Path to this page:
./
textproc/lua-expat,
XML parser for LUA based on expat
Branch: pkgsrc-2011Q1,
Version: 1.2.0,
Package name: lua-expat-1.2.0,
Maintainer: pkgsrc-usersLuaExpat is a XML parser based on the Expat XML parser.
It allows Lua programs to:
- Process a XML document incrementally, thus being able to handle
huge documents without memory penalties;
- Register handler functions which are called by the parser during
the processing of the document, handling the document elements or text.
Required to run:[
lang/lua]
Required to build:[
pkgtools/x11-links] [
devel/gmake]
Master sites:
SHA1: 76f036e6fb928a3e5f3c3ba1b854e5fef8e1b28f
RMD160: e92fb3447b3cd17bdd03ebfdaf000a1f001c59f2
Filesize: 27.95 KB
Version history: (Expand)
- (2011-06-07) Updated to version: lua-expat-1.2.0
- (2011-04-04) Package added to pkgsrc.se, version lua-expat-1.1.0 (created)
CVS history: (Expand)
2011-06-06 21:49:00 by Matthias Scheler | Files touched by this commit (9) | |
Log message:
Pullup ticket #3448 - requested by schnoebe
textproc/lua-expat: security update
chat/prosody: security update
Revisions pulled up:
- chat/prosody/Makefile 1.3 via patch
- chat/prosody/PLIST 1.2
- chat/prosody/distinfo 1.2
- chat/prosody/patches/patch-aa 1.2
- chat/prosody/patches/patch-ab 1.2
- chat/prosody/patches/patch-ac deleted
- chat/prosody/patches/patch-ad 1.2
- textproc/lua-expat/Makefile 1.16
- textproc/lua-expat/distinfo 1.5
---
Module Name: pkgsrc
Committed By: schnoebe
Date: Sat Jun 4 23:13:40 UTC 2011
Modified Files:
pkgsrc/textproc/lua-expat: Makefile distinfo
Log message:
Update textproc/lua-expat to 1.2.0.
Required for updating chat/prosody to 0.8.1, which helps handle the
"billion laughs" exploits on XML parsers and XMPP servers.
Change log as recorded in the README:
Version 1.2.0 [02/Jun/2011]
* support for the StartDoctypeDecl handler
* add parser:stop() to abort parsing inside a callback
---
Module Name: pkgsrc
Committed By: schnoebe
Date: Mon Jun 6 14:41:48 UTC 2011
Modified Files:
pkgsrc/chat/prosody: Makefile PLIST distinfo
pkgsrc/chat/prosody/patches: patch-aa patch-ab patch-ad
Removed Files:
pkgsrc/chat/prosody/patches: patch-ac
Log message:
Update to prosody 0.8.1.
A security and bug fix release. The security aspect is to mitigate the
"billion laughs" denial-of-service attack against XML parsers and XMPP
servers.
Other changes:
- Reject XML DTDs, comments and processing instructions, preventing
the "billion laughs" attack
- Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating
large data (such as large avatars)
Prosody automatically upgrades the table in-place if possible, see:
http://prosody.im/doc/mysql
- Fix for endless loop when parsing certain invalid JSON
- Fix PostgreSQL compatibility in prosody-migrator
- Fix timestamp parsing for DST (affecting MUC scrollback retrieval)
- mod_legacyauth now correctly disabled for unencrypted connections by default
- Components properly inherit SSL settings and certificates from their
'parent' hosts
- Prevent startup with no VirtualHost entries in the config file
|