| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- Fix permissions on installed .h files
- ok'ed snj@, wiz@
- Thanks to epg@ for final check
This version of Apache is principally a bug fix release. Of particular note is
that 2.0.51 addresses five security vulnerabilities:
An input validation issue in IPv6 literal address parsing which can result in
a negative length parameter being passed to memcpy.
[CAN-2004-0786]
A buffer overflow in configuration file parsing could allow a local user to
gain the privileges of a httpd child if the server can be forced to parse a
carefully crafted .htaccess file.
[CAN-2004-0747]
A segfault in mod_ssl which can be triggered by a malicious remote server,
if proxying to SSL servers has been configured.
[CAN-2004-0751]
A potential infinite loop in mod_ssl which could be triggered given
particular timing of a connection abort.
[CAN-2004-0748]
A segfault in mod_dav_fs which can be remotely triggered by an indirect lock
refresh request.
[CAN-2004-0809]
For further details, see http://www.apache.org/dist/httpd/Announcement2.html
and http://apache.rmplc.co.uk/httpd/CHANGES_2.0.
|
|
|
|
|
|
See commit log for www/firefox/Makefile-firefox.common for more details.
Several security holes have been fixed. See the page below for details.
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
|
|
when MOZ_GTK2 is set.
Add a way to specify a different mozilla.sh script.
|
|
|
|
|
|
|
|
What's new from Release Notes:
* Global Inbox
POP3 users can now combine all of their POP3 accounts into a single
global inbox under local folders.
* Comprehensive Data Migration
Switching to Thunderbird has never been easier since Thunderbird can
now migrate all of your e-mail data including settings, mail folders
and address book data from common mail applications such as the
Mozilla 1.x Suite, Outlook Express, Outlook and Eudora.
* RSS Integration
Thunderbird now features a built in RSS reader which allows you to
easily subscribe to and read news and weblogs that support RSS.
* Improved Privacy Controls
In order to help protect your privacy, Thunderbird now automatically
blocks remote image requests in e-mails from senders you don't know.
* Improved Quick Search
Thunderbird now makes it even easier to manage your e-mail. Quick
search now supports many different types of search criteria including
the ability to search message body text. Thunderbird can also
highlight the quick search terms in the message body.
* Other New Features
Support for using a master password to encrypt saved e-mail account passwords.
Linux GNOME users can now make Thunderbird their default e-mail client
(Tools > Options > General).
If your network uses proxy authentication for HTTP, Thunderbird now
correctly prompts for proxy authentication instead of silently
failing.
Bug fixes too numerous to mention!
---
Several security holes have been fixed. See the page bellow for
detail.
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
from Release Notes:
---
Firefox is a fast, full-featured browser that makes browsing more
efficient than ever before. More information about Firefox is
available.
Firefox Preview Release (henceforth refered to as PR) is a Technology
Preview. While this software works well enough to be relied upon as
your primary browser in most cases, we make no guarantees of its
performance or stability. It is a pre-release product and should not
be relied upon for mission-critical tasks. See the License Agreement
for more information.
These release notes cover what's new, download and installation
instructions, known issues and frequently asked questions for the
Firefox PR release. Please read these notes and the bug filing
instructions before reporting any bugs to Bugzilla.
We want to hear your feedback about Firefox. Please join us in the
Firefox forums, hosted by MozillaZine.
What's New
Here's what's new in this release of Firefox:
* Live Bookmarks
You can now subscribe to and read RSS feeds in your
Bookmarks. When you visit a page that advertises a RSS feed by using a
<link> tag, a RSS icon will appear in the status bar. Click it to view
a list of feeds the page is offering. Click one to subscribe - this
adds a Bookmark Folder that contains all the recent posts from the
feed.
* Improved Find
Find is easier and more powerful now with our new Find
toolbar. The Find toolbar (which shows at the bottom of the browser
window) automatically highlights text in the page as you type and has
a useful highlight feature.
* Managing Annoyances and Protecting Security
You can now open blocked popups, and the Extension install
system now blocks all attempts to install software from sites other
than update.mozilla.org. Users can add other sites to a list that
allows them to offer software, but software is never automatically
installed. In addition to these steps, several other measures have
been taken to prevent phishing attacks and to highlight when a page is
being viewed over a secure connection.
* Better Bookmarks
Numerous improvements to bookmarks including more reliable
presentation of Site icons, and a split pane view in the Bookmarks
window.
* Strong Encryption For Passwords Available
Passwords saved with the Password Manager can now be more easily
encrypted with strong encryption by creating a "Master Password". If
you create a Master Password, you are prompted once per session to
enter the Master Password so that Password Manager can automatically
fill in site logins. A useful feature for people who share computers
with others and want improved security.
