Pkgsrc changes:
o Add commented-out additional HOMEPAGE using search.cpan.org
o Adjust dependencies in accordance with updated requirements
Upstream changes:
v0.35 (released 2008/11/03):
* bug fixes
- Fixed RT #40318
(http://rt.cpan.org/Public/Bug/Display.html?id=40318),
about getting single or multiple files directly to
\*STDOUT.
v0.34 (released 2008/09/11):
* bug fixes
- Fixed RT #39150
(http://rt.cpan.org/Public/Bug/Display.html?id=39150),
about downloading multiple files in the same directory.
v0.33 (released 2008/08/24):
* documentation
- Clearly state that opera software asa is now co-maintainer
of http::dav
- Fixed various inconsistencies in the v0.32 documentation
v0.32 (released 2008/08/24):
* incompatibilities
- Now HTTP::DAV requires Perl 5.6.0+ and Scalar::Util
(core in 5.8.x).
* bug fixes
- Now HTTP::DAV objects are correctly released from memory
when they go out of scope. Now it should be possible to
use multiple instances of HTTP::DAV even in long-running
processes.
Was caused by circular references between HTTP::DAV and
HTTP::DAV::Resource.
Pkgsrc changes:
o Adjust dependencies according to new META.yml
Upstream changes:
version: 0.63
date: 2008-11-11
changes:
- improved support for nested blocked elements (needed, e.g., for
MediaWiki support of 'p' elements within table cells, bug #37911)
Upstream changes:
2008-11-24 Gisle Aas <gisle@ActiveState.com>
Release 3.59
Restore perl-5.6 compatibility for HTML::HeadParser.
Improved META.yml
2008-11-17 Gisle Aas <gisle@ActiveState.com>
Release 3.58
Suppress "Parsing of undecoded UTF-8 will give garbage" warning
with attr_encoded [RT#29089]
HTML::HeadParser:
- Recognize the Unicode BOM in utf8_mode as well [RT#27522]
- Avoid ending up with '/' keys attribute in Link headers.
2008-11-16 Gisle Aas <gisle@ActiveState.com>
Release 3.57
The <iframe> element content is now parsed in literal mode.
Parsing of <script> and <style> content ends on the first end tag
even when that tag was in a quoted string. That seems to be the
behaviour of all modern browsers.
Implement backquote() attribute as requested by Alex Kapranoff.
Test and documentation tweaks from Alex Kapranoff.
Pkgsrc changes:
o Change to Module::Build
Upstream changes:
1.106 2008-09-14
- Added missing Apache2 modules. Refs #39146 and #38931. Thanks
to RSAVAGE.
- Applied BEROV's patch for UTF-8 form data handling. Refs #12481.
Thanks to BEROV.
Pkgsrc changes:
o Add HOMEPAGE using search.cpan.org
Upstream changes:
4.38 - Friday, October 31, 2008
* INTERNAL: Rename SimpleObjectClass to
CGI::Session::Test::SimpleObjectClass to avoid
namespace ownership issue (Mark Stosberg).
* INTERNAL: We now list CGI.pm 3.26 or greater as a dependency.
You are still welcome to use other query objects,
but this version of CGI.pm fixes a bug in the
strictness of HTTP expiration times, which Safari
in particular is sensitive to. So, if you are using
CGI.pm, you should upgrade to at least this version.
RT#34216, thanks to Astar, Michael Hampton, Ron
Savage and Mark Stosberg.
* INTERNAL: return explicit values in _set_status and _unset_status
(RT#39201, Mario Domgoergen, Mark Stosberg)
* FIX: RT#37877: The storable serializer wasn't properly
inheriting the 'errstr' method. This could have resulted
an error like: "Can't locate errstr via package
"CGI::Session::Serialize::storable" Thanks to Michael
Greenish, Mark Stosberg.
* FIX: RT#40405 reported a case where the default serializer
would have a problem after the user set a parameter's
value to undef, in certain circumstances.
A test file was kindly provided by cowomally[...]nullium.net.
The fix was spelled out by Matt LeBlanc
* FIX: RT#39679 pointed out a simplification in method remove()
in CGI::Session::Driver::file.
