Veni, Vidi, VISA

$USER: Ich hab außer unserem Update-Skript wirklich nix angeklickt und trotzdem kommen beim Start von jedem Programm lauter Fehlermeldungen!
$ME: (cat update-skirpt -> enthält nur ein sudo apt-get update ; sudo apt-get upgrade)
$USER: Das Skript hat unser Admin so geschrieben, weil wir einige aktuelle Programme brauchen.
$ME: (cat /etc/apt/sources.list enthält nur unstable)
(Als ich dann dem User erklärt habe das unstable seinen Namen nicht ganz zu unrecht trägt, weil da doch mal was Unstable sein kann, kam ein verwunderter Blick und die Erklärung überhaupt:)
$USER: Unser Admin hat gesagt das er nur die Software aktualisiert und nicht das System!

Zuerst hab ich gedacht das das mal wieder eine Ausrede ist, aber ich hab dann auf anderen Workstations genau das gleiche Skript gesehen und von den Usern die exakt gleiche Erklärung bekommen. Der Admin ist latürnich nicht da, sondern im Urlaub.
Manchmal glaub ich wirklich das die das alles mit Absicht machen. Bastarde!

Serendipity 1.5.2 has been released to address the outstanding issue of SQLite installations with Serendipity. Upgrading an earlier version of Serendipity prior to 1.5.1 to this version should work without any problems, fixing the database upgrades that were faulty in Serendipity 1.5.1. This is the same patch that has been advertised in the old blog posting

Users who had upgraded to Serendipity 1.5 already can fix problems by checking the database table 'serendipity' and make sure to insert a md5 hashed password, with hashtype=0.

SQLite users should backup their database file (a random file name ending in .db) before updating. For users of other database systems, the Serendipity 1.5.2 update does not contain any changes and can be left out.

(via blog.s9y.org)

Danke für die Hinweise das es eine neue Version von S9Y gibt (*sigh*), aber ich werde nicht aktualisieren. Nicht weil mir das Update zu kompliziert ist, sondern weil ich keine Lust habe 23 bzw 25M über ftp(1) auf den Webspace zu schaufeln. Abgesehen würde auch nach einem Update von S9Y noch immer der gleiche Schmarrn hier stehen. Danke. Ich habe fertig.

http://blog.s9y.org/archives/211-Serendipity-1.5-released.html

The Serendipity Team is proud to present the final release of Serendipity 1.5. While the earlier beta versions are proven to work fine for many people, it was finally time to package up a real release.

This version mainly addresses login security by changing our method how passwords are stored to use salted SHA1 checksums instead of plain MD5 checksums. This makes password retrieval (rainbow attacks, see special blog posting) through the database virtually impossible. Another thing is improved PHP 5.3 compatibility.

For users of our Bundled WYSIWYG-Editor Xinha users now have the ability to easily customize the appearance of this panel through a "my_custom.js" file inside the template directory (a draft of such a file can be found as fallback default in the htmlarea/ subdirectory).

One cool new feature for developers is that now also templates can register themselves inside the plugin API hooks to execute specific things, that don't require installation of an event plugin.

Other news include:

• new event API hooks
• fixed PDF thumbnail generation
• ability to auto-scroll on borders when Drag/Dropping plugins
• UTC server time zone support
• improvements in the Smarty functions to easier use Serendipity as a CMS for individual entry output.
• quicksearch improvements for doing a wildcard-search when too few searchresults were found on a fixed searchterm
• support for Typepad anti-spam server-checks, additionally to Akismet

Minor improvements since the 1.5-beta1 release:

• more PHP 5.3.0 compatibility improvements
• Disallow uploading any files that contain ".php." in the filename for extra security with Apache MimeMagic-Modules
• expermiental PDO:SQlite support
• usability improvements for the comment moderation panel (bottom-navigation, removed border increase)

The current release can be easily installed on any previous Serendipity installation. Just unpack, upload and visit your admin panel to perform possible database upgrades. Upon first login with an old password, Serendipity will store your old password in the new format - please be sure to make a backup of your Database prior to upgrading, and read the upgrade pointers on Upgrading Serendipity.


Have fun using Serendipity, and let us know on the Forums if you have any issues!

Ich werde demnächst das neue Release einspiele, aber wie man das ja von mir erwartet und auch gewohnt ist, gibts wieder 'n DATABASE_ERROR *sigh*

Nachdem ich es hier schonmal angedroht hab, konnt ich mich vorhin dazu aufraffen und S9Y aktualisieren. Verlief auch (wider Erwarten) ohne Probleme.. mehr oder weniger zumindest. Ich bekomme zwar in der Admin-Oberfläche (nach einiger Ladezeit) einen 500 wenn ich auf Styles Verwalten oder auf Neue Versionen von Seitenleisten-Plugins bzw. Neue Versionen von Ereignis-Plugins klicke, aber rein theoretisch sollte alles funktionieren. Wer irgendwelche Fehler findet, kann mir die im Kommentar beschreiben oder per Mail an drecksupdate@strcat.de schicken.

Ich versuchs zumindest. Also erfreut euch am kommenden DATABASE_ERROR *sigh* Nicht.
Zuviel Arbeit via ftp(1) und noch weniger Lust. Außerdem saugt mein Upstream zur Zeit extremst.

Serendipity 1.4.1 has been released. This is mainly a bugfix release for the updated of the bundled Smarty library, which fixes issues with Serendipity 1.4.
Other small fixes include better antispam checks for pingbacks (they were too strict before), an update to the sql index key creation of the statistics plugin and removal of error messages on open_basedir enabled servers.
You only need to upgrade to Serendipity 1.4.1 if one of the mentioned bugs affect you. Updating is easy and documented online.

