databases/p5-Dancer-Plugin-DBIC from 0.1601nb1 to 0.1802.
Upstream changes (since 1.1601):
0.1802 2013-01-22
Updated version requirement for Dancer. A newer Dancer is required to
use the plugin_args() function.
0.1801 2013-01-21
Fixed tests to pass on Dancer 2.
Thanks Yanick Champoux (https://github.com/yanick)!
0.1800 2013-01-18
Added the resultset and rset keywords.
0.1700 2013-01-01
Added support for Dancer 2.
Thanks Steven Humphrey (https://github.com/shumphrey)!
databases/p5-SQL-Abstract from 1.73nb2 to 1.74.
Upstream changes:
revision 1.74 2013-06-04
----------------------------
- Fix insufficient parenthesis unroll during operator comparison
- 'ORDER BY foo' and 'ORDER BY foo ASC' are now considered equal
by default (with a switch to reenable old behavior when necessary)
- Change parser to not eagerly slurp RHS expressions it doesn't recognize
databases/p5-DBIx-Class-Schema-Loader from 0.07033nb2 to 0.07035.
pkgsrc changes:
- adjust dependencies
Upstream changes:
0.07035 2013-02-26
- Release 0.07034_01 with a stable version number. 0.07034 is
skipped due to the improper dev release versioning.
0.07034_01 2013-01-21
- Fix fixture generation helper to work with older DBD::SQLite versions
0.07034_01 2013-01-16
- MSSQL: on > 2000 use schema_name() instead of user_name() to detect
current schema and query sys.schemas instead of sysusers.
- SQL Anywhere: introspect ON DELETE/UPDATE rules, default is now
RESTRICT. is_deferrable still defaults to 1
- rewrite pg fk introspection to use catalog views instead of
information_schema as information_schema does not work for readonly
users
- add rel_type param for relationship_attrs coderef
- pass link table details to rel_name_map for many_to_many bridges
(RT#81091)
implementation of an SQL engine.
pkgsrc changes:
- killing DBI build dependency - was an error introduced by the author
for better test coverage, leads easily to circular dependency, bad stuff
==> kicking
- since 5.10.1 a suitable test framework is distributed with Perl5 core
==> no reason to mention it explicitely
- Bumping conflict DBI version to 1.622 (with 1.623 DBI::DBD::SqlEngine
received great improve - and forces a lot of fixes in SQL::Statement
and vice versa)
Upstream changes since 1.402:
Version 1.405, released June 17, 2013
-------------------------------------------------
[Bug fixes]
* INSERT now expands incomplete rows (Thanks to H.Merijn Brand)
Version 1.404, released May 23, 2013
-------------------------------------------------
[Bug fixes]
* re-enable cleanup test_output* after test done
* recommend Text::Soundex and do soundex-test only when have it,
because it's going to be removed from core for Perl 5.19 (thank Merijn)
Version 1.403, released May 22, 2013
-------------------------------------------------
[Bug fixes]
* fix documentation (rt#84889 - thanks Xavier Guimard and Florian,
rt#85257 - thanks Andreas Koenig)
== v0.15.0 [2013-03-03] Michael Granger <ged@FaerieMUD.org>
Bugfixes:
- Fix segfault in PG::Result#field_values when called with non String value.
- Fix encoding of messages delivered by notice callbacks.
- Fix text encoding for Connection#wait_for_notify and Connection#notifies.
- Fix 'Bad file descriptor' problems under Windows: wrong behaviour of
#wait_for_notify() and timeout handling of #block on Ruby 1.9.
Documentation fixes:
- conn#socket() can not be used with IO.for_fd() on Windows.
Enhancements:
- Tested under Ruby 2.0.0p0.
- Add single row mode of PostgreSQL 9.2.
- Set fallback_application_name to programm name $0. Thanks to Will Leinweber
for the patch.
- Release Ruby's GVL while calls to blocking libpq functions to allow better
concurrency in threaded applications.
- Refactor different variants of waiting for the connection socket.
- Make use of rb_thread_fd_select() on Ruby 1.9 and avoid deprecated
rb_thread_select().
- Add an example of how to insert array data using a prepared statement (#145).
- Add continous integration tests on travis-ci.org.
- Add PG::Result#each_row for iterative over result sets by row. Thanks to
Aaron Patterson for the patch.
- Add a PG::Connection#socket_io method for fetching a (non-autoclosing) IO
object for the connection's socket.
Specs:
- Fix various specs to run on older PostgreSQL and Ruby versions.
- Avoid fork() in specs to allow usage on Windows and JRuby.
This is a bugfix release, sending out a series of fixes that have accumulated as version 0.8.0's release is imminent.
Fixes in this version include issues related to the Oracle, SQL Server, MySQL, and Google App Engine dialects, as well as a few schema related and ORM related fixes.
2012-12-02: Added new functions
* sleep
* clear_bindings
Really old operating system distributions may have had problems
linking these functions, but it seems that reasonably recent
ones support them.
2012-11-19: Added missing .mldylib file for shared library support.
pkgsrc change: no need to patch gemspec any more.
