from the announcement:
There have been 212 changes since previous release which is almost the
Same as previous THREE stable releases combined.
The changes consist of the usual amount of bugfixes, however also a
substantial amount of new features have been added.
pkgsrc note: This removes the dependencies on fixed (old) versions
of tre and c-ares.
Three external libraries included in WordPress received security updates:
* Plupload (version 1.5.4), which WordPress uses for uploading media.
* SWFUpload, which WordPress previously used for uploading media, and may still be in use by plugins.
* SWFObject, which WordPress previously used to embed Flash content, and may still be in use by plugins and themes.
WordPress 3.3.2 also addresses:
* Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
* Cross-site scripting vulnerability when making URLs clickable.
* Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.
against the xemacs{,-current} packages.
While here, listen to pkglint some.
From the edit-utils changelog:
2008-06-09 Aidan Kehoe <kehoea@parhasard.net>
* fast-lock.el (fast-lock-cache-directories):
Remove the directory the file is in, to avoid running code from
arbitrary other users. Update the docstring to motivate this.
Also, mark it as a risky local variable to prevent it being
evaluated in file local variable sections.
Thank you Ulrich Müller, thank you Hans de Graaff.
XXX The package versions this pkg installs are positively behind the bend.
Security fix for CVS-2012-2131.
Changes between 0.9.8v and 0.9.8w [23 Apr 2012]
*) The fix for CVE-2012-2110 did not take into account that the
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
int in OpenSSL 0.9.8, making it still vulnerable. Fix by
rejecting negative len parameter. (CVE-2012-2131)
[Tomas Hoger <thoger@redhat.com>]
Viking 1.3 (2012-04-22)
New features since 1.2.2
* Be consistent in that track and waypoint list dialogs are always
sorted alphabetically.
* Add OSM Transport map as a built in map option.
* Add supported MIME types to the desktop file specification.
* Add example script that can be used to upload a track as a route to
a predefined GPS device.
* Display the average moving speed for a track in the track
properties.
* Add ability to open a TrackWaypoint layer with another external
program (default merkaartor).
* Add ability to open a TrackWaypoint layer with an external program
(default JOSM).
* Use map default: OSM MapQuest tileserver.
* Add and use a preference for the associated image viewer program.
* Add and use KML File Export units option.
* Add ability to geotag images interpolating times against tracks.
* Acquire Geotag Images via TRW Layer
* Ensure vtl created in acquire operation runs post read stage.
* EXIF read implementation for geotagged images (libexif).
* Add new process stage for acquire methods.
* Enable reversing a track from the track menu.
* Display compact message on the statusbar for the selected trackpoint
or waypoint. (SF#3314888)
* Enable multiple selection and deletion.
* Scale waypoint icons to give large or small icons as necessary.
* Add Yahoo! Maps webtool link.
* Extend webtools with a bounds version for the URL which takes four
string parameters.
* Add webtool for Bing maps.
* Add Acquire OSM option into the Track/Waypoint layer operations.
* Add used geo-* scripts as they are public domain.
* Continue geocaching.com support via third party tools.
* Show elevation gain/loss on track creation 'tooltip' (as per
SF#2838561 request), when such data is available.
* Automatically attempt to set elevation data from the DEM layer
whilst a track is being created.
* When creating a track, display the total distance of track (via a
tooltip like text) on the main display.
* Allow to import any file known by gpsbabel
* Add support for any device known by gpsbabel
* Add experimental support for GPSD_API_MAJOR_VERSION 5.
* Add ability to acquire GPS traces stored on OSM
* Enable copying layer/sublayer names as plain text, so that it can be
pasted into external text handling applications.
* Enable getting of the statusbar from the window.
* On creating a new waypoint always attempt to auto set the altitude
if DEM data is available.
* Enable the escape key to remove/reset the ruler tool.
Fixes since 1.2.2
* Remove Tiles@home support as the service has stopped.
* cleanup: Remove unused and out of date 'viking-remote' script and
related files.
