Release notes
Release date: 2012-03-27
Opera 11.62 is a recommended upgrade offering security and stability enhancements.
Changes since Opera 11.61
User interface
Fixed
* Find in page (Ctrl + F) uses last used Find inline type
* Address field focus lost on restart when installing extensions with a
toolbar button
* Submit data-security-warning locks page with two warning dialogs where
only one can be closed
* No window control buttons on the menu bar when disabling the close button
on tabs
* Inefficient loading order of resources
* PDF and SVG options offered in GTK print dialog but not supported
* Opera clipboard incompatible with Synergy/VNC/rdesktop/VMware/VirtualBOX
* Sluggish file dialog in GTK
* No GTK toolkit support under FreeBSD 9
Improved
* Updated tr/hu/cs language strings
Display and scripting
Fixed
* Some progressive JPEGs aren't decoded properly
* Crash when inspecting a UserJSEvent object in Dragonfly
* Facebook chat scrolling problems
* Text cursor position lost when clicking to focus on a search match inside
a textarea
* Error message when sending mail at centrum.cz
* IDNs starting with number are shown with punycode in address bar
* Crash when posting message to extension background process
Mail, news, chat
Fixed
* Selected message not consistent on layout switching
* Last selected message is forgotten through a restart
* Scrolling or switching view is slow when there are messages with many
addressees
* Occasional crash when navigating message list
Network
Fixed
* Support Ctrl+F5 and Shift+F5 for unconditional reload of web page (bypass
cache)
* URL Turbo mode header reduction generates invalid HTTP messages
Presto 2.10 rendering engine
Encoding improvements
* Changed multi-byte encodings to be non-greedy when encountering invalid
byte sequences, which is more compatible with other implementations
Security
Fixed
* Fixed an issue where small windows could be used to trick users into
executing downloads, as reported by Jordi Chancel; see our advisory:
http://www.opera.com/support/kb/view/1010/
* Fixed an issue where overlapping content could trick users into executing
downloads, as reported by Jordi Chancel; see our advisory:
http://www.opera.com/support/kb/view/1011/
* Fixed a printing issue which could allow data leaks to other system users,
or allow them to corrupt data, as reported by Christof Meerwald; see our
advisory:
http://www.opera.com/support/kb/view/1015/
* Fixed an issue where history.state could leak the state data from cross
domain pages; see our advisory:
http://www.opera.com/support/kb/view/1012/
* Fixed an issue which could allow web page dialogs to display the wrong
address in the address field; see our advisory:
http://www.opera.com/support/kb/view/1013/
* Fixed an issue where carefully timed reloads and redirects could spoof the
address field, as reported by Jordi Chancel; see our advisory:
http://www.opera.com/support/kb/view/1014/
Requested by Moritz Wilhelmy on IRC.
Vulnerabilities fixed:
* CVE-2011-2191
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee
before 1.2.99 allows remote attackers to hijack the authentication of
administrators for requests that insert cross-site scripting (XSS) sequences,
as demonstrated by a crafted nickname field to vserver/apply.
* CVE-2011-2190
The generate_admin_password function in Cherokee before 1.2.99 uses time and
PID values for seeding of a random number generator, which makes it easier
for local users to determine admin passwords via a brute-force attack.
