* the IDN code now verifies that only TLD-legitmate letters are used in the
name or a warning is displayed (when verbose is enabled)
* provides error texts for IDN errors
* file upload parts in formposts now get their directory names cut off
* added CURLINFO_OS_ERRNO
* added CURLOPT_FTPSSLAUTH to allow ftp connects to attempt "AUTH TLS" instead
before "AUTH SSL"
* curl_getdate() completely rewritten: may affect rare curl -z use cases
* bugfixes
site.
Notable changes since 1.40:
* language/encoding fixes
* cache overhaul and directory listing optimization, the existing cache
files should be deleted
* wsvn.php changed, configuration changes need to be re-done
* added blame support
* support for comparing entire directories, and directory tarball download
* various config options now per-project
* new 'Zinn' style
* new Swedish, Japanese, Korean, Russian, Chinese, Spanish translations
See changes.txt in the source distribution for complete & detailed list
of changes.
g/c no longer needed Makefile.module
add support for building extensions off PECL; version for PECL packages
is built as ${PHP_BASE_VERS}.${PECL_VERSION}, i.e. PECL pkg version 1.0
would become php-pkg-4.3.9.1.0 or php-pkg-5.0.2.1.0 respectively
This module takes advantage of the new flexibility in Mason 1.09_01
and newer to integrate an Apache::Session session directly into
Mason's Request object.
Apache::AuthCookieDBI is a module that subclasses Apache::AuthCookie and is
designed to be directly used for authentication in a mod_perl server.
It is a ticket-issuing system that looks up username/passwords in a DBI
database using generic SQL and issues MD5-checksummed tickets valid for
a configurable time period. Incoming requests with tickets are
checksummed and expire-time checked.
Apache::AuthCookie allows you to intercept a user's first unauthenticated
access to a protected document. The user will be presented with a custom
form where they can enter authentication credentials. The credentials are
posted to the server where AuthCookie verifies them and returns a session
key.
Visitors is a very fast web log analyzer for Linux, Windows, and
other Unix-like operating systems. It takes as input a web server
log file, and outputs statistics in form of different reports.
The design principles are very different compared to other software
of the same type:
* No installation required, can process up to 150,000 lines of
log entries per second in fast computers (20MB/s with my log
files average length).
* Designed to be executed by the command line, output html and
text reports. The text report can be used in pipe to less to
check web stats from ssh.
* Support for real time statistics with the Visitors Stream Mode
introduced with version 0.3.
* To specify the log format is not needed at all. Works out of
box with apache and most other web servers with a standard log
format (see the documentation for more information on the format).
* It's a portable C program, can be compiled on many different
systems.
* The produced html report doesn't contain images or external
CSS, is self-contained, you can send it by email to users.
* Visitors is free software (and of course, freeware), under
the terms of the GPL license. You don't need to pay to use it.
The distribution file actually has 1.6 as the release number,
but it *is* an upgrade over 1.54. Obviously someone needs a
lesson in dewey-decimal ordering.
Work around this by cheesily adding a `0' to the PKGNAME setting.
The current developer version number is 1.70_01, so there is some
hope that this will not repeat.
Changes:
* Changed the handling of updated items. Previously the
read status of updated items was set to unread. This
was very inconvenient because of a lot of buggy feeds
with non-unique item ids which caused continuously
unread but unchanged items. Now an update flag is set
and the item is shown in bold dark gray color in the
item list. An updated item does not count in the
unread counter anymore.
I hope this improves usability with broken feeds.
(Lars Lindner)
* Finally made the condensed mode a permanent feed state.
Just select it once and the feed you like to read in
this mode will stay this way until you switch it off.
(Lars Lindner)
* Improvement to the itemlist viewing mode switching.
Now the HTML rendering widget isn't destroyed each
time the mode is switched but reused.
(Lars Lindner)
* IPv6 Support. (Christoph Hohmann)
* Support for broken web-servers and proxies that use
chunked encoding. (Alex Myltsev)
* A feed update now does not reset the item list focus
or selection anymore. (Lars Lindner)
* Applied HIG rule for "..." in menu labels.
(Lars Lindner)
* Changed "New Subscription" menu icon to "+" sign
like it is in the toolbar. (Bram Senders)
* Added a Technorati link like Sage has. (Lars Lindner)
* The feed description of a subscription with a command
as source does not show the command string anymore.
This is to avoid showing sensitive information.
(Lars Lindner)
* Liferea now has a global feed update interval setting.
This setting defines the update behaviour of a feed
for which neither you or the feed provider did define
a feed specific update interval. There is also a new
option in the feed properties to disable automatic
updates of the feed. (Lars Lindner)
* Added a button in the preferences to force an update
of all feed favicons. (Amit D. Chaudhary)
* Liferea now prevents the update of vfolders when you
request the update of all feeds. This bug changed the
vfolder state to unavailable. (Lars Lindner)
* Fix for a HTML layout problem where big images could
misalign the item footer and following items.
(Gee Law)
* Finally corrected the inverted sorting order of
the date column. But this means that you have to
reset the sort order of all your feeds once. Sorry
about that! (Lars Lindner)
* The handling of the default update interval information
of feeds was broken so the properties dialog never
showed the value. This is fixed now. (Lars Lindner)
* Fixed a bug on with non-blocking sockets and Solaris8.
(pkeusem)
The main security vulnerabilities addressed in 1.3.33 are:
* CAN-2004-0940 (cve.mitre.org)
Fix potential buffer overflow with escaped characters in SSI tag string.
* CAN-2004-0492 (cve.mitre.org)
Reject responses from a remote server if sent an invalid
(negative) Content-Length.
New features
* Win32: Improve error reporting after a failed attempt to
spawn a piped log process or rewrite map process.
* Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It
controls how UseCanonicalName Off determines the port value if
the client doesn't provide one in the Host header. If defined
during compilation, UseCanonicalName Off will use the physical
port number to generate the canonical name. If not defined, it
tries the current Port value followed by the default port for
the current scheme.
The following bugs were found in Apache 1.3.31 (or earlier) and
have been fixed in Apache 1.3.33:
* mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
* mod_rewrite: Fix 0 bytes write into random memory position. PR 31036.
* mod_digest: Fix nonce string calculation since 1.3.31 which
would force re-authentication for every connection if
AuthDigestRealmSeed was not configured. PR 30920.
* Fix trivial bug in mod_log_forensic that caused the child to
seg fault when certain invalid requests were fired at it with
forensic logging is enabled. PR 29313.
* No longer breaks mod_dav, frontpage and others. Repair a
patch in 1.3.31 which prevented discarding the request body
for requests that will be keptalive but are not currently
keptalive. PR 29237.
so that we'd not force dependance on specific MySQL version, and instead pick
the currently installed mysql*-client (or install the default if there
is no mysql-client package installed yet)
this makes package buildable with arbitrary MySQL version, such as 3.23.x,
4.0.x or 4.1.x
Collection.
FastCGI provides a high-performance alternative to CGI for writing Web
server applications in a variety of languages, including Perl, C, C++,
Java, and Python. FastCGI gets its speed by having keeping application
processes running between requests. So, unlike CGI, you do not have the
overhead of starting up a new process and doing application initialization
(e.g. connecting to a database) each time somebody requests a document.
This package works with Apache version 2 series. In order to use FastCGI
with the version 1.3 series, use www/ap-fastcgi instead.
rest through a Makefile.common entity. It will help with incoming
ap2-fastcgi addition.
Changes: lots of!
2.4.2
*) [WIN] Fix handle leaks in the process manager.
Sascha Schumann [sascha@schumann.cx]
*) [WIN] Use a permanent pool for allocating the SystemRoot
environment variable. Sakamoto [ringring@zb4.so-net.ne.jp]
*) [WIN] Fix starting of scripts under AP2.
*) Do the connect() to the application *after* collecting a chunk
of client data. This reinstates the pre-2.4.0 behaviour.
James Jurach [muaddib@erf.net].
*) Remove an assert that was triggering on WIN when spawn() failed.
*) Provide the NO_SUEXEC_FOR_AP_USER_N_GROUP macro for building
mod_fastcgi with the AP13 suexec behaviour (don't use suexec
if httpd's user and group match that needed for the application).
*) Prevent the use of all but the "auth" directives from being used
anywhere but in global scope. Prevent more than one instance
of the FastCgiWrapper directive.
*) Return NOT_FOUND (404) or FORBIDDEN (403) instead of
INTERNAL_SERVER_ERROR (500) when there are configuration issues
or the script does't exist. Suggested by Jeff Lawson [bovine@ud.com].
2.4.0
*) [*nix Security] - When FastCgiWrapper (FastCgiSuexec) was in use
and a vhost configured to use the same uid/gid as the main
server, mod_fastcgi would not bother using the wrapper (suexec)
because its effective uid/gid was already appropriate. This is
consistent with Apache's v1.3 mod_cgi behaviour. There are two
problems with this approach: 1) when FastCgWrapper is in use
mod_fastcgi's process manager keeps its root privileges (as its
real uid/gid) so it can terminate the applications its starts -
this privilege was being passed to applications when the use of
the wrapper was bypassed 2) wrappers are often employed to
perform functionality beyond setting the uid/gid - by not calling
the wrapper under certain circumstances, application invocation
environments were inconsistent. With this change, the wrapper is
always used (when enabled) under both Apache 1.3 and 2.
Reported by Michael Richards [michael@fastmail.ca].
*) [*nix/AP2] Use the vhost uid/gid instead of the server uid/gid
for dynamic application invocation when the FastCgiWrapper is in use.
Reported by Michael Richards [michael@fastmail.ca]
*) [*nix] Fix handling of FastCgiWrapper when passed a real path,
i.e. other than "on" or "off". Michael Richards [michael@fastmail.ca]
*) Eliminate the logging of "incomplete headers (0 bytes) received from
server" when a client aborts.
*) [WIN32] Fix a delay in handling large POSTs to named pipe based
servers. Philip Gladstone [philip@okena.com]
*) [*nix/AP2] Prevent the module from being initalized twice at startup
(resulting in confusing error messages to the log).
*) Eliminate the need for SetHandler or AddHandler with static or
external applications.
*) Limit PM requests to start a dynamic application
to 5sec to prevent endless spinning (this is a drop-dead
limit that should only occur if the socket/named_pipe directory
is removed out from under a running server).
*) [*nix] Change the default socket directory from /tmp/fcgi to:
Apache - logs/fastcgi
Apache2 - RUNTIMEDIR/fastcgi
*) Add -user & -group args to FastCgiServer and FastCgiExternalServer
for use with wrappers (in lieu of finding the user/group associated
with a virtual host - under Apache2 this isn't accomodated).
*) [WIN32] Under Apache2, require v2.0.41 or later in order to pickup my
apr_proc_create() changes.
*) Log when invoking and restoring the restart backoff policy.
*) [WIN32] Prevent intermittent ReadFile() failures (properly initialize the
OVERLAPPED structure).
*) Eliminate need for dummy files for external servers under Apache2
*) Fix auth compatibility mode handling for access checker and authorizer
*) Fix HEAD request handling. Based on a patch by
Chris Lightfoot [chris@ex-parrot.com]
*) [*nix] When autoupdate is enabled touch the socket when restarting
the processes to prevent further requests.
Eckebrecht von Pappenheim [evp@heise.de]
*) Apache 2.0 support.
*) [WIN32] Don't read from a potentially closed named pipe.
Philip Gladstone [philip@okena.com]
*) Require the Apache version 1.3.6 or later to eliminate some signal
handling funk.
