| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
by Linux) in tests, use value of BUILDLINK_LDADD.dl.
Also use PTHREAD_LIBS instead of hard-coded -lpthread.
Include dlopen.buildlink3.mk and include pthread.buildlink3.mk.
This fixes problem on Linux and DragonFly where it was not
built with silc support.
Okayed by maintainer.
I tested this on Linux, DragonFly and NetBSD 2.0.2.
I also filed a bug report with gaim last week so they can fix the
configure.ac correctly.
|
|
* This release features a large refactoring to make further development
easier.
* Part of the works has also been to make the current features more stable
and better implement.
* Most of the work on this release has been carried out by Mikael Hallendal
and Martyn Russel.
* UPDATE NOW!
|
|
Changes in 1.0:
---------------
* Fix crash when connection goes down using SSL, LM-3 (Mikael Hallendal)
* Fixed some GCC 4.0 warnings (Mikael Hallendal)
* Some API fixups for consistency in LmSLL (Mikael Hallendal)
* Don't try to setup SSL if it's not supported (Martyn Russel)
* Documentation fixes (Mikael Hallendal)
* State fixes when using blocking API, LM-7 (Mikael Hallendal)
* Check that connection is open before using it, LM-6 (Mikael Hallendal)
* Fix infinite loop in blocking open if failed, LM-8 (Mikael Hallendal)
Changes in 0.90:
----------------
* Two crashers for ssl read fixed (Micke, Daniel Lavalliere)
* Fixed a couple of leaks when freeing the connection (Daniel Lavalliere)
* A couple of thread related issues solved (Micke, Daniel Lavalliere)
* Work with latest GnuTLS (foser)
* Improved the example tools some (Micke)
|
|
- Updated translations (hi, ko, lt, pa, ru, vi, zh_TW).
- People's away message is now shown in the right-click menu, if
known (Christopher Aillon).
- The "Bind to:" setting can now be set to 0.0.0.0 [1176256].
- Plugin API: Don't crash if a print-event closes the current context
and doesn't eat the event [1175674].
- Disabled parsing of quotation marks for /JOIN, so you can join
channels with a quote in them (Dan Fruehauf).
- Fixed truncation of the URL in the right-click menu. Now handles
UTF-8 properly [1188229].
- Fixed use of CP1255 charset, which would chop the last char when
receiving messages [1122089].
- The DCC windows now allow multiple selection and the columns auto
resize (Dan Fruehauf).
- Added "CTCP Sound to Channel" event [1159445].
- You can now drag and drop files into dialog windows to start file
transfers.
- Fixed: "XChat can't ban users with long idents" (Dan Fruehauf)
[1159447].
- Implemented taskbar flashing on unix. Requires a window manager
or taskbar that supports XUrgency flag (Adil).
|
|
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.
|
|
that these directories will be conditionally removed (based on reference
counts), regardless of the value of PKG_CONFIG. Bump the PKGREVISION
for packages that were modified as a result.
|
|
as the INSTALL and DEINSTALL scripts no longer distinguish between
the two types of files. Drop SUPPORT_FILES{,_PERMS} and modify the
packages in pkgsrc accordingly.
|
|
(nss) so no PKGREVISION bump.
ok'd by the MAINTAINER, Matthew Luckie.
|
|
"this release of gaim has a few security fixes which mirror
the effects of patch-ae patch-af patch-ag"
ChangeLog says:
version 1.5.0 (8/11/2005):
* Ability to set IRC quit message (Lalo Martins)
* OSCAR file transfers now work for 2 users behind the same NAT
(Jonathan Clark)
* Yahoo! buddy requests to add you to their buddy list now prompt for
authorization
* Added a /clear command for conversations/chats
* Fixed ICQ encoding for messages with offline ICQ users
(Ilya Konstantinov, SF Bug #1179452)
* Default Yahoo! chat roomlist locale to 'us'
|
|
file's sole purpose was to provide a dependency on pkg-config and set
some environment variables. Instead, turn pkg-config into a "tool"
in the tools framework, where the pkg-config wrapper automatically
adds PKG_CONFIG_LIBDIR to the environment before invoking the real
pkg-config.
