- Fix for a potential buffer overflow vulnerability when loading a hostname
with all soft-hyphens
- Fix to prevent URLs passed from external programs from being parsed by the
shell
- Fix to prevent a crash when loading a Proxy Auto-Config (PAC) script that
uses an "eval" statement
- Fix to restore InstallTrigger.getVersion() for Extension authors
- Fix a crash in mail when stopping a search and then searching again
- Other stability and security fixes
package now, and this header file is only directly used by apr itself,
hidden from httpd. (Clarifies bug 36750 that I have on file with Apache
Bugzilla.)
diff between 1.31 and 1.3101 is minimal, yet it fixes important issues
people have been reporting on e.g. the rt-users mailing list.
1.1301 August 23, 2005
- One last fix for CGIHandler. If you provided your own out_method it
was ignoring it and using its own. Reported by David Glasser.
version 1.0.6 include:
* Fix for a potential buffer overflow vulnerability when loading a
hostname with all soft-hyphens
* Fix to prevent URLs passed from external programs from being
parsed by the shell (Linux only)
* Fix to prevent a crash when loading a Proxy Auto-Config (PAC)
script that uses an "eval" statement
* Fix to restore InstallTrigger.getVersion() for Extension authors
* Other stability and security fixes
Approved by taya.
Three new official patches are added.
o 2005-09-19 15:50 (Cosmetic) --with-maxfd=N configure option to override
max filedescriptors test
o 2005-09-16 21:58 (Minor) invalid host is processed as IP 255.255.255.255
in dst acl
o 2005-09-16 21:49 (Cosmetic) Odd results when pipeline_prefetch is combined
with NTLM authentication
One official patch was updated.
o 2005-09-20 12:29 (Major) FATAL: Incorrect scheme in auth header
- Fix for a potential buffer overflow vulnerability when loading a
hostname with all soft-hyphens
- Fix to prevent URLs passed from external programs from being parsed
by the shell
- Fix to prevent a crash when loading a Proxy Auto-Config (PAC) script
that uses an "eval" statement
- Fix to restore InstallTrigger.getVersion() for Extension authors
- Other stability and security fixes
thus leaving the package dangling if apache2 were to be removed or upgraded.
Change to using apache2/buildlink3.mk, like the other ap2-* modules do,
and bump PKGREVISION for the implicit DEPENDS change.
Update www/kazehakase from 0.2.9 to 0.3.0.
Changes from 0.2.9 to 0.3.0:
* Added feed bookmark action (Kouhei Sutou)
* Fixed some crash bugs.
(I have been running this since Sept. 10. Sorry for the
delay in updating.)
registration out of the installation step and into the INSTALL script.
Also, remove the registration commands from the PLIST as well. Putting
them into the INSTALL script allows for the same commands to be run
in the same way, so that there are fewer differences between installing
from source and installing from a binary package. Also, this makes
these packages pass CHECK_FILES=yes. Bump the PKGREVISION of firefox,
firefox-gtk1, mozilla, and mozilla-gtk2.
Also, include bsd.pkg.mk from the package Makefiles, not from within
Makefile.common. This is a style issue and allows for appending to
variables originally defined in Makefile.common from the package
Makefile.
no longer correct since update to libevent 1.x; it now uses libtool and
generates a shlib.
Remove the offending bl3 line, and bump all dependents' PKGREVISIONs, since
the binary pkg changes for any OS that doesn't have a sufficient builtin
libevent version (or the package has requested a non-builtin version).
- Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require"
was not enforced in per-location context if "SSLVerifyClient optional"
was configured in the global virtual host configuration.
Sync apache with the latest ap-ssl.
- pkgsrc update:
o s/SQUID_BACKEND/SQUID_BACKENDS/ as suggested by pkglint.
o Fix leaving ${PREFIX}/etc/squid/msntauth.conf.default out of PLIST.
o IP Filter related patches are incorporated to squid.
