Age | Commit message (Collapse) | Author | Files | Lines |
|
- The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o The Paltalk dissector could crash on alignment-sensitive
processors. (Bug 3689)
Versions affected: 1.2.0 to 1.2.2
o The DCERPC/NT dissector could crash.
Versions affected: 0.10.10 to 1.2.2
o The SMB dissector could crash.
Versions affected: 1.2.0 to 1.2.2
- The following bugs have been fixed:
o Wireshark memory leak with each file open and/or display
filter change. (Bug 2375)
o DHCP Dissector displays negative lease time. (Bug 2733)
o Invalid advertised window line on tcptrace style graph. (Bug
3417)
o SMB get_dfs_referral referral entry is not dissected
correctly. (Bug 3542)
o Error dissecting eMule sourceOBFU message. (Bug 3848)
o Typos in Diameter XML files. (Bug 3878)
o RSL dissector for MS Power IE is broken. (Bug 4017)
o Manifest problem in 1.2.2 Win64 build. (Bug 4024)
o FIP dissector throws assertion. (Bug 4046)
o TCAP problem with indefinite length 'components' SEQ OF. (Bug
4053)
o GSM MAP: an-APDU not decoded. (Bug 4095)
o Add "Drag and Drop entries..." message on Columns preferences
page. (Bug 4099)
o Editcap -t and -w option parses fractional digits incorrectly.
(Bug 4162)
- Updated Protocol Support
DCERPC NT, DHCP, Diameter, E.212, eDonkey, FIP, IPsec, MGCP, NCP,
Paltalk, RADIUS, RSL, SBus, SMB, SNMP, SSL, TCP, Teamspeak2, WPS
|
|
changes:
-minor fixes
-translation updates
pkgsrc note: build against newer gnutls was fixed, don't need the
libgnutls-config hack anymore
|
|
This switches to the gnome-2.28 release branch.
|
|
changes:
-bugfixes
-Support SASL authentication extension
-API and UI improvements
-translation updates
|
|
Version 1.2.6.
-- msdl
* 12th release
* -o chain enabled, you can do
$ msdl -o 1.foo -o 2.foo -o 3.foo http://bar/file1 http://bar/file2 http://bar/file3
* --stream-timeout option for quit streaming after some time.
$ msdl --stream-timeout 3m30s rtsp://foo.com/bar.wmv
to download the first 3 and a half minutes.
This is helpful for downloading the real-time streaming, which ignores
RTSP Range parameters.
|
|
* waitip is enabled when running on a single interface.
* Classless Static Routes are now enabled by default in dhcpcd.conf
instead of being always being requested.
|
|
|
|
|
|
|
|
Kamel Derouiche per pkgsrc-wip
|
|
changes:
-libsoup will now attempt to make multiple connections to a
server at once when there are multiple messages queued to
that server
-bugfixes
|
|
Version 2.2.7
(September 29, 2009)
User-visible changes:
* Fix: dailymotion id parsing
* Youtube:
# Accept -f fmt34
# fmt34 is now treated as yet another (new?) format
# Rewrite youtube section of the FORMATS in the manual
* Fix: --format=best not working with youtube (closes issue #39)
# Thanks to Peter Baranyi for the fix
Known issues:
* redtube: broken (verify -> http/404)
Version 2.2.6
(September 14, 2009)
User-visible changes:
* Fix: liveleak: "error: Unsupported protocol (http/1)" (closes #36)
* Fix: vimeo: title parsing (Thanks to Peter Baranyi for the fix, closes #37)
- Fixes title issues with accented chars
* Fix: break: http/403 (Thanks to Werner Elsler for the fix, closes #38)
|
|
- Fixed bug where NSEC3 signature was not checked. This meant that
a DS could be spoofed away by a carefully crafted packet.
A downgrade attack on existing secure delegations.
