pkgsrc/www/geeklog/distinfo

$NetBSD: distinfo,v 1.25 2015/12/13 14:55:35 taca Exp $

SHA1 (geeklog-2.1.1.tar.gz) = f039ca40dea3e876a344a64bba3b184b809589ab
RMD160 (geeklog-2.1.1.tar.gz) = 331e100026b697cd1c9d63badcbc30417d94ded0
SHA512 (geeklog-2.1.1.tar.gz) = 57ad03901706c3cdfeed941284d02441007956ce2d21afe916e49ccadffee532959ce3846a9ef41d4d93d8880b68cb1c42d74f1ec0e126c8fe43e2989f0d6ee8
Size (geeklog-2.1.1.tar.gz) = 11801336 bytes
SHA1 (patch-aa) = 61cc381e4c3def555806ed4589446f466f6f8368
SHA1 (patch-ak) = 387f14ace88c0390a2647453a08491500b099c78
Update geeklog to 2.1.1. pkgsrc change: * Prefix PKGNAME with ${PHP_PKG_PREFIX}. * Now depends on php-mysqli instead of php-mysql. * Now allow all pkgsrc's PHP versions. December 9, 2015 (2.1.1) ------------ - [Security] Log parameters for 404 errors & make filtering in 404.log work like in error.log [Dirk] - [Security] Removed the code used for File Manager demos and tests shipped with WideImage to prevent an XSS [Mystralkk] - [Security] Updated File Manager to version 2.2.0 (fixed security issue with file upload check) [Mystralkk] - [Security] Configuration string input sanitizing overhaul. Now can be config option specific by adding sanitize rule in config validation file. Default is now all strings are stripped of tags [Tom] - [Update] CKEditor to version 4.5.4 [Dengen] - [Update] jQuery to version 1.11.3 and jQuery UI to version 1.11.4. jQuery Timepicker Addon updated [Tom] [Dengen] - [Update] OAuth class to version 1.141 [Tom] - [Feature] Integrated the UIkit framework version 2.24.0 into Geeklog [Dengen] - [Feature] Denim theme now uses UIkit [Dengen] - [Feature] Added first part of developer mode which adds extra error logging for any template errors - [Feature] Plugins can now include default templates and css files along with ones for different themes Plugins template and css files can be included with themes. Plugins template files can now have a function.php file to control what javascript is loaded [Tom] - [Feature] Schema.org article, author, and Breadcrumb markup added to Denim and Modern Curve themes [Tom] - [Feature] Poll plugin bar graphs now based on percentage and supports responsive themes [Tom] - [Feature] Useful feature template class [Tom] - [Feature] Allow xmlSiteMap Plugin to Ping Search Engines when new content is Added [Mystralkk] - [Feature] XMLSitemap Plugin - Add dedicated API [Mystralkk] - [Feature] Change default admin page to index.php from moderation.php [Dengen] - [Feature] Search form part of the theme is not accessible. [Dengen] - [Feature] Localization of message "Unfortunately, an error has occurred rendering this page." [Mystralkk] - [Feature] Add Pagination with rel=next and rel=prev [Tom] - [Bug] Added email check to Com_mail to prevent plugins from sending email to users who don't have an address (Oauth users) [Tom] - [Bug] Cached Articles Sometimes do not Display on website [Tom] - [Bug] Current LDAP module doesn't work properly - new Simple_LDAP Authentication provided [Mystralkk] - [Bug] Duplicate Blocks [Mystralkk] - [Bug] Remove hardcoded checks for TLD in domain names [Mystralkk] - [Bug] Geeklog Does Not Accept .website TLD [Mystralkk] - [Bug] Install script Migrate option needs to handle cookiesecure config value [Dirk] - [Bug] Hidden config option 'search_use_fulltext' can be found using search in Configuration [Dengen] - [Bug] Errors while editing blocks reset all options [Dengen] - [Bug] The administrator is forced to be an input of the user password in the Edit User screen [Dengen] - [Bug] Wrong permissions with articles submitted by guest users [Dengen] - [Bug] Declaration of dc: namespace missing from RSS and RDF feeds [Mystralkk] - [Bug] Missing blank in feed headers [Dirk] 2015-12-13 15:55:35 +01:00			$NetBSD: distinfo,v 1.25 2015/12/13 14:55:35 taca Exp $