Wed Mar 13 2013 version 0.99995 released
* added ODBC::Database.use_sql_column_name= flag to switch
usage of SQLColAttributes(SQL_COLUMN_LABEL) to
SQLColAttributes(SQL_COLUMN_NAME) on per connection basis
* mysql_upgrade now verifies that the server version matches the version against which it was compiled, and exits if there is a mismatch. In addiion, a --version-check option permits specifying whether to enable version checking (the default), or disable checking if given as --skip-version-checking.
* Bugs Fixed
* mysql_upgrade now verifies that the server version matches the version against which it was compiled, and exits if there is a mismatch. In addiion, a --version-check option permits specifying whether to enable version checking (the default), or disable checking if given as --skip-version-checking.
* Bugs Fixed
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
Changes from previous:
----------------------
0.36 2013-04-08 rurban
- Fix mingw32 off_t redefinition. [cpan #84492]
Use a private sql_off_t typedef for the sqlite internal off_t type.
- cygwin is now a OS_UNIX, not OS_WIN.
0.35 2013-04-01 rurban
- Fix SEGV when fetchrow() is called again after it has returned an
empty list ie. the query has completed. [cpan #16451]
- Add testcases for [cpan #26775] and [cpan #28448]
- Fixed [cpan #26775]: Remove () in names with DISTINCT(t.name)
- Honor -g in $Config{optimize}
- Add META and POD tests, and META info for EUMM
0.34 2013-04-01 rurban
- Fix SEGV in t/ak-dbd.t with asan, concurrent _sqlite2_fetch_row [cpan #55636]
- Add return value for dbd_bind_ph() - bind_param with handle
- Add declaration for sqlite2_busy_timeout()
- Fix clang -Wparentheses and -Wint-conversion warnings
Add support for memory-mapped I/O.
Add the sqlite3_strglob() convenience interface.
Assigned the integer at offset 68 in the database header as the Application ID for when SQLite is used as an application file-format. Added the PRAGMA application_id command to query and set the Application ID.
Report rollback recovery in the error log as SQLITE_NOTICE_RECOVER_ROLLBACK. Change the error log code for WAL recover from SQLITE_OK to SQLITE_NOTICE_RECOVER_WAL.
Report the risky uses of unlinked database files and database filename aliasing as SQLITE_WARNING messages in the error log.
Added the SQLITE_TRACE_SIZE_LIMIT compile-time option.
Increase the default value of SQLITE_MAX_SCHEMA_RETRY to 50 and make sure that it is honored in every place that a schema change might force a statement retry.
Add a new test harness called "mptester" used to verify correct operation when multiple processes are using the same database file at the same time.
Enhance the extension loading mechanism to be more flexible (while still maintaining backwards compatibility) in two ways:
If the default entry point "sqlite3_extension_init" is not present in the loadable extension, also try an entry point "sqlite3_X_init" where "X" is based on the shared library filename. This allows every extension to have a different entry point, which allows them to be statically linked with no code changes.
The shared library filename passed to sqlite3_load_extension() may omit the filename suffix, and an appropriate architecture-dependent suffix (".so", ".dylib", or ".dll") will be added automatically.
Added many new loadable extensions to the source tree, including amatch, closure, fuzzer, ieee754, nextchar, regexp, spellfix, and wholenumber. See header comments on each extension source file for further information about what that extension does.
Enhance FTS3 to avoid using excess stack space when there are a huge number of terms on the right-hand side of the MATCH operator. A side-effect of this change is that the MATCH operator can only accommodate 12 NEAR operators at a time.
Enhance the fts4aux virtual table so that it can be a TEMP table.
Added the fts3tokenize virtual table to the full-text search logic.
Query planner enhancement: Use the transitive property of constraints to move constraints into the outer loops of a join whenever possible, thereby reducing the amount of work that needs to occur in inner loops.
Discontinue the use of posix_fallocate() on unix, as it does not work on all filesystems.
Improved tracing and debugging facilities in the Windows VFS.
Bug fix: Fix a potential database corruption bug in shared cache mode when one database connection is closed while another is in the middle of a write transaction.
Bug fix: Only consider AS names from the result set as candidates for resolving identifiers in the WHERE clause if there are no other matches. In the ORDER BY clause, AS names take priority over any column names.
Bug fix: Do not allow a virtual table to cancel the ORDER BY clause unless all outer loops are guaranteed to return no more than one row result.
Bug fix: Do not suppress the ORDER BY clause on a virtual table query if an IN constraint is used.
Bug fix: The command-line shell gives an exit code of 0 when terminated using the ".quit" command.
Bug fix: Make sure PRAGMA statements appear in sqlite3_trace() output.
Bug fix: When a compound query that uses an ORDER BY clause with a COLLATE operator, make sure that the sorting occurs according to the specified collation and that the comparisons associate with the compound query use the native collation.
Bug fix: Makes sure the authorizer callback gets a valid pointer to the string "ROWID" for the column-name parameter when doing an UPDATE that changes the rowid.
Bug fix: Do not move WHERE clause terms inside OR expressions that are contained within an ON clause of a LEFT JOIN.
Bug fix: Make sure an error is always reported when attempting to preform an operation that requires a collating sequence that is missing.
