=== 2.8 / 2012-10-17
* Minor enhancements
* Added Net::HTTP::Persistent::detect_idle_timeout which can be used to
determine the idle timeout for a host.
* The read timeout may now be updated for every request. Issue #33 by
Mislav Marohnić
* Added NO_PROXY support. Pull Request #31 by Laurence Rowe.
* Added #cert and #key aliases for Net::HTTP compatibility. Pull request
#26 by dlee.
* The artifice gem now disables SSL session reuse to prevent breakage of
testing frameworks. Pull Request #29 by Christopher Cooke.
* Disabled Net::HTTP::Persistent::SSLReuse on Ruby 2+. This feature is now
built-in to Net::HTTP.
* Bug fixes
* Socket options are set again following connection reset. Pull request #28
by cmaion.
* #shutdown now works even if no connections were made. Pull Request #24 by
James Tucker.
* Updated test RSA key size to 1024 bits. Bug #25 by Gunnar Wolf.
* The correct host:port are shown in the exception when a proxy connection
fails. Bug #30 by glebtv.
== 0.6.2 / 2012-09-27
* Minor enhancements
* Support HTTP PATCH method (Marjan Krekoten' #33)
* Preserve the exact query string when possible (Paul Grayson #63)
* Add a #delete method to CookieJar (Paul Grayson #63)
* Bug fixes
* Fix HTTP Digest authentication when the URI has query params
* Don't append default ports to HTTP_HOST (David Lee #57)
- Bug 3622: peerClearRRStart scheduling multiple events
- Bug 3615: configure check for default max number of FDs is broken
- Bug 3607: --enable-auth documented default action incorrect
- Bug 3593: socket failure: Address family not supported by protocol
- Bug 3584: Detection of setresuid() is broken
- Bug 3568: Consolidate external_acl_type config dumping and add missing %%
- Bug 3564: eCAP not supporting CoAP URI schemes
- Bug 3484: Docs: sslproxy_cert_error example flawed
- Bug 3462: Delay Pools and ICAP
- Bug 3133: better fix: Memory leak handling requests for sites that don't
exist
- Bug 2976: ERR_INVALID_URL for transparently captured requests when
reconfiguring
- Silence IOS 15.1 unknown capabilities messages.
- Account for Store disk client quota when bandwidth-limiting the server.
- ... and several documentation fixes
- ... and several compile fixes
Highlights
* New Media Manager
+ Beautiful interface: A streamlined, all-new experience
+ Create galleries faster with drag-and-drop reordering,
inline caption editing, and simplified controls
+ Insert multiple images at once with Shift/Ctrl+click
* New Default Theme - Twenty Twelve
+ Simple, flexible, elegant
+ Mobile-first, responsive design
+ Gorgeous Open Sans typeface
+ Uses the latest Theme Features
* Admin Enhancements
+ New Welcome Screen
+ Retina-Ready (HiDPI) Admin
+ Hide Link Manager for new installs
+ Better accessibility for screenreaders, touch devices, and
keyboard users
+ More polish on admin screens, including a new color picker
* For Developers
+ WP_Comment_Query and WP_User_Query accept now meta queries
just like WP_Query
+ Meta queries now support querying for objects without a
particular meta key
+ Post objects are now instances of a WP_Post class, which
improves performance and caching
+ Multisite's switch_to_blog() is now significantly faster and
more reliable
+ WordPress has added the Underscore and Backbone JavaScript
libraries
+ TinyMCE, jQuery, jQuery UI, and SimplePie have all been
updated to the latest versions
+ Image Editing API for cropping, scaling, etc., that uses
ImageMagick as well as GD
+ XML-RPC: Now always enabled and supports fetching users,
managing post revisions, searching
+ New "show_admin_column" parameter for register_taxonomy()
allows automatic creation of taxonomy columns on associated post-types.
0.7.7
More fixes for App Engine, now less likely to swallow important exceptions.
Adding proxy_info_from_* methods to Python3. Reviewed in https://codereview.appspot.com/6588078/.