Importing www/geeklog-1.4.0.3 (geeklog-1.4.0sr3). Geeklog is a PHP/MySQL based application for managing dynamic web content. "Out of the box", it is a blog engine, or a CMS with support for comments, trackbacks, multiple syndication formats, spam protection, and all the other vital features of such a system. 2006-06-15 15:26:42 +02:00
Update geeklog to 2.1.1. pkgsrc change: * Prefix PKGNAME with ${PHP_PKG_PREFIX}. * Now depends on php-mysqli instead of php-mysql. * Now allow all pkgsrc's PHP versions. December 9, 2015 (2.1.1) ------------ - [Security] Log parameters for 404 errors & make filtering in 404.log work like in error.log [Dirk] - [Security] Removed the code used for File Manager demos and tests shipped with WideImage to prevent an XSS [Mystralkk] - [Security] Updated File Manager to version 2.2.0 (fixed security issue with file upload check) [Mystralkk] - [Security] Configuration string input sanitizing overhaul. Now can be config option specific by adding sanitize rule in config validation file. Default is now all strings are stripped of tags [Tom] - [Update] CKEditor to version 4.5.4 [Dengen] - [Update] jQuery to version 1.11.3 and jQuery UI to version 1.11.4. jQuery Timepicker Addon updated [Tom] [Dengen] - [Update] OAuth class to version 1.141 [Tom] - [Feature] Integrated the UIkit framework version 2.24.0 into Geeklog [Dengen] - [Feature] Denim theme now uses UIkit [Dengen] - [Feature] Added first part of developer mode which adds extra error logging for any template errors - [Feature] Plugins can now include default templates and css files along with ones for different themes Plugins template and css files can be included with themes. Plugins template files can now have a function.php file to control what javascript is loaded [Tom] - [Feature] Schema.org article, author, and Breadcrumb markup added to Denim and Modern Curve themes [Tom] - [Feature] Poll plugin bar graphs now based on percentage and supports responsive themes [Tom] - [Feature] Useful feature template class [Tom] - [Feature] Allow xmlSiteMap Plugin to Ping Search Engines when new content is Added [Mystralkk] - [Feature] XMLSitemap Plugin - Add dedicated API [Mystralkk] - [Feature] Change default admin page to index.php from moderation.php [Dengen] - [Feature] Search form part of the theme is not accessible. [Dengen] - [Feature] Localization of message "Unfortunately, an error has occurred rendering this page." [Mystralkk] - [Feature] Add Pagination with rel=next and rel=prev [Tom] - [Bug] Added email check to Com_mail to prevent plugins from sending email to users who don't have an address (Oauth users) [Tom] - [Bug] Cached Articles Sometimes do not Display on website [Tom] - [Bug] Current LDAP module doesn't work properly - new Simple_LDAP Authentication provided [Mystralkk] - [Bug] Duplicate Blocks [Mystralkk] - [Bug] Remove hardcoded checks for TLD in domain names [Mystralkk] - [Bug] Geeklog Does Not Accept .website TLD [Mystralkk] - [Bug] Install script Migrate option needs to handle cookiesecure config value [Dirk] - [Bug] Hidden config option 'search_use_fulltext' can be found using search in Configuration [Dengen] - [Bug] Errors while editing blocks reset all options [Dengen] - [Bug] The administrator is forced to be an input of the user password in the Edit User screen [Dengen] - [Bug] Wrong permissions with articles submitted by guest users [Dengen] - [Bug] Declaration of dc: namespace missing from RSS and RDF feeds [Mystralkk] - [Bug] Missing blank in feed headers [Dirk] 2015-12-13 15:55:35 +01:00			`SHA1 (geeklog-2.1.1.tar.gz) = f039ca40dea3e876a344a64bba3b184b809589ab`
			`RMD160 (geeklog-2.1.1.tar.gz) = 331e100026b697cd1c9d63badcbc30417d94ded0`
			`SHA512 (geeklog-2.1.1.tar.gz) = 57ad03901706c3cdfeed941284d02441007956ce2d21afe916e49ccadffee532959ce3846a9ef41d4d93d8880b68cb1c42d74f1ec0e126c8fe43e2989f0d6ee8`
