- A major revision of memory management to limit memory usage by slon
daemons.
- Log switching: periodically
- pg_listener is now used dramatically less than it used to be, which
diminishes the number of dead tuples you will find in this table.
- DDL scripts are broken into individual statements
- Slony-I tables are now marked "WITHOUT OIDS" so that they do not
consume OIDS.
- When possible (based on log switching functionality), partial
indexes on sl_log_1 and sl_log_2 are created on a per-origin-node
basis.
- More...
* Fix crash when referencing NEW row values in rule WHERE expressions
(Tom)
* Fix core dump when an untyped literal is taken as ANYARRAY
* Fix mishandling of AFTER triggers when query contains a SQL
function returning multiple rows (Tom)
* Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause
(Tom)
* Fix string_to_array() to handle overlapping matches for the
separator string
For example, string_to_array('123xx456xxx789', 'xx').
* Fix corner cases in pattern matching for psql's \d commands
* Fix index-corrupting bugs in /contrib/ltree (Teodor)
* Numerous robustness fixes in ecpg (Joachim Wieland)
* Fix backslash escaping in /contrib/dbmirror
* Fix instability of statistics collection on Win32 (Tom, Andrew)
* Fixes for AIX and Intel compilers (Tom)
* Disallow aggregate functions in "UPDATE" commands, except within
sub-SELECTs (Tom)
The behavior of such an aggregate was unpredictable, and in 8.1.X
could cause a crash, so it has been disabled. The SQL standard does
not allow this either.
* Fix core dump when an untyped literal is taken as ANYARRAY
* Fix core dump in duration logging for extended query protocol when
a "COMMIT" or "ROLLBACK" is executed
* Fix mishandling of AFTER triggers when query contains a SQL
function returning multiple rows (Tom)
* Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause
(Tom)
* Fix string_to_array() to handle overlapping matches for the
separator string
For example, string_to_array('123xx456xxx789', 'xx').
* Fix to_timestamp() for AM/PM formats (Bruce)
* Fix autovacuum's calculation that decides whether "ANALYZE" is
needed (Alvaro)
* Fix corner cases in pattern matching for psql's \d commands
* Fix index-corrupting bugs in /contrib/ltree (Teodor)
* Numerous robustness fixes in ecpg (Joachim Wieland)
* Fix backslash escaping in /contrib/dbmirror
* Minor fixes in /contrib/dblink and /contrib/tsearch2
* Efficiency improvements in hash tables and bitmap index scans (Tom)
* Fix instability of statistics collection on Win32 (Tom, Andrew)
* Fix statement_timeout to use the proper units on Win32 (Bruce)
In previous Win32 8.1.X versions, the delay was off by a factor of
100.
* Fixes for MSVC and Borland C++ compilers (Hiroshi Saito)
* Fixes for AIX and Intel compilers (Tom)
Changes:
2006-08-24 Mikio Hirabayashi
- Makefile was modified to assure portability.
- Silent flag was added to the C++ API, the Java API, and the Ruby API.
- Release: 1.8.71
libgnomedb_entry_builtin_plugins.so.4.0.0 links with libssl, and if
PREFER.openssl=pkgsrc then it should link with Pkgsrc libssl. Without
including security/openssl, it links with /usr/lib/libssl.so instead.
