Changes:
* the version string now only contains info about (sub) package versions,
while for example krb4 and ipv6 now only are available as 'features'
* added curl_easy_reset()
* socks proxy support even when libcurl is built ipv6-enabled
* read callbacks can stop the transfer by returning CURL_READFUNC_ABORT
* libcurl-tutorial.3 is the new man page formerly known as
libcurl-the-guide
* additional SSL trace data might be sent to the debug callback using two
new types: CURLINFO_SSL_DATA_IN and CURLINFO_SSL_DATA_OUT
* multipart formposts can upload files larger than system memory
* the curl tool continues with the next URL even if one transfer fails
* FTP 3rd party transfer support - seven new setopt() options
Bugfixes:
* UTF-8 encoded certificate names can now be verified properly
* krb4 link problem
* HTTP Negotiate service name now provided in uppercase
* no longer accepts any cookies with domain set to just a TLD
* HTTP Digest properties without quotes in the header
* bad Host: header case on re-used connections over proxy
* duplicate Host: header case on re-used connections
* curl -o name#[num] now works when no globbing for [num] exists
* test suite runs fine with valgrind 2.1.x
* negative Content-Length is ignored
* test 505 runs fine on windows
* curl_share_cleanup() crash
* --trace files now get the final info lines too
* multi interface connects fine to multi-IP resolving hosts
* --limit-rate works on Mac OS X (and other systems with bad poll()s)
* cookies can now hold 4999 bytes of content
* HTTP POST/PUT with NTLM/Digest/Negotiate to a URL returning 3XX
* HTTPS POST/PUT over a proxy requiring NTLM/Digest/Negotiate
* less restrictive libidn requirements, 0.4.1 or later is fine
* HTTP POST or PUT with Digest/Negotiate/NTLM selected but the server
didn't require any authentication
* win32 file:// transfer free memory bug
* configure --disable-http builds a libcurl without HTTP support
* CURLOPT_FILETIME had wrong type in curl.h, it expects a long argument
* builds fine with Borland on Windows
* the msvc curllib.dsp now builds the libcurl.lib file
* builds fine on VMS
* builds fine on NetWare
* HTTP Digest authentication with proxies uses correct user name + password
* builds fine with lcc-win32
already in pkgsrc) include:
o CGI status is now properly handled (-a flag has been removed)
o CGI file upload support works
o %xy translations are no longer ever applied after the first '?',
ala RFC2396. from lukem
o daemon mode (-b) should no longer hang spinning forever if it
sees no children. from lukem
o new .bzabsredirect file support. from <martin@netbsd.org>
o return a 404 error if we see %00 or %2f (/)
o don't print 2 "200" headers for CGI
o support .torrent files
Changes:
* New File selectors are used when compiled with GTK+ 2.4 or
later. (Nathan Conrad)
* XML parsers now detect namespaces based on their URL. (Nathan
Conrad)
* UTF-16 formatted documents are now supported. Please complain if
you have problems! This may also help other encodings that
contain NULL bytes in their datastreams.
* More favicons are now detected (HTML pages are now searched for
links to the favicons). (Nathan Conrad)
* Authenticated proxies are now supported via the GNOME proxy
settings and http_proxy environment variable. (Nathan Conrad)
* Help feeds are no longer downloaded at every startup.
* Support for photo blog RSS modules. (Lars Lindner)
* There is a new preference option in the "Headline Display"
tab to change the key binding for skimming through the
articles. It now defaults to Ctrl-Space instead of simply
Space. This is to allow using forms with Mozilla. If you
prefer Space please set it explicitly in the preferences.
(Lars Lindner)
* GConf schemas have been added to document the various gconf
keys that Liferea uses and provide control of defaults by
computer administrators. (Nathan Conrad)
* Notification popups now show the favicon of the feeds for
easier recognizing. (Lars Linder)
* Session manager support. This makes the lock file removed when
a user logs out without first cloning Liferea. (Lots of code from
gaim, but integrated into Liferea by Nathan Conrad)
* Fixed bug where some invalid feeds were causing their item lists
to be erased when they were updated. (Nathan Conrad)
* Fixed bug that may crash the program when the libxml2 error
output displayed in the feed description contains invalid
Unicode characters. This was reported by Yanko Kaneti.
(Lars Lindner)
* Fixed bug with incorrect HTML in the condensed mode.
(Jack Lecou)
* Fixed the missing scrolling reset when you display items
with Mozilla (Lars Lindner)
* Fixed a popup menu problems with gtkhtml2, which did not
always show the correct menu reported by hakon_g.
(Lars Lindner)
This script blocks advertising banners on the Web.
Unlike most other similar solutions, BannerFilter does more than simply
block advertising graphics. It also blocks advertising frames on a few
sites, and automatically closes pop-up windows.
- lock icon and certificate spoof with onunload document.write
(Bugzilla#253121)
- Malicious certificates can permanently break HTTPS/SSL (Bugzilla#249004)
Support for Solaris x86 is not available due to lack of a precompiled
binary at this point of time.
Changes since 7.53:
Security
* Denied write-access to properties on objects from scripts that
fail a standard origin check, in order to block potential access
by attackers to user's computer. Fixes critical vulnerability
reported in GreyMagic Security Advisory GM#008-OP.
* Fixed security issue regarding spoofing of the addressfield by
loading other page contents while keeping the URL, reported in
Secunia Advisory SA12162.
* Blocked access to file:/ URLs from documents that are not themselves
loaded from file:/ URLs.
Miscellaneous
* Fixed problem with canceling connections/downloads.
* Cache-size limitation improved.
Changes:
* Update of the Czech translation. (Juraj Kubelka)
* Fixes a bug reported by twentyone that hides the headers
and metadata when the two pane mode (condensed view) is
enabled. (Lars Lindner)
* Favicons downloaded using gzip compression are no longer
corrupted. This might fix some other download problems.
