Changelog:
- synchronized with latest oxygen
- created KDE/4.10 branch
- Warning: if you are using the "master" branch (which targets KDE/4.11), you
will have conflicts with oxygen (@KDE) configuration, unless you are also
using kde from git repositories This is due to backward incompatible changes
in the configuration code.
Approved by: bdrewery (mentor)
Feature safe: yes
- Pet portlint: add my LOCAL to MASTER_SITES
- Temporarily comment LICENSE_* due to the removal of LICENSE in tarball
- Sort BUILD_DEPENDS
- Cleanup Makefile header
- Fix typo and reformat pkg-descr
Feature safe: yes
for libitm which didn't expect the OS to define __always_inline by
itself (and differently).
Also, this no longer installs libffi and its info and man pages which
was always meant to remain for internal use only.
Feature safe: yes
- Cleanup Makefile header
- Update WWW and reformat pkg-descr
Changes:
- On newer Linux systems, we use libkmod to look up kernel modules
(modules.pcimap no longer exists.) To facilitate this, libpci is able to look
up module aliases in sysfs.
- Various minor bug fixes.
- Updated pci.ids to the today's snapshot of the database.
Feature safe: yes
- reflect new MASTER_SITE and WWW
Version 0.7
Fixed issue #13 - issue with handling POST data
Fixed issue #10 - curl_unescape deprecated / libcurl doesn't unescape '+' as a space
Fixed "configure: error: conditional "DEBUG" was never defined." message when running autogen.sh.
Single OP mode
Set HttpOnly on session-scoped cookies too
Can now validate AX attrs by regex
Added AuthOpenIDSecureCookie directive to limit session cookie retrieval to HTTPS connections
Implemented AuthOpenIDAXUsername and AuthOpenIDSecureCookie
Described functionality of AuthOpenIDSingleIdP, AuthOpenIDAXRequire, AuthOpenIDAXUsername, AuthOpenIDSecureCookie
Fixed security vulnerability - sqlite DB should not be world readable
New bugtracker URL:
http://github.com/bmuller/mod_auth_openid/issues
Feature safe: yes
PR: ports/177444
Submitted by: Ander <ander@angels.org.ua>
Approved by: Sutra Zhou <zhoushuqun@gmail.com> (maintainer)
Changes:
Version 0.22
- Directive SetStatusPlus verifies if configured status code is
allowed (known by Apache).
- Modifed cookie processing/parser.
Version 0.21
- New directive CookieEncPlus (supports "simple" cookie formats only).
Version 0.20
- New directive SetStatusPlus.
- ResponseHeaderPlus set/add may modify the Content-Type header too.
Feature safe: yes
PR: 177440
Submitted by: ohauer
Approved by: Jim Riggs <ports@christianserving.org> (maintainer)
2.0.8 April 17, 2013
Perl 5.16.3's fix for a rehash-based DoS makes it more difficult to invoke
the workaround for the old hash collision attack, which breaks mod_perl's
t/perl/hash_attack.t. Patch from rt.cpan.org #83916 improves the fix
previously applied as revision 1455340. [Zefram]
On Perl 5.17.6 and above, hash seeding has changed, and HvREHASH has
disappeared. Patch to update mod_perl accordingly from rt.cpan.org #83921.
[Zefram]
Restore build with Perl 5.8.1, 5.8.2 etc: take care to use
$Config{useithreads} rather than $Config{usethreads}, and supply definitions
of Newx and Newxz as necessary. [Steve Hay]
On Perl 5.17.9, t/apache/read2.t fails because an "uninitialized value"
warning is generated for the buffer being autovivified. This is because
the sv_setpvn() that's meant to vivify the buffer doesn't perform set
magic; the warning is generated by the immediately following SvPV_force().
Patch to fix this from rt.cpan.org #83922. [Zefram]
Fix t/perl/hash_attack.t to work with Perl 5.14.4, 5.16.3 etc, which
contain a fix for CVE-2013-1667 (memory exhaustion with arbitrary hash
keys). This resolves rt.perl.org #116863, from where the patch was taken.
[Hugo van der Sanden]
use APR::Finfo instead of Perl's stat() in ModPerl::RegistryCooker to
generate HTTP code 404 even if the requested filename contains newlines
[Torsten]
Remove all uses of deprecated core perl symbols. [Steve Hay]
Feature safe: yes
with hat apache@
We can't use USES=cmake here - main project builds with gmake.
PR: ports/177285
Submitted by: r4721@tormail.org
Approved by: maintainer timeout
Feature safe: yes
