Security release.
Version 2.11.2 (2012-03-14)
---------------------------
### Fixed
Fixed an issue with the CSS3PIE url being incorrectly rewritten (see #4074).
### Fixed
Fixed a security vulnerability in the file manager which allowed back end users
to download files from the `tl_files` directory even if they were not mounted in
their profile (thanks to Marko Cupic).
### Fixed
Fixed a potential XSS vulnerability in the undo module (thanks to Oliver Klee).
The issue is not considered critical, because it requires the script tag to be
in the list of allowed HTML tags, which is not the case by default.
### Fixed
The IDNA convert class did not run under PHP 5.2 (see #4044).
* "git p4" (in contrib/) submit the changes to a wrong place when the
"--use-client-spec" option is set.
* The config.mak.autogen generated by optional autoconf support tried
to link the binary with -lintl even when libintl.h is missing from
the system.
* When the filter driver exits before reading the content before the
main git process writes the contents to be filtered to the pipe to
it, the latter could be killed with SIGPIPE instead of ignoring
such an event as an error.
* "git add --refresh <pathspec>" used to warn about unmerged paths
outside the given pathspec.
* The bulk check-in codepath in "git add" streamed contents that
needs smudge/clean filters without running them, instead of punting
and delegating to the codepath to run filters after slurping
everything to core.
* "git branch --with $that" assumed incorrectly that the user will never
ask the question with nonsense value in $that.
* "git bundle create" produced a corrupt bundle file upon seeing
commits with excessively long subject line.
* When a remote helper exits before reading the blank line from the
main git process to signal the end of commands, the latter could be
killed with SIGPIPE. Instead we should ignore such event as a
non-error.
* The commit log template given with "git merge --edit" did not have
a short instructive text like what "git commit" gives.
* "git rev-list --verify-objects -q" omitted the extra verification
it needs to do over "git rev-list --objects -q" by mistake.
* "gitweb" used to drop warnings in the log file when "heads" view is
accessed in a repository whose HEAD does not point at a valid
branch.
* An invalid regular expression pattern given by an end user made
"gitweb" to return garbled response.
### Fixed
Store the date added when creating an admin user upon installation (see #4054).
### Fixed
Purge the Zend Optimizer+ cache after writing the local configuration file.
### Fixed
The IDNA convert class did not run under PHP 5.2 (see #4044).
### Fixed
Inject error messages of checkbox and radio groups inside the fieldset, so they
can be associated with it (accessibility) and do not break the CSS formatting.
This change does not require any template adjustments (see #3392).
### Fixed
Correctly handle tabs and line breaks when importing CSV data (see #4025).
### Fixed
Event feeds did not show the date anymore (see #4026).
### Fixed
Preserve absolute URLs in style sheets in the Combiner (see #4002).
### Fixed
Support all kinds of keydown events in the stylect plugin, so options can be
selected by pressing the first key of their label (see #3812).
### Added
Added a separate version check for LTS releases.
### Fixed
Prevent the auto_item feature from generating duplicate content (see #4012).
### Fixed
Do not add the `language` parameter when forwarding to a page (see #4011).
### Fixed
The date picker in the back end did not work correctly due to MooTools failing
to parse dates correctly (see #3954).
### Fixed
The TinyMCE links popup failed under certain conditions (see #3995).
### Fixed
Correctly add the language to insert tag links (see #3983).
### Fixed
When creating an admin user in the install tool, the username was not validated
correctly (see #4006).
### Updated
Updated MooTools to version 1.4.5 which fixes a critical bug.
### Fixed
Relative URLs are now validated correctly (`'rgxp'=>'url'`) (see #3792).
### Fixed
Adjust the submit button height in Opera (see #3940).
### Fixed
The front end preview drop-down menu did not use the stylect plugin.
### Fixed
Use the Facebook sharer instead a third-party app (see #3990).
### Fixed
Preserve IE conditionals like `[if (lt IE 9) & (!IEMobile)]` when replacing
ampersands in the front end (see #3985).
### Fixed
Set the maximum length of `inputUnit` fields to 200 (see #3987).
### Fixed
If an image with a title was added to a text element, the lightbox did not show
the title anymore (see #3986).
### Fixed
The hyperlink element did not output the link title anymore (see #3973).
### Fixed
Send a 404 header and do not index or cache a page if there is a pagination menu
and the `page` parameter is outside the range of existing pages. Now that list
and reader modules can be shown on the same page, it is likely that those pages
will be cached. This fix prevents the search index and temporary directory from
being flooded with non-existing resources (such as `?page=100000`).
### Fixed
Fixed the module wizard so you can use the stylect menu of a duplicated element
without having to reload the page (see #3970).
### New
Added the Slovenian translation of the TinyMCE "typolinks" plugin (thanks a lot
to Davor) (see #3952)
### Fixed
Fixed the "getContentElement", "getFrontendModule" and "getForm" hooks, so they
pass the generated content to the callback function (see #3962).
### Fixed
Correctly handle pages with the alias name "index" (see #3961).
### Fixed
Patched the MooTools core script to fix the accordion effect (see #3956).
### Fixed
The slimbox style sheets are now compatible with the combiner.
Tue Jan 31 17:50:24 CET 2012
Releasing 0.9.19. -CG
Mon Jan 30 20:02:34 CET 2012
Fixed handling of garbage prior to first multipart boundary
(#2126). -woof
Fri Jan 27 11:00:43 CET 2012
Fixed postprocessor failure for applications that enclosed boundary
in quotes (#2120). -woof
Tue Jan 24 16:07:53 CET 2012
Added configure check for sin_len in 'struct sockaddr' and adding
code to initialize this field if it exists now. -CG
2012-03-06 816834c [RELEASE] Release of TYPO3 4.6.5 (TYPO3 v4 Release Team)
2012-03-06 594422a [TASK] Raise submodule pointer (TYPO3 v4 Release Team)
2012-03-06 785c57f #31560 [BUGFIX] Form: Confirmation value relies on label value (Oliver Hader)
2012-03-06 b65e7c6 #31561 [BUGFIX] Form: Add more semantic classes for elements (Oliver Hader)
2012-03-06 d2eb584 #17061 [BUGFIX] Translated mailform should use localized email (Michael Stucki)
2012-03-06 053fa54 #25003 [BUGFIX] Check minitems for TCAtree (Georg Ringer)
2012-03-06 bc0a1f6 #31711 [BUGFIX] Validation for multiple forms on one page (Niki Mueller)
2012-03-06 6ecadd5 #30162 [BUGFIX] Sporadic memcache error on server load (Dmitry Dulepov)
2012-03-06 678b01b #30892 [BUGFIX] t3lib_BEfunc::getViewDomain() returns wrong or no domain (Jaume Prat)
2012-03-06 050b0f6 #33089 [BUGFIX] Media element does not recognize short YouTube links (Robert Heel)
2012-03-06 9d4b379 #28526 [BUGFIX] Unset stdWrap of select.pidInList (Marc Bastian Heinrichs)
2012-03-06 777dd7a #33761 [BUGFIX] Remove early return in PageTreeDataProvider (Georg Ringer)
2012-03-06 46d11b5 #32467 [BUGFIX] Warnings in tcemain on iterating over unset columns (Mario Rimann)
2012-03-06 1c3e896 #33214 [BUGFIX] TypoLink: absolute urls when installed in subfolder (Nils Seinschedt)
2012-03-06 0b8e2e9 #32732 [BUGFIX] Add the title and increase width of the multiple select boxes (Thomas Layh)
2012-03-06 48f39b6 #23347,#30623 [BUGFIX] Misleading error with empty USER_INT (Philipp Gampe)
2012-03-05 3820d5f #33160 [BUGFIX] tslib_pibase: Outdated PHPDoc comment for pi_loadLL() (Stefan Rotsch)
2012-02-29 7830f88 #34427 [TASK] Remove typo3/logomenu.php (Christian Kuhn)
2012-02-28 f0516cd [TASK] Raise submodule pointer (TYPO3 v4 Release Team)
2012-02-27 be1d6e4 #32600 [TASK] Add clear l10n cache when the user clear all cache (Dominique Feyer)
2012-02-27 d083f5a #31460 [BUGFIX] flock() calls in TYPO3 prevent NFS hosting (Dmitry Dulepov)
2012-02-27 4844254 #32013 [BUGFIX] Fatal error if pear package http_request2 is installed (Philipp Gampe)
2012-02-27 44ec00b #33866 [BUGFIX] show uid of reference in show_item.php (Johannes Feustel)
2012-02-27 27254e4 #32159 [TASK] Invalid SQL and bad code in tslib_fe (Dmitry Dulepov)
2012-02-27 ad4d468 #34135 [BUGFIX] PHP Warning when moving a record (Xavier Perseguers)
2012-02-21 fe06955 #25083 [BUGFIX] Content rendering: Definition lists in RTE are wrapped in p (Stanislas Rolland)
2012-02-19 c674ade #30272 [BUGFIX] Don't save form protection error messages in session (Helmut Hummel)
2012-02-19 35ab732 #17947 [BUGFIX] TCE: error message if no label has been set in TCA (Mario Rimann)
2012-02-18 0f808fb #34030 [BUGFIX] getAllowedItems called with one parameter too much (Stefan Neufeind)
2012-02-18 b0a6371 #33116 [BUGFIX] Scheduler BE module fails to load due to autoloader issues (Christian Kuhn)
2012-02-17 bc453f7 [TASK] Additional unit tests for t3lib_div::mkdir and mkdir_deep (Loek Hilgersom)
2012-02-13 73dc398 #33897 [BUGFIX] htmlArea RTE: Target of localized string may be empty (Stanislas Rolland)
2012-02-13 45ecb4c #33515 [BUGFIX][t3editor] (De-)Activating does not work in Chrome (Steffen Gebert)
2012-02-13 47f9312 #33889 [BUGFIX] htmlArea RTE: Default skin inconsistent with ExtJS xtheme-blue (Stanislas Rolland)
2012-02-12 729b93b #32073 [BUGFIX] IRRE translation links shouldn't be shown if no parent (Georg Ringer)
2012-02-12 bf6adfb #32650 [BUGFIX] Confusing error message in reports module (Markus Klein)
2012-02-12 6736402 #31573 [BUGFIX] .inc files still call cObj->checkEmail (Markus Klein)
2012-02-11 1bc7ba3 #28298 [BUGFIX] Resetting of input field to default when having a range fails (Philipp Kitzberger)
2012-02-10 6affdae #21102 [BUGFIX] IRRE: Selected items remain in selector with foreign_unique (Stanislas Rolland)
2012-02-10 a9e4868 #28684 [BUGFIX] Formmail doesn't always use correct character set (Jigal van Hemert)
