* pkgsrc change: add additional Japanese translations for tinyMCE.
* Quote from release announce:
The maintenance release fixes the issue with relative links in
newsletters not being converted correctly, the issue with ampersands
in square brackets not being decoded everywhere and two issues with
infinitely recurring events. It also includes an important patch to
prevent protected pages with no groups assigned from showing up in
search results.
Searching protected pages
If your website contains protected pages that are not assigned to a
group (grant access to any authenticated user), these pages might show
up in search results if indexing of protected pages is allowed. It is
not possible for unauthenticated users to access these pages, though.
See http://dev.typolight.org/query?milestone=TYPOlight+2.6.7 for fixed bugs.
ChangeLog:
5.7018 8 Mar 2009
- Add a new section to BasicCRUD covering more advanced features of
DBIC ("EXPLORING THE POWER OF DBIC")
- Convert from Ubuntu to Debian 5 live CD as the recommended way to do
the tutorial (all code and examples updated and tested to match)
- Removed Catalyst::Plugin::Authorization::ACL from Authorization.pod
in favor of a "chained and model-based" approach
- More conversion to Chained dispatch
- Suggestions and fixes with thanks to mintywalker@gmail.com
- DBIC-related updates in MoreCatalystBasics
- Fix misplaced "=over 4" in previous release
- Reword warning about not using GET for delete based on input from kd
- Lots of other small adjustments
5.7017 28 Feb 2009
- Main change = adding Chained dispatch starting in BasicCRUD (Part 4)
- Add some "getting started" links to the Catalyst::Manual page
- Change FormFu tutorial to not use deprecated methods (Del Merritt)
- MoreCatalystBasics - Additional clarification about TTSite
(Del Merritt)
- Tutorial::Authorization - Corrects the ACL for "/books/delete"
- Additional comments
(Del Merritt)
- Tutorial::AdvancedCRUD::FormFu - suggest how the intrepid user
might now proceed, having completed the Tutorial. (Del Merritt)
- Fix typo in Authorization section (RT #42091)
- Fix typo in BasicCRUD (RT #42034)
- Resolve outstanding typo and suggestions in MoreCatalystBasics (RT #41491)
- Fix DBIC create for MySQL in Appendix (Jarom)
- Misc minor updates
5.7016 28 Dec 2008
- Updates to make Parts 8 & 9 run correctly
- Adjust URLs for final config tarballs
- Add note about changes across different C::Devel on how plugins enabled
- Misc minor updates
5.7015 15 Dec 2008
- Remove TTSite from Tutorial (thanks to dhoss for the help)
- Update Tutorial for Ubuntu 8.10 (therefore update to
Cat v5.7014, C::Devel v1.07, DBIC v0.08010, etc.)
- Reorganize MoreCatalystBasics.pod so user is able to run
the app the first time much earlier and build on it from
there (running the app each time along the way)
- Update URL for latest copy in SVN to match new location of repo
- Misc typo fix
- Change use of Class::C3 to MRO::Compat, as rafl tells me
this is best practice, and gives you native next::method in
5.10. (t0m)
ChangeLog:
4.21 Sat Jan 3, 2009
[FEATURES]
- This now works:
$webapp->query($new_query_object);
Setting a new query object can be useful in combination with
CGI::Application::Server. (Jaldhar Vyas)
[DOCUMENTATION]
- More typo fixes (Lyle)
4.20 Sat Nov 1, 2008
[DOCUMENTATION]
- typo fix (Lyle)
4.19_1 Fri Sep 27, 2008
[FEATURES]
- New 'html_tmpl_class' method allows you to specify an alternative
HTML::Template class. This technique will eliminate the need to use
a plugin for HTML::Template-compatible classes. See the docs
for load_tmpl() for details.
Thanks to Rhesa Rozendaal for the initial patch, and Mark Stosberg for
documentation refinements.
[DOCUMENTATION]
- typo fix (George Hartzell)
- Revert back to documenting the use of "$self", not $c, after community
feedback.
[INTERNALS]
- Change how default run modes are declared for better compatibility
with AutoRunmode and RunmodeDeclare plugins. Thanks Rhesa via RT#39631.
on some platforms that lacked shared library support in the past. The
list hasn't been maintained at all and the gain is very limited, so just
get rid of it.