*) [WIN32] Use asyncronous io with named pipes instead of polled
nonblocking io. This should eliminate the last of the npipe issues.
*) Handle an application returning a complete and valid response without
having consumed all of the data sent to it.
*) Consume remaining client data (RESPONDERs only) if any.
*) Add support for backing off attempts to start applications that continuously
fail to start. Three new macros defined in mod_fastcgi.h control this
behaviour: MAX_FAILED_STARTS, RUNTIME_SUCCESS_INTERVAL, FAILED_STARTS_DELAY
*) [WIN32] Add (back) support for use of TerminateProcess() to accomodate
applications that do not (properly) support the shutdown event (this
feature was introduced in fcgi2 2.2.2 and improved in 2.2.4). The
new macro WIN32_SHUTDOWN_GRACEFUL_WAIT in mod_fastcgi.h conrols the
interval between signaling a proper shutdown and wacking the process(s)
with a TerminateProcess().
*) [WIN32] Don't set the OVERLAPPED_IO flag on NamedPipe listen HANDLEs -
setting it was just plain broken.
*) [WIN32] Fix the accept mutex - all applications were sharing one!?
*) Fix 'FastCgiConfig -autoUpdate'.
*) Fix 'FastCgiConfig -flush'.
*) Prevent silly maxProcesses and processSlack combinations.
Dmitry Dorofeev [dima@yasp.com]
*) Properly handle the killing of idle processes when one takes a long time
to exit once signaled down (or the config is funky).
Dmitry Dorofeev [dima@yasp.com]
2.2.12
*) Delay the logging of write errors to the pm to account for shutdown/restart.
*) (Win32) An assortment of fixes.
*) Fix some broken casts that were likely the cause of an assert.
*) Win32. Eliminate forward slashes from the named pipe path name.
Gerald Richter [richter@ecos.de]
*) SIGUSR2 is no longer blocked in the process manager and the fastcgi
applications it spawns. [ryans@amazon.com]
*) Added support for the -flush argument to FastCgiConfig.
Eric Sit [esit@alum.mit.edu]
*) Change the "which call to module_init() is this" check to a more
reliable approach. Doru Petrescu [pdoru@kappa.ro]
*) Close the old pipe file descriptor in apache main on USR1/HUP
(elimnates a small leak). James E. Jurach Jr. jjurach@fundsxpress.com
*) Fix a bug in fcgi_config_set_authoritative_slot(). Tetsuya Furukawa
[tetsuya@secom-sis.co.jp]
*) Eliminate the use of locks to assist in the clean shutdown of
applications. Instead, it is assumed that applications handle
termination signals properly (this is now embedded in the C
application lib).
*) Fix Win32 process termination. Proper operation requires the use of
an updated application lib (termination is now signalled with an
Event and handled by specialized thread).
*) Docs cleanup. Andrew Benham [adsb@bigfoot.com]
*) Added code so if the last instance of a dynamic application died without
provocation, then don't restart it if singleThreshold > 0 (i.e. if the
configuration allows the last instance to be killed, then allow it to die).
Andrew Benham [adsb@bigfoot.com]
*) Fix the loadFactor calculation used to determine when dyanmic
applications could be killed off due to low demand [adsb@bigfoot.com].
*) Fix a deadlock condition that could occur with Win32 named
pipes (dynamic).
*) Fix a potential deadlock condition when FastCGI application
sent responses while still reading the client request (POST data).
#------------------------------------------------------------------------
# Version 2.14 - 4th October 2004
#------------------------------------------------------------------------
* Applied patch from Harald Joerg to prevent ttree from spewing warnings
when copying files.
* Applied a patch from Paul Orrock to fix a couple of missing errors in
ttree.
* Commented out line 797 of Template::Directive.pm which serves no
purpose and generates a warning.
* Applied a patch from Mark Fowler to add support for Unicode to TT.
* Changed the fourth argument to process() to accept named IO layers for
binmode, e.g. process($in, $vars, $out, binmode => ':utf8');
* Added full range of command line options to tpage.
* Applied patches from Tosh Cooey, Simon Wilcox and Kenny Gatdula to fix
XML::Simple to allow direct access to XMLin() and XMLout() methods.
* Fixed a bug in the 'callers' list maintained by a template component
which was failing to remove callers from the list after processing.
* Applied a doc patch from Dave Cash documenting caller and callers.
#------------------------------------------------------------------------
# Version 2.13 - 30th January 2004
#------------------------------------------------------------------------
* Applied patch from Dave Cash to add 'caller' and 'callers' to
'component', see
* Applied patch from Dylan William Hardison to ttree which prevents
dependencies from interfering with files that are copied. See
#------------------------------------------------------------------------
# Version 2.12a - 13th January 2004 ## DEVELOPER RELEASE ##
#------------------------------------------------------------------------
* Fixed the bug in test 25 of t/date.t, hopefully for good this time,
thanks to the efforts of Steve Peters.
* Added the FILE_INFO option to Template::Parser. Enabled by default,
this can be set to 0 to prevent the parser from adding file and line
info to the generated Perl file. Don't ask me why - Autrijus wanted
it (which probably means he's up to something twisted again :-).
#------------------------------------------------------------------------
# Version 2.12 - 12th January 2004
#------------------------------------------------------------------------
* Added the module_version() method to Template::Base to report the
version number of a module. Added some tests to t/base.t.
* Added the --template_module option to ttree, to allow the user to
specify a template processing module other than the default 'Template'
to be used. Also changed various print statements to send all
verbose output to stdout, whereas previously it was split across stdout
and stderr.
#------------------------------------------------------------------------
# Version 2.11b - 7th January 2004 ## DEVELOPER RELEASE ##
#------------------------------------------------------------------------
* Applied patch from Myk Melez to ensure the 'component' variable
remains correctly set to the current templates.
#------------------------------------------------------------------------
# Version 2.11a - 6th January 2004 ## DEVELOPER RELEASE ##
#------------------------------------------------------------------------
* Fixed bug in t/date.t and corrected version number of
Template::Grammar.
#------------------------------------------------------------------------
# Version 2.11 - 6th January 2004
#------------------------------------------------------------------------
* Bumped version number and updated documentation for release.
#------------------------------------------------------------------------
# Version 2.10b - 2nd December 2003 ## DEVELOPER RELEASE ##
#------------------------------------------------------------------------
* Changed the Template::Document process() method to pass itself
to the context visit() method when it calls it. Similarly, changed
the context visit() method to expect it. This is useful when
subclassing the context but shouldn't have any other effect.
* Modified parser to add the file name and line number of the source
template to generated Perl code. This provides useful information
when warnings and errors are generated by Perl at runtime. Added
the t/fileline.t script to test it.
#------------------------------------------------------------------------
# Version 2.10a - 9th October 2003 ## DEVELOPER RELEASE ##
#------------------------------------------------------------------------
* Applied two patches from Axel Gerstmair to fix bugs in Makefile.PL
and t/date.t.
* Applied patch from Jim Cromie to t/autoform.t to skip tests on all
versions of Perl from 5.8.0 onwards.
* Changed $OUTPUT in Template::Directive to be a package variable,
allowing it to be re-defined to permit a flushed output hack.
* Applied a patch from Darren to the 'item' hash vmethod to protect
against accessing private variables (prefixed '.' or '_')
* Applied a patch from Ivan Adzhubey to template/splash/frame.
* Applied a patch from Bryce Harrington to add the absolute and
relative options to ttree. Also applied a patch from Mark Anderson
to add the 'template_debug'. Removed the old debug option which was
as good as useless.
* Applied another patch from Mark to push files named on the command
line through the process_file() sub to ensure that various options
like accept checking, pemission preserving and copy processing (but
not modification time) are applied.
* Applied a variation of yet another ttree patch from Mark to add the
'suffix' option for changing the suffix of output files created.
* Applied a variation of a patch from Dylan William Hardison which
adds the 'depend' and 'depend_file' options to ttree.
More specifically, this lets Mozilla NSS be used by other programs.
Also make the pkgconfig substitutions happen at post-build time, so that
the right rpaths are added to the mozilla-nspr.pc file (which is filled
in during the build).
Bump PKGREVISION to 1 for both packages. Ok'ed by taya@, the maintainer.
Changes since 0.5.3:
* Finally added a menu option to remove a single item.
Sorry that it took so long! (Lars Lindner)
* Item modification times are now correctly converted to the local
timezone. (Nathan Conrad)
* The help feeds are now (almost) normal subscriptions
and can be removed and modified. The only remaining
difference is that the version in the URL is updated
automatically and that old items are dropped. This
also removes the special icon of the help folder.
(Lars Lindner)
* Removed the ugly unavailable icon. Now the GNOME stock
icon for the error dialog is used. (Lars Lindner)
* Added a default feed list that is installed upon the
first program start. Added a Spanish localized version
by Topopardo. (Lars Lindner)
* Added support for reading subscriptions URLs from
a named pipe (~/.liferea/new_subscription) to allow
external programs to add feeds. (Lars Lindner)
* Itemlist sorting order is now saved on a per-feed basis.
(Nathan Conrad)
* Experimental vfolder implementation. When you do a search
you now can save the search result as a vfolder. There
is still a lot to do but just play around and write us
your opinion! (Lars Lindner)
* Fixed a bug that caused a crash when right clicking the
feed list in filtered mode. (Lars Lindner)
* Fixed a problem with the session managment registering
which prevented the usage of the Mozilla browser module.
(Nathan Conrad)
* Iconification state is saved between sessions. (Nathan Conrad)
* URLs are now stripped of leading and trailing
whitespace. (Nathan Conrad)
* Update of the Italian translation (Dario Conigliaro)
* Fixed a big memory leak. (Lars Lindner)
* Some fixes in the RPM spec file (Noa Resare)
* Update of the Czech translation (Juraj Kubelka)
* Updated RPM spec file. (Daniel Resare)
* Update of the French translation (Vincent Lefevre)
* Fixed HTTP authentication problem with case sensitivy
in the HTTP headers. (Nathan Conrad)
* Fixed gaim strings in the configure output reported by
Russell Kaiser. (Nathan Conrad)
* Corrected dependency for libxml2 from 2.0 to 2.4.1 for the
configure script and allow older versions of gconf. (Nathan
Conrad)
* Removed accidental usage of libxml2 2.6 usage. Liferea should
now work with libxml2 2.4.1 or newer. (Nathan Conrad)
* Fixed a mistake in the German translation. (Lars Lindner)
* Fixed a bug that prevented RSS content:encoded tags
to be parsed. (Lars Lindner)
- mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
[michael teitler <michael.teitler cetelem.fr>,
Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>]
- mod_rewrite: Fix 0 bytes write into random memory position.
PR 31036. [André Malo]
- mod_digest: Fix nonce string calculation since 1.3.31 which
would force re-authentication for every connection if
AuthDigestRealmSeed was not configured. PR 30920. [Joe Orton]
- Trigger an error when a LoadModule directive attempts to
load a module which is built-in. This is a common error when
switching from a DSO build to a static build.
[Jeff Trawick, Geoffrey Young]
- Fix trivial bug in mod_log_forensic that caused the child
to seg fault when certain invalid requests were fired at it with
forensic logging is enabled. PR 29313.
[Will Slater <Will Slater orbisuk.com>]
- Fix memory leak in the cache handling of mod_rewrite. PR 27862.