2012-02-10 0c8891e #33457 [BUGFIX] RTE: Removing div from formatblock selector may not work (Stanislas Rolland)
2012-02-10 a270cd0 #32408 [BUGFIX] htmlArea RTE: CSS class names are lowercase in WebKit (Stanislas Rolland)
2012-02-09 ba84381 #19925 [BUGFIX] *IFSUB ignores l18n_cfg field (Stefan Galinski)
2012-02-09 eeddbce#32253 [BUGFIX] Shortcut redirect ignores linkVars syntax (Stefan Galinski)
2012-02-09 2f03826 #33448 [BUGFIX] Loading of an IRRE element with subtabs freezes and breaks browsers (Stefan Galinski)
2012-02-09 e5a594c #31252 [BUGFIX] saltedpasswords update task only updates 42 records (Mario Rimann)
2012-02-08 487bf94 #32693 [BUGFIX] TSconfig option hides table pages_language_overlay (Stefan Geith)
2012-02-08 51c33cf #33697 [BUGFIX] SQL error in extension manager (Philipp Gampe)
2012-02-08 3aa0ca8 #32161 [BUGFIX] Invalid "unequal"-statement and string-quoting in SQL (Stefan Neufeind)
2012-02-07 569f7f5 #31761 [BUGFIX] Live search must implement search properties (Francois Suter)
2012-02-07 5dad87c #20211 [BUGFIX] Release locked records during logout (Tolleiv Nietsch)
2012-02-07 e31b1c2 #24274 [BUGFIX] Prevent compression of scripts that use ajax.php (Steffen Kamper)
2012-02-07 9513c75 #33704 [BUGFIX] SQL parser does not support NULL as default value (Xavier Perseguers)
2012-02-06 e604334 #31959 [BUGFIX] "Show page" does not use a proper URL scheme (Dmitry Dulepov)
2012-02-06 147184a #32136 [TASK] Reports module uses internal data of salted passwords (Dmitry Dulepov)
2012-02-06 ccf3b64 #33637 [BUGFIX] RTE: Some toolbar elements may not be correctly initialized (Stanislas Rolland)
2012-02-03 34a2b2f Revert "[BUGFIX] RTE: Some toolbar elements may not be correctly initialized" (Stanislas Rolland)
2012-02-03 0fe7280 #32422 [BUGFIX] Encoding error in TCEforms inline JavaScript (Manuel Stofer)
2012-02-03 7634e9e #30352 [BUGFIX] Bookmarks to pages don't work (Stefan Galinski)
2012-02-03 74c0a47 #32046 [BUGFIX] t3lib_div::validPathStr() fails on certain file names (Dmitry Dulepov)
2012-02-03 8db8b53 #32877 [BUGFIX] htmlArea RTE: Changing the text color to black does not work (Stanislas Rolland)
2012-02-03 28d52ea #33644 [BUGFIX] htmlArea RTE: Firefox may report error when setting a color (Stanislas Rolland)
2012-02-02 844be40 #33637 [BUGFIX] RTE: Some toolbar elements may not be correctly initialized (Stanislas Rolland)
2012-01-31 65bc925 #26690 [BUGFIX] Adjust shortcut mode labels for selected/current page (Stefan Neufeind)
2012-01-28 66df2c0 Revert "[BUGFIX] Scheduler BE module fails to load due to autoloader issues" (Christian Kuhn)
2012-01-28 460ac97 #32580 [BUGFIX] Reports module shows unnecessary info text (Markus Klein)
2012-01-28 c0a45f1 #33116 [BUGFIX] Scheduler BE module fails to load due to autoloader issues (Dmitry Dulepov)
2012-01-28 c669bda #23843 [BUGFIX] Broken datepicker on unsaved flexform sections (Stefan Rotsch)
2012-01-28 e9f765c #32111 [BUGFIX] TYPO3 prompts to select position when there are no pages (Dmitry Dulepov)
2012-01-28 c9716ed #32231 [BUGFIX] Unlimited memory limit handling in system status report (Mario Rimann)
2012-01-28 7940fac #21591 [BUGFIX] Warnings in BE when using "Find filename" (Dmitry Dulepov)
2012-01-28 c98c767 #32261 [BUGFIX] Fix permissions and create group in mkdir_deep (Loek Hilgersom)
2012-01-28 e9d63ff #32892 [BUGFIX] spriteManager for Clear RTE Cache icon (Felix Kopp)
2012-01-27 a31819b #31300 [TASK] Improve debugTrail() to better handle includes (Markus Klein)
2012-01-26 1dd4147 #33466 [BUGFIX] htmlArea RTE: Some attributes wrongly unset by "Edit element" (Stanislas Rolland)
2012-01-26 2816aaf #20069 [BUGFIX] Misinterpretation of memory_limit setting in install tool (Mario Rimann)
2012-01-26 1708c15 #33455 [BUGFIX] Marker not removed from file module (Ernesto Baschny)
2012-01-26 cf3d423 #30469 [BUGFIX] Sorting of localized records is wrong after copying (Stanislas Rolland)
2012-03-06 cd448d5 [RELEASE] Release of TYPO3 4.5.12 (TYPO3 v4 Release Team)
2012-03-06 cc0d923 [TASK] Raise submodule pointer (TYPO3 v4 Release Team)
2012-03-06 fd59df3 #33089 [BUGFIX] Media element does not recognize short YouTube links (Robert Heel)
2012-03-06 004321b #32732 [BUGFIX] Add the title and increase width of the multiple select boxes (Thomas Layh)
2012-03-06 95d6c66 #23347,#30623 [BUGFIX] Misleading error with empty USER_INT (Philipp Gampe)
2012-03-05 5910017 #33160 [BUGFIX] tslib_pibase: Outdated PHPDoc comment for pi_loadLL() (Stefan Rotsch)
2012-02-29 4424489 #34427 [TASK] Remove typo3/logomenu.php (Christian Kuhn)
2012-02-28 726bf5c [TASK] Raise submodule pointer (TYPO3 v4 Release Team)
2012-02-27 cc89244#34135 [BUGFIX] PHP Warning when moving a record (Xavier Perseguers)
2012-02-24 888fe67 #29593 [BUGFIX] EM: make update window modal (Francois Suter)
2012-02-21 8eb7d80 #25083 [BUGFIX] Content rendering: Definition lists in RTE are wrapped in p (Tolleiv Nietsch)
2012-02-19 1fda8a3 #30272 [BUGFIX] Don't save form protection error messages in session (Helmut Hummel)
2012-02-19 ed8e160 #17947 [BUGFIX] TCE: error message if no label has been set in TCA (Mario Rimann)
2012-02-18 478db05 #34030 [BUGFIX] getAllowedItems called with one parameter too much (Stefan Neufeind)
2012-02-18 0417bfa #33116 [BUGFIX] Scheduler BE module fails to load due to autoloader issues (Tolleiv Nietsch)
2012-02-17 990b81d [TASK] Additional unit tests for t3lib_div::mkdir and mkdir_deep (Loek Hilgersom)
2012-02-13 8e0bda4 #33897 [BUGFIX] htmlArea RTE: Target of localized string may be empty (Stanislas Rolland)
2012-02-13 4755e52 #33889 [BUGFIX] htmlArea RTE: Default skin inconsistent with ExtJS xtheme-blue (Stanislas Rolland)
2012-02-13 0d701dc #33515 [BUGFIX][t3editor] (De-)Activating does not work in Chrome (Steffen Gebert)
2012-02-12 0076dcb #30469 [BUGFIX] Sorting of localized records is wrong after copying (Stanislas Rolland)
2012-02-12 6c04d98 #30162 [BUGFIX] Sporadic memcache error on server load (Dmitry Dulepov)
2012-02-12 8d9730b #32073 [BUGFIX] IRRE translation links shouldn't be shown if no parent (Georg Ringer)
2012-02-12 606192f #32650 [BUGFIX] Confusing error message in reports module (Markus Klein)
2012-02-11 e833828 #28298 [BUGFIX] Resetting of input field to default when having a range fails (Philipp Kitzberger)
2012-02-10 cd481f9 #21102 [BUGFIX] IRRE: Selected items remain in selector with foreign_unique (Stanislas Rolland)
2012-02-10 d52d362 #33457 [BUGFIX] RTE: Removing div from formatblock selector may not workspaces (Stanislas Rolland)
2012-02-10 0bda8f8 #32408 [BUGFIX] htmlArea RTE: CSS class names are lowercase in WebKit (Stanislas Rolland)
2012-02-09 18b0764 #31252 [BUGFIX] saltedpasswords update task only updates 42 records (Mario Rimann)
2012-02-08 e5ee0ee #30352 [BUGFIX] Bookmarks to pages don't work (Stefan Galinski)
2012-02-08 633657b #29498 [TASK] Disable compression for inlineJs in Backend (Steffen Gebert)
2012-02-08 c91dfff #25277 [BUGFIX] Prevent duplicate stdWrap for media content (Alexander Stehlik)
2012-02-07 cc18374 #20211 [BUGFIX] Release locked records during logout (Tolleiv Nietsch)
2012-02-07 91616be #24274 [BUGFIX] Prevent compression of scripts that use ajax.php (Steffen Kamper)
2012-02-06 f690fc9 #31959 [BUGFIX] "Show page" does not use a proper URL scheme (Dmitry Dulepov)
2012-02-06 329f00d #32136 [TASK] Reports module uses internal data of salted passwords (Dmitry Dulepov)
2012-02-06 ff5d585 #33637 [BUGFIX] RTE: Some toolbar elements may not be correctly initialized (Stanislas Rolland)
2012-02-03 7623013 #32422 [BUGFIX] Encoding error in TCEforms inline JavaScript (Manuel Stofer)
2012-02-03 1a885b5#32046 [BUGFIX] t3lib_div::validPathStr() fails on certain file names (Dmitry Dulepov)
2012-02-03 ef1dd9a #32877 [BUGFIX] htmlArea RTE: Changing the text color to black does not work (Stanislas Rolland)
2012-02-03 4667660 #33644 [BUGFIX] htmlArea RTE: Firefox may report error when setting a color (Stanislas Rolland)
2012-02-02 36d6182 #33642 [BUGFIX] RTE Text indicator does not work in Firefox in TYPO3 4.5 (Stanislas Rolland)
2012-02-02 5047f14 #33637 [BUGFIX] RTE: Some toolbar elements may not be correctly initialized (Stanislas Rolland)
2012-01-31 765f532 #27052 [BUGFIX] Context menu of page translation doesn't work in languages view (Andreas Wolf)
2012-01-28 0cb0977 Revert "[BUGFIX] Scheduler BE module fails to load due to autoloader issues" (Christian Kuhn)
2012-01-28 308aba5 #32580 [BUGFIX] Reports module shows unnecessary info text (Markus Klein)
2012-01-28 40af75f #33116 [BUGFIX] Scheduler BE module fails to load due to autoloader issues (Dmitry Dulepov)
2012-01-28 70a5331 #23843 [BUGFIX] Broken datepicker on unsaved flexform sections (Stefan Rotsch)
2012-01-28 1411391 #32111 [BUGFIX] TYPO3 prompts to select position when there are no pages (Dmitry Dulepov)
2012-01-28 aa6d46b #32231 [BUGFIX] Unlimited memory limit handling in system status report (Mario Rimann)
2012-01-28 1c25d92 #21591 [BUGFIX] Warnings in BE when using "Find filename" (Dmitry Dulepov)
2012-01-28 a767877 #32892 [BUGFIX] spriteManager for Clear RTE Cache icon (Felix Kopp)
2012-01-27 fd261f9 #31300 [TASK] Improve debugTrail() to better handle includes (Markus Klein)
2012-01-26 e8c1d42 #33466 [BUGFIX] htmlArea RTE: Some attributes wrongly unset by "Edit element" (Stanislas Rolland)
2012-01-26 8070967 #20069 [BUGFIX] Misinterpretation of memory_limit setting in install tool (Mario Rimann)
2012-01-26 71257e5 #33455 [BUGFIX] Marker not removed from file module (Ernesto Baschny)
* merge Trac-0.12.3
* Japanize default Wiki pages
- trac/wiki/default-pages/*
* Japanize Wiki macros document
- trac/wiki/intertrac.py
- trac/wiki/interwiki.py
Trac 0.12.3 (February 6, 2012)
http://svn.edgewall.org/repos/trac/tags/trac-0.12.3
Trac 0.12.3 contains a few minor fixes and a few minor features:
- added compatibility with Subversion 1.7 (#10414)
- make it easier to troubleshoot common startup errors (#10024)
- jQuery upgraded to 1.4.4 (#10001)
- improved fine-grained permission handling in the source browser
(#9976, #10208, #10110)
- added compatibility with MySQL 5.5.3 utf8mb4 databases (#9766)
- ... and dozens more fixes!
