| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Since arpack installs a dynamic library, its BUILDLINK_DEPMETHOD
shouldn't be set to "build" by default.
Bump PKGREVISION of octave for its runtime dependency change.
|
|
Include limits.h to use INT_MAX.
|
|
|
|
Security Fixes
* If a server is configured with a response policy zone (RPZ) that
rewrites an answer with local data, and is also configured for
DNS64 address mapping, a NULL pointer can be read triggering a
server crash. This flaw is disclosed in CVE-2017-3135. [RT #44434]
* named could mishandle authority sections with missing RRSIGs,
triggering an assertion failure. This flaw is disclosed in
CVE-2016-9444. [RT #43632]
* named mishandled some responses where covering RRSIG records were
returned without the requested data, resulting in an assertion
failure. This flaw is disclosed in CVE-2016-9147. [RT #43548]
* named incorrectly tried to cache TKEY records which could trigger
an assertion failure when there was a class mismatch. This flaw is
disclosed in CVE-2016-9131. [RT #43522]
* It was possible to trigger assertions when processing responses
containing answers of type DNAME. This flaw is disclosed in
CVE-2016-8864. [RT #43465]
* It was possible to trigger an assertion when rendering a message
using a specially crafted request. This flaw is disclosed in
CVE-2016-2776. [RT #43139]
* Calling getrrsetbyname() with a non- absolute name could trigger an
infinite recursion bug in lwresd or named with lwres configured if,
when combined with a search list entry from resolv.conf, the
resulting name is too long. This flaw is disclosed in
CVE-2016-2775. [RT #42694]
Feature Changes
* None.
Porting Changes
* None.
Bug Fixes
* A synthesized CNAME record appearing in a response before the
associated DNAME could be cached, when it should not have been.
This was a regression introduced while addressing CVE-2016-8864.
[RT #44318]
* Windows installs were failing due to triggering UAC without the
installation binary being signed.
* A race condition in rbt/rbtdb was leading to INSISTs being
triggered.
|
|
|
|
Security Fixes
* If a server is configured with a response policy zone (RPZ) that
rewrites an answer with local data, and is also configured for
DNS64 address mapping, a NULL pointer can be read triggering a
server crash. This flaw is disclosed in CVE-2017-3135. [RT #44434]
* named could mishandle authority sections with missing RRSIGs,
triggering an assertion failure. This flaw is disclosed in
CVE-2016-9444. [RT #43632]
* named mishandled some responses where covering RRSIG records were
returned without the requested data, resulting in an assertion
failure. This flaw is disclosed in CVE-2016-9147. [RT #43548]
* named incorrectly tried to cache TKEY records which could trigger
an assertion failure when there was a class mismatch. This flaw is
disclosed in CVE-2016-9131. [RT #43522]
* It was possible to trigger assertions when processing responses
containing answers of type DNAME. This flaw is disclosed in
CVE-2016-8864. [RT #43465]
* Added the ability to specify the maximum number of records
permitted in a zone (max-records #;). This provides a mechanism to
block overly large zone transfers, which is a potential risk with
slave zones from other parties, as described in CVE-2016-6170. [RT
#42143]
* It was possible to trigger an assertion when rendering a message
using a specially crafted request. This flaw is disclosed in
CVE-2016-2776. [RT #43139]
* Calling getrrsetbyname() with a non absolute name could trigger an
infinite recursion bug in lwresd or named with lwres configured if,
when combined with a search list entry from resolv.conf, the
resulting name is too long. This flaw is disclosed in
CVE-2016-2775. [RT #42694]
New Features
* named now provides feedback to the owners of zones which have trust
anchors configured (trusted-keys, managed-keys, dnssec-validation
auto; and dnssec-lookaside auto;) by sending a daily query which
encodes the keyids of the configured trust anchors for the zone.
This is controlled by trust-anchor-telemetry and defaults to yes.
* A new tcp-only option has been added to server clauses, to indicate
that UDP should not be used when sending queries to a specified IP
address or prefix.
Feature Changes
* The built in mangaged keys for the global root zone have been
updated to include the upcoming key signing key (keyid 20326).
* The ISC DNSSEC Lookaside Validation (DLV) service is scheduled to
be disabled in 2017. A warning is now logged when named is
configured to use this service, either explicitly or via
dnssec-lookaside auto;. [RT #42207]
* If an ACL is specified with an address prefix in which the prefix
length is longer than the address portion (for example,
192.0.2.1/8), named will now log a warning. In future releases this
will be a fatal configuration error. [RT #43367]
Bug Fixes
* A synthesized CNAME record appearing in a response before the
associated DNAME could be cached, when it should not have been.
This was a regression introduced while addressing CVE-2016-8864.
[RT #44318]
* Named could deadlock there were multiple changes to NSEC/NSEC3
parameters for a zone being processed at the same time. [RT #42770]
* Named could trigger a assertion when sending notify messages. [RT
#44019]
* Fixed a crash when calling rndc stats on some Windows builds: some
Visual Studio compilers generate code that crashes when the "%z"
printf() format specifier is used. [RT #42380]
* Windows installs were failing due to triggering UAC without the
installation binary being signed.