By calling _file() instead of duplicating code, we get
the benefit of extra error checking. Thanx to Sergiy
Borodych for noticing this
* FIX: Stop using the return value of delete() in t/find.t.
This means that when the patch provided in RT#37752 is
applied, t/find.t will not start failing
4.37 - Wednesday, October 22, 2008
* INTERNAL: Patch Makefile.PL and Build.PL to request that
SimpleObjectClass not be indexed.
4.36 - Friday, September 12, 2008
* FIX: The sample code for find() had 2 errors in it:
o It assumed delete() returned a meaningful value, which it doesn't
o It did not follow the call to delete() with a
(recommended) call to flush()
o Thanks to Mario Domgoergen for the report, RT#39201
Upstream changes:
2.04 - Fri Nov 28 15:41:33 PST 2008
Incorporated bug fix for authen_ses_key() provided by
Carl Gustafsson. authen_ses_key() was not properly handling
any extra_session_info - the fix is to get $hashed_string with
my $hashed_string = pop @rest;
Also releasing the work done between April 26, 2005 and February 4, 2007,
plus bug fix for authen_ses_key
- Added basic framework for unit tests.
- Factored out some of the DBI code into new methods:
- _dbi_connect()
- _get_crypted_password()
- Changes to satisfy Perl::Critic, e.g.
- Removed function prototypes (they are ignored for methods.)
- Cleaned up regular expressions: use /x, etc.
Midori is a lightweight web browser.
Features
Full integration with GTK+ 2
Fast rendering with WebKit
Tabs, windows and session management
Bookmarks with XBEL and token support
Flexibly configurable Web Searchbox
Custom context menu actions
User scripts and user styles support
Extensible via Javascript
WebKit is an open source web browser engine. WebKit is also the name of
the Mac OS X system framework version of the engine that's used by
Safari, Dashboard, Mail, and many other OS X applications. WebKit's HTML
and JavaScript code began as a branch of the KHTML and KJS libraries
from KDE.
This is the GTK2+ port of the engine.
cleanup Makefile
0.08 Wed Nov 26 10:02:52 EST 2008
- Workaround possible errors with Storable::thaw and empty
strings (thanks to kevin montuori for suggesting a fix)
Changelog:
0.10009 2008-11-27
- Including progressive realm for multiple authentication attempts
in a single request.
0.10008 2008-10-23
- Updating config to allow for inclusion of realm ref's in the main
config hash rather than in a subref called 'realms'
* Update Bulgarian translation which catch up to TYPOlight 2.6.2.
* Fix PLIST for Romanian (PLIST.ro) which should be updated by previous commit.
* Update French and Latvian translations.
The seventh maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
* SA-2008-073 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 6.6 release:
* - Patch #324118 by winterheart: fixed invalid XHTML being generated for forum topic listings.
* - Patch #329019 by dww, sun: fixed PHP warning.
* #315739 by sun: The theme name is in arg(4) on the block admin page, so only redirect to theme specific page if that is set.
* - Patch #329646 by Damien Tournoud: properly reset user_access().
* - Patch #255293 by Gribnif, maartenvg: incorrect regex causes some aggregated CSS to fail.
* #329998 by pwolanin: escape markup looking non-HTML tags in schema descriptions
* #258089 by JohnAlbin, Arancaytar, merlinofchaos: themes cannot have a preprocess function without a corresponding .tpl.php file
* #255150 by dropcube, tested by catch, asimmonds: content type names were double escaped on create content page
* #329660 by pwolanin: node_configure_validate() should be replaced with a #submit handler to conform to FormAPI rules
* #299742 by Darren Oh: missing #ahah support on checkboxes
* #193580 follow up by gpk: late but important changelog entry for Drupal 6.0
* #302638 by pwolanin: avoid running several no-op queries while the menu is being rebuilt; improves performance
* Rolling back #302638, it caused problems reported in #328110
* #319165 by Alex_Tutubalin: add explicit UTF-8 client encoding setting for PostgreSQL
* - Patch #277644 by lilou: documentation improvement.
* - Patch #335385 by Dave Reid: fixed maxlength of path alias fields to be consistent with the database.
