Drupal 6.15, 2009-12-16
----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of other bugs.
other pkgsrc changes:
* Add PKG_DESTDIR_SUPPORT spport.
* Use REPLACE_INTERPRETER.
* Change default.settings.php handling to fix PR pkg/42355.
Drupal 5.21, 2009-12-16
-----------------------
- Fixed a security issue (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of small bugs.
While here, switch NetBSD build from sunaudio to OSS emulation.
This greatly improves HTML5 video playback.
(Yes, we ought to fix the busted sunaudio support or PKG_OPTIONalize this.
Perhaps another day.)
Advisories relating to this release:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to
enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16)
2009-11-21 Release 5.834
Gisle Aas (4):
Check for sane default_headers argument [RT#50393]
Add $ua->local_address attribute [RT#40912]
Test that generation of boundary works [RT#49396]
Page does not display the "standard" apache listing any more
Ville Skyttä (2):
Remove unneeded executable permissions.
Switch compression/decompression to use the IO::Compress/IO::Uncompress and
Compress::Raw::Zlib family of modules.
Slaven Rezic (1):
lwp-request should use stderr for auth [RT#21620]
2009-11-23 Gisle Aas <gisle@ActiveState.com>
Release 1.51
Fixup a test that was broken on Windows
2009-11-21 Gisle Aas <gisle@ActiveState.com>
Release 1.50
The main news in this release is the initial attempt at providing
support to IRIs. URI objects now support the 'as_iri' and 'ihost'
methods.
Gisle Aas (28):
Added more tests for setting IPv6 addresses using the host method
Document how the host methods deal with IPv6 addresses
A "test case" to start IDNA prototype from
Escape IDNA hostnames
Introduce the as_unicode method
Make as_unicode undo punycode for server URLs
An IRI class might be helpful (RFC 3987)
Must punycode each part of the domain name separately
Include initial private Punycode module
Get URI::_punycode working
punycode of plain ascii should not edit with "-"
Some more tests from RFC 3492
Add private URI::_idna module based on encodings/idna.py
Start using URI::_idna for encoding of URIs
Avoid various use of undef warnings
Fix test affected by IDNA
Keep reference to IDNA::Punycode in the URI::_punycode docs
Ensure upgraded strings as input
Update manifest with the new idna/punycode files
Rename as_unicde to as_iri
draft-duerst-iri-bis-07: The proposed RFC 3987 update
Load Encode when its used
Rename host_unicode as ihost
Add basic iri test
Hack to make as_iri turn A-labels into U-labels
Make as_iri leave escapes not forming valid UTF-8 sequences
Merge branch 'iri'
Don't include RFCs in the cpan tarball
Michael G. Schwern (3):
Fix != overloading to match ==
Note that mailto does not contain a host() and this is not a bug.
Strip brackets off IPv6 hosts [RT#34309]
even when python is enabled, comment out python dependency.
New in version 0.3.0
====================
* WARNING!!! Slight API change!!! see docs
for px_proxy_factory_get_proxies()
* Credentials support (see API change above)
* A complete rewrite of the module manager
* file:// as valid PAC URLs
* Sample Mono application
* Automake 1.11 shaved output
* gnome backend rewrite (now w/o thread issues)
* Test suite base functionality exists
* Many solaris build fixes
* Seamonkey support as JS pacrunner
* Bugfixes
* Compiles for MS Windows using Mingw
Since 1.6-rc
------------
bugfix: Some widgets in the dashboard showed wrong icons when item spanned more than one line.
bugfix: Template subtasks don't keep linked objects.
bugfix: Query error when upgrading from 1.5.3.
bugfix: Missing lang for archived objects in objects' history.
bugfix: Don't allow trashing the owner company.
bugfix: Opengoo stops working if owner company was trashed.
bugfix: When discarding an email, two confirmation prompts pop up.
bugfix: When clicking on print report, on time module, the active workspace should be set as the workspace for the report.
bugfix: Linked "Weblink files" showed a "Download" shortcut instead of an "Open weblink" shortcut.
bigfix: Importing calendar ics file wasn't working.
bugfix: When editing a document, tags were lost.
bugfix: Send email buttons unaligned on some languages.
bugfix: Some contact websites were missing the "http://" in the contacts listing.
bugfix: Fixed detection of autodetect timezone config option.
bugfix: Repeating events a fixed number of times didn't show the last repetition.
bugfix: Changed how quoted text is hidden.
bugfix: Added a tabstop to HTML email composing.
bugfix: Sorting emails by subject sorted by date.
bugfix: Sometimes completed tasks were shown when filtering by "Pending" (completed_by_id was 0).
