generalise the linker flags used to export symbols by setting them on
a per-OS basis.
> many packages force -Wl,-export-dynamic which is not portable outside GNU ld
> and cause problems e.g. on Solaris. some of these packages use if
> conditionals either only for NetBSD or except SunOS, but the state is not
> coherent and it may complicate later when support for new OS is added to
> pkgsrc (e.g. ongoing work on HP-UX support).
>
> jlam proposed the following framework in discussion on tech-pkg:
>
> http://mail-index.netbsd.org/tech-pkg/2002/06/21/0009.html
>
> now, ${EXPORT_SYMBOLS_LDFLAGS} is used instead of directly defining
> -Wl,-export-dynamic which is set in appropriate defs.*.mk to reasonable
> values. packages should be converted to this framework by:
>
> 1) replacing LDFLAGS+= -Wl,-export-dynamic and LIBS+= -export-dynamic with:
>
> LDFLAGS+= ${EXPORT_SYMBOLS_LDFLAGS}
>
> 2) for use in patchfiles, add this variable to MAKE_ENV if needed:
>
> MAKE_ENV+= EXPORT_SYMBOLS_LDFLAGS=${EXPORT_SYMBOLS_LDFLAGS}
>
> 3) replace occurances of -Wl,-export-dynamic and -export-dynamic in patch
> files with:
>
> $(EXPORT_SYMBOLS_LDFLAGS)
- Applied OpenSSL ASN.1 patch
- New Certum CA root certificate and updated old roots
- Fixed problem with untrusted HTML content being inserted into
Directory listings (buffer overrun)
BINS 1.1.15
-----------
- New parameter linkInsteadOfCopy has been added, to create a link to
the image in the destination directory instead of copying it, when
it's possible.
Patch from Vincent Bernat.
- Correct a bug that crashed bins with Perl 5.8.0
Patch from Marty Leisner
- Include links for movie files (avi, mpeg and mov) in the navigation
bar of albums ("In this album" upper left box).
Patch from Vincent Cautaer.
- Scale method (to created scaled pictures and thumbnails) can now be
chose with the new scaleMethod parameter. It can be either scale or
sample. sample is faster, scale is better.
Idea from Mark W. Eichin.
- Don't perform rotation on files matching the regexp defined by the
new noRotation parameter (default to _Orig suffix). This can be used
in conjunction with scaleIfSameSize=0 and a scaled size of 100%x100%
to keep original pictures in your album.
Patch from Vincent Cautaer.
- Correct a bad behavior with some little pictures when scaled sizes
uses mixed pixels and percentages.
Patch from Vincent Cautaer.
- jpegtran can now be used with image names containing spaces.
Patch from Vincent Bernat.
- Define $verbose earlier to avoid warning.
Patch from Vincent Bernat.
- Chop local encoding to avoid carrier return.
Patch from Vincent Bernat.
- A sample album.xml file is provided in the doc directory. Take a
look at it to see how you can customize a album.
- New Feature: HTML::Template will combine HTML_TEMPLATE_ROOT
environment variable and path option if both are
available. (Jesse Erlbaum)
- New Feature: __counter__ variable now available when
loop_context_vars is set (Simran Gambhir)
- New Feature: The default attribute allows you to specify
defaults for <tmpl_var> tags.
- Bug Fix: fixed parser to reject <tmpl_var>s with no names.
(crazyinsomniac)
- Doc Fix: fixed documentation to correctly describe the
interaction of case_sensitive and loop_context_vars.
(Peter Claus Lamprecht)
- Doc Fix: updated mailing-list information to reflect move from
vm.com to sourceforge.net
* SECURITY: [CAN-2002-0661] Close a very significant security hole that
applies only to the Win32, OS2 and Netware platforms. Unix was not
affected, Cygwin may be affected. Certain URIs will bypass security
and allow users to invoke or access any file depending on the system
configuration. Without upgrading, a single .conf change will close
the vulnerability. Add the following directive in the global server
httpd.conf context before any other Alias or Redirect directives;
RedirectMatch 400 "\\\.\."
Reported by Auriemma Luigi <bugtest@sitoverde.com>.
[Brad Nicholes]
* SECURITY: Close a path-revealing exposure in multiview type
map negotiation (such as the default error documents) where the
module would report the full path of the typemapped .var file when
multiple documents or no documents could be served based on the mime
negotiation. Reported by Auriemma Luigi <bugtest@sitoverde.com>.
[CAN-2002-0654] [William Rowe]
* SECURITY: Close a path-revealing exposure in cgi/cgid when we
fail to invoke a script. The modules would report "couldn't create
child process /path-to-script/script.pl" revealing the full path
of the script. Reported by Jim Race <jrace@qualys.com>.
[CAN-2002-0654] [Bill Stoddard]
* More bug fixes (see the CHANGES file)
* Improved application and layout performance
* Improved stability
* Improved Web site compatibility
* Improved CSS, DOM and HTML standards support
* Distinct window icons for the different Mozilla applications (artwork contributed by Grayrest).
* Mozilla can now trigger MS DUN when started without a connection.
* Fullscreen mode for Mozilla on Linux (press F11).
* Browser tabs now close left to right (they used to close right to left).
* The tab bar now has a button for creating new tabs.
* All Search entry points now use your default search engine.
* Download Manager has been enabled as the default download view (with many improvements)
* Autocomplete in the location bar has more intelligent completion.
* The Linux File Picker has improved filtering and a new directory button.
* File extensions more accurately handled in downloads and we save the correct files when saving complete Web pages
* Drag and drop support has been greatly improved.
* View selection source: Context clicking on a selection now lets you view the HTML source for the selected area.
* Page info displays more page info with improved General and Media tab content.
* New button in prefs for making Mozilla the system default browser on MS Windows
* MathML is now enabled for Mozilla on Macintosh (it was already available on Windows and Linux).
* Mozilla now takes advantage of Quartz rendering for users of Mac OS X 10.1.5
* Better Bi-Di Arabic and Hebrew support including improved layout of Arabic pages on Linux and other platforms without their own Arabic shaping support.
* We have new layout performance enhancements targeted at DHTML.
* Mozilla now has support for the display of XBM images.
* Image and plug-in blocking for Mail & News
* Mozilla allows you to view HTML mail messages as plain text.
* You can now quote the current message in a Mail compose window with Quote Original under the options menu.
* The JavaScript Debugger has gone through a major development cycle. It now sports a palette of nine views which can be rearranged within the main window or docked in separate floating windows. It is also possible to create user-defined views and commands directly with JavaScript. More details are available in the FAQ, newsgroup, or IRC channel.
* Chatzilla has improved tab completion and can now join channels with Japanese names.
buildlink2.mk files back into the main trunk. This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
jaco at scrogneugneu.org.
Changes since 1.1.10 are:
- Some image files and directories can now be excluded by setting some
regexp to excludeFiles and excludeDirs new parameters. excludeDirs is
set to ^CVS$ in default config, and thus, CVS subdirs aren't processed
by bins now.
- HTML generation performances have been increased by using the
blind_cache parameter of HTML::Template.
Thanks to Mark Eichin for this one.
- Corrected a bug that wrongly set width and height of thumbnails and
prevented Internet Explorer (at least version 5) to display them.
- Changed the image template so that Internet Explorer can display the
title tooltip on the prev/next thumbnails (when thumbPrevNext is 1).
- bins now process .thm (THuMbnail) files. Accroding to Mark Eichin,
Canon cameras that do movies generate mvi*.thm files which are really
small JPEGs with exif data.
- It is now possible to use the <sizes> parameter in picture
description files to have different scaled images number and scaled
sizes for pictures in the same album (for example, one can have three
scaled pictures, small, medium and big, for most of the images of an
album, and a fourth one, huge, for big panoramas). Some other
parameters, such as titleOnThumbnail, defaultSize or
thumbnailBackground, can now also be used on a per image basis.
