=== RELEASE 2.1pre36 ===
Tue May 13 04:04:47 MET 2008 mikulas:
Fixed crash that was introduced with Sun May 4 20:13:21 MET 2008 fix
Mon May 12 23:26:51 MET 2008 mikulas:
Blacklist another broken HTTP/1.1 server - Apache Sausalito
Fri May 9 04:06:47 MET 2008 mikulas:
Take downloaded file name from Content-Type; name argument, if it exists
Also, get encoding information from Content-Type/Content-Disposition
filename
=== RELEASE 2.1pre35 ===
Mon May 5 20:06:19 MET 2008 mikulas:
The fix from Sun May 4 20:13:21 MET 2008 broke loading of animated gifs
=== RELEASE 2.1pre34 ===
Sun May 4 21:18:15 MET 2008 mikulas:
Allow displaying large images in xwindow (that do not fit into xserver
memory)
Sun May 4 20:13:21 MET 2008 mikulas:
Fixed image was sometimes not redrawn, when connection was interrupted
in the middle and resumed
Sun May 4 17:52:29 MET 2008 Ben Secrest <blsecres@gmail.com>:
Don't change Xwindow class
Wed Apr 16 03:10:02 cet 2008 Didier Mequignon <didiermequignon@wanadoo.fr>:
Updated French translation
Wed Mar 26 20:50:32 MET 2008 mikulas:
Fixed crash in text mode with small window height and bookmarks
Sat Mar 22 22:01:15 MET 2008 mikulas:
Accept </> as an empty tag
Thu Mar 20 22:47:09 CET 2008 mikulas:
Accept alternate description attributes for image buttons
Thu Mar 20 04:36:45 MET 2008 mikulas:
Fixed the bug that when displaying source, some html entities were
errorneously translated
Thu Mar 20 04:30:52 MET 2008 mikulas:
Added fallback for ‑ entity
Thu Mar 13 22:43:48 CET 2008 mikulas:
Allow multiple WWW-Authenticate headers
While here, add DESTDIR support and more adapt sample config file to default settings.
* Version 0.6.3 (30 March 2008)
- Fixed a possible race condition concerning the check for the
right symlink owner.
- Added checks for the owner of the parent directories were added.
* Version 0.6.2 (19 November 2006)
- Made mod_suphp compatible with Apache 2.2
- Modified SmartPtr implementation (hopefully) fixing
double free problem
- Fixed problem that caused the process to block
when more than 4096 were written to stderr
- Implemented userdir support
- Fixed problem with PATH_INFO and PHP scripts
* Version 0.6.1 (26 November 2005)
- Changed usage of STL to gain better compatibility with old GCC versions
(credits to Jeremy Chadwick for finding the relevant code)
- Fixed typos in mod_suphp.c (Apache 1.3)
(credits to Johan Ekenberg for finding these typos)
- Fixed potential buffer overflow in function suphp_bucket_read() in
src/apache2/mod_suphp.c
- Fix problems with scripts sending "Last-Modified" headers
- Extended autoconf script to look for an installation of APR
and to use its includedir when building mod_suphp for Apache 2
- Added support for chroot() call before execution of script
Zope 2.10.6 (2008/05/10)
Bugs fixed
Launchpad #142350: Display description for properties as row title, if present.
Launchpad #200007: DateTime(anotherDateTime) now preserves the timezone.
Launchpad #213311: Handle "unsubscriptable object" errors during publishing traversal.
Launchpad #143813: zopectl now exits non-zero when child processes fail.
Launchpad #173658: Removed dead code in OFS.Traversable's unrestrictedTraverse (apparent NameError).
Launchpad #198274: "empty" ZopePageTemplates could not be unpickled.
zope.security: switched to use standalone 3.3.3 version, which contains a backport of a huge performance bugfix from the 3.4 branch.
Launchpad #164783: Indexes were migrated on initial creation of a ZODB.
Zope 2.9.9 (2008/05/10)
Bugs fixed
Launchpad #142350: Display description for properties as row title, if present.
Launchpad #200007: DateTime(anotherDateTime) now preserves the timezone.
Launchpad #143813: zopectl now exits non-zero when child processes fail.
