This relase contains fix for CVE-2012-6112(TinyMCE), too.
Version 3.0.4 (2013-02-14)
--------------------------
### Fixed
Correctly split the words when adding to the search index (see #5363).
### Fixed
If an eagerly loaded relation does not exist, return `null` instead of an empty
model in `Model::getRelated()` (see #5356).
### Fixed
Throw an exception if the file system and the database are out of sync and
show a meaningful error message (see #5101).
### Fixed
Return an associative array in `Model_Collection::fetchEach()` if the requested
field is **not** `id` (see #5134).
### Fixed
Make eagerly loaded "pageTree" fields mandatory again (see #4866).
### Fixed
Do not use forward pages as upper page in the book navigation (see #5074).
### Fixed
Correctly show the "empty news list" note (see #5304).
### Fixed
Correctly sort values by an external order field (see #5322).
### Fixed
Define the login status constants in the back end (see #4099, #5279).
### Fixed
Make sure the drag'n'drop hints do not overlay the field labels (see #5338).
### Fixed
Apply the color picker to single fields as well (see #5240).
### Fixed
Correctly close the SimpleModal overlay with the escape key (see #5297).
### Updated
Update TinyMCE to version 3.5.8 (see #5273).
### Fixed
Correctly check for nested arrays in `Widget::isValidOption()` (see #5328).
### Fixed
Preserve the order of multi source fields when exporting a theme (see #5237).
### Fixed
Also check whether the target exists when creating new folders (see #5260).
### Fixed
Load the core `autoload.php` files first (see #5261).
### Fixed
Support `null` as column default value in the DCA (see #5252).
### New
Added the `$blnDoNotCreate` option to the `Files` class, which makes the class
write to a temporary file first and then move it to its destination in one
atomic operation. This fixes some cache issues (see #5307).
### Fixed
Handle `@` blocks when importing style sheets (see #5250).
### Fixed
Show the newsletter list even if there is no jumpTo page configured in the
channel and show the enclosures in the newsletter reader (see #5233).
### Fixed
Added an option to load model relations uncached (see #5248, #5102). Also fixed
the `array_merge()` order so the default options can be overriden.
### Updated
Updated SimplePie to version 1.3.1 (see #5207).
### Updated
Updated SwiftMailer to version 4.3.0 (see #5263).
### Fixed
The jQuery accordion script did not work with minified markup (see #5245).
### Fixed
Removed the "spaceToUnderscore" option from all alias fields (see #5266).
### Fixed
The media content element now supports .ogg files (see #5282).
### Fixed
Do not rewrite requests for .mp3, .mp4, .webm or .ogv files (see #5258, #5284).
### Fixed
Correctly determin the last run of the command scheduler (see #5278).
### Fixed
Make the jQuery accordion behave like the MooTools version (see #5251).
### Fixed
Added support for more advanced media queries (see #5236).
### Fixed
Added the missing `UserGroupModel` class (see #5218).
### Fixed
Handle the case that `glob()` returns `false` (see #5226).
### Fixed
The table sorter did not work if jQuery and MooTools were active (see #5228).
### Fixed
Copy all content elements if pages are duplicated with childs (see #5241).
### Fixed
Added lazy template loading for newsletter mail templates.
The only significant packaging change is to drop the dependency on
py-subversion. It's still needed to use subversion repositories, but
use of svn is now optional.
Update provided by Martin Resnick of BBN, with minor tweaks by me.
Trac 1.0 'Cell' (September 7, 2012)
http://svn.edgewall.org/repos/trac/tags/trac-1.0
Trac 1.0 is a major release adding refreshed user interface and
improved DVCS repository support as the most visible changes.
The following list contains only a few highlights:
- The default theme looks more modern, especially on recent browsers
(no effort has been made to make it look better on older browsers
like IE6 or 7)
- The TracHacks GitPlugin has been donated by Herbert Valerio Riedel
to the Trac project (many thanks!) and is now maintained here as an
optional component
- As a consequence, the Subversion support has been moved below
`tracopt.versioncontrol` as well
- The Git and Mercurial log view feature a visualization of the
branching structure
- Usability improvements for the tickets, with a better support for
conflict detection and resolution
- Integration of the TracHacks BatchModifyPlugin, contributed by
Brian Meeker (many thanks!) and is now maintained there as a
default component
- jQuery/UI integration, featuring a date picker for date fields
- Improved integration with Pygments syntax highlighting
- ... and numerous smaller features added and bugs fixed since 0.12!
