the exact names of the freebl libraries depends on the platform and they
have a habit of changing even on minor releases. This causes these mozilla
packages to be broken quite a lot on platforms other than NetBSD/i386.
Hopefully this fix will last longer than previous ones. pkgrevision bumps
all around.
Changes to squid-2.6.STABLE10 (Mar 4 2007)
- Upgrade HTTP/0.9 responses to our HTTP version (HTTP/1.0)
- various diskd bugfixes
- In the access.log hierarchy field log the unique peer name
instead of the host name
- unlinkdClose() should be called after (not before) storeDirSync()
- CLEAN_BUF_SZ was defined, but never used anywhere
- logging HTTP-request size
- Fix icmp pinger communication on FreeBSD and other not supporing
large dgram AF_UNIX sockets
- Release objects on swapin failure
- Bug #1787: Objects stuck in cache if origin server clock in future
- Bug #1420: 302 responses with an Expires header is always cached
- Primitive support for HTTP/1.1 chunked encoding, working around
broken servers
- Clean up relations between TCP probing and DNS checks of peers with
no known addresses.
- Fix a minor HTML coding error in ftp directory listings with // in
the path
- Bug #1875, #1420. Cleanup of refresh logics when dealing with
non-refreshable content
- Negotiate authentication fixed again. Broken since STABLE7 by the
patch for Bug #1792.
- Bug #1892: COSS tries to shut down the same directory twice on exit
- Bug #1908: store*DirRebuildFromSwapLog() ignores some SWAP_LOG_DEL
entries
- Added support for Subversion HTTP request methods MKACTIVITY,
CHECKOUT and MERGE.
* Updated PCRE to version 7.0.
* Fixed segfault in ext/session when register_globals=On.
* Fixed (segfault in cURL extension).
* Fixed (possible cURL memory error).
* Fixed (imagettftext() multithreading issue).
* Fixed (ext/interbase compile failure).
* Fixed (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when parent is killed).
4.4.5
# Upgraded PEAR to 1.5.0.
# Updated PCRE to version 6.7.
# Moved extensions to PECL: ext/ovrimos
# Added a meta tag to phpinfo() output to prevent search engines from indexing the page.
# Backported a fix in the configure tests to detect the "rounding fuzz".
# Backported fix for ext/imap compilation failure with recent c-client versions.
# Fixed missing open_basedir check inside chdir() function.
# Fixed (Compile fails when using GCC 4.1.1/binutils 2.17).
# Fixed (pg_insert/pg_update do not allow now() to be used for timestamp fields).
# Fixed (using autoconf 2.6x and --with-layout=GNU breaks PEAR install path).
# Fixed (Using $this not in object context can cause segfaults).
# Fixed (ext/dba doesn't check for db-4.5 and db-4.4 when db4 support is enabled).
# Fixed (ftp_put() does not change transfer mode to ASCII).
# Fixed (ftp_nlist() returns false on empty dirs).
# Fixed (Allow building of curl extension against libcurl 7.16.0).
# Fixed (curl_exec() with return transfer returns TRUE on empty files).
# Fixed (Fixed a possible open_basedir bypass in tempnam()).
# Fixed (ldap_connect causes segfault with newer versions of OpenLDAP).
# Fixed (parse_url() fails if passing '@' in passwd).
# Fixed (Calling undefined method prints insufficient error message).
# Fixed (segfault when calling setlocale() in userspace session handler).
# Fixed (constructor is not called for classes used in userspace stream wrappers).
# Fixed (wddx_serialize_value() generates no wellformed xml).
# Fixed (aggregate_methods_by_list fails to take certain methods).
# Fixed (natcasesort() causes array_pop() to misbehave).
# Fixed (CURLOPT_HEADERFUNCTION, couldn't set the function in the class).
# Fixed (recursive array_walk causes segfault).
2006-03-12 Mattias Holmlund
Version 0.7
Add NoUpdate option.
Remove Verbose output for HEAD requests.
2005-05-30 Mattias Holmlund
Version 0.6
Handle invalid cache-directories.
Create the cache directory if it doesn't exist.
Store the headers Content-Type, Content-Length, Content-Encoding,
Content-Range and Last-Modified in the cache and restore them
when returning a cached response.
Fix bug in ETag cache handling.
1.4 Sun Nov 7 09:30:29 GMT 2004
- More fixes from the fantastic Mr Thurn
1.3 Fri Oct 15 16:24:47 BST 2004
- Fixes from Martin Thurn
1.2 Wed Sep 8 16:32:28 BST 2004
- Fix UK template layout
1.1 Wed Jun 2 09:57:59 BST 2004
- Changes to US template layout
1.0 Tue Dec 16 14:55:15 2003
- switch to using Template::Extract
- add more fields
- cleanup
0.9 Tue Feb 11 12:30:16 2003
- set User Agent again to fix weirdness
- ASIN format has changed
0.85 Fri Oct 25 17:43:12 2002
- Fix some minor bugs
0.8 Mon Aug 36 10:25:33 2002
- Amazon changed the layout of their .com pages
so this heroic patch from the mysteriously
named Artimage fixes it. Actually he fixed it ages
ago it's just I was too slack to apply it and figure out
some stuff.
0.7 Wed Feb 27 13:10:56 2002
- there was some cruft creeping in if it was a DVD.
All fixed now :)
0.66 Tue Dec 18 17:28:54 2001
- fixed mistake in amazonwish documentation about where
your settings are saved.
[Changes for 0.40 - 2005-09-17]
* Support for capturing matched regular expressions into variables,
Contributed by "woremacx". For example, this captures an nonempty
header text into the "heading" variable:
<h2>[% heading =~ /((?!<\/h2).+?)/ %]</h2>
[Changes for 0.39 - 2005-07-15]
* Allow passing Template::Parser options directly into
Template::Extract->new(). Suggested by brian d foy.
* Factored out the parser into Template::Extract::Parser to
allow use of alternate parsers with the PARSE_CLASS class method.
[Changes for 0.38 - 2004-10-25]
* Fix test failure with pre-5.8.4's regex optimizer.
Reported by CPAN testers.
[Changes for 0.37 - 2004-10-20]
* Move under SVK for version management.
* If the template ends with a capturing variable, make it
greedy instead of nongreedy, so it won't always match the
empty string. Reported by LTJake on IRC.
[Changes for 0.36 - 2004-02-16]
* Separate the compilation and run parts into two
modules, for ease of deployment (::Run may be put
on a machine without TT2) and marginally faster
execution. Suggested by Bruno De Fraine.
[Changes for 0.35 - 2004-01-09]
* Fixes regression caused by newer TT2 versions,
which adds the extra "#line" directives into the
regular expressions. Spotted by Yi-Ming Cao
and Sam Smith.
* Implement suggestion from Luis Oliveira: embedded
non-capturing regexes, such as [% /\s*/ %].
* Add implicit optional newlines around [% FOREACH %]
blocks, so it can intuitively work.
[Changes for 0.33 - 2003-12-13]
* Adds MANIFEST.SKIP that takes care of Module::Build
files, so older versions of Module::Build/MakeMaker
won't trip Module::Signature over. Thanks to CPAN
smoker Jost Krieger for the report.
[Changes for 0.32 - 2003-12-13]
* Improved build intrastructure, suggested by Mark Fowler,
to automatically check and download nmake.exe on Windows,
as well as supporting a Module::Build-compatible Build.PL.
* Clarify documents; add links to Simon and Mark's articles.
[Changes for 0.31 - 2003-10-21]
* New flag $EXACT to control whether partial documents
should match. (defaults to 0 for backward compatibility)
* Tatsuhiko Miyagawa pointed out that [% FOREACH %] blocks
fail to match prematurely because it can match zero times.
Now outermost foreach blocks must match at least once.
[Changes for 0.30 - 2003-10-20]
* This module is no longer experimental. :)
* Russell Matbouli reports that extract did not properly
set \%values. Fixed.
* [% SET key = "value" %] now works inside FOREACHs.
* [% SET nested.key = "value" %] now works.
* Much more robust validating code inside FOREACHs.
* Refactored the common context walking code from "get",
"set" and "validate" into _ext, and improved readability.
#------------------------------------------------------------------------
# Version 2.15 - 26th May 2006
#------------------------------------------------------------------------
Chomping Options
----------------
* Added the CHOMP_GREEDY option and '~' chomping flag. Changed
CHOMP_COLLAPSE to greedily chomp all whitespace (including multiple
newlines) and replace it with a single space. Previously it only
chomped one line. Renamed the CHOMP_ALL option to CHOMP_ONE which
makes more sense. CHOMP_ALL is still provided as an alias for
CHOMP_ONE for backwards compatibility. Thanks to Paul Seamons for
doing all the hard work on this.
http://tt2.org/pipermail/templates/2006-February/thread.html#8354
* Added code to the replace text virtual method to use a faster and
simpler implementation if the replacement text doesn't contain any
back references. Thanks to Josh Rosenbaum for all his efforts on
this.
http://tt2.org/pipermail/templates/2006-February/008344.html
Stash
-----
* Changed various tests for private/hidden variables (starting '_'
or '.') to use a regex defined in the $PRIVATE package variable in
Template::Stash. This can be redefined or undefined. Note that
the XS Stash only looks to see if $PRIVATE is defined or not, and
currently hard-codes the regex.
Plugins
-------
* Changed the Image plugin tag() method to call the name() method
instead of accessing the name directly, making it easier for
subclasses to provide an alternate name. Thanks to Cees Hek for
his patch.
http://tt2.org/pipermail/templates/2006-February/008423.html
* Change the AUTOLOAD regex in the Table plugin to be more robust.
http://tt2.org/pipermail/templates/2006-May/008602.html
Documentation
-------------
* Added the Template::Toolkit documentation pointing people to
the right place.
* Updated the Template::Stash::XS documentation to remove the
"experimental" description and tidy things up a bit.
0.52, released Jan 22, 2007
Belatedly update the SVN::Web installation to note that Subversion
1.4.0 or above is now required to use SVN::Web.
0.51, released Jan 15, 2007
C<reposparent> functionality was inadvertently broken in 0.50. This
release fixes that. This was rt#24377 reported by Christoph Buescher
<Christoph.Buescher@fiducia.de>.
0.50, released Jan 12, 2007
SVN::Web now supports accessing repositories that are B<not> on the same
host as the SVN::Web installation. Repositories can be accessed using
the I<file:///>, I<http://>, and I<svn://> protocols.
A mechanism for configuring which actions are available on each page has
been introduced. See L<SVN::Web/"Action menu configuration"> for more.
A new action, L<SVN::Web::Blame> has been introduced. This generates
output that shows the Subversion annotation/blame information for a
file.
Diff output (from L<SVN::Web::Diff> and L<SVN::Web::Revision>) is now
generated by Subversion, rather than SVN::Web. This makes diff
generation much faster, and much less memory intensive. However, it
has meant that the I<context> option is no longer available.
There are several small tweaks to the diff and revision output.
Refactoring and rewriting has meant that L<Digest::MD5>, L<Text::Diff>,
and L<Text::Diff::HTML> are no longer prequisites.
A bug has been fixed in RSS generation. The contents of the
<description> element are now wrapped in CDATA markers to ensure that
any embedded markup is preserved.
There is now support for keeping localisation files in arbitrary
directories, configured by the C<language_dirs> configuration option.