- A bug introduced in 1.1.10 version that caused scaleIfSameSize
parameter to be always 1 has been corrected.
Thanks to Mark Eichin for pointing out the problem
and to Dan (mcmahill @ mtl.mit.edu) and Kamil Iskra for the correction path.
- jpegtran can now be used even if it cannot handle the same file in
input and output (this is the case for the jpegtran shipped with most
GNU/Linux distribution, except Debian).
Patch from Kamil Iskra.
- Corrected encoding problem on creation date.
- Sorting order for directories and/or pictures can now be reversed,
using the -r command line option or the reverseOrder parameter.
Patch from Christian Hoenig for the -r option.
- A bug on automatic rotation of destination image when -o was used
has been corrected (width and height were inversed).
- French translation has been corrected.
- Some javascript code is now added in thumbnails pages to preload
thumbnails of the next page when current one is loaded, to speed up
the album browsing. This can be deactivated with the new
javaScriptPreloadImages parameter.
- Generated HTML code is now cleaned up to reduce the size of pages
and thus, speed up browsing. This reduces the size of HTML BINS files
by about 30%. This uses the HTML::Clean(3) library (new
dependency). This can be deactivated with the new compactHTML
parameter.
- Use of the jpegtran program is now deactivated in default config
(some versions fail to perform rotation correctly). A new parameter
rotateWithJpegtran has been added. Set it to 1 in binsrc to continue
to use jpegtran.
- Added some non breakable spaces in HTML code.
- Strip . (dots) in small size names when creating file names (this
caused problem with italian i18n). You may have to delete all your
generated HTML files before running bins on a old italian album to
clean it up.
- Some minor bugs have been corrected.
- French translation has been corrected.
o allow -X mode to work for "/"
o work on systems without MADV_SEQUENTIAL
o make a local cut-down copy of "queue.h" (fixes linux & solaris
support at the very least)
o portability fixes for pre-ipv6 socket api systems (eg, solaris 7)
o portability fixes for missing _PATH_DEFPATH, LOG_FTP and __progname
o better documentation on virtual host support
Restore perl-5.004 and perl-5.005 compatibility.
Direct support for some new schemes urn:, urn:isbn:,
urn:oid:, rtsp:, and rtspu:. The rtsp support was
contributed by Matt Selsky <selsky@columbia.edu>.
The host for URI::file was not unescaped.
* Added basic --verify mode, to check whether the remote copy of a
site using safe mode has been modified outside sitecopy's control.
* Added Norwegian Nynorsk translation, nn.po (Karl Ove Hufthammer
<huftis@bigfoot.com>)
* Added 'http tolerant' option, to skip OPTIONS check in WebDAV mode.
And many fixes & updates.
that has some support for tables and frames, builds against openmotif, and
is also IPv6 capable! The name stands for "mbone" Mosaic, but that part
probably doesn't even work (yet).
[For real this time -- previous try misspelled the name of the directory.]
* escape blanks and other non-7bit graphic characters in startfile and similar
addresses to guard against interpreting the address as multiple lines
during a GET, etc (report by Ulf Harnhammar <ulfh@Update.UU.SE>) -TD
Bug Fixes:
Discard POST/PUT requests that have negative content-lengths. Make the
CanonicaliseHost() function robust to bad IP addresses. Fix some memory leaks,
free some unfreed memory. Don't give socket error using '-f' option. Fix
compilation on Cygwin. Fix IPv6 compilation on Solaris 9. Bug fix for v2.7c
Cookie change. Don't replace '//' in a URL path with '/'.
- Recognises Netscape 7 browser. Also better diagnosis of Windows
operating systems for Netscape and Mozilla browsers.
- New version of IIS How-To.
- Later UNCOMPRESS commands now correctly override earlier ones.
- SEARCHCHARCONVERT can now be turned on for multibyte character sets,
though it's not recommended.
- French report descriptions files.
- New versions of Polish and alternative Swedish language files.
- East Timor country code is now .tl.
Rearrange several bits of the rrdtool build mechanism so that we're not
cheating quite as much. The end result is that rrdtool now compiles on
both ELF and a.out.
Closes pkg/14606 from Tim Preston <tim at flibble dot org>
M. Bishop (wwwoffle's author/maintainer). With this, if IPv6-mapped IPv6
addresses are enabled, attempting to bind the wildcard address for both
protocols is not a fatal error.
partially revert Makefile, v1.32, so platforms without openssl-0.9.6e
in base will be able to find libssl.so.300 and libcrypto.so.300 for
binaries linked against libwwwwwl.so. Bump pkgrevision to reflect the
change in dependencies on platforms without openssl-0.9.6e in base.
changes since bozohttpd 5.12:
o support .mp3 files (type audio/mpeg)
o use stat() to find out if something is a directory, for -X mode
changes since bozohttpd 5.11:
o constification
o fixes & enhancements for directory index mode (-X)
squidGuard is a combined filter, redirector and access controller plugin
for Squid. It can be used to:
* limit the web access for some users to a list of accepted/well known web
servers and/or URLs only.
* block access to some listed or blacklisted web servers and/or URLs
for some users.
* block access to URLs matching a list of regular expressions or words
for some users.
* enforce the use of domainnames/prohibit the use of IP address in URLs.
* redirect blocked URLs to an "intelligent" CGI based info page.
* redirect unregistered user to a registration form.
* redirect popular downloads like Netscape, MSIE etc. to local copies.
* redirect banners to an empty GIF.
* have different access rules based on time of day, day of the week, date etc.
* have different rules for different user groups.
* and much more..
Changes in release 0.21.3:
* Fix segfault if using proxy server with SSL session and server
certificate verification fails.
* Fix leak of proxy hostname once per session (if a proxy is used).
* Add --with-libs configure argument; e.g. --with-libs=/usr/local picks
up any support libraries in /usr/local/{lib,include}
Changes in release 0.21.2:
* Fix 'make install' for VPATH builds.
* Use $(mandir) for installing man pages (Rodney Dawes).
* Follow some simple (yet illegal) relativeURI redirects.
* Always build ne_compress.obj in Win32 build (Branko Èibej).
* Fix decompression logic bug (Justin Erenkrantz <jerenkrantz@apache.org>)
(could give a decompress failure for particular responses)
* Fix ne_proppatch() to submit lock tokens for available locks.
* More optimisation of ne_sock_readline.
Changes in release 0.21.1:
* Don't include default SSL port in Host request header, which can
help interoperability with misbehaving servers (thanks to Rodney Dawes
<dobey@ximian.com>).
* Don't give a "truncated response" error from ne_decompress_destroy if
the acceptance function returns non-zero.
* Fix for Win32 build (Sander Striker <striker@apache.org>).
* Fix for cookie name/value being free()d (thanks to Dan Mullen).
* Optimisation of ne_sock_readline.
Changes in release 0.21.0:
* Socket layer implements read buffering; efficiency and performance
improvement. Based on work by Jeff Johnson <jbj@redhat.com>
* Cleanup of socket interface:
- renamed everything, s/sock_/ne_sock_/, s/SOCK_/NE_SOCK_/
- removed unused and inappropriate interfaces.
- renaming done by Olof Oberg <mill@pedgr571.sn.umu.se>
- see src/ChangeLog for the gory details.
* Fix typoed 'ne_destroy_fn' typedef (Olof Oberg).
* Support OpenSSL/ENGINE branch.
* Bogus ne_utf8_encode/decode functions removed.
* ne_base64() moved to ne_string.[ch].
* ne_token drops 'quotes' parameter; ne_qtoken added.
* ne_buffer_create_sized renamed to ne_buffer_ncreate.
* ne_xml_get_attr takes extra arguments and can resolve namespaces.
* ne_accept_response function type takes const ne_status pointer.
* Drop support for automatically following redirects:
- ne_redirect_register just takes a session pointer
- ne_redirect_location returns an ne_uri pointer
* configure changes: --with-ssl and --with-socks no longer take a directory
argument. To use SOCKS or SSL libraries/headers in non-system locations,
use ./configure CPPFLAGS=-I/... LDFLAGS=-L/...