Since 1.6-beta3
---------------
feature: User config option to hide quoted text added.
feature: Added a cron event to clear tmp folder.
usability: Added an icon for archived objects on the object's view, like there is for trashed objects.
usability: When deleting a company warn about deleting users.
bugfix: Displaying a document in IIS showed "Connection reset error".
bugfix: Tags with accents don't filter correctly on IE.
bugfix: '24 hour' / 'AM-PM' user config option not respected in listings.
bugfix: Add user: billing category is mandatory, it shouldn't be mandatory.
bugfix: Error importing companies when no workspace is selected.
bugfix: If forwarding an email with attachments, saving a draft, and sending the email, an error pops up about not being able to attach.
bugfix: When importing contacts from a vCard file, all contacts with no email were considered as the same contact.
bugfix: Fixed several Errors and warnings logged in log.php.
bugfix: Objects of archived workspaces were not being filtered out.
bugfix: Archived documents and messages were not being filtered out of the Dashboard.
bugfix: Search results were printed in reverse modified date order.
bugfix: Contact birthdays were not being shown in the dashboard calendar.
bugfix: When viewing a custom report, date parameters in conditions were shown as today's date.
Since 1.6-beta2
---------------
usability: Added pagination to the Time module.
usability: Show 'Archived by' in object properties if an object is archived.
usability: Show read/unread status in Dahsboard/View as list.
usability: Warn a user when replying or forwarding an email and a new email arrives at the conversation.
usability: Add the magnifying glass to the email views.
usability: Removed 'Account already being checked' error message.
bugfix: An empty 'Custom properties' fieldset is shown in 'Update profile'.
bugfix: Fix autodetect timezone with DST and enable by default.
bugfix: Check mail doesn't refresh view if an error occurs in one account.
bugfix: Filtering email conversations by tag is not working correctly. It should show a conversation if any one email in it is tagged.
bugfix: If someone replies to an email but changes the subject the email should be put into a new conversation.
bugfix: If you delete the newest email in a conversation, the conversation is no longer listed (when email is shown as conversation).
bugfix: Notifications are not sent when subscribing from 'Modify subscribers'.
bugfix: Put default repetition value for repeating events and tasks.
bugfix: Remove illegal UTF-8 characters before saving an email.
bugfix: Save custom fields when saving an email draft.
bugfix: Sort emails by received date instead of sent date in email listing and in conversation listing (in email view).
bugfix: Value for 'mail_drag_prompt' user config option is not loaded correctly.
bugfix: Wrap HTML emails in a div with CKEditor style.
bugfix: Delete conversation after deleting last email in conversation.
bugfix: An email's quoted reply is deleted when changing 'From' account.
bugfix: Replying to an email, saving as draft, loading the draft and sending the email doesn't add the reply to the conversation.
bugfix: Unauthenticated content warnings over SSL in FF 3.5.
bugfix: User-type custom reports fail to execute.
bugfix: When a file is downloaded it should be marked as read.
bugfix: Wrong initial email filters for new installations.
