two issues. The PLIST was incorrect and since the PLIST is used by
the "moz-install" script, anything missing from the PLIST is never
installed even when building from source. When libfreebl* were not
installed it caused the clients to fail to load the security component
and fail with "The browser failed to load its security component".
The second issue is that many installations of solaris-2.9 include
various glib/gtk/gnome libraries in /usr/lib. This causes failures
because the pkgsrc ones were used at link time and the /usr/lib ones
at run time. Work around this by setting a LD_LIBRARY_PATH that includes
the pkgsrc lib directory first.
pkgrevision bumps all around.
Package info: scp support not enabled (libssh2 is not packaged).
Version 7.16.1 (29 January 2007)
Daniel (29 January 2007)
- Michael Wallner reported that when doing a CONNECT with a custom User-Agent
header, you got _two_ User-Agent headers in the CONNECT request...! Added
test case 287 to verify the fix.
Daniel (28 January 2007)
- curl_easy_reset() now resets the CA bundle path correctly.
- David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
platforms.
Daniel (25 January 2007)
- Added the --libcurl [file] option to curl. Append this option to any
ordinary curl command line, and you will get a libcurl-using source code
written to the file that does the equivalent operation of what your command
line operation does!
Dan F (24 January 2007)
- Fixed a dangling pointer problem that prevented the http_proxy environment
variable from being properly used in many cases (and caused test case 63
to fail).
Daniel (23 January 2007)
- David McCreedy did NTLM changes mainly for non-ASCII platforms:
#1
There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
defined. I noticed this while testing various configurations. Line 867 of
the current http_ntlm.c is a closing bracket for an if/else pair that only
gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket
wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
defined. Lines 198 and 140 of my patch wraps that closing bracket in an
#ifdef USE_NTLM2SESSION.
#2
I noticed several picky compiler warnings when DEBUG_ME is defined. I've
fixed them with casting. By the way, DEBUG_ME was a huge help in
understanding this code.
#3
Hopefully the last non-ASCII conversion patch for libcurl in a while. I
changed the "NTLMSSP" literal to hex since this signature must always be in
ASCII.
Conversion code was strategically added where necessary. And the
Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
creates are NOT translated on non-ASCII platforms.
Dan F (22 January 2007)
- Converted (most of) the test data files into genuine XML. A handful still
are not, due mainly to the lack of support for XML character entities
(e.g. & => & ). This will make it easier to validate test files using
tools like xmllint, as well as to edit and view them using XML tools.
Daniel (16 January 2007)
- Armel Asselin improved libcurl to behave a lot better when an easy handle
doing an FTP transfer is removed from a multi handle before completion. The
fix also fixed the "alive counter" to be correct on "premature removal" for
all protocols.
Dan F (16 January 2007)
- Fixed a small memory leak in tftp uploads discovered by curl's memory leak
detector. Also changed tftp downloads to URL-unescape the downloaded
file name.
Daniel (14 January 2007)
- David McCreedy provided libcurl changes for doing HTTP communication on
non-ASCII platforms. It does add some complexity, most notably with more
#ifdefs, but I want to see this supported added and I can't see how we can
add it without the extra stuff added.
- Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
libcurl would crash when trying to read a NULL pointer.
Daniel (12 January 2007)
- Toby Peterson found a nasty bug that prevented (lib)curl from properly
downloading (most) things that were larger than 4GB on 32 bit systems. Matt
Witherspoon helped as narrow down the problem.
Daniel (5 January 2007)
- Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
will make libcurl shutdown SSL/TLS after the authentication is done on a
FTP-SSL operation.
Daniel (4 January 2007)
- David McCreedy made changes to allow base64 encoding/decoding to work on
non-ASCII platforms.
Daniel (3 January 2007)
- Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
downloaded data in two buffers, just to be able to deal with a special HTTP
pipelining case. That is now only activated for pipelined transfers. In
Matt's case, it showed as a considerable performance difference,
Daniel (2 January 2007)
- Victor Snezhko helped us fix bug report #1603712
(http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
(CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
on Windows (since 7.16.0, but that's when they were introduced as previous
to that the limiting logic was made in the application only and not in the
library). It was actually also broken on select()-based systems (as apposed
to poll()) but we haven't had any such reports. We now use select(), Sleep()
or delay() properly to sleep a while without waiting for anything input or
output when the rate limiting is activated with the easy interface.
- Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
to get built static. It has been mentioned before and was again brought to
our attention by Nathanael Nerode who filed debian bug report #405226
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
Daniel (29 December 2006)
- Make curl_easy_duphandle() set the magic number in the new handle.
Daniel (22 December 2006)
- Robert Foreman provided a prime example snippet showing how libcurl would
get confused and not acknowledge the 'no_proxy' variable properly once it
had used the proxy and you re-used the same easy handle. I made sure the
proxy name is properly stored in the connect struct rather than the
sessionhandle/easy struct.
- David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
variable to point to when it should be a socklen_t.
- When setting a proxy with environment variables and (for example) running
'curl [URL]' with a URL without a protocol prefix, curl would not send a
correct request as it failed to add the protocol prefix.
Daniel (21 December 2006)
- Robson Braga Araujo reported bug #1618359
(http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
enters an infinite loop, while curl 7.16.1-20061218 does one additional
unnecessary request.
Fix: During the "Major overhaul introducing http pipelining support and
shared connection cache within the multi handle." change, headerbytecount
was moved to live in the Curl_transfer_keeper structure. But that structure
is reset in the Transfer method, losing the information that we had about
the header size. This patch moves it back to the connectdata struct.
Daniel (16 December 2006)
- Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
during certain conditions when GnuTLS is used.
Daniel (11 December 2006)
- Alexey Simak found out that when doing FTP with the multi interface and
something went wrong like it got a bad response code back from the server,
libcurl would leak memory. Added test case 538 to verify the fix.
I also noted that the connection would get cached in that case, which
doesn't make sense since it cannot be re-use when the authentication has
failed. I fixed that issue too at the same time, and also that the path
would be "remembered" in vain for cases where the connection was about to
get closed.
Daniel (6 December 2006)
- Sebastien Willemijns reported bug #1603712
(http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
getting cut off prematurely when --limit-rate is used. While I found no such
problems in my tests nor in my reading of the code, I found that the
--limit-rate code was severly flawed (since it was moved into the lib, since
7.15.5) when used with the easy interface and it didn't work as documented
so I reworked it somewhat and now it works for my tests.
Daniel (5 December 2006)
- Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
passing a curl_off_t argument to the Curl_read_rewind() function which takes
an size_t argument. Curl_read_rewind() also had debug code left in it and it
was put in a different source file with no good reason when only used from
one single spot.
- Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
no code present in the library that receives the option. Since it was not
possible to use, we know that no current users exist and thus we simply
removed it from the docs and made the code always use the default path of
the code.
- Jared Lundell filed bug report #1604956
(http://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
will always internally use no less than 1 entry in the connection cache.
- Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
the 7.16.0 release.
- Martin Skinner brought back bug report #1230118 to haunt us once again.
(http://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
properly for all input dates on Windows. It was mostly seen on some TZ time
zones using DST. Luckily, Martin also provided a fix.
- Alexey Simak filed bug report #1600447
(http://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
FTP connections don't work with the multi interface. The problem is here
that the multi interface state machine has a state during which it can wait
for the data connection to connect, but the active connection is not done in
the same step in the sequence as the passive one is so it doesn't quite work
for active. The active FTP code still use a blocking function to allow the
remote server to connect.
The fix (work-around is a better word) for this problem is to set the
boolean prematurely that the data connection is completed, so that the "wait
for connect" phase ends at once.
The proper fix, left for the future, is of course to make the active FTP
case to act in a non-blocking way too.
- Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
HTTP upload was disconnected:
"What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
setting *only* POLLHUP on poll() when the conditions in my previous mail
occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
basically what was happening, is poll() was returning immediately (with
POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
POLLOUT was set. This still caused Curl_readwrite() to be called, which
quickly returned. Then the transfer() loop kept continuing at full speed
forever."
Daniel (1 December 2006)
- Toon Verwaest reported that there are servers that send the Content-Range:
header in a third, not suppported by libcurl, format and we agreed that we
could make the parser more forgiving to accept all the three found
variations.
Daniel (25 November 2006)
- Venkat Akella found out that libcurl did not like HTTP responses that simply
responded with a single status line and no headers nor body. Starting now, a
HTTP response on a persistent connection (i.e not set to be closed after the
response has been taken care of) must have Content-Length or chunked
encoding set, or libcurl will simply assume that there is no body.
To my horror I learned that we had no less than 57(!) test cases that did bad
HTTP responses like this, and even the test http server (sws) responded badly
when queried by the test system if it is the test system. So although the
actual fix for the problem was tiny, going through all the newly failing test
cases got really painful and boring.
Daniel (24 November 2006)
- James Housley did lots of work and introduced SFTP downloads.
Daniel (13 November 2006)
- Ron in bug #1595348 (http://curl.haxx.se/bug/view.cgi?id=1595348) pointed
out a stack overwrite (and the corresponding fix) on 64bit Windows when
dealing with HTTP chunked encoding.
Daniel (9 November 2006)
- Nir Soffer updated libcurl.framework.make:
o fix symlinks, should link to Versions, not to ./Versions
o indentation improvments
- Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
2006. It turned out we wrongly assumed that the connection cache was present
when tearing down a connection.
- Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
multi interface, but I could also repeat it doing multiple sequential ones
with the easy interface. Using Ciprian's test case, I could fix it.
Daniel (8 November 2006)
- Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
SSL handshake. This is now stopped.
Daniel (7 November 2006)
- Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
wrong error message in the error message buffer.
Daniel (3 November 2006)
- Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
KNOWN_BUGS #25, which happens when a proxy closes the connection when
libcurl has sent CONNECT, as part of an authentication negotiation. Starting
now, libcurl will re-connect accordingly and continue the authentication as
it should.
Daniel (2 November 2006)
- James Housley brought support for SCP transfers, based on the libssh2 library
for the actual network protocol stuff.
Added these new curl_easy_setopt() options:
CURLOPT_SSH_AUTH_TYPES
CURLOPT_SSH_PUBLIC_KEYFILE
CURLOPT_SSH_PRIVATE_KEYFILE
2007-01-12 Gisle Aas
Release 3.56
Cloning of parser state for compatiblity with threads.
Fixed by Bo Lindbergh
Don't require whitespace between declaration tokens.
<http://rt.cpan.org/Ticket/Display.html?id=20864>
2006-07-10 Gisle Aas
Release 3.55
Treat <> at the end of document as text. Used to be
reported as a comment.
Improved Firefox compatiblity for bad HTML:
- Unclosed <script>, <style> are now treated as empty tags.
- Unclosed <textarea>, <xmp> and <plaintext> treat rest as text.
- Unclosed <title> closes at next tag.
Make <!a'b> a comment by itself.
to the old realplayer package; update to reflect this and make it work.
Remove an obsolete exec entry in the PLIST, the same function is already
performed in the do-install target.