(via blog.s9y.org)

Und wenn ich mich endlich dazu aufraffen könnte dieses Blog zu aktualisieren, dann würd ich das sogar machen. Aber irgendwie hab ich keine Lust auf 'n DATABASE_ERROR

http://blog.s9y.org/archives/202-Serendipity-1.4-released.html

The Serendipity-Team is proud to provide the final release of Serendipity 1.4,
conveniently codenamed "Post-Christmas-Monk-Miles-Moondog".

There have been some larger improvements since the 1.4-beta release, so these
are the highlights of this release in short:

• (new since 1.4-beta1) References to online plugin documentation have been added (if
  existing) and the display of the short plugin names has been added to the plugin configuration menus/
• (new since 1.4-beta1) Firefox now no longer autoremembers passwords at the wrong places
• (new since 1.4-beta1) Added SMF importer
• (new since 1.4-beta1) Added a new %parentname% permalink option for category links
• (new since 1.4-beta1) Fix to properly, longer (30 days) sstrong>remember the user settings in cookies, like for media insertion
• Improvements in the now Double-Opt-In comment subscription (plus support for fulltext comment notifications)
• new bundled default WYSIWYG editing component (Xinha, the successor of HTMLArea). This new component is more reliable and cross-browser capable than the old version, by still supporting everything that worked with HTMLArea previously.
• The Entryproperties plugin now uses the new widget-style configuration option to allow for custom arrangement of the entry-related features of this plugin to your liking.
• The bulletproof template has been enabled as the new default template. The frontend imitates the look of Carl Galloways Serendipity 1.0 relaunch template, while the backend is much improved with a fresh, distinct look.
• The Remote RSS-Feed sidebar plugin now is templated, so that you can achieve distinct look for certain feeds on the sidebar.

Serendipity also addresses some minor bugs usually only affecting very
special environments. Other changes include new PostgreSQL ts_vector fulltext
search, comment approval-by-mail for the spamblock plugin, better HTTP header
status updates for CGI environments. For developers, some API improvements and
new variables/parameters have been added. The performance of the
entryroperties plugin can be enhanced by new configuration options that let
you fiddle with the involved SQL generation.

The complete list of all changes is documented within the
docs/NEWS file of the release. This serendipity release is also the first
one to include checksums to verify your installation integrity.

Updating is easy and documented
online: Just upload the new files onto your web, possibly refresh/purge
your browser cache (and if you upgrade from Serendipity older than 1.2, you
might need to purge your old cookies), go to the admin panel and you're done.
For shared installations, make sure all deployed htmlarea directories
are updated with the new files (if not, the old htmlarea will still be there,
not Xinha).

Also, the new version contains release checksums. This makes sure that the
files you uploaded correspond with the checksums generated through the
release. This way, bad FTP uploads will no longer be driving you nuts. If this
makes any trouble for you, try to upload the files in BINARY mode in your FTP
client.

For the future, Serendipity is still planning on minor and major features.
We always keep a close ear to the wishes of our users, some of those that
cannot be solved instantly have been documented here: Future of Serendipity. If you're a
developer or designer, and want to help in proving that Serendipity is a
flexible and easy to use Blogging/CMS-application - your help is needed and
appreciated! Speaking of which: Many thanks to all current developers and forum users, especially
Don Chambers, YellowLED and Judebert. Your help has been, and is vital to the project.

On behalf of the team: Happy new year and have fun with the release,

Garvin

Also dann.. demnaechst ist dieses Blog mal wieder mit einem DATABASE_ERROR offline.

Debian:

$ dpkg --get-selections \* > /tmp/PAKETLISTE

$ dpkg --set-selections < /tmp/PAKETLISTE

$ apt-get dselect-upgrade

RPM:

$ rpm -qa > /tmp/instpackages

$ yum -y install $(cat /tmp/packages)

Gentoo:

$ emerge -av $(cat /var/lib/portage/world)

*BSD:

$ pkg_info > /tmp/instpackages

$ for i in `awk '{print $1}' /tmp/instpackages` ; do echo pkg_add -v $i ; done

ArchLinux:

$ pacman -Qqe > /tmp/instpackages

$ pacman -S $(cat /tmp/instpackages)

Crux (Danke an teK!):

$ prt-get listinst > pkglist

$ for i in `cat pkglist`;do prt-get depinst "$i";done

Slackware:

$ ls /var/log/packages > /tmp/instpackages

$ for foo in $(cat /tmp/instpackages); do installpkg $foo ; done

Das meiste war ausm Kopf zusammengeschrieben; Fehler/Verbesserungen einfach als Kommentar dalassen (gleiches gilt auch fuer Distributionen die ich vergessen hab).

http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html

erendipity 1.3.1 has been released. This is a bugfix and security related release, basically adressing a potential XSS issue within the Top Referrers plugin as well as hypothetical XSS issues with the installer.

This release also adresses some basic PostgreSQL8 related problems, because implicit type casts have been removed from this version, causing breakage with several Serendipity core features. The fix for this is only partial and will still happen in (less common) functions of Serendipity. There is no ultimate solution to this because implicit type casts are required for certain entryproperty operations. Maybe the PostgreSQL8 team will think about if implicit type casts are not also quite helpful.

The only new feature addition is the exposition of a new smarty {serendipity_getImageSize} function.

This upgrade is recommended for users that use the Top Referrers plugin and new installations of Serendipity. Many thanks to Hanno Böck, once again, for reporting (and fixing) the two XSS issues (CVE-2008-1385 and CVE-2008-1386)!

You can find the new release on the s9y.org download page. Upgrade by simply uploading the deflated archive files to your webspace.

Ich muss jetzt doch irgendwann mal updaten *sigh*