| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
I don't get this far on 6.99.20/amd64 due to *locale* problems, see
PR pkg/47900.
|
|
Can't completely test this package since it doesn't build for me
on 6.99.20/amd64 due to *locale*() issues.
|
|
|
|
probably require major attention. hi mbalmer :(
|
|
|
|
Gives
scan.l:21:19: fatal error: parse.h: No such file or directory
because it has no logic to sequence its yacc and lex runs.
|
|
|
|
("fortran" denotes post-Fortran-77 dialects).
|
|
|
|
|
|
=====================================
* Minimum required Perl version is now 5.10.1.
* A couple of new tests:
- That a minimal referral can fit in a 512-octet packet.
- The responses come from the same IP address the question was sent to.
- That NSEC or NSEC3 is used in signed zones.
- That NSEC3 parameters are sane.
- That RRSIG durations are sane.
* CZNIC contributed a Czech translation.
* Reserved IP ranges updated according to new RFCs.
* All tests that made SMTP connections have been removed.
* The CLI script has a --level flag to specify the lowest log level you want printed.
* A new, better algorithm to check nameserver AS distribution.
* Plus of course bug and stability fixes.
Release Notes for DNSCheck Lib v1.3.0
=====================================
Notable changes:
* The configuration file layout has changed completely!
Instead of the old, complicated variant, default configuration, default
policy and language files are now installed in the proper place in the Perl
module tree. The user should never need to care exactly where that is. Local
changes to the configuration now lives in /etc/dnscheck/config.yaml and
/etc/dnscheck/policy.yaml
You have to manually move and rename your old site_config.yaml and
site_policy.yaml, if you have them!
|
|
|
|
|
|
RPKI-RTR (RFC6810) is now official (TCP Port 323)
Fix detection of OpenSSL libcrypto.
Add DNSSL (RFC6106) support.
Add "radius" as an option for -T.
Update Action codes for handle_action function according to
802.11s amendment.
Decode DHCPv6 AFTR-Name option (RFC6334).
Updates for Babel.
Fix printing of infinite lifetime in ICMPv6.
Added support for SPB, SPBM Service Identifier, and Unicast
Address sub-TLV in ISIS.
Decode RIPv2 authentication up to RFC4822.
Fix RIP Request/full table decoding issues.
On Linux systems with cap-ng.h, drop root privileges
using Linux Capabilities.
Add support for reading multiple files.
|
|
Add netfilter/nfqueue interface.
If we don't have support for IPv6 address resolution, support,
in filter expressions, what IPv6 stuff we can.
Checks added for malloc()/realloc()/etc. failures.
Fix pcap-config to include -lpthread if canusb support is
present
Try to fix "pcap_parse not defined" problems when --without-flex
and --without-bison are used when you have Flex and Bison
Fix some issues with the pcap_loop man page.
Fix pcap_getnonblock() and pcap_setnonblock() to fill in the
supplied error message buffer
Fix typo that, it appeared, would cause pcap-libdlpi.c not to
compile (perhaps systems with libdlpi also have BPF and use
that instead)
Catch attempts to call pcap_compile() on a non-activated pcap_t
Fix crash on Linux with CAN-USB support without usbfs
Fix addition of VLAN tags for Linux cooked captures
Check for both EOPNOTSUPP and EINVAL after SIOCETHTOOL ioctl, so
that the driver can report either one if it doesn't support
SIOCETHTOOL
Add DLT_INFINIBAND and DLT_SCTP
Describe "proto XXX" and "protochain XXX" in the pcap-filter man
page
Handle either directories, or symlinks to directories, that
correspond to interfaces in /sys/class/net
Fix handling of VLAN tag insertion to check, on Linux 3.x
kernels, for VLAN tag valid flag
Clean up some man pages
Support libnl3 as well as libnl1 and libnl2 on Linux
|
|
|
|
|
|
comma separated values.
|
|
|
|
|
|
This release adds a contrib section filled with old contributions that were not distributed with Scapy yet: CDP, IGMP, MPLS, CHDLC, SLARP, WPA EAPOL, DTP, EIGRP, VQP, BGP, OSPF, VTP RSVP, EtherIP, RIPng, and IKEv2. It fixes some bugs.
|
|
* pcap_interface.c: Release the GIL when calling into libpcap,
to allow other threads to run. (SF bug 2080784)
* pcap_interface.c: Minor improvements to exception processing.
Fixes SF bug 1758709, probably others.
* mk-constants.py: Added more DLT_ values from tcpdump.org.