= Changelog
== Version 3.0.1 - 2013-02-06
* Switch to using puma for the webserver
* Switch to using simplecov for coverage testing
* Update all gem dependencies
* Update to fixme project template
* Convert to minitest
== Version 2.1.0 - 2011-03-17
* Update to Launchy 1.0.0
* Update to Thin 1.2.8
Puma: A Ruby Web Server Built For Concurrency
Puma is a simple, fast, and highly concurrent HTTP 1.1 server for Ruby web
applications. It can be used with any application that supports Rack, and is
considered the replacement for Webrick and Mongrel. It was designed to be the
go-to server for Rubinius, but also works well with JRuby and MRI. Puma is
intended for use in both development and production environments.
= Contributed Plugins and Utilities
This package includes a variety of add-on components for Padrino Framework:
* exception_notifier - Send errors through mail or/and to redmine
* auto_locale - Switch for you automatically the I18n.locale
* flash_session - Middleware that help you in passing your
session in the URI, when it should be in the
cookie.
* orm_ar_permalink - Generate permalink for a specified column on
ActiveRecord
* orm_ar_permalink_i18n - Generate permalink for a specified multi
language column(s) on ActiveRecord
* orm_ar_translate - Translate for you your ActiveRecord columns
* orm_mm_permalink - Generate permalink for a specified column on
MongoMapper
* orm_mm_search - Full text search in MongoMapper in specified
columns
* helpers_assets_compressor - Joins and compress your js/css with
yui-compressor
Opera 12.14 is a recommended upgrade offering security and stability enhancements.
Fixes and Stability Enhancements since Opera 12.13
General and User Interface
* Update addresses a re-occuring crash, allowing users to update two or more
extensions at one time.
* htmlscrubber: Allow the bitcoin URI scheme.
* htmlscrubber: Allow the URI schemes of major VCS's.
* aggregate: When run with --aggregate, if an aggregation is already
running, don't go on and --refresh.
* trail: Avoid excess dependencies between pages in the trail
and the page defining the trail. Thanks, smcv.
* opendiscussion: Don't allow editing discussion pages if discussion pages
are disabled. (smcv)
* poll: Add expandable option to allow users to easily add new choices to
a poll.
* trail: Avoid massive slowdown caused by pagetemplate hook when displaying
dynamic cgi pages, which cannot use trail anyway.
* Deal with empty diffurl in configuration.
* cvs: Various fixes. (schmonz)
* highlight: Now adds a span with class highlight-<extension> around
highlighted content, allowing for language-specific css styling.
* Allowing railtie and compressor to honor config settings for sass.style and
assets.css_compressor with default values if not otherwise set. This allows
assets.css_compressor = :yui to actually work!
3.2.5
* Fix a bug where bogus @extend warnings were being generated.
* Fix an @import bug on Windows. Thanks to Darryl Miles.
* Ruby 2.0.0-preview compatibility. Thanks to Eric Saxby.
* Fix incorrect line numbering when using DOS line endings with the indented
syntax.
3.2.4
* Fix imports from .jar files in JRuby. Thanks to Alex Hvostov.
* Allow comments within @import statements in SCSS.
* Fix a parsing performance bug where long decimals would occasionally take
many minutes to parse.
## 2.2.1 (08 February 2013)
- Updated to jQuery 1.9.1
- Updated to latest jquery-ujs
## 2.2.0 (19 January 2012)
- Updated to jQuery 1.9.0
- Updated to latest jquery-ujs
= Application Extensions and Helpers (padrino-helpers)
=== Overview
This component provides a great deal of view helpers related to html markup
generation.
There are helpers for generating tags, forms, links, images, and more. Most of
the basic methods should be very familiar to anyone who has used rails view
helpers.
= Simple Mailer Support (padrino-mailer)
=== Overview
This component creates an easy and intuitive interface for delivering email
within a Sinatra application. The mail library is utilized to do the bulk of
the work. There is full support for rendering email templates, using an html
content type and for file attachments.
The Padrino Mailer uses a familiar Sinatra syntax similar to that of defining
routes for a controller.
= Admin Dashboard and Authentication (padrino-admin)
=== Overview
Padrino has a beautiful Admin management dashboard with these features:
Orm Agnostic::Data Adapters for Datamapper, Activerecord, Sequel, Mongomapper,
Mongoid, Couchrest.
Template Agnostic:: Erb, Erubis and Haml Renderer.
Authentication:: Support for Account authentication, Account Permission
managment.
Scaffold:: You can simply create a new "admin interface" by providing a Model.
Access Control:: Supports authentication and role permissions for your
application.
= Agnostic Application Generators (padrino-gen)
=== Overview
Padrino comes preloaded with flexible code generators powered in part by the
excellent Thor gem (incidentally also used in the Rails 3 generators).
These generators are intended to allow for easy code generation both in
creating new applications and building on existing ones.
The generators have been built to be as library agnostic as possible,
supporting a myriad of test frameworks, js libraries, mocking libraries, etc.
