Skip to content
Commits on Jul 23, 2014
  1. + mame-0.154, mess-0.154.

    wiz committed Jul 23, 2014
  2. Changes 1.0.2:

    - Fix storing unsaved drafts in localStorage
    - Fix redundant horizontal scrollbar in HTML editor
    - Fix PHP error in Preferences when default_folders was in dont_override
    - Add configurable LDAP_OPT_DEREF option
    - Fix unintentional draft autosave request if autosave is disabled
    - Fix malformed References: header in send/saved mail
    - Fix handling unicode characters in links
    - Fix incorrect handling of HTML comments in messages sanitization code
    - Fix so current page is reset on list-mode change
    - Fix so responses menu hides on click in classic skin
    - Fix unintentional line-height style modification in HTML messages
    - Fix broken normalize_string(), add support for ISO-8859-2
    - Support csv contacts import in German localization
    - Fix so message list and counters are updated when a message is opened in new window
    - Fix malformed recipient name when composing a message by clicking on mailto link
    - Fix list reload after sending message in another window
    - Fix so address format errors are ignored when saving a draft
    - Fix incorrect label translation in return receipt
    - Fix security issue in delete-response action - allow only ajax request
    - Fix Delete button state after deleting identity/response
    - Fix bug where contacts with no email address were listed on compose addressbook
    - Fix images import from various vCard formats
    - Fix sorting messages by size on servers without SORT capability
    adam committed Jul 23, 2014
  3. Changes 4.83:

     1. If built with the EXPERIMENTAL_PROXY feature enabled, Exim can be
        configured to expect an initial header from a proxy that will make the
        actual external source IP:host be used in exim instead of the IP of the
        proxy that is connecting to it.
     2. New verify option header_names_ascii, which will check to make sure
        there are no non-ASCII characters in header names.  Exim itself handles
        those non-ASCII characters, but downstream apps may not, so Exim can
        detect and reject if those characters are present.
     3. New expansion operator ${utf8clean:string} to replace malformed UTF8
        codepoints with valid ones.
     4. New malware type "sock".  Talks over a Unix or TCP socket, sending one
        command line and matching a regex against the return data for trigger
        and a second regex to extract malware_name.  The mail spoofile name can
        be included in the command line.
     5. The smtp transport now supports options "tls_verify_hosts" and
        "tls_try_verify_hosts".  If either is set the certificate verification
        is split from the encryption operation. The default remains that a failed
        verification cancels the encryption.
     6. New SERVERS override of default ldap server list.  In the ACLs, an ldap
        lookup can now set a list of servers to use that is different from the
        default list.
     7. New command-line option -C for exiqgrep to specify alternate exim.conf
        file when searching the queue.
     8. OCSP now supports GnuTLS also, if you have version 3.1.3 or later of that.
     9. Support for DNSSEC on outbound connections.
    10. New variables "tls_(in,out)_(our,peer)cert" and expansion item
        "certextract" to extract fields from them. Hash operators md5 and sha1
        work over them for generating fingerprints, and a new sha256 operator
        for them added.
    11. PRDR is now supported dy default.
    12. OCSP stapling is now supported by default.
    13. If built with the EXPERIMENTAL_DSN feature enabled, Exim will output
        Delivery Status Notification messages in MIME format, and negociate
        DSN features per RFC 3461.
    adam committed Jul 23, 2014
  4. Updated net/pear-Net_Socket to 1.0.14

    adam committed Jul 23, 2014
  5. Changes 1.0.14:

    - Fix connecting when host is specified with protocol prefix e.g. ssl://
    adam committed Jul 23, 2014
  6. Update "apache24" package to version 2.4.10. Changes since 2.4.9:

