While here,
* add user-destdir support
* convert dynamic PLIST to static one
* share/doc/html was deprecated, install in share/doc directly
* Remove restriction to python23, and change PKGNAME to allow creating
python valiant packages.
This release addresses a vulnerability in mod_python's publisher handler
whereby a carefully crafted URL would expose objects that should not be
visible, leading to an information leak. The Common Vulnerabilities and
Exposures project (http://cve.mitre.org/) has assigned the name CAN-2005-0088
to this issue.
Users of the publisher handler are urged to upgrade as soon as possible.
changes:
This release addresses a vulnerability in mod_python 2.7.9 whereby a
specific query string processed by mod_python would cause the httpd
process to crash.
The previously released version 2.7.9 was supposed to correct this issue,
but is still vulnerable.
There are no other changes or improvements from the previous version in
this release.
If you are currently using mod_python 2.7.9 or earlier, it is highly
recommended that you upgrade to 2.7.10 as soon as possible.
Moved to latest version 2.7.8.
Added patch that fixed flags when sending location header.
Added patch to cgihandler to append local directory so that relative URLs
would work.
Added patch to cgihandler to handle SystemExit so that pages would not
ISE when sys.exit(0) was used to exit from the script.
Added patch to break HTTP headers off from page correctly when CRLF and LF
is used inconsistently in a page.
