This is a security fix release.
Fixed in Mozilla 1.7.9/1.7.10
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
issuses were fixed in this release:
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
Firefox 1.0.6 is a stability update. We recommend that users upgrade
to this latest version.
Here's what's new in Firefox 1.0.6:
* Restore API compatibility for extensions and web applications
that did not work in Firefox 1.0.5.
Fix required for googlebot changes, New reports including a new
bidimentional map that shows traffic level in the whole year, unique
visitors for every month, better generation of graphviz graphs
including percentages in arcs, nodes for google, external links,
and no referere, 50% less memory used, Highlight color for weekend
changed to be more visible, most stats are now made by unique visits
and not by number of accesses, many bugs fixed, a real manual page.
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
run-time dependency (DEPENDS) on a tool is to append a ":run" modifier
to the tool name, e.g.,
USE_TOOLS+= perl:run
Tools without modifiers or with an explicit ":build" modifier will
cause build dependencies (BUILD_DEPENDS) on those tools to be added.
This makes the notation a bit more compact.
Firefox 1.0.5 is a security update.
Fixed vulnerabilities are:
2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
Changes with mod_ssl 2.8.23 (30-Oct-2004 to 06-Jul-2005)
*) Ported to OpenSSL 0.9.8
*) Fixed connection timeout handling by calling the EAPI connection
close hook after (and not before) the B_OUT flag was set on the
underlying I/O buffer in order to prevent attempted buffer flushes
from blocking the connection.
*) Updated the ca-bundle.crt file from Mozilla's "certdata.txt"
(CVS revision 1.37).
*) Fix timeout handling in POST request processing by resetting
timeouts.
*) Fixed double-definition of OPENSSL_free under OpenSSL 0.9.6 by
fixing the version test in ssl_util_ssl.h
*) Adjusted all copyright messages to contain the new year 2005 ;)
- Tweak for Kwiki-HomePagePreference
- Allow the hub to be hooked.
- Socialtext changes
- Allow ; in addition to & in query strings
- Get rid of -M operators
- Make redirects RFC compliant
- Refactored themes
- empty links cause double page loads
- Refactors to get rid of hub connections
- eliminate use_class
- COmment support
- Kwid Formatter for Spork
- Also prints command usage from plugins.
- copyright 2005
- tweak space on usage()
- eliminate cleanup undef warning when doing 'kwiki -update'
this release fixes the following security issues:
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
changes:
-Update list of mime types
-Allow View Source for XML documents
-bugfixes
-translation updates
also allow to build against firefox, depending on the GECKO_PROVIDER
variable
Drivel 2.0.1 ("Tea and Health")
===============================
* Improvements:
- Add a FAQ section to the documentation (Todd)
* Fixes:
- Syntax fix for .desktop file (Jeremy)
- Allow usernames with more than fifteen characters (Jess)
- Fix default HTML highlighting state (Todd)
- Allow usernames with hyphens (Todd)
- Numerous UTF-8 fixes for Blogger, MovableType, and Atom (Todd)
- Fix placement of Refresh button in Recent Entries menu (Todd)
- Handle HTML in Blogger titles gracefully (Todd)
* Translations:
- Updated Spanish translation (Francisco Javier F. Serrador)
- Updated Czech translation (Miloslav Trmac).
Drivel 2.0 ("Psychoactive Kitty")
=================================
* Improvements since 1.2:
- Support for Atom, Blogger, MovableType, and Advogato weblogs
- Offline mode
- Fetch current music from Beep Media Player
- Shortcut key (F7) to enabled/disable spellcheck
- MIME support for draft entries
- Allow selection of spellchecking language
- Recent Entries menu to edit the previous fifteen posts
- Support LiveJournal security groups
- Ability to ping Technorati after journal updates
Drivel 1.3.91 ("Whoop it up")
=============================
* Improvements:
- Clarify the Blogger API wording (Todd).
- New artwork (Todd).
- Updated documentation (Todd).
* Fixes:
- Handle IPv6 proxy servers correctly (Todd).
