| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The following changes have been made between John 1.7.5.1 and 1.7.6:
* Generic crypt(3) support (enabled with "--format=crypt") has been added for
auditing password hash types supported by the system but not yet supported by
John's own optimized cryptographic routines (such as "SHA-crypt" and SunMD5).
* Optional parallelization of the above has been implemented by means of OpenMP
along with glibc's crypt_r(3) or Solaris' MT-safe crypt(3C).
* Optional parallelization of John's own optimized code for the OpenBSD-style
Blowfish-based crypt(3) (bcrypt) hashes with OpenMP has been added.
* A more suitable version of 32-bit x86 assembly code for Blowfish is now
chosen on Core i7 and similar CPUs (when they happen to run a 32-bit build).
* More optimal DES S-box expressions for PowerPC with AltiVec (making use of
the conditional select operation) contributed by Dumplinger Boy (Dango-Chu)
have been integrated.
* The bitslice DES C source code has been reworked to allow for the use of
arbitrary SIMD intrinsics, which was previously only implemented for AltiVec
as a special case.
* Support for SSE2 and MMX intrinsics with bitslice DES (as an alternative to
the supplied assembly code) has been added (currently only enabled for SSE2 on
x86-64 when compiling with GCC 4.4+).
* Support for mixed-type longer virtual vectors (such as SSE2+MMX, SSE2+ALU,
AltiVec+ALU, and other combinations) with bitslice DES has been added (not
enabled by default yet, primarily intended for easy benchmarks on future CPUs,
with future compiler versions, with even more SIMD instruction sets, and with
different DES S-box expressions that might be available in the future).
* The obsolete 32-bit SPARC assembly implementation of DES has been dropped.
* The loader will now detect password hashes specified on a line on their own,
not only as part of an /etc/passwd or PWDUMP format file.
* When run in "--stdin" mode and reading candidate passwords from a terminal
(to be typed by the user), John will no longer mess with the terminal settings.
* John will now restore terminal settings not only on normal termination or
interrupt, but also when forcibly interrupted with two Ctrl-C keypresses.
The following changes have been made between John 1.7.5 and 1.7.5.1:
* A new numeric variable has been added to the word mangling rules engine:
"p" for position of the character last found with the "/" or "%" commands.
The following changes have been made between John 1.7.4.2 and 1.7.5:
* Support for the use of "--format" along with "--show" or "--make-charset" has
been added.
* The choice of .rec and .log filenames for custom session names has been made
more intuitive.
* Support for "\r" (character lists with repeats) and "\p0" (reference to the
immediately preceding character list/range) has been added to the word mangling
rules preprocessor.
* The undefined and undocumented behavior of some subtle word mangling rules
preprocessor constructs has been changed to arguably be more sensible.
* Some bugs were fixed, most notably JtR crashing on no password hashes loaded
(bug introduced in 1.7.4.2).
The following changes have been made between John 1.7.4 and 1.7.4.2:
* Major performance improvements for processing of very large password files
or sets of files, especially with salt-less or same-salt hashes, achieved
primarily through introduction of two additional hash table sizes (64K and 1M
entries), changes to the loader, and smarter processing of successful guesses
(to accommodate getting thousands of hashes successfully cracked per second).
* Many default buffer and hash table sizes have been increased and thresholds
for the use of hash tables lowered, meaning that John will now tend to use
more memory to achieve better speed (unless it is told not to with the
"--save-memory" option).
* Some previously missed common website passwords found on public lists of
"top N passwords" have been added to the bundled common passwords list.
* Some bugs introduced in 1.7.4 and affecting wordlist mode's elimination of
consecutive duplicate candidate passwords have been fixed.
The following changes have been made between John 1.7.3.4 and 1.7.4:
* Support for back-references and "parallel" ranges has been added to the
word mangling rules preprocessor.
* The notion of numeric variables (to be used for character positions
and substring lengths along with numeric constants supported previously)
has been introduced into the rules engine. Two pre-defined variables
("l" for initial or updated word's length and "m" for initial or
memorized word's last character position) and 11 user-defined variables
("a" through "k") have been added. Additionally, there's a new numeric
constant: "z" for "infinite" position or length.
* New rule commands have been added: "A" (append, insert, or prefix with a
string), "X" (extract a substring from memory and insert), "v" (subtract
and assign to a numeric variable).