Upstream changes:
Changes in DBI 1.627 - 16th May 2013
Fixed VERSION regression in DBI::SQL::Nano [Tim Bunce]
Changes in DBI 1.626 - 15th May 2013
Fixed pod text/link was reversed in a few cases RT#85168
[H.Merijn Brand]
Handle aliasing of STORE'd attributes in DBI::DBD::SqlEngine
[Jens Rehsack]
Updated repository URI to git [Jens Rehsack]
Fixed skip() count arg in t/48dbi_dbd_sqlengine.t [Tim Bunce]
on client. Fixes situations where a binary mysql55-server package picks up
mysql56-client as the best dependency because of the missing upper limit.
Bump PKGREVISION.
Upstream changes:
0.53 2013-03-20T06:04:34Z
- Fixed some documentation typos, thanks to Mike O'Regan (Issue #22).
- Fixed issue where an connection failure caused an unhelpful error
(Issue #26).
What's new in psycopg 2.5
-------------------------
New features:
- Added :ref:`JSON adaptation <adapt-json>`.
- Added :ref:`support for PostgreSQL 9.2 range types <adapt-range>`.
- `connection` and `cursor` objects can be used in ``with`` statements
as context managers as specified by recent |DBAPI|_ extension.
- Added `~psycopg2.extensions.Diagnostics` object to get extended info
from a database error. Many thanks to Matthew Woodcraft for the
implementation (🎫`#149`).
- Added `connection.cursor_factory` attribute to customize the default
object returned by `~connection.cursor()`.
- Added support for backward scrollable cursors. Thanks to Jon Nelson
for the initial patch (🎫`#108`).
- Added a simple way to :ref:`customize casting of composite types
<adapt-composite>` into Python objects other than namedtuples.
Many thanks to Ronan Dunklau and Tobias Oberstein for the feature
development.
- `connection.reset()` implemented using :sql:`DISCARD ALL` on server
versions supporting it.
Bug fixes:
- Properly cleanup memory of broken connections (🎫`#148`).
- Fixed bad interaction of ``setup.py`` with other dependencies in
Distribute projects on Python 3 (🎫`#153`).
Other changes:
- Added support for Python 3.3.
- Dropped support for Python 2.4. Please use Psycopg 2.4.x if you need it.
- `~psycopg2.errorcodes` map updated to PostgreSQL 9.2.
- Dropped Zope adapter from source repository. ZPsycopgDA now has its own
project at <http://github.com/psycopg/ZPsycopgDA>.
- 0.46 | 2013-03-14
- bugfix: handle connection options w/o "backup" env var
Previously, ‘pg-conndefaults’ expected every option to have a
backup env var (e.g., option ‘#:host’ and env var ‘PGHOST’).
For later versions of PostgreSQL which no longer maintain this
1:1 correspondance, Guile-PG would segfault.
Now, in such cases, the value associated w/ the key ‘#:envvar’
in the alist returned by ‘pg-conndefaults’ is ‘#f’.
- planned retirement
- procedure ‘(database postgres) pg-getline’
- procedure ‘(database postgres) pg-getlineasync’
- procedure ‘(database postgres) pg-putline’
- procedure ‘(database postgres) pg-endcopy’
These procedures are obsoleted by ‘pg-get-copy-data’ and
‘pg-put-copy-data’. They WILL BE REMOVED by 2013-12-31.
Actually, the first two were originally -- in Guile-PG 0.41
(2011-09-29) -- planned to be removed by 2012-12-31.
Support has been extended for solidarity w/ the latter two.
- bootstrap tools upgraded
- GNU Texinfo 5.1
Copyright (C) 2002-2013 Thien-Thi Nguyen
Copying and distribution of this file, with or without modification,
are permitted provided the copyright notice and this notice are preserved.
Update DEPENDS
Upstream changes:
0.08250 2013-04-29 22:00 (UTC)
* New Features / Changes
- Rewrite from scratch the result constructor codepath - many bugfixes
and performance improvements (the current codebase is now capable of
outperforming both DBIx::DataModel and Rose::DB::Object on some
workloads). Some notable benefits:
- Multiple has_many prefetch
- Partial prefetch - you now can select only columns you are
interested in, while preserving the collapse functionality
(collapse is now exposed as a first-class API attribute)
- Prefetch of resultsets with arbitrary order
(RT#54949, RT#74024, RT#74584)
- Prefetch no longer inserts right-side table order_by clauses
(massively helps the deficient MySQL optimizer)
- Prefetch with limit on right-side ordered resultsets now works
correctly (via aggregated grouping)
- No longer order the insides of a complex prefetch subquery,
unless required to satisfy a limit
- Stop erroneously considering order_by criteria from a join under
distinct => 1 (the distinct should apply to the main source only)
- Massively optimize codepath around ->cursor(), over 10x speedup
on some iterating workloads.
- Support standalone \[ $sql, $value ] in literal SQL with bind
specifications: \[ '? + ?', 42, 69 ] is now equivalent to
\[ '? + ?', [ {} => 42 ], [ {} => 69 ] ]
- Changing the result_class of a ResultSet in progress is now
explicitly forbidden. The behavior was undefined before, and
would result in wildly differing outcomes depending on $rs
attributes.