For all package Makefiles that included pkg-config/buildlink3.mk, remove
that inclusion and replace it with USE_TOOLS+=pkg-config.
|
|
- An error in the handling of away messages can be exploited to cause
a heap-based buffer overflow by sending a specially crafted away message
to a user logged into AIM or ICQ.
Successful exploitation allows execution of arbitrary code.
- An error in the handling of file transfers can be exploited to crash
the application by attempting to upload a file with a non-UTF8 filename
to a user logged into AIM or ICQ.
Patches from RedHat.
|
|
will install Perl modules into the "vendor" directories:
chat/vicq math/udunits
databases/rrdtool mbone/beacon
devel/p5-subversion
Bump their PKGREVISIONs.
|
|
of Perl files to deal with the perl-5.8.7 update that moved all
pkgsrc-installed Perl files into the "vendor" directories.
|
|
complex and stupid..).
|
|
implicitly add it (e.g., netbsd-2).
|
|
"Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2
and other packages, allows remote attackers to cause a denial of service (bus
error) on certain architectures such as SPARC via an incoming message."
Bump PKGREVISION, patch from Gaim CVS.
|
|
|
|
|
|
The jabberd project team is pleased to announce the release of jabberd 2.0s9.
This is a security release. There is a buffer overflow that could be used to
perform a DoS attack and possible code execution. It is *HIGHLY* recommended
that you upgrade!
ChangeLog:
* fixed only one user is loaded correctly for each router acl
* fixed s2s segfault under particular connection timeout conditions
* fixed id is being case sensitive
* fixed Users cannot login after a long period of server inactivity
* fixed handling of stream errors
* fixed version attribute reply in stream
* fixed c2s glibc abort and mysql option flags
* fixed sx io mem leak
* fixed Incorrect SASL error message defined in sx/sasl.c
* fixed 3 buffer overflows in jid.c
* fixed second log-in in with similar resource breaks routing for first login
|
|
Main changelog entries are:
Security:
- Fixed a bug in http_encode that might have caused buffer overflows
(although not likely to be exploitable) when trying to encode strings
with non-ASCII characters.
- Newline stripping added to prevent newline-in-friendlyname attacks.
(Which allowed remote people to make BitlBee send raw custom IRC lines.)
Bugs:
- Many crashes
- Yahoo! cleanup code to avoid 100% CPU time usage
- fixes for ICQ and MSN
approved by wiz@
|
|
|
|
|
|
|
|
3 May 2005:
- Released 2.0.2
- Fix to co-exist more nicely with other encrypting gaim plugins.
1 Mar 2005:
- Initial autoconfiscation, thanks to Greg Troxel <gdt@ir.bbn.com>.
|
|
* src/privkey.c (otrl_privkey_hash_to_human): Avoid writing a
NUL one byte past the end of the buffer
|
|
|
|
No PKGREVISION bump since pkg-config is only a BUILD_DEPENDS.
|
|
Packages that need it should add it themselves, it is only a build time dependency.
|
|
* Fixed: memory leak
* Fixed compatibility with Qt3
* Fixed library detection with threads in libgadu and Mac OS X
|
|
* Security bug fix
|
|
|
|
|
|
upcoming irssi-icq). Bump PKGREVISION.
|
|
from including perl5/buildlink3.mk. These packages just need the Perl
interpreter, and can just add "perl" to USE_TOOLS instead.
|
|
Patch via debian
|
|
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
|
|
|
|
easily controllable IRC client for your other POE components and sessions.
