Version 1.1.26 (released 24-Jan-2017)
* security fix: escape nav_data name to avoid XSS attack
Version 1.1.25 (released 15-Sep-2016)
* fix _rev2optrev assertion on long input
Version 1.1.24 (released 02-Oct-2015)
* fix minor bug in human_readable boolean calculation
* allow hr_funout option to apply to unidiff diffs, too
* fix infinite loop in rcsparse
* fix iso8601 timezone offset handling (issue #542)
* add support for renamed roots (issue #544)
* fix minor buglet in viewvc-install error message
bass-heavy sounds, similar to the change made to www/firefox.
put this patch in files/ because it's the right thing and also because
I'm struggling to make changes to the patch, possibly my moving the
location of EOF so the patch doesn't apply fully (guessing)
PKGREVISION->2
This Python module allows by-passing of Cloudfare's anti-bot page. It
will dynamically evaluate the Javascript challenge as proof of web
browserness. It cannot handle reCAPTCHA challenges.
6.18 2017-02-02
- Update "timeout" when reusing sockets (PR#90)
- Fix bug triggered when calling simple_request() with a malformed URL
(PR#108)
6.17 2017-01-31
- Noted another protocol failure message (PR#65)
- Removed old use of UNIVERSAL::isa() and swapped evals for Try::Tiny (PR#105)
- Standardized the Changes file (GH#106)
- Fixed documentation error in lwp-request.
This release fixes a major bug with debugs macro that can have
bad side effects like printing an error after configuration reload
an possibly some other wrong behaviors.
- Change log level of configuration reloading message.
- Show line in configuration file that can not be parsed
by add_pattern().
- Enclose debugs macro to avoid misusage. Thanks to Denis Volpato
Martins for the patch.
- Fix Apache complain "AH01215: CGI::param called in list context
from package main line 14, this can lead to vulnerabilities."
Thanks to thctlo for the report.
Please upgrade asap.
Fix c-icap.conf installation and build problems
Fix c-icap build problem when poll is disabled
Bug fix: body->unlocked can be greater than the body->readpos causing segfault
to c-icap
Handle correctly missing proxy-user header in the case the RemoteProxyUsers is
enabled
Bug fix: Unexpected error waiting for or reading events in control socket!
ci_client_icapfilter does not send correct eof line on zero-sized files
faye-websocket is a general-purpose WebSocket implementation
extracted from the Faye project. It provides classes for easily
building WebSocket servers and clients in Ruby. It does not
provide a server itself, but rather makes it easy to handle
WebSocket connections within an existing Rack application.
It does not provide any abstraction other than the standard
WebSocket API.
It also provides an abstraction for handling EventSource connections,
which are one-way connections that allow the server to push data
to the client. They are based on streaming HTTP responses and can
be easier to access via proxies than WebSockets.
Websocket-driver module provides a complete implementation of
the WebSocket protocols that can be hooked up to any TCP library.
It aims to simplify things by decoupling the protocol details
from the I/O layer, such that users only need to implement code
to stream data in and out of it without needing to know anything
about how the protocol actually works. Think of it as a complete
WebSocket system with pluggable I/O.
A minimal framework that supports the implementation of WebSocket
extensions in a way that's decoupled from the main protocol.
This library aims to allow a WebSocket extension to be written and
used with any protocol library, by defining abstract representations
of frames and messages that allow modules to co-operate.
websocket-extensions provides a container for registering extension
plugins, and provides all the functions required to negotiate which
extensions to use during a session via the Sec-WebSocket-Extensions
header.
If we depends on a foo package, mark its dependency via:
DEPENDS+= foo-*:../../misc/foo
...and then a new foo-bar package will appear it can be problematic.
Use foo-[0-9]* pattern to avoid that.