This makes it simpler to maintain your own localisation files outside
of SVN::Web, and makes it easier to integrate third party actions in
to an SVN::Web installation.
See L<SVN::Web/Languages> and L<SVN::Web::I18N> for more details.
The Template::Toolkit C<log_msg> meta-filter has been replaced with a
Template::Toolkit MACRO, defined in F<_log_msg>. The effect is the
same, but this approach affords more flexibility (e.g., having
different log message filters per repository).
The log template now supports rudimentary 'paging' through the log
messages. I<Proper> paging support requires new functionality in
Subversion. Selecting the number of log messages to show per page
is also more straightforward.
L<SVN::Web::Revision> supports a C<max_diff_size> configuration option
to cope with revisions which may generate huge diffs.
The configuration file (F<config.yaml>) must contain a C<version> key,
otherwise a fatal error is generated.
Most extraneous whitespace is now removed from the templates when output
is being produced.
Documentation bug rt#22282, reported by Andrew Sterling Hanenkamp
<sterling@hanenkamp.com>, has been fixed.
0.49, released Aug 23, 2006
SVN::Web now properly supports Apache 2 / mod_perl 2. In addition, the
test suite contains tests that work under Apache 2, and ensure that
future changes should not introduce regressions in this functionality.
File::Spec is now used when constructing filesystem paths, instead of
assuming that the directory separator is F</>. This should allow the
use of native paths on Windows, e.g. F<< C:\path\to\svnweb >>.
A bug in the mod_perl handler meant that the [% script %] directive
wasn't generating fully qualified links. This resulted in links in
the RSS feed being relative. This is now fixed. Reported by
Dietrich Streifert <dietrich.streifert@visionet.de>.
When testing the generated F<httpd.conf> includes an explicit
C<ServerName> directive, removing a warning on some hosts. Reported
in rt#20170 by <fiajro@cy.ath.cx>.
Set permissions on the temporary directories when running tests as
root. Otherwise they fail. Reported in rt#20170 by
<fiajro@cy.ath.cx>.
Fix a bug encounted on Solaris. SVN::Core::time_from_cstring() was
returning negative numbers.
The questions that are asked when running C<< perl Build.PL >> can now
be answered and/or skipped by passing command line options to F<Build.PL>.
Run C<< perldoc Build.PL >> for the documentation options.
Paths to Apache modules are no longer hardcoded in F<conf/httpd.tt>.
C<apxs> is used to retrieve the value of the Apache library directory.
In addition, the name of the mod_perl .so file is now configurable, as
different systems call it different things.
Included documentation on using SVN::Web with the IIS web server.
Submitted by Tom Hukins <tom@eborcom.com> in rt#20341.
A bug in the author's testing environment meant that 0.48 shipped with
templates that generated HTML that was not strictly valid. This, and
the templates, have been fixed.
0.48, released Jun 28, 2006
The interface localisation can now be selected. The interface has always
been localised, but the mechanism for choosing it has been badly exposed.
SVN::Web now supports two configuration options (C<languages> and
C<default_language>) to specify the language selection.
In addition, the available configured languages are also exposed through
the (C<trac>) user interface, and the user can choose from the list of
available localisation. Their choice is saved in a cookie.
Generation of RSS feeds is now done using a template, instead of using
L<XML::RSS>. This removes a dependency on XML:RSS, and should make it
easier to customise the content of the RSS feed should you desire.
This fixes rt#18169, reported by Mike Ellery <mikee@s2technologies.com>.
RSS feeds are now autodiscoverable in modern browsers.
The formatting of timestamps is now configurable using
L<POSIX/strftime>. You can choose how timestamps are formatted, and
they can be displayed in UTC (the Subversion default), the server's
local timezone, or the timezone of your choice. See L<SVN::Web/"Time
and date formatting"> for details.
This fixes rt#18806, reported by Mike Ellery <mikee@s2technologies.com>.
Worked around a bug in Subversion where repository paths that were
specified with a tailing slash would trigger an assertion. This fixes
rt#19273, reported by Michael Schwern <MSCHWERN@cpan.org>.
Fixed a bug where the C<directory_umask> cache backend option was not being
treated as an octal number. This fixes rt#19272, reported by
Michael Schwern <MSCHWERN@cpan.org>.
The L<SVN::Web::Revision> action now show's the repository's youngest
revision if no C<rev> parameter is provided.
Fixed a bug in L<SVN::Web::Revision>. Revisions that contain files that
were copied from another file, modified, and then committed will now be
displayed properly instead of generating an error.
The documentation for L<SVN::Web> includes an example configuration for
Apache and FastCGI, contributed by Robert Spier <rspier@pobox.com>.
Made extensive changes to the test suite. Include tests that exercise
SVN::Web when running under C<svnweb-server>, as a CGI script, and as an
Apache mod_perl1 handler. These tests are optional -- the installer
is prompted at C<perl Build.PL> time whether to run these tests, and
to provide the information the tests need (such as the port to run on).
0.47, released May 6, 2006
Implement support for caching the results of the actions, using any of
the L<Cache::Cache> family of modules. In tests (see
F<t/benchmark.t>) this can yield a 20% or greater speed benefit. See
L<SVN::Web/"Data cache"> for details of how to enable the cache and
configure cache related options.
Support Subversion repo directories and files that have spaces or other
characters that should be URI escaped in their names. Fixes rt#19093,
reported by <gbloice@gmail.com>.
Commented out the references to L<Template::Plugin::Clickable> and
L<Template::Plugin::Clickable::Email> in the config file that is
generated by C<svnweb-install>. This stops log files filling up with
warnings if they're not present. The lines remain, commented out, as
a suggestion for users.
Improved the modperl2 support, fixing rt#19004, rt#18437, and rt#18346
(Garrison Hoffman <garrison@codefix.net>, <cpan@rickster.com>,
Thomas Nagel <me@thomasnagel.com>).
0.46, released Mar 9, 2006
Fixed a bug in C<svnweb-server>. The L<CGI> module is now always used
when running under this server, instead of L<CGI::Fast>. This should
fix problems if you are trying to use C<svnweb-server> on a host with
L<CGI::Fast> installed.
0.45, released Mar 8, 2006
Fixed a bug that broke mod_perl support.
0.44, released Mar 8, 2006
When browsing the repository the F<trac> templates now include age
of the file, expressed as {seconds, minutes, hours, days, weeks,
months, years} since the file was last modified.
The C<revision>, C<log>, C<view>, and C<rss> actions are much more
conservative with memory when processing commits that changed a large
number of files. Fixes rt#17359, reported by Dietrich Streifert
<dietrich.streifert@visionet.de>.
Included support for running under mod_perl2 as well as mod_perl1. Fixes
rt#17085 and rt#17350. Based on a patch from Garrison Hoffman
<garrison@codefix.net>.
Fixed a bug when running under mod_perl -- the HTTP headers were not
being sent. Some browsers could cope with this, others just displayed
the raw HTML. Reported by Dominic Mitchell <dom@happygiraffe.net>.
Entering a revision number that does not exist will now generate a
localised error message. Fixes rt#17822, reported by
<gk5885@kickstyle.net>
The L<SVN::Web::Revision> action will now not show diffs between
file revisions if either revision of the file has a non-text MIME type.
Fixes rt#17625, reported by Mike Ellery <mikee@s2technologies.com>.
Fixed some bugs in C<svnweb-server>. Option parsing works properly,
fixing rt#17347 (reported by <miyagawa@cpan.org>) and the
C<--net-server> option is now honoured.
C<svnweb-install> should now work if any directories in the install path
contain regexp metacharacters in the filename. Fixes rt#17282, reported by
<CORION@cpan.org>. It also emits warnings if copying files or making
directories during the install process fails, fixing rt#17283.
0.43, released Jan 25, 2006
Fix a syntax error in the config file generated by svnweb-install.
Fix the instructions and code for running under mod_perl.
When viewing an HTML diff, include a link to the plain text equivalent.
Showing diffs when viewing a revision is now optional, but defaults to on.
Require Exception::Class 1.22 or above. Versions below lack the necessary
C<caught()> syntax.
Improve the installation and configuration documentation.
Include C<svnweb-server>, a simple web server to make it easier for people
to get started with SVN::Web.
0.42, released Dec 16, 2005
Throw exceptions instead of die()ing on almost all errors. Catch the
exceptions and generate much friendlier error messages. Error messages
are now easy to localise.
When viewing a diff, the I<trac> templates show the two revision numbers
being compared, and include a link allowing the user to reverse the order
of the diff.
The syntax for specifying permitted actions, and the classes that implement
them, has changed. See L<UPDATING> for more information. This mechanism
also allows for easy configuration of per-action options.
A (partial) French localisation has been supplied by Cyril Brulebois.
Any C<svn:externals> properties that are set on a directory are now shown
when browsing that directory.
When viewing a file's revision log, you can now select two arbitrary
revisions and get a diff showing the changes between those revisions.
Fixes rt#15813.
If you only have one repository configured then the C<list> action can be
configured to immediately redirect to browsing that repository, saving the
user from having to click through an intermediate page. See L<SVN::Web::List>
for more information.
1.82 2007-02-21 by Alexandr Ciornii (alexchorny AT gmail.com)
- Slightly faster test skip
- 99semaphore.t and 99flex.t check for cygserver on Cygwin
- 99flex.t skips less tests in some cases
- 99flex.t checks for Digest::MD5, MIME::Base64
- Warning in Apache::Session::Lock::Semaphore about cygserver
- Makefile.PL requires File::Temp
- changed order of use/chdir in tests (RT#16539, from Andrew Benham)
Fixed in Firefox 1.5.0.10
MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
MFSA 2007-05 XSS and local file access by opening blocked popups
MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
MFSA 2007-03 Information disclosure through cache collisions
MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)
For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html
2.10 Sat Jul 15 20:50:41 EDT 2006
- minor bug fixed in HTML repair routines (thanks to Dave Gray)
2.09 Thu Jun 8 15:46:17 EDT 2006
- Tweaked rasterizer to handle some situations where the HTML is
broken but tables can still be inferred.
- Fixed TREE() definition for situations where import() is
not invoked. (thanks to DDICK on cpan.org)
MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
MFSA 2007-05 XSS and local file access by opening blocked popups
MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
MFSA 2007-03 Information disclosure through cache collisions
MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/
1.17 Wed May 3 16:52:03 EDT 2006
- new_from_tree() uses a better rasterizer now, properly
handling even more tortuous span issues. Thanks to Roland
Schar.
- Fixed as_XML rendering Thanks to Roger Crew.
1.16 Sat Feb 25 12:41:57 EST 2006
- Fixed new_from_tree() to handle (ignore) tbody, thead and
tfoot tags. Otherwise rows were ignored.
1.15 Fri Feb 24 15:34:13 EST 2006
- Fixed some scoping issues ('my' collisions)
- Fixed some undef issues running under -w (thanks to Carl
Franks)
and appears to currently be the latest "stable" Zope 3 version.
Discussed with package maintainer, Yoshito Komatsu, who sent me
some minor tweaks to my changes.
The part of Zope/doc/CHANGES.txt relevant for 3.3.0 -> 3.3.1 is:
Bugfixes
- Fixed widget bug in zope.app.form.browser; _getCurrentValue always
returns an input value now. This fixes a bug in _getFormValue.