* New rule reject flags have been added: ":" (no-op, for use along with the
"parallel" ranges feature of the preprocessor) and "p" (reject unless word
pair commands are allowed, for sharing of the same ruleset between "single
crack" and wordlist modes).
* Processing of word mangling rules has been made significantly faster in
multiple ways (caching of the current length, less copying of data, code
and data placement changes for better branch prediction and L1 cache usage,
compiler-friendly use of local variables, code micro-optimizations,
removal of no-op rule commands in an initial pass).
* The default rulesets for "single crack" and wordlist modes have been
revised to make use of the new features, for speed, to produce fewer
duplicates, and to attempt additional kinds of candidate passwords (such
as for years 2010 through 2019 with "year-based" rules).
* The idle priority emulation code has been optimized for lower overhead when
there appears to be no other demand for CPU time.
* The default for the Idle setting has been changed from N to Y.
The following changes have been made between John 1.7.3.1 and 1.7.3.4:
* "make check" has been implemented (for Unix-like systems only).
* The "--test" option will now take an optional argument - the duration of each
benchmark in seconds.
* Section .note.GNU-stack has been added to all assembly files to avoid the
stack area unnecessarily being made executable on Linux systems that use this
mechanism.
* Some very minor bugs that did not affect normal operation have been fixed.
* Some unimportant compiler warnings have been fixed, a source code comment has
been made more verbose and more complete.
|
|
Fix build problem after update to Contao 2.9.2.
|
|
PR#44122.
|
|
etm-685, libgdata-0.6.6, libraw-0.12.0, x264-devel-20101211.
|
|
|
|
|
|
* support for new libjpeg v7
* fix to display of 8bit characters
|
|
|
|
|
|
when pkg_add'ing on NetBSD. Bump version to 20101212.
Ok jym, gdt
|
|
|
|
0.92:
Senko Rašić found that this should have depended on GLib 2.26, but still
only checked for 2.24. Sorry about that. So here's a new version,
identical to 0.90 except with the GLib dependency fixed.
0.90:
Christian Dywan (6):
Remove unused method attribute variables in introspect_interfaces
Dereference main loop once variant recursion test is done
Plug leak of expected_str in threaded server test
Free path string after emission in in statemachine server example
Always free method_c_name in dbus binding tool
Free looked up function name in dbus binding tool
Mike Gorse (1):
Fix switching a connection's GMainContext
Simon McVittie (18):
Add DBusGObjectPath, DBusGSignature typedefs
Give specialized GArrays iteration/appending support
Actually run test/core/test-gvariant
Test dbus_g_value_build_g_variant for various fixed arrays
Remove gcov decoder, which hasn't worked since dbus-glib left libdbus
replace remnants of gcov support with lcov.am from telepathy-glib
fd.o #30428: add dbus_g_value_parse_g_variant
dbus_g_type_specialized_map_append: document that the value contents are stolen
dbus_g_value_build_g_variant: cope with empty arrays, maps
Test dbus_g_value_parse_g_variant
dbus_g_value_basic_array_parse_variant: allow the fast path to be taken
Adjust syntax to avoid relying on array/pointer duality
dbus_g_value_parse_variant_by_type: talk about GVariant, not GDBus, in docs
Add dbus_g_value_parse_g_variant to gtkdoc
output unhandled GVariantClass as ASCII if possible
copy arrays of 'o', 'g' from GVariant without constructing a format string programmatically
Merge branch 'gvariant'
Merge branch 'type-names'
Will Thompson (5):
Build test/ before its subdirs.
Release version 0.90
Makefile.am: Remove ChangeLog's spurious FORCE dependency
HACKING: Fix release URL; be honest about NEWS
|
|
Updated fonts/umefont-ttf to 0.422.
|
|
|
|
Changelog:
In Gothic (Sans-serif) family
* Fix glyphs in Unicode : 0020-5b4c, 9fa0-ffff (first check)
* Fix glyphs in SJIS : second check completed
In Minchi (Serif) family
* Fix glyphs in Unicode : 0020-5b4c, 9fa0-ffff (first check)
* Fix glyphs in SJIS : second check completed
|
|
version 1.25 - Sergey Poznyakoff, 2010-11-07
* Fix extraction of empty directories with the -C option in effect.
* Fix extraction of device nodes.
* Make sure name matching occurs before eventual name transformation.
Tar 1.24 changed the ordering of name matching and name transformation
so that the former saw already transformed file names. This made it
impossible to match file names in certain cases. It is fixed now.
* Fix the behavior of tar -x --overwrite on hosts lacking O_NOFOLLOW.
