| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Upstream changes:
4.066 Mon Oct 29 13:30:14 PDT 2012
update Lite.pm v1.47 to support bracketed IPv6 URI notation
as described in RFC-3986
Thanks to Quanah Gibson-Mount mishikal@yahoo.com
|
|
an external libtdb instead of the internal duplicate
|
|
Upstream changes:
1.18
- Added more documentation about empty_port()
1.17
commit 0f4510d83ae2f2ce112288c64289fa36d32865b3
Author: Christian Walde <walde.christian@googlemail.com>
Date: Sat Jul 28 07:04:40 2012 +0200
fix port checking on Win32 by performing it in another process
On Win32 fork is emulating by creating another thread in the same process.
This leads to a possible bug/race condition when a server tries to open a
port and listen on it, while in the same process a client tries to connect
to the same port. This manifests by the accept call of the server failing
with an error of "Bad file descriptor".
This is easily fixed by having another process perform the port checking,
since that will not interfere with the internals.
|
|
|
|
This changes the default trust anchor file from the dig-compatible
value to a default of /usr/pkg/etc/unbound/root.key.
Part of change log relevant to drill:
* Configurable default trust anchor with --with-trust-anchor=FILE
for drill, ldns-verify-zone and ldns-dane
* bugfix #473: Dead code removal and resource leak fix in drill
|
|
* Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns
binary compatible with earlier releases again.
1.6.14
* DANE support (RFC6698), including ldns-dane example tool.
* Configurable default CA certificate repository for ldns-dane with
--with-ca-file=CAFILE and --with-ca-path=CAPATH
* Configurable default trust anchor with --with-trust-anchor=FILE
for drill, ldns-verify-zone and ldns-dane
* bugfix #474: Define socklen_t when undefined (like in Win32)
* bugfix #473: Dead code removal and resource leak fix in drill
* bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR's too.
* Various bugfixes from code reviews from CZ.NIC and Paul Wouters
* ldns-notify TSIG option argument checking
* Let ldns_resolver_nameservers_randomize keep nameservers and rtt's
in sync.
* Let ldns_pkt_push_rr now return false on (memory) errors.
* Make buffer_export comply to documentation and fix buffer2str
* Various improvements and fixes of pyldns from Katel Slany
now documented in their own Changelog.
* bugfix: Make ldns_resolver_pop_nameserver clear the array when
there was only one.
* bugfix #459: Remove ldns_symbols and export symbols based on regex
* bugfix #458: Track all newly created signatures when signing.
* bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given.
* bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm.
* pyldns memory handling fixes and the python3/ldns-signzone.py
examples script contribution from Karel Slany.
* bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed
to be bigger (or equal) P in ldns_key_dsa2bin.
* bugfix #449: Deep free cloned rdf's in ldns_tsig_mac_new.
* bugfix #448: Copy nameserver value (in stead of reference) of the
answering nameserver to the answer packet in ldns_send_buffer, so
the original value may be deep freed with the ldns_resolver struct.
* New -0 option for ldns-read-zone to replace inception, expiration
and signature rdata fields with (null). Thanks Paul Wouters.
* New -p option for ldns-read-zone to prepend-pad SOA serial to take
up ten characters.
* Return error if printing RR fails due to unknown/null RDATA.
|
|
change: adjust to newer ffmpeg API
|
|
without IPv6 connectivity. Patch taken from Debian bug report 542148.
Also delint.
|
|
|
|
Xtst, Xi, or Xrandr.
|
|
libXext/buildlink3.mk, now that it is included there.
Leave the places where its API version is set or variables from it
are used directly (about 3 packages).
|
|
4.065 Tue Oct 2 12:36:11 PDT 2012
correct format for IPv6 embedded IPv4 addresses
in InetBase v0.8
4.064 Tue Sep 25 13:54:47 PDT 2012
added support for rfc3021 /31 networks to hostenum
4.063 Fri Aug 10 11:46:18 PDT 2012
Updated GPL v2.0 text and address in all modules
|
|
**** 0.68 Jan 30, 2012
Fix rt.cpan.org #72314
Let a Net::DNS::Nameserver bind on Net::DNS::Nameserver::DEFAULT_ADDR
as a last resort.
Fix to suppress false warnings about subroutine profiles on ancient
versions of perl.
Fix to avoid constants with value undef which prevents unwanted code from being
optimized away on ancient versions of perl.
Fix code error in PTR.pm, canonical RDATA not downcased.
Enhancement to clarify the function of parse and data methods, by renaming them
to decode and encode respectively.
Feature IDN query support.
Question.pm modified to use the recently introduced DomainName.pm
module to represent DNS names. Queries for domain names containing
non-ASCII characters are now possible on Unicode platforms with CPAN
Net::LibIDN installed.