- updated iana port list.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pkgsrc changes:
- Adjusting dependencies
- Adding license definition
Upstream changes:
0.710.10
! #49981: UDDI::Lite version not parsable by cpanplus (again)
0.710.09
! #46444: use SOAP::Lite::Deserializer::XMLSchemaSOAP1_2 missing
! #37151: Strawberry perl 5.10 - Tests fail and then later hang
! #49981: UDDI::Lite version not parsable by cpanplus
! #49011: Fails to install under strawberry perl
! [2825166] In Constant DEFAULT_HTTP_CONTENT_TYPE
! [2832939] chunked client requests are returned 411(Length Required)
! [2860559] serious utf8 bug
! #44568 Tracing unavailable when SOAP::Lite is used as a server
! #44195 submitting patches / mention Nginx transport module in documentation
! [2777361] SOAP 1.2 Content-Type rejected
! #41937 ([patch] enable more tests)
! #39101: Apache2::Const::HTTP_BAD_REQUEST not defined
! #39672: serialization and autotype 'off'
! #41348: t/SOAP/Transport/HTTP/CGI.t failing on 5.6.x
! #20569: XMLRPC::Lite "wrong element 'nil'" exception on '<value><nil/></value>'
+ require Task::Weaken
+ better META.yml generated (Alexandr Ciornii)
|
|
Lightly tested (some of ospf, bgp, ripng on i386/amd64/sparc64).
No NEWS, but basically bugfixes and minor improvements.
|
|
* ClientID is now reported when interface starts
* -w, --wait forces dhcpcd to wait until an interface gets a lease or
times out
* Ensure DHCP socket is open when sending a DECLINE
* Uses new hwaddr if existing interface is downed and then changed.
* No longer works on firewire interfaces by default.
dhcpcd-5.1.2 has a new behaviour change - when starting up and at least 1
interface has a carrier then it tries to get a lease or times out.
It still daemonises regardless. This, along with the -b and -w flags
allows total control over the desired behaviour of dhcpcd.
|
|
need gdbm for avahi-discover, suggested by Simon Schubert in PR 42171.
|
|
- Add support to aggressively cache directory listenings, useful for
HTTP
- Avoid leaking memory in error cases. From Xavier from Arch Linux.
|
|
http://git.gnome.org/cgit/libsoup/plain/NEWS?id=LIBSOUP_2_28_0
|
|
- added license term
ChangeLog:
1.38 May 16th 2009
- PurePerl region_by_addr and region_by_name return '00' for unknown regions, like the CAPI does ( Boris Zentner )
- Update to latest FIPS codes from 20090401 ( Boris Zentner )
- Fix Pureperl handling of GEOIP_REGION_EDITION_REV0 ( Boris Zentner )
- Fix segfault when undef is supplied as filename to open ( Boris Zentner )
- Fix PP GEOIP_ISP_EDITION handling ( Boris Zentner )
- Add PP support for GEOIP_DOMAIN_EDITION ( Boris Zentner )
- Handle database types in the same way, as the CAPI does ( Boris Zentner )
- Remove Australia double timezones entries. ( Boris Zentner )
1.37 March 6th 2009
- Document region_by_addr and region_by_name ( Boris Zentner )
- region_by_addr and region_by_name return undef for unknown countries and regions. Instead of "\0" and '000' ( Boris Zentner )
- Add PP function region_by_addr ( Boris Zentner )
- Change the default values of Geo::IP::Record fields for metro_code and area_code to 0 instead of '' PurePerl only ( Boris Zentner )
- Change the default values of Geo::IP::Record fields for region, postal_code and region_name to undef instead of '' ( Boris Zentner )
- Force the output of Geo::IP::Record::longitude and ::latitude to four decimal places ( Boris Zentner )
- Fix PurePerl three letter code for Romania ( Boris Zentner )
- Update PurePerl regionnames 20090201 ( Boris Zentner )
- Update PurePerl timezones 20090201 ( Boris Zentner )
- Update timezones for Australia
! Fix: PurePerl's get_city_record_as_hash, record_by_addr and record_by_name to return undef for private and unknown IP's. Former we returned a Geo::IP::Record object with everything undef. The PurePerl code and the CAPI wrapper are now behave the same. ( Boris Zentner )
