2.3.0.
New features:
* New observer that can do on-the-fly decoding of compressed responses,
see HTTP_Request2_Observer_UncompressingDownload.
Thanks to Delian Krustev for initial implementation.
* CookieJar can now silently ignore invalid cookies with
$jar->ignoreInvalidCookies(true); instead of throwing an exception. See
requests #19937 and #20401
* Adapters now dispatch a new 'warning' event, e.g. in case of incomplete
response body or broken 'chunked' encoding. Exception was thrown previously
by Socket adapter in the latter case, see bug #20228
* Improved security of HTTPS requests in Socket adapter
- Use 'tls://' instead of 'ssl://' in connection string to prevent fallback
to known insecure versions, use only TLS when enabling crypto via proxy
(see bug #20462)
- On PHP 5.6+ require using only TLS 1.1 and TLS 1.2
- Do not use insecure ciphers
* Improved test suite, network-backed tests now run on Travis CI
Changes and fixes:
* Curl adapter failed to send PUT request body with 'follow_redirects' on
(bug #20440)
* Curl adapter supplied invalid cookie domain to CookieJar after redirect
(bug #20561)
* Curl adapter now properly dispatches events while sending the request
* mime_content_type() returning false was handled incorrectly when guessing
content-type
* Use 'peer_name' and 'verify_peer_name' SSL context options on PHP 5.6+
instead of deprecated 'CN_match'
* Public Suffix List updated to current version, its download location changed
Note to Composer users: next package version will probably get rid of
'include-path' setting in composer.json favour of using autoloader.
Unsafe usage of JavaScript’s Element.innerHTML could result in XSS in the admin’s add/change related popup. Element.textContent is now used to prevent execution of the data.
The debug view also used innerHTML. Although a security issue wasn’t identified there, out of an abundance of caution it’s also updated to use textContent.
Bugfixes:
* Fixed missing varchar/text_pattern_ops index on CharField and TextField respectively when using AddField on PostgreSQL.
* Fixed makemessages crash on Python 2 with non-ASCII file names.
### 4.2.1 (2016-07-15)
* Strip soft hyphens when indexing a page (see contao/core#8389).
* Do not run the command scheduler if the installation is incomplete (see #541).
* Do not index randomly ordered image galleries.
* Fix the filter menu layout on mobile devices.
* Provide the back end fonts in different variants (see #523).
* Fix the message markup in the member templates.
* Correctly load the language strings in the pretty error screen listener.
Version 3.5.15 (2016-07-15)
---------------------------
### Fixed
Strip soft hyphens when indexing a page (see #8389).
### Fixed
Update mediaelement.js to version 2.21.2 (fixes CVE-2016-4567).
Upstream changes:
0.20 Thu May 12 21:11:00 GMT+2 2016
- Fix //b by interpreting it as existing XPath expression
RT #114345, reported by Alexander Hartmaier
0.19 Tue May 10 19:23:00 GMT+2 2016
- Fix another bug in ':not(...)' by moving to an ad-hoc recursive
descent parser, RT #114261
- Allow single and double quotes for some attributes
Upstream changes:
Moodle 3.1.1 release notes
Releases > Moodle 3.1.1 release notes
Release date: 11 July, 2016
Here is the full list of fixed issues in 3.1.1.
