- see http://www.mozilla.org/en-US/firefox/12.0/releasenotes/ for details
- two patches moved (patch-widget_src_xpwidgets_nsPrintSettingsImpl_cpp
and patch-widget_src_gtk2_Makefile_in)
- add two new patches for bug #691898 (patch-js_src_jsapi_cpp and
/patch-js_src_jsprvtd_h)
- add patch-gfx_thebes_gfxPlatform_cpp to workaround regression
introduced in bug #715658, which prevents one from building against
systemwide cairo.
- patch-extensions_auth_nsAuthGSSAPI_cpp from bug #667325 got merged
- patch-js_src_js-config_h_in and patch-js_src_jscpucfg_h from #714312 got
merged
- patch-ipc_chromium_src_base_dir_reader_posix_ -from #714315 got merged
ok jasper@
I also added myself as maintainer (in addition to jim@), as
done for some of the previous updates (where i forgot to
mention it in the commit message).
Gunicorn 'Green Unicorn' is a Python WSGI HTTP Server for UNIX. It's a
pre-fork worker model ported from Ruby's Unicorn project. The Gunicorn
server is broadly compatible with various web frameworks, simply
implemented, light on server resource usage, and fairly speedy.
ok rpointel@
igal2 (the successor of igal) is a quick and easy program for placing
your images online with just one command-line. It generates a pretty
good-looking set of W3-compliant static HTML slides even with its
default settings. The slide show preloads the next image with JavaScript
- ideal for slower links.
ok sthen@
* Fixed assertion failure if Chunked encoding along with
Content-Length is used.
* Fixed clang and gcc-4.7 warning and errors.
* Fixed the bug that aria2 cannot read line longer than 4096 bytes
from the file specified by --input-file option.
While here USE_GROFF is not needed.
OK rpointel@ (maintainer), aja@
#911194 Unable to automatically insert auto_increment values
#911297 Incorrect displaying of HTML text in in-line edition mode
#918163 Fieldnames don´t appear on csv export with selected rows
#918363 The Server Information box does not include Chive Version
#911136 Security vulnerability fix
(fix committed in http://bazaar.launchpad.net/~fusonic/chive/1.0/revision/417,
bug report is hidden - missing html escaping in table names etc)
- 3.0.4 was generating bogus 'delete' commands in some cases;
I noticed this when trying to use memcache as a session storage
backend with Roundcube webmail - this update fixes this.
SlowHTTPTest is a highly configurable tool that simulates some
Application Layer Denial of Service attacks.
It implements most common low-bandwidth Application Layer DoS attacks,
such as slowloris, Slow HTTP POST, Slow Read attack (based on TCP persist
timer exploit) by draining concurrent connections pool, as well as Apache
Range Header attack by causing very significant memory and CPU usage on the
server.
Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP
protocol, by design, requires requests to be completely received by the
server before they are processed. If an HTTP request is not complete, or if
the transfer rate is very low, the server keeps its resources busy waiting
for the rest of the data. If the server keeps too many resources busy, this
creates a denial of service. This tool is sending partial HTTP requests,
trying to get denial of service from target HTTP server.
Slow Read DoS attack aims the same resources as slowloris and slow POST,
but instead of prolonging the request, it sends legitimate HTTP request and
reads the response slowly.
- Buffer overflow when pasting too long text from clipboard to dialog
boxes (not remotely exploitable)
- A write out of allocated memory in the graphics renderer
(potentially exploitable)
- An infinite loop when parsing invalid usemap specification in text and
graphics mode (can cause browser lockup, but not otherwise exploitable)
- Accesses out of memory in the xbm decoder (potentially exploitable)
Also drop dip.c patch to resolve crashes with libpng 1.5, upstream
appears to have fixed this separately in the update to 2.5.
Thanks jasper@ for additional testing.
Using Catalyst::Plugin::FormValidator is not recommended as the module
takes over the global $c->form method, rather than being applicable in
only part of your Catalyst application. Furthermore,
Data::FormValidator itself is not recommended for use.
from Andreas Voegele
Catalyst::Plugin::Cache::Store::FastMmap is deprecated because
Cache::FastMmap no longer needs to be wrapped to store plain values.
from Andreas Voegele
Fixes Catalyst with Moose 1.24+, this has been broken in the tree for a
while.
