* [NEW] Custom keybound prompts (keybinding = :cmd,key)
* [NEW] Custom uri handling (custom_uri)
* [NEW] Setting to disable proxy at startup (http_proxy_disable)
* [NEW] Setting to cache HTTPS certificates and present warnings when
certificates change to help prevent MITM attacks (warn_cert_changes)
* [NEW] Tab number and proxy enabled notifications (statusbar_elems)
* [NEW] Setting to change default stylesheet used for the userstyle
and userstyle_global commands (usersytle)
* [NEW] Both userstyle and userstyle_global commands may take an
optional argument to a user-specified stylesheet
* [NEW] Setting to change the style of the statusbar to switch between
the page URL and title (statusbar_style)
* Runtime settings are unsettable with ':set setting ='
* Fix some display bugs with the statusbar
* HTML escape text before displaying with about:set, <file> now shows
correctly
* Fix unsetting the statusbar color when opening the command prompt
And a lot of others.
Tested on amd64.
Ok kili@ aja@
minor SHLIB bump
introduce SOGOLIBDIR variable to be used in PLIST, update hint from README:
Upgrade SOGo from < 1.3.16
=======================================
New password schemes were introduced. You may want to set the
userPasswordAlgorithm default, i.e.:
$ defaults write sogod userPasswordAlgorithm ssha
* checking: Catch any errors initializing the MIME database.
* checking: Fix writing temporary files.
* checking: Properly handle URLs with user/password information.
And others.
Delete --no-compile to build pyc and add devel/desktop-file-utils
Tested on i386.
Ok Amit Kulkarni (maintainer) aja@
* Fixes an issue where a theme's page templates were sometimes not detected.
* Addresses problems with some category permalink structures.
* Better handling for plugins or themes loading JavaScript incorrectly.
* Adds early support for uploading images on iOS 6 devices.
* Allows for a technique commonly used by plugins to detect a
network-wide activation.
* Better compatibility with servers running certain versions of PHP
(5.2.4, 5.4) or with uncommon setups (safe mode, open_basedir), which
had caused warnings or in some cases prevented emails from being sent.
* Privilege Escalation/XSS. Critical. Administrators and editors in
multisite were accidentally allowed to use unfiltered_html for 3.4.0.
And others, tested on i386 and amd64.
Ok merdely@ (maintainer) aja@
Bacula-Web is a web based tool written in PHP that provides a
summarized view of the bacula backup infrastructure. It obtain this
information from the bacula catalog's database.
This tool provides you informations on the last day jobs status, media
and pool usage, catalog size usage, etc.
ok jasper@
If the proxy server is running on the same subnet as the clients, the
return traffic from the proxy will go directly back to them without
ever hitting the firewall, which means the states will never get updated
and may fill-up your pflog(4) with blocked attempts. To circumvent this
the "no state" option needs to be specified for the route-to rule.
ok Brad, intput/ok sthen@ (maintainer)
"Desc: Input passed via the parameter 'sortby' is not properly
sanitised before being returned to the user or used in SQL queries.
This can be exploited to manipulate SQL queries by injecting
arbitrary SQL code. The param 'num' is vulnerable to a XSS issue
where the attacker can execute arbitrary HTML and script code in
a user's browser session in context of an affected site."
Security issues require admin login.
Don't redirect errors to /dev/null and don't return true(1)
unconditionally. Instead, don't check for the existence of index.theme.
This will allow us to catch errors that may be happening because of a
missing dependency in the chain.
Some hidden issues may appear, in which case please contact me.
discussed with and ok blind jasper@
