| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
"bind9-current" package.
|
|
|
|
|
|
- Change to my NetBSD email address
####################### V 1.4.0.2:
corrections:
exec'd write-only addresses get a chance to flush before being killed
error handler: print notice on error-exit
filan printed wrong file type information
####################### V 1.4.0.1:
corrections:
socks4a constructed invalid header. Problem found, reported, and fixed
by Thomas Themel, by Peter Palfrader, and by rik
with nofork, don't forget to apply some process related options
(chroot, setsid, setpgid, ...)
####################### V 1.4.0.0:
new features:
simple openssl server (ssl-l), experimental openssl trust
new options "cafile", "capath", "key", "cert", "egd", and "pseudo" for
openssl
new options "retry", "forever", and "intervall"
option "fork" for address TCP improves `gender changer´
options "sigint", "sigquit", and "sighup" control passing of signals to
sub process (thanks to David Shea who contributed to this issue)
readline takes respect to the prompt issued by the peer address
options "prompt" and "noprompt" allow to override readline's new
default behaviour
readline supports invisible password with option "noecho"
socat option -lp allows to set hostname in log output
socat option -lu turns on microsecond resolution in log output
corrections:
before reading available data, check if writing on other channel is
possible
tcp6, udp6: support hostname specification (not only IP address), and
map IP4 names to IP6 addresses
openssl client checks server certificate per default
support unidirectional communication with exec/system subprocess
try to restore original terminal settings when terminating
test.sh uses tmp dir /tmp/$USER/$$ instead of /tmp/$$
socks4 failed on platforms where long does not have 32 bits
(thanks to Peter Palfrader and Thomas Seyrat)
hstrerror substitute wrote wrong messages (HP-UX, Solaris)
proxy error message was truncated when answer contained multiple spaces
porting:
compiles with AIX xlc, HP-UX cc, Tru64 cc (but might not link)
|
|
- require libpcap>=0.8, and remove the related redundant comment
- use && in preference to ; in sh(1) block
|
|
program for the network, showing the top flows across a network interface.
|
|
Tue. March 30, 2004. mcr@sandelman.ottawa.on.ca. Summary for 3.8.3 release
Fixed minor problem in gencode.c that would appear on 64-bit
platforms.
Version number is now sane.
Mon. March 29, 2004. mcr@sandelman.ottawa.on.ca. Summary for 3.8.2 release
updates for autoconf 2.5
fixes for ppp interfaces for freebsd 4.1
pcap gencode can generate code for 802.11, IEEE1394, and pflog.
Wed. November 12, 2003. mcr@sandelman.ottawa.on.ca. Summary for 0.8 release
added pcap_findalldevs()
Win32 patches from NetGroup, Politecnico di Torino (Italy)
OpenBSD pf, DLT_PFLOG added
Many changes to ATM support.
lookup pcap_lookupnet()
Added DLT_ARCNET_LINUX, DLT_ENC, DLT_IEEE802_11_RADIO, DLT_SUNATM,
DLT_IP_OVER_FC, DLT_FRELAY, others.
Sigh. More AIX wonderfulness.
Document updates.
Changes to API: pcap_next_ex(), pcap_breakloop(), pcap_dump_flush(),
pcap_list_datalinks(), pcap_set_datalink(),
pcap_lib_version(), pcap_datalink_val_to_name(),
pcap_datalink_name_to_val(), new error returns.
|
|
into a existing window. This is required by krdc from kdenetwork package
version 3.3.0.
XXX This is supposed to be integrated in next version of rdesktop.
Bump PKGREVISION.
|
|
* FCP HTLs are now limited to 20 rather than 5; helps propagation
* Some log message severity leves are reduced (less "normal"-mode logs)
* Beginnings of support for much larger primes in the crypto code.
|
|
with the new snort-contib package.
|
|
- Fix builds on 1.6 and 2.0_BETA
- ok'ed wiz@
- Addresses PR 26987 opened by Rui Paulo, thanks.
- Fix startup script using the wrong options
- Lots of changes including
- Denial-of-Service Security Fix.
- Make IPv6 support work better.
