An approximate changelog 5.0.3 to 5.1.2 (resolved issues from Jira):
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Bug ROL-2057
Missing NPE check in Roller PageServlet class
Unassigned Kohei Nozaki Major 30/Mar/15
Bug ROL-2058
No salt renewal on POST request
David Johnson Kohei Nozaki Major 30/Mar/15
Bug ROL-2059
Comment preview is invisible in Gaurav theme
David Johnson Kohei Nozaki Major 30/Mar/15
Bug ROL-2061
Wrong next month link of Calendar
David Johnson Kohei Nozaki Major 30/Mar/15
Bug ROL-2062
Missing NPE check in IndexOperation#getDocument()
David Johnson Kohei Nozaki Major 30/Mar/15
Improvement ROL-2064
Add viewport meta tag to Gaurav theme
David Johnson Kohei Nozaki Trivial 30/Mar/15
Bug ROL-2065
Gaurav sometimes displaying empty summary as unresolved "$entry.summary"
David Johnson Kohei Nozaki Minor 30/Mar/15
Bug ROL-2066
Comment URLs using https:// not saving properly in Gaurav theme
David Johnson Kohei Nozaki Trivial 30/Mar/15
Bug ROL-2067
Velocity configuration improvement
David Johnson David Johnson Major 30/Mar/15
Documentation ROL-2056
Wrong pointer (section number) in Install Guide at section 11.2
Unassigned Kohei Nozaki Minor 05/Jan/15
Bug ROL-2052
Custom stylesheets not being updated correctly when user switches between shared and custom themes.
Unassigned Glen Mazza Major 06/Oct/14
Bug ROL-2051
Roller not falling back to standard theme renditions when mobile one unavailable.
Unassigned Glen Mazza Critical 02/Oct/14
Bug ROL-1387
In creating tag aggregate counts, count tags only from published blog entries
Glen Mazza linda skrocki Major 02/Oct/14
Bug ROL-1620
Plus signs in categories lead to a 404 category RSS/Atom feeds
Glen Mazza linda skrocki Major 02/Oct/14
Bug ROL-2055
Comment search should be case insensitive
Glen Mazza Glen Mazza Minor 02/Oct/14
Bug ROL-2054
Newly saved categories not appearing on blog
Glen Mazza Glen Mazza Major 02/Oct/14
Bug ROL-1974
Roller's ROME Propono dependency needs updating to use newer JARs
David Johnson Glen Mazza Minor 25/Aug/14
Bug ROL-1973
ROME dependency used by Roller needs updating
David Johnson Glen Mazza Minor 25/Aug/14
Bug ROL-1942
Uploaded media file not selectable in media file view
Greg Huber Budi Ariyanto Major 25/Aug/14
Bug ROL-1948
getRealPath() null not handled
Unassigned Jürgen Weber Major 25/Aug/14
Task ROL-2039
Rename webpage and roller_templatecode tables
Glen Mazza Glen Mazza Major 25/Aug/14
Improvement ROL-2041
gaurav theme -- render full blog entries on main blog page if no summary given
Gaurav Saini Glen Mazza Major 25/Aug/14
Improvement ROL-1999
Switch from Referrers to storing tracking codes (e.g., Google Analytics)
Unassigned Glen Mazza Major 25/Aug/14
Bug ROL-1980
When deleting categories, Roller allows you to move its entries to invisible "root" category.
Glen Mazza Glen Mazza Major 25/Aug/14
Bug ROL-1981
Allow user to specify order of blog categories
Glen Mazza Glen Mazza Major 25/Aug/14
Task ROL-1979
Remove subcategory functionality from Roller 5.1
Glen Mazza Glen Mazza Major 25/Aug/14
Bug ROL-1554
Listing Box "Invite a new user to join..." does not have a horizontal scrolling bar
Glen Mazza Davis Nguyen Major 25/Aug/14
Improvement ROL-2038
Add dualTheme element to themes.xml descriptor
Glen Mazza Glen Mazza Blocker 25/Aug/14
Improvement ROL-1938
Switch to mobile template only in standard template's index page
Unassigned Tiger Gui Major 25/Aug/14
Improvement ROL-1937
Standard and Mobile template switch improvement patch
Unassigned Tiger Gui Major 25/Aug/14
New Feature ROL-1934
LDAP Comment Authenticator
Dave Johnson (Inactive) Nick Padilla Major 25/Jan/12 25/Aug/14
Task ROL-1977
Remove unused properties from ApplicationResources.properties
Glen Mazza Anil Gangolli Minor 25/Aug/14
Improvement ROL-1881
Add delete blog entry option to entries page
Unassigned Nicolas Muller Major 25/Aug/14
Bug ROL-1571
missing graphic alt text
Unassigned mike duigou Major 25/Aug/14
Bug ROL-1928
Missing 500-to-510-migration.vm file in Roller Mobile branch
David Johnson David Johnson Major 25/Aug/14
Task ROL-2043
Switch from YUI3 to JQuery UI for autocomplete, tabs, dialogs
Glen Mazza Glen Mazza Major 25/Aug/14
Task ROL-2022
Add Categories, demote tags from gaurav theme
Gaurav Saini Glen Mazza Major 25/Aug/14
Task ROL-2008
In "switch to (media) folder" drop-down, don't list the current folder the user is in.