libgnomedb 1.9.103, 2006-09-03
------------------------------
- Re-implement the plugin feature for custom GnomeDbDataEntry widgets
and GtkCellRenderer objects (Vivien)
- Better integration with Glade-3 (Daniel Espinosa)
- Enable table contents modifications in the browser (Carlos)
- Improved testing program (Vivien)
- New widget to represent DDL queries in a generic way (from
each provider's specifications) (Vivien)
- Fixed#336982 (Thomas)
- Bug fixes
- Translations:
- new Lithuanian (lt) translation (Gintautas Miliauskas)
- removed the obsolete no translation (Kjartan Maraas)
- vi (Clytie)
- fi (Ilkka)
- zh_HK, zh_TW (Chao-Hsiung Liao)
- eu (Iñaki)
- nb (Kjartan Maraas)
- es (Francisco Javier)
- fr (Marc-André Lureau)
- ru (Nickolay)
- de (Hendrik)
libgda 1.9.103, 2006-09-03
--------------------------
- Added Data Definition queries to be handled by the providers as no SQL standard exists
in this area (for the PostgreSQL, MySQL and SQLite providers which now implement database
creation and destruction, table creation and destruction, table renaming, and column addition
and removal) (Vivien, Bas)
- Reworked the database creation and destruction in a simpler way, and updated the API (Vivien)
- Improved the MDB (MS Access) provider (Vivien)
- GdaDict now uses a generic and extensible way of storing lists of objects it manages (Vivien)
- Specifications required to declare a new data source are now translatable (Vivien)
- Connections can now easily be opened without requiring to create a data source first (Vivien)
- Lots of documentation update
- Better usage of DTDs (Vivien)
- More consistant API (Murray, Vivien)
- Removed usage of GdaValue in favor of GValue
- Fixed bugs #329930, #337986, #338081, #328418, #319948, #332556, #337497 (Chris,
Thierry)
- Many bug fixes and small improvements (Murray, Rodrigo)
- Translations:
- new Lithuanian (lt) translation (Gintautas Miliauskas)
- vi (Clytie)
- fi (Ilkka)
- zh_HK, zh_TW (Chao-Hsiung Liao)
- eu (Iñaki)
- nb (Kjartan Maraas)
- es (Francisco Javier)
- fr (Marc-André Lureau)
- ru (Valek Filippov)
- de (Hendrik Richter)
- nl (Vincent van Adrighem)
- it (Marco Ciampa)
2006-08-18 Mikio Hirabayashi
- A bug of segmentation fault on BSD was fixed.
- A test command for checking multi thread safety was added.
- Release: 1.8.70
2006-08-15 Mikio Hirabayashi
- Mutex controll in C++ API became refined.
- Release: 1.8.69
2006-08-08 Mikio Hirabayashi
- A bug about memory alignment was fixed.
- A bug of handling meta data on big endian platforms was fixed.
- Release: 1.8.68
2006-08-05 Mikio Hirabayashi
- A bug about memory alignment was fixed.
- A bug about parsing MIME was fixed.
- Release: 1.8.67
2006-08-05 Mikio Hirabayashi
- The utility API was enhanced.
- Release: 1.8.66
2006-08-03 Mikio Hirabayashi
- The extended API was enhanced.
- The extended advanced API was enhanced.
- Release: 1.8.65
2006-07-28 Mikio Hirabayashi
- A bug of Makefile ralated to optimization was fixed.
- Release: 1.8.64
2006-07-24 Mikio Hirabayashi
- A lot of functions were replaced by macros.
- The utility API was enhanced.
- Release: 1.8.63
2006-07-20 Mikio Hirabayashi
- A lot of functions were replaced by macros.
- The URL resolver was to allow unescaped meta characters.
- The advanced API was enhanced.
- Release: 1.8.62
2006-07-14 Mikio Hirabayashi
- A bug of the size checking function of the extended API was fixed.
- The advanced API was enhanced.
- Release: 1.8.61
This is a bugfix release for the current production release family.
It replaces MySQL 5.0.24.
Changes from 5.0.24 to 5.0.24a:
MySQL 5.0.24 introduced an ABI incompatibility, which this release reverts.
Programs compiled against 5.0.24 are not compatible with any other version
and must be recompiled.
Closing of temporary tables failed if binary logging was not enabled.
For statements that have a DEFINER clause such as CREATE TRIGGER or
CREATE VIEW, long usernames or hostnames could cause a buffer overflow.
Pathname separator and device characters were not correctly parameterized
for NetWare, causing mysqld startup errors.
mysqld could crash when closing temporary tables.
Most notably this version includes fixes for:
http://secunia.com/advisories/21259/http://secunia.com/advisories/21506/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3469
* Packages changes:
the script mysqldumpslow had been moved from the mysql4-client to the
mysql4-server.
* Changes since last packaged version (4.1.20)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for more details):
This is a bugfix release for the recent production release family.
Functionality added or changed:
- For spatial data types, the server formerly returned these as
VARSTRING values with a binary collation. Now the server returns
spatial values as BLOB values. (Bug#10166)
- Added the --set-charset option to mysqlbinlog to allow the
character set to be specified for processing binary log files.