- Many, many minor bug fixes and feature enhancements.
- EAP-module feature improvements.
|
|
to add directories to the header search path. Also, use
BUILDLINK_LDADD.<pkg>, which currently doesn't do anything yet, but will
some time soon.
|
|
|
|
libraries get linked with the BIND 9 resolver library.
|
|
will pickup the BIND 9 version of e.g. "arpa/nameser.h".
|
|
|
|
- Package contains the files from the contrib directory of the snort tarball
- ok'ed wiz@
- Suggested by Dave Burgess in PR 18996, thanks Dave !
|
|
Changes:
- fixed a hang up when filtering output via an external command
(the bug appeared in 3.0.8).
- don't use ftp:port-ipv4 in FXP mode.
|
|
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
|
|
=============
Version 2.8.0
=============
o Translators
* Abdulaziz Al-Arfaj (ar)
* Dafydd Tomos (cy)
* Hendrik Richter (de)
* Nikos Charonitakis (el)
* Åsmund Skjæveland (nn)
* Mişu Moldovan (ro)
* Baris Cicek (tr)
* Roy Chan (zh_TW)
==============
Version 2.7.92
==============
o Translators
* Denis Radovanović (bs)
* Ole Laursen (da)
* Christian Neumair (de)
* Kostas Papadimas (el)
* Iñaki Larrañaga Murgoitio (eu)
* Sami Pesonen (fi)
* Audrey Simons (fr)
* Satrou SATOH (ja)
* Young-Ho Cha (ko)
* Hasbullah Bin Pit (ms)
* Kjartan Maraas (nb)
* Elian Myftiu (sq)
* Christian Rose (sv)
* Maxim Dziumanenko (uk)
==============
Version 2.7.91
==============
o Translators
* Ankit Patel (gu)
* Hasbullah Bin Pit (ms)
* GNOME PL Team (pl)
* Данило Шеган (sr)
* Mai Hao Hui (zh_CN)
==============
Version 2.7.90
==============
o Fixes
* Don't make lack of wireless support in kernel an error condition (Mark)
* Fix integer overflow with interface statistics display (Mark)
o Misc
* New signal strength icons (Calum Benson)
o Translators
* Rostislav Raykov (bg)
* Martin Willemoes Hansen (da)
* Adam Weinberger (en_CA)
* Gareth Owen (en_GB)
* Francisco Javier F. Serrador (es)
* Tommi Vainikainen (fi)
* Jean-Michel Ardantz (fr)
* Ravishankar Shrivastava (hi)
* ahmad riza h nst (id)
* Takeshi AIHANA (ja)
* Changwoo Ryu (ko)
* Elros Cyriatan (nl)
* Kjartan Maraas (no)
* Duarte Loreto (pt)
* Laurent Dhima (sq)
===============
Version 2.7.3.1
===============
o Fixes
* Fix broken build with --enable-debug (Mark)
o Translators
* Miloslav Trmac (cs)
=============
Version 2.7.3
=============
o Fixes
* Make the interface statistics update correctly (Mark)
* Display the correct figures for bytes sent/received (Mark)
* Remove ellipses from menu items as per HIG (Dennis Cranston)
o Translators
* Rostislav Raykov (bg)
* Miloslav Trmac (cs)
* Alexander Winston (en_CA)
* Gareth Owen (en_GB)
* Laszlo Dvornik (hu)
* Takeshi AIHANA (ja)
* Žygimantas Beručka (lt)
* Arangel Angov (mk)
* GNOME PL Team (pl)
* Estêvão Samuel Procópio (pt_BR)
* Laurent Dhima (sq)
* zhakanini (ta)
* Mai Hao Hui (zh_CN)
=============
Version 2.7.1
=============
o Features
* Add support for displaying wireless signal strength (Mark, Calum)
* New colour scheme for the icons (Piero)
o Fixes
* Fix build on NetBSD (Julio M. Merino Vidal)
* Only display a single error dialog at a time (Paolo Borelli)
* Fix segfault on FreeBSD (Joe Marcus Clarke)
* Make the thing actually flash again (Davyd Madeley)
* Correctly set the window icon on the dialog (Mark)
* Handle plurals correctly in all locales (Christian Rose, Mark)
* Fix build on Solaris (Laca)
* Make the help button show the correct help page (Muktha)