Bump PKGREVISION.
pkgsrc changes: merge ap2-ruby to here.
mod_ruby-1.2.6 released
mod_ruby-1.2.6 is released.
Main changes from mod_ruby-1.2.5
- apache/rails-dispatcher.rb supports Rails 1.1.
- added guard conditionals around code that uses dconf to avoid SEGV. Thanks,
Michael Granger.
- fixes for Ruby 1.6.x.
- do not call downcase content_type, content_encoding, and content_lnaguages.
at 2006-06-15 13:32
mod_ruby-1.2.5 released
mod_ruby-1.2.5 is released.
Main changes from mod_ruby-1.2.4
- added RubyRestrictDirectives by David Garamond.
- added Apache::Request#all_params.
- set $0 correctly
- added Apache::RubyProfile.
- added RubyOption.
- added Apache::RailsDispatcher.
- supported Apache 2.2 thanks to Michael Sullivan.
- added RubyGcPerRequest.
- do not timeout if RubyTimeOut is 0.
at 2006-02-19 21:52
Changes since 1.1.6:
* Removed invocation of deprecated before_action and around_action filter
methods. Corresponding before_invocation and after_invocation methods
should be used instead.
* Provide access to the underlying SOAP driver.
* ActionWebService WSDL generation ignores HTTP_X_FORWARDED_HOST
* Tighten rescue clauses.
* Fixed XMLRPC multicall when one of the called methods returns a struct
object.
* Fix invoke_layered since api_method didn't declare :expects.
Changes to squid-2.6.STABLE9 (Jan 24 2007)
- Bug #1878: If-Modified-Since broken in 2.6.STABLE8
- Bug #1877 diskd bug in storeDiskdIOCallback()
Changes to squid-2.6.STABLE8 (Jan 21 2007)
- Bug #1873: authenticateNTLMFixErrorHeader: state 4.
- Document the https_port vhost option, useful in combination with
a wildcard certificate
- Document the existence of connection pinning / forwarding of NTLM
auth and a few other features overlooked in the release notes.
- Spelling correction of the ssl cache_peer option
- Add back the optional "accel" http_port option. Makes accelerator
mode configurations easier to read.
- Bug #1872: Date parsing error causing objects to get unexpectedly
cached.
- Cleanup to have the access.log tags autogenerated from enums.h
- Bug #1783: STALE: Entry's timestamp greater than check time. Clock
going backwards?
- Don't update object timestamps on a failed revalidation.
- Fix how ftp://user@host URLs is rendered when Squid is built with
leak checking enabled
A lot of changes since 1.3.3, including Unicode support and add-on modules
("shimbun").
NOTE:
I had to comment out w3m's "ucs_conv=1" option which is hard-coded in w3m.el,
so that w3m without unicode option also works with emacs-w3m. Do we want
w3m to always have its homegrown yet another Unicode mapping table?
% ls w3m.*
-rwxr-xr-x 1 uebayasi users 513186 Jan 27 20:46 w3m.no-unicode
-rwxr-xr-x 1 uebayasi users 1182323 Jan 27 20:48 w3m.unicode
Quanta Plus
* show Find in Files menu if KFileReplace is installed
* fix various crashes in the debugger
* fix crash when editing a >style> CSS area
* use the correct encoding in the file dialogs
* don't lose upload profile settings in certain cases
* fix symlink handling in Project Rescan, New Project adding
files/folders
* do not set the current project mark to a project that could not
be opened
* allow closing of an untitle editor tab when an image is previewed
inside
* fix problems with the automatic backup system
The mod_fcgid Apache module is a binary compatible alternative to
Apache module mod_fastcgi, but only for apache2 and later.
FastCGI provides a high-performance alternative to CGI for writing
webserver applications.
* A patch for a small security vulnerability in the script Django's
internationalization system uses to compile translation files.
* A fix for a bug in Django's authentication middleware which could cause
apparent "caching" of a logged-in user.
* A patch which disables debugging mode in the flup FastCGI package
Django uses to launch its FastCGI server, which prevents tracebacks
from bubbling up during production use.
devel/apr0/buildlink3.mk:
Add apr<1.0 to BUILDLINK_API_DEPENDS.apr .
devel/subversion/Makefile.common:
Drop --with-apr and --with-apr-util from CONFIGURE_ARGS; these
have not been needed since the buildlink framework started
ensuring the PATH is correct. Drop --with-ssl from
CONFIGURE_ARGS; this has not been necessary since this stopped
using the built-in neon. Include new options.mk .
devel/subversion-base/Makefile:
devel/subversion-base/buildlink3.mk:
Use devel/apr0 or devel/apr & devel/apr-util if
PKG_OPTIONS.subversion has the apr1 option.
devel/subversion-base/options.mk:
Provide apache22 and apr1 options; currently these must be set
together, so enforce that.
www/ap2-subversion/Makefile:
Use apache22 if PKG_OPTIONS.subversion has the apache22 option,
else use apache2.
The serf library is a C-based HTTP client library built upon the Apache
Portable Runtime (APR) library. It multiplexes connections, running the
read/write communication asynchronously. Memory copies and transformations
are kept to a minimum to provide high performance operation.
Update to 1.2.8 (formerly in devel/apr1), no longer build from the
httpd distfile.
devel/rapidsvn:
devel/subversion-base:
parallel/ganglia-monitor-core:
security/hydra:
www/apache2:
Use devel/apr0.
www/apache22:
Use devel/apr and devel/apr-util.
Many changes. See http://kazehakase.sourceforge.jp/
Some of the changes include:
* Fix wrong labels in Certificate Properties dialog.(Jan Jeronym Zvanovec)
* used ruby_disable_message.(Kouhei SUTOU)
* fix the compile problem on NetBSD(Hiroyuki IKEZOE)
* fix bug of purge_history_file_by_timestamp(). (Ryo SHIMIZU)
* support gziped favicon (Kouhei SUTOU)
* use "/favion.ico" as favicon file automatically if favicon URI is not specified by <link ref="..."> tag. (Kouhei SUTOU, Ryo SHIMIZU)
* make exit process faster (Ryo SHIMIZU)
* bug fix of GoUp action(Tomoyuki KAMO)
* use "RSS" when the page title is null(Ryo SHIMIZU)
* New creating thumbnail process with new GECKO APIs. But it is caprice(Hiroyuki IKEZOE)
* Can compile with Firefox2.0 beta(Hiroyuki IKEZOE)
* Show rendering engine on "About" dialog(Kouhei SUTOU)
* Bugfixes, please see http://www.apache.org/dist/httpd/CHANGES_2.2
pkgsrc changes:
* Do not use the included pcre source in apache22.
* devel/apr1 now uses the apache22 version (increased to 1.2.8.2.2.4) to
sync the source with the httpd distfile.
* Remove patches in devel/apr1 which were applied upstream.
Changes since 2.2a1 [2006/07/20]:
- Added a dashboard style display for templates (with multiple selections).
- New "Format" parameter can be used in graph URL to override saved setting.
- PDF and SVG formats are now properly embedded in HTML.
- Added warning and check to avoid obscure error caused by misconfiguration.
- Minor JavaScript enhancements to the graph editor.
- Added notice about CGI.pm incompatibility.
Changes since 2.1.3 [2005/06/19]:
- Various improvements for the graph editor:
+ Extensive code rewrite/cleanup.
+ Added simple HTML tooltips to provide (some) contextual help.
+ Extended JavaScript automation.
+ Clarified creation of new Data Sources.
- rrdtool 1.2.x support:
+ Three new image formats: SVG, EPS and PDF.
+ GIF is no longer supported, automatically switch to PNG.
+ Removed support for deprecated --overlay parameter.
+ Added support for --no-gridfit.
+ Added support for new VDEF, TICK and SHIFT graph commands.
+ Deprecated use of HRULE, STACK and old style GPRINT graph command.
release.
The calendar component has been removed from Seamonkey in favour of Sunbird
(time/sunbird) and Lightning, see http://www.mozilla.org/projects/calendar/
New features and fixes in this version:
General
* ChatZilla has been updated to a newer version (Bug 324439)
* When launching SeaMonkey, already-running instances are detected (Bug 122698)
Browser
* Spelling is checked when writing in textareas (Bug 302050 and bug 338318)
* A warning page is now shown before displaying about:config (Bug 339720)
* Tooltips from web pages can now be multiple lines, either due to automatic
text wrapping or explicit newlines added to the text value (Bug 356900)
* When you visit a secure site, the URL bar changes color to turns make
security status more visible (Bug 335113)
* When using keyword URLs, it is no longer necessary to type "keyword:" (typing
"keyword:" will no longer work). Just type the keyword name (Bug 337339)
* You can now drop URLs and bookmarks between existing tabs, which will result
in a new tab being created where you dropped the URL (Bug 324591)
* When hovering on a tab, the tooltip now displays a preview of the tab's
contents (Bug 315207)
* The search sidebar now behaves better (Bug 252802)
* The bookmarks menu and personal toolbar folder overflow menu now have context
menus (Bug 50504)
Mail & Newsgroups
* Message labelling has been superceded by tagging, which provides much more
than the original 5 labels and comes with new preferences (Bug 342560 and
others)
* The preferences for junk mail have been reorganized, and can now be set on a
per-account basis (Bug 335846)
* Improved phishing detection (Bug 326082 and others)
* New mail notification has been improved (Bug 327613, 305384, and others)
Address Book
* It is now possible to move or copy cards between address books. Cards can
only be copied to mailing lists, so you need to use ctrl key while dragging
to copy the card to the mailing list. When dragging cards between address
books, the default action is move, use ctrl to copy instead. (Bug 35837)
For the complete changelog, see
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1/changelog.html
Kahua is CPS, Continuation Passing Style application framework written
in one of scheme implementation, Gauche.
CPS has following advantages.
- You can use "Continuation" easily so you can resolve the typical Web
Applicaiton's problem of process disconnection.
- You can program declaratively by using S-expressions as fundamental
data type.
- You can use Kahua's Object Database to permanent data by itself.
- You can modify the function being run and it supports incremental
development.
Gauche is an R5RS Scheme implementation that is designed to be a
useful tools for daily work. See http://practical-scheme.net/gauche/
in detail.
Kahua is licensed under the modified BSD license. See COPYING in detail.
"Kahua" means platform, location or base in Hawaiian.
tool for creating authentication systems based on other databases.
The module can be used in either of two somewhat divergent ways:
1) External Authentication:
2) Hardcoded Authentication:
o arp-acl is now supported on NetBSD contributed by Jaromir Dolecek <jdolecek@>.
Changes to squid-2.6.STABLE7 (Jan 13 2007)
- Windows port: Fix intermittent build error using Visual Studio
- Add missing tproxy info from the dump of http port configuration
- Bug #1853: Support for ARP ACL on NetBSD
- clientNatLookup(): fix wrong function name in debug messages
- Convert ncsa_auth man page from DOS to Unix text format.
