Changes for version: 0.37 (Tue Jan 11 07:45:24 PST 2005)
- Remove load_class calls per Spoon 0.21
- Move archive commit hook into super class
- Split Kwiki::Command into Spoon::Command
- Make kwiki -compress work again :\
- Change -subwiki to -new_view
- List all plugins commented out in plugins file
- Support PagePrivacy
- Support multiple config*.*
- Make toolbar, widgets, and status prereqs of theme
python*-pth packages into meta-packages which will install the non-pth
packages. Bump PKGREVISIONs on the non-pth versions to propagate the
thread change, but leave the *-pth versions untouched to not affect
existing installations.
Sync all PYTHON_VERSIONS_AFFECTED lines in package Makefiles.
* Report 404 for HEAD requests to non-existing files or directories
* Scale images when they are requested from the cache instead of
before the index is displayed.
* Sort pictures the same way when viewing images as when viewing
directories
* New option GalleryUnderscoresToSpaces to convert underscores to
spaces in the listing of directories.
* Remember choosen width by setting a cookie
* Two new configuration options GalleryDocFile and GalleryImgFile
that makes it possible to configured which filetypes should be
displayed. See the documentation for details.
* Switched to use Text::Template instead of CGI::FastTemplate,
see the UPGRADE file for details.
* Create copyright notices on pictures using truetype fonts instead
of png images. Font, color and size can be configured.
and various bug fixes.
Notes:
* NetBSD-native version not available, this can be used only with
MOZILLA_USE_LINUX
* Linux sets MOZ_GTK2, gtk1-compiled version doesn't appear to be available
* Solaris not tested
o 2005-01-21 12:43 (Security issue)
Strengthen Squid from HTTP response splitting cache pollution attack
o 2005-01-21 12:10 (Minor)
Icons fails to load on non-anonymous FTP when using
short_icons_url directive
o 2005-01-21 12:10 (Minor)
FTP data connection fails on some FTP servers when requesting
directory without a trailing slash
One patch has problem to apply and hold to apply
o 2005-01-21 12:10 (Minor) Disable Path-MTU discovery on intercepted requests
Bump package revision.
Tomcat 5.0.30 (yoavs)
General
update Update web.xml files to 2.4 schema (from 2.3 DTD) where applicable. (yoavs)
update 32235: align conf/web.xml MIME types with Apache HTTPD. (yoavs)
fix 31132: Modified startup scripts for better OS/400 -x/-r handling. (yoavs)
update 22679: Added misc note on accessing session ID to SSL-HowTo. (yoavs)
update When the package protection is not used, do not create the doPrivileged objects so we don't suffer the performance hit (jfarcand)
update 32282: Modify Windows Uninstaller to remove webapps and webapps/ROOT only if user asks to remove everything. (yoavs)
Catalina
fix 31273: Add support for derefaliases in JNDIRealm. (markt)
fix 31623: Better OS400 support in setclasspath.sh. (yoavs)
fix 31592: Allow specification of digest encoding for realms. (yoavs)
update 31945: Added and updated Connector documentation. (yoavs)
update 31739: Minor documentation corrections for realm-howto and AJP docs. (yoavs)
fix 31753: Minor inconsistencies in JDBC and DataSourceRealm#authenticate. (yoavs)
update 31683: Minor clarifications to realm documentation. (yoavs)
fix 31851: UserTransaction in DefaultContext broken. (yoavs)
fix 32130: Check for null or empty file listing in FileStore#keys. (yoavs)
update 32276: Add developer info to Realm How-To. (yoavs)
fix 32082: Add protected getPrincipals method to MemoryRealm for easier extension. (yoavs)
fix 32023: CGIServlet fails to handle post message with multipart/form data. (yoavs)
fix 32269: JNDIRealm fails with InvalidNameException to authenticate users if LDAP distinguished name (DN) contains slash or double quote character(s). (yoavs)
Coyote
Jasper
fix Fixed default compiler target VM setting (to 1.3) so that compilation on J2SE 5.0 works out of the box. (yoavs)
update Exposed compilerSourceVM and compilerTargetVM options to JspC. (yoavs)
update Updated JspC usage messages to include recently added configurable parameters. (yoavs)
fix 29866: JspReader#skipUntil may try to read beyond the end of the file. (yoavs)
fix 32330: JspC changes context classloader. (yoavs)
Cluster
Webapps
fix 31707: Broken JavaScript confirmation in HTML manager. (yoavs)