    - SECURITY: CVE-2014-0117 (
      mod_proxy: Fix crash in Connection header handling which
      allowed a denial of service attack against a reverse proxy
      with a threaded MPM.  [Ben Reser]
    - SECURITY: CVE-2014-0226 (
      Fix a race condition in scoreboard handling, which could lead to
      a heap buffer overflow.  [Joe Orton, Eric Covener]
    - SECURITY: CVE-2014-0118 (
      mod_deflate: The DEFLATE input filter (inflates request bodies) now
      limits the length and compression ratio of inflated request bodies to avoid
      denial of sevice via highly compressed bodies.  See directives
      DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
      and DeflateInflateRatioBurst. [Yann Ylavic, Eric Covener]
    - SECURITY: CVE-2014-0231 (
      mod_cgid: Fix a denial of service against CGI scripts that do
      not consume stdin that could lead to lingering HTTPD child processes
      filling up the scoreboard and eventually hanging the server.  By
      default, the client I/O timeout (Timeout directive) now applies to
      communication with scripts.  The CGIDScriptTimeout directive can be
      used to set a different timeout for communication with scripts.
      [Rainer Jung, Eric Covener, Yann Ylavic]
    - mod_ssl: Extend the scope of SSLSessionCacheTimeout to sessions
      resumed by TLS session resumption (RFC 5077). [Rainer Jung]
    - mod_deflate: Don't fail when flushing inflated data to the user-agent
      and that coincides with the end of stream ("Zlib error flushing inflate
      buffer"). Bug 56196. [Christoph Fausak <christoph fausak>]
    - mod_proxy_ajp: Forward local IP address as a custom request attribute
      like we already do for the remote port. [Rainer Jung]
    - core: Include any error notes set by modules in the canned error
      response for 403 errors.  [Jeff Trawick]
    - mod_ssl: Set an error note for requests rejected due to
      SSLStrictSNIVHostCheck.  [Jeff Trawick]
    - mod_ssl: Fix issue with redirects to error documents when handling
      SNI errors.  [Jeff Trawick]
    - mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer
      larger keys and support up to 8192-bit keys.  [Ruediger Pluem,
      Joe Orton]
    - mod_dav: Fix improper encoding in PROPFIND responses.  Bug 56480.
      [Ben Reser]
    - WinNT MPM: Improve error handling for termination events in child.
      [Jeff Trawick]
    - mod_proxy: When ping/pong is configured for a worker, don't send or
      forward "100 Continue" (interim) response to the client if it does
      not expect one. [Yann Ylavic]
    - mod_ldap: Be more conservative with the last-used time for
      LDAPConnectionPoolTTL. Bug 54587 [Eric Covener]
    - mod_ldap: LDAP connections used for authn were not respecting
      LDAPConnectionPoolTTL. Bug 54587 [Eric Covener]
    - mod_proxy_fcgi: Fix occasional high CPU when handling request bodies.
      [Jeff Trawick]
    - event MPM: Fix possible crashes (third-party modules accessing c->sbh)
      or occasional missed mod_status updates under load. Bug 56639.
      [Edward Lu <Chaosed0 gmail com>]
    - mod_authnz_ldap: Support primitive LDAP servers do not accept
      filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
      filter "none" to be specified in AuthLDAPURL. [Eric Covener]
    - mod_deflate: Fix inflation of files larger than 4GB. Bug 56062.
      [Lukas Bezdicka <social>]
    - mod_deflate: Handle Zlib header and validation bytes received in multiple
      chunks. Bug 46146. [Yann Ylavic]
    - mod_proxy: Allow reverse-proxy to be set via explicit handler.
      [ryo takatsuki <ryotakatsuki gmail com>]
    - ab: support custom HTTP method with -m argument. Bug 56604.
      [Roman Jurkov <winfinit>]
    - mod_proxy_balancer: Correctly encode user provided data in management
      interface. Bug 56532 [Maksymilian, <max>]
    - mod_proxy_fcgi: Support iobuffersize parameter.  [Jeff Trawick]
    - mod_auth_form: Add a debug message when the fields on a form are not
      recognised. [Graham Leggett]
    - mod_cache: Preserve non-cacheable headers forwarded from an origin 304
      response. Bug 55547.  [Yann Ylavic]
    - mod_proxy_wstunnel: Fix the use of SSL connections with the "wss:"
      scheme. Bug 55320. [Alex Liu <>]
    - mod_socache_shmcb: Correct counting of expirations for status display.
      Expirations happening during retrieval were not counted. [Rainer Jung]
    - mod_cache: Retry unconditional request with the full URL (including the
      query-string) when the origin server's 304 response does not match the
      conditions used to revalidate the stale entry.  [Yann Ylavic].
    - mod_alias: Stop setting CONTEXT_PREFIX and CONTEXT_DOCUMENT environment
      variables as a result of AliasMatch. [Eric Covener]
    - mod_cache: Don't add cached/revalidated entity headers to a 304 response.
      Bug 55547.  [Yann Ylavic]
    - mod_proxy_scgi: Support Unix sockets.  ap_proxy_port_of_scheme():
      Support default SCGI port (4000).  [Jeff Trawick]
    - mod_expires: don't add Expires header to error responses (4xx/5xx),
      be they generated or forwarded. Bug 55669.  [Yann Ylavic]