- Bug #1858: digest_ldap_auth had some remains of old hash format
- Correct the select_loops counter when using select(). Was counted twice
- Clarify the http_port vhost option a bit
- Fix cache-control: max-stale without value or bad value
- Bug #1857: Segmentation fault on certain types of ftp:// requests
- Bug #1848: external_acl crashes with an infinite loop under high load
- Bug #1792: max_user_ip not working with NTLM authentication
- Bug #1865: deny_info redirection with authentication related acls
- Small example on how to use the squid_session helper
- Bug #1863: cache_peer monitorurl, monitorsize and monitorinterval not working properly
- Clarify the transparent http_port option a bit more
- Bug #1828: squid.conf docutemtation error for proxy_auth digest
- Bug #1867: squid.pid isn't removed on shutdown
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.
Fixes PR 35265, although I did not use the patch provided therein.
abs_srcdir in config_vars.mk is used during install so needs to reference
the work dir path, and by other packages such as ap2-fastcgi after install,
so we fix after install to reference the installed path
- Fixes ap2-fastcgi build
Patch provided by Alaric Snell-Pym in pkgsrc-users@.
-> Visitors 0.7 Released (30 March 2006)
30Mar2005 - Added screen resolution and color depth report (via Javascript) see the README file for more info.
12Dic2005 - Added --debug option for verbose errors.
17Nov2004 - Debian Bug#339594: default output is html, but the manpage says text. Fixed. Thanks to Rick Pasotto for reporting the bug.
15Nov2005 - --grep and --exclude options implemented.
13Nov2005 - --ignore-404 option, useful to ignore log lines about missing pages. When this option is turned on log lines with 404 errors are just used to genera te the 404 errors report and not used for other reports.
-> Visitors 0.61 Released (25 October 2005)
24Oct2005 - Versioning scheme changed, after 0.6 now there is 0.61 instead of 0.6a like it was in the past. 0.6a may look like an alpha release.
24Oct2005 - Ignore more bots other than bots from google when computing unique visitors stats. This makes unique visitors stats much more reliable, there are crawlers with 200 and more different IP addresses so the unique visitors algorithm does not help there.
-> Visitors 0.6 Released (10 October 2005)
10Oct2005 - New report: Adsensed-pages. Like googled-pages but for the adsense crawler, that's supposted to be the one with Mediapartners-Google user agent.
10Oct2005 - Fixed a bug resulting in wrong googled-pages report.
04Oct2005 - Some formatting problem and a bug introduced in the 0.6 beta version fixed thanks to Simon Waters <sysadmin at zynet dot net>
03Oct2005 - Visitors's site finally contains a Japanese translation thanks to Takeshi ABE (tabe (at) fixedpoint (dot) jp).
02Oct2005 - Fixed the parsing code to detect the user agent string when no occurence of (...) string is present. This results in more accurate stats.
02Oct2005 - New feature: Referer spam filtering via blacklist.h
02Oct2005 - New report: google's "hl" human language.
17Sep2005 - Browsers list updated, Internet Explorer splitted into IE4, IE5 and IE6, detection of Firefox as a special case of Gecko based.
16Sep2005 - Fixed Debian Bug #312345, adding newline for every 'td' table
element generated to create 2D maps. This makes simpler to send reports by
email. Thanks to Simon Waters <sysadmin at zynet dot net>
web.py is a web framework for python that is as simple as it is powerful.
web.py is in the public domain; you can use it for whatever purpose with
absolutely no restrictions.
Trac-0.10.3-ja-1 (Dec 15, 2006)
* Merge trac-0.10.3
* Update to current statement.
* README.trac-ja
* wiki-default/TracJa
* Fixes a invalid trac-links.
* wiki-default/TracModPython
* Fixes ununified translations for "View changes".
* templates/anydiff.cs
* templates/log.cs
* templates/wiki.cs
* wiki-default/TracTermsJa
Trac 0.10.3 (Dec 12, 2006)
http://svn.edgewall.org/repos/trac/tags/trac-0.10.3
Trac 0.10.3 is a bug fix release. The following list contains only a
few highlights:
* Timeline fail to load with a "NoSuchChangeset" error message (#4132).
* Timed out MySQL connections not handled properly (#3645).
* Subversion repository resync broken. (#4204).
The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10.2
or USE_X11BASE set, but don't include mk/x11.buildlink3.mk directly or
via buildlink3.mks
- introduce BUILDLINK_PREFIX.libXpm as alias for BUILDLINK_PREFIX.xpm
in the !modular case
- fix some cases where the check for libX11 couldn't work at all by using
C++ for compilation without including the proper headers
Verified using a full X11_TYPE=xorg bulk build without additional
breakage. Discussed with salo@, wiz@ and send to packages@ for feedback.
MFSA 2006-76 XSS using outer window's Function object
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/
MFSA 2006-76 XSS using outer window's Function object
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/
MFSA 2006-74 Mail header processing heap overflows
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.0.7/README.html
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.9.html
Changes:
This release of Opera introduces Fraud Protection.
Changes Since Opera 9.02
User interface
* Fixed handling of access keys on Web pages with frames.
* Mail, messaging, and newsfeeds
* Fixed an instability connected with delayed entry of the Master password.
* Deleting of newsfeeds in the panel now both unsubscribes and deletes.
Display and scripting
* Improved performance for elements with both :focus and :hover.
* Fixed an issue with opacity on links that have images nested within them.
Security
* New Fraud Protection feature (a phishing filter).
* Changed Wand data to a new format. The upgrade to this new format
is not reversible.
Miscellaneous
* Multiple stability issues solved, including crashes on Gmail and Google Maps.
* Changed the Mozilla User Agent string to include Firefox identification.
* Improved handling of Web site logins on slow connections.
* Cancellation of torrent downloads now functions as expected.
UNIX-specific changes
* Fixed smooth scrolling.
* Flash 9 beta support for Linux.
* Implemented support for Linux plug-ins on FreeBSD.
* When masking as Internet Explorer, the platform is masked as Windows XP.
* Fixed an issue where floating point numbers were treated as integers
on some Linux systems.
I would list the changes here, but I don't entirely understand them.
XXX Why do we have a separate multimedia/ns-flash package? The
XXX packages to handle the opera plugins depend the ns-flash package
XXX -- perhaps this could do the same so there is only one place this is
XXX handled?
packages with the modular Xorg equivalent. Those are falling back
to the old location by default, so this commmit doesn't change
dependencies.
graphics/xpm ==> x11/libXpm
fonts/Xft2 ==> x11/libXft
x11/Xfixes ==> x11/libXfixes
x11/xcursor ==> x11/libXcursor
x11/Xrender ==> x11/libXrender
x11/Xrandr ==> libXrandr
pkgsrc change: remove PATCHFILES which hasn't used recent days.
Changes to squid-2.6.STABLE6 (Dec 12 2006)
- Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth()
- Add client source port logformat tag >p
- Cleanup of transparent & accelerator mode request parsing to untangle the firewall dependencies a bit
- Bug #1799: Harmless 1 byte buffer overflow on long host names in /etc/hosts
- automake no longer recommends mkinstalldirs. Removed.
- Only use crypt() if it's available, allowing ncsa_auth to be built
on platofms without crypt() support.
- Windows port documentation updates
- Bug #1818: Assertion failure assert(e->swap_dirn >= 0) in fs/coss/store_dir_coss.c storeCoss_DeleteStoreEntry
- Bug #1117: assertion failed: aufs/store_dir_aufs.c:642: "rb->flags.need_to_validate"
- Remove extra newline in redirect message sent by deny_info http://... aclname
- Bug #1805: assertion failed: StatHist.c:195: "D[i] >= 0"
- Clarify the external_acl_type helper format specification and some defaults
- Add support for the weight= parameter to round-robin peers
- Bug #1832: Error building squid-2.6.STABLE5 using --enable-truncate
- Convert snmpDebugOid to use a temporary String object instead of strcat
- Document that proxy_auth also accepts -i for case-insensitive operation
- Remove malloc/free of temporary buffer in time parsing routines.
- Reduce memory allocator pressure by not continually allocating client-side read buffers
- Accept large dates >2^31 on 64-bit platformst. Seen for example in the Google logo.
- Convert the connStateData->chr single link list to a normal dlink_list for clarity.
- Bug #1584: Unable to register with multiple WCCP2 routers
- Fix the WCCPv2 mask assignment code to not crash as the value assignments are built.
- Bug #439: Multicast ICP peering is unstable and considers most peers dead
- Bug #1801: NTLM authentication ends up in a loop if the server responds with a retriable error
- Bug #1839: Cosmetic debug message cleanup in peerHandleHtcpReply.
- Bug #1840: Disable digest and netdb queries to multicast peers
- Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing certain Vary objects
- Fix build errors when using latest MinGW Windows environment
by Pierre Pronchery as PR pkg/35200
other changes:
-enables startupnotify
-Fixes a problem of liferea-feed-add with running program detection
-translation updates
mod-xslt2 is a server side module able to transform ``xml''
documents in ``html'' (or to any other format) before they
even get back to the browser.
mod-xslt2 main features include:
* Ability to parse generated xml (ability to parse the output of
php or perl scripts).
* Ability to use the ``xslt'' indicated by the <?xml-stylesheet
processing instruction.
* Ability to send back the xml file unparsed to the browser.
* Ability to fetch xslt or DTDs from scripts rather than from
static files.
* Ability to fetch a different xslt depending on the content of
the request headers, of the get parameters or the web server
environment.
* Ability to allow xslt stylesheets to make use of these
variables to generate output.
--
http://www.mod-xslt2.com/
No changelog, but announcement said:
Use internal OFF_T_FORMAT instead of PRId64
Fix compilation on Minix3
Bug 841, CVE-2006-5925: Prevent enabling the SMB protocol.
Ecmascript: activate link only when onClick returns true
=== RELEASE 2.1pre26 ===
Tue Nov 28 23:13:38 MET 2006 mikulas:
Fixed severe security bug: '"' and ';' in smb:// url could be used for
remote command execution.
=== RELEASE 2.1pre25 ===
Wed Nov 22 23:55:21 MET 2006 mikulas:
DirectFB no longer causes internal error on unsupported color depth.
Normal error reporting and trying other drivers is be done.
Wed Nov 22 22:26:58 MET 2006 Jakub Bogusz <qboosh@pld-linux.org>:
Updated Polish Translation
Sun Nov 12 17:23:46 MET 2006 user:
Fixed memory leak in http authentication
Varnish is
* a high-performace HTTP accelerator designed for content-heavy
dynamic web sites.
* designed for maximum performance on modern hardware and modern
operating systems. Varnish takes full advantage of modern virtual
memory systems and of advanced operating system features such as
kqueue, accept filters, sendfile etc. where available.
* open source, published under a two-clause BSD license.