Launchpad #143748: remove broken use of logging module in Products.Five.fiveconfigure.handleBrokenProduct. Fixed by upgrading to Products.Five 1.3.11.
Launchpad #147201: treat container-class in zope.conf as a string, making it possible to use types from extra products directories.
Collector #2287: form :record objects did not implement enough of the mapping protocol.
Collector #2346: username logging in FCGI crashed the server
Collector #2332: SessionDataManger: don't swallow ConflictErrors
Collector #146408: fixed broken logger call in Transience.py
- re-supported DnD to bookmark folder in toolbar.
- Print copied string in Statusbar when CopyInUserFormat action is executed.
- Make it work with xulrunner 1.9.
- Resupported thumbnails.
- New German translation.
- RSS with CDATA is now parsed correctly.
- Fixed a crash when preference dialog is opened.
- HyperEstraier ANDNOT support.
- Various GTK/glib related bugfixes.
:Q operator in CONFIGURE_ARGS removed as suggested by rillig and pkglint.
Stop lying and drop maintainership of these packages. I have not
maintained them for a very long time already, so leave room for
fresh blood to take over them.
Upgrade to 2.44. Many changes. Here are a couple of them:
* The security fix in the last release had buggy handling of data:image,
now fixed. Closes: #465110 (CVE-2008-0808, CVE-2008-0809)
* htmlscrubber security fix: Block javascript in uris.
Adds new tool: ikiwiki-transition
No longer installs rst and externaldemo plugins.
Add patch based on bugs I found -- both fixes are now upstream.
HTML::StripScript
===========
This module strips scripting constructs out of HTML, leaving as much
non-scripting markup in place as possible. This allows web applications
to display HTML originating from an untrusted source without introducing
XSS (cross site scripting) vulnerabilities.
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
1.30 November 26, 2007
Added t_write_test_lib for temporary testing packages
[Fred Moyer <fred@redhotpenguin.com>]
Fix syntax error in generated PHP files t/conf/*.php.in
[Philippe M. Chiasson]
Add bwshare.so to the list of modules to not inherit b/c
it rate limits requests to less then that of a test suite.
PR: 25548
[imacat <imacat@mail.imacat.idv.tw>]
Add EXTRA_CFLAGS to c-module building if defined in the environment
[Geoffrey Young]
1.20 Wed Mar 12 23:56:11 CDT 2008
-----------------------------------
[FIXES]
stuff_inputs() used to do nothing. Now it works.
http://code.google.com/p/www-mechanize/issues/detail?id=9
Fixed punctuation in some error messages.
Fixed compatibility with WWW::Mechanize 1.36.
1.18 Thu Dec 6 10:12:14 CST 2007
------------------------------------
[ENHANCEMENTS]
Added default descriptions for most test assertions.
[FIXES]
HTML::Lint is now properly optional.
Added delays in all the tests that use HTTP::Server::Simple to give
it time to correctly fire up.
1.16 Mon Oct 29 15:34:21 CDT 2007
------------------------------------
[ENHANCEMENTS]
Added $mech->post_ok(). Thanks, Greg Sheard.
Added $mech->submit_form_ok(). Thanks, Mark Stosberg.
Added $mech->html_lint_ok()
[FIXES]
Fixed some bugs that were causing test failures.
1.14 Fri May 11 16:22:02 CDT 2007
------------------------------------
[FIXES]
Fixes test failures. Thanks to Mark Blackman for RT #26602:
The module tests currently spawn a server (based on
HTTP::Server::Simple::CGI) which is killed when a __DIE__
signal is received, normally only when the invoking
perl dies. However, as perlvar makes clear, the __DIE__
signal is received when eval blocks die as well. The
new version (1.22) of WWW::Mechanize now calles
HTTP::Message::decoded_content which calls Encode.pm
which has a eval block that require's Encode::ConfigLocal
which is usually not present, so the eval dies and the
HTTP server is killed as soon as the $mech object tries
to do a 'get'. It's simple to use a system variable,
$^S to find out if the __DIE__ signal is being called
for an eval so we ignore that case with the patch
attached.
The stuff_inputs() function now actually works.
