cairo versions that conflict with Mozilla's included version.
Reported via PR#37006 and fixed with input from Vincent on tech-pkg@netbsd.org.
Bump PKGREVISION.
cairo versions that conflict with Mozilla's included version.
Reported via PR#37006 and fixed with input from Vincent on tech-pkg@netbsd.org.
Bump PKGREVISION.
Add p5-Text-Markdown to dependencies, since the Makefile complains about it.
Add two dependencies that were marked as "optional" in the pkgsrc Makefile.
XXX: A few dependencies should be checked, if they are really needed here.
Don't bump PKGREVISION because the update was a very short time ago.
Changes since 1.32:
ikiwiki (2.5) unstable; urgency=low
In this version the rst plugin allows raw html to be embedded in rst files.
As long as the htmlscrubber is enabled, this should be safe. If you are
using the rst plugin without the htmlscrubber in a publically writable wiki,
you should turn on the htmlscrubber.
-- Joey Hess <joeyh@debian.org> Sun, 29 Jul 2007 18:37:22 -0400
ikiwiki (2.5) unstable; urgency=low
Due to some config changes in this version, wrappers need to be rebuilt on
upgrade. If you listed your wiki in /etc/ikiwiki/wikilist this will be
one automatically when the Debian package is upgraded.
-- Joey Hess <joeyh@debian.org> Sun, 29 Jul 2007 17:54:40 -0400
ikiwiki (2.1) unstable; urgency=low
Some wikis need to be rebuilt on upgrade to this version, due to changes to
page templates and the style sheet. If you listed your wiki in
/etc/ikiwiki/wikilist this will be done automatically when the Debian
package is upgraded. Or use ikiwiki-mass-rebuild to force a rebuild.
-- Joey Hess <joeyh@debian.org> Thu, 26 Apr 2007 15:50:36 -0400
ikiwiki (2.00) unstable; urgency=low
With the 2.0 release of ikiwiki, some major changes have been made to the
default configuration:
* The 'usedirs' setting is enabled by default. This *will* break all URLs
to wikis that did not have 'usedirs' turned on before, unless you follow
the procedure described at <http://ikiwiki.info/tips/switching_to_usedirs>,
or edit your setup file to turn usedirs off:
usedirs => 0,
* OpenID logins are now enabled by default, if the Net::OpenID::Consumer
perl module is available. Password logins are also still enabled
by default. If you like, you can turn either OpenID or password logins
off via the 'disable_plugins' setting.
-- Joey Hess <joeyh@debian.org> Sun, 29 Apr 2007 19:00:43 -0400
ikiwiki (1.51) unstable; urgency=low
Some wikis need to be rebuilt on upgrade to this version, due to changes to
page layout and the style sheet. If you listed your wiki in
/etc/ikiwiki/wikilist this will be done automatically when the Debian
package is upgraded. Or use ikiwiki-mass-rebuild to force a rebuild.
-- Joey Hess <joeyh@debian.org> Thu, 26 Apr 2007 15:50:36 -0400
ikiwiki (1.50) unstable; urgency=low
Permalinks and guids in rss and atom feeds for wikis using the usedirs
options will change in this release. If you have already enabled usedirs,
you may need to take steps to avoid flooding aggregators.
-- Joey Hess <joeyh@debian.org> Sat, 14 Apr 2007 16:08:46 -0400
ikiwiki (1.49) unstable; urgency=low
Third-party plugins that use htmlpage() or abs2rel() to generate links
may need changes to support the new "usedirs" option.
-- Joey Hess <joeyh@debian.org> Sun, 01 Apr 2007 16:20:09 -0400
ikiwiki (1.47) unstable; urgency=low
Due to a security fix, wikis that have the htmlscrubber enabled can no
longer use the meta plugin to insert html link and meta tags.
Some special case methods have been added for safely including stylesheets,
and for doing openid delegation. See the meta plugin docs for details.
-- Joey Hess <joeyh@debian.org> Wed, 21 Mar 2007 14:18:40 -0400
ikiwiki (1.45) unstable; urgency=low
Wikis need to be rebuilt on upgrade to this version. If you listed your wiki
in /etc/ikiwiki/wikilist this will be done automatically when the Debian
package is upgraded. Or use ikiwiki-mass-rebuild to force a rebuild.
