| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The new options are, for FORTIFY:
"no" Do not pass any flags for FORTIFY
"weak" Pass -D_FORTIFY_SOURCE=1
"strong" Pass -D_FORTIFY_SOURCE=2
This allows users to reduce the level of FORTIFY specified if necessary
or desired. The previous setting as "yes" is now equivalent to "strong"
(the default when enabling).
The new options are, for RELRO:
"no" Do not pass any flags for RELRO
"partial" Pass -Wl,-z,relro
"full" Pass -Wl,-z,relro -Wl,-z,now
This allows users to reduce the level of RELRO specified if necessary or
desired. The previous setting as "yes" is now equivalent to "full" (the
default when enabling).
This is intended to match the changes committed by jperkin@ (for SSP)
after our discussion a (long) while back.
No functional change intended (with the settings supported so far).
|
|
From what I can tell, this is no longer in use.
|
|
|
|
The necessary patches have been submitted upstream.
This still does not build with PKGSRC_FORTIFY yet though.
List of intermediate commits:
* Prepare 0.15 release.
* Do not use rand() within fseek(), it might break reproducibility.
* Work around an issue with fseek() diversion. Closes #7.
* More verbose debug messages.
* Merge pull request #12 from edmcman/feature/retain_file_extension_in_copy_mode
* Also include alloca.h
* Retain file extension in copy mode.
* Merge pull request #11 from CERTCC-Vulnerability-Analysis/feature/add_opmode_null_to_run_without_fuzzing
* Add new "null" opmode which doesn't mutate the file.
* Export VERBOSE=1 in Travis so that the test suite outputs debug information.
* Add #pragma once directives in all our headers, for safety.
* Tell Travis to try to build on OS X, too.
* Add Travis build status to README.
* Move Travis builds to the container-based infrastructure.
* Tell Travis to bootstrap before running configure.
* Add a .travis.yml configuration file for CI.
* Disable the mmap regression test on OS X.
* Hopefully fix OS X compilation now. Fixes #5.
* Disable unnecessary weak symbol declaration.
* Merge pull request #4 from x9prototype/master
* Merge pull request #1 from x9prototype/x9prototype-patch-1
* Update libzzuf/lib-stream.c
* zzuf: set program version to 0.14 and prepare release.
* win32: using <stdint.h> instead of defining our own types.
* misc: fix a few minor issues found by static code analysis.
* sys: unsatisfying workaround for an issue with libasan.
* win32: clean up some Windows code.
* libzzuf: protect library initialisation with a mutex.
* build: remove spurious binary file.
* libzzuf: fix compiler warnings by adding declarations for functions that are unlikely to be exposed by system headers.
* Allow debug_str to be provided a negative length count for convenience.
* zzuf: fix a minor inconsistency between short and long options when compiled on a system with a useless rlimit().
* doc: group command line options by category in the man page.
* stream: fix a nasty bug that completely messed up with the streambuf structure tracking. Now when the new streambuf position is exactly at the end of the previous streambuf, we only fuzz the streambuf if new data is available (i.e. when streambuf_count != 0); otherwise, it just means that we?re at the end of the file, waiting for new read orders.
* debug: minor tweak to the debug string formatter.
* debug: refactor a lot of buffer debug functions using a shared formatter.
* test: use the -d flag in unit tests so that we can find potential errors in the debug() function calls.
* misc: rename a lot of _zz_-prefixed variables.
* test: add a regression test for a bug in our mmap function.
* zzuf: add a -X flag for hexadecimal dumps.
* debug: try to output as much debug output as possible and make debug() thread safe on Unix platforms.
* stream: rename a few functions for clarity.
* stream: fuzz the whole stream buffer upon opening.
* stream: refactor some streambuf getter functions.
* test: add a new regression test for a bug at stream EOF.
* stream: rename ?s? to ?stream? for consistency.
* mem: fix a buffer overflow bug in the mmap() replacement.
* misc: factor several common tests into one must_fuzz_fd() function.
* test: add a regression test for a bug in our mmap function.
* misc: C99 refactoring; put variable declarations closer to their first use
* misc: typo of the ass.
* win32: some compilation fixes introduced by refactoring for Linux.
* doc: update copyright and URLs.