* Reference documentation included for most of ne_alloc.h and ne_string.h,
and parts of ne_session.h and ne_request.h.
- see installed man pages, HTML documentation.
Changes in release 0.20.0:
* Major changes to DAV lock handling interface (ne_locks.h):
- struct ne_lock uses a full URI structure to identify locked resource
- ne_lock() requires that owner/token fields are malloc-allocated (or NULL)
on entry
- introduce a "lock store" type, ne_lock_store, to replace the lock session;
accessor functions all renamed to ne_lockstore_*.
- ne_lock_iterate replaced with a first/next "cursor"-style interface
- If: headers use an absoluteURI (RFC2518 compliance fix).
- fix for handling shared locks on DAV servers which return many active locks
in the LOCK response (thanks to Keith Wannamaker)
* Moved URI/path manipulation functions under ne_* namespace (ne_uri.h):
- path handling functions renamed to ne_path_*
- URI structure handling to ne_uri_*; struct uri becomes ne_uri.
- ne_uri_parse doesn't take a 'defaults' parameter any more
- if URI port is unspecified, ne_uri_parse sets port to 0 not -1.
- added ne_uri_unparse and ne_uri_defaultport functions.
* New 'ne_fill_server_uri' function to initialize a URI structure with
the server details for a given session (useful with locks interface).
* ne_decompress_{reader,destroy} are defined as passthrough-functions
if zlib support is not enabled.
* API change: ne_ssl_provide_fn returns void not int.
* Added NE_SSL_FAILMASK for verify failure sanity check.
* Removed return codes NE_SERVERAUTH and and NE_AUTHPROXY; correct
documentation, NE_PROXYAUTH is given for proxy auth failure.
* Require zlib >= 1.1.4 to avoid possible vulnerability in earlier versions.
See http://www.gzip.org/zlib/advisory-2002-03-11.txt for more details.
(version check can be skipped by passing --with-force-zlib to configure)
* New 'ne_ssl_readable_dname' function to create a human-readable string
from an X509 distinguished name.
* Fix support for newer versions of libxml2 (thanks to Jon Trowbridge
<trow@gnu.org>).
* Fix corruption of reason_phrase in status object returned by
ne_propset_status.
* More lenient handling of whitespace in response headers.
* ne_content_type_handler will give a charset of "ISO-8859-1" if no charset
parameter is specified for a text/* media type (as per RFC2616).
* Miscellaneous cleanups and fixes (Jeff Johnson <jbj@redhat.com>).
Changes in release 0.19.4:
* Support bundled build of expat 1.95.x (Branko Èibej).
Update submitted by Joel Wilsson <joelw@unix.se> in PR 17812.
PTHREAD_OPTS. This allows us to ignore the "require" inherited from the
glib/buildlink.mk file, which was originally causing "require native" to
be used for mozilla and was causing build problems on platforms without
native pthreads.
comes from devel/glib/buildlink. devel/glib requires a pthread library but
www/mozilla optionally wants a native pthread library. Checking for
PTHREAD_TYPE != "native" will work, but we may want to consider expanding
the capabilities of pthread.buildlink.mk to cover this scenario.
size and in the correct format, it is not re-encoded (losing quality)
anymore but just copied.
Problem noted by Jeff McMahill. Andrew Brown and Jaromir Dolecek helped
me with perl.
Bump PKGREVISION.
Give Apache a user and group by default, not only with suexec.
The variables for this have changed from APACHE_SUEXEC_USER and
APACHE_SUEXEC_GROUP to APACHE_USER and APACHE_GROUP.
Mention 'Apache' in COMMENT.
Use variables for the version number instead of copying it around.
Bump PKGREVISION.
For apache{,6}:
Change paths to /var/httpd instead of /var/spool/httpd.
Honour STRIPFLAG.
Add --without-confadjust as configure argument.
Enable the 'define' module.
For apache:
Enable proxy module on NOPIC platforms.
Some of these changes are based on pkg/17469 by Greg A. Woods, some on
comments by Johnny Lam.
Reviewed by Johnny Lam.
Changes since 5.10:
o more man page fixes from Thomas Klausner
o de-K&R C-ification
o fix Date: header for daemon mode
o fix core dump when asking for /cgi-bin/ when CGI isn't configured
o use a valid Server: header
hard coding /etc/bins.
install a default binsrc as an example which can be copied to
${PKG_SYSCONFDIR}/bins/binsrc and/or ~/.bins/binsrc
bump PKGREVISION to bins-1.1.10nb1
"file" is in "path"'s allocation. This fixes a bug where the server task
would randomly try to acces a file as a directory, and fail. Bump
PKGREVISION, as this was a fairly serious bug.
* Fix diffs between tags
* Fix duplicate accesskeys and id's in the "front" page
* Fix typo in JavaScript download window parameter
* Include query string in JavaScript download links in order to unbreak
downloads from non-default CVS roots
* Don't display @ForbiddenFiles in directory listings; also make sure their
logs are not accessible via direct URLs
* Fix dir sort order breakage when there are rogue files in the repository
dir and the sort order is not by file name
* Add -f; avoid reading ~/.cvsrc
Bug Fixes:
Install two DLLs for the Win32 version. Don't crash for HTTP servers that send
headers prefixed with whitespace. Make the "edit selected entry" option work.
Don't write uncompressed data to the cache with a header saying it is
compressed. Be more lenient in detecting spiders that cannot make requests.
The wwwoffle-tools programs now handle dir names as if they had http:// in
front. Disallow wwwoffle requests for protocols that WWWOFFLE does not
handle. Use the command line config filename in error messages. Fix to allow
compilation on SGI IRIX. Handle XHTML style tags when modifying HTML. Updated
setuid/setgid code. Some memory leaks removed and potential crashes removed
due to using lint).
New Features:
Split up Set-Cookie headers since browsers can't handle them.
Don't request deflated data since WWWOFFLE and servers don't agree on format.
Added a form on the monitor options page to stop monitoring a URL.
The confirm-requests option now asks for confirmation for page reloads.
Documentation:
Update FAQ to reference privoxy as well as JunkBuster.
Describe how to modify htdig templates to work with WWWOFFLE.
1) Linking a shared library against a static "socks{4,5}" library
does not have the desired effect of eliminating the dependency on
"socks" (not as it does for binaries).
2) No package linked against "libwww" seems to actually utilize
"socks".
Also bump the PKGREVISION and buildlink DEPENDS to the current level,
and liberalize the (formal) dependency on "openssl", for the benefit
of pre-NetBSD-1.5 systems. From now on, we can have no more issues
with "openssl" or "socks{4,5}" versions, as only the libwwwssl.*
shared libraries carry a run-time dependency on "openssl", but no
package links against them, and no "libwww" shared libraries can carry
a run-time dependency on any "socks" libraries. [Previous versions, of
course, may have had issues -- see PR 17010, which this is a partial
fix for.]
from ChangeLog:
- Lots of patches from Daniel for various things..
- Martin Robinson sent a patch for find dialog where it keeps the last search
term, I'll improve this later on.
- Agh! the typo that made the minimum font size not stick was back! fixed
again. Thanks to Daniel for finding out.
- Add a wrapper for all gtk_moz_embed_load_url() -->
_skipstone_load_url() for
skipstone internal use only and it adds a grab_focus on the embedding
widget
to help Daniel out on his upcoming kiosk mode patch.
- Patch from Devik to fix --enable-cvs-mozilla and fix
compilation on mozilla 1.0rc3
- Patch from Daniel for fixing minor leaks when config files don't
exist.
