Log message:
Add in optional support for Unicode - no change from the defaults

Log message:
settings.php not default.settings.php is the correct CONF_FILE
Update drupal.conf based on .htaccess supplied with tarball
PKGREVISION++

Log message:
The following bug has been fixed since the 6.7 release:
* Rolling back #280934. PHP 4 incompatibility.

This release fixes security vulnerabilities. Sites are urged to upgrade \ 
immediately after reading the security announcement:

* SA-CORE-2009-001- Drupal core - Multiple vulnerabilities

In addition to this security vulnerability, the following bugs have been fixed \ 
since the 6.8 release:

* - Patch #331708 by chx: poll_choice_js uses FAPI2.
* - Patch #350708 by dww: t() documentation clean-up.
* #245990 by Dave Reid, chx, dww: Look for the www.example.com page when a HTTP \ 
request seems to fail. Looking for the local page caused problems for people \ 
with interactive authentication, redirects, hosting added JavaScript code, and \ 
so on.
* - Patch #262920 by ainigma32: language selection for domain should look at \ 
HTTP_HOST not SERVER_NAME.
* - Patch #353886 by killes: too many arguments to SQL query in locale import.
* - Rollback of #325908.
* #347228 by kajetan: user was redirected to admin/build/translate instead of \ 
admin/build/translate/import
* #332123 by webchick, lilou, andypost: backport of removal of t() around schema \ 
desciptions
* #257009 by bjaspan, Freso, Darren Oh: check to not create global constraints \ 
twice in PostgreSQL (for example, when the testing framework is running)
* #169937 by Heine, drumm, alexanderpas, Darren Oh: only regenerate session if \ 
the user is the current global user
* #308526 by chx: Also reset actions_list() cache on actions_synchronize()
* #323474 by gpk, Dave Reid, catch: hook_boot() was not called on non-cached \ 
pages when agreesive caching was on
* #61108 by Uwe Hermann: update LICENSE.txt with latest version of GPL2 text
* #328977 by Dave Reid, hgmichna: comment_controls() form function lacks first \ 
form_state parameter, so passed values are incorrectly used
* #323386 by mariuss: The selection type in profile module expects items each on \ 
their own line and should not break items on commas
* #347485 by cdale: only add upload submit handler if the upload form is added
* #344052 by salvis: remove unused $update_node variable from node module
* #356782 by quicksketch: remove unused unset($edit) from \ 
_form_builder_handle_input_element()
* #124492 by m3avrck, mfer: more accurate checking for valid URLs in valid_url()
* #346285 by grendzy, Damien Tournoud, thekevinday et al: fixed problem when \ 
HTTP_HOST is not transmitted
* #245990 follow up by Damien Tournoud, David_Rothstein, pwolanin: Move back to \ 
an internal URL check for HTTP request checking and make the request checking \ 
less intrusive on what requests can be accomplished

Log message:
Update to 6.7

The seventh maintenance and security release of the Drupal 6 series. Only fixes \ 
for security vulnerabilities and other bugs have been committed. New features \ 
are only being added to the forthcoming Drupal 7.0 release.

This release fixes security vulnerabilities. Sites are urged to upgrade \ 
immediately after reading the security announcement:

* SA-2008-073 - Drupal core - Multiple vulnerabilities

In addition to this security vulnerability, the following bugs have been fixed \ 
since the 6.6 release:

* - Patch #324118 by winterheart: fixed invalid XHTML being generated for forum \ 
topic listings.
* - Patch #329019 by dww, sun: fixed PHP warning.
* #315739 by sun: The theme name is in arg(4) on the block admin page, so only \ 
redirect to theme specific page if that is set.
* - Patch #329646 by Damien Tournoud: properly reset user_access().
* - Patch #255293 by Gribnif, maartenvg: incorrect regex causes some aggregated \ 
CSS to fail.
* #329998 by pwolanin: escape markup looking non-HTML tags in schema descriptions
* #258089 by JohnAlbin, Arancaytar, merlinofchaos: themes cannot have a \ 
preprocess function without a corresponding .tpl.php file
* #255150 by dropcube, tested by catch, asimmonds: content type names were \ 
double escaped on create content page
* #329660 by pwolanin: node_configure_validate() should be replaced with a \ 
#submit handler to conform to FormAPI rules
* #299742 by Darren Oh: missing #ahah support on checkboxes
* #193580 follow up by gpk: late but important changelog entry for Drupal 6.0
* #302638 by pwolanin: avoid running several no-op queries while the menu is \ 
being rebuilt; improves performance
* Rolling back #302638, it caused problems reported in #328110
* #319165 by Alex_Tutubalin: add explicit UTF-8 client encoding setting for \ 
PostgreSQL
* - Patch #277644 by lilou: documentation improvement.
* - Patch #335385 by Dave Reid: fixed maxlength of path alias fields to be \ 
consistent with the database.
* - Patch #337454 by earnie: fixed the phpdoc of drupal_render_form().
* - Patch #293370 by swentel et al: make block sorting work when there are more \ 
than 20 blocks.
* - Patch #325908 by kbahey: removed redundant cache flusing.
* - Patch #281131 by Damien Tournoud: document the missing quote in .htaccess.
* - Patch #336115 by Nedjo: better documentation for t().
* - Patch #342988 by ultimateboy: fixed order of attributes in PHPdoc.
* #324875 by pwolanin: improve HTTP_HOST checking, ensuring that the host is \ 
lowercased and only valid characters are allowed.
* #280934 follow up by pwolanin: harden the cookie handling in sess_regenerate() \ 
by setting our session cookie to be an HTTP only cookie, thus reducing the risk \ 
of session stealing via XSS
* #28776 by Uwe Hermann, Morbus Iff, jvandyk: Protect *.test files and SVN \ 
metafiles from being exposed under Drupal
* #299582 by hass: Remove outdated items from robots.txt and fix ordering of \ 
items to make stuff easier to find.
* #305653 by snowball43, cdale, Dave Reid, sun: All themes were disabled when \ 
update.php was run
* #344661 by Dave Reid: fix phpdoc documentation on \ 
translation_translation_link_alter()
* #333060 by neclimdul, merlinofchaos, dvessel: child themes did not inherit \ 
patterns correctly, so more specific template files are not detected
* #206138 by pwolanin et al: little documentation fix for node base module name \ 
handling
* #276111 by pwolanin, meba and myself: disallow possibly dangerous submissions \ 
in locale translations and imports
* #345167 by JacobSingh, pwolanin, Heine: drupal_http_request() includes an \ 
extra CRLF, not conformant to HTTP specs

