Age | Commit message (Collapse) | Author | Files | Lines |
|
Adam Jackson (1):
libXfont 1.3.2
Jens Granseuer (1):
fix build with gcc 2.95.
Matthieu Herrb (3):
catalogue.c: prevent a one character overflow
ftsystem.c is not needed anymore.
Fix for CVE-2008-0006 - PCF Font parser buffer overflow.
Tilman Sauerbeck (1):
Replaced one instance of bcopy() with memcpy().
|
|
|
|
Aaron Plattner (5):
G80: Fix connector mapping and TMDS initialization on certain GPUs.
GeForce 9600 GT.
More new chip names.
Add xf86gtf.c to the compat file list.
Bump to 2.1.8.
Søren Sandmann Pedersen (1):
Bug #14484: Fix G80SorSetProperty return value.
|
|
|
|
Adam Jackson (1):
x11proto 7.0.12
Alan Coopersmith (1):
Make Xalloca.h work with Sun C++ compiler
Ben Byer (1):
fd_mask needs to be defined on OS X, too
Daniel Stone (1):
Check headers before testing for fds_bits access method (bug #8442)
Jeremy Huddleston (2):
Changed __DARWIN__ to __APPLE__
Fixed #ifdef checks that were using i386 to use __i386__
|
|
|
|
All:
- The Schily Makefile system has been enhanced to install
the profiled version of the archives in a sub-directory "profiled".
This is done via a new macro SUBINSDIR=
- New autoconf test checks sizeof(time_t)
- New autoconf test for the existence of stack_t and siginfo_t in signal.h
- In order to allow better dealing with Solaris linker Mapfiles,
a getfp() function (calling abort(3)) is created when it is not
possible to implement this function because of compiler constraints.
- Many other enhancements of the autoconfiguration have been a result
of porting the Bourne Shell into the Schily Makefilesystem.
Libschily:
- The schily *printf routines now correctly support the %j format (intmax_t)
- getargs now first checks whether an argument can be a combination of
several singlechar flags before starting to set values.
Libfind:
- libfind (used by sfind, bsh, star, mkisofs) fixed the -exec {} +
implementation. Before the fix, it could core dump if the built-in
xargs(1) would exactly fill up args to the size of ARG_MAX.
Libsiconv:
- libsiconv/sic_nls.c modified to allow compilation with older GCC
versions.
Cdrecord:
- cdrecord/readcd/cdda2wav now support an enhanced /etc/default/cdrecord file
with an additional parameter to specify the max. transfer size for a device.
- CDR_FORCESPEED=any now works for cdrecord to switch off DMA speed test results
- Make cdrecord compile again with a K&R compiler
- Add a "blank emulation" layer to the BluRay driver too.
Cdda2wav (Maintained/enhanced by Jörg Schilling, originated by Heiko Eißfeldt heiko@hexco.de):
- cdrecord/readcd/cdda2wav now support an enhanced /etc/default/cdrecord file
with an additional parameter to specify the max. transfer size for a device.
Readcd:
- cdrecord/readcd/cdda2wav now support an enhanced /etc/default/cdrecord file
with an additional parameter to specify the max. transfer size for a device.
Mkisofs (Maintained/enhanced by Jörg Schilling since 1997, originated by Eric Youngdale):
- Fixed a typo unides -> inodes
- Mkisofs now gives better warning for files > 4 GB in hope it
will no direct people to read the documentation.
- superfluous definition for memmove() on memmove()-less platforms removed
|
|
|
|
some time now.
|
|
|
|
(or any special char, with no ?.)
|
|
|
|
|
|
|
|
include:
* Added some timing pauses so rotations and such are not too
fast.
* Changed default setting of X11 option :FAST-LINES to NIL. It
is no longer needed as an optimization and support seems to
now be buggy on some servers.
+ Support user-destdir installation.
+ HOMEPAGE has moved to uiowa.edu.
|
|
|
|
|
|
|
|
Noteworthy changes in version 1.4.0 (2007-12-10)
------------------------------------------------
* New configure option --disable-padlock-support which is mostly
useful in case of build problems.
Noteworthy changes in version 1.3.2 (2007-12-03)
------------------------------------------------
* The visibility attribute is now used if supported by the toolchain.
* The ACE engine of VIA processors is now used for AES-128.
* The ASN.1 DER template for SHA-224 has been fixed.