New features (excerpt):
* Caching policies support
* Custom header can be defined inside rules
* Improved Index Page
* Kqueue is now used by default on MacOS X and *BSD
* New option to disable the use of SSLv2
* Wild cards are now supported in dirlist fields
* Redirection entries can be reordered
* ${vserver_name_req} in logger 'Custom'
* Cherokee-admin can be shut down from within
* TLS/SSL supports the 'IP per VServer' workaround now
* Virtual Server complex match support (OR rules)
* Redirection error handler has a 'default' option now
* New ${root_domain} macro in Advanced Virtual Hosting
* Failover load balancing plug-in
* cherokee-admin-launcher tool
* Information Source name resolution pre-caching
* Gzip and Default is configurable now (#1054)
* ${http_host}, ${http_referrer}, and ${http_user_agent} (#896)
* Much better OPTIONS support
* Documentation improvements
* Information Sources can be reordered now (*CGI handlers)
* X-Sendfile and X-Accel-Redirect support in the proxy
* Shared memory implementation (no longer SysV) (#537)
* Logger custom. New macro: ${http_cookie}
* Virtual Host regex group replacement (^ parameters)
* --with-cgiroot in configure
* -i / --disable-iocache param in cherokee-admin
* 'Server Info' extended to support accepts and timeouts
* cherokee-admin-launcher accepts SIGHUP now
* CTK_COOKIE security enhancement
* Enhanced pre-saving validations
* Interpreter env. vars can embedded $VARs evaluation
* QA bench can be run without installing Cherokee first
* OS tuning documentation
* Regex against full header match
* Nick name match is optional on VServers (#1075)
* Front-Line Cache (beta)
* Cherokee Distribution (beta)
* CHEROKEE_TRACE special "from=<ip>" support
* SSL/TLS Wizard
* SSI recursive includes
* "UNIX socket in a abstract namespace" support
* Adds SHA512 support to the MySQL validator
* HSTS (HTTP Strict Transport Security) support
Since 2.0 RC 1
----------------
bugfix: Uploading files fom CKEditor.
bugfix: Some data was not save creating a company.
bugfix: Error produced from documents tab - New Presentation.
bugfix: Problems with task dates in some views.
bugfix: Fatal error when you post a comment on a task page.
bugfix: Generation of task repetitions in new tasks.
bugfix: Do not let assign tasks (via drag & drop) to users that doesn't have permissions.
usability: Interface localization improvements.
system: Performance improvements.
Since 2.0 Beta 4
----------------
bugfix: Extracted files categorization
bugfix: When adding workspaces
bugfix: Breadcrumbs were not working fine all the time
bugfix: Being able to zip/unzip files
security: JS Injection Slimey Fix
system: .pdf and .docx files contents search
system: Improvement when creating a new user
system: Plugin update engine
system: Plugin manager console mode
system: Search in file revisions
system: Import/Export contacts available again
system: Import/Export events available again
system: Google Calendar Sync
system: Improvement on repeating events and tasks
system: Cache compatibility (i.e.: with APC)
usability: Completing a task closes its timeslots
usability: Task progress bar working along the timeslots
usability: Being able to change permissions in workspaces when editing
Since 2.0 Beta 3
----------------
bugfix: Several changes in the permissions system
bugfix: Invalid sql queries fixed
bugfix: Issues with archived and trashed objects solved
bugfix: Issues with sharing table solved
bugfix: Improved IE7 and IE9 compatibility
bugfix: Several timeslots issues solved
bugfix: IMAP issue solved at Emails module
bugfix: Solved issue with templates
bugfix: Added missing tooltips at calendar
bugfix: Issue when completing repetitive task solved
bugfix: Solved some issues with the Search engine
bugfix: Solved issue with timezone autodetection
buffix: Solved 'dimension dnx' error creating a workspace
usability: Permission control in member forms
usability: Disabling a user feature
usability: Resfresh overview panel after quick add
usability: Langs update/improvement
usability: Drag & Drop feature added
usability: Quick add task added, and improved
usability: Slight improvement with notifications
usability: Avoid double click at Search button (which caused performance issues)
usability: Permissions by group feature added
usability: Simple billing feature added
system: Security Fixes
system: Mail compatibility improved for different email clients
system: Feng 2 API updated
system: General code cleanup
system: Widget Engine
system: Performance improvements in custom reports
system: Print calendar
system: Custom Properties
Since 2.0 Beta 2
----------------
bugfix: Fixed problem uncompressing files
bugfix: Loading indicator hidden
bugfix: Search in mail contents
bugfix: Mail reply js error
bugfix: Filter members associated with deleted objects
bugfix: Fixed permission error creating a contact
usability: Contact View Improvements
usability: Navigation Improvements
system: Permission system fixes
system: Performance issues solved. Using permission cache 'sharing table' for listing
system: Weblinks module migrated
Since 2.0 Beta 1
----------------
bugfix: Fixed problem with context trees when editing content objects
bugfix: Fixed template listing
bugfix: Fixed issues when instantiating templates with milestones
bugfix: Fixed issue deleting users from 'people' and 'users' dimension.