(Bug#18351)
- For a table with an AUTO_INCREMENT column, SHOW CREATE TABLE now
shows the next AUTO_INCREMENT value to be generated. (Bug#19025)
- A warning now is issued if the client attempts to set the
SQL_LOG_OFF variable without the SUPER privilege. (Bug#16180)
- The mysqldumpslow script has been moved from client RPM packages
to server RPM packages. This corrects a problem where mysqldumpslow
could not be used with a client-only RPM install, because it depends
on my_print_defaults which is in the server RPM. (Bug#20216)
Bugs fixed:
- Security fix: On Linux, and possibly other platforms using
case-sensitive filesystems, it was possible for a user granted
rights on a database to create or access a database whose name
differed only from that of the first by the case of one or more
letters. (Bug#17647)
- Security fix: If a user has access to MyISAM table t, that user
can create a MERGE table m that accesses t. However, if the user's
privileges on t are subsequently revoked, the user can continue to
access t by doing so through m. If this behavior is undesirable,
you can start the server with the new --skip-merge option to disable
the MERGE storage engine. (Bug#15195)
- Security fix: Invalid arguments to DATE_FORMAT() caused a server
crash. (CVE-2006-3469, Bug#20729) Thanks to Jean-David Maillefer
for discovering and reporting this problem to the Debian project
and to Christian Hammers from the Debian Team for notifying us of
it.
...
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for
the complete
bug fix list)
From changelog:
lbdb (0.32) unstable; urgency=low
* Change sort(1) syntax to cope with new versions of coreutils
(Closes: #368917).
* New version of mutt_ldap_query by Marc de Courville
<marc@courville.org> and other contributors.
* Extend lbdb_hostname() to get the domain name from resolv.conf. Thanks
to Gary Johnson <garyjohn@spk.agilent.com> for prividing this patch.
* m_muttalias: Allow \"...\" around real names of aliases. Thanks to
Erik Shirokoff <shiro@berkeley.edu> for providing this patch.
This fixes the problem reported by Petr Janda per PR port-i386/33974,
where getgr{ent,nam,gid} failed if there were many (> ~50) users
in a group.
bump PKGREVISION
Changes since version 5.0.22:
- Security fix: If a user has access to MyISAM table t, that user can
create a MERGE table m that accesses t. However, if the user's
privileges on t are subsequently revoked, the user can continue to
access t by doing so through m. If this behavior is undesirable, you
can start the server with the new --skip-merge option to disable the
MERGE storage engine. (Bug#15195)
- In the INFORMATION_SCHEMA.ROUTINES table the ROUTINE_DEFINITION
column now is defined as NULL rather than NOT NULL. Also, NULL rather
than the empty string is returned as the column value if the user does
not have sufficient privileges to see the routine
definition. (Bug#20230)
- Several other bug fixes
ocaml-mysql is a package for ocaml that provides access to mysql
databases. It consists of low level functions implemented in C and a
module Mysql intended for application development.
The pwd command for server mode was added. Logarithmic graphs were revisited. GPRINT can now access the time component of VDEF values. DNAN and DINF are much faster through caching. Many bugs were killed.
since they always need a C compiler, even when the source code is
completely in C++.
For some other packages, stated in the comment that a C compiler is
really not needed.
1.01 06/04/2006
- Re-release as non developer release.
No changes from 1.00_01.
1.00_01 05/29/2006
- As DBI has supported only perl 5.6.0 since 2003
v1.38 Apache::DBI now requires perl 5.6.0 as well.
- Fix a plethora of uninitialized variable warnings,
general code cleanup, don't import unneeded symbols
from Carp, Digest::SHA1, and Digest::MD5
- http://rt.cpan.org/Ticket/Display.html?id=17073
$sth->rows is inconsistent across DBD::* drivers
and sometimes always returns 0. We were using
this to distinguish between a blank password and
no passwd. Now we don't call this function.
- http://rt.cpan.org/Ticket/Display.html?id=17422
a fatal error involving mp1, mp2 constants co-existance
was fixed in AuthDBI.