from 2.23 to 2.24.
Upstream changes:
#-----------------------------------------------------------------------
# Version 2.24 - 8th February 2012
#------------------------------------------------------------------------
* Added text virtual methods: upper, lower, ucfirst, lcfirst, squote,
dquote, trim, collapse, html and xml.
* Fixed bug RT#67918 - Bug in Makefile.PL command line parsing when 2 =
signs were in an arguement.
* Fixed bug RT#74335 - Added documentation for some methods that were
lacking it to keep Pod::Coverage happy.
## 1.2 / March 2012
* Fix a cookie leak vulnerability effecting large numbers of Rails 3.x
installs: https://github.com/rtomayko/rack-cache/pull/52
* Never 304 on PUT or POST requests.
* Misc bundler and test tooling fixes.
Tomcat 7.0.26 (markt)
Catalina
code Provide constants for commonly used Charset objects
and use these constants where appropriate. (markt)
Refactor the fix for 52184 to correct two issues (a
fix missing class and incorrect class/method names) when
using the extras logging packages. (markt)
52444: Only load classes during HandlesTypes
fix processing if the class is a match. Previously,
every class in the web application was loaded
regardless of whether it was a match or not. (markt)
fix 52488: Correct typo: exipre -> expire. (markt)
add Add a unit test for SSO authentication. Patch
provided by Brian Burch. (markt)
52511: Correct regression in the fix for 51741 that
fix caused a harmless exception to be logged when
scanning for annotations and WEB-INF/classes did not
exist. (markt)
code Refactor to remove a circular dependency between
org.apache.catalina and org.apache.naming. (markt)
Remove some initialisation code from the standard
code start process (i.e. via the scripts) that was
intended for embedding but is not required when
performing a standard start.(markt)
Add new method to MBeanFactory that allows any Valve
add to be created and deprecate the methods to create
specific Valves. (markt)
add Partial sync of MIME type mapping with mime.types
from the Apache web server. (rjung)
52577: Fix a regression in the fix for 52328.
fix Prevent output truncation when reset() is called on
a response. (mark)
52586: Remove an old and now unnecessary hack that
fix modified the path info reported via the
javax.servlet.forward.path_info request attribute
when forwarding to an error page. (markt)
52587: Ensure that if it is necessary to fall back
fix to the default NullRealm, the NullRealm instance is
created early enough for it to be correctly
initialised. (markt)
fix Fix millisecond output in AccessLogValve when using
a SimpleDateFormat based time pattern. (rjung)
52591: When dumping MBean data, skip attributes
fix where getters throw UnsupportedOperationException.
(markt)
52607: Ensure that the extension validator checks
fix the JARs in the shared and common class loaders for
extensions. (markt)
Correct a threading issue in the generation of the
list of standard authenticators during Context
fix initialization that could lead to a web application
failing to start if Contexts were started in
parallel. (markt)
52669: Correct regression that broke annotation
processing in /WEB-INF/classes for web applications
fix deployed as WARs, packageless classes and some
embedding scenarios. The regression was introduced
by the invalid assumptions made in the fix for
51741. (markt)
fix 52671: When dumping MBean data, skip attributes
where getters throw NullPointerException. (markt)
Javadocs
Coyote
51543: Provide a meaningful error message when
add writing more response headers than permitted.
(markt)
52547: Ensure that bytes written (which is used by
fix the access log) is correctly reset after an HTTP 1.0
request has been processed. (markt)
code Minor refactoring to reduce code duplication in the
HTTP connectors. (markt)
52606: Ensure that POST bodies are available for
fix reply after FORM authentication when using the AJP
connectors. (markt)
* Building
Jasper
52474: Ensure that leading and trailing white space
fix is removed from listener class names when parsing TLD
files. (markt)
52480: When converting class path entries from URLs
to files/directories, ensure that any URL encoded
fix characters are converted. Fixes JSP compilation with
javac when Tomcat is installed at a path that
includes spaces. (markt)
fix 52666: Correct coercion order in EL when processing
the equality and inequality operators. (markt)
Web applications
Improve BUILDING.txt. Update instructions for
update building. Add instructions for using Checkstyle
and running the tests. (kkolinko)
38216: Improve handling of null return values in
add the JMX proxy servlet which is part of the Manager
application. (kkolinko)
52515: Make it clear in the Realm how-to in the
fix documentation web application that digested
password storage when using DIGEST authentication
requires that MD5 digests are used. (markt)
fix 52634: Fix typos in JSP examples. Patch provided
by Felix Schumacher. (rjung)
fix 52641: Remove mentioning of ldap.jar from docs.
Patch provided by Felix Schumacher. (rjung)
jdbc-pool
Fix code style issues and enable Checkstyle checks
fix for jdbc-pool when it is built within Tomcat.
(kkolinko)
fix 51582 Correct set and reset the query cache to avoid
NPE (fhanik)
Other
Update Commons Daemon to 1.0.9 to resolve 52548 which
fix meant that services created with service.bat did not
set the catalina.home and catalina.base system
properties. (markt)
Implement check for correct end-of-line characters in
add the source files. It is run as separate target in
build.xml. (kkolinko)
_______________________________________________________________________________
2012-02-18 Release 6.04
Gisle Aas (4):
Typo fix; envirionment [RT#72386]
Implement $ua->is_online test
Add separate option to enable the live jigsaw tests
Merge pull request #10 from trcjr/master
Theodore Robert Campbell Jr (3):
now with put and delete helpers
updated POD
unit tests for ua->put and ua->delete
Peter Rabbitson (1):
These modules work with 5.8.1
_______________________________________________________________________________
2011-10-15 Release 6.03
Ville Skyttä (7):
Link updates.
Attribute documentation wording improvements.
Don't parse robots.txt response content unless it's textual.
Decode robots.txt response content before attempting to parse it.
RobotUA robots.txt response parsing cleanups.
Don't parse HEAD of robots.txt responses.
Request handler doc grammar fixes.
Gisle Aas (6):
Pass on HTTP/1.0 if set as request protocol
Remove outdated docs (not touched since 1996 :-)
Merge pull request #22 from madsen/RT67947-verify_hostname
PERL_LWP_ENV_PROXY tweaks
lwp-request didn't respect -H Content-type [RT#70488]
lwp-request -H didn't allow repeated headers
Christopher J. Madsen (2):
verify_hostname defaults to 0 if ssl_opts provided [RT#67947]
Test verify_hostname setting
Bryan Cardillo (1):
Fix expect header support to work with content refs.
Moritz Onken (1):
add PERL_LWP_ENV_PROXY env variable to enable env_proxy globally
Packaged by <obache> for pkgsrc-wip.
Requested by Julian Fagir in PR pkg/46079
Changes in Opera 11.61
* Security and bug fixes.
Changes in Opera 11.60
* Opera Presto 2.10 rendering engine.
* The user interface for Opera Mail has been redesigned.
* HTML5 parsing algorithm.
* DOM API for HTML5 Microdata.
* Full support for ECMAScript 5.1
* Support for "Khronos Typed Arrays" and XMLHttpRequest Level 2
support for receiving ArrayBuffers.
* Full support for for radial-gradient and repeated-radial-gradient.
* Support for font-relative length rem in CSS and SVG.
* Implemented Google's new geolocation JSON API.
Changes in Opera 11.52
* Security and bug fixes.
Changes in Opera 11.51
* Security and bug fixes.
Changes in Opera 11.50
* Opera Presto 2.9 rendering engine
* Improved deep nesting of the quotes property.
* Support is added to provide the original source line for CSS
rules, benefiting future versions of Opera Dragonfly.
* Improved CSS parsing performance is up to 10-15% faster due to
CSS tokenizing optimizations.
* Updated the list of DOM events visible on window, document and
element objects.
* Support for the dataset attribute on elements which exposes
data-* attributes on an element.
* Support for the <input> element indeterminate attribute for checkboxes.
* Support for the history interface.
* Enabled the classList attribute for HTML and SVG elements.
* Implemented the HTML5 <time> element.
Changes in Opera 11.11
* Security and bug fixes.
Changes in 11.10
* Opera Presto 2.8 rendering engine.
* URL Filter API for Opera extensions.
* Support for the Google WebP image format.
* Declarative UI.
* Improved support for SVG and HTML5 APIs such as Web Storage.
* Support for phrase searching in Opera Mail.
* Search hijacking protection.
* Support for the BeforeCSS and AfterCSS events.
* Partial support for the gradients section of the W3C CSS3
Image Values/Replaced Content module.
* W3C CSS Multi-column Layout Module.
* W3C CSS Device Adaptation (viewport) specification support.
* W3C CSS cursor property values support.
* Removed support for UTS22: 1.4 charset alias matching.
* Support for HTML5 data-* global attributes.
* Support for the SOCKS Protocol Version 5.
* Partial support for the W3C File API.
