Changes:
=================
WebKitGTK+ 2.10.2
=================
What's new in WebKitGTK+ 2.10.2?
- Fix a regression introduced in 2.10.1 that disabled accelerated
compositing.
- Fix build with cmake 3.4.
=================
WebKitGTK+ 2.10.1
=================
What's new in WebKitGTK+ 2.10.1?
- Fix rendering of accelerated content in HiDPI screens.
- Fix several media controls rendering issues.
- Fix rendering of progress element with recent versions of GTK+.
- Add and update some web inspector icons.
- Correctly handle websites sending an invalid auth header.
- Fix a crash when creating the UI process backing store in Wayland.
- Fix the build with spellchecker disabled.
- Fix the build with touch events disabled.
- Fix the build with OpenGL disabled.
- Several build fixes on Mac OSX.
- Fix several crashes and rendering issues.
pkgsrc changes:
- use private Linux npviewer.bin binaries built by me (tsutsui@) on
openSUSE 12.1 on 32 bit (i386) and 64 bit (x86_64) on VirtualBox
- enable EMUL_PLATFORMS=linux-x86_64 using the native 64 bit Linux
npviewer.bin binary, which allows using 64 bit native adobe-flash-plugin
on NetBSD/amd64 hosts
- also explicitly set EMUL_REQD= suse>=12.1 (NetBSD 6.x can use it anyway)
- tweak some pkgsrc ${PREFIX}
- update HOMEPAGE
- take maintainership
Note:
- major Linux distributions provided nspluginwrapper binaries to use
the 32 bit plugin binaries without sources on their 64 bit systems,
so there is no 64 bit wrapper binary (npviewer.bin) to use native 64 bit
plugin binaries on other systems (like NetBSD) via binary emulation
- nowadays adobe provides 64 bit native adobe-flash-plugin11 binaries
and NPAPI plugins are being deprecated by vendors, so I guess there is
very few motivation to update nspluginwrapper project for Linux people
http://nspluginwrapper.org/why.html
- Linux binaries in distfiles are built with following changes to
make npviewer.bin works on non-Linux hosts:
- configure with the following options, to enable "generic" RPC calls
(The default Linux native binaries use their specific "anonymous socket")
- for i386:
% ./configure --enable-generic
- for x86_64:
% ./configure --target-cpu=x86_64 --disable-biarch --enable-generic --enable-viewer --enable-player
- disable USE_NPIDENTIFIER_CACHE in npviewer (as patch-src_npw-viewer.c),
which doesn't seems tested with the "generic" RPC interfaces
OK from abs@, and no particular objection to PR pkg/49705 and pkgsrc-users@.
Also thanks to Onno van der Linden for his first analysis about
newer nspluginwrapper APIs in PR pkg/47208.
Upstream changes (in NEWS file):
Version 1.4.4 - 30.Jun.2011
* Fix crash in some cases when the number of watched file descriptors decreases
Version 1.4.2 - 04.Jun.2011
* Fix crash in WebKit/GTK when npwrapper.so is incorrectly treated as a plugin
* Fix symbol versioning issues with _Unwind_GetIPInfo on some systems
* Fix install process with parallel make
Version 1.4.0 - 15.May.2011
* Report capabilities over RPC to fix logic based on NULL plugin/browser hooks
* Fix initialization bug that causes Flash 10.3 to report a version of 0
* Implement ClearSiteData NPAPI extension for managing Flash LSOs
* Work around bug in Konqueror that prevents plug-ins from functioning properly
Version 1.3.2 (BETA) - 23.Apr.2011
* Work around lack of client-side windows in Flash
* Fix race condition when NPP_Destroy was called while viewer is busy
* Fix build on modern Linux platforms
* Support NPAPI 0.24, in particular, Flash can now query for private browsing
* Don't export any symbols but those necessary
* Support XEmbeding npplayer into another application
* Remove NPClass::HasMethod cache; it was incorrect
* Fix initializing two wrapped plugins with the same name in the same process
* Work around Qt bug that breaks npplayer when Kopete is installed
* Release implicit grabs before forwarding events to fix Flash context menu hang
* Work around Firefox quirk that broke windowless Flash in Firefox 4
* Bind wrapper and viewer event loops together to avoid many many race conditions
* Redesign NPRuntime bridge to avoid leaking proxy objects
* Incorportate release number into ident string so update works on distro patches
Version 1.3.0 (BETA) - 02.Jan.2009
* Don't poll for Xt events in Gtk (XEMBED) plug-ins
* Use 40 Hz timer for Xt events only when necessary (Xt input sources)
* Add NPIdentifier and NPClass::HasMethod caches, i.e. lower RPC traffic
* Add support for multiple viewer paths, see --viewer-paths=PATH-EXPR
* Add basic checks for malloc()'ed buffer underflow/overflow
* Add checks for single-threaded calls into the browser (NPN_*() functions)
The binaries in distfiles in this packages seem built by pkgsrc developers,
but I'm not sure which sources were used to build the previous version.