From the website:
Varnish is very, very fast - ten to twenty times faster than
Squid on the same hardware.
http://www.varnish-cache.org/
as is done with firefox2 as well now. This obsoletes additional packages like
firefox2-bin-flash etc. Downside is that the corresponding 1.5 and 2.0
packages can no longer be installed in parallel.
which allows us to install the pkgconfig files as well, which allows
to use the gecko html renderer to be used by other programs
The side effect is that firefox-1.x and firefox-2.x can't be installed
at the same time anymore.
update firefox-bin and firefox2-bin to override MOZ_DIR to point
to the binary Linux distribution; kill their own MASTER_SITES
now firefox-bin and firefox2-bin automaticaly pick up mirror
changes in the master script
but there seems no reason to reject local revisions (nb*). Accept them by
using the pattern reed@ suggested ({,nb[0-9]*}).
This should address pkg/34973.
3.0.6 is a stable release which includes many significant enhancements
and new features, including a number of new actions, multiple filter file
capability, full windows service functionality, as well as numerous
bugs done away with. See http://www.privoxy.org/user-manual/whatsnew.html
for details.
Trac-0.10.2-ja-1 (Nov 14, 2006)
* Merge trac-0.10.2
* Update to current statement.
* README.trac-ja
* wiki-default/TracJa
Trac 0.10.2 (Nov 13, 2006)
http://svn.edgewall.org/repos/trac/tags/trac-0.10.2
Trac 0.10.2 is a bug fix release. The following list contains only a
few highlights:
* Fixes deadlock when using authz_file config option (#3996).
* Makes the CSRF code play nice with the XmlRpcPlugin (#4122).
* Fixes Timeline breakage after svn commit when using sqlite (#4120).
The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10.2
=== RELEASE 2.1pre24 ===
Mon Nov 6 02:13:48 cet 2006 mikulas:
Fixed incorrect page displayed when search string ended with space and
the word was last on page
Thu Oct 26 16:10:01 MET 2006 user:
More strict parsing of ftp list, fixes ftp.su.se
Sun Oct 15 22:55:28 MET DST 2006 mikulas:
Allow cookie path to point to file, not only directory
Wed Oct 11 00:17:27 MET DST 2006 mikulas:
Fixed quirk with displaying of links in text mode
Mon Oct 9 23:33:03 MET 2006 Jakub Bogusz <qboosh@pld-linux.org>:
Updated Polish translation
Mon Oct 9 21:55:24 MET 2006 Jindrich Makovicka <makovick@gmail.com>:
Fixed memory corruption when redirecting URLs with user:password
Mon Sep 11 02:43:32 MET DST 2006 mikulas:
Test for socklen_t
Work without PF_INET (for Minix 3)
Cleaned up use of AF_ and PF_ constants
Sat Sep 9 00:05:16 MET 2006 user:
Fixed double-to-string conversion for config files
Fri Aug 25 00:48:05 MET 2006 user:
Parsing ftp directories starts to be difficult because fixing one bug
introduces other. Previous fix sometimes mistook size for year :-/
Sun Aug 20 05:06:57 cet 2006 mikulas:
Correctly translate character set of "label" attribute
Thu Aug 17 19:57:34 MET 2006 user:
Fixed incremental loading of XBM images
Mon Aug 7 05:11:47 CEST 2006 Matthew Fischer <futhark@mchsi.com>:
Fixed Japanese fonts
Mon Jul 31 00:32:58 MET 2006 user:
More cygwin fixes
bash 3.1.x gets shell quoting wrong, causing configure to fail on platforms
that use this shell
New in this version according to
http://www.modpython.org/live/mod_python-3.2.10/doc-html/node98.html:
- Added support for Apache 2.2.
- New req.is_https() and req.ssl_var_lookup() methods. These communicate
direct with the Apache mod_ssl module, allowing it to be determined if
the connection is using SSL/TLS and what the values of internal ssl
variables are.
- New req.server.get_options() method. This returns the subset of Python
options set at global scope within the Apache configuration. That is,
outside of the context of any VirtualHost, Location, Directory or Files
directives.
- The directory used for mutex locks can now be specified at at compile
time using ./configure --with-mutex-dir value or at run time with
PythonOption mod_python.mutex_directory value.
- The number of mutex locks can now be specified at run time with
PythonOption mod_python.mutex_locks value.
- Fixed three memory leaks that were found in _apachemodule.parse_qsl,
req.readlines and util.cfgtree_walk.
- Third party C modules that use the simplified API for the Global Interpreter
Lock (GIL), as described in PEP 311, can now be used. The only requirement
is that such modules can only be used in the context of the "main_interpreter".
- DbmSession unit test no longer uses the default directory for the dbm file,
so the test will not interfer with the user's current apache instance.
- Added additional debugging and logging output for where mod_python cannot
initialise itself properly due to Python or mod_python version mismatches or
missing Python module code files.
- Fixed configure problem when using bash 3.1.x.
- Fixed DbmSession to create db file with mode 0640.
- Fixed request.sendfile() bug for symlinked files on Win32.
Changes between 1.2.18 and 1.2.19
Native
update Docs: Add SetHandler and new env var to Apache config docs. (rjung)
update Apache 1.3: Backport "no-jk" feature. (rjung)
update Apache: Add an environment variable to make SetHandler "jakarta-servlet" more useful. The variable is JK_WORKER_NAME, but can be changed by the new directive JkWorkerIndicator. (rjung)
fix LB: Don't use single worker shortcut, if the single worker is being diabled. (rjung)
fix Status worker: Add short explanation of activation and error states to legend. (rjung)
fix Docs: Add meaning of zero timeout values for various timeouts in workers.properties. (rjung)
fix LB: Cleanup of Mladens forced recovery. (rjung)
fix LB: Do not change lb_value for recovering workers to max, if we are using BUSYNESS method. (rjung)
fix Apache: Since 1.2.14 mod_jk failed to detect client abort. (rjung)
fix Docs: Corrected description of JkEnvVar. (rjung)
fix Solaris: Detect filio.h in configure to make the new connection detection build on solaris (r432825). (rjung)
update Add feature to force the recovery of workers that are member of loadbalancer if all the members are in error state. This fixes the time gap where 503 was returned caused by recovery_timeout although the backend was ready to handle the requests. (mturk)
update Docs: Seperate deprecated directives in their own table. (rjung)
update Docs: Allow "-" and "_" in worker names. (rjung)
update Allow multiple lines with attributes "balance_workers" and "mount". (rjung)
fix Make jk_is_some_property match more precisely. (rjung)
update JkStatus: Make refresh interval changeable. (rjung)
fix JkStatus: Adjust display of recover time wrt. global maintenance. (rjung)
update LB: Resetting worker state from OK to NA, if worker has been idle too long. (rjung)
fix Avoid compiler warnings concerning the use of lb_*_type arrays. Use functions instead. (rjung)
update Added %R JkRequestLogFormat option for Apache 1 and Apache 2. (mturk)
update Allow changing jvm Route from status manager. (mturk)
fix Do not retun 400 if Tomcat fails in the midle of the post request. Return 500 insted. (mturk)
update LB: Combine ok/error/recovering/busy runtime states into a single scalar. (rjung)
update LB: Combine active/disabled/stopped configuration states into a single scalar. (rjung)
update LB: Add several Apache notes to enable standard logging for load balancer results. (rjung)
update LB: Reorganisation of the main load balancer service loop. (rjung)
update Implement hierarchical worker configuration via attribute "reference". (rjung)
update Log deprecated properties. (rjung)
fix IIS: Fix simple_rewrite for the cases where the rewritten url is larger then the original one. (mturk)
update New JkOption "DisableReuse" to disable connection persistence. (jim)
update LB: Move sessionid retrieval out of get_most_suitable_worker into service. (rjung)
update Code cleanup for all service methods (use TRACE, JK_LOG_NULL_PARAMS, null pointer checks). (rjung)
update JKSTATUS: add refresh link. No refresh for updates. Redirect to list view after update. (rjung)
update Add new hook add_log_items into servers. (rjung)
update APACHE httpd: Rename apache logging notes. (rjung)
update LB: Rename lock and method constants. Add constants for defaults. (rjung)
fix Default log level should be INFO and not DEBUG. Default log level should be the same for all server types. (rjung)
fix Make rewrite_rule_map and log_level as non mandatory directives for isapi_redirect. (mturk)
fix 40107: Rewrite is_socket_connected function. Non blocking socket is not used any more. (mturk)
update Allow building with VS2005 without too many warnings. (mturk)
fix Decide by MMN, which piped log API we should use. mod_jk 1.2.18 broke compilation with Apache 1.3 pre 1.3.28. (rjung)
Changes between 1.2.17 and 1.2.18
Native
fix Using socklen_t in getsockopt. Also introducing jk_sock_t. (mturk)
update Allow recovery wait time below 60 seconds (new minimum is 1 second). (mturk)
Changes between 1.2.16 and JK 1.2.17
Native
fix Fix hanging jk status worker when certain attributes are being updated due to double locking. (rjung)
update Allow JkMount to behave like uriworkermap.properties by parsing pipe symbol as two directive marker. (mturk)
Changes between 1.2.15 and JK 1.2.16
Native
update Added simple rewrite capability for IIS. Although simple it will fulfill most needs. (mturk)
update Added RECOVER_ABORT_IF_CLIENTERROR recovery_option that closes the connection if client connection is broken during the request. (mturk)
update Renamed cache_timeout directive to connection_pool_timeout. (mturk)
update Added connection_pool_minsize directive. (mturk)
update Deprecate recycle_timeout directive. (mturk)
update Corrected some HTML syntax bugs in output of status worker. (rjung)
update Added the refresh=n parameter to the status worker. It will update the display every n seconds. (rjung)
update Balancer: Add attribute distance to balanced workers to express preferences between workers. (rjung)
update Balancer: Add attribute jvm_route to balanced workers to be able to use the same target in different balancers. (rjung)
update Status: Add lb_mult to status. (rjung)
update Balancer: Make different balancing strategies work in a similar way (use lb_value, use decay during global maintenance, use integer factors for weights. (rjung)
update Balancer: Improve locking. (rjung)
update Balancer: Workers start slower after recovering. (rjung)
update Balancer: Make different balancing strategies work in a similar way (use lb_value, use decay during global maintenance, use integer factors lb_mult for weights). (rjung)
update Balancer: Move recovery check to global maintenance. (rjung)
update Balancer: Add global maintenance method, that is called in only one process. (rjung)
update Extend our use of autoconf to find a 32Bit and a 64Bit unsigned type and their printf formats. (rjung)
update Logging: piped loggers for JkLogFile and Apache 1.3. (rjung)
update Logging: Add PID to log lines for each log level apart from REQUEST. (rjung)
update Logging: flush buffered logs to keep lines in correct order. Output final newline together with log message. (rjung)
update Reducing shm size. (rjung)
update Only log removing of old worker, when we actually do it. (rjung)
fix 37469: Fix shared memory close for forked childs. The shared memory will be closed by the parent process. (mturk)
fix 37332: Fix potential misuse of buffer length with snprintf functions. (mturk)
fix 38859: Protect mod_jk against buggy or malicious AJP servers in the backend. Patch provided by Ruediger Pluem. (mturk)
fix 38889: Use worker map sorting depending on the path elements, to comply with Servlet spec. Patch provided by Steve Revilak. (mturk)
update 36138: Added Busyness lb method. Patch provided by Chris Lamprecht. (mturk)
fix Fix pessimistic locking mode. The patch correctly handles the burst load, by syncing the access to the shared memory data. (mturk)
fix 38806: Reclycle worker even if it is disabled. This fixes hot-standby workers in error state. (mturk)
fix 37167: Allow building with BSD-ish like make. (mturk)
fix ISAPI plugin (isapi_redirect.dll) did not provide correct request data for IIS to include in the IIS log. (markt)