(This required a backport of a small restructuring: Changed internal
widget API to allow retrieving the current value (from request,
default or current field value) in addition to the current form
representation of the value.)
- Fixed bug #707: "layer" directive was marked as deprecated in a
confusing way.
- Fixed bug #728: Able to change-dir into non-existant directories using
FTP
- Fixed bug #717: formlib raised FormError when schema fields were
missing from a request although not required.
- Fixed bug #738: RestrictedPython was unable to parse
Unicode expressions correctly (as passed in from e.g. ZPTPages).
- Fixed bug #723: Testbrowser was handling multiple submit buttons with
the same name incorrectly.
- Fixed HTML rendered by ItemsMultiDisplayWidget: The 'name' attribute
is not allowed in list tags and 'type' has a different meaning.
- Fileresources now also set the Cache-control headers on 304
responses. This speeds up page loads a lot on pages with many
resources.
- Fixed validate method of schema.Date, now it does not accept
datetime objects anymore. this is needed because datetime and
date values are not comparable
- Fixed issue 730: Subversion 1.4 breaks mkzopeinstance.py
- Fixed zope.annotation.factory to correctly setup containment for
objects that do not implement IContained.
- Fixed encoding of newlines, carriage returns, and tabs when
encoding attributes for widgets so we're consistent under all
Python 2.4.x versions (including 2.4.4, which failed tests before).
- Fixed issue 535: make HTTPInputStream work with Python 2.4.4.
- Improved fix for issue 599: Made sure i18n Message based Invalid
exceptions are handled correctly.
- Fixed a bug in getImageInfo which could cause an
UnboundLocalError under certain conditions.
- Fixed ``get/queryNextUtility`` to work with multiple base registries.
- Fixed zope.app.catalog.attribute.AttributeIndex. It did not
remove the the previous value/object from the index IF the NEW
value was None.
- Fixed zope.index.field.index.FieldIndex. Unindex broke if the value
somehow dropped out of the forward index.
Changes in 1.4.13:
* added initgroups in spawn-fcgi (#871)
* added apr1 support htpasswd in mod-auth (#870)
* added lighty.stat() to mod_magnet
* fixed segfault in splitted CRLF CRLF sequences
(introduced in 1.4.12) (#876)
* fixed compilation of LOCK support in mod-webdav
* fixed fragments in request-URLs (#869)
* fixed pkg-config check for lua5.1 on debian
* fixed Content-Length = 0 on HEAD requests without
a known Content-Length (#119)
* fixed mkdir() forcing 0700 (#884)
* fixed writev() on FreeBSD 4.x and older (#875)
* removed warning about a 404-error-handler
returned 404
* backported and fixed the buildsystem changes for
webdav locks
* fixed plugin loading so we can finally load lua
extensions in mod_magnet scripts
* fixed large uploads if xattr is enabled
Changes in 1.4.12:
* added experimental LOCK support for webdav
* added Content-Range support for PUT in webdav
* added support for += on empty arrays in config-files
* added ssl.cipher-list and ssl.use-sslv2
* added $HTTP["querystring"] conditional
* added mod_magnet as long-term replacement for mod_cml
* added work-around for a Opera Bug with SSL + Chunked-Encoding
* changed --print-config to print to stdout instead of stderr
* changed no longer use 0600 for new files with webdav. umask is
honored. Make sure you have set a proper umask.
* fixed upload hangs with SSL
* fixed connection drops with SSL (aka bad retry)
* fixed path traversal with \ on cygwin
* fixed mem-leak in mod_flv_streaming
* fixed required trailing newline in configfiles (#142)
* fixed quoting the autoconf files (#466)
* fixed empty Host: + $HTTP["host"] handling (#458)
* fixed handling of If-Modified-Since if ETag is not set
* fixed default-shell if SHELL is not set (#441)
* fixed appending and assigning of env.* vars
* fixed empty FCGI_STDERR packets
* fixed conditional server.allow-http-11
* fixed handling of follow-symlink + lstat()
* fixed SIGHUP handling if max-workers is used
* fixed "Software caused connection abort" messages on FreeBSD
In addition fix a nasty problem in LDAP auth when using with buggy
commercial servers. Some threat an empty password as anonymous bind
and would only fail on the first query, if that requires privileges.
Patch will be included with 1.4.14.
code is shared with psycopg1.
Include a small patch to make keyword mistakes in query args much
more obvious (from django svn). Other users might be as stupid as
the maintainer. Bump revision.
Changes:
* Fix gem deprecation warnings, which also means depending on RubyGems 0.9.0+
[Chad Fowler]
* Require the dispatcher for Rails::Configuration#to_prepare. [Rick]
2007-02-03 Hans de Graaff
* Checkbot 1.79 is released
* RELEASE-PROCESS: Add the release process documentation.
2007-01-27 Gerald Pfeifer
* checkbot (init_suppression): Check and provide error if
suppression file is in fact a directory.
2006-12-28 Hans de Graaff
* checkbot: Add summary to tables to make files XHTML 1.1 compliant.
2006-11-16 Hans de Graaff
* checkbot (handle_doc): Parse the decoded content so that all
character set issues are dealt with before parsing. This solves
bug 1264729.
2006-11-14 Hans de Graaff
* checkbot (performRequest): Simplify the code dealing with
problems of HEAD requests by retrying all 500 reponses instead of
special-cases particular failures that we happen to know
about. This type of problem is all to common, and if there really
is a problem GET will find it anyway.
(add_error): Allow regular expressions in the suppression
file. Based on patch from Eric Noack
2006-11-14 Eric Noack
* checkbot (send_mail): Indicate how many errors are detected in
the notification email's subject.
(handle_doc): Use the URL with which the document was received for
the problem reports and internal accounting, but keep on using the
proper base URL as defined by the reponse object when retrieving
links from the document. This fixes the case where a weird BASE
URL in a document could make it unclear where the actual problem
was.
2006-10-28 Hans de Graaff
* checkbot (performRequest): Handle case where an FTP server may
not be able to handle a HEAD request. This may cause a lot of data
to be transferred in those cases.
2006-05-03 Hans de Graaff
* Checkbot 1.78 is released
2005-12-18 Hans de Graaff
* checkbot (printServerProblems): Make pages XHTML compliant again.
2005-12-18 Jens Schweikhardt
* checkbot: Add classes and ids so that more styling options for
CSS are available.
* checkbot2.css: Example CSS file using the new classes and ids.
2005-11-11 Hans de Graaff
* checkbot: React in a more subtle way if the Time::Duration
module is not found.
2005-09-22 Hans de Graaff
* Makefile.PL: Check for presence of Net::SSL and explain the
effects if this it not present.
2005-08-20 Hans de Graaff
* checkbot (handle_doc): Ignore some 'links' found by LinkExtor
which do not need to link to live links. Fixed bugs #1264447 and
#1107832.
* test.html: Add test cases for it.
2005-08-06 Hans de Graaff
* checkbot (performRequest): Switch from HEAD to GET on a 400
error, as the most likely cause is that the server has trouble
with HEAD requests.
2005-08-05 Hans de Graaff
* checkbot (handle_doc): Also show how many new links are found on
a page, not just the total number of links.
(performRequest): Don't retry GET method on a 403 error.
(handle_doc): Properly handle newlines in the matches for title
and robots meta tag.
2005-07-28 Hans de Graaff
* Checkbot 1.77 is released.
* checkbot: Fix use of $VERSION so that it compiles and can be
used by MakeMaker at the same time.
(handle_doc): Check for presence of robots meta tag and act on it.
Based on a patch by Donald Willingham.
2005-07-25 Hans de Graaff
* Checkbot 1.76 is released.
2005-06-07 Hans de Graaff
* checkbot (printServerProblems): Include title of page.
(handle_doc): Extract title for later printing.
Add new hash url_title to store page titles.
Based on a patch from John Bintz.
2005-04-23 Hans de Graaff
* checkbot: Add documentation on use of file:/// URLs.
2005-01-23 Hans de Graaff
* checkbot: Only send mail when Checkbot has detected any
problems, based on suggestion from Thomas Kuerten.
Print duration of run on final report, and refactor use of start
time variable to facilitate this. Feature depends on availability
of Time::Duration, but checkbot will work without it. Based on
patch from Adam Griff.
2005-01-23 Adam Griff
* checkbot (create_page): Print out more options on results page.
2005-01-21 Hans de Graaff
* checkbot: Remove automatic version number based on CVS version
now that commits will be more frequent than releases.
2004-11-12 Hans de Graaff
* checkbot (handle_url): Ignore javascript: URLs instead of
generating a 904 error. It would be nice to handle these as well.
2004-05-26 Hans de Graaff
* Makefile.PL: Sync HTML::Parser requirement with required
versions of libwww-perl.
2004-05-03 Hans de Graaff
* checkbot: Write better documentation for --file option.
2004-04-26 Hans de Graaff
* checkbot: Minor documentation changes thank to Jens
Schweikhardt.
2007-01-30
cameron:
rc/patterns: exception for upload.wikimedia.org/wikipedia,
report from Mike Lawther 2007-01-24
cameron:
rc/patterns: another bluestreak.com pattern 2007-01-14
cameron:
rc/patterns: sitepoint.com popup 2007-01-05
cameron:
rc/patterns: another ad.yieldmanager.com pattern from Neal
Macklin 2007-01-02
cameron:
rc/patterns: cyber-knowledge.net ad 2006-12-22
cameron:
rc/patterns: sponsorads.de and info-ad.de 2006-12-17
cameron:
rc/patterns: another pattern for mail.com from Clem Jones
index.html: Reassure users about reporting to my personal
address; suggestion from Bill Trost. Mykefile: Tidy up
rebuild process. 2006-12-10
cameron:
rc/patterns: date.com ads 2006-11-22
cameron:
rc/patterns: exception for edubase.com.au from Khairul Faizi
2006-11-17
cameron:
rc/patterns: www.dumpanimage.com 2006-11-16
cameron:
rc/patterns: pennyweb.com ads 2006-11-14
cameron:
rc/patterns: xyz.freeweblogger.com counter 2006-11-12
cameron:
rc/patterns: widen adology pattern 2006-10-27
cameron:
rc/patterns: ads.addynamix.com pattern
extend adultfriendfinder.com/piclist ADJS pattern;
report from Mark Felder
2006-09-29
cameron:
rc/patterns: Refine doubleclick patterns.
pricegrabber ads
2006-09-09
cameron:
scripts/squid_redirect: Add "use bytes" to avoid UTF-8 encoding
complaints on report and diagnosis
from Mike Mitchell. Now regexps are
formally in an 8-bit encoding; we'll
pretend Latin-1 (ISO8859-1).