[chunyan sheng <shengperson yahoo.com>, André Malo]
- mod_rewrite no longer confuses the RewriteMap caches if
different maps defined in different virtual hosts use the
same map name. PR 26462. [André Malo]
- mod_setenvif: Remove "support" for Remote_User variable which
never worked at all. PR 25725. [André Malo]
- mod_usertrack: Escape the cookie name before pasting into the
regexp. [André Malo]
- Win32: Improve error reporting after a failed attempt to spawn a
piped log process or rewrite map process. [Jeff Trawick]
- SECURITY: CAN-2004-0492 (cve.mitre.org)
Reject responses from a remote server if sent an invalid (negative)
Content-Length. [Mark Cox]
- Fix a bunch of cases where the return code of the regex compiler
was not checked properly. This affects mod_usertrack and
core. PR 28218. [André Malo]
- No longer breaks mod_dav, frontpage and others. Repair a patch
in 1.3.31 which prevented discarding the request body for requests
that will be keptalive but are not currently keptalive. PR 29237.
[Jim Jagielski, Rasmus Lerdorf]
- COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT.
It controls how UseCanonicalName Off determines the port value if
the client doesn't provide one in the Host header. If defined during
compilation, UseCanonicalName Off will use the physical port number to
generate the canonical name. If not defined, it tries the current Port
value followed by the default port for the current scheme.
[Jim Jagielski]
* Fixes:
- Check for curl-7.11.1 or greater to avoid a hang during login (Todd).
- Patch a leak and icon-sizing problem in the recent files menu (Todd).
* Improvements:
- Update build system to automake-1.7 (Todd).
- Sort USE_* section alphabetically.
- Add explicit run dependency on glib2 (because of gmodule).
- Sort other dependencies alphabetically.
- Register liferea.schemas into the GConf2 database (and add them to the
PLIST!).
- With OpenSSL 0.9.7, prevent session resumption during a
renegotiation to force the client to negotiate a new (and
acceptable to mod_ssl) cipher suite. Additionally, ensure
that a correct cipher suite has been negotiated afterwards
(CAN-2004-0885).
- Fixed more printf(3) style format string bugs (not security
related) which could crash the server if mod_ssl's trace
or debug log level is enabled.
cp -r copies symlinks as symlinks (which caused
files to be missing in install).
Hopefully, this is portable. I tested under NetBSD and with coreutils.
And I brought this up on tech-pkg in July.
* fixed crash occuring in autosave after paste
* expose api version in pkgconfig file
* more line breaking touches
* fixed embedded widgets not shown problem
Unfortunately, guile{,14}/buildlink3.mk directly includes it, and I don't
know which dependencies actually need libltdl, so it was a recursive bump.
Hopefully this recursive inclusion can be ripped out of
guile{,14}/buildlink3.mk at some point and bubble down to dependencies that
actually use libltdl, avoiding this headache in the future....
Bug fixes
* Add a list of printers to the print dialog. Fix printing
in several recent ditributions. (Marco)
* Remove duplicate AC_PROG_INTLTOOL (Christian) [#155028]
* Fix a crash when rebuilding bookmarks menu (Christian) [#154805]
This includes security problem with SNMP support which enabled by default.
<http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities>
* pkgsrc changes:
- Don't use PKGNAME within DIST_SUBDIR. Instead, date based DIST_STAMP.
This change prevent extra DIST_SUBDIR change asked by kim@.
- Remove setproctitle(3) hack for dnsserver helper program since use of
dnsserver itself is problematic with huge size of squid process.
* Changes to squid-2.5.STABLE7 (11 Oct 2004)
- [Medium] No objects cached in ufs cache_dir type in some
configurations. Issue introduced in 2.5.STABLE6 by the patch for
Bug #676. (Bug #1011)
- [Minor] LDAP helpers update to correct LDAP connection management
and add support for literal password compare instead of binding
- [Minor] A large number of queued DNS lookups for the same domain
(Bug #852)
- [Cosmetic] request_header_max_size configuration partly ignored
(Bug #899)
- [Minor] Partial hit results in TCP_HIT, not TCP_MISS. (Bug #1001)
- Bug #1012: [Cosmetic] HEAD requests may return stale information
(Bug #1012)
- [Cosmetic] Warn if cache_dir ufs can not create files. (Bug #918)
- [Minor] case insensitive authentication (Bug #431)
- [Cosmetic] Add delay pools information to active_requests. (Bug
#882)
- [Minor] Apparent memory leak in client_db (Bug #833)
- [Minor] NTLM authentication truncated causing failures. (Bug
#1016)
- [Cosmetic] Grammatical corrections in squid.conf.default
- [Cosmetic] Unknown %X errorpage codes incorrectly quoted. (Bug
#1030)
- [Medium] Segfaults and other strange crashes when using heap
policies. (Bug #1009)
- [Minor] Supplementary group memberships not set (Bug #1021)
- [Cosmetic] ERR_TOO_BIG Portugese translation
- [Minor] external_acl does not handle newlines (Bug #1038)
- [Major] NTLM authentication denial of service when using msnt_auth
or fake_auth (Bug #1045)
- [Medium] Memory leaks when using NTLM authentication without
challenge reuse. (Bug #994)
- [Minor] Temporary NTLM memory leak with challenge reuse enabled
(Bug #910)
- [Minor] assertion failed: "n_ufs_dirs <=
Config.cacheSwap.n_configured". (Bug #1053)
- [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031)
- [Minor] acl time fails to parse multiple time specifications
(Bug #1060)
- [Minor] cachemgr config dumps mixed up Range and Request-Range
headers in http_header_access & replace directives. (Bug #1056)
- [Minor] Content-Disposition added as a well known header (Bug #961)
- [Cosmetic] Don't warn about arp acls not being supported on FreeBSD
(Bug #1074)
- [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075)
- [Medium] New acl types to match arbitrary HTTP headers. In addition
the http_header_access & replace directivess now support arbitrary
headers and not only the well known ones. (Bug #961)
- [Cosmetic] ncsa_auth now accepts Window formatted password files
(Bug #1078)
- [Cosmetic] Support the --program-prefix/suffix options or other
configure program name transforms (Bug #1019)
- [Minor] Fix race condition in CONNECT and also handle aborts of
CONNECT requests in a more graceful manner. (Bug #859)
- [Minor] New balance_on_multiple_ip directive to work around certain
broken load balancers and optimized ipcache on reload requests
(Bug #1058)
- [Medium] New reply_header_max_size directive (Bug #874)
- [Minor] Suspected instability on aborted PUT/POST requests (Bug #1089)
- [Security] SNMP Denial of Service fix (CAN-2004-0918)
Changes:
* Quanta Plus
o VPL: enable VPL on KDE 3.3.x
o show (again) the full filename in a tooltip
o don't crash if the preview widget is closed with a JavaScript command
from the code itself
o possible crash on startup fixed
o don't try to autofill a closing tag for non-xml tags
o when opening a Quanta 3.2 project set the upload status of the files
to "When Modified" not to "Never"
o when adding files to a project, use the upload status of the parent
directory for the newly added file
o fix the Save As.. behavior (it defaulted to some strange directories,
depending on the active treeview, selected directory, etc.)
o update the modified status text/icon when using Save All
o always find the right action to edit, even if there are more actions
with the same user visible name
o don't change the template description if writing to the .dirinfo file
fails (usually for global templates)
o fix creation of new template directories (template type was stored
incorrectly)
o display the user-readable template type in every dialog
o fix the Konqueror launch in meinproc.kmdr
o fix open dialog in checkxml.kmdr: use the the folder selection dialog
to select folders
o improvement: don't show the project toolbar when no project is loaded
o improvement: support loading of more than one toolbar at a time
o improvement: don't ask for toolbar saving if the toolbar names was
modified by Quanta to add (1), (2), etc. at the end
o improvement: disable the Quanta Template page in properties if you
don't have writing rights to the directory
o improvement: show the user-readable template description for every
template file, not just the directories.
o improvement: don't allow to change the template type in the properties
of a file as it's valid per-directory.
* Kommander
o output from ExecButton wasn't sent to standard output
* KLinkStatus
o enable the hide toolbar menu item in the toolbar context menu (and
don't crash with KDE 3.3.0 when you right click on the toolbar)
under ${PREFIX} instead of being an absolute path.
So fix the references using RCD_SCRIPTS_EXAMPLEDIR to be
${PREFIX}/${RCD_SCRIPTS_EXAMPLEDIR}.
This should have no changes to use before.
Please note that the MESSAGE files in most cases are wrong in the
first place. We have automated mechanisms and could have an automated
message for explaining rc.d script usage. (This is something to do!)
Also, work around a horrible interaction with the gzip in NetBSD
2.0 (at least RC4). If gzip is used in a pipeline the tarfile
fails to extract (PR bin/27228)
Changes since 5.0.27:
General
fix 30239: Updated IIS how-to to link to Wiki page with
instrutions for IIS 5 and IIS 6 configurations. (yoavs)
fix 30238: Replaced isapi_redirector.dll isapi_redirect.dll
in installation script for consistency. (yoavs)
fix 29584: Enhanced and clarified JNDI documentation.
(yoavs)
fix 30245: Corrected Connector documentation to list
"address" as a common attribute. (yoavs)
fix 29826: Modified setclasspath.bat exit code to 1.
(yoavs)
update Updated status page, mostly rewritten. (yoavs)
update Updated Jakarta-Commons dependencies: BeanUtils to 1.7.0,
Collections to 3.1. (yoavs)
update Removed classic compiler directives from Ant build, as we
use modern anyways. (yoavs)
update Modified RELEASE-PLAN-5.0.html to indicate status given
start of work on Tomcat 5.next. (yoavs)
update Added command lines utilities version.sh, version.bat to
let you know what version is installed. (funkman)
Catalina
30602: Subject is not available during the first call
fix to the servlet which use the basic authentication
(jfarcand)
fix 29831: Added support for Boolean property to
BeanFactory. (yoavs)
fix 28875: Made ErrorReportValve use UTF-8 encoding by
default. (yoavs)
fix 30325: Only set CATALINA_HOME if not already set (in
bin/catalina.sh). (yoavs)
fix 30144: Made SSIServlet check resource MimeType before
using text/html and UTF-8 default. (yoavs)
29406: Made JAASRealm configurable as to whether it
fix should use the context ClassLoader or the default
ClassLoader by adding a useContextClassLoader boolean
attribute. (yoavs)
If ServletResponse.getWriter() is called and no char
encoding has been specified, set response char encoding to
fix default (ISO-8859-1) so that it is reflected in
getContentType() and Content-Type header, as required by
the Servlet Spec (Bugtraq 6152759) (luehe)
fix 29869: Better JMX/JSR77 support in StandardContext and
StandardWrapper. (remm)
update Fixed broken link to JK documenration from AJP Connector
reference page. (yoavs)
fix 30587: Typo in ExtendedAccessLogValve. (yoavs)
fix 30561: Broken restart of NamingService. (yoavs)
fix 29668: NPE in HostConfig, directory created for
deployed WAR instead of xml file. (yoavs)
fix 30179: Improved Bootstrap catalina.properties
handling. (yoavs)
fix 30762: Servlet#destroy was called before
contextDestroyed. (yoavs)
fix 30650: Added explicit comments on session equals()
implementation. (yoavs)
Coyote
fix 30770: Check that the browser actually sent a user-agent
header before using it. (billbarker)
Default charset not included in Content-Type response header
fix if no char encoding was specified (see Bugtraq 6152759).
(luehe)
Jasper
fix 29971: Commented out page directive is parsed. (luehe)
fix 30067: 'Scripting elements are disallowed here' exception
behind scriptless tag. (luehe)
fix 30073: NPE when compiling .jspx with broken xml format in
jspcmode. (luehe)
fix 30291: Smap for a tag should not include its body.
(kinman)
fix 30289: Incorrect Smap for multiple line java expression.