- Deprecate returning of prefetched 'filter' rels as part of
get_columns() and get_inflated_columns() data
- Invoking get_inflated_columns() no longer fires get_columns() but
instead retrieves data from individual non-inflatable columns via
get_column()
- Emit a warning on incorrect use of nullable columns within a
primary key
- Limited checks are performed on whether columns without declared
is_nullable => 1 metadata do in fact sometimes fetch NULLs from
the database (the check is currently very limited and is performed
only on resultset collapse when the alternative is rather worse)
* Fixes
- Fix _dbi_attrs_for_bind() being called befor DBI has been loaded
(regression in 0.08210)
- Fix update/delete operations on resultsets *joining* the updated
table failing on MySQL. Resolves oversights in the fixes for
RT#81378 and RT#81897
- Fix open cursors silently resetting when inherited across a fork
or a thread
- Properly support "MySQL-style" left-side group_by with prefetch
- Fix $grouped_rs->get_column($col)->func($func) producing incorrect
SQL (RT#81127)
- Stop Sybase ASE storage from generating invalid SQL in subselects
when a limit without offset is encountered
- Even more robust behavior of GenericSubQuery limit dialect
- Make sure deployment_statements() and cursor_class() are called on
a resolved storage subclass
* Misc
- Fix tests failing due to unspecified resultset retrieval order
(test suite now will pass with newest SQLite libs)
0.08210 2013-04-04 15:30 (UTC)
* New Features / Changes
- Officially deprecate the 'cols' and 'include_columns' resultset
attributes
- Remove ::Storage::DBI::sth() deprecated in 0.08191
* Fixes
- Work around a *critical* bug with potential for data loss in
DBD::SQLite - RT#79576
- Audit and correct potential bugs associated with braindead reuse
of $1 on unsuccessful matches
- Fix incorrect warning/exception originator reported by carp*() and
throw_exception()
0.08209 2013-03-01 12:56 (UTC)
* New Features / Changes
- Debugging aid - warn on invalid result objects created by what
seems like an invalid inheritance hierarchy
* Fixes
- Fix another embarrassing regression preventing correct refining of
the search criteria on a prefetched relation (broken in 0.08205)
- Fix incorrect callsite reporting by DBIC::Carp
0.08208 2013-02-20 09:56 (UTC)
* New Features / Changes
- A bunch of nonsensically named arguments to the SQL::Translator
parser have been marked as deprecated (while still fully
supported)
* Fixes
- Fix duplicated selected columns when calling 'count' when a same
aggregate function is used more than once in a 'having' clause
(RT#83305)
- Prevent SQL::Translator::Producer::YAML from seeing the $dbh
in a potentially connected $schema instance (RT#75394)
* Misc
- Fixup our distbuilding process to stop creating world-writable
tarball contents (implicitly fixes RT#83084)
- Added strict and warnings tests for all lib and test files
0.08206 2013-02-08
* Fixes
- Fix dbh_do() failing to properly reconnect (regression in 0.08205)
- Extra sanity check of a fresh DBI handle ($dbh). Fixes
connection coderefs returning garbage (seen in the wild)
* Misc
- Only allow known globals in SQL::Translator leak allowance
- General cleanup of error message texts - quote names/identifiers
for easier reading
- Stop t/52leaks.t from failing when AUTOMATED_TESTING=1
UPstream changes:
Changes in DBI 1.625 (svn r15595) 28th March 2013
Fixed heap-use-after-free during global destruction RT#75614
thanks to Reini Urban.
Changes in DBI 1.624 (svn r15576) 22nd March 2013
Fixed Gofer for hash randomization in perl 5.17.10+ RT#84146
Clarify docs for can() re RT#83207
Changes from previous:
----------------------
2.0008 Jun 17 13:00:00 2012 PDT
- Arrays and hashes retrieved from a database no longer create
circular references (RT#77746).
2.0007 May 27 19:35:00 2012 PDT
- Include one-line descriptions of each POD page after the name.
Thanks to Yves Agostini for the patch and Gregor Herrmann for
submitting it (RT#76378).
- t/98_pod.t: Skip tests if Pod::Simple 3.21 is installed
(RT#77419).
2.0006 Apr 1 17:15:00 2012 PDT
- Er, try harder to get t/27_filehandle.t to work under TB2.
2.0005 Mar 25 13:05:00 2012 PDT
- t/27_filehandle.t has been fixed again.
Version 1.3.0
-------------
HTTP Interface:
* No longer rewrites the X-CouchDB-Requested-Path during recursive calls to the
rewriter.
* Limit recursion depth in the URL rewriter. Defaults to a maximum of 100
invocations but is configurable.
* Fix _session for IE7.
* Added Server-Sent Events protocol to db changes API. See
http://www.w3.org/TR/eventsource/ for details.
* Make password hashing synchronous when using the /_config/admins API.
* Include user name in show/list ETags.
* Experimental support for Cross-Origin Resource Sharing (CORS). See
http://www.w3.org/TR/cors/ for details.
Replicator:
* The replicator will use a new server-wide UUID in checkpoint IDs to
improve the chances of an efficient resume.
Storage System:
* Fixed unnecessary conflict when deleting and creating a
document in the same batch.
View Server:
* Additional response headers may be varied prior to send().
* GetRow() is now side-effect free.
Futon:
* Disabled the link to the Futon test suite. These tests were causing problems
when run from a browser, and are now available via the CLI instead.
* Added view request duration to Futon.
* Disable buttons for actions that the user doesn't have permissions to.