- Respect the GConf key for proxy authentication (Todd).
* Translations:
- Updated Czech translation (Miloslav Trmac).
- Updated Canadian English translation (Adam Weinberger).
- Updated Swedish translation (Christian Rose).
- Added Bulgarian translation (Yavor Doganov).
- Updated German translation (Frank Arnold).
- Updated Spanish tranlation (Francisco Javier F. Serrador).
Drivel 1.3.90 (The "I'm out!" release)
=====================================
* Improvements:
- Support fetching, editing, and deleting recent MovableType entries (Todd).
- Build a Recent Entries menu for MovableType (Todd).
- Handle MovableType categories from all journals (Todd).
- Alphabetize list of journal types and categories (Todd).
- Option to ping Technorati after posting (Todd).
- New splash screen (Margot).
- Support LiveJournal security groups (Todd).
* Fixes:
- Shortcut key fixes (Todd).
* Translations:
- Updated Czech translation (Miloslav Trmac).
- Added Greek translation (Kostas Papadimas).
- Updated Spanish translation (Francisco Javier F. Serrador).
- Updated Canadian English translation (Adam Weinberger).
- Updated German translation (Frank Arnold).
Drivel 1.3.4 (The "Strawberry Shortcake!" release)
==================================================
* Improvements:
- Build a Recent Entries menu for Atom, Blogger, and LiveJournal journals
(Todd).
- Sync with latest libegg code (Todd).
- Support deleting entries for Atom and Blogger journals (todd).
* Fixes:
- Display categories for all MovableType journals, not just the default
(Todd).
- Desensitize buttons and menu items that don't apply to the current journal
(Todd).
- XML-RPC compatibility fixes (Todd).
- Remove support for Blogger titles, it was broken to begin with and caused
issues when editing old entries (Todd).
- Fix the inconsistent progress bar (Todd).
Drivel 1.3.3 (The "Trust me, the horsies won't mind" release)
=============================================================
* Improvements:
- Support XHTML 1.0 tags (Kurt).
- Build-system improvements (Todd).
- Support editing the more recent Advogato entry (Todd).
- Support editing the most recent Atom entry (Todd).
- Support Atom's new SSL authentication scheme (Todd).
- Default to the last journal each account posted to (Todd).
* Fixes:
- MovableType API fixes (Bryan).
- Fix a crash during poll creation (Jess).
- Fix a crash when editing entries via the History dialog (Jess).
- Remove the duplicate "http://" in the Insert Image dialog (Jess).
- Remove warning about non-undoable action in History dialog (Jess).
- Fix a handful of XML issues by using xmlReadMemory rather than
xmlParseMemory (Todd).
- Use UTC timestamps, should fix the Atom timezone issues (Todd).
* Translations:
- Update English (British) translation (David Lodge).
- Updated Dutch translation (Taco Witte).
- Updated Canadian English translation (Adam Weinberger).
- Added Kinyarwanda translation (Steve Murphy).
- Updated Spanish translation (Francisco Javier F. Serrador).
Drivel 1.3.2 (The "Tonik: with a K!" release)
=============================================
* Improvements:
- Allow the user to select the language of the spell-checking dictionary
(Isak).
- Support posting to Blogger's implementation of the Atom API (Todd).
* Fixes:
- Resolved hangs after login (Davyd).
- Disabled features in the UI that are not supported by the selected
journal system (Todd).
* Translations:
- Updated Dutch translation (Reinout van Schouwen).
- Updated German translation (Frank Arnold).
- Updated Canadian English translation (Adam Weinberger and
Alexander Winston).
- Updated Czech translation (Miloslav Trmac).
Drivel 1.3.1 (The "H'Okay" release)
===================================
* Improvements:
- Support opening drafts from the file manager (Todd).
- Make Drivel's use of the notification area HIG-compliant (Todd).
- Add Advogato posting support (Todd).
- Add support for Movable Type categories (Todd).
- Add --disable-mime-update and --disable-desktop-update configure
parameters, useful for binary packagers (Todd).