			`Size (geeklog-2.1.1.tar.gz) = 11801336 bytes`
Update Geeklog 1.5.2sr5 by adding patches since 1.5.2sr5 isn't provided as full release. And add updated fckeditor for Geeklog. These updates should fix known security problems, Secunia SA36372. Jul 30, 2009 (1.5.2sr5) ------------ This release addresses the following security issues: - Gerendi Sandor Attila reported an XSS in the forms to email a user and to email a story to a friend. - The "Mail Story to a Friend" function didn't check story permissions, so that it was possible to email a story even if you didn't have the permissions to view it on the site. 2009-09-13 03:15:10 +02:00			`SHA1 (patch-aa) = 61cc381e4c3def555806ed4589446f466f6f8368`
Update Geeklog to 1.6.0sr2 (security release 2). o Add some pkgsrc patches to improve Content-Type header output. Geeklog 1.6.0sr2 This release addresses the following security issue: * Unauthorized file uploads were possible through FCKeditor. Uploaded files still had to go through FCKeditor's filter, so it was not possible to upload scripts (and the integrity of the Geeklog site as such was not in danger). There were, however, reports that this was used to host malware. This update prevents use of the upload feature when FCKeditor is disabled and disables it for anonymous users. It also doesn't allow uploading of archive files any more. Furthermore, you need some sort of "edit" permission now to be able to upload files through FCKeditor (this is meant as an interim measure - we will probably introduce a separate "upload" permission in future Geeklog versions). Other fixes: * Fixed installation using InnoDB tables. * Fixed a (non-exploitable) SQL error when auto-updating a story's commentcode field. * Fixed a wrong function name in the Links plugin. Geeklog 1.6.0sr1 This release addresses the following security issues: 1. Gerendi Sandor Attila reported an XSS in the forms to email a user and to email a story to a friend. 2. The "Mail Story to a Friend" function didn't check story permissions, so that it was possible to email a story even if you didn't have the permissions to view it on the site. Other fixes: * Fixed an SQL error when submitting a story and the story submission queue was off. * Fixed calls to a nonexistent function COM_outputMessageAndAbort. Geeklog 1.6.0 Results from the Summer of Code This release incorporates the following projects implemented during the the 2008 Google Summer of Code: * Site migration support and easier plugin installation, by Matt West * Improved search, by Sami Barakat * Comment moderation and editable comments, by Jared Wenerd Other changes * The minimum PHP version required by Geeklog is now PHP 4.3.0. Given that the PHP team ended support for PHP 4 in August 2008, you should be looking into upgrading to PHP 5 anyway. * Includes FCKeditor 2.6.4.1 * Includes a new plugin, XMLSitemap, that automatically generates a XML sitemap file, as supported by all major search engines. Plugin written and provided by mystral-kk. * Several new plugin API functions have been added and existing functions have been extended. * The included documentation has been moved to docs/english to allow for translations. Links to the documentation from within Geeklog will link to existing translations for the current language automatically (or fall back to the English documentation if no suitable translation can be found). * There were a variety of theme changes to support new functionality and fix inconsistencies in the layout. This release also includes a number of patches and improvements made by students applying for participation in the Google Summer of Code 2009. Thank you! 2009-09-15 12:48:46 +02:00			`SHA1 (patch-ak) = 387f14ace88c0390a2647453a08491500b099c78`