Added GeoTrust cert
Make httplib2.Http() instances pickleable. Reviewed in https://codereview.appspot.com/6506074/
The following issues have been fixed:
229 python3 httplib2 clobbers multiple headers of same key
230 Expose meaningful exception for App Engine URLFetch ResponseTooLargeError
231 Expose App Engine URLFetch DeadlineExceededError for debugging purposes
## Rails 3.2.9 (unreleased) ##
* Clear url helpers when reloading routes.
*Santiago Pastorino*
* Revert the shorthand routes scoped with `:module` option fix
This added a regression since it is changing the URL mapping.
This makes the stable release backward compatible.
*Rafael Mendonça França*
* Revert the `assert_template` fix to not pass with ever string that matches the template name.
This added a regression since people were relying on this buggy behavior.
This will introduce back #3849 but this stable release will be backward compatible.
Fixes#8068.
*Rafael Mendonça França*
* Revert the rename of internal variable on ActionController::TemplateAssertions to prevent
naming collisions. This added a regression related with shoulda-matchers, since it is
expecting the [instance variable @layouts](9e1188eea6/lib/shoulda/matchers/action_controller/render_with_layout_matcher.rb (L74)).
This will introduce back #7459 but this stable release will be backward compatible.
Fixes#8068.
*Rafael Mendonça França*
* Accept :remote as symbolic option for `link_to` helper. *Riley Lynch*
* Warn when the `:locals` option is passed to `assert_template` outside of a view test case
Fix#3415
*Yves Senn*
* Rename internal variables on ActionController::TemplateAssertions to prevent
naming collisions. @partials, @templates and @layouts are now prefixed with an underscore.
Fix#7459
*Yves Senn*
* `resource` and `resources` don't modify the passed options hash
Fix#7777
*Yves Senn*
* Precompiled assets include aliases from foo.js to foo/index.js and vice versa.
# Precompiles phone-<digest>.css and aliases phone/index.css to phone.css.
config.assets.precompile = [ 'phone.css' ]
# Precompiles phone/index-<digest>.css and aliases phone.css to phone/index.css.
config.assets.precompile = [ 'phone/index.css' ]
# Both of these work with either precompile thanks to their aliases.
<%= stylesheet_link_tag 'phone', media: 'all' %>
<%= stylesheet_link_tag 'phone/index', media: 'all' %>
*Jeremy Kemper*
* `assert_template` is no more passing with what ever string that matches
with the template name.
Before when we have a template `/layout/hello.html.erb`, `assert_template`
was passing with any string that matches. This behavior allowed false
positive like:
assert_template "layout"
assert_template "out/hello"
Now it only passes with:
assert_template "layout/hello"
assert_template "hello"
Fixes#3849.
*Hugolnx*
* Handle `ActionDispatch::Http::UploadedFile` like `Rack::Test::UploadedFile`, don't call to_param on it. Since
`Rack::Test::UploadedFile` isn't API compatible this is needed to test file uploads that rely on `tempfile`
being available.
*Tim Vandecasteele*
* Respect `config.digest = false` for `asset_path`
Previously, the `asset_path` internals only respected the `:digest`
option, but ignored the global config setting. This meant that
`config.digest = false` could not be used in conjunction with
`config.compile = false` this corrects the behavior.
*Peter Wagenet*
* Fix#7646, the log now displays the correct status code when an exception is raised.
*Yves Senn*
* Fix handling of date selects when using both disabled and discard options.
Fixes#7431.
*Vasiliy Ermolovich*
* Fix select_tag when option_tags is nil.
Fixes#7404.
*Sandeep Ravichandran*
* `javascript_include_tag :all` will now not include `application.js` if the file does not exists. *Prem Sichanugrist*
* Support cookie jar options (e.g., domain :all) for all session stores.
Fixes GH#3047, GH#2483.
*Ravil Bayramgalin*
* Performance Improvement to send_file: Avoid having to pass an open file handle as the response body. Rack::Sendfile
will usually intercept the response and just uses the path directly, so no reason to open the file. This performance
improvement also resolves an issue with jRuby encodings, and is the reason for the backport, see issue #6844.
