CVS commit: pkgsrc/www/py-moin

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/py-moin
From: "Guillaume Lasmayous" <gls%netbsd.org@localhost>
Date: Thu, 3 Jan 2013 18:54:39 +0000

Module Name:    pkgsrc
Committed By:   gls
Date:           Thu Jan  3 18:54:39 UTC 2013

Modified Files:
        pkgsrc/www/py-moin: Makefile PLIST distinfo

Log Message:
Pkgsrc changes:
---------------

- /usr/bin/env police

Upstream Changes:
-----------------

Version 1.9.6:

  SECURITY HINT: make sure you have allow_xslt = False (or just do not use
  allow_xslt at all in your wiki configs, False is the internal default).
  Allowing XSLT/4suite is very dangerous, see HelpOnConfiguration wiki page.

  HINT: Python >= 2.5 is maybe required! See docs/REQUIREMENTS for details.

  Fixes:
  * fix remote code execution vulnerability in twikidraw/anywikidraw action
  * fix path traversal vulnerability in AttachFile action
  * fix XSS issue, escape page name in rss link
  * escape user- or admin-defined css url
  * make taintfilename more secure
  * use a constant time str comparison function to prevent timing attacks
  * Attachment handler: catch all Zip-related errors

Version 1.9.5:

  Fixes:
   * Security fix: fix virtual group bug in ACL evaluation.
   * Avoid crash if #refresh processing instruction is used without arguments.
   * Fix issue with non-ASCII textchas.
   * Xapian indexing: remove copy.copy() that crashed on Windows/IIS/isapi-wsgi
     after page save.
   * Fix dictionary file reading crash under Windows.
   * Work around crash of AdvancedSearch macro rendering caused by non-ascii
     mimetypes.types_map entries.
   * Added migration script for moin 1.8.9.
   * rss_rc: Fix diffs added in RSS with diffs=1 (now they correspond to item
     listed in feed and not just last page diffs). Links generated with ddiffs=1
     also fixed.
   * rss_rc: fix double escaping issue.
   * rss_rc: respect show_names configuration option.
   * rss_rc: proper support of rename, revert, page creation.
   * modern/modernized theme: fix padding/width for editor preview
   * group/pagelinks formatters: avoid to create unnecessary output, redirect
     output of send_page call with the groups formatter, it must not be written
     to the output stream
   * rst parser: fix include and macro directives
   * wikisync: fix unicode pagename sending for python 2.7 httplib

  New features:
   * add a comment_required config option (default: False) to require a
     non-empty comment when saving a page
   * when a save error happens, show the editor again and highlight the error
   * rss_rc: several new options added: lines parameter gives ability to set
     maximum size of diffs showed in RSS. show_att parameter gives ability
     to show information aboout attachment-related items in RSS. page parameter
     gives ability to specify set of pages for which changes RSS feed should be
     generated. Configuration of defaults and limits can now be done via wiki
     configuration mechanism.
   * As soon as it is now possible to provide RSS for page change history,
     appropriate alternate link is now added for every page (controlled by
     rss_show_page_history_link configuration parameter).
   * Search: "no_highlight:" search query option provided for suppressing
     highlighting search results.
   * Search macros: new options for FullSearch, FullSearchCached and PageList
     available:
     * highlight_titles option controls highlighting of matches in search
       results provided by these macros. Default value is set in
       search_macro_highlight_titles configuration option)
     * highlight_pages option controls adding of highlight URL parameter to
       page links (so search term is highlighted when user goes to one of
       these pages via provided link) in search results. Default value is set
       in search_macro_highlight_pages configuration option.
     Usage of these options is disabled (via search_macro_parse_args
     configuration option) by default due to behavioural changes introduced
     in macro parameter parsing mechanism to support them. Related to
     http://moinmo.in/FeatureRequests/FullSearchResultsWithoutHighlight .

  Other changes:
   * Remove 4suite dependency for docbook formatter, use minidom (included in
     Python).
   * Upgraded FCKeditor to 2.6.8.


To generate a diff of this commit:
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/py-moin/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/py-moin/PLIST
cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/py-moin/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index