Security:
* Passwords are now hashed using the PBKDF2 algorithm with a configurable work
factor.
Test Suite:
* Moved the JS test suite to the CLI.
* Improved tracebacks printed by the JS CLI tests.
* Improved the reliability of a number of tests.
UUID Algorithms:
* Added the utc_id algorithm.
URL Rewriter & Vhosts:
* Database name is encoded during rewriting (allowing embedded /'s, etc).
* Reset rewrite counter on new request, avoiding unnecessary request failures
due to bogus rewrite limit reports.
Build System:
* C/C++ compiler detection has been improved.
* Autoconf v2.63 is now required if building from Git checkout directly. See
DEVELOPERS file for more details.
* Fixed issue in couchdb script where stopped status returns before process
exits.
Version 1.2.2
-------------
HTTP Interface:
* Reset rewrite counter on new request, avoiding unnecessary request failures
due to bogus rewrite limit reports.
Build System:
* Fixed issue in couchdb script where stopped status returns before process
exits.
form fixed `0' to main Python distribution version (PY_DISTVERSION)
so that packages will be updated with main Python distribution update.
no objection in tech-pkg@ for a week.
Replication: The functions GTID_SUBTRACT() and GTID_SUBSET() were formerly available in libmysqld only when it was built with replication support. Now these functions are always available when using this library, regardless of how it was built.
MySQL no longer uses the default OpenSSL compression.
There is now a distinct error code (ER_MUST_CHANGE_PASSWORD_LOGIN) for the error sent by the server to a client authenticating with an expired password.
mysql_config_editor now supports --port and --socket options for specifying TCP/IP port number and Unix socket file name.
mysqlcheck has a new --skip-database option. The option value is the name of a database (case sensitive) for which checks should be skipped.
mysql_upgrade uses this option to upgrade the system tables in the mysql database before tables in other databases: It upgrade the mysql database, then all databases except the mysql database. This avoids problems that can occur if user tables are upgraded before the system tables.
The only supported value for the innodb_mirrored_log_groups system variable is 1, so this variable is now deprecated. Setting it to 1 at startup results in a warning. Setting it to a value other than 1 at startup results in an error and the server exits. This variable will be removed in a future release.
have ss(8) which does the same thing.
(With out netstat the build stalls in an endless for loop.)
So add a hack that creates a tool named netstat from ss.
From maintainer Nicolas Thauvin via mail to pkgsrc-users.
There are two notable upstream changes :
- the tarball is now hosted on pgbuildfarm.org instead of pgfoundry
- the client has now support for modules allowing to control the build
Fix a bug (present since version 3.7.13) that could result in database corruption on windows if two or more processes try to access the same database file at the same time and immediately after third process crashed in the middle of committing to that same file.
Virtuoso is a multi-model data server that delivers a platform-agnostic
solution for data management, access and integration.
Services offered include:
* relational data management
* RDF data management
* XML data management
* free text content management & full text indexing
* document web server
* linked data server
* web application server
* web services deployment (SOAP or REST)
Sqitch is a VCS-aware SQL change management application. What makes
it different from your typical migration-style approaches? A few
things:
* No opinions
* Native scripting
* VCS integration
* Dependency resolution
* No numbering
* Bundling
* Reduced duplication
File too long (should be no more than 24 lines).
Line too long (should be no more than 80 characters).
Trailing empty lines.
Trailing white-space.
Trucated the long files as best as possible while preserving the most info
contained in them.
COMMENT should not be longer than 70 characters.
COMMENT should not begin with 'A'.
COMMENT should not begin with 'An'.
COMMENT should not begin with 'a'.
COMMENT should not end with a period.
COMMENT should start with a capital letter.
pkglint warnings. Some files also got minor formatting, spelling, and style
corrections.
A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request.
Two lesser security fixes are also included in this release: CVE-2013-1900, wherein random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess, and CVE-2013-1901, which mistakenly allows an unprivileged user to run commands that could interfere with in-progress backups. Finally, this release fixes two security issues with the graphical installers for Linux and Mac OS X: insecure passing of superuser passwords to a script, CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.
This release contains one major and a number of minor security fixes. It fixes a possible vulnerability to a denial-of-service attack by use of a carefully-crafted set of hash keys, a segmentation fault when reading or writing strings greater than 2^31 bytes in size, and a memory leak in Encode.xs's UTF-8 encoding implementation.
* There was a mistake in patches/patch-lib_functions.php, droping "ssha"
password type.
2012-10-01 Release 1.2.3 master RELEASE-1.2.3
2012-10-01 Update template to show multiselect values
2012-09-06 Language update from launchpad for 1.2.3 (also see #30)
2012-09-05 SF Bug #3531956 - Search / Show Attributes must be lowercase
2012-09-05 SF Bug #3518548 - Missing attributes on some custom forms
2012-09-05 SF Bug #3513210 - Export to VCARD only exports the last entry in the list
2012-09-05 SF Bug #3510648 - Cannot copy between servers
2012-09-05 SF Bug #3510114 - Unable to check passwords when samba hashes are in lowercase
2012-09-05 SF Bug #3452416 - templates <order> non-functional
2012-09-05 SF Bug #3427748 - value id is ignored in select attribute
2012-09-04 SF Bug #3448530 - Treat krbExtraData and krbPrincipalKe as binary
2012-09-02 SF Bug #3497660 - XSS flaws via 'export', 'add_value_form' and 'dn' variables
2012-09-02 SF Bug #3426575 - clicking 'logout' does not unset _SESSION['ACTIVITY']
2012-09-01 SF Feature #3555472 - User-friendly items in entry chooser window.