(Nathan Conrad)
* Fixed a parsing bug that treated Atom feed modified/issued
dates as RFC822 instead of ISO6801 dates. (Lars Lindner)
* Fix parsing of atom feeds that do not escape their content.
(Nathan Conrad)
Fix rc.d/apache restart to 'apache_doit stop; apache_doit start'
Now in the case of apache_start=startssl and apache not running,
'rc.d/apache restart' will start apache with startssl.
Collection, from pkgsrc-wip.
Original package by Adam Migus.
Apache::Test is a test toolkit for testing an Apache server with any
configuration. It works with Apache 1.3 and Apache 2.0 and any of its
modules, including mod_perl 1.0 and 2.0. It was originally developed
for testing mod_perl 2.0.
For an extensive documentation see the tutorial:
http://perl.apache.org/docs/general/testing/testing.html
1.26 April 5, 2004
[ BUG FIXES ]
- The fix to make CGIHandler support flush_buffer and autoflush caused
it to not rethrow any exceptions created during the request. If
error_mode was set to 'fatal', then an error would simply cause no
output to be generated. Task id #531.
- A comment in the last line of a component call with content caused a
syntax error in the compiled component. Reported by Todd Goldenbaum.
Task id #530.
- The various request handling methods in CGIHandler once again return
the value of calling the Interp object's exec() method.
- Explicitly handle redirect statuses when an abort exception is
thrown from the Interp object's exec() method. This fixes some
problems when this module was used with David Wheeler's
MasonX::Interp::WithCallbacks module.
- Using a <%shared> block when "in_package" was set to something other
than HTML::Mason::Commands led to an error like "Can't call method
"call_dynamic" on an undefined value". Reported by David Wheeler.
Task id #535.
1.25 December 12, 2003
[ BUG FIXES ]
- CGIHandler did not support $m->flush_buffer or autoflush. Reported
by Shane McCarron.
- Every line in the error stacktrace had a 'g' appended to it in HTML
error mode.
- The HTML error display of the stacktrace was not filtering out some
packages that it should have, so there were extra lines that made it
harder to find the real error.
- Several FakeApache methods were broken: path_info, uri, and
the_request. Reported by Matthias F. Brandstetter.
[ ENHANCEMENTS ]
- The CGIHandler request object now supports the autoflush parameter.
Changes since Opera 7.52:
Security
* Fixed a JavaScript problem that made it possible to show one URL
in the address bar, but load a different URL in the page
(Secunia Advisory SA12028)
Only the Linux binary tested, but updated also the Solaris/FreeBSD version
of the pkg.
for each package can be determined by invoking:
make show-var VARNAME=PKG_OPTIONS_VAR
The old options are still supported unless the variable named in
PKG_OPTIONS_VAR is set within make(1) (usually via /etc/mk.conf).
Collection.
HTML::Scrubber allows a program to sanitize, or scrub, an input in HTML
format in a reliable and flexible way. Moreover, it doesn't depend on
HTML::TreeBuilder, but rather on HTML::Parser.
makes the NetBSD kernel stop whining about file descriptor 0 being
closed when netstat gets run. The script contains everything you
don't want to know.
Bump this pkg to PKGREVISION 3.
Changes:
* A middle mouse click on the itemlist now toggles
read status or the headline flag depending on the
column you click. (Lars Lindner)
* Now favicons that are older than one month are
automatically updated (Lars Lindner)
* The search result now provides an extra column with
the favicon of the feed the found headline belongs to.
(Lars Lindner)
* The mozilla browser module now respects the configured
proxy settings. (Lars Lindner)
* Feed and item information is now properly localized.
(Lars Lindner and Nathan Conrad)
* Popup menu for the systray icon. (James Bowes)
* Improvements for the favicon handling. favicon.ico files are now
retrieved from the webserver path where the feed is
located. favicon.ico in the webserver root is tried only if this
first attempt fails. favicons are now redownloaded every 30
days. (Lars Lindner & Nathan Conrad)
* Liferea now saves when the mainwindow is maximized.
(Marc Deslauriers)
* The gnomevfs2 dependency from GtkHTML2 was removed.
(Nathan Conrad)
* 0.5.1 did falsely encode HTTP URL hash marks as %23.
This is fixed now. (Lars Lindner)
* When a feed source command is executed a useful return
code is set so it won't be unavailable due to missing
status information. (Christophe Barbe)
(bsdi) for i386 to revision 1 after adding scripts that apply tiny
binary patches that stop them from closing fd 0 before running
"netstat -in".
I finally got tired of the warnings from my kernel, so I made the
binaries stop doing it.
changes:
* ZPsycopgDA now support unicode strings and different backend
encodings.
* ZPsycopgDA accept query data as an extra parameter to execute()
(but still no way to give it extra data from inside a ZSQL
This is the code written to accompany Thomas Boutell's book "CGI
Programming in C & Perl". It provides a library of routines for use
in CGI programming, and unlike cgilib-0.5, this library handles the
"multipart/form-data" encoding required to use the FILE input control
type as defined in the HTML specification.
NOTE: It should be aware that there were a few developer visible changes
made from Thomas Boutell's original distribution when integrating it
with the NetBSD packages environment. They are:
1) Instead of being yet another source file which is used in building
the application, the package have been converted totally into a
library format. This library is linked using "-lcgic".
2) As a result of the first item, the developer no longer writes their
entry point under the function name of cgiMain(). Instead, the
user will provide their own main(), and will need to call cgiInit()
before any other cgic function is called.
changes:
This release addresses a vulnerability in mod_python 2.7.9 whereby a
specific query string processed by mod_python would cause the httpd
process to crash.
The previously released version 2.7.9 was supposed to correct this issue,
but is still vulnerable.
There are no other changes or improvements from the previous version in
this release.
