./textproc/lua-expat, XML parser for LUA based on expat

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2011Q1, Version: 1.2.0, Package name: lua-expat-1.2.0, Maintainer: pkgsrc-users

LuaExpat is a XML parser based on the Expat XML parser.
It allows Lua programs to:

- Process a XML document incrementally, thus being able to handle
huge documents without memory penalties;

- Register handler functions which are called by the parser during
the processing of the document, handling the document elements or text.


Required to run:
[lang/lua]

Required to build:
[pkgtools/x11-links] [devel/gmake]

Master sites:

SHA1: 76f036e6fb928a3e5f3c3ba1b854e5fef8e1b28f
RMD160: e92fb3447b3cd17bdd03ebfdaf000a1f001c59f2
Filesize: 27.95 KB

Version history: (Expand)


CVS history: (Expand)


   2011-06-06 21:49:00 by Matthias Scheler | Files touched by this commit (9) | Package updated
Log message:
Pullup ticket #3448 - requested by schnoebe
textproc/lua-expat: security update
chat/prosody: security update

Revisions pulled up:
- chat/prosody/Makefile                                         1.3 via patch
- chat/prosody/PLIST                                            1.2
- chat/prosody/distinfo                                         1.2
- chat/prosody/patches/patch-aa                                 1.2
- chat/prosody/patches/patch-ab                                 1.2
- chat/prosody/patches/patch-ac                                 deleted
- chat/prosody/patches/patch-ad                                 1.2
- textproc/lua-expat/Makefile                                   1.16
- textproc/lua-expat/distinfo                                   1.5

---
   Module Name:	pkgsrc
   Committed By:	schnoebe
   Date:		Sat Jun  4 23:13:40 UTC 2011

   Modified Files:
   	pkgsrc/textproc/lua-expat: Makefile distinfo

   Log message:
   Update textproc/lua-expat to 1.2.0.

   Required for updating chat/prosody to 0.8.1, which helps handle the
   "billion laughs" exploits on XML parsers and XMPP servers.

   Change log as recorded in the README:

   Version 1.2.0 [02/Jun/2011]

           * support for the StartDoctypeDecl handler
   	* add parser:stop() to abort parsing inside a callback

---
   Module Name:	pkgsrc
   Committed By:	schnoebe
   Date:		Mon Jun  6 14:41:48 UTC 2011

   Modified Files:
   	pkgsrc/chat/prosody: Makefile PLIST distinfo
   	pkgsrc/chat/prosody/patches: patch-aa patch-ab patch-ad
   Removed Files:
   	pkgsrc/chat/prosody/patches: patch-ac

   Log message:
   Update to prosody 0.8.1.

   A security and bug fix release.  The security aspect is to mitigate the
   "billion laughs" denial-of-service attack against XML parsers and XMPP
   servers.

   Other changes:

   - Reject XML DTDs, comments and processing instructions, preventing
     the "billion laughs" attack
   - Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating
     large data (such as large avatars)
     Prosody automatically upgrades the table in-place if possible, see:
     http://prosody.im/doc/mysql
   - Fix for endless loop when parsing certain invalid JSON
   - Fix PostgreSQL compatibility in prosody-migrator
   - Fix timestamp parsing for DST (affecting MUC scrollback retrieval)
   - mod_legacyauth now correctly disabled for unencrypted connections by default
   - Components properly inherit SSL settings and certificates from their
     'parent' hosts
   - Prevent startup with no VirtualHost entries in the config file