Kindly pointed out by <wiz>
Tomcat 8.0.41 (violetagg)
Cluster
Add: Make the accessTimeout configurable in BackupManager. The accessTimeout is used as a timeout period for PING in replication map. (kfujino)
Web applications
Fix: Ensure the ASF logo image is displayed in host-manager. (violetagg)
not released Tomcat 8.0.40 (violetagg)
Catalina
Add: 53602: Add HTTP status code 451 (RFC 7725) to the list of HTTP status codes recognised by Tomcat. (markt)
Fix: 60446: Handle the case where the stored user credential uses a different key length than the length currently configured for the CredentialHandler. Based on a patch by Niklas Holm. (markt)
Fix: 60351: Delay creating META-INF/war-tracker file until after the WAR has been expanded to address the case where the Tomcat process terminates during the expansion. (markt)
Fix: Correctly handle the configClass attribute of a Host when embedding Tomcat. (markt)
Fix: 60379: Dispose of the GSS credential once it is no longer required. Patch provided by Michael Osipov. (markt)
Fix: 60380: Ensure that a call to HttpServletRequest#logout() triggers a call to TomcatPrincipal#logout(). Based on a patch by Michael Osipov. (markt)
Fix: 60387: Correct the javadoc for o.a.catalina.AccessLog.setRequestAttributesEnabled. The default value is different for the different implementations. (violetagg)
Code: 60393: Use consistent parameter naming in implementations of Realm#authenticate(GSSContext, boolean). (markt)
Fix: 60395: Log when an Authenticator passes an incomplete GSSContext to a Realm since it indicates a bug in the Authenticator. Patch provided by Michael Osipov. (markt)
Fix: Correctly generate URLs for resources located inside JARs that are themselves located inside a packed WAR file. (markt)
Fix: 60410: Ensure that multiple calls to JarInputStreamWrapper#close() do not incorrectly trigger the closure of the underlying JAR or WAR file. (markt)
Fix: 60411: Implement support in the RewriteValve for symbolic names to specify the redirect code to use when returning a redirect response to the user agent. Patch provided by Michael Osipov. (markt)
Fix: 60413: In the RewriteValve write empty capture groups as the empty string rather than as "null" when generating the re-written URL. Based on a patch by Michael Osipov. (markt)
Update: Update the warnings that reference required options for running on Java 9 to use the latest syntax for those options. (markt)
Fix: 60513: Fix thread safety issue with RMI cleanup code. (remm)
Coyote
Fix: Ensure that the endpoint is able to unlock the acceptor thread during shutdown if the endpoint is configured to listen to any local address of a specific type such as 0.0.0.0 or ::. (markt)
Fix: Prevent read time out when the file is deleted while serving the response. The issue was observed only with APR Connector and sendfile enabled. (violetagg)
Fix: Improve the logic that selects an address to use to unlock the Acceptor to take account of platforms what do not listen on all local addresses when configured with an address of 0.0.0.0 or ::. (markt)
Fix: 60409: When unable to complete sendfile request, ensure the Processor will be added to the cache only once. (markt/violetagg)
Jasper
Fix: 60431: Improve handling of varargs in UEL expressions. Based on a patch by Ben Wolfe. (markt)
Fix: 60497: Restore previous tag reuse behavior following the use of try/finally. (remm)
Fix: Improve the error handling for simple tags to ensure that the tag is released and destroyed once used. (remm)
Fix: 60497: Follow up fix using a better variable name for the tag reuse flag. (remm)
Fix: Revert use of try/finally for simple tags. (remm)
Web applications
Fix: Correct a typo in Host Configuration Reference. Issue reported via comments.apache.org. (violetagg)
Fix: 60344: Add a note to BUILDING.txt regarding using the source bundle with the correct line endings. (markt)
Fix: 60412: Add information on the comment syntax for the RewriteValve configuration. (markt)
Fix: 60467: remove problematic characters from XML documentation. Based upon a patch by Michael Osipov. (schultz)
Add: In the documentation web application, be explicit that clustering requires a secure network for all of the cluster network traffic. (markt)
Update: Update the ASF logos to the new versions.
Fix: 60468: Correct the format of the sample ISO-8601 date used to report the build date for the documentation. Patch provided by Michael Osipov. (markt)
Tribes
Fix: Reduce the warning logs for a message received from a different domain in order to avoid excessive log outputs. (kfujino)
Add: Add log message that PING message has received beyond the timeout period. (kfujino)
Fix: When a PING message that beyond the time-out period has been received, make sure that valid member is added to the map membership. (kfujino)
WebSocket
Fix: 60437: Avoid possible handshake overflows in the websocket client. (remm)
jdbc-pool
Add: 58816: Implement the statistics of jdbc-pool. The stats infos are borrowedCount, returnedCount, createdCount, releasedCount, reconnectedCount, releasedIdleCount and removeAbandonedCount. (kfujino)
Fix: 60194: If validationQuery is not specified, connection validation is done by calling the isValid() method. (kfujino)
Fix: 60398: Fix testcase of TestSlowQueryReport. (kfujino)
Add: Enable reset the statistics without restarting the pool. (kfujino)
Other
Fix: 60366: Change catalina.bat to use directly LOGGING_MANAGER and LOGGING_CONFIG variables in order to configure logging, instead of modifying JAVA_OPTS. Patch provided by Petter Isberg. (violetagg)
Add: New property is added test.verbose in order to control whether the output of the tests is displayed on the console or not. Patch provided by Emmanuel Bourg. (violetagg)
Update: Update the ASF logos used in the Apache Tomcat installer for Windows to use the new versions.
