GLPI is the Information Resource-Manager with an additional
Administration- Interface. You can use it to build up a database with an
inventory for your company (computer, software, printers...). It has
enhanced functions to make the daily life for the administrators easier,
like a job-tracking-system with mail-notification and methods to build a
database with basic information about your network-topology.
ok aja@
* [NEW] force_https setting and https command to force a given domain
to always use HTTPS
* [NEW] Use force_https to provide a preloaded HSTS list to help avoid
the ssl stripping attack. Sites in this list are taken from
Chromium's preloaded HSTS list, and additional domains added by the
xombrero authors.
* Add a workaround to fix a GTK focus bug until it has been fixed
upstream (see https://bugzilla.gnome.org/show_bug.cgi?id=677329)
* Modify the about:allthethings output to a more C-like syntax
* Remove the usage of relying on some deprecated webkitgtk signals
* Prevent spitting out warnings of deprecated gcrypt functions when
building
* Prevent a crash when using editsrc on about:blank or any other blank
page
* Many various code cleanups
And more.
Ok pascal@
* Fixed base64::decode() return "" if input ends with garbage and no
padding.
* Fixed segmentation fault when logger failed to open log file.
* Added new file allocation method called 'trunc'. --file-allocation
option can now take new value 'trunc'. 'trunc' uses ftruncate()
system call or platform-specific counterpart to truncate a file to a
specified length.
* Added TLS SNI support.
Ok rpointel@ (maintainer)
High-level cross-protocol url-grabber.
Using urlgrabber, data can be fetched in three basic ways:
urlgrab(url) copy the file to the local filesystem
urlopen(url) open the remote file and return a file object
(like urllib2.urlopen)
urlread(url) return the contents of the file as a string
ok aja@
Mozilla Sync server allows bookmarks, tabs, settings, addons, passwords
and history to be shared across several mozilla instances. Most work
done before previous lock, polished last month and finally here it is!
See https://support.mozilla.org/en-US/kb/how-do-i-set-up-firefox-sync
and the provided README for how to set it up properly.
ok sthen@ on a previous version.
- see http://www.seamonkey-project.org/releases/seamonkey2.12/
- garbage collect nsSound.cpp, the original one uses libcanberra
properly and thus sndio.
- remove patch from #750620, merged upstream (mfbt/double-conversion)
- remove patches from #691898, merged upstream (yarr jit ppc)
- remove useless crashreporter patch, we don't have breakpad
- see http://www.mozilla.org/en-US/firefox/15.0/releasenotes/
- add -Os hack to fix a relocation error when linking on ppc (as was
done in tb since 10..)
- garbage collect nsSound.cpp, the original one uses libcanberra
properly and thus sndio.
- remove patch from #750620, merged upstream (mfbt/double-conversion)
- remove patches from #747257, merged upstream (gstreamer fix)
- remove patches from #691898, merged upstream (yarr jit ppc)
CVE-2012-4377 Stored XSS via a File::link to a non-existing image
CVE-2012-4378 Multiple DOM-based XSS flaws due improper filtering of
uselang parameter
CVE-2012-4379 CSRF tokens, available via API, not protected when
X-Frame-Options headers used
CVE-2012-4380 Did not prevent account creation for IP addresses
blocked with GlobalBlocking
CVE-2012-4381 Password saved always to the local MediaWiki database
CVE-2012-4382 Metadata about blocks
feedback/OKs from aja@ william@ jasper@ giovanni@ kevlo@
- move MESSAGE to README.
- add missing dep on php-mysqli.
- change the unpack/fake-install method to use the standard
extract infrastructure.
- @sample contrib/htaccess into .htaccess so apache can use it by
default if allowoverride is enabled. this does some basic user-agent
checks to reduce the risk of phpmyadmin sites showing up in
search engines.
- provide an @sample'd apache config file which enables use of
the .htaccess file and restricts access to localhost. talk about
this in README so people know what's going on. (phpMyAdmin has
a history of security-related bugs, but because it's rather
commonly used it's much better to have it in ports so that
it can be updated easily; these changes make the default
installation safer).
building the static binary. Fixes build problem reported by nigel@ since the
glib-2.0.pc now (correctly) only lists pthread in Libs.private not in Libs.
ok ajacoutot@