2006-09-03
cameron:
rc/patterns: www.technologyreview.com PRINT rule 2006-09-02
cameron:
rc/patterns: linkshare pattern widened
a new ad server adtology
2006-07-02
cameron:
rc/patterns: cisco.netacad.net exception from Bruno ROGER
www.splenda.com exception from Billy Newsom
images.blogads.com ads, report from Bill Trost
2006-07-01
cameron:
rc/patterns: private.com banner exception 2006-06-23
cameron:
rc/patterns: generic adserver.* pattern
drop https pattern
2006-06-10
cameron:
rc/patterns: smh.com.au ads 2006-06-01
cameron:
rc/patterns: totemcash.com ad
ads.adsonar.com
2006-05-29
cameron:
rc/patterns: google serves ad images! ouch! 2006-05-27
cameron:
scripts/squid_redirect: Re-enable the *TEXT classes. It
confused too many users. rc/patterns: in page iframe - ick
content.cpxinteractive.com ads widen
content.cpxinteractive.com pattern
2006-05-23
cameron:
rc/patterns: another counter 2006-05-21
cameron:
rc/patterns: another web bug 2006-05-20
cameron:
rc/patterns: tweak mediaplex image pattern
try https pattern for mediaplex
2006-05-19
cameron:
rc/patterns: another web counter 2006-05-16
cameron:
rc/patterns: internationalisation fix for switch.atdmt.com
signup links from Robert Backhaus 2006-05-08
cameron:
index.html: Add mention of BFilter to "other software".
2006-04-25
cameron:
index.html: Make it a little more clear that unzap and overzap
reports should come by email:-)
1.29 November 28, 2006
Require a minium of Module::Build 0.18 when using Apache::TestMB.
PR: 19513
[Philip M. Gollucci]
Teach Apache::TestClient to encode spaces(' ') in query string of URLs
as %20. This is not a full mapping of ASCII to URL encoding.
If you need this, install LWP -- then Apache-Test will use
LWP -- which does this for you.
[Philip M. Gollucci]
Allow Apache::TestClient which is used when LWP is not installed
to accept mutiple headers of the same name.
[Philip M. Gollucci]
Add t_start_error_log_watch() and t_finish_error_log_watch()
to the Apache::TestUtil API which are only exported unpon request.
[Torsten Foertsch <torsten.foertsch@gmx.net>]
Allow version variants of debuggers to be passed as arguments
to -debug. i.e. -debug=gdb65 for systems with multiple
versions of the same debugger. [Philip M. Gollucci]
On Win32, the Apache executable is called httpd.exe in Apache/2.2,
so let Apache::TestConfig try to find that if Apache.exe isn't
found [Randy Kobes]
force reconfiguration if existing configuration was generated
by an older version of Apache-Test [Geoffrey Young]
the -t_pid_file code resulted in confusing and fatal error message
for people using stale 1.27 configurations. so take steps to make
sure things continue to work. [Geoffrey Young]
1.20
[ENHANCEMENTS]
* Added new two-argument form of credentials() method.
$mech->credentials($username, $password);
That provides simpler visiting of password-protected
resources in the vast majority of cases and still
allows the other cases to be supported. (Peter Scott)
[BUG FIXES]
* autocheck no longer is triggered when informational
responses are returned. (Mark Stosberg)
[INTERNALS]
* test suite no longer fails when Test::Warn is missing.
(CPAN testers, Mark Stosberg)
* Removed all the testing against live sites. The networking
code is not actually in Mech anway, and they were prone to
breaking, as the live sites changed. (Mark Stosberg)
1.19_02 Mon Aug 7 23:57:56 CDT 2006
[ENHANCEMENTS]
* Add new Do-What-I-Mean submit_form() option.
$mech->submit_form(
with_fields => \%data
);
That expresses that you want to select the first form contains all
fields in \%data, and then submit the data to that form. See the docs
for form_with_fields() and submit_form() for details.
(Mark Stosberg, inspired by RT#6100)
[BUG FIXES]
* The behavior of clone() now copies over the cookie jar, which
is probably what you expected it did in the first place.
This fixes bug RT#13541 filed against Test::WWW::Mechanize,
which was using clone() internally. (Mark Stosberg)
* The correct URL is returned after redirecting. This a regression
from 1.04 and was reported as RT#9059, RT#12882, and RT#12786.
The documentation about this has also been clarified that we
return a URI object, but that it stringifies to the URI itself.
[DOCUMENTATION]
* Fixed a misleading parm in the constructor.
* Document the return value of set_visible (RT#6071, MJD,
Mark Stosberg)
* Document that form_name and form_number return an HTML::Form
object (Mark Stosberg)
[INTERNALS]
* Made lots of little cleanups based on Perl::Critic
* Fix Taint-mode warnings with Perl 5.6.1 (RT#16945)
3.23 Sun Nov 12 11:09:31 CST 2006
[THINGS THAT MAY BREAK YOUR CODE OR TESTS]
* Mark-Jason Dominus points out that the fix for as_html was not
proper, and broken behavior should never be codified. Fixed
as_html so an empty string doesn't encode entites, instead of
blaming the behavior on HTML::Entities. (RT 18571)
3.22 Sat Nov 11 21:23:22 CST 2006
[THINGS THAT MAY BREAK YOUR CODE OR TESTS]
* HTML::Element::as_XML now only escapes five characters, instead
of escaping everything but alphanumerics and spaces. This is
more in line with the XML spec, and will no longer escape wide
characters as two (or more) entities. Resolves RT 14260. Thanks
to Carl Franks and somewhere [at] confuzzled.lu for assistance.
[FIXES]
* A string comparison was commented to use lc() on both sides, but
didn't. This caused HTML::Element::look_down to not properly find
elements in certain cases. Thanks to Andrew Suhachov. (RT 21114)
[TESTS]
* Added several new tests and enhanced others. Thanks to Rocco
Caputo for t/attributes.t, and several others for providing
test cases in their RT bugs.
[DOCUMENTATION]
* Fixed description of HTML::Element::all_attr_names. Thanks
to dsteinbrunner [at] pobox.com for catching it.
* Fixed example code in HTML::Element::push_content. Thanks
to dsteinbrunner [at] pobox.com for catching it. (RT 21293)
* Fixed description of HTML::Element::as_HTML. Thanks to
Mark-Jason Dominus for catching it. (RT 18569)
3.21 Sun Aug 6 19:10:00 CDT 2006
[FIXES]
* Updated HTML::Parser requirement to 3.46 to fix a bug in
tag-rendering.t, noted in RT 20816 and 19796. Thanks to
Gordon Lack and Ricardo Signes
* Fixed HTML::TreeBuilder to not remove where it shouldn't,
using patch supplied in RT 17481. Thanks to Chris Madsen.
[DOCUMENTATION]
* HTML-Tree has a new maintainer: Pete Krawczyk
two issues. The PLIST was incorrect and since the PLIST is used by
the "moz-install" script, anything missing from the PLIST is never
installed even when building from source. When libfreebl* were not
installed it caused the clients to fail to load the security component
and fail with "The browser failed to load its security component".
The second issue is that many installations of solaris-2.9 include
various glib/gtk/gnome libraries in /usr/lib. This causes failures
because the pkgsrc ones were used at link time and the /usr/lib ones
at run time. Work around this by setting a LD_LIBRARY_PATH that includes
the pkgsrc lib directory first.
pkgrevision bumps all around.
Package info: scp support not enabled (libssh2 is not packaged).
Version 7.16.1 (29 January 2007)
Daniel (29 January 2007)
- Michael Wallner reported that when doing a CONNECT with a custom User-Agent
header, you got _two_ User-Agent headers in the CONNECT request...! Added
test case 287 to verify the fix.
Daniel (28 January 2007)
- curl_easy_reset() now resets the CA bundle path correctly.
- David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
platforms.
Daniel (25 January 2007)
- Added the --libcurl [file] option to curl. Append this option to any
ordinary curl command line, and you will get a libcurl-using source code
written to the file that does the equivalent operation of what your command
line operation does!
Dan F (24 January 2007)
- Fixed a dangling pointer problem that prevented the http_proxy environment
variable from being properly used in many cases (and caused test case 63
to fail).
Daniel (23 January 2007)
- David McCreedy did NTLM changes mainly for non-ASCII platforms:
#1
There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
defined. I noticed this while testing various configurations. Line 867 of
the current http_ntlm.c is a closing bracket for an if/else pair that only
gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket
wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
defined. Lines 198 and 140 of my patch wraps that closing bracket in an
#ifdef USE_NTLM2SESSION.
#2
I noticed several picky compiler warnings when DEBUG_ME is defined. I've
fixed them with casting. By the way, DEBUG_ME was a huge help in
understanding this code.
#3
Hopefully the last non-ASCII conversion patch for libcurl in a while. I
changed the "NTLMSSP" literal to hex since this signature must always be in
ASCII.
Conversion code was strategically added where necessary. And the
Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
creates are NOT translated on non-ASCII platforms.
Dan F (22 January 2007)
- Converted (most of) the test data files into genuine XML. A handful still
are not, due mainly to the lack of support for XML character entities
(e.g. & => & ). This will make it easier to validate test files using
tools like xmllint, as well as to edit and view them using XML tools.
Daniel (16 January 2007)
- Armel Asselin improved libcurl to behave a lot better when an easy handle
doing an FTP transfer is removed from a multi handle before completion. The
fix also fixed the "alive counter" to be correct on "premature removal" for
all protocols.
Dan F (16 January 2007)
- Fixed a small memory leak in tftp uploads discovered by curl's memory leak
detector. Also changed tftp downloads to URL-unescape the downloaded
file name.
Daniel (14 January 2007)
- David McCreedy provided libcurl changes for doing HTTP communication on
non-ASCII platforms. It does add some complexity, most notably with more
#ifdefs, but I want to see this supported added and I can't see how we can
add it without the extra stuff added.
- Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
libcurl would crash when trying to read a NULL pointer.
Daniel (12 January 2007)
- Toby Peterson found a nasty bug that prevented (lib)curl from properly
downloading (most) things that were larger than 4GB on 32 bit systems. Matt
Witherspoon helped as narrow down the problem.
Daniel (5 January 2007)
- Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
will make libcurl shutdown SSL/TLS after the authentication is done on a
FTP-SSL operation.
Daniel (4 January 2007)
- David McCreedy made changes to allow base64 encoding/decoding to work on
non-ASCII platforms.
Daniel (3 January 2007)
- Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
downloaded data in two buffers, just to be able to deal with a special HTTP
pipelining case. That is now only activated for pipelined transfers. In
Matt's case, it showed as a considerable performance difference,
Daniel (2 January 2007)
- Victor Snezhko helped us fix bug report #1603712
(http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
(CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
on Windows (since 7.16.0, but that's when they were introduced as previous
to that the limiting logic was made in the application only and not in the
library). It was actually also broken on select()-based systems (as apposed
to poll()) but we haven't had any such reports. We now use select(), Sleep()
or delay() properly to sleep a while without waiting for anything input or
output when the rate limiting is activated with the easy interface.
- Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
to get built static. It has been mentioned before and was again brought to
our attention by Nathanael Nerode who filed debian bug report #405226
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
Daniel (29 December 2006)
- Make curl_easy_duphandle() set the magic number in the new handle.
Daniel (22 December 2006)
- Robert Foreman provided a prime example snippet showing how libcurl would
get confused and not acknowledge the 'no_proxy' variable properly once it
had used the proxy and you re-used the same easy handle. I made sure the
proxy name is properly stored in the connect struct rather than the
sessionhandle/easy struct.
- David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
variable to point to when it should be a socklen_t.
- When setting a proxy with environment variables and (for example) running
'curl [URL]' with a URL without a protocol prefix, curl would not send a
correct request as it failed to add the protocol prefix.
Daniel (21 December 2006)
- Robson Braga Araujo reported bug #1618359
(http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
enters an infinite loop, while curl 7.16.1-20061218 does one additional
unnecessary request.