* Support for the W3C Web Open Font Format (WOFF).
* Security and bug fixes.
Changes:
* Add support for the Max-Age attribute in the Set-Cookie header.
* Added Mechanize::Download#body for compatibility with Mechanize::File when
using Mechanize#get_file with Mechanize::Image or other Download-based
pluggable parser. Issue #202 by angas
* Mechanize#max_file_buffer may be set to nil to disable creation of
Tempfiles.
* MetaRefresh#href is not normalized to an absolute URL, but set to the
original value and resolved later. It is even set to nil when the
Refresh URL is unspecified or empty.
* Expose ssl_version from net-http-persistent. Patch by astera.
* SSL parameters and proxy may now be set at any time. Issue #194 by
dsisnero.
* Improved Mechanize::Page with #image_with and #images_with and
Mechanize::Page::Image various img element attribute accessors, #caption,
#extname, #mime_type and #fetch. Pull request #173 by kitamomonga
* Added MIME type parsing for content-types in Mechanize::PluggableParser
for fine-grained parser choices. Parsers will be chosen based on exact
match, simplified type or media type in that order. See
Mechanize::PluggableParser#[]=.
* Added Mechanize#download which downloads a response body to an IO-like or
filename.
* Added Mechanize::DirectorySaver which saves responses in a single
directory. Issue #187 by yoshie902a.
* Added Mechanize::Page::Link#noreferrer?
* The documentation for Mechanize::Page#search and #at now show that both
XPath and CSS expressions are allowed. Issue #199 by Shane Becker.
* Mechanize now depends on net-http-persistent 2.3+. This new version
brings idle timeouts to help with the dreaded "too many connection resets"
issue when POSTing to a closed connection. Issue #123
* SSL connections will be verified against the system certificate store by
default.
* Added Mechanize#retry_change_requests to allow mechanize to retry POST and
other non-idempotent requests when you know it is safe to do so. Issue
#123
* Mechanize can now stream files directly to disk without loading them into
memory first through Mechanize::Download, a pluggable parser for
downloading files.
* Bug fixes.
Changes:
* The proxy may be changed at any time.
* The allowed SSL version may now be set via #ssl_version.
Issue #16 by astera
* Added Net::HTTP::Persistent#override_headers which allows overriding
* Net::HTTP default headers like User-Agent. See
Net::HTTP::Persistent@Headers for details. Issue #17 by andkerosine
* net-http-persistent now complains if OpenSSL::SSL::VERIFY_PEER is equal to
OpenSSL::SSL::VERIFY_NONE.
* Bug fixes.
(while here, set LICENSE=gnu-lgpl-v2, move empty directory handling to PLIST)
-------
v3.3.13
-------
[mms] SECURITY: Fix XSS vulnerability in email form field validation.
[jan] Fix UTF-8 support with Firefox 10 or later.
[jan] Add support for resetting passwords to LDAP driver.
-------
v3.3.12
-------
[jan] Convert charset of group names in SQL driver (Bug #9611).
[jan] Fix deleting of SyncML anchors if PHP short_open_tag is off (Bug #9349).
[jan] Add an experimental new Share SQL driver with better performance.
[jan] Fix integer overflow in ASN.1 parser for S/MIME messages.
[jan] Fix splitread database usage in VFS (Bug #9467).
[jan] Fix invalidating permission cache in SQL driver (Bug #9392).
pkgsrc changes:
* use own mozilla-common.mk, some dependency differ from recent Firefox.
* switch to use system cairo.
Fixed in Firefox 3.6.27
* MFSA 2012-11 libpng integer overflow
Fixed in Firefox 3.6.26
* MFSA 2012-08 Crash with malformed embedded XSLT stylesheets
* MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files
* MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes
* MFSA 2012-02 Overly permissive IPv6 literal syntax
* MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26)
Fixed in Firefox 3.6.25
* MFSA 2011-59 .jar not treated as executable in Firefox 3.6 on Mac
PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI
implementation with some additional features useful for sites
of any size, especially busier sites.
These features include:
* Adaptive process spawning (NEW!)
* Basic statistics (ala Apache's mod_status) (NEW!)
* Advanced process management with graceful stop/start
* Ability to start workers with different uid/gid/chroot/environment
and different php.ini (replaces safe_mode)
* Stdout & stderr logging
* Emergency restart in case of accidental opcode cache destruction
* Accelerated upload support
* Support for a "slowlog"
* Enhancements to FastCGI, such as fastcgi_finish_request() - a special
function to finish request & flush all data while continuing to do
something time-consuming (video converting, stats processing, etc.)
... and much more.
It was not designed with virtual hosting in mind (large amounts of pools)
however it can be adapted for any usage model.
* IP Filter declar function debug(...) visible to user land.
* Squid defines is own cpp(1) macro debug() before include system's
header files.a
Build problem noted by pettai@ via private mail.
Drupal 7.12, 2012-02-01
----------------------
- Fixed bug preventing custom menus from receiving an active trail.
- Fixed hook_field_delete() no longer invoked during field_purge_data().
- Fixed bug causing entity info cache to not be cleared with the rest of caches.
- Fixed file_unmanaged_copy() fails with Drupal 7.7+ and safe_mode() or
open_basedir().
- Fixed Nested transactions throw exceptions when they got out of scope.
- Fixed bugs with the Return-Path when sending mail on both Windows and
non-Windows systems.
- Fixed bug with DrupalCacheArray property visibility preventing others from
extending it (API change: http://drupal.org/node/1422264).
- Fixed bug with handling of non-ASCII characters in file names (API change:
http://drupal.org/node/1424840).
- Reconciled field maximum length with database column size in image and
aggregator modules.
- Fixes to various core JavaScript files to allow for minification and
aggregation.
- Fixed Prevent tests from deleting main installation's tables when
parent::setUp() is not called.
- Fixed several Poll module bugs.
- Fixed several Shortcut module bugs.
- Added new hook_system_theme_info() to provide ability for contributed modules
to test theme functionality.
- Added ability to cancel mail sending from hook_mail_alter().
- Added support for configurable PDO connection options, enabling master-master
database replication.
- Numerous improvements to tests and test runner to pave the way for faster test
runs.
- Expanded test coverage.
- Numerous API documentation improvements.
- Numerous performance improvements, including token replacement and render
cache.
Drupal 6.24, 2012-02-01
----------------------
- Improved performance of search indexing and user operations by adding indexes.
- Fixed issues with themes getting disabled due to missing locking in
system_theme_data().
- Fix issue with blocks being disabled on updates in _block_rehash().
- Further improvements to PHP 5.3, PHP 4 and PostgreSQL compatibility.
- Improved code documentation at various places.
- Fixed a variety of other bugs.
Language translation files for Contao Open Source CMS version 2.11.x.
From this package, it contains only ready for Conao 2.11.0 and curretly
it supports French, Italian, Japanese, Latvian, Dutch, Polish, Portuguese,
Romanian, Russian and Swedish.
* Multilingual website URLs
* Global style sheet variables
* Improved FAQ module
* News archive/Event list/FAQ list/ and each reader on the same page
* Disabling the CSS framework
* Make style sheets static
* Modified request token system
* Contao safe mode
* Autogenerated local configuration files
* Adding system messages
* Insert tag changes
* Website root pages are required
* Make ListView output a table
* Embed Google web fonts
* Advanced image crop modes
* Forced password change
* Privacy settings
* Updated plugins (not extension)
* New hooks
* New methods in the File/Folder class
* Remove some old function
* Fix MESSAGE.
* Sort DEPENDS.
Changelog:
* Add some features (online text editing, PDF viewer, and Photo Gallery etc.).
* Some improvements.
See http://owncloud.org/owncloud-3-release/
- Improved documentation.
- Improved tests.
- Fixed Hypnotoad HTTPS bug.
- Fixed small URL escaping bug in Mojo::UserAgent::Transactor.
- Fixed small MIME::Base64 and MIME::QuotedPrint related bugs in
Mojo::Util. (sestegra, sri)
2.47 2012-02-06 00:00:00
- Deprecated Hypnotoad configuration files in favor of more powerful
application configuration files.
- Deprecated Mojo::Server::Daemon->prepare_ioloop in favor of
Mojo::Server::Daemon->start.
- Deprecated Mojo::Headers->x_forwarded_for.
- Added EXPERIMENTAL config method to Mojo.
- Added EXPERIMENTAL ca attribute to Mojo::UserAgent.
- Added EXPERIMENTAL drain event to Mojo::Content.
- Added EXPERIMENTAL drain event to Mojo::Transaction::WebSocket.
- Added EXPERIMENTAL support for RSV1-3 flags to
Mojo::Transaction::WebSocket.
- Added EXPERIMENTAL tls_ca option to Mojo::IOLoop::Client->connect.
- Added lock_timeout parameter to Hypnotoad.
- Removed experimental status from JSON Pointer support.
- Removed Cygwin exception from Hypnotoad.
- Replaced drop_handle and drop_timer methods in Mojo::IOWatcher with
drop method.
- Renamed change and watch methods in Mojo::IOWatcher to watch and
io.
- Renamed resume and pause methods in Mojo::IOLoop::Server to start
and stop.
- Renamed resume and pause methods in Mojo::IOLoop::Stream to start
and stop.
- Added pdf MIME type. (bfaist)
- Improved documentation.
- Improved tests.
- Improved CSS of some built-in templates.
- Fixed bug that prevented newer dual-life modules to be loaded.
- Fixed small bug in Mojo::IOLoop::Stream that caused close events to
fail sometimes.
- Fixed small relative URL detection bug in get command.
2.46 2012-01-25 00:00:00
- Added EXPERIMENTAL request_timeout attribute to Mojo::UserAgent.
- Added EXPERIMENTAL text_after and text_before methods to Mojo::DOM.
- Improved all uses of syswrite to be more defensive. (bduggan, sri)
- Improved documentation.
- Improved tests.
- Fixed small parser bug in Mojo::Message::Response.
- Fixed small partial rendering bug.
- Fixed small HTML5 parser bug in Mojo::DOM::HTML. (dougwilson)
2.45 2012-01-18 00:00:00
- Removed T-Shirt link.
- Fixed small caching bug in Mojolicious::Plugin::EPRenderer.
- Fixed typo in exception template.
2.44 2012-01-18 00:00:00
- Added new not_found page for development mode.
- Added EXPERIMENTAL url_with helper to
Mojolicious::Plugin::DefaultHelpers. (diegok, marcus, judofyr, sri)
- Added EXPERIMENTAL support for removing query parameters while
merging to query method of Mojo::URL. (marcus, judofyr, sri)
- Removed experimental status from Mojo::IOLoop::Delay.
- Removed defer method from Mojo::IOLoop.
- Improved exception page for development mode.
- Improved syntax highlighting in perldoc browser slightly.
- Improved Mojo::Base tests.