Greg Huber Glen Mazza Major 25/Aug/14
Bug ROL-1273
resource item error
Glen Mazza Jian Liu Major 25/Aug/14
Task ROL-1434
lots of UI messaging needs to be converted to i18n keys in resource bundles
Glen Mazza Allen Gilliland Major 25/Aug/14
Bug ROL-2044
Member management page allows user to remove himself from blog.
Glen Mazza Glen Mazza Major 25/Aug/14
Bug ROL-1966
Search highlight problem
Glen Mazza Maciej Rumianowski Major 25/Aug/14
Bug ROL-1957
Unable to find RSD template
Unassigned Harsh Gupta Major 25/Aug/14
Bug ROL-1792
Hit count increments with <link rel="stylesheet" type="text/css" media="all" href="$model.weblog.stylesheet">
Greg Huber Greg Huber Trivial 25/Aug/14
Bug ROL-1716
a bug found when call getPopularTags with the limit=-1 (v4 m1)
Unassigned guoweizhan Major 25/Aug/14
Bug ROL-1414
Email scrambler not detecting hyphens in email addresses
Allen Gilliland linda skrocki Major 25/Aug/14
Improvement ROL-1649
Korean translation resource file
Unassigned Woonsan Ko Minor 25/Aug/14
Bug ROL-1930
Saving Template causes Null Pointer Exception
David Johnson David Johnson Blocker 25/Aug/14
Task ROL-1983
Only expose AJAX User List Servlet to admin users
Glen Mazza Glen Mazza Major 25/Aug/14
Task ROL-1986
Stop sending re-confirmation email after blogger approves comment.
Greg Huber Glen Mazza Minor 25/Aug/14
Improvement ROL-1978
Switch to more SEO-friendly hyphens instead of underscores to separate blog titles
Glen Mazza Glen Mazza Minor 25/Aug/14
Bug ROL-1616
Input fields not emptied after creating a new user
Unassigned Ronald Iwema Minor 25/Aug/14
Bug ROL-1638
Problem with themes on case sensitive file systems
Unassigned German Eichberger Major 25/Aug/14
New Feature ROL-1021
Referrer queue warning / filling up in logs. unclosed sessions.
Unassigned Rob Wilson Major 25/Aug/14
Bug ROL-1927
Roller 5 MSSQL Issues/Fixes
David Johnson Nick Padilla Major 25/Aug/14
Improvement ROL-2034
Hide Profile Password fields with SSO
Glen Mazza Jürgen Weber Major 25/Aug/14
Bug ROL-1794
file uploads with spaces in their names are 404ing (incorrect URL escaping?)
Greg Huber Dick Davies Major 25/Aug/14
Improvement ROL-1370
Support of email notifications preference for blog commentors
Unassigned linda skrocki Major 25/Aug/14
Bug ROL-1346
Weblog Calendar incorrectly assuming Sunday is first day of week for every locale.
Unassigned Vahid Zaboli Major 25/Aug/14
Test ROL-2033
Test Roller 5.1 with a weblog client
David Johnson David Johnson Major 25/Aug/14
Task ROL-2010
Update User's Guide with new app screen shots
Glen Mazza Glen Mazza Major 25/Aug/14
Bug ROL-2002
https:// URLs not being processed correctly in the comment URL field
Greg Huber Glen Mazza Major 25/Aug/14
Task ROL-1994
Switch to Apache Commons Collections 4.0
Unassigned Glen Mazza Minor 25/Aug/14
Bug ROL-1870
Duplicate bookmarks not showing
Unassigned Greg Huber Major 25/Aug/14
Bug ROL-1925
Patch for the bug of OpenID only authentication
Glen Mazza Shutra Major 25/Aug/14
Improvement ROL-929
Resign | "Are you sure?" Confirmation
Glen Mazza Greg Hamer Minor 25/Aug/14
Improvement ROL-2015
Add a description element to theme descriptor file (theme.xml)
Greg Huber Glen Mazza Major 25/Aug/14
Task ROL-1997
Switch WeblogEntry's pub status fields (DRAFT, PUBLISHED, PENDING, SCHEDULED) to an enum type
Unassigned Glen Mazza Minor 25/Aug/14
Task ROL-1995
Switch to JPA Typed Queries
Glen Mazza Glen Mazza Major 25/Aug/14
Task ROL-1984
./app/src/test/resources/WEB-INF/security.xml needs updating to Spring & Spring Security 3.x namespaces
Unassigned Glen Mazza Major 25/Aug/14
Bug ROL-1738
Charset of E-Mail Subject Needs to be configurable
Unassigned SATO Naoki Major 25/Aug/14
Bug ROL-1715
SiteModel's getWeblogsByLetterPager not documented correctly
Glen Mazza David Johnson Minor 25/Aug/14
Task ROL-2028
Separate the Basic Theme into Basic and Basic Mobile Themes
David Johnson Glen Mazza Major 25/Aug/14
Bug ROL-2018
"Notify me of new comments" not working on trunk.