2012-09-01 SF Feature #3509651 - Add support for SHA512 with OpenLDAP
2012-08-29 SF Patch #3469148 - Display mass edit actions as buttons
2012-01-24 SF Bug #3477910 - XSS vulnerability in query
Changes from previous:
----------------------
0.002103 2012-12-23 17:42:36 CST6CDT
- Lazily load deps for autotable
- Remove HERE BE DRAGONS warning, this module is totally stable \o/
0.002102 2012-11-17 15:43:18 CST6CDT
- Put MetaYAML back in dist
* Fix for a bug in the ORDER BY optimizer that was introduced in version 3.7.15 which would sometimes optimize out the sorting step when in fact the sort was required. Ticket a179fe7465
* Fix a long-standing bug in the CAST expression that would recognize UTF16 characters as digits even if their most-significant-byte was not zero. Ticket 689137afb6da41.
* Fix a bug in the NEAR operator of FTS3 when applied to subfields. Ticket 38b1ae018f.
* Fix a long-standing bug in the storage engine that would (very rarely) cause a spurious report of an SQLITE_CORRUPT error but which was otherwise harmless. Ticket 6bfb98dfc0c.
* The SQLITE_OMIT_MERGE_SORT option has been removed. The merge sorter is now a required component of SQLite.
* Fixed lots of spelling errors in the source-code comments
- PEAR::isError() -> MDB2::isError(), Bug #19491.
- PEAR::loadExtension() -> extension_loaded(), Bug #19583.
- Fix Bug #19262. Updates conditional stagements to use logical operators to
include MDB2_FETCHMODE_OBJECT where appropriate. Was broken in r321197.
- Fixed createIndex not using quoteIdentifier in SQLite driver
- Have dropTable() return MDB2_OK on success, as documented (bug 19199)
- Have dropIndex() return MDB2_OK on success, as documented (bug 19198)
- Have vacuum() return MDB2_OK on success, as documented (bug 19196)
- Have createIndex() return MDB2_OK on success, as documented (bug 19195)
- Have dropConstraint() return MDB2_OK on success, as documented (bug 19194)
- Have createConstraint() return MDB2_OK on success, as documented (bug 19193)
- Have dropSequence() return MDB2_OK on success, as documented (bug 19191).
- FETCHMODE constants are NOT bitwise.
- fixed bug #18203: Type introspection breaks with associative arrays if names
are identical (patch by Peter Bex)
- request #18316: Add TINYINT to list of coltypes in
MDB2_Driver_Reverse_sqlite [brotherli]
- fixed bug #16275: split() is deprecated in PHP 5.3
- request #18316: Add TINYINT to list of coltypes in
MDB2_Driver_Reverse_sqlite [brotherli]
Changelog:
- Remove assignment by reference, Bug #19585.
- PEAR::isError() -> MDB2::isError(), Bug #19491.
- PEAR::loadExtension() -> extension_loaded(), Bug #19583.
- Fixed boolean type conversion for non-boolean types
- Fix Bug #19262. Updates conditional stagements to use logical operators to
include MDB2_FETCHMODE_OBJECT where appropriate. Was broken in r321197.
- Request #12931 Add cascading to dropTable?
- Have truncateTable() return MDB2_OK on success, as documented (bug 19201)
- Have vacuum() return MDB2_OK on success, as documented (bug 19196)
- Have dropConstraint() return MDB2_OK on success, as documented (bug 19194)
- Have createSequence() return MDB2_OK on success, as documented (bug 19192)
- Have dropSequence() return MDB2_OK on success, as documented (bug 19191).
- Make setOption('result_wrap_class') actually useful by changing the default
value of $result_wrap_class parameters from false to true.
- Have pgsql only read LOB from file if lob_allow_url_include (bringing it in
line with other drivers).
- FETCHMODE constants are NOT bitwise.
- fixed bug #18203: Type introspection breaks with associative arrays if names
are identical (patch by Peter Bex)
- fixed bug #17890: Improper use of array_search in prepare function
[fletcherj]
- fixed bug #17890: Improper use of array_search in prepare function
[fletcherj]
open todo items:
- enable pg_execute() once issues with bytea column are resolved
- use pg_result_error_field() to handle localized error messages (Request
#7059)
- add option to use unnamed prepared statements (see
http://www.postgresql.org/docs/current/static/protocol-flow.html
"Extended Query")
Changelog:
- Make varchar_max_length property public, Bug #19582.
- Revert 327099 by afz, caused "Notice: Undefined index: charset on line 1003"
- PEAR::isError() -> MDB2::isError(), Bug #19491.
- PEAR::loadExtension() -> extension_loaded(), Bug #19583.
- max value for VARCHAR is 65535 but if used multi-bytes (UTF8) so it is 21844, because UTF8 string takes 3bytes
- Fix Bug #19262. Updates conditional stagements to use logical operators to
include MDB2_FETCHMODE_OBJECT where appropriate. Was broken in r321197.
