1.65 Fri Dec 2 15:43:32 EST 2005
- At the request of JPCERT/CC, the internal non-public tracking number
(JPCERT#96622935) has been replaced in the Changelog with the public
vulnerability number (JVN#30451602) for the cross-site scripting
vulnerability originally fixed in version 1.63.
1.64 Mon Nov 21 13:15:17 EST 2005
- Removed extraneous version numbers.
1.63 Mon Nov 14 16:37:15 EST 2005
- Fixed cross-site scripting bug reported by JPCERT/CC Vulnerability Handling Team <vuls@jpcert.or.jp>
[JVN#30451602] (originally reported by Kiyotaka Dohmae at IIJ)
1.62 Fri Jun 11 09:51:32 EDT 2004
- Patches from Scott Lawrence to support an audit log.
1.61
- Patches from Peter Marschall to support flexible DBMS searches.
- Patch from Andrew Hollenbeck to catch filesystem errors during commits of text files.
1.59 Fri May 31 19:03:45 EDT 2002
-Fix to MD5 hash config in UserAdmin.pm. CGI interface was
never working with MD method. Patch provided by Jarrod Teale.
to trigger/signal a rebuild for the transition 5.8.8 -> 5.10.0.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=...").
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
module directory has changed (eg. "darwin-2level" vs.
"darwin-thread-multi-2level").
binary packages of perl modules need to be distinguishable between
being built against threaded perl and unthreaded perl, so bump the
PKGREVISION of all perl module packages and introduce
BUILDLINK_RECOMMENDED for perl as perl>=5.8.5nb5 so the correct
dependencies are registered and the binary packages are distinct.
addresses PR pkg/28619 from H. Todd Fujinaka.
The automatic truncation in gensolpkg doesn't work for packages which
have the same package name for the first 5-6 chars.
e.g. amanda-server and amanda-client would be named amanda and amanda.
Now, we add a SVR4_PKGNAME and use amacl for amanda-client and amase for
amanda-server.
All svr4 packages also have a vendor tag, so we have to reserve some chars
for this tag, which is normaly 3 or 4 chars. Thats why we can only use 6
or 5 chars for SVR4_PKGNAME. I used 5 for all the packages, to give the
vendor tag enough room.
All p5-* packages and a few other packages have now a SVR4_PKGNAME.
Use REPLACE_PERL, instead of hardcoding /usr/pkg/bin/perl.
Standardize MESSAGE, and fix typo.
Remove share/doc/user_manage on deinstall.
Change PKGNAME to p5-${DISTNAME}.
This is HTTPD-User-Manage version 1.5X, a script and set of Perl
modules for managing access control with the Apache, NCSA httpd, CERN
and Netscape servers (and maybe some others).
You can install this program as a CGI script to allow remote users to
change their Web access passwords. Web administrators can use it to
remotely add, edit and delete users and their groups. You can also
use it from the command line as a nice all-in-one interface to access
control databases based on text files, DBM files, and SQL databases.
Please see the file user_manage.html for complete details.