Glen Mazza Glen Mazza Major 25/Aug/14
Task ROL-2000
Change current rol_ prefix for two newest tables
Unassigned Glen Mazza Minor 25/Aug/14
Bug ROL-1992
Blogroll OPML import page raising 500 Security Error
Unassigned Glen Mazza Major 25/Aug/14
Task ROL-1991
Switch publish date pop-up calendar to one with year entry option
Unassigned Glen Mazza Minor 25/Aug/14
Improvement ROL-1907
Inefficient use of key set iterator.
Unassigned Shelan Perera Minor 25/Aug/14
Bug ROL-2032
Test Roller 5.1 with blogs.apache.org database & themes
David Johnson David Johnson Major 25/Aug/14
Bug ROL-2007
Changing values in Media File Editor frequently results in permissions error.
Greg Huber Glen Mazza Major 25/Aug/14
Bug ROL-1988
Category search not working if space exists in category
Glen Mazza Glen Mazza Major 25/Aug/14
Bug ROL-1952
Roller 5.0.1 does not work with PostgreSQL 9.1
Unassigned Matthias Wimmer Major 25/Aug/14
Bug ROL-1746
Uploaded file names are lower-cased with AtomPub.
Greg Huber Tatsuya Noyori Major 25/Aug/14
Bug ROL-1596
Frontpage theme lose record!
Glen Mazza xiaojf Major 25/Aug/14
Improvement ROL-1430
French Translation (based on version 4.0 files)
Unassigned Denis Balazuc Minor 25/Aug/14
Improvement ROL-1965
Searching with locale on Multi Language blog
Glen Mazza Maciej Rumianowski Major 25/Aug/14
Bug ROL-2016
roller-startup.log not created on startup
Greg Huber Greg Huber Minor 25/Aug/14
Bug ROL-2009
Custom template theme folder creation isn't working
Unassigned Glen Mazza Major 25/Aug/14
Improvement ROL-1947
Provide a blog entry-level description field that can go into HTML header field
Dave Johnson (Inactive) Glen Mazza Major 25/Aug/14
Bug ROL-1956
ValidateSaltFilter not working on file upload
Greg Huber Matthias Wimmer Major 25/Aug/14
Bug ROL-1954
user weblogs cannot be managed when admin logs in and select any user via Server Aministration and clicks on eit
Unassigned Harsh Gupta Major 25/Aug/14
Bug ROL-1795
Posting comments with SchemeEnforcementFilter in operation.
Greg Huber Greg Huber Minor 25/Aug/14
Task ROL-2030
Replace Xinha editor with something more recent
Unassigned Glen Mazza Minor 25/Aug/14
Task ROL-1968
Upgrade Spring Security from 2.0.7 to 3.1.4
Unassigned Glen Mazza Major 25/Aug/14
Improvement ROL-1964
SearchServlet does not preserve locale
Unassigned Maciej Rumianowski Minor 25/Aug/14
Task ROL-2005
Switch to top-level folders only for Media Files
Unassigned Glen Mazza Major 25/Aug/14
Bug ROL-1739
Missing constraint on weblogentrytagagg table
Glen Mazza David Johnson Major 25/Aug/14
Bug ROL-1778
Blog entry preview before first publish not working with Derby database
Glen Mazza José Arthur Benetasso Villanova Major 25/Aug/14
Upstream changelog:
Catalina
++++++++
fix Correct typo in the message shown by HttpServlet for unexpected
HTTP method. (kkolinko)
add Allow to configure RemoteAddrValve and RemoteHostValve to adopt
behavior depending on the connector port. Implemented by
optionally adding the connector port to the string compared with
the patterns allow and deny. Configured using addConnectorPort
attribute on valve. (rjung)
fix 56608: Fix IllegalStateException for JavaScript files when
switching from Writer to OutputStream. The special handling of
this case in the DefaultServlet was broken due to a MIME type
change for JavaScript. (markt)
fix 57675: Correctly quote strings when using the extended access
log. (markt)
Coyote
++++++
fix 57234: Make SSL protocol filtering to remove insecure protocols
case insensitive. Correct spelling of filterInsecureProtocols
method. (kkolinko/schultz)
fix When applying the maxSwallowSize limit to a connection read
that many bytes first before closing the connection to give
the client a chance to read the response. (markt)
fix 57544: Fix a potential infinite loop when preparing a kept
alive HTTP connection for the next request. (markt)
add 57570: Make the processing of chunked encoding trailing headers
optional and disabled by default. (markt)
fix 57581: Change statistics byte counter in coyote Request object
to be long to allow values above 2Gb. (kkolinko)
update Update the minimum recommended version of the Tomcat Native
library (if used) to 1.1.33. (markt)
Jasper
++++++
fix Fix potential issue with BeanELResolver when running under a
security manager. Some classes may not be accessible but may
have accessible interfaces. (markt)
fix Simplify code in ProtectedFunctionMapper class of Jasper
runtime. (kkolinko)
fix 57801: Improve the error message in the start script in case
the PID read from the PID file is already owned by a process.