Highlights
MDL-41922 - Completed quizzes no longer appear in the Course overview block for students
MDL-54165 - Allow to hide the document preview in assignment grading interface
MDL-41945 - Do not overwrite submission with an empty filearea when several team members edit the same assignment
MDL-49852 - Mark assignment as completed for all students in the team when one student from the team has made a submission
MDL-29905 - Fixed the bug when deleting empty quiz category was showing an error that it has questions
MDL-46721 - Assignment blind marking: participant number in the notification email matches the number on the submission
MDL-45427 - Database activity: When creating a template clicking on the tags should add it to the textarea when Atto editor is used
MDL-35104 - Allow to change username of a user registered under LDAP authentication method
MDL-51806 - Workshop: allow to save edited settings when using comma as a decimal separator
MDL-43887 - Fixed bug when handling optional date/time custom user profile field with date range starting later than 1970
MDL-35987 - Do not abort restore process in case of multichoice question error 'Backup error: invalid input syntax for integer: ""'
Fixes and improvements
MDL-55020 - Fixed bug when installing plugin downloaded from github repository
MDL-54909 - Show different background from page when annotating PDF
MDL-53111 - Allow to unmark completion criterion 'Require end reached'
MDL-37138 - When clicking a URL in chat, it should open in a new window or tab
MDL-54997 - Activity completion for a competency should be attached to course competency and not the learning plan competency
MDL-54934 - Accessibility enhancements: Indicate phase name/form name on the Workshop title
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
For developers
MDL-53019 - PHP 5.6.5 or higher is required for development on master branch
Upstream changes:
2.03 2016-06-24
- Bug fix: RT#109159 Number formatting tests can fail
- Bug fix: RT#112582 Date tests fail on leap day
- Minor packaging fixups
2.02 2016-06-01
- Public release of 2.02
2.01_03 2016-05-25
- cleanup unused modules and functions
- fix indirect object notation
- add label functionality
- ensure disabled attributes are ignored
- strip excessive/trailing whitespace
- fix inflator bug RT76034
- avoid warnings from CGI
- enable more author/release tests
- it language fixes
- Remove link to old website - now unrelated/NSFW
- avoid emitting unecessary warnings
- enable use of Travis CI & coverage tests
- fixes to ensure we pass all the additional author tests
Upstream changes:
0.05 2015-10-17
- Require URI 1.68 and use the query_form method to ensure that query params
are always sorted by key. Based on PR #1 from Greg Oschwald.
Upstream changes:
3.093 2016-03-25 12:16:08-04:00 America/New_York
- lin.kz no longer exists, so WWW::Shorten::Linkz is deprecated
- added deprecation/removal notices in accordance with issue #8
- Folded ::Qurl into the deprecated modules
- Folded ::Qwer into the deprecated modules
- Temporarily hault live testing against TinyURL with ugly hack
- Bump Perl requirement to 5.8.1
3.092 2016-03-20
- Clear note about how to contribute other shorten services. Thanks, @ambs
- Updated shorten CLI app to add a lengthen option. #9
- Pared down the requirements
- re-release with GNU tar
3.091 2016-03-17
- Fixed typo on ::_dead (Thanks, @neilb)
- Add synopsis to ::_dead
- Cleaned up contributors, alphabetized
- Cleaned up the copyright and license confusion
3.090 2016-03-16
- changed to Dist::Zilla
- added author tests
- Cleaned up documentation
- Cleaned up Changes file
- added deprecation notices
- Cleaned up the Readme.md quite a bit
Upstream changes:
2016-02-23 14:01:33 +0000 2.22
==============================
commit f96a77938f94bf74fa00449fe941b70e77de0443
Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
Date: Tue Feb 23 14:01:33 2016 +0000
This is 2.22
commit ef1c866bf188a3cbedc2da5db4e0714d6e195205
Merge: b884aba e2e1b02
Author: Chris Williams <chris@bingosnet.co.uk>
Date: Tue Feb 23 13:57:50 2016 +0000
Merge pull request #4 from brewt/silence-keep-alive-warnings
Silence warnings from must_keepalive()
commit e2e1b0279b68c0292e2904e4d2212f9293cf2bb1
Author: Adrian Yee <adrian@gt.net>
Date: Fri Feb 19 13:08:59 2016 -0800
Silence warnings from must_keepalive()
A simple patch to silence warnings from must_keepalive().
HTTP::Request->header() (inherited from HTTP::Header->header())
returns undef if the requested header doesn't exist.
Same patch from RT #107397
commit 53fe993ca858fdcb663ac76c5fe3f6120f6d73a1
Author: Adrian Yee <adrian@gt.net>
Date: Fri Feb 19 00:52:24 2016 -0800
Fix graceful shutdowns when keep-alives are in use
If you shut down the httpd gracefully while there's a keep-alive
connection is connected, then any subsequent requests through that
connection will result in an error. This occurs since the as the
handler's post to the DONE event will fail due to the alias being
removed.