-- Joey Hess <joeyh@debian.org> Wed, 7 Mar 2007 23:02:52 -0500
ikiwiki (1.44) unstable; urgency=low
The htmllink() function has changed slightly and plugins that use it may
need to change how they call it. This function's first three parameters
are unchanged, but additional options are now passed using named
parameters. If you used htmllink with more than 3 parameters, you will
need to change it. The plugin interface version has been increased to 1.02
to reflect this change.
-- Joey Hess <joeyh@debian.org> Mon, 19 Feb 2007 21:10:12 -0500
ikiwiki (1.42) unstable; urgency=low
The anonok setting in config files has been removed. To enable
httpauth support on your wiki, you should now enable the anonok plugin,
instead.
Third-party plugins that use pagespec_match() should be updated to pass
the new third parameter (from) to that function. This is needed for the
new relative glob matching to work.
-- Joey Hess <joeyh@debian.org> Thu, 1 Feb 2007 16:57:59 -0500
ikiwiki (1.34) unstable; urgency=low
The httpauth setting in config files has been removed. To enable
httpauth support on your wiki, you should now enable the httpauth plugin,
instead.
This release includes OpenID support that is enabled through the openid
plugin. I recommend turning this on to make it easier for users to sign
in to your wiki.
-- Joey Hess <joeyh@debian.org> Sun, 19 Nov 2006 20:53:05 -0500
This version only fixes a Windows-specific security issue, but update
nevertheless so we start the freeze with the latest available version.
(People will start asking about this update anyway?)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.7/releasenotes/
Changes:
* support for OS/400 Secure Sockets Layer library
* curl_easy_setopt() now allocates strings passed to it
* SCP and SFTP support now requires libssh2 0.16 or later
* LDAP libraries are now linked "regularly" and not with dlopen
* HTTP transfers have the download size info "available" earlier
* FTP transfers have the download size info "available" earlier
* builds and runs on OS/400
* several error codes and options were marked as obsolete and subject to future removal (set CURL_NO_OLDIES to see if your application is using them)
* SFTP errors can return more specific error codes
Bugfixes:
* test cases 31, 46, 61, 506, 517 now work in time zones that use leap seconds
* problem with closed proxy connection during HTTP CONNECT auth negotiation
* transfer-encoding skipping didn't ignore the 407 response bodies properly
* CURLOPT_SSL_VERIFYHOST set to 1
* CONNECT endless loop
* krb5 support builds with Heimdal
* added returned error string for connection refused case
* re-use of dead FTP control connections
* login to FTP servers that don't require (nor understand) PASS after the USER command
* bad free of memory from libssh2
* the SFTP PWD command works
* HTTP Digest auth on a re-used connection
* FTPS data connection close
* AIX 4 and 5 get to use non-blocking sockets
* small POST with NTLM
* resumed file:// transfers
* CURLOPT_DNS_CACHE_TIMEOUT and CURLOPT_DNS_USE_GLOBAL_CACHE are 64 bit "clean"
* memory leak when handling compressed data streams from broken servers
* no NTLM unicode response
* resume HTTP PUT using Digest authentication
* FTP NOBODY requests on directories sent "SIZE (null)"
* FTP NOBODY request on file crash
* excessively long FTP server responses and response lines
* file:// upload then FTP:// upload crash
* TFTP error 0 is no longer treated as success
* uploading empty file over FTP on re-used connection
* superfluous CWD command on re-used FTP connections without subdirs used
* fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
--> fixed FastCGI header overrun in mod_fastcgi
* fixed hanging redirects with keep-alive due to missing
"Content-Length: 0" headers
* fixed crashing when using undefined environment variables in the config
* added dir-listing.set-footer in mod_dirlisting (#1277)
* added sending UID and PID for SIGTERM and SIGINT to the logs
* fixed compression of files < 128 bytes by disabling compression (#1241)
* fixed mysql server reconnects (#518)
* fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166)
* fixed crash on mixed EOL sequences in mod_cgi
* fixed key compare (#1287)
* fixed invalid char in header values (#1286)
* fixed invalid "304 Not Modified" on broken timestamps
--> fixed endless loop on shrinked files with sendfile() on BSD (#1289)
--> fixed counter overrun in ?auto in mod_status (#909)
* fixed too aggresive caching of nested conditionals (#41)
--> fixed possible overflow in unix-socket path checks on BSD (#713)
* fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
* fixed handling of duplicate If-Modified-Since to return 304
* fixed extracting status code from NPH scripts (#1125)
* removed config-check if passwd files exist (#1188)
* fixed crash when etags are disabled but the client sends one (#1322)
* fixed crash when freeing the config in mod_alias
* fixed server.error-handler-404 breakage from 1.4.16 (#1270)
* fixed entering 404-handler from dynamic content (#948)
* added more debug infos for FAM based stat-cache
The highlighted changes are security vulnerabilities that are fixed in
this release.
