1
0
Fork 0

NEWS: Sync from 0.12pre6

This commit is contained in:
Kalle Olavi Niemitalo 2012-11-03 21:45:32 +02:00 committed by Kalle Olavi Niemitalo
parent ed6a33d318
commit f72cedf92d
1 changed files with 58 additions and 29 deletions

87
NEWS
View File

@ -16,6 +16,11 @@ Incompatibilities:
* bug 1024: Verify the host name or IP address in the server certificate
if connection.ssl.cert_verify is not 0.
Regressions:
* ELinks 0.13.GIT does not yet include the fix for bug 1083, listed
below for ELinks 0.12pre6.
Miscellaneous:
* major bug 181: Slave ELinks processes can now run an external editor.
@ -28,8 +33,6 @@ Miscellaneous:
* bug 963: New option document.css.ignore_display_none.
* bug 977: Fixed crash when opening in new tab a non link with onclick
attribute.
* bug 983: Give preference to the Content-Type specified in the HTTP
header over that specified via the HTML meta tag.
* bug 1008: File upload fields in HTML forms now stream the files to
the server, instead of reading them to memory in advance. This lets
you upload larger files. The downsides are that ELinks may use a
@ -42,15 +45,7 @@ Miscellaneous:
``Background and Notify'' via the download manager in some terminal,
reassociate the download with that terminal. These changes do not
apply to downloads to external handlers.
* bug 1112: Map most numeric character references € ... Ÿ
to graphical characters also when the output charset is UTF-8.
(ELinks 0.12pre1 was the first release that supported UTF-8 as the
terminal charset, and ELinks 0.12pre5 was the first release that
supported UTF-8 as the dump charset.)
* Really retry forever when connection.retries = 0.
* minor bug 1113: Fix a small memory leak if a mailcap file is malformed.
* minor bug 1114: Decode SGML entities and NCRs only once in link/@title
and other attributes.
* enhancement: Session-specific options. Any options changed with
toggle-* actions no longer affect other tabs or other terminals.
* Do not crash when document.browse.minimum_refresh_time = 0 and
@ -91,7 +86,6 @@ Miscellaneous:
* SpiderMonkey must be 1.8.5 or later. Find it with pkg-config.
* using iconv for some multibyte charsets. It works if the terminal codepage
is UTF-8. More charsets will be added on demand.
* Dropped support for SEE
//////////////////////////////////////////////////////////////////////
The following changes should be removed from NEWS before ELinks 0.13.0
@ -105,24 +99,59 @@ have already been considered.
(mostly reverted)
//////////////////////////////////////////////////////////////////////
ELinks 0.12pre5.GIT now:
------------------------
ELinks 0.12pre6
---------------
To be released as 0.12pre6 or 0.12rc1.
Released on 2012-10-30.
* major bug 764: Correctly initialize options on big-endian 64-bit
systems.
* bug 1084: Allow option names containing '+' and '*' in the option
manager.
Security fix:
Bugs that should be removed from NEWS before the 0.12.0 release:
* bug 1124, CVE-2012-4545: Do not delegate GSSAPI credentials in HTTP
Negotiate or GSS-Negotiate authentication. Reported by Marko Myllynen.
(ELinks 0.12pre1 was the first release that supported GSSAPI; earlier
releases are not vulnerable.)
Fixed crashes and hangs:
* critical bug 943: Don't let user JavaScripts call any methods of
``elinks.action'' in tabs that do not have the focus. If a tab was
closed with ``elinks.action.tab_close'' while it had pop-up windows,
ELinks could crash; as a precaution, don't allow other actions
either. ELinks 0.12pre1 was the first release that supported
``elinks.action''.
either. (ELinks 0.12pre1 was the first release that supported
``elinks.action''.)
* critical bug 1083: Avoid an infinite loop when trying to decompress
malformed data. Caused by the bug 1068 fix in ELinks 0.12pre3.
* Fix a possible crash or information disclosure on big-endian 64-bit
systems using HTTP Negotiate or GSS-Negotiate authentication.
Incompatibilities:
* Dropped support for SEE. (ELinks 0.12pre1 was the first release
that supported SEE.)
* Guile 2.0.0 (released on 2011-02-16) changed its license to
LGPLv3-or-later, which is not compatible with the GPLv2 that covers
ELinks. Also, Guile has deprecated many of the functions that
ELinks calls.
Other changes:
* major bug 764: Correctly initialize options on big-endian 64-bit
systems.
* bug 983: Give preference to the Content-Type specified in the HTTP
header over that specified via the HTML meta tag.
* bug 1084: Allow option names containing '+' and '*' in the option
manager.
* bug 1112: Map most numeric character references € ... Ÿ
to graphical characters also when the output charset is UTF-8.
(ELinks 0.12pre1 was the first release that supported UTF-8 as the
terminal charset, and ELinks 0.12pre5 was the first release that
supported UTF-8 as the dump charset.)
* minor bug 1113: Fix a small memory leak if a mailcap file is malformed.
* minor bug 1114: Decode SGML entities and NCRs only once in link/@title
and other attributes.
* build: Fix several warnings reported by GCC 4.7.1. Harmless at
runtime but could break the build if configured --enable-debug.
(This version does not fix all such warnings.)
ELinks 0.12pre5:
----------------
@ -150,8 +179,7 @@ Bugs that should be removed from NEWS before the 0.12.0 release:
ELinks 0.12pre4:
----------------
Released on 2009-05-31. This release also included the changes listed
under ``ELinks 0.11.6'' below.
Released on 2009-05-31.
Incompatibilities:
@ -215,7 +243,6 @@ Other changes:
* minor bug 761: When reading bookmarks from an XBEL file, distinguish
attribute names from attribute values.
* enhancement: Updated ISO 8859-7, ISO 8859-16, KOI8-R, and MacRoman.
* lzma disabled by default. It's rarely used and doesn't build with new xz.
Bugs that should be removed from NEWS before the 0.12.0 release:
@ -441,13 +468,15 @@ Changes in the experimental SGML/DOM implementation:
* enhancement: incremental parsing
* and more.
ELinks 0.11.6.GIT now:
----------------------
ELinks 0.11.7:
--------------
To be released as 0.11.7.
Released on 2009-08-22.
* critical bug 1077: fix crash opening a ``javascript:'' link in a new
tab
* major bug 764: remove int/long/pointer type punning in union
option_value, especially harmful on sparc64
ELinks 0.11.6:
--------------
@ -499,8 +528,8 @@ Released on 2008-06-20.
that may have been collected as garbage. This fix causes bug 954.
* CVE-2007-2027: check if the program path contains "src/" before
using ../po files
* important Debian bug 380347: prevent a buffer overflow in entity_cache
and a possible subsequent crash
* important Debian bug 380347, CVE-2008-7224: prevent a buffer
overflow in entity_cache and a possible subsequent crash
* major bug 788: don't read STRLEN n_a, which isn't initialized by
POPpx of Perl v5.8.8 and later
* fix query parsing in file: URIs for local CGI (was broken in 0.11.3)