update Removed hard-coded admin context path. (yoavs)
fix 31732: Fix Japanese localization of Manager's list command. (yoavs)
update 31656: Make admin webapp build on Struts 1.2. (yoavs)
update 32019: Remove maxlength=64 on env entry value in admin webapp. (yoavs)
Tomcat 5.0.29 (yoavs)
General
update Added Xalan note in RELEASE-NOTE section on XML parsers. (yoavs)
fix 30756: Bad syntax in sample web.xml. (yoavs)
update Enhanced Japanese resource bundles. (yoavs)
fix 30568: Incomplete setup.html documentation for launching jsvc. (yoavs)
Catalina
update Use CatalinaDigester on shutdown so you can use a sytem property to configure the port. (funkman)
fix Fix memory leak when Security Manager is turned on. (jfarcand)
fix 28914: threadPriority attribute ignored. (yoavs)
fix 30763: added failOnError attribute to UndeployTask. (yoavs)
fix 30624: Enhanced null checking in RealmBase#findSecurityConstraints. (yoavs)
fix Added explicit close of randomIS DataInputStream to ManagerBase for better resource handling. (yoavs)
update Added processTlds context attribute to allow disabling TLD processing. (yoavs)
update Backport if-else logic for SSI servlet from 4.1 (funkman)
update StandardClassLoader: Output the name of the repository if it failed to load. (funkman)
fix 31001: Missing domain attribute in MBean description for createStandardService. (yoavs)
fix 30636: NPE in DigesterFactory when resources cannot be located. (yoavs)
fix 30415: Directories ending in .war not handled well. (yoavs)
fix 31052: BeanFactory swallows root cause of exception. (yoavs)
fix 29914: Better lifecycle support for DefaultContext. (yoavs)
fix Set the FORM notes even when caching so that clustering with SSO works properly. (remm)
fix 30869: Make sure JAAS realm name is legal. (yoavs)
fix 31277: Clarified automatic application deployment section of Host configuration page. (yoavs)
fix 28631: JAASRealm enhancements to support custom user, role class names, use Commons-Logging. (yoavs)
fix 31364: Missing resource in org.apache.catalina.core.LocalString.properties. (yoavs)
fix 31362: Missing -Xdebug in catalina.bat when using JPDA and Security. (yoavs)
fix 30949: Make sure ApplicationDispatcher unwraps requests even if include fails. (yoavs)
fix 31511: Don't call setenv.bat if not found in *using-launcher scripts. (yoavs)
fix 31549: Add name of resource to load failed messaged in WebappClassLoader. (yoavs)
Webapps
fix 29526: Manager redeployment locked JAR because of context.xml stream. (yor "dangerous" manager tasks. (yoavs)
fix 29485: Added JavaScript confirmation prompts to HTML Manager actions. (yoavs)
fix 31058: Ensure StatusTransformer escapes query string for XML. (yoavs)
fix CGI Servlet: Revert the fix for 27090 as it introduced a JDK 1.4 dependency. (markt)
Jasper
fix 30984: Added compilerTargetVM option to Jasper. (yoavs)
fix 31171: Wrap to avoid ClassCastException in PageContextImpl. (yoavs)
fix 31257: Added specification of endorsed dirs if forking. (yoavs)
fix 31510: Set response=null in JspWriterImpl#recycle to aid in JBoss memory leak. (yoavs)
Coyote
fix 31018: Race condition in SystemLogHandler. (yoavs)
Changes since 2.001:
url_decode now interprets "+"s correctly, as encoded spaces.
url_encode ensures that all hex-encodings are padded correctly, to 2 digits (so
"%09" for a tab, not "%9"). The fake-encoding done on standard input when
testing at the command-line has been fixed equivalently.
url_encode also converts spaces to "+"s and emits hex characters in upper-case,
since this what web-browsers seem to do. Encoding is now performed on all but
known-safe characters, rather listing all the characters believed to be in need
of encoding.
The internal method _decode_url_encoded_data now uses url_decode, rather than
duplicating its content.
* A new very extended manual
* Better GNOME and KDE integration
* Much improved bookmarks
* Many performacne improvements
* New and improved highlighting pattern
* Better encoding detection
* Many minor bug-fixes
o 2005-01-17 04:29 (Minor Secuity issue) Sanity check usernames in squid_ldap_auth
o 2005-01-17 02:52 (Minor) FQDN names truncated on compressed DNS responses
o 2005-01-17 02:52 (Minor) Internal DNS memory leak on malformed responses
Bump package revision; squid-2.5.7nb7.
