from DESCR:
This is a module for the Apache HTTP Server. It replaces the
Apache-FP patches and module supplied with the Microsoft
FrontPage Server Extensions available from Microsoft and
Ready-to-Run Software.
Using this module allows you to use advanced features of the
FrontPage client with your Apache HTTP Server (e.g. creating
FrontPage enabled subwebs using the FrontPage client in con-
trast to creating them as user "root" with "fpinstall.sh" or
the "fpsrvadm.exe"-utility on the system's shell).
Fixed buffer overflow.
>SECURITY ADVISORY 13th February 2001
>----------------------------------------------------------------------
>Program: analog
>Versions: all versions except 4.16 and 4.90beta3
>Operating systems: all
>----------------------------------------------------------------------
>There is a buffer overflow bug in all versions of analog released
>prior to today. A malicious user could use an ALIAS command to
>construct very long strings which were not checked for length.
>
>This bug is particularly dangerous if the form interface (which allows
>unknown users to run the program via a CGI script) has been installed.
>
>This bug was discovered by the program author, and there is no known
>exploit. However, users are advised to upgrade to one of the two safe
>versions immediately, especially if they have installed the form
>interface. The URL is http://www.analog.cx/
>
>I apologise for the inconvenience.
> Stephen Turner
--
Mason is a powerful Perl-based web site development and delivery
engine. With Mason you can embed Perl code in your HTML and construct
pages from shared, reusable components.
Mason solves the common problems of site development: caching,
debugging, templating, simulating browser conditions, maintaining
development and production sites, and more.
Although it can be used from CGI or even stand-alone, it is optimally
designed for use with two other open source technologies: mod_perl
and Apache.
--
This is a collection of modules that represent, create, and extract
information from HTML syntax trees. These modules used to be part
of the libwww-perl distribution, but are now unbundled in order to
facilitate a separate development track. Bug reports and discussions
about these modules can still be sent to the <libwww@perl.org>
mailing list, or to <sburke@cpan.org>.
--
HTML::TableExtract is a module that simplifies the extraction of
information contained in tables within HTML documents.
Tables of note may be specified using Headers, Depth, Count, or
some combination of the three.
Changes:
- Fix for test cases that failed because of URI-1.10 now encode
space as '+' instead of '%20.
- Makefile.PL: Require URI-1.10.
HTTP::Daemon now accepts any non-space character as method name
on the request line. It used to fail on methods like "M-POST"
because it only allowed \w-chars.
- HTTP::Date now allow fractional seconds in ISO date formats.
- HTTP::Request::Common will now calculate Content-length
even if $DYNAMIC_FILE_UPLOAD is set.
Changelog:
- Fixed the various pdf_open_*() functions (Daniel)
- Fixed a bug that could cause invalid INI entries to be used under certain
circumstances (Zeev)
- Fixed a bug in the Apache module that could cause invalid INI values to
propogate to different virtual hosts, if one or more of the virtual
hosts was configured with engine=Off (Zeev)
- Fixed possible crash bugs in the session module (Sascha)
- Fixed the ODBC module to build properly with Solid 3.0 and OpenLink (Dan
Kalowsky)
- Fixed possible corruption of line number information in PHP scripts (Zeev,
Zend Engine)
- Fixed a few possible crashes in functions that use user-defined callbacks
(Zeev, Zend Engine)
- bump NEED_VERSION
Form handling has changed subtly, so be sure to read the documentation
before upgrading to this (the new behaviour follows the W3 recommendation)