- Fixed several security issues.
- Fixed several stability issues.
- Official releases for the Estonian, Kannada and Telugu languages are
now available.
- Items in the "File" menu show as inactive after using the "Print" item
from that menu - switching to a new tab restores them (bug 425844).
This issue has been fixed.
- For some users, cookies would appear to go “missing” after a few days
(bug 444600).
- Mac users of the Flashblock add-on, experienced an issue where sound
from the Flash plug-in would continue to play for a short time after
closing a tab or window (bug 474022).
- Fixed several issues related to accessibility features.
Changes:
- Added CURLOPT_NOPROXY and the corresponding --noproxy
- the OpenSSL-specific code disables TICKET (rfc5077) which is enabled
by default in openssl 0.9.8j
- Added CURLOPT_TFTP_BLKSIZE
- Added CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC -
with the corresponding curl options --socks5-gssapi-service and
--socks5-gssapi-nec
- Improved IPv6 support when built with with c-ares >= 1.6.1
- Added CURLPROXY_HTTP_1_0 and --proxy1.0
- Added docs/libcurl/symbols-in-versions
- Added CURLINFO_CONDITION_UNMET
- Added support for Digest and NTLM authentication using GnuTLS
- CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 to retry the CWD
even when MKD fails
- GnuTLS initing moved to curl_global_init()
- Added CURLOPT_REDIR_PROTOCOLS and CURLOPT_PROTOCOLS
Bugfixes:
- missing ssh.obj in VS makefiles
- FTP ;type=i URLs now work with CURLOPT_PROXY_TRANSFER_MODE in
Turkish locale
- realms with quoted quotation marks in HTTP Digest headers
- VC9 makefiles are now really included
- multi interface memory leak with CURLMOPT_MAXCONNECTS set
- CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
CURLOPT_NOBODY set true
- memory leak on some libz errors for content encodings
- NSS-enabled build is repaired
- superfluous wait in SFTP downloads removed
- FTP with the multi interface no longer kills the control connection
as easily on transfer failures
- compilation halting when using VS2008 to build a Windows 2000 target
- ease creation of libcurl Mac OS X Framework
- CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD
are -1 if unknown
- Negotiate proxy authentication
- CURLOPT_INTERFACE and CURLOPT_LOCALPORT used together
This update fixes the security problem reported in CVE-2009-0037.
Changes since 2.2b1 [2008-10-06]:
- Added pnp4nagios awareness (courtesy of Jeremy Jacquier-Roux).
- Dashboards weren't always sorted.
- Updated logic to prevent Data Source Templates from skipping too many files.
- It wasn't possible to add a numeric DS (reported by Jeremy Jacquier-roux).
- Removed compatibility reporting code.
libproxy is a library that provides automatic proxy configuration management.
libproxy offers the following features:
* extremely small core footprint (< 35K)
* no external dependencies within libproxy core (libproxy plugins may
have dependencies)
* only 3 functions in the stable external API
* dynamic adjustment to changing network topology
* a standard way of dealing with proxy settings across all scenarios
* a sublime sense of joy and accomplishment
(CGI) protocol. It is a standard for applications to interface with
HTTP servers. It is similar to FastCGI but is designed to be easier
to implement.
This package provide SCGI for Apache
Sun Mar 1 02:12:14 GMT 2009 - surfraw 2.2.4
* New elvi:
+ ntrs, scicom, springer - Thanks to Wim Van Hoydonck.
+ urban - Thanks to J. R. Mauro.
+ aur - Thanks to René Reigel.
* excite: fixed.
* cite: changed to use citeseerx.ist.psu.edu, the old
citeseer is no longer being updated.
* amazon: fixed; updated categories.
Add documentation
v3.2.3 (Jan Wolter - Feb 26, 2009)
-----------------------------------------------
* Added GroupExternalError directive, which allows you to specify the
HTTP error code to be returned if the group access check fails.
Defaut is 401, but you may want to return 403 if you want to show the
user an error page instead of asking him to login again. Thanks to
Peter Crawshaw <pcrawshaw@mta.ca> for this patch.
