| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
taken from openSUSE 10.3 libxml-CVE-2009-2414_CVE-2009-2616.patch.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
|
|
(no summarized changes).
|
|
|
|
require you to use movd (instead of movq) when transferring data
between reg32/64 and an mmx register. No PKGREVISION bump since it
failed to compile on amd64 meaning there was no binary package.
|
|
* Change default value for clamd_local configuration directive to the
common package default clamd local socket '/var/run/clamav/clamd.ctl'.
* The origin of the double free corruption was partially found in last
release. It is now completely fixed. Thanks to Tim Weippert for the
report.
* The call to squidGuard from SquidClamav by a bidirectional pipe seem
to make squid/c-icap system going slower and slower. The reason comes
from more and more pending squidGuard processes after c-icap thread
restarting. The historical reason of this feature is related to Squid
version 2.x that doesn't allow to chained url_rewrite_program. I think
this is no more useful so the squidguard configuration directive will
be removed in next major release. Thank to Marco Schuth and David
Tannheimeri for the report.
You'd better use the Squid configuration file (squid.conf) and the
'url_rewrite_program' directive to use squidGuard. There's no plan to
reintroduce the call to squidGuard from SquidClamav at least until
squidGuard has a daemon mode or you really asked for it.
* Fix an issue on reallocating mishandled null pattern array.
|
|
|
|
Czech, Danish, Dutch, French, Italian, Japanese, Russian and Slovenian
language files are updated to support Contao 2.10.1.
|
|
|
|
pkgsrc change: add a patch to fix build problem with some PKG_OPTIONS,
such as "ldap".
New Features
9.8.1
* Added a new include file with function typedefs for the DLZ
"dlopen" driver. [RT #23629]
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
* The root key is now provided in the file bind.keys allowing DNSSEC
validation to be switched on at start up by adding
"dnssec-validation auto;" to named.conf. If the root key provided
has expired, named will log the expiration and validation will not
work. More information and the most current copy of bind.keys can
be found at http://www.isc.org/bind-keys. *Please note this feature
was actually added in 9.8.0 but was not included in the 9.8.0
release notes. [RT #21727]
Security Fixes
9.8.1
* If named is configured with a response policy zone (RPZ) and a
query of type RRSIG is received for a name configured for RRset
replacement in that RPZ, it will trigger an INSIST and crash the
server. RRSIG. [RT #24280]
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Using Response Policy Zone (RPZ) to query a wildcard CNAME label
with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
query type independant. [RT #24715]
* Using Response Policy Zone (RPZ) with DNAME records and querying
the subdomain of that label can cause named to crash. Now logs that
DNAME is not supported. [RT #24766]
* Change #2912 populated the message section in replies to UPDATE
requests, which some Windows clients wanted. This exposed a latent
bug that allowed the response message to crash named. With this
fix, change 2912 has been reduced to copy only the zone section to
the reply. A more complete fix for the latent bug will be released
later. [RT #24777]
Feature Changes
9.8.1
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* The DLZ "dlopen" driver is now built by default, no longer
requiring a configure option. To disable it, use "configure
--without-dlopen". (Note: driver not supported on win32.) [RT
#23467]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
* Make --with-gssapi default for ./configure. [RT #23738]
* Improved the startup time for an authoritative server with a large
number of zones by making the zone task table of variable size
rather than fixed size. This means that authoritative servers with
lots of zones will be serving that zone data much sooner. [RT
#24406]
* Per RFC 6303, RFC 1918 reverse zones are now part of the built-in
list of empty zones. [RT #24990]
|
|
|
|
|
|
Changes:
0.4, 20110831 - jeagle
Fix packet timeout bug reported by Dave S.
Replace call to die() in __data_to_int with return undef, update docs to
reflect this.
|
|
out by Alistair Crooks.
|
|
|
|
|
|
meta-pkgs/kde4/kde4.mk was discussed. The conclusion was that it did
make sense to include that definition because kde4.mk is included by
packages that use the kde4 configure and build system, which is cmake.
Thus, they will need to define USE_CMAKE anyway and currently must do
so in addition to including kde4.mk. This adds the needed definition
so that it is no longer necessary to do both things.
Many other packages currently include kde4.mk and also define USE_CMAKE.
