to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
Upstream changes:
0.23 2013-05-17T00:16:48Z
- fixed guts(), clone() and replace_with() to properly handle XML::LibXML::Dtd nodes
- guts() now includes the Dtd node in the returned document (unless it were implicitly created)
- clone() calls createInternalSubset() on the new document
- replace_with() calls createInternalSubset() if the replacement is a XML::LibXML::Dtd (can't import Dtd node)
(cafe01)
0.22 2013-05-13T00:04:09Z
- improved guts(), calling nonBlankChildNodes() instead of childNodes()
- improved HTML::TreeBuilder::LibXML::Node documentation
(cafe01)
0.21 2013-05-12T19:12:53Z
- fixed guts(),
- now returning nodes from <head> and <body> instead of just <body>
- now returning text and comment nodes instead of just element nodes
- returned nodes now belong to the same document
- fixed to_HTML to render valid html, not xml
(cafe01)
0.20 2013-05-10T20:44:16Z
- improved replace_with() on document node.
- fixed push_content() and unshift_content() to work with document mode.
(cafe01)
0.19 2013-05-10T01:03:58Z
- fixed replace_with() and parent(),
to avoid calling appendChild() on a Document node, which is not supported by XML::LibXML.
(cafe01)
0.18 2013-05-09T20:49:04Z
- implemented all node methods needed for Web::Query::LibXML to work
- clone_list
- detach
- delete_content
- content_list
- replace_with
- push_content
- unshift_content
- postinsert
- preinsert
- disembowel (HTML::TreeBuilder::LibXML)
(cafe01)
- modified parse_file() to read file content, then call parse_content()
- thats because parse_content() will detect (heuristically) when the parser will add implict <html><body> tags, so guts() can work properly.
(cafe01)
0.18 2013-05-09T01:27:46Z
- implemented matches(), parent(), guts() node method
(Carlos Fernando Avila Gratz)
New in version 0.4.11
==============================
* Build fixes with cmake 2.8.10+
* Quick release without built binaries / files (Address Bug #184)
New in version 0.4.10
==============================
* Fix http chunk encoded PAC that was broken in previous release
* Add HTTP client unit test
* Fix more coding style issues
New in version 0.4.9
==============================
* CVE-2012-4504 Fixed buffer overflow when downloading PAC
* Fix infinit loop uppon network errors
New in version 0.4.8
==============================
* Only support standalone mozjs185 as mozilla js engine.
xulrunner being part of the now lightning fast moving firefox
is impossible to be tracked as a dependency and it is not
supported by Mozilla to be used in this scenario.
* Support building with javascritpcoregtk 1.5
(got split out of webkitgtk).
* Support sending multiple results.
* Issues fixed:
- #166: Libproxy does not parse NO_PROXY correct when the line
contains spaces
- #164: If gconf's value is an empty list, pxgconf will make
/usr/bin/proxy wait forever
- #60: use lib js for embedded solutions
- #160: strdup and gethostbyname not declared on OSX 10.7
- #168: .pc file should be installed under OSX as well.
- #170: Also check for "Transfer-Encoding: chunked".
- #171: mozjs pacrunner: Fix parameters of dnsResolve_()
- #172: Allow to forcibly build pacrunner as module (-DBIPR={ON,OFF})
- #173: Libproxy doesn't build with gcc 4.7
- #147: Use ${CMAKE_DL_LIBS} instead of assuming libdl is correct.
- #176: python bindings: guard the destructor.
- #177: Speed up importing of libproxy in python.