* In hopes of getting to a more consistantly named set of directives,
added new aliases for two old directives:
GroupExternalAuthoritative alias for AuthzExternalAuthoritative
GroupExternalManyAtOnce alias for AuthExternalGroupsAtOnce
Documentation updated to refer primarily to the new names.
v3.2.2 (Jan Wolter - Dec 1, 2008)
-----------------------------------------------
THIS RELEASE UPDATES DOCUMENTATION ONLY!
* Improved documentation of AuthExternalContext directive in the INSTALL
file.
* Added documentation to the UPGRADE file on interactions between multiple
Require directives.
* SA-CORE-2009-003 - Local file inclusion on Windows
In addition to this security vulnerability, the following bugs have been fixed since the 6.9 release:
* - Patch #298722 by pwolanin: _menu_translate returns FALSE before to_arg is available. Drupal.org upgrade blocker.
* #310863 by bangpound, dboulet, catch, lee20: Locale variable results in locale module install, so skip adding empty variable when not needed.
* #275796 by Gribnif, Damien Tournoud, Dave Reid, vaish: module_list() should set its static variable to NULL instead of unset()-ing it, so it does not retain its value
* #328110 by marcingy, swentel, Damien Tournoud, pwolanin, David_Rothstein: the link argument is passed by reference to menu_link_save(), so avoid overwriting local variables in menu_enable().
* #62926 by karschsp: increase the free tagging field maximum length to 1024; the database limits are per-tag.
* #220559 by eMPee584, Desbeers, Damien Tournoud: only ever add the active class to links in l() and theme_links(), if the language was set and is the current language or if the language was not set on the link
* #365183 by Eaton: node_feed() did not use the same API functions as node_view() did, so custom fields were missing from the output
* #356721 by c960657, Dave Reid: remove static caching of the clean URLs setting in url() to help automated tests; the setting is cached through variable_get(), which however allows altering of the setting
* #290282 by kratib, jvandyk, ainigma32: Only track/limit the recursive invocations of actions_do(), instead of tracking/limiting them all.
* #320395 by qutoz, swentel: Set node format to 0 in node_submit() if the body was turned off to avoid a minor notice.
* #359918 by Dave Reid: database.inc documents the 'unique key' key, while it should be 'unique keys'
* #152098 by hunthunthunt, mgifford, Dave Reid: add 'for' attribute to 'label' tags on checkboxes and radio buttons, even if the 'label' wraps the element - accessibility best practice
* #314286 backport of some of #229129 by assimonds: disbaled checkboxes did not receive their values properly from the default value set
* #243524 by christefano, chx: our phpinfo page was very limited; give all info possible instead
* #203323 by JirkaRybka, robertgarrigos, lilou, thePanz, c960657, sun: move the LANGUAGE_* constants to bootstrap.inc and remove several defined() checks on them now that they are always defined
* #276174 by nbz, John Morahan, slightly modified: do not escape username more then once at multiple places in blog.module
* #310768 by bob_hirnlego, cdale: missing primary table and field specification in db_rewrite_sql() when called from taxonomy_overview_terms()
* #363262 by catch, chx: in Drupal 6, the url_alias table introduced a language column, but did not extend its index to that; though queries are formed on src and language
* #326210 by AlexisWilke, grendzy, jhedstrom: Take the menu item in its first submission and menu_nodeapi() by reference, so that any modifications of the item in the saving process will carry over to other submit handlers; making itpossible to write modules extending menu item manipulation
* - Patch #383318 by mr.baileys: incorrect memory shortage warning when memory limit is unlimited.
* #337162 by midkemia and ainigma32: keep the Drupal 5 menu items descriptions when upgrading to Drupal 6
* - Patch #381438 by drumm: do not use page cache for drupal.sh requests.
* #109588 by fago, cdale: use the existing user account objects instead of arg() checks, as well as fix use of where it should be
* #296082 by jandd, stefanor, nigel: avoid table aliasing in UPDATE query in system_update_6001() since PostreSQL does not support that
* #376408 by ajevans85, pwolanin: Prevent an empty anchor tag and parenthesis appearing in the output for the search index in search_nodeapi()
* #383724 by Heine, bjaspan: SA-CORE-2009-003
* SA-CORE-2009-004 Drupal core - Local file inclusion on Windows
In addition to this security vulnerability, the following bugs have been fixed since the 5.15 release:
* #124492 by m3avrck, mfer: more accurate checking for valid URLs in valid_url()
* #360038 by sun. Documentation improvement.