- Added an Up button plugin, must place an up.xpm inside your theme
directory or it won't display a pixmap
The aim of BINS is to generate static HTML photo albums. Some of the
functionalities of BINS are :
* album can contains other albums (sub albums): tree structure
* generation of a thumbnail and of scaled images for each picture
* generated album appearance is fully customizable by using HTML
templates and configuration parameters
* several description fields (date, location, etc...) can be
associated with the pictures (in text or HTML format)
* Exif information and Digital camera support:
o use the EXIF data structure found on some image files (usually,
those produced by digital cameras) to fill automatically some fields
(date and time for example).
o BINS use the Orientation EXIF tag (which is normally set when you
rotate a image on you DigiCam) to rotate the picture to correct
orientation.
o For each image, a page provides all information available on the
picture and the DigiCam settings when the photo was taken.
o All EXIF information is saved in the XML description file,
preventing they disappear when the image is modified
* customizable charset encoding for HTML generation, including UTF-8
(Unicode) support by default. Generation of the Apache .htaccess file
for correct encoding charset in HTTP headers
* generate valid HTML 4 code.
2.4STABLE6:
- Squid now drops any requests using transfer-encoding.
Squid is a HTTP/1.0 proxy and as such do not support
the use of transfer-encoding.
- The MSNT auth helper has been updated to v2.0.3+fixes for
buffer overflow security issues found in this helper.
- A security issue in how Squid forwards proxy authentication
credentials has been fixed
- Minor changes to support Apple MAC OS X and some other platforms
more easily.
- The client -T option has been implemented
- HTCP related bugfixes in "squid -k reconfigure"
- Several bugfixes and cleanup of the Gopher client, both
to correct some security issues and to make Squid properly
render certain Gopher menus.
- FTP data channels are now sanity checked to match the address of
the requested FTP server. This to prevent theft or injection of
data. See the new ftp_sanitycheck directive if this is not desired.
- Security fixes in how Squid parses FTP directory listings into HTML
pkg/17358. Changes:
Fixed shoting to memory with javascript and input fields
Do not call gethostbyaddr when name is not ip address (it should avoid
some useless nameserver queries)
Fixed a delay on quit until async lookup terminates
Floating point numbers in configure file are stored with '.' even on
systems with ',' in locales.
Line length fix on framebuffer.
New domain names
Croatian translation
Small change in x.c to work on some 8-bit displays.
Fixed mem_free(NULL) in x.c:1001
Avoid core dump in some cases where the callback croaks.
The perl_call_method and perl_call_sv needs G_EVAL flag
to be safe.
New parser attributes; 'attr_encoded' and 'case_sensitive'.
Contributed by Guy Albertelli II <guy@albertelli.com>.
HTML::Entities
- don't encode \r by default as suggested by Sean M. Burke.
HTML::HeadParser
- ignore empty http-equiv
- allow multiple <link> elements. Patch by
Timur I. Bakeyev <timur@gnu.org>
Avoid warnings from bleadperl on the uentities test.
NetBSD 1.4 does not have wchar.h, but everything needed by Amaya is
defined in stdlib.h. So add a wchar.h test to configure, and protect
inclusion of wchar.h by HAVE_WCHAR_H.
Solves PR 12358.
considered *BETA* software and may not work at all. This package is here
solely to provide Apache-2.0 users with a testbed for porting existing
mod_perl-1.2.x applications.
Changes are mainly bug fixes:
- * Added a few canonical casts to fix some obvious 64bit issues.
Patch: pvalchev
- * Fixed a bug with cookies path parsing.
* Fixed persistent-cookies obliteration (BUG#312, BUG#314)
* Set max 20 persistent cookies for each domain.
Patches: J<F6>rgen Viksell
- * Switched flock to lockf.
Patch: Andreas Schweitzer
- * Made a little bugfix in doc/Makefile.am.
Patch: Grigory Bakunov
- * Removed the < 256 hostname length restraint from http queries.
* Made a date-parser that copes with three HTTP date-syntaxes (BUG#335)
* Made the HTML parser a bit more robust with bad HTML (BUG#325, BUG#326)
Patches: Jorge Arellano
Prompted by PR 17420 from Martin Weber <Ephaeton@gmx.net>
Notable changes:
- cross site scripting fixes
- html & perl cleanups
- add config vars: @ForbiddenFiles, $allow_log_extra,
$allow_dir_extra, $allow_source_extra
+ Add local patches to change location of latest version of cvsweb and
to not display the address section if $address == "".
the leading "cgi-bin/" was stripped)
+ convert '-' to '_' in ${HTTP_xxx} environment variable names, and
ensure that the names are NUL terminated
+ lookup addr, host (unless -n) and port for every request, not just
cgi requests, and log the host & port in "got request ..." message
+ fix -n to work as documented; set it to *prevent* addr->name lookups
+ document -n is useful even without -c
+ don't deref NULL pointers in printf %s
+ be consistent about stripping leading `/' from command
+ clean up how "cgi-bin/" prefix is hardcoded in
+ fix -Wall compile issues
+ bump package revision
Remove `-p' from mkdir arguments, it is already part of ${MKDIR}.
While here substitute a couple of ${PREFIX} by `%D' in
`@exec ${MKDIR} ...' lines and add a couple of missing `%D' in such lines too!
Changes with mod_ssl 2.8.10 (19-Jun-2002 to 24-Jun-2002)
*) Fixed off-by-one buffer overflow bug in the compatibility
functionality (mapping of old directives to new ones).
*) Fixed memory leak in processing of CA certificates.
*) In case there is actually a certificate chain in the session cache,
we now use the value of SSL_get_peer_certificate(ssl) to verify as
it will have been removed from the chain before it was put in the
cache.
*) Seed the PRNG with a maximum of 1K from the internal scoreboard.
bump PKGREVISION.
Changes with mod_ssl 2.8.10 (19-Jun-2002 to 24-Jun-2002)
*) Fixed off-by-one buffer overflow bug in the compatibility
functionality (mapping of old directives to new ones).
*) Fixed memory leak in processing of CA certificates.
*) In case there is actually a certificate chain in the session cache,
we now use the value of SSL_get_peer_certificate(ssl) to verify as
it will have been removed from the chain before it was put in the
cache.
*) Seed the PRNG with a maximum of 1K from the internal scoreboard.
changes in links 0.9.7 -> 2.0
- JavaScript support
- remade bookmarks
- support for gamma corrections
Split into pkgsrc/www/links and pkgsrc/www/links-gui:
- rewritten to support graphics
- support for various graphics drivers including:
o X Window System
o SVGAlib
o Atheos GUI
o PMShell
- support for various graphics formats including:
o PNG
o JPEG
o TIFF
o GIF
Update and split et al provided by Lubomir Sedlacik (salo at xtrmntr dot org)
in PR##17218 - this commit closes this PR.
links web browser. Together with the update of pkgsrc/www/links
this closes PR##17218. This package and the update for pkgsrc/www/links
provided by Lubomir Sedlacik (salo at xtrmntr dot org).
Custom mod_ssl eapi patch used for now, since update of mod_ssl for 1.3.26
isn't available yet.
This fixes the CAN-2002-0392 (mitre.org) [CERT VU#944335] security
issue. For full list of changes, see
http://www.apache.org/dist/httpd/CHANGES_1.3
Changes with Apache 2.0.39
*) Fixed a build problem in htpasswd.c on Win32.
[Guenter Knauf <eflash@gmx.net>, Cliff Woolley]
Changes with Apache 2.0.38
*) Rewrite htpasswd to use APR. The removes the annoying warning about
tmpnam being unsafe. [Ryan Bloom]
*) We must set the MIME-type for .shtml files to text/html if we want them
to be parsed for SSI tags. Add the config for that to the default
config file so that it is easier to enable .shtml parsing.
[Dave Dyer <ddyer@real-me.net>]
*) Fixed a problem with 'make install' on ReliantUnix.
[Jean-frederic Clere <jfrederic.clere@fujitsu-siemens.com>]
*) Make the default_handler catch all requests that aren't served by
another handler. This also gets us to return a 404 if a directory
is requested, there is no DirectoryIndex, and mod_autoindex isn't
loaded. [Justin Erenkrantz]
*) Fixed the handling of nested if-statements in shtml files.