If you are currently using mod_python 2.7.9 or earlier, it is highly
recommended that you upgrade to 2.7.10 as soon as possible.
1.3.16:
* Works with Mozilla 1.4 through 1.7, 1.8a1 and trunk
* Add thumbnailing to the Open dialogs
* Improved context menus
* Ensure URL's for frames and redirects don't get saved in the history
* Fix the spinner background with gradient themes
* Fix a crash when removing items in the personal data manager
* Fix reloading of framesets
* Make better use of gtk 2.4 API's
* lots of other bug fixes
1.3.15:
* Works with Mozilla 1.4 through 1.7rc2 and trunk
* Requires gtk+ 2.4
* Major download re-write:
o Much improved robustness; lots of crashes fixed
o Improved filename generation when saving pages
o Pages generated by a POST correctly saved
* Restored offline mode
* Restored ability to block cookie sites when removing cookies
* Improved layout of personal data manager
* Added context menu to links in page info dialog
* Added image save button to page info dialog
* Always show the menubar when F10 is pressed
* Use more stock icons from the current icon theme
* Implement user stylesheet support (put them in ~/.galeon/stylesheets)
version stays at 7.51 due to lack of test facility.
Changes since 7.51 (from the changelog for windows):
Security
Fixed a URI obfuscation weakness enabling impersonation of legitimate web
sites. Illegal characters in addresses will be stripped. This addresses
Security Focus Bugtraq ID #10517.
Solved frame injection vulnerability that allowed for spoofing (Secunia
Advisory SA11978).
Solved certificate verification problem.
Miscellaneous
Changed search.ini to ensure correct default dictionary and encyclopedia
searches. On how to protect customized files from being overwritten, see
Release Note.
Changed main toolbar. Now includes options Open, Save, Print, Find, Home,
Panels, Tile, and Cascade.
Various stability and rendering improvements.
"Show in" submenu for messages now has nested display of nested filters.
Corrected message reply behavior when View > Encoding is set to autodetect.
Fixed SSL renegotiation problem causing login trouble on certain secure sites.
Solved issue concerning JavaScript method "confirm()".
Various encoding-related improvements to accommodate Japanese language
version.
we also want the apxs rules from www/apache/module.mk, since the package's
own Makefile doesn't propagate LDFLAGS; include www/apache/module.mk
AFTER mk/apache.mk, so that the right Apache buildlink3.mk is still used
for the build
Version 3.1.3
Apache module that embeds the Python interpreter
As discussed on the mailing list, this package builds and runs for the
most part but fails if the web server has too many backends. Adding it
breaks nothing and does add functionality. I will file a PR to keep
track of the remaining issue.
the author Gergely Nagy in PR pkg/25318.
Changes:
* Thy 0.9.3 [Dead Gardens] -- 2004-06-30
Fixed a minor information leak in the virtual hosting code, noticed
by Jerome Magnin. Also fixed a couple of memory leaks and disabled
meta-data caching by default.
* Thy 0.9.2 [Re-connect] -- 2004-06-15
The major reason for this release is a discovery of a possible Denial
Of Service attack against Thy, one which can easily crash a Thy
process. However, this was just a NULL-dereference, which can not be
used to execute arbitrary code. And is fixed in this release.
Also, epoll support was disabled in this release.
* Thy 0.9.1 [Hurt] -- 2004-06-05
When Thy starts a helper process (such as the Authoriser or the
Worker), she will close and reopen the connection to syslog with a
different ID.
There is also a new option to limit how many bytes Thy will use for
mapping files into memory. When the limit is reached, no mmapping
will occur. This is only useful when using a Worker, since otherwise
files are not mapped to memory at all.
SRP authentication was implemented in this version.
One of the major new features in this release is the ability to
compile multiple event systems into Thy. In the past, Thy had to be
recompiled if one wanted to use epoll or kqueue instead of
select. Now, every possible event system is compiled in, and one can
select the appropriate one at run time. Thy will also try to select
the most appropriate one if none was explicitly specified.
Some smaller bugs were also fixed, as usual.
* Thy 0.9.0 [A Pirate I Was Meant To Be] -- 2004-04-25
This release features a way to make Thy interact better with web
cache software: the ability to set the max-age of resources and
expiry times.
The Linux version of the networking code was updated to be able to
serve files larger than 2Gb when Thy is compiled with Large File
Support (which is the default).
using information stored in a MySQL database.
Based on pkgwip package done by cube@, thanks a lot!
Package should support both Apache 1.x and 2.x, but only Apache 1.x
tested at the moment.
As soon as PLIST_SRC is defined the "default" PLIST files are not
added to PLIST_SRC. So 'PLIST' has to be explicitly listed in the
APACHE_DEFAULT_FILES == "yes" case.
- Add new build def APACHE_DEFAULT_FILES
Changes with Apache 2.0.50
*) SECURITY: CAN-2004-0493 (cve.mitre.org)
Close a denial of service vulnerability identified by Georgi
Guninski which could lead to memory exhaustion with certain
input data. [Jeff Trawick]
*) mod_cgi: Handle output on stderr during script execution on Unix
platforms; preventing deadlock when stderr output fills pipe buffer.
Also fixes case where stderr from nph- scripts could be lost.
PR 22030, 18348. [Joe Orton, Jeff Trawick]
*) mod_alias now emits a warning if it detects overlapping *Alias*
directives. [André Malo]
*) mod_rewrite no longer turns forward proxy requests into reverse proxy
requests. PR 28125 [ast domdv.de, André Malo]
*) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
exported on Win32 and Netware as well (minor MMN bump). PR 28523.