- http://rt.cpan.org/Ticket/Display.html?id=17446
under mod_perl 2, the check to skip caching connections
at server startup was broken; thus, causing children
to incorrectly share dbh handles with the parent.
- http://rt.cpan.org/Ticket/Display.html?id=19491
a critical return was missing connect() under mod_perl2
- Moved module's repository to its new home in SVN from CVS
http://svn.perl.org/modules/Apache-DBI
had actually been ignoring LTCONFIG_OVERRIDE anyway and just using
the default LIBTOOL_OVERRIDE to replace libtool scripts in packages.
This just formalizes the fact that LTCONFIG_OVERRIDE is not used
meaningfully by pkgsrc.
2006-06-03 Mikio Hirabayashi
- The basic API was enhanced.
- The extended API was enhanced.
- The advanced API was enhanced.
- Multiple cursor class is now supported on the java API.
- Release: 1.8.60
2006-05-30 Mikio Hirabayashi
- The basic API was enhanced.
- The extended API was enhanced.
- The advanced API was enhanced.
- A bug of Makefile for Mac OS X support was fixed.
- Release: 1.8.59
2006-05-28 Mikio Hirabayashi
- The basic API was enhanced.
- The advanced API was enhanced.
- Release: 1.8.58
2006-05-20 Mikio Hirabayashi
- The basic API was enhanced.
- The utility API was enhanced.
- Release: 1.8.57
2006-05-17 Mikio Hirabayashi
- A bug of URL decoder was fixed.
- Release: 1.8.56
2006-05-15 Mikio Hirabayashi
- The extended API was enhanced.
- The utility API was enhanced.
- Release: 1.8.55
2006-05-15 Mikio Hirabayashi
- The basic API was enhanced.
- Release: 1.8.54
2006-05-10 Mikio Hirabayashi
- AIX is now supported.
- The utility API was enhanced.
- Release: 1.8.53
2006-05-04 Mikio Hirabayashi
- A bug about evaluating RFC822 date format was fixed.
- Release: 1.8.52
This is version 2, a complete rewrite of the original code to provide
new-style classes for connection and cursor objects and other
sweet candies. Like the original, psycopg 2 was written with the aim of
being very small and fast, and stable as a rock.
shared-mime-info 0.18 (2006-07-03)
* Mime-type Changes:
- Add *.qtl to video/quicktime
- Add *.wax to audio/x-ms-asx
- Add *.mpga to audio/mpeg
- Add audio/x-ms-wma (Windows Media Audio)
- Add application/xspf+xml (XSPF playlist)
- Add a lot of subclassing information
- Fix the RSS mime-types
- Fix *.asx files' mime-type
- Avoid audio/x-ms-asx files being detected as HTML
- Avoid application/pdf files being detected as Matlab documents
- Clarify C, C++, C# and ObjC mime-types
* New translations:
- Danish
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
Changes since version 2.8.0.4:
- XSS vulnerability from requests not containing a token
- Reenable XML option in Export
- State in documentation that your browser must accept cookies
- CVS link was broken on main page
- Adding a user with password containing a backslash
- Removing a default value
- Setup script: compatibility with security tokens
- Setup script: detection of writable config
- Reading the database list with MySQL wildcards
Most notably this version includes fixes for
http://secunia.com/advisories/20365/
and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903
The fix for the latter was provided in PR pkg/33616 by Cedric
Devillers, cedric dot devillers at script dottt univ-paris7 dot fr,
and is not part of the upstream version 4.1.20.
* Changes since last packaged version (4.1.19)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-20.html for me details):
This is a security fix release for the previous production release
family. This release includes the security fix described later in
this section and a few other changes to resolve build problems,
relative to the last official MySQL release (4.1.19).
Bugs fixed:
- Security fix: An SQL-injection security hole has been found in
multi-byte encoding processing. The bug was in the server, incorrectly
parsing the string escaped with the mysql_real_escape_string() C
API function. (CVE-2006-2753, Bug#8378)
This vulnerability was discovered and reported by Josh Berkus
<josh@postgresql.org> and Tom Lane <tgl@sss.pgh.pa.us> as part of
the inter-project security collaboration of the OSDB consortium.
- The patch for Bug#8303 broke the fix for Bug#8378 and was undone.
