What's new in at-spi-1.24.0:
* Bugfixes: #535827.
* Translation update.
What's new in at-spi-1.23.92:
* Bugfixes: #551334.
What's new in at-spi-1.23.91:
* Bugfixes: #548559, #350552, #547875.
* Translation update from Seán de Búrca, Hendrik Richter, Goran Rakic,
Runa Bhattacharjee, Djihed Afifi.
What's new in at-spi-1.23.6:
* Bugfixes: #436579, #545849.
What's new in at-spi-1.23.5:
* Bugfixes: #541119, #435833, #524806, #542217.
What's new in at-spi-1.23.3:
* Bugfixes: #532887, #498668, #431053, #451553, #520490, #521667, #522356.
New in the 0.9.6 x11vnc release:
x11vnc's SSL encryption is extended to support the VeNCrypt and
TLS (older; vino) SSL/TLS security type extensions to VNC.
Anonymous Diffie-Hellman key exchange (-ssl ANON) and Certificate
Revocation List support (-sslCRL) is added to the SSL
encryption mode.
The Java viewer applet can now be served up through the VNC port
(5900) in addition to the normal HTTP port (5800) via
the -http_oneport option. Previously this only worked
for SSL connections and HTTPS.
The "-rfbport PROMPT" mode presents a simple gui for the user
to select a port for the x11vnc service and a few other
settings. This enables a menu entry for naive users
that is included in x11vnc.desktop.
If x11vnc is not built with the Avahi Zeroconf library an external
helper program (avahi-publish or dns-sd on Mac OS X)
is used instead.
miscellaneous new features and changes:
The default mode for '-ssl' is now the '-ssl SAVE' mode; i.e.
the generated certificate is saved and reused in
subsequent sessions rather than being discarded.
Use '-ssl TMP' recover the old way. This change made
to for it to be more likely that the VNC Viewer can save
the accepted cert for future authentications.
The solid background color option works on the Mac OS X console.
The -reopen option enables x11vnc to try to re connect to the X
display if GDM (or other display manager) kills it just
after the user logs in.
The -dhparams option can be used to point to your own Diffie
Hellman parameters.
The -setdefer option allows tuning how quickly updates will
be sent. Default setting tuned.
The option -zeroconf is now an alias for -avahi/-mdns.
In pipeinput mode, the pipe filehandle is now closed when
x11vnc exits.
The -sshonly option turns off VeNCrypt and TLSVNC (vino) mod
leaving only the standard SSL (i.e. vncs://)
For testing, the option -rand in an alias for -rawfb rand -nopw
Minor tweaks to improve CUPS Print tunneling.
* Update Bulgarian translation which catch up to TYPOlight 2.6.2.
* Fix PLIST for Romanian (PLIST.ro) which should be updated by previous commit.
* Update French and Latvian translations.
Upstream changes:
0.42 2008-09-12
- Based on CLDR 1.6.1, but this has no changes in the data we use. I
just used 1.6.1 so people wouldn't ask me why I don't use 1.6.1 ;)
- In the switch to CLDR (back in 0.30), I accidentally dropped a
number of hard-coded aliases, notably for 'C'. These aliases have
been restored. Reported by Adam Kennedy. RT #39208.
- Generation of aliases based on the 3-letter ISO code for countries
is now based on the most recent version of ISO639.
The seventh maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
* SA-2008-073 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 6.6 release:
* - Patch #324118 by winterheart: fixed invalid XHTML being generated for forum topic listings.
* - Patch #329019 by dww, sun: fixed PHP warning.
* #315739 by sun: The theme name is in arg(4) on the block admin page, so only redirect to theme specific page if that is set.
* - Patch #329646 by Damien Tournoud: properly reset user_access().
* - Patch #255293 by Gribnif, maartenvg: incorrect regex causes some aggregated CSS to fail.
* #329998 by pwolanin: escape markup looking non-HTML tags in schema descriptions
* #258089 by JohnAlbin, Arancaytar, merlinofchaos: themes cannot have a preprocess function without a corresponding .tpl.php file
* #255150 by dropcube, tested by catch, asimmonds: content type names were double escaped on create content page
* #329660 by pwolanin: node_configure_validate() should be replaced with a #submit handler to conform to FormAPI rules
* #299742 by Darren Oh: missing #ahah support on checkboxes
* #193580 follow up by gpk: late but important changelog entry for Drupal 6.0
* #302638 by pwolanin: avoid running several no-op queries while the menu is being rebuilt; improves performance
* Rolling back #302638, it caused problems reported in #328110
* #319165 by Alex_Tutubalin: add explicit UTF-8 client encoding setting for PostgreSQL
* - Patch #277644 by lilou: documentation improvement.