bugfix: Fixed 'core_dimensions' installer
bugfix: Z-Index fixed in object-picker and header
usability: Selected rows style in object picker
system: General code cleanup
Since 1.7
-----------
system: Plugin Support
system: Search Engine performance improved
system: Multiple Dimensions - 'Workspaces' and 'Tags' generalization
system: Database and Models structure changes - Each Content object identified by unique id
system: Email removed from core (Available as a plugin)
system: User Profile System
feature: PDF Quick View - View uploaded PDF's
usability: Default Theme improved
usability: Customizable User Interface
Zope 3.3.1 is EOL and the package itself isn't maintained for long time.
Since newer Plone and Zope introduce their own install framework, it is
difficult to support it in pkgsrc unless someone create some framework.
Zope 2.9.12 is EOL and the package itself isn't maintained for long time.
Since newer Plone and Zope introduce their own install framework, it is
difficult to support it in pkgsrc unless someone create some framework.
Zope 2.10.13 is EOL and the package itself isn't maintained for long time.
Since newer Plone and Zope introduce their own install framework, it is
difficult to support it in pkgsrc unless someone create some framework.
Zope 2.11.8 is EOL and the package itself isn't maintained for long time.
Since newer Plone and Zope introduce their own install framework, it is
difficult to support it in pkgsrc unless someone create some framework.
Plone 2.5.5 is EOL and the package itself isn't maintained for long time.
Since newer Plone and Zope introduce their own install framework, it is
difficult to support it in pkgsrc unless someone create some framework.
.
Plone 3.1.7 is EOL and the package itself isn't maintained for long time.
Since newer Plone and Zope introduce their own install framework, it is
difficult to support it in pkgsrc unless someone create some framework.
[aa5d48f | Mon Mar 05 19:08:01 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Updated the list of authors and the changelog.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[8040c21 | Mon Mar 05 19:04:17 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Ramaze is now licensed under the MIT license.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[b1e5d5c | Fri Mar 02 15:21:37 UTC 2012] John Pagonis <john@pagonis.org>
* Explains how to reuse the existing middlewares stack with own middleware.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[556597f | Fri Mar 02 12:41:53 UTC 2012] John Pagonis <john@pagonis.org>
* Added a reference to the popular default Innate helpers to ramaze, to stop us wasting time looking for them.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[df6bd77 | Fri Mar 02 11:01:37 UTC 2012] Yorick Peterse <yorick@isset.nl>
* Added a general Git workflow link.
As suggested by @pagojo I've added a link to a guide that describes the various
steps of contributing to Github projects.
Issue: #33
Signed-off-by: Yorick Peterse <yorick@isset.nl>
[5ecdb93 | Thu Mar 01 19:05:56 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Woops, YARD can't resolve to Ramaze.start.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[3f6168a | Thu Mar 01 18:58:17 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Expanded the sessions guide.
It now includes a list of the available drivers (copied from the caching guide)
as well as some instructions on how to change the adapter to use for session
data.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[7d5f8a0 | Thu Mar 01 18:48:42 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Describe how to write/test documentation.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[d8a3cc4 | Thu Mar 01 13:46:44 UTC 2012] Yorick Peterse <yorick@isset.nl>
* Small formatting changes for the middlewares guide
See #33
Signed-off-by: Yorick Peterse <yorick@isset.nl>
[346a202 | Thu Mar 01 13:45:02 UTC 2012] Yorick Peterse <yorick@isset.nl>
* Removed trailing whitespace.
See #33 for more information.