[Edward Rudd <eddie omegaware.com>, André Malo]
*) Restore the ability to disable the use of AcceptEx on Win9x systems
automatically (broken in 2.0.49). PR 28529. [André Malo]
*) <VirtualHost myhost> now applies to all IP addresses for myhost
instead of just the first one reported by the resolver. This
corrects a regression since 1.3. [Jeff Trawick]
*) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
against ServerRoot PR#26602 [Brad Nicholes]
*) SECURITY: CAN-2004-0488 (cve.mitre.org)
mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
(trusted) client certificate subject DN which exceeds 6K in length.
[Joe Orton]
*) mod_dav_fs: Fix MKCOL response for missing parent collections, which
caused issues for the Eclipse WebDAV extension.
PR 29034. [Joe Orton]
*) mod_deflate: Fix memory consumption (which was proportional to the
response size). PR 29318. [Joe Orton]
*) mod_ssl: Log the errors returned on failure to load or initialize
a crypto accelerator engine. [Joe Orton]
*) Allow RequestHeader directives to be conditional. PR 27951.
[Vincent Deffontaines <vincent gryzor.com>, André Malo]
*) Allow LimitRequestBody to be reset to unlimited. PR 29106
[André Malo]
*) Fix a bunch of cases where the return code of the regex compiler
was not checked properly. This affects: mod_setenvif, mod_usertrack,
mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo]
*) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for
small cache sizes. PR 27751. [Geoff Thorpe <geoff geoffthorpe.net>]
*) Remove 2Gb log file size restriction on some 32-bit platforms.
PR 13511. [Joe Orton]
*) mod_logio no longer removes the EOS bucket. PR 27928.
[Bojan Smojver <bojan rexursive.com>]
*) htpasswd no longer refuses to process files that contain empty
lines. [André Malo]
*) Regression from 1.3: At startup, suexec now will be checked for
availability, the setuid bit and user root. The works only if
httpd is compiled with the shipped APR version (0.9.5).
PR 28287. [André Malo]
*) Unix MPMs: Stop dropping connections when the file descriptor
is at least FD_SETSIZE. [Jeff Trawick]
*) Fix handling of IPv6 numeric strings in mod_proxy. [Jeff Trawick]
*) mod_isapi: send_response_header() failed to copy status string's
last character. PR 20619. [Jesse Pelton <jsp pkc.com>]
*) Fix a segfault when requests for shared memory fails and returns
NULL. Fix a segfault caused by a lack of bounds checking on the
cache. PR 24801. [Graham Leggett]
*) Throw an error message if an attempt is made to use the LDAPTrustedCA
or LDAPTrustedCAType directives in a VirtualHost. PR 26390
[Brad Nicholes]
*) Fix a potential segfault if the bind password in the LDAP cache
is NULL. PR 28250. [Jari Ahonen <jah progress.com>]
*) Quotes cannot be used around require group and require dn
directives, update the documentation to reflect this. Also add
quotes around the dn and group within debug messages, to make it
more obvious why authentication is failing if quotes are used in
error. PR 19304. [Graham Leggett]
*) The Microsoft LDAP SDK escapes filters for us, stop util_ldap
from escaping filters twice when the backslash character is used.
PR 24437. [Jess Holle <jessh ptc.com>]
*) Overhaul handling of LDAP error conditions, so that the util_ldap_*
functions leave the connections in a sane state after errors have
occurred. PR 27748, 17274, 17599, 18661, 21787, 24595, 24683, 27134,
27271 [Graham Leggett]
*) mod_ldap calls ldap_simple_bind_s() to validate the user
credentials. If the bind fails, the connection is left
in an unbound state. Make sure that the ldap connection
record is updated to show that the connection is no longer
bound. [Brad Nicholes]
*) Ensure that lines in the request which are too long are
properly terminated before logging.
[Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>]
*) Update the bind credentials for the cached LDAP connection to
reflect the last bind. This prevents util_ldap from creating
unnecessary connections rather than reusing cached connections.
[Brad Nicholes]
*) mod_isapi: GetServerVariable returned improperly terminated header
fields given "ALL_HTTP" or "ALL_RAW". PR 20656.
[Jesse Pelton <jsp pkc.com>]
*) mod_isapi: GetServerVariable("ALL_RAW") returned the wrong buffer
size. PR 20617. [Jesse Pelton <jsp pkc.com>]
*) mod_dav: Fix a problem that could cause crashes when manipulating
locks on some platforms. [Jeff Trawick]
*) mod_headers no longer crashes if an empty header value should
be added. [André Malo]
*) Fix segfault in mod_expires, which occured under certain
circumstances. PR 28047. [André Malo]
*) htpasswd: use apr_temp_dir_get() and general cleanup
[Guenter Knauf <eflash gmx.net>, Thom May]
*) mod_ssl: Fix memory leak in session cache handling. PR 26562
[Madhusudan Mathihalli]
*) mod_ssl: Fix potential segfaults when performing SSL shutdown from
a pool cleanup. PR 27945. [Joe Orton]
*) Add forensic logging module (mod_log_forensic).
[Ben Laurie]
*) logresolve: Allow size of log line buffer to be overridden at
build time (MAXLINE). PR 27793. [Jeff Trawick]
*) Fix the comment delimiter in htdbm so that it correctly parses the
username comment. Also add a terminate function to allow NetWare
to pause the output before the screen is destroyed.
[Guenter Knauf <eflash gmx.net>, Brad Nicholes]
*) Fix crash when Apache was started with no Listen directives.
[Michael Corcoran <mcorcoran warpsolutions.com>]
*) core_output_filter: Fix bug that could result in sending
garbage over the network when module handlers construct
bucket brigades containing multiple file buckets all referencing
the same open file descriptor. [Bojan Smojver]
*) Fix memory corruption problem with ap_custom_response() function.
The core per-dir config would later point to request pool data
that would be reused for different purposes on different requests.
[Jeff Trawick, based on an old 1.3 patch submitted by Will Lowe]
*) Win32: Tweak worker thread accounting routines to eliminate
server hang when number of Listen directives in httpd.conf
is greater than or equal to the setting of ThreadsPerChild.