* #179244 by tangent: line break filter operates on object element.
* #62926 by karschsp: increase the free tagging field maximum length to 1024; the database limits are per-tag.
GtkHTML-3.24.5 2009-02-25
-------------------------
Bug Fixes:
#569365 : Do not draw a cursor without a window. (Milan Crha)
#570276 : Change Word Wrap accelerator to CtrlK, since CtrlBackspace
doesn't work apparently. (Matthew Barnes)
#571621 : Replace a g_assert() with g_return_if_fail(). (Matthew
Barnes)
1.) On platforms which provide "/etc/rc.subr" we use its process id check
to figure out when Apache actually has been stopped.
2.) On other platforms we just implement "restart" by "stop and a 10 second
delay followed by "start". If you want a better fix for please submit
a bug report to the Apache project.
This finally fixes PR pkg/39713.
- Add USE_DESTDIR support, with a very hackish way of working around apxs's
limitations. I'm sure someone will be bothered enough adding the proper
feature to apxs, but in the meantime...
...despite some self-tests still not succeeding.
Upstream changes:
0.015 27 Jan 2009
* fix IE-related bugs in JS (extra commas, IE idiosyncrasies)
0.014 26 Jan 2009
* tweek text for Add button in rel mgr to say 'Reassign' if a o2m
relationship
* add Config::General to reqs
* LiveGrid title comes from object_class (or object_class->moniker if
defined) rather than controller class name.
0.013 14 Jan 2009
* fix undef warnings in html escape.
* remove old crud/yui_related_datatable_js.tt
* fix console js bug evidenced with new Firebug release
Pkgsrc changes:
o Canonicalize HOMEPAGE
Upstream changes:
0.06 28 Jan 2009
- die when Cache::FastMmap::set() returns false value (RT #33667)
- patch from ton.voon@altinity.com to pass unlink_on_exit option
to Cache::FastMmap
- correctly set storage path from config rather than default - karman
- clean up temp files after tests
Pkgsrc changes:
o Canonicalize HOMEPAGE using http://search.cpan.org/dist/
o Adjust dependencies (add p5-MRO-Compat)
Upstream changes:
0.03
- Fix tests to work with tightened up $c->model in 5.71
- Switch from NEXT to MRO::Compat for method redispatch
Pkgsrc changes:
o Adjust dependencies to account for new requirements
o Move some dependencies into BUILD_DEPENDS, since they're
only required for "make test".
Upstream changes:
0.20 2009-02-05
- No code changes since 0.19_01 dev release.
- Add IDEAS.txt which is an irc log of discussion about the
next-generation session plugin from discussion on #catalyst-dev
- Remove TODO file, which is no longer relevant.
0.19_01 2009-01-09
- Switch from using NEXT to Class::C3 for method re-dispatch.
- Use shipit to package the dist.
- Switch to Module::install.
- Flash data is now stored inside the session (key "__flash") to avoid
duplicate entry errors caused by simultaneous select/insert/delete of
flash rows when using DBI as a Store. (Sergio Salvi)
- Fix session finalization order that caused HTTP responses to be sent
before the session is actually finalized and stored in its Store.
(Sergio Salvi)
Upstream changes:
1.10 2009-02-05 15:04
- fix a bug in created helper scripts that prevened them working (rjbs)
1.09 2009-02-04 23:57
- Add Sebastian's PROJECT FOUNDER note to Devel.pm as requested
- Fix warning when devel is not installed.
1.09 2009-02-04 23:57
- Add Sebastian's PROJECT FOUNDER note to Devel.pm as requested
- Fix warning when devel is not installed.
1.65 Fri Dec 2 15:43:32 EST 2005
- At the request of JPCERT/CC, the internal non-public tracking number
(JPCERT#96622935) has been replaced in the Changelog with the public
vulnerability number (JVN#30451602) for the cross-site scripting
vulnerability originally fixed in version 1.63.
1.64 Mon Nov 21 13:15:17 EST 2005
- Removed extraneous version numbers.
1.63 Mon Nov 14 16:37:15 EST 2005
- Fixed cross-site scripting bug reported by JPCERT/CC Vulnerability Handling Team <vuls@jpcert.or.jp>
[JVN#30451602] (originally reported by Kiyotaka Dohmae at IIJ)
1.62 Fri Jun 11 09:51:32 EDT 2004
- Patches from Scott Lawrence to support an audit log.