Fix: Spelling corrections provided by Josh Soref. (violetagg)
Upstream changes :
3.6.3 to 3.7.0 :
Atom feeds output <content> in addition to <summary>
Atom feeds use <published> for the original publication date and
<updated> for modifications
Simplify Atom feed ID generation and support URL fragments
Produce category feeds with category-specific titles
RSS feeds now default to summary instead of full content —
set RSS_FEED_SUMMARY_ONLY = False to revert to previous behavior
Replace MD_EXTENSIONS with MARKDOWN setting
Replace JINJA_EXTENSIONS with more-robust JINJA_ENVIRONMENT setting
Improve summary truncation logic to handle special characters and tags that
span multiple lines, using HTML parser instead of regular expressions
Include summary when looking for intra-site link substitutions
Link to authors and index via {author}name and {index} syntax
Override widget names via LINKS_WIDGET_NAME and SOCIAL_WIDGET_NAME
Add INDEX_SAVE_AS option to override default index.html value
Remove PAGES context variable for themes in favor of pages
SLUG_SUBSTITUTIONS now accepts 3-tuple elements, allowing URL slugs to
contain non-alphanumeric characters
Tag and category slugs can be controlled with greater precision using the
TAG_SUBSTITUTIONS and CATEGORY_SUBSTITUTIONS settings
Author slugs can be controlled with greater precision using the
AUTHOR_SUBSTITUTIONS setting
DEFAULT_DATE can be defined as a string
Use mtime instead of ctime when DEFAULT_DATE = 'fs'
Add --fatal=errors|warnings option for use with continuous integration
When using generator-level caching, ensure previously-cached files are
processed instead of just new files
Add Python and Pelican version information to debug output
Improve compatibility with Python 3.5
Comply with and enforce PEP8 guidelines
Replace tables in settings documentation with data:: directives
3.7.0 to 3.7.1 :
Fix locale issues in Quickstart script
Specify encoding for README and CHANGELOG in setup.py
Pkgsrc changes :
removed import of pelican in docs generation, which prevented building
the package
Bug Fixes
---------
Escaped strings in close_frame JS template.
Fixed a bug with text-transform styles on inputs affecting CMS login
Fixed a typo in the confirmation message for copying plugins from a different language
Fixed a bug which prevented certain migrations from running in a multi-db setup.
Fixed a regression which prevented the Page model from rendering correctly when used in a raw_id_field.
Fixed a regression which caused the CMS to cache the toolbar when CMS_PAGE_CACHE was set to True and an anonymous user had cms_edit set to True on their session.
Fixed a regression which prevented users from overriding content in an inherited placeholder.
Fixed a bug affecting Firefox for Macintosh users, in which use of the Command key later followed by Return would trigger a plugin save.
Fixed a bug where template inheritance setting creates spurious migration
Fixed a bug which prevented the page from being marked as dirty (pending changes) when changing the value of the overwrite url field.
Fixed a bug where the page tree would not update correctly when a sibling page was moved from left to right or right to left.
Improvements and new features
-----------------------------
Added official support for Django 1.10.
Rewrote manual installation how-to documentation
Re-introduced the “Revert to live” menu option.
Added support for django-reversion >= 2
Improved the fix-tree command so that it also fixes non-root nodes (pages).
Introduced placeholder operation signals.
Deprecations
------------
Removed the deprecated add_url(), edit_url(), move_url(), delete_url(), copy_url() properties of CMSPlugin model.
Added a deprecation warning to method render_plugin() in class CMSPlugin.
Deprecated frontend_edit_template attribute of CMSPluginBase.
The post_ methods in `PlaceholderAdminMixin have been deprecated in favor of placeholder operation signals.
Other changes
-------------
Adjusted Ajax calls triggered when performing a placeholder operation (add plugin, etc..) to include a GET query called cms_path. This query points to the path where the operation originates from.
Changed CMSPlugin.get_parent_classes() from method to classmethod.
- Setting ``revision.user`` in ``process_response`` for middleware (@etianen).
- Fixing localization of model primary keys in `recover_list.html` (@w4rri0r3k).
- Documentation tweaks
Better support for Django 1.10
Updated German and French translations
Add Chinese (traditional), Hungarian and Finnish translations
Remove tests folder from package (again.)
- Added the ``request`` parameter to :meth:`FormPreview.parse_params()
<formtools.preview.FormPreview.parse_params>`.
- Added support for Django 1.10.
- Dropped support for Django 1.7 and Python 3.2 on Django 1.8.
RoboBrowser is a simple, Pythonic library for browsing the web
without a standalone web browser. RoboBrowser can fetch a page,
click on links and buttons, and fill out and submit forms. If you
need to interact with web services that don't have APIs, RoboBrowser
can help.