Changes:
Tomcat 5.5.20 (fhanik)
Catalina
fix Fix logic error in UserDatbaseRealm.getprincipal() that caused user roles assigned via groups to be ignored. (markt)
Jasper
fix 31804: Unnested tags within a tag file are now configured with the Tag represented by the containing tag file as their parent tag. (markt)
fix 33356: Tag attributes that contained $ followed by 1 or more non-special characters and then a { character caused an exception. (markt)
fix 33407: The string \$ in template text was reduced to $ when the isELIgnored page directive was set to true. (markt)
Tomcat 5.5.19 (fhanik)
General
update Add multi attribute setting to jmx:set JMX remote ant task. Patch contributed by Didier Donsez (pero)
Catalina
fix 30762: Re-fix this bug that was re-introduced by the fix to 37264. (markt)
fix 37588: Fix JNDI realm creation through JMX. Patch contributed by TerryZhou (fhanik)
fix 39704: The use of custom classloaders failed when the context was specified in server.xml. Correction of the fault will require setting the new loader attribute useSystemClassLoaderAsParent to false. (markt)
Coyote
fix 40418: APR Endpoint socket evaluation (remm)
Webapps
fix 31339: Admin app threw exceptions if a name other than Catalina was configured for the Engine. Patch based on a suggestion from Amila Suriarachchi. (markt)
Tomcat 5.5.18 (yoavs)
General
update Change MD5 release signature files to have md5 (lowercase) extension instead of MD5 (uppercase), as suggested by Henk Penning and specified in the ASF release publishing guidelines. (yoavs)
Catalina
fix Fix that ManagerBase increment expireSessions counter at background task two times. (pero)
fix 39406: Fix that StandardSession#getLastAccessedTime() uses correct exception message, suggested by Takayoshi Kimura. (pero)
add 39661: Add documentation on JULI FileHandler properties. (yoavs)
add 39657: Warn (and don't load jar) if JSP API is in webapp classloader repository, as suggested by David Sanchez Crespillo. (yoavs)
add 39674: Support JRockit JVM in service.bat script, as suggested by lizongbo. (yoavs)
fix 39711: Update Loader configuration documentation, as suggested by Stephane Bailliez. (yoavs)
fix 39865: Add Open Office mime types to conf/web.xml. (markt)
fix 38814: Align CGI handling of indexed queries, parameters and POST content with other CGI providers. The changes: only provide parameters on the command line for indexed queries; always provide the query string via the QUERY_STRING environment variable; provide POST content unmodified to stdin; and never call getParameters(). (markt)
fix 34801: Partial fix that adds handling of IOExceptions during long running CGI requests. Based on a patch by Chris Davey. (markt)
fix 39689: Allow single quotes (') and backticks (`) as well as double quotes (") to be used to delimit SSI attribute values. (markt)
fix 40053: Correct application deployment documentation so it agrees with the classloader documentation regarding shared lib and CATALINA_BASE. (markt)
fix 39592: Stop HEAD requests for resources handled by SSI servlet or filter generating stack traces in the logs. (markt)
fix Improve handling of the ';' character in the URL so that it is now allowed if properly %xx encoded. (remm)
Coyote
fix Fix APR endpoint so that the acceptor thread now only processes socket accepts. (remm)
Webapps
fix 39813: Correct handling of new line characters in JMX attributes. Patch provided by R Bramley. (markt)
fix 37781: Make sure that StoreConfig save external referenced war files at context.xml correct. (pero)
fix 39791: Use correct default for useNaming within a Context. (markt)
fix Correctly generate re-direct for admin app index.jsp to prevent login page being displayed twice when cookies are disabled. (markt)
Cluster
fix 39473: Session timeout much shorter than setting at web.xml at cluster environment, suggested by Jin Jiang. (pero)
ikiwiki is a wiki compiler. It converts wiki pages into html pages
suitable for publishing on a website. Unlike many wikis, ikiwiki does
not have its own ad-hoc means of storing page history, and instead
uses an revision control system.
The pkg currently has options for a dependency on svn, which is the
default rcs backend. Support for other backends is included in the
installed pkg, but there are no dependencies in the pkg for them yet.
Trac-0.10.1-ja-1 (Nov 9, 2006)
* Merge trac-0.10.1
* Translate messages into Japanese.
* trac/db/api.py
* trac/notification.py
* Correct some translations.
* templates/timeline.cs
* wiki-default/TracIni
* trac/mimeview/silvercity.py
* Add link to TracJa.
* wiki-default/TracGuide
* Update to current statement.
* README.trac-ja
* wiki-default/TracJa
* bdist's package name revert to `trac` from `trac-ja`,
because some plugins require `trac`'s package name.
* setup.py
Trac 0.10.1 (Nov 8, 2006)
http://svn.edgewall.org/repos/trac/tags/trac-0.10.1
Trac 0.10.1 contains a security fix and a number of bug fixes.
The following list contains only a few highlights:
* Fixed CSRF vulnerability (#4049), reported by Daniel Kahn Gillmor.
* Improved DB connection handling (#3503)
* Tracd no longer tries to resolve client's IP address (#3481).
The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10.1
* install pinger program setuid to make ICMP work; the problem noted by
Heron Gallegos via private mail.
Key changes squid-2.6.STABLE4 to 2.6.STABLE5
* Bug #1776: 2.6.STABLE4 aufs fails to compile if coss isn't enabled
* COSS improvements and cleanups
* Bug #1785: Memory leak in handling of negatively cached objects
* Bug #1780: Incorrect Vary processing in combination with collapsed_forwarding
* Bug #1779: Delay pools fairness when multiple connections compete for bandwidth
* Bug #1796: Assertion error HttpHeader.c:914: "str"
* All comm loops now use the generic event framework
* a number of other minor and cosmetic bugfixes. See the list of squid-2.6.STABLE4 changes and the ChangeLog file for details.
MFSA 2006-67 Running Script can be recompiled
MFSA 2006-66 RSA signature forgery (variant)
MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)
For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.8.html
Mongrel is a fast HTTP library and server for Ruby that is intended
for hosting Ruby web applications of any kind using plain HTTP rather
than FastCGI or SCGI. It is framework agnostic and already supports
Ruby On Rails, Og+Nitro, and Camping frameworks.
Version 7.16.0 (30 October 2006)
Daniel (25 October 2006)
- Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
case when 401 or 407 are returned, *IF* no auth credentials have been given.
The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
and 407 cases when auth credentials is given, but we've now covered this
somewhat more.
You might get some amounts of headers transferred before this situation is
detected, like for when a "100-continue" is received as a response to a
POST/PUT and a 401 or 407 is received immediately afterwards.
Added test 281 to verify this change.
Daniel (23 October 2006)
- Ravi Pratap provided a major update with pipelining fixes. We also no longer
re-use connections (for pipelining) before the name resolving is done.
Daniel (21 October 2006)
- Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all
the single test applications' link and dependences, so that you easier can
override those from the command line when using make.
- Armel Asselin separated CA cert verification problems from problems with
reading the (local) CA cert file to let users easier pinpoint the actual
problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
Daniel (18 October 2006)
- Removed the "protocol-guessing" for URLs with host names starting with FTPS
or TELNET since they are practically non-existant. This leaves us with only
three different prefixes that would assume the protocol is anything but
HTTP, and they are host names starting with "ftp.", "dict." or "ldap.".
Daniel (17 October 2006)
- Bug report #1579171 pointed out code flaws detected with "prefast", and they
were 1 - a too small memory clear with memset() in the threaded resolver and
2 - a range of potentially bad uses of the ctype family of is*() functions
such as isdigit(), isalnum(), isprint() and more. The latter made me switch
to using our own set of these functions/macros using uppercase letters, and
with some extra set of crazy typecasts to avoid mistakingly passing in
negative numbers to the underlying is*() functions.
- With Jeff Pohlmeyer's help, I fixed the expire timer when using
curl_multi_socket() during name resolves with c-ares and the LOW_SPEED
options now work fine with curl_multi_socket() as well.
Daniel (16 October 2006)
- Added a check in configure that simply tries to run a program (not when
cross-compiling) in order to detect problems with run-time libraries that
otherwise would occur when the sizeof tests for curl_off_t would run and
thus be much more confusing to users. The check of course should run after
all lib-checks are done and before any other test is used that would run an
executable built for testing-purposes.
Dan F (13 October 2006)
- The tagging of application/x-www-form-urlencoded POST body data sent
to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously
included as part of the header). A message was also added to the
command line tool to show when data is being sent, enabled when
--verbose is used.
Daniel (12 October 2006)
- Starting now, adding an easy handle to a multi stack that was already added
to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned.
- Jeff Pohlmeyer has been working with the hiperfifo.c example source code,
and while doing so it became apparent that the current timeout system for
the socket API really was a bit awkward since it become quite some work to
be sure we have the correct timeout set.
Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another
callback the app can set to get to know when the general timeout time
changes and thus for an application like hiperfifo.c it makes everything a
lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in
good old libcurl tradition.
Jeff has also updated the hiperfifo.c example code to use this news.
Daniel (9 October 2006)
- Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test
case 535 and it now runs fine. Again a problem with the pipelining code not
taking all possible (error) conditions into account.
Daniel (6 October 2006)
- Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to
test case 533 and the test now runs fine.
Daniel (4 October 2006)
- Dmitriy Sergeyev provided an example source code that crashed CVS libcurl
but that worked nicely in 7.15.5. I converted it into test case 532 and
fixed the problem.
Daniel (29 September 2006)
- Removed a few other no-longer present options from the header file.
- Support for FTP third party transfers was removed. Here's why:
o The recent multi interface changes broke it and the design of the 3rd party
transfers made it very hard to fix the problems
o It was still blocking and thus nasty for the multi interface
o It was a lot of extra code for a very rarely used feature
o It didn't use the same code as for "plain" FTP transfers, so it didn't work
fine for IPv6 and it didn't properly re-use connections and more
o There's nobody around who's willing to work on and improve the existing
code
This does not mean that third party transfers are banned forever, only that
they need to be done better if they are to be re-added in the future.
The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p*
options from the command line tool. For this reason, I also bumped the
version info for the lib.
Daniel (28 September 2006)
- Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
would crash if a bad function sequence was used when shutting down after
using the multi interface (i.e using easy_cleanup after multi_cleanup) so
precautions have been added to make sure it doesn't any more - test case 529
was added to verify.
Daniel (27 September 2006)
- The URL in the cookie jar file is now changed since it was giving a 404.
Reported by Timothy Stone. The new URL will take the visitor to a curl web
site mirror with the document.