Noteworthy changes in version 1.3.1 (2007-10-26)
------------------------------------------------
* The entire library is now under the LGPL. The helper programs and
the manual are under the GPL. Kudos to Peter Gutmann for giving
permissions to relicense the rndw32 and rndunix modules.
* The Camellia cipher is now under the LGPL and included by default.
* Fixed a bug in the detection of symbol prefixes which inhibited the
build of optimzied assembler code on certain systems.
* Updated the entropy gatherer for W32.
Noteworthy changes in version 1.3.0 (2007-05-04)
------------------------------------------------
* Changed the way the RNG gets initialized. This allows to keep it
uninitialized as long as no random numbers are used. To override
this, the new macro gcry_fast_random_poll may be used. It is in
general a good idea to spread this macro into the application code
to make sure that these polls happen often enough.
* Made the RNG immune against fork without exec.
* Reading and writing the random seed file is now protected by a
fcntl style file lock on systems that provide this function.
* Support for SHA-224 and HMAC using SHA-384 and SHA-512.
* Support for the SEED cipher.
* Support for the Camellia cipher. Note that Camellia is disabled by
default, and that enabling it changes the license of libgcrypt from
LGPL to GPL.
* Support for OFB encryption mode.
* gcry_mpi_rshift does not anymore truncate the shift count.
* Reserved algorithm ranges for use by applications.
* Support for DSA2.
* The new function gcry_md_debug should be used instead of the
gcry_md_start_debug and gcry_md_stop_debug macros.
* New configure option --enable-random-daemon to support a system
wide random daemon. The daemon code is experimental and not yet
very well working. It will eventually allow to keep a global
random pool for the sake of short living processes.
* Non executable stack support is now used by default on systems
supporting it.
* Support for Microsoft Windows.
* Assembler support for the AMD64 architecture.
* New configure option --enable-mpi-path for optimized builds.
* Experimental support for ECDSA; should only be used for testing.
* New control code GCRYCTL_PRINT_CONFIG to print the build
configuration.
* Minor changes to some function declarations. Buffer arguments are
now typed as void pointer. This should not affect any compilation.
Fixed two bugs in return values and clarified documentation.
* Interface changes relative to the 1.2.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_fast_random_poll NEW
gcry_md_debug NEW
gcry_sexp_nth_string NEW
GCRY_MD_SHA224 NEW
GCRY_PK_USAGE_CERT NEW
GCRY_PK_USAGE_AUTH NEW
GCRY_PK_USAGE_UNKN NEW
GCRY_PK_ECDSA NEW
GCRY_CIPHER_SEED NEW
GCRY_CIPHER_CAMELLIA128 NEW
GCRY_CIPHER_CAMELLIA192 NEW
GCRY_CIPHER_CAMELLIA256 NEW
GCRYCTL_FAKED_RANDOM_P NEW
GCRYCTL_PRINT_CONFIG NEW
GCRYCTL_SET_RNDEGD_SOCKET NEW.
gcry_mpi_scan CHANGED: Argument BUFFER is now void*.
gcry_pk_algo_name CHANGED: Returns "?" instead of NULL.
gcry_cipher_algo_name CHANGED: Returns "?" instead of "".
gcry_pk_spec_t CHANGED: Element ALIASES is now const ptr.
gcry_md_write_t CHANGED: Argument BUF is now a const void*.
gcry_md_ctl CHANGED: Argument BUFFER is now void*.
gcry_cipher_encrypt CHANGED: Arguments IN and OUT are now void*.
gcry_cipher_decrypt CHANGED: Arguments IN and OUT are now void*.
gcry_sexp_sprint CHANGED: Argument BUFFER is now void*.
gcry_create_nonce CHANGED: Argument BUFFER is now void*.
gcry_randomize CHANGED: Argument BUFFER is now void*.
gcry_cipher_register CHANGED: Argument ALGORITHM_ID is now int*.
|
|
patch-ac that altered the order in which the terminal library for
readline was detected. The termcap.buildlink3.mk file (included
indirectly by readline/buildlink3.mk) will do the right thing by
itself.
+ Modify the pkg-index.tmpl INSTALL script fragment: we can just use
${PKG_PREFIX} instead of substituting for @PREFIX@ everywhere. Also
refactor the commands to rebuild the package index into a shell
function and give some indication to the user what is happening.
+ Remove chown operation in post-install that was basically
cargo-culted from the very first version of R imported into pkgsrc.