- Add/update official patches:
o 2005-09-15 11:15 (Major) FATAL: Incorrect scheme in auth header
o 2005-09-15 09:56 (Medium) Odd results on pipelined CONNECT requests
o 2005-09-13 23:59 (Minor) Transparent proxy problem with IP Filter
o 2005-09-11 01:53 (Medium) Clients bypassing delay pools by faking a cache
hit
o 2005-09-11 01:42 (Cosmetic) Allow leaving core dumps on Linux
o 2005-09-11 01:21 (Cosmetic) enums can not be assumed to be signed ints
o 2005-09-11 01:21 (Cosmetic) Incorrect store dir selection debug message on
objects >2G
o 2005-09-11 00:57 (Minor) LDAP helpers does not work with TLS (-Z option)
NetBSD the thread safe resolver is only available on __NetBSD_Version__
>= 299000900. Fixes runtime usage on NetBSD 2.1. New Versions:
- firefox-1.0.6nb2
- firefox-gtk1-1.0.6nb2
- mozilla-1.7.11nb1
- mozilla-gtk2-1.7.11nb1
- thunderbird-1.0.6nb1
- thunderbird-gtk1-1.0.6nb1
Took some time to do this release, and the fixes are numerous, an
upgrade is highly recommended. Major changes include an increased
header limit, which fixes inter-operation with some versions of lynx;
a fix for a crash when trying to access user pages of people who do
not actually exist (ie, /~badusername).
On the new features front, the -U option now accepts usernames too,
not just user ids.
*0.8.1* (11 July, 2005)
* Fix scaffolding for Action Pack controller changes
*0.8.0* (6 July, 2005)
* Fix WSDL generation by aliasing #inherited instead of trying to overwrite it, or the WSDL action may end up not being defined in the controller
* Add ActionController::Base.wsdl_namespace option, to allow overriding of the namespace used in generated WSDL and SOAP messages. This is equivalent to the [WebService(Namespace = "Value")] attribute in .NET.
* Add workaround for Ruby 1.8.3's SOAP4R changing the return value of SOAP::Mapping::Registry#find_mapped_soap_class #1414 [Shugo Maeda]
* Fix moduled controller URLs in WSDL, and add unit test to verify the generated URL #1428
* Fix scaffolding template paths, it was broken on Win32
* Fix that functional testing of :layered controllers failed when using the SOAP protocol
* Allow invocation filters in :direct controllers as well, as they have access to more information regarding the web service request than ActionPack filters
* Add support for a :base64 signature type #1272 [Shugo Maeda]
* Fix that boolean fields were not rendered correctly in scaffolding
* Fix that scaffolding was not working for :delegated dispatching
* Add support for structured types as input parameters to scaffolding, this should let one test the blogging APIs using scaffolding as well
* Fix that generated WSDL was not using relative_url_root for base URI #1210 [Shugo Maeda]
* Use UTF-8 encoding by default for SOAP responses, but if an encoding is supplied by caller, use that for the response #1211 [Shugo Maeda, NAKAMURA Hiroshi]
* If the WSDL was retrieved over HTTPS, use HTTPS URLs in the WSDL too
* Fix that casting change in 0.7.0 would convert nil values to the default value for the type instead of leaving it as nil
*0.7.1* (20th April, 2005)
* Depend on Active Record 1.10.1 and Action Pack 1.8.1
*0.7.0* (19th April, 2005)
* When casting structured types, don't try to send obj.name= unless obj responds to it, causes casting to be less likely to fail for XML-RPC
* Add scaffolding via ActionController::Base.web_service_scaffold for quick testing using a web browser
* ActionWebService::API::Base#api_methods now returns a hash containing ActionWebService::API::Method objects instead of hashes. However, ActionWebService::API::Method defines a #[]() backwards compatibility method so any existing code utilizing this will still work.