(rjung)
Web applications
++++++++++++++++
fix Update documentation for CGI servlet. Recommend to copy the
servlet declaration into web application instead of enabling
it globally. Correct documentation for cgiPathPrefix. (kkolinko)
update Improve Tomcat Manager documentation. Rearrange, add section
on HTML GUI, document /expire command and Server Status page.
(kkolinko)
add 54143: Add display of the memory pools usage (including PermGen)
to the Status page of the Manager web application. (kkolinko)
fix Fix several issues with status.xsd schema in Manager web
application, testing it against actual output of
StatusTransformer class. (kkolinko)
update Align algorithm that generates anchor names in Tomcat
documentation with Tomcat 7/8/9. No visible changes, but may
help with future updates to the documentation. (kkolinko)
fix 56058: Add links to the AccessLogValve documentation for
configuring reverse proxies and/or Tomcat to ensure that the
desired information is used entered in the access log when
Tomcat is running behind a reverse proxy. (markt)
fix 57503: Make clear that the JULI integration for log4j only
works with log4j 1.2.x. (markt)
update 57644: Update examples to use Apache Standard Taglib 1.2.5.
(jboynes/kkolinko)
fix 57706: Clarify the documentation for the AJP connector to make
clearer that when using tomcatAuthentication="false" the user
provided by the reverse proxy will not be associated with any
roles. (markt)
fix Correct the documentation for deployOnStartup to make clear
that if a WAR file is updated while Tomcat is stopped and
unpackWARs is true, Tomcat will not detect the changed WAR
file when it starts and will not replace the unpacked WAR file
with the contents of the updated WAR. (markt)
add 57759: Add information to the keyAlias documentation to make
it clear that the order keys are read from the keystore is
implementation dependent. (markt)
fix 57864: Update the documentation web application to make it
clearer that hex values are not valid for cluster send options.
Based on a patch by Kyohei Nakamura. (markt)
Other
+++++
add 57344: Provide sha1 checksum files for Tomcat downloads.
(kkolinko)
fix 57558: Change catalina-tasks.xml to use all jars in
${catalina.home}/lib to define Tomcat Ant tasks. This fixes
a NoClassDefFoundError with validate task. (kkolinko)
update Update to Tomcat Native Library version 1.1.33 to pick up the
Windows binaries that are based on OpenSSL 1.0.1m and APR 1.5.1.
(markt)
-------------------
6.11 2015-05-16
- Deprecated build_body and build_headers methods in Mojo::Content.
- Added headers_contain method to Mojo::Content.
- Updated jQuery to version 2.1.4.
- Fixed indentation of ASCII art in documentation browser. (jberger)
- Fixed bug where inline was not considered a reserved stash value.
6.10 2015-04-26
- Removed support for user/group switching, because it never worked
correctly, which means that this security feature has become an attack
vector itself. If you depend on this functionality, you can now use the
CPAN module Mojolicious::Plugin::SetUserGroup instead.
- Removed group and user attributes from Mojo::Server.
- Removed setuidgid method from Mojo::Server.
- Removed group and user settings from Hypnotoad.
- Removed -g/--group and -u/--user options from daemon and prefork commands.
- Added next_tick method to Mojo::Reactor::Poll.
- Improved next_tick callbacks to run in the same order in which they were
registered.