* Fixes:
- Display a custom icon for Drivel drafts (Todd).
- Publish Blogger posts (Todd).
- Support all of a user's blogger accounts, not just one (Todd).
- Correctly translate the Translators field in the About dialog (Isak).
* Translations:
- Updated Dutch translation (Reinout van Schouwen).
Drivel 1.3.0 (The "Another drunk conquistador" release)
=======================================================
* Improvements:
- Add support for Beep Media Player (Adam).
- Add an Offline mode (Todd).
- Add Movable Type posting support (Todd).
- Add Blogger posting support (Todd).
- The F7 key quickly toggles spell-check on and off (Todd).
- New account manager which can support multiple journal systems (Todd).
- The build system has moved from automake-1.4 to automake-1.7 (Todd).
* Fixes:
- Glade translation fixes (Davyd).
- Fix double-mnemonic in Format menu (Adam).
- Make menus translatable (Isak).
- Fix a crash when editing preferences (#151940) (Todd).
- Plug a memory leak when loading user pictures (Todd).
- Clarify auto-format tooltip (#151388) (Todd).
- Include date information in Drivel's draft format (Davyd).
- Update the RPM spec file to handle Scrollkeeper data (Todd).
- Plus some severe memory leaks in the UI creation code (Todd).
- Cleaned up lots of old, rotting code (Todd).
instead on perl>=5.8.0. Bump the PKGREVISIONs of the following packages
due to the possible perl dependency changes after the removal of
libperl:
audio/ices-mp3
databases/postgresql73-plperl
databases/postgresql74-plperl
textproc/eperl
www/ap-perl
for new apache2/modperl2.0. This will close PR #30302.
Changes says:
Version 3.10
1. Added Apache2::RequestIO, which is necessary for mp2 interoperability.
Version 3.09
1. Fixed tabindex="0" when using CGI to create forms without a prior start_html
2. Removed warning about non-numeric MOD_PERL_API_VERSION.
Version 3.08
1. update support for mod_perl 2.0. versions prior to
mod_perl 1.999_22 (2.0.0-RC5) are no longer supported.
Version 3.07
1. Fixed typo in mod_perl detection.
Version 3.06
1. Fixed bare call to script() in start_html
2. Moved Fh::DESTROY out of autoloaded functions so as to avoid
clobbering $@ when CGI functions are executed in an eval{}
context.
3. mod_perl 2.0 version detection patch in CGI::Cookie provided by
Allen Day.
4. autoEscape() flag is now respected when generating extra
attributes.
5. Tests for *tag start/end generation from Shlomi Fish.
6. Support for can() method provided by Ron Savage.
7. Fix for lang='' when outputting XHTML.
8. Added support for chunked transfer encoding, as suggested by
Hakan Ardo
9. Fixed clobbering of row and column headers in tableized radio
and checkbox groups, as reported by Nicolas Thierry-Mieg.
10. <Label> tags are now associated with form elements, as suggested
by accessibility guidelines.
11. The <?xml> directive produced by start_html is now turned off by
default and the charset is specified in a <meta> directive. Apparently
IE6 (and maybe some versions of Opera) were getting confused by this.
12. Support for tab indexes.
13. Retired the HTML docs. The POD docs are now primary documentation.
14. CGI::Carp now correctly detects and handles Apache::Dispatch.
15. CGI::Util::utf8_chr now correctly sets the UTF8 flag on 5.006 or
higher perls (fix courtesy Slaven Rezic).
http://svn.edgewall.com/repos/trac/tags/trac-0.8.4
Upstream changelog:
* Fixed file upload vulnerability. Trac could be tricked into
uploading files outside the environment directory. All users
are recommended to upgrade. Vulnerability found by the Hardened-PHP
project.
Thanks adrianp@NetBSD.org for the heads-up.
dillo-0.8.5 [Jun 15, 2005]
- * Set "file:" to work as URI for current directory.
Patch: Diego Sáenz
- * Added a "small" dillorc option for panel size (medium without labels).