This and the many related updates to follow are all from Andreas Voegele's
repo at https://github.com/voegelas/openbsd-mystuff, thanks Andreas, this must
have been a huge bunch of work. I have forked this at github/sthen/p5-ports-wip
and am removing things from there once committed, there are various additional
new perl ports there and it would be nice if people could help work through
what's left.
Plack::Test::ExternalServer allows your to run your Plack::Test tests
against an external server instead of just against a local application
through either mocked HTTP or a locally spawned server.
Plack::Middleware::ReverseProxy resets some HTTP headers, which were
changed by reverse-proxy. You can specify the reverse proxy address and
stop fake requests using the 'enable_if' directive in your app.psgi.
Adds a "COMPONENT" method to your Catalyst component base class that
reads the optional traits parameter from app and component config and
instantiates the component subclass with those traits using
"new_with_traits" in MooseX::Traits from MooseX::Traits::Pluggable.
Catalyst::Plugin::Cache::Store::FastMmap is deprecated because
Cache::FastMmap no longer needs to be wrapped to store plain values.
from Andreas Voegele's repo
Catalyst::Plugin::Cache::FileCache has been deprecated in favor of
Catalyst::Plugin::Cache, which can be configured to use a FileCache
backend.
from Andreas Voegele's repo
- disable static libs, shrinks package size by a factor 3
- now depends on geoclue for geolocation purposes (of course its up to
the browsers to enable the feature or not..)
- simplify Makefile/FLAVORS/SHARED_LIBS
- fold most of the PFRAGs to PLIST by using variables
- remove patch-Source_JavaScriptCore_runtime_JSValue_h, seems it was
added for sparc64 but now it breaks the build there, and noone has been
able to justify the addition of that patch. Without it, GtkLauncher
shows simple html websites on sparc64 and crashes as soon as some js is
involved, but thats not much different from before
- remove patch-Source_JavaScriptCore_wtf_text_StringHash_h &
patch-Source_JavaScriptCore_wtf_text_StringImpl_cpp, replaced by
patch-Source_JavaScriptCore_runtime_UString_h for mips64/sparc64
- add patch-Source_JavaScriptCore_wtf_NumberOfCores_cpp for #82585
tested on i386/amd64 by several, amd64 bulk build, ppc & sparc64 testing
by myself. mips64el in the works..
ok ajacoutot@
fcgi-cgi is a wrapper around CGI applications to support running them under
FastCGI for use with webservers such as nginx and lighttpd 2.x which do not
support running cgi scripts/binaries directly.
MESSAGE->README, mostly from Johan Huldtgren with tweaks by me
Readd missing '@comment no checksum' lines
Add config fragments for nginx, from Johan Huldtgren
- add rss.tpl & rss_item.tpl
- install the new 'bright' template
- copy navdirectory.tpl from 'bright' to other templates since it's
missing (also debian bug #645356)
- bump
- Fixes MFSA 2012-12->19
- see http://www.seamonkey-project.org/releases/seamonkey2.8/
- complete patchset for #691898, still fixes build on ppc (and hopefully
commited in firefox 14...)
- add patchset from #706955, workarounds #669050 (xpcshell hangs during
make install and chokes on CSPUtils.csm, threads related..)
- remove obsolete/commited patches
- Fixes MFSA 2012-12->19
- see http://www.mozilla.org/en-US/firefox/11.0/releasenotes/
- complete patchset for #691898, still fixes build on ppc (and hopefully
commited in firefox 14...)
- add patchset from #706955, workarounds #669050 (xpcshell hangs during
make install and chokes on CSPUtils.csm, threads related..)
- remove obsolete/commited patches
ownCloud gives you easy and universal access to all of your files.
It also provides a platform to easily view, sync and share your
contacts, calendars, bookmarks and files across all your devices.
ok robert@
- remove dep on gtar
- patch config.php-dist & update.php to use MODPHP_BIN
- fix perms in PLIST, use @owner www for dirs where tt-rss writes
- switch MESSAGE to README, and improve the latter
- provide an rc script for the daemon updating the feeds
ok ajacoutot@
- huge cleanup of README, use PKG_DBDIR pkg_add -B to hint people how to
properly install A::G and its deps in apache's chroot, instead of
manually copying the deps/modules.
- set EPOCH=0, since 1.0RC3 wasn't a proper version
- provide an apache-gallery.conf @sample in conf/modules.sample, as other
www ports do, instead of a VHost to copy/paste
- add UNMESSAGE telling how to completely disable/remove A::G
ok ajacoutot@