6.09 2015-04-25
- Improved HTML Living Standard compliance of Mojo::Parameters. (riche, sri)
- Fixed bug in Mojolicious::Types where the json MIME type did not specify a
charset. (kaktus)
Changelog:
Fixed Systems with first generation NVidia Optimus graphics cards may crash on start-up
Fixed Users who import cookies from Google Chrome can end up with broken websites
Fixed WebRTC H264 video streams from CiscoSpark native clients are not decoded correctly. (Fixed in Firefox ESR 38.0.1; was already fixed in Firefox 38.0)
Fixed Large animated images may fail to play and may stop other images from loading
- Nothing changed, but just a note. 'make test' fails at t/12-html_fragment_ok.t.
It is because the randomness of error output, saying either <head><title><html>
is missing (if neither of them exists). (To see, try 'make test' several times).
(upstream)
- update 2.20 to 2.22
-------------------
2.22 Mon Apr 6 15:47:11 CDT 2015
[CHANGES THAT COULD BREAK YOUR CODE]
Previously, html_ok() would not check the entire structure of a web
page to check for <html>, <head>, <title> and <body> tags. Now it
will. If you want to check fragments of HTML for validity but know
that they are not valid HTML documents on their own, use the new
html_fragment_ok().
[ENHANCEMENTS]
Added new error, elem-input-alt-missing, that warns of <input
type="image"> tags that are missing an alt="" attribute. This helps
for accessability to make sure that any images have alternate text
for screen readers.
Added ability to modify HTML::Lint's table of known tags and
attributes, so you could do this:
# Add an attribute that your company uses.
HTML::Lint::HTML4::add_attribute( 'body', 'proprietary-attribute' );
# Add the HTML 5 <canvas> tag.
HTML::Lint::HTML4::add_tag( 'canvas' );
HTML::Lint::HTML4::add_attribute( 'canvas', $_ ) for qw( height width );
[FIXES]
Test::HTML::Lint::html_ok() would not call the HTML::Lint eof()
method, which meant it wouldn't do document-wide tests.
Changelog:
Change the format of the Tomcat specific URLs for resources inside JARs that are in turn packed in a WAR. The ^/ sequence has been replaced by */ so that the resulting URLs are compliant with RFC 2396 and do not trigger exceptions when converted to URIs. The old format will continue to be accepted.
Allow logging of the remote port in the access log using the format pattern %{remote}p.
When checking last modified times as part of the automatic deployment process, account for the fact that File.lastModified() has a resolution of one second to ensure that if a file has been modified within the last second, the latest version of the file is always used. Note that a side-effect of this change is that files with modification times in the future are treated as if they are unmodified.
Align redeploy resource modification checking with reload modification checking so that now, in both cases, a change in modification time rather than an increase in modification time is used to determine if the resource has changed.
Note: There is a known issue with NIO2 and SSL/TLS in this and previous releases that can result in dropped connections. It is not recommended that NIO2 is used in production with SSL/TLS until this issue is resolved (the fix is expected in 8.0.23).
Changelog:
New New tab-based preferences
New Ruby annotation support
New Base for the next ESR release.
Changed autocomplete=off is no longer supported for username/password fields
Changed URL parser avoids doing percent encoding when setting the Fragment part of the URL, and percent decoding when getting the Fragment in line with the URL spec
Changed RegExp.prototype.source now returns "(?:)" instead of the empty string for empty regular expressions
Changed Improved page load times via speculative connection warmup
HTML5 WebSocket now available in Web Workers
HTML5 BroadcastChannel API implemented
HTML5 Implemented srcset attribute and <picture> element for responsive images
HTML5 Implemented DOM3 Events KeyboardEvent.code
HTML5 Mac OS X: Implemented a subset of the Media Source Extensions (MSE) API to allow native HTML5 playback on YouTube
HTML5 Implemented Encrypted Media Extensions (EME) API to support encrypted HTML5 video/audio playback (Windows Vista or later only)
HTML5 Automatically download Adobe Primetime Content Decryption Module (CDM) for DRM playback through EME (Windows Vista or later only)
Developer Optimized-out variables are now visible in Debugger UI
Developer XMLHttpRequest logs in the web console are now visually labelled and can be filtered separately from regular network requests
Developer WebRTC now has multistream and renegotiation support
Developer copy command added to console
Fixed Various security fixes
Fixed in Firefox 38
2015-58 Mozilla Windows updater can be run outside of application directory
2015-57 Privilege escalation through IPC channel messages
2015-56 Untrusted site hosting trusted page can intercept webchannel responses
2015-55 Buffer overflow and out-of-bounds read while parsing MP4 video metadata
2015-54 Buffer overflow when parsing compressed XML
2015-53 Use-after-free due to Media Decoder Thread creation during shutdown
2015-52 Sensitive URL encoded information written to Android logcat
2015-51 Use-after-free during text processing with vertical text enabled
2015-50 Out-of-bounds read and write in asm.js validation
2015-49 Referrer policy ignored when links opened by middle-click and context menu
2015-48 Buffer overflow with SVG content and CSS
2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer
2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
WordPress 4.2.2 fixes a cross-site scripting vulnerability contained in an HTML
file shipped with recent Genericons packages included in the Twenty Fifteen
theme as well as a number of popular plugins by removing the file.