(In string literals with an escape character (\) followed by a
multi-byte character that has a second byte of (\), the literal
was not interpreted correctly. The next byte now is escaped, not
the entire multi-byte character. This means it a strict reverse of
the mysql_real_escape_string() function.)
- The client libraries had not been compiled for position-indpendent
code on Solaris-SPARC and AMD x86_64 platforms. (Bug#13159, Bug#14202,
Bug#18091)
- Running myisampack followed by myisamchk with the --unpack option
would corrupt the auto_increment key. (Bug#12633)
the pkglint warning:
As {INSTALL,DEINSTALL}_TEMPLATE is modified using "+=", its name
should indicate plural.
This does make the variables a bit more suggestive of the fact that they
hold lists of values.
This avoids the need for a confusing line of the form:
DEINSTALL_TEMPLATE+= path/to/INSTALL
in the package Makefile, and actually removes the need to specify it
altogether since by convention, the existence of the DEINSTALL script
is enough to add it to DEINSTALL_TEMPLATE.
Fixed variable ref errors in adodb-ado5.inc.php in _query().
Mysqli setcharset fix using method_exists().
The adodb-perf.inc.php CreateLogTable() code now works for user-defined table names.
Error in ibase_blob_open() fixed. See
http://phplens.com/lens/lensforum/msgs.php?id=14997
Active Record
============
Now we only update fields that have changed, using $this->_original.
We do not include auto_increment fields in replace(). Thx Travis Cline
Added ADODB_ACTIVE_CACHESECS.
Mostly bug fixes from 3.8.
- Use string methods instead of deprecated string functions.
- Only use SQL-standard way of escaping quotes.
- Added the functions escape_string() and escape/unescape_bytea()
(as suggested by Charlie Dyson and Kavous Bojnourdi a long time ago).
- Reverted code in clear() method that set date to current.
- Added code for backwards compatibility in OID munging code.
- Reorder attnames tests so that "interval" is checked for before "int."
- If caller supplies key dictionary, make sure that all has a namespace.
This module provides a wrapper for the DB_File module, adding locking.
When you need locking, simply use this module in place of DB_File and
add an extra argument onto the tie command specifying if the file should
be locked for reading or writing.
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
and failover.
The big picture for the development of Slony-I is a master-slave system that
includes all features and capabilities needed to replicate large databases to
a reasonably limited number of slave systems.
Slony-I is a system for data centers and backup sites, where the normal mode
of operation is that all nodes are available
now split off. This package contains only the slapd and slurpd servers.
Please note that both slapd and slurpd now run unprivileged by default (as
slapd:ldap and slurpd:ldap, respectively). An upgrade scenaria is described
in MESSAGE. This change addresses PR pkg/31959.
split off. This package contains only the client tools and libraries, and the
manpages.
LDAP-based applications should depend on this package, not databases/openldap
(anymore).
(and add a -doc component), which I'll import in a minute. This package is now
nothing but a meta-package, depending on those three. Take over MAINTAINERship
(ok with joerg). Add an inet6 option to -client and -server (PR pkg/33524).
Bump PKGREVISION.
Common to all versions:
* Change the server to reject invalidly-encoded multibyte characters
in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this
direction for some time, the checks are now applied uniformly to
all encodings and all textual input, and are now always errors not
merely warnings. This change defends against SQL-injection attacks
of the type described in CVE-2006-2313.
* Reject unsafe uses of \' in string literals As a server-side
defense against SQL-injection attacks of the type described in
CVE-2006-2314, the server now only accepts '' and not \' as a
representation of ASCII single quote in SQL string literals. By
default, \' is rejected only when client_encoding is set to a
client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is
the scenario in which SQL injection is possible. A new
configuration parameter backslash_quote is available to adjust
this behavior when needed. Note that full security against
CVE-2006-2314 may require client-side changes; the purpose of
backslash_quote is in part to make it obvious that insecure clients
are insecure.
* Modify libpq's string-escaping routines to be aware of encoding
considerations This fixes libpq-using applications for the
security issues described in CVE-2006-2313 and CVE-2006-2314.