* zzuf: replace a critical section with a simple spinlock.
* misc: move a lot of generic stuff to a new util/ source subdirectory.
* win32: some mingw32/mingw64 warning and compilation fixes.
* build: remove ChangeLog, as it?s convenient enough to have it in Git.
* misc: various compilation warning fixes and copyright updates.
* libzzuf: fix fseeko64 parameter type.
* fork: document more code and fix a bug reported by Will Newton.
* test: several fixes in the testsuite.
* misc: now that Visual Studio supports it some 15 years later, switch to C99.
* misc: minor fixes for compilation warnings.
* win32: Windows-specific compilation fixes.
* win32: add spinlock implementation for Windows.
* win32: update to newer mingw compiler version.
* build: remove the libcaca dependency and embed code instead.
* build: refresh build system.
* build: fix a few compilation warnings.
* core: add a lightweight spinlock to protect the list of file descriptors.
* sys: fix coding style.
* fix crash on windows 32-bit and compute_patch_size
* win32: add some console handling function diversions.
* win32: add more explicit error messages and add support for 0xb8 opcode.
* add relocate_hook to improve api hooking, fix dll name string comparison (no case sensitive), fix used after free on win32, add more hooks related to async file access
* build: fix compilation by including <wchar.h> and checking for regwexec.
* cosmetic: get rid of CRLF line endings.
* add new hook for windows (CreateFileMapping(A|W), MapViewOfFile, ReadFileEx), re-enable option -U, start to port network on windows
* port zzuf to win64 (amd64)
* add regex feature for win32
* change the method of hooking, now we disassemble the beginning of the targeted function and insert a jump to the new function.
* start to implement hotpatch hook on win32 port, but some API don't look to use it for some reason (e.g. kernel32!ReadFile)
* win32 port starts to fuzz executable (only few functions related to file handling are implemented)
* fix tmp file creation on win32, start to implement handling of win32 exception with GetExitCodeProcess
* on win32, use a named pipe and IOCP to read stdout, stderr and debugfd correctly.
*
* win32: add debug information to the function diversion code.
* linux: fix a few compilation warnings.
* Fix a weird problem with lib6 versioned symbols.
* osx: do not enforce flat namespace in copy mode on OS X.
* Win64 support in the VS solution.
* Fix wrong pointer types in the network range structures.
* Fix line endings.
* Get rid of the getopt reimplementation and depend on libcaca instead.
* Implement ReOpenFile and fix a few Win32 compilation warnings.
* Fix Win32 intermediate build directories.
* Fix missing ZZUF_DEBUGFD passing and debug function availability.
* Fix a bug in the %i formatting and implement %S.
* Get the debug channel to work on Win32.
* Treat %x arguments as unsigned in the printf reimplementation.
* Fix the printf reimplementation to properly handle INT_MIN.
* Disable select() on Win32. It is not supported on non-sockets.
* Remove useless PARENT_FD/CHILD_FD hack.
* Make it easier to dynamically allocate the debug filedescriptor later.
* Filedescriptor 0 is the debug channel, not stdin! Fix that.
* Proper child command line construction on Win32. There is no need to hardcode stuff for debugging purposes any longer.
* Inherit stdin/stdout/stderr in the child process under Win32.
* Remove useless code for Win32 diversions.
* Mark diverted Win32 functions as __stdcall, it's the correct calling convention.
* Divert ReadFile() and CloseHandle().
* Drop Visual Studio 2008 support and require the 2010 version. The 2010 express version is free to use and it's a lot better.
* Fix compilation warnings on Win32.
* Divert CreateFileW in addition to CreateFileA.
* Fix the Linux build to accomodate with the new Win32 features.
* CreateFile() diversion proof of concept.
* Add a mechanism for Win32 diversions.
* Fix a bug caused by undefined function call precedence.
* Fix zzat compilation on Win32 and create a .vcxproj file for it.
* Minor Win32 code simplification in sys.c.
* Divert AttachConsole() and AllocConsole() for debugging purposes.
* Full support for ASLR in the Win32 loader.
* Refactor the DLL initialisation code to allow several diversions.
* Improve the DLL injection code. Now seems to work rather well under Windows. But it needs a lot of polishing.
* Do not build ASLR binaries on Windows for now.