- #179: CMAKE 2.8.8 does not define PKG_CONFIG_FOUND
New in version 0.4.7
==============================
* Support/require xulrunner 2.0+
* Support linking againgst libwebkit-gtk3 (-DWITH_WEBKIT3=ON)
* Port to gsettings for gnome3. (-DWITH_GNOME3=ON[default])
* Issues closed:
- #149: always test for the right python noarch module path
- #155: Cannot compile with Firefox 4
- #156: libproxy should build against webkitgtk-3.0
- #158: Won't compile w/ xulrunner 2.0 final
- #159: libproxy fails with autoconfiguration "http://proxy.domain.com"
- #131: GSettings-based GNOME plugin
- #150: SUSE sysconfig/proxy config support
New in version 0.4.6
==============================
* Fixed a crash in the URL parser
* Fixed build issues with Visual Studio
* Updated the INSTALL file
* Install Python binding in prefix path if site-packages exists
* Fixed compilation with Visual Studio
New in version 0.4.5
===============================
* C# bindings are installable (-DWITH_DOTNET=ON)
* C# bindings installation path can be changed using -DGAC_DIR=
* Internal libmodman build fixed
* Installation dirs are now all relative to CMAKE_INSTALL_PREFIX
* Fixed test while using --as-needed linker flag
* Fixed generation of libproxy-1.0.pc
* Basic support for Mingw added (not yet 100% functional)
* Ruby binding implemented (not yet in the build system)
* Fixed modules not being found caused by relative LIBEXEC_INSTALL_DIR
* Fixed bug with builtin plugins (Issue 133)
* Vala bindings installation path can be changed using -DVAPI_DIR=
* Python bindings installation path can be changed using -DPYTHON_SITEPKG_DIR=
* Perl bindings can be installed in vendor directory (-DPERL_VENDORARCH=ON)
* Perl bindings installation path can be change using -DPX_PERL_ARCH=
* Unit test now builds on OSX
New in version 0.4.4
===============================
* Add support for optionally building using a system libmodman
* Rework build system to be cleaner
* Fix two major build system bugs: 127, 128
New in version 0.4.3
===============================
* Test can now be out-compiled using BUILD_TESTING=OFF
* Fixed python binding not handling NULL pointer
* Pyhton binding now support Python version 3
* Rewrote URL parser to comply with unit test
* Username and password are now URL encoded
* Scheme comparison is now non-case sensitive
* Fixed deadlock using WebKit has PAC runner
* Fixed OS X compilation of Perl bindings
New in version 0.4.2
===============================
* Fixed python binding that failed on missing px_free symbole
* Workaround cmake bug with dynamic libraries in non-standard folders
New in version 0.4.1
===============================
* Perl bindings have been integrated into the CMake Build System
* Vala bindings are installed if -DWITH_VALA=yes is passed to cmake
* All extensions can be disabled using WITH_*=OFF cmake options
* socks5:// and socks4:// can now be returned
* Many bugfixes
New in version 0.4.0
===============================
* C++ rewrite
* Small API change (px_proxy_factory_get_proxy() can now return NULL)
* SOVERSION bump
* libmodman is now a seperate library
* Migrate to cmake
* Windows support (config_w32reg, ignore_hostname; VC++ support)
* MacOSX support (config_macosx, ignore_hostname)
* Built-in modules support
* Support for chunked encoding
* Move to hidden visibility by default
* KDE's KConfig symantics are fully supported
* Removeal of all PX_* env variables (no longer needed)
* Symbol based detection of relevant pacrunner
* Reworked config_gnome to not suck (its *much* faster)
* Many other things I can't remember
* Use common files for www/firefox.
SeaMonkey-specific changes
Basic Private Browsing support has been added (experimental for now).
Added support for safe browsing which blocks potentially malicious websites reported as attack sites (malware) or web forgeries (phishing).
Information like preview text, subject and sender can be shown in new mail notifications now.
See the changes page for minor changes.
Mozilla platform changes
CSS -moz-user-select:none selection has been changed to improve compatibility with -webkit-user-select:none (bug 816298).
Applied graphics-related performance improvements (bug 809821).
Removed E4X support from SpiderMonkey.
Added support for the <main> element.
Implemented scoped stylesheets.
Fixed some function keys not working when pressed (bug 833719).
Fixed several stability issues.
* Remove reference to devel/xulrunner.
* Move some common files for firefox/xulrunner-21.0.
* Move patches from devel/sulrunner.
* Take MAINTAINERship.
Upstream changes:
MediaWiki 1.20.6 [edit]
This is a security and maintenance release of the MediaWiki 1.20 branch.
Changes since 1.20.5 [edit]
(bug 48306) SECURITY: Run file validation checks on chunked uploads, and chunks of upload, during the upload process.