[Bill Stoddard]
This is security fix release, fixing several important security
issues. From the ChangeLog:
* Fixed strip_tags() to correctly handle '\0' characters.
* Improved stability during startup when memory_limit is used.
* Replace alloca() with emalloc() for better stack protection.
* Added missing safe_mode checks inside ftok and itpc.
* Fixed bug #28963 Fixed address allocation routine in IMAP extension.
* Fixed bug #28632 Prevent open_basedir bypass via MySQL's LOAD DATA LOCAL.
Note: package update also includes extra patches from PHP CVS not
present in stock PHP 4.3.8 release - compilation fix for
mssql extension and Zend engine memory-use-after-free fix.
gcc version 3+.
. generally reduce diffs to Linux version
. retain compatibility with older ABI (AIX-like) thanks to useful comments
from Charles Hannum
Thanks to Matthew Green for the fruitful discussion. This should address
PR#23240 as far as mozilla is concerned.
Change list from release notes:
* Synchronized bundled GD library with GD 2.0.23.
* Fixed a bug that prevented compilation of GD extensions against
FreeType 2.1.0-2.1.2.
* Fixed thread safety issue with informix connection id.
* Fixed incorrect resolving of relative paths by glob() in windows.
* Fixed mapping of Greek letters to html entities.
* Fixed a bug that caused an on shutdown crash when using PHP with Apache
2.0.49.
* Fixed a number of crashes inside pgsql, cpdf and gd extensions.
All in all this release fixes over 30 bugs that have been discovered
and resolved since the 4.3.6 release.
From the article from mozillazine.org:
mozilla.org today released upgrades to both Firefox 0.9 (0.9.1) and
Thunderbird 0.7 (0.7.1) to fix some minor bugs present in both
releases. Both releases correct some flaws in the extension system
that some users may have been experiencing, as well as a new icon set
for the navigation toolbar on Windows and Linux in Firefox 0.9.1. All
users of both products should get this upgrade.
From the article from mozillazine.org:
mozilla.org today released upgrades to both Firefox 0.9 (0.9.1) and
Thunderbird 0.7 (0.7.1) to fix some minor bugs present in both
releases. Both releases correct some flaws in the extension system
that some users may have been experiencing, as well as a new icon set
for the navigation toolbar on Windows and Linux in Firefox 0.9.1. All
users of both products should get this upgrade.
* Fixes:
- Protect proxy variables with mutex locks, should resolve some more
BSD-related threading issues.
- Use libcurl's unescape method rather than our own, fixes a NetBSD
character conversion problem.
- Fix C99-ism which was preventing successfull compilation on
GCC-2.95 (Julio M. Merino Vidal).
Changes:
* Favicons are now processed with gdkpixbuf and saved
to disc in PNG format. Images with 24bit colors and
sizes other than 16x16 are now supported. (Nathan Conrad)
PLEASE NOTE THAT THIS BREAKS FAVICON CACHE
DOWNWARD COMPATIBILITY WITH OLDER RELEASES!
WHEN YOU FALLBACK YOU WILL LOOSE YOUR ICONS.
* Now a short help text is displayed in the HTML view
after startup. (Lars Linder)
* Updated networking code. Many more things, such as
adding a new feed, are processed in the background.
(Nathan Conrad)
* Improved preferences for selecting how to open a link
in an external browser. (Nathan Conrad)
* Popup-window notifications of new items. This
is a first implementation and we are open for your
critics and suggestions! (Karl Soderstrom)
Bugfixes:
* When URLs are passed to an external browser they are
now escaped correctly. (Lars Lindner)
* When a feed could not be downloaded after the
subscription it was missing a cache file. This caused
an error message each time the program starts. This
is fixed now. (Lars Lindner)
* Debian bug #254959 reported by Martin-Eric Racine was
fixed. No Liferea recognizes RSS 1.0 Creative Commons
license information. (Lars Lindner)
* Better favicon detection (more coming in the next release).
* Feed properties (such as titles) are now saved when they
change. (Nathan Conrad)
* Compiles on Solaris, and is hopefully more portable now.
(Nathan Conrad)
* Feed update locking issues were fixed. (Nathan Conrad)
* Several memleaks were fixed.
Linux tested - there are no NetBSD builds so far and the Linux builds
require glibc-2.3 which isn't in pkgsrc so does not work out of the
box on NetBSD yet.
changes since 0.8 can be found at:
http://www.mozilla.org/products/firefox/releases/0.9.html
Solves PR 25426.
Add dependency on PERL5 so that the configure script does the right
thing, since this package use the path in places that cannot be
patched by REPLACE_PERL (and bin/swish-filter-test need perl to
run anyway).
Bump PKGREVISION.
* Fixes:
- Resolved a network threading issue that prevented Drivel from working on
NetBSD, and possibly the other BSD variants as well.
- Fixed the autosave feature.
- Keybinding fixes to allow better interoperability with emacs bindings.
- Resolve a couple of bugs in the History dialog (still requires GTK+ 2.4.4
or higher to work correctly) (Davyd Madeley).
- Correct the lj-lq tag in the poll creator (Grahame Bowland).
- Don't duplicate the protocol in the Insert Link dialog (gnome@nash.nu).
Changes from 0.5 include (please see the ChangeLog for full details):
* configuration changes;
* build errors fixes when using --enable-m17n and --disable-unicode;
* HTTP basic authentication bugs fixed;
* Fix IPv6 FQDN resolution failure;
* bug fixes and source cleanup.
Here's what's new in this release of Firefox:
* New Default Theme
An updated Default Theme now presents a uniform appearance across all
three platforms - a new crisp, clear look for Windows
users. Finetuning for GNOME will follow in future releases.