The crawl utility starts a depth-first traversal of the web at the specified
URLs. It stores all JPEG images that match the configured constraints.
Crawl is fairly fast and allows for graceful termination. After terminating
crawl, it is possible to restart it at exactly the same spot where it was
terminated. Crawl keeps a persistent database that allows multiple crawls
without revisiting sites.
The main features of crawl are:
* Saves encountered images or other media types
* Media selection based on regular expressions and size contraints
* Resume previous crawl after graceful termination
* Persistent database of visited URLs
* Very small and efficient code
* Asynchronous DNS lookups
* Supports robots.txt
* A new User interface based on wxWidgets
* Amaya provides now a panel of tools on the left which can be hidden or shown
* All Amaya versions use now F2 key. A message is displayed when the Esc key is used
* Default GTK fonts are now expressed in point sizes
* WX version: when a 2nd Amaya instance is launched, the argument of the 2nd
instance is sent to the first instance and the 2nd one stops
Changes:
New features/improvements:
- Added the geoip_isp_maxmind and geoip_org_maxmind plugin.
- Details firefox versions.
Fixes:
- The geoip_city_maxmind plugin was sometimes bind and towns with
space in names are reported correctly.
- Removed an unknown security hole.
- Removed an other unknown security hole (found by iDEFENSE).
- Restart of apache works correctly on debian.
Other/Documentation:
- Updated documentation
- Updated language files
framework written in PHP. It provides an extensive array of classes that are
targeted at the common problems and tasks involved in developing modern web
applications.
This is the 3.x branch of the framework.
Now squid's user and group are handled by bsd.pkg.install.mk properly.
Thanks much to Volker Wiegand at t-online dot de noted this problem
by private mail.
Bump PKGREVISION.
Instiki is a wiki clone with a strong focus on simplicity of
installation and running. Instiki lowers the barriers of interest for
when you might consider using a wiki. It is so simple to get running
that you'll find yourself using it for anything -- taking notes,
brainstorming, organizing a gathering, etc.
It includes the correct buildlink3.mk file from either Linux-PAM
(security/PAM) or OpenPAM (security/openpam) and eventually will
support solaris-pam. pam.buildlink3.mk will:
* set PAMBASE to the base directory of the PAM files;
* set PAM_TYPE to the PAM implementation used.
There are two variables that can be used to tweak the selection of
the PAM implementation:
PAM_DEFAULT is a user-settable variable whose value is the default
PAM implementation to use.
PAM_ACCEPTED is a package-settable list of PAM implementations
that may be used by the package.
Modify most packages that include PAM/buildlink3.mk to include
pam.buildlink3.mk instead.
o 2005-01-12 17:21 (Security issue) Denial of service with forged WCCP messages
o 2005-01-12 17:19 (Security issue) buffer overflow bug in gopherToHTML()
o 2005-01-08 03:13 (Medium) fakeauth_auth memory leak and NULL pointer access
Bump package revision.
include db2 since this package requires exactly databases/db and nothing
else will do. Also remove USE_DB185 setting this htdig doesn't use the
db-1.85 interface.
* Honor ${VARBASE} in locating the htdig database directory.
* Use ${LOCALBASE}/bin/acroread as the path the the PDF reader instead of
/usr/local/bin/acroread.
* Add missing dependency on zlib. This package was just picking up and
using the system zlib before.
Bump the PKGREVISION to 1.
This module is a namespace placeholder for a future high level perl-oriented
interface to libcurl. Currently, you need to use the direct libcurl 'easy'
interface, by using the 'WWW::Curl::easy' module.
The perl module WWW::Curl::easy provides an interface to the cURL library
"libcurl".
See http://curl.haxx.se/ for more information on cURL and libcurl.
Drop apparently unneeded dependency on databases/p5-MLDBM.
Dependency on www/p5-libapreq is only required if HTML-Mason is
intended to be used with mod_perl and apache: add 'modperl' as a
bsd.options.mk framework option and include dependency on www/p5-libapreq
as needed. Also support apache13 or apache2.
The 'modperl' option is the default.
XXX ap2-perl install Apache::Filter perl module version 0.01 and
this module wants at least version 1.021. So I do not know if the
apache2/ap2-perl setup is really supported.
Bump PKGREVISION.
XXX: Something weird is going on with mozilla include files (just look
at the CPPFLAGS modifications in this package). Maybe someone more
clueful (taya@ ?) could look at this?