- Improved documentation.
- Fixed Mojo::Command->app to be an attribute and not a method.
- Fixed Mojo::ByteStream, Mojo::Collection and Mojo::DOM to not be
subclasses of Mojo::Base.
- Bug fixes:
- Prevent a segmentation fault when de-chunking buffered content.
It could be triggered by malicious web servers if Privoxy was
configured to filter the content and running on a platform
where SIZE_T_MAX isn't larger than UINT_MAX, which probably
includes most 32-bit systems.
- Do not expect a response from the SOCKS4/4A server until it
got something to respond to. This regression was introduced
in 3.0.18 and prevented the SOCKS4/4A negotiation from working.
- General improvements:
- Fix an off-by-one in an error message about connect failures.
- Use a GNUMakefile variable for the webserver root directory and
update the path. Sourceforge changed it which broke various
web-related targets.
- Update the CODE_STATUS description.
compatibility with Subversion 1.7 (#10414)
easier troubleshooting of common startup errors (#10024)
jQuery upgraded to 1.4.4 (#10001)
improve fine-grained permission handling in the source browser (#9976, #10208, #10110)
... and dozens more fixes!
Unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels. Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between Unicorn and slow clients.
Raindrops is a real-time stats toolkit to show statistics for Rack HTTP
servers. It is designed for preforking servers such as Rainbows! and
Unicorn, but should support any Rack HTTP server under Ruby 1.9, 1.8
and Rubinius on platforms supporting POSIX shared memory. It may also
be used as a generic scoreboard for sharing atomic counters across
multiple processes.
* mdwn: Added nodiscount setting, which can be used to avoid using the
markdown discount engine, when maximum compatability is needed.
* Switch to YAML::XS to work around insanity in YAML::Mo. Closes: #657533
* cvs: Ensure text files are added in non-binary mode. (Amitai Schlair)
* cvs: Various cleanups and testing. (Amitai Schlair)
* calendar: Fix strftime encoding bug.
* shortcuts: Fixed a broken shortcut to wikipedia (accidentially
made into a shortcut to wikiMedia).
* Various portability improvements. (Amitai Schlair)
- SECURITY: CVE-2011-3368 (cve.mitre.org)
Reject requests where the request-URI does not match the HTTP
specification, preventing unexpected expansion of target URLs in
some reverse proxy configurations. [Joe Orton]
- SECURITY: CVE-2011-3607 (cve.mitre.org)
Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
is enabled, could allow local users to gain privileges via a .htaccess
file. [Stefan Fritsch, Greg Ames]
- SECURITY: CVE-2011-4317 (cve.mitre.org)
Resolve additional cases of URL rewriting with ProxyPassMatch or
RewriteRule, where particular request-URIs could result in undesired
backend network exposure in some configurations.
[Joe Orton]
- SECURITY: CVE-2012-0021 (cve.mitre.org)
mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
string is in use and a client sends a nameless, valueless cookie, causing
a denial of service. The issue existed since version 2.2.17. Bug#52256.
[Rainer Canavan <rainer-apache 7val com>]
- SECURITY: CVE-2012-0031 (cve.mitre.org)
Fix scoreboard issue which could allow an unprivileged child process
could cause the parent to crash at shutdown rather than terminate
cleanly. [Joe Orton]
- SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
- mod_proxy_ajp: Try to prevent a single long request from marking a worker
in error. [Jean-Frederic Clere]
- config: Update the default mod_ssl configuration: Disable SSLv2, only
allow >= 128bit ciphers, add commented example for speed optimized cipher
list, limit MSIE workaround to MSIE <= 5. [Kaspar Brand]
- core: Fix segfault in ap_send_interim_response(). Bug#52315.
[Stefan Fritsch]
- mod_log_config: Prevent segfault. Bug#50861. [Torsten Foertsch
<torsten.foertsch gmx.net>]
- mod_win32: Invert logic for env var UTF-8 fixing.
Now we exclude a list of vars which we know for sure they dont hold UTF-8
chars; all other vars will be fixed. This has the benefit that now also
all vars from 3rd-party modules will be fixed. Bug#13029 / 34985.
[Guenter Knauf]
- core: Fix hook sorting for Perl modules, a regression introduced in
2.2.21. Bug#45076. [Torsten Foertsch <torsten foertsch gmx net>]
- Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
A range of '0-' will now return 206 instead of 200. Bug#51878.
[Jim Jagielski]
- Example configuration: Fix entry for MaxRanges (use "unlimited" instead
of "0"). [Rainer Jung]
- mod_substitute: Fix buffer overrun. [Ruediger Pluem, Rainer Jung]
Please note that all the security fixes had been integrated into
"pkgsrc" as patches previously.
Changes:
0.16 24 Jan 2012
- Remove superfluous call to ->setup in test app
0.15 18 Jan 2012
- Moose-ified to fix https://rt.cpan.org/Ticket/Display.html?id=74132 (karpet)
0.14 18 Nov 2010
- Added "page_size" config option per RT #62335 (karpet)
Changelog:
0.32 2011-06-08
- Fix handling with enables verify_address and add related test
0.31 2010-10-08
- Fix session being loaded by call to dump_these in debug mode
(RT#58856)
Changelog:
1.36 2011-10-24 17:58:00
- New apps send an X-Catalyst header by default (this can be
disabled by changing the config in the generated app)
- Fix leaking temporary files in tests. RT#59166
- Fix generated Makefile.PL to always contain unix style paths,
even on Win32. RT#65456
- Fix tests generated for controllers generated with --mechanize
to work with newer versions of Test::WWW::Mechanize::Catalyst
- bump Module::Install dep to 1.02
- Removed stderr hiding from 'make catalyst_par' to display errors
from PAR::Packer
1.35 2011-09-05 13:05:00
- Stop requiring Starman and MooseX::Daemonize on Win32 as they're
optional components in Catalyst::Runtime and won't install
on Windows.
- Fix test to work on Windows.
1.0.2:
Bug Fixes
Fix bug in scheduling on POST request.
Fix permissions on user create via external auth.
Add a default min_age for external binds.
Other Changes
Prevent external binds from being created/updated if curl is missing.
Add check to setup page to test whether curl is installed.
Allow for silly programs that send content-type XML with a GET request.
Support use of HTTP_AUTHORIZATION in addition to AUTHORIZATION cgi.
Handle VCARD adr/tel/email which have multiple types.
Set the default URL to the default calendar name rather than /home/
Enable the file upload for addressbook collections.
Handle addressbook import along with calendar import.
Write UID and REV property n VCARD if they are missing.
Update translations to current transifex translations.
1.0.1:
Bug Fixes
Fix missing braces the /tools.php script.
Other Changes
Update translations to current transifex translations.
1.0.0:
Functionality Enhancements
Handle DELETE scheduling actions.
Bug Fixes
Handle bound resources correctly in sync-collection report.
When creating an external bind don't consider local host as external
Fix logic error in hide_TODO setting.
Make hide_alarm work on bound resources.
Correct bug in sync-collection report response.
Fix BIT24 casting for the LDAP driver.
Fix for MOVE into a bound location.
Correctly calculate the next alarm time.
Make sync-collection handle new format for sync token.
Don't allow a / in the UID to infect the path on import.
Fix propfind depth:1 on bind to external url
Correct handling of empty CardDAV:address-data element in request.
Fix handling of active flag for general external authentication mechanisms.
Fix LDAP user creation where memcached support is off.
Fix handling of numeric usernames.
Other Changes
Catch missing-xml in request separately from invalid-xml.
Add the "CardDAV" word into DAViCal's description.
Improve expand performance by only doing expansion if we know we need it.
Use supplied content_type even on zero-length requests.
Strip URL-unfriendly characters from UID before using it as URL segment.
Slightly more helpful 403 response.
Remove password from LDAP log messages.
Tooltips for schedule-deliver and schedule-send.
Current localisations from Transifex.
Update e-mail address to current one, mention wiki.
Force output buffers to be flushed, if they're turned on.
Update refresh-alarms script to newer style initialisation.
Update website to reflect new default calendar name.
Rationalise confidential event rewriting.
Add the $c->hide_alarms functionality into DAVResource class.
Allow LDAP sync to work if the date is reasonable and no 'format_updated' is set.
We don't need to test for the PostgreSQL non-PDO drivers now.
Switch out deprecated LDAP mappings before we use them anywhere.
Add test for PHP filter module and wiki links for each test.
External bind changes, added a clean up button, urls now show for external collections and added a few strings for translation
Fixed in 7.24.0 - January 24 2012
Release contains security-related bug fix
Changes:
* CURLOPT_QUOTE: SFTP supports the '*'-prefix now
* CURLOPT_DNS_SERVERS: set name servers if possible
* Add support for using nettle instead of gcrypt as gnutls backend
* CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes
* Added CURLOPT_ACCEPTTIMEOUT_MS
* configure: add symbols versioning option --enable-versioned-symbols
Bugfixes:
* curl was vulnerable to a data injection attack for certain protocols CVE-2012-0036
* curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL
* SSL session share: move the age counter to the share object
* -J -O: use -O name if no Content-Disposition header comes!
