Log message:
Update contao211 to 2.11.6 (Contao 2.11.6).

Version 2.11.6 (2012-09-26)
---------------------------

### Fixed
Correctly handle root pages in `Controller::getPageDetails()` (see #4610).

### Fixed
Consider the page language when forwarding (see #4841).

### Fixed
URL encode the enclosure URLs in RSS/Atom feeds (see #4839).

### Fixed
Also create empty templates folders if a theme is imported (see #4793).

### Fixed
Decode Punycode domains when used via insert tag (see #4753).

### Fixed
Correctly handle open tags in `String::substrHtml()` (see #4773).

### Fixed
Correctly handle units when importing style sheets (see #4721).

### Fixed
The mediabox plugin did not play Vimeo videos (see #4770).

### Fixed
Correctly align stylect menus in the form generator in the back end (see #4557).

### Fixed
Add a link if a news item or event points to an internal page (see #4671).

### Fixed
Wrap the MooTools fallback into CDATA tags on XHTML pages (see #4680).

### Fixed
Do not add a default value to textareas (see #4722).

### Fixed
Do not override the comments array in case login is required to comment,
otherwise no commets will be shown (see #4064).

Log message:
Rename "README" to "README.md" in MESSAGE since there is no \ 
README file.

Bump PKGREVISION.

Log message:
Update contao211 package to 2.11.5.

It also fixes a little security problem of permission check about undo
processing.

Quote from release announce: http://www.contao.org/en/news/contao-2_11_5.html

	The bugfix release fixes a couple of issues, including the SOAP
	compression problem in PHP 5.4, the IDNA URL converting issue and
	the TinyMCE relative URLs problem.

Log message:
Update contao211 package to 2.11.4 (Contao 2.11.4).

Fixes a critical privilege escalation:
	http://www.contao.org/en/news/contao-2_11_4.html

Version 2.11.4 (2012-06-12)

* Fixed

  Fixed a critical privilege escalation vulnerability which allowed
  regular users to make themselves administrators (see #4427).

* Fixed

  Support insert tags as external redirect target (see #4373).

* Updated

  Updated the CSS3PIE plugin to version 1.0.0 (see #4378).

* Fixed

  Re-applied the "autofocus the first field" patch (see #4297).

* Fixed

  The pagination menu fix was missing in the listing, search and RSS reader
  modules (see #4292).

* Fixed

  Added the "required" attribute to the captcha input field (see #4247).

* Fixed

  Correctly tell Google Analytics to anonymize the visitor's IP (see
  #4290). Heads up: Adjust your moo_analytics templates accordingly!

* Fixed

  Correctly align stylect menus in Safari and Opera (see #4284).

Log message:
Update contao211 to 2.11.3 (Contao 2.11.3).

pkgsrc change: install .htaccess as configuration file with .htaccess.default
as an example.

* Fix permission checking problem of Task center.
* Provide improved .htaccess.default.
* Several bug fixes and improvements.

Log message:
Add unofficial fix for CVE-2012-1297 by checking Referer as days of Contao 2.9.

Bump PKGREVISION.

Log message:
Update contao211 pacakge to 2.11.2.

Security release.

Version 2.11.2 (2012-03-14)
---------------------------

### Fixed
Fixed an issue with the CSS3PIE url being incorrectly rewritten (see #4074).

### Fixed
Fixed a security vulnerability in the file manager which allowed back end users
to download files from the `tl_files` directory even if they were not mounted in
their profile (thanks to Marko Cupic).

### Fixed
Fixed a potential XSS vulnerability in the undo module (thanks to Oliver Klee).
The issue is not considered critical, because it requires the script tag to be
in the list of allowed HTML tags, which is not the case by default.

### Fixed
The IDNA convert class did not run under PHP 5.2 (see #4044).

Log message:
Contao 2.11.1's distfile has been updated without changing the file name.
Nothing would not change with binary package, no PKGREVISION change again.

Log message:
Make sure to update distinfo.

Log message:
Add a patch to fix problem on PHP 5.2
Since this package itself broken, no PKGREVISION bump now.