| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Ever been wondering if your ISP is hijacking your DNS traffic? Ever
observed any misbehavior with your DNS responses? Ever been redirected
to wrong address and suspected something is wrong with your DNS?
Here we have a set of tools to perform basic audits on your DNS
requests and responses to make sure your DNS is working as you
expect.
You can measure the response time of any given DNS server for
arbitrary requests using dnsping. Just like traditional ping utility,
it gives you similar functionality for DNS requests.
You can also trace the path your DNS request takes to destination
to make sure it is not being redirected or hijacked. This can be
done by comparing different DNS queries being sent to the same DNS
server using dnstraceroute and observe if there is any difference
between the path.
dnseval evaluates multiple DNS resolvers and helps you choose the
best DNS server for your network. While it is highly recommended
to use your own DNS resolver and never trust any third-party DNS
server, but in case you need to choose the best DNS forwarder for
your network, dnseval lets you compare different DNS servers from
performance (latency) and reliability (loss) point of view.
|
|
|
|
Client for the whois.cymru.com service
Perform lookups by ip address and return ASN, Country Code, and
Netblock Owner.
|
|
|
|
2016-05-27 Bob Halley <halley@dnspython.org>
* (Version 1.14.0 released)
* Add CSYNC RR support
* Fix bug in LOC which destroyed N/S and E/W distinctions within
a degree of the equator or prime merdian respectively.
* Misc. fixes to deal with fallout from the Python 2 & 3 merge.
[issue #156], [issue #157], [issue #158], [issue #159],
[issue #160].
* Running with python optimization on caused issues when
stripped docstrings were referenced. [issue #154]
* dns.zone.from_text() erroneously required the zone to be provided.
[issue #153]
2016-05-13 Bob Halley <halley@dnspython.org>
* dns/message.py (make_query): Setting any value which implies
EDNS will turn on EDNS if 'use_edns' has not been specified.
2016-05-12 Bob Halley <halley@dnspython.org>
* TSIG signature algorithm setting was broken by the Python 2
and Python 3 code line merge. Fixed.
2016-05-10 Bob Halley <halley@dnspython.org>
* (Version 1.13.0 released)
2016-05-10 Bob Halley <halley@dnspython.org>
* Dropped support for Python 2.4 and 2.5.
* Zone origin can be specified as a string.
* Support string representation for all DNSExceptions.
* Use setuptools not distutils
* A number of Unicode name bug fixes.
* Added support for CAA, CDS, CDNSKEY, EUI48, EUI64, and URI RR
types.
* Names now support the pickle protocol.
* NameDicts now keep the max-depth value correct, and update
properly.
* resolv.conf processing rejects lines with too few tokens.
* Ports can be specified per-nameserver in the stub resolver.
2016-05-03 Arthur Gautier
* Single source support for python 2.6+ and 3.3+
2014-09-04 Bob Halley <halley@dnspython.org>
* Comparing two rdata is now always done by comparing the binary
data of the DNSSEC digestable forms. This corrects a number of
errors where dnspython's rdata comparison order was not the
DNSSEC order.
* Add CAA implementation. Thanks to Brian Wellington for the
patch.
|
|
Fixes build on NetBSD-current.
|
|
Changes:
2016.06.25:
[*] misc bug fixes and improvements
2016.06.23*:
[*] misc bug fixes and improvements
2016.06.22:
[gametrailers] Remove extractor
[*] misc bug fixes and improvements
2016.06.20:
[*] misc bug fixes and improvements
2016.06.19*:
[aftonbladet] Fix extraction
[closertotruth] Add extractor
[r7] Fix extraction
[*] misc bug fixes and improvements
|
|
It's still needed (but with a fixed path)
Bump PKGREVISION.
Pointed out by <wiz>.
|
|
prototrout on freenode.
|
|
Add a patch to avoid scribbling on random memory if the server
certificate has more than one alternate name.
Bump PKGREVISION.
|
|
this package where other packages are installed which depend on cups.