Signed-off-by: Yorick Peterse <yorick@isset.nl>
[e125277 | Thu Mar 01 12:17:21 UTC 2012] John Pagonis <john@pagonis.org>
* Clarified the middlewares documentation a bit.
Signed-off-by: Yorick Peterse <yorick@isset.nl>
[5e9f80d | Wed Feb 29 20:12:54 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Updated the list of authors.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[cd11c7f | Mon Feb 20 20:45:12 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Fixed the formatting of the User helper docs.
See #32 for more information.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[e9225b4 | Fri Feb 17 13:31:21 UTC 2012] John Pagonis <john@pagonis.org>
* Corrected the user_login documentation.
Signed-off-by: Yorick Peterse <yorick@isset.nl>
[846a4b3 | Thu Feb 16 19:22:14 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Improved the docs for the User helper a bit.
See #30 for more information.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[2475a04 | Sat Feb 04 13:04:04 UTC 2012] Michael Fellinger <m.fellinger@gmail.com>
* update travis config
[4cfea2b | Wed Jan 25 14:35:19 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Re-generate CSRF tokens for valid requests.
Re-generating the CSRF tokens on each valid request fixes the annoying issue of
the tokens *always* expiring after 15 minutes. This is very annoying if you're
trying to edit some content and all of a sudden you're unable to submit a form
as the token has expired.
See #27 for more information.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[2e98ff1 | Wed Jan 25 14:29:20 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Removed a few more useless comments.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[5cdc51c | Wed Jan 25 14:28:44 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* No need to brush my ego that much.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[b24669f | Wed Jan 25 14:26:27 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Removed some useless code.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[e435ceb | Wed Jan 25 14:10:21 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Use Ramaze.setup for the view adapters.
Using Ramaze.setup() for installing and loading the gems required for various
view adapters should make it easier for developers to get started as they no
longer have to deal with errors related to certain Gems not being installed.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[17c909e | Wed Jan 25 14:03:37 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Added a few specifications for Slim.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[969a02c | Wed Jan 25 13:42:20 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Docs for the Slim engine and cleaned it up a bit.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[023d6cd | Wed Jan 25 13:35:36 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Removed a tab.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[37f0f73 | Thu Jan 19 05:52:52 UTC 2012] Marc Weber <marco-oweber@gmx.de>
* adding support for slim template engine
thanks to yorickpeterse, manveru
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[561d528 | Tue Jan 17 18:23:19 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Fixed a small statement bug in the blog example.
This bug would cause an exception to be raised whenever a user would try to log
in with invalid details. Thanks to MarcWeber for reporting the issue.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[e8b3786 | Tue Jan 17 17:14:52 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* No need to boost my ego that much.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[b33c13c | Tue Jan 17 17:04:10 UTC 2012] Michael Fellinger <m.fellinger@gmail.com>
* fix some wikore bugs
[fb84aea | Wed Dec 28 17:29:21 UTC 2011] Yorick Peterse <yorickpeterse@gmail.com>
* Release 2011.12.28
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[4553e0b | Wed Dec 28 05:13:22 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* Wrap Rack::File so we can continue to use Rack::Cascade
[f52f010 | Wed Dec 28 03:07:49 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* avoid shadow warning in controller
[c64833c | Wed Dec 28 02:58:55 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* fix shadowed variables in Thread#into
[4c66220 | Sat Dec 24 12:32:17 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* Update rvmrc to 1.9.3 and new convention
[de1a871 | Sat Dec 24 12:33:11 UTC 2011] Yorick Peterse <yorickpeterse@gmail.com>
* Don't specify the exact amount of lines.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[3b17e67 | Sat Dec 24 12:24:29 UTC 2011] Yorick Peterse <yorickpeterse@gmail.com>
* Set Ramaze.options.roots in the intro tutorial.