* Make the icon appear in the dialog again (Mark)
* Correctly display sent/received in Gb (Mark)
o Translators
* Mətin Əmirov (az)
* Miloslav Trmac (cs)
* Dafydd Tomos (cy)
* Alexander Winston (en_CA)
* Gareth Owen (en_GB)
* Francisco Javier F. Serrador (es)
* Žygimantas Beručka (lt)
* Elros Cyriatan (nl)
* Laurent Dhima (sq)
* Enver ALTIN (tr)
* Yuriy Syrota (uk)
|
|
2.8.0 ("Chicote")
* Fixes:
- Disable build of outdated documentation translations
- Fix core file MIME handling
- Open documentation in the right section (Shaun McCance)
* Improvements:
- Update documentation (Shaun McCance)
* Translations:
- More final updates
2.7.92 ("Ojos verdes)
* Translations:
- Some final updates
2.7.91 ("budyboop")
* Translations:
- Updated Albanian translation (Laurent Dhima)
- Updated Swedish translation (Christian Rose)
- Updated az translation (MÉtin Æmirov)
- Added Bosnian translation (Kenan HadžiavdiÄ)
- Updated Malay translation (Hasbullah Bin Pit)
- Updated Russian translation (Leonid Kanter)
- Updated Simplified Chinese translation (Funda Wang)
- Updated Ukrainian translation (Maxim Dziumanenko)
- Updated Catalan translation (Jordi Mallach)
- Updated Finnish translation (Sami Pesonen)
- Updated Basque translation (Iñaki Larrañaga)
- Updated Korean translation (Changwoo Ryu)
- Updated Albanian translation (Laurent Dhima)
- Updated Portuguese translation (Duarte Loreto)
- Updated Hindi translation (Guntupalli Karunakar)
- Updated Brazilian Portuguese translation (Estêvão Samuel Procópio)
- Updated Danish translation (Ole Laursen)
- Updated Bulgarian translation (Rostislav Raykov)
- Updated German translation (Christian Neumair)
- Updated Serbian translation (Danilo Å egan)
- Updated Hungarian translation (Andras Timar)
- Updated Tamil Translation (Dinesh Nadarajah)
- Updated Japanese translation (Takeshi AIHANA)
2.7.0 ("Lully")
* Fixes:
- Fix some strings after the freeze (#136191, #140053)
- Add scroll bar to description bug text box.
* Improvements:
- Code clean up by Simon Frankau:
* Use buddy_error for error dialogs
* Removed unused variables
* Fix memmory leaks in gdb code
* state machine rearranged
|
|
Changes in libsoup from the 2.0 series (1.99.x versions) to 2.2:
* Most of the libsoup datatypes are now GObjects. (SoupUri
is currently an exception to this.)
* SoupMessage now emits signals at various stages of
processing. (Eg, "wrote_body", "got_headers".) (You
can also still use soup_message_add_*handler().)
* SoupContexts are gone; soup_message_new() now takes a URI
string.
* All formerly global state is now maintained by the
SoupSession object. (This includes the connection pool,
proxy server, cached authentication information, SSL
certificates, etc.)
* You can create a SoupSessionAsync (for 2.0-like
behavior) or SoupSessionSync (for blocking,
synchronous usage).
* You can add SoupMessageFilter objects to a session
to have certain processing automatically performed
on every message sent via that session. (Eg, setting
up handlers.)
* NTLM authentication is no longer supported by
default. You must enable it by setting the
SOUP_SESSION_USE_NTLM flag on the session.
* The preferred method of handling authentication is
now via the "authenticate" and "reauthenticate"
signals on SoupSession. (The old style, of encoding
the user and password information into the url is
also still supported.)
* The SOUP_ERROR_* values are now SOUP_STATUS_* (so that we
don't have "SOUP_ERROR_OK" and the like).