Discussed with wiz@
Bump PKGREVISION.
|
|
|
|
Noticed by wiz@.
|
|
Requested by wiz@.
|
|
|
|
|
|
mk/ocaml.mk.
|
|
|
|
NetBSD/current.
|
|
reasons, GCC 4.8.4 seems to leak memory when hitting NULs embedded in
strings. Bump revision.
|
|
|
|
pkgsrc changes:
- Use :S modifier exactly two times (instead of using the 'g'
option) in PKGNAME to properly handle VERSION_DATEs with minor
revisions. No other functional changes intended.
Changes:
2016.06.18*
-----------
[carambatv] add extractor
[nickde] add extractor
2016.06.16
----------
[*] misc bug fixes and improvements
2016.06.14
----------
[rockstargames] add new extractor
[*] misc bug fixes and improvements
2016.06.12
----------
[telewebion] add new extractor
[*] misc bug fixes and improvements
2016.06.11*
-----------
[vidio] add extractor
[youku:show] add new extractor
[weibo] remove the extractor
[vulture] remove the extractor
[*] misc bug fixes and improvements
2016.06.03
----------
[seeker] add new extractor
[loc] add extractor
[*] misc bug fixes and improvements
2016.06.02
----------
[*] misc bug fixes and improvements
2016.05.30.2.*
--------------
[afreecatv] add new extractor
[WDR] various bug fixes and improvements
[*] misc bug fixes and improvements
|
|
Upstream changes:
* support retweet myself
https://twitter.com/twitter/status/742749353689780224
* ignore format like "D mikutter_bot" and stop opening profile by click
* translations
* zh_TW
* en
|
|
|
|
nanomsgxx is a binding of the nanomsg library for C++11.
Originally packaged in pkgsrc-wip by:
- Remy Chibois,
- Tobias Nygren
and
- myself.
|
|
|
|
|
|
nanomsg is a socket library that provides several common communication patterns.
It aims to make the networking layer fast, scalable, and easy to use.
Implemented in C, it works on a wide range of operating systems with no further
dependencies.
The communication patterns, also called "scalability protocols", are basic
blocks for building distributed systems.
By combining them you can create a vast array of distributed applications.
Originally packaged in pkgsrc-wip by:
- Remy Chibois,
- Tobias Nygren,
and
- myself.
|
|
* Fix truncated packet handling where the DHCP message is less than the
BOOTP size
* Rework the raw socket handling around an fd for initial Solaris support
* Only pull one message from the raw socket - eloop will handle the looping
* Netmask fixes for STATIC and INFORM
* Rework if_address to use struct ipv4_addr, like the ipv6 counter parts
* Split BSD handlink into many smaller functions to improve readability
* empty DNS entries are no longer created
* Test for hostname_fqdn being set to server or blank
* Allow an SLA 0 and prefix length of 0 to delegate the whole prefix
ia_pd 1 wm1/0
* Fix prefix delegation address timings on renew
|
|
Bump PKGREVISION.
|
|
===========================
Bugfixes:
---------
- Fix separate logging of server and zone events
- Fix concurrent zone file flushing with many zones
- Fix possible server crash with empty hostname on OpenWRT
- Fix control timeout parsing in knotc
- Fix "Environment maxreaders limit reached" error in knotc
- Don't apply journal changes on modified zone file
- Remove broken LTO option from configure script
- Enable multiple zone names completion in interactive knotc
- Set the TC flag in a response if a glue doesn't fit the response
- Disallow server reload when there is an active configuration transaction
Improvements:
-------------
- Distinguish unavailable zones from zones with zero serial in log messages
- Log warning and error messages to standard error output in all utilities
- Document tested PKCS #11 devices
- Extended Python configuration interface
Knot DNS 2.2.0 (2016-04-26)
===========================
Bugfixes:
---------
- Fix build dependencies on FreeBSD
- Fix query/response message type setting in dnstap module
- Fix remote address retrieval from dnstap capture in kdig
- Fix global modules execution for queries hitting existing zones
- Fix execution of semantic checks after an IXFR transfer
- Fix PKCS#11 support detection at build time
- Fix kdig failure when the first AXFR message contains just the SOA record
- Exclude non-authoritative types from NSEC/NSEC3 bitmap at a delegation
- Mark PKCS#11 generated keys as sensitive (required by Luna SA)
- Fix error when removing the only zone from the server
- Don't abort knotc transaction when some check fails
Features:
---------
- URI and CAA resource record types support
- RRL client address based white list
- knotc interactive mode
Improvements:
-------------
- Consistent IXFR error messages
- Various fixes for better compatibility with PKCS#11 devices
- Various keymgr user interface improvements
- Better zone event scheduler performance with many zones
- New server control interface
- kdig uses local resolver if resolv.conf is empty
|
|
==========
FEATURES:
- ip-freebind: yesno option in nsd.conf sets IP_FREEBIND socket option
for Linux, binds to interfaces and addresses that are down.