* - Patch #335385 by Dave Reid: fixed maxlength of path alias fields to be consistent with the database.
* - Patch #337454 by earnie: fixed the phpdoc of drupal_render_form().
* - Patch #293370 by swentel et al: make block sorting work when there are more than 20 blocks.
* - Patch #325908 by kbahey: removed redundant cache flusing.
* - Patch #281131 by Damien Tournoud: document the missing quote in .htaccess.
* - Patch #336115 by Nedjo: better documentation for t().
* - Patch #342988 by ultimateboy: fixed order of attributes in PHPdoc.
* #324875 by pwolanin: improve HTTP_HOST checking, ensuring that the host is lowercased and only valid characters are allowed.
* #280934 follow up by pwolanin: harden the cookie handling in sess_regenerate() by setting our session cookie to be an HTTP only cookie, thus reducing the risk of session stealing via XSS
* #28776 by Uwe Hermann, Morbus Iff, jvandyk: Protect *.test files and SVN metafiles from being exposed under Drupal
* #299582 by hass: Remove outdated items from robots.txt and fix ordering of items to make stuff easier to find.
* #305653 by snowball43, cdale, Dave Reid, sun: All themes were disabled when update.php was run
* #344661 by Dave Reid: fix phpdoc documentation on translation_translation_link_alter()
* #333060 by neclimdul, merlinofchaos, dvessel: child themes did not inherit patterns correctly, so more specific template files are not detected
* #206138 by pwolanin et al: little documentation fix for node base module name handling
* #276111 by pwolanin, meba and myself: disallow possibly dangerous submissions in locale translations and imports
* #345167 by JacobSingh, pwolanin, Heine: drupal_http_request() includes an extra CRLF, not conformant to HTTP specs
http://drupal.org/node/345462
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
* SA-2008-073 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 5.12 release:
* #318102 by Damien Tournoud and Dave Reid: hook_exit() not invoked for some cached requests.
* #278821 by teezee. More isset() checking.
* #293612 by egfrith, Bart Jansens: let user_authenticate() be called without cookies previously set; allows web service modules to start a session with the authentication.
* #123556 by maartenvg and dvdweide. Do not show empty user info categories.
* #294450 by blakehall. Match up DB and form max length.
* More code style removing trivial differences with 6.x.
* #195161 by mcarbone with some modifications: only show 'login to post comments' if logging in actually lets you post comments. Backport by salvis.
* - Patch #342988 by ultimateboy: fixed order of attributes in PHPdoc.
* #280934 follow up by pwolanin: harden the cookie handling in sess_regenerate() by setting our session cookie to be an HTTP only cookie, thus reducing the risk of session stealing via XSS
* #324875 by pwolanin: improve HTTP_HOST checking, ensuring that the host is lowercased and only valid characters are allowed.
* #28776 by Uwe Hermann, Morbus Iff, jvandyk: Protect *.test files and SVN metafiles from being exposed under Drupal
* #299582 by hass: Remove outdated items from robots.txt and fix ordering of items to make stuff easier to find.