Applications that use multiple PostgreSQL connections concurrently
should migrate to PQescapeStringConn() and PQescapeByteaConn() to
ensure that escaping is done correctly for the settings in use in
each database connection. Applications that do string escaping
"by hand" should be modified to rely on library routines instead.
* Fix some incorrect encoding conversion functions win1251_to_iso,
alt_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all
broken to varying extents.
* Clean up stray remaining uses of \' in strings (Bruce, Jan)
* Fix server to use custom DH SSL parameters correctly (Michael Fuhr)
* Fix various minor memory leaks
Additionally for 7.4.13 and later:
* Fix bug that sometimes caused OR'd index scans to miss rows they
should have returned
* Fix WAL replay for case where a btree index has been truncated
* Fix SIMILAR TO for patterns involving | (Tom)
* Fix for Bonjour on Intel Macs (Ashley Clark)
Additionally for 8.0.8 and 8.1.4:
* Fix SELECT INTO and CREATE TABLE AS to create tables in the
default tablespace, not the base directory (Kris Jurka)
* Fix problem with password prompting on some Win32 systems (Robert
Kinberg)
Additionally for 8.1.4:
* Fix weak key selection in pgcrypto (Marko Kreen)
Errors in fortuna PRNG reseeding logic could cause a predictable
session key to be selected by pgp_sym_encrypt() in some cases.
This only affects non-OpenSSL-using builds.
* Make autovacuum visible in pg_stat_activity (Alvaro)
* Disable full_page_writes (Tom)
In certain cases, having full_page_writes off would cause crash
recovery to fail. A proper fix will appear in 8.2; for now it's
just disabled.
* Various planner fixes, particularly for bitmap index scans and
MIN/MAX optimization (Tom)
* Fix incorrect optimization in merge join (Tom)
Outer joins could sometimes emit multiple copies of unmatched
rows.
* Fix crash from using and modifying a plpgsql function in the same
transaction
* Improve qsort performance (Dann Corbit)
Currently this code is only used on Solaris.
* Improve pg_dump's handling of default values for domains
* Fix pg_dumpall to handle identically-named users and groups
reasonably (only possible when dumping from a pre-8.1 server) (Tom)
The user and group will be merged into a single role with LOGIN
permission. Formerly the merged role wouldn't have LOGIN
permission, making it unusable as a user.
* Fix pg_restore -n to work as documented (Tom)
Changes 0.9.1
This release fixes one particurly ugly bug affecting only MySQL users who
are first creating a database with 0.9 (and didn\'t already have a
database from an earlier release).
Changes 0.9
This release includes several new features, particularly extending what
information Krecipes holds for each recipe. These include:
* Multi-user and multi-criteria rating system
* Yield type and range
* Multiple preparation methods
* Ingredient ranges
* Stores the time a recipe is created, modified, and last accessed
Other significant features include:
* Rezkonv export
* Backup/restore
* Copy to Clipboard feature
* Interface to quickly paste ingredients into a recipe
Use CONF_FILES_PERMS to install the conf.php file
Don't use WWW_USER to set permissions as that assumes apache is always installed
Bump PKGREVISION
Fix binary packages (pointed out by salo@)
Thanks to Yoshito Komatsu for feedback and testing
A summary of changes include:
This release fixes some minor bugs and some security alerts.
Code syntax fixing tests
HTML Validation fixes
Added support for binary attrs in templates & HTML Validation fixes
Few minor bug fixes.
Changed default login attribute back to "dn".
Full listing of changes:
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
Notable changes include:
- Security enhancement: Added the global max_prepared_stmt_count system
variable to limit the total number of prepared statements in the
server.
- The default for the innodb_thread_concurrency system variable was
changed to 8.
- Fixes for CVE-2006-1516, CVE-2006-1517 and CVE-2006-1518.
And a lot of bug fixes.
----------------------------------------------------------------
Released 2.2.0 2006-04-10
Changes since 2.0.11:
* OpenLDAP 2.2+ required now to build.
Modules/
* Dropped all occurences of '#ifdef #LDAP_VENDOR_VERSION'.