Fix: During the "Major overhaul introducing http pipelining support and
shared connection cache within the multi handle." change, headerbytecount
was moved to live in the Curl_transfer_keeper structure. But that structure
is reset in the Transfer method, losing the information that we had about
the header size. This patch moves it back to the connectdata struct.
Daniel (16 December 2006)
- Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
during certain conditions when GnuTLS is used.
Daniel (11 December 2006)
- Alexey Simak found out that when doing FTP with the multi interface and
something went wrong like it got a bad response code back from the server,
libcurl would leak memory. Added test case 538 to verify the fix.
I also noted that the connection would get cached in that case, which
doesn't make sense since it cannot be re-use when the authentication has
failed. I fixed that issue too at the same time, and also that the path
would be "remembered" in vain for cases where the connection was about to
get closed.
Daniel (6 December 2006)
- Sebastien Willemijns reported bug #1603712
(http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
getting cut off prematurely when --limit-rate is used. While I found no such
problems in my tests nor in my reading of the code, I found that the
--limit-rate code was severly flawed (since it was moved into the lib, since
7.15.5) when used with the easy interface and it didn't work as documented
so I reworked it somewhat and now it works for my tests.
Daniel (5 December 2006)
- Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
passing a curl_off_t argument to the Curl_read_rewind() function which takes
an size_t argument. Curl_read_rewind() also had debug code left in it and it
was put in a different source file with no good reason when only used from
one single spot.
- Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
no code present in the library that receives the option. Since it was not
possible to use, we know that no current users exist and thus we simply
removed it from the docs and made the code always use the default path of
the code.
- Jared Lundell filed bug report #1604956
(http://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
will always internally use no less than 1 entry in the connection cache.
- Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
the 7.16.0 release.
- Martin Skinner brought back bug report #1230118 to haunt us once again.
(http://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
properly for all input dates on Windows. It was mostly seen on some TZ time
zones using DST. Luckily, Martin also provided a fix.
- Alexey Simak filed bug report #1600447
(http://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
FTP connections don't work with the multi interface. The problem is here
that the multi interface state machine has a state during which it can wait
for the data connection to connect, but the active connection is not done in
the same step in the sequence as the passive one is so it doesn't quite work
for active. The active FTP code still use a blocking function to allow the
remote server to connect.
The fix (work-around is a better word) for this problem is to set the
boolean prematurely that the data connection is completed, so that the "wait
for connect" phase ends at once.
The proper fix, left for the future, is of course to make the active FTP
case to act in a non-blocking way too.
- Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
HTTP upload was disconnected:
"What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
setting *only* POLLHUP on poll() when the conditions in my previous mail
occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
basically what was happening, is poll() was returning immediately (with
POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
POLLOUT was set. This still caused Curl_readwrite() to be called, which
quickly returned. Then the transfer() loop kept continuing at full speed
forever."
Daniel (1 December 2006)
- Toon Verwaest reported that there are servers that send the Content-Range:
header in a third, not suppported by libcurl, format and we agreed that we
could make the parser more forgiving to accept all the three found
variations.
Daniel (25 November 2006)
- Venkat Akella found out that libcurl did not like HTTP responses that simply
responded with a single status line and no headers nor body. Starting now, a
HTTP response on a persistent connection (i.e not set to be closed after the
response has been taken care of) must have Content-Length or chunked
encoding set, or libcurl will simply assume that there is no body.
To my horror I learned that we had no less than 57(!) test cases that did bad
HTTP responses like this, and even the test http server (sws) responded badly
when queried by the test system if it is the test system. So although the
actual fix for the problem was tiny, going through all the newly failing test
cases got really painful and boring.
Daniel (24 November 2006)
- James Housley did lots of work and introduced SFTP downloads.
Daniel (13 November 2006)
- Ron in bug #1595348 (http://curl.haxx.se/bug/view.cgi?id=1595348) pointed
out a stack overwrite (and the corresponding fix) on 64bit Windows when
dealing with HTTP chunked encoding.
Daniel (9 November 2006)
- Nir Soffer updated libcurl.framework.make:
o fix symlinks, should link to Versions, not to ./Versions
o indentation improvments
- Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
2006. It turned out we wrongly assumed that the connection cache was present
when tearing down a connection.
- Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
multi interface, but I could also repeat it doing multiple sequential ones
with the easy interface. Using Ciprian's test case, I could fix it.
Daniel (8 November 2006)
- Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
SSL handshake. This is now stopped.
Daniel (7 November 2006)
- Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
wrong error message in the error message buffer.
Daniel (3 November 2006)
- Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
KNOWN_BUGS #25, which happens when a proxy closes the connection when
libcurl has sent CONNECT, as part of an authentication negotiation. Starting
now, libcurl will re-connect accordingly and continue the authentication as
it should.
Daniel (2 November 2006)
- James Housley brought support for SCP transfers, based on the libssh2 library
for the actual network protocol stuff.
Added these new curl_easy_setopt() options:
CURLOPT_SSH_AUTH_TYPES
CURLOPT_SSH_PUBLIC_KEYFILE
CURLOPT_SSH_PRIVATE_KEYFILE
2007-01-12 Gisle Aas
Release 3.56
Cloning of parser state for compatiblity with threads.
Fixed by Bo Lindbergh
Don't require whitespace between declaration tokens.
<http://rt.cpan.org/Ticket/Display.html?id=20864>
2006-07-10 Gisle Aas
Release 3.55
Treat <> at the end of document as text. Used to be
reported as a comment.
Improved Firefox compatiblity for bad HTML:
- Unclosed <script>, <style> are now treated as empty tags.
- Unclosed <textarea>, <xmp> and <plaintext> treat rest as text.
- Unclosed <title> closes at next tag.
Make <!a'b> a comment by itself.
to the old realplayer package; update to reflect this and make it work.
Remove an obsolete exec entry in the PLIST, the same function is already
performed in the do-install target.
Bump PKGREVISION.
pkgsrc changes: merge ap2-ruby to here.
mod_ruby-1.2.6 released
mod_ruby-1.2.6 is released.
Main changes from mod_ruby-1.2.5
- apache/rails-dispatcher.rb supports Rails 1.1.
- added guard conditionals around code that uses dconf to avoid SEGV. Thanks,
Michael Granger.
- fixes for Ruby 1.6.x.
- do not call downcase content_type, content_encoding, and content_lnaguages.
at 2006-06-15 13:32
mod_ruby-1.2.5 released
mod_ruby-1.2.5 is released.
Main changes from mod_ruby-1.2.4
- added RubyRestrictDirectives by David Garamond.
- added Apache::Request#all_params.
- set $0 correctly
- added Apache::RubyProfile.
- added RubyOption.
- added Apache::RailsDispatcher.
- supported Apache 2.2 thanks to Michael Sullivan.
- added RubyGcPerRequest.
- do not timeout if RubyTimeOut is 0.
at 2006-02-19 21:52
Changes since 1.1.6:
* Removed invocation of deprecated before_action and around_action filter
methods. Corresponding before_invocation and after_invocation methods
should be used instead.
* Provide access to the underlying SOAP driver.
* ActionWebService WSDL generation ignores HTTP_X_FORWARDED_HOST
* Tighten rescue clauses.
* Fixed XMLRPC multicall when one of the called methods returns a struct
object.
* Fix invoke_layered since api_method didn't declare :expects.
Changes to squid-2.6.STABLE9 (Jan 24 2007)
- Bug #1878: If-Modified-Since broken in 2.6.STABLE8
- Bug #1877 diskd bug in storeDiskdIOCallback()
Changes to squid-2.6.STABLE8 (Jan 21 2007)
- Bug #1873: authenticateNTLMFixErrorHeader: state 4.
- Document the https_port vhost option, useful in combination with
a wildcard certificate
- Document the existence of connection pinning / forwarding of NTLM
auth and a few other features overlooked in the release notes.
- Spelling correction of the ssl cache_peer option
- Add back the optional "accel" http_port option. Makes accelerator
mode configurations easier to read.
- Bug #1872: Date parsing error causing objects to get unexpectedly
cached.
- Cleanup to have the access.log tags autogenerated from enums.h
- Bug #1783: STALE: Entry's timestamp greater than check time. Clock
going backwards?
- Don't update object timestamps on a failed revalidation.
- Fix how ftp://user@host URLs is rendered when Squid is built with
leak checking enabled
A lot of changes since 1.3.3, including Unicode support and add-on modules
("shimbun").
NOTE:
I had to comment out w3m's "ucs_conv=1" option which is hard-coded in w3m.el,
so that w3m without unicode option also works with emacs-w3m. Do we want
w3m to always have its homegrown yet another Unicode mapping table?
% ls w3m.*
-rwxr-xr-x 1 uebayasi users 513186 Jan 27 20:46 w3m.no-unicode
-rwxr-xr-x 1 uebayasi users 1182323 Jan 27 20:48 w3m.unicode
Quanta Plus
* show Find in Files menu if KFileReplace is installed
* fix various crashes in the debugger
* fix crash when editing a >style> CSS area
* use the correct encoding in the file dialogs
* don't lose upload profile settings in certain cases
* fix symlink handling in Project Rescan, New Project adding
files/folders
* do not set the current project mark to a project that could not
be opened
* allow closing of an untitle editor tab when an image is previewed
inside
* fix problems with the automatic backup system
The mod_fcgid Apache module is a binary compatible alternative to
Apache module mod_fastcgi, but only for apache2 and later.
FastCGI provides a high-performance alternative to CGI for writing
webserver applications.
* A patch for a small security vulnerability in the script Django's
internationalization system uses to compile translation files.
* A fix for a bug in Django's authentication middleware which could cause
apparent "caching" of a logged-in user.
* A patch which disables debugging mode in the flup FastCGI package
Django uses to launch its FastCGI server, which prevents tracebacks
from bubbling up during production use.
devel/apr0/buildlink3.mk:
Add apr<1.0 to BUILDLINK_API_DEPENDS.apr .
devel/subversion/Makefile.common:
Drop --with-apr and --with-apr-util from CONFIGURE_ARGS; these
have not been needed since the buildlink framework started
ensuring the PATH is correct. Drop --with-ssl from
CONFIGURE_ARGS; this has not been necessary since this stopped
using the built-in neon. Include new options.mk .
devel/subversion-base/Makefile:
devel/subversion-base/buildlink3.mk:
Use devel/apr0 or devel/apr & devel/apr-util if
PKG_OPTIONS.subversion has the apr1 option.
devel/subversion-base/options.mk:
Provide apache22 and apr1 options; currently these must be set
together, so enforce that.
www/ap2-subversion/Makefile:
Use apache22 if PKG_OPTIONS.subversion has the apache22 option,
else use apache2.
The serf library is a C-based HTTP client library built upon the Apache
Portable Runtime (APR) library. It multiplexes connections, running the
read/write communication asynchronously. Memory copies and transformations
are kept to a minimum to provide high performance operation.
Update to 1.2.8 (formerly in devel/apr1), no longer build from the
httpd distfile.
devel/rapidsvn:
devel/subversion-base:
parallel/ganglia-monitor-core:
security/hydra:
www/apache2:
Use devel/apr0.
www/apache22:
Use devel/apr and devel/apr-util.