[2007/08/26] nspluginwrapper 0.9.91.5
Fix a memory leak in NPP_Destroy()
Fix DiamondX XEmbed example plugin
Fix focus problems (Debian bug #435912)
Add support for 64-bit plugins (Martin Stransky)
Add support for newer NPAPI 0.17 functions and variables
Add support for broken 64-bit Konqueror versions (run-time detect)
[2007/04/03] nspluginwrapper 0.9.91.4
Dont try to wrap native plugins
Fix build on NetBSD (David Brownlee)
Fix build on DragonFlyBSD (Steve OHara-Smith)
Fix build on Linux systems with SSP enabled by default (Kristian Hermansen)
* None of the source files seems to reference any function in libutil, so
remove it from the libraries linked into mini_httpd and mhtpasswd.
* Make this work on Solaris by linking mini_httpd with the usual
"-lnsl -lsocket" dance.
Bump PKGREVISION to 4 due to changed library linkage in the installed
binaries.
HTML::WikiConverter is an HTML to wiki converter capable of converting
HTML source into a variety of wiki dialects. It's aimed at folks
who are converting vanilla HTML websites into wikis.
The following dialects are supported:
DokuWiki
Kwiki
Markdown
MediaWiki
MoinMoin
Oddmuse
PbWiki
PhpWiki
PmWiki
SnipSnap
TikiWiki
UseMod
WakkaWiki
WikkaWiki
This update is a bug and security fix release. The following security
problem hasn't been fixed in "pkgsrc" before:
- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
parsing date-related headers.
to build bozohttpd.
* Use a custom do-install target to install the binary and the manpage.
* Replace the pre-build target with a subst framework class.
Bump the PKGREVISION to 1 now that we no longer build or install the
catman page.
to version 2.0.61.
This update is a bug and security fix release. The following security
problem hasn't been fixed in "pkgsrc" before:
- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
parsing date-related headers.
libcrypt.so and so just include <unistd.h> is enough to use crypt().
This doesn't work when the assumption fails. Since we always build
with SSL support in pkgsrc, just use the DES_crypt() from the OpenSSL
libraries.
and to support the "inet6" option instead.
Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files. Replace:
BUILD_DEFS+= USE_INET6
with
BUILD_DEFS+= IPV6_READY
and teach the README-generation tools to look for that instead.
This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
The Pound program is a reverse proxy, load balancer and HTTPS front-end
for Web server(s). Pound was developed to enable distributing the
load among several Web-servers and to allow for a convenient SSL wrapper
for those Web servers that do not offer it natively. Pound is a very
small program, easily audited for security problems. It can run as
setuid/setgid and/or in a chroot jail. Pound does not access the
hard-disk at all (except for reading the certificate file on start,
if required) and should thus pose no security threat to any machine.
When the svn option is enabled (as it is per default), depend on
subversion-base instead of subversion (only the svn executable is
needed).
Bump PKGREVISION.
A Perl implementation of the Facebook API, working off of the
canonical Java and PHP implementations. By default it uses JSON::Any
to parse the response returned by Facebook's server. There is an
option to return the raw response in either XML or JSON.