* Regenerated pcap.c and pcap.py using SWIG 1.3.31.
|
|
|
|
- New Features
- dnssec-nodes - Many new features, including validation tree
graphing, on-the-wire traffic display, pcap dump
file display, increased data logging and
display, improved simultaneous updating, etc.
- Libval: - Added initial support for the TLSA rrtype
- Added support for ECDSA
- Implemented checking for AI_ADDRCONFIG in getaddrinfo
- Memory optimizations to improve speed-up
- dnssec-check - increased stability across all platforms.
- All Around: - Many bug fixes and other minor improvements
1.13
- New Features
- rollerd: - Added support for the signzone command. Allow
zones to be signed while in the midst of a
rollover wait.
- Added autosigning of modified zone files. Zone
files are considered modified when their "last
modification" timestamp is more recent than that
of the associated signed zone file. This
functionality includes adding the -autosign option
and config field.
- Added additional commands (via rollctl) to allow
greater control over zone rollover actions.
- Added -zsargs option to allow global options to
be passed to zonesigner.
- realms: - Added the realms feature to manage multiple
simultaneous rollover environments. Several
commands and modules (e.g., dtrealms, realms.pm,
buildrealms) were added for the realms feature.
- zonesigner: - Added the -threshold option to specify a signing
threshold.
- Better handling of serial numbers in zone files.
- keymod: - New tool that can be used to modify key
generation parameters in a keyrec file.
- dnssec-check - significant rewrite since the 1.12 release, though
individual updates have been available already.
- Asynchronous support for non-interrupting GUI support
- Letter grades assigned to each resolver
- Various user-interface improvements
- libval: - Bug fixes
- Renamed all validator command-line apps to have
a dt- prefix in order to avoid conflicts with
pre-existing executables in certain platforms.
- dnsval python module
- Add python wrapper module for the validator
library. Code contributed by Bob Novas.
- trustman: - Added an option for use by monitoring systems.
- nagios - Added the dt_donuts plugin for running trustman on
remote machines.
- Added the dt_trustman plugin for monitoring trust
anchors.
- firefox - updated nspr and firefox patches to work with
mozilla-central and nspr-4.9
- webmin: - Added the ability to perform DNSSEC
operations on DNSSEC-Tools managed signed
zones using the Webmin front-end.
- ssh: - Update the patch for enabling local DNSSEC
validation to work with OpenSSH 6.0p1.
|
|
+ ruby-gnome-webkit-gtk2
|
|
|
|
|
|
|
|
2012-12-02: Added new functions
* sleep
* clear_bindings
Really old operating system distributions may have had problems
linking these functions, but it seems that reasonably recent
ones support them.
2012-11-19: Added missing .mldylib file for shared library support.
|
|
the package. For f2c, all Fortran 95+ programs are broken and it is
generally not possible to mix output from different Fortran compilers.
Default to g95 for now as fallback compiler.
|
|
|
|
Log something when refusing to sign because the private key was too
small. This also adds a new "On-SignatureError" handler
setting, and a new status code DKIM_STAT_SIGGEN.
Fix application of "On-InternalError" setting.
Feature request #SF3609496: Don't apply reputation checks to internal
clients.
2.8.2 2013/03/27
Authentication-Results tokens should be checked without case
sensitivity.
Fix snprintf() arguments in dkimf_checkfsnode().
CONTRIB: Patch #SF3608716: Fixes to spec/opendkim.spec.in
2.8.1 2013/03/19
Fix bug #SF3607071: Report the reason why a key file is determined
to be unsafe.
Fix bug #SF3607072: When checking for key file safety, take any
"-u" value provided on the command line into account.
Fix bug #SF3608401: Solaris 10 doesn't have strsep().
BUILD: Fix build for versions of libdb between 3.1 and 4.6.
2.8.0 2013/02/25
Feature request #SF2964383: Add DKIM_LIBFLAGS_STRICTRESIGN, which
inhibits signing of a handle tagged for resigning when the
attached verifying handle had no valid signatures in it.
Feature request #SF3155117: Do a more thorough check for writeable
key files, checking more of the filesystem permission tree.
Feature request #SF3530734: Add "LDAPDisableCache", which suppresses
the creation of a local cache in front of LDAP queries.
Feature request #SF3547359: If compiled with libcurl, add "SMTPURI"
configuration option that allows direct SMTP transmission
failure reports.
Feature request #SF3578197: Allow per-message override of the list of
header fields to be signed.
Feature request #SF3590860: Combine collected reputation values into
an overall allowed rate under _FFR_REPRRD, as is done for the
other reputation code.
Feature request #SF3598991: Add odkim.signfor() function to the Lua
setup script.