* SOUP_MESSAGE_IS_ERROR() is gone, since some cases
want to include 3xx responses and some don't.
* SOUP_ERROR_CANT_AUTHENTICATE and
SOUP_ERROR_CANT_AUTHENTICATE_PROXY are now gone,
since they didn't carry any information that
SOUP_STATUS_UNAUTHORIZED and
SOUP_STATUS_PROXY_UNAUTHORIZED don't.
* DNS errors now show up as the new status code
SOUP_STATUS_CANT_RESOLVE rather than being mixed in
with SOUP_ERROR_CANT_CONNECT.
* Minimal SOAP support has been added back, via
SoupSoapMessage/SoupSoapResponse
* The HTTP I/O state machine was completely rewritten, fixing
numerous crashes, leaks, and protocol errors.
* SoupUri now conforms to RFC 2396. Mostly.
* Various test programs have been added under tests/
* Removed:
* Support for OpenSSL (which was horribly buggy) and
Mozilla NSS (which was never finished). We only
support GNUTLS for SSL now.
* SOCKS support
* CGI support in SoupServer
|
|
2004-09-13 Mark McLoughlin <mark@skynet.ie>
* configure.in: Version 2.12.0.
2004-08-25 Michael Haubenwallner <michael.haubenwallner@salomon.at>
* src/orb/orb-core/allocators.c (ORBit_freekids_via_TypeCode_T):
Step over align-holes at the end of structures (bug#151023)
* src/orb/orb-core/corba-any.c
(ORBit_marshal_value) (ORBit_demarshal_value)
(ORBit_copy_value_core) (ORBit_value_equivalent):
Ditto.
* test/everything/everything.idl
test/everything/client.c
test/everything/structServer.c:
Added testcase for bug#151023, align-holes at the end of structures.
* test/everything/constants.h:
Ditto.
Added constants for CHAR and OCTET.
2004-08-19 Michael Meeks <michael@ximian.com>
* Version 2.11.2
* src/orb/GIOP/giop-recv-buffer.c
(giop_recv_list_destroy_queue_entry): unref the
ent's connection without the message queue lock
held.
* test/everything/client.c: bin stderr printfs
during thread tests, to avoid unhelpful rescheduling.
* src/orb/orb-core/orbit-small.c
(ORBit_small_unlisten_for_broken_full): use the
peek method, no need to try re-connecting just to
disconnect the 'broken' signal.
* src/orb/orb-core/corba-object.c
(CORBA_Object_release_cb): after a long audit;
unlock / lock around the giop connection unref;
this avoids the final connection release
deadlocking vs. a pending call in the I/O
thread needing this lock.
(ORBit_object_peek_connection): impl.
2004-08-19 Magnus Therning <magnus@therning.org>
* src/idl-compiler/orbit-idl-backend.c: fix
bit-field assignments.
2004-08-10 Michael Meeks <michael@ximian.com>
* test/everything/basicServer.c
(BasicServer_testBoolString): impl.
2004-08-11 Kjartan Maraas <kmaraas@gnome.org>
* src/idl-compiler/orbit-idl-c-backend.c: (orbit_idl_output_c):
0 vs NULL.
* src/idl-compiler/orbit-idl-c-common.c: (cc_output_typecodes):i
Same here.
* src/idl-compiler/orbit-idl-c-utils.c:
(orbit_cbe_get_typespec_str): Same here too.
* src/orb/dynamic/dynany.c: (DynamicAny_DynUnion_member_name):
0 vs NULL and add some casts.
* src/orb/orb-core/allocators.c: (ORBit_freekids_via_TypeCode_T):
0 vs NULL fixes.
* src/orb/orb-core/corba-object.c: (ORBit_objref_find):
Same again.
* src/services/name/boot.c: (main): And again.
* test/echo-srv.c: (echo_srv_finish_object), (echo_srv_finish_poa):
And again.
2004-08-10 Mark McLoughlin <mark@skynet.ie>
* src/orb/orb-core/iop-profiles.c: (IOP_start_profiles),
(IOP_TAG_CODE_SETS_demarshal): don't initialize the sequence
using structure initialization, but rather zero the structure
contents. Fixes bug #147255, which admittedly is really a
gcc on powerpc bug, but this code is nicer anyway.
