Next | Query returned 100 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:

   2019-09-08 22:45:31 by Leonardo Taccari | Files touched by this commit (2) | Package updated
Log message:
links{,-gui}: Update to 2.20.1

- Fixed an error "ERROR: event_base_loop failed: Bad file descriptor"
  if the user quits the master instance on OpenBSD.
  OpenBSD uses an old libevent-1.4.15 and it doesn't handle calling
  event_reinit from event handler.
  libevent-2.1.11 also doesn't allow calling event_reinit from event
  handler, so it is fixed as well.
   2019-09-01 13:07:51 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
links{,-gui}: Update to 2.20

 - Security bug fixed: when links was connected to tor, it would send real
   dns requests outside the tor network when the displayed page contains
   <link rel="dns-prefetch" href="http://host.domain/">.
   This bug is present in links-2.15 to links-2.19.
   Found by Shi Tian.
 - Fix a crash if:
    * External fonts are used
    * Rendering is optimized for LCD
    * The document contains some characters with zero width
 - Accept file urls in the form file://localhost/usr/bin/ or
   file://hostname/usr/bin/ according to RFC 8089
 - Report errors using dialog boxes on OS/2 and Windows because
   the standard output may not be visible
 - Fix an error "ERROR: select for write (5) failed: Bad file descriptor"
   that could happen if the master process was doing dns lookup while being
 - Fixed a memory leak of the SSL structure
 - Try to open the file "/dev/input/mice" and use it instead of gpm.
   (the user must be in the "input" group)
   This results in smooth mouse movement on the framebuffer.
 - Report "Lynx/Links" user agent when searching on Google so that
   Google returns non-css page
 - Support the zstd compression algorithm
 - Haiku support
 - Fix mouse dragging not being reported in xterm
 - Use proper cookie expiry
   2019-04-07 21:49:13 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
links{,-gui}: Update to 2.19

pkgsrc changes:
 - Add fontconfig and freetype2 dependencies to links-gui in order to adjust
   per-upstream defaults

 - Disable high-DPI scaling on Windows
 - Links makes it possible to specify scaling of text and images in the
   dialog windows, so this should preferably be used instead of
   system-level scaling
 - Fixed a crash on invalid IDN URL, such as http://test,ï.com/
   (found by
 - Make it possible to select other fonts, using fontconfig and freetype
 - Show certificate authority in the "Document info" box
 - Use international error messages
 - The -dump switch didn't report an error if write to stdout failed
   2019-01-20 21:10:11 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
links{,-gui}: Update to 2.18

=== RELEASE 2.18 ===
- Compile links with graphics support on OpenVMS
- Automatically enable tor mode when the socks port is 9050
- When we are in tor mode, invert the colors on the top line and bottom
  line, so that the user can immediatelly see it
- Fix an incorrect shift in write_ev_queue that could cause spurious error
  if the socket for interprocess communication fills up.
  This bug was introduced in Links 2.15.
- Fix 'runtime error: member access within null pointer' sanitizer warning
- Add a menu entry to save and load a clipboard
- Don't synchronize with the Xserver on every pixmap load
  It improves performance on remote connections
- Fix a bug that in the "Network options" dialog box, the value in the
  field "Timeout when trying multiple addresses" incorrectly set the value
  "Timeout when unrestartable".
- Fix a possible integer overflow in decoder_memory_expand
- Work around a bug on OpenVMS where allocations larger than 0x77fffff0
  are treated as if they had 16 bytes
- Fix possible pointer arithmetics bugs if the operating system allocated
  memory few bytes below the limit 0xffffffff or 0xffffffffffffffff
- Add a button to never accept invalid certificate for a given server
- Fix incorrect strings -html-t-text-color, -html-t-link-color,
  -html-t-background-color, -html-t-ignore-document-color in the manual
  page and help (reported by Oliver Schode <>)
- Windows 7 has a bug (or feature) that corrupts the screen when using the
  unaccelerated video driver - when a thread draws into window's device context
  and the user simultaneously drags the window, the device context coordinates
  may not be updated. Subsequent draws are done with incorrect coordinates.
  In order to work around this bug, we detect that a drawing operation
  possibly raced with window moving. If it did, we allocate a new DC (the
  old one is corrupted) and start a timer that asks the main thread to
  redraw the whole window using the new DC.
- Add ascii replacement of Romanian S and T with comma
  Fix replacement of c with cedilla and a/i with grave accent a/o/u with
- Use static linking in the released binaries on OS/2 because the DLL
  names may clash with other programs
- On OS/2, use AF_OS2 for interprocess communication because the loopback
  network device may not be properly configured.
  Fall back to only if AF_OS2 in not installed.
- Fixed a bug when IPv6 control connection to a ftp server fails and IPv4
  control connection succeeds, links would incorrectly try to make the
  data connection using IPv6 (this bug was introduced in Links 2.15).
   2018-10-02 13:29:15 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
www/links[-gui]: update to version 2.17.