(kinman)
Cluster
Webapps
fix 29779: Admin/Examples SetCharacterEncodingFilter wrong
package. (yoavs)
fix 30354: manager-howto.xml used wrong Ant task. (yoavs)
- Works with Mozilla 1.4 through 1.8a2 and trunk
- Support printing with Xprint
- Get rid of the startup script; you need to update your scripts
if you have been using galeon-bin directly
- Add saved files in recent-files list for easy access
- Add support for vfolders of bookmarks.
- Restore the 'Reload Frame' context menu item
- Add progress dialog when printing.
- Don't copy the history of the old tab, when creating an
unrelated new tab
- Support the new GNOME 2.8 mime type system
- lots of other bug fixes
Also include fix for http://bugzilla.gnome.org/show_bug.cgi?id=153693
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
Added 35 share/httpd/manual entries to PLIST. Most are .ko.euc-kr,
.ko, ja.euc-jp, and .ja files.
I don't know when these were added.
Bump PKGREVISION because now package has several more files.
Also added comment to www/apache2/Makefile.common to remind to
update checksum in devel/apr also.
No actual devel/apr changes seen.
Also removed www/apache2/patches/patch-ab because it is identical to
fix for security in new version.
Changes with Apache 2.0.52
*) Use HTML 2.0 <hr> for error pages. PR 30732 [André Malo]
*) Fix the global mutex crash when the global mutex is never allocated
due to disabled/empty caches. [Jess Holle <jessh ptc.com>]
*) Fix a segfault in the LDAP cache when it is configured switched
off. [Jess Holle <jessh ptc.com>]
*) SECURITY: CAN-2004-0811 (cve.mitre.org)
Fix merging of the Satisfy directive, which was applied to
the surrounding context and could allow access despite configured
authentication. PR 31315. [Rici Lake <rici ricilake.net>]
*) Fix the handling of URIs containing %2F when AllowEncodedSlashes
is enabled. Previously, such urls would still be rejected.
[Jeff Trawick, Bill Stoddard]
*) mod_mem_cache: Fixed race condition causing segfault because of memory being
freed twice, or reused after being freed.
[J. Clar, W. Stoddard, G. Ames]
*) Add -l option to rotatelogs to let it use local time rather than
UTC. PR 24417. [Ken Coar, Uli Zappe <uli ritual.org>]
*) mod_log_config: Fix a bug which prevented request completion time
from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
processing. PR 29696. [Alois Treindl <alois astro.ch>]
Changes since 4.3.8:
* fixes to GPC input processing
* bundled GD extension synced with 2.0.28, re-introducing write support
for GIF (patent expiration worldwide)
* Implemented periodic PCRE compiled regexp cache cleanup, to avoid memory
exhaustion
* Fixed strip_tags() to correctly handle '\0' characters.
* Rewritten UNIX and Windows install help files.
* Fixed a file-descriptor leak with phpinfo() and other 'special' URLs.
* Fixed possible crash inside php_shutdown_config().
* Fixed isset crashes on arrays.
* Fixed imagecreatefromstring() crashes with external GD library.
* Fixed fgetcsv() parsing of strings ending with escaped enclosures.
* Fixed overflow in array_slice(), array_splice(), substr(), substr_replace(),
strspn(), strcspn().
* Fixed '\0' in Authenticate header passed via safe_mode.
* Allow bundled GD to compile against freetype 2.1.2.
All in all this release fixes over 50 bugs that have been discovered
and resolved since the 4.3.8 release.
privoxy actually doesn't require the userid to exist at all. Simply whack
the validity checks from configure.in, move PKG_USERS/PKG_GROUPS to the
main privoxy package, and all works fine.
(Similar to the modifications originally needed for Mailman, but in that
case, the numeric user IDs were also embedded in the binaries. Fortunately,
that is not the case here.)
* Fixes:
- Fix a bug which prevented the user from logging into the server (Todd).
- Fix a crash when editing preferences (#151940) (Todd).
- Plug a memory leak when loading user pictures (Todd).
- Clarify auto-format tooltip (#151388) (Todd).
- Include date information in Drivel's draft format (Davyd).
* Translations:
- Added Japanese translation (Satoru Satoh).
- Added Punjabi translation (Amanpreet Singh Alam).
- Updated Czech translation (Miloslav Trmac).
- Updated Canadian English translation (Adam Weinberger).
- Updated Brazilian Portuguese translation (Estêvão Samuel Procópio).
- Updated Albanian translation (Laurent Dhima).
- Updated Dutch translation (Elros Cyriatan).
- Updated British translation (David Lodge).
2.0.51 had a regression where the Satisfy directive could take
effect for different directories (and could bypass some access
control).
This patch is direct from Apache.
Also bumped the package revision.
--------------------------------------------------------------------------
ChangeLog for Version 3.0.3:
--------------------------------------------------------------------------
- Fixed yet another two memory leaks. Process growth looks stopped now.
- Further tightened security against malicious toggle-off links.
- Excluded text/plain MIME types from filtering. This fixes a
couple of client-crashing, download corruption and
Privoxy performance issues, whose root cause lies in
web servers labelling content of unknown type as text/plain.
- Assorted fixes for POSIX compliance, signal handling, graceful
termination, compiler warnings, OSX support, Win32 systray,
error logging, hostname wildcards, correct detection of NetBSD.
- Workarounds for client (iTunes etc) and server (PHP < 4.2.3) bugs
including the notorious "blank page" problem.
- Various filter improvements; most notably the unsolicited-popups
filter became less destructive
- Major revamp of the actions file
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
=========================
Epiphany Extensions 1.4.0
=========================
New extensions
* Smart bookmarks extension, written by Jean-François Rameau
* Page info extension, written by Adam Hooper
* CSS Stylesheet extension, written by Adam Hooper
Translation updates
* Changwoo Ryu (ko)
=========================
Epiphany Extensions 1.1.4
=========================
New extensions
* Tab grouping extension, written by Justin Wake
Translation updates
* Xavier Conde Rueda (ca)
* Laurent Dhima (sq)
=========================
Epiphany Extensions 1.1.3
=========================
Code changes
* Minor cleanup of certificates extension (Christian)
* Make gestures extension support unloading/reloading (Adam)
Updated translation:
* Changwoo Ryu (ko)
=========================
Epiphany Extensions 1.1.2
=========================
Updated translations
* Francisco Javier F. Serrador (es)
* Gabor Kelemen (hu)
* Laurent Dhima (sq)
* Rostislav Raykov (bg)
=========================
Epiphany Extensions 1.1.1
=========================
Removed features:
* Popup blocker. It is now integrated in Epiphany. (Adam)
* Removed support for mozilla < 1.7 (Christian)
Code changes
* Ported to mozilla embed strings (Christian) [#144237]
* Fix C99-ism in error viewer (Adam) [#144053]
Bug fixes
* Fix crash when closing the last window (Christian) [#144850]
* Fix includes (Adam) [#143818]
Translations
* Rostislav Raykov (bg)
* 相花 毅 (ja)
* Estêvão Samuel Procópio (pt_BR)
* Marcel Telka (sk)
* Laurent Dhima (sq)
=========================
Epiphany Extensions 1.1.0
=========================
Code changes
* Adapt to Epiphany API changes (Christian)
* Portability fix for FreeBSD (Christian, taken from FreeBSD ports)
* Adapt to mozilla API changes (Christian, Adam)
* Refactored link checker (Adam)
* Use public epiphany API to get at the statusbar security icon (Christian)
Bug fixes
* Build fixes (Christian, Adam)
* Mem leak fix (Christian)
* Fix link checker stuck busy cursor (Adam)
* Fix handling of invalid encodings (Adam)
* Fix stupid bug, connect to the right signal on tab-remove (Christian)
Translations
* Xavier Conde Rueda (ca)
* Miloslav Trmac (cs)
* Adam Weinberger (en_CA)
* Francesco Marletta (it)
* Žygimantas Beručka (lt)
* Reinout van Schouwen (nl)
* GNOME PL Team (pl)
* Duarte Loreto (pt)
* Dmitry G. Mastrukov (ru)
* Christian Rose (sv)
* Yuriy Syrota (uk)
* Pablo Saratxaga (wa)
* Liu Songhe (zh_CN)
==============
Epiphany 1.4.0
==============
Bug fixes
* Fix invisible status icon (Christian) [#151501]
Documentation updates
* Document popup window functionality (Adam) [#145412]
Translation updates
* Abdulaziz Al-Arfaj (ar)
* Vladimir "Kaladan" Petkov (bg)
* Progga (bn)
* Kenan Hadžiavdić (bs)
* Jordi Mallach (ca)
* Dafydd Harries (cy)
* Ole Laursen (da)
* Nikos Charonitakis (el)
* Hasbullah Bin Pit (ms)
* Kjartan Maraas (nb)
* Pawan Chitrakar (ne)
* Reinout van Schouwen (nl)
* Åsmund Skjæveland (nn)
* Kjartan Maraas (no)
* Estêvão Samuel Procópio (pt_BR)
* Isriya Paireepairit (th)
* Ercin Eker (tr)
* Mugurel Tudor (ro)
* Ching-Hung Lin (zh_TW)
==============
Epiphany 1.3.8
==============
Code changes
* Track mozilla API change on 1.7 branch (Christian)
Bug fixes
* Make save-as obey lockdown key (Christian) [#151039]
* Correct stored tab positioning after tab_added signal (Justin Wake)
* Fix for bookmarks on main toolbar (Christian) [#151267]
* Fix signal handler return values for popup_menu signal (Christian)
* Fix crash on print to filename with nonabsolute path (Christian) [#148849]
Documentation
* Added japanese translation of the manual, translated by 佐藤 暁 (SATOH Satoru)
Translation updates
* Ole Laursen (da)
* Christian Neumair (de)
* Nikos Charonitakis (el)
* Iñaki Larrañaga Murgoitio (eu)
* Ankit Patel (gu)
* Gurban Mühemmet Tewekgeli (tk)
==============
Epiphany 1.3.7
==============
Bug fixes
* Fix crash when loading a bookmark from the menu (Christian) [150982]
Translation updates
* Francisco Javier F. Serrador (es)
==============
Epiphany 1.3.6
==============
Bug fixes
* Fix mozilla components path (Marco) [#150358]
* Fix default horizontal scroll wheel action (Christian) [#148557]
* Fix for newer libtools (Christian) [#150673]
* Keep passwords list in pdm dialogue up-to-date (Christian) [#150296]
* Fix warning when moving tabs between windows (Christian) [#150822]
* Partially fix bookmarks menu speed issue (Christian) [#150822]
* Fix bookmarks menu hierarchy and auto-updating (Christian)
[#147470, #147786, #150246]
* Change bookmarks hierarchy separator (Christian) [#149150]
* Also pop up context menus with menu key (Christian) [#149150]
New and updated translations:
* Mətin Əmirov (az)
* Vladimir "Kaladan" Petkov (bg)
* Kenan Hadžiavdić (bs)
* Pauli Virtanen (fi)
* Dvornik László (hu)
* Takeshi AIHANA (ja)
* Kjartan Maraas (nb)
* GNOME PL Team (pl)
* Laurent Dhima (sq)
* Christian Rose (sv)
* Jayaradha N (ta)
* Maxim Dziumanenko (uk)
==============
Epiphany 1.3.5
==============
Code changes
* Get rid of the startup script, and use rpath linking instead
(ported from galeon)
* Adapt to changed mozilla APIs (Christian)
Bug Fixes
* Fix application name i18n (Christian) [#148948]
* Some mem leak fixes (Jean-François Rameau)
* Fix restoring the history window on resume (Christian)
* Fix dragging of urls which gnome-vfs can't handle (Christian)