Daniel (24 September 2006)
- Bernard Leak fixed configure --with-gssapi-libs.
- Cory Nelson made libcurl use the WSAPoll() function if built for Windows
Vista (_WIN32_WINNT >= 0x0600)
Daniel (23 September 2006)
- Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
encrypt the control connection and use the data connection "plain".
- Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
as it now will read the full data sent from servers. The SOCKS-related code
was also moved to the new lib/socks.c source file.
Daniel (21 September 2006)
- Added test case 531 in an attempt to repeat bug report #1561470
(http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an
FTP upload fails with the multi interface. It did not, but I made a failed
upload still assume the control connection to be fine.
Daniel (20 September 2006)
- Armel Asselin fixed problems when you gave a proxy URL with user name and
empty password or no password at all. Test case 278 and 279 were added to
verify.
Daniel (12 September 2006)
- Added docs/examples/10-at-a-time.c by Michael Wallner
- Added docs/examples/hiperfifo.c by Jeff Pohlmeyer
Daniel (11 September 2006)
- Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
handle that is part of a multi handle first removes the handle from the
stack.
- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
session-ID re-use on demand since there obviously are broken servers out
there that misbehave with session-IDs used.
- Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
problem with it (SIGSEGV-style). It clearly showed that the existing
socket-state and state-difference function wasn't good enough so I rewrote
it and could then re-run Jeff's program without any crash. The previous
version clearly could miss to tell the application when a handle changed
from using one socket to using another.
While I was at it (as I could use this as a means to track this problem
down), I've now added a 'magic' number to the easy handle struct that is
inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
we can use internally to detect that an easy handle seems to be fine, or at
least not closed or freed (freeing in debug builds fill the area with 0x13
bytes but in normal builds we can of course not assume any particular data
in the freed areas).
Daniel (9 September 2006)
- Michele Bini fixed how the hostname is put in NTLM packages. As servers
don't expect fully qualified names we need to cut them off at the first dot.
- Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some
of them can be completetly removed though...
Daniel (6 September 2006)
- Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a
multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that
handle will be attempted to get pipelined instead of done in parallell as
they are performed otherwise.
As a side-effect from this work, connections are now shared between all easy
handles within a multi handle, so if you use N easy handles for transfers,
each of them can pick up and re-use a connection that was previously used by
any of the handles, be it the same or one of the others.
This separation of the tight relationship between connections and easy
handles is most noticable when you close easy handles that have been used in
a multi handle and check amount of used memory or watch the debug output, as
there are times when libcurl will keep the easy handle around for a while
longer to be able to close it properly. Like for sending QUIT to close down
an FTP connection.
This is a major change.
Daniel (4 September 2006)
- Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a
patch that while not fixing things very nicely, it does make the SOCKS5
proxy connection slightly better as it now acknowledges the timeout for
connection and it no longer segfaults in the case when SOCKS requires
authentication and you did not specify username:password.
Daniel (31 August 2006)
- Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch
name resolves. It could get stuck in the wrong state.
Gisle (29 August 2006)
- Added support for other MS-DOS compilers (desides djgpp). All MS-DOS
compiler now uses the same config.dos file (renamed to config.h by
make). libcurl now builds fine using Watcom and Metaware's High-C
using the Watt-32 tcp/ip-stack.
Daniel (29 August 2006)
- David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
allow applications to set their own socket options.
Daniel (25 August 2006)
- Armel Asselin reported that the 'running_handles' counter wasn't updated
properly if you removed a "live" handle from a multi handle with
curl_multi_remove_handle().
Daniel (22 August 2006)
- David McCreedy fixed a remaining mistake from the August 19 TYPE change.
- Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
code when doing pure ipv6 EPRT connections.
Daniel (19 August 2006)
- Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
command on subsequent requests on a re-used connection unless it has to.
- Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and
files in the root directory.
- Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't
send the whole request at once, even though the Expect: header was disabled
by the application. An effect of this change is also that small (< 1024
bytes) POSTs are now always sent without Expect: header since we deem it
more costly to bother about that than the risk that we send the data in
vain.
Daniel (9 August 2006)
- Armel Asselin made the CURLOPT_PREQUOTE option work fine even when
CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place
in the command sequence as it would have run if there would've been a
transfer.
Daniel (8 August 2006)
- Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
on a persistent connection and allowed the first to use that header, you
could not disable it for the second request.
Daniel (7 August 2006)
- Domenico Andreolfound a quick build error which happened because
src/config.h.in was not a proper duplcate of lib/config.h.in which it
should've been and this was due to the maketgz script not doing the cp
properly.
Firefox 2 is the next generation release of the award-winning Firefox web
browser from Mozilla.
What's New in Firefox 2
* Visual Refresh: Firefox 2's theme and user interface have been updated to
improve usability without altering the familiarity of the browsing
experience.
* Built-in phishing protection: Phishing Protection warns users when they
encounter suspected Web forgeries, and offers to return the user to their
home page. Phishing Protection is turned on by default, and works by checking
sites against either a local or online list of known phishing sites. This
list is automatically downloaded and regularly updated when the Phishing
Protection feature is enabled.
* Enhanced search capabilities: Search term suggestions will now appear as
users type in the integrated search box when using the Google, Yahoo! or
Answers.com search engines. A new search engine manager makes it easier to
add, remove and re-order search engines, and users will be alerted when
Firefox encounters a website that offers new search engines that the user may
wish to install.
* Improved tabbed browsing: By default, Firefox will open links in new tabs
instead of new windows, and each tab will now have a close tab button. Power
users who open more tabs than can fit in a single window will see arrows on
the left and right side of the tab strip that let them scroll back and forth
between their tabs. The History menu will keep a list of recently closed
tabs, and a shortcut lets users quickly re-open an accidentally closed tab.
* Resuming your browsing session: The Session Restore feature restores windows,
tabs, text typed in forms, and in-progress downloads from the last user
session. It will be activated automatically when installing an application
update or extension, and users will be asked if they want to resume their
previous session after a system crash.
* Previewing and subscribing to Web feeds: Users can decide how to handle Web
feeds (like this one), either subscribing to them via a Web service or in a
standalone RSS reader, or adding them as Live Bookmarks. My Yahoo!, Bloglines
and Google Reader come pre-loaded as Web service options, but users can add
any Web service that handles RSS feeds.
* Inline spell checking: A new built-in spell checker enables users to quickly
check the spelling of text entered into Web forms (like this one) without
having to use a separate application.
* Live Titles: When a website offers a microsummary (a regularly updated
summary of the most important information on a Web page), users can create a
bookmark with a "Live Title". Compact enough to fit in the space available to
a bookmark label, they provide more useful information about pages than
static page titles, and are regularly updated with the latest information.
There are several websites that can be bookmarked with Live Titles, and even
more add-ons to generate Live Titles for other popular websites.
* Improved Add-ons manager: The new Add-ons manager improves the user interface
for managing extensions and themes, combining them both in a single tool.
* JavaScript 1.7: JavaScript 1.7 is a language update introducing several new
features such as generators, iterators, array comprehensions, let
expressions, and destructuring assignments. It also includes all the features
of JavaScript 1.6.
* Extended search plugin format: The Firefox search engine format now supports
search engine plugins written in Sherlock and OpenSearch formats and allows
search engines to provide search term suggestions.
* Updates to the extension system: The extension system has been updated to
provide enhanced security and to allow for easier localization of extensions.
* Client-side session and persistent storage: New support for storing
structured data on the client side, to enable better handling of online
transactions and improved performance when dealing with large amounts of
data, such as documents and mailboxes. This is based on the WHATWG
specification for client-side session and persistent storage.
* SVG text: Support for the svg:textpath specification enables SVG text to
follow a curve or shape.
Firefox 2 is the next generation release of the award-winning Firefox web
browser from Mozilla.
What's New in Firefox 2
* Visual Refresh: Firefox 2's theme and user interface have been updated to
improve usability without altering the familiarity of the browsing
experience.
* Built-in phishing protection: Phishing Protection warns users when they
encounter suspected Web forgeries, and offers to return the user to their
home page. Phishing Protection is turned on by default, and works by checking
sites against either a local or online list of known phishing sites. This
list is automatically downloaded and regularly updated when the Phishing
Protection feature is enabled.
* Enhanced search capabilities: Search term suggestions will now appear as
users type in the integrated search box when using the Google, Yahoo! or
Answers.com search engines. A new search engine manager makes it easier to
add, remove and re-order search engines, and users will be alerted when
Firefox encounters a website that offers new search engines that the user may
wish to install.
* Improved tabbed browsing: By default, Firefox will open links in new tabs
instead of new windows, and each tab will now have a close tab button. Power
users who open more tabs than can fit in a single window will see arrows on
the left and right side of the tab strip that let them scroll back and forth
between their tabs. The History menu will keep a list of recently closed
tabs, and a shortcut lets users quickly re-open an accidentally closed tab.
* Resuming your browsing session: The Session Restore feature restores windows,
tabs, text typed in forms, and in-progress downloads from the last user
session. It will be activated automatically when installing an application
update or extension, and users will be asked if they want to resume their
previous session after a system crash.
* Previewing and subscribing to Web feeds: Users can decide how to handle Web
feeds (like this one), either subscribing to them via a Web service or in a
standalone RSS reader, or adding them as Live Bookmarks. My Yahoo!, Bloglines
and Google Reader come pre-loaded as Web service options, but users can add
any Web service that handles RSS feeds.
* Inline spell checking: A new built-in spell checker enables users to quickly
check the spelling of text entered into Web forms (like this one) without
having to use a separate application.
* Live Titles: When a website offers a microsummary (a regularly updated
summary of the most important information on a Web page), users can create a
bookmark with a "Live Title". Compact enough to fit in the space available to
a bookmark label, they provide more useful information about pages than
static page titles, and are regularly updated with the latest information.
There are several websites that can be bookmarked with Live Titles, and even
more add-ons to generate Live Titles for other popular websites.
* Improved Add-ons manager: The new Add-ons manager improves the user interface
for managing extensions and themes, combining them both in a single tool.
* JavaScript 1.7: JavaScript 1.7 is a language update introducing several new
features such as generators, iterators, array comprehensions, let
expressions, and destructuring assignments. It also includes all the features
of JavaScript 1.6.
* Extended search plugin format: The Firefox search engine format now supports
search engine plugins written in Sherlock and OpenSearch formats and allows
search engines to provide search term suggestions.
* Updates to the extension system: The extension system has been updated to
provide enhanced security and to allow for easier localization of extensions.
* Client-side session and persistent storage: New support for storing
structured data on the client side, to enable better handling of online
transactions and improved performance when dealing with large amounts of
data, such as documents and mailboxes. This is based on the WHATWG
specification for client-side session and persistent storage.
* SVG text: Support for the svg:textpath specification enables SVG text to
follow a curve or shape.
Firefox 2 is the next generation release of the award-winning Firefox web
browser from Mozilla.
What's New in Firefox 2
* Visual Refresh: Firefox 2's theme and user interface have been updated to
improve usability without altering the familiarity of the browsing
experience.