* Fixed wrong tuple size in l_ldap_result3() (see SF#1368108)
* Fixed get_option(ldap.OPT_API_INFO) (see SF#1440165)
* Fixed memory leak in l_ldap_result3() when all=0
(see SF#1457325)
* Fixed memory leak in l_ldap_result3() in error cases
(see SF#1464085)
Lib/
* Fixed ldap.schema.models.DITStructureRule.__str__() to
separate SUP rule-ids with a single space instead of ' $ '
* Fixed ldap.async.Dict
* Added ldap.async.IndexedDict
* ldap.schema.subentry.SubSchema.attribute_types() has new
key-word argument ignore_dit_content_rule
----------------------------------------------------------------
Released 2.0.11 2005-11-07
Changes since 2.0.10:
Lib/
* Class ldap.ldapobject.LDAPObject:
Each method returns a result now
* Class ldap.ldapobject.ReconnectLDAPObject:
Some methods called the wrong methods of LDAPObject. Fixed.
* Added new class ldap.async.Dict
* Slightly cleaned up ldap.schema.subentry.attribute_types()
* New sub-module ldap.resiter which simply provides a mix-in
class for ldap.ldapobject.LDAPObject with a generator method
allresults().
Obviously this only works with Python 2.3+. And
it's still experimental.
2006-05-02 Mikio Hirabayashi
- A bug about evaluating RFC822 date format was fixed.
- Warings from GCC 4.1.x were dealt with.
- Missing functions in qdbm.def were supplied.
- Release: 1.8.51
Restoring from 1.0.x format XML dumps was enabled.
The stability of rrdtool fetch results was fixed.
A new rrdtool graph and rrdcgi functions were added.
The pipe mode interface was improved. Many bugfixes were made.
The configure script is too agreessive and bypasses the buildlink3
framework.
Add options for sqlite, odbc, freetds and perl.
Fix PLIST. Bump revision. OK by maintainer.
Changes from 1.41:
1.48 April 5, 2006
- Bump minimum DBI version to 1.45 (CPAN bug #18260) (plus problems
in versions 1.42 and 1.44 [GSM]
- Fix typo in Pg.pm code (CPAN bug #18537) [marc@sssonline.com]
- Ensure begin_work is properly set before err. (CPAN bug #18387) [GSM]
- Force PQexecParams to only run with DML. (CPAN bug #18258) [GSM]
- Fix bytea encoding problem (CPAN bug #18264) [GSM]
- Add documentation about connection service files (pg_service.conf).
[David Fetter]
1.47 March 20, 2006
- Fix problem with selecting arrays. (CPAN bugs #18128 and
#18177) [GSM]
- Fix problem with dollar-sign placeholders. [GSM]
1.46 March 16, 2006
- Fix problem with dollar-sign placeholders. (husseinp@gmail.com)
(CPAN bug #18209) [GSM]
1.45 February 27, 2006
- Fix bug preventing bytea values over 20 characters from showing.
Spotted by Igor Shevchenko. [GSM]
1.44 February 21, 2006
- Make sure pg_warn does not warn if the database attribute
PrintWarn is off. (Tyler MacDonald tyler@yi.org) [GSM]
- Add SIGNATURE file for Module::Signature verification. [GSM]
- Fix error in documentation for pg_errorlevel.
(CPAN bug #17434)
- Add experimental support for using DEFAULT values inside
of execute with $DBDPG_DEFAULT. [GSM]
- Return the proper SQLSTATE codes on connection failures.