It's not necessary.
+ Support user-destdir installation.
Bump the PKGREVISION to 2.
|
|
|
|
|
|
gnash-0.8.2, gnome-sharp-2.20.0, gnome-vfsmm-2.22.0, gtk2-sharp-2.12.0,
inputproto-1.4.3, ivtools-1.2.5, libXfont-1.3.2, libgnomecanvasmm-2.22.0,
libgnomemm-2.22.0, libgnomeuimm-2.22.0, libgsf-1.14.8, libntlm-0.4.2,
librsvg-2.22.2, libtcl-nothread-8.5.1, libtool-base-2.2,
mkvtoolnix-2.2.0, rapidsvn-0.9.6, rpm-5.0.3, xf86-video-nv-2.1.8,
xproto-7.0.12, xtrans-1.1.
|
|
|
|
- The addition of several new routines for complex number operations.
- Minor changes in the function implementations to use the new
operations.
+ Support user-destdir installation.
+ Move Makefile for building the BLAS library from patch-aa into
files/Makefile.blas. It's simpler to edit this file than to create
new patches.
|
|
Addresses PR 38189 by charlie.
|
|
totem/buildlink3.mk.
|
|
this Makefile.common.
|
|
these Makefiles include seamonkey-bin-nightly/Makefile.common which
just include seamonkey-bin/Makefile.common which already has user-destdir
support.
|
|
|
|
has already been altered to support user-destdir, so we just need to turn
it on in these packages.
|
|
|
|
|
|
|
|
* security fix: omit commits of all-forbidden files from query results
* security fix: disallow direct URL navigation to hidden CVSROOT folder
* security fix: strip forbidden paths from revision view
* security fix: don't traverse log history thru forbidden locations
* security fix: honor forbiddenness via diff view path parameters
* new 'forbiddenre' regexp-based path authorization feature
* fix root name conflict resolution inconsistencies (issue #287)
* fix an oversight in the CVS 1.12.9 loginfo-handler support
* fix RSS feed content type to be more specific (issue #306)
* fix entity escaping problems in RSS feed data (issue #238)
* fix bug in tarball generation for remote Subversion repositories
* fix query interface file-count-limiting logic
* fix query results plus/minus count to ignore forbidden files
* fix blame error caused by 'svn' unable to create runtime config dir
|
|
>100% full. Patch submitted by kre@munnari.OZ.AU in PR 38148.
|
|
the termcap libraries. Including termcap.buildlink3.mk (indirectly
through including readline/buildlink3.mk) will do the right thing.
+ Remove readline dependency from Makefile.common and add it into
mysql5-client/Makefile. Only the -client package needs and uses
readline. The -server package only "needs" it to placate the
configure script, but none of its installed binaries are linked
against it.
+ Add full DESTDIR support to the -client and -server packages.
Bump the PKGREVISION of mysql5-client to 3.
The PKGREVISION of mysql5-server remains unchanged since there are
no user-visible changes to the binary package.
|
|
PKGREVISION++
|
|
+ Remove explicit naming of "-lncurses -ltermcap" as the way to get
the termcap libraries. Including termcap.buildlink3.mk (indirectly
through including readline/buildlink3.mk) will do the right thing.
+ Remove readline dependency from Makefile.common and add it into
mysql4-client/Makefile. Only the -client package needs and uses
readline. The -server package only "needs" it to placate the
configure script, but none of its installed binaries are linked
against it.
+ Add full DESTDIR support to the -client and -server packages.
Bump the PKGREVISION of mysql4-client to 3.
The PKGREVISION of mysql4-server remains unchanged since there are
no user-visible changes to the binary package.
|
|
|
|
|
|
|
|
* Version 2.2.2 (released 2008-02-21)
** Cipher priority string handling now handle strings that starts with NULL.
Thanks to Laurence Withers <l@lwithers.me.uk>.
** Corrected memory leaks in session resuming and DHE ciphersuites. Reported
by Daniel Stenberg.
** Increased the default certificate verification chain limits and allowed
for checks without limitation.
** Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name()
and gnutls_x509_crt_get_subject_alt_name() to not null terminate binary
strings and return the proper size.
** API and ABI modifications:
No changes since last version.
* Version 2.2.1 (released 2008-01-17)
** Prevent linking libextra against previously installed libgnutls.
Tiny patch from "Alon Bar-Lev" <alon.barlev@gmail.com>, see
<http://bugs.gentoo.org/show_bug.cgi?id=202269>.