* Fix new tab positioning when opening tabs from drags (Christian)
* Make keyword search URL localisable (Christian) [#144909]
* Fix crash in ellisising label (Christian) [#149114]
* Sort topics by name in bookmark properties dialogue
(Christian Neumair) [#149639]
* Fix some compiler warnings (Christian)
* Fix compilation with gcc 2.95 (Christian)
* Fix context menu on links with namespaced tag (Mikael Brockman) [#150208]
Translation updates
* Arafat Medini (ar)
* Mətin Əmirov (az)
* Vladimir Petkov (bg)
* Miloslav Trmač (cs)
* Martin Willemoes Hansen (da)
* Adam Weinberger (en_CA)
* Gareth Owen (en_GB)
* Francisco Javier F. Serrador (es)
* Pauli Virtanen (fi)
* Christophe Merlet (RedFox) (fr)
* Alastair McKinstry (ga)
* Ravishankar Shrivastava (hi)
* Laszlo Dvornik (hu)
* Takeshi AIHANA (ja)
* Changwoo Ryu (ko)
* Hasbullah Bin Pit (ms)
* Reinout van Schouwen (nl)
* Åsmund Skjæveland (nn)
* GNOME PL Team (pl)
* Duarte Loreto (pt)
* Estêvão Samuel Procópio (pt_BR)
* Mugurel Tudor (ro)
* Dmitry G. Mastrukov (ru)
* Laurent Dhima (sq)
* Danilo Segan (sr, sr@Latn)
* Maxim Dziumanenko (uk)
* Liu Songhe (zh_CN)
==============
Epiphany 1.3.4
==============
Code changes
* Add mime types to .desktop file (Xan)
* Simplify proxy PAC handling (Christian)
* Reworked node views (Marco)
* Adapt to mozilla API change (Christian)
* Don't use -include which isn't portable (Christian) [#143094]
* Fix signedness warnings with gcc 3.5 (Jon Oberheide)
* Misc popup blocker code cleanup (Adam)
Bug Fixes
* Fix downloader crash on shutdown (Marco) [#141928]
* Fix mem leaks in gtk NSS dialogues (Christian, ported from galeon)
* Fix crash when importing bookmarks from mozilla (Marco) [#145611]
* Gracefully handle inability to create downloads directory
(Marco) [#146902]
* Fix profiler output for times > 1 s (Christian, ported from galeon)
* Fix crash in the new bookmark dialogue with deleted topics
(Marco) [#144770]
* Use our stock icon for the downloader icon in tray (Christian)
* Fix dialogue title of Save Link As filechooser (Christian) [#138208]
* Correctly update toolbar's not-removable flag (Christian)
* Fix mem leak from toolbars model (Christian)
* Fix non-ascii topic titles in the bookmarks menu (Christian) [#147469]
* Fix download directory chooser initial directory (Christian) [#146055]
* Confirm overwriting file from content handler (Christian) [#143501]
* Fix crash when screen size changes after using fullscreen (Christian)
* Fix print-to-file filechooser modality (Christian) [#147628]
New and updated translations:
* Владимир Петков (bg)
* Miloslav Trmač (cs)
* Christian Neumair (de)
* Francisco Javier F. Serrador (es)
* Νίκος Χαρωνιτάκης (el)
* Gareth Owen (en_GB)
* रविशंकर श्रीवास्तव (hi)
* 相花 毅 (ja)
* Changwoo Ryu (ko)
* Žygimantas Beručka (lt)
* Kjartan Maraas (no)
* GNOME PL Team (pl)
* Duarte Loreto (pt)
* Laurent Dhima (sq)
==============
Epiphany 1.3.3
==============
New features
* Lockdown: disable_quit, disable_new_window,
first_window_fullscreen (Christian, Christopher James Lahey)
Interface changes
* Sort history items by last visit
* Improve bookmarks toolbar direct manipulation (Marco)
Bug Fixes
* Fix print dialog filename encoding (Christian)
* Fix some memory leaks (Xan, Christian)
New Translations:
* רועי קרשטיין, גיל אשר (he)
Updated Translations:
* Vladimir Petkov (bg)
* Miloslav Trmac (cs)
* Ole Laursen (da)
* Nikos Charonitakis (el)
* Gareth Owen (en_GB)
* Francisco Javier F. Serrador (es)
* Gil Osher (he)
* Laszlo Dvornik (hu)
* Takeshi AIHANA (ja)
* Estêvão Samuel Procópio (pt_BR)
* Laurent Dhima (sq)
==============
Epiphany 1.3.2
==============
Bug fixes
* Fix crash when download finishes (Xan)
Translations
* Xavier Conde Rueda (ca)
==============
Epiphany 1.3.1
==============
New features
* Load extensions from ~/.gnome2/epiphany/extensions too (Ross Burton) [#143835]
* Allow importing of our own bookmarks format (Christian) [#144699]
* Support for working offline (Christian)
* Integrated popup blocking (Adam)
Removed features
* Removed support for mozilla 1.6 (Marco)
Interface changes
* Append new tabs to the end instead of grouping them (Marco)
* Add "New Topic" button to the New Bookmark dialogue (Marco) [#110640]
* Improved import and presentation of hierarchical bookmarks (Marco)
* Implemented "Open in tabs" from toolbar topics (Marco) [#108143]
* New tab load animation (Christian)
* Reordering of bookmarks on toolbar by DND (Marco)
* Add Open In Tabs to toolbar topics (Marco)
* Add context menus for bookmarks and topics on toolbars (Marco)
* Use Blank Page icon as default icon (Marco)
* Add mim-type icon in downloader (Xan)
Code changes
* Ported to mozilla embed strings (Marco, Christian, Xan)
* Moved external protocol handler prefs to js file (Marco)
* Disabe xpinstall by default (Christian) [#144035]
* Separate bookmarks from other toolbars (Christian, Marco)
* Implement popup-blocked signals (Adam) [part of #111930]
* Includes cleanup (Marco)
* Allow custom types in the permissions manager (Christian)
* EphyNode ID cleanups (Marco)
* Simplify printing code (Marco)
* Track mozilla trunk API changes (Christian)
Bug fixes
* Fixed "Exit Fullscreen" popup position in RTL locales (Christian) [#140828]
* Fix filechooser default name in !modeSave mode (Christian)
* Fix webcal: uris (Marco) [#143899]
* Don't hide clipboard actions on input context (Marco) [#139040]
* Fix CSS background context menu (Crispin Flowerday) [#143602]
* Retain custom data when moving toolbar items around (Marco)
* Fix spinner in gradient themes (Crispin Flowerday) [#134686]
* Escape some strings when using them in labels with markup
(Crispin Flowerday, Christian)
* Fix reload of framed pages not to go to top url (Christian) [#115800]
* Use generic name in .desktop file (Marco) [#144284]
* Fix Control-L location bar activation (Christian) [#144191]
* Hide non-toplevel urls from history (Christian) [#142143]
* Fix crash with confused toolbars file (Christian) [#144698]
* Fix toolbar visibility after fullscreen (Christian) [#144785]
* Fix serials on files with 2 extensions (.tar.gz) (Xan)
* Always show menubar on F10 (Christian) [#141999]
* Fix context menu on form elements (Christian) [#143942]
* Fix display of IDN domain names for cookies and password (Christian) [#130930]
* Unescape email address when copying to clipboard (Christian) [144462]
* Don't delete bookmark when dragging to a tab (Marco) [#145254]
Documentation translations
* New translation of documentation into spanish
by Francisco Javier F. Serrador
Translations
* Mətin Əmirov (az)
* Владимир Петков (bg)
* Miloslav Trmač (cs)
* Christian Neumair (de)
* Ole Laursen (da)
* Νίκος Χαρωνιτάκης (el)
* Alexander Winston (en_CA)
* Gareth Owen (en_GB)
* 相花 毅 (ja)
* Reinout van Schouwen (nl)
* GNOME PL Team (pl)
* Estêvão Samuel Procópio (pt_BR)
* Marcel Telka (sk)
* Данило Шеган (sr, st@Latn)
* Laurent Dhima (sq)
* Liu Songhe (zh_CN)
==============
Epiphany 1.3.0
==============
Removed features
* Dropped support for mozilla < 1.6 (Christian)
* Removed nautilus view (Christian)
Interface improvements
* Fix duplicate accesskey, use correct case for button text and make
message selectable in the confirm-close dialogue (Piers)
* Use verb for action button and various minor tidy ups on the import
dialogue (Piers)
* Add "Save Link As..." to Image/Link popup (Christian) [#138207]
* Remove "Open Image in New [Tab|Window]" from the context menu
(Christian)
* Remove extraneous separators in context menus (Christian) [#115897]
* Use right capitalisation for fonts lang label in prefs (Piers)
* Make buttons the same size in Industrial theme and make text
selectable in history confirm-clear dialogue (Piers)
* Make prefs, pdm and print setup dialogues transient to their parent
and destroy with parent (Christian) [#139124]
* Make warning message selectable in content handler dialogue (Piers)
* Sort the actions in the location entry autocompletion dropdown
(Christian) [#139575]
* Add Ctrl+S as an alternate accel for "Save As" (Piers) [#139415]
* Add "Downloads" folder shortcut to our file chooser dialogues
(Christian)
* HIGified confirm-overwrite dialogue (Patanjali Somayaji, Piers)
[#133152]
* Make Escape cancel overwrite dialog (Piers)
* Add some filters to the file chooser dialogues (Christian) [#139418]
* Jump to new tabs created from command lines (Christian) [#141168]
* Fix accelerator for OpenImage action (Christian)
* Statusbar re-design: Move lock icon to left; hide progress bar when
no activity (Christian) [#137845]
* Simplify context menu wrt. frames (Christian) [#138442]
* Open bookmark in new tab on middle-click (Christian) [#106250]
Code changes
* Made sure every file includes config.h (Christian)
* Use more efficient mozilla string conversion routines (Christian)
* Adapt to various mozilla API changes (Marco, Christian, Xan, Piers)
* Improve chrome handling (Marco)
* Cleanup after making EphyTab a GtkBin (Christian)
* Some API cleanups (Adam)
* Some comment cleanups (Adam)
* Register stock icons (Christian)
* Added/improved some debug output (Christian)
* Get rid of #if GTK_CHECK_VERSION() stuff and remove optionmenu code
in the Gtk NSS dialogues (Christian)
* Synchronise editable toolbar changes from galeon, this fixes simple
usage, stops crashes when dragging items to and from other
applications, and adds the ability to override the toolbar style
(Crispin Flowerday)
* Track the active window with focus events (Christian)
* Eliminate ExternalProtocolHandlers in favor of setting prefs to make
Mozilla not handle the protocols internally (Christian Biesinger)
* Add defines for private mozilla api usage to make it easier to track
what we need to port to embed string and what we need to be using only
public api (Marco)
* Make the statusbar's GtkTooltips publicly accessibly (Christian)
* Clean up encoding handling (Christian)
* Allow compilation without mozilla wallet extension (Christian)
* Some fixes for compilation with gcc 2.95 (Christian)
* Backport changed from the new gtkcellrendererprogress which
was based on ephy's, to support RTL and fix overflow bug (Christian)
* Various solaris portability fixes (Brian Cameron, Christian)
Bug fixes
* Remove unnecessary g_object_notify()s (Marco)
* Fix test for toolbar removability (Christian)
* Don't crash when draggin a toolbar separator around (Christian)
* Make location entry not have a proxy menu item (Christian)
* Make select-by-key support unsorted lists (Xan) [#137054]
* Don't unref NULL icons (Christian) [#137715]
* Fix content policy contract-ID (Christian)
* Set window border icon on the about dialogue (Christian) [#137806]
* Fix width of "Add" button in PDM dialogue with some themes
(Christian) [#137811]
* Fix XBEL mime type for import (Marco)
* Fixes to API documentation build (Adam, Christian)
* Make the "Go" button actually work (Christian)
* Fix arg type of dom_* signals to match the closure (Christian)
* Use stock icon for "Open" on content handler dialogue
(Christian) [#135765]