In many cases they also define CMAKE_ARGS. To avoid potential confusion
centering around wondering whether or not USE_CMAKE was forgotten (e.g.,
if readers do not know it is now defined in kde4.mk), the definition was
not removed from those packages.
Future package authors can determine whether or not it is clearer to
include the definition even though kde4.mk is also included.
[1] http://mail-index.netbsd.org/tech-pkg/2011/08/28/msg007595.html
|
|
|
|
build, since the bootstrap VM crashes with Stack Overflow error.
|
|
unicodedata for reasons not completely understood. It doesn't really
make sense for the compiler, so just don't use it.
|
|
|
|
|
|
From release announce:
The maintenance release provides stability fixes for the version 2.10
branch and updates TinyMCE to version 3.4.4 (which fixes a few IE9
issues).
pkgsrc change:
Add a note to MESSAGE needs of www/php-tidy package when using minify
the HTML markup function of Contao 2.10.
|
|
|
|
|
|
* Handle M17N surrounding-text commands.
* FIx make ppa failed problem.
* Supply M17N_CFLAGS and M17N_LIBS when checking minput_list().
|
|
any more.
No functional change.
|
|
|
|
=== 0.6.5.8 / 30.8.2011
* This patch is about adding a sheet_count method to workbook so that it returns
* the total no of worksheets for easy access. Please check. By
* tamizhgeek@gmail.com
* https://gist.github.com/1180625
|
|
|
|
PR#45315 by Bug Hunting.
Changes include:
- window content buffering upon resize, this actually improves
usability quite a bit. Thanks to Niki Yoshiuchi for the initial
patch
- multiplexing mode, press MOD+a and your keystrokes will be sent
to all non minimized windows. Could be handy if you have to do
something interactive simultaneously on multiple servers.
- a bug fix which should prevent leaking open file descriptors
|
|
|
|
- mod_authnz_ldap: If the LDAP server returns constraint violation,
don't treat this as an error but as "auth denied". [Stefan Fritsch]
- mod_filter: Fix FilterProvider conditions of type "resp=" (response
headers) for CGI. [Joe Orton, Rainer Jung]
- mod_reqtimeout: Fix a timed out connection going into the keep-alive
state after a timeout when discarding a request body. Bug 51103.
[Stefan Fritsch]
- core: Do the hook sorting earlier so that the hooks are properly sorted
for the pre_config hook and during parsing the config. [Stefan Fritsch]
|
|
|
|
|
|
to -lcurses.
fixes PR#29503.
|
|
|
|
"Cleans up, regularizes, and reformats the text of Python scripts."
|
|
to the recent discovery of false certificates from diginotar
(Recent versions from the source repository don't work, see the
comment in Makefile.)
|
|
set in PKG_SYSCONFDIR variable, so it is passed down to Makefile.
Configuration final path ends up being etc/stunnel/stunnel/stunnel.conf,
which is wrong.
|
|
* Unknown
|
|
|
|
- Regression fix: vhost and defaultsite causing vport to be ignored
- Regression Bug 3295: broken escaping in rfc1738_do_escape
- Bug #3232: fails to compile with OpenSSL v1.0.0
- Bug #3222: cache_peer name is not logging on CONNECT
- Bug #3131: fd_table[fd].closing() assert from
ConnStateData::noteMoreBodySpaceAvailable()
- Bug #3217: "!fd_table[fd].closing()" from
ServerStateData::noteMoreBodySpaceAvailable
- Bug #3213: https sites (CONNECT) not open when using NTLM
- Bug #3114: Memory leak in SSL certificate verify code
- Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes
- Bug #2662: cf_gen failure when cross compiling
- Bug #2655: passing wrong the username to the url_rewrite_program
- Bug #2495: ignore whitespace prefix on config lines
- Bug #2051: 'default' cache_peer option does not match documentation
- Bug #1842: Optimize order of tests in peerWouldBePinged() and
peerHTTPOkay()
- Bug #1791: timestampsSet does not validate Date: if server sends very
old date
- Correct parsing of large Gopher indexes
- Enable negative cacheing on unknown or -1 expiry timestamp
- Remove hierarchy_stoplist default value
- Migrate cf_gen tool from C-style to C++
- ... and several documentation and compiler warning fixes
|
|
This switches to the latest stable branch.
|
|
(CVE-2011-3193, CVE-2011-3194)
bump PKGREV
|