(CPAN bug #17115) [GSM]
- Fix parser to handle leading parens. (CPAN bug #15481) [GSM]
- Make statement handles destruction abort early if
InactiveDestroy is set (CPAN bug #14978) [GSM]
- Make quote work properly for time/date types
(CPAN bug #15082) [GSM]
- Ensure all lo_ functions begin a transaction as needed
if they are the first action in a script
(CPAN bug # 13810) [GSM]
- Fix memory leak in dbdimp.c (k@sawada.cc) [Kenchi Sawada]
- Fix memory leak in dbdimp.c (dmitri@karasik.eu.org)
(CPAN bug #16054)
- Move package declaration lines to fix RPM parser problems
(CPAN bug #14509) [GSM]
- Add support for dollar quoting (CPAN bug #13608) [GSM]
- Added $dbh->{pg_default_port} method [GSM]
- Overhaul get_info data, add many more values [GSM]
- Overhaul type_info data (CPAN bug #13806) [GSM]
- Rewrite some of the quoting functions, reduce dependence
on libpq versions [GSM]
- Rewrite and optimize the do() method. Should be much faster
when called without placeholders. Thanks to Tom Lane
for suggesting this. [GSM]
- Double check PQserverVersion return and use alternate
method if it returns 0 (CPAN bug #14302)
- Add support for specifying type in $dbh->quote(),
such as $dbh->quote($var, {pg_type => DBD::Pg::PG_BYTEA})
Also support type => SQL_xx [GSM] (CPAN bug #13942)
- Fix pg_notifies() bug (CPAN bug #14232) [door@lcpi.ru]
- Add pg_ping() method [GSM]
- Make sure ping returns true, even if in failed transaction state
[thanks to Bill Moseley] [GSM]
- Fix COPY-related core dump [GSM]
- Fix strncpy bug in quote.c [Jun Kuriyama] (CPAN bug #14897)
- Fix error in is_high_bit_set() [Alexey Tourbin] (CPAN bug #13406)
1.43 June 23, 2005
- Added README.dev file. [GSM]
- Fix statement-name related core dump. [GSM]
- Ensure state() returns an empty string, not 00000 on success.
(CPAN bug #13237) [michael.bell@web.de of OpenCA] [GSM]
- Fix rare core dump when $sth still in scope after disconnect [GSM]
- Enhancements to README.win32 [fenlisesi@gmail.com]
- Fix incorrect sprintf calls (CPAN bug #12204)
[Jakub Jelinek]
- Fix get_info(18) ("ODBCVERSION") (CPAN bug #12968)
[thanks to szinger@lanl.gov] [GSM]
1.42 May 21, 2005
- Fix minor issues with copying and bytea quoting on older
servers. Fix some other memory leaks. [GSM]
- Fix backslash parsing in statements (CPAN bug #12870)
[felix.klee@inka.de] [GSM]
- Make rollback/commit reset copy state (CPAN bug #12866)
[imb@rentrak.com] [GSM]
- Make sure lo_creat issues a begin if necessary [GSM]
- Fix incorrect behavior when AutoCommit switched on. (CPAN bug #12748)
[thanks to Vivek Khera] [GSM]
- Have last_insert_id use set_err, not die. (CPAN bug #12503)
[thanks to Alexandra Walford] [GSM]
- Fixed tests to correctly handle older DBI versions reporting
failures on last_insert_id() (CPAN bug #12204)
[jpo@di.uminho.pt] [GSM]
- Re-enable REMARKS field on column_info (CPAN bug #12399)
[thanks to morni@cpan.org] [GSM]
- Many minor compiler optimizations and cleanups [GSM]
- Fix two separate memory leaks in dbdimp.c
[hertzog@debian.org and richardg@eSentire.com]
- Change VARCHAROID to UNKNOWNOID, suggested by users on mailing
list [GSM]
PKGLOCALEDIR and which install their locale files directly under
${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries. From now
on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
transforming the PLIST to refer to the correct locale directory.
Changes since version 2.8.0.2:
- XSS vulnerability (set_theme)
- mysqli problems with zend.ze1_compatibility_mode enabled
- setup script did not save the mysql/mysqli extension
- XSS vulnerability (calling directly css files under themes)
development platform for PostgreSQL, the most advanced Open Source database in
the world. The application may be used on BSD, Linux, Solaris, Mac OSX and
Windows platforms to manage PostgreSQL 7.3 and above running on any platform,
as well as commercial versions of PostgreSQL such as Pervasive Postgres,
EnterpriseDB, Mammoth PostgreSQL and SRA PowerGres.
pgAdmin III is designed to answer the needs of all users, from writing simple
SQL queries to developing complex databases. The graphical interface supports
all PostgreSQL features and makes administration easy. The application also
includes a syntax highlighting SQL editor, a server-side code editor, an
SQL/batch/shell job scheduling agent, support for the Slony-I replication
engine and much more. Server connection may be made using TCP/IP or Unix Domain
Sockets (on *nix platforms), and may be SSL encrypted for security. No
additional drivers are required to communicate with the database server.
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