* Improved Compatibility for IE users
Undetectable document.all support for site compatibility and
improved compatibility for keyboard accelerators further smooth the
transition for IE users
* Better System Integration for GNOME users
You can now configure Firefox as your Default Browser on GNOME,
and Firefox will adhere to your GNOME settings for edit field key
bindings, etc.
* And a horde of other bug fixes...
See The Burning Edge's Bigger Picture for more details.
-----
Several security holes have been fixed. See the page bellow for
detail.
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
|
|
|
|
* maketemp now creates an empty file with the given name, instead of merely
returning the name of a nonexistent file. This closes a security hole.
(Now it builds on Darwin/MacOSX; no more 'sigstack' linking error.)
|
|
- distfile has moved
- license has changed. Patches are the result of de-fuzzing the
old patches since the new source files have the new (less restrictive)
license.
|
|
No vulnerability exists because of this, but I think
it is best to have this applied. (However, no entry
in the vulnerabilities file will be added.)
|
|
|
|
(when there is no sudo binary temporarily!)
|
|
(by extension). Evidence suggests there is (at best) a bad interaction
between pth and the thread memory allocator inside tcl, as witnessed by
the tcl-scotty's package failure to install if threads is enabled on
1.6.2_STABLE/i386. Interestingly, the version with native threads on
2.0_BETA/alpha works just nicely.
|
|
|
|
|
|
|
|
|
|
|
|
Mozilla 1.7.3 is a security update to Mozilla 1.7 that fixes a several
security vulnerabilities.
#93 "Send page" heap overrun (258005)
#92 javascript clipboard access (257523)
#91 Privilege request confusion (253942)
#90 Buffer overflow when displaying VCard (257314)
#89 BMP integer overflow (255067)
#88 javascript: link dragging (250862)
#87 non-ascii hostname heap overrun (256316)
#86 Malicious POP3 server III (245066, 226669)
#85 Wrong file permissions after installing on Linux (231083, 235781)
#84 Wrong file permissions in linux archive (254303)
See the page bellow for detail
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
|
|
|
|
Changes since 2.10.0:
* Changes in 2.10.1 from 2.10.0
Version 2.10.1 is a bug fix version of 2.10.0.
** Fixed after message buffer kill, prefetch doesn't work.
** Default value of wl-delete-folder-alist,
wl-folder-hierarchy-access-folders are changed.
** Support localdir and pipe folder rename.
** Fixed message and error argument. Use %s for variable.
** Now, response from IMAP server (e.g. \Noselect, \Flagged)
parse case-ignore.
** Fixed elmo-msgdb-extra-fields field are case sensitive.
** Fixed IMAP folder included ~, expand to home directory.
** Fixed the problem that msgdb be destroyed when print-length or
print-level has Non-nil value.
** Fixed a problem that wl-folder-move-cur-folder doesn't work.
** Fixed a problem that wl-draft-reedit doesn't work properly on Meadow.
** Fixed a problem that wl-summary-pack-number doesn't work on
Maildir, shimbun, and pipe folders.
** Fixed a problem that cache file is not protected even if it is marked
as important.
** Fixed a problem that %# in wl-summary-line-format cannot handle large
number.
** Fixed a problem to remove password even if SMTP AUTH failed at non-auth
phase.
** Default value of wl-message-buffer-prefetch-folder-type-list,
wl-message-buffer-prefetch-idle-time, and
wl-message-buffer-prefetch-depth are changed.
** Fixed to compile on XEmacs without mule feature.
|
|
|
|
|
|
|
|
Changes since 1.0.0:
Version 1.2.3:
- IPv6 support on Windows systems
- The configuration file supports all commands and arguments related to
TLS and authentication, even if TLS and/or GNU SASL support is not
compiled in
- The GNU SASL library is not required to support DIGEST-MD5 and NTLM
anymore. This means you can now use the packaged versions of the library
from Gentoo or Debian sarge.
- You can use the -v/--version option to find out which authentication
methods are supported.
Version 1.2.2:
- Enhancements to the logfile command:
- All available information is now written to the logfile (new fields:
mailsize=..., smtpmsg='...', errormsg='...').
- Logging to standard output is possible by using "logfile -"
Version 1.2.1:
- No new features.
Version 1.2.0:
- This version can be compiled without TLS/SSL support; use
--disable-ssl if you really want that.
- Read the entries for versions 1.1.x for more changes since the last
stable version 1.0.0.
Version 1.1.3:
- New option -i for compatibility with mail(1).
- New 'logfile' command; see man page for details.
Version 1.1.2:
- No user visible changes.
Version 1.1.1:
- The tls_nostarttls command now sets the default port to 465 (ssmtp).