* cleanup: Remove *very* old documentation and don't bother
distributing any of it which is all old.
* Fix Track Properties graph blob marker drawn at wrong elevation when
elevation graphs have different min/max heights.
* Fix Track Properties graph DEM points drawn at wrong elevation when
lowest elevation is not zero.
* Use an intermediary program which will invoke the system's default
for opening images.
* Fix opening of external web sites via center method when the zoom
level is less than 1 mpp.
* Fix crashing on opening a file via recent menu after a .vik file is
opened.
* Fix too easy to accidently move a waypoint with an image with the
select tool - must use shift key.
* Fix can not immediately select another layer if currently selected
layer's visibility changes.
* Fix compilation with curl 7.21.7 (SF#3376584)
* Improve libgps test with the consistently available function:
gps_close
* Fix <GTK 2.24 combo box usage.
* Fix crashing on opening multiple files after a .vik file is opened.
* Solution for SF#2766266 - Give user feedback about OSM uploads
(success/failure).
* Fix: send VLP's update signal when adding a layer
* Fix: Don't abort program when attempting webtool center with
different x & y factors.
* Fix Join Tracks functionality.
* Fix SF#3408170: Selected Track Thickness is Always 1px
* Fix tracks not shown over map when map layer is dragged to the end
of the treeview list.
* Refuse to load unsupported file types.
* Restore broken GPS power off command.
* Fix: SF#3042692 - Tiles May Get Deleted During Offline Usage.
* Fix some tracks elevation profile may display no altitude, despite
all altitudes available in the track.
* Fix SF#3387590: Top Layer cannot be renamed
* Enable merging tracks without timestamps to other tracks that do not
have timestamps. (SF#2886231)
* Prevent track merge by time requests when there are no other
suitable tracks.
* Improve track name when split from Track Properties window.
* Replace 'Magic Scissors' by a more accurate name - 'Route Finder'.
* IMAP: When neither the session nor the mailbox has modseq tracking enabled,
return the mailbox as having NOMODSEQ in SELECT/EXAMINE reply. Old versions
in this situation always simply returned HIGHESTMODSEQ as 1, which could have
broken some clients.
+ dict file: Added optional fcntl/flock locking (default is dotlock)
+ fts-solr: doveadm fts rescan now resets indexes, which allows reindexing
mails. (This isn't a full rescan implementation like fts-lucene has.)
+ doveadm expunge: Added -d parameter to delete mailbox if it's empty after
expunging.
- IMAP: Several fixes related to mailbox listing in some configs
- director: A lot of fixes and performance improvements
- v2.1.4 didn't work without a mail home directory set
- mbox: Deleting a mailbox didn't delete its index files.
- pop3c: TOP command was sent incorrectly
- trash plugin didn't work properly
- LMTP: Don't add a duplicate Return-Path: header when proxying.
- listescape: Don't unescape namespace prefixes.
* 40: Fix ``safe_repr`` function to decode bytestrings with non-ASCII
characters correctly.
* 37: Allow configuring sphinx-apidoc via ``SPHINX_APIDOC_OPTIONS``.
* 34: Restore Python 2.4 compatibility.
* 36: Make the "bibliography to TOC" fix in LaTeX output specific to
the document class.
* 695: When the highlight language "python" is specified explicitly,
do not try to parse the code to recognize non-Python snippets.
* 859: Fix exception under certain circumstances when not finding
appropriate objects to link to.
* 860: Do not crash when encountering invalid doctest examples, just
emit a warning.
* 864: Fix crash with some settings of :confval:`modindex_common_prefix`.
* 862: Fix handling of ``-D`` and ``-A`` options on Python 3.
* 851: Recognize and warn about circular toctrees, instead of running
into recursion errors.
* 853: Restore compatibility with docutils trunk.
* 852: Fix HtmlHelp index entry links again.
* 854: Fix inheritance_diagram raising attribute errors on builtins.
* 832: Fix crashes when putting comments or lone terms in a glossary.