* Fix Win32 build.
* Add a few comments in the code for new Win32 strategies.
* Make check-zzuf-r-ratio slightly more tolerant.
* New operating mode "copy". It uses temporary files instead of preloading libzzuf into the process.
* Grammar.
* Add a regression test for our Gentoo __fread_chk() bug.
* Fix old typos in check-utils.
* Add fortify versions of libc calls to zzat.
* Fortify functions actually have extra arguments. Fix that.
* Update TODO list.
* Revert any potential overriding macro before declaring a new function.
* Add support for fortified glibc functions (__fgets_chk, __read_chk, etc.).
* Rename zzcat to zzat to avoid conflicts with zziplib.
* Clean up ChangeLog generation.
* Split check-build into check-source and check-win32.
* Add an OS X build script that generates fat binaries.
* Add missing svn:ignore properties.
* On OS X, resident_size is actually in bytes, not pages. Fixing memory check routine.
|
|
No functional change intended.
|
|
|
|
|
|
|
|
Updated devel/p5-Test-NoTabs to 2.00
Updated devel/p5-Test-Output to 1.03.1
Updated devel/p5-Test-Script to 1.18
Updated devel/p5-Test-Simple to 1.302083
Updated devel/p5-Test-Without-Module to 0.20
Updated devel/p5-Search-Elasticsearch to 5.02
Updated devel/p5-Sub-Identify to 0.14
Updated devel/p5-Sub-Uplevel to 0.2800
Updated devel/p5-Term-ProgressBar to 2.18
Updated devel/p5-PPI-XS to 0.904
Updated devel/p5-Parse-Method-Signatures to 1.003019
Updated devel/p5-PerlIO-utf8_strict to 0.007
|
|
--------------------------------------------
0.007 2017-04-06 14:58:37+02:00 Europe/Amsterdam
- Adapt to dot no longer being in @INC
- Adapt to unicode syswrite being deprecated
|
|
--------------------------------
0.904 Mon Apr 10 11:50:43 EDT 2017
- Fix Makefile.PL for perls without '.' in @INC
0.903 Mon Apr 10 10:50:00 EDT 2017
- bad tarball
|
|
-----------------------------------------
2.18 2016-12-06 MANWAR
- Add MANIFEST file.
- Removed META.yml file.
- Updated .gitignore to exclude MANIFEST file.
- General tidy up pod document.
|
|
--------------------------------------
0.2800 2017-04-01 13:31:22-04:00 America/New_York
- No changes from 0.2700-TRIAL
0.2700 2017-03-30 10:09:46-04:00 America/New_York (TRIAL RELEASE)
[Fixed]
- Tests now work if '.' is not in @INC
|
|
-------------------------------------
0.14 2017-04-11 RGARCIA
- Make tests pass without . in @INC (actual fix, by James E Keenan)
|
|
---------------------------------------------
5.02 2017-04-02
* Boolean query params must be "true" or "false"
* Added deprecation warnings
* The scroll API requires a body with a named scroll_id parameter
* Added support for pipeline parameter to bulk API, top level and metadata level
* Added support for 413 HTTP status code - Request entity too large
* Search::Elasticsearch::TestServer now takes an es_version parameter and
works with 0.90, 1.0, 2.0, and 5.0
* Added common parameters error_trace and human to all params
|
|
--------------------------------------------
0.20 20170409
- Make tests more resilient against old versions of Carp.pm (Paul Howarth)
Also addresses
https://rt.cpan.org/Public/Bug/Display.html?id=121002
- Typo fixes (Paul Howarth)
- Rework test suite, move author tests below xt/
0.19 20170330
- Make error message more like the original Perl error message (haarg)
- Makefile.PL overhaul (by Abzal Serekov)
- Generate README.md
|
|
----------------------------------------
1.302083 2017-04-14 10:55:26-07:00 America/Los_Angeles
- Update some breakage info for Test::More::Prefix and Test::DBIx::Class::Schema
1.302082 2017-04-11 12:56:24-07:00 America/Los_Angeles (TRIAL RELEASE)
- Fix test that incorrectly called private function as method
1.302081 2017-04-06 10:39:37-07:00 America/Los_Angeles (TRIAL RELEASE)
- Fix threads timeout for older perls (as best we can)
1.302080 2017-04-04 20:24:55-07:00 America/Los_Angeles (TRIAL RELEASE)
- Timeout when waiting for child procs and threads (#765)
- Fix SIGSYS localization issue (#758)
- Fix outdated docs (#759, #754)
- Fix bail-out in buffered subtest (#747)
1.302079 2017-04-03 12:12:02-07:00 America/Los_Angeles (TRIAL RELEASE)
- Fixes for '. in @INC' changes (#768)
|
|
------------------------------------
1.18 2017-04-12 07:01:14 -0400
- Production release identical to 1.17_02 release.