- Update region codes from http://www.maxmind.com/app/fips10_4 Dec 17th, 2008 ( Boris Zentner )
|
|
Changelog:
* Fix crash if creating filters with attributes or permissions rule
* MSW: Fix column reordering and hiding in file lists
* MSW: Fix crash if trying to edit a file without any associated program nor default editor
* Use REST+STOR to resume upload instead of APPE if server advertises REST STREAM support
|
|
BUILDLINK_API_DEPENDS.gnutls+= gnutls>=2.1.7
|
|
NEW in 0.69:
==============
- Display messages in notification, not count of tweets. (Thomas Thurman)
- Use https, not http api. (Evan McClain)
- Fix incorrect pluralising of relative time. (Deskin Miller)
- Fixed #1998551, the double-escaping of < and >. (Mike Lundy)
- Fixed #1961611, character count behavior. (Brian Pepple)
NEW in 0.68:
==============
- Fixed #1963695, Save avatars a little more sensibly. (Brian Pepple)
- Use Enchant, instead of ASpell. (Brian Pepple)
- Add option to have sound notication when new tweets arrive . (Brian Pepple)
- Add help (Brian Pepple)
NEW in 0.65:
==============
- Add support for Online Accounts Service (Marina Zhurakhinskaya, Colin Walters)
* More info about OAS can be found here: https://fedoraproject.org/wiki/Features/OnlineAccountsService
- Fixed #2122886, Fix date parsing on other than C/POSIX locale (Hiroshi Miura)
- Fixed #2083410, have textview in send message dialog get focus.
- Fixed #1961570, time issue w/ "1 hour" & "1 minute". (Derick Rethans)
- add Japanese translation (Hiroshi Miura)
|
|
2009.10.01 -- Version 2.1_rc20
* Fixed a bug introduced in 2.1_rc17 (svn r4436) where using the
redirect-gateway option by itself, without any extra parameters,
would cause the option to be ignored.
* Fixed build problem when ./configure --disable-server is used.
* Fixed ifconfig command for "topology subnet" on FreeBSD (Stefan Bethke).
* Added --remote-random-hostname option.
* Added "load-stats" management interface command to get global server
load statistics.
* Added new ./configure flags:
--disable-def-auth Disable deferred authentication
--disable-pf Disable internal packet filter
* Added "setcon" directive for interoperability with SELinux (Sebastien
Raveau).
* Optimized PUSH_REQUEST handshake sequence to shave several seconds
off of a typical client connection initiation.
* The maximum number of "route" directives (specified in the config
file or pulled from a server) can now be configured via the new
"max-routes" directive.
* Eliminated the limitation on the number of options that can be pushed
to clients, including routes. Previously, all pushed options needed
to fit within a 1024 byte options string.
* Added --server-poll-timeout option : when polling possible remote
servers to connect to in a round-robin fashion, spend no more than
n seconds waiting for a response before trying the next server.
* Added the ability for the server to provide a custom reason string
when an AUTH_FAILED message is returned to the client. This
string can be set by the server-side managment interface and read
by the client-side management interface.
* client-kill management interface command, when issued on server, will
now send a RESTART message to client.
This feature is intended to make UDP clients respond the same as TCP
clients in the case where the server issues a RESTART message in
order to force the client to reconnect and pull a new options/route
list.
2009.07.16 -- Version 2.1_rc19
* In Windows TAP driver, refactor DHCP/ARP packet injection code to
use a DPC (deferred procedure call) to defer packet injection until
IRQL < DISPATCH_LEVEL, rather than calling NdisMEthIndicateReceive
in the context of AdapterTransmit. This is an attempt to reduce kernel
stack usage, and prevent EXCEPTION_DOUBLE_FAULT BSODs that have been
observed on Vista. Updated TAP driver version number to 9.6.
* In configure.ac, use datadir instead of datarootdir for compatibility
with <autoconf-2.60.
