including:
*) SECURITY: CAN-2004-0174 (cve.mitre.org)
Fix starvation issue on listening sockets where a short-lived
connection on a rarely-accessed listening socket will cause a
child to hold the accept mutex and block out new connections until
another connection arrives on that rarely-accessed listening socket.
With Apache 2.x there is no performance concern about enabling the
logic for platforms which don't need it, so it is enabled everywhere
except for Win32. [Jeff Trawick]
*) SECURITY: CAN-2004-0113 (cve.mitre.org)
mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling.
PR 27106. [Joe Orton]
*) SECURITY: CAN-2003-0020 (cve.mitre.org)
Escape arbitrary data before writing into the errorlog. Unescaped
errorlogs are still possible using the compile time switch
"-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, Andr<E9> Malo]
Complete changelog is at http://www.apache.org/dist/httpd/CHANGES_2.0
Package changes include:
buildlink depends increased for apache2 (but not for apr).
apr package version changes, but APR_VERSION stays same.
more files installed and added to PLIST.
share/httpd/manual/search/manual-index.cgi removed from PLIST.
Also removing share/httpd/htdocs and share/httpd directories
removed from PLIST because already handled by MAKE_DIRS.
(I think this should use OWN_DIRS.)
(jlam@ said he would like this update done during freeze.)
by moving the inclusion of buildlink3.mk files outside of the protected
region. This bug would be seen by users that have set PREFER_PKGSRC
or PREFER_NATIVE to non-default values.
BUILDLINK_PACKAGES should be ordered so that for any package in the
list, that package doesn't depend on any packages to the left of it
in the list. This ordering property is used to check for builtin
packages in the correct order. The problem was that including a
buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed
from BUILDLINK_PACKAGES and appended to the end. However, since the
inclusion of any other buildlink3.mk files within that buildlink3.mk
was in a region that was protected against multiple inclusion, those
dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
and using NS_PREFERRED which can be defined in /etc/mk.conf.
This was broken in rev 1.16, when the include of ../navigator/Makefile.common
was removed, which included before mk/bsd.prefs.mk.
Changes:
Version 0.8.0 [Feb 08, 2004]
- * Added a right-mouse-button popup for images!
Patch: Frank de Lange, Eric Gaudet, Jorge Arellano
- * Made main document window grab focus on startup, fullwindow,
and after open url (BUG#330)
* Set Ctrl-U to focus the location entry,
Ctrl-R to reload, and Ctrl-H to hide controls.
Patches: Johan Hovold, Jorge Arellano, Stephan Goetter
- * Added a missing handler for broken-connection condition.
Patch: Jorge Arellano, Phil Pennock
- * Introduced a new way of handling dillo plugins! Now the
communications and managing is done by a daemon: dpid.
This comes with a lot of advantages described in Dpid.txt.
Patch: Programming: Ferdi Franceschini; Design: Jorge Arellano
- * Wrote documentation for dpid (Dpid.txt).
* Removed a memory leak in Get_line().
Patches: Jorge Arellano, Ferdi Franceschini
- * Developed a plugin for downloads. It uses wget and can handle several
connections at the same time.
* Developed stress tests for both dpid and the downloads dpi.
Patches: Ferdi Franceschini
- * Adapted dpi.c to manage plugins through dpid.
* Improved the incoming dpi-stream processing to accept images from a dpi.
* Added/updated lots of dpi-related comments.
* Updated the dpi1 spec.
* Removed the forced end-to-end reload that was set upon dpis. Now,
dpi-generated pages can be cached.
* Made dillo able to handle multiple plugins (still lacks a dynamic API)
... etc, etc.
Fixes:
- Fixed bug 599388: Search engines are not detected if domain is IP
address.
- Fixed bug 711758.
- Fixed bug 812681: bad case for ENV expansion in awstats.conf.
- Fixed bug 813908: Incomplete documentation
- Fixed bug 816267: onedigit dayofmonth breaks syslog regex
- Fixed bug 817287,830458: wrong regexp in Read_DNS_Cache subroutine
- Fixed bug 817388: lib/referer_spam.pm & lib/robots.pm
- Fixed bug 818704: Warning in IPv6 plugin when no reverse DNS
- Fixed bug 841877: regex bug for parsing log lines
- Fixed bug 846365: relative path not working for DirData.
- Fixed value for ValueSMTPCodes if not defined in config file.
- Fixed pb when country code is not same than lang code (example:
estonian has lang code 'et' and country code 'ee').
- Replaced Kb/visits to Kb/mails for mail log analysis.
- Remove some warnings that appears when running perl -W
- Other minor bugs (814970,823064,823323,831438,836315).
- Fixed bug in counting hits for miscellanous and clusters chart when
a temporary flush was done on disk during a long update.
- ExtraSections now works on all records whatever is the status code.
- Click on "Summary" now returns to top of page even with rawlog plugin.
- Fix in log parsing that should reduce dropped records to only records
that match a dropping criteria (SkipFiles, Skip..., Only...).
- Click on "Summary" now returns to top of page even with rawlog plugin.
- Fixed AmigaVoyager detection.
- Fixed bug in SkipHosts filter for mail log files.