*Jeremy Kemper & Erich Menge*
* CVE-2012-4431 is fixed in 7.0.32
Changelog:
Tomcat 7.0.34 (markt) 2012-12-12
Catalina
fix 53871: Improve error message if annotation scanning fails during web application start due to poor configuration or illegal cyclic inheritance with the application's classes. (markt)
fix Fix unit test for AccessLogValve when using non-GMT time zone. (rjung)
fix 54170: Ensure correct registration of Filters and Servlets in the JMX registry if the Filter or Servlet name includes a character that must be quoted if used in an ObjectName value. (markt)
add Add new attribute renameOnRotate to the AccessLogValve. (rjung)
fix 54190: Correct unit tests for BASIC authentication so that session timeout is correctly tested. Also refactor unit test to make it easier to add additional tests. Patch by Brian Burch. (markt)
fix 54220: Ensure the ErrorReportValve only generates an error report if the error flag on the response has been set. (markt)
fix Simplify time zone handling in the access log valve and correctly handle various edge cases for non-standard DST changes. (markt)
Web applications
fix 54198: Clarify that HttpServletResponse.sendError(int) results in an HTML response by default. (markt)
fix 54207: Correct JNDI factory package name in Javadoc for org.apache.naming.java.javaURLContextFactory. (markt)
jdbc-pool
code Fix a handful of Eclipse warnings in the JDBC pool source code including the warnings reported in 53565. (markt)
fix 54150: Make sure that SlowQueryReportJmx mbean deregistered during webapp shutdown. Reported by Alex Franken. (kfujino)
fix 54194: Make sure that connection pool mbean is not registered when jmxEnabled is false. Patch provided by tobias.gierke. (kfujino)
Other
update Update to Eclipse JDT Compiler 4.2.1. (markt)
Tomcat 7.0.33 (markt) 2012-11-21
Catalina
add 53960, 54115: Extensions to HttpClient test helper class. Patches by Brian Burch. (markt/kkolinko)
fix 53993: Avoid a possible NPE in the AccessLogValve when the session ID is logged and a session is invalidated. (markt)
fix Add support for LAST_ACCESS_AT_START system property to PersistentManager. (kfujino)
add Update MIME type mapping with additional / updated mime.types from the Apache web server. (markt)
fix 54007: Fix a memory leak that prevented deletion of a context.xml file associated with a Context that had failed to deploy. Also fix the problems uncovered with undeploying such a Context once the leak had been fixed and the file could be deleted. (markt)
fix 54044: Correct bug in timestamp cache used by logging (including the access log valve) that meant entries could be made with an earlier timestamp than the true timestamp. (markt)
fix 54054: Do not share shell environment variables between multiple instances of the CGI servlet. (markt)
fix 54060: Use a simple parser rather than a regular expression to parse HTTP Digest authentication headers so the header is correctly parsed. The new approach is also faster and generates less garbage. (markt)
fix 54068: Rewrite the web fragment ordering algorithm to resolve multiple issues that resulted in incorrect ordering or failure to find a correct, valid order. (markt)
update The HTTP header parser added to address 52811 has been removed and replaced with the light-weight HTTP header parser created to address 54060. The new parser includes a work-around for a bug in the Adobe Acrobat Reader 9.x plug-in for Microsoft Internet Explorer that was identified when the old parser was introduced (53814).