2009.06.07 -- Version 2.1_rc18
* Fixed compile error on ./configure --enable-small
* Fixed issue introduced in r4475 (2.1-rc17) where cryptoapi.c change
does not build on Windows on non-MINGW32.
2009.05.30 -- Version 2.1_rc17
* Reduce the debug level (--verb) at which received management interface
commands are echoed from 7 to 3. Passwords will be filtered.
* Fixed race condition in management interface recv code on
Windows, where sending a set of several commands to the
management interface in quick succession might cause the
latter commands in the set to be ignored.
* Increased management interface input command buffer size
from 256 to 1024 bytes.
* Minor tweaks to Windows build system.
* Added "redirect-private" option which allows private subnets
to be pushed to the client in such a way that they don't accidently
obscure critical local addresses such as the DHCP server address and
DNS server addresses.
* Added new 'autolocal' redirect-gateway flag. When enabled, the OpenVPN
client will examine the routing table and determine whether (a) the
OpenVPN server is reachable via a locally connected interface, or (b)
traffic to the server must be forwarded through the default router.
Only add a special bypass route for the OpenVPN server if (b) is true.
If (a) is true, behave as if the 'local' flag is specified, and do not
add a bypass route.
The new 'autolocal' flag depends on the non-portable test_local_addr()
function in route.c, which is currently only implemented for Windows.
The 'autolocal' flag will act as a no-op on platforms that have not
yet defined a test_local_addr() function.
* Increased TLS_CHANNEL_BUF_SIZE to 2048 from 1024 (this will allow for
more option content to be pushed from server to client).
* Raised D_MULTI_DROPPED debug level to 4 from 3 to filter out (at debug
levels <=3) a common and usually innocuous warning.
* Fixed issue of symbol conflicts interfering with Windows CryptoAPI
functionality (Alon Bar-Lev).
* Fixed bug where the remote_X environmental variables were not being
set correctly when the 'local' option is specifed.
2009.05.17 -- Version 2.1_rc16
* Windows installer changes:
1. ifdefed out the check Windows version code which is causing
problems on Windows 7
2. don't define SF_SELECTED if it is already defined
3. Use LZMA instead of BZIP2 compression for better compression
4. Upgraded OpenSSL to 0.9.8k
* Added the ability to read the configuration file
from stdin, when "stdin" is given as the config
file name.
* Allow "management-client" directive to be used
with unix domain sockets.
* Added errors-to-stderr option. When enabled, fatal errors
that result in the termination of the daemon will be written
to stderr.
* Added optional "nogw" (no gateway) flag to --server-bridge
to inhibit the pushing of the route-gateway parameter to
clients.
* Added new management interface command "pid" to show the
process ID of the current OpenVPN process (Angelo Laub).
* Fixed issue where SIGUSR1 restarts would fail if private
key was specified as an inline file.
* Added daemon_start_time and daemon_pid environmental variables.
* In management interface, added new ">CLIENT:ESTABLISHED" notification.
* Build fixes:
1. Fixed some issues with C++ style comments that leaked into the code.
2. Updated configure.ac to work on MinGW64.
3. Updated common.h types for _WIN64.
4. Fixed issue involving an #ifdef in a macro reference that breaks early gcc
compilers.
5. In cryptoapi.c, renamed CryptAcquireCertificatePrivateKey to
OpenVPNCryptAcquireCertificatePrivateKey to work around
a symbol conflict in MinGW-5.1.4.
2008.11.19 -- Version 2.1_rc15
* Fixed issue introduced in 2.1_rc14 that may cause a
segfault when a --plugin module is used.
* Added server-side --opt-verify option: clients that connect
with options that are incompatible with those of the server
will be disconnected (without this option, incompatible
clients would trigger a warning message in the server log
but would not be disconnected).
* Added --tcp-nodelay option: Macro that sets TCP_NODELAY socket
flag on the server as well as pushes it to connecting clients.
* Minor options check fix: --no-name-remapping is a
server-only option and should therefore generate an
error when used on the client.