** Fixes the post_client_hello_function(). The extensions are now parsed
in a callback friendly way.
** Fix for certificate selection in servers with certificate callbacks.
** API and ABI modifications:
No changes since last version.
* Version 2.2.0 (released 2007-12-14)
Major changes compared to the v2.0 branch:
* SRP support aligned with newly published RFC 5054.
* OpenPGP support aligned with newly published RFC 5081.
* Support for DSA2 keys.
* Support for Camellia cipher.
* Support for Opaque PRF Input extension.
* PKCS#8 parser now handle DSA keys.
* Change from GPLv2 to GPLv3 for command-line tools, libgnutls-extra,
etc. Notice that liblzo2 2.02 is licensed under GPLv2 only. Earlier
versions, such as 2.01 which is included with GnuTLS, is available under
GPLv2 or later. If this incompatibility causes problems, we recommend
you to disable LZO using --without-lzo. LZO compression is not a
standard TLS compression algorithm, so the impact should be minimal.
* Functions for disabling record protocol padding.
Works around bugs on Nokia/Ericsson phones.
* New functions gnutls_priority_set() for setting cipher priorities easily.
Priorities like "COMPAT" also enables other work arounds, such as
disabling padding.
* Other minor improvements and bug fixes.
Minor changes compared to the latest v2.1.8 release candidate:
* Update internal copy of libtasn1 to version 1.2.
* Certtool --verify-chain now handle inputs larger than 64kb.
This fixes the self-test "rsa-md5-collision" under MinGW+Wine with
recent versions of libgcrypt. The problem was that Wine with the
libgcrypt RNG generates huge amounts of debugging output.
* Translation updates.
Added Dutch translation. Updated Polish and Swedish translation.
Backwards incompatible API/ABI changes in GnuTLS 2.2
====================================================
To adapt to changes in the TLS extension specifications for OpenPGP
and SRP, the GnuTLS API had to be modified. This means breaking the
API and ABI backwards compatibility. That is something we try to
avoid unless it is necessary. We decided to also remove the already
deprecated stub functions for X.509 to XML conversion and TLS
authorization (see below) when we had the opportunity.
Generally, most applications does not need to be modified. Just
re-compile them against the latest GnuTLS release, and it should work
fine.
Applications that use the OpenPGP or SRP features needs to be
modified. Below is a list of the modified APIs and discussion of what
the minimal things you need to modify in your application to make it
work with GnuTLS 2.2.
Note that GnuTLS 2.2 also introduces new APIs -- such as
gnutls_set_priority() that is superior to
gnutls_set_default_priority() -- that you may want to start using.
However, using those new APIs is not required to use GnuTLS 2.2 since
the old functions continue are still supported. This text only
discuss what you minimally have to modify.
XML related changes
-------------------
The function `gnutls_x509_crt_to_xml' has been removed. It has been
deprecated and only returned an error code since GnuTLS version
1.2.11. Nobody has complained, so users doesn't seem to miss the
functionality. We don't know of any other library to convert X.509
certificates into XML format, but we decided (long ago) that GnuTLS
isn't the right place for this kind of functionality. If you want
help to find some other library to use here, please explain and
discuss your use case on help-gnutls <at> gnu.org.
TLS Authorization related changes
---------------------------------
Everything related to TLS authorizations have been removed, they were
only stub functions that returned an error code:
GNUTLS_SUPPLEMENTAL_AUTHZ_DATA
gnutls_authz_data_format_type_t
gnutls_authz_recv_callback_func
gnutls_authz_send_callback_func
gnutls_authz_enable
gnutls_authz_send_x509_attr_cert
gnutls_authz_send_saml_assertion
gnutls_authz_send_x509_attr_cert_url
gnutls_authz_send_saml_assertion_url
SRP related changes
-------------------
The callback gnutls_srp_client_credentials_function has a new
prototype, and its semantic has changed. You need to rewrite the
callback, see the updated function documentation and SRP example code
(doc/examples/ex-client-srp.c and doc/examples/ex-serv-srp.c) for more
information.