* Use stock icon for "Download" on content handler dialogue (Christian)
* Fix proxy tool item disconnection on location entry (Christian)
* Fix opening of bookmarks in new tabs when there is no existing window
(Christian) [#138343]
* Fix context menu on anchors without href attribute (Christian) [#138200]
* Make startup script work on older solarises (Christian) [#138088]
* Fix filechooser response codes (Federico Mena Quintero) [#138263]
* Fix compilation with -fdata-sections (Christian) [#136878]
* Don't allow a font size less than 1 (Piers)
* Fix bookmarks toolbar visibility in fullscreen and print preview mode
as well as for javascript popups (Christian) [#138520]
* Fix link drag-and-drop to empty space on notebook (Christian) [#138902]
* Don't abort on gconf errors, just display a message on console
(Christian) [#139247]
* Make ephy-node refcount initialize to 1 and not 0 (Adam)
* Fix various filename encoding bugs (Christian)
* Don't quit the filechooser when selecting "No" from the confirm-
overwrite dialoge (Christian) [#139400]
* Set the action's accel_path, fixes crash when dynamically assigning
accels (Christian) [#139641]
* Fix saving of linked content. Don't create the directory; mozilla
will do it for us if necessary (Christian)
* Make the "Files" suffix translatable (Christian)
* Removed the ge_popup_blocked signal on EphyEmbed (Adam)
* Do not uncompress when the type is not html (Marco) [#131778]
* Fix chrome for new windows opened from _blank target (Marco) [#139512]
* Fix font selection combo box issues (Christian) [#138560]
* Fix encoding of saved content (Marco) [#141050]
* Exit print preview mode before closing a window; fixes a crash
(Christian) [galeon #121298]
* Fix crash when trying to get URL from unrealizes EphyEmbed (Marco)
* Fix some mem and refcount leaks (Christian)
* Always pass the cache key to the persist object so we don't re-fetch
the page on save (Christian) [#141652]
* Forward download nsIAuthPrompt interface to the single sign-on prompt
(Christian)
* Destroy the EphyBrowser in destroy handler, but delete it only on
finalize. Make public EphyBrowser methods safe for calling after
Destroy (Christian) [#142184]
* Fix LD_LIBRARY_PATH in startup script never to (implicitly) include
current dir (Christian) [#141576]
* Fix observer topic check for cookie "cleared" notification (Christian)
* Fix capitalisation in filechoose filter names (Christian)
* Emit the "tab_removed" signal also for the window's last tab
(Christian) [#142078]
* Fix stupid bug which prevented compilation with gcc 3.4 (Christian)
* Elimiate indeterminate progress (Christian) [#142303, #142305]
* Fix toolbar editor drag icon theming bug (Crispin Flowerday)
* Fix reload not to use forced reload by default (C. J. N. Breame) [#143365]
Documentation
* xml docs validity fixes (Piers)
* xml docs validity fixes (Sebastian Heinlein) [#140918]
* Improve description of 'secure' cookies (Piers) [#136443]
* API documentation (Adam)
* Maintenance of 1.4 plan (Piers, Marco)
* Update screenshots (Piers)
* Updated Smart Bookmarks help content (Matthew Gatto) [#139616]
* Minor updates to match UI (Piers)
Documentation translations
* Francisco F. Serrador (es)
* Hizkuntza Politikarako Sailburuordetza (eu)
Translations
* عرفات المديني، تونس (ar)
* Владимир Петков (bg)
* Xavier Conde Rueda (ca)
* Miloslav Trmač (cs)
* Ole Laursen (da)
* Alexander Winston (en_CA)
* Gareth Owen (en_GB)
* Iñaki Larrañaga Murgoitio (eu)
* Francisco Javier F. Serrador (es)
* Alastair McKinstry (ga)
* નીરવ, અંકિત, અંકુર, અતિત, ભાવિન, કાર્તિક, ખુશ્બુ, શ્વેતા (gu)
* Dvornik László (hu)
* helgi (is)
* Žygimantas Beručka (lt)
* Åsmund Skjæveland" (nn)
* ਅਮਨਪ੍ੀਤ ਸਿੰਘ ਅਾਲਮ (pa)
* Duarte Loreto (pt)
* Дмитрий Мастрюков (ru)
* Marcel Telka (sk)
* Laurent Dhima (sq)
* Ma SivaKumar (ta)
* อิสริยะ ไพรีพ่ายฤทธิ์ (th)
* Pablo Saratxaga (wa)
* Liu Songhe (zh_CN)
==============
Epiphany 1.2.9
==============
Code changes
* Drop support for Mozilla 1.8a2
* Support for Mozilla 1.8a3 and 1.8a4
Bug fixes
* Fix default horizontal scroll wheel action (Christian) [#148557]
* Fix glade symbol lookup with newer libtools (Christian) [#150673]
* Pop up context menu with menu keys too (Christian) [#150830]
* Fix printing to file with a non-absolute path (Christian) [#148849]
* Fix session file remove command (Christian)
Translations
* Iñaki Larrañaga Murgoitio (eu)
* Nirav, Ankit, Ankur, Atit, Bhavin, Kartik, Khushbu, Sweta (gu)
* Isriya Paireepairit (th)
gtkhtml-3.2.1 "Gone stable" 2004-09-10
------------------------------------------------
New in this release
* Updated translations:
el (Nikos Charonitakis)
cs (Miloslav Trmac)
it (Luca Ferretti)
ta (Jayaradha)
ms (Hasbullah Bin Pit)
sq (Laurent Dhima)
gtkhtml-3.2.0 "Going stable" 2004-08-26
------------------------------------------------
New in this release
* make sure backstore pixmap has a colormap (Robert McQueen)
New in 3.1.20
* optionally use new gtk file chooser
* fixed table layout calculation
* fixed embedded widgets width
* do not use title from MOZILLA_URL in text mode
* fixed table cell cursor
* a11y fixes (Eric Zhao)
* fixed style setting in editor
New in 3.1.19
* fixed crash in embedded widgets code
* auto* files fixes (release string vs. api version)
* better size request/allocation handling for child widgets
* memory leak fix
New in 3.1.18
* save TT tag again
New in 3.1.17
* fixed links editing
* fixed problems with gnome print and 's
* fixed crash when pasting html with embedded widgets
* display link attributes in plain text
* fixed cursor movement
* set iframe's base url before emitting iframe_created signal
* disable focus forwarding in editor (Eric Zhao)
* fixed MOZILLA_URL pasting again
* fixed leaking pango glyphs (Owen Taylor)
* removed line breaks around puntuation in links
* caret is now consistent with focus (Eric Zhao)
* more compiler warnings fixes (Owen Taylor)
New in 3.1.16
* compiler warnings fixes
* font settings fixes
* fixed pasting MOZILLA_URL crash
* added missing KP_Home, KP_End bindings
New in 3.1.15
* fixed printing
* fixed page color editing
* fixed table editing
* fixed local image url's
* optimalizations
* colorset fixes
* fixed crash related to displaying spell errors
* a11y fixes (Eric Zhao)
* search dialog fixes (Pratik V. Parikh)
* line breaking fixes in links
* make Wrap Lines menu item usable again
* fixed line breaking
* use GIT
* HIGifications
New in 3.1.5
* improved IM preedit string display
* removed gal dependency
* better smiley substitution in the composer (bounty by Jan Arne Petersen)
New in 3.1.5
* better font sizing
* updated translations.
New in 3.1.4
* new and improved html parser handles broken html much better.
* better pango integration.
* updated translations.
* better ascii mode rendering of lists.
* improved exposure handling.
* improved animation rendering.
* versioned .server files for parallel installs with version 3.0.x.
- Remove patch-as and patch-ah as they are now outdated and included in the src
- ok'ed snj@, wiz@
- Thanks to epg@ for final check
This version of Apache is principally a bug fix release. Of particular note
is that 2.0.51 addresses five security vulnerabilities:
An input validation issue in IPv6 literal address parsing which can result
in a negative length parameter being passed to memcpy.
[CAN-2004-0786]
A buffer overflow in configuration file parsing could allow a local user to
gain the privileges of a httpd child if the server can be forced to parse a
carefully crafted .htaccess file.
[CAN-2004-0747]
A segfault in mod_ssl which can be triggered by a malicious remote server,
if proxying to SSL servers has been configured.
[CAN-2004-0751]
A potential infinite loop in mod_ssl which could be triggered given
particular timing of a connection abort.
[CAN-2004-0748]
A segfault in mod_dav_fs which can be remotely triggered by an indirect lock
refresh request.
[CAN-2004-0809]
For further details, see http://www.apache.org/dist/httpd/Announcement2.html
and http://apache.rmplc.co.uk/httpd/CHANGES_2.0.
from Release Notes:
---
Firefox is a fast, full-featured browser that makes browsing more
efficient than ever before. More information about Firefox is
available.
Firefox Preview Release (henceforth refered to as PR) is a Technology
Preview. While this software works well enough to be relied upon as
your primary browser in most cases, we make no guarantees of its
performance or stability. It is a pre-release product and should not
be relied upon for mission-critical tasks. See the License Agreement
for more information.
These release notes cover what's new, download and installation
instructions, known issues and frequently asked questions for the
Firefox PR release. Please read these notes and the bug filing
instructions before reporting any bugs to Bugzilla.
We want to hear your feedback about Firefox. Please join us in the
Firefox forums, hosted by MozillaZine.
What's New
Here's what's new in this release of Firefox:
* Live Bookmarks
You can now subscribe to and read RSS feeds in your
Bookmarks. When you visit a page that advertises a RSS feed by using a
<link> tag, a RSS icon will appear in the status bar. Click it to view
a list of feeds the page is offering. Click one to subscribe - this
adds a Bookmark Folder that contains all the recent posts from the
feed.
* Improved Find
Find is easier and more powerful now with our new Find
toolbar. The Find toolbar (which shows at the bottom of the browser
window) automatically highlights text in the page as you type and has
a useful highlight feature.
* Managing Annoyances and Protecting Security
You can now open blocked popups, and the Extension install
system now blocks all attempts to install software from sites other
than update.mozilla.org. Users can add other sites to a list that
allows them to offer software, but software is never automatically
installed. In addition to these steps, several other measures have
been taken to prevent phishing attacks and to highlight when a page is
being viewed over a secure connection.
* Better Bookmarks
Numerous improvements to bookmarks including more reliable
presentation of Site icons, and a split pane view in the Bookmarks
window.
* Strong Encryption For Passwords Available
Passwords saved with the Password Manager can now be more easily
encrypted with strong encryption by creating a "Master Password". If
you create a Master Password, you are prompted once per session to
enter the Master Password so that Password Manager can automatically
fill in site logins. A useful feature for people who share computers
with others and want improved security.
* Improved Compatibility for IE users
Undetectable document.all support for site compatibility and
improved compatibility for keyboard accelerators further smooth the
transition for IE users
* Better System Integration for GNOME users
You can now configure Firefox as your Default Browser on GNOME,
and Firefox will adhere to your GNOME settings for edit field key
bindings, etc.