- Have truncateTable() return MDB2_OK on success, as documented (bug 19201)
- Have alterTable() return MDB2_OK on success, as documented (bug 19200)
- Have dropIndex() return MDB2_OK on success, as documented (bug 19198)
- Have vacuum() return MDB2_OK on success, as documented (bug 19196)
- Have createIndex() return MDB2_OK on success, as documented (bug 19195)
- Have dropConstraint() return MDB2_OK on success, as documented (bug 19194)
- Have dropSequence() return MDB2_OK on success, as documented (bug 19191).
- Make setOption('result_wrap_class') actually useful by changing the default
value of $result_wrap_class parameters from false to true.
- Obtain error information in _doQuery() because standaloneQuery() throws off
$this->connection.
- FETCHMODE constants are NOT bitwise.
- Make $sql_comments public (was before, used in tests, no real harm).
- Property visibility
- boolean data type
- fixed bug #17984: Error is not reported when mysqli_stmt_bind_param() fails
[dennylin93]
- fixed bug #18057: Result of getDeclaration() can have invalid syntax
[hschletz]
- request #18068: mapNativeDatatype() returns decimal places also for 'float'
mdb2type
- fixed bug #18203: Type introspection breaks with associative arrays if names
are identical (patch by Peter Bex)
- fixed bug #17892: removed debug message [pdt256]
- fixed bug #17892: removed debug message [pdt256]
- fixed bug #17984: Error is not reported when mysqli_stmt_bind_param() fails
[dennylin93]
- fixed bug #18057: Result of getDeclaration() can have invalid syntax
[hschletz]
- request #18068: mapNativeDatatype() returns decimal places also for 'float'
mdb2type
open todo items:
- use a trigger to emulate setting default now()
Changelog:
- Make varchar_max_length property public, Bug #19582.
- Revert 327099 by afz, caused "Notice: Undefined index: charset on line 1003"
- PEAR::isError() -> MDB2::isError(), Bug #19491.
- PEAR::loadExtension() -> extension_loaded(), Bug #19583.
- max value for VARCHAR is 65535 but if used multi-bytes (UTF8) so it is 21844,
because UTF8 string takes 3bytes
- Fix Bug #19262. Updates conditional stagements to use logical operators to
include MDB2_FETCHMODE_OBJECT where appropriate. Was broken in r321197.
- Have truncateTable() return MDB2_OK on success, as documented (bug 19201)
- Have alterTable() return MDB2_OK on success, as documented (bug 19200)
- Have dropIndex() return MDB2_OK on success, as documented (bug 19198)
- Have vacuum() return MDB2_OK on success, as documented (bug 19196)
- Have createIndex() return MDB2_OK on success, as documented (bug 19195)
- Have dropConstraint() return MDB2_OK on success, as documented (bug 19194)
- Have dropSequence() return MDB2_OK on success, as documented (bug 19191).
- Make setOption('result_wrap_class') actually useful by changing the default
value of $result_wrap_class parameters from false to true.
- Obtain error information in _doQuery() because standaloneQuery() throws off
$this->connection.
- FETCHMODE constants are NOT bitwise.
- Make $sql_comments public (was before, used in tests, no real harm).
- Property visibility
- boolean data type
- fixed bug #17984: Error is not reported when mysqli_stmt_bind_param() fails
[dennylin93]
- fixed bug #18057: Result of getDeclaration() can have invalid syntax
[hschletz]
- request #18068: mapNativeDatatype() returns decimal places also for 'float'
mdb2type
- fixed bug #18203: Type introspection breaks with associative arrays if names
are identical (patch by Peter Bex)
- fixed bug #17892: removed debug message [pdt256]
- fixed bug #18057: Result of getDeclaration() can have invalid syntax
[hschletz]
- request #18068: mapNativeDatatype() returns decimal places also for 'float'
mdb2type
open todo items:
- use a trigger to emulate setting default now()
shared-mime-info 1.1 (2012-02-13)
* Mime-type changes:
- Add application/x-ccmx
- Add zz-application/zz-winassoc-* aliases
- Make application/x-xz-compressed-tar a subclass of application/x-xz
- Add DTS and DTS-HD mime-types
- Add test for PPM bug
- Fix comment and add glob for application/pkcs7-mime
- Add application/x-qtiplot mime-type
- Add AMZ (AmazonMP3 Download File) mime-type
- Add separate mime-type for Apple broken PNGs
- Add *.mk and *.mak text/x-makefile globs
- Match application/vnd.palm to IANA standard
- Use IANA registered application/gzip instead of x-gzip
- Add application/gml+xml
- Fix Scream Tracker instrument magic
- Add application/x-gtk-builder type
- Add magic for v1 and v2 XCF files
- Add LZMA test file
- Fix some globs for OGG files
- Move *.taz from application/x-compressed-tar to application/x-tarz
- Add some sub-class-of tags for compressed files
- Add *.tb2 as a glob for application/x-bzip-compressed-tar
- Add support for DOS EPS files
- Add *.ar archives to the test suite
- Add xlr mime-type
- Add application/vnd.lotus-wordpro
- Put bz2 patterns before bz ones for bzip-related mimetypes
- Add simple magic for text/x-gettext-translation-template
- Add test case for application/x-gettext-translation
- Add mime-type for source RPMs
- Add AMR audio test
- Add test case for TTF fonts
- Add Woff font mime-type
- Add FLTK acronym
- Add application/ics as an alias for text/calendar
- Add RAR acronym
- Add dicomdir glob
- Add *.di as a glob for D source files
- Add magic for MNG animations
- Add magic for PICT v2 images
- Add JNLP file to the test suite
- Add support for the AVF AVI container variant
- Add EMF and WMF aliases
- Improve magic of uncompressed TGA files
- Add application/winhlp
- Add text/x-uuencode
- Add MHTML mime-type
- Make the main docbook mime-type be application/x-docbook+xml
- Add application/x-lzh-compressed as alias to application/x-lha
- Add IFF super-type
- Split off the AAC mime-type from the M4A one
- Add text/x-modelica mime-type
- Add magic for GNU gettext message catalogs (.mo)
* Specification changes:
- Fix mimetype names used as examples
- Document that the first extension is the main one
- Fix missing plural
* Honor NOCONFIGURE=1
* Allow builders to not run make check by default
* Fix build for platforms with executable extensions
* Disable checks when cross compiling
* Use non-installed update-mime-database in install-data-hook
* Use native update-mime-database for install when cross compiling
* Add a local-test target to print mime info
Add a patch from upstream to avoid segfaulting on null PQ options.