fix 54076: Add an alternative work-around for clients that use SPNEGO authentication and expect the authenticated user to be cached per connection (Tomcat only does this if an HTTP session is available). (markt)
fix 54087: Correctly handle (ignore) invalid If-Modified-Since header rather than throwing an exception. (markt)
fix 54096: In web.xml, <env-entry> should accept any type that has a constructor that takes a single String or char. (markt)
add 54127: Add support for sending a WebSocket Ping. Patch provided by Sean Winterberger. (markt)
fix In FormAuthenticator: If it is configured to change Session IDs, do the change before displaying the login form. (kkolinko)
fix Ensure AsyncListener.timeout() and AsyncListener.complete() are called with the correct thread context class loader. (fhanik)
fix 54123: If an asynchronous request times out without any AsyncListeners defined, a 500 error will be triggered. (markt)
fix 54124: Correct provided value of request attribute javax.servlet.async.request_uri and add missing request attribute javax.servlet.async.path_info. (markt)
add Add denyStatus initialization parameter to CsrfPreventionFilter, allowing to customize the HTTP status code used for denied requests. (kkolinko)
fix 54141: Increase the permitted number of nested Realm levels from 2 to 3 by default and make the limit configurable via a system property. (markt)
fix Revert occasional API change in BaseDirContext class that was done in 7.0.32. Methods should not be final. (kkolinko)
fix Prevent failures in the AccessLogValve when running under a SecurityManager and the first request received is an asynchronous one. (markt)
Coyote
fix Correct an issue that prevented WebSockets from being used over SSL when using the HTTP NIO connector. (markt)
fix 54022: Ensure the Comet END event is triggered on client disconnect with APR/native on Windows Vista/2k8 or later. Patch provided by Douglas Beachy. (markt)
fix 54067: Ensure responses with 1xx response codes are correctly marked as not containing an entity body. This caused an issue for some WebSocket clients when an Transfer-Encoding header was sent with the 101 (HTTP upgrade) response. (markt)
Jasper
code 53867: Optimise the XML escaping provided by the PageContext implementation. Based on a patch by Sheldon Shao. (markt)
code 53896: Use an optimised CompositeELResolver for Jasper that skips resolvers that are known to be unable to resolve the value. Patch by Jarek Gawor. (markt)
fix 53986: Correct a regression introduced by the fix for 53713. JSP comments that ended with the sequence ---%> (or any similar sequence with a odd number of - characters) was not correctly parsed. (markt)
fix 54011: Fix a bug in the tag plug-in for <c:out> that triggered a JSP compilation error if the escapeXml attribute was used. Patch provided by Sheldon Shao. (markt)
code Follow up to 5401. Simplify generated code for <c:out>. Based on a patch by Sheldon Shao. (markt)
fix 54012: Fix a bug in the tag plug-in infrastructure that meant the <c:set> triggered a JSP compilation error when used in a tag file. Based on a patch provided byx 54144: Fix a bug in the tag plug-in for <c:out> that meant that if the value of the tag evaluated to a java.io.Reader object then it was not correctly handled. (markt)
Cluster
fix Add getSessionIdsFull operation to mbeans-descriptor. listSpplications
add 54143: Add display of the memory pools usage (including PermGen) to the Status page of the Manager web application. (kkolinko)
Tribes
fix 54045: Make sure getMembers() returns available member when TcpFailureDetector fix Revert multiple operation support for the JMXProxyServlet pending further discussion. (schultz)
fix CVE-2012-4431: Fix bypass of CsrfPreventionFilter when there is no session. Improve session management in the filter. (kkolinko)
Web apit servlets (JSP and default) are marked as override-able when using embedded mode. (markt)
fix When the DefaultServlet is under heavy load, the HTTP header parser added to address 52811 generates large amounts of garbage and uses significant CPU time. A cache has been added that significantly reduces the overhead of this parser. (markt)
fix 53854: Make directory listings work correctly when aliases are used. (markt)
Jasper
code 53713: Performance improvement of up to four times faster parsing of JSP pages. Patch provided by Sheldon Shao. (markt)
Cluster
add Make the cluster members and the cluster deployer associated with the cluster accessible via JMX. (markt)
fix Fix a behavior of TcpPingInterceptor#uhread. If set to false, ping thread is never started. (kfujino)
Web applications
add Improve the documentation web application to clarify the difference between the tag and version parameters when using text interface of the Manager web application. (markt)