Patch: Eugeniy, Jorge Arellano
- * Fixed the shell escaping code in the ftp plugin.
* Added some checks for sane values in html.c.
* Added URL filtering to the ftp and downloads dpis to avoid SMTP hacks.
* Fixed the file dpi to react to the DpiBye command.
Patches: Jorge Arellano
http://svn.edgewall.com/repos/trac/tags/trac-0.8.3
Upstream changelog 0.8.3:
* Fix compatibility of 'trac-admin resync' with Subversion >= 1.2.
* Settings page now works correctly when Trac is deployed at the root
of a host.
* Windows packaging issues resolved.
* Fixed bugs
Upstream changelog 0.8.2:
* Compatibility with Subversion >= 1.2 fixed.
* Compatibility with Docutils >= 0.3.7 fixed.
* Fixed bugs
Upstream changelog 0.8.1:
* Improved Python 2.1 compatibility.
* Layout of navigation bar in Opera fixed.
* Execution of Javascript through event handler attributes in HTML
code is now forbidden.
* Fixed bugs
using it (such as the new drivel-2.0.0). Bump PKGREVISION to 1.
The problem is that this header file requires the fd_set definitions, but
it only pulls in <sys/select.h> on AIX and NETWARE systems. Instead, change
the inclusion to only happen if configure script detected it during build
time.
- Avoid use of ":ts" modifier of make(1) since NetBSD 1.6.2's make(1)
dosen't support it. It might be fix "diskd" PKG_OPTION problem, too.
- Remove extra "--enable-async-io" configure option.
No PKGREVISION change.
* squid 2.5.STABLE10 + official + one official patch.
- 2005-05-25 23:01 (Cosmetic) Double content-length often harmless
Other fixes are already done by official patches for squid 2.5.STABLE9.
* Add missing cachemgr.cgi.8 to PLIST.
* Introduce options.mk which may need to be brushed more.
* Drop support for diskd on Darwin since diskd needs System V msg function
which dosen't supported on Darwin.
* Real fix for transparent proxy with IP Filter, fix PR pkg/30085.
Changelog since 5.5.7
Tomcat 5.5.9 (yoavs)
General
Add JULI, a java.util.logging implementation, used to provide sane
add defaults and configurability equivalent to Tomcat 4.0 for Tomcat 5.5
logging (remm)
docs Add JULI documentation to the logging page (remm)
add Add host manager webapp (remm)
add Add ant JkStatusUpdateTask for remote status worker handling ( >=mod_jk
1.2.9) (pero)
add 33739: Add reference to RUNNING.txt in setup.html. (yoavs)
fix 33719: Update reference to Ant download page. (yoavs)
fix 33883: Bad options in SSL-HowTo. (yoavs)
update Update to MX4J 3.0.1 (pero)
update 34139: Updated Realm-HowTo to specify JMX, Commons-Logging jars for
RealmBase. (yoavs)
add 33325: Added top-level clean target to Netbuild build.xml file.
(yoavs)
update 33755: Clarified Postgresql JNDI datasource example. [patch submitted
by Tom Witmer] (yoavs)
Catalina
fix Remove some instances of expanded folder removal (remm)
fix Don't call mkdirs if we're not going to save the configuration in
StandardContext (remm)
fix Fix context classloader binding during loader initialization (it was set
to null before) (remm)
fix The webapp logger should only be retrieved when the context classloader
is set to the webapp's classloader (remm)
fix 34170: Add back retry logic in JDBC realm in case of a connection
failure (remm)
fix 22041: Support dynamic proxies as session objects. (markt)
fix Fix logger names for wrappers (remm)
34006: If antiResourceLocking was used, HostConfig considered the
fix path as external, and web application resources were not correctly
removed or tacked; also simplify the code a lot (remm)
fix 34016: Save and restore docBase when using antiResourceLocking, for
compatibility with the admin webapp (remm)
add 33636: Set lastModified attribute when expanding WAR files. (yoavs)
add 32938: Allow Salted SHA (SSHA) passwords in JNDIRealm. (yoavs)
add 31288: Allow SMTP authentication for JNDI MailSessionFactory. (yoavs)
update Harmonize processing of the context.xml defaults with the way web.xml is
processed (remm)
fix Ignore ';' if it is in the query string (remm)
fix private to protected for the webapp classloader (remm)
fix Improve logging of filters and listeners startup errors (remm)
fix 33774: Retry once in JNDI realm authenticate failure regardless of
the exception message (remm)
fix 33961: Don't encode '~' in context paths (remm)
fix 32866: Propagate distributable property from context to manager
(yoavs)
fix 32867: Reset distributable attribute in context for clean reload
handling (yoavs)
update Fix some RealmBase/JNDIRealm log.isXXXEnabled (pero)
fix 34161: Harmonize StandardContext.stop with ContainerBase.stop (remm)
Coyote
fix 33971: Set remoteHost to null when Apache doesn't send one.