= Painless Page and Fragment Caching (padrino-cache)
== Overview
This component enables caching of an application's response contents on
both page- and fragment-levels. Output cached in this manner is persisted,
until it expires or is actively expired, in a configurable store of your
choosing. Several common caching stores are supported out of the box.
= Padrino (padrino-core)
Padrino is the godfather of Sinatra.
== Preface
Padrino is a ruby framework built upon the excellent Sinatra Microframework
[http://www.sinatrarb.com].
Sinatra is a DSL for creating simple web applications in Ruby with speed and
minimal effort.
This framework tries hard to make it as fun and easy as possible to code much
more advanced web applications by building upon the Sinatra philosophies and
foundation.
UrlMount is a universal mount point designed for use in rack applications.
It provides a simple way to pass a url mounting point to the mounted
application.
This means that when you mount an application in the url space, it's a simple
call to url to get the mount point of where the application is.
# rack-rewrite
A rack middleware for defining and applying rewrite rules. In many cases you
can get away with rack-rewrite instead of writing Apache mod_rewrite rules.
Collection of common Sinatra extensions, semi-officially supported.
# Goals
* For every future Sinatra release, have at least one fully compatible release
* High code quality, high test coverage
* Include plugins people usually ask for a lot
= 1.3.4 / 2012-01-26
* Improve documentation. (Kashyap, Stanislav Chistenko, Konstantin Haase,
ymmtmsys, Anurag Priyam)
* Adjustments to template system to work with Tilt edge. (Konstantin Haase)
* Fix streaming with latest Rack release. (Konstantin Haase)
* Fix default content type for Sinatra::Response with latest Rack release.
(Konstantin Haase)
* Fix regression where + was no longer treated like space. (Ross Boucher)
* Status, headers and body will be set correctly in an after filter when using
halt in a before filter or route. (Konstantin Haase)
# HTTP Router
## What is it?
This is an HTTP router for use in either a web framework, or on it's own using
Rack. It takes a set of routes and attempts to find the best match for
it. Take a look at the examples directory for how you'd use it in the Rack
context.
## Features
* Ordered route resolution.
* Supports variables, and globbing, both named and unnamed.
* Regex support for variables.
* Request condition support.
* Partial matches.
* Supports interstitial variables (e.g.
/my-:variable-brings.all.the.boys/yard) and unnamed variable /one/:/two
* Very fast and small code base (~1,000 loc).
* Sinatra via https://github.com/joshbuddy/http_router_sinatra
Fixed in 7.29.0 - February 6 2013
Release contains security-related bug fix
(already fixed in pkgsrc)
Changes:
test: offer "automake" output and check for perl better
always-multi: always use non-blocking internals
imap: Added support for sasl digest-md5 authentication
imap: Added support for sasl cram-md5 authentication
imap: Added support for sasl ntlm authentication
imap: Added support for sasl login authentication
imap: Added support for sasl plain text authentication
imap: Added support for login disabled server capability
mk-ca-bundle: add -f, support passing to stdout and more
writeout: -w now supports remote_ip/port and local_ip/port
Bugfixes:
SECURITY ADVISORY: SASL buffer overflow vulnerability
nss: prevent NSS from crashing on client auth hook failure
darwinssl: Fixed inability to disable peer verification on Snow Leopard and Lion
curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE
SCP: relative path didn't work as documented
setup_once.h: HP-UX issue workaround
configure: fix cross pkg-config detection
runtests: Do not add undefined values to @INC
build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag
multi: fix re-sending request on early connection close
HTTP: remove stray CRLF in chunk-encoded content-free request bodies
build: fix AIX compilation and usage of events/revents
VC Makefiles: add missing hostcheck
nss: clear session cache if a client certificate from file is used
nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
fix HTTP CONNECT tunnel establishment upon delayed response
--libcurl: fix for non-zero default options
FTP: reject illegal port numbers in EPSV 229 responses
build: use per-target '_CPPFLAGS' for those currently using default
configure: fix automake 1.13 compatibility
curl: ignore SIGPIPE
pop3: Added support for non-blocking SSL upgrade
pop3: Fixed default authentication detection
imap: Fixed usernames and passwords that contain escape characters
packages/DOS/common.dj: remove COFF debug info generation
imap/pop3/smtp: Fixed failure detection during TLS upgrade
pop3: Fixed no known authentication mechanism when fallback is required
formadd: reject trying to read a directory where a file is expected
formpost: support quotes, commas and semicolon in file names
docs: update the comments about loading CA certs with NSS
docs: fix typos in man pages
darwinssl: Fix bug where packets were sometimes transmitted twice
winbuild: include version info for .dll .exe
schannel: Removed extended error connection setup flag
VMS: fix and generate the VMS build config
The most important of these new features are:
* SQL Database logging helper
* Time-Quota session helper
* SSL-Bump Server First
* Server Certificate Mimic
* Custom HTTP request headers