Fri Sep  7 00:04:41 CEST 2018 mikulas:

	Fix verifying SSL certificates for numeric IPv6 addresses

Thu Sep  6 22:07:03 CEST 2018 mikulas:

	Delete the option - it doesn't always work and ftp performance
	is not an issue anymore

	Passive ftp enabled by default because it will more likely work than
	the port command

Wed Sep  5 22:39:11 CEST 2018 mikulas:

	Add bold and monospaced Turkish letter 'i' without a dot

Wed Sep  5 01:28:31 cet 2018 mikulas:

	On OS/2 allocate OpenSSL memory from the lower heap
	It fixes SSL on systems with old 16-bit TCP/IP stack

Fri Aug 31 18:06:26 CEST 2018 mikulas:

	Fix IPv6 on OpenVMS Alpha

Thu Jul 26 07:34:24 CEST 2018 mikulas:

	Support mouse scroll wheel in textarea

Thu Jul 26 05:24:17 CEST 2018 mikulas:

	Delete the option -http-bugs.bug-302-redirect - RFC7231 allows the
	"buggy" behavior and defines new codes 307 and 308 that retain the
	post data

Wed Jul 18 21:00:23 CEST 2018 mikulas:

	X11 - fixed colormap leak when creating a new window

Mon Jul 16 02:33:26 CEST 2018 mikulas:

	Fixed an infinite loop that happened in graphics mode if the user
	clicked on OK in "Miscellaneous options" dialog and more than one
	windows were open.
	This bug was introduced in Links 2.15.

Sun Jul 15 21:36:04 CEST 2018 mikulas:

	Support 6x6x6 RGB palette in 256-bit color mode on framebuffer
	The palette may be switched in the "video options" menu
	The 8x8x4 palette has better image quality
	The 6x6x6 palette preserves gray

Sat Jul 14 04:49:45 cet 2018 mikulas:

	Implement dithering properly on OS/2 in 15-bit and 16-bit color mode

	In 8-bit mode, Links may optionally use a private palette - it
	improves visual quality of Links images, but degrades visual
	quality of other concurrently running programs.

Thu Jul 12 23:06:48 CEST 2018 mikulas:

	Improve scrolling smoothness when the user drags the whole document

Thu Jul 12 06:48:00 cet 2018 mikulas:

	On OS/2, allocate large memory blocks directly (not with malloc)
	- it reduces memory waste

Thu Jul 12 00:56:57 cet 2018 mikulas:

	Fixed a bug that setting terminal title and resizing a terminal didn't
	work on OS/2 and Windows. The bug was introduced in Links 2.16 when
	shutting up coverity warnings.

Sun Jun 17 15:31:28 CEST 2018 mikulas:

	Set link color to yellow by default

Sun Jun 17 14:04:07 CEST 2018 mikulas:

	Delete the option -http-bugs.bug-post-no-keepalive
	It was needed in 1999 to avoid some bug in some http server and it is
	not needed anymore

Tue Jun  5 20:24:42 CEST 2018 mikulas:

	Trust Content-Length on HTTP/1.0 redirect requests

	This fixes hangs with misbehaving servers that honor Connection:
	keep-alive but send out HTTP/1.0 reply without Connection: keep-alive.
	Links thought that they don't support keep-alive and waited for the
	connection to close (for example

Tue May 22 00:51:35 CEST 2018 mikulas:

	Use keys 'H' and 'L' to select the top and bottom link on the current
   2018-05-21 22:44:56 by Leonardo Taccari | Files touched by this commit (2) | Package updated
Log message:
links: Update www/links to 2.16.