(billbarker)
fix Fix calculation of threadRatio for the ms thread pool, and fix setting
the updated timeout value (remm)
Update the ms thread pool so that we allocate a worker before
accepting a update new socket, and wait a little if the pool
is exhausted; this should make low maxThreads values work
a lot better (remm)
update 33857: Update information on automatic mod_jk configuration in
Apache-HowTo (yoavs)
fix Fix sync block placement in Mapper.addContext (remm)
fix 32741: Fix spelling of "committed" [patch from Ben Souther] (yoavs)
fix 34133: Make setHeader clear multi-valued headers (billbarker)
Jasper
fix 34034: Jasper does not respect external entities (billbarker)
fix 33810: Incorrect recycling of BodyContent if close is called (remm)
update Per instance loggers in Jasper (remm)
Cluster
fix Fix JvmRouteBinderValve primary failover attribute to
org.apache.catalina.cluster.session.JvmRouteOrignalSessionID (pero)
fix Change attribute name waitForAck to sendAck at ReplicationListener (pero)
Integrate new fastasyncqueue cluster sender mode. Support queue size
add limitation, get all queued objects and send it to the backup node, no
queue thread lock contention under high replication load, submitted by
Rainer Jung (pero)
Add compress attribute to Sender and Receiver to transfer data
add uncompressed. At high cluster load this option consume lesser cpu and
memory. Implement the compress handling to ReplicationTransmitter,
ReplicationListener, XByteBuffer and Jdk13ReplicationListener (pero)
Add doProcessingStats to synchronous, asynchronous and fastqueueasync
add sender modes to get min, avg, max processing times as IDataSender JMX
MBeans (pero)
fix TcpThreadPool use constant ACK byte array instead create new 3 byte
buffer for every message ack (pero)
update Refactor ReplicationTransmitter and ReplicationListener (pero)
update add getCatalinaCluster() to ClusterReceiver and SimpleTcpCluster (pero)
update Update the Api documentation (pero)
Webapps
update Use the standard struts taglib URIs in admin JSPs. (billbarker)
add Add more host parameters to create new host with host-manager (pero)
fix 34033: Fix quoting related bugs (remm)
fix 33713: Add Struts init code in frameset.jsp as well (remm)
Tomcat 5.5.8 (yoavs)
General
fix 33204: Fixed SSL HowTo page. (yoavs)
fix 33351: Fix silent uninstallation. (remm)
fix 33489: Missing space in uninstaller message. (yoavs)
Catalina
Unregister host mbean and all context mbeans at remove a host, s.
fix StandardHost.destroy() and MBeanFactory.createStandardHost/removeHost(,)
detected by Thorsten Kamann (pero)
fix make it possible to restart connector, now serversocket recreated after
stop,start (pero)
fix change mbean names from Mapper and ProtocolHandler to connector naming
style (pero)
update Add some log.isXXXEnabled (pero)
fix Deregister MapperListener after remove connector (pero)
fix Remove host only at own domain with same name at all services, detected
by Thorsten Kamann (pero)
fix 33187: Remove any logging of the password in the JAAS realm,
submitted by Andrew Jaquith (remm)
fix 33033: Don't do anything to the response in the ErrorReportValve if
data has already been written (remm)
update Add charset support for the URLs used by the tasks, to remove
deprecation (remm)
26135: Workaround for memory leak when reloading Struts based web
fix applications by clearing the bean instrospector cache of the JVM on
classloader stop, submitted by Tobias Lofstrand. (remm)
fix Ensure that if CLASSPATH is declared on startup - it is not used.