* - Patch #337454 by earnie: fixed the phpdoc of drupal_render_form().
* - Patch #293370 by swentel et al: make block sorting work when there are more than 20 blocks.
* - Patch #325908 by kbahey: removed redundant cache flusing.
* - Patch #281131 by Damien Tournoud: document the missing quote in .htaccess.
* - Patch #336115 by Nedjo: better documentation for t().
* - Patch #342988 by ultimateboy: fixed order of attributes in PHPdoc.
* #324875 by pwolanin: improve HTTP_HOST checking, ensuring that the host is lowercased and only valid characters are allowed.
* #280934 follow up by pwolanin: harden the cookie handling in sess_regenerate() by setting our session cookie to be an HTTP only cookie, thus reducing the risk of session stealing via XSS
* #28776 by Uwe Hermann, Morbus Iff, jvandyk: Protect *.test files and SVN metafiles from being exposed under Drupal
* #299582 by hass: Remove outdated items from robots.txt and fix ordering of items to make stuff easier to find.
* #305653 by snowball43, cdale, Dave Reid, sun: All themes were disabled when update.php was run
* #344661 by Dave Reid: fix phpdoc documentation on translation_translation_link_alter()
* #333060 by neclimdul, merlinofchaos, dvessel: child themes did not inherit patterns correctly, so more specific template files are not detected
* #206138 by pwolanin et al: little documentation fix for node base module name handling
* #276111 by pwolanin, meba and myself: disallow possibly dangerous submissions in locale translations and imports
* #345167 by JacobSingh, pwolanin, Heine: drupal_http_request() includes an extra CRLF, not conformant to HTTP specs
http://drupal.org/node/345462
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
* SA-2008-073 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 5.12 release:
* #318102 by Damien Tournoud and Dave Reid: hook_exit() not invoked for some cached requests.
* #278821 by teezee. More isset() checking.
* #293612 by egfrith, Bart Jansens: let user_authenticate() be called without cookies previously set; allows web service modules to start a session with the authentication.
* #123556 by maartenvg and dvdweide. Do not show empty user info categories.
* #294450 by blakehall. Match up DB and form max length.
* More code style removing trivial differences with 6.x.
* #195161 by mcarbone with some modifications: only show 'login to post comments' if logging in actually lets you post comments. Backport by salvis.
* - Patch #342988 by ultimateboy: fixed order of attributes in PHPdoc.
* #280934 follow up by pwolanin: harden the cookie handling in sess_regenerate() by setting our session cookie to be an HTTP only cookie, thus reducing the risk of session stealing via XSS
* #324875 by pwolanin: improve HTTP_HOST checking, ensuring that the host is lowercased and only valid characters are allowed.
* #28776 by Uwe Hermann, Morbus Iff, jvandyk: Protect *.test files and SVN metafiles from being exposed under Drupal
* #299582 by hass: Remove outdated items from robots.txt and fix ordering of items to make stuff easier to find.
http://drupal.org/node/345467
- Remove description of using PostgreSQL for backend database
from files/README.
- Replace remained www/www to APACHE_USER/APACHE_GROUP in Makefile.
- Don't hardcord /typolight in files/typolight.conf.
Bump PKGREVISION.
Trac-0.11.2.1.ja1 (Nov 30, 2008)
* Merge Trac-0.11.2 and Trac-0.11.2.1
* Change encodings on Option's doc from unicode to UTF-8 for `pydoc`.
- trac/wiki/macros.py
- trac/attachment.py
- trac/db/api.py
- trac/env.py
- trac/mimeview/api.py
- trac/mimeview/enscript.py
- trac/mimeview/php.py
- trac/mimeview/pygments.py
- trac/mimeview/silvercity.py
- trac/notification.py
- trac/perm.py
- trac/search/web_ui.py
- trac/ticket/api.py
- trac/ticket/notification.py
- trac/ticket/query.py
- trac/ticket/report.py
- trac/ticket/roadmap.py
- trac/ticket/web_ui.py
- trac/timeline/web_ui.py
- trac/versioncontrol/api.py
- trac/versioncontrol/svn_authz.py
- trac/versioncontrol/svn_fs.py
- trac/versioncontrol/web_ui/browser.py
- trac/versioncontrol/web_ui/changeset.py
- trac/versioncontrol/web_ui/log.py
- trac/web/auth.py
- trac/web/chrome.py
- trac/web/main.py
- trac/wiki/api.py
Trac 0.11.2.1 (November 17, 2008)
http://svn.edgewall.org/repos/trac/tags/trac-0.11.2.1
Trac 0.11.2.1 fixes a Python 2.3 incompatibility introduced in Trac 0.11.2.
