#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Tuesday 22nd April 2014 ===

==== Fedora Project ====

 * Updated `bluefish` to 2.2.6 in F-19, F-20, Rawhide and EPEL-7:
  * Fixes a critical bug (segfault) in filebrowser that could be triggered if the root directory was set as basedir
  * Fixes a specific CSS-in-HTML-tag highlighting issue
  * The filter code caused a segfault if the command did not exist
  * Development checks disabled for release builds
  * Improvements to C, Javascript and CSS language files
  * Updated translations
  * Fixed a corner case for a new document from a template that does not exist
  * The "open" submenu now opens SVG files from the filebrowser instead of inserting an image tag
  * The included `cssmin` and `jsbeatify` have been updated
  * Fixed a syntax scanning issue when replacing large chunks of text
  * The "Report bug" link was broken
  * A new "conditional" option to the language file that makes re-using certain blocks of language files easier was added
  * Error reporting in outputbox was improved
 * Updated `perl-Cpanel-JSON-XS` to 3.0103 in Rawhide:
  * Change booleans interop logic (again) for `JSON-XS`-3.01
   * Check now for `Types::Serialiser::Boolean` i.e. `JSON::PP::Boolean` refs (https://github.com/rurban/Cpanel-JSON-XS/issues/18) to avoid `allow_blessed` for `JSON-XS`-3.01 booleans
  * Fix boolean representation for `JSON-XS`-3.01/`Types::Serialiser::Boolean` interop (`arrayref`, not `hashref`)
  * Add `t/52_object.t` from `JSON::XS`
  * Backport `encode_hv` `HE` sort on stack < 64 or heap to avoid stack overflows from `JSON-XS`-3.01; do not use `alloca`
  * Backport `allow_tags`, `decode_tag`, `FREEZE`/`THAW` callbacks from `JSON-XS`-3.01
  * Added pod for `OBJECT SERIALISATION` (`allow_tags`, `FREEZE`/`THAW`)

==== Local Packages ====

 * Updated `bluefish` to 2.2.6 as per the Fedora version
 * Updated `davfs2` to 1.5.0:
  * Fixed security risk caused by insecure use of `system()` (Bug #40034)
  * `umount` will now properly work with systems where `mtab` is a symbolic link to `/proc/mounts`; for this, `davfs2` uses the new `/var/mount/utab` file (SR #108528)
  * Symbolic links in `fstab` will no longer break `davfs2` (SR #108377)
  * Fixed bugs with setting access bits and evaluating access permissions (Bug #33644 and Bug #33644)
  * Support Neon version 0.30 (SR #108392)
  * Improved configuration for certificate validation with new options `trust_ca_cert` and `trust_server_cert`
  * New option `minimize_mem` to reduce memory consumption by `davfs2` (SR #108158)
  * Allow `mount` option `comment=` (Bug #41354)
  * New `mount` option `grpid` (SR #108432)
  * Improved cookie support allows for more than one cookie (SR #107907, Bug #41438)
  * Honour `configure` parameter `--manfile` (SR #108173)
  * Fixed `DESTDIR` bug (SR #108104)
 . Experimental new features:
  * Support temporary redirects for downloading of files (Bug #35428)
  * Support compression for downloading (Bug #41355); not necessarily RFC-compliant, but what is used by browsers
 . Removed features:
  * Support for extended attributes was more then rudimentary and is now removed for the sake of performance and clarity

----