2004-08-08 Gustavo J. A. M. Carneiro <gustavo@users.sourceforge.net>
* src/orb/orb-core/corba-any.c (ORBit_sequence_remove):
Impl. method to remove a single element in an ORBit sequence.
* include/orbit/orb-core/orbit-small.h: Add ORBit_sequence_remove
prototype.
* test/everything/client.c (testSequenceHelpers): Test
ORBit_sequence_remove.
2004-07-30 Mark McLoughlin <mark@skynet.ie>
* test/test-corbaloc.c: "\%" isn't a valid escape sequence,
so just use "%". From d.binderman@virgin.net.
2004-07-07 Frank Rehberger <frehberg@mole.xtradyne.de>
* Revert to Version 2.11.x and Add Version ORBit2-2.11.1
(developer release only)
2004-07-07 Frank Rehberger <frehberg@gnome-de.org>
* Add Version ORBit2-2.12.0
2004-06-22 Chris Landrieu <perotin101@yahoo.com>
* src/orb/orb-core/allocators.c (ORBit_freekids_via_TypeCode_T):
add missing pre-align for struct/except types. Complicate the
union alignment rules.
2004-05-30 Christophe Saout <christophe@saout.de>
* src/orb/orb-core/corba-any.c:
(ORBit_marshal_value, ORBit_demarshal_value): Fix broken wstring
support. Marshal/demarshal the correct number of bytes on the
wire and negotiate the UTF-16 byte ordering using an optional
endianess marker. Also works now with JacORB.
2004-05-30 Christophe Saout <christophe@saout.de>
* src/services/imodule/orbit-imodule-utils.c
(ORBit_imodule_get_typecode): set c_align in nested array
typecodes that are not handled by ORBit_imodule_find_c_align.
2004-05-17 Michael Meeks <michael@ximian.com>
* ORBit-2.0.pc.in: prune pkgconfig cruft.
2004-05-14 Fernando Herrera <fherrera@onirica.com>
* src/idl-compiler/orbit-idl-c-backend.c: (out_for_pass):
clobber LC_ALL because cpp tranlates some strings in some
locales during dep files generation that makes compilation
fails. Fixes bug #142546.
2004-05-08 Frank Rehberger <frehberg@gnome-de.org>
* src/orb/orb-core/iop-profiles.c (IOP_start_profiles): orbit
generated profiles contain full codeset data structures
(IOP_component_free): freeing codeset structures
(CodeSetComponent_marshal): marshal codeset structures
(CodeSetComponent_demarshal): demarshal codeset structures
* src/orb/orb-core/iop-profiles.h (IOP_PROFILES_CODE_SET_*):
declare known code-sets, but UTF8 and UTF16 supported only.
(struct IOP_TAG_CODE_SETS_info): complete CodeSet data structure
using CONV_FRAME_CodeSetComponentInfo.
* src/orb/orb-core/corba-orb.c: variable orbit_use_corbaloc must
be of type gboolean.
|
|
- ok'ed snj@, wiz@
- Install database scripts which goes a part-way to addressing PR 18996
Updated database schema diagram from Chris Reid. Schema can be found in
./doc/snort_schema_v106.pdf
Added --include-pcre* configuration option to help cross compiling. Thanks
Erik de Castro Lopo.
Fixed thresholding/suppression issue with queuing multiple events per packet.
Thanks Andreas Ostling.
When a rebuilt stream causes an alert, log out the original packets instead of
the rebuilt packet. Thanks sekure@gmail.com for the report.
Turned off http_inspect alerts that were causing false positives in the preset
webserver profiles (Thanks Dan Roelker).
Turn off encoding alerts in HTTP parameter field. The parameter field is still
normalized, it just doesn't alert. This helps reduce alerts that are generated
from complex parameter queries (Thanks Dan Roelker).
Fixed memory leak in "fast" output. Thanks for your bug report
sekure@gmail.com.