Introduction of Mailbox.pm module that will be used in the future to represent
RDATA components containing DNS coded RFC822 mailbox addresses.
Introduction of Text.pm module that will be used in the future to represent
RDATA components containing text.
**** 0.67 Nov 4, 2011
Enhancement rt.cpan.org #60726
On Cygwin Net::DNS now builds without Win32::IPHelper, unless a
previous version is updated that did use it.
The choice may also be set by the --iphelper or --noiphelper option
to Makefile.PL.
Fix to suppress IO::Socket::INET(6)::peerhost usage with TCP. On some systems
it doesn't work after receiving data.
Enhancement rt.cpan.org #43142
Allow ReplyHandlers to indicate that no answer should be returned
by the Net::DNS::Nameserver.
Fix rt.cpan.org #71796
Prevent TCP accepts from blocking on unfinished 3-way handshakes.
Fix rt.cpan.org #65607
Make 64bits windows work by depending on Win32::IPHelper version 0.07
Thanks to Lian Wan Situ.
Fix rt.cpan.org #66470
Named nameserver should be reachable by IPv6 too.
Fix to make tests work in jailed environments where a reply might come
from a different address than that of the loopback interface.
Feature to use a class method ReplyHandler for classes inheriting from
Net::DNS::Nameserver.
A contribution from Rob Brown.
Fix rt.cpan.org #71062
Replace the usage of the obsolete Win32::Registry module by
Win32::TieRegistry module.
Fix rt.cpan.org #68731
Fix linking of the C compiled parts of the library on Mac OS X
New improved version of the check_soa script in the contrib section.
A contribution from Dick Franks.
Fix rt.cpan.org #70830
Make t/08-online.t handle NXDOMAIN hijacking that return more then one
answer.
Fix rt.cpan.org #24525
Removed dependency on Net::IP
Fix online tests to use the library as documented and not use knowledge of the
internal workings of the classes that should be hidden.
A contribution from Dick Franks
Fix rt.cpan.org #55682
Make online tests non-fatal by default.
All interactive prompts are removed from Makefile.PL.
Online tests may still be made a requisite by using the --online-tests
option.
Major rework of Net::DNS::Domain.pm and the addition of Net::DNS::DomainName.pm
Which paves the way towards handling of character encodings and IDN.
A contribution from Dick Franks.
Fix rt.cpan.org #69174
Typo that prevented TCP traffic from being replied from the same
socket as it was received on.
Fix rt.cpan.org #68338
Suppress warnings of the deprecated use of qw as parentheses in
perl 5.14.
Enhancement rt.cpan.org #67418
A contribution from Wolfsage to perform presentation to wire format
conversion more efficiently.
Fix rt.cpan.org #67133
Gracefully handle corrupted incoming packets in Net::DNS::Nameserver.
Feature to manage serial numbers in SOA records in a modular and extensible way.
Three modules are provided. Strictly sequential, Date Encoded and
Time Encoded. A contribution from Dick Franks.
Fix rt.cpan.org #53325
Make Net::DNS::Resolver load even if /etc/resolv.conf is unreadable.
Fix rt.cpan.org #63486
Make t/08-online.t fail gracefully in stead of crash on failures.
Fix rt.cpan.org #55586
Various typo fixes.
Fix rt.cpan.org #55682
Really do not use networking functions when online tests are disabled.
Fix rt.cpan.org #64562
Replace TSIG key with the signature of the whole packet when signing
a packet, even when the TSIG key is not the first in the additional
section.
Fix rt.cpan.org #56181 and #47265
Assembly of segmented TCP traffic.
Feature rt.cpan.org #57289
Provide a configurable IdleTimeout for Net::DNS::Namserver.
Fix rt.cpan.org #53595
Fix documentation to reflect code behaviour where on successful packet
creation, the error should be ignored.
Fix rt.cpan.org #58914
Fix spelling of "algorithm"
Fix rt.cpan.org #61725
Include default domain in the search list on Win32.
Thanks Mark Rallen.
Fix rt.cpan.org #63321
A Net::DNS::Nameserver without a NotifyHandler now responds NOTIMP
to NOTIFY requests.