PR 9866 [Brian Pane]
*) Allow 'make install DESTDIR=/path'. This allows packagers to install
into a directory different from the one that was configured. This
also mirrors the root= feature from 1.3. We cannot use prefix=,
because both APR and APR-util resolve their installation paths at
configuration time. This means that there is no variable prefix
to replace. [Andreas Hasenack <andreas@netbank.com.br>]
*) AIX 4.3.2 and above: Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
These levels of AIX don't have a thundering herd problem with
accept(). [Jeff Trawick]
*) prefork MPM: Ignore mutex errors during graceful restart. For
certain types of mutexes (particularly SysV semaphores), we
should expect to occasionally fail to obtain or release the
mutex during restart processing. [Jeff Trawick]
*) Fix install-bindist.sh so that it finds any perl instead of just
early perl 5.x versions. This is consistent with a build/install
from source, and it allows the perl scripts installed by a bindist
to work on systems with perl 5.6. [Jeff Trawick]
*) Fix apxs so that the makefile created by "apxs -g" works on AIX and
Tru64 (and probably some other platforms). [Jeff Trawick]
*) Allow CGI scripts to return their Content-Length. This also fixes a
hang on HEAD requests seen on certain platforms (such as FreeBSD).
[Justin Erenkrantz]
*) Added log rotation based on file size to the RotateLog support
utility. [Brad Nicholes]
*) Fix some casting in mod_rewrite which broke random maps.
PR 9770 [Allan Edwards, Greg Ames, Jeff Trawick]
Changes with Apache 2.0.37
*) allow POST method over SSL when per-directory client cert
authentication is used with 'SSLOptions +OptRenegotiate' enabled
and a client cert was found in the ssl session cache.
*) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
session cache when there is no cert chain in the cache. prior to
the fix this situation would result in a FORBIDDEN response and
error message "Cannot find peer certificate chain"
[Doug MacEachern]
*) ap_finalize_sub_req_protocol() shouldn't send an EOS bucket if
one was already sent. PR 9644 [Jeff Trawick]
*) Fix the display of the default name for the mime types config
file. PR 9729 [Matthew Brecknell <mbrecknell@orchestream.com>]
*) Fix the working directory *for WinNT/2K/XP services only* to
change to the Apache directory (one level above the location
of Apache.exe, in the case that Apache.exe resides in bin/.)
Solves the case of ServerRoot /foo paths where /foo was not
on the same drive as /winnt/system32. [William Rowe]
*) Make 2.0's "AcceptMutex" startup message now "completely"
match how 1.3 does it. [Jim Jagielski]
*) Implement a fixed size memory cache using a priority queue
[Ian Holsman]
*) Fix apxs to allow "apxs -q installbuilddir" and to allow
querying certain other variables from config_vars.mk. PR 9316
[Jeff Trawick]
*) Added the "detached" attribute to the cgi_exec_info_t internals
so that Win32 and Netware won't create a new window or console
for each CGI invoked. PR 8387
[Brad Nicholes, William Rowe]
*) Consolidated the command line parameters and attributes that are
manipulated by the optional function ap_cgi_build_command() in
mod_cgi into a single structure.
[Brad Nicholes]
*) Get rid of uninitialized value errors with "apxs -q" on certain
variables. [Stas Bekman <stas@stason.org>]
*) Fix apxs to allow it to work when the build directory is somewhere
besides server-root/build. PR 8453
[Jeff Trawick and a host of others]
*) Allow ap_discard_request_body to be called multiple times in the
same request. Essentially, ap_http_filter keeps track of whether
it has sent an EOS bucket up the stack, if so, it will only ever
send an EOS bucket for this request.
[Ryan Bloom, Justin Erenkrantz, Greg Stein]
*) Remove all special mod_ssl URIs. This also fixes the bug where
redirecting (.*) will allow an SSL protected page to be viewed
without SSL. [Ryan Bloom]
*) Fix the binary build install script so that the build logic
created by "apxs -g" will work when the user has a binary
build. [Jeff Trawick]
*) Allow instdso.sh to work with full paths to the shared module.
[Justin Erenkrantz]
*) NetWare: Enabled CGI functionality and added mod_cgi as a built
in module for NetWare [Brad Nicholes]
*) Changed cgi and piped log behavior to accept 65536 characters
on Win32 (matching Linux) before deadlocking between outputing
client stdin, slurping the output from stdout and then the stderr
stream. PR 8179 [William Rowe]
*) Fixed Win32 wintty.exe support to assure the window title is valid.
Elimiates possible gpfault or garbage title without the -t option.
[William Rowe]
*) Rewrite mod_cgi, mod_cgid, and mod_proxy input handling to use
brigades and input filters. [Justin Erenkrantz]
*) Allow ap_http_filter (HTTP_IN) to return EOS when there is no request
body. [Justin Erenkrantz]
*) NetWare: Piping log entries through RotateLogs using the
CustomLogs directive is finally supported now that we have
the pipes and spawning functionality working.
[Brad Nicholes]
*) Detect overflow when reading the hex bytes forming a chunk line.
[Aaron Bannert]
*) Allow RewriteMap prg:'s to take command-line arguments. PR 8464.
[James Tait <JTait@wyrddreams.demon.co.uk>]
*) Correctly return 413 when an invalid chunk size is given on
input. Also modify ap_discard_request_body to not do anything
on sub-requests or when the connection will be dropped.
[Justin Erenkrantz]
*) Fix the TIME_* SSL var lookups to be threadsafe. PR 9469.
[Cliff Woolley]
*) Ensure that apr_brigade_write() flushes in all of the cases that
it should to avoid conditions in some modules that could cause
large amounts of data to be buffered. [Cliff Woolley]
*) Fix problem where mod_cache/mod_disk_cache was incorrectly
stripping the content_type from cached responses.
[Bill Stoddard]
*) apachectl passes through any httpd options. Note: apachectl
should be used in preference to httpd since it ensures that any
appropriate environment variables have been set up.
[Jeff Trawick]
*) Fix the combination of mod_cgid, mod_setuexec, and mod_userdir.
PR 7810 [Colm MacCarthaigh <colmmacc@redbrick.dcu.ie>]
*) Fix suexec execution of CGI scripts from mod_include.
PR 7791, 8291 [Colm MacCarthaigh <colmmacc@redbrick.dcu.ie>]
*) Fix segfaults at startup on some platforms when mod_auth_digest,
mod_suexec, or mod_ssl were used as DSO's due to the way they
were tracking the current init phase since DSO's get completely
unloaded and reloaded between phases. PR 9413.
[Tsuyoshi Sasamoto <nazonazo@super.win.ne.jp>, Brad Nicholes]
*) Fix mod_include's handling of regular expressions in
"<!--#if" directives [Julius Gawlas <julius_gawlas@hp.com>]
*) Fix the worker MPM deadlock problem [Brian Pane]
*) Modify the module documentation to allow for translations.
[Yoshiki Hayashi, Joshua Slive]
*) Fix a file permissions problem which prevented mod_disk_cache
from working on Unix. [Jeff Trawick]
*) Add "-k start|restart|graceful|stop" support to httpd for the Unix
MPMs. These have semantics very similar to the old apachectl
commands of the same name. [Justin Erenkrantz, Jeff Trawick]
*) Make sure that the runtime dir is created by make install.
PR 9233. [Jeff Trawick]
*) Fix an unusual set of ./configure arguments that could cause
mod_http to be built as a DSO, which it currently doesn't
support. PR 9244.
[Cliff Woolley, Robin Johnson <robbat2@orbis-terrarum.net>]
*) Win32: Fix bug in apr_sendfile() that caused incorrect operation
of the %X, %b and %B logformat options. PR 8253, 8996.
[Bill Stoddard]
*) If content-encoding is already present, do not run deflate (PR 9222)
[Kazuhisa ASADA <kaz@asada.sytes.net>]
*) The APLOG_NOERRNO flag to ap_log_[r]error() is now deprecated.