* And a horde of other bug fixes...
See The Burning Edge's Bigger Picture for more details.
-----
Several security holes have been fixed. See the page bellow for
detail.
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
Mozilla 1.7.3 is a security update to Mozilla 1.7 that fixes a several
security vulnerabilities.
#93 "Send page" heap overrun (258005)
#92 javascript clipboard access (257523)
#91 Privilege request confusion (253942)
#90 Buffer overflow when displaying VCard (257314)
#89 BMP integer overflow (255067)
#88 javascript: link dragging (250862)
#87 non-ascii hostname heap overrun (256316)
#86 Malicious POP3 server III (245066, 226669)
#85 Wrong file permissions after installing on Linux (231083, 235781)
#84 Wrong file permissions in linux archive (254303)
See the page bellow for detail
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
Mozilla 1.7.3 is a security update to Mozilla 1.7 that fixes a several
security vulnerabilities.
#93 "Send page" heap overrun (258005)
#92 javascript clipboard access (257523)
#91 Privilege request confusion (253942)
#90 Buffer overflow when displaying VCard (257314)
#89 BMP integer overflow (255067)
#88 javascript: link dragging (250862)
#87 non-ascii hostname heap overrun (256316)
#86 Malicious POP3 server III (245066, 226669)
#85 Wrong file permissions after installing on Linux (231083, 235781)
#84 Wrong file permissions in linux archive (254303)
See the page bellow for detail
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
Update to newer docs download file (updated docs
appear to be the man page, tidy.css, and quickref.html).
Also bump PKGREVISION.
This will close PR pkg/26867. Thank you, Mark E. Perkins.
==============
Epiphany 1.2.8
==============
Code changes
* Adapt to Mozilla API changes (Christian)
* Confirm before overwriting a file [#143501]
Bug fixes
* Fix compilation of nautilus view (Christian) [#148995]
* Fix some memory leaks (Jean-François Rameau)
* Really translate the program name (Christian) [#148948]
* Fix restoring the history window on resume (Christian)
* Fix new tab position (Christian)
* Fix a crash in content handler (Christian) [#149550]
* Fix context menu on links with namespaced tag (Mikael Brockman) [#150208]
==============
Epiphany 1.2.7
==============
Code changes
* Adapt to mozilla API changes (Christian)
* Use nsIDOMWindow2 to get the root event target on
mozilla >= 1.7rc3 (Christian)
Bug fixes
* Work around mozilla bug #246392 which causes reloads of framed pages to
go back to original URI (backported from HEAD) (Christian) [#115800]
* Escape markup in string in the duplicate bookmarks dialogue
and topics menu (Christian)
* Escape markup in strings in the NSS dialogues (Crispin Flowerday)
* Work aroung mozilla bug #246392 which causes reload of framed pages to go
back to initial frameset (Christian, Crispin Flowerday) [#115800]
* Don't show redirected and non-toplevel pages in history (Christian) [#142143]
* Allow importing of Epiphany bookmarks format too (Christian) [#144699]
* Fix crash with corrupted toolbars file (Christian) [#144698]
* Fix prefs persistence with non-existent or bogus initial values (Christian)
* Unescape mailto: addresses (Christian) [#144462]
* Fix filename encoding for print-to-file (Christian)
* Depend on libgnomeui >= 2.6.0 (Christian) [#145776]
* Make print and print setup go trough nsIPrintingPromptService (Christian,
backported from HEAD)
* Fix print-to-file filechooser modality (Christian) [#147628]
* Fix mem leaks in gtk NSS dialogues (Christian, ported from galeon)
* Gracefully handle failure to create downloads directory (Marco) [#146902]
* Fix single observer ownership and reference counting (Christian) [#146873,
#146461]
* Fix downloader crash on shutdown (Marco) [#141928]
* Fix build with old mozilla versions (1.4.x, 1.5) (Christian)
* Use nsACString instead of nsCString in a few places in EphyWrapper (Christian)
* Fix crash on screen size change after using fullscreen (Christian)
New translations
* he
Updated translations
* bg, ca, vi
Drivel 1.2.0 (The "Hero of Canton" release)
===========================================
* Improvements:
- Added a user manual (Todd).
* Fixes:
- Fixed the oft-reported "automaticall" typo (Todd).
- Synced eggtrayicon.* and recent-files/* with libegg to get the latest
improvements and bug-fixes (Todd).
* Translations:
- Updated Canadian English translation (Adam Weinberger).
- Updated Simplified Chinese translation (Funda Wang).
- Updated Portuguese translation (Duarte Loreto).
- Updated Swedish translation (Christian Rose).
- Updated Czech translation (Miloslav Trmac).
- Updated Dutch translation (Elros Cyriatan).
- Updated Spanish translation (Francisco Javier F. Serrador).
- Updated Albanian translation (Laurent Dhima).
- Updated Brazilian Portuguese translation (Estêvão Samuel Procópio).
Drivel 1.1.2 (The "Betas make bubbles!" release)
================================================
* Improvements:
- Replace the RSA's reference MD5 implementation with a free one.
- Add the GNOME Spinner to the network progress dialog.
- Make the standard error dialog conform to the HIG.
- Port the Network Progress and Insert Image dialogs to Glade.
- Gave the Insert Image and Insert Link dialogs a make-over and some
HIG-lovin'.
- Added a Cancel button to the new Network Progress dialog.
- Use unique names for user pictures, prevents re-downloading the
same image again and again.
- Add support for back-dating journal entries.
- Add tooltips for post options.
* Fixes:
- Prevent the network dialog from "blinking" on short transactions.
- Fix a crash that occured when the network dialog was closed manually.
- Double-clicking an entry in the history dialog opens it for editing.
- Prevent the user from selecting a row in the history list when it is
empty, fixes a crash.
- Fix a few strings to bring them into HIG 2.0 compliance.
* Translations:
- Updated Brazilian Portuguese translation (Raphael Higino and
Estêvão Samuel Procópio).
- Updated Czech translation (Miloslav Trmac).
- Updated Canadian English translation (Adam Weinberger).
- Updated British English translation (David Lodge).
- Updated Spanish translation (Francisco Javier F. Serrador).
Drivel 1.1.1 (The "I'm too hung-over to be creative" release)
=============================================================
* Improvements:
- RhythmBox support for the Music entry (Davyd Madeley).
- New and improved network layer which doesn't suck.
- Abstracted blog API, should make it easy to support multiple blog
systems in the future.
- Support for EggRecent.
- Added a "Drivel journal draft" mimetype.
- Redesigned the Friends dialog.
* Fixes:
- Plugged some memory leaks.
- Use the correct signal (enter_notify) for triggering the query_music
function.
- Lots of HIG-related spacing fixes.
* Translations:
- Updated Spanish translation (Francisco Javier F. Serrador).
- Updated Brazilian Portuguese translation (Raphael Higino).
- Updated Norwegian translation (Kjartan Maraas).
- Updated Albanian translation (Laurent Dhima).
- Updated Czech translation (Miloslav Trmac).
- Updated British English translation (David Lodge).
Drivel 1.1.0 (The "Happy birthday, Stephie!" release)
=====================================================
* Improvements:
- HTML syntax highlighting (Davyd Madeley and Grahame Bowland).
- Optional in-line spell checking support via GtkSpell.
- Undo/Redo support (Davyd Madeley).
- Support the new challenge/response LiveJournal authentication method.
- Per-account autosaves.
- Use LogJam's XML file format when saving/loading drafts (Davyd Madeley).
- The Insert Link dialog now replaces selected text with a hyper-linked
version of the text.
- Saves the filename of drafts so that the user isn't prompted each time she
presses "Save Draft" and add a "Save Draft as..." menu command.
- Autocomplete support for the Mood control (Davyd Madeley).
- Lots of HIG work on the menus, dialogs, and alerts.
* Fixes:
- Keybinding fixes.
- Resolve a couple of bugs in the History dialog (still requires GTK+ 2.4.4
or higher to work correctly) (Davyd Madeley).
- Correct the lj-lq tag in the poll creator (Grahame Bowland).
- Don't duplicate the protocol in the Insert Link dialog (gnome@nash.nu).
- Fixed the autosave feature.
- Resolved a network threading issue that prevented Drivel from working on
NetBSD, and possibly the other BSD variants as well.
- Protect proxy variables with mutex locks, should resolve some more
BSD-related threading issues.
- Use libcurl's unescape method rather than our own, fixes a NetBSD
character conversion problem.
- Fix C99-ism which was preventing successfull compilation on
GCC-2.95 (Julio M. Merino Vidal).
* Translations:
- Added Albanian translation (Laurent Dhima).
- Updated Czech translation (Miloslav Trmac).
- Updated Brazilian Portuguese translation (Raphael Higino).
- Updated British English translation (David Lodge).
I could not find any recent release notes or change log other than "People
continue to report examples where Tidy does not catch some ill-formed HTML
or, worse, generates ill-formed HTML. These cases have been significantly
reduced." (I didn't compare code with old release either.)
Patch-ab updated (same line patched).
patch provided by Ove Soerensen in PR 26792
changes compared to 2.7f:
wwwoffle 2.8c contains various fixes and new features. For example the
removal of some memory-leaks, fixes for race-conditions and it's noew
CSS aware and has support for chunked encoding.
changes;
Except from the usual bug-fixes and improvements, some new features snuck
in. One nifty feature is the save and open file dialogs remembering the
last directory opened. Also, a "start_page" option in the preferences so
that you may override the splash screen.
which are the full option names used to set rpath directives for the
linker and the compiler, respectively. In places were we are invoking
the linker, use "${LINKER_RPATH_FLAG} <path>", where the space is
inserted in case the flag is a word, e.g. -rpath. The default values
of *_RPATH_FLAG are set by the compiler/*.mk files, depending on the
compiler that you use. They may be overridden on a ${OPSYS}-specific
basis by setting _OPSYS_LINKER_RPATH_FLAG and _OPSYS_COMPILER_RPATH_FLAG,
respectively. Garbage-collect _OPSYS_RPATH_NAME and _COMPILER_LD_FLAG.
It has (probably long since) been replaced by configuration checks
in firefox's configure script. The resulting source still compiles
and works on netbsd-1-5 / i386.
into the bsd.options.mk framework. Instead of appending to
${PKG_OPTIONS_VAR}, it appends to PKG_DEFAULT_OPTIONS. This causes
the default options to be the union of PKG_DEFAULT_OPTIONS and any
old USE_* and FOO_USE_* settings.
This fixes PR pkg/26590.
Squid 2.5.STABLE5 to 2.5.STABLE6:
* Several "Assertion error" bugs fixed
* Several "Segmentation fault" bugs fixes
* Corrects a security issue in the old ntlm_auth NTLM helper used in transparent NTLM authentication to a NT domain without using samba.
* Processing of Vary: * and Vary on error messages corrected
* a large number of minor and cosmetic bugfixes. See the list of squid-2.5.STABLE5 patches and the ChangeLog file for details.