Fix rt.cpan.org #53595
Documentation now reflects Net::DNS::Packet construction behaviour.
|
|
=== Transmission 2.72 (2012/10/16) ===
==== All Platforms ====
* Fix crash when adding magnet links with malformed webseeds
* Fix handling of magnet links' webseed URLs that contain whitespace
* Fix remaining time estimates of magnet links that have webseeds
* Show the webseed count in the torrent list when downloading from webseeds
==== Mac ====
* When possible allow automatic switching to the integrated GPU on dual-GPU machines
* Include seeding-complete transfers in the badged count on the Dock icon
==== GTK+ ====
* When adding torrents by URL from the clipboard, handle whitespace in the link
==== Qt ====
* Fix dialog memory leaks
==== Web Client ====
* Minor interface fixes
|
|
|
|
|
|
|
|
|
|
|
|
"host" tarballs anymore.
|
|
net/bind9*: remove "bind<x.y.z" entries from CONFLICTS. It is useless
because package's PKGBASE is "bind".
|
|
|
|
|
|
This switches to the 2.40 (gnome-3.6) release branch
|
|
this switches to the 2.34 (gnome-3.6) release branch
|
|
in recent "twisted"
makes the upnp server of "rhythmbox" work again, at least with its
own renderer and gupnp-av-cp
bump PKGREV
|
|
|
|
|
|
support, making sure everything is well-tested -- NOT, avoid using it here.
Bump PKGREVISION.
|
|
From upstream SVN (to be released as 2.40.69 some day).
r511 | vouillon | 2012-09-17 16:09:03 +0200 (Mon, 17 Sep 2012) | 3 lines
* Use hash function from OCaml 3.x for comparing archives, even when
compiled with OCaml 4.x
Bump PKGREVISION.
|
|
XXX: but what is it?
|
|
|
|
- update to newest version
Upstream changelog:
Xymon release 4.3.10 - released on Aug 6 2012
=============================================
Main features in this release is the addition of inode-checks
on all major platforms, and a series of enhancements to the
build procedure.
Also, building Xymon on most common platforms is now explicitly
described in the "install" document.
* Fix build problems with "errno"
* Fix build problems with OpenSSL in non-default locations
* Fix build problems with certain LDAP configurations
* Fix build problems with RRDtool on FreeBSD / OpenBSD
* Fix problem with ifstat data from Fedora in graphs
* "inode" check on FreeBSD, OpenBSD, OSX, Solaris, HP/UX, AIX
in addition to existing support for Linux
* Document building and installing Xymon on common platforms
(Linux, FreeBSD, OpenBSD, Solaris)
* Enhance xymoncfg so it can be used to import Xymon configuration
settings into shell-scripts.
Xymon release 4.3.9 - released on Jul 24 2012
=============================================
This release is mainly a bug-fix release.
* Fix crash when XYMSRV is undefined but XYMSERVERS is
* Fix error in calculating combo-status messages with
forward references
* Fix error in disable-until-TIME or disable-until-OK code
* Fix documentation of DURATION in alerts.cfg / xymond_alert so
it is consistenly listed as being in "minutes".
* Permit explicit use of ">" and ">=" in alerts.cfg
* Permit building without the RRDtool libraries, e.g. for
a network-tester build, but with trend-graphing disabled.
* Full compiler-warning cleanup
* Various configuration/build-script issues fixed.
Xymon release 4.3.8 - released on Jul 15 2012
=============================================
This release is mainly a bug-fix release.
Bugfixes
* Workaround for DNS timeout handling, now fixed at approximately 25
seconds.
* "hostinfo" command for xymond documented
* confreport only shows processes that are monitored
* analysis.cfg parsing of COLOR for UP rules was broken
* RRD handlers no longer crash after receiving 1 billion updates
* Using .netrc for authentication could crash xymonnet
* "directory" includes would report the wrong filename for missing
directories.
* useradm CGI would invoke htpassword twice
* "include" and "directory" now ignores trailing whitespace
* SSLv2 support disabled if SSL-library does not support it
* Minor bugfixes and cleanups of compiler warnings.
Enhancements
* Service status on info page now links to the detailed status page.
* Add RRDGRAPHOPTS setting to permit global user-specified RRD options,
e.g. for font to showgraph CGI
* Add check for the size of public keys used in SSL certificates
(enabled via --sslkeysize=N option for xymonnet)
* Optionally disable the display of SSL ciphers in the sslcert status
(the --no-cipherlist option for xymonnet)
* Improved build-scripts works on newer systems with libraries in
new and surprising places
* Reduce xymonnet memory usage and runtime for ping tests when there
are multiple hosts.cfg entries with the same IP-address.
* Add code for inode-monitoring on Linux. Does not currently work on
any other client platform.
* Added the ability to disable tests until a specific time, instead of
for some interval. Disabling a test also now computes the expire time
for the disable to happen at the next closest minute.
|
|
|
|
|
|
|
|
|
|
-build vala bindings
bump PKGREV
|
|
|
|
|
|
Here are change changes from release note. Note security fixes except
CVE-2012-5166 should be already fixed in previous version of bind99 package.
Please refer https://kb.isc.org/article/AA-00798 for list of full bug fixes.
