While here,
* add user-destdir support
* convert dynamic PLIST to static one
* share/doc/html was deprecated, install in share/doc directly
* Remove restriction to python23, and change PKGNAME to allow creating
python valiant packages.
This release addresses a vulnerability in mod_python's publisher handler
whereby a carefully crafted URL would expose objects that should not be
visible, leading to an information leak. The Common Vulnerabilities and
Exposures project (http://cve.mitre.org/) has assigned the name CAN-2005-0088
to this issue.
Users of the publisher handler are urged to upgrade as soon as possible.
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
changes:
This release addresses a vulnerability in mod_python 2.7.9 whereby a
specific query string processed by mod_python would cause the httpd
process to crash.
The previously released version 2.7.9 was supposed to correct this issue,
but is still vulnerable.
There are no other changes or improvements from the previous version in
this release.
If you are currently using mod_python 2.7.9 or earlier, it is highly
recommended that you upgrade to 2.7.10 as soon as possible.
Moved to latest version 2.7.8.
Added patch that fixed flags when sending location header.
Added patch to cgihandler to append local directory so that relative URLs
would work.
Added patch to cgihandler to handle SystemExit so that pages would not
ISE when sys.exit(0) was used to exit from the script.
Added patch to break HTTP headers off from page correctly when CRLF and LF
is used inconsistently in a page.
extension Makefile fragments, because they really don't have anything to
do with the buildlink[12] frameworks. Change all the Makefiles that use
application.buildlink.mk and extension.buildlink.mk to use application.mk
and extension.mk instead.