1.17_02 2017-04-10 08:39:46 -0400
- Use three argument open
1.17_01 2017-04-10 06:51:38 -0400
- Handle scripts with -T taint mode (gh#13)
|
|
--------------------------------------
1.031 2017-03-29T21:30:57Z
* Get rid of Sub::Exporter. That module has nice features that this
module doesn't use and the prereq is causing problems with CPAN
Testers. CPAN Grep didn't show anyone using advanced features for
exports.
|
|
--------------------------------------
2.00 2017-04-11 19:06:44Z
- migrated off of Module::Install, added META.json and other modern tooling
(pkgsrc changes)
- As noted above, following line dropped
PERL5_MODULE_TYPE= Module::Install
|
|
-------------------------------------
3.39 06-04-2017
- Make tests pass when PERL_USE_UNSAFE_INC=0
|
|
|
|
|
|
|
|
Documentation for option --exclude-from was added to man page.
Fix escaping backslashes with modifier "n" of option -O.
|
|
libdrm-2.4.80, libmicrohttpd-0.9.53, libva-1.8.1, miller-5.1.0,
ocaml-4.04.1, p5-Clone-PP-1.07, p5-Data-Printer-0.39,
p5-MIME-Charset-1.012.2, p5-Sub-Identify-0.14, p5-Template-Toolkit-2.27,
p5-Test-Simple-1.302083, p5-Unicode-LineBreak-2017.004,
p5-libwww-6.26, pari-2.9.2, py-chardet-3.0.2, py-pbr-2.1.0,
py-setuptools-35.0.0, rspamd-1.5.5, vim-8.0.0566, vim-share-8.0.0566,
wireshark-2.2.6, x264-devel-20170415.
|
|
|
|
------
- Avoid repeating genre in metadata printout for specifications like
(144)Thrash Metal.
- In remote control mode, only enforce --quiet if no verbosity was required.
- Prevent --loop and --shuffle or --random from messing with the remote
control LOADLIST command (printout of the list would loop without reason).
- Fix the mpg123 command (esp. our provided binaries on Windows) to now find
modules again relative to the executable directory, not the current working
directory. This was a regression in 1.23 and might be security-relevant if
you called mpg123 in working directories with untrusted content.
Note that mpg123 1.23 looked for modules relative to the current working
directory only if the installation prefix for modules did not exist.
So, usage on an intact installation (with /usr/lib/mpg123 or the like) was
safe. Nevertheless this new version fixes the search to be relative to the
binary path as it was with 1.22 and before.
- At least consistent behaviour of playlist code in the face of looping.
Looping is about individual tracks, always. They are looped also in random
mode. Jumping (prev/next keys) is between tracks and resets the loop counter.
The display of currently playing track in the playlist is fixed for random
and looped play now (bug 198).
- Looping is now mentioned for a to-be-repeated track with --verbose.
- Move some compiler nagging from --enable-debug to --enable-nagging, fix up
some new build failures by adding some pesky feature test macros.
- Try not to pollute the terminal buffer with old progress bars in inverse
video. Only the currently live one shall be seen. That one is pretty. The
others are not.
- Using plain dlopen()/LoadLibrary() for opening modules instead of libltdl.
This also means that --with-module-suffix is gone in configure.
- Windows builds only work when Unicode support is there (older than Windows
2000/XP will definitely not work anymore).
- The out123 tool now features tone generation, with a mix of differing
wave patterns. Makes sense to be able to test the audio output by itself,
and it's fun. See --wave-freq and related parameters.
- libmpg123 version 43:
-- Add flags MPG123_NO_PEEK_END and MPG123_FORCE_SEEKABLE, as suggested
by Bent Bisballe Nyeng.