Changes to squid-2.6.STABLE16 (5 Sep 2007)
- Test for sys/capability.h linux include file to avoid failing on
linux systems missing libcap
- Release private objects on cache rebuild
- Segfault in clientBuildReplyHeader when http->entry == NULL
- Bug #2072: digest_pw_auth fails when using plaintext passwords
- Bug #2073: assertion failed: client_side.c:4175: "buf != NULL ||
!conn->body.request on POST
- Adjust default pconn timeouts to avoid shutting down connection while
child sends request
- Bug #1980: cache_peer monitortimeout not working
- Bug #1882: Parent responses are not cached if sibling returns 504
- More squid.conf reordering to get the dependencies between options
sorted proper
Changes to squid-2.6.STABLE15 (31 Aug 2007)
- The select() I/O loop got broken by the /dev/poll addition
(2.6.STABLE14)
- Bug #2017: Fails to work around broken servers sending just the HTTP
headers
- Bug #2023: Compile error with old GCC 2.x or other ANSI-C compilers
before C99
- squid.conf.default updated and reorganised in more sensible groups
- correct and document the syslog access_log format
- Armenian error pages translation
- digest_ldap_helper usage help updated
- Bug #1560: ftpSendPasv: getsockname(-1,..): (9) Bad file descriptor
- Improve delay pools in low traffic environment by checking timeouts
at a steady 1 second interval even when there is not much activity
- Don't request authentication on transparently intercepted
connections
- Cleanup linux capabilities for tproxy
- Bug #2003: 'via' config directive doesn't affect response headers
- Bug #1902: Adds Numeric Hit and invalid request counters to IP Cache
- Add missing $|=1 to squid_db_auth
- Bug #2050: Persistent connection dropped if cache has no
Content-Length
- Verify the URL on memory cache hits
- Bug #2057: NTLM stop work in messengers after upgrade to 2.6.STABLE14
- Bug #1972: Squid sets peers to down state when they are in fact
working.
- potential segmentation fault in storeLocateVary()
- Bug #2066: chdir after chroot
- Windows port: Fix compiler warnings when building Squid as
application (not Windows service mode)
- Spelling correction of received
New in 3.0.14:
* Build fix (Shire)
* Don't hook the upload hook if APC is disabled (Rasmus)
* Local shadow cache support (Gopal)
* Avoid uneccessary loops over op_arrays for "known" auto-globals (Gopal)
* Fix apc_add() to overwrite timed out user entries (Rasmus)
* Fix double inclusion of files with conditional classes in php4 (Gopal)
* Allocator fixes to reduce fragmentation (Gopal)
New in 3.0.13:
* PHP 5.2 file upload progress tracking support (Rasmus)
* Pthread mutex and spin locks (Shire)
* Recursive zval support for apc_fetch/_store (Shire, Gopal)
* apc.stat_ctime flag for ctime checks (Rasmus)
* Multiple key fetches with apc_fetch (Shire)
* Canary checks for shm memory deallocation (Gopal)
* Add hooks for external optimizer (Shire)
* Obsolete and remove apc optimizer (Gopal)
* APC info changes - cache insert rate, hit and miss rates (Shire)
* Fix apc_load_constants (Gopal)
* Rewrite dump opcode code to use vld (Gopal)
* Use apc_[ewn]print functions for error reporting (Shire)
* Auto global fixes and refactoring (Gopal, Shire)
* Fix memory leaks in object serialization (Ilia)
* Memory cleanup code for destructor order (Gopal)
* Win32 build fixes (Ilia, Wez)
* ZTS and Php 4 build fixes (Bjori)
* Add apc_add() function (Rasmus)
* Add optional limited flag to apc_sma_info() (Rasmus)
Also fixes:
PR: 33424 by FUKAUMI Naoki
=== RELEASE 2.1pre30 ===
Mon Aug 6 04:01:05 MET 2007 PROGMAN:
Fixed security bug in pre29 (not in any previous versions):
special characters in URL could be passed to a shell when spawning
user viewer
Sat Jul 28 02:28:15 MET 2007 PROGMAN:
Fixed needlessly large selection boxes in graphics mode
Mon Jul 16 02:41:18 MET 2007 mikulas:
Release mouse when spawning OS shell or user viewers