- Fixed not working link for search keywords/keyphrase in menu with FireBird.
- Fixed pb in loading plugins with mod_perl2.
- Fixed not found relative DirData path with some Perl/OS versions.
- Fixed error in awstats_updateall.pl when current directory, while running
it, is where awstats.pl is stored.
New features/improvements:
- Increased speed by 10 to 20%.
- Added a Worms report (Added LevelForWormsDetection and
ShowWormsStats parameter).
- Added report for "not viewed" traffic in Summary report.
- Monthly history report has been extracted from the Summary report.
- Some changes to make AWStats to be XML compliant ready.
Need to set the new parameter BuildReportFormat to 'xml' in config file.
Added also the BuildHistoryFormat parameter (Even if only 'text' is
supported for the moment).
- A lot of part of codes have been rewritten to make code more easy to
understand and reduce unknown bugs.
- The link to whois informations for a host, provided by hostinfo plugin,
has been replaced by an internal 'whois' showing in a popup window full
whois informations whatever is the TLD of IP or host name.
- A new search engine database to allow several "match id" for same
search engine. Example: All google ip referer id are recognised.
- Can use UA and HOST fields to build personalized ExtraSection reports.
- Added support for AND conditions in personalized ExtraSection config.
- Support for right to left languages. Added 'he' language.
- Added LevelForSearchEnginesDetection parameter to choose between 2 possible
levels of detection for search engines (like LevelForRobotsDetection).
Also, added LevelForFileTypesDetection parameter (2 possible levels).
- Added percent column for file types.
- The robot chart now shows details between hits on robots.txt file and
other hits.
- Count of keywords/keyphrases does not increment counter for hits made
on images from a google cached page.
- Added patch 857319: Allow several IPs and IP ranges in
AllowAccessFromWebToFollowingIPAddresses parameter.
- Added experimental graphapplet plugin (graph are built by applet).
- Webmin module updated to 1.210 to integrate all new parameters.
- Better setup error messages for newbie.
- Reports look better on Mozilla browsers.
- Added decodeUTFkeys plugin to AWStats to show correctly (in language
charset) keywords/keyphrases strings even if they were UTF8 coded by
the referer search engine.
- Added/updated a lot of os, browser and country icons.
- Added Hebrew and Galician language.
- configure.pl: A new script to configure AWStats and Apache and
build a simple config file.
- awstats_buildstaticpages.pl: The -date option has been replaced
by the -buildate=%YY%MM%DD option so you can choose your own date format.
- awstats_buildstaticpages.pl: Added the -configdir option.
- awstats_exportlib.pl: Changes to be compatible with new AWStats databases.
- logresolvemerge.pl: can use several threads for reverse DNS lookup
with Perl 5.8.
- maillogconvert.pl: Allow to process qmail log preprocessed by
tai64nlocal tool.
- maillogconvert.pl: Added support for MDaemon mail server log files.
Other/Documentation:
- A httpd.conf sample to configure AWStats is provided.
- Added example for analyzing awredir.pl hits by ExtraSections.
- Updated database:
wget is known as a "grabber" browser, no more as a robots.
netcaptor and apt-get added in browser database.
asmx and aspx added in mime.pm file.
Microsoft URL Control added in robot list.
- Documentation seriously updated.
- FAQ updated.
Rasputin (rasputin at idoru dot mine dot nu).
Ruby bindings for the FastCGI system.
This is merged version matz's C version(fcgi.so) and
Eli's pure ruby version(fastcgi.rb).
Rasputin (rasputin at idoru dot mine dot nu).
- stop modifying httpd.conf with apxs.
- install HTML document, too.
- honor PKG_SYSCONFVAR.
Since changes from 0.9.7 are to many, please look into ChangeLog file.
Changes:
VPL: fix editing in the attribute editor of tags which contain special areas
VPL: show the parent tag in the tag attribute view when editing text
VPL: put messageBoxes for cut/copy/paste/undo/redo instead of disabling the
actions (was confusing)
VPL: stop inserting non-breaking space everywhere
VPL: fix some various crashes
fix the slow typing problem
don't crash on upload if the current tab holds a plugin
don't crash the CSS editor on invalid CSS
don't crash the table editor on invalid nested tables
don't crash the table editor when invoked on a table without <tbody>
don't crash when setting table/body/header/footer attributes for newly
created tables
don't crash when trying to drag the No Project text in the project tree
fix crash when clicking on an item of the structure tree which pointed to an
included file
increase timeout for network operations to 60s
don't try to copy the same file twice if it's dropped to the templates tree
view
don't let the attribute tree to grow if the tag name is very long
make insertion and renaming in the project tree view work as expected
improve the usability and behavior of the different treeviews
fix opening of documentation pages with references
always enable the Open and Open Project buttons
creation of templates directory failed in some cases when using the new
project wizard
fix creation of project when the main directory starts with a protocol name
fix creation of remote projects
fix saving of files with fish://
make the spellchecker actually replace the wrongly spelled words
make the New Project wizard usable on lower resolutions
don't switch to the parent node when clicking on a node in the structure
tree and Follow Cursor is enabled
faster startup and less memory used
better namespace support in autocompletion
various parsing fixes