[DOCUMENTATION]
* Made the synopsis show that T:W:M doesn't take the tests=>$x
like other Test::* modules. It'd be nice if it did, though.
0.31 Sun Mar 16 20:51:04 EDT 2008
* Test suite parallelization fixes. Thanks to Slaven Rezic
0.30 Tue Mar 11 12:14:24 EDT 2008
* Minor doc fix from Paul Miller.
* Fixing doc style from "$this" to "$self" like any self-respecting perl code
0.29 Fri Feb 15 11:43:29 EST 2008
* new example section from almut on perlmonks
0.28 Tue Jan 15 09:33:58 EST 2008
* New restartability support from Mark Stosberg
After reviewing the code in HTTP::Server::Simple,
Catalyst::Engine::HTTP and HTTP::Server::Brick, I found and
implemented an updated signal handling approach that I like and
understand, and actually works.
The current code restarted immediately if a SIGHUP came in, no
matter what was happening, including if a request was in process of
being fulfilled.
The new code works more like "apachectl graceful". It waits for the
current request cycle to finish, and then restarts the server.
This code has to be integrated in the core, but its just about
the same amount of signal handling code that was there... it just
works better. It's also written in such a way I think subclass/mixin
authors could rewrite just these parts if they wanted.
Also, it looks like a Net::Server based sub-class would already be
doing its own thing with SIGHUP handling, and should continue to
be unaffected.
1.86 2008-02-01 by Alexandr Ciornii
- Default number of semaphores for *BSD is 8 in Apache::Session::Lock::Semaphore
1.85_01 2008-01-24 by Alexandr Ciornii
- typos corrected (catched by Gerald Fox)
- more tests and diag in 99semaphore.t
- no warning "disconnect invalidates 2 active statement" in
Apache::Session::Lock::MySQL by Tony Cook (RT#32148)
1.85 2007-12-20 by Alexandr Ciornii, Perl 20th birthday version
- mention Catalyst::Plugin::Session, Session
1.84_01 2007-11-26 by Alexandr Ciornii (alexchorny AT gmail.com)
- Added Apache::Session::Lock::Semaphore::remove to remove semaphore
- 99flex.t will remove semaphore (RT#30440)
- 99flex.t should work on 5.6.1 again (no chdir now)
- 99flex.t will clean all temporary files (RT#30209)
- pod.t included in MANIFEST
- cleaner tests
1.84 2007-10-02 by Alexandr Ciornii (alexchorny AT gmail.com)
- Added constant.pm to the list of prerequisites
- Jeffrey W. Baker, Casey West, Alexandr Ciornii, Oliver Maul agreed to
change license of all files to Perl license
Alexandr Ciornii agrees to relicense to Artistic 2.0 in future if needed.
- 99flex.t will be skipped on *bsd and Solaris
1.83_01 2007-08-03 by Alexandr Ciornii
- better handling of Storable errors by Rick Delaney (RT#27476)
1.83=1.82_05 2007-05-25
1.82_05 2007-05-14 by Alexandr Ciornii
- skipping part of 99flex.t on NetBSD
1.82_04 2007-04-27 by Alexandr Ciornii
- More diagnostics in Apache::Session::Lock::Semaphore::acquire_write_lock,
acquire_read_lock
- Did not increment modules versions in previous versions of distribution
- Apache::Session::Lock::Semaphore can work with private semaphore
- 99flex.t will use private semaphore
- 99dbfile.t, 99dbfilestore.t - added undef (for RT#6216)
1.82_03 2007-03-12 by Alexandr Ciornii
- Apache::Session::Lock::File checks flock success (RT#6936)
- Apache::Session::Lock::File will not change to shared lock if write
lock is in effect and read lock is requested (RT#7072)
- 99dbfile.t, 99dbfilestore.t - added untie (for RT#6216)
- Apache::Session::Lock::Semaphore will check for $Config{d_semget} and
cygserver
1.82_02 2007-03-11 by Alexandr Ciornii
- 99semaphore.t, 99flex.t will be skipped if $Config{d_semget}==undef,
patch by Slaven Rezic
- Removed redundant code in 99filelock.t
- Removed unnecessary skip in 99nulllock.t
- Added file 'Contributing.txt'
- Apache::Session - mention CGI::Session
- Request in Makefile.PL