* Built-in phishing protection: Phishing Protection warns users when they
encounter suspected Web forgeries, and offers to return the user to their
home page. Phishing Protection is turned on by default, and works by checking
sites against either a local or online list of known phishing sites. This
list is automatically downloaded and regularly updated when the Phishing
Protection feature is enabled.
* Enhanced search capabilities: Search term suggestions will now appear as
users type in the integrated search box when using the Google, Yahoo! or
Answers.com search engines. A new search engine manager makes it easier to
add, remove and re-order search engines, and users will be alerted when
Firefox encounters a website that offers new search engines that the user may
wish to install.
* Improved tabbed browsing: By default, Firefox will open links in new tabs
instead of new windows, and each tab will now have a close tab button. Power
users who open more tabs than can fit in a single window will see arrows on
the left and right side of the tab strip that let them scroll back and forth
between their tabs. The History menu will keep a list of recently closed
tabs, and a shortcut lets users quickly re-open an accidentally closed tab.
* Resuming your browsing session: The Session Restore feature restores windows,
tabs, text typed in forms, and in-progress downloads from the last user
session. It will be activated automatically when installing an application
update or extension, and users will be asked if they want to resume their
previous session after a system crash.
* Previewing and subscribing to Web feeds: Users can decide how to handle Web
feeds (like this one), either subscribing to them via a Web service or in a
standalone RSS reader, or adding them as Live Bookmarks. My Yahoo!, Bloglines
and Google Reader come pre-loaded as Web service options, but users can add
any Web service that handles RSS feeds.
* Inline spell checking: A new built-in spell checker enables users to quickly
check the spelling of text entered into Web forms (like this one) without
having to use a separate application.
* Live Titles: When a website offers a microsummary (a regularly updated
summary of the most important information on a Web page), users can create a
bookmark with a "Live Title". Compact enough to fit in the space available to
a bookmark label, they provide more useful information about pages than
static page titles, and are regularly updated with the latest information.
There are several websites that can be bookmarked with Live Titles, and even
more add-ons to generate Live Titles for other popular websites.
* Improved Add-ons manager: The new Add-ons manager improves the user interface
for managing extensions and themes, combining them both in a single tool.
* JavaScript 1.7: JavaScript 1.7 is a language update introducing several new
features such as generators, iterators, array comprehensions, let
expressions, and destructuring assignments. It also includes all the features
of JavaScript 1.6.
* Extended search plugin format: The Firefox search engine format now supports
search engine plugins written in Sherlock and OpenSearch formats and allows
search engines to provide search term suggestions.
* Updates to the extension system: The extension system has been updated to
provide enhanced security and to allow for easier localization of extensions.
* Client-side session and persistent storage: New support for storing
structured data on the client side, to enable better handling of online
transactions and improved performance when dealing with large amounts of
data, such as documents and mailboxes. This is based on the WHATWG
specification for client-side session and persistent storage.
* SVG text: Support for the svg:textpath specification enables SVG text to
follow a curve or shape.
Changes in 1.3.0:
* All request and response headers are now treated case-insensitively,
per RFC 2616 (bug #1045, bug #4367).
* Values of multiple response headers with the same name are combined
into a comma-separated string per RFC 2616 (bug #1045)
* Generate proper closing boundary for multipart/form-data requests,
per RFC 1521 (bug #4397)
* magic_quotes_runtime directive is switched off when performing the
request since it may break file uploads and chunked responses (bug #4543)
* Response::_readChunked() will finish on zero-length chunk rather than
socket eof (patch from bug #3037)
* Added HTTP_Request::setBody() method, deprecated addRawPostData() due to
misleading name. The request body will be sent with all request methods
except those that explicitly forbid this (e.g. TRACE). Data set via
addPostData() / addFile() will only be sent with POST (see request #4716)
Changes in 1.2.4:
* Notice was raised when processing a response containing secure
cookies (bug #2741)
* Warning was raised when processing a response with empty body and
chunked Transfer-encoding (bug #2792)
* Improved inline documentation on constructor parameters (bug #2751)
Adresses PR pkg/34469 by Martin Wilke
Changes in 1.2.3:
* Added setAttribute() method (backport from HTML_Common2)
* Added possibility to set the charset parameter for htmlspecialchars()
via static HTML_Common::charset() method (see bug #2410)
* Properly document getAttribute() method (bug #5704), fix PHPDoc comments
for several other methods
Changes in 1.2.2:
- fixed bug #3948 (semicolon after case in switch)
- fixed bug #3953 (outdated inline docs for a private function)
- updated some other inline docs for private functions
Adressess PR pkg/34468 by Martin Wilke
- fix badly out of date PLIST for solaris
- add missing response of 'n' to the install.sh script to avoid installing
some xpm's in /usr/share/....
Opera seems to build, install, package, and run ok on solaris 9/sparc now.
talking to ipv4 addresses using ipv6 addresses isn't allowed, which is
the default on NetBSD. Patch to use a v4 socket when talking to an ipv4
ldap server. Fixes my PR 33511.
seamonkey/firefox/sunbird have the same code so make the same patch.
OKed ghen. Bump PKGREVISION.
Changes since 0.9.4:
- Advanced diff support
- InterWiki and InterTrac support
- Improved modularity (database and version control backends as third-party
plugins, with an experimental mysql backend)
- Improved notification system
- Support for spam protection
- WSGI used as web server protocol
- Lots of minor improvements in Wiki syntax, to the Wiki and to the
Ticket subsystem (with exports in CSV or RSS format)
Nvu is a complete Web Authoring System to rival programs like FrontPage
and Dreamweaver. Nvu (which stands for "new view") makes managing a web
site a snap. Now anyone can create web pages and manage a website with
no technical expertise or knowledge of HTML.
* WYSIWYG editing of pages, making web creation as easy as typing a
letter with your word processor.
* Integrated file management via FTP. Simply login to your web site and
navigate through your files, editing web pages on the fly, directly
from your site.
* Reliable HTML code creation that will work with all of today's most
popular browsers.
* Jump between WYSIWYG Editing Mode and HTML using tabs.
* Tabbed editing to make working on multiple pages a snap.
* Powerful support for forms, tables, and templates.
repositories. It generates templatized HTML to present navigable directory,
revision, and change log listings. It can display specific versions of files as
well as diffs between those versions. Basically, ViewVC provides the bulk of the
report-like functionality you expect out of your version control tool, but much
more prettily than the average textual command-line program output.
duplicates process resource limits, which already provide necessary
"safety net" protection against rogue scripts
bump PKGREVISION for this
adressess PR pkg/32007 by "pancake"
also remove --enable-track-vars, since that configure argument
is long gone from PHP
August is a very simple, free HTML editor for the UNIX platform.
It is a non-WYSIWYG editor like Aswedit or Hotdog. It has buttons
to insert standard HTML tags and other common simple text editor
commands.
August is written with the Tcl/TK scripting language and graphical
toolkit. It's distributed as a single script, which means that if
you know Tcl/Tk you can very easily customize August yourself.
(This is old and out-dated but I am loking for something
that will be real easy for children to use.)
Trac-0.10-ja-1 (Oct 17, 2006)
* Based on Trac 0.10 'Zengia'
* Translate messages into Japanese.
* templates/*.cs
* trac/**/*.py
* wiki-default/[A-Z]*
* wiki-macros/*.py
* Add new files or new paragraphs for description our work.
* COPYING.trac-ja
* README.trac-ja
* templates/footer.cs
* trac/About.py
* wiki-default/TracJa
* wiki-default/TracTermsJa
* Change parameters for our distribution.
* MANIFEST.in
* setup.py
* Change default datetime format.
* trac/Timeline.py
* trac/log.py
* trac/util/datefmt.py
* Change treatments for WikiMacros's Help and TracPlugins's Description as
not Unicode binary.
* trac/About.py
* trac/wiki/macros.py
Trac 0.10 'Zengia' (Sep 28, 2006)
http://svn.edgewall.org/repos/trac/tags/trac-0.10
Trac 0.10 contains a great number of new features, improvements and
bug fixes. The following list contains only a few highlights:
* Support for spam protection.
* Advanced diff support.
* InterWiki and InterTrac support.
* Improved notification system.
* WSGI Used as web server protocol.
A more complete list of new features can be found in the RELEASE file.
The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10
from pkgsrc-wip. Thanks to marmfield and obache.
Joomla! is one of the most powerful Open Source Content
Management Systems on the planet. It is used all over
the world for everything from simple websites to complex
corporate applications. Joomla! is easy to install,
simple to manage, and reliable.
Patch provided by Martin Wilke via PR 34339.
0.31 2006-07-11
- Exactly 0.30 but now the Build.PL creates a "traditional"
Makefile.PL. This fixes the problem that the generated "passthrough"
Makefile.PL was requiring Apache::TestMB, because it's available on
my system.
0.30 2006-07-10
- Exactly like 0.29 but does not declare a "build_requires" dependency
on Apache::TestMB. Declaring this dependency causes CPAN.pm (and
probably CPANPLUS) to try and install Apache::Test, which may not
always install cleanly. If you do have it already installed, then it
will be used to run the live tests.
0.29 2006-06-09
- When not running under mod_perl, Apache::Session::Wrapper simply did
not even try to load CGI::Cookie to generate cookies. Patch by Derek
Poon.
- When running under mod_perl 1 without Apache::Request, an exception
was generated when trying to send a cookie.
- Apache::Session::Wrapper now only checks for err_headers_out and
headers_out on the header_object, since this works for both mod_perl
1 and 2, as well as Mason's FakeApache object.
- As of version CGI.pm 3.16, CGI::Cookie has a bake() method, but now
Apache::Session::Wrapper explicitly will not call it, because if
you're not running under mod_perl, it ends up calling print() to
send the cookie header when it is called, which may not be what a
user of this module wants. Patch by Derek Poon.
0.28 2006-05-23
- Allow a session_id parameter to the constructor, to force the use of
a particular existing session.
- Fixed a bug where failing to create a new session was ignored if
allow_invalid_id was true.
- Detect very weird case where tying to tie to Apache::Session
succeeds but the tied hash has no _session_id key. This now throws
an exception.
- Fixed bug when the header_object ->can('header_out') but this method
does not return an object, as with HTML::Mason::FakeApache. Reported
by Hans Dieter.
- The logic to load an appropriate cookie class if the class was
already loaded and an exception had previously been thrown by an
unrelated class.
- Added a way to register session subclass via RegisterClass() and
RegisterFlexClass(), to allow people to use any session subclass
they want without needing explicit support in
Apache::Session::Wrapper.
0.27 not released
- This was a version used internally at Socialtext, but never
released.
0.26 2005-09-20
- Finally should work properly under both mp1 and mp2. Patches and
tests by Daisuke Maki.
- No longer depends on Apache::Cookie or Apache2::Cookie, but it will
use them if it can instead of CGI::Cookie.
0.25 2005-08-14
- Silenced a warning that could occur when using session length
cookies under mod_perl.