Since 1.6-beta
--------------
feature: Added an experimental new search mechanism. It can be much slower but finds more results.
usability: Added description to system permissions
usability: CKEditor is shown in user's language
usability: Linked objects section in an object's view has no title telling what it is
bugfix: Check write permissions for file installed_version.php when upgrading
bugfix: CKEditor images should point to the actual image in OpenGoo
bugfix: Contact import from csv does not import contacts if user does not have 'can manage contacts' permission but has write permissions on the workspace.
bugfix: Custom reports can only be printed once in Chrome.
bugfix: Edit comment textbox is too small.
bugfix: Email links are opened on the email's body when showing quoted text.
bugfix: Error 500 when adding a file web link.
bugfix: Forgot password token is always the same.
bugfix: If I click on 'Print' when on 'Time' tab it should print by default 'General Timeslots' or 'All timeslots', not 'Task timeslots'.
bugfix: If you delete a signature with images from the email's body, the images are sent anyway.
bugfix: MySQL Error Message when adding a user and no data has been entered.
bugfix: Removed private milestone options.
bugfix: Search ignores tags on newly uploaded files.
bugfix: Show all linked objects pagination is not working correctly.
bugfix: Show that an email has attachment on search results.
bugfix: Changed all PHP 5.3 deprecated functions for non-depracated alternatives.
bugfix: When printing reports: substitute true/false with yes/no.
bugfix: When user does not have write contact permissions over a workspace, import from csv does not display errors.
bugfix: HTML editor's height is not adjusted correctly when changing format in a new email.
bugfix: Error when creating new user.
bugfix: Error when adding a task.
- Regression Fix: myip ACL not accepted in config
- Bug 2795: acl arp lookups including port
- Bug 2794: ESI parsing fails on FreeBSD
- Bug 2778: fix linking issues using SunCC
- Bug 2724: eCAP build failure unless ICAP enabled
- Bug 2628: Correct default PID location to PREFIX/var/run/squid.pid
- Bug 2617: Performance degradation during processing list of dstdomain ACL's
- Bug 2374: Support ICY / ICEcast / SHOUTcast streaming protocol.
- Fix: 64-bit filesize issue in squidclient POST of large files
- Fix: send correct Connection: header on intercepted replies
- Support libtool 2.x
- ESI libraries libexpat and libxml2 now optional
- ESI support default enabled
- Bump libcap minimum requirement to libcap 2.09+
- ARP / MAC support fixes for IPv6-mode
- Add outstanding IPv6 settings to squid.conf (localnet, localhost)
- ... and many additions to the background testing structure
- ... and very many minor build and code cleanups for non-GCC compilers.
KDE SC 4.3.4 has a number of improvements:
* A bugfix in Plasma's pixmap cache makes the workspace more responsive
* Okular, the document viewer improved stability in certain situations
* Marble, the desktop globe has seen some polish
* Passphrases with non-ASCII characters have been fixed in the KGpg
encryption tool
* meta: Generate meta description tags even when the html scrubber is enabled.
* meta: Allow use of DESCRIPTION in templates to get at the meta
description value. (Thanks, NicolasLimare)
* inline: Use caching of inlined pages to speed up builds of inlines
that include feeds. Speedup of about 25% for small inlines; could
be much larger for inlines of many, or complex pages.
* Added (incomplete) Turkish po file. Closes: #556744 Thanks, Recai Oktas
* date: New plugin that allows inserting date directives that expand
to pretty-printed dates, using the same formatting as used for page
modification date display, etc.
* htmllink: Allow a title attribute to be specified.
* calendar: Add title attributes for all links in the calendars.
* calendar: Fix month wraparound error that broke in December.
pkgsrc changes:
* In the automated setup, recognize CVS as a VCS (found by agc@).
* In MESSAGE, link to <URL:http://ikiwiki.info/setup/> (ditto).
Deprecations:
* WWW::Mechanize::List is gone!
* Use Nokogiri as the default HTML parser (you may switch to Hpricot by using WWW::Mechanize.html_parser =
Hpricot)
See full list of changes since 0.7.5:
http://mechanize.rubyforge.org/mechanize/CHANGELOG_rdoc.html
Changes since 1.0.0:
* Bump remainder of rack.versions.
* Support the pure Ruby FCGI implementation.
* Fix for form names containing "=": split first then unescape components
* Fixes the handling of the filename parameter with semicolons in names.
* Add anchor to nested params parsing regexp to prevent stack overflows
* Use more compatible gzip write api instead of "<<".
* Make sure that Reloader doesn't break when executed via ruby -e
* Make sure WEBrick respects the :Host option
* Many Ruby 1.9 fixes.