-- Build fix for MSVC (consistent definition of ssize_t, spotted by manx,
bug 243).
-- Build fix for --with-cpu=ppc_nofpu (thanks to Michael Kostylev, bug 244).
-- Add asm optimized MSVC++ Win32|x64 and UWP|x64 builds
-- Remove old, broken MSVC++ builds
- libout123 version 2:
-- Added OUT123_BINDIR.
-- New search order for output plugin directory: MPG123_MODDIR, or (relative
to executable directory OUT123_BINDIR) ../lib/mpg123, plugins
libout123/modules/.libs, libout123/modules, ../libout123/modules/.libs,
../libout123/modules, and at last the installation prefix $libdir/mpg213/.
This shall ensure that a build inside a source tree does not try to use old
modules from the system prefix. The normal libtool wrapper deals with the
shared libout123 or libmpg123 only, not modules.
Note that if you set MPG123_MODDIR to a non-existing directory, no modules
will be found (earlier versions fell back to other choices).
-- The OUT123_NAME parameter is now copied by out123_param_from(), as is
the newly added OUT123_BINDIR.
-- Coreaudio: Use AudioComponents API on OSX >= 10.6 (thanks to Michael Weiser).
-- Coreaudio: Fix behaviour of out123_drop(), not killing the output anymore
without re-opening the device (bug 236, thanks to Taihei for the fix).
|
|
- Close files after loading if possible
- Fix Image Access to be reloadable when embedding the Python interpreter
- Fetch DPI from EXIF if not specified in JPEG header
- Removed winbuild checksum verification
- Git: Set ContainerIO test file as binary
- Remove superfluous import of FixTk
- Fix import of tkinter/Tkinter
- Pure Python Decoders, including Python decoder to fix for MSP images
- Reorganized GifImagePlugin
- Doc: Reordered operating systems in Compatibility Matrix
- Test: Additional tests for BurfStub, Eps, Container, GribStub, IPTC, Wmf, XVThumb, ImageDraw, ImageMorph ImageShow
- Health fixes
- Test: Correctness tests ContainerIO, XVThumbImagePlugin, BufrStubImagePlugin, GribStubImagePlugin, FitsStubImagePlugin, Hdf5StubImagePlugin, PixarImageFile, PsdImageFile
- Remove unused imports
- Replaced KeyError catch with dictionary get method
- Test: Removed unrunnable code in test_image_toqimage
- Removed use of spaces in TIFF kwargs names, deprecated in 2.7
- Removed deprecated ImageDraw setink, setfill, setfont methods
- Send unwanted subprocess output to /dev/null
- Fix division by zero when creating 0x0 image from numpy array
- Test: Added matrix convert tests
- Replaced broken URL to partners.adobe.com
- Removed unused private functions in setup.py and build_dep.py
- Test: Fixed Qt tests for QT5 and saving 1 bit PNG
- Test: docker builds for Arch and Debian Stretch
- Updated libwebp to 0.6.0 on appveyor
- More explicit error message when saving to a file with invalid extension
- Docs: Update some http urls to https
- Preserve aux/alpha channels when performing Imagecms transforms
- Test linear and radial gradient effects
- Test ImageDraw.Outline and and ImageDraw.Shape
- Added PySide to ImageQt documentation
- BUG: Empty image mode no longer causes a crash
- Exclude .travis and contents from manifest
- Remove 'MIT-like' from license
- Tests: Add tests for several Image operations
- PNG: Moved iCCP chunk before PLTE chunk when saving as PNG, restricted chunks known value/ordering
- Default to inch-interpretation for missing ResolutionUnit in TiffImagePlugin
- Bug: Fixed segfault when using ImagingTk on pypy
- Bug: Fixed Integer overflow using ImagingTk on 32 bit platforms
- Tests: Added docker images for testing alternate platforms. See also https://github.com/python-pillow/docker-images.
- Removed PIL 1.0 era TK readme that concerns Windows 95/NT
- Prevent `nose -v` printing docstrings
- Replaced absolute PIL imports with relative imports
- Added context managers for file handling
- Expose registered file extensions in Image
- Make mode descriptor cache initialization thread-safe.
