source-changes: CVS commit: pkgsrc

Subject: CVS commit: pkgsrc
To: None <source-changes@netbsd.org>
From: Hubert Feyrer <hubertf@netbsd.org>
List: source-changes
Date: 02/29/2000 15:31:34
Module Name:	pkgsrc
Committed By:	hubertf
Date:		Tue Feb 29 23:31:34 UTC 2000

Modified Files:
	pkgsrc/www/htdig: Makefile
	pkgsrc/www/htdig/files: md5
	pkgsrc/www/htdig/pkg: MESSAGE PLIST

Log Message:
Update to V3.1.5 because of security problems in 3.1.4.

Changes:
   * Fixed a nasty security hole in htsearch, which would allow users to
     view any file on your site that had read permission.
   * Fixed a bug that could cause problems with 8-bit characters on some
     systems.
   * Made some attempts to get htsearch's output to be more HTML 4.0
     compliant. It quotes all HTML tag parameters, and uses ";" instead of
     "&" as parameter separator in URLs for next pages. Reserved characters
     in parameters are now encoded.
   * Fixed handling of SGML entities: htdig will still decode them to store
     as single characters in the database, but htsearch now encodes some of
     them back for compliant results.
   * Added two new formats for variables in htsearch templates, $%(var),
     which escapes the variable for a URL, and $&(var), which HTML-escapes
     the variable as necessary.
   * Fixed htdig's handling of robots.txt, such that only the first
     applicable User-agent field bearing its name will be used, rather than
     only the last.
   * Fixed htdig's handling of servers that return 2-digit years.
   * Fixed handling of embedded quotes in quoted string lists.
   * Fixed handling of relative URLs with trailing ".." or leading "//".
   * Fixed handling of the valid_extensions attribute, which sometimes
     failed in the previous version.
   * Enhanced the handling of local filesystem indexing with the local_urls,
     local_user_urls or local_default_doc attributes, which now allow
     multiple directory or file names to be tried.
   * Added the build_select_lists attribute to allow the config file to
     specify <select> form elements in htsearch output as a template
     variable, much like $(SORT) and $(METHOD).
   * Added support for two additional configuration attributes:
     max_keywords, and nph.
   * A variety of other bug fixes, and many documentation updates. See the
     ChangeLog for details.


To generate a diff of this commit:
cvs rdiff -r1.5 -r1.6 pkgsrc/www/htdig/Makefile
cvs rdiff -r1.3 -r1.4 pkgsrc/www/htdig/files/md5
cvs rdiff -r1.1 -r1.2 pkgsrc/www/htdig/pkg/MESSAGE
cvs rdiff -r1.3 -r1.4 pkgsrc/www/htdig/pkg/PLIST

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.