In this "4.2.2011" version all binaries are built by me (tsutsui@) using
libflashsupport.c in Open Sounde System oss v4.2-2011 distribution
http://www.opensound.com/http://www.4front-tech.com/developer/sources/stable/gpl/oss-v4.2-build2011-src-
gpl.tar.bz2
on openSUSE 12.1 on both 32 bit (i386) and 64 bit (x86_64) on VirtualBox.
Notable visible changes from previous libflashsupport-1.1:
- provide not only i386 version but also x86_64 native binary,
which allows sound via oss with 64 bit native adobe-flash-plugin
and nspluginwrapper binaries
- resolve a sound noise problem on some flash videos
11ce031e40/
Also take maintainership.
OK from abs@, and no particular objection to PR pkg/49705 and pkgsrc-users@.
It was only refered from adobe-flash-plugin 10.0 package in Attic and
didn't work well (or not necessary?) for current adobe-flash-plugin11.
No particular comments to PR pkg/49705 and pkgsrc-users@ post.
This package was provided for old 10.0 based adobe-flash-plugin
for older NetBSD 5.x systems using suse100, but the old flash package
has been removed recently.
Update home page & master site, clean up.
PgBouncer 1.6.1.
- Security fix for CVE-2015-6817.
- Per-pool pooling mode vs. reset query.
Details:
http://pgbouncer.github.io/2015/09/pgbouncer-1-6-1/
PgBouncer 1.6.0
Main new features:
- Load user password hash from postgres database.
- Pooling mode can be configured both per-database and per-user.
- Per-database and per-user connection limits: max_db_connections and
max_user_connections.
- Add DISABLE/ENABLE commands to prevent new connections.
- New preferred DNS backend: c-ares.
- Config files have %include FILENAME directive to allow configuration
to be split into several files.
Details:
http://pgbouncer.github.io/2015/08/pgbouncer-1-6/
PgBouncer 1.5.5
- Fix remote crash - invalid packet order causes lookup of NULL pointer.
Not exploitable, just DoS.
Upstream changes:
* v3.00 - 21st May 2015
No changes from v2.99_04.
* v2.99_04 (pre-release for 3.0) - 18th May 2015
Uploaded files with duplicate field names are treated in the
same ways as other data with duplicate field names.
* v2.99_03 (pre-release for 3.0) - 5th April 2015
BUG FIX: Additional change to forms.t to prevent MS Windows systems
hanging. (issue 103315)
* v2.99_02 (pre-release for 3.0) - 4th April 2015
Added force_unique_cookies method and equivalent parsing code and tests.
Improved test suite: better coverage, skipped failling tests for
Microsoft systems which don't use/honour normal permissions, silenced
noisy tests on older perls.
* v2.99_01 (pre-release for 3.0) - 31st March 2015
Source amended to pass perlcritic. String evals removed or replaced.
Strictures added to module and examples. All filehandles are now
lexicals. Consistent source formatting applied to module (perltidy).
deny_uploads and set_size_limit added.
All active public subroutines are now methods.
print_cookie_data and print_form_data have been removed. They had been
deprecated for well over a decade.
escape_dangerous_chars has been removed. It has been considered a
security risk since version 2.0.
Upstream changes:
version 1.20; 2015-10-21
* bugfix: avoid some C undefined behaviour from unsequenced side effects
that in practice bit when using a newer gcc (4.9 rather than 4.7)
with the parser token stack change in Perl 5.21.9
* add doc note advising users to prefer the core aliasing facility on
Perl 5.22
version 1.19; 2015-10-21
* update for new stricture on op_last in Perl 5.21.2
* update for the parser's PL_expect changes in Perl 5.21.4
* update for op_private stricture in Perl 5.21.4
* update for sub references directly in stash in Perl 5.21.4
* update for IS_PADGV()'s limited visibility in Perl 5.21.4
* update for increased specialness of OP_PUSHMARK in Perl 5.21.6
* update for distinct PADNAMELIST type in Perl 5.21.7
* update for multideref optimisation in Perl 5.21.7, by a disgusting
hack that depends on a flaw in the optimisation (which may disappear
in the future) and which disables the optimisation entirely
* add MYMETA.json to .gitignore