* protocol_connect: show verbose connect and set connect time
* query-part: ignore the URI part for given protocols
* gnutls: only translate winsock errors for old versions
* POP3: fix end of body detection
* POP3: detect when LIST returns no mails
* TELNET: improved treatment of options
* configure: add support for pkg-config detection of libidn
* CyaSSL 2.0+ library initialization adjustment
* multi interface: only use non-NULL socker function pointer
* call opensocket callback properly for active FTP
* don't call close socket callback for sockets created with accept()
* differentiate better between host/proxy errors
* SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5
* multi: handle timeouts on DNS servers by checking for new sockets
* CURLOPT_DNS_SERVERS: fix return code
* POP3: fixed escaped dot not being stripped out
* OpenSSL: check for the SSLv2 function in configure
* MakefileBuild: fix the static build
* create_conn: don't switch to HTTP protocol if tunneling is enabled
* multi interface: fix block when CONNECT_ONLY option is used
* Fix connection reuse for TLS upgraded connections
* multiple file upload with -F and custom type
* multi interface: active FTP connections are no longer blocking
* Android build fix
* timer: restore PRETRANSFER timing
* libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM
* appconnect time fixed for non-blocking connect ssl backends
* do not include SSL handshake into time spent waiting for 100-continue
* handle dns cache case insensitive
* use new host name casing for subsequent HTTP requests
* CURLOPT_RESOLVE: avoid adding already present host names
* SFTP mkdir: use correct permission
* resolve: don't leak pre-populated dns entries
* --retry: Retry transfers on timeout and DNS errors
* negotiate with SSPI backend: use the correct buffer for input
* SFTP dir: increase buffer size counter to avoid cut off file names
* TFTP: fix resending (again)
* c-ares: don't include getaddrinfo-using code
* FTP: CURLE_PARTIAL_FILE will not close the control channel
* win32-threaded-resolver: stop using a dummy socket
* OpenSSL: remove reference to openssl internal struct
* OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled
* OpenSSL: fix PKCS#12 certificate parsing related memory leak
* OpenLDAP: fix LDAP connection phase memory leak
* Telnet: Use correct file descriptor for telnet upload
* Telnet: Remove bogus optimisation of telnet upload
* URL parse: user name with ipv6 numerical address
* polarssl: show cipher suite name correctly with 1.1.0
* polarssl: havege_rand is not present in version 1.1.0 WARNING, we still use the old API which is said to be
insecure
* gnutls: enforced use of SSLv3
Mon Jan 23 14:02:26 CET 2012
Fixed double-free if specified cipher was not valid (during
MHD_daemon_start). Releasing 0.9.18. -CG
Thu Jan 19 22:11:12 CET 2012
Switch to non-blocking sockets for all systems but Cygwin
(we already used non-blocking sockets for GNU/Linux); also
use non-blocking sockets on Cygwin for HTTPS as this is
required to avoid DoS-by-partial-record via gnutls. On
Cygwin, #1824 implies that we need to use blocking sockets
for HTTP on Cygwin for now. -CG
Thu Jan 19 17:46:05 CET 2012
Fixing use of uninitialized 'earliest_deadline' variable in
MHD_get_timeout which can lead to returning an incorrect
(too early) timeout (#2085). -tclaveirole
Thu Jan 19 13:31:27 CET 2012
Fixing digest authentication for GET requests with URI arguments
(#2059). -CG
Sat Jan 7 17:30:48 CET 2012
Digest authentication expects nonce count in base 16, not base 10
(#2061). -tclaveirole
Thu Jan 5 22:01:37 CET 2012
Partial fix for #2059, digest authentication with GET arguments. -CG
Thu Dec 1 15:22:57 CET 2011
Updated authorization_example.c to actually demonstrate the current
MHD API. -SG
Mon Nov 21 18:51:30 CET 2011
Added option to suppress generation of the 'Date:' header to be
used on embedded systems without RTC. Documented the new option
and the configure options. -CG
* no compiler languages is required to build.
* `/usr/bin/env python' shebang are also be handled with REPLACE_PYTHON.
* distutils pkg, register egg-info.
* add an patch for python27, from upstream repo.
Bump PKGREVISION.
ChangeLog:
v0.46 (released 2012/01/11):
* improvements
HTTP::DAV should now be working with more WebDAV servers.
We are more flexible in what content types we consider to be XML.
Thanks Ron1 and Adam for the feedback and patches.
v0.45 (released 2011/09/18):
* bug fixes
- Fixed RT #69439 (http://rt.cpan.org/Public/Bug/Display.html?id=69439),
insecure /tmp files handling in dave client.
* improvements
- Added -tmpdir option to dave client.
- Reorganized distribution layout to match usual CPAN practice
- Removed remains of svn-era ($Id and such...)
v0.44 (released 2011/06/19):
* bug fixes
- Fixed RT #68936 (http://rt.cpan.org/Public/Bug/Display.html?id=68936),
Fixed errors() method that would bomb out when the "_errors" attribute
wasn't initialized. Thanks to Michael Lackoff for reporting.
v0.43 (released 2011/04/12):
* bug fixes
- Fixed RT #38677 (http://rt.cpan.org/Public/Bug/Display.html?id=38677),
Intercept correctly 405 (Method now allowed) errors and report them
to the clients.
v0.42 (released 2010/11/07):
* bug fixes
- Fixed RT #60457 (http://rt.cpan.org/Public/Bug/Display.html?id=60457),
Added and documented possibility to pass your own custom HTTP headers.
- Fixed errors in the code examples in the synopsis.
updated to 0.14
ChangeLog:
0.14 Mon Jan 16 22:00:00 GMT 2012
- Also allow single quotes in attribute expressions,
as seems to be allowed
per http://www.w3.org/TR/CSS2/syndata.html
0.13 Sun Jan 15 18:52:00 GMT 2012
- Added C<prefix> option to add a prefix like C<xhtml>,
contributed by Toby Inkster
This closes RT #73719
0.12 Thu Nov 24 22:13:00 GMT 2011
- Add tests and fix negated selectors as reported
by Nilson Santos Figueiredo Junior
ChangeLog:
0.09 2011-04-01 16:35:50 Europe/London
- Basic conversion to Dist::Zilla/git
- Tidies to keep Perl::Critic happier
- Removed use of naked filehandles
- Reworked tests to not use predicable temp file name
- Collapsed duplicate code to a single version
- Various documentation tweaks
- Change of maintainer as PODMASTER cannot be contacted
ChangeLog:
2011-10-15 Release 3.69
Gisle Aas (4):
Documentation fix; encode_utf8 mixup [RT#71151]
Make it clearer that there are 2 (actually 3) options for handing "UTF-8 garbage"
Github is the official repo
Can't be bothered to try to fix the failures that occur on perl-5.6
Barbie (1):
fix to TokeParser to correctly handle option configuration
Jon Jensen (1):
Aesthetic change: remove extra ;
Ville Skyttä (1):
Trim surrounding whitespace from extracted URLs.
ChangeLog:
2.10 Tue Dec 6 11:16:16 CST 2011
HTML::Lint is now explicitly licensed under Artistic License 2.0,
instead of the vague "same terms as Perl itself."
[FIXES]
Tags that were self-closed were being ignored. For example, if you had
<img src="blah.jpg" />
then HTML::Lint would ignore the tag. This has been fixed.
ChangeLog:
5.90007 - 2011-11-22 20:35:00
New features:
- Implement a match_captures hook which, if it exists on an action,
is called with the $ctx and \@captures and is expected to return
true to continue the chain matching and false to stop matching.
This can be used to implement action classes or roles which match
conditionally (for example only matching captures which are integers).
Bug fixes:
- Lighttpd script name fix is only applied for lighttpd versions
< 1.4.23. This should fix non-root installs of lighttpd in versions
over that.
- Prepare_action is now inside a try {} block, so that requests containing
bad unicode can be appropriately trapped by
Catalyst::Plugin::Unicode::Encoding
5.90006 - 2011-10-25 09:18:00
New features:
- A new 'run_options' class data method has been added to Catalyst.pm
This is used to store all the options passed by scripts, allowing
application authors to add custom options to their scripts then
get them passed through to the application.
Doumentation:
- Clarify that if you manually write your own .psgi file, then optional
proxy support (via the using_frontend_proxy config value) will not be
enabled unless you explicitly apply the default middlewares from
Catalyst, or you apply the middleware manually.
Bug fixes:
- Fix issue due to perl internals bugs in 5.8 and 5.10 (not present in
other perl versions) require can pass the context inappropriately,
meaning that some methods of loading classes can fail due to void
context being passed throuh to make_immutable, causing it to not return
a value.
This bug caused loading Catalyst::Script::XXX to fail and is fixed
both by bumping the Class::Load dependency, and also adding an explicit
'1;' to the end of the classes, avoiding the context issue.
- Fix using_frontend_proxy support in mod_perl by using the psgi wrapped
in default middleware in mod_perl context, rather than the raw psgi.
5.90005 - 2011-10-22 13:35:00
New features:
- $c->uri_for_action can now take an array of CaptureArgs and Args
If you have an action which has both, then you can now say:
$c->uri_for_action('/myaction', [@captures, @args]);
whereas before you had to say:
$c->uri_for_action('/myaction', [@captures], @args);
The previous form is still supported, however in many cases it is
easier for the application code to not have to differentiate between
the two.
- Catalyst::ScriptRunner has been enhanced so that it will now
load and apply traits, making it easier to customise.
- MyApp::TraitFor::Script (if it exists) will be applied to all
scripts in the application.
- MyApp::TraitFor::Script::XXXX will be applied to the relevant script
(for example MyApp::TraitFor::Script::Server will be applied to
MyApp::Script::Server if it exists, or Catalyst::Script::Server
otherwise).
Documentation:
- Document how to get the vhost of the request in $c->req->hostname
to avoid confusion
- Remove documentation showing Global / Regex / Private actionsi
as whilst these still exist (and work), they are not recommended.
- Remove references to the -Engine flag.
- Remove references to the deprecated Catalyst->plugin method
- Spelling fixed (and tested) throughout the documentation
- Note that wrapping the setup method will not work with method modifiers
and provide an alternative.
5.90004 - 2011-10-11 17:12:00
Bug fixes:
- Don't guess engine class names when setting an engine through
MyApp->engine_class.
5.90003 - 2011-10-05 08:32:00
Bug fixes:
- Make default body reponses for 302s W3C compliant. RT#71237
- Fix issue where groups of attributes to override controller actions
in config would be (incorrectly) overwritten, if the parser for that
attribute mangled the contents of the attribute. This was found
with Catalyst::Controller::ActionRole, where Does => [ '+Foo' ]
would be transformed to Does => [ 'Foo' ] and written back to config,
whereas Does => '+Foo' would not be changed in config. RT#65463
Enhancements:
- Set a matching Content-type for the redirect if Catalyst sets the
body. This is for compatibility with a WatchGuard Firewall.
Backward compatibility fixes:
- Restore (an almost empty) Catalyst::Engine::HTTP to the dist for old
scripts which explictly require Catalyst::Engine::HTTP
Documentation fixes:
- Document Catalyst::Plugin::Authentication fails tests unless
you use the latest version with Catalyst 5.9
- Clarify that prepare is called as a class method
- Clarify use of uri_for further. RT#57011
Changelog:
1.47 Oct 21, 2011
[ BUG FIXES ]
- Silenced an uninitalized value warning from ApacheHandler with newer
versions of Perl. RT #61900.
1.46 Aug 1, 2011
[ DOCS ]
- Mention Mason 2 in documentation
(change to register distutils egg-info)
Version 7.19.0 [requires libcurl-7.19.0 or better]
--------------
* Added CURLFILE, ADDRESS_SCOPE and ISSUERCERT options,
as well as the APPCONNECT_TIME info.
* Added PRIMARY_IP info (patch by
Yuhui H <eyecat at gmail.com>).
* Added support for curl_easy_reset through a
new 'reset' method on curl objects
(patch by Nick Pilon <npilon at oreilly.com>).
* Added support for OPENSOCKET callbacks.
See 'tests/test_opensocket.py' for example
usage (patch by Thomas Hunger <teh at camvine.com>).
Version 7.18.2
--------------
* Added REDIRECT_URL info and M_MAXCONNECTS option
(patch by Yuhui H <eyecat at gmail.com>).
* Added socket_action() method to CurlMulti objects.
See 'tests/test_multi_socket_select.py' for example
usage (patch by Yuhui H <eyecat at gmail.com>).