* Improve the testsuite.
* Alternative decompression programs.
If extraction from a compressed archive fails because the corresponding
compression program is not installed and the following two conditions
are met, tar retries extraction using an alternative decompressor:
1. Another compression program supported by tar is able to handle this
compression format.
2. The compression program was not explicitly requested in the command
line by the use of such options as -z, -j, etc.
For example, if `compress' is not available, tar will try `gzip'.
version 1.24 - Sergey Poznyakoff, 2010-10-24
* The --full-time option.
New command line option `--full-time' instructs tar to output file
time stamps to the full resolution.
* Bugfixes.
** More reliable directory traversal when creating archives
Tar now checks for inconsistencies caused when a file system is
modified while tar is creating an archive. In the new approach, tar
maintains a cache of file descriptors to directories, so it uses more
file descriptors than before, but it adjusts to system limits on
the number of file descriptors. Tar also takes more care when
a file system is modified while tar is extracting from an archive.
The new checks are implemented via the openat and related calls
standardized by POSIX.1-2008. On an older system where these calls do
not exist or do not return useful results, tar emulates the calls at
some cost in efficiency and reliability.
** Symbolic link attributes
When extracting symbolic links, tar now restores attributes such as
last-modified time and link permissions, if the operating system
supports this. For example, recent versions of the Linux kernel
support setting times on symlinks, and some BSD kernels also support
symlink permissions.
** --dereference consistency
The --dereference (-h) option now applies to files that are copied
into or out of archives, independently of other options. For example,
if F is a symbolic link and archive.tar contains a regular-file member
also named F, "tar --overwrite -x -f archive.tar F" now overwrites F
itself, rather than the file that F points to. (To overwrite the file
that F points to, add the --dereference (-h) option.) Formerly,
--dereference was intended to apply only when using the -c option, but
the implementation was not consistent.
Also, the --dereference option no longer affects accesses to other
files, such as archives and time stamp files. Symbolic links to these
files are always followed. Previously, the links were usually but not
always followed.
** Spurious error diagnostics on broken pipe.
When receiving SIGPIPE, tar would exit with error status and
"write error" diagnostics. In particular, this occurred if
invoked as in the example below:
tar tf archive.tar | head -n 1
** --remove-files
`Tar --remove-files' failed to remove a directory which contained
symlinks to another files within that directory.
** --test-label behavior
In case of a mismatch, `tar --test-label LABEL' exits with code 1,
not 2 as it did in previous versions.
The `--verbose' option used with `--test-label' provides additional
diagnostics.
Several volume labels may be specified in a command line, e.g.:
tar --test-label -f archive 'My volume' 'New volume' 'Test volume'
In this case, tar exits with code 0 if any one of the arguments
matches the actual volume label.
** --label used with --update
The `--label' option can be used with `--update' to prevent accidental
update of an archive:
tar -rf archive --label 'My volume' .
This did not work in previous versions, in spite of what the docs said.
** --record-size and --tape-length (-L) options
Usual size suffixes are allowed for these options. For example,
-L10k stands for a 10 kilobyte tape length.
** Fix dead loop on extracting existing symlinks with the -k option.
|
|
|
|
|
|
|
|
referenced in Makefile.
D-Bus Python Bindings 0.83.2 (2010-12-02)
=========================================
Dependencies:
* libdbus 1.2 is still supported, but libdbus >= 1.4 is recommended.
Fixes:
* Make BusConnection.list_activatable_names actually call ListActivatableNames,
not ListNames (Johan Sandelin)
* Don't override CFLAGS when adding compiler warnings
(Louis-Francis Ratté-Boulianne)
* Fix compilation on platforms where Py_ssize_t is larger than int, like x86-64
(Elvis Pfützenreuter)
* fd.o #21831: deserialize empty byte arrays with byte_arrays=True as
ByteArray(''), not ByteArray('None') (Simon McVittie)
* fd.o #23278, #25105: fix crashes when trying to append more struct entries
than the signature allows with libdbus 1.4 (Simon McVittie)
* fd.o #23831: fix crashes when an embedded Python interpreter imports dbus,
is finalized, is re-initialized, and re-imports dbus (Simon McVittie)
|
|
|
|
2.26.3 (stable):
* Build/Installer: Added support for MSVC 2010 and 64 bit.