Version 4.2.2 also improves on a fix for a critical cross-site scripting
vulnerability introduced in 4.2.1.
The release also includes hardening for a potential cross-site scripting
vulnerability when using the Visual editor.
In addition to the security fixes, WordPress 4.2.2 contains fixes for 13 bugs
from 4.2.1, including:
o Fixes an emoji loading error in IE9 and IE10
o Fixes a keyboard shortcut for saving from the Visual editor on Mac
o Fixes oEmbed for YouTube URLs to always expect https
o Fixes how WordPress checks for encoding when sending strings to MySQL
o Fixes a bug with allowing queries to reference tables in the dbname.tablename
format
o Lowers memory usage for a regex checking for UTF-8 encoding
o Fixes an issue with trying to change the wrong index in the wp_signups table
on utf8mb4 conversion
o Improves performance of loop detection in _get_term_children()
o Fixes a bug where attachment URLs were incorrectly being forced to use https
in some contexts
o Fixes a bug where creating a temporary file could end up in an endless loop.
---------------------
VERSION 3.06
Maintenance release with a couple new features: support for "charset:
utf8" in "Source::File", add_before_option/add_after_option c/o Victor
Porton, and support for HTML5 type names c/o Wolfgang Radke.
- Adjust following depends for 'make test'
Convert DEPENDS to BUILD_DEPENDS, p5-CPAN-Changes
Add BUILD_DEPENDS p5-Test-Deep-[0-9]*
(upstream)
- Update 2.07 to 2.09
-------------------
2.09 2015-03-08
[DOCUMENTATION]
- Clarify order of use statements when using both CGI and CGI::Fast
- Replace indirect object notation with ->new
[TESTING]
- Tests for CGI imports and load order
- Add BUILD_DEPENDS+= p5-CGI-Emulate-PSGI for 'make test'
(upstream)
- Update to 0.19
--------------
0.19 2015-03-06 11:33:32 PST
- fix signal related test fails on Win32 (rkitover) #16
- Add three BUILD_DEPENDS for 'make test'.
p5-JSON-MaybeXS, p5-Module-Pluggable, p5-Test-Deep
(upstream)
- Update to 1.004
---------------
1.004 2015-03-05 05:18:44Z
- fix the Gist plugin to work with github's stricter validation
(PR #11, Tatsuhiko Miyagawa)
- removed +x permissions on files (RT#102361)
- mark the Codepeek service as deprecated (RT#101823)
TEST_TARGET?= # to skip make test (but can be enabled by 'env TEST_TARGET=test make test')
for following packages:
devel/p5-File-ShareDir-Install
time/p5-DateTime-Format-Strptime
www/p5-LWP-Protocol-https
- Add BUILD_DEPENDS for make test
Upstream changes:
1.22 2015-01-29 04:51:51+01:00 Europe/Berlin
- Fix for the fix..... don't ask
1.21 2015-01-29 04:48:58+01:00 Europe/Berlin
- Fix for failing test if Plack is not installed
1.20 2015-01-28 16:20:59+01:00 Europe/Berlin
-new method 'part_data' which preserves multipart meta information just in cause
you have a form upload with unexpected charsets, etc.
Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages
technologies. The Java Servlet and JavaServer Pages specifications are
developed under the Java Community Process.
Apache Tomcat is developed in an open and participatory environment and
released under the Apache Software License. Apache Tomcat is intended to
be a collaboration of the best-of-breed developers from around the world.
We invite you to participate in this open development project.
Apache Tomcat powers numerous large-scale, mission-critical web applications
across a diverse range of industries and organizations.
This package tracks 8.x release branch.
* Remove PKG_DESTDIR_SUPPORT=destdir.
It seems that this package works fine with user-destdir.
Changelog:
Add support for Java 8 JSSE server-preferred TLS cipher suite ordering. This feature requires Java 8.
Update to Tomcat Native Library version 1.1.33 to pick up the Windows binaries that are based on OpenSSL 1.0.1m and APR 1.5.1.
Implement a new feature for AJP connectors - Tomcat Authorization. If enabled Tomcat, will take an authenticated user name from the AJP protocol and use the appropriate Realm for the request to authorize (i.e. add roles) to that user.
Update the Eclipse JDT compiler to version 4.4.2.