- 0.45 | 2013-03-10
- support for "make installcheck"
This does "make check" at its core, so the same env vars apply.
Obviously, you should do "make install" first for sane results.
- bootstrap tools upgraded
- GNU Autoconf 2.69
- GNU Automake 1.13.1
- Guile-BAUX 20121120.1242.e233fad
- SNUGGLE 0.2
- GNU Texinfo 5.0
=== 3.45.0 (2013-03-01)
* Remove bad model typecasting of money type on PostgreSQL (jeremyevans) (#624)
* Use simplecov instead of rcov for coverage testing on 1.9+ (jeremyevans)
* Make the Database#quote_identifier method public (jeremyevans)
* Make PostgreSQL metadata parsing handle tables with the same name in
multiple schemas (jeremyevans)
* Switch query extension to use a proxy instead of Object#extend (chanks,
jeremyevans)
* Remove Dataset#def_mutiation_method instance method (jeremyevans)
* Make foreign key parsing on MySQL not pick up foreign keys in other
databases (jeremyevans)
* Allow per-instance overrides of Postgres.force_standard_strings and
.client_min_messages (jeremyevans) (#618)
* Add Sequel.tzinfo_disambiguator= to the named_timezones plugin for
automatically handling TZInfo::AmbiguousTime exceptions (jeremyevans) (#616)
* Add Dataset#escape_like, for escaping LIKE metacharacters (jeremyevans)
(#614)
* The LIKE operators now use an explicit ESCAPE '\' clause for similar
behavior across databases (jeremyevans)
* Make Database#tables and #views accept a :qualify option on PostgreSQL to
return qualified identifiers (jeremyevans)
* Make json_serializer and xml_serializer plugins secure by default
(jeremyevans)
* Address JSON.parse vulnerabilities (jeremyevans)
* Fix Dataset#from_self! to no longer create a self-referential dataset
(jeremyevans)
* Use SQLSTATE or database error codes if available instead of regexp parsing
for more specific DatabaseErrors (jeremyevans)
* Add unlimited_update plugin to work around MySQL warning in replicated
environments (jeremyevans)
* Add the :retry_on and :num_retries transaction options for automatically
retrying transactions (jeremyevans)
* Raise serialization failures/deadlocks as Sequel::SerializationFailure
exceptions (jeremyevans)
* Support transaction isolation levels on Oracle and DB2 (jeremyevans)
* Support transaction isolation levels when using the JDBC transaction support
(jeremyevans)
Changes in 1.2.1:
* Fixed CVE-2012-5641: Apache CouchDB Information disclosure via unescaped
backslashes in URLs on Windows
* Fixed CVE-2012-5649: Apache CouchDB JSONP arbitrary code execution with Adobe
Flash
* Fixed CVE-2012-5650: Apache CouchDB DOM based Cross-Site Scripting via Futon
UI
* Fix various bugs in the URL rewriter when recursion is involved.
* Fix couchdb start script.
* Futon: Disable buttons that aren't available for the logged-in user.
* Fix potential replication timeouts.
* Change use of signals to avoid broken view groups.
This extension provides an ODBC v3 driver for PDO. It supports unixODBC
and IBM DB2 libraries, and will support more in future releases.
In pkgsrc we only support unixODBC currently.
* Take MAINTAINERship, ok by schmonz@.
* Libtoolized.
* Fix typo in variable name.
* Set LICENSE as public-domain.
Changelog:
tinycdb-0.78 2012-05-11
- bugfix release:
o fixed >2Gb file size prob on 32bit platform
o fixed handling of files >=4Gb
o fixed a few compiler warnings
- introduce $(LD) and $(LDFLAGS), and also $(CDEFS) in Makefile
- bug #3779 [core] Problem with backslash in enum fields
- bug #3816 Missing server_processlist.php
- bug #3821 Safari: white page
- Correct detection of the Chrome browser