* Comprehensive Data Migration
Switching to Firefox has never been easier now that Firefox imports
data like Favorites, History, Settings, Cookies and Passwords from
Internet Explorer. Firefox can also import from Mozilla 1.x, Netscape
4.x, 6.x and 7.x, and Opera. MacOS X and Linux migrators for browsers
like Safari, OmniWeb, Konqueror etc. will arrive in future releases.
* Extension/Theme Manager
New Extension and Theme Managers provide a convenient way to manage
and update your add-ons. SmartUpdate also notifies you of updates to
Firefox.
* Help
A new online help system is available.
* Lots of bug fixes and improvements
Copy Image, the ability to delete individual items from Autocomplete
lists, SMB/SFTP support on GNOME via gnome-vfs, better Bookmarks,
Search and many other refinements fine tune the browsing experience.
For Linux/GTK2 Users
* Look and Feel Updates
Ongoing improvements have been made to improve the way Firefox adheres
to your GTK2 themes, such as menus.
* Talkback for GTK2
Help us nail down crashes by submitting talkback reports with this
crash reporting tool.
Changes:
New features/improvements:
- The BuildHistoryFormat can now accept xml to build the AWStats
database in xml. The XML schema is available in tools/xslt directory.
- Added an example of xslt style sheet to use AWStats XML database.
- Added %time4 flag for LogFormat to support unix timestamp date format.
- Added Firefox to browser database.
- Added option IncludeInternalLinksInOriginSection (defined to 0
by default).
- Added field to choose size of list limit (rawlog plugin).
- Added ExtraSectionCodeFilterX parameters.
- PDF detection works also for browsers that support PDF 6 only.
- maillogconvert.pl:
Added an automatic year adjustment for sendmail/postfix log
files that does not store the log. This solve problems for mail
analyses around new year.
- Added tooltips for mail reports (tooltips plugin).
Changed look of the summary report to prepare add of new informations.
- Added failed mails number in the summary.
- AllowAccessFromWebToFollowingAuthenticatedUsers is no more case
sensitive.
- Added new functions for plugins: AddHTMLMenuHeader, AddHTMLMenuFooter,
AddHTMLContentHeader, AddHTMLContentFooter
- Added detection of Camino web browser (old Chimera).
- Full updated robots database.
Fixes:
- Removed warning "Bizarre copy of ARRAY" with new Perl 5.8.4.
- Fixed syntax error in Year view when xhtml output is selected.
- Fixed a problem of not working misc feature when using IIS and
when URLWithQuery was set to 0.
- Now all non ISO-8859-1 languages are shown correctly even with
Apache2, whatever is the value of the AddDefaultCharset directive.
- Some plugins broke the xhtml output.
- Fixed wrong results for compression ratios when using mod_gzip and
%gzip_ratio tag.
- Fixed old bug showing string "SCALAR(0x8badae4)" inside html reports
when using mod_perl.
- Fixed the not allowed GET method when LogType=S.
- maillogconvert.pl: Better management of error records with sendmail
and postfix (some "reject" records were discarded).
- maillogconvert.pl: Fixed important bug where records were discarded
when server name was a FQDN.
- configure.pl: Now works also on Mac OS X
- configure.pl: If /etc/awstats directory does not exist, try to
create it. If /etc/awstats.model.conf not found on Linux, try to
find it in cgi-bin directory.
- Fixed some bugs when BuildReportOutput is set to xhtml (rawlog plugin)
plugin.
- Number of shown lines were one more than required (rawlog plugin).
- xhtml output broken for some 404 reports.
Other/Documentation:
- BuildReportOutput=xml renamed into BuildReportOutput=xhtml
- Added arabic language file.
- Updated language file.
- Updated documentation.
- maillogconvert.pl:
Update value of NBOFENTRYFOFLUSH
Here's what's new in this release of Firefox:
* New Default Theme
An updated Default Theme now presents a uniform appearance across all
three platforms - a new crisp, clear look for Windows
users. Finetuning for GNOME will follow in future releases.
* Comprehensive Data Migration
Switching to Firefox has never been easier now that Firefox imports
data like Favorites, History, Settings, Cookies and Passwords from
Internet Explorer. Firefox can also import from Mozilla 1.x, Netscape
4.x, 6.x and 7.x, and Opera. MacOS X and Linux migrators for browsers
like Safari, OmniWeb, Konqueror etc. will arrive in future releases.
* Extension/Theme Manager
New Extension and Theme Managers provide a convenient way to manage
and update your add-ons. SmartUpdate also notifies you of updates to
Firefox.
* Help
A new online help system is available.
* Lots of bug fixes and improvements
Copy Image, the ability to delete individual items from Autocomplete
lists, SMB/SFTP support on GNOME via gnome-vfs, better Bookmarks,
Search and many other refinements fine tune the browsing experience.
For Linux/GTK2 Users
* Look and Feel Updates
Ongoing improvements have been made to improve the way Firefox adheres
to your GTK2 themes, such as menus.
* Talkback for GTK2
Help us nail down crashes by submitting talkback reports with this
crash reporting tool.
The full list of changes can be found at:
http://www.mozilla.org/releases/mozilla1.7/README.html
Major browser changes since 1.6:
* A new option to prevent sites from using JavaScript to block the
browser's context menu.
* A new set of icons for files that are associated with Mozilla on
Windows.
* Password Manager has a "show passwords" mode which will display
saved passwords. You will need to enter your master password if
you are using one.
* The "Set As Wallpaper" feature now has a confirmation dialog.
* Linux GTK2 builds have improved support for OS themes.
* Cookie dialogs have been reworked to make them more usable.
* Date handling, especially on OS X, has been improved.
* It is now possible to fine-tune Mozilla's pop-up blocking using
two preferences (dom.popup_maximum and dom.popup_allowed_events)
but there's no UI for that yet. Even without a UI, users should
notice a greater variety of pop-ups blocked (primarily mouseover
pop-ups) and a limit of 20 or so open at one time - regardless of
whether pop-up blocking is active. This will provide some protection
from sites that open hundreds of windows in a loop.