http://drupal.org/node/345467
PostGIS 1.3.4
2008/11/24
- New Features
- Add new ST_AsGeoJSON() function to allow conversion of
geometries to GeoJSON format within the database. (Olivier Courtin)
- Add forthcoming PostgreSQL 8.4 support
(Paul Ramsey, Mark Cave-Ayland)
- Improved CSS for PostGIS documentation (Dane Springmeyer)
- Inclusion of new "postgis_comments.sql" file to enable detailed
function comments to be installed for PostGIS functions. This
attaches a description and associated parameter information
to each function so that this information is available directly
within psql/pgAdmin (Regina Obe)
- Enhancements and Bug Fixes
- General documentation improvements (Regina Obe, Kevin Neufield)
- Improve PiP code by removing substantial memory leaks and adding
multi-polygon support (Paul Ramsey)
- Improve GiST consistent performance (Paul Ramsey)
- GBT#20: Improved algorithm for ST_DWithin (Paul Ramsey)
- GBT#21: locate_along_measure: wrong values, invalid data
(Mark Cave-Ayland)
- GBT#23: wrong proj4text in spatial_ref_sys for SRID 31300 and 31370
(Paul Ramsey)
- GBT#43: Heap over-read in compute_geometry_stats() (Landon Fuller)
- GBT#44: ST_Relate(geom,geom,pattern) is case sensitive (Paul Ramsey)
- GBT#45: bug in postgis_restore.pl - not passing options to createdb
(Paul Ramsey)
- GBT#58: bounding box of circular string is incorrect (Mark Leslie)
- GBT#65: ST_AsGML kills the backend when fed a CIRCULAR STRING
(Mark Cave-Ayland)
- GBT#66: ST_Dump kills backend when fed CIRCULAR STRING
(Mark Cave-Ayland)
- GBT#68: ST_Shift_Longitude doesn't work with MULTIPOINT
(Mark Cave-Ayland)
- GBT#69: ST_Translate crashes when fed circular string
(Mark Cave-Ayland)
- GBT#70: ST_NPoints Crashes with Curves (Mark Cave-Ayland)
Pkgsrc changes:
o Adjust dependencies to suit new dependencies
Upstream changes:
0.4501 2008-11-25
- The epoch() method got broken in the recent shuffling between
Time::Local and Time::y2038. Unfortunately, the tests to catch this
also got lost in the shuffle. Reported by Avianna Chao.
0.45 2008-11-11
- Reverted the changes to use Time::y2038, on the recommendation of
Michael Schwern (the author of said module), because it is not yet
stable. This may come back in a future release.
0.4401 2008-11-03
- In order to handle epochs > 2**32 properly on a 32-bit machine, we
also need to import gmtime from Time::y2038. This changes fixes a
whole bunch of test failures seen with 0.44.
0.44 2008-11-01
- XS-capable DateTime.pm now uses Time::y2038 instead of
Time::Local. This lets it handle epochs up to 142 million years
before and after the Unix epoch.
- Fixed a compiler warning with Perl 5.10.0.
- Fixed docs for year_with_era, which had AD and BC
backwards. Reported by Vynce Montgomery. RT #39923.
- The format_cldr() method did not format the "yy" format properly
when the year ended in "0X". Reported by Wilson Santos. RT #40555.
0.4305 2008-10-03
- The pure Perl version of this module did not know about the end of
2008 leap second. Reported by James T Monty.
Add map_x86_brand_string to subr_x86 and use in NetBSD,
Linux and Solaris to determine ARCH for Intel CPUs after PIII.
(Still need to rework AMD CPU detection to use family and
extended family)
Added 'AMD K6-2 (586-class)' - thanks Brian Ginsbach
Added 'Pentium(R) Dual-Core CPU E5200' - thanks Andreas Burghardt
Delete patch-aa as the whole lt_preloaded_symbols bit is gone upstream.
Changes in 1.8.6 (since 1.8.5)
* New features (see the manual for details)
** New convenience function `scm_c_symbol_length ()'
** Single stepping through code from Emacs
When you use GDS to evaluate Scheme code from Emacs, you can now use
`C-u' to indicate that you want to single step through that code. See
`Evaluating Scheme Code' in the manual for more details.
** New "guile(1)" man page!
* Changes to the distribution
** Automake's `AM_MAINTAINER_MODE' is no longer used
Thus, the `--enable-maintainer-mode' configure option is no longer
available: Guile is now always configured in "maintainer mode".
** `ChangeLog' files are no longer updated
Instead, changes are detailed in the version control system's logs. See
the top-level `ChangeLog' files for details.
* Bugs fixed
** `symbol->string' now returns a read-only string, as per R5RS
** Fix incorrect handling of the FLAGS argument of `fold-matches'
** `guile-config link' now prints `-L$libdir' before `-lguile'
** Fix memory corruption involving GOOPS' `class-redefinition'
** Fix possible deadlock in `mutex-lock'
** Fix build issue on Tru64 and ia64-hp-hpux11.23 (`SCM_UNPACK' macro)
** Fix build issue on mips, mipsel, powerpc and ia64 (stack direction)
** Fix build issue on hppa2.0w-hp-hpux11.11 (`dirent64' and `readdir64_r')
** Fix build issue on i386-unknown-freebsd7.0 ("break strict-aliasing rules")
** Fix misleading output from `(help rationalize)'
** Fix build failure on Debian hppa architecture (bad stack growth detection)
** Fix `gcd' when called with a single, negative argument.
** Fix `Stack overflow' errors seen when building on some platforms
** Fix bug when `scm_with_guile ()' was called several times from the
same thread
** The handler of SRFI-34 `with-exception-handler' is now invoked in the
dynamic environment of the call to `raise'
** Fix potential deadlock in `make-struct'
** Fix compilation problem with libltdl from Libtool 2.2.x
** Fix sloppy bound checking in `string-{ref,set!}' with the empty string
Updated textproc/p5-Text-RewriteRules to 0.16
Added textproc/p5-XML-SAX-Base version 1.02
Updated textproc/p5-XML-SAX-Writer to 0.52
Updated textproc/p5-XML-SemanticDiff to 0.99
Security Enhancements and Fixes in PHP 5.2.7:
Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz.