- Updated Windows test dependencies: Freetype 2.7.1, zlib 1.2.11
- Followed upstream pngquant packaging reorg to libimagquant
- Fix invalid string escapes
- Add test for crop operation with no argument
|
|
|
|
Based on PR 52165 by Jonathan Schleifer.
Noteworthy changes in version 2.1.20 (2017-04-03)
-------------------------------------------------
* gpg: New properties 'expired', 'revoked', and 'disbaled' for the
import and export filters.
* gpg: New command --quick-set-primary-uid.
* gpg: New compliance field for the --with-colon key listing.
* gpg: Changed the key parser to generalize the processing of local
meta data packets.
* gpg: Fixed assertion failure in the TOFU trust model.
* gpg: Fixed exporting of zero length user ID packets.
* scd: Improved support for multiple readers.
* scd: Fixed timeout handling for key generation.
* agent: New option --enable-extended-key-format.
* dirmngr: Do not add a keyserver to a new dirmngr.conf. Dirmngr
uses a default keyserver.
* dimngr: Do not treat TLS warning alerts as severe error when
building with GNUTLS.
* dirmngr: Actually take /etc/hosts in account.
* wks: Fixed client problems on Windows. Published keys are now set
to world-readable.
* tests: Fixed creation of temporary directories.
* A socket directory for a non standard GNUGHOME is now created on
the fly under /run/user. Thus "gpgconf --create-socketdir" is now
optional. The use of "gpgconf --remove-socketdir" to clean up
obsolete socket directories is however recommended to avoid
cluttering /run/user with useless directories.
* Fixed build problems on some platforms.
Noteworthy changes in version 2.1.19 (2017-03-01)
-------------------------------------------------
* gpg: Print a warning if Tor mode is requested but the Tor daemon
is not running.
* gpg: New status code DECRYPTION_KEY to print the actual private
key used for decryption.
* gpgv: New options --log-file and --debug.
* gpg-agent: Revamp the prompts to ask for card PINs.
* scd: Support for multiple card readers.
* scd: Removed option --debug-disable-ticker. Ticker is used
only when it is required to watch removal of device/card.
* scd: Improved detection of card inserting and removal.
* dirmngr: New option --disable-ipv4.
* dirmngr: New option --no-use-tor to explicitly disable the use of
Tor.
* dirmngr: The option --allow-version-check is now required even if
the option --use-tor is also used.
* dirmngr: Handle a missing nsswitch.conf gracefully.
* dirmngr: Avoid PTR lookups for keyserver pools. The are only done
for the debug command "keyserver --hosttable".
* dirmngr: Rework the internal certificate cache to support classes
of certificates. Load system provided certificates on startup.
Add options --tls, --no-crl, and --systrust to the "VALIDATE"
command.
* dirmngr: Add support for the ntbtls library.
* wks: Create mails with a "WKS-Phase" header. Fix detection of
Draft-2 mode.
* The Windows installer is now build with limited TLS support.
* Many other bug fixes and new regression tests.
See-also: gnupg-announce/2017q1/000402.html
|
|
|
|
Changelog:
Fixed:
* Authentication failure is reported as unknown general system error.
* Unable to backup virtual machines with active Docker containers.
|
|
|
|
Version 4.5.1 (25/02/2017):
*Fixes:
- logfile permissions problem (CVE-2017-5618)
- SunOS build problem (bug #50089)
- FreeBSD core dumps (bug #50143)
|
|
|
|
|
|
|
|
vulnerabilities. Still enabled by default, as before. Ok by wiz@.
Fixes PR pkg/52148 and adds tiff to PKG_SUGGESTED_OPTIONS.
|
|
vulnerabilities. Still enabled by default, as before. Ok by wiz@.
Fixes PR pkg/52149 and adds tiff to PKG_SUGGESTED_OPTIONS.
|
|
|
|
|
|
Bump PKGREVISION.
|
|
|
|
Bump PKGREVISION.
|
|
|
|
Notable chnages:
* Fix default block race condition.
* Add TS::Cache#fetch_or_store.
|
|
|
|
v1.2017.2 2017/3/23
* Based on version 2017b of the IANA Time Zone Database
(https://mm.icann.org/pipermail/tz-announce/2017-March/000046.html).
|
|
|