1.61
- Patches from Peter Marschall to support flexible DBMS searches.
- Patch from Andrew Hollenbeck to catch filesystem errors during commits of text files.
1.59 Fri May 31 19:03:45 EDT 2002
-Fix to MD5 hash config in UserAdmin.pm. CGI interface was
never working with MD method. Patch provided by Jarrod Teale.
This is a maintenance release which corrects some bugs in the installer,
introduced during the hasty security release of 1.13.4. It is not
necessary to upgrade if you do not intend on using the installer.
Virtual Hosts from LDAP. It supports DocumentRoot, ScriptAlias,
ServerName, ServerAlias, ServerAdmin and SuexecUserGroup directives.
It's built on top of mod_ldap, so it uses it's caching capabilities
and can be used with threaded apache.
2009-02-13 Release 5.824
Gisle Aas (7):
Make format_request() ensure that it returns bytes [RT#42396]
Force bytes in all the format_* methods.
Ignore Sitemap: lines in robots.txt [RT#42420]
Refactor; use variable to hold the test port
Add redirects method to HTTP::Message
Setting $ua->max_redirect(0) didn't work [RT#40260]
Convert files to UTF-8
Zefram (2):
HTTP::Cookies destructor should not clobber $! and other globals.
Deal with the Encode module distributed with perl-5.8.0
Ian Kilgore (1):
Avoid failure if 127.0.0.1:8333 is in use [RT#42866]
Ville Skyttä (1):
Documentation improvements, spelling fixes.
2008-12-05 Release 5.823
Gisle Aas (4):
Bring back the LWP::Debug code [RT#41759]
Add documentation section about 'Network traffic monitoring'.
Typo fixes
Want to ensure we get a single value back here.
2009-02-09 Release 3.60
Ville Skytta (5):
Spelling fixes.
Test multi-value headers.
Documentation improvements.
Do not terminate head parsing on the <object> element (added in HTML 4.0).
Add support for HTML 5 <meta charset> and new HEAD elements.
Damyan Ivanov (1):
Short description of the htextsub example
Mike South (1):
Suppress warning when encode_entities is called with undef [RT#27567]
Zefram (1):
HTML::Parser doesn't compile with perl 5.8.0.
Highlights in 0.11.3
--------------------
* Compatibility with Python 2.6 (#7876, #7458)
* PostgreSQL db backend improvement (#4987, #7600)
* Highlighting of search results is more robust (#7324, #7830)
* Unicode related fixes (#7672, #7959, #7845, #7935, #8024)
* Fixed Trac link rendering in ReST (#7712)
Template::Provider::Encoding is a Template Provider subclass to
decode template using its declaration. You have to declare encoding
of the template in the head (1st line) of template using (fake)
encoding TT plugin. Otherwise the template is handled as utf-8.
Catalyst is an elegant web application framework, extremely flexible
yet extremely simple. It's similar to Ruby on Rails, Spring (Java)
and Maypole, upon which it was originally based.
This is a Catalyst Engine implementing a job queue with POE. It
allows the launching of HTTP requests to the application at
predetermined moments in time and the subsequent capturing of
response to a logfile or an email address.
changes:
-Flash is now stripped from feed content per default
-Added preference option to allow Flash in feed content
-Fixes cross compilation issue with configure.ac
-translation updates
-allow to build against gtkhtml also on 64-bit platforms. gtkhtml is
rather buggy, but since liferea doesn't like the gecko version of
firefox2 anymore, and our firefox3 pkg is too hacked up to be usable
for embedding this is the only choice atm
-improve my patch for 64-bit time_t so that it should be good enough
for upstream (if there only was a working mailing list to report to)
tested by Steve Bellovin (assuming no news are good news)
improvements made in Tomcat 5.5.x and implements the Servlet 2.5 and JSP 2.1
specifications. In addition to that, it includes the following improvements:
* Memory usage optimizations
* Advanced IO capabilities
* Refactored clustering
While we're here make a number of improvements based on the old 5.5.x pkg:
- Use MASTER_SITE_APACHE
- Default to running as an unprived user
- Use a more standard rc.d script
- Cleaner pkg_delete operation based on standard files/dirs that change
Base plugin for XMLRPC and SOAP server.