Feature request #SF3599409: Modify dkimf_checkip() to try surrounding
the IP address part of every query with square brackets, which
is a common way to do IP address literals in email contexts.
Fix bug #SF3531477: Add (hopefully temporary) configuration option
"DisableCryptoInit" so that opendkim's initialization of the
crypto library doesn't conflict with the same work done by
other libraries.
Fix bug #SF3599901: Rename "InsecureKey" to "UnprotectedKey" and
"InsecurePolicy" to "UnprotectedPolicy", as the term "insecure"
in reference to a key is sometimes interpreted to mean "not
enough random bits" rather than as a keyword describing the
presence or absence of DNSSEC protection. What's logged in
Authentication-Results header fields has been similarly
modified.
Fix bug #SF3604525: Don't divide by zero when the query cache hasn't
been used.
Protect against handling of signatures with empty domains, which could
cause a NULL dereference and a crash.
Do ATPS checks when enabled even if ADSP is disabled.
Don't fail to start on empty or null configuration files.
Patch #SF3593422: Update for MDB 0.9.5 support.
LIBOPENDKIM: Fix header canonicalization when DKIM_LIBFLAG_FIXCRLF is
used in combination with dkim_chunk().
LIBOPENDKIM: Enable dkim_getcachestats() and the underlying function
to extract the current number of keys in the cache, and also
provide a counter reset mechanism.
BUILD: Feature request #SF3547151: Check for Lua package name variants
in use on Debian.
BUILD: Feature request #SF3599902: Change OpenSSL existence test
to help with Debian packaging.
BUILD: Add "--with-test-socket" to force all of the filter unit tests
to use a specific socket.
BUILD: Add checks for strlcat()/strlcpy() in libbsd.
CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc.
CONTRIB: Add systemd directory.
CONTRIB: Split out initial key generation function from
contrib/init/redhat/opendkim.
MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't
contain a colon.
MILTERTEST: When connect() fails for an AF_INET socket, it apparently
leaves the socket unusable. Discard the socket when that
happens and get a new one.
MILTERTEST: Add a way to extend the mt.connect() retry interval via
environment variables so a large test suite can be easily
extended on slow systems.
TOOLS: Register DNS functions before calling dkim_dns_init() in
opendkim-testkey.
TOOLS: Add "-K" (keep temporary files) flag for opendkim-testmsg
|
|
|
|
* A new action_add_entity function has been added.
* Deprecated defined(@array) construct has been removed.
* New load1 md-mx-ctrl command summarizes load in a more useful format than load
* watch-multiple-mimedefangs.tcl has been overhauled.
* Various other bugfixes and documentation cleanups.
|
|
|
|
Support for KX, DLV, DHCID, NAPTR records.
Support for X25, ISDN, RT, PX records.
Support for MB, MG, MR, MINFO, AFSDB records.
NSEC chain validation fix.
Do not allow LP point to itself.
Miscellaneous performance improvements.
Miscellaneous portability fixes.
Miscellaneous bug fixes.
|
|
|
|
* OPENDNSSEC-367: ods-ksmutil: Require user confirmation if the algorithm for
a key is changed in a policy (as this rollover is not handled cleanly)
* OPENDNSSEC-91: Make the keytype flag required when rolling keys
* OPENDNSSEC-403: Signer Engine: new command 'ods-signer locks' that shows
locking information (for debugging purposes).
Bugfixes:
* OPENDNSSEC-247: Signer Engine: TTL on NSEC3 was not updated on SOA
Minimum change.
* OPENDNSSEC-396: Use TTLs from kasp when generating DNSKEY and DS records for
output.
* OPENDNSSEC-398: The ods-ksmutil key rollover command does not work correctly
when rolling all keys using the --policy option
* SUPPORT-40: Signer Engine: Keep occluded data in signed zone files/transfers.
|
|
|
|
|
|
Changes are too any to write here and please refer CHANGELOG.
pkgsrc changes:
* Add note to enable access_compat_module Apache 2.3 or later.
* Make php-mcrypt mandatory.
* Clean up PKG_OPTIONS.
* Add several patches from official repository.
|
|
o xf86-video-voodoo-1.2.5 [wip]
o xf86-video-modesetting-0.7.0 [wip]
|
|
|
|
|
|
|
|
|
|
- improvements to the user interface
- better phone log support
- support for changing the SIM PIN code (via the new "password" plug-in)
- optional "pulseaudio" plug-in (instead of builtin to the "profiles" plug-in)
- fixes to the "video" plug-in
- new manual pages
- more portable Makefiles
|
|
|
|
- new "player" applet
- more portable Makefiles
- improved XDG support
- fixes to the notification helper
|
|
|