- NSD includes AAAA before A for queries over IPV6 (in delegations).
And TC is set if no glue can be provided with a delegation because
of packet size.
- print notice that nsd is starting before taking off.
BUG FIXES:
- Fix for openssl 1.1.0, HMAC_CTX size not exported from openssl.
- Fix #751: NSD fails to occlude names below a DNAME.
- If set without nsd.db print "" as the default in the man pages.
- Fix #755: NSD spins after a zone update and a lot of TCP queries.
- Fix for NSEC3 with zone signed without exact match for empty
nonterminals, the answer for that domain gets closest encloser.
- #772 Document that recvmmsg has IPv6 problems on some linux kernels.
|
|
=============
Features:
---------
- generic edns option parse and store code.
- Updated L root IPv6 address.
- User defined pluggable event API for libunbound
- ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for binding
to an IP address while the interface or address is down.
- OpenSSL 1.1.0 portability, --disable-dsa configure option.
- disable-dnssec-lame-check config option.
Bug Fixes:
----------
- [bugzilla: 745 ] Fix unbound.py - idn2dname throws UnicodeError when idnname contains trailing dot.
- configure tests for the weak attribute support by the compiler.
- [bugzilla: 747 ] Fix assert in outnet_serviced_query_stop.
- Updated configure and ltmain.sh.
- Fixup of compile fix for pluggable event API.
- Fixup backend2str for libev.
- Fix libev usage of dispatch return value.
- No side effects in tolower() call, in case it is a macro.
- Fix warnings in ifdef corner case, older or unknown libevent.
- Fix ip-transparent for ipv6 on FreeBSD.
- Fix ip-transparent for tcp on freebsd.
- [bugzilla: 746 ] Fix unbound sets CD bit on all forwards.
If no trust anchors, it'll not set CD bit when forwarding to another server.
If a trust anchor, no CD bit on the first attempt to a forwarder,
but CD bit thereafter on repeated attempts to get DNSSEC.
- Limit number of QNAME minimisation iterations.
- Validate QNAME minimised NXDOMAIN responses.
- If QNAME minimisation is enabled, do cache lookup for QTYPE NS in harden-below-nxdomain.
- Fix compile of getentropy_linux for SLES11 servicepack 4.
- Fix dnstap-log-resolver-response-messages.
- Fix test for openssl to use HMAC_Update for 1.1.0.
- ERR_remove_state deprecated since openssl 1.0.0.
- OPENSSL_config is deprecated, removing.
- Document permit-small-holddown for 5011 debug.
- [bugzilla: 749 ] Fix unbound-checkconf gets SIGSEGV when use against a malformatted conf file.
- [bugzilla: 753 ] Fix document dump_requestlist is for first thread.
- Fix some malformed reponses to edns queries get fallback to nonedns.
- [bugzilla: 759 ] Fix 0x20 capsforid no longer checks type PTR, for compatibility with cisco dns guard. This lowers false positives.
- Fix sldns with static checking fixes copied from getdns.
- Fix memory leak in out-of-memory conditions of local zone add.
- [bugzilla: 761 ] Fix DNSSEC LAME false positive resolving nic.club.
- [bugzilla: 766 ] Fix dns64 should synthesize results on timeout/errors.
- No QNAME minimisation fall-back for NXDOMAIN answers from DNSSEC signed zones.
- [bugzilla: 767 ] Fix Reference to an expired Internet-Draft in harden-below-nxdomain documentation.
- remove memory leak from lame-check patch.
- [bugzilla: 770 ] Fix Small subgroup attack on DH used in unix pipe on localhost if unbound control uses a unix local named pipe.
