* Converted the configure system to non-recursive Automake.
* Applied some overdue speed optimizations for modern x86/x64 architectures
and current compilers like gcc 4.6 and MSVC 2010.
perl. I'm not sure there is a better way to fix this since mtn-cleanup is
installed into ${PREFIX}/bin/.
Also skip the interpreter check for some helper files that are not used by
default. These may be put in separate packages but we can do this later;
for now I'm just adding a comment mentioning the idea.
Bump PKGREVISION to 2.
This requires a dependency on Python. Bump PKGREVISION to 1.
This is probably not the best solution: I guess it'd be nice to have a
libevent package that only included the binary libraries and no dependency
on Python, and another libevent-dev package with the event_rpcgen.py binary
and the Python dependency. But this can be done later; I want to just fix
the breakage first.
Upstream changes:
Bugfixes
* #301: Fixed a bug in local?s behavior when capture=False and output.stdout
(or .stderr) was also False. Thanks to Chris Rose for the catch.
* #310: Update edge case in put where using the mode kwarg alongside
use_sudo=True runs a hidden sudo command. The mode kwarg needs to be octal but
was being interpolated in the sudo call as a string/integer. Thanks to Adam
Ernst for the catch and suggested fix.
* #311: append was supposed to have its partial kwarg's default flipped from
True to False. However, only the documentation was altered. This has been fixed.
Thanks to Adam Ernst for bringing it to our attention.
* #312: Tweak internal I/O related loops to prevent high CPU usage and poor
screen-printing behavior on some systems. Thanks to Kirill Pinchuk for the
initial patch.
* #320: Some users reported problems with dropped input, particularly while
entering sudo passwords. This was fixed via the same change as for #312.
Documentation
* Added a missing entry for env.path in the usage documentation.
What's New in Python 2.4.6?
===========================
*Release date: 19-Dec-2008*
What's New in Python 2.4.6c1?
=============================
*Release date: 13-Dec-2008*
Core and builtins
-----------------
- Issue #4469: Prevent expandtabs() on string and unicode
objects from causing a segfault when a large width is passed
on 32-bit platforms. CVE-2008-5031.
- Issue #4317: Fixed a crash in the imageop.rgb2rgb8() function.
- Issue #4230: Fix a crash when a class has a custom __getattr__ and an
__getattribute__ method that deletes the __getattr__ attribute.
- Apply security patches from Apple. CVE-2008-2315.
- Issue #2620: Overflow checking when allocating or reallocating memory
was not always being done properly in some python types and extension
modules. PyMem_MALLOC, PyMem_REALLOC, PyMem_NEW and PyMem_RESIZE have
all been updated to perform better checks and places in the code that
would previously leak memory on the error path when such an allocation
failed have been fixed.
- Issue #1179: Fix CVE-2007-4965 and CVE-2008-1679, multiple integer
overflows in the imageop and rgbimgmodule modules.
- Issue #2586: Fix CVE-2008-1721, zlib crash from
zlib.decompressobj().flush(val) when val is not positive.
- Issues #2588, #2589: Fix potential integer underflow and overflow
conditions in the PyOS_vsnprintf C API function. CVE-2008-3144.
- Issue #2587: In the C API, PyString_FromStringAndSize() takes a signed size
parameter but was not verifying that it was greater than zero. Values
less than zero will now raise a SystemError and return NULL to indicate a
bug in the calling C code. CVE-2008-1887.
- Security Issue #2: imageop did not validate arguments correctly and could
segfault as a result. CVE-2008-4864.
Extension Modules
-----------------
Library
-------
Tests
-----
Build
-----
Tools/Demos
-----------
- Tools/faqwiz/move-faqwiz.sh: Fix unsecure use of temporary files.
Upstream changes:
## 2.5.21 / April 6 2011
* Fixed to follow best-practice guidelines from Bundler (Ben Langfeld)
* No longer force a gemset for Capistrano development. (Ben Langfeld)
## 2.5.20 / March 16 2011
* `deploy:migrations` will now always operate on the latest_release, not
current_release (Mike Vincent)
* Adds a check for the presence of `rsync` when using the copy strategy with
`rsync`. (Chris Griego)
* Do not try to look up the `:release_path` on servers which are defined
`:no_release` (Chris Griego)
* Tiny patch to the `CVS` SCM code to be Ruby 1.9 compatible (Martin Carpenter)
* Changed the default `Git` submodule behaviour to use `--recursive`
Lighthouse Issue #176. (Lee Hambley)
* `:public_children` can now be `set()`, the default is unchanged, thanks
(Chris Griego)
* Fixing the load path in the default `Capfile` to search vendored/unpacked
Gems. Lighthouse Issue #174 (Mari Carmen/Rafael García)
* Adds a `maintenance_basename` variable (default value is `maintenance`) to
allow you to set the maintenance page name (Celestino Gomes)
* Spelling fixes in inline-documentation (Tom Copeland)
* Make `zip` and `tar` handle symlinks the same way (zip follows symlinks by
default, tar needs the option `-h`) (Ross Cooperman)
+ fixes cross-site scripting vulnerabilities (SA44036)
+ contains a lot of filename cleanup work (no more bb and hobbit)
please read upgrade-to-430.txt when upgrading from a previous pkg
(see also the install message)
* fix build issues on HP-UX and Itanium
* update time zone files for recent time zone changes
* change SQLSTATE for Hot Standby warnings
* prevent bgwriter hang during recovery
* prevent recursive composite type creation
* disallow dropping tables whose triggers are still pending
* allow use of "replication" as a user name
* prevent a crash during GEQO planning
* improve join plans for tables with missing statistics
* fix error with SELECT FOR UPDATE in a subselect
* close PL/python array slice memory leak
* allow SSL connections for users with no home directory
* fix build issues on HP-UX and Itanium
* update time zone files for recent time zone changes
* change SQLSTATE for Hot Standby warnings
* prevent bgwriter hang during recovery
* prevent recursive composite type creation
* disallow dropping tables whose triggers are still pending
* allow use of "replication" as a user name
* prevent a crash during GEQO planning
* improve join plans for tables with missing statistics
* fix error with SELECT FOR UPDATE in a subselect
* close PL/python array slice memory leak
* allow SSL connections for users with no home directory
* fix build issues on HP-UX and Itanium
* update time zone files for recent time zone changes
* change SQLSTATE for Hot Standby warnings
* prevent bgwriter hang during recovery
* prevent recursive composite type creation
* disallow dropping tables whose triggers are still pending
* allow use of "replication" as a user name
* prevent a crash during GEQO planning
* improve join plans for tables with missing statistics
* fix error with SELECT FOR UPDATE in a subselect
* close PL/python array slice memory leak
* allow SSL connections for users with no home directory
* allow building PostgreSQL 9.0 with 64-bit MinGW