XMLRPC Plugin for Catalyst which we tried to make compatible with
the way Catalyst works with URLS. Main features are:
* Split XMLRPC methodNames by STRING to find out Controller.
* Single entrypoint for XMLRPC calls, like http://host.tld/rpc
* DispatchTypes (attributes) which work much the same as Catalyst attrs
* XMLRPC Parameter handling transparent to Catalyst parameter handling
for blog sites large and small.
Roller is a Java web application that should be able to run on any Java EE
server and any relational database. Currently, Roller is best supported on
Tomcat and MySQL -- but users have reported success running Roller on
Glassfish, Websphere, JBoss, Resin, Gernonimo, Derby, PostgresSQL, Oracle,
etc.)
Here are some of Roller's key features:
* Multi-user blogging: can support tens of thousands of users and blogs
* Group blogging with three permisson levels (editor, author and limited)
* Support for comment moderation and comment spam prevention measures
* Bloggers have complete control over blog layout/style via templates
* Built-in search engine indexes weblog entry content
* Pluggable cache and rendering system
* Support for blog clients that support MetaWeblog API
* All blogs have entry and comment feeds in both RSS 2.0 and Atom 1.0 formats
at runtime via libcups or libgssapi so causing a crash due to using
the wrong binding. Rename here to avoid conflict.
Patch from Yorick Hardy. Fixes the crashes that had been seen when
trying to print that had previously been worked around by stopping
cups calling the routine. Also fixes PR pkg/39863
Quote from release announce is here and see ChangeLog for detail.
All versions are maintenance releases and contain bugfixes
and security fixes.
IMPORTANT: These versions include an important security fix
to the TYPO3 core. A security announcement has just been
released:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
A number of cross-site scripting (XSS) security vulnerabilities were
discovered in the web-based installer (config/index.php). These
vulnerabilities all require a live installer -- once the installer has been
used to install a wiki, it is deactivated.
Note that cross-site scripting vulnerabilities can be used to attack any
website in the same cookie domain. So if you have an uninstalled copy of
MediaWiki on the same site as an active web service, MediaWiki could be used
to attack the active service. If you are hosting an old copy of MediaWiki
that you have never installed, we advise you to remove it from the web.
* pkgsrc change: improve description MESSAGE about update of the frontend
template.
Version 2.6.6 (2009-02-07)
--------------------------
- Re-added the TinyMCE "indent" and "outdent" buttons (#490)
- Fixed issue with content element "article" modifying the page title (#462)
- Fixed issue with safe mode hack changing file owner when renaming case-sensitively
- Fixed issue with 403 pages not being shown if an article is specified (#477)
- Fixed a few minor bugs
If and only if this option is set the documentation for the tidy
library is built with doxygen and then installed.
This new package option is set by default hence preserving the
previous package "behaviour" in the default case.
Not setting this option provides smaller build dependencies: doxygen
is not required.
Please note that the manual page of the command line tool tidy is
still provided even if the package option 'doc' is not set.
Bump PKGREVISION to 1.
Firefox 3.0.6 fixes several issues found in Firefox 3.0.5:
* Fixed several security issues.
* Fixed several stability issues.
* In previous versions of Firefox, some users experienced a problem
where parts of the screen were not properly displaying after
Firefox was open for long periods of time.
* Improved the ability for scripted commands (including those
included in popular extensions like Adblock Plus) to work properly
with plugins. (bug 438830)
* Removed the client user ID from crash reports.
* Fixed issues with the display of some Indic scripts.
Changes to squid-2.7.STABLE6 (4 February 2009)
- Bug #2494: Fix tproxy url in configure
- Correct latency measurements
- Correct upgrade_http0.9 example
- Correct parsing of invalid http version numbers
- Crossreference authenticate_ip_shortcircuit_access and
authenticate_ip_shortcircuit_ttl
- Add in some better documentation for override-expire.
3.0.10 is a stable release which includes many enhancements but no major
new features. The most prominent improvements are SOCKS5 support and
zlib support for the default Privoxy builds.
unexpected privileges reported in PR pkg/40532 by Cem Kayali,
the issue is being discussed with upstream,
thanks to Cem for detailed reports,
also back out explicit passing of PRIVOXY_GROUP to the program --
while it does not hurt it is redundant because PRIVOXY_GROUP is already
the primary group of PRIVOXY_USER
Changes to squid-3.0.STABLE13 (03 Feb 2009):
- Fix several issues in request parsing
- Fix memory leak from logformat parsing
- Fix various ESI build errors
- ... and some documentation updates
Collection.