(bug 44327) mediawiki.user: Use session ID instead of 1-year cross-session cookies
(bug 47202) wikibits: FF2Fixes.css should not be loaded in Firefox 20.
(bug 31044) Make ResourceLoader behave in read-only mode
1.0.6
=====
* Model views now support default sorting order
* Model type/column formatters now accept additional view parameter
* is_visible for administrative views
* Model views have after_model_change method that can be overridden
* In model views, get_query was split into get_count_query and get_query
* Bootstrap 2.3.1
* Bulk deletes go through delete_model
* Flask-Admin no longer uses floating navigation bar
* Translations: French, Persian (Farsi), Chinese (Simplified/Traditional),
Chech
* Bug fixes
This version include a new album interface display mode named list-view.
Icon view can be switched to a flat item list, where items can be sorted
by properties columns as in a simple file manager. Columns can be
customized to show file, image, metadata, or digiKam properties.
Changelog:
Tomcat 7.0.40 Released 2013-05-09
The Apache Tomcat Project is proud to announce the release of version 7.0.40 of Apache Tomcat. This release contains a security fix and a number of bug fixes and improvements compared to version 7.0.39. The notable changes include:
A fix for CVE-2013-2071 (bug 54178) an information disclosure issue.
Various fixes to stop Tomcat attempting to parse text that looks like an EL expression in a JSP document as an EL expression when EL expressions are either not permitted or not enabled.
Improved handling and reporting if a ConcurrentModificationException occurs while checking for memory leaks when a web application is being stopped.
* This release of firefox is built with internal xulrunner.
Because separated (system) xulrunner has prefs and chrome load problem.
* gnome option is broken in libnkmozgnomevfs.so build.
Changelog:
NEW
The Social API now supports multiple providers
NEW
Enhanced three-state UI for Do Not Track (DNT)
NEW
Firefox will suggest how to improve your application startup time if needed
NEW
Preliminary implementation of Firefox Health Report
CHANGED
Ability to restore removed thumbnails on New Tab Page
CHANGED
CSS -moz-user-select:none selection changed to improve compatibility with -webkit-user-select:none (bug 816298)
CHANGED
Graphics related performance improvements (bug 809821)
CHANGED
Removed E4X support from Spidermonkey
DEVELOPER
Implemented Remote Profiling
DEVELOPER
Integrated add-on SDK loader and API libraries into Firefox
HTML5
Added support for <main> element
HTML5
Implemented scoped stylesheets
HTML5
Added support for window.crypto.getRandomValues
FIXED
Some function keys may not work when pressed (833719)
FIXED
Browsing and Download history clearing needs unification to avoid confusion on clearing download history (847627)
FIXED
21.0: Security fixes can be found here
Fixed in Firefox 21
MFSA 2013-48 Memory corruption found using Address Sanitizer
MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent
MFSA 2013-46 Use-after-free with video and onresize event
MFSA 2013-45 Mozilla Updater fails to update some Windows Registry entries
MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service
MFSA 2013-43 File input control has access to full path
MFSA 2013-42 Privileged access for content level constructor
MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)
* Fix test suite to not fail when XML::Twig is not installed. Closes:
#707436
* theme: Now <TMPL_IF THEME_$NAME> can be used in all templates
when a theme is enabled.
* notifyemail: Fix bug that caused duplicate emails to be sent when
site was rebuilt.
* bzr: bzr rm no longer has a --force option, remove
Important: Session fixation CVE-2013-2067
FORM authentication associates the most recent request requiring
authentication with the current session. By repeatedly sending
a request for an authenticated resource while the victim is
completing the login form, an attacker could inject a request
that would be executed using the victim's credentials.
Note that the option to change session ID on authentication was
added in Tomcat 6.0.21. In earlier 6.0.x releases, prevention of
session fixation was an application responsibility.
This vulnerability represents a bug in Tomcat's session fixation
protection that was added in 6.0.21. Hence, only versions 6.0.21
onwards are listed as vulnerable.
This was fixed in revision 1417891.