==============================
2015-09-28 19:07:04 +0100 2.20
==============================
commit 5a7aee1eb2ea8db7a548eb4c3638e14d94c08dda
Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
Date: Mon Sep 28 19:07:04 2015 +0100
This is 2.20
commit 9c84828f48c8079c754311a7b8f80b8ef3ae634f
Merge: d272889 7d25abf
Author: Chris Williams <chris@bingosnet.co.uk>
Date: Mon Sep 28 18:36:32 2015 +0100
Merge pull request #2 from leejo/rt/73630
resolve RT #73630 - fix some typos
commit 7d25abf5522e76e2c22aaa77fde0fedef89eda31
Author: Lee Johnson <lee@givengain.ch>
Date: Wed Sep 23 16:19:39 2015 +0200
resolve RT #73630 - fix some typos
apply patch from gregoa@debian.org and fix a couple of other typos
spotted
commit 3a65df5092c5eef8a62f53a20d23257560f4e386
Author: Lee Johnson <lee@givengain.ch>
Date: Wed Sep 23 16:10:54 2015 +0200
add more instructions on how to build this dist
in the README document that a couple of extra Module::Install mods
are required as a vanilla Module::Install does not support some of
the options in the Makefile.PL
update .gitignore to included (well, exclude) files generated by the
build process
Upstream changes:
0.13 2016-07-02 NEILB
- Switched to using Test::RequiresInternet rather than the hand-rolled
online() function that was duplicated in 2 tests. Plus it was testing
whether google.com was contactable, and not the site used in the tests.
0.12 2016-06-23 NEILB
- Travis support added by Jason Hall.
- Added list of contributors to the doc.
Upstream changes:
6.66 2016-06-16
- Fixed support for CONNECT requests without keep alive connections in
Mojo::UserAgent. (anparker, sri)
6.65 2016-06-14
- Added password and username methods to Mojo::URL.
- Updated jQuery to version 3.0.0.
- Fixed "0" value bug in Mojo::UserAgent::CookieJar. (jamadam)
6.64 2016-06-09
- Updated HTML5 entities in Mojo::Util.
- Improved Mojo::IOLoop to fall back to Mojo::Reactor::Poll if Perl has been
compiled with fork emulation.
6.63 2016-06-03
- Removed deprecated check method from Mojo::Server::Morbo.
- Removed deprecated build, compile and interpret methods from Mojo::Template.
- Removed deprecated multi_accept methods from Mojo::IOLoop,
Mojo::IOLoop::Server and Mojo::Server::Daemon.
- Updated jQuery to version 2.2.4.
- Improved generator commands not to overwrite existing files.
This release adds 2 new API functions to libnghttp2. It also adds HTTP/1.1 POST support to h2load. nghttpx gets new features, and performance improvements.
Changelog:
Release Notes for 2.7.0
This release fixes issues found while testing RC1.
For details, see the commit logs.
Known Issues
DevMode always starts in Super Dev Mode, so it’s not as easy to test in production mode. See issue 9004 for workarounds.
Release Notes for 2.7.0 (RC1)
Highlights
Super Dev Mode is now the default. DevMode automatically starts Super Dev Mode and reloading a web page automatically runs the compiler when necessary. (The -nosuperDevMode flag may be used to revert to the old behavior.)
Compiling in Super Dev Mode is much faster after the first compile.
Experimental support for GSS, also known as Closure Stylesheets. (See below.)
Known Issues
gwttar files are incorrect. (Fixed in the next version.)
Deprecations
GWT Designer doesn’t work with 2.7 and is no longer supported. (Source code is available if someone wishes to revive this project.)
IFrameLinker and XSLinker are deprecated because they don’t work in Super Dev Mode. However, we don’t have suitable replacements for all use cases yet. For updates and possible workarounds, see issue 8997.
Compiler changes
In draft mode and Super Dev Mode, all compiler optimizations are turned off for better debugging. For example, null pointers are detected sooner.
JSNI references no longer require fully qualified class names when this wouldn’t be necessary in Java. (For example, imports work.)