(funkman)
fix Add back use of deployOnStartup in HostConfig (remm)
docs Ant tasks docs patches, submitted by Gabriele Garuglieri. (remm)
update Use NIO for the raw copying operation, as it is faster (a little under
30%), and decreases a little the impact of antiResourceLocking. (remm)
fix 33357: Fix connection leaks with the DataSourceRealm, as well as
improve efficiency, submitted by Dominik Drzewiecki. (remm)
update Improve a little logging of servlet exceptions, which should all log the
root cause. (remm)
Add new Manager.createSession(sessionId) method, allowing
the client to update "specify" the session id which should
be used using a cookie when using emptySessionPath="true".
This fixes session tracking in this case. (remm)
fix 33368: Fix memory leak in swallowOutput feature which occurred when
the thread pool size is reduced, submitted by Rainer Jung. (remm)
fix StoreConfig: can't save cluster Membership element (pero)
add StoreConfig: suppress default jkHome attribute at connector (pero)
add StoreConfig: Save new dymanic properties from ReplicationTransmitter
(pero)
fix 33463: Remove attributes after context destroy. (remm)
fix 33572: context.xml should be a redeploy resource, and add
prioritization for redeploy resources. (remm)
Coyote
fix PoolTcpEndpoint recreate ServerSocket after start,stop,start connector
(pero)
update Add some log.isXXXEnabled (pero)
add JkMX: make log4j mbean configurable with attribute log4jEnabled (pero)
When Tomcat runs on Windows and IE is uploading data to the server, the
fix first read must be at least 8KB, otherwise upload speed is extremely
low, submitted by Noel Rocher (remm)
Jasper
fix 33223: pageContext.forward and jsp:include result in
StringIndexOutOfBoundsException (luehe)
fix 33373: Fix handling of context classloader in jspc (remm)
fix 33538: Ignore example and tag-extension elements in
TagLibraryInfoImpl. (yoavs)
fix 33539: Better error message when an unknown element is encountered in
the tag file. (yoavs)
fix 33219: Minor JspServletWrapper code cleanup. (yoavs)
Cluster
fix Add instance based ReplicationValve statistics to Mbean descriptor
(pero)
fix Better I18N support to cluster session and tcp classes (pero)
Support optional primaryIndicator at ReplicationValve to mark that
add request processing to existing session is at primary cluster node. Easy
failover detection, when mark is not at configurable primaryIndicator
attribute, submitted by Rainer Jung (pero)
update Refactor all implementation from interface IDataSenders (pero)
add Add some usefull attributes and operations to the all sender MBeans.
(pero)
add Add keepAlive and waitForAck handling to AsyncSocketSender and factor
out a DataSender base class.(pero)
add ReplicationTransmitter: Enable and Disable autoreconnect sender and
waitForAck. (pero)
add ReplicationTransmitter: transfer all properties to socket sender from
server.xml configuration. (pero)
Webapps
fix Fix create and remove Host for Admin app. (pero)
USE_TOOLS and any of "autoconf", "autoconf213", "automake" or
"automake14". Also, we don't need to call the auto* tools via
${ACLOCAL}, ${AUTOCONF}, etc., since the tools framework takes care
to symlink the correct tool to the correct name, so we can just use
aclocal, autoconf, etc.
Several changes are involved since they are all interrelated. These
changes affect about 1000 files.
The first major change is rewriting bsd.builtin.mk as well as all of
the builtin.mk files to follow the new example in bsd.builtin.mk.