It is currently ignored and it will be removed in a future release
of Apache. [Jeff Trawick]
*) Removed documentation references to the no-longer-supported
"make certificate" feature of mod_ssl for Apache 1.3.x. Test
certificates, if truly desired, can be generated using openssl
commands. PR 8724. [Cliff Woolley]
*) Remove SSLLog and SSLLogLevel directives in favor of having
mod_ssl use the standard ErrorLog directives. [Justin Erenkrantz]
*) OS/390: LIBPATH no longer has to be manually uncommented in
envvars to get apachectl to set up httpd properly. [Jeff Trawick]
*) mod_isapi: All mod_isapi directives, excluding ISAPICacheFile,
may now be specified to the <File/Directory > container, rather
than by vhost. [William Rowe]
*) mod_isapi: Experimental support for faux async support for ISAPI
modules. [William Rowe]
*) mod_isapi: Major refactoring of the code to rely on apr internals
rather than MS APIs (using our own mod_isapi.h headers for ISAPI
symbol definitions.) [William Rowe]
*) mod_isapi: Fixed the return string length from GetServerVariable
callback, it was not including the trailing null in the consumed
buffer size. This was particularly bad for Delphi 6.0 users.
PR 8934 [Sebastian Hantsch <sebastian.hantsch@gmx.de>]
*) Fixed Win32 builds for Microsoft VisualStudio 7.0 (.net).
[William Rowe]
*) Make apxs look in the correct directory for envvars. It was
broken when sbindir != bindir. PR 8869
[Andreas Sundström <sunkan@zappa.cx>]
*) Fix mod_deflate corruption when using multiple buckets. PR 9014.
[Asada Kazuhisa <kaz@asada.sytes.net>]
*) Performance enhancements for access logger when using
default timestamp formatting [Brian Pane]
*) Added EnableMMAP config directive to enable the server
administrator to disable memory-mapping of delivered files
on a per-directory basis. [Brian Pane]
*) Performance enhancements for mod_setenvif [Brian Pane]
*) Fix a mod_ssl build problem on OS/390. [Jeff Trawick]
*) Fixed If-Modified-Since on Win32, which would give false positives
because of the sub-second resolution of file timestamps on that
platform. [Cliff Woolley]
*) Reverse the hook ordering for mod_userdir and mod_alias so
that Alias/ScriptAlias will override Userdir. PR 8841
[Joshua Slive]
*) Move mod_deflate out of experimental and into filters.
[Justin Erenkrantz]
*) Get proxy CONNECT basically working. [Jeff Trawick]
*) Fix mod_rewrite hang when APR uses SysV Semaphores and
RewriteLogLevel is set to anything other than 0. PR: 8143
[Aaron Bannert, Cliff Woolley]
*) Fix byterange requests from returning 416 when using dynamic data
(such as filters like mod_include). [Justin Erenkrantz]
*) Allow mod_rewrite's set of "int:" internal RewriteMap functions
to be extended by third-party modules via an optional function.
[Tahiry Ramanamampanoharana <nomentsoa@hotmail.com>, Cliff Woolley]
*) Fix mod_include expression parser's handling of unquoted strings
followed immediately by a closing paren. PR 8462. [Brian Pane]
*) Remove autom4te.cache in 'make distclean'.
[Thom May <thom@planetarytramp.net>]
*) Fix generated httpd.conf to respect layout for LoadModule lines.
PR 8170. [Thom May <thom@planetarytramp.net>]
*) Win32: During a graceful restart, threads in the new process
were accessing scoreboard slots still in use by active threads in
the the old process. [Bill Stoddard]
Provided in PR 17227 by Dawid Szymanski (dawszy@tgr.lubin.edu.pl),
modified slightly by myself.
lhs is a beta version of very simple http server. Only static files
are supported - CGI, PHP and SSI are not allowed. However, there is
support for both IPv6 and SSL. By default it will listen on ports
8000 and 8001 and read files from ${PREFIX}/share/httpd/htdocs and
will not change uid for other unless you use the -u option.
Changes since 2.21b:
* Added some Microsoft MIME types (Kevin Day).
* Switch htpasswd from using tmpnam to mkstemp.
* Rewrote figure_mime() to do binary search.
* Removed the x- from gzip and compress in mime_encodings.txt.
* Added rudimentary option to set cache-control headers.
* Simplified the IPv6 ifdefs.
* Allow filenames with ? in them (Cameron Gregory).
* Some improvements to the mmap cache - added a "panic mode" if you run out
of address space, added DESIRED_MAX_MAPPED_BYTES config.h option.
* Lowered OCCASIONAL_TIME from five minutes to two minutes.
* Fix CGI variable AUTH_TYPE (Alexandre CHERIF).
* Split clear_connection() into two routines, one which sends a possible
buffered response and the other which ignores such (David Burgess).
* Remove /./ in de_dotdot() (Dana Dahlstrom).
* Shortened LINGER_TIME from two seconds to half a second.
* Changed some write() calls to httpd_write_fully(), as suggested by
Neale Pickett.
* Changed the non-mmap() read() call in mmc.c to httpd_read_fully(), as
suggested by Cameron Gregory.
* Added an madvise(MADV_SEQUENTIAL) call in mmc.c.
* Added .xhtml and .xht to mime_types.txt (suggested by Dave Hodder).
* Added index.xhtml and index.xht to INDEX_NAMES (suggested by Dave Hodder).
* Got rid of the custom-jiggered syslog.c, now we just use the standard
system version. Also added a paragraph in the man page about the syslogd
flags needed to make syslogging work from inside a chroot tree.
* Added some OpenOffice MIME types (Dave Hodder).
* Lowered the default DESIRED_MAX_MAPPED_FILES from 2000 to 1000.
* Set up accept filters after listen() (Kris Spinka).
* Preserve query string when doing a missing-slash directory redirect.
* Special-case logging to '-' as stdout (Matt Armstrong).
* Added -s to usage line (Pavel Janík).
* Fix for security hole that exposed contents of .htpasswd in some cases
(noticed by zeno@cgisecurity.com).
* Allow (and ignore) extra fields in .htpasswd files.
* Added some calls to shutdown() in strategic places.
* Added a timer-kill of the CGI interpose input and output process.
These processes also now close the listen fd(s).
* Fixed rare file descriptor leak, when we get an unknown sockaddr family
(George Schlossnagle).
* Put virtual hostname in non-local referer syslog (Craig Leres).
* Added a P3P server privacy header setting (Henrik Schack Jensen).
And lots of other bug fixes.
Change since 0.4.8 :
* New versioning scheme. Pycurl now has the same version number
as the libcurl version it was built with. The pycurl version
number thus indicates which version of libcurl is required to run.
* Added CURLINFO_REDIRECT_TIME and CURLINFO_REDIRECT_COUNT.
* Fixed potential memory leak and thread race (by Markus
Oberhumer)
* Added CURLOPT_DEBUGFUNCTION to allow debug callbacks to be
specified (see the file 'test_debug.py' for details on how to use
debug callbacks).
* Added CURLOPT_DNS_USE_GLOBAL_CACHE and
CURLOPT_DNS_CACHE_TIMEOUT.
* Fixed a segfault when finalizing curl objects in Python 1.5.2.
* Added 'test_post2.py' file which is another example on how to
issue POST requests.
* Added the 'test_post.py' file which demonstrates the use of
POST requests.
collection as www/p5-WWW-Amazon-Wishlist.
This package can be used to get your wish-list from Amazon.(com|co.uk)
and return it in an array of hashrefs so that you can fiddle with it
until your hearts content.
Supplied by Sen Nagata in PR#14933. Thanks!
Changes since 0.26 :
- Added ignore_fields option (Boris Zentner)
- Added missing ! in declaration handler (Boris Zentner)
- Fill all values with the same name if one value is passed
(Boris Zentner, Gabriel Burka)
- Fixes to pass through comments, processing instructions, and
declarations (Boris Zentner)
Changes with Apache 2.0.36
*) Close sockets on worker MPM when doing a graceless restart.