We’ve started implementing JS Interop annotations, which will make it much easier to use GWT with JavaScript libraries. The specification is not final and there are bugs, so production GWT apps and libraries should continue to use JSNI for now. If you wish to experiment, you can enable JS Interop using the -XjsInteropMode flag, which is available for the compiler and Super Dev Mode. (It doesn’t work with old DevMode.)
The experimental -XmethodNameDisplayMode flag adds a displayName property to each JavaScript function containing the name of the Java method. This makes Java method names available in browser debuggers at the expense of code size. (Also available in Super Dev Mode.)
Boxed JavaScript strings (created in JavaScript using new String(...)) are no longer considered equivalent to Java strings. They should be unboxed before being passed to Java.
Many bugfixes.
Library Changes
JDK emulation
Significant performance improvements in String, ArrayList, HashMap, and Exception.
New emulated classes: Locale, NavigableSet, and NavigableMap.
New emulated methods in Class, String, Exception, RuntimeException, Logger, Arrays, Collections, and Map.Entry.
LinkedList extends Deque and handles incorrect usage better.
Logging and Stack Traces
Better wrapping of exceptions thrown from JavaScript.
GWT apps that inherit the com.google.gwt.logging.Logging module have different default behavior for messages logged using the java.util.logging package. The new default is to log messages at level SEVERE and above to the browser’s console. PopupLogHandler and SystemHandler are no longer enabled by default.
FirebugLogHandler and NullLoggingPopup have been removed. ()
Experimental GSS support
The CssResource.enableGss configuration property turns on GSS support.
When enabled, resource files with a ‘gss’ extension are parsed as a Closure Stylesheet.
When enabled, GSS can be used in a UiBinder file by setting gss="true" on a ui:style tag.
If the CssResource.legacy configuration property is set, .css resources and ui:style tags without gss=true will first be converted to GSS and then parsed as GSS.
UiBinder
The ui:data tag has new attributes: mimeType and doNotEmbed.
GWT-RPC
The rpc.XserializeFinalFields configuration property turns on experimental support for serializing final fields.
LinkedHashSet may be serialized without a serialization policy.
deRPC is removed.
RequestFactory
Support overridden methods and generics better.
Fix support for @SkipInterfaceValidation on RequestContext methods.
Internationalization
Upgraded to CLDR 25.
Browser API changes
Updated support for typed arrays.
Added History.replaceItem().
Fixed an issue with Window.addWindowScrollHandler on Chrome.
Widgets
The deprecated com.google.gwt.widgets package is removed.
Various bugfixes and minor improvements.
Developer Tool Changes
Dev Mode
The -nosuperDevMode flag may be used to turn off Super Dev Mode and revert to old Dev Mode. (However, most current browsers no longer support Dev Mode plugins.)
The -modulePathPrefix flag may be used to move DevMode’s output to a subdirectory of the war directory.
Super Dev Mode
Compiling is much faster after the first compile. (Compiling is skipped altogether if no files have changed.)
The first compile no longer happens at startup.
Chrome reloads the page faster while debugging. (Sourcemap file size is reduced.)
The -launcherDir flag may be used to avoid running the GWT compiler before starting Super Dev Mode. When enabled, Super Dev Mode writes stub .nocache.js files that automatically recompile the GWT app before loading it. Therefore the bookmarklets aren’t needed. (This feature is automatically enabled when launched via DevMode.)
The -logLevel flag may be used to adjust how compile errors are reported.
The Dev Mode On bookmarklet dialog shows whether Super Dev Mode is turned on for each module on the page.
Messages logged using java.util.logging at level SEVERE and above are written to the browser console by default.
Fixed a startup faesting
Better error reporting for compile errors while running tests.
Messages logged using java.util.logging at level SEVERE and above are written to the browser console and test output by default.
-Dgwt.htmlunit.debug may be used to open a JavaScript debugger window when running a test using HtmlUnit.
Removed RunStyleRemoteWeb and the BrowserManager tool.
Removed flags: -standardsMode, -nostandardsMode, -quirksMode. (GWTTestCase tests are always run in an HTML page in standards mode.)
For even more detail, see the Issue Tracker.
(NOTE: Versions 2.4.22 and 2.4.21 were not released.)