Many changes. See http://kazehakase.sourceforge.jp/
Some of the changes include:
* Fix wrong labels in Certificate Properties dialog.(Jan Jeronym Zvanovec)
* used ruby_disable_message.(Kouhei SUTOU)
* fix the compile problem on NetBSD(Hiroyuki IKEZOE)
* fix bug of purge_history_file_by_timestamp(). (Ryo SHIMIZU)
* support gziped favicon (Kouhei SUTOU)
* use "/favion.ico" as favicon file automatically if favicon URI is not specified by <link ref="..."> tag. (Kouhei SUTOU, Ryo SHIMIZU)
* make exit process faster (Ryo SHIMIZU)
* bug fix of GoUp action(Tomoyuki KAMO)
* use "RSS" when the page title is null(Ryo SHIMIZU)
* New creating thumbnail process with new GECKO APIs. But it is caprice(Hiroyuki IKEZOE)
* Can compile with Firefox2.0 beta(Hiroyuki IKEZOE)
* Show rendering engine on "About" dialog(Kouhei SUTOU)
* Bugfixes, please see http://www.apache.org/dist/httpd/CHANGES_2.2
pkgsrc changes:
* Do not use the included pcre source in apache22.
* devel/apr1 now uses the apache22 version (increased to 1.2.8.2.2.4) to
sync the source with the httpd distfile.
* Remove patches in devel/apr1 which were applied upstream.
Changes since 2.2a1 [2006/07/20]:
- Added a dashboard style display for templates (with multiple selections).
- New "Format" parameter can be used in graph URL to override saved setting.
- PDF and SVG formats are now properly embedded in HTML.
- Added warning and check to avoid obscure error caused by misconfiguration.
- Minor JavaScript enhancements to the graph editor.
- Added notice about CGI.pm incompatibility.
Changes since 2.1.3 [2005/06/19]:
- Various improvements for the graph editor:
+ Extensive code rewrite/cleanup.
+ Added simple HTML tooltips to provide (some) contextual help.
+ Extended JavaScript automation.
+ Clarified creation of new Data Sources.
- rrdtool 1.2.x support:
+ Three new image formats: SVG, EPS and PDF.
+ GIF is no longer supported, automatically switch to PNG.
+ Removed support for deprecated --overlay parameter.
+ Added support for --no-gridfit.
+ Added support for new VDEF, TICK and SHIFT graph commands.
+ Deprecated use of HRULE, STACK and old style GPRINT graph command.
release.
The calendar component has been removed from Seamonkey in favour of Sunbird
(time/sunbird) and Lightning, see http://www.mozilla.org/projects/calendar/
New features and fixes in this version:
General
* ChatZilla has been updated to a newer version (Bug 324439)
* When launching SeaMonkey, already-running instances are detected (Bug 122698)
Browser
* Spelling is checked when writing in textareas (Bug 302050 and bug 338318)
* A warning page is now shown before displaying about:config (Bug 339720)
* Tooltips from web pages can now be multiple lines, either due to automatic
text wrapping or explicit newlines added to the text value (Bug 356900)
* When you visit a secure site, the URL bar changes color to turns make
security status more visible (Bug 335113)
* When using keyword URLs, it is no longer necessary to type "keyword:" (typing
"keyword:" will no longer work). Just type the keyword name (Bug 337339)
* You can now drop URLs and bookmarks between existing tabs, which will result
in a new tab being created where you dropped the URL (Bug 324591)
* When hovering on a tab, the tooltip now displays a preview of the tab's
contents (Bug 315207)
* The search sidebar now behaves better (Bug 252802)
* The bookmarks menu and personal toolbar folder overflow menu now have context
menus (Bug 50504)
Mail & Newsgroups
* Message labelling has been superceded by tagging, which provides much more
than the original 5 labels and comes with new preferences (Bug 342560 and
others)
* The preferences for junk mail have been reorganized, and can now be set on a
per-account basis (Bug 335846)
* Improved phishing detection (Bug 326082 and others)
* New mail notification has been improved (Bug 327613, 305384, and others)
Address Book
* It is now possible to move or copy cards between address books. Cards can
only be copied to mailing lists, so you need to use ctrl key while dragging
to copy the card to the mailing list. When dragging cards between address
books, the default action is move, use ctrl to copy instead. (Bug 35837)
For the complete changelog, see
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1/changelog.html
Kahua is CPS, Continuation Passing Style application framework written
in one of scheme implementation, Gauche.
CPS has following advantages.
- You can use "Continuation" easily so you can resolve the typical Web
Applicaiton's problem of process disconnection.
- You can program declaratively by using S-expressions as fundamental
data type.
- You can use Kahua's Object Database to permanent data by itself.
- You can modify the function being run and it supports incremental
development.
Gauche is an R5RS Scheme implementation that is designed to be a
useful tools for daily work. See http://practical-scheme.net/gauche/
in detail.
Kahua is licensed under the modified BSD license. See COPYING in detail.
"Kahua" means platform, location or base in Hawaiian.
tool for creating authentication systems based on other databases.
The module can be used in either of two somewhat divergent ways:
1) External Authentication:
2) Hardcoded Authentication:
o arp-acl is now supported on NetBSD contributed by Jaromir Dolecek <jdolecek@>.
Changes to squid-2.6.STABLE7 (Jan 13 2007)
- Windows port: Fix intermittent build error using Visual Studio
- Add missing tproxy info from the dump of http port configuration
- Bug #1853: Support for ARP ACL on NetBSD
- clientNatLookup(): fix wrong function name in debug messages
- Convert ncsa_auth man page from DOS to Unix text format.
- Bug #1858: digest_ldap_auth had some remains of old hash format
- Correct the select_loops counter when using select(). Was counted twice
- Clarify the http_port vhost option a bit
- Fix cache-control: max-stale without value or bad value
- Bug #1857: Segmentation fault on certain types of ftp:// requests
- Bug #1848: external_acl crashes with an infinite loop under high load
- Bug #1792: max_user_ip not working with NTLM authentication
- Bug #1865: deny_info redirection with authentication related acls
- Small example on how to use the squid_session helper
- Bug #1863: cache_peer monitorurl, monitorsize and monitorinterval not working properly
- Clarify the transparent http_port option a bit more
- Bug #1828: squid.conf docutemtation error for proxy_auth digest
- Bug #1867: squid.pid isn't removed on shutdown
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.
Fixes PR 35265, although I did not use the patch provided therein.
abs_srcdir in config_vars.mk is used during install so needs to reference
the work dir path, and by other packages such as ap2-fastcgi after install,
so we fix after install to reference the installed path
- Fixes ap2-fastcgi build
Patch provided by Alaric Snell-Pym in pkgsrc-users@.
-> Visitors 0.7 Released (30 March 2006)
30Mar2005 - Added screen resolution and color depth report (via Javascript) see the README file for more info.
12Dic2005 - Added --debug option for verbose errors.
17Nov2004 - Debian Bug#339594: default output is html, but the manpage says text. Fixed. Thanks to Rick Pasotto for reporting the bug.
15Nov2005 - --grep and --exclude options implemented.
13Nov2005 - --ignore-404 option, useful to ignore log lines about missing pages. When this option is turned on log lines with 404 errors are just used to genera te the 404 errors report and not used for other reports.
-> Visitors 0.61 Released (25 October 2005)
24Oct2005 - Versioning scheme changed, after 0.6 now there is 0.61 instead of 0.6a like it was in the past. 0.6a may look like an alpha release.
24Oct2005 - Ignore more bots other than bots from google when computing unique visitors stats. This makes unique visitors stats much more reliable, there are crawlers with 200 and more different IP addresses so the unique visitors algorithm does not help there.
-> Visitors 0.6 Released (10 October 2005)
10Oct2005 - New report: Adsensed-pages. Like googled-pages but for the adsense crawler, that's supposted to be the one with Mediapartners-Google user agent.
10Oct2005 - Fixed a bug resulting in wrong googled-pages report.
04Oct2005 - Some formatting problem and a bug introduced in the 0.6 beta version fixed thanks to Simon Waters <sysadmin at zynet dot net>
03Oct2005 - Visitors's site finally contains a Japanese translation thanks to Takeshi ABE (tabe (at) fixedpoint (dot) jp).
02Oct2005 - Fixed the parsing code to detect the user agent string when no occurence of (...) string is present. This results in more accurate stats.
02Oct2005 - New feature: Referer spam filtering via blacklist.h
02Oct2005 - New report: google's "hl" human language.
17Sep2005 - Browsers list updated, Internet Explorer splitted into IE4, IE5 and IE6, detection of Firefox as a special case of Gecko based.
16Sep2005 - Fixed Debian Bug #312345, adding newline for every 'td' table
element generated to create 2D maps. This makes simpler to send reports by
email. Thanks to Simon Waters <sysadmin at zynet dot net>
web.py is a web framework for python that is as simple as it is powerful.
web.py is in the public domain; you can use it for whatever purpose with
absolutely no restrictions.
Trac-0.10.3-ja-1 (Dec 15, 2006)
* Merge trac-0.10.3
* Update to current statement.
* README.trac-ja
* wiki-default/TracJa
* Fixes a invalid trac-links.
* wiki-default/TracModPython
* Fixes ununified translations for "View changes".
* templates/anydiff.cs
* templates/log.cs
* templates/wiki.cs
* wiki-default/TracTermsJa
Trac 0.10.3 (Dec 12, 2006)
http://svn.edgewall.org/repos/trac/tags/trac-0.10.3
Trac 0.10.3 is a bug fix release. The following list contains only a
few highlights:
* Timeline fail to load with a "NoSuchChangeset" error message (#4132).
* Timed out MySQL connections not handled properly (#3645).
* Subversion repository resync broken. (#4204).
The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10.2
or USE_X11BASE set, but don't include mk/x11.buildlink3.mk directly or
via buildlink3.mks
- introduce BUILDLINK_PREFIX.libXpm as alias for BUILDLINK_PREFIX.xpm
in the !modular case
- fix some cases where the check for libX11 couldn't work at all by using
C++ for compilation without including the proper headers
Verified using a full X11_TYPE=xorg bulk build without additional
breakage. Discussed with salo@, wiz@ and send to packages@ for feedback.
MFSA 2006-76 XSS using outer window's Function object
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/
MFSA 2006-76 XSS using outer window's Function object
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/
MFSA 2006-74 Mail header processing heap overflows
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.0.7/README.html
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.9.html
Changes:
This release of Opera introduces Fraud Protection.
Changes Since Opera 9.02
User interface
* Fixed handling of access keys on Web pages with frames.
* Mail, messaging, and newsfeeds
* Fixed an instability connected with delayed entry of the Master password.
* Deleting of newsfeeds in the panel now both unsubscribes and deletes.
Display and scripting
* Improved performance for elements with both :focus and :hover.
* Fixed an issue with opacity on links that have images nested within them.
Security
* New Fraud Protection feature (a phishing filter).
* Changed Wand data to a new format. The upgrade to this new format
is not reversible.
Miscellaneous
* Multiple stability issues solved, including crashes on Gmail and Google Maps.
* Changed the Mozilla User Agent string to include Firefox identification.
* Improved handling of Web site logins on slow connections.
* Cancellation of torrent downloads now functions as expected.
UNIX-specific changes
* Fixed smooth scrolling.
* Flash 9 beta support for Linux.
* Implemented support for Linux plug-ins on FreeBSD.
* When masking as Internet Explorer, the platform is masked as Windows XP.