Fixed incorrect php_value order for Apache configuration, reported by Maksymilian Arciemowicz.
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes CVE-2008-3660)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow). (Fixes CVE-2008-2829)
Key enhancements in PHP 5.2.7 include:
Fixed several memory leaks inside the readline and sqlite extensions
A number of corrections relating to date parsing inside the date extension
Fixed bugs relating to data retrieval in the PDO extension
A series of crashes in various areas of code were resolved
Several corrections were made to the strip_tags() function in terms of < and <?XML handling
A number of bugs were fixed in extract() function when EXTR_REFS flag is being used
Added the ability to log PHP errors to the SAPI (Ex. Apache log) logging facility
Over 170 bug fixes.
5.2.8
Reverted bug fix Fixed bug #42718 that broke magic_quotes_gpc (Scott)
ChangeLog:
0.86 Sun Nov 9 01:09:05 PST 2008
Same as 0.85_01
0.85_01 Thu Oct 23 18:57:38 PDT 2008
New Features
* cmp_ok() now displays the error if the comparison throws one.
For example, broken overloaded objects.
Bug Fixes
* cmp_ok() no longer stringifies or numifies its arguments before comparing.
This makes cmp_ok() properly test overloaded ops.
[rt.cpan.org 24186] [code.google.com 16]
* diag() properly escapes blank lines.
Feature Changes
* cmp_ok() now reports warnings and errors as coming from inside cmp_ok,
as well as reporting the caller's file and line. This let's the user
know where cmp_ok() was called from while reminding them that it is
being run in a different context.
Other
* Dependency on ExtUtils::MakeMaker 6.27 only on Windows otherwise the
nested tests won't run.
Changelog:
2.22 Nov 11, 2008
- Fixed a bug where Log::Dispatch::Email would die when it tried to
log under taint mode. Patch by Neil Hemingway. RT #40042.
- Fixed a misuse of warnings::enabled(). Reported by Darian
Patrick. RT #39784.
- Syslog logging now requires Sys::Syslog 0.16+.
- If you don't pass a socket argument to Log::Dispatch::Syslog, it
does not call Sys::Syslog::setlogsock(), which is the preferred
option for portability.
* If any of the syslog calls die, this is trapped and the error is
output as a warning if warnings are on. This is mostly a workaround
for Sys::Sylog not handling utf-8. RT #35270 & #37397.
This isn't backwards-compatible, but it's probably wrong for the
logging code to die because it can't log (even though some other
output modules still do).
SIP v4.7.9 has been released.
This is a bug fix release needed to build PyKDE v3.16.2.
SIP v4.7.8 has been released.
* Added the /Deprecated/ class and function annotation (based on
a patch from Lorenzo Berni).
* Templates now support instance variables and enums.
* A Python int object can now be used whenever an enum is expected
without needing to explicitly cast it using the enum's constructor.
The /Constrained/ argument annotation can be used to suppress this
behaviour.
* typedef type names are now used in string representations of
types (e.g. in the names of mapped types) to reflect what the
programmer sees rather than what the compiler sees. The /NoTypeName/
typedef annotation can be used to suppress this behaviour.
1.3.3 (December 9, 2008)
========================
Security Fixes:
* None.
Bug fixes:
* 'identify' was throwing an assertion when used on colormapped
files (this bug was introduced by 1.3.2).
* With the -segment option, eliminate trashing the image colors when
used on huge images.
* 'identify -format "%c"' now reports the entire comment regardless
of size.
* Argument to -convolve is no longer arbitrarily truncated so huge
convolution kernels may now be specified from the command line.
Performance Improvements:
* Image segmentation (-segment) is now accelerated using OpenMP and
uses several other tactics to improve execution performance.
* 'identify "*"' now successfully works in a 32-bit application when
used in a directory containing a million files.
* 'identify' now executes quickly when used on TIFF files.