Python 2.4+ users already running Trac 0.11.2 do not need to upgrade.
Trac 0.11.2 (November 8, 2008)
http://svn.edgewall.org/repos/trac/tags/trac-0.11.2
Trac 0.11.2 contains two security fixes and a couple of bug fixes.
The following list contains only a few highlights:
Bug fixes:
* Fixes potential DOS vulnerability with certain wiki markup. Reported by
Matt Murphy.
* Improved HTML sanitizer filter to detect possible phishing attempts.
Reported by Simon Willison.
* MySQL db backend improvement (reconnect after idle timeout #4465)
* TicketQuery speed improvements (#6436)
* Fixes for RSS feeds (timeline entries no longer truncated #7316, no longer
download some feeds under Firefox #3899)
* Search now works for custom fields (#2530)
* Same order for ticket fields for new and existing tickets (#7018)
* Enforce fine-grained permission for "quickjump" search results (#7655)
* E-mail obfuscation was not done in a few remaining places (#7688, #6532)
* Uninstall of plugins from WebAdmin was not working - feature disabled
for now
* More robust pagination of results for reports and custom queries (#7424,
#7544)
* Support for newer version of pygments (#7622)
* Documentation updated (#7603, #7205, #7318)
Minor improvements:
* Better support for Wiki page hierarchy (show path #2780, link to
parent #2150)
* Custom query allow to search in description and other text fields (#4824)
Pkgsrc changes:
- Add dependencies for test target so most of this Perl module's
tests can be run
Upstream changes:
0.10 27 Oct 2008
* calling $form->reset or $form->clear will now refetch
objects from db for interrelated menus, re-populating the
options.
0.11 27 Oct 2008
* fix dbic tests so they skip the correct number of tests
0.12 17 Nov 2008
* support the new 'unqiue_value()' method in RDBOHelpers
and MoreHelpers, which will now override
show_related_field_using() when called in foreign_field_value().
0.13 24 Nov 2008
* fix autocomplete bug to call get_controller() rather than
simply controller()
* add map_to_column, map_from_column and map_class_controller_class
to RelInfo
* add as_hash() to RelInfo
2.24.2
Fix multi-dnd with gtk 2.14
Convert strings to UTF16 before passing them to nsIPrintSettings with
Gecko 1.9.
Analysis by Vincent Caron, fixes bug #549361.
Update Ukrainian translation.
Updated Brazilian Portuguese translation.
Updated Swedish translation
Added Asturian translation on behalf of Mikel Gonzalez
2.24.2.1
Re-dist with libtool 2.
actually still exists.
Changes since 2.01-10:
* Fixed problem with timing totals.
* Fixed referrer linking to avoid possible xss injection.
* Fixed month change detection error that caused incorrect report
dates when logs had a 'gap' longer than a year.
* Fixed buffer overrun possibility in parsing code and user agent
mangle logic.
* Added symbolic link checks for file I/O to prevent possible
privilege escalation exploits. Disallows reading from or writing
to any file that is a symlink. Thanks to Julien Danjou.
* Added code to preserve the history and incremental data files in
the event of a crash before writing to them completely. Thanks
to Robert Millan for the idea and initial code.
* Added native geolocation services, which fully supports both IPv4
and IPv6 lookups. Adds the configuration keywords 'GeoDB' and
'GeoDBDatabase' along with the '-j' and '-J' command line options.
* Added 'wcmgr', "The Webalizer (DNS) Cache file Manager" to the
distribution to provide cache file maintenance. See the supplied
man page for a description and usage information.
* Changed history code and main index page to allow for more than
12 months of reports to be displayed. Added the config keywords
'IndexMonths' (-K command line option), 'GraphMonths' (-k command
line option) and 'YearHeaders' to control how index is displayed.