add Make sessions saved in the Store associated with a Manager that extends PersistentManager optionally visible (via the showProxySessions Servlet initialisation parameter in web.xml) to the Manager web application. (markt)
* Language
** Generalized client values in server code
** Injections into client sections
* Tools
** Added eliom-destillery for generating project scaffolds
** Support Eliom interface files (.eliomi) in eliomc, eliomdep
** eliomdep: Generate dependencies between eliom-modules
** eliomc: infer only with option -infer, drop option -noinfer
** eliomc: Basic support for -i on eliom-files
** eliom{c,dep,opt},js_of_eliom: -dump to output the intermediate code
** eliomc,js_of_eliom: always open Eliom_pervasives in eliom files
* API
** Eliom_pervasives.server_function to easily access the from the client
** Get current state of a scope
** Module to access values of Eliom references in external states
(Eliom_state.Ext)
** Scope names are now named scope hierarchies
** Iterate the scope hierarchy (group > session > client > request)
** Adding Eliom_parameter.(type_checker, neopt)
** Add functions to insert html5 in atom feeds
** Eliom_tools.{F,D}.html to ease creation of head-tag
** Eliom_tools.wrap_handler as an easy alernative to
Eliom_registration.Customize
** Test for initial request of a client on the server
* Changed server behaviour
** Eliom_state.discard_everything now also discards request state
** Don't send nodes as data when they are part of the document
* Changed client behaviour
** Show progress cursor during navigation with change_page
** Improved error messages
** Fail on the client when a [server_function] or call_caml_service
fails on the server
* Bugfixes
** Allow % for injections directly after parentheses
* Support dropped for
** Xhtml
** OCamlDuce
** Eliom_compatibility_2_1
* A myriade of bugfixes
* Relative filenames when not running as daemon
* Small change in ocsigen_lib: encoding of parameters with "
* fix Ocsigen_http_client.get_url (and other) first "/" was missing
* Installation: Do not try to chown files to a different user
* Fix error on make logrotate
* redirectmod: fixing default to permanent (as written in manual)
* Minor additions in the API
Also, the package was updated, mostly to use PLIST_VARS.
Version 1.8.3
-------------
This release mostly fixes support for IPv6, and also some security
bugs. Fixes to messages, etc. were also made.
Bugs resolved since version 1.8.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#91: Fix upstream proxy support
* BB#95: Fix FilterURLs with transparent proxy support
* BB#90: Fix bug in ACL netmask generation
Contributors
~~~~~~~~~~~~
Daniel Egger, John Horne, Michael Adam, Mukund Sivaraman.
Version 1.8.2
-------------
* Minor formatting changes and typo fixes were made.
Bugs resolved since version 1.8.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#69: INET6 not available when configured to Listen and Bind in v4,
and vice versa
* BB#74: tinyproxy unable to reopen log files after receiving HUP
* BB#78: Warn if configuration results in an open proxy
* BB#82: https access not working
* BB#83: run_tests.sh relies on $USER
* BB#84: Unaligned access error on ia64 and alpha
* BB#87: Unable to listen on ports less than 1024 (regression in 1.8.1)
* BB#88: Crashes when reloading configuration
* BB#89: tinyproxy leaks memory over time
Contributors
~~~~~~~~~~~~
Dmitry Semyonov, John van der Kamp, Jordi Mallach, Michael Adam,
Mukund Sivaraman.
Version 1.8.1
-------------
* Tinyproxy now drops `root` user privileges more quickly.
* The log and pid files are now stored in a sub-directory in `/var/`.
* A format string vulnerability was fixed.
* Minor formatting changes and typo fixes were made.
Bugs fixed since version 1.8.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#74: tinyproxy unable to reopen log files after receiving HUP
* BB#79: Make the testsuite uninteractive
* BB#80: Handle errors in testsuite
* BB#81: Listen directive doesn't work as expected
* BB#72: upstream support is not reported with tinyproxy -h
* BB#73: generated tinyproxy.conf has the wrong location for the html
file installation
Contributors
~~~~~~~~~~~~
Michael Adam, Mukund Sivaraman.
Version 1.8.0
-------------
* Tinyproxy now reloads its configuration upon SIGHUP signal.
* Tinyproxy reopens its log file (instead of truncation) upon SIGHUP
signal. This is to play more nicely with logrotate.
* File logging is now the default.
Syslog is chosen if and only if "SysLog Yes" is in the config,
i.e., a present "SysLog Yes" in the config file now overrides
any LogFile setting.
* The XTinyProxy option is now documented as a global boolean.
Before it was documented to build a list of sites to add a
X-Tinyproxy header for, but it was implemented as global boolean.
* A new config option AddHeader allows the user to configure a list of
custom headers to send in outgoing HTTP requests.
* A new config option DisableViaHeader allows the user to disable
sending of the "Via:" header.