You create an IRC component and tell it what events your session cares about
and where to connect to, and it sends back interesting IRC events when they
happen. You make the client do things by sending it events.
|
|
protocol lines.
|
|
These paths are now relative to PERL5_PACKLIST_DIR, which currently
defaults to ${PERL5_SITEARCH}. There is no change to the binary
packages.
|
|
* Important security-related bug-fixes
|
|
|
|
correct X distribution is used. fixes build problem observed on Linux.
|
|
changes since 1.3.1:
* Fix system log start times for some protocols
* SILC compiles with newer SILC toolkit versions (Pekka Riikonen)
* Fixed a bug where buddy icon cache files were left in the icon
cache directory after they were no longer in use.
* Attempt to detect the file type of a buddy icon when saving.
* Additional Yahoo! boot protection (Peter Lawler)
* A few Yahoo! memory leaks plugged (Peter Lawler)
* Fixed handling of the new Yahoo! profile page. (Joshua Honeycutt,
Peter Lawler)
* Fixed localized Yahoo! room lists. Please refer to the Yahoo!
section of the Gaim FAQ for details. (Peter Lawler)
* Enabled sending files to ICQ users using ICQ 5.02 and newer
(Jonathan Clark)
|
|
BSD-style non-blocking IO interface.
fixes build on Solaris.
|
|
passing -Xc to sunpro defines __STDC__=1 and the build fails in
ircsig.c because <signal.h> only declares sigaction if __STD__=0.
fixes build on Solaris w/ sunpro.
|
|
|
|
Changes:
2.9.4
(1) SSL support can now be used incoming.
(2) Added three new configuration entries to handle new features:
listenex [--ssl][--limit <maxusers>][--localhost <hostname>] <port>
privatekey <filename>
publickey <filename>
2.9.3
(1) SECURITY FIX: FD_SETSIZE overflow DOS
(2) SSL support can now be used if configured with --with-ssl
SSL connection is done by passing -s
ex. /quote conn -s ircs.server
Note: this is only partially secure since SSL is only supported
outgoing.
2.9.2
(1) Added flush to logging
(2) General code changes to fix compiling on some compilers
(3) Fixed problems binding to listening address
2.9.1
(1) SECURITY FIX: password check, was only letting incorrect passwords in
(2) Fixed IP binding on listen
2.9.0
(1) Added trailing newlines to log records
(2) Added extra error handling on accepting connections
(3) Fixed buffer overflow in getnickuserhost (reported by Leon Juranic)
(4) Added extra check for gethostbyname2
(5) Made password check more thorough
(6) Fixed ipv6 dns resolving to random ipv4
2.8.9
(1) Fixed backspace security flaw (reported by Yak)
(2) Fixed compile errors related to compound statements
(3) Rewrote logic of /vip command
(4) Rewrote docked session listing code
2.8.8
(1) Added support for setting a specific IP to listen on
(listen <[host:]port> [maxusers])
(2) Enhanced bncsetup to use new conf format and new question to handle
specific host entering.
(3) Changed the Makefile to list libraries last, some crypt libraries
predefined their own main function which prevented compiling.
(4) Reorganized the connection code to fix a bug where a user gets
disconnected while connecting to an irc server.
(5) Socket length was not being set before accept. (Thanks chris)
(6) Removed old hack code for systems that do not support snprintf.
(7) Increased error checking in recv code.
(8) Better parsing of messages
(9) Server buffers always cleared when connecting to a new server.
(10) Initial IPv6 support. Added -6 option to the CONN command
(i.e. CONN -6 irc.ipv6.org) which is only necessary on ambigious
addresses or when connecting via dns.
(11) Listen host can be specified in conf as an ipv6 address by putting
the address in []'s (i.e. LISTEN [2000:610:0:23::]:6669)
Requested by Peter Avalos <pavalos@theshell.com> in private e-mail.
|
|
the modules are statically-linked into the ircservices executable.
This fixes the installation of chat/ircservices on platforms where
dlopen() doesn't obey its "mode" argument, e.g. RTLD_NOW. Unfortunately,
NetBSD/amd64 currently falls into this category (port-amd64/30570),
but this will also fix installation on any a.out NetBSD or OpenBSD
platform.
Approved for commit during the deep freeze by <agc>.
|