Clear error code which under Windows was causing a subsequent false failure in
parsing threshold rules. (Thanks to Rich Adamson)
Further details can be found in Changelog and RELEASE.NOTES.
|
|
1.2.10 - Released 04-Sep-2004
--------------------------------
- Bug 2440 - Unable to use PAM authentication properly. Use a "*" after
the module name in an AuthOrder directive to indicate that an auth
module is authoritative.
- Bug 2441 - AIX5 portability bug with mod_auth_unix, mod_auth_file.
- Bug 2442 - Segfault in FreeBSD PAM library with long login names.
- Bug 2445 - AuthUserFile in <Global> context overrides <VirtualHost> setting.
- Bug 2444 - Use of sendfile() does not interoperate well with RFC2228
security mechanisms. Using sendfile(2) to send data bypasses the handling
of the data by RFC2228 security mechanisms (such as those provided by
mod_tls). So if security mechanisms are detected, do not use sendfile().
- Scrub the ScoreboardFile for stale sessions in inetd mode.
- Bug 2427 - proftpd gets a memory fault when run from ssh batch mode.
1.2.10rc3 - Released 13-Jul-2004
--------------------------------
- Fixed typo that prevented 1.2.10rc2 from compiling.
1.2.10rc2 - Released 13-Jul-2004
---------------------------------
- Bug 2396 - NLST command doesn't understand options. This was caused by
the solution for Bug 2322. However, it is not a popular solution, so
NLST will once again handle options, but only the relevant options.
- Bug 2034 - Add support for a "graceful shutdown" signal. See
contrib/mod_ctrls_admin.html#shutdown for details.
- Bug 2400 - <Class> search order is wrong. The documentation correctly
stated that <Class> sections are matched in order of definition, but the
code has the match order in the reverse order of definition.
- Bug 2401 - MaxClientsPerClass only checks first directive in config file.
- Bug 2399 - Rename start/stop control actions to up/down.
- Bug 2082 - Add mod_rewrite "replaceall" builtin function. See the
RewriteMap documentation for more details.
- Bug 2403 - Sending SIGHUP to proftpd stops it when using Classes. The fix
for Bug #2400 could result in an infinite loop during a SIGHUP.
- Bug 2405 - "LIST *" should not list dotfiles.
- Bug 2366 - Add support for -h list option.
- Bug 2332 - SO_OOBINLINE error after upgrading proftpd from 1.2.6 to 1.2.9.
This is due mostly to a change in the logging; a check for error values
and logging of them was added. The setting of this particular socket option
has been moved earlier in the session, as it was found that short-lived
TCP connections, as from monitoring systems, would cause this error.
- Bug 2407 - mod_auth_file does not allow for proper cascading of "end" and
"set" auth requests.
- Bug 2410 - CreateHome always copies skel directory.
- Bug 2336 - Use of /dev/log on Solaris leads to kernel memory leak.
ProFTPD's use of the /dev/log device on Solaris was tickling a Solaris
kernel bug that caused the Solaris kernel to leak memory.
- Added a TimeoutLinger directive to complement the --enable-timeout-linger
configure option.
- Bug 2125 - -vv command line switch should list versions of modules.
- Bug 2420 - Name field is not escaped before querying database.
The mod_quotatab module was not properly escaping the name string it
used when looking up records from SQL databases.
- Bug 2424 - SQLDefaultHomedir overrides column value.
- Bug 2411 - Caching effects cause RNTO to fail if AllowOverwrite is off and
target path does not exist.
- Bug 2422 - %v not working in SQLNamedQuery.
- Bug 2418 - chmod returns 550 with filename containing multiple spaces.
- Bug 2431 - mod_sql does not use UID/GID properly in cache lookups.
- Bug 2303 - Problem evaluating multiple <Class> rules.
- Bug 2419 - Ability to disable TLSRequired on per-user basis (e.g. for
anonymous logins).
- Bug 2438 - Display variable %z not expanded properly.
- Bug 2439 - <Limit CWD> doesn't work.