* Added AUTOREFERER option.
* Allow resetting some list operations (HTTPHEADER,
QUOTE, POSTQUOTE, PREQUOTE) by passing an empty
list to setopt (patch by Jim Patterson).
Version 7.18.1
--------------
* Added POST301, SSH_HOST_PUBLIC_KEY_MD5,
COPYPOSTFIELDS and PROXY_TRANSFER_MODE options.
* Check for static libs in setup.py to better detect
whether libcurl was linked with OpenSSL or GNUTLS.
* PycURL is now dual licensed under the LGPL and
a license similar to the cURL license (an MIT/X
derivative).
patch-aa covered upstream
#-----------------------------------------------------------------------
# Version 2.23 - 21st January 2012
#------------------------------------------------------------------------
* Fixed bug RT#47929 which caused the XS Stash to die mysteriously when
calling code that used string evaluation (e.g. DateTime).
* Fixed bug RT#68722 so that list.defined('alpha') always returns false.
* Added the TRACE_VARS option to keep track of what variables are used
in a template. It's not documented yet. See t/trace_vars.t for an
example of use.
* Applied patch from RT#48989 to avoid Template::Plugin::Procedural
from adding target class' methods AUTOLOAD and new methods multiple
times (Jens Rehsack)
* Applied patch from RT#53451 to accept negative epoch times in
Template::Plugin::Date.
* Applied patch from Marc Remy to add $Template::Directive::WHILE_MAX
option to tpage.
1.38 Fri Oct 28 10:12:48 CDT 2011
------------------------------------
[FIXES]
Now passes tests even if HTML::Lint is not installed.
There are no other changes in 1.38.
1.36 Thu Oct 27 00:09:21 CDT 2011
------------------------------------
[ENHANCEMENTS]
The $mech object autolint argument can now take an HTML::Lint object.
This lets you pass your own HTML::Lint object that does less stringent
checking than the one T:W:M creates.
20111103 Thu Nov 3 12:14:21 PDT 2011
Bug Fixes
* URI::URL::strict will no longer leak out of find() if the callback
or filter fails. [rt.cpan.org 71153] (Carl Chambers)
20111020 Thu Oct 20 17:31:56 PDT 2011
Bug Fixes
* Things which look like URIs, but aren't, are now properly escaped like
other text. [rt.cpan.org 71658]
New Features
* Balanced parens in URIs are no longer stripped. Example:
"http://example.com/foo(bar)" (Merten Falk)
1.71 Tue Nov 14 13:50:41 EDT 2011
========================================
[ENHANCEMENTS]
Recognise application/xhtml+xml as HTML.
[DOCUMENTATION]
Improved docs about support of JavaScript
Typo fixes.
[TESTS]
Updated tests as oops-music.com is in utf-8 now
Fixes many security advisories, see below in the changelog.
Highlights
MDL-28710 - CSS class names have been added for rating div/span elements
enabling theming
MDL-29579 - Question text included in export of quiz statistics report in
Moodle 2.1
Functional changes
MDL-19147 - Single Simple forums are no longer targets for moving (and losing)
discussions
MDL-30273 - Students and teachers can add additional topics to a simple forum
discussion
Security issues
MSA-12-0001 - Recaptcha transmission consistency issue
MSA-12-0003 - Added password protection
MSA-12-0004 - Added profile image security
MSA-12-0005 - Encryption enhancement
MSA-12-0006 - Additional email address validation
MSA-12-0007 - Email injection prevention
MSA-12-0008 - Unsynchronised access via tokens
MSA-12-0009 - Role access issue
MSA-12-0010 - Unauthorised access to session key
MSA-12-0011 - Browser autofill password issue
MSA-12-0012 - Form validation issue
Fixes and improvements
MDL-30376 - Glossary RSS feed no longer generates error
MDL-30378 - Site page links fixed in Navigation blocks
MDL-30460 - Wiki image dropdown includes files with upper case suffixes
MDL-30466 - Writing to database fixed for restoring a course with uses course
completion
MDL-30569 - Editing the front page when defaulthomepage = mymoodle now works as
expected
MDL-28180 - Duplicating an assignment that has course completion enabled no
longer breaks course completion for the course
MDL-27314 - It is now possible to delete or regrade quiz attempts in separate
groups mode
MDL-29730 - Fixed Lesson question shortanswer with regexp option
MDL-30260 - Emailstop option fixed
PR 45852.
dillo-3.0.2 [December 05, 2011]
+- Digest authentication
Patch: Justus Winter, corvid
+- text-transform property
- If not following redirection, show body of redirecting page.
- Middle click on stylesheet menu item opens in new tab/window.
- Improve handling of combining characters.
- Locale-independent ASCII character case handling (fixes Turkic locales).
Patches: corvid
+- Rework line breaking and fix white-space:nowrap handling.
Patch: Johannes Hofmann
+- Bind Ctrl-{PageUp,PageDown} to tab-{previous,next}.
Patch: Jeremy Henty
=== RELEASE 2.5 ===
Sat Dec 24 20:30:41 MET 2011 mikulas:
Use icon in pmshell
Wed Dec 21 01:46:04 cet 2011 mikulas:
Do not guess compression type from extension if Content-Type is html
Mon Dec 19 03:09:04 MET 2011 mikulas:
Recognise tgz extension
Sun Dec 18 21:33:52 cet 2011 mikulas:
Fixed some visual glitches in the list editor, window is automatically
resized with the terminal
Fixed a crash if the user changes bookmarks location while some bookmark
editing dialog was displayed
Fixed a bug that bookmark location couldn't be changed on text-only
builds
Removed save bookmarks menu option, bookmarks are saved always when
closing bookmark window
Fri Dec 16 02:12:37 MET 2011 mikulas:
Search for viewer application according to file extension if the server
returns content type application/x-<compression method>.
Tue Dec 6 20:03:21 cet 2011 mikulas:
Implemented forward history
Sun Dec 4 11:35:17 CET 2011 mikulas:
Fixed memory leaks or lockups if a connection between
two links instances was unexpectedly broken
Implemented a handshake in the communication protocol so that
different Links versions won't communicate with each other
Fixed a possible lockup if the user presses key and the master
Links instance disconnects at the same time
Sun Dec 4 06:05:03 CEST 2011 mikulas:
Use AF_UNIX on Windows
Tue Nov 29 02:44:44 CET 2011 mikulas:
Do not send spaces in Accept-Charset
Mon Nov 28 03:03:26 CET 2011 mikulas:
Identify compier in User-Agent
Sun Nov 27 02:28:35 cet 2011 mikulas:
Heap in high memory on OS/2
Fri Nov 25 01:25:56 CET 2011 mikulas:
Support lzma compression
=== 2.0.16 ===
5 Jan 2011
- Add sample for Docs List API to delete ACL.
- Added support for label deletion in the Email Settings API client library
- Added a sample for Email Settings create label and filters with exponential
back-off
- Added sample for enabling pop settings using Email Settings API
- Fixed typo in analytics sample.
- Fixed ACL batching URI in Docs.
- Updated RetrieveAllUsers and RetrieveAllAliases to return all pages instead
of one.
- Removing force=True from some ACL requests in DocsClient
- Added RetrieveGroups method and updated RetrieveAllGroups and
RetrieveAllMembers method
- Added a quick start sample for user provisioning
- Added a client for organization unit provisioning
- Added client architecture for group provisioning
- Added a new sample for multidonain provisioning. Demonstrates all the
functions available.
- Added test for RetrieveAllUserAliases and changed OAuth scopes for Apps
- Added client architecture for provisioning api and tests for client
- Added support for batch requests to update spreadsheet cells.
- Added GetAcl alias for get_acl in DocsClient
- Added new ACL and get by ID methods to DocsClient.
- Added some conditional imports for tlslite.
- Updates to category handling for Documents list API
- Added a function to retrieve all the aliases for a given user email.
- Fixed#553
=== 2.0.15 ===
18 Oct 2011
- New Documents List API client
- Added support for MDM Provisioning API
- Added Batch support for Documents List API ACL changes
- Added category handling for Documents List API client
- Added commenter role to Documents List API client
- Added support for gContact:status
- Added subdomain support for Email Settings API
- Added support for Apparel attributes in Content API for Shopping client
- Added Documents List sample
- Added Sample for Provisioning API with OAuth2
- Added Sample for Email Settings API with OAuth2
- Added Sample for Provisioning API with Sites and Profiles API
- Fixed Youtube client to use SSL
- Fixed Sites API sample to use SSL
- Removed Google Base Data API support
- Issues closed:
#190, #206, #215, #230, #268, #270, #279, #281, #288, #296, #303, #312,
#346, #363, #399, #424, #435, #483, #492, #494, #498, #508, #512, #516,
#526, #532, #533, #534, #541, #547
2.43 2012-01-08 00:00:00
- Improved most commands with shortcut options.
- Improved get command to automatically enable verbose mode for HEAD
requests. (simotrone)
- Improved documentation.
2.42 2012-01-02 00:00:00
- Deprecated Test::Mojo->max_redirects.
- Removed exprimental status from respond_to method in
Mojolicious::Controller.
- Removed experimental status from error event in Mojo::UserAgent.
- Removed experimental status from connect_timeout attribute in
Mojo::UserAgent.
- Removed experimental status from connection event in
Mojo::Transaction.
- Removed experimental status from upgrade event in
Mojo::Asset::Memory.
- Removed experimental status from auto_upgrade and max_memory_size
attributes in Mojo::Asset::Memory.
- Removed experimental status from part event in
Mojo::Content::MultiPart.
- Removed experimental status from upgrade event in
Mojo::Content::Single.
- Removed experimental status from auto_upgrade attribute in
Mojo::Content::Single.
- Removed experimental status from body event in Mojo::Content.
- Removed experimental status from mojo_lib_dir and slurp_rel_file
methods in Mojo::Home.
- Removed experimental status from message event in Mojo::Log.
- Removed experimental status from contains method in Mojo::Path.
- Removed test_server method from Test::Mojo.
- Renamed test_server method in Mojo::UserAgent to app_url.
- Improved RFC 6265 compliance of generated request headers.
- Improved documentation.
- Fixed bug that prevented sessions without expiration.
2.41 2011-12-28 00:00:00
- Deprecated Mojo::Cookie->version.
- Deprecated Mojo::Cookie::Response->comment and
Mojo::Cookie::Response->port.
- Removed experimental status from group feature of
Mojolicious::Lite.
- Removed experimental status from Mojo::Collection.
- Removed experimental status from Mojolicious::Plugin::Mount.
- Removed experimental status from dnt and etag methods in
Mojo::Headers.
- Improved session expiration by allowing it to be disabled.
(nwatkiss, sri)
- Improved session cookies to always enable the HttpOnly flag.