Patch provided by nia, thanks!


Sun Apr 29 17:12:24 CEST 2018 mikulas:

        Improve handling of the DELETE key
        Delete is used for both deleting and scrolling
        If the last keypress was captured in a form field, DELETE deletes
        If the last keypress was not captured DELETE scrolls

Sat Apr 28 21:49:08 CEST 2018 mikulas:

        Implement the bracketed paste mode - a text can be pasted only to input
        fields, the pasted text won't be misinterpreted as key commands

Sun Apr 22 17:28:05 CEST 2018 mikulas:

        Fix bugs found by coverity:
        * bad arguments to sizeof
        * missing int->unsigned long long conversions in image scaling
        * unchecked return of the close function
        * a possible NULL pointer dereference in directfb.c
        * a memory leak on invalid double number
        * missing va_end
        * non-working "No keepalive connection after POST request" option
        and some other discrepancies which didn't result in any violation

Sat Apr 21 23:13:49 CEST 2018 mikulas:

        Fix a crash in proxy authentication code (introduced in 2.15)

Thu Mar 29 20:06:50 CEST 2018 mikulas:

        Fixed internal error "invalid set_handlers call" on framebuffer
        if we suspend and terminate at the same time

Thu Mar 29 19:08:29 cet 2018 mikulas:

        When compiled without SVG, rewrite wikipedia svg math urls with png urls
   2018-04-30 08:40:11 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
links: update to 2.15.

=== RELEASE 2.15 ===

Thu Jan 18 19:12:02 CET 2018 mikulas:

	Rewrite google docs URLs to the download link, so that the file can be
	viewed in external viewer

Mon Nov 20 01:09:20 CET 2017 mikulas:

	Add the list of domains for which proxy is not used

Sun Nov 19 00:57:26 CET 2017 mikulas:

	Temporarily replace the stderr handle with /dev/null when decoding
	png or svg images because the libraries may write to stderr

Sat Nov 11 21:31:45 CET 2017 mikulas:

	Fix improper restarts of connection when http compression is used

Thu Oct 12 21:07:06 CEST 2017 mikulas:

	Free cache when using the -source flag, so that memory consumption is
	not dependent on downloaded file size

Thu Oct 12 20:39:00 CEST 2017 mikulas:

	Do not download compressed files. When the server returns compressed
	file and we are downloading, restart the connection without compression.

Tue Oct 10 19:38:04 CEST 2017 mikulas:

	Allow browsing files containing characters < 32 in the filename

Sun Oct  8 22:28:56 CEST 2017 mikulas:

	Limit the number of OpenMP threads to 8

Sun Oct  8 21:47:12 CEST 2017 mikulas:

	Fix premature call to OPENSSL_cleanup while some SSL objects could
	still exist

Sat Sep 30 12:44:39 CEST 2017 mikulas:

	Enable -ftree-vectorize and -ffast-math for GCC, so that it uses
	vector instructions. It improves performance of image scaler.

Mon Sep  4 04:46:20 CEST 2017 mikulas:

	Support international domain names

Mon Aug 28 04:24:09 CEST 2017 mikulas:

	Fix reordering of blocked URLs each time options were saved and loaded

Wed Aug  2 19:35:00 CEST 2017 mikulas:

	Fix reading one byte beyond allocated space in case of corrupted
	UTF-8 data - CVE-2017-11114

Tue Jul 18 22:10:00 CEST 2017 mikulas:

	Support the brotli compression algorithm using libbrotli:

Sun Jul 16 15:19:17 CEST 2017 mikulas:

	Support lzip compression

Sun Jul  2 21:31:32 CEST 2017 mikulas:

	Add a new main menu item 'Windows' for switching windows on framebuffer

Thu Jun 22 19:50:01 CEST 2017 mikulas:

	Fix an internal error if the gpm server is terminated while links is
	running on a framebuffer

Wed Jun 21 01:22:27 CEST 2017 mikulas:

	Use fsync() when writing the bookmarks or settings

Sat Jun  3 01:25:07 CEST 2017 mikulas:

	Clear host entry in DNS cache when connection failed

Mon May 29 02:20:08 CEST 2017 mikulas:

	Use built-in SSL certificates
	This improves tor hardening (the tor exit node could not differentiate
	links users from each other based on installed certificates)
	It also makes it possible to use certificate verification on systems
	with no default certificate store

Sat May 27 21:17:28 CEST 2017 mikulas:

	Encode strings to UTF-8 when storing them in a history, it fixes a bug
	when browsing the history if Links is run on multiple terminals with
	different character sets

Wed Mar 29 20:48:43 CEST 2017 mikulas:

	Use absolute time when calculating the time to flush DNS cache, HTTPS
	session cache and keepalive connection cache, so that the cache gets
	flushed when the machine is kept suspended for a long time.

Sat Mar 18 22:17:36 CET 2017 mikulas:

	Report IP addresses in the "Document info" box.

Fri Mar 10 21:05:08 CET 2017 mikulas:

	Implement a small connection timeout when connecting to a host with
	multiple addresses, so that there is faster fallback from IPv6 to IPv4.

Tue Mar  7 20:30:01 CET 2017 mikulas:

	Replace OpenSSL malloc functions with CRYPTO_set_mem_functions, so that
	when malloc returns NULL, we can free some cached data and retry

Sat Feb 25 15:59:57 CET 2017 mikulas:

	Avoid reallocating the line array over and over with the same size.
	Most realloc implementations fall back to no operation if a memory chunk
	is reallocated to the same size, however, the address sanitizer always
	copies the array - this resulted in quadratic complexity and performance
	degradation on big files.

Fri Feb 24 20:42:48 CET 2017 mikulas:

	Refactor list processing code so that it conforms to C89 aliasing rules
	Also, avoid warning when using ubsan on x32 architecture

Sun Feb 19 23:21:29 CET 2017 mikulas:

	Terminate keepalive connection when changing the IPv6 address preference

Sun Feb 19 22:41:08 CET 2017 mikulas:

	Links contained a code that tests for ".onion" address suffix and
	rejects DNS lookups for it. The code was buggy, it was never activated
	and it accessed invalid memory.

Sat Jan 28 20:45:34 CET 2017 mikulas:

	Avoid memcpy with NULL source argument and zero length (it doesn't
	crash, but it's formally incorrect and the sanitizer warns about it)

Wed Jan 18 22:52:09 CET 2017 mikulas:

	Make the "dns-prefetch" link prefetch just dns, not the whole document

Wed Jan 18 21:16:27 CET 2017 mikulas:

	Fix compilation failure on OpenBSD because OpenBSD removed
	the timeout_* macros from libevent

Tue Jan 17 21:31:38 CET 2017 mikulas:

	Use OpenSSL functions X509_check_host and X509_check_ip if available

Mon Dec 26 16:49:38 CET 2016 mikulas:

	Report status when formatting document or searching

Wed Dec 14 04:55:32 CET 2016 mikulas:

	Use session cache on https
   2016-11-28 16:40:51 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
links*: update to 2.14.0.

Remove manual CONFLICTS, pkg_add does this automatically.

=== RELEASE 2.14 ===

Thu Nov  3 19:45:34 CET 2016 mikulas:

	Enable DECC$EFS_CHARSET on OpenVMS, so that we can browser files and
	directories with extended names

Wed Nov  2 20:35:31 CET 2016 mikulas:

	Limit keepalive of ciphers with 64-bit block size to mitigate
	the SWEET32 attack

Wed Nov  2 19:14:33 CET 2016 mikulas:

	Disable SSL compression to avoid the CRIME attack

Fri Oct 28 22:52:49 CEST 2016 mikulas:

	On Windows, add an entry to programs in control panel, that allows
	uninstalling Links

Fri Oct 28 21:25:28 CEST 2016 mikulas:

	Report home directory in the "Version" window

Sat Oct 22 13:17:04 CEST 2016 mikulas:

	On Windows, preload font data in a background thread, to minimize a
	stall when viewing SVG image for the first time.