This issue was identified by the Tomcat security team on
15 Oct 2012 and made public on 10 May 2013.
Affects: 6.0.21-6.0.36
Important: Denial of service CVE-2012-3544
When processing a request submitted using the chunked transfer
encoding, Tomcat ignored but did not limit any extensions that
were included. This allows a client to perform a limited DOS
by streaming an unlimited amount of data to the server.
This was fixed in revision 1476592.
This issue was reported to the Tomcat security team on
10 November 2011 and made public on 10 May 2013.
Affects: 6.0.0-6.0.36
ChangeLog:
++++++++++
Catalina
fix 52055: Ensure that filters are recycled. (markt/kkolinko)
fix 52184: Reduce log level for invalid cookies. (markt)
fix 53481: Added support for SSLHonorCipherOrder to allow the
server to impose its cipher order on the client. Based on
a patch provided by Marcel Šebek. (schultz)
fix 54044: Correct bug in timestamp cache used by logging
(including the access log valve) that meant entries could
be made with an earlier timestamp than the true timestamp. (markt)
fix In FormAuthenticator: If it is configured to change
Session IDs, do the change before displaying the login
form. (kkolinko)
fix 54054: Do not share shell environment variables between
multiple instances of the CGI servlet. (markt)
fix 54087: Correctly handle (ignore) invalid If-Modified-Since
header rather than throwing an exception. (markt/kkolinko)
fix 54220: Ensure the ErrorReportValve only generates an error
report if the error flag on the response has been set. (markt)
fix Fix memory leak of servlet instances when running with
a SecurityManager and either init() or destroy() methods
fail or the servlet is a SingleThreadModel one, and of
filter instances if their destroy() method fails with an
Error. (kkolinko)
fix 54382: Fix NPE when SSI processing is enabled and an empty
SSI directive is present. (markt)
fix 54483: Correct one of the Spanish translations. Based on
a suggestion from adinamita. (kkolinko)
update 54527: Synchronize conf/web.xml mime mapping with Tomcat 7. (markt)
Coyote
fix 54248: Ensure that byte order marks are swallowed when
using a Reader to read a request body with a BOM for those
encodings that require byte order marks. (markt)
fix 54324: Allow APR connector to disable TLS compression
if OpenSSL supports it. (schultz)
fix 54456: Ensure that if a client aborts a request when
sending a chunked request body that this is communicated
correctly to the client reading the request body. (markt)
update Update the native component of the APR/native connector
to 1.1.27 and make that version the recommended minimum
version. (kkolinko)
Jasper
fix 54615: Tomcat 6 doesn't build against ecj 4.x (kkolinko)
Cluster
fix 54045: Make sure getMembers() returns available member
when TcpFailureDetector works in static cluster. (kfujino)
Web applications
update 22278: Add a commented out sample configuration of
RemoteAddrValve to META-INF/context.xml files of the
Manager and Host Manager applications. (kkolinko)
fix 54080: Clarify documentation for initial value of
internalProxies attribute of RemoteIpValve. (schultz/kkolinko)
fix 54198: Clarify that HttpServletResponse.sendError(int)
results in an HTML response by default. (markt)
fix 54207: Correct JNDI factory package name in Javadoc for
org.apache.naming.java.javaURLContextFactory. (markt)
Other
update Add sample Apache Commons Daemon JSVC wrapper script
bin/daemon.sh that can be used with /etc/init.d. (kkolinko)
update In the build configuration: introduce property
"tomcat.output" that is used to specify location of the
build output directory. This simplifies configuration if
someone wants to move the output directory elsewhere
(e.g. out of the source tree). (kkolinko)
fix 54390: Use 'java_home' on Mac OS X to auto-detect
JAVA_HOME. (schultz)
update 54601: Change catalina.sh to consistently use
LOGGING_MANAGER variable to configure logging, instead
of modifying JAVA_OPTS one. (kkolinko)
update 54890: Update to Apache Commons Daemon 1.0.15. (mturk)
This is TPYO3 6.0 based stable release which support PHP 5.4.
TYPO3 is a free Open Source content management system for enterprise
purposes on the web and in intranets. It offers full flexibility and
extendability while featuring an accomplished set of ready-made
interfaces, functions and modules.