* Added --prng option to control PRNG (pseudo-random
number generator) parameters. In previous OpenVPN
versions, the PRNG was hardcoded to use the SHA1
hash. Now any OpenSSL hash may be used. This is
part of an effort to remove hardcoded references to
a specific cipher or cryptographic hash algorithm.
* Cleaned up man page synopsis.
2008.11.16 -- Version 2.1_rc14
* Added AC_GNU_SOURCE to configure.ac to enable struct ucred,
with the goal of fixing a build issue on Fedora 9 that was
introduced in 2.1_rc13.
* Added additional method parameter to --script-security to preserve
backward compatibility with system() call semantics used in OpenVPN
2.1_rc8 and earlier. To preserve backward compatibility use:
script-security 3 system
* Added additional warning messages about --script-security 2
or higher being required to execute user-defined scripts or
executables.
* Windows build system changes:
Modified Windows domake-win build system to write all openvpn.nsi
input files to gen, so that gen can be disconnected from
the rest of the source tree and makensis openvpn.nsi will
still function correctly.
Added additional SAMPCONF_(CA|CRT|KEY) macros to settings.in
(commented out by default).
Added optional files SAMPCONF_CONF2 (second sample configuration
file) and SAMPCONF_DH (Diffie-Helman parameters) to Windows
build system, and may be defined in settings.in.
* Extended Management Interface "bytecount" command
to work when OpenVPN is running as a server.
Documented Management Interface "bytecount" command in
management/management-notes.txt.
* Fixed informational message in ssl.c to properly indicate
deferred authentication.
* Added server-side --auth-user-pass-optional directive, to allow
connections by clients that do not specify a username/password, when a
user-defined authentication script/module is in place (via
--auth-user-pass-verify, --management-client-auth, or a plugin module).
* Changes to easy-rsa/2.0/pkitool and related openssl.cnf:
Calling scripts can set the KEY_NAME environmental variable to set
the "name" X509 subject field in generated certificates.
Modified pkitool to allow flexibility in separating the Common Name
convention from the cert/key filename convention.
For example:
KEY_CN="James's Laptop" KEY_NAME="james" ./pkitool james
will create a client certificate/key pair of james.crt/james.key
having a Common Name of "James's Laptop" and a Name of "james".
* Added --no-name-remapping option to allow Common Name, X509 Subject,
and username strings to include any printable character including
space, but excluding control characters such as tab, newline, and
carriage-return (this is important for compatibility with external
authentication systems).
As a related change, added --status-version 3 format (and "status 3"
in the management interface) which uses the version 2 format except
that tabs are used as delimiters instead of commas so that there
is no ambiguity when parsing a Common Name that contains a comma.
Also, save X509 Subject fields to environment, using the naming
convention:
X509_{cert_depth}_{name}={value}
This is to avoid ambiguities when parsing out the X509 subject string
since "/" characters could potentially be used in the common name.
* Fixed some ifconfig-pool issues that precluded it from being combined
with --server directive.
Now, for example, we can configure thusly:
server 10.8.0.0 255.255.255.0 nopool
ifconfig-pool 10.8.0.2 10.8.0.99 255.255.255.0
to have ifconfig-pool manage only a subset
of the VPN subnet.
* Added config file option "setenv FORWARD_COMPATIBLE 1" to relax
config file syntax checking to allow directives for future OpenVPN
versions to be ignored.
|
|
|
|
* Full support for CoA and Disconnect packets as per RFC 3576 and RFC 5176.
Both receiving and proxying packets is supported.
* Added "src_ipaddr" configuration to "home_server". See proxy.conf for details.
* radsniff now accepts -I, to read from a filename instead of a device.
* radsniff also prints matching requests and any responses to those requests
when '-r' is used.
* Added example of attr_filter for Access-Challenge packets
* Added support for udpfromto in DHCP code
* radmin can now selectively mark modules alive/dead. See "set module state".
* Added customizable messages on login success/fail.
* Document "chase_referrals" and "rebind" in raddb/modules/ldap
* Preliminary implementation of DHCP relay.
* Made thread pool section optional. If it doesn't exist, the server will run
single-threaded.