* Changed Berkeley DB code to use current 4.x APIs.
* Added support for bzip2 compressed log files (.bz2) as a compile
time option (--enable-bz2). If enabled, bzipped files will be
decompressed automatically during processing.
* Added support for W3C formatted logs. Based on code submitted
by Klaus Reimer.
* Added GeoIP support as compile time option (--enable-geoip). Adds
'GeoIP' and 'GeoIPDatabase' config keywords, '-w' and '-W'
command line options. (http://www.maxmind.com/)
* Added IPv6 support. Based on initial code by Jose Carlos Meneiros
and modified to support Solaris and other problematic platforms.
* Added 'CacheIPs' config option to allow saving unresolved addresses
in the DNS cache.
* Added 'CacheTTL' config option which allows the DNS cache time to
live (TTL) value to be specified at run-time.
* Added 'SearchCaseI' config option to specify if search strings
should be treated as case insensitive or not. The default value,
'yes', causes search strings to be treated as case insensitive.
* Added 'HTAccess' config option. Allows writing a default .htaccess
file to the output directory.
* Added ability to display flags in the top country table. Adds the
config keywords 'CountryFlags' and 'FlagDir', and -z command line
option.
* Added 'StripCGI' config option to configure how CGI variables on
the end of URLs are treated (can now be stripped or left in place).
* Added 'DefaultIndex' config option to enable/disable the use of
"index." as a default index name to be stripped from the end of URLs.
* Added 'TrimSquidURL' config option to allow squid log URLs to be
reduced in granularity by a user definable amount. Thanks to code
submitted by Stuart Gall.
* Added 'OmitPage' config option (and the '-O' command line switch)
to prevent specified URLs from being counted as pages even if they
otherwise would be. Thanks to code submitted by Adam Morton.
* Added 'IgnoreState' config option (and the -b command line switch)
to allow ignoring any existing incremental data file (similar to
the IgnoreHist/-i option).
* Changed logic to always generate summary report (index.html),
even if no records were processed.
* Added color support to allow changing graph colors. Based on the
Webalizer-usecolor code submitted by Benoit Rouits. Adds 11 new
config options, see the README file for complete descriptions.
* Added language 'lang=' specification in generated HTML files.
* Added 'LinkReferrer' config option to allow/disallow links in the
top referrers table.
* Added 'PagePrefix' config option to allow URL prefix matches to
be counted as pages, regardless of file extension or type. Thanks
to code submitted by Remco Van de Meent.
* Enabled large file support (LFS) to support logs greater than 2Gb
in size on systems that support LFS. Also increased the size of
most internal counters to handle larger sites.
* Minor changes to generated HTML output
* Updated language files country codes for current IANA TLDs
* Changed the meaning of the -v command line switch. It now
causes verbose information to be displayed at run-time
(Informational and Debug messages).
* Changed Group* config options to allow a quoted string for
the match string. This allows spaces to be embedded in the
string.
* Changed log record parsing logic to allow spaces in URLs.
* Made configuration keywords, boolean configuration values
(yes/no), and log file types case insensitive. Also fixed
defaults for invalid values to reflect documented defaults.
* Changed configure script to use --sysconfdir to specify the
location of the default webalizer.conf configuration file.
Also added support for DESTDIR during install to aid binary
package builds.
Changes:
* FIX) qCgiRequestParseQueries() - quoted boundary patch. (by Hidai
Kenichi)
* NEW) qStrUnchar() - remove character from head and tail of the
string.
* NEW) qDecoderVersion() - get the version string of qDecoder library.
* FIX) minor fixes related packaging.
* Add release date of each translation as comment in options.mk.
* Add some patch to use double quotation instead of singe quotation
which prevents parsing "\n" as newline.
* Update Russian and Serbian language translations which catch up to
TYPOlight 2.6.2.
* Add new Thai language translation.
General Public License (GPL). It's designed to be run on a large server
farm for a website that gets millions of hits per day. MediaWiki is an
extremely powerful, scalable software and a feature-rich wiki implementation,
that uses PHP to process and display data stored in its MySQL database.