* Tinyproxy is now IPv6 capable.
* The config option PidFile now has a compiled in default.
Bugs fixed since version 1.7.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#9: Add support for the IPv6 protocol
* BB#17: Add support for custom headers
* BB#55: Error message response omits body when request has a body
* BB#60: Add config option to disable Via header
* BB#61: SIGHUP does not refresh filter list
* BB#62: Make tinyproxy reload the config upon SIGHUP
* BB#64: Config parsing error with reverse proxy option
* BB#65: Format string compile warnings
* BB#67: ACL processing error with multiple Allow statements
Contributors
~~~~~~~~~~~~
David Shanks, Mathew Mrosko, Michael Adam, Mukund Sivaraman.
Version 1.7.1
-------------
* Fixed all warnings reported by GCC.
* The tinyproxy manpage has been extended and converted to asciidoc.
* There is a new tinyproxy.conf manpage that describes all the options.
* The build system has been considerably cleaned up.
* Various other bugs have been fixed.
Bugs fixed since version 1.7.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* BB#2: Fix Tinyproxy for requests like www.site.com:8001
* BB#5: Move templates from the doc directory to its own directory
* BB#8: Update README, INSTALL, NEWS and the manpage
* BB#10: Do not filter out transfer-encoding header
* BB#18: Fix pointer aliasing issues
* BB#53: Add a GPLv2 COPYING file
Contributors
~~~~~~~~~~~~
Andrew Stribblehill, Jeremy Hinegardner, Matthew Dempsky, Michael Adam,
Mukund Sivaraman, Robert James Kaes.
Version 1.7.0
-------------
* There is now support for reverse proxying.
* Tinyproxy does not bundle a vendor regular expressions library
anymore. It uses the system installed regular expressions library.
* The documentation has been updated.
* Tinyproxy now contains some code optimizations such as the use of a
hashmap internally for looking up error pages.
* Various other bugs have been fixed.
Contributors
~~~~~~~~~~~~
Kim Holviala, Marc Silver, Robert James Kaes, Steven Young.
Add more missing dependencies.
0.41
- Bugfixes
0.4
- Written tests
- HTTP::Server::EV::PortListener module
- Rewritten disk IO code. Now it can use built in perl functions or IO::AIO module.
- Fixed segfault when uploading zero size file
- Multipart processing callbacks.
- Coro support
0.31
- Fixed non ARRAY reference error when cgi->param called in list context with nonexistent param name
- Added explicit type-casting, no more compiler warnings
- Little documentation fix
* filecheck: Fix bug that prevented File::MimeInfo::Magic from ever
being used.
* openid: Display openid in Preferences page as a comment, so it can be
selected in all browsers.
management and manipulation functionality as well as a complete photo gallery
solution. The 2.x release adds more effects, including reflections and
transparent watermarks. It also introduces the ImageModel abstract base class
allowing developers to easily integrated the Photologue core functionality into
their own models. Photologue embraces the Django admin and smoothly integrates
with photo thumbnails and effect previews.
