version 10.26
- QS_ClientSerialize supports the QS_ClientIpFromHeader directive.
- Refactor method used to determine redirect port (user tracking)
supporting servers not using virtual hosts.
- Fixed: QS_UserTrackingCookieName uses correct server_rec to
retrieve configuration.
- Hook implementing user tracking is now called after mod_unique_id.
- Slightly changed unique-id generator.
- Adds fflush() to qsgrep utility when writing data to stdout.
Version 10.25
- QS_EventLimitCount writes the current value to the process
environment variables.
- Fixed: QS_[Cond]ClientEventLimitCount logs request id and propagtes
message code (067) to the QS_ErrorNotes variable.
- New variable QS_IPConn representing the number of connections
opened from the very same source IP (works in conjunction with
QS_SrvMaxConnPerIP only).
Version 10.24
- New directive QS_CondClientEventLimitCount.
- QS_SrvMinDataRate: limits the max. data rate to the configured
value (prevents invalid rate due to misconfiguration server or
died child process).
Version 10.23
- Fixed: QS_ClientEventLimitCount log message 067 contains now
the IP address of the request header if QS_ClientIpFromHeader
is used.
- QS_SetEnvRes: supports multiple variables with the same name.
Version 10.22
- Process QS_SetEnvResHeader(Match) and QS_SetEnvRes at error
filter too.
Version 10.21
- Fixed: qslogger may had detected the wrong message severity.
- Adds debug message when detecting "NullConnection" events.
- Built-in request header rules: adapt If-Match, If-None-Match,
Cookie, and Cookie2 HTTP header patterns.
Version 10.20
- Fixed: QS_CondLocRequestLimitMatch did work only if other QS_Loc*
directive had been configured.
Version 10.19
- New directive QS_RedirectIf.
Version 10.18
- QS_ClientEventLimitCount may be cleared by environment
variable (suffixed by "_Clear", e.g. QS_Limit_Clear).
Version 10.17
- QS_ClientEventLimitCount supports unlimited number of events.
- Stores the value of the QS_ClientEventLimitCount variables as
environment variables suffixed by "_Counter", e.g. QS_Limit_Counter
for the default QS_Limit variable, in order to be processed by
other rules.
- Add Content-Security-Policy to the default response header
white list.
- qslog features enhanced "-pc" mode providing more information:
* Collects content type information (%{content-type}o).
* Duration between the first and the last request.
* Average response in ms.
* "ci" indicates if we have seen the client at the end or the
beginning of the file (maybe not all requests in the log
due to log rotation).
* Bytes downloaded.
* Writes status characters to stderr.
* HTTP request methods (GET/POST)
- qsgeo features option "-l" and is able to process "qslog -pc" files.
Version 10.16
- qslog adds 'E' (event identifiers) to the format string.
QSEVENTPATH environment variable specifies a file containing
all known event names (comma separated list).
- qslog average counter (a/A) count only if a numeric value
is available.
- qssing does not try to execute invalid program name (space only).
PR: ports/187132
Submitted by: Eero Haenninen <fax@nohik.ee>
Approved by: Andrea Cervesato <andrea@cervesato.it> (maintainer)
DragonFly 64-bit platform is called "x86_64", not "amd64".
Add this option to the variable substition -- and move this
to a separate line for better visibility. No-Op and no bump
for FreeBSD.