http://drupal.org/node/345462

Log message:
Fix PLIST issues when using binary packages - spotted by martti@
After some feedback from Roy Marples set up the package so it's easier
 to get drupal to run under other web servers than apache.  As the
 default web server, apache will remain.  Users can disable it using
 the options.mk framework.
Rename APACHE_* variables to WWW_* and set some sane defaults.

Log message:
Update to 6.6

The sixth maintenance and security release of the Drupal 6 series. Only
fixes for security vulnerabilities and other bugs have been committed. New
features are only being added to the forthcoming Drupal 7.0 release.

This release fixes security vulnerabilities. Sites are urged to upgrade
immediately after reading the security announcement:

* SA-2008-067 - Drupal core - Multiple vulnerabilities

In addition to this security vulnerability, the following bugs have been
fixed since the 6.5 release:

- Patch #315656 by Damien Tournoud: fixed bug in drupal_lookup_path('wipe').
#318102 by Dave Reid: hook_exit() was not invoked for some cached requests.
#277206 by Damien Tournoud, lilou, fp: untranslatable string in the installer
- Patch #324080 by winterheart: missing </td>-tag.

See http://drupal.org/node/324832 for all the details

Log message:
This release fixes security vulnerabilities. Sites are urged to upgrade \ 
immediately after reading the security announcement:

    * SA-2008-060 - Drupal core - Multiple vulnerabilities

In addition to this security vulnerability, the following bugs have been fixed \ 
since the 6.4 release:

* - Patch 246143 by bjaspan, Damien Tournoud: make sure updates are run in \ 
numeric order, not in definition order.
* - Patch 221230 by Heine: convert requirement error on update to requirement \ 
warning.
* - Patch 252430 by quicksketch: allow base theme prefix in preprocessor \ 
function names to correct expected behavior.
* - Patch 245322 by mfb: fixed breadcrumb behavior.
* - Patch 287949 by Freso, Damien Tournoud: keep language icons in consistent \ 
order across nodes.
* - Patch 265899 by mfb: uri_brief mail token did not support https URLs.
* - Patch 272952 by NancyDru and chx: fixed documentation issue.
* - Patch 170310 by mfb, JohnAlbin: avoid SSL cookie getting over-written by \ 
non-SSL cookie.
* - Patch 243063 by GoofyX: fixed typo in context-sensitve help.
* - Patch 295152 by dww, Damien Tournoud, et al: fixed version comparison.
* - Patch 278759 by douggreen, fletchgqc: improved code comment.
* - Patch 276018 by mfb: extend the lifetime of temporary files.
* - Patch 228576 by sun: too ambiguous stylesheet in dblog.css when \ 
form_altering the watchdog table.
* - Patch 285309 by pwolanin: menu_name in hook_menu is ignored on updates.
* - Patch 261859 by rse, Damien Tournoud: make the trigger module work on PostgreSQL.
* - Patch 305436 by Damien Tournoud, lelutin: fixed unclosed <li> tag in \ 
the context-sensitive help.

Any many more.  See http://drupal.org/node/318701 for all the details

Log message:
Update drupal6 package to 6.4.

Drupal 6.4, 2008-08-13
----------------------
- Fixed a security issue (Cross site scripting, Arbitrary file uploads via
  BlogAPI, Cross site request forgeries and Various Upload module
  vulnerabilities), see SA-2008-047.
- Improved error messages during installation.
- Fixed a bug that prevented AHAH handlers to be attached to radios widgets.
- Fixed a variety of small bugs.

Log message:
Update to 6.3

All the details of the changes can be found here: http://drupal.org/node/280583
The main reason for this update is to fix a known security issue:
http://drupal.org/node/280571

Log message:
Second round of explicit pax dependencies. As reminded by tnn@,
many packages used to use ${PAX}. Use the common way of directly calling
pax, it is created as tool after all.