1.82_01 2007-03-10 by Alexandr Ciornii
- Applied part of patch of SREZIC (Slaven Rezic), RT#3670,
more diagnostics on failing file operations (Apache::Session::Lock::File,
Apache::Session::Store::DB_File, Apache::Session::Store::File)
- RT#1251, ModUniqueId.pm, ModUsertrack.pm - small error in Carp usage,
by Slaven Rezic
- 99flex.t will be skipped on perls earlier than 5.8 (RT#16539)
- Requires Storable (core from 5.7.3), as it is almost useless without it
2.0.4 April 16, 2008
Fix $r->location corruption under certain conditions
[Gozer]
Fix a crash when spawning Perl threads under Perl 5.10
[Gozer]
Fix erratic behaviour when filters were used with Perl 5.10
[Gozer]
Fix problems with redefinitions of perl_free as free and perl_malloc
as malloc on Win32, as described at
http://marc.info/?l=apache-modperl&m=119896407510526&w=2
[Tom Donovan]
Fix a crash when running a sub-request from within a filter where
mod_perl was not the content handler. [Gozer]
Refactor tests to use keepalives instead of same_interp [Gozer, Phred]
Apache2::Reload has been moved to an externally maintained
CPAN distribution [Fred Moyer <fred@redhotpenguin.com>]
PerlCleanupHandler are now registered with a subpool of $r->pool,
instead of $r->pool itself, ensuring they run _before_ any other
$r->pool cleanups [Torsten Foertsch]
Fix a bug that would prevent pnotes from being cleaned up properly
at the end of the request [Torsten Foertsch]
On Win32, embed the manifest file, if present, in mod_perl.so,
so as to work with VC 8 [Steve Hay, Randy Kobes]
Expose apr_thread_rwlock_t with the APR::ThreadRWLock module
[Torsten Foertsch]
Don't waste an extra interpreter anymore under threaded MPMs when using a
modperl handler [Torsten Foertsch]
Fix a bug that could cause a crash when using $r->push_handlers() multiple
times for a phase that has no configured handlers [Torsten Foertsch]
Catch up with some httpd API changes
2.2.4:
The full server version information is now included in the error log at
startup as well as server status reports, irrespective of the setting
of the ServerTokens directive. ap_get_server_version() is now
deprecated, and is replaced by ap_get_server_banner() and
ap_get_server_description(). [Jeff Trawick]
2.3.0:
ap_get_server_version() has been removed. Third-party modules must
now use ap_get_server_banner() or ap_get_server_description().
[Gozer]
fixed Apache2::compat Apache2::ServerUtil::server_root() resolution
issues [Joshua Hoblitt]
*) SECURITY: CVE-2007-1349 (cve.mitre.org)
fix unescaped variable interprolation in regular expression
[Randal L. Schwartz <merlyn@stonehenge.com>, Fred Moyer <fred@redhotpenguin.com>]
Make $r->the_request() writeable
[Fred Moyer <fred@redhotpenguin.com>]
fix ModPerl::RegistryCooker::read_script to handle all possible
errors, previously there was a case where Apache2::Const::OK was
returned on an error. [Eivind Eklund <eeklund@gmail.com>]
a minor compilation warning resolved in modperl_handler_new_from_sv
[Stas]
a minor compilation warning resolved in modperl_gtop_size_string
[Stas]
Prevent direct use of _deprecated_ Apache2::ReadConfig in
<Perl> sections with httpd Alias directives from
incorrectly generating
'The Alias directive in xxxxx at line y will probably never match'
messages.
[Philip M. Gollucci <pgollucci@p6m78g.com>]
Prevent Apache2::PerSections::symdump() from returning invalid
httpd.conf snippets like 'Alias undef'
[Philip M. Gollucci <pgollucci@p6m78g.com>]
Require B-Size 0.9 for Apache2::Status which fixes
Can't call method "script_name" on an undefined value
[Philip M. Gollucci <pgollucci@p6m78g.com>]
-march=pentium4 or anything with an = in it in CCFLAGS or @ARGV
that gets passed to xs/APR/APR/Makefile.PL broke the @ARGV
parsing. I.E. FreeBSD port builds when users had CPUTYPE
set in /etc/make.conf.
