Changes with Apache 2.0.47
*) SECURITY [CAN-2003-0192]: Fixed a bug whereby certain sequences
of per-directory renegotiations and the SSLCipherSuite directive
being used to upgrade from a weak ciphersuite to a strong one
could result in the weak ciphersuite being used in place of the
strong one. [Ben Laurie]
*) SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
temporary denial of service when accept() on a rarely accessed port
returns certain errors. Reported by Saheed Akhtar
<S.Akhtar@talis.com>. [Jeff Trawick]
*) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
of service when target host is IPv6 but proxy server can't create
IPv6 socket. Fixed by the reporter. [Yoshioka Tsuneo
<tsuneo.yoshioka@f-secure.com>]
*) SECURITY [VU#379828] Prevent the server from crashing when entering
infinite loops. The new LimitInternalRecursion directive configures
limits of subsequent internal redirects and nested subrequests, after
which the request will be aborted. PR 19753 (and probably others).
[William Rowe, Jeff Trawick, André Malo]
*) core_output_filter: don't split the brigade after a FLUSH bucket if
it's the last bucket. This prevents creating unneccessary empty
brigades which may not be destroyed until the end of a keepalive
connection.
[Juan Rivera <Juan.Rivera@citrix.com>]
*) Add support for "streamy" PROPFIND responses.
[Ben Collins-Sussman <sussman@collab.net>]
*) mod_cgid: Eliminate a double-close of a socket. This resolves
various operational problems in a threaded MPM, since on the
second attempt to close the socket, the same descriptor was
often already in use by another thread for another purpose.
[Jeff Trawick]
*) mod_negotiation: Introduce "prefer-language" environment variable,
which allows to influence the negotiation process on request basis
to prefer a certain language. [André Malo]
*) Make mod_expires' ExpiresByType work properly, including for
dynamically-generated documents. [Ken Coar, Bill Stoddard]
Borges is a web application framework that allows linear
programming of web applications.
Borges runs on Webrick (Apache+DRb will be supported in
the near future) and features a simple rendering interface.
Those who are interested will likely be greatly helped by
the Seaside 2.0 docs at http://beta4.com/seaside2/
Compile time warnings when using GCC-3.3
synopsis GCC-3.3 gets slightly confused by the Squid code and gives a
few mostly false warnings regarding type-punning.
severity Cosmetic
versions Squid-2.5 and earlier
platforms All
patch squid-2.5.STABLE3-gcc-3_3.patch
workaround Ignore the warnings
aufs Files queued for open counter mismatch
synopsis Under certain conditions the "Files queued for open counter"
could grow larger than intended. If this grows too large then
Squid may think it runs out of filedescriptors even if there is
plenty of filedescriptors free, but we do not expect this to
become a real problem in any installations.
severity Minor
versions Squid-2.5 and earlier
platforms All using aufs
patch squid-2.5.STABLE3-aufs-openingfds.patch
external_acl does not wait for ident lookups to complete
synopsis extrenal_acl_type %IDENT does not wait for ident lookups to
complete.
severity Minor
bugzilla #683
versions Squid-2.5
platforms All
patch squid-2.5.STABLE3-external_acl_ident.patch
workaround use an ident acl before your external acl to trigger the ident
lookup
Compilation error in src/HttpHeaderTools.c on certain platforms
synopsis The Squid-2.5.STABLE2 patch for digest authentication used a
C99 feature (dynamic array initializers) which may not be
available in all C compilers
severity Minor
bugzilla #660
versions Squid-2.5.STABLE3
platforms Several platforms not using GCC or a C99 compliant C compiler
patch squid-2.5.STABLE3-HttpHeaderTools.patch
workaround Use GCC
Segmentation fault if more than one custom deny_info message defined
synopsis The Squid-2.5.STABLE2 patch for deny_info TCP_RESET was not
entirely correct and causes segmentation fault on startup if
more than one custom deny_info error message is defined
severity Minor
bugzilla #662
versions Squid-2.5.STABLE3
platforms All
patch squid-2.5.STABLE3-deny_info.patch
workaround Disable the use deny_info in your squid.conf.
New Features and Fixes
- Mozilla's bookmarks have been overhauled. Bookmarks now include a
root level folder, the ability to have two differently named bookmarks
pointing at the same location, site icons in the Bookmark Manager and
Bookmarks Sidebar, and separators now have support for labels.
- Composer now supports click and drag dynamic image and table
resizing. If an image is selected or if the caret is placed inside a
table, eight resizing handles appear and allow to resize the
image/table with a simple click/drag/release. In the case of an image,
the resizing is done real-time and a semi-opaque shadow of the image
at its target size is shown during resizing. A tooltip shows in
real-time the target size in pixels, and the relative change in pixels
too.
- Mail now has junk-mail context menu items, a "delete junk mail" menu
item and many other usability improvements for junk-mail controls.
- Pop-up blocking has been streamlined to improve usability.
- Users can now specify "blank page," "home page," or "Last page
visited" for each of first window, new window and new tab.
- Users can now specify default font, size and color for HTML mail compose.
- Image blocking/disabling is now more flexible and users can "view
image" to see blocked or not loaded images.
- Proxy auto-config (PAC) failover has been implemented
- Mozilla 1.4 contains thousands of additional bugfixes, including
changes to improve performance, stability, web site compatability,
standards support, and usability.