2.5.STABLE56 official patches:
* 2004-08-20 08:18 (Major) NTLM authentication denial of service
* 2004-08-14 21:07 (Minor) external_acl does not handle newlines
* 2004-08-09 14:03 (Minor) Supplementary group memberships not set
* 2004-08-05 20:33 (Medium) Segfaults and other strange crashes when using heap policies
* 2004-08-06 11:05 (Cosmetic) Unknown %X errorpage codes incorrectly quoted
* 2004-08-17 12:22 (Cosmetic) Grammatical corrections in squid.conf.default
* 2004-07-27 21:52 (Minor) NTLM authentication truncated
* 2004-07-17 22:43 (Minor) Memory leak in client_db
* 2004-07-17 20:11 (Cosmetic) Add delay pools information to active_requests
* 2004-07-17 19:57 (Minor) case insensitive authentication
* 2004-07-17 19:48 (Cosmetic) Warn if cache_dir ufs can not create files
* 2004-07-17 16:33 (Cosmetic) HEAD requests may return stale information
* 2004-07-17 16:33 (Minor) Partial hit results in TCP_HIT, not TCP_MISS
* 2004-07-17 16:33 (Cosmetic) request_header_max_size configuration option doesn't work correctly
* 2004-07-29 13:29 (Minor) A large number of queued DNS lookups for the same domain
* 2004-08-10 09:40 (Minor) LDAP helpers update
* 2004-07-14 16:29 (Medium) storeCreate: no valid swapdirs for this object
It has (probably long since) been replaced by configuration checks
in mozilla's configure script. The resulting source still compiles
and works on netbsd-1-5 / i386.
Changes:
* NEW IN KDE: KImageMapEditor integration Andras Mantia, Jan Schaefer
* NEW IN KDE: Integrate KLinkStatus into kdewebdev Andras Mantia,
Paulo Moura Guedes
* Quanta Plus
o Use KMDI for the MDI Andras Mantia
o Basic support for development teams in projects Andras Mantia
o Directory Templates Andras Mantia
o Complete template features Andras Mantia
o Supplemental project file data Eric Laffoon
o Multiple upload profiles Andras Mantia
o Basic CVS project integration (Commit/Update) Andras Mantia
o Support for downloading resources from a central server Andras
Mantia
o Event actions for file and project operations Andras Mantia
o Interface personalities for tasks and project team members Andras
Mantia
o PHP debugger support Linus McCabe, Thiago Silva
o Improve the file trees Jens Herden
o Basic support for any editor implementing the KTextEditor
interface Andras Mantia
o Replace accented characters on the fly Andras Mantia
* Kommander
o Enable list widget functionality Michal Rudolf
o Enable tree detail widget functionality Michal Rudolf
o Improve the editor Michal Rudolf
o Improve the text editor Michal Rudolf
o Add DCOP functions assistant Michal Rudolf
o Handle multiple dialogs packaged in single archive Michal Rudolf
o Add localization functions Michal Rudolf
o Enable free slots Michal Rudolf
o Make widgets DCOP accessable Michal Rudolf
o Add the ability to plug in widgets Marc Britton
o Add rich text blogging widget Marc Britton
o New @readSetting and @writeSetting specials for saving text Marc
Britton
o Population text - populates widgets with signals and slots Marc
Britton
* KFileReplace
o New startup/new project dialog Andras Mantia
* KLinkStatus
o Filter to display links (broken, good, timeout, etc) Paulo Moura
Guedes
o Pause and resume search. Paulo Moura Guedes
o Validate URLs with reference (#) Paulo Moura Guedes
o Edit link referrers in Quanta Paulo Moura Guedes
o Add GUI for settings. Paulo Moura Guedes
Version 7.12.1 [requires libcurl-7.12.1 or better]
--------------
2004-08-02 Kjetil Jacobsen <kjetilja>
* Added INFOTYPE_SSL_DATA_IN/OUT.
2004-07-16 Markus F.X.J. Oberhumer <mfx>
* WARNING: removed deprecated PROXY_, TIMECOND_ and non-prefixed INFOTYPE constant names. See ChangeLog entry 2003-06-10.
2004-06-21 Kjetil Jacobsen <kjetilja>
* Added test program for HTTP post using the read callback (see
tests/test_post3.py for details).
* Use the new CURL_READFUNC_ABORT return code where appropriate
to avoid hanging in perform() when read callbacks are used.
* Added support for libcurl 7.12.1 CURLOPT features:
SOURCE_HOST, SOURCE_USERPWD, SOURCE_PATH, SOURCE_PORT,
PASV_HOST, SOURCE_PREQUOTE, SOURCE_POSTQUOTE.
2004-06-08 Markus F.X.J. Oberhumer <mfx>
* Setting CURLOPT_POSTFIELDS now allows binary data and
automatically sets CURLOPT_POSTFIELDSIZE for you. If you really
want a different size you have to manually set POSTFIELDSIZE
after setting POSTFIELDS.
(Based on a patch by Martin Muenstermann).
2004-06-05 Markus F.X.J. Oberhumer <mfx>
* Added stricter checks within the callback handlers.
* Unify the behaviour of int and long parameters where appropriate.
Version 7.12
------------
2004-05-18 Kjetil Jacobsen <kjetilja>
* WARNING: To simplify code maintenance pycurl now requires
libcurl 7.11.2 and python 2.2 or newer to work.
* GC support is now always enabled.
Version 7.11.3
--------------
2004-04-30 Kjetil Jacobsen <kjetilja>
* Do not use the deprecated curl_formparse function.
API CHANGE: HTTPPOST now takes a list of tuples where each
tuple contains a form name and a form value, both strings
(see test/test_post2.py for example usage).
* Found a possible reference count bug in the multithreading
code which may have contributed to the long-standing GC
segfault which has haunted pycurl. Fingers crossed.
Version 7.11.2
--------------
2004-04-21 Kjetil Jacobsen <kjetilja>
* Added support for libcurl 7.11.2 CURLOPT features:
CURLOPT_TCP_NODELAY.
2004-03-25 Kjetil Jacobsen <kjetilja>
* Store Python longs in off_t with PyLong_AsLongLong instead
of PyLong_AsLong. Should make the options which deal
with large files behave a little better. Note that this
requires the long long support in Python 2.2 or newer to
work properly.
Version 7.11.1
--------------
2004-03-16 Kjetil Jacobsen <kjetilja>
* WARNING: Removed support for the PASSWDFUNCTION callback, which
is no longer supported by libcurl.
2004-03-15 Kjetil Jacobsen <kjetilja>
* Added support for libcurl 7.11.1 CURLOPT features:
CURLOPT_POSTFIELDSIZE_LARGE.
Changes:
* the version string now only contains info about (sub) package versions,
while for example krb4 and ipv6 now only are available as 'features'
* added curl_easy_reset()
* socks proxy support even when libcurl is built ipv6-enabled
* read callbacks can stop the transfer by returning CURL_READFUNC_ABORT
* libcurl-tutorial.3 is the new man page formerly known as
libcurl-the-guide
* additional SSL trace data might be sent to the debug callback using two
new types: CURLINFO_SSL_DATA_IN and CURLINFO_SSL_DATA_OUT
* multipart formposts can upload files larger than system memory
* the curl tool continues with the next URL even if one transfer fails
* FTP 3rd party transfer support - seven new setopt() options
Bugfixes:
* UTF-8 encoded certificate names can now be verified properly
* krb4 link problem
* HTTP Negotiate service name now provided in uppercase
* no longer accepts any cookies with domain set to just a TLD
* HTTP Digest properties without quotes in the header
* bad Host: header case on re-used connections over proxy
* duplicate Host: header case on re-used connections
* curl -o name#[num] now works when no globbing for [num] exists
* test suite runs fine with valgrind 2.1.x
* negative Content-Length is ignored
* test 505 runs fine on windows
* curl_share_cleanup() crash
* --trace files now get the final info lines too
* multi interface connects fine to multi-IP resolving hosts
* --limit-rate works on Mac OS X (and other systems with bad poll()s)
* cookies can now hold 4999 bytes of content
* HTTP POST/PUT with NTLM/Digest/Negotiate to a URL returning 3XX
* HTTPS POST/PUT over a proxy requiring NTLM/Digest/Negotiate
* less restrictive libidn requirements, 0.4.1 or later is fine
* HTTP POST or PUT with Digest/Negotiate/NTLM selected but the server
didn't require any authentication
* win32 file:// transfer free memory bug
* configure --disable-http builds a libcurl without HTTP support
* CURLOPT_FILETIME had wrong type in curl.h, it expects a long argument
* builds fine with Borland on Windows
* the msvc curllib.dsp now builds the libcurl.lib file
* builds fine on VMS
* builds fine on NetWare
* HTTP Digest authentication with proxies uses correct user name + password
* builds fine with lcc-win32
already in pkgsrc) include:
o CGI status is now properly handled (-a flag has been removed)
o CGI file upload support works
o %xy translations are no longer ever applied after the first '?',
ala RFC2396. from lukem
o daemon mode (-b) should no longer hang spinning forever if it
sees no children. from lukem
o new .bzabsredirect file support. from <martin@netbsd.org>
o return a 404 error if we see %00 or %2f (/)
o don't print 2 "200" headers for CGI
o support .torrent files
Changes:
* New File selectors are used when compiled with GTK+ 2.4 or
later. (Nathan Conrad)
* XML parsers now detect namespaces based on their URL. (Nathan
Conrad)
* UTF-16 formatted documents are now supported. Please complain if
you have problems! This may also help other encodings that
contain NULL bytes in their datastreams.
* More favicons are now detected (HTML pages are now searched for
links to the favicons). (Nathan Conrad)
* Authenticated proxies are now supported via the GNOME proxy
settings and http_proxy environment variable. (Nathan Conrad)
* Help feeds are no longer downloaded at every startup.
* Support for photo blog RSS modules. (Lars Lindner)
* There is a new preference option in the "Headline Display"
tab to change the key binding for skimming through the
articles. It now defaults to Ctrl-Space instead of simply
Space. This is to allow using forms with Mozilla. If you
prefer Space please set it explicitly in the preferences.
(Lars Lindner)
* GConf schemas have been added to document the various gconf
keys that Liferea uses and provide control of defaults by
computer administrators. (Nathan Conrad)
* Notification popups now show the favicon of the feeds for
easier recognizing. (Lars Linder)
* Session manager support. This makes the lock file removed when
a user logs out without first cloning Liferea. (Lots of code from
gaim, but integrated into Liferea by Nathan Conrad)
* Fixed bug where some invalid feeds were causing their item lists
to be erased when they were updated. (Nathan Conrad)
* Fixed bug that may crash the program when the libxml2 error
output displayed in the feed description contains invalid
Unicode characters. This was reported by Yanko Kaneti.
(Lars Lindner)
* Fixed bug with incorrect HTML in the condensed mode.
(Jack Lecou)
* Fixed the missing scrolling reset when you display items
with Mozilla (Lars Lindner)
* Fixed a popup menu problems with gtkhtml2, which did not
always show the correct menu reported by hakon_g.
(Lars Lindner)
This script blocks advertising banners on the Web.
Unlike most other similar solutions, BannerFilter does more than simply
block advertising graphics. It also blocks advertising frames on a few
sites, and automatically closes pop-up windows.
- lock icon and certificate spoof with onunload document.write
(Bugzilla#253121)
- Malicious certificates can permanently break HTTPS/SSL (Bugzilla#249004)
Support for Solaris x86 is not available due to lack of a precompiled
binary at this point of time.
Changes since 7.53:
Security
* Denied write-access to properties on objects from scripts that
fail a standard origin check, in order to block potential access
by attackers to user's computer. Fixes critical vulnerability
reported in GreyMagic Security Advisory GM#008-OP.
* Fixed security issue regarding spoofing of the addressfield by
loading other page contents while keeping the URL, reported in
Secunia Advisory SA12162.
* Blocked access to file:/ URLs from documents that are not themselves
loaded from file:/ URLs.
Miscellaneous
* Fixed problem with canceling connections/downloads.
* Cache-size limitation improved.