[Philip M. Gollucci <pgollucci@p6m7g8.com>]
Fixes to get bleed-ithread (5.9.5+) to comile again.
[Philip M. Gollucci <pgollucci@p6m7g8.com>]
2008-04-16 Gisle Aas <gisle@ActiveState.com>
Release 5.812
Gisle Aas (6):
Typo fix.
Simplified Net::HTTP::Methods constructor call.
Croak if Net::HTTP constructor called with no argument.
Avoid calling $self->peerport to figure out what the port is.
5.811 breaks SSL requests [RT#35090]
Make test suite compatible with perl-5.6.1.
Toru Yamaguchi (1):
Wrong treatment of qop value in Digest Authentication [RT#35055]
2008-04-14 Gisle Aas <gisle@ActiveState.com>
Release 5.811
Gisle Aas (6):
Avoid "used only once" warning for $Config::Config.
Make HTTP::Request::Common::PUT set Content-Length header [RT#34772]
Added the add_content_utf8 method to HTTP::Message.
Typo fix.
Retry syscalls when they fail with EINTR or EAGAIN [RT#34093,32356]
Allow HTTP::Content content that can be downgraded to bytes.
Gavin Peters (1):
HTML::Form does not recognise multiple select items with same name [RT#18993]
Mark Stosberg (1):
Document how HTTP::Status codes correspond to the classification functions [RT#20819]
Robert Stone (1):
Allow 100, 204, 304 responses to have content [RT#17907]
sasao (1):
HTTP::Request::Common::POST suppressed filename="0" in Content-Disposition [RT#18887]
2008-04-08 Gisle Aas <gisle@ActiveState.com>
Release 5.810
Gisle Aas (10):
Small documentation issues [RT#31346]
Explain $netloc argument to $ua->credentials [RT#31969]
Make lwp-request honour option -b while dumping links [RT#31347]
Ignore params for date convenience methods [RT#30579]
Get rid of all the old CVS $Keyword:...$ templates. Set $VERSION to 5.810.
Update Copyright year.
Drop some sample URLs that were failing.
Complement the HTTP::Status codes [RT#29619]
Don't allow HTTP::Message content to be set to Unicode strings.
Refactor test for Encode.pm
Ville Skytta (3):
Spelling fixes [RT#33272]
Trigger HTML::HeadParser for XHTML [RT#33271]
Escape status line in error_as_HTML, convert to lowercase [RT#33270]
Alexey Tourbin (2):
Typo fix [RT#33843]
Protocol/file.pm: postpone load of URI::Escape and HTML::Entities [RT#33842]
Daniel Hedlund (1):
HTML::Form Module and <button> element clicks
Adam Kennedy (1):
HTTP::Cookies handle malformed empty Set-Cookie badly [RT#29401]
Jacob J (1):
[HTTP::Request::Common] Does not handle filenames containing " [RT#30538]
Rolf Grossmann (1):
Allow malformed chars in $mess->decoded_content [RT#17368]
FWILES (1):
Croak if LWP::UserAgent is constructed with hash ref as argument [RT#28597]
Adam Sjogren (1):
Disabled, checked radiobutton being submitted [RT#33512]
DAVIDRW (1):
warn if TextInput's maxlength exceeded [RT#32239]
www/htmldoc
www/htmldoc-x11
The latter is now just www/htmldoc built with a specific set of options.
Changes include:
+ Add options.mk that supports a new option:
htmldoc-gui Build with GUI support
+ Remove Makefile.common and move all logic into htmldoc/Makefile and
htmldoc/options.mk.
+ Add full DESTDIR support.
+ Bump the PKGREVISION for htmldoc and htmldoc-x11 to 7. Both packages
now track and use the same PKGREVISION number.
it any longer.
Fixes build problem in evolution:
> ===> Creating toolchain wrappers for evolution-2.22.1
> ERROR: libgnomeprintui is not installed; can't buildlink files.
Bump BUILDLINK_ABI_DEPENDS.gtkhtml314 for dependency change.