Note that this package is not available for Solaris 7, as the
there is not yet any build for Solaris < 8.
New Features and Fixes
- Mozilla's bookmarks have been overhauled. Bookmarks now include a
root level folder, the ability to have two differently named bookmarks
pointing at the same location, site icons in the Bookmark Manager and
Bookmarks Sidebar, and separators now have support for labels.
- Composer now supports click and drag dynamic image and table
resizing. If an image is selected or if the caret is placed inside a
table, eight resizing handles appear and allow to resize the
image/table with a simple click/drag/release. In the case of an image,
the resizing is done real-time and a semi-opaque shadow of the image
at its target size is shown during resizing. A tooltip shows in
real-time the target size in pixels, and the relative change in pixels
too.
- Mail now has junk-mail context menu items, a "delete junk mail" menu
item and many other usability improvements for junk-mail controls.
- Pop-up blocking has been streamlined to improve usability.
- Users can now specify "blank page," "home page," or "Last page
visited" for each of first window, new window and new tab.
- Users can now specify default font, size and color for HTML mail compose.
- Image blocking/disabling is now more flexible and users can "view
image" to see blocked or not loaded images.
- Proxy auto-config (PAC) failover has been implemented
- Mozilla 1.4 contains thousands of additional bugfixes, including
changes to improve performance, stability, web site compatability,
standards support, and usability.
"The top features introduced since Netscape 7.1 include:
Junk mail controls
Popup controls
International Domain Name support
Image zoom, fit to window
Mail views
Palm Sync
Developer Tools
Speed and stability enhancements"
See http://wp.netscape.com/eng/mozilla/ns7/relnotes/7.html for more
details.
NB: For the time being (at least), only an english version is available.
Localized versions will hopefully show up on the ftp mirrors at some point
in the future.
SwiftSurf is a web proxy that can handle http (1.0 and 1.1) and
https. Moreover, it allows page filtering and authentication through a
password.
SwiftSurf is written in Ocaml.
changes:
-render and renderElements now have behavior of renderCached and
renderElementsCached -- these previous versions still exist
for backwards compatibility but will be removed at some point so please
switch over to using render and renderElements in your code.
-bugfixes
of needing a user
installed pre-build (as apposed to during the install).
This way proper dependencies can be done and allows for building of privoxy
as non-root.
subversion-base no longer installs info files; drop texinfo.mk usage.
Upstream change log:
Version 0.24.1 (released 16 June 2003, revision 6249, branches/release-0.24.1)
User-visible changes:
* Fix bug in 'svn log'.
Developer-visible changes:
* none
Version 0.24.0 (released 15 June 2003, revision 6234, branches/release-0.24.0)
User-visible changes:
* new 'svn diff [--old OLD] [--new NEW]' syntax (#1142)
* new --relocate option for svn switch (#951)
* new --version option for svnadmin and svnlook
* new path-based authorization module for apache
* make 'svn checkout' and not just 'svn update' resume a checkout
* .svn directories now hidden on Windows
* config variable 'store-password = no' now actually works
* fix 'svn merge --dry-run'
* fix 'properties hanging after a rename' issue (#1303)
* fix odd behavior of 'svn up -r PREV filename' (#1304)
* fix delete-tracking bug (#1348)
* fix dump and load corner cases (#1290)
* ra_dav server more resilient for foreign deltaV clients
* numerous ra_svn changes - must update clients and servers
* fix export over ra_svn (#1318)
* fix ra_svn error transmission bug (#1146)
* fix ra_svn corruption in tunnel mode (#1145)
* make svnserve multi-threaded on non-fork platforms (now works on Windows)
* remove svnserve -F and -S options
* various memory use improvements (#1323)
* various performance improvements for all protocols
* various performance improvements for 'svnadmin dump' and svnlook
* various subversion book updates (you have read the book right?)
* more cvs2svn.py improvements (and more to follow)
* new debugging script normalize-dump.py to normalize dump output
Developer-visible changes:
* path-based editor drivers
* no more RA->do_checkout()
* update python and java bindings
* various windows build fixes
Privoxy is a web proxy with advanced filtering capabilities for protecting
privacy, filtering web page content, managing cookies, controlling access,
and removing ads, banners, pop-ups and other obnoxious Internet junk.
Privoxy has a very flexible configuration and can be customized to suit
individual needs and tastes. Privoxy has application for both stand-alone
systems and multi-user networks.
o -d without DEBUG enabled only prints one warning and continues
o one can now define the C macro SERVER_SOFTWARE when building to
change the Server: header and CGI variable of the same name
o add new -s flag the force logging output to stderr. from zakj@nox.cx
o add new -a flag for CGI bin that stops bozohttpd from outputting
any HTTP reply, the CGI program must output these. from zakj@nox.cx
o new REQUEST_URI and DATE_GMT environment variables for CGI. from
zakj@nox.cx
o add a "Makefile.boot" that should work with any make program
o build on linux again
o fix core dumps when using -C
Changes:
This version has three new options.
-P NAME, --prev-symlink=NAME maintain a symbolic link from NAME to previous log
-p PERIOD, --period=PERIOD set the rotation period explicitly
-d DELAY, --delay=DELAY set the rotation period delay