0.24 2005-08-01
- Optional parameters for store modules were not handled properly when
using Flex as the session class. Added some tests. Reported by
Gavin Carr.
0.23 2005-07-26
- If two sets of valid parameters for a class shared a parameter, an
error would be thrown if you used the second set, even if it was
complete. Reported by Victor Felix.
0.22 2005-07-18
- Another fix for mod_perl2, this one from Jonas.
0.21 2005-06-20
- The fix for mod_perl2 caused a new cookie to be sent for each
request under mod_perl 1. I love it!
0.20 2005-06-08
- Fix to make getting cookies work under mod_perl2. Reported by
Baldvin Kovacs.
Patch provided by Martin Wilke via PR 34336.
Version: 3.10
- Bug Fix: when copying user from prev request, check that $r->prev
is defined, not just that $r->is_initial_request is true.
Version: 3.09
- POD doc fixes.
- MP2: remove _check_request_req() - this was only necessary when
running under both MP1 and MP2. Package name change eliminates the
need for this.
- test suite converted to Test::More style test suites.
- descriptive test descriptions added
- make login() stash credentials in $r->pnotes("${AuthName}Creds") so
that the login form can access the user-supplied credentials if the
login fails.
- bug fix: use of Apache2::URI::unescape_url() does not handle
'+' to ' ' conversion. This caused problems for credentials
that contain spaces.
- MP2: remove mod_perl features from "use mod_perl2" line. This is
no longer supported by mod_perl2.
- MP2: _get_form_data() - switch to CGI.pm to handle form data (fixes
several form data handling bugs)
- In a subrequest, copy $r->prev->user to $r->user (or r->connection->user
for MP1).
- remove Apache2::AuthCookie::Util - no longer necessary
- multi-valued form fields are now handled properly in POST -> GET conversion
- MP2: require CGI.pm 3.12 or later
Version: 3.08
- fix "authorize user" error log that was missing a debug level check
(thanks Barry)
- fix test cases 3, 6, 18 for Win32
- clean up t/real.t
Version: 3.07
*** mod_perl2 users: THIS RELEASE IS INCOMPATIBLE WITH PAST RELEASES ***
*** If you are running mod_perl2, you must update to at least ***
*** mod_perl 2.0.0 RC5. The mod_perl2 version of AuthCookie has been ***
*** renamed to Apache2::AuthCookie ***
** MP2: RENAME AuthCookie.pm.mp2 to Apache2::AuthCookie.
- MP2: Update module, and tests for mod_perl 2.0.0 RC5. mod_perl2 users
MUST use Apache2::AuthCookie now.
- Require Apache::Test 1.22
- Add support for ${auth_name}SessionTimeout configuration paramter
which will re-issue the ticket with the expires parameter set to the
value of this configuration setting for each request. This is useful for
idle-timeout.
- POD fixes.
- MP2: fix uninitialized warnings if no POST/GET data (RT 11371)
- make sure recognize_user() returns an Apache constant in all cases.
Returns DECLINED in cases where we were returning undef before.
(Thanks Vivek)
- Add support for MS HttpOnly cookie property.
Changes:
Quanta Plus
* Avoid growing quantarc and causing instability.
* Fixed a crash when navigating PHP documents via
"Document Structure"/"Functions"
* Fix Save As behavior
* dd some more special characters to the list
* Fix crash in CSS editor.
* Don't crash when closing a document in VPL mode
* Fix crash when copying to clipboard inside VPL.
* Show the correct column number if tabs are used in the document.
* Only one upload dialog can be visible at any time.
* Do not show Find in Files menu if KFileReplace is not installed.
* Fix a crash when using Close All.
* Allow logging to files outside of project directory - don't send
closing events for untitled, unmodified documents.
* Respect the order of items in the .docrc.
* Fix crash when creating project through slow links.
* Really abort if a remote directory cannot be created.
* Fix automatic updating of closing tags.
* Accept float numbers for length values in the CSS editor
* Make CSS completion work inside style attributes.
* Improve usability of the File Changed dialog.
* Handle correctly the escaped backslashes inside strings.
* Improve mimetype and extension based searching for a DTEP that
can handle the currently opened file.
Kommander
* Add initialization/destroy for Wizard. Use setEnabled() to
enable/disable Finish button.
* Improve the integrated text editor a lot by using the KTextEditor
interface (katepart) for editing Kommnader text. This means syntax
highlighting, improved undo/redo, possibility to have line number
bar, etc.
* Fix crash on exit for the editor.
Rails is a full-stack framework for developing database-backed web
applications according to the Model-View-Control pattern. From the
Ajax in the view, to the request and response in the controller, to
the domain model wrapping the database, Rails gives you a pure-Ruby
development environment. To go live, all you need to add is a
database and a web server.
This package contained several Makefile.am patches but then proceeded to
ignore all of them by touching all of the Makefile.in's. Unfortunately
those patches were there for a reason!
Correctly packages on solaris now.
Changes since 0.9.1:
* Do not convert driver options to strings (#4499)
* Make ActiveWebService::Struct type reloadable
* Fix scaffolding action when one of the members of a structural type has
date or time type
* Remove extra index hash when generating scaffold html for parameters of
structural type #4374 [joe@mjg2.com]
* Fix Scaffold Fails with Struct as a Parameter #4363 [joe@mjg2.com]
* Fix soap type registration of multidimensional arrays (#4232)
* Fix that marshaler couldn't handle ActiveRecord models defined in a
different namespace (#2392).
* Fix that marshaler couldn't handle structs with members of ActiveRecord
type (#1889).
* Fix that marshaler couldn't handle nil values for inner structs (#3576).
* Fix that changes to ActiveWebService::API::Base required restarting of
the server (#2390).
* Fix scaffolding for signatures with :date, :time and :base64 types
(#3321, #2769, #2078).
* Fix for incorrect casting of TrueClass/FalseClass instances (#2633,
#3421).
* Fix for incompatibility problems with SOAP4R 1.5.5 (#2553) [Kent Sibilev]
* Update from LGPL to MIT license as per Minero Aoki's permission. [Marcel
Molina Jr.]
* Rename Version constant to VERSION. #2802 [Marcel Molina Jr.]
* Fix that XML-RPC date/time values did not have well-defined behaviour
(#2516, #2534). This fix has one caveat, in that we can't support
pre-1970 dates from XML-RPC clients.
Changes:
New
- skipping designated URL in spider. Use options to set the spider.
- auto update menu and periodic check for update (Windows and Linux
platform only).
Fix
- the use of new external library caused slower performance of proxy.
Restored to older library.
with small modifications;
- don't change order of find(1)'s command line option.
- adding VARBASE, ZOPE3_GROUP and ZOPE3_USER to BUILD_DEFS.
Most Important Changes Since Zope 3.2
-------------------------------------
- Provided a new component registry API that allows multiple
component registries to be combined more flexibly than before.
See 'zope.component.interfaces.IComponentRegistry' for more
information.
- Greatly simplified local-component registration.
See 'zope.component.interfaces.IComponentRegistry' for more
information.
- Moved many packages out of zope.app to make them easier to use
outside of Zope.
- Change the session credentials plugin to make it configurable
in which fields it looks for the credentials.
- Added a new API for collating text. You can now adapt
a locale to 'zope.i18n.interfaces.ILocales.ICollator'. You can
then use that to sort strings, such as menu entries, in a
locale-specific fashion.
- A new 'zope.annotation.factory' helper function that makes
it easier to create annotations. Also added a README in
'zope.annotation' which explains how to use it.
- Added a more complete set of widgets for fields that use
iterable sources. These widgets now mirror the set provided
by vocabulary-based fields.
- Added a cleaner and more robust API to testbrowser for setting
file-upload data.
- Deprecated several ZCML directives:
* factory
* vocabulary
* content (as an alias to the class directive)
* modulealias
* renderer:renderer
- The 'browser:layer' directive and the 'ILayer' interface
has been deprecated. Registering layers has become obsolete,
layers should be created as interfaces extending
'IBrowserRequest'.
- The 'browser:skin' directive has been deprecated. Skins
should be created as interfaces extending 'IBrowserRequest'
and can be registered using a simple 'utility' directive.
- The 'ISkin' interface has been renamed to 'IBrowserSkinType'.
For a complete list of changes see the 'CHANGES.txt' file.
Makefile-seamonkey.common, modelled after firefox and thunderbird.
www/seamonkey and www/seamonkey-gtk1 test-built by me on i386.
www/seamonkey, www/seamonkey-gtk1, mail/thunderbird, mail/thunderbird-gtk1
and time/sunbird by <oster> on amd64, thanks!
Fixes PR pkg/34622
Changes to squid-2.6.STABLE4 (Sep 22 2006)
- Bug #1736: Missing Italian translation of ERR_TOO_BIG error page
- Windows port enhancement: added native exception handler with signal emulation
- Fix the %un log_format tag again. Got broken in 2.6.STABLE2
- Fix Squid crash when using %a in ERR_INVALID_REQ and ERR_INVALID_URL error messages.
- Bug #212: variable %i always 0.0.0.0 in many error pages
- Bug #1708: Ports in ACL accepts characters and out of range
- Bug #1706: Squid time acl accepts invalid time range.
- Fix another harmless fake_auth compiler warning on gcc 4.1.1 x86
- Fix an harmless snmp_core.c compiler warning on gcc 4.1.1 x86
- Bug #1744: squid-2.6.STABLE3 - fakeauth_auth crashing on certain requests
- Bug #1746: Harmless off by one overrun in ncsa_auth md5 password validation
- Bug #1598: start_announce cannot be disabled
- Periodically flush cache.log to disk when "buffered_logs on" is set
- Numerous COSS improvements and fixes
- Windows port: merge of MinGW support
- Windows port: Merged Windows threads support into aufs
- Bug #1759: Windows port cachemgr.cgi attempts to write to file system root directory
- Numerous portability fixes
- Various minor statistics cleanup on 64-bit hosts with more than 4GB of memory
- Bug #1758: HEAD on ftp:// URLs always returned 200 OK.
- Bug #1760: FTP related memory leak
- Bug #1770: WCCP2 weighted assignment
- Bug #1768: Redundant DNS PTR lookups
- Bug #1696: Add support for wccpv2 mask assignment
- Bug #1774: ncsa_auth support for cramfs timestamps
- Bug #1769: near-hit and filedescriptor usage missing in SNMP MIB
- Bug #1725: cache_peer login=PASS documentation somewhat confusing
- Bug #1590: Silence those ETag loop warnings
- Bug #1740: Squid crashes on certain malformed HTTP responses
- Bug #1699: assertion failed: authenticate.c:836: "auth_user_request != NULL"
- Improve error reporting on unexpected CONNECT requests in accelerator mode
- Cosmetic change to increase cache.log detail level on invalid requests
- Bug #1229: http_port and other directives accept invalid ports
- Reject http_port specifications using both transparent and accelerator options
- Cosmetic cleanup to not dump stacktraces on configuration errors
the corresponding buildlinks have to be present as well.
Get the option libwww was built with to decide whether to do that.
Inspired by and fixing PR 28412.