Changes from 2.4.20 are too many to write here, please refer CHANGES file.
And Apache 2.4.23 fixes CVE-2016-4979; X509 Client certificate based
authentication can be bypassed when HTTP/2 is used.
Assertion failed: Write.cc:38: "fd_table[conn->fd].flags.open"
Bug 4523: smblib compile fails on NetBSD
Do not make bogus recvmsg(2) calls when closing UDS sockets.
Fix SEGFAULT parsing malformed adaptation service configuration
Fixed ConnStateData::In::maybeMakeSpaceAvailable() logic.
Bug 3579: assertion failed 'MemPools[type]' from dst_as ACL
Do not allow low-level debugging to hide important/critical messages.
Bug 4485: off-by-one out-of-bounds Parser::Tokenizer::int64() read errors
Increase debug level in a peek-and-splice related debug message
Fix icons loading speed.
Fix OpenSSL detection on FreeBSD
Do not override user defined -std option
Support unified EUI format code in external_acl_type
Changes:
=== RELEASE 2.13 ===
Sat Jun 18 14:15:55 CEST 2016 mikulas:
Page up and page down scroll slightly less than a page
Fri Jun 17 23:57:23 CEST 2016 mikulas:
Use domain list from publicsuffix.org to prevent setting cookies on
public domains.
Also fix a bug that existed in previous links versions:
bla.com could register cookie for la.com or a.com
Sat Jun 11 17:59:17 CEST 2016 mikulas:
Fixed non-working mouse wheel on Syllable
Workaround for getaddrinfo bug on Syllable
Sat Jun 11 15:16:41 CEST 2016 mikulas:
Support horizontal scroll wheel on Windows
Tue Jun 7 19:10:11 CEST 2016 mikulas:
Fixed a bug in the X driver that characters with unicode codes 128-255
could not be entered with some locales
Thu Jun 2 19:19:56 CEST 2016 mikulas:
Security bug fixed: Use separate unix domain socket for anonymous
instances, so that the anonymous instance won't connect to non-anonymous
one
Sun May 8 21:20:38 CEST 2016 mikulas:
<samp> element
Sun May 8 20:33:37 CEST 2016 mikulas:
In case of certification verification failure, don't pop up multiple
dialog windows asking for the same server
Sun Mar 13 19:10:27 CET 2016 mikulas:
Do not lookup .onion addresses directly, as specified by rfc7686
Wed Jan 13 01:16:49 CET 2016 Jakub Bogusz <qboosh@pld-linux.org>:
Updated Polish Translation
Wed Oct 21 19:25:09 CEST 2015 mikulas:
Security enhancement: Warn if the SSL/TLS method was downgraded
0.7.1 - 2016-06-14
------------------
- Fix issue #108 by effectively copying the items in the match_requests_on
list into the match_options set on a Cassette instance
* Replace interpreter of tools/migrate-2.0.x-2.1.0.php, too.
* Change post-patch target to pre-configure for easier maintenance of
patch files.
* Drop execute bit from lib/syncobjects/syncresolverecipient.php.
Upstream changes:
- Allow linking webkit pacrunner against javascriptcore-4.0 (webkit2).
- Allow to disable building of the KDE module (-DWITH_KDE=ON/OFF).
- Fix compilation errors with CLang on MacOSX.
- bindings: perl: Add an option to explicitly link against libperl.so Some
distributions want to do it, other prefer not to, the library is anyway in
context of perl.
- config_kde: Add a basic cache and invalidation: performance improvement for
the KDE module.
Upgrade during freeze to fix upstream regression with Qt4 and Qt5 clashes.
Requested by Ralf Nolden <nolden@kde.org>
Approved by <pkgsrc-pmc>.
./curlopt-constants.c:19:58: error: non-void function 'constant' should return a value [-Wreturn-type]
if (strEQ(name, "DID_MEMORY_FUNC_TYPEDEFS")) return CURL_DID_MEMORY_FUNC_TYPEDEFS;
^
the Makefile. Changes include:
* Fix content type selection for XML content
* Send gzip trailer in Deflatemod
* Log more details about SSL accept errors
* Support the Content-Disposition header
* Optimize buffering