Sat Oct  8 17:14:59 CEST 2016 mikulas:

	Improved tor hardening - when the user toggles the "Only Proxies" option
	(i.e. when connecting to tor), we reset certain other options to their
	default values, so that it is not possible to identify user behind tor
	based on the selected options.

Thu Oct  6 14:39:26 CEST 2016 mikulas:

	Use keys 'P' and 'L' to scroll up and down

Thu Sep 29 23:40:34 CEST 2016 Juhani Haverinen <>:

	Fix a memory leak when copying the current url to clipboard
	(the bug was introduced in Links 2.13)

Sat Sep  3 20:02:26 CEST 2016 mikulas:

	Fix crash when the user pressed Ctrl-G on a form field
	(the bug was introduced in Links 2.13)

Fri Aug 19 22:35:54 CEST 2016 mikulas:

	Workaround for a bug in librsvg that makes mathematics on Wikipedia

Fri Aug 19 19:05:55 CEST 2016 mikulas:

	Support fourth and fifth mouse button in gpm and framebuffer

Thu Aug 18 19:34:47 CEST 2016 mikulas:

	Fixed bugs when downgrading SSL connection while https proxy or socks
	proxy is used

Tue Aug 16 18:53:53 CEST 2016 mikulas:

	Security bug fixed: Don't load or render the content of
	"407 Proxy Authentication Required" reply when using https proxy.
	This avoids the FalseCONNECT attack.

	Also, don't allow 401 and 407 responses to set cookies.

Wed Jul 27 21:38:37 CEST 2016 mikulas:

	Pop openssl error stack on every error - make sure that SSL errors on
	one connection do not affect other connections

Sun Jul 17 21:10:12 CEST 2016 mikulas:

	Use libc tree functions from <search.h> for searching the cache

Thu Jul  7 19:39:15 CEST 2016 mikulas:

	Set the GD_NOAUTO flag for the directfb driver, so that this driver is
	never selected automatically. The directfb subsystem is buggy, it can
	corrupt graphics or even cause system crash, so select this driver only
	if the user explicitly requests it with '-driver directfb'
   2016-07-03 12:58:03 by Leonardo Taccari | Files touched by this commit (5) | Package updated
Log message:
Update www/links{,-gui} to 2.13

=== RELEASE 2.13 ===
Sat Jun 18 14:15:55 CEST 2016 mikulas:
 Page up and page down scroll slightly less than a page

Fri Jun 17 23:57:23 CEST 2016 mikulas:
 Use domain list from to prevent setting cookies on
 public domains.
 Also fix a bug that existed in previous links versions: could register cookie for or

Sat Jun 11 17:59:17 CEST 2016 mikulas:
 Fixed non-working mouse wheel on Syllable
 Workaround for getaddrinfo bug on Syllable

Sat Jun 11 15:16:41 CEST 2016 mikulas:
 Support horizontal scroll wheel on Windows

Tue Jun  7 19:10:11 CEST 2016 mikulas:
 Fixed a bug in the X driver that characters with unicode codes 128-255
 could not be entered with some locales

Thu Jun  2 19:19:56 CEST 2016 mikulas:
 Security bug fixed: Use separate unix domain socket for anonymous
 instances, so that the anonymous instance won't connect to non-anonymous

Sun May  8 21:20:38 CEST 2016 mikulas:
 <samp> element

Sun May  8 20:33:37 CEST 2016 mikulas:
 In case of certification verification failure, don't pop up multiple
 dialog windows asking for the same server

Sun Mar 13 19:10:27 CET 2016 mikulas:
 Do not lookup .onion addresses directly, as specified by rfc7686

Wed Jan 13 01:16:49 CET 2016 Jakub Bogusz <>:
 Updated Polish Translation

Wed Oct 21 19:25:09 CEST 2015 mikulas:
 Security enhancement: Warn if the SSL/TLS method was downgraded
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.

Next | Query returned 100 messages, browsing 1 to 10 | Previous