=== Release 2.1pre18
Sat Jul 30 00:01:55 MET DST 2005 mikulas:
Fixed reverse numbering of form fields in javascript
Fri Jul 29 22:45:30 MET 2005 user:
Fixed cursor position in bookmarks after HOME, END, PAGE UP, PAGE DOWN
Thu Jun 23 04:05:45 cet 2005 mikulas:
<sub>, <sup> and alignment images to top and middle of line
Wed Jun 22 18:15:11 MET 2005 user:
Implemented <hr> in graphics mode
Mon Jun 20 15:57:00 cet 2005 mikulas:
Do not make whitechar-elimination on invisible form entries
Sat Jun 18 18:16:24 MET 2005 user:
Allow '#' in smb files and directories
Fri Jun 17 23:10:24 MET 2005 Simen Graaten
Updated Norwegian translation
Mon Jun 6 18:47:37 MET 2005 user:
Do not respond to unknown authentication methods with basic response
Sun May 29 05:43:58 cet 2005 mikulas:
Do always use cache when going back
Sun May 22 21:03:16 MET 2005 user:
Allow '#' in ftp password
Wed May 18 01:18:58 cet 2005 mikulas:
Allow image map elements without href and only with javascript
Thu May 12 04:15:43 MET 2005 user:
Fixed crash with -anonymous and "frame at full-screen" in menu
Sun May 8 15:37:22 cet 2005 mikulas:
Fix lockup with terminal height only 1 or 2 characters
Fri May 6 20:06:50 MET 2005 user:
Make '*' work in graphics mode too
Fixed badly displayed images when image displaying was toggled
Thu Apr 21 21:52:28 cet 2005 mikulas:
Do not count time that connection waits in queue
Fri Apr 15 17:37:51 MET 2005 user:
Do not parse <TITLE> inside <SCRIPT>
Sat Apr 2 20:32:01 MET DST 2005 mikulas:
Workaround for bug in Sun C compiler
Fri Apr 1 00:21:39 MET DST 2005 mikulas:
Accept as line break in textarea (fixes bugzilla)
Thu Mar 24 04:06:53 MET 2005 Federico G. Schwindt <fgsch@lodoss.net>:
Use MD5 functions from libc when available
Mon Mar 7 22:36:45 MET 2005 user:
Support for another smb client --- smbc by Martin Zlomek
Wed Mar 2 23:39:30 CET 2005 mikulas:
Fixed crash of javascript with debuglevel<2 (uninitialized memory)
Fixed possible touching of data beyond allocated space in javascript
Changes since 8.01:
Security
* Solved download dialog spoofing issue described in Secunia Advisory SA15870
* Fixed image dragging issue described in Secunia Advisory SA15756
Miscellaneous
* Improved default handling of encodings in spelling checker.
* Multiple stability fixes.
* When an installed plug-in is available, use as default handler rather
than display download dialog.
* Improved support for XMLHttpRequest.
* Fixed download handling when closing originating page.
a powerpc architecture (e.g. NetBSD-mapcppc). This cures display glitches
(e.g. text appearing at the wrong location). Bump package revision
because of this change.
The suPHP Apache module together with suPHP itself provides an easy way
to run PHP scripts with different users on the same server.
It provides security, because the PHP scripts are not run with the
rights of the webserver's user. In addition to that you probably won't
have to use PHP's "safe mode", which applies many restrictions on the
scripts.
this release fixed two issues
Changelog for Mozilla 1.7.11
300749 Switching folders doesn't work on 1st try/Click to mail folder displays
messages not always [JS error in msgMail3PaneWindow.js::ClearMessagePane]
301917 Cursor keys disabled/Caret not moving with keyboard in message compose window
This is a security fix release.
Fixed in Mozilla 1.7.9/1.7.10
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
issuses were fixed in this release:
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
Firefox 1.0.6 is a stability update. We recommend that users upgrade
to this latest version.
Here's what's new in Firefox 1.0.6:
* Restore API compatibility for extensions and web applications
that did not work in Firefox 1.0.5.
Fix required for googlebot changes, New reports including a new
bidimentional map that shows traffic level in the whole year, unique
visitors for every month, better generation of graphviz graphs
including percentages in arcs, nodes for google, external links,
and no referere, 50% less memory used, Highlight color for weekend
changed to be more visible, most stats are now made by unique visits
and not by number of accesses, many bugs fixed, a real manual page.
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
run-time dependency (DEPENDS) on a tool is to append a ":run" modifier
to the tool name, e.g.,
USE_TOOLS+= perl:run
Tools without modifiers or with an explicit ":build" modifier will
cause build dependencies (BUILD_DEPENDS) on those tools to be added.
This makes the notation a bit more compact.
Firefox 1.0.5 is a security update.
Fixed vulnerabilities are:
2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
Changes with mod_ssl 2.8.23 (30-Oct-2004 to 06-Jul-2005)
*) Ported to OpenSSL 0.9.8
*) Fixed connection timeout handling by calling the EAPI connection
close hook after (and not before) the B_OUT flag was set on the
underlying I/O buffer in order to prevent attempted buffer flushes
from blocking the connection.
*) Updated the ca-bundle.crt file from Mozilla's "certdata.txt"
(CVS revision 1.37).
*) Fix timeout handling in POST request processing by resetting
timeouts.
*) Fixed double-definition of OPENSSL_free under OpenSSL 0.9.6 by
fixing the version test in ssl_util_ssl.h
*) Adjusted all copyright messages to contain the new year 2005 ;)
- Tweak for Kwiki-HomePagePreference
- Allow the hub to be hooked.
- Socialtext changes
- Allow ; in addition to & in query strings
- Get rid of -M operators
- Make redirects RFC compliant
- Refactored themes
- empty links cause double page loads
- Refactors to get rid of hub connections
- eliminate use_class
- COmment support
- Kwid Formatter for Spork
- Also prints command usage from plugins.
- copyright 2005
- tweak space on usage()
- eliminate cleanup undef warning when doing 'kwiki -update'
this release fixes the following security issues:
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