- Document write permission to directory of trust anchor needed.
- [bugzilla: 768 ] Fix Unbound Service Sometimes Can Not Shutdown Completely, WER Report Shown Up. Close handle before closing WSA.
- Fix time in case answer comes from cache in ub_resolve_event().
- Fix windows service to be created run with limited rights, as a network service account.
- [bugzilla: 752 ] Fix retry resource temporarily unavailable on control pipe.
- iana ports fetched via https.
- iana portlist update.
|
|
|
|
v0.13.7
Fixes the issue with the GUI being grey on startup (#3301)
v0.13.6
This is a bugfix release. There are also multiple cleanups and minor improvements to the web UI by @norgeous.
Resolved issues:
#3262: v0.13.5 -no-upgrade build now requires gcc (@calmh)
#3267: Favicon should not be animated (@calmh)
#3136: Toggling HTTP/HTTPS breaks GUI/API (@calmh)
#3287: Understand older/newer Hello messages (@calmh)
Warnings on relay connectivity issues are reduced (@scienmind)
|
|
|
|
Changes since OpenNTPD 5.9p1
============================
* Fixed a link failure on older Linux distributions and a build
failure on FreeBSD.
* Set MOD_MAXERROR to avoid unsynced time status when using
ntp_adjtime.
* Fixed HTTP Timestamp header parsing to use strptime in a more
portable fashion.
* Hardened TLS for ntpd constraints, enabling server name
verification. Thanks to Luis M. Merino.
Note that HTTPS TLS constraints are currently disabled in pkgsrc pending
evaluation of how best to deal with libressl.
|
|
This release only contains bugfixes and it should be safe to update
from 1.8.1.
|
|
Changes not found, but this release obsoletes the pkgsrc patches
for ocaml-4.03 support.
|
|
|
|
* Changes in Wget 1.18
* By default, on server redirects to a FTP resource, use the original
URL to get the local file name. Close CVE-2016-4971. This
introduces a backward-incompatibility for HTTP->FTP redirects and
any script that relies on the old behaviour must use
--trust-server-names.
* Check the HSTS file is not world-writable before using it.
* Parse <img srcset> attributes on a recursive download.
* Fix problem with SNI server names having trailing dot(s)
* New options --bind-dns-address and --dns-servers.
* When Wget is built with libiconv, it now converts non-ASCII URIs to
the locale's codeset when it creates files. The encoding of the
remote files and URIs is taken from --remote-encoding, defaulting to
UTF-8. The result is that non-ASCII URIs and files downloaded via
HTTP/HTTPS and FTP will have names on the local filesystem that
correspond to their remote names.
|
|
Wireshark 2.0.4 Release Notes
What's New
Bug Fixes
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-29
The SPOOLS dissector could go into an infinite loop. Discovered by
the CESG.
* [2]wnpa-sec-2016-30
The IEEE 802.11 dissector could crash. ([3]Bug 11585)
* [4]wnpa-sec-2016-31
The IEEE 802.11 dissector could crash. Discovered by Mateusz
Jurczyk. ([5]Bug 12175)
* [6]wnpa-sec-2016-32
The UMTS FP dissector could crash. ([7]Bug 12191)
* [8]wnpa-sec-2016-33
Some USB dissectors could crash. Discovered by Mateusz Jurczyk.
([9]Bug 12356)
* [10]wnpa-sec-2016-34
The Toshiba file parser could crash. Discovered by iDefense Labs.
([11]Bug 12394)
* [12]wnpa-sec-2016-35
The CoSine file parser could crash. Discovered by iDefense Labs.
([13]Bug 12395)
* [14]wnpa-sec-2016-36
The NetScreen file parser could crash. Discovered by iDefense Labs.