* Fixed an issue where floating point numbers were treated as integers
on some Linux systems.
I would list the changes here, but I don't entirely understand them.
XXX Why do we have a separate multimedia/ns-flash package? The
XXX packages to handle the opera plugins depend the ns-flash package
XXX -- perhaps this could do the same so there is only one place this is
XXX handled?
packages with the modular Xorg equivalent. Those are falling back
to the old location by default, so this commmit doesn't change
dependencies.
graphics/xpm ==> x11/libXpm
fonts/Xft2 ==> x11/libXft
x11/Xfixes ==> x11/libXfixes
x11/xcursor ==> x11/libXcursor
x11/Xrender ==> x11/libXrender
x11/Xrandr ==> libXrandr
pkgsrc change: remove PATCHFILES which hasn't used recent days.
Changes to squid-2.6.STABLE6 (Dec 12 2006)
- Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth()
- Add client source port logformat tag >p
- Cleanup of transparent & accelerator mode request parsing to untangle the firewall dependencies a bit
- Bug #1799: Harmless 1 byte buffer overflow on long host names in /etc/hosts
- automake no longer recommends mkinstalldirs. Removed.
- Only use crypt() if it's available, allowing ncsa_auth to be built
on platofms without crypt() support.
- Windows port documentation updates
- Bug #1818: Assertion failure assert(e->swap_dirn >= 0) in fs/coss/store_dir_coss.c storeCoss_DeleteStoreEntry
- Bug #1117: assertion failed: aufs/store_dir_aufs.c:642: "rb->flags.need_to_validate"
- Remove extra newline in redirect message sent by deny_info http://... aclname
- Bug #1805: assertion failed: StatHist.c:195: "D[i] >= 0"
- Clarify the external_acl_type helper format specification and some defaults
- Add support for the weight= parameter to round-robin peers
- Bug #1832: Error building squid-2.6.STABLE5 using --enable-truncate
- Convert snmpDebugOid to use a temporary String object instead of strcat
- Document that proxy_auth also accepts -i for case-insensitive operation
- Remove malloc/free of temporary buffer in time parsing routines.
- Reduce memory allocator pressure by not continually allocating client-side read buffers
- Accept large dates >2^31 on 64-bit platformst. Seen for example in the Google logo.
- Convert the connStateData->chr single link list to a normal dlink_list for clarity.
- Bug #1584: Unable to register with multiple WCCP2 routers
- Fix the WCCPv2 mask assignment code to not crash as the value assignments are built.
- Bug #439: Multicast ICP peering is unstable and considers most peers dead
- Bug #1801: NTLM authentication ends up in a loop if the server responds with a retriable error
- Bug #1839: Cosmetic debug message cleanup in peerHandleHtcpReply.
- Bug #1840: Disable digest and netdb queries to multicast peers
- Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing certain Vary objects
- Fix build errors when using latest MinGW Windows environment
by Pierre Pronchery as PR pkg/35200
other changes:
-enables startupnotify
-Fixes a problem of liferea-feed-add with running program detection
-translation updates
mod-xslt2 is a server side module able to transform ``xml''
documents in ``html'' (or to any other format) before they
even get back to the browser.
mod-xslt2 main features include:
* Ability to parse generated xml (ability to parse the output of
php or perl scripts).
* Ability to use the ``xslt'' indicated by the <?xml-stylesheet
processing instruction.
* Ability to send back the xml file unparsed to the browser.
* Ability to fetch xslt or DTDs from scripts rather than from
static files.
* Ability to fetch a different xslt depending on the content of
the request headers, of the get parameters or the web server
environment.
* Ability to allow xslt stylesheets to make use of these
variables to generate output.
--
http://www.mod-xslt2.com/
No changelog, but announcement said:
Use internal OFF_T_FORMAT instead of PRId64
Fix compilation on Minix3
Bug 841, CVE-2006-5925: Prevent enabling the SMB protocol.
Ecmascript: activate link only when onClick returns true
=== RELEASE 2.1pre26 ===
Tue Nov 28 23:13:38 MET 2006 mikulas:
Fixed severe security bug: '"' and ';' in smb:// url could be used for
remote command execution.
=== RELEASE 2.1pre25 ===
Wed Nov 22 23:55:21 MET 2006 mikulas:
DirectFB no longer causes internal error on unsupported color depth.
Normal error reporting and trying other drivers is be done.
Wed Nov 22 22:26:58 MET 2006 Jakub Bogusz <qboosh@pld-linux.org>:
Updated Polish Translation
Sun Nov 12 17:23:46 MET 2006 user:
Fixed memory leak in http authentication
Varnish is
* a high-performace HTTP accelerator designed for content-heavy
dynamic web sites.
* designed for maximum performance on modern hardware and modern
operating systems. Varnish takes full advantage of modern virtual
memory systems and of advanced operating system features such as
kqueue, accept filters, sendfile etc. where available.
* open source, published under a two-clause BSD license.
From the website:
Varnish is very, very fast - ten to twenty times faster than
Squid on the same hardware.
http://www.varnish-cache.org/
as is done with firefox2 as well now. This obsoletes additional packages like
firefox2-bin-flash etc. Downside is that the corresponding 1.5 and 2.0
packages can no longer be installed in parallel.
which allows us to install the pkgconfig files as well, which allows
to use the gecko html renderer to be used by other programs
The side effect is that firefox-1.x and firefox-2.x can't be installed
at the same time anymore.
update firefox-bin and firefox2-bin to override MOZ_DIR to point
to the binary Linux distribution; kill their own MASTER_SITES
now firefox-bin and firefox2-bin automaticaly pick up mirror
changes in the master script
but there seems no reason to reject local revisions (nb*). Accept them by
using the pattern reed@ suggested ({,nb[0-9]*}).
This should address pkg/34973.
3.0.6 is a stable release which includes many significant enhancements
and new features, including a number of new actions, multiple filter file
capability, full windows service functionality, as well as numerous
bugs done away with. See http://www.privoxy.org/user-manual/whatsnew.html
for details.
Trac-0.10.2-ja-1 (Nov 14, 2006)
* Merge trac-0.10.2
* Update to current statement.
* README.trac-ja
* wiki-default/TracJa
Trac 0.10.2 (Nov 13, 2006)
http://svn.edgewall.org/repos/trac/tags/trac-0.10.2
Trac 0.10.2 is a bug fix release. The following list contains only a
few highlights:
* Fixes deadlock when using authz_file config option (#3996).
* Makes the CSRF code play nice with the XmlRpcPlugin (#4122).
* Fixes Timeline breakage after svn commit when using sqlite (#4120).
The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10.2
=== RELEASE 2.1pre24 ===
Mon Nov 6 02:13:48 cet 2006 mikulas:
Fixed incorrect page displayed when search string ended with space and
the word was last on page
Thu Oct 26 16:10:01 MET 2006 user:
More strict parsing of ftp list, fixes ftp.su.se
Sun Oct 15 22:55:28 MET DST 2006 mikulas:
Allow cookie path to point to file, not only directory
Wed Oct 11 00:17:27 MET DST 2006 mikulas:
Fixed quirk with displaying of links in text mode
Mon Oct 9 23:33:03 MET 2006 Jakub Bogusz <qboosh@pld-linux.org>:
Updated Polish translation
Mon Oct 9 21:55:24 MET 2006 Jindrich Makovicka <makovick@gmail.com>:
Fixed memory corruption when redirecting URLs with user:password
Mon Sep 11 02:43:32 MET DST 2006 mikulas:
Test for socklen_t
Work without PF_INET (for Minix 3)
Cleaned up use of AF_ and PF_ constants
Sat Sep 9 00:05:16 MET 2006 user:
Fixed double-to-string conversion for config files
Fri Aug 25 00:48:05 MET 2006 user:
Parsing ftp directories starts to be difficult because fixing one bug
introduces other. Previous fix sometimes mistook size for year :-/
Sun Aug 20 05:06:57 cet 2006 mikulas:
Correctly translate character set of "label" attribute
Thu Aug 17 19:57:34 MET 2006 user:
Fixed incremental loading of XBM images
Mon Aug 7 05:11:47 CEST 2006 Matthew Fischer <futhark@mchsi.com>:
Fixed Japanese fonts
Mon Jul 31 00:32:58 MET 2006 user:
More cygwin fixes
bash 3.1.x gets shell quoting wrong, causing configure to fail on platforms
that use this shell
New in this version according to
http://www.modpython.org/live/mod_python-3.2.10/doc-html/node98.html:
- Added support for Apache 2.2.
- New req.is_https() and req.ssl_var_lookup() methods. These communicate
direct with the Apache mod_ssl module, allowing it to be determined if
the connection is using SSL/TLS and what the values of internal ssl
variables are.
- New req.server.get_options() method. This returns the subset of Python
options set at global scope within the Apache configuration. That is,
outside of the context of any VirtualHost, Location, Directory or Files
directives.
- The directory used for mutex locks can now be specified at at compile
time using ./configure --with-mutex-dir value or at run time with
PythonOption mod_python.mutex_directory value.
- The number of mutex locks can now be specified at run time with
PythonOption mod_python.mutex_locks value.
- Fixed three memory leaks that were found in _apachemodule.parse_qsl,
req.readlines and util.cfgtree_walk.
- Third party C modules that use the simplified API for the Global Interpreter
Lock (GIL), as described in PEP 311, can now be used. The only requirement
is that such modules can only be used in the context of the "main_interpreter".
- DbmSession unit test no longer uses the default directory for the dbm file,
so the test will not interfer with the user's current apache instance.
- Added additional debugging and logging output for where mod_python cannot
initialise itself properly due to Python or mod_python version mismatches or
missing Python module code files.
- Fixed configure problem when using bash 3.1.x.
- Fixed DbmSession to create db file with mode 0640.
- Fixed request.sendfile() bug for symlinked files on Win32.