Version 1.1.0:
- Support for SMTP command pipelining. On high latency networks, this
may increase transmission speed, especially when sending to many
recipients.
- The short option for --file, -f, has changed to -F
- A new option --from/-f is available to set the envelope from address.
- A new option --serverinfo/-S is available to print information
about the capabilities and limitations of an SMTP server
|
|
out URL where it will re-appear hopefully soon.
|
|
|
|
|
|
Changes since 0.0.8:
* Changes in 0.1.4 (released 2004-08-08)
** Revamp of gnulib compatibility files.
** More translations.
German (by Roland Illig), Basque (by Mikel Olasagasti), French (by
Michel Robitaille), Irish (by Kevin Patrick Scannell), Dutch (by Elros
Cyriatan), Polish (by Jakub Bogusz), Romanian (by Laurentiu Buzdugan),
and Serbian (by Aleksandar Jelenak).
* Changes in 0.1.3 (released 2004-08-04)
** Command line tool support IPv6 (and other protocol families).
Requires that your system has `getaddrinfo'.
** Command line behaviour for gsasl tool improved.
The --client and --imap parameters are now the default. The --connect
host and port can now be specified directly. If --authentication-id
is not specified, the username of the user invoking gsasl is used
(i.e., getpwuid(getuid)->pw_name). Alltogether, this allows simple
usage, as in `gsasl mail.example.com' to connect, via IMAP, to
mail.example.com.
* Changes in 0.1.2 (released 2004-07-16)
** The SMTP mode in `gsasl' should now work.
** Cross compile builds should work.
It should work for any sane cross compile target, but the only tested
platform is uClibc/uClinux on Motorola Coldfire.
** The GNU Readline library is used to read data, if available.
** Passwords read from stdin are not echoed to the terminal.
* Changes in 0.1.1 (released 2004-06-26)
** In the command line client, the default quality of protection is now none.
* Changes in 0.1.0 (released 2004-04-16)
** The library re-licensed to LGPL and distributed as a separate package.
This means a fork of this NEWS file, all the entries below relate to
the combined work of earlier versions. New entries above does not
document user visible changes for the library ("libgsasl"), for that
see NEWS in the lib/ sub-directory, which is also distributed as a
stand-alone package.
* Changes in 0.0.14 (released 2004-01-22)
** Moved all mechanism specific code into sub-directories of lib/.
Each backend is built into its own library (e.g., libgsasl-plain.so),
to facilitate future possible use of dlopen to dynamically load
backends.
** Moved compatibility files (getopt*) to gl/, and added more (strdup*).
* Changes in 0.0.13 (released 2004-01-17)
** Nettle (the crypto functionality, crypto/) has been updated.
This fixes two portability issues, the new code should work on
platforms that doesn't have inttypes.h and alloca.
* Changes in 0.0.12 (released 2004-01-15)
** Protocol line parser in 'gsasl' tool more reliable.
Earlier it assumed two lines were sent in one packet in one place, and
sent as two packets in another place.
** Various bugfixes.
* Changes in 0.0.11 (released 2004-01-06)
** The client part of CRAM-MD5 now uses SASLprep instead of NFKC.
This aligns with draft-ietf-sasl-crammd5-01.
** The CRAM-MD5 challenge string now conform to the proper syntax.
** The string preparation (SASLprep and trace) functions now work correctly.
** DocBook manuals no longer included.
The reason is that recent DocBook tools from the distribution I use
(Debian) fails with an error. DocBook manuals may be included in the
future, if I can get the tools to work.
** API and ABI modifications.
GSASL_SASLPREP_ERROR: ADD.
* Changes in 0.0.10 (released 2003-11-22)
** The CRAM-MD5 server now reject invalid passwords.
The logic flaw was introduced in 0.0.9, after blindly making code
changes to shut up valgrind just before the release.
** Various build improvements.
Pkg-config is no longer needed. GTK-DOC is only used if present.
* Changes in 0.0.9 (released 2003-11-21)
** Command line client can talk to SMTP servers with --smtp.
** DocBook manuals in XML, PDF, PostScript, ASCII and HTML formats included.
** Token parser in DIGEST-MD5 fixed, improve interoperability of DIGEST-MD5.
** Libgcrypt >= 1.1.42 is used if available (for CRAM-MD5 and DIGEST-MD5).
The previous libgcrypt API is no longer supported.
** CRAM-MD5 and DIGEST-MD5 no longer require libgcrypt (but can still use it).
If libgcrypt 1.1.42 or later is not found, it uses a minimalistic
cryptographic library based on Nettle, from crypto/. Currently only
MD5 and HMAC-MD5 is needed, making a dependence on libgcrypt overkill.
