from DESCR:
This is a module for the Apache HTTP Server. It replaces the
Apache-FP patches and module supplied with the Microsoft
FrontPage Server Extensions available from Microsoft and
Ready-to-Run Software.
Using this module allows you to use advanced features of the
FrontPage client with your Apache HTTP Server (e.g. creating
FrontPage enabled subwebs using the FrontPage client in con-
trast to creating them as user "root" with "fpinstall.sh" or
the "fpsrvadm.exe"-utility on the system's shell).
Fixed buffer overflow.
>SECURITY ADVISORY 13th February 2001
>----------------------------------------------------------------------
>Program: analog
>Versions: all versions except 4.16 and 4.90beta3
>Operating systems: all
>----------------------------------------------------------------------
>There is a buffer overflow bug in all versions of analog released
>prior to today. A malicious user could use an ALIAS command to
>construct very long strings which were not checked for length.
>
>This bug is particularly dangerous if the form interface (which allows
>unknown users to run the program via a CGI script) has been installed.
>
>This bug was discovered by the program author, and there is no known
>exploit. However, users are advised to upgrade to one of the two safe
>versions immediately, especially if they have installed the form
>interface. The URL is http://www.analog.cx/
>
>I apologise for the inconvenience.
> Stephen Turner
--
Mason is a powerful Perl-based web site development and delivery
engine. With Mason you can embed Perl code in your HTML and construct
pages from shared, reusable components.
Mason solves the common problems of site development: caching,
debugging, templating, simulating browser conditions, maintaining
development and production sites, and more.
Although it can be used from CGI or even stand-alone, it is optimally
designed for use with two other open source technologies: mod_perl
and Apache.
--
This is a collection of modules that represent, create, and extract
information from HTML syntax trees. These modules used to be part
of the libwww-perl distribution, but are now unbundled in order to
facilitate a separate development track. Bug reports and discussions
about these modules can still be sent to the <libwww@perl.org>
mailing list, or to <sburke@cpan.org>.
--
HTML::TableExtract is a module that simplifies the extraction of
information contained in tables within HTML documents.
Tables of note may be specified using Headers, Depth, Count, or
some combination of the three.
Changes:
- Fix for test cases that failed because of URI-1.10 now encode
space as '+' instead of '%20.
- Makefile.PL: Require URI-1.10.
HTTP::Daemon now accepts any non-space character as method name
on the request line. It used to fail on methods like "M-POST"
because it only allowed \w-chars.
- HTTP::Date now allow fractional seconds in ISO date formats.
- HTTP::Request::Common will now calculate Content-length
even if $DYNAMIC_FILE_UPLOAD is set.
Changelog:
- Fixed the various pdf_open_*() functions (Daniel)
- Fixed a bug that could cause invalid INI entries to be used under certain
circumstances (Zeev)
- Fixed a bug in the Apache module that could cause invalid INI values to
propogate to different virtual hosts, if one or more of the virtual
hosts was configured with engine=Off (Zeev)
- Fixed possible crash bugs in the session module (Sascha)
- Fixed the ODBC module to build properly with Solid 3.0 and OpenLink (Dan
Kalowsky)
- Fixed possible corruption of line number information in PHP scripts (Zeev,
Zend Engine)
- Fixed a few possible crashes in functions that use user-defined callbacks
(Zeev, Zend Engine)
- bump NEED_VERSION
Form handling has changed subtly, so be sure to read the documentation
before upgrading to this (the new behaviour follows the W3 recommendation)
with OpenSSL 0.9.5a, instead of requiring only OpenSSL 0.9.6
These patches detect the revelant version and use the additional return
values in 0.9.6 only if present.
This also unbreaks the SNMP flavor on 2.8-stable, which requires SSL
support, since our UCD-SNMP daemon has OpenSSL compiled into it
(wierd, but thats how the PHP snmp-config.m4 works)
- Add OpenSSL patches
- Add note crypt.c patch that its now in 4.0.5-dev and can be removed soon
- Add --with-openssl to the standard set of configure options
encryption algorithms.
The patches are a backport from PHP-CVS to the mcrypt m4 script, which
didn't pick up the right version of libmcrypt. I've included the
m4 patch also, since the outputted configure script patch will make no
sense to anyone who looks at it in the future.
- bump NEED_VERSION
--
HTML::TokeParser's get_tag() method now takes multiple
tags to match. Hopefully the documentation is also a bit clearer.
#define PERL_NO_GET_CONTEXT: Should speed up things for thread
enabled versions of perl.
Quote some more entities that also happens to be perl keywords.
This avoids warnings on perl-5.004.
Unicode entities only triggered for perl-5.7.0 or higher.
- bump NEED_VERSION
- no longer need extra distfile number4.tar.gz since it has
been integrated into the main distribution
- ltconfig, mysql socket patches are in main distribution now,
so they are removed. Note that the ltconfig patch was only
applied to the 4_0_4 branch by the PHP team, so we will have
to resubmit it for the next version, unless libtool-cvs has
been updated with our information.
- Since php3/4 conflict with each other anyway, versioning is
not needed.
ok jakob@
durring the install originally. This should fix the font problems people
have been having with Java and the JVM having very tiny and unreadable
fonts. Poked and prodded by: danh@
squid-2.3.stable4-carp-assertion.patch
Comparing floating point numbers for equality is tricky. The old way can cause an assertion even though two numbers actually do add up to 1
From Jeff Bachtel <jeff@cepheid.org>, reviewed by naddy@
--
w3mir is a all purpose HTTP copying and mirroring tool. The main
focus of w3mir is to create and maintain a browseable copy of one,
or several, remote WWW site(s). Used to the max w3mir can retrieve
the contents of several related sites and leave the mirror browseable
via a local web server, or from a filesystem, such as directly from
a CDROM.
w3mir's goal is to be able to make useful mirrors of any reasonable
WWW site. It specifically preserves link integrity within the
mirrored documents as well as the integrety of links outside the
mirror, following redirects as needed. If you want it to. w3mir has
a powerful ``multi-scope'' mechanism enabling the user to make
mirrors of several related sites and have links between them refer
to the mirrored documents rather than the original site. w3mir has
several features directed at getting mirrors for CDROM burning and
handling of some not too often seen problems when mirroring.
w3mir supports HTML4, and has partial support for CSS, Java and
ActiveX.
--
October 21, 2000, Version 3.0.18
- Fixed file upload bugs (Sascha)
October 11, 2000, Version 3.0.17
- Fixed output functions (Sascha)
- Added odbc_tables() (Frank)
- Fixed htmlspecialchars/htmlentities inconsistencies (Rasmus)
- Added is_uploaded_file() (Zeev)
- Clean up htmlspecialchars/htmlentities inconsistencies (Rasmus)
- Add optional charset parameter to sybase_[p]connect (alf@alpha.ulatina.ac.cr)
- Fixed incorrect handling of 0-precision strings (e.g., %4.0s)
in printf (Ken Coar)
- You can now call Ora_Error() without prameters to get the reason
for a failed connection attempt. (Kirill Maximov)
- Fixed crash in OCIFetchStatement() when trying to read after
all data has already been read. (Thies)
- Added --enable-sigchild. Use this option if you encounter
<defunc> processes when using Oracle 8i. (Thies)
- Uncommitted outstanding OCI8 transactions are now rolled back
before the connection is closed. (Thies)
- Improved configure checks for Oracle 8i. (Thies)
- Added imap_mime_header_decode() function (Skalski)