Changes between 1.2.18 and 1.2.19
Native
update Docs: Add SetHandler and new env var to Apache config docs. (rjung)
update Apache 1.3: Backport "no-jk" feature. (rjung)
update Apache: Add an environment variable to make SetHandler "jakarta-servlet" more useful. The variable is JK_WORKER_NAME, but can be changed by the new directive JkWorkerIndicator. (rjung)
fix LB: Don't use single worker shortcut, if the single worker is being diabled. (rjung)
fix Status worker: Add short explanation of activation and error states to legend. (rjung)
fix Docs: Add meaning of zero timeout values for various timeouts in workers.properties. (rjung)
fix LB: Cleanup of Mladens forced recovery. (rjung)
fix LB: Do not change lb_value for recovering workers to max, if we are using BUSYNESS method. (rjung)
fix Apache: Since 1.2.14 mod_jk failed to detect client abort. (rjung)
fix Docs: Corrected description of JkEnvVar. (rjung)
fix Solaris: Detect filio.h in configure to make the new connection detection build on solaris (r432825). (rjung)
update Add feature to force the recovery of workers that are member of loadbalancer if all the members are in error state. This fixes the time gap where 503 was returned caused by recovery_timeout although the backend was ready to handle the requests. (mturk)
update Docs: Seperate deprecated directives in their own table. (rjung)
update Docs: Allow "-" and "_" in worker names. (rjung)
update Allow multiple lines with attributes "balance_workers" and "mount". (rjung)
fix Make jk_is_some_property match more precisely. (rjung)
update JkStatus: Make refresh interval changeable. (rjung)
fix JkStatus: Adjust display of recover time wrt. global maintenance. (rjung)
update LB: Resetting worker state from OK to NA, if worker has been idle too long. (rjung)
fix Avoid compiler warnings concerning the use of lb_*_type arrays. Use functions instead. (rjung)
update Added %R JkRequestLogFormat option for Apache 1 and Apache 2. (mturk)
update Allow changing jvm Route from status manager. (mturk)
fix Do not retun 400 if Tomcat fails in the midle of the post request. Return 500 insted. (mturk)
update LB: Combine ok/error/recovering/busy runtime states into a single scalar. (rjung)
update LB: Combine active/disabled/stopped configuration states into a single scalar. (rjung)
update LB: Add several Apache notes to enable standard logging for load balancer results. (rjung)
update LB: Reorganisation of the main load balancer service loop. (rjung)
update Implement hierarchical worker configuration via attribute "reference". (rjung)
update Log deprecated properties. (rjung)
fix IIS: Fix simple_rewrite for the cases where the rewritten url is larger then the original one. (mturk)
update New JkOption "DisableReuse" to disable connection persistence. (jim)
update LB: Move sessionid retrieval out of get_most_suitable_worker into service. (rjung)
update Code cleanup for all service methods (use TRACE, JK_LOG_NULL_PARAMS, null pointer checks). (rjung)
update JKSTATUS: add refresh link. No refresh for updates. Redirect to list view after update. (rjung)
update Add new hook add_log_items into servers. (rjung)
update APACHE httpd: Rename apache logging notes. (rjung)
update LB: Rename lock and method constants. Add constants for defaults. (rjung)
fix Default log level should be INFO and not DEBUG. Default log level should be the same for all server types. (rjung)
fix Make rewrite_rule_map and log_level as non mandatory directives for isapi_redirect. (mturk)
fix 40107: Rewrite is_socket_connected function. Non blocking socket is not used any more. (mturk)
update Allow building with VS2005 without too many warnings. (mturk)
fix Decide by MMN, which piped log API we should use. mod_jk 1.2.18 broke compilation with Apache 1.3 pre 1.3.28. (rjung)
Changes between 1.2.17 and 1.2.18
Native
fix Using socklen_t in getsockopt. Also introducing jk_sock_t. (mturk)
update Allow recovery wait time below 60 seconds (new minimum is 1 second). (mturk)
Changes between 1.2.16 and JK 1.2.17
Native
fix Fix hanging jk status worker when certain attributes are being updated due to double locking. (rjung)
update Allow JkMount to behave like uriworkermap.properties by parsing pipe symbol as two directive marker. (mturk)
Changes between 1.2.15 and JK 1.2.16
Native
update Added simple rewrite capability for IIS. Although simple it will fulfill most needs. (mturk)
update Added RECOVER_ABORT_IF_CLIENTERROR recovery_option that closes the connection if client connection is broken during the request. (mturk)
update Renamed cache_timeout directive to connection_pool_timeout. (mturk)
update Added connection_pool_minsize directive. (mturk)
update Deprecate recycle_timeout directive. (mturk)
update Corrected some HTML syntax bugs in output of status worker. (rjung)
update Added the refresh=n parameter to the status worker. It will update the display every n seconds. (rjung)
update Balancer: Add attribute distance to balanced workers to express preferences between workers. (rjung)
update Balancer: Add attribute jvm_route to balanced workers to be able to use the same target in different balancers. (rjung)
update Status: Add lb_mult to status. (rjung)
update Balancer: Make different balancing strategies work in a similar way (use lb_value, use decay during global maintenance, use integer factors for weights. (rjung)
update Balancer: Improve locking. (rjung)
update Balancer: Workers start slower after recovering. (rjung)
update Balancer: Make different balancing strategies work in a similar way (use lb_value, use decay during global maintenance, use integer factors lb_mult for weights). (rjung)
update Balancer: Move recovery check to global maintenance. (rjung)
update Balancer: Add global maintenance method, that is called in only one process. (rjung)
update Extend our use of autoconf to find a 32Bit and a 64Bit unsigned type and their printf formats. (rjung)
update Logging: piped loggers for JkLogFile and Apache 1.3. (rjung)
update Logging: Add PID to log lines for each log level apart from REQUEST. (rjung)
update Logging: flush buffered logs to keep lines in correct order. Output final newline together with log message. (rjung)
update Reducing shm size. (rjung)
update Only log removing of old worker, when we actually do it. (rjung)
fix 37469: Fix shared memory close for forked childs. The shared memory will be closed by the parent process. (mturk)
fix 37332: Fix potential misuse of buffer length with snprintf functions. (mturk)
fix 38859: Protect mod_jk against buggy or malicious AJP servers in the backend. Patch provided by Ruediger Pluem. (mturk)
fix 38889: Use worker map sorting depending on the path elements, to comply with Servlet spec. Patch provided by Steve Revilak. (mturk)
update 36138: Added Busyness lb method. Patch provided by Chris Lamprecht. (mturk)
fix Fix pessimistic locking mode. The patch correctly handles the burst load, by syncing the access to the shared memory data. (mturk)
fix 38806: Reclycle worker even if it is disabled. This fixes hot-standby workers in error state. (mturk)
fix 37167: Allow building with BSD-ish like make. (mturk)
fix ISAPI plugin (isapi_redirect.dll) did not provide correct request data for IIS to include in the IIS log. (markt)
Changes:
Tomcat 5.5.20 (fhanik)
Catalina
fix Fix logic error in UserDatbaseRealm.getprincipal() that caused user roles assigned via groups to be ignored. (markt)
Jasper
fix 31804: Unnested tags within a tag file are now configured with the Tag represented by the containing tag file as their parent tag. (markt)
fix 33356: Tag attributes that contained $ followed by 1 or more non-special characters and then a { character caused an exception. (markt)
fix 33407: The string \$ in template text was reduced to $ when the isELIgnored page directive was set to true. (markt)
Tomcat 5.5.19 (fhanik)
General
update Add multi attribute setting to jmx:set JMX remote ant task. Patch contributed by Didier Donsez (pero)
Catalina
fix 30762: Re-fix this bug that was re-introduced by the fix to 37264. (markt)
fix 37588: Fix JNDI realm creation through JMX. Patch contributed by TerryZhou (fhanik)
fix 39704: The use of custom classloaders failed when the context was specified in server.xml. Correction of the fault will require setting the new loader attribute useSystemClassLoaderAsParent to false. (markt)
Coyote
fix 40418: APR Endpoint socket evaluation (remm)
Webapps
fix 31339: Admin app threw exceptions if a name other than Catalina was configured for the Engine. Patch based on a suggestion from Amila Suriarachchi. (markt)
Tomcat 5.5.18 (yoavs)
General
update Change MD5 release signature files to have md5 (lowercase) extension instead of MD5 (uppercase), as suggested by Henk Penning and specified in the ASF release publishing guidelines. (yoavs)
Catalina
fix Fix that ManagerBase increment expireSessions counter at background task two times. (pero)
fix 39406: Fix that StandardSession#getLastAccessedTime() uses correct exception message, suggested by Takayoshi Kimura. (pero)
add 39661: Add documentation on JULI FileHandler properties. (yoavs)
add 39657: Warn (and don't load jar) if JSP API is in webapp classloader repository, as suggested by David Sanchez Crespillo. (yoavs)
add 39674: Support JRockit JVM in service.bat script, as suggested by lizongbo. (yoavs)
fix 39711: Update Loader configuration documentation, as suggested by Stephane Bailliez. (yoavs)
fix 39865: Add Open Office mime types to conf/web.xml. (markt)
fix 38814: Align CGI handling of indexed queries, parameters and POST content with other CGI providers. The changes: only provide parameters on the command line for indexed queries; always provide the query string via the QUERY_STRING environment variable; provide POST content unmodified to stdin; and never call getParameters(). (markt)
fix 34801: Partial fix that adds handling of IOExceptions during long running CGI requests. Based on a patch by Chris Davey. (markt)
fix 39689: Allow single quotes (') and backticks (`) as well as double quotes (") to be used to delimit SSI attribute values. (markt)
fix 40053: Correct application deployment documentation so it agrees with the classloader documentation regarding shared lib and CATALINA_BASE. (markt)
fix 39592: Stop HEAD requests for resources handled by SSI servlet or filter generating stack traces in the logs. (markt)
fix Improve handling of the ';' character in the URL so that it is now allowed if properly %xx encoded. (remm)
Coyote
fix Fix APR endpoint so that the acceptor thread now only processes socket accepts. (remm)
Webapps
fix 39813: Correct handling of new line characters in JMX attributes. Patch provided by R Bramley. (markt)
fix 37781: Make sure that StoreConfig save external referenced war files at context.xml correct. (pero)
fix 39791: Use correct default for useNaming within a Context. (markt)
fix Correctly generate re-direct for admin app index.jsp to prevent login page being displayed twice when cookies are disabled. (markt)
Cluster
fix 39473: Session timeout much shorter than setting at web.xml at cluster environment, suggested by Jin Jiang. (pero)
ikiwiki is a wiki compiler. It converts wiki pages into html pages
suitable for publishing on a website. Unlike many wikis, ikiwiki does
not have its own ad-hoc means of storing page history, and instead
uses an revision control system.
The pkg currently has options for a dependency on svn, which is the
default rcs backend. Support for other backends is included in the
installed pkg, but there are no dependencies in the pkg for them yet.
Trac-0.10.1-ja-1 (Nov 9, 2006)
* Merge trac-0.10.1
* Translate messages into Japanese.
* trac/db/api.py
* trac/notification.py
* Correct some translations.
* templates/timeline.cs
* wiki-default/TracIni
* trac/mimeview/silvercity.py
* Add link to TracJa.
* wiki-default/TracGuide
* Update to current statement.
* README.trac-ja
* wiki-default/TracJa
* bdist's package name revert to `trac` from `trac-ja`,
because some plugins require `trac`'s package name.
* setup.py
Trac 0.10.1 (Nov 8, 2006)
http://svn.edgewall.org/repos/trac/tags/trac-0.10.1
Trac 0.10.1 contains a security fix and a number of bug fixes.
The following list contains only a few highlights:
* Fixed CSRF vulnerability (#4049), reported by Daniel Kahn Gillmor.
* Improved DB connection handling (#3503)
* Tracd no longer tries to resolve client's IP address (#3481).
The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10.1
* install pinger program setuid to make ICMP work; the problem noted by
Heron Gallegos via private mail.
Key changes squid-2.6.STABLE4 to 2.6.STABLE5
* Bug #1776: 2.6.STABLE4 aufs fails to compile if coss isn't enabled
* COSS improvements and cleanups
* Bug #1785: Memory leak in handling of negatively cached objects
* Bug #1780: Incorrect Vary processing in combination with collapsed_forwarding
* Bug #1779: Delay pools fairness when multiple connections compete for bandwidth
* Bug #1796: Assertion error HttpHeader.c:914: "str"
* All comm loops now use the generic event framework
* a number of other minor and cosmetic bugfixes. See the list of squid-2.6.STABLE4 changes and the ChangeLog file for details.
MFSA 2006-67 Running Script can be recompiled
MFSA 2006-66 RSA signature forgery (variant)
MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)
For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.8.html