(Armin Burgmeier)
|
|
|
|
2010-12-04 Rasqal Version 0.9.21 Released
Updated to handle aggregate expression execution as defined by the
SPARQL 1.1 Query W3C working draft of 14 October 2010
Executes grouping of results: GROUP BY
Executes aggregate expressions: AVG, COUNT, GROUP_CONCAT, MAX, MIN,
SAMPLE, SUM
Executes filtering of aggregate expressions: HAVING
Parses new syntax: BINDINGS, isNUMERIC(), MINUS, sub SELECT and
SERVICE.
The syntax format for parsing data graphs at URIs can be explictly
declared.
The roqet utility can execute queries over SPARQL HTTP Protocol and
operate over data from stdin.
Added several new APIs
Fixed Issue: #0000388
|
|
|
|
* Version 2.10.4 (released 2010-12-06)
** gnutls-serv: Corrected a buffer overflow. Reported and patch by Tomas Mraz.
** libgnutls: Use ASN1_NULL when writing parameters for RSA signatures.
This makes us comply with RFC3279. Reported by Michael Rommel.
** libgnutls: Reverted default behavior for verification and
introduced GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default
V1 trusted CAs are allowed, unless the new flag is specified.
** minitasn1: Updated to Libtasn1 2.9.
** API and ABI modifications:
No changes since last version.
|
|
|
|
Gnumeric 1.10.12
Andreas:
* Add argument to FOURIER to separate parts.
* Extend TREND function to handle multiple regression. [#630085]
* Fix selection for sheet object lists and combos. [#631322]
* Preserve selection for sheet object lists when we change
content. [#631327]
* Add option to sheet object lists and combos to enter values
rather than index. [#629333]
* Fix manual pagebreak handling when printing. [#631570]
* Add menu items to remove and add manual page breaks.
* Improve the sc import.
* Fix button sensitivity in sort dialog. [#632999]
* Fix ODF export of files with large formatted sheets. [#634135]
* Fix extensions of supported ODF files. [#635111]
Hans de Goede:
* Fix import of dib format images in XLS. [#553098]
Jean:
* Fixed maximum for col/row number in sheet resize dialog. [#631702]
* Eliminate glade usage. [#631717]
* Fixed crash in print setup. [#634149]
* Fixed image bounds in zoomed sheets.
Morten:
* Fix crash related to broken xls. [#632050]
* Fix print area problem from broken xls.
* Fix printing crash. [#632439]
* Partially fix problem with undefined names. [#633140]
* Fix analysis tools problems when "as values" is chosen.
* Fix gtk+/X crash with large tooltips.
* Take care of dead kittens.
* Fix text object clipping issue. [#634597]
* Fix problem with disappearing window for empty file. [#634792]
* Fix ranges-in-expression criticals.
Sameer Morar:
* Add key combinations to move sheets. [#634139]
* Modify quit dialog to be able to discard multiple files without
saving. [#527133]
|
|
|
|
goffice 0.8.12:
Andreas
* Fix US 30/360 date calculations. [#631242][#630784]
Jean:
* Fixed sorting with accentuated characters. [#631504]
* Allow filled plots to be displayed behind the grids. [#632310]
* Fixed patterns with cairo-1.10.
* Fixed flawed exponential fit in graphs for small values. [#633735]
* Fixed an infinite loop condition in cubic spline evaluation. [#633965]
Morten:
* Fix GOImage-vs-cairo lifecycle issue.
* Fix loading of weird themes.
--------------------------------------------------------------------------
goffice 0.8.11:
Jean:
* Implement custom grids in xyz plots. [#624273]
Jon Nordby:
* Update API documentation.
Morten:
* Improve fractional days support for date axes.
* Draw charset/locale selectors with "radio" buttons.
Yasuaki Taniguchi:
* Fix charset problem for Japanese. [#627829]
|
|
|
|
|
|
|
|
instructions to accelerate baseline JPEG compression/decompression by about
2-4x on x86 and x86-64 platforms.
XXX Conflicts with graphics/jpeg - which rather demands a solution.
|
|
|
|
Fixed issues
* All ‘null (FP)’ problems should be resolved
* Post-end bid-counts should be correct again
* eBay is testing a new ‘confirm’ page which broke sniping.
* Update-All works again, and is reasonably efficient
* Substantial performance tuning
|
|
|
|
2.2.18 Tue Nov 30 2010 legatvs
Changes:
- Change google test URL
- Accept dailymotion swf URLs (related b#3115846)
|
|
|
|
* Noteworthy changes in release 2.9 (2010-12-06) [stable]
- tests: Link to gnulib to avoid build error related to 'rpl_ftello' on Solaris.