* Downloaded files are now moved to the target directory as soon
as the user selects the desired location. This was the frequently
reported bug 55690.
* There is now user interface to activate Smooth Scrolling (Preferences
-> Appearance).
* Mozilla now supports basic FTP upload.
Ok'ed wiz@/snj@
SpeedyCGI is a way to run perl scripts persistently, which can make them run
much more quickly. A script can be made to to run persistently by changing
the interpreter line at the top of the script from:
#!${LOCALBASE}/bin/perl
to
#!${LOCALBASE}/bin/speedy
After the script is initially run, instead of exiting, the perl interpreter
is kept running. During subsequent runs, this interpreter is used to handle
new executions instead of starting a new perl interpreter each time. A very
fast frontend program, written in C, is executed for each request. This fast
frontend then contacts the persistent Perl process, which is usually already
running, to do the work and return the results.
Drivel is a LiveJournal client for the GNOME Desktop. Its purpose is to
retain a simple and elegant design while providing the same level of
functionality as the offical LiveJournal clients. Drivel also integrates
tightly with the GNOME Desktop technologies.
Changes:
0.54 - *
- Separated IO code from Accept
- Add HSML comment tag: <?- -?>
- Add launcher from cmdline (path|port) using HsmlExec module.
- Allow stdin to read the configuration file (-c -)
- Disable exectimeout by default to allow large file processing.
- Disable keep-alive (not all scripts print Content-Length)
- Solve IExplorer 'bug' that forces screws to segfault
- Add initial support for Range-bytes in Headers and HsmlExec.
- Drop nonblocking sockets, and use IOpoll/IOselect by default.
- Solved longfiles buffering problems.
- Solve XSS bug on HsmlExec
- Initial screws_* API
- Allow logs using syslog (LOG_ERR) and piped logs (|...)
- Create macros for modules.
- Add CleanLog module
- Move hsml_lua_init into HsmlExec_init (3x faster)
- Exterminate zombies using setsid()
- Change bool env from TRUE/"" to 1/0
- patch unicode bug that wraps the ARGV env.
- Implement headers support for hsml and .x's
(redirect, mimetype, 404...)
- do not overwrite user config file
- initial alloc drop process.
0.53 - 2004/05/10
- Initial code for file uploading
- Solve Dead children ripper bug.
- Cleaner Makefiles
- add portable getpath(Utils/whereis)
- Add nonblocking sockets for child ripping.
- Add multi-part support for fileuploading
- Solve argument parsing bug.
- Add some filechecks in HsmlExec.so
- Add csharp support.
- Patch an hsml parsing bug.
- Hashbang support on hsml (to separate hsml1 and hsml2 code)
- Solve http request bug.
- Write all manpages.
- Added new marc and petrus templates
- Added support for more Exif tags.
- Fix a divide by zero error crash, due to a corrupt image.
- Fix javascript errors occured when a singe quote was included in a filename.
- Fix bug on joi template : accesskey="t" was showing in the pages.
- Fix missing /IF directive in images pages on satyap template.
New features and fixes
Browser
* A new option to prevent sites from using JavaScript to block the
browser's context menu.
* Password Manager has a "show passwords" mode which will display
saved passwords. You will need to enter your master password if
you are using one.
* The "Set As Wallpaper" feature now has a confirmation dialog.
* Linux GTK2 builds have improved support for OS themes.
* Cookie dialogs have been reworked to make them more usable.
* Date handling, especially on OS X, has been improved.
* It is now possible to fine-tune Mozilla's pop-up blocking using
two preferences (dom.popup_maximum and dom.popup_allowed_events)
but there's no UI for that yet. Even without a UI, users should
notice a greater variety of pop-ups blocked (primarily mouseover
pop-ups) and a limit of 20 or so open at one time - regardless
of whether pop-up blocking is active. This will provide some
protection from sites that open hundreds of windows in a loop.
* Downloaded files are now moved to the target directory as soon
as the user selects the desired location. This was the
frequently reported bug 55690.
* There is now user interface to activate Smooth Scrolling
(Preferences -> Appearance).
* Mozilla now supports basic FTP upload.
Mail
* Many improvements to Palm Sync.
* IMAP IDLE support has been added.
* Support for "MSN Authentication" and Secure Password
* Authentication using SSPI NTLM auth for SMTP and POP3.
* A new preference to "always use the default character encoding
for replies" rather than using the encoding of the message being
replied to.
* Improvements to performance of downloading, viewing, and saving
mail messages.
* Support for multiple identities on the same mail account. See
the Multiple Identity Support documentation for more details.
* Support for relative paths for mail folders in prefs.js. This
makes it easier to copy profiles around without having to fix up
prefs.js afterwards.
* You can now edit address lists containing "Last, First" style
names.
* When composing mail, you can now use the up and down arrow keys
to scroll through the To/Cc/Bcc list.
* All Mozilla LDAP queries now default to using LDAPv3
(previously, they used LDAPv2). Mozilla should gracefully fall
back to v2 if v3 isn't found.
Chatzilla
* Chatzilla now supports zooming of fonts with keyboard shortcuts
(Ctrl + and Ctrl -), as well as with the View menu.
* Improved date handling; using the date/time format for the
locale.
* Support for the /ignore command.
* The ability to change the font family and size.
* Working custom sounds on Windows and Linux.
* Improvements to the preferences panel and the user interface for
half-op mode.
Under the Hood
* Size and performance have improved dramatically with this
release. When compared to Mozilla 1.6, Mozilla 1.7 is 7% faster at
startup, is 8% faster to open a window, has 9% faster page
loading, and is 5% smaller in binary size.
