Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
Upgraded bundled PCRE to version 7.6
Key enhancements in PHP 5.2.6 include:
* Fixed two possible crashes inside the posix extension.
* Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=)
* Fixed bug 44141 (private parent constructor callable through static function).
* Fixed bug 43589 (a possible infinite loop in bz2_filter.c).
* Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call).
* Fixed bug 43201 (Crash on using uninitialized vals and __get/__set).
* Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
* Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class).
* Fixed bug 42736 (xmlrpc_server_call_method() crashes).
* Fixed bug 42369 (Implicit conversion to string leaks memory).
* Fixed bug 41562 (SimpleXML memory issue).
* Over 120 bug fixes.
See http://www.php.net/ChangeLog-5.php#5.2.6 for all the details
pkgsrc changes:
- Use the 'dep' version to install roundcube with no included dependencies
and instead manage it all through pkgsrc - suggestion from schmonz@
- Move the config files to ${PREFIX}/share/roundcube/config as it was
becomming difficult to manage them under ${PKG_SYSCONFDIR}
- Add the GUI installer scripts to the install so users can use it for the
initial setup and generation of the configuration files.
- Add a note to the roundcube.conf file about protection of the
installer directory once initially used.
- Don't assume apache is the only supported web server (because it's not)
we don't support any additional ones now but this will make integration
down the track easier if we do.
- Increased PKG_SUGGESTED_OPTIONS based on documentation in the INSTALL file.
- Add more required PHP options to roundcube.conf
Thanks to Dan Engholm for feedback on the package.
From the ChangeLog:
* Clear selection when selecting single item (1484942)
* Remove hard-coded image size in skin templates (1484893)
* Database schema improvements (dropped unnecessary indexes)
* Fixed creating a new folder with a comma in its name (1484681)
* Fixed sorting of messages when default mailbox is empty (1484317)
* Improve message previewpane - less loading (1484316)
* Fixed login form autocompletion (1484839)
* Fixed virtuser_query option for mdb2 backend (1484874)
* Fixed attachment resoting from Drafts when message body was empty (1484506)
* Fixed usage of ob_gzhandler (1484851)
* Fixed message part window in IE6 (1484610)
* Fixed decoding of mime-encoded strings (1484191)
* Fixed some iconv/mb_string problems (1484598)
* Correctly quote mailbox name when using in URL (1484313)
* Fixed "headers already sent" errors (1484860)
Also, some code cleanup/improvements to the sun driver; with a fix to
audio.c that I'm hopefully going to commit very soon, the sun driver works
quite well.
- re-supported DnD to bookmark folder in toolbar.
- Print copied string in Statusbar when CopyInUserFormat action is executed.
- Make it work with xulrunner 1.9.
- Resupported thumbnails.
- New German translation.
- RSS with CDATA is now parsed correctly.
- Fixed a crash when preference dialog is opened.
- HyperEstraier ANDNOT support.
- Various GTK/glib related bugfixes.
:Q operator in CONFIGURE_ARGS removed as suggested by rillig and pkglint.
* Look for $MAKECONF in @MAKECONF@, @PREFIX@/etc/mk.conf,
and /etc/mk.conf, in that order.
* Look for $PKGSRCDIR in the Makefile referred to by $MAKECONF,
".", "..", "../..", and "/usr/pkgsrc", in that order.
* Convert the Makefil to use the SUBST framework.
Proposed in tech-pkg; OK (in principle) David Brownlee
* Look for $MAKECONF in @MAKECONF@, @PREFIX@/etc/mk.conf,
and /etc/mk.conf, in that order.
* Look for $PKGSRCDIR in the Makefile referred to by $MAKECONF,
".", "..", "../..", and "/usr/pkgsrc", in that order.
Proposed in tech-pkg; OK Greg Troxel.
Added support for many new processors in all families.
Added support for CONFIG directive on 18F devices.
Support for new COFF format (MPASM default) in gpvo.
Fixed bugs.
Lots of changes between this two releases :
- a new experimental gc
- framework for asynchronous event
- support for 64 bits machine
- the layout of the installed system now conforms to FHS
- and a lots of bugs fixes ...
Contributed by Aleksej Saushev via IRC.
* Upgraded to latest libtool, autoconf and automake (libtool-2.2,
autoconf-2.61, automake-1.10.1)
* Fixed underflow in ODE adaptive step size controller that could
cause step size to decrease to zero.
* Improved the handling of the asymptotic regime in gsl_sf_bessel_jl.
* Improved the handling of large arguments in cumulative distribution
functions using the incomplete beta function, such as gsl_cdf_fdist_P.
* Fixed overflow bug in gsl_cdf_hypergeometric_{P,Q} for large
arguments.
* gsl_ran_gaussian_ziggurat now handles generators with different
ranges explicitly, to minimise the number of function calls
required.
* Added missing error terms in gsl_sf_exp_mult_e10_e to prevent
the error being underestimated.
* Updated some constants to the CODATA 2006 values.
* The hypergeometric function gsl_sf_hyperg_2F1 now handles the case
where x==1.
* Fixed a bug in the brent minimiser which prevented optimal convergence.
* Added functions for evaluating complex polynomials
* The convergence condition for gsl_multiroots_test_delta now accepts
dxi == 0.
* Improved functions gsl_ldexp and gsl_frexp to handle the full range
of double precision numbers in all cases.
* Added new quasi random generators gsl_qrng_halton and
gsl_qrng_reversehalton which support dimensions up to 1229.
* Added function gsl_multifit_linear_residuals for computing the
residuals of the fit
EzCrypto is an easy-to-use wrapper around the poorly documented OpenSSL
Ruby library. Features include:
* Defaults to AES 128 CBC
* Will use OpenSSL library for transparent hardware crypto support
* Single-class object-oriented access to most commonly used features
* Ruby-like syntax
include:
* Have Dataset#graph give a nil value instead of a hash with all nil
values if no matching rows exist in the graphed table. This changes
how graph handles missing records in associated tables (which occur
because graph defaults to LEFT OUTER joins by design).
* Fix Dataset#eager_graph when not all objects have associated objects.
This changes how eager_graph handles missing records in associated
tables (which occur because graph defaults to LEFT OUTER joins by
design).
TunaPie is a directory browser for Internet radio and TV streams.
As of 0.9.6, it is compatible with the Icecast directory as well as the
Shoutcast (winamp) stream directory service.
Tunapie allows you to search for streams and then launch your audio player
(XMMS) or NSV viewer (Mplayer) of choice. It also allows recording of audio
and video streams using streamripper.
Release date: May 1st, 2008
Status: Experimental
* Clauses 3 and 4 of the BSD license used by the project were dropped.
All the code is now under a 2-clause BSD license compatible with the
GNU General Public License (GPL).
* Added a C-only binding so that binary test programs do not need to be
tied to C++ at all. This binding is now known as the atf-c library.
* Renamed the C++ binding to atf-c++ for consistency with the new atf-c.
* Renamed the POSIX shell binding to atf-sh for consistency with the new
atf-c and atf-c++.
* Added a -w flag to test programs through which it is possible to specify
the work directory to be used. This was possible in prior releases by
defining the workdir configuration variable (-v workdir=...), but was a
conceptually incorrect mechanism.
* Test programs now preserve the execution order of test cases when they
are given in the command line. Even those mentioned more than once are
executed multiple times to comply with the user's requests.