* The :layered dispatching mode can now be used with SOAP as well, allowing you to support SOAP and XML-RPC clients for APIs like the metaWeblog API
* Remove ActiveRecordSoapMarshallable workaround, see #912 for details
* Generalize casting code to be used by both SOAP and XML-RPC (previously, it was only XML-RPC)
* Ensure return value is properly cast as well, fixes XML-RPC interoperability with Ecto and possibly other clients
* Include backtraces in 500 error responses for failed request parsing, and remove "rescue nil" statements obscuring real errors for XML-RPC
* Perform casting of struct members even if the structure is already of the correct type, so that the type we specify for the struct member is always the type of the value seen by the API implementation
LightTPD is a secure, fast, compliant, and very flexible web-server
which designed and optimized for for high-performance environments.
With a small memory footprint compared to other webservers, effective
management of the CPU load, and advanced feature set (FastCGI, CGI,
Auth, Output-Compression, URL-Rewriting and many more), LightTPD is
the perfect solution for every server that is suffering load problems.
This is loosely based on the lighttpd package from pkgsrc-wip by
Piotr Stolc <socrtp@soclab.eu.org>.
- pkgsrc changes: check IP filter's header file <ipl.h> as well as
<netinet/ipl.h>.
- Apply recent official patches including a security fix for DoS noted by
http://secunia.com/advisories/16674/
* 2005-09-03 09:41 (Minor) E-mail sent when cache dies is blocked from many
antispam rules
* 2005-09-03 09:41 (Minor) Solaris 10 SPARC transparent proxy build problem
with ipfilter
* 2005-09-01 22:57 (Minor) snmo cacheClientTable fails on "long" IP addresses
* 2005-09-01 22:49 (Minor) squid_ldap_auth -U does not work
* 2005-09-01 22:44 (Major) assertion failed:
store.c:523: "e->store_status == STORE_PENDING"
* 2005-09-01 22:39 (Cosmetic) Greek translation of error messages
* 2005-09-01 22:31 (Minor) Some odd FTP servers respond with 250
where 226 is expected
* 2005-09-01 22:26 (Cosmetic) Fails to compile with glibc -D_FORTIFY_SOURCE=2
* 2005-09-01 22:18 (Cosmetic) Odd URLs when failing to forward request via
parent and several error messages inconsistent
in reported request details
* 2005-09-01 22:09 (Minor) More chroot_dir and squid -k reconfigure issues
* 2005-09-01 21:56 (Medium) assertion failed:
StatHist.c:93: ((int) floor (0.99L + statHistVal(H, 0) - min)) == 0
* 2005-09-01 20:27 (Major) Segmentation fault in sslConnectTimeout
* 2005-08-19 09:31 (Minor) sync redeclarations when support for ARP acls
* 2005-08-14 17:05 (Cosmetic) New 'mail_program' configuration option in
squid.conf
* GNU GSS support
* --ignore-content-length and CURLOPT_IGNORE_CONTENT_LENGTH added
* negotiates data connection SSL earlier when doing FTPS with PASV
* CURLOPT_COOKIELIST and CURLINFO_COOKIELIST
* trailer support for chunked encoded data streams
* -x/CURL_PROXY strings may now contain user+password
* --trace-time now outputs the full microsecond, all 6 digits
* Bugfixes
1) Simplify the way how an emacs version is picked when no emacs
is installed, but a user try to install an Emacs Lisp package.
Just pick up the version set as EMACS_TYPE than searching for
versions already installed etc. If the EMACS_TYPE version is
not supported by the Emacs Lisp Package, just fail. EMACS_TYPE
be default to GNU Emacs 21.
(In other words, users should set EMACS_TYPE as they want.
Otherwise GNU Emacs 21 is used.)
2) All Emacs Lisp Packages *must* prepend EMACS_PKGNAME_PREFIX to
a) the PKGNAME itself, and b) PKGNAME in its dependency lines.
EMACS_PKGNAME_PREFIX is expanded to "xemacs-" when XEmacs is
used. This keeps dependency graph of Emacs-Lisp-packages-
installed-for-XEmacs consistent.
3) Document EMACS_* variables as much as possible.
4) Provide more cookies for PLIST. Maybe utilized later.
Note that the 2) change doesn't affect the default, GNU Emacs 21
behaviour. So no version / revision bumps in this commit.