Changes:
Wordpress 4.2:
o Press This has been completely revamped. Clip it, edit it, publish it. Get
familiar with the new and improved Press This. From the Tools menu, add Press
This to your browser bookmark bar or your mobile device home screen. Once
installed you can share your content with lightning speed. Sharing your
favorite videos, images, and content has never been this fast or this easy.
o Now you can browse and switch installed themes in the Customizer. Browse and
preview your installed themes from the Customizer. Make sure the theme looks
great with your content, before it debuts on your site.
o More intuitive plugin update and install from the Plugins Screen. Goodbye
boring loading screen, hello smooth and simple plugin updates. Click Update Now
and watch the magic happen.
o Writing in WordPress, whatever your language, just got better. WordPress 4.2
supports a host of new characters out-of-the-box, including native Chinese,
Japanese, and Korean characters, musical and mathematical symbols, and
hieroglyphs. Don’t use any of those characters? You can still have fun — emoji
are now available in WordPress! Get creative and decorate your content with 💙,
🐸, 🐒, 🍕, and all the many other emoji.
Wordpress 4.2.1:
o fix for a critical cross-site scripting (XSS) vulnerability, which could
enable commenters to compromise a site.
* Fix X509 server certificate domain matching
* Bug 3775: Disable HTTP/1.1 pipeline feature for pinned connections
* Cleanup: Display correct error code in debugging output for IoCallback::finish
* Cleanup: Fix spelling error in debug message in parseHttpRequest()
* Cleanup: Add whitespace to make debug message in writeComplete() more readable
* Add Kerberos support for MAC OS X 10.x
* Bug 4234: comm_connect_addr uses errno incorrectly
* Fix 'access_log none' to prevent following logs being used
* Unexpected SQUID_X509_V_ERR_DOMAIN_MISMATCH errors while accessing sites with valid certificates
* Docs: Update CONTRIBUTORS
* Ensure class Lock counter remains within bounds
* Portability: Add hacks to define C++11 explicit N-bit type limits
* Fix SSL_get_peer_certificate memory leak
* Bug 4231 pt2: comm_open_uds does not provide description for newly opened FD
* Bug 4231 pt1: fd_open() not correctly handling empty descriptions
* Negotiate Kerberos authentication request size exceeds output buffer size.
* Do not increment an iterator invalidated by std::map::erase().
* Fix require-proxy-header preventing HTTPS proxying and ssl-bump
* Fix atomics check broken by C++11 #include added in v3.5 branch r13783
* Support for resuming TLS sessions
* Bug 4212: ssl_crtd crashes with corrupt database
* Fix rev.13795 ServerName class
* Add server_name ACL matching server name(s) obtained from various sources
* Bug 4226: digest_edirectory_auth: found but cannot be built
* Invalid request->clientConnectionManager object used by Ssl::PeerConnector::handleNegotiateError
* Bug 4198: assertion failed: client_side.h:364: "sslServerBump == srvBump"
* Fix cross-compile issues with SSL_get_certificate()
* Docs: RFC 7238 obsoleted by RFC 7538
* Boilerplate: reference Translator copyrights in CREDITS
* Cleanup: Place explicit size on ref-count lock counter
* Cleanup: extend SBuf debugging information
* digest_edirectory_auth: Fix -lnettle dependency error
Version 7.42.1 (28 Apr 2015)
Daniel Stenberg (28 Apr 2015)
- RELEASE-NOTES: 7.42.1 ready
- CURLOPT_HEADEROPT: default to separate
Make the HTTP headers separated by default for improved security and
reduced risk for information leakage.
Bug: http://curl.haxx.se/docs/adv_20150429.html
Reported-by: Yehezkel Horowitz, Oren Souroujon
- RELEASE-NOTES: synced with a6e0270e
- sws: init http2 state properly
It would otherwise cause problems when running tests after 1801 etc.
- curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
... as it was previouly undocumented what the pointer was.
- openssl: fix serial number output
The code extracting the cert serial number was broken and didn't display
it properly.
Bug: https://github.com/bagder/curl/issues/235
Reported-by: dkjjr89
- [Alessandro Ghedini brought this change]
curl.1: fix typo
- RELEASE-NOTES: toward 7.42.1, synced with 097460a
- [Kamil Dudka brought this change]
curl -z: do not write empty file on unmet condition
This commit fixes a regression introduced in curl-7_41_0-186-g261a0fe.
It also introduces a regression test 1424 based on tests 78 and 1423.
Reported-by: Viktor Szakats
Bug: https://github.com/bagder/curl/issues/237
- [Kamil Dudka brought this change]
docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too
- connectionexists: follow-up to fd9d3a1ef1f
PROTOPT_CREDSPERREQUEST still needs to be checked even when NTLM is not
enabled.