    - mod_proxy_fcgi: Don't segfault when failing to connect to the backend.
      (regression in 2.4.9 release) [Jeff Trawick]
    - mod_authn_socache: Fix crash at startup in certain configurations.
      Bug 56371. (regression in 2.4.7) [Jan Kaluza]
    - mod_ssl: restore argument structure for "exec"-type SSLPassPhraseDialog
      programs to the form used in releases up to 2.4.7, and emulate
      a backwards-compatible behavior for existing setups. [Kaspar Brand]
    - mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
      OCSP requests should use a nonce to be checked against the responder's
      one. Bug 56233. [Yann Ylavic, Kaspar Brand]
    - mod_ssl: "SSLEngine off" will now override a Listen-based default
      and does disable mod_ssl for the vhost.  [Joe Orton]
    - mod_lua: Enforce the max post size allowed via r:parsebody()
      [Daniel Gruno]
    - mod_lua: Use binary comparison to find boundaries for multipart
      objects, as to not terminate our search prematurely when hitting
      a NULL byte. [Daniel Gruno]
    - mod_ssl: add workaround for SSLCertificateFile when using OpenSSL
      versions before 0.9.8h and not specifying an SSLCertificateChainFile
      (regression introduced with 2.4.8). Bug 56410. [Kaspar Brand]
    - mod_ssl: bring SNI behavior into better conformance with RFC 6066:
      no longer send warning-level unrecognized_name(112) alerts,
      and limit startup warnings to cases where an OpenSSL version
      without TLS extension support is used. Bug 56241. [Kaspar Brand]
    - mod_proxy_html: Avoid some possible memory access violation in case of
      specially crafted files, when the ProxyHTMLMeta directive is turned on.
      Follow up of Bug 56287 [Christophe Jaillet]
    - mod_auth_form: Make sure the optional functions are loaded even when
      the AuthFormProvider isn't specified. [Graham Leggett]
    - mod_ssl: avoid processing bogus SSLCertificateKeyFile values
      (and logging garbled file names). Bug 56306. [Kaspar Brand]
    - mod_ssl: fix merging of global and vhost-level settings with the
      SSLCertificateFile, SSLCertificateKeyFile, and SSLOpenSSLConfCmd
      directives. Bug 56353. [Kaspar Brand]
    - mod_headers: Allow the "value" parameter of Header and RequestHeader to
      contain an ap_expr expression if prefixed with "expr=". [Eric Covener]
    - rotatelogs: Avoid creation of zombie processes when -p is used on
      Unix platforms.  [Joe Orton]
    - mod_authnz_fcgi: New module to enable FastCGI authorizer
      applications to authenticate and/or authorize clients.
      [Jeff Trawick]
    - mod_proxy: Do not try to parse the regular expressions passed by
      ProxyPassMatch as URL as they do not follow their syntax.
      Bug 56074. [Ruediger Pluem]
    - mod_reqtimeout: Resolve unexpected timeouts on keepalive requests
      under the Event MPM. Bug 56216.  [Frank Meier <frank meier ergon ch>]
    - mod_proxy_fcgi: Fix sending of response without some HTTP headers
      that might be set by filters.  [Jim Riggs <jim>]
    - mod_proxy_html: Do not delete the wrong data from HTML code when a
      "http-equiv" meta tag specifies a Content-Type behind any other
      "http-equiv" meta tag. Bug 56287 [Micha Lenk <micha lenk info>]
    - mod_proxy: Don't reuse a SSL backend connection whose requested SNI
      differs. Bug 55782.  [Yann Ylavic]
    - Add suspend_connection and resume_connection hooks to notify modules
      when the thread/connection relationship changes.  (Should be implemented
      for any third-party async MPMs.)  [Jeff Trawick]
    - mod_proxy_wstunnel: Don't issue AH02447 and log a 500 on routine
      hangups from websockets origin servers. Bug 56299
      [Yann Ylavic, Edward Lu <Chaosed0 gmail com>, Eric Covener]
    - mod_proxy_wstunnel: Don't pool backend websockets connections,
      because we need to handshake every time. Bug 55890.
      [Eric Covener]
    - mod_lua: Redesign how request record table access behaves,
      in order to utilize the request record from within these tables.
      [Daniel Gruno]
    - mod_lua: Add r:wspeek for peeking at WebSocket frames. [Daniel Gruno]
    - mod_lua: Log an error when the initial parsing of a Lua file fails.
      [Daniel Gruno, Felipe Daragon <filipe syhunt com>]
    - mod_lua: Reformat and escape script error output.
      [Daniel Gruno, Felipe Daragon <filipe syhunt com>]
    - mod_lua: URL-escape cookie keys/values to prevent tainted cookie data
      from causing response splitting.
      [Daniel Gruno, Felipe Daragon <filipe syhunt com>]
    - mod_lua: Disallow newlines in table values inside the request_rec,
      to prevent HTTP Response Splitting via tainted headers.
      [Daniel Gruno, Felipe Daragon <filipe syhunt com>]
    - mod_lua: Remove the non-working early/late arguments for
      LuaHookCheckUserID. [Daniel Gruno]
    - mod_lua: Change IVM storage to use shm [Daniel Gruno]
    - mod_lua: More verbose error logging when a handler function cannot be
      found. [Daniel Gruno]
    tron committed Jul 23, 2014
  7. Failing tests is no reason to turn them off.