Fri Nov 9 21:36:46 CET 2012
Releasing libmicrohttpd 0.9.23. -CG
Thu Nov 8 22:32:59 CET 2012
Ship our own version of tsearch and friends if not provided by platform,
so that MHD works nicely on Android. -JJ
Mon Oct 22 13:05:01 CEST 2012
Immediately do a second read if we get a full buffer from
TLS as there might be more data in the TLS buffers even if
there is no activity on the socket. -CG
Tue Oct 16 01:33:55 CEST 2012
Consistently use "#ifdef" and "#ifndef" WINDOWS, and not
sometimes "#if". -CG
This release includes the following changes:
o metalink/md5: Use CommonCrypto on Apple operating systems
o href_extractor: new example code extracting href elements
o NSS can be used for metalink hashing [13]
This release includes the following bugfixes:
o Fix broken libmetalink-aware OpenSSL build
o gnutls: fix the error is fatal logic [1]
o darwinssl: un-broke iOS build, fix error on server disconnect
o asyn-ares: restore functionality with c-ares < 1.6.1 [2]
o tlsauthtype: deal with the string case insensitively [3]
o Fixed MSVC libssh2 static build
o evhiperfifo: fix the pointer passed to WRITEDATA [6]
o BUGS: fix the bug tracker URL [4]
o winbuild: Use machine type of development environment
o FTP: prevent the multi interface from blocking [5]
o uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
o httpcustomheader.c: free the headers after use
o fix >2000 bytes POST over NTLM-using proxy [7]
o redirects to URLs with fragments [8]
o don't send '#' fragments when using proxy [9]
o OpenSSL: show full issuer string [10]
o fix HTTP auth regression [11]
o CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value [12]
o ftp: EPSV-disable fix over SOCKS [14]
o Digest: Add microseconds into nounce calculation [15]
o SCP/SFTP: improve error code used for send failures
o SSL: Several SSL-backend related fixes
o removed the notorious "additional stuff not fine" debug output
o OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack
o FILE: Make upload-writes unbuffered
o custom memory callbacks failure with HTTP proxy (and more) [16]
o TFTP: handle resends
o autoconf: don't force-disable compiler debug option
o winbuild: Fix PDB file output [17]
o test2032: spurious failure caused by premature termination [18]
o memory leak: CURLOPT_RESOLVE with multi interface [19]
Changelog:
5.6.0.2 Release Notes
Behavioral Improvements
Improvements to ccm.app.css and ccm.app.js for coexistence with full bootstrap themes. Broke bootstrap.js into a separate JavaScript file.
Bug Fixes
Fixed bugs where certain block dialogs and add stack dialog were blank in IE8.
Fixed IE bugs where the sub-toolbar status bar wouldn¡Çt display
fixed inability to use page picker when register globals was on.
Fixed bug where deleting alias would delete source page (again).
fixing bug where blocks would disappear when adding a layout if the cache was on.
fix bug in simple permissions display when working with deleted groups.
Fixed blank file manager window in IE8.
Attempting to solve intermittent error in PagePermissionAssignments messages that happen on certain upgrades.
Fixed error when using group combinations on basic workflow.
Better permissions upgrading when using simple permissions.
Guestbook comments will now no longer be removed on update of guestbook block.
Attempting to solve ¡ÈIllegal Mix of Collations¡É MySQL error that can affect some setups when previewing pages.
Fixed: http ://www.concrete5.org/index.php?cID=380195
File manager saved search cosmetic improvements.
Removed old code from user avatar uploader that could cause problems if used maliciously.
Fixed bug where Schedule Guest Access would remove all but guest users from view permission.
http://www.concrete5.org/developers/bugs/5.6.0.1/getpermissionobject-incompatibles-between-5.5.x-and-5.6.x/
Pretty URLs are now honored in the Next/Previous block.
Fixed: http://www.concrete5.org/developers/bugs/5.6.0.1/wrong-notice-in-file-permissions-dialogue/
Fixed error where setting custom groups on Access User Search or Assign User Groups permission results in showing one group repeated over and over.
Added legacy getPermissionsObject back to Block Controller to fix Reviews add-on, others.
Fixed typo in the form block (Thanks Remo).
Fixing the error in loading the editor when using custom code and the Concrete TinyMCE theme.
Upstream changes:
MediaWiki 1.20.2
This is a maintenance release of the MediaWiki 1.20 branch
[edit]Changes since 1.20.1
(bug 42638) Fix API action=options&reset=1 & unit tests.
(bug 42370) Fixed backport of 60cc060 to use mDoneWrites.
Changelog:
Version 4.5.4 Dec 3th 2012
Fix a regression for system where output buffering is disabled
Fix a problem with old file versions stored in the filesystem cache
Fix group and subadmin ajax bug
Important LDAP fix
Improved Updater
Changelog:
The Select Addresses dialog came up blank if opened from a Compose window with a single To/Cc/Bcc field filled in (bug 814770).
A change to the User Agent string has been reverted since it caused some website incompatibilities (bug 816749).
Information failed to show on the message header pane under certain circumstances (bug 803322).
The display quality of fonts could be perceived as bad when Cleartype was turned off on Windows (bug 814101).
The permissions database was not read completely if it included an invalid entry (bug 814554).