The Perl 5 module WWW::Shorten provides an interface to URL shortening
sites. These sites maintain databases of long URLs, each of which
has a unique identifier. A very simple program called shorten is
supplied. This program takes a URL and gives you a shortened version
of it.
IEs4Linux is the simpler way to have Microsoft Internet Explorer
running on any OS running Wine.
It provides a script with an optional GUI interface to install
various versions of IE and associated registry settings and plugins
into your .wine configuration.
* SECURITY: Fix unescaped output in the tag cloud block
* SECURITY: Fix unvalidated Horde_Image driver name
* Restore backwards compatibility with older Kronolith and Whups
releases
* Fix problems with SQL Shares and PostgreSQL
* Support Mozilla Sunbird snooze properties
The full list of changes (from version 3.3.2) can be viewed here:
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.492&r2=1.515.2.503&ty=h
Version 2.6.5 (2009-01-30)
--------------------------
- Fixed issue with SEO-friendly image cache names (#465)
- Fixed issue with indexer occasionally ignoring line breaks (#453)
- Fixed issue with TinyMCE not showing labels in IE7 (#455)
- Fixed issue with lightbox images not loading full size (#454)
Pkgsrc changes:
- Add dependency on devel/p5-Config-INI for Gist support and
avoid dependency on the Perl 5 Git module (not in pkgsrc?) for the same
Upstream changes:
0.10 Wed Jan 28 18:48:55 2009
I was a little too aggressive in my s/user/login/ (Sartak)
0.09 Wed Jan 28 18:34:31 2009
The parameter for gist is "user" not "login" (Ricardo SIGNES)
0.08 Thu Jan 22 21:44:51 2009
Optional authentication for Gist, by Ricardo SIGNES.
All versions are maintenance releases and contain only bugfixes.
IMPORTANT: These versions contain important fixes of regressions from
the earlier versions released 20 January 2009, but they do not contain
additional security fixes.
ChangeLog:
2009-01-24 Ingmar Schlecht <ingmar@typo3.org>
* Release of TYPO3 4.2.5
2009-01-24 Ingmar Schlecht <ingmar@typo3.org>
* Fixed bug #10205: DB session record is only created when user is authenticated (thanks also to Michael Stucki)
2009-01-20 Steffen Kamper <info@sk-typo3.de>
* Fixed bug #9345: Bug: CSV export includes _CLIPBOARD_ in header row (thanks to Christian Kuhn)
* pkgsrc chagnge: enable DESTDIR support.
Note: If you customize your frontend template (fe_page), you need to
update it for TYPOlight 2.6.4. Check corresponding articles
in TYPOligt's form:
http://www.typolight.org/forum/topic/9798.html
Version 2.6.4 (2009-01-24)
--------------------------
- Updated TinyMCE to version 3.2.1.1
- Added new Google Analytics code (#376)
- Added insert tag support to form subjects (#382)
- Added a TinyMCE plugin to insert lightbox images (#370)
- Added "select all" checkbox to page and file tree widgets (#116)
- Added foreign key support to DCA listing labels (#88)
- Added option to choose who to notify if there are new comments (#176)
- Added option to add CSS classes to news items and events (#61)
- Added option for regular users to create news archives, calendars etc. (#349)
- Added "postUpload" and "reviseTable" hook (#366, #412)
- Improved newsletter extension to store subscription dates (#378)
- Improved memberlist to skip members without public fields and e-mail (#386)
- Improved image cache to preserve filenames for SEO reasons (#324)
- Improved database result classes so result sets are being freed automatically
- Improved date calculation of all calendar and news modules (#432)
- Fixed issue with slimbox not showing files with special characters (#374)
- Fixed issue with users being able to include forms they are not allowed to access (#396)
- Fixed issue with special characters not being converted correctly (#361)
- Fixed issue with IE6 not loading pages (operation aborted) (#405)
- Fixed issue with regular events not being indexed for searching (#358)
- Fixed a few minor bugs