Mistake-caught-by: Kamil Dudka
- connectionexists: fix build without NTLM
Do not access NTLM-specific struct fields when built without NTLM
enabled!
bug: http://curl.haxx.se/?i=231
Reported-by: Patrick Rapin
- dist: include {src,lib}/checksrc.whitelist
Upstream changes:
0.303 Wed Apr 29 2015
[FIXES]
- closed RT #90414 (Vincenzo Buttazzo), fixing HTTPS data transfer
- closed RT #62950 (Slaven Rezic), adding the port to the Via: header
[DOCUMENTATION]
- added many more contributors in the META file
[TEST]
- fixed t/23connect.t
0.302 Sat Jan 31 2015
[DOCUMENTATION]
- fix RT #85632 (Ashley Pond V)
- multiple documentation fixes (Ashley Pond V)
- list git contributors in the META file
[PACKAGING]
- switch to Dist::Zilla for maintaining the distribution
+devel/p5-MetaCPAN-Client version 1.013000
+devel/p5-Search-Elasticsearch version 1.19
+net/p5-Test-RequiresInternet version 0.04
+www/p5-Any-URI-Escape version 0.01
+www/p5-Hijk version 0.20
+www/p5-WWW-Mechanize-Cached version 1.48
Uses the Cache::Cache hierarchy by default to implement a caching
Mech. This lets one perform repeated requests without hammering a
server impolitely.
Please note that Cache::Cache has been superceded by CHI, but the
default has not been changed here for reasons of backwards
compatibility. For this reason, you are encouraged to provide your own
CHI caching object to override the default.
Hijk is a fast & minimal low-level HTTP client intended to be used
where you control both the client and the server, e.g. for talking to
some internal service from a frontend user-facing web application.
It is NOT a general HTTP user agent, it doesn't support redirects,
proxies, SSL and any number of other advanced HTTP features like (in
roughly descending order of feature completeness) LWP::UserAgent,
WWW::Curl, HTTP::Tiny, HTTP::Lite or Furl. This library is basically
one step above manually talking HTTP over sockets.
Having said that it's lightning fast and extensively used in
production at Booking.com where it's used as the go-to transport layer
for talking to internal services. It uses non-blocking sockets and
correctly handles all combinations of connect/read timeouts and other
issues you might encounter from various combinations of parts of your
system going down or becoming otherwise unavailable.
Upstream changes:
0.160000 2015-04-27 00:12:55+02:00 Europe/Amsterdam
[ BUG FIXES ]
* GH #868: Fix incorrect access name in $error->throw. (cdmalon)
* GH #879, #883: Fix version numbering in packaging and tests.
(Russell Jenkins)
* File serving (send_file) won't call serializer. (Russell Jenkins)
* GH #892, #510: Workaround for multiple plugins with hooks.
(Russell Jenkins, Alberto Sim玫es)
* GH #558: Remove "prefix" inconsistency with possibly missing postfixed
forward slash. (Sawyer X)
[ DOCUMENTATION ]
* GH #816, #874 Document session engine changes in migration documentation.
(Chenchen Zhao)
* GH #866, #870: Clarify that you cannot forward to a static file, why,
and two different ways of accomplishing it without forward.
(Sakshee Vijayvargia)
* GH #878: Rework example for optional named matching due to operator
precedence. (Andrew Solomon)
* GH #844: Document Simple session backend is the default. (Sawyer X)
[ ENHANCEMENT ]
* GH #869: Streaming file serving (send_file). (Russell Jenkins)
* GH #793: "prefix" now supports the path definition spec. (Sawyer X)
* GH #817, #845: Route spec under a prefix doesn't need to start with
a slash (but must without a prefix).
(Sawyer X, Russell Jenkins)
* GH #871: Use Safe.pm instead of eval with Dancer2::Serializer::Dumper.
(David Zurborg)
* GH #880: Reduce and cleanup different logging calls in order to handle
the stack frames traceback for logging classes. (Russell Jenkins)
* GH #857, #875: When failing to render in Template::Toolkit, make the
error reflect it's a TT error, not an internal one.
(valerycodes)
libraries, and ensure the socket libraries are added for both the main
library and test programs which use the static library.
While here use OPSYSVARS instead of bsd.fast.prefs.mk
Upstream changes:
1.3135 2015-04-22
[DOCUMENTATION]
- Document how to work with Dist::Zilla and the 'devel' branch.
[ENHANCEMENTS]
- Deprecate 'auto_reload' and document alternatives. (GH#1106, isync)
- Change YAML tests to be in line with new specs. (GH#1108, Slaven Rezi)
[STATISTICS]
- code churn: 12 files changed, 150 insertions(+), 50 deletions(-)