    asau committed Jul 23, 2014
  8. Switch myself from owner to maintainer as I'm perfectly happy with so…

    else updating this package anyway.
    tron committed Jul 23, 2014
  9. Updated graphics/digikam to 3.5.0nb8

    wiz committed Jul 23, 2014
  10. Use libpgf package instead of included copy of the code.

    Reduces code duplication, and binary packages size by 800kB.
    wiz committed Jul 23, 2014
  11. Fix packaging.

    wiz committed Jul 23, 2014
  12. Updated security/p5-String-Random to 0.26.

    hiramatsu committed Jul 23, 2014
  13. Update security/p5-String-Random to 0.26.

    Changes from previous:
    0.26   Fri Jan 31 2014
    - LICENSE section and file (CPANTS).
    - Minimum version of perl in Build.PL / META.yml .
    0.25   Fri Dec 27 2013
    - Update the link to the version control repository.
    0.24   Tue Dec 03 2013
    - Add keywords and a link to he repository to Build.PL / META.yml.
    0.23   Tue Dec 03 2013
    - Add t/style-trailing-space.t .
    - Update the POD in lib/String/ .
    - Add t/pod.t .
    - Convert Build.PL to Test::Run::Builder.
    - Hopefully fix
        - Bug #86894 for String-Random: Spurious warnings
    hiramatsu committed Jul 23, 2014
  14. Updated converters/libwps to 0.3.0

    wiz committed Jul 23, 2014
  15. Update to 0.3.0. Ride libwpd bump.

    0.2.x -> 0.3.0
    - switch to librevenge
    - add support for Works Spreadsheet
    - add support for Works Database
    - miscellaneous fixes and cleanups
    wiz committed Jul 23, 2014
  16. Bump ABI depends. Ride libwpd bump.

    wiz committed Jul 23, 2014
  17. Updated textproc/libodfgen to 0.1.1

    wiz committed Jul 23, 2014
  18. Update to 0.1.1. Ride libwpd bump.

    libodfgen 0.1.1
    - Export API symbols on Windows.
    - Fix few minor problems with debug mode.
    libodfgen 0.1.0
    - rebase to librevenge
    - add spreadsheet generator
    - split common parts of all generators out to a base class
    - add tests for all generators
    - add chart generator
    - and many other improvements
    libodfgen 0.0.4
    - fix handling of presentation tables
    - fix handling of presentation notes
    - fix handling of presentation comments
    wiz committed Jul 23, 2014
  19. Updated converters/libmwaw to 0.3.1

    wiz committed Jul 23, 2014
  20. Update to 0.3.1. Ride libwpd bump.

    - add code to create embedded spreadsheet
    - AppleWorks/ClarisWorks: send page's embedded spreadsheets as spreadsheet (instead of table)
    wiz committed Jul 23, 2014
  21. Updated converters/libe-book to 0.1.1

    wiz committed Jul 23, 2014
  22. Update to 0.1.1. Ride libwpd bump.

    libe-book 0.1.1
    - Fix various problems when using --disable-experimental.
    - Work around MSVC bug.
    - Fix parsing of zipped FictionBook 2 files.
    libe-book 0.1.0
    - switch to librevenge
    - PeanutPress: make sure the output is UTF-8
    - TCR: make sure the output is UTF-8
    - sanitize format detection
    wiz committed Jul 23, 2014
  23. Fix build under NetBSD etc.

    Noted by wiz@.
    ryoon committed Jul 23, 2014
Commits on Jul 22, 2014
  1. Restore file for python-2.6 build.

    wiz committed Jul 22, 2014
  2. Updated www/py-webassets to 0.10.1.

    Updated www/py-flask-assets to 0.10.
    kleink committed Jul 22, 2014
  3. Update py-flask-assets to 0.10.

    0.10 (2014-07-03)
        This release is compatible with webassets 0.10.
    kleink committed Jul 22, 2014
  4. Update py-webassets to 0.10.1.

    0.10.1 (2014-07-03)
        - Python 3 fixes.
        - Windows fix (Ionel Cristian Mărieș).
    0.10 (2014-06-15)
        - Add autoprefixer filter (Vincent Driessen).
        - Add require.js filter (metagriffin, Erik Taubeneck)
        - A lot of bug fixes and small improvements.
    kleink committed Jul 22, 2014
  5. + at-spi2-atk-2.12.1 [needs atk>=2.11.90], atk-2.12.0, exim-4.83,

      php-tt-rss-1.13, py-qt4-4.11, py-qt4-qscintilla-4.8.3,
      qt4-qscintilla-4.8.3, py-sip-4.16.1.
    wiz committed Jul 22, 2014
  6. Add comment:

    when updating this, also update py-qt4-qscintilla
    XXX: these two should share a Makefile.common
    wiz committed Jul 22, 2014
  7. Needs qt4-libs 4.7.0 or newer.

    wiz committed Jul 22, 2014
Something went wrong with that request. Please try again.