Without this Ramaze won't be able to properly locate your root directories and
thus will fail to load views, layouts, etc.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[88c5a38 | Wed Nov 09 18:26:11 UTC 2011] Yorick Peterse <yorickpeterse@gmail.com>
* Use request.ip/request.host instead of request.env
Using request.env['REMOTE_ADDR'] and request.env['REMOTE_HOST'] can break on
certain environments (e.g. Heroku). Thanks to @stas for reporting the issue.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[51c8d43 | Sun Oct 23 18:11:57 UTC 2011] Yorick Peterse <yorickpeterse@gmail.com>
* Minor style changes to the Flash documentation.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[f133be7 | Wed Mar 07 18:27:47 UTC 2012] Michael Fellinger <m.fellinger@gmail.com>
* Version 2012.03
[cab2aef | Wed Mar 07 18:27:21 UTC 2012] Michael Fellinger <m.fellinger@gmail.com>
* update dependency to rack 1.4.1
[e474964 | Thu Mar 01 19:22:58 UTC 2012] Yorick Peterse <yorickpeterse@gmail.com>
* Fixed various YARD formatting issues.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[d82fd1e | Sun Feb 26 13:22:09 UTC 2012] Michael Fellinger <m.fellinger@gmail.com>
* Enable the render helper to render views without corresponding method if needs_method is enabled
[918974e | Sun Feb 26 12:45:50 UTC 2012] Michael Fellinger <m.fellinger@gmail.com>
* Fix initialize of Rack::Cascade on 1.4.1
[0e298de | Wed Dec 28 17:57:58 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* Here comes a better Innate::Cache::register, now with less warnings and more speed
[d8a1da4 | Wed Dec 28 05:06:07 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* Version 2011.12
[13f9372 | Wed Dec 28 04:54:29 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* less obfuscation ftw
[10cf300 | Wed Dec 28 04:54:09 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* minor cleanup around specs
[7f61483 | Wed Dec 28 04:53:40 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* Update to Rack 1.4.0
[575e900 | Thu Dec 08 17:05:04 UTC 2011] Michael Fellinger <m.fellinger@gmail.com>
* Update travis config
[037f35a | Sun Nov 06 12:18:30 UTC 2011] Yorick Peterse <yorickpeterse@gmail.com>
* Revert "AOP calls can now be stacked."
This reverts commit 3ceb18dae7b774ab9b21cba6538b217ba35d5e21.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[3ceb18d | Sun Nov 06 11:30:51 UTC 2011] Yorick Peterse <yorickpeterse@gmail.com>
* AOP calls can now be stacked.
This means that calling methods such as before_all() or before() multiple times
in the same controller will no longer in these calls overwriting previously
defined ones. A short example of this is the following:
class Posts
Innate.node('/posts')
helper :aspect
NUMBERS = []
before_all do
NUMBERS << 10
end
before_all do
NUMBERS << 20
end
def index
return NUMBERS
end
end
Visiting /posts would result in "[10, 20]" being displayed in the browser.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
* osm: New plugin to embed an OpenStreetMap into a wiki page.
Supports waypoints, tags, and can even draw paths matching
wikilinks between pages containing waypoints.
Thanks to Blars Blarson and Antoine Beaupré, as well as the worldwide
OpenStreetMap community for this utter awesomeness.
* trail: New plugin to add navigation trails through pages via Next and
Previous links. Trails can easily be added to existing inlines by setting
trail=yes in the inline.
Thanks to Simon McVittie for his persistance developing this feature.
* Fix a snail mail address. Closes: #659158
* openid-jquery.js: Update URL of Wordpress favicon. Closes: #660549
* Drop the version attribute on the generator tag in Atom feeds
to make builds more reproducible. Closes: #661569 (Paul Wise)
* shortcut: Support Wikipedia's form of url-encoding for unicode
characters, which involves mojibake. Closes: #661198
* Add a few missing jquery UI icons to attachment upload widget underlay.
* URI escape filename when generating the diffurl.
* Add build-affected hook. Used by trail.
pkgsrc changes:
* Fix dependency on YAML::XS (reported by dholland).
* Remove last local patch, now integrated upstream.