([15]Bug 12396)
* [16]wnpa-sec-2016-37
The Ethernet dissector could crash. ([17]Bug 12440)
The following bugs have been fixed:
* Saving pcap capture file with ERF encapsulation creates an invalid
pcap file. ([18]Bug 3606)
* Questionable calling of Ethernet dissector by encapsulating
protocol dissectors. ([19]Bug 9933)
* Wireshark 1.12.0 does not dissect HTTP correctly. ([20]Bug 10335)
* Don't copy details of hidden columns. ([21]Bug 11788)
* RTP audio player crashes. ([22]Bug 12166)
* Crash when saving RTP audio Telephony->RTP->RTP
Streams->Analyze->Save->Audio. ([23]Bug 12211)
* Edit - preferences - add column field not showing dropdown for
choices. ([24]Bug 12321)
* Using _ws.expert in a filter can cause a crash. ([25]Bug 12335)
* Crash in SCCP dissector UAT (Qt UI only). ([26]Bug 12364)
* J1939 frame without data = malformed packet ? ([27]Bug 12366)
* The stream number in tshark's "-z follow,tcp,<stream number>"
option is 0-origin rather than 1-origin. ([28]Bug 12383)
* IP Header Length display filter should show calculated value.
([29]Bug 12387)
* Multiple file radio buttons should be check boxes. ([30]Bug 12388)
* Wrong check for getaddrinfo and gethostbyname on Solaris 11.
([31]Bug 12391)
* ICMPv6 dissector doesn't respect actual packet length. ([32]Bug
12400)
* Format DIS header timestamp mm:ss.nnnnnn. ([33]Bug 12402)
* RTP Stream Analysis can no longer be sorted in 2.0.3. ([34]Bug
12405)
* RTP Stream Analysis fails to complete in 2.0.3 when packets are
sliced. ([35]Bug 12406)
* Network-Layer Name Resolution uses first 32-bits of IPv6 DNS
address as IPv4 address in some circumstances. ([36]Bug 12412)
* BACnet decoder incorrectly flags a valid APDU as a "Malformed
Packet". ([37]Bug 12422)
* Valid ISUP messages marked with warnings. ([38]Bug 12423)
* Profile command line switch "-C" not working in Qt interface.
([39]Bug 12425)
* MRCPv2: info column not showing info correctly. ([40]Bug 12426)
* Diameter: Experimental result code 5142. ([41]Bug 12428)
* Tshark crashes when analyzing RTP due to pointer being freed not
allocated. ([42]Bug 12430)
* NFS: missing information in getattr for supported exclusive create
attributes. ([43]Bug 12435)
* Ethernet type field with a value of 9100 is shown as "Unknown".
([44]Bug 12441)
* Documentation does not include support for Windows Server 2012 R2.
([45]Bug 12455)
* Column preferences ruined too easily. ([46]Bug 12465)
* SMB Open andX extended response decoded incorrectly. ([47]Bug
12472)
* SMB NtCreate andX with extended response sometimes incorrect.
([48]Bug 12473)
* Viewing NFSv3 Data, checking SRTs doesn't work. ([49]Bug 12478)
* Make wireshark with Qt enabled buildable on ARM. ([50]Bug 12483)
Updated Protocol Support
AFS, ANSI IS-637 A, BACapp, BT BNEP, Cisco FabricPath MiM, CSN.1,
DCERPC SPOOLS, DIS, Ethernet, GSM A RR, ICMPv6, IEEE 802.11, IPv4,
ISUP, J1939, JXTA, LAPSat, LPADm, LTE-RRC, MRCPv2, NFS, OpenFlow,
SGsAP, SMB, STT, TZSP, UMTS FP, and USB
New and Updated Capture File Support
Aethra, Catapult DCT2000, CoSine, DBS Etherwatch, ERF, iSeries, Ixia
IxVeriWave, NetScreen, Toshiba, and VMS TCPIPtrace
|
|
Upstream changes (from 3.3.x, which include changes during alpha releases):
* library
* Pluggaloid 1.1
* "open tweet" function
* profile
* brush up UI
* a bunch of settings for reply tweet view
* a bunch of settings for quoted retweet view
* fix issue that clicking video links just showed thumbnail image
* drop Ruby 2.0 support and requires 2.1 or later
* Cairo::SubPartsMessageBase
* "tweet in tweet view" function used for reply and quoted tweets,
which can be used third party plugins
* graph of plugin dependency now can be used by mikutter sources
* plugin dependency now can be put into dot file
|
|
|
|
|
|
Upstream changes: bugfixes and minor improvements
|
|
|
|
|
|
|