* 834, 818: Fix HTML help language/encoding mapping for all Sphinx
supported languages.
* 844: Fix crashes when dealing with Unicode output in doctest extension.
* 831: Provide ``--project`` flag in setup_command as advertised.
* 875: Fix reading config files under Python 3.
* 876: Fix quickstart test under Python 3.
* 870: Fix spurious KeyErrors when removing documents.
* 892: Fix single-HTML builder misbehaving with the master document in a
subdirectory.
* 873: Fix assertion errors with empty ``only`` directives.
* 816: Fix encoding issues in the Qt help builder.
0.7.7.
This release features the following changes:
- Google Spreadsheet doesn't write the undefined-contents byte at the
end of a NOTE record. Excel doesn't care. Now xlrd doesn't care either.
- Version information is now stored in a .py file, hopefully keeping
py2exe and other freeze tools happy.
(0.7.5, 0.7.6 ...fixes packaging issues in 0.7.4...)
0.7.4.
This release features the following changes:
- Fixed a bug where xlrd was silently truncating long text formula results
- Avoid parsing STYLE records when formatting_info=False
- More tolerance of out-of-spec files.
- Minor performance improvements.
0.9.14
~~~~~~
Our sister project, `subunit <https://launchpad.net/subunit>`_, was using a
private API that was deleted in the 0.9.13 release. This release restores
that API in order to smooth out the upgrade path.
If you don't use subunit, then this release won't matter very much to you.
0.9.13
~~~~~~
Plenty of new matchers and quite a few critical bug fixes (especially to do
with stack traces from failed assertions). A net win for all.
Changes
-------
* ``MatchesAll`` now takes an ``first_only`` keyword argument that changes how
mismatches are displayed. If you were previously passing matchers to
``MatchesAll`` with keyword arguments, then this change might affect your
test results. (Jonathan Lange)
Improvements
------------
* Actually hide all of the testtools stack for assertion failures. The
previous release promised clean stack, but now we actually provide it.
(Jonathan Lange, #854769)
* ``assertRaises`` now includes the ``repr`` of the callable that failed to raise
properly. (Jonathan Lange, #881052)
* Asynchronous tests no longer hang when run with trial.
(Jonathan Lange, #926189)
* ``Content`` objects now have an ``as_text`` method to convert their contents
to Unicode text. (Jonathan Lange)
* Failed equality assertions now line up. (Jonathan Lange, #879339)
* ``FullStackRunTest`` no longer aborts the test run if a test raises an
error. (Jonathan Lange)
* ``MatchesAll`` and ``MatchesListwise`` both take a ``first_only`` keyword
argument. If True, they will report only on the first mismatch they find,
and not continue looking for other possible mismatches.
(Jonathan Lange)
* New helper, ``Nullary`` that turns callables with arguments into ones that
don't take arguments. (Jonathan Lange)
* New matchers:
* ``DirContains`` matches the contents of a directory.
(Jonathan Lange, James Westby)
* ``DirExists`` matches if a directory exists.
(Jonathan Lange, James Westby)
* ``FileContains`` matches the contents of a file.
(Jonathan Lange, James Westby)
* ``FileExists`` matches if a file exists.
(Jonathan Lange, James Westby)
* ``HasPermissions`` matches the permissions of a file. (Jonathan Lange)
* ``MatchesPredicate`` matches if a predicate is true. (Jonathan Lange)
* ``PathExists`` matches if a path exists. (Jonathan Lange, James Westby)
* ``SamePath`` matches if two paths are the same. (Jonathan Lange)
* ``TarballContains`` matches the contents of a tarball. (Jonathan Lange)
* ``MultiTestResult`` supports the ``tags`` method.
(Graham Binns, Francesco Banconi, #914279)
* ``ThreadsafeForwardingResult`` supports the ``tags`` method.
(Graham Binns, Francesco Banconi, #914279)
* ``ThreadsafeForwardingResult`` no longer includes semaphore acquisition time
in the test duration (for implicitly timed test runs).
(Robert Collins, #914362)