Reported by Dagobert Michelsen.
- doc: Fix bug reporting address to point at help-libtasn1@gnu.org.
- doc: Fix Returns: documentation in Texinfo. Reported by Jeffrey Walton.
- build: Update gnulib files.
|
|
- disable automatic Lua detection for now until lang/lua/builtin.mk exists
The release of Asterisk 1.6.2.15 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* When using chan_skinny, don't crash when parking a non-bridged call.
(Closes issue #17680. Reported, tested by jmhunter. Patched, tested by DEA)
* Add ability for Asterisk to try both the encoded and unencoded subscription
URI for a match in hints.
(Closes issue #17785. Reported, tested by ramonpeek. Patched by tilghman)
* Set the caller id on CDRs when it is set on the parent channel.
(Closes issue #17569. Reported, patched by tbelder)
* Ensure user portion of SIP URI matches dialplan when using encoded characters
(Closes issue #17892. Reported by wdoekes. Patched by jpeeler)
* Resolve issue where Party A in an analog 3-way call would continue to hear
ringback after party C answers.
(Patched by rmudgett)
* Fix problem with qualify option packets for realtime peers never stopping.
The option packets not only never stopped, but if a realtime peer was not in
the peer list multiple options dialogs could accumulate over time.
(Closes issue #16382. Reported by lftsy. Tested by zerohalo. Patched by
jpeeler)
* Multiple fixes related to Local channels.
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.15
|
|
|
|
denemo-0.8.22, electric-9.00, etm-682, glpk-4.45, gnutls-2.10.4,
libcares-1.7.4, libdrm-2.4.23, libgdata-0.7.1, libtasn1-2.9,
moodle-2.0 [pkg/44195], musicpd-0.16.0, nautilus-2.32.2 [GNOME
2.32], openssl-1.0.0c, pangomm-2.26.3, py-psycopg2-2.3.0,
resourceproto-1.1.1, sawfish-1.7.1, scribus-1.3.9, wdiff-0.6.5,
wine-devel-1.3.9, xbacklight-1.1.2, xbindkeys-1.8.4, xbitmaps-1.1.1,
xchm-1.18, xproto-7.0.20, youtube-dl-20101209.
|
|
|
|
MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta
refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
MFSA 2010-75 Buffer overflow while line breaking after document.write with
long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
Also:
Fixes for a number of non-security-relevant crashes, increasing the
stability of the whole platform and the Mail & Newsgroups part of SeaMonkey
|
|
two files in netbsd 'src' that trigger this bug, but now i can run 'mkid'
on all of 'src' again.
|
|
|
|
|
|
databases/postgresql90-datatypes
This package provides the following PostgreSQL modules:
- citext
- hstore
- intarray
- isn
- ltree
- lo
- uuid-ossp
- unaccent
The "citext" module provides a case-insensitive character string type,
citext. Essentially, it internally calls lower when comparing values.
Otherwise, it behaves almost exactly like text.
The "hstore" module implements the "hstore" data type for storing sets
of key/value pairs within a single PostgreSQL value. This can be useful
in various scenarios, such as rows with many attributes that are rarely
examined, or semi-structured data. Keys and values are simply text strings.
The "intarray" module provides a number of useful functions and operators
for manipulating one-dimensional arrays of integers. There is also support
for indexed searches using some of the operators.
The "isn" module provides data types for the following international
product numbering standards: EAN13, UPC, ISBN (books), ISMN (music),
and ISSN (serials). Numbers are validated on input, and correctly
hyphenated on output.
The "ltree" module implements a data type ltree for representing
labels of data stored in a hierarchical tree-like structure.
Extensive facilities for searching through label trees are provided.
The "lo" module provides support for managing Large Objects (also called
LOs or BLOBs). This includes a data type "lo" and a trigger "lo_manage."
The "uuid-ossp" module provides functions to generate universally unique
identifiers (UUIDs) using one of several standard algorithms. There are
also functions to produce certain special UUID constants.
"unaccent" is a text search dictionary that removes accents (diacritic signs)
from lexemes. It's a filtering dictionary, which means its output is always
passed to the next dictionary (if any), unlike the normal behavior of
dictionaries. This allows accent-insensitive processing for full text search.
|
|
The new version looks fine, so update DIST_SUBDIR, regen distinfo and
bump PKGREVISION
|