The loop to include all of the builtin.mk files needed by the package
is moved from bsd.builtin.mk and into bsd.buildlink3.mk. bsd.builtin.mk
is now included by each of the individual builtin.mk files and provides
some common logic for all of the builtin.mk files. Currently, this
includes the computation for whether the native or pkgsrc version of
the package is preferred. This causes USE_BUILTIN.* to be correctly
set when one builtin.mk file includes another.
The second major change is teach the builtin.mk files to consider
files under ${LOCALBASE} to be from pkgsrc-controlled packages. Most
of the builtin.mk files test for the presence of built-in software by
checking for the existence of certain files, e.g. <pthread.h>, and we
now assume that if that file is under ${LOCALBASE}, then it must be
from pkgsrc. This modification is a nod toward LOCALBASE=/usr. The
exceptions to this new check are the X11 distribution packages, which
are handled specially as noted below.
The third major change is providing builtin.mk and version.mk files
for each of the X11 distribution packages in pkgsrc. The builtin.mk
file can detect whether the native X11 distribution is the same as
the one provided by pkgsrc, and the version.mk file computes the
version of the X11 distribution package, whether it's built-in or not.
The fourth major change is that the buildlink3.mk files for X11 packages
that install parts which are part of X11 distribution packages, e.g.
Xpm, Xcursor, etc., now use imake to query the X11 distribution for
whether the software is already provided by the X11 distribution.
This is more accurate than grepping for a symbol name in the imake
config files. Using imake required sprinkling various builtin-imake.mk
helper files into pkgsrc directories. These files are used as input
to imake since imake can't use stdin for that purpose.
The fifth major change is in how packages note that they use X11.
Instead of setting USE_X11, package Makefiles should now include
x11.buildlink3.mk instead. This causes the X11 package buildlink3
and builtin logic to be executed at the correct place for buildlink3.mk
and builtin.mk files that previously set USE_X11, and fixes packages
that relied on buildlink3.mk files to implicitly note that X11 is
needed. Package buildlink3.mk should also include x11.buildlink3.mk
when linking against the package libraries requires also linking
against the X11 libraries. Where it was obvious, redundant inclusions
of x11.buildlink3.mk have been removed.
on the GECKO_PROVIDER option
update to 1.3.21
changes:
Works with mozilla 1.7 -> 1.7.8, 1.8a3 -> 1.8b2 and trunk
Couple more focus fixes to less common cases
Fix regression since 1.3.19 that prevented helpers from working with
file:/// urls.
Fix toolbar editor to work when the composite extension is enabled
Other bug fixes
Changes:
* Quanta Plus
o read/write the correct entry from description.rc in the editor
o fill only the attributes with source="selection" with the
selection in the tag editing dialog
o fix matching of excluded files from a project
o don't crash when Selected is pressed and nothing is selected (in
the CSS editor)
o try to fix the crash caused by incompatible changes between
KDE 3.3.x and 3.4.x libcvsservice
o show the correct relative paths in URL autocompletion
o fix crash when unsetting breakpoints
o nicer processing of CVS output
o read the image sizes for remote images as well
o insert an img tag for remote images as well when using Drag and
Drop
o better context sensitive documentation (needs updated documentation
and DTEP packages)
* Kommander
o fix detection of scripts that are run from a temporary directory
Changes:
New features:
- Most of the .txt files in the doc/ directory was lifted to the XML
format defined in RFC 2629. It should make it easier to browse the
documentation. Both .txt and .html version is available.
Feature updates and improvements:
- Try to add support for a less aggressive caching strategy. Disable
document.cache.ignore_cache_control to try it. It will try to
better honour info in the Expires, Pragma and Cache-Control in both
the HTTP and the HTML headers. Inspired by Links2.
- Introduce a workaround for document refreshing leading to never
ending file download. It should do the right thing in most cases and
the remaining ones the you will just have to reload to restart the
refreshing.
- Make the gopher code more robust for URIs without entity info.
- Make it possible to have a specific features.conf file for each
build tree and to change compile-time settings without modifying a
file that is tracked by CVS.