* More...
|
|
|
|
KDE 4.3.2 brings a nice number of bugfixes, some critical, some just
fixing small annoyances:
* Many crashers have been fixed in KDE's core libraries, bringing more
stability to all applications
* KWin's window compositing effects have been further stabilized by fixing
a number of bugs in effect plugins such as the famous coverswitch window
switcher
* The biggest number of bugs for this release has been fixed in KMail,
KDE's email client, making it more reliable and usable by correcting a
number of display issues
* Saving files over themselves works again in Okular, KDE's document viewer
|
|
australian mirror.
|
|
This is a security release in order to address CVE-2009-2813, CVE-2009-2948
and CVE-2009-2906.
Please note that Samba 3.0 is not maintained any longer. This security
release is shipped on a voluntary basis.
o CVE-2009-2813:
In all versions of Samba later than 3.0.11, connecting to the home
share of a user will use the root of the filesystem
as the home directory if this user is misconfigured to have
an empty home directory in /etc/passwd.
o CVE-2009-2948:
If mount.cifs is installed as a setuid program, a user can pass it a
credential or password path to which he or she does not have access and
then use the --verbose option to view the first line of that file.
o CVE-2009-2906:
Specially crafted SMB requests on authenticated SMB connections can
send smbd into a 100% CPU loop, causing a DoS on the Samba server.
|
|
Changelog:
* Changing directories at the same time an upload finishes no longer disturbs synchronized browsing
* *nix: Ensure dialogs can be closed using escape key
* *nix: Fix height of settings dialog
* Remember last used search conditions
* Display link overlay on icons of links in remote file list
* Display of average transfer speed should converge faster to overall average
* Simplify default file exists action dialogs
* Apply decimal places size formatting option also to total queue size
* MSW: Reduce number of needed user interactions in installer if update started from within FileZilla
* MSW: Check that there are no running instances of FileZilla before installing
* Fix handling of remote directory names with leading or trailing spaces
* *nix: Fix memory leaks in D-Bus session management and power management inhibitor client code
* *nix: Fall back to org.gnome.SessionManager if org.freedesktop.PowerManagment does not exit to inhibit idle sleep during transfers
* Increase default size of SO_RCVBUF (TCP advertised window) to fix performance issues on high-latency connections
* MSW: Fix displaying list of shares on local network resources
* MSW: Remote file editing no longer gets confused if two filenames only differ in character case
* Fix dialog line wrapping issues
* Ensure width of site manager is large enough to fit all tabs
* Better guard against filename columns being moved or hidden
* *nix, OS X: Handle filesystems without advisory file locking instead of falsely warning about site manager being opened in a different instance of FileZilla
|
|
|
|
OKed during freeze by wiz and agc
|
|
|
|
oRTP - a Real-time Transport Protocol (RFC3550) stack under LGPL
Features:
* Written in C, works under Linux (and probably any Unix) and Windows.
* Implement the RFC3550 (RTP) with a easy to use API with high and low level
access.
* Includes support for multiples profiles, AV profile (RFC3551) being the
one by default.
* Includes a packet scheduler for to send and recv packet "on time",
according to their timestamp. Scheduling is optional, rtp sessions can
remain not scheduled.
* Supports mutiplexing IO, so that hundreds of RTP sessions can be scheduled
by a single thread.
* Features an adaptive jitter algorithm for a receiver to adapt to the
clockrate of the sender.
* Supports part of RFC2833 for telephone events over RTP.
* The API is well documented using gtk-doc.
* Licensed under the Lesser Gnu Public License.
* RTCP messages sent periodically since 0.7.0 (compound packet including
sender report or receiver report + SDES)
* Includes an API to parse incoming RTCP packets.
OKed during freeze by wiz and agc.
|
|
|
|
if threads are enabled, so we disable threads until this is fixed.
|
|
|
|
|
|
devel/p5-Class-MOP. A late detected incompible change forced it.
|
|
after Python 2.3 has been removed from "pkgsrc".
Approved by Thomas Klausner.
|