Version 1.5.8beta01 [January 15, 2011]
Removed '#include config.h"' from contrib/libtests/pngvalid.c. It's not
needed and causes trouble for VPATH building.
Moved AC_MSG_CHECKING([if libraries can be versioned]) later to the proper
location in configure.ac (Gilles Espinasse).
Fix bug in pngerror.c: some long warnings were being improperly truncated
(bug introduced in libpng-1.5.3beta05).
Version 1.5.8rc01 [January 21, 2012]
No changes.
Version 1.5.8rc02 [January 25, 2012]
Fixed Min/GW uninstall to remove libpng.dll.a
Conditionalize the install rules for MINGW and CYGWIN in CMakeLists.txt
-1.1 which needs newer suse which doesn't work on NetBSD-5.
Fixes PR 45503 (in conjunction with the creation of libflashsupport10 and
the associated libflashsupport OS version dependency change).
Changes:
1.07 2011-10-25
* Fix a spelling mistake in Config::GitLike::Cascaded
(gregoa@debian.org, forwarded by carnil@debian.org)
1.06 2011-10-12
* Allow calling ->load_file as a class method, for simple use cases
(alexmv)
* Fix a parsing bug when quoted strings directly adjoined to unquoted
strings (alexmv)
* Calling ->load_file on a nonexistant file no longer sets ->is_loaded
(alexmv)
* Document that getters implicitly call ->load (alexmv)
* Make ->dump implicitly call ->load as well (alexmv)
* Minor POD fixes (alexmv, spang)
Changes:
This package has been merged into p5-Class-XSAccessor by the author in
version 1.04_1
1.04_01 Mon Sep 7 11:35 2009
[..]
- Merge Class::XSAccessor::Array into this distribution.
- SECURITY: CVE-2011-3368 (cve.mitre.org)
Reject requests where the request-URI does not match the HTTP
specification, preventing unexpected expansion of target URLs in
some reverse proxy configurations. [Joe Orton]
- SECURITY: CVE-2011-3607 (cve.mitre.org)
Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
is enabled, could allow local users to gain privileges via a .htaccess
file. [Stefan Fritsch, Greg Ames]
- SECURITY: CVE-2011-4317 (cve.mitre.org)
Resolve additional cases of URL rewriting with ProxyPassMatch or
RewriteRule, where particular request-URIs could result in undesired
backend network exposure in some configurations.
[Joe Orton]
- SECURITY: CVE-2012-0021 (cve.mitre.org)
mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
string is in use and a client sends a nameless, valueless cookie, causing
a denial of service. The issue existed since version 2.2.17. Bug#52256.
[Rainer Canavan <rainer-apache 7val com>]
- SECURITY: CVE-2012-0031 (cve.mitre.org)
Fix scoreboard issue which could allow an unprivileged child process
could cause the parent to crash at shutdown rather than terminate
cleanly. [Joe Orton]
- SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
- mod_proxy_ajp: Try to prevent a single long request from marking a worker
in error. [Jean-Frederic Clere]
- config: Update the default mod_ssl configuration: Disable SSLv2, only
allow >= 128bit ciphers, add commented example for speed optimized cipher
list, limit MSIE workaround to MSIE <= 5. [Kaspar Brand]
- core: Fix segfault in ap_send_interim_response(). Bug#52315.
[Stefan Fritsch]
- mod_log_config: Prevent segfault. Bug#50861. [Torsten Foertsch
<torsten.foertsch gmx.net>]
- mod_win32: Invert logic for env var UTF-8 fixing.
Now we exclude a list of vars which we know for sure they dont hold UTF-8
chars; all other vars will be fixed. This has the benefit that now also
all vars from 3rd-party modules will be fixed. Bug#13029 / 34985.
[Guenter Knauf]
- core: Fix hook sorting for Perl modules, a regression introduced in
2.2.21. Bug#45076. [Torsten Foertsch <torsten foertsch gmx net>]
- Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
A range of '0-' will now return 206 instead of 200. Bug#51878.
[Jim Jagielski]
- Example configuration: Fix entry for MaxRanges (use "unlimited" instead
of "0"). [Rainer Jung]
- mod_substitute: Fix buffer overrun. [Ruediger Pluem, Rainer Jung]
Please note that all the security fixes had been integrated into
"pkgsrc" as patches previously.
Changes:
0.13 2011-12-22
- Fix some bugs with our use of Try::Tiny. This could cause warnings on some
systems with Class::Load::XS wasn't installed. Fixes RT #72345.
Pyfilesystem is a Python module that provides a simplified common
interface to many types of filesystem. Filesystems exposed via
Pyfilesystem can also be served over the network, or 'mounted' on the
native filesystem.
Pyfilesystem simplifies working directories and paths, even if you
only intend to work with local files. Differences in path formats
between platforms are abstracted away, and you can write code that
sand-boxes any changes to a given directory.
Pyfilesystem works with Linux, Windows and Mac.
(And of course, NetBSD.)
* Not using gmake, dropped from USE_TOOLS.
* PYPKGPREFIX is not in PLIST, dropped from PLIST_SUBST.
* no compiler is required, USE_LANGUAGES should be empty.
* distutils pakcage should include distutils.mk and register egg-info.
No negative feedback over 3 months from OWNER.
Bump PKGREVISION.
== 1.1.3 - 2012/01/29
* [GitHub #8] fix test broken by libpng version.
(Patch by Bohuslav Kabrda.)
* Used RbConfig instead of Config.
== 1.1.2 - 2011/07/04
* [GitHub #2] fix test broken.
(Reported by Mamoru Tasaka.)
* [GitHub #4] update project descripton.
(Patch by Antonio Terceiro.)
* [GitHub #4] use setup.rb instead of extconf.rb.
(Patch by Antonio Terceiro.)
* [GitHub #3] add Copyright notice to README.
(Suggested by Antonio Terceiro.)
* [GitHub #7] supported non i386 and amd64 architectures.
(Reported by Antonio Terceiro.)