* A change in the internal binary representation of the RBT database
node structure enabled a race condition to occur (especially when
BIND was built with certain compilers or optimizer settings),
leading to inconsistent database state which caused random
assertion failures. [RT #42380]
* Referencing a nonexistent zone in a response-policy statement could
cause an assertion failure during configuration. [RT #43787]
* rndc addzone could cause a crash when attempting to add a zone with
a type other than master or slave. Such zones are now rejected. [RT
#43665]
* named could hang when encountering log file names with large
apparent gaps in version number (for example, when files exist
called "logfile.0", "logfile.1", and "logfile.1482954169"). This is
now handled correctly. [RT #38688]
* If a zone was updated while named was processing a query for
nonexistent data, it could return out-of-sync NSEC3 records causing
potential DNSSEC validation failure. [RT #43247]
* named could crash when loading a zone which had RRISG records whose
expiry fields were far enough apart to cause an integer overflow
when comparing them. [RT #40571]
* The arpaname and named-rrchecker commands were not installed into
the correct prefix/bin directory. [RT #42910]
* When receiving a response from an authoritative server with a TTL
value of zero, named> will now only use that response once, to
answer the currently active clients that were waiting for it.
Previously, such response could be cached and reused for up to one
second. [RT #42142]
* named-checkconf now checks the rate-limit clause for correctness.
[RT #42970]
* Corrected a bug in the rndc control channel that could allow a read
past the end of a buffer, crashing named. Thanks to Lian Yihan for
reporting this error.
Maintenance
* The built-in root hints have been updated to include IPv6 addresses
for B.ROOT-SERVERS.NET (2001:500:84::b), E.ROOT-SERVERS.NET
(2001:500:a8::e) and G.ROOT-SERVERS.NET (2001:500:12::d0d).
|
|
|
|
the Python version.
|
|
|
|
|
|
|
|
release, state that instructions only apply to legacy release.
- State that only the compler in base is currently support.
- Update the list of tested releases.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
0.14.23
This is a hotfix release recommended for all users.
Resolved issues:
#3970: Syncthing restarts when started manually and auto upgrading
0.14.22
This is a regular periodic release withdrawn because of an issue with automatic upgrade.
Resolved issues:
#3935: Leading and trailing spaces are no longer stripped in the GUI password field
#3908: The GUI shows remaining amount of data to sync per folder.
#3933: There should no longer be empty entries in the global log
#3938: Weak hashing is now by default only enabled when it makes sense from a performance point of view.
Also:
This release introduces the the ability to choose between stable and candidate
releases for auto upgrades.
|
|
|
|
Version 1.1.26 (released 24-Jan-2017)
* security fix: escape nav_data name to avoid XSS attack
Version 1.1.25 (released 15-Sep-2016)
* fix _rev2optrev assertion on long input
Version 1.1.24 (released 02-Oct-2015)
* fix minor bug in human_readable boolean calculation
* allow hr_funout option to apply to unidiff diffs, too
* fix infinite loop in rcsparse
* fix iso8601 timezone offset handling (issue #542)
* add support for renamed roots (issue #544)
* fix minor buglet in viewvc-install error message
|
|
now, since netbsd 8 will have accept4. it'll be a long time before they're
safe to remove, and we'll probably forget why they're here by then.
|
|
|
|
Some critical bugs in the processing of BMP files were fixed. These
bugs allowed the program to be crashed, or potentially to be abused
in other ways, by feeding it specially crafted BMP files. Thanks to
Tomasz Buchert and Agostino Sarubbo for reporting these bugs.
Portability was improved for C99 and for MSVC++. Thanks to Peter
Breitenlohner, Nelson Beebe, and Martin Gieseking for reporting
portability issues.
|
|
|
|
0.7.10 - 12.10.2016 (Hollow)
Bug Fixes:
[issue 97] - Missing import
[issue 105] - Fix the rendering of default constructed id3.TagHeader
Fixed Tag.frameiter
0.7.9 - 11.27.2015 (Collapse/Failure)
New Features:
process files and directories in a sorted fashion. <Hans-Peter Jansen>
display the ellipsis file name and path, and the file size right justified in printHeader. <Hans-Peter Jansen>
stating to be unable to find a valid mp3 frame without a hint, where this happened is rather unfortunate. I noticed this from using eyed3.load() calls. <Hans-Peter Jansen>
[fixup plugin] - Better compilation support.
Bug Fixes:
Fixed missing ‘math’ import.
[issue 81] - Replaced invalid Unicode.
[issue 91] - Disabled ANSI codes on Windows
[issue 92] - More friendly logging (as a module)
0.7.8 - 05.25.2015 (Chartsengrafs)
New Features:
[pymod plugin] – A more procedural plugin interface with modules.