The alert codes GNUTLS_A_MISSING_SRP_USERNAME and
GNUTLS_A_UNKNOWN_SRP_USERNAME are no longer used by the SRP
specification, instead the GNUTLS_A_UNKNOWN_PSK_IDENTITY alert is
used. There are #define's to map the old names to the new. You may
run into problems if you have a switch-case with cases for both SRP
alerts, since they are now mapped to the same value. The solution is
to drop the SRP alerts from such switch cases, as they are now
deprecated in favor of GNUTLS_A_UNKNOWN_PSK_IDENTITY.
OpenPGP related changes
-----------------------
The function `gnutls_certificate_set_openpgp_keyserver' have been
removed. There is no replacement functionality inside GnuTLS. If you
need keyserver functionality, consider using the GnuPG tools.
All functions, types, and error codes related to OpenPGP trustdb
format have been removed. The trustdb format is a non-standard
GnuPG-specific format, and we recommend you to use key rings instead.
The following have been removed:
gnutls_certificate_set_openpgp_trustdb
gnutls_openpgp_trustdb_init
gnutls_openpgp_trustdb_deinit
gnutls_openpgp_trustdb_import
gnutls_openpgp_key_verify_trustdb
gnutls_openpgp_trustdb_t
GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED
The following functions has an added parameter of the (new) type
`gnutls_openpgp_crt_fmt_t'. The type specify the format of the data
(binary or base64). The functions are:
gnutls_certificate_set_openpgp_key_file
gnutls_certificate_set_openpgp_key_mem
gnutls_certificate_set_openpgp_keyring_mem
gnutls_certificate_set_openpgp_keyring_file
To improve terminology and align with the X.509 interface, some
functions have been renamed. Compatibility mappings exists. The old
and new names of the affected functions and types are:
Old name New name
gnutls_openpgp_key_t gnutls_openpgp_crt_t
gnutls_openpgp_key_fmt_t gnutls_openpgp_crt_fmt_t
gnutls_openpgp_key_status_t gnutls_openpgp_crt_status_t
GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT
GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT
gnutls_openpgp_key_init gnutls_openpgp_crt_init
gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit
gnutls_openpgp_key_import gnutls_openpgp_crt_import
gnutls_openpgp_key_export gnutls_openpgp_crt_export
gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage
gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint
gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm
gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name
gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version
gnutls_openpgp_key_get_creation_time gnutls_openpgp_crt_get_creation_time
gnutls_openpgp_key_get_expiration_time gnutls_openpgp_crt_get_expiration_time
gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id
gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname
gnutls_openpgp_send_key gnutls_openpgp_send_cert
* Version 2.0.0 (released 2007-09-04)
The following changes have been made since GnuTLS 1.6:
* Support for external RSA/DSA signing for TLS client authentication.
This allows you to secure the private key better, for example by using
privilege-separation techniques between the private key and the
network client/server.
* Support for signing X.509 certificates using RSA with SHA-256/384/512.
* Experimental support for TLS 1.2 (disabled by default). The TLS 1.2
specification is not finalized yet, but we implement a draft version
for testing.
* Support for X.509 Proxy Certificates (RFC 3820)
* Support for Supplemental handshakes messages (RFC 4680).
* Support for TLS authorization extension (draft-housley-tls-authz-extns-07).
* Support for the X.509 'otherName' Subject Altnerative Names (for XMPP).
* Guile bindings for GnuTLS have been added, thanks to Ludovic Courtes.
* Improve logic of gnutls_set_default_priority() which can now be more
recommended.
* New APIs to enumerate supported algorithms in the library.
* New APIs to access X.509 Certificate extension sequentially.
* New APIs to print X.509 Certificates and CRLs in human readable formats.
* New APIs to extract X.509 Distinguished Names from certificates.
* New APIs to handle pathLenConstraint in X.509 Basic Constraints.
* Certtool can export more than one certificate to PKCS#12.
* Several message translation improvements.
* Instructions and improvements to easily set up a HTTPS test server.
* Included copies updated to Libtasn1 1.1 and OpenCDK 0.6.4.
* Build improvements for Windows, Mac OS X, uClinux, etc.
* GnuTLS is now developed in GIT.
* Improved manual
* Many bugfixes and minor improvements.
|
|
ride on yesterday's PKGREV bump
|
|
And define SITES.* exactly to avoid unnecessary fetch.
|
|
|
|
|
|
|
|
|
|
Changes since 4.84:
- Fixed the splitting of PKGNAME into PKGBASE and PKGVERSION.
- Added a warning about usage of LOCALBASE in packages, provided by jlam.
|