Security Fixes
* A deliberately constructed combination of records could cause named to hang
while populating the additional section of a response. [CVE-2012-5166] [RT
#31090]
* Prevents a named assert (crash) when queried for a record whose RDATA
exceeds 65535 bytes. [CVE-2012-4244] [RT #30416]
* Prevents a named assert (crash) when validating caused by using "Bad cache"
data before it has been initialized. [CVE-2012-3817] [RT #30025]
* A condition has been corrected where improper handling of zero-length RDATA
could cause undesirable behavior, including termination of the named
process. [CVE-2012-1667] [RT #29644]
* ISC_QUEUE handling for recursive clients was updated to address a race
condition that could cause a memory leak. This rarely occurred with UDP
clients, but could be a significant problem for a server handling a steady
rate of TCP queries. [CVE-2012-3868] [RT #29539 & #30233]
New Features
* Elliptic Curve Digital Signature Algorithm keys and signatures in DNSSEC are
now supported per RFC 6605. [RT #21918]
* Introduces a new tool "dnssec-checkds" command that checks a zone to
determine which DS records should be published in the parent zone, or which
DLV records should be published in a DLV zone, and queries the DNS to ensure
that it exists. (Note: This tool depends on python; it will not be built or
installed on systems that do not have a python interpreter.) [RT #28099]
* Introduces a new tool "dnssec-verify" that validates a signed zone, checking
for the correctness of signatures and NSEC/NSEC3 chains. [RT #23673]
* Adds configuration option "max-rsa-exponent-size <value>;" that can be used
to specify the maximum rsa exponent size that will be accepted when
validating [RT #29228]
Feature Changes
* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get an answer.
[RT #29492]
|
|
Here are change changes from release note. Note security fixes except
CVE-2012-5166 should be already fixed in previous version of bind98 package.
Please refer https://kb.isc.org/article/AA-00797 for list of full bug fixes.
Security Fixes
* A deliberately constructed combination of records could cause named to hang
while populating the additional section of a response. [CVE-2012-5166] [RT
#31090]
* Prevents a named assert (crash) when queried for a record whose RDATA
exceeds 65535 bytes [CVE-2012-4244] [RT #30416]
* Prevents a named assert (crash) when validating caused by using "Bad cache"
data before it has been initialized. [CVE-2012-3817] [RT #30025]
* A condition has been corrected where improper handling of zero-length RDATA
could cause undesirable behavior, including termination of the named
process. [CVE-2012-1667] [RT #29644]
New Features
* Elliptic Curve Digital Signature Algorithm keys and signatures in DNSSEC are
now supported per RFC 6605. [RT #21918]
Feature Changes
* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get an answer.
[RT #29492]
|
|
Here are change changes from release note. Note security fixes except
CVE-2012-5166 should be already fixed in previous version of bind97 package.
Please refer https://kb.isc.org/article/AA-00796 for list of full bug fixes.
Security Fixes
* A deliberately constructed combination of records could cause named to hang
while populating the additional section of a response. [CVE-2012-5166] [RT
#31090]
* Prevents a named assert (crash) when queried for a record whose RDATA
exceeds 65535 bytes [CVE-2012-4244] [RT #30416]
* Prevents a named assert (crash) when validating caused by using "Bad cache"
data before it has been initialized. [CVE-2012-3817] [RT #30025]
* A condition has been corrected where improper handling of zero-length RDATA
could cause undesirable behavior, including termination of the named
process. [CVE-2012-1667] [RT #29644]
New Features
None
Feature Changes
* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get an answer.
[RT #29492]
|
|
Here are change changes from release note. Note security fixes except
CVE-2012-5166 should be already fixed in previous version of bind96 package.
Please refer https://kb.isc.org/article/AA-00795 for list of full bug fixes.
Security Fixes
* A deliberately constructed combination of records could cause named to hang
while populating the additional section of a response. [CVE-2012-5166] [RT
#31090]
* Prevents a named assert (crash) when queried for a record whose RDATA
exceeds 65535 bytes [CVE-2012-4244] [RT #30416]
* Prevents a named assert (crash) when validating caused by using "Bad cache"
data before it has been initialized. [CVE-2012-3817] [RT #30025]
* A condition has been corrected where improper handling of zero-length RDATA
could cause undesirable behavior, including termination of the named
process. [CVE-2012-1667] [RT #29644]
New Features
None
Feature Changes
* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get an answer.
[RT #29492]
|
|
On Linux libfetch needs to be built with '-fPIC' so that it can be used
to build shared libraries. (Fixes databases/openldap-client build.)
|
|
|
|
|
|
for /etc/trusted-key.key, and uses that as a trust anchor if neither
-D nor -k options were specified. This feature is borrowed from
BIND's dig when it is compiled with SIGCHASE support. Bump
PKGREVISION.
|