[art plugin] – Extract tag art to image files, or add images to tags.
eyed3.utils.art - High level tag art API
eyed3.id3.frames.ImageFrame.makeFileName produces the file extension .jpg instead of .jpeg for JPEG mime-types.
Added eyed3.utils.makeUniqueFileName for better reuse.
[statistics plugin] – Less score deduction for lower bit rates.
Split example plugins module into discrete plugin modules.
[fixup plugin] – Added –fix-case for applying title() to names
[fixup plugin] – Detects and optionally removes files determined to be cruft.
eyed3.id3.Tag – Added frameiter method for iterating over tag frames.
Added optional preserve_file_time argument to eyed3.id3.Tag.remove.
Removed python-magic dependency, it not longer offers any value (AFAICT).
Bug Fixes:
[issue 50] Crashing on –remove-frame PRIV
[issue 75] Parse lameinfo even if crc16 is not correct
[issue 77] Typo in docs/installation.rst
[issue 79] Request to update the GPL License in source files
Fixes to eyed3.id3.tag.TagTemplate when expanding empty dates.
eyed3.plugins.Plugin.handleDone return code is not actually used.
[classic plugin] – Fixed ID3v1 –verbose bug.
[fixup plugin] – Better date handling, album type, and many bug fixes.
0.7.6 / 0.7.7 - Skipped
|
|
|
|
|
|
|
|
v34.1.1
-------
* #953: More aggressively employ the compatibility issue
originally added in #706.
v34.1.0
-------
* #930: ``build_info`` now accepts two new parameters
to optimize and customize the building of C libraries.
v34.0.3
-------
* #947: Loosen restriction on the version of six required,
restoring compatibility with environments relying on
six 1.6.0 and later.
v34.0.2
-------
* #882: Ensure extras are honored when building the
working set.
* #913: Fix issue in develop if package directory has
a trailing slash.
v34.0.1
-------
* #935: Fix glob syntax in graft.
v34.0.0
-------
* #581: Instead of vendoring the growing list of
dependencies that Setuptools requires to function,
Setuptools now requires these dependencies just like
any other project. Unlike other projects, however,
Setuptools cannot rely on ``setup_requires`` to
demand the dependencies it needs to install because
its own machinery would be necessary to pull those
dependencies if not present (a bootstrapping problem).
As a result, Setuptools no longer supports self upgrade or
installation in the general case. Instead, users are
directed to use pip to install and upgrade using the
``wheel`` distributions of setuptools.
Users are welcome to contrive other means to install
or upgrade Setuptools using other means, such as
pre-installing the Setuptools dependencies with pip
or a bespoke bootstrap tool, but such usage is not
recommended and is not supported.
As discovered in #940, not all versions of pip will
successfully install Setuptools from its pre-built
wheel. If you encounter issues with "No module named
six" or "No module named packaging", especially
following a line "Running setup.py egg_info for package
setuptools", then your pip is not new enough.
There's an additional issue in pip where setuptools
is upgraded concurrently with other source packages,
described in pip #4253. The proposed workaround is to
always upgrade Setuptools first prior to upgrading
other packages that would upgrade Setuptools.
|
|
|
|
|
|
Core utilities for Python packages.
|
|
setuptools is one of the basic methods to install python packages.
However, since 34.0 it does not provide its dependencies any longer;
so they need to be installed from pkgsrc.
For bootstrapping, python itself comes with a copy of (pip and) setuptools.
Use this copy to install the necessary packages. They need to be
marked by BOOTSTRAP_SETUPTOOLS=yes for this.
|
|
|
|
|
|
Changes from Ant 1.10.0 TO Ant 1.10.1
=====================================
Fixed bugs:
-----------
* Ant 1.10.0 made Path#systemClasspath final which broke the Eclipse
integration.
Bugzilla Report 60582
* the wrapper script still didn't work on Solaris 10, but worked on
Solaris 11.
The "fixed" script should work in most cases but will not preserve
newlines present in command line arguments.
Bugzilla Report 60562
Other changes:
--------------
* new tasks <xz> and <unxz> and resource <xzresource> for XZ
compression. Also the compression attribute of <tar>/<untar> now
accepts "xz" as valid value.
The tasks and type are contained in the new ant-xz.jar and require
the library XZ for Java to be on the CLASSPATH.
Bugzilla Report 60350
|
|
Package version should be monotonous, so use commit timestamp
instead of git hash
|
|
|
|
Default to an absolute path for rsync. We explicitly depend on it,
and it may not be first in PATH, or not at all.
|
|
From Guillem Jover.
Add test target.
|
|
|
|
bass-heavy sounds, similar to the change made to www/firefox.
put this patch in files/ because it's the right thing and also because
I'm struggling to make changes to the patch, possibly my moving the
location of EOF so the patch doesn't apply fully (guessing)
PKGREVISION->2
|
|
|
|
|
|
SortedContainers is an Apache2 licensed containers library, written in
pure-Python, and fast as C-extensions.
|
|
|
|
These files currently aren't attached to the package's Makefile.
Sponsored by <The NetBSD Foundation>
|
|
|
|
|