- Show link image info in the document dialog.
- Improve error reporting for connections by showing which URI failed.
Furthermore, make it clearer when an IP version specific URIs
(http6://...) failed.
- NNTP error messages are now translated.
- Add --config-dump which dump a configuration file with default
options to stdout. Helpfull for package maintainers when providing
an example config file.
- Don't sleep after config errors when --dump or --source was
specified.
And lots of bug fixes.
for revisions for a single package. I don't think this "suexec"
PKGREVISION was meant for the apr package, but since it was used
it is now there.
I noticed this problem when building wip/apachebench2 which has
nothing to do with suexec. Although, I did not make this change
for pkgsrc-wip's wip/apachebench2 since this is a work in progress.
* fixed font magnification
* fixed table editing - setting number of rows/columns
* fixed color and settings management in frames
* fixed table cells padding
* fixed problem with text foreground color
* fixed several cursor movement problems
* fixed DIV parsing
* added and updated translations (Pawan Chitrakar, Ahmad Riza H Nst,
Adam Weinberger, Roozbeh Pournader, Steve Murphy, Adi Attar)
* Unbreak tests/test_gtk.py and require pygtk >= 2.0.
* Cleaned up several of the examples.
* WARNING: multi.select() now requires the previously optional
timeout parameter. Updated the tests and examples to reflect
this change. If the timeout is not set, select could block
infinitely and cause problems for the internal timeout handling
in the multi stack.
- Grigory Entin reported that curl's configure detects a fine poll() for Mac
OS X 10.4 (while 10.3 or later detected a "bad" one), but the executable
doesn't work as good as if built without poll(). I've adjusted the configure
to always skip the fine-poll() test on Mac OS X (darwin).
- When doing a second request (after a disconnect) using the same easy handle,
over a proxy that uses NTLM authentication, libcurl failed to use NTLM again
properly (the auth method was accidentally reset to the same as had been set
for host auth, which defaults to Basic).
- If -z/--time-cond is used with an invalid date syntax, this is no longer
silently discarded. Instead a proper warning message is diplayed that
informs about it. But it still continues without the condition.
which can take multiple values -- "pax" or "gtar". The default value
of EXTRACT_USING is "pax", which more closely matches reality since
before, we were using bootstrap "tar" for ${GTAR} and it was actually
pax-as-tar. Also, stop pretending pax-as-tar from the bootstrap kit
or on NetBSD is GNU tar. Lastly, in bsd.pkg.extract.mk, note whether
we need "pax" or "gtar" depending on what we need to extract the
distfiles.
Apply 9 official fixes including security improvement in DNS lookup.
I still disable transparent_port.patch because it needs a missing header
file of IP Filter. NetBSD current and 3.0_BETA already fixed this problem
but still netbsd-2/2-0 branches. I will apply it after netbsd-2/2-0
branches fix this problem. (And this fix needs to update squid package
to 2.5.STABLE10 which is RC3 now.)
* 2005-05-10 23:11 (Cosmetic)
Extended documentation of the always_direct directive
* 2005-05-10 22:33 (Medium)
assertion failed: store_client.c:343:
"storeSwapOutObjectBytesOnDisk(mem) > sc->copy_offset"
* 2005-05-11 19:19 (Security issue)
DNS lookups unreliable on untrusted networks
* 2005-05-09 01:51 (Minor)
Allow dstdomain and dstdom_regex to match IP based hosts
* 2005-05-08 14:01 (Cosmetic) Minor arp ACL improvements
* 2005-05-04 18:09 (Minor)
SNMP Agent updates to support SNMP Version 2 and bulk requests
* 2005-05-01 10:58 (Cosmetic) Cosmetic change to DISKD statistics
* 2005-04-30 12:58 (Medium)
Poor hot object cache hit ratio and sporadic assertion
failed: store_swapin.c: e->mem_status == NOT_IN_MEMORY
* 2005-04-25 16:36 (Cosmetic) Minor aufs improvements