[Aaron Bannert]
*) Reverted a minor optimization in mod_ssl.c that used the vhost ID
as the session id context rather that a MD5 hash of that vhost ID,
because it caused very long vhost id's to be unusable with mod_ssl.
PR 8572. [Cliff Woolley]
*) Fix the link to the description of the CoredumpDirectory
directive in the server-wide document. PR 8643. [Jeff Trawick]
*) Fixed SHMCB session caching. [Aaron Bannert, Cliff Woolley]
*) Synced with remaining changes from mod_ssl 2.8.8-1.3.24:
- Avoid SIGBUS on sparc machines with SHMCB session caches
- Allow whitespace between the pipe and the name of the
program in SSLLog "| /path/to/program". [Cliff Woolley]
*) Introduce mod_ext_filter and mod_deflate experimental modules
to the Win32 build (zlib sources must be in srclib\zlib.)
[William Rowe]
*) Changes to the worker MPM's queue management and thread
synchronization code to reduce mutex contention [Brian Pane]
*) Don't install *.in configuration files since we already install
*-std.conf files. [Aaron Bannert]
*) Many improvements to the threadpool MPM. [Aaron Bannert]
*) Fix subreqs that are promoted via fast_redirect from having invalid
frec->r structures. This would cause subtle errors later on in
request processing such as seen in PR 7966. [Justin Erenkrantz]
*) More efficient pool recycling logic for the worker MPM [Brian Pane]
*) Modify the worker MPM to not accept() new connections until
there is an available worker thread. This prevents queued
connections from starving for processing time while long-running
connections were hogging all the available threads. [Aaron Bannert]
*) Convert the worker MPM's fdqueue from a LIFO back into a FIFO.
[Aaron Bannert]
*) Get basic HTTP proxy working on EBCDIC machines. [Jeff Trawick]
*) Allow mod_unique_id to work on systems with no IPv4 address
corresponding to their host name. [Jeff Trawick]
*) Fix suexec behavior with user directories. PR 7810.
[Colm <colmmacc@redbrick.dcu.ie>]
*) Reject a blank UserDir directive since it is ambiguous. PR 8472.
[Justin Erenkrantz]
*) Make mod_mime use case-insensitive matching when examining
extensions on all platforms. PR 8223. [Justin Erenkrantz]
*) Add an intelligent error message should no proxy submodules be
valid to handle a request. PR 8407 [Graham Leggett]
*) Major improvements in concurrent processing for AB by enabling
non-blocking connect()s and preventing APR from doing blocking
read()s. Also implement fatal error checking for apr_recv().
[Aaron Bannert]
*) Fix Win32 NTFS Junctions (symlinks). PR 8014 [William Rowe]
*) Fix Win32 'short name' aliases in httpd.conf directives.
PR 8009 [William Rowe]
*) Fix generation of default httpd.conf when the layout paths are
disjoint. PR 7979, 8227. [Justin Erenkrantz]
*) Swap downgrade-1.0 and force-response-1.0 conditional checks so
that downgraded responses can have force-response. PR 8357.
[Justin Erenkrantz]
*) Fix perchild MPM so that it can be configured with the move to the
experimental directory. [Scott Lamb <slamb@slamb.org>]
*) Fix perchild MPM so that it uses ap_gname2id for groups instead of
ap_uname2id. [Scott Lamb <slamb@slamb.org>]
*) Fix AcceptPathInfo. PR 8234 [Cliff Woolley]
*) [Security] Added the APLOG_TOCLIENT flag to ap_log_rerror() to
explicitly tell the server that warning messages should be sent
to the client in addition to being recorded in the error log.
Prior to this change, ap_log_rerror() always sent warning
messages to the client. In one case, a faulty CGI script caused
the server to send a warning message to the client that contained
the full path to the CGI script. This could be considered a
minor security exposure. [Bill Stoddard]
*) mod_autoindex output when SuppressRules was specified would
omit the first carriage return so the first item in the list
would appear to the right of the column headings instead of
underneath them. PR 8016 [David Shane Holden <dpejesh@yahoo.com>]
*) Moved the call to apr_mmap_dup outside the error branch so
that it would actually get called. This fixes a core dump
at init everytime you use the MMapFile directive. PR 8314
[Paul J. Reder]
*) Trigger an error when a LoadModule directive attempts to
load a module which is built-in. This is a common error when
switching from a DSO build to a static build. [Jeff Trawick]
*) Change instdso.sh to use libtool --install everywhere and then
clean up some stray files and symlinks that libtool leaves around
on some platforms. This gets subversion building properly since
it needed a re-link to be performed by libtool at install time,
and the old instdso.sh logic to simply cp the DSO didn't handle
that requirement. [Sander Striker]
*) Allow VPATH builds to succeed when configured from an empty
directory. [Thom May <thom@planetarytramp.net>]
*) Fix 'control reaches end of non-void function' warning in
server/log.c. [Ben Collins-Sussman <sussman@collab.net>]
*) Perchild MPM is now correctly deemed as experimental and is now
located in server/mpm/experimental. [Justin Erenkrantz]
*) Fix segfault in mod_mem_cache when garabge collecting an expired
cache entry. [Bill Stoddard]
*) Introduced -E startup_logfile_name option to httpd to allow admins
to begin logging errors immediately. This provides Win32 users
an alternative to sending startup errors to the event viewer, and
allows other daemon tool authors an alternative to logging to stderr.
[William Rowe]
*) Fix subreqs with non-defined Content-Types being served improperly.
[Justin Erenkrantz]
*) Merge in latest GNU config.guess and config.sub files. PR 7818.
[Justin Erenkrantz]
*) Move 100 - Continue support to the HTTP_IN filter so that filters
are guaranteed to support 100 - Continue logic without any
intervention. [Justin Erenkrantz]
*) Add HTTP chunked input trailer support. [Justin Erenkrantz]
*) Rename and export get_mime_headers as ap_get_mime_headers.
[Justin Erenkrantz]
*) Allow empty Host: header arguments. PR 7441. [Justin Erenkrantz]
*) Properly substitute sbindir as httpd's location in apachectl. PR 7840.
[Andreas Hasenack <andreas@netbank.com.br>]
*) Allow Win32 shebang scripts to follow the path (or omit the .exe
suffix from the shebang command), and allow ScriptInterpreterSource
Registry or RegistryStrict to override shebang lines, as 1.3 did.
PR 8004 [William Rowe]
*) worker MPM: Fix a situation where a child exited without releasing
the accept mutex. Depending on the OS and mutex mechanism this
could result in a hang. [Jeff Trawick]
*) Update the instructions for how to get started with mod_example.
[Stas Bekman]
*) Fix PidFile to default to rel_runtimedir instead of
rel_logfiledir. PR 7841. [Andreas Hasenack <andreas@netbank.com.br>]
*) Win32: Fix problem that caused rapid performance degradation
when number of connecting clients exceeded ThreadsPerChild.
[Bill Stoddard]
*) Fixed a segfault parsing large SSIs on non-mmap systems.
[Brian Havard]
*) Proxy was bombing out every second keepalive request, caused by a
stray CRLF before the second response's status line. Proxy now
tries to read one more line if it encounters a CRLF where it
expected a status. PR 10010 [Graham Leggett]
*) Deprecated the apr_lock.h API. Please see the following files
for the improved thread and process locking and signaling:
apr_proc_mutex.h, apr_thread_mutex.h, apr_thread_rwlock.h,
apr_thread_cond.h, and apr_global_mutex.h. [Aaron Bannert]
*) Change mod_status to use scoreboard accessor functions so it can
be used in any MPM without having to be recompiled.