** Listing supported server mechanisms with gsasl_server_mechlist work.
** Autoconf 2.59, Automake 1.8 beta, Libtool CVS used.
** Source code for each SASL mechanism moved to its own sub-directory in lib/.
** The command line interface now uses getopt instead of argp.
The reason is portability, this also means we no longer use gnulib.
** API and ABI modifications.
gsasl_randomize: ADD.
gsasl_md5: ADD.
gsasl_hmac_md5: ADD.
gsasl_hexdump: REMOVED. Never intended to be exported.
gsasl_step: ADD.
gsasl_step64: ADD.
gsasl_client_step: DEPRECATED: use gsasl_step instead.
gsasl_server_step: DEPRECATED: use gsasl_step instead.
gsasl_client_step_base64: DEPRECATED: use gsasl_step64 instead.
gsasl_server_step_base64: DEPRECATED: use gsasl_step64 instead.
gsasl_finish: ADD.
gsasl_client_finish: DEPRECATED: use gsasl_finish instead.
gsasl_server_finish: DEPRECATED: use gsasl_finish instead.
gsasl_ctx_get: ADD.
gsasl_client_ctx_get: DEPRECATED: use gsasl_ctx_get instead.
gsasl_server_ctx_get: DEPRECATED: use gsasl_ctx_get instead.
gsasl_appinfo_get: ADD.
gsasl_appinfo_set: ADD.
gsasl_client_application_data_get: DEPRECATED: use gsasl_appinfo_get instead.
gsasl_client_application_data_set: DEPRECATED: use gsasl_appinfo_set instead.
gsasl_server_application_data_get: DEPRECATED: use gsasl_appinfo_get instead.
gsasl_server_application_data_set: DEPRECATED: use gsasl_appinfo_set instead.
Gsasl: ADD.
Gsasl_ctx: DEPRECATED: use Gsasl instead.
Gsasl_session: ADD.
Gsasl_session_ctx: DEPRECATED: use Gsasl_session instead.
GSASL_CRYPTO_ERROR: ADD, replaces deprecated GSASL_LIBGCRYPT_ERROR.
GSASL_LIBGCRYPT_ERROR: DEPRECATED: use GSASL_CRYPTO_ERROR instead.
GSASL_KERBEROS_V5_INTERNAL_ERROR: ADD, replaces deprecated GSASL_SHISHI_ERROR.
GSASL_SHISHI_ERROR: DEPRECATED: use GSASL_KERBEROS_V5_INTERNAL_ERROR instead.
GSASL_INVALID_HANDLE: ADD.
|
|
|
|
* Changes in 0.0.13 (released 2004-08-08)
** Revamp of gnulib compatibility files.
** More translations.
French (by Michel Robitaille) and Romanian (by Laurentiu Buzdugan).
* Changes in 0.0.12 (released 2004-08-01)
** Added rudimentary self tests of Kerberos 5 context init/accept.
Tests client and server authentication, with and without mutual
authentication, and that various aspects of the API like ret_flags
work.
** Various fixes, discovered while writing the Kerberos 5 self test.
** Cross compile builds should work.
It should work for any sane cross compile target, but the only tested
platform is uClibc/uClinux on Motorola Coldfire.
|
|
gss-0.0.13 [pkg/26972], libntlm-0.3.3, mathomatic-11.3e,
metacity-2.8.5 [pkg/26957|jmmv], msmtp-1.2.3 [pkg/26975],
sml-nj-110.49, snd-7.6, sqlite-3.0.7, wl-2.10.1 [pkg/26956],
xine-1-rc6a, xmms-crossfade-0.3.6.
|
|
|
|
|
|
Its old, it doesn't compile on recent systems, no one objected on tech-pkg,
its gone.
|
|
|
|
|
|
|
|
(17 September 2004, from /branches/1.0.x)
http://svn.collab.net/repos/svn/tags/1.0.7
User-visible-changes:
* fixed: win32 'file not found' error [issue #1862]
* fixed: 'svn st -u' crash (r10841)
* fixed: potential repos corruption; ensure stdin/out/err always open (r10819)
* fixed: allow propnames containing ":" to be fetched via http:// (r10190)
* fixed: allow user to interrupt between authentication prompts (see r11014)
* fixed: work around +t directory-creation bug in APR (r10616, 10638, 10642)
* various small fixes to Book
Developer-visible changes:
* fix library dependencies for bindings (r9338, 9340)
* java bindings: fix a crash and other bugs (r9883, 9905, 8027)
* perl bindings: various fixes (see r11023)
pkgsrc changes:
Remove devel/subversion/patches/patch-aa. This will cause the other
packages that build from the subversion tar file to build a little
slower, because they will unnecessarily rebuild subversion libraries.
Everything still works and this file is a massive pain to update with
every new release.
|