* A long-standing bug with CSS backgrounds on table elements has
been fixed (standards mode only).
* Support for Kerberos HTTP authentication using GSSAPI (benefits
Unix-like platforms including Linux and OS X).
* Support for smb:// URLs using the gnome-vfs library (only
enabled in GTK2+XFT Linux builds).
* Support for server push of XML documents using
multipart/x-mixed-replace and XMLHttpRequest.
* Liveconnect now works when a Java applet's codebase is in a
different domain.
* Support for the CSS3 opacity property.
* Mozilla adds support for the onbeforeunload event. This lets web
application developers add code that alerts the user about
potential data-loss when closing a web application, or when
leaving a HTML page with potentially sensitive information.
* This release has a new SVG backend. The feature is not yet
enabled in the mozilla.org releases but developers may wish to
compile with this feature enabled.
* Mozilla handles dynamic style changes much better (see bug 15608
for details.)
* Mozilla has upgraded the NSS libraries to version 3.9. NSS 3.9
passes all the NISCC SSL/TLS and S/MIME tests (1.6 million test
cases of invalid input data) without crashes or memory leaks.
New features and fixes
Browser
* A new option to prevent sites from using JavaScript to block the
browser's context menu.
* Password Manager has a "show passwords" mode which will display
saved passwords. You will need to enter your master password if
you are using one.
* The "Set As Wallpaper" feature now has a confirmation dialog.
* Linux GTK2 builds have improved support for OS themes.
* Cookie dialogs have been reworked to make them more usable.
* Date handling, especially on OS X, has been improved.
* It is now possible to fine-tune Mozilla's pop-up blocking using
two preferences (dom.popup_maximum and dom.popup_allowed_events)
but there's no UI for that yet. Even without a UI, users should
notice a greater variety of pop-ups blocked (primarily mouseover
pop-ups) and a limit of 20 or so open at one time - regardless
of whether pop-up blocking is active. This will provide some
protection from sites that open hundreds of windows in a loop.
* Downloaded files are now moved to the target directory as soon
as the user selects the desired location. This was the
frequently reported bug 55690.
* There is now user interface to activate Smooth Scrolling
(Preferences -> Appearance).
* Mozilla now supports basic FTP upload.
Mail
* Many improvements to Palm Sync.
* IMAP IDLE support has been added.
* Support for "MSN Authentication" and Secure Password
* Authentication using SSPI NTLM auth for SMTP and POP3.
* A new preference to "always use the default character encoding
for replies" rather than using the encoding of the message being
replied to.
* Improvements to performance of downloading, viewing, and saving
mail messages.
* Support for multiple identities on the same mail account. See
the Multiple Identity Support documentation for more details.
* Support for relative paths for mail folders in prefs.js. This
makes it easier to copy profiles around without having to fix up
prefs.js afterwards.
* You can now edit address lists containing "Last, First" style
names.
* When composing mail, you can now use the up and down arrow keys
to scroll through the To/Cc/Bcc list.
* All Mozilla LDAP queries now default to using LDAPv3
(previously, they used LDAPv2). Mozilla should gracefully fall
back to v2 if v3 isn't found.
Chatzilla
* Chatzilla now supports zooming of fonts with keyboard shortcuts
(Ctrl + and Ctrl -), as well as with the View menu.
* Improved date handling; using the date/time format for the
locale.
* Support for the /ignore command.
* The ability to change the font family and size.
* Working custom sounds on Windows and Linux.
* Improvements to the preferences panel and the user interface for
half-op mode.
Under the Hood
* Size and performance have improved dramatically with this
release. When compared to Mozilla 1.6, Mozilla 1.7 is 7% faster at
startup, is 8% faster to open a window, has 9% faster page
loading, and is 5% smaller in binary size.
* A long-standing bug with CSS backgrounds on table elements has
been fixed (standards mode only).
* Support for Kerberos HTTP authentication using GSSAPI (benefits
Unix-like platforms including Linux and OS X).
* Support for smb:// URLs using the gnome-vfs library (only
enabled in GTK2+XFT Linux builds).
* Support for server push of XML documents using
multipart/x-mixed-replace and XMLHttpRequest.
* Liveconnect now works when a Java applet's codebase is in a
different domain.
* Support for the CSS3 opacity property.
* Mozilla adds support for the onbeforeunload event. This lets web
application developers add code that alerts the user about
potential data-loss when closing a web application, or when
leaving a HTML page with potentially sensitive information.
* This release has a new SVG backend. The feature is not yet
enabled in the mozilla.org releases but developers may wish to
compile with this feature enabled.
* Mozilla handles dynamic style changes much better (see bug 15608
for details.)
* Mozilla has upgraded the NSS libraries to version 3.9. NSS 3.9
passes all the NISCC SSL/TLS and S/MIME tests (1.6 million test
cases of invalid input data) without crashes or memory leaks.
* Only decode %xx up to the first '?' in all requests, per RFC2396.
* Crank PKGREVISION
* Set SERVER_SOFTWARE to explicitly contain "nb6" (the PKGREVISION).
(I would have done this with CPPFLAGS, except the make/shell/cpp
quoting ended up too hairy & fragile)
Changes:
ADD: RSS feed support (thanks to Lübbe Onken for his work on this)
ADD: Translatations for French and Portuguese
ADD: .exe is recognised by default as having content-type
application/x-msdownload
ADD: Recognised links are now 'linkified' in the log messages
ADD: Tabs in file/diff listings are now expanded by a user
configurable number of spaces.
ADD: WebSVN URLs now access the repository by name rather than number.
This means that bookmarks will stay the same when new projects
are added. The old behaviour can be configure in config.inc.
FIX: Removed the revision 0 that has appeared in the previous version
FIX: Repositories were not sorted alphabetically when using ParentPath
FIX: The PNG support script needed for IE (and the BlueGrey scheme) is
now only loaded with IE