[Ryan Morgan <rmorgan@covalent.net>]
*) Fix parsing of some AP_DECLARE_DATA declarations so that the filter
handle declarations are recognized. This fixes problems loading
mod_autoindex on some platforms. [Brian Havard]
*) add optional fixup hook to proxy [Daniel Lopez <daniel@covalent.net>]
*) Remind the admin about the User and Group directives when we are
unable to set permissions on a semaphore. PR 7812 [Jeff Trawick]
*) fix possible compilation problem in ssl_engine_kernel.c. PR 7802
[Doug MacEachern]
*) fix possible infinite loop in mod_ssl triggered by certain
netscape clients [Doug MacEachern]
*) fix ProxyPass when frontend is https and backend is http
[Doug MacEachern]
*) Add DASL support to mod_dav
[Sung Kim <hunkim@cse.ucsc.edu>]
in pkg/16289 as 2.06, and further update to 2.07 by me.
Some of changes from 2.04 are:
* Add 'valign' as an option to the html/cell template.
* Added the 'uri' filter for URI escaping text.
* Incorporated Doug's XS Stash.
* Modified Template::Plugins fetch() method to accept $factory as a code
reference.
* 'orange' became valid colour.
* Added 'sorted' as a flag to the HTML plugin.
* Added get_all() and get() to the DBI iterator.
And many bug fixes as usual.
and add some patch to work with mozilla-1.0rc3
Changes from ChangeLog:
- Patch from Tai, to make find have the options to wrap around, search
in frames and match entire words.
- Updated nl.po from Francois Duprez.
- Petr Balhos sent in a patch for the zoomer plugin to remmeber
zoom history, I modified this patch to not store history for each
site, instead now there is a context menu when right clicking on
the plugin, it either asks to remember or unremember a setting
for a specific url.
- Fixed the location entry not resizing when window is resized.
- Patch from Doug Kearns to enable
skipstone to convert relative paths to full paths so that the
mozilla widget can find them correctly.
- Patch from Seth Kingsley to improve argument quoting when passing
mailto urls to mua's.
- Patch from Daniel to move embed creation in window mode a notch up so
the favicon plugin doesn't complain.
- Patch from Tai for SearchToolBar to encode search strings, structurize
and add a border to the toolbar to make it look better.
- Mem leaks in FavIcon fixed.
- Another patch from Daniel, adds an option to go to last focused tab when
closing another instead of the notebook widget jumping to the most left
tab. I added config ui and its off by default, to turn it on go to misc
config node.
- locale fixes from Tai-hwa Liang
- Patch from Daniel Mooney - Fixes expansion/shrinking
of progressbar, adds two context message ids to statusbar and improves
the overall display of statusbar messages. Also fixed memory leaks pointed
by Daniel, thanks for his work.
- Added Bulgarian translation by Miroslav Iordanov
- Alt-+ is changed to Alt-= for next tab.
- Configure patch applied from Nick Blievers .
SkipStone distributions from now on, will contain configure, people
checking out from CVS will have to run autoconf to generate a configure
file. Thanks a lot to Nick and everybody for thier work on this.
- Remove pref that caused entries to have scrollbars when reached the end,
you also have to remove it from your prefs.js ng.layout.gfx.scrollbars line.
- Changed the printing API and made it possible to print selected ranges in
addition to all pages or selected pages.
- Compile with debug was broken, fixed. Thanks to Muthu Kumar for finding out.
* We've landed 139 bug fixes since RC2, including fixes for plugins, usability, crashes, and internationalization issues.
See release notes for detail.
http://www.mozilla.org/releases/mozilla1.0/
Remove them, to take advantage of buildlink and not include anything
from ${LOCALBASE}/include, to prevent lynx from tripping over the
similarites between NetBSD curses and ncurses. This allows the NetBSD
"curses" build to succeed while "ncurses" is installed, and may close
PR pkg 16949. I still haven't checked all possible combinations.
This is the elinks tree - intended to provide feature-rich version of links,
however not rock-stable and dedicated mainly for testing. Its purpuose is to
make alternative to links, until Mikulas will have some time to maintain it,
and to test and tune various patches for Mikulas to be able to include them
in the official links releases.
Provided by Dawid Szymanski <dawszy@arhea.net> in pkg/16851,
slightly modified by myself.
URI::Heuristic will guess better on strings like "123.3.3.3:8080/foo".
URI::WithBase will not keep the full history of any base URI's base URI.
URI::URL->new("foo", "bar")->base now returns an URI::URL.
Deal properly with file:///-URIs.
- Added PROGRESSFREQ to the list of forbidden commands from the form
interface, because it allows a denial-of-service attack.
- Also emphasised in the documentation that allowing untrusted users to
run analog through the form interface is inherently open to a
denial-of-service attack.
- Fixed two bugs which caused occasional crashes while outputting.
- Russian language files included (KOI8-R and Windows-1251 character sets).
- Added new domains to the French domains files.
- New How-To on configuring IIS
puts leading white space at the beginning of the very first header
line. (Leading blanks are supposed to signify a continuation of the
previous header line, but for the "server:" line, there aren't any
previous lines, so who knows why they do that.) This patch was
suggested by Andrew M. Bishop, "wwwoffle"'s author and maintainer.
Don't know if it's going to be in the next release, or not.
Changes from release notes are follows:
- A security vulnerability reported in Mozilla by GreyMagic Software
has now been fixed. For more information see the mozilla.org
statement.
- Fifteen of our most frequently encountered crashes have been
fixed. You can help us find any that are left by banging on Mozilla
and sending in those TalkBack crash reports.
- Ten of our most frequently encountered application freezes have been
fixed (including the dreaded bug 96504 on Linux).
- We finally support CSS2 :hover the way web developers want us
to. (Bug bug 5693)
- It is now possible to install colormap on 8 bit displays using
-install. (Bug 22337)
- Cookies can now be disabled for Mozilla Mail. (Bug 22994)
- You can now enable in preferences HTTP 1.1 pipelining (not on by
default). (Bug 93054)
Changes since 0.96:
Big forms are a bit faster
Swapeed x and y entries when reporting image in form
END doesn't skip to next line when wrapping
Do not recode invisible form values to display charset and back
Do not strip '?' from url when method is POST
Danish translation
Process broken html tags
Ctrl-W selects last item in menu
Fixed one leak when links came out of memory
Ftp doesn't send more commands at once -- slower but safe with MS IIS or
Novell
Do not swallow ' ' in filenames
Do not print contents of posted data in 'downloads' menu
Charset in values in <SELECT> tag
Always trust 'Content-Length' when communicating with HTTP/1.1 server --
work around broken HTTP/1.1 servers that send Connection: close, but
keep the connection
Handle encoding to utf-8 correctly
Do not accept '<' without name as a tag
-dump does not stuck in redirect loops
Report terminal size in User-Agent
Improved performance of rendering nested tables
Indonesian translation
Finnish translation
Added € symbol
Manpage update
Romanian translation
Cookie expiration
Do not reject cookies with insecure domain (but send them only to
original server, not to the whole domain)
Fix stripping '?' out of form url
Add "LISTING" tag
Fix relative redirect on -dump and -source
Use "imgtitle" if there's no "alt"
Catalan translation
Dutch translation
Do not allow larger input fiels than screen size
And lots of miscellaneous bugfixes.
image support, respectively.
inline image support requires glib, which is so large for such as light-
weight text-based browser w3m especially on slower ports.
it's based on the diffs supplied by uebayashi. This also addresses
pkg/16495.
Collection.
This package is the same as www/htmldoc, the only difference is whether or not
the X11 GUI is provided.
This address part of the PR pkg/14557 by <collver@linuxfreemail.com>.
There are really too many changes to mention them all here, previous version
of the package was 20 htmldoc versions behind! See the file CHANGES.txt in the
sources for more details. Anyway you should update.
As suggested in PR pkg/14557 by <collver@linuxfreemail.com> the package had
been strongly buildlinked. This update address part of this PR.
Also introduce support for another package of htmldoc with the X Windows GUI
activated.