(nwatkiss, sri)
- Improved RFC 6265 compliance of cookie implementation.
- Improved documentation.
2.40 2011-12-24 00:00:00
- Added EXPERIMENTAL JSON Pointer support. (crab)
- Improved inactivity timeouts by allowing them to be disabled.
- Improved class detection of inflate command.
- Improved documentation.
- Fixed small bug in Mojo::IOLoop::Server that prevented TLS tests
from running parallel. (nwatkiss)
- Fixed repository to not favor specific editors.
2.39 2011-12-22 00:00:00
- Deprecated all keep_alive_timeout attributes and parameters in
favor of inactivity_timeout.
- Added EXPERIMENTAL error event to Mojo::UserAgent.
- Added EXPERIMENTAL local_address attribute to Mojo::UserAgent.
- Added EXPERIMENTAL local_address option to
Mojo::IOLoop::Client->connect.
- Added EXPERIMENTAL close method to Mojo::IOLoop::Stream.
- Added "hello.pl" and "fast.pl" to example scripts.
- Removed log attribute from Mojo::UserAgent.
- Removed MOJO_STATIC_CLASS and MOJO_TEMPLATE_CLASS environment
variables.
- Improved documentation. (marcus, vervain, sri)
- Improved tests for many environment variables.
- Fixed Morbo to ignore hidden directories.
- Fixed small argument bug in client method of Mojo::IOLoop.
- Fixed small memory leak in Mojo::IOLoop::Stream.
- Fixed multiple small error reporting bugs in Mojo::UserAgent.
- Fixed online tests to not be affected by geographical location.
(marcus)
2.38 2011-12-17 00:00:00
- Changed Mojo::IOLoop->client arguments from ($loop, $stream, $err)
to ($loop, $err, $stream).
- Improved resilience of Mojo::IOLoop::Stream.
- Improved documentation. (marcus, sri)
- Improved tests.
- Fixed memory leaks caused by named capture groups bug in Perl.
(plu, sri)
- Fixed small cleanup bug in Mojo::Asset::File.
- Fixed small multipart bug in Mojo::Message. (augensalat)
- Fixed missing status method in Mojo::Headers. (crab)
- Fixed small Mojo::IOLoop::Stream timeout bug.
== MediaWiki 1.17.2 ==
2012-01-11
This a maintenance and security release of the MediaWiki 1.17 branch.
=== Security changes ===
* (bug 33117) prop=revisions allows deleted text to be exposed through cache pollution.
=== Changes since 1.17.1 ===
* (bug 32709) Private Wiki users were always taken to Special:Badtitle on login.
== MediaWiki 1.17.1 ==
2011-11-24
This a maintenance and security release of the MediaWiki 1.17 branch.
=== Security changes ===
* (bug 32276) Skins were generating output using the internal page title which
would allow anonymous users to determine wheter a page exists, potentially
leaking private data. In fact, the curid and oldid request parameters would
allow page titles to be enumerated even when they are not guessable.
* (bug 32616) action=ajax requests were dispatched to the relevant internal
functions without any read permission checks being done. This could lead to
data leakage on private wikis.
What's new in 1.5.2 (December 2011)
===================================
Pertinent to users:
1. Fixed a warning that pops up when doing ``pip install pyblosxom``
2. Removed debug logging from pycategories
What's new in 1.5.1 (December 2011)
===================================
Pertinent to users:
-------------------
1. Fixed a problem with the manifest so ``python setup.py install``
works again.
2. Fixed the WHATSNEW so it shows correct version and date for
1.5 release.
What's new in 1.5 (December 2011)
=================================
Pertinent to users:
-------------------
1. Renamed the project from PyBlosxom to Pyblosxom (no more CamelCase).
2. I moved all the plugins again. This time, instead of being in
``plugins/``, they're now in ``Pyblosxom/plugins/``.
You no longer have to copy core plugins into your plugins
directory. Instead of copying core plugin files, refer to the
plugins in your ``config.py`` file using their full Python path in
the Pyblosxom package.
For example, the pycalendar plugin is now in
``Pyblosxom/plugins/pycalendar.py`` and thus its Pyblosxom
package path is ``Pyblosxom.plugins.pycalendar``. Your
``config.py`` file would look have this::
py["load_plugins"] = [
...
"Pyblosxom.plugins.pycalendar",
...
]
If you do this, then the next time you upgrade PyBlosxom, the
plugins will be upgraded automatically.
Further, documentation for plugins is at the top of the individual
plugin files, but also in the documentation. This includes a list
of the plugins available in the core.
.. only:: text
You can see the plugin documentation in docs/plugins/.
.. only:: html
You can see the plugin documentation at :ref:`part-two`.
3. Plugins added: markdown_parser, readmore
4. Plugins changed:
pages
* Fixed documentation and error messages for ``pagesdir``.
* Fixed frontpage checking. Should catch / as well as /index
now.
* Adds more examples to documentation.
tags
* Increased tag cloud range from 3 sizes to 5.
* Adds truncate support.
* Fixes problems with initialization when building tags so that
it initializes plugins allowing them to do startup things.
This fixes problems with plugins that augment entry parsers.
rst
* renamed it to rst_parser so it's clearer what it is
pycategories
* fixed category_start/category_begin behavior for root category
* fixed the first example of settings in the documentation
the rest of the plugins: pep8 fixes and documentation updates
5. Plugins removed from Pyblosxom: commentAPI
6. Fixes error handling for loading plugins. When doing
``pyblosxom-cmd test`` and a plugin fails to load, it'll now tell
you. When using the debug renderer and a plugin fails to load,
it'll now tell you.
7. Lot of work on simplifying and improving the documentation.
8. Added a ``static_yearindexes`` setting. Set it to True to generate
year indexes and False to not generate year indexes.
Pertinent to developers
-----------------------
1. I removed all the extra infrastructure for testing plugins.
Plugins that come with the core are now in the Pyblosxom package
and their tests are in ``Pyblosxom/tests/``.
2. Adds *generate* subcommand to pyblosxom-cmd. This makes it easier
to test blogs and plugins that do things with entries.
3. Renamed ``PyBlosxomWSGIApp`` class to ``PyblosxomWSGIApp``.
4. Renamed ``PyBlosxom`` class to ``Pyblosxom``.
5. Moved the project from gitorious to github. The new git repository
is at `<http://github.com/willkg/pyblosxom>`_.
6. Removed ``VERSION_DATE`` and ``VERSION_SPLIT``. They're kind of
silly and don't really help much.
I moved the version to ``Pyblosxom/_version.py``. Use it like
this::
from Pyblosxom import __version__
print __version__
I updated the documentation accordingly.
new major release, many changes, most notably:
-syntax scanner speed improvement
-UI and feature improvements
-new languages: Google Go, Vala and Ada
-zencoding support
* mdwn: Can use the discount markdown library, via the
Text::Markdown::Discount perl module. This is preferred if available
since it's the fastest currently supported markdown library, speeding up
ikiwiki's markdown rendering by a factor of 40.
(However, when multimarkdown is enabled, Text::Markdown::Multimarkdown
is still used.)
* On Debian, depend on libtext-markdown-discount.
pkgsrc changes:
* Change Perl Markdown dependency to p5-Text-Markdown-Discount.
clear BUILDLINK_INCDIRS.heimdal. Otherwise -I/usr/include/krb5 appears
in CFLAGS, which breaks the build because the compiler finds krb5's
base64.h instead of Amaya's. krb5 is pulled in by curl, which is a
several-times-indirect dependency, and nothing in this package uses
it, or apparently anything that needs it, directly.
what I did is going to work... or that the code that was here previously
ever worked or actually did what anyone upstream intended. C++ is fun
that way.
* django-mptt now a proper dependency
* Django 1.3 support
* View permissions
* django-sekizai instead of PluginMedia
* Toolbar must be enabled explicitly in templates
* Static files moved to /static/
* Dropped support for django-dbgettext
look at blocks. With django-sekizai you can define placeholders where your
blocks get rendered and at different places in your templates append to those
blocks. This is especially useful for css and javascript. Your subtemplates can
now define css and javscript files to be included, and the css will be nicely
put at the top and the javascript to the bottom, just like you should. Also
sekizai will ignore any duplicate content in a single block.
Django Models and working with trees of Model instances.
MPTT is a technique for storing hierarchical data in a database. The aim is to
make retrieval operations very efficient.
The trade-off for this efficiency is that performing inserts and moving
items around the tree is more involved, as there's some extra work
required to keep the tree structure in a good state at all times.
= 1.3.2 / 2011-12-30
* Don't automatically add `Rack::CommonLogger` if `Rack::Server` is adding it,
too. (Konstantin Haase)
* Setting `logging` to `nil` will avoid setting up `Rack::NullLogger`.
(Konstantin Haase)
* Route specific params are now available in the block passed to #stream.
(Konstantin Haase)
* Fix bug where rendering a second template in the same request, after the
first one raised an exception, skipped the default layout. (Nathan Baum)
* Fix bug where parameter escaping got enabled when disabling a different
protection. (Konstantin Haase)
* Fix regression: Filters without a pattern may now again manipulate the params
hash. (Konstantin Haase)
* Added examples directory. (Konstantin Haase)
* Improved documentation. (Gabriel Andretta, Markus Prinz, Erick Zetta, Just
Lest, Adam Vaughan, Aleksander Dąbrowski)
* Improved MagLev support. (Tim Felgentreff)
Changes:
* Show warnings for JsonCsrtf attacks.
* do not enable parameter escaping by default, fixes#8.
* Use more specific namespace declaration in Rack::Builder configuration.
* NotimpelentedError typo fix
* add test that makes sure passingin on :track option works. related to #6.
* deal with PATH_INFO being nil, fixes#7.
* do not track HTTP_VERSION, fixes#6.
These patches enable optimizations that allow video play w/o stuttering.
Other i386 and x86_64 platforms need the same optimizations, so this is
only a partial fix of the PR.
Version 2.10.4 (2011-12-30)
---------------------------
- Fixed: the Environment class did not always return the correct script name
(#3603)
- Fixed: close the connection after sending a file to the browser (#3602)
- Fixed: the new Ajax cron trigger did not work in IE8 due to missing
Date.now() support (#3681)
- Fixed: do not block ressources required by the Google website preview in the
robots.txt file (#3688)
- Fixed: correctly update the cache after a new template has been created
(#3676)
- Fixed: correctly handle HTML comments in inline JavaScripts (#3696)
- Fixed: get the next autoincrement ID when importing a theme so deleted
themes can be restored (#3604)
- Fixed a few minor issues
* Consume all stdin when rcs_receive short-circuits, to avoid git SIGPIPE race.
* Add path and path_natural sort orders (smcv)
* Test coverage can be checked with make coverage (smcv)
* tag: encode categories using numeric values. (tango)