1.2.10rc1 - Released 28-Apr-2004
---------------------------------
- Bug 2135 - Add ability to handle passphrase-protected server keys. mod_tls
can now properly prompt for passphrases for protected server certificate
keys when the daemon is starting up.
- Bug 2086 - Add limits for PORT, PASV. This means that now one can use
<Limit> to place access controls on the PORT and PASV commands. This
applies to the EPRT and EPSV commands as well.
- Bug 2174 - mod_auth_unix should not act authoritatively. This was causing
problems when using mod_auth_unix.c and the AuthOrder configuration
directive.
- Bug 2098 - Added SetEnv and UnsetEnv configuration directives.
- Bug 2271 - Improper autoconf check for getaddrinfo() on Tru64 UNIX 5.1.
The getaddrinfo symbol is a macro, not a function, on that platform.
- Bug 2255 - RADIUS Service-Type should reflect attribute expectations.
- Added Event API.
- Bug 2272 - Address/port collision check needs to handle DefaultAddress.
- Bug 2072 - Add Controls API.
This API includes a new program, ftpdctl, that is used to communicate
directly with the proftpd daemon via a new core module, mod_ctrls. For
this new functionality to be used, proftpd must be configured using the
added --enable-ctrls option.
- Bug 2015 - Add AND, OR keywords to Allow/DenyUser directives.
The AllowUser, DenyUser, AllowGroup, and DenyGroup directives now take
an optional keyword that indicates what type of expression they are:
AND, OR, or regex. By default, AllowUser and DenyUser are OR expressions,
and AllowGroup and DenyGroup are AND expressions. For example:
AllowUser regex ^ftp
DenyUser AND dave,bob
AllowGroup OR web,doc
These demonstrate that the optional keyword modifier must be the first
parameter in the configuration directive.
- Bug 2046 - Change RFNR and RNTO logging class to WRITE. This means that
ExtendedLogs that use the WRITE logging class will now include the
RNFR and RNTO commands.
- Mac OS X 10.3 portability fixes.
- Bug 2274 - Default server only binds to one IP address of host if
the --enable-ipv6 configure option is used. ProFTPD will now properly
bind to all addresses for the default "server config" server.
- Bug 2048 - Add ability to get configuration file values from environment.
For example, you can now have the following in your proftpd.conf:
DefaultAddress %{env:PR_DEFAULT_ADDR}
which indicates to ProFTPD's configuration parser to get the value of
the PR_DEFAULT_ADDR environment variable, and substitute it in, e.g.:
PR_DEFAULT_ADDR=1.2.3.4 ./proftpd ...
If the indicated environment variable is not present, the value is
substituted with the empty string.
- Bug 1635 - Older systems' chown(1) does not support -h option. The solution
is to prevent this error from stopping the 'make install' process, as it
is a harmless error on such systems.
- Bug 2290 - gmtime() static storage may be overwritten by modules.
- Bug 2288 - ServerFQDN set to 255.255.255.255 and not hostname.
- Added mod_quotatab to the contrib area.
- Bug 2300 - poll() returns 1 and read returns 0, resulting in an inifinite
loop. The actual bug was caused by a goto that was being inappropriately
used; a return value was not being checked to see if it was an error value.
- Bug 2305 - Compile Problems since > 1.2.9
Fix the build under Solaris - ftpdctl needs to be linked against libsocket
and libnsl.
- Bug 2267 - Broken IP subnet matching. Added new ACL parsing/matching code.
- Bug 2307 - MySQL 4.1.1 API change causes mod_sql_mysql compilation failure.
- Bug 2319 - Build scripts have owner-only execute permission. This was
causing problems whenever a user other than the owner of the files
attempted to build proftpd.
- Bug 2320 - autoconf check for socklen_t doesn't work on FreeBSD 4.8-RELEASE.
The fix is to include <sys/types.h>, if present, sooner in the check.
- Bug 1925 - Clean up of Class code. The Class and Classes directives are
now deprecated. See README.classes for more details.
- Bug 2295 - mod_tls returns multiline response to AUTH commands.
- Bug 2322 - NLST -a returns listing formatted for LIST -a. RFC959 does not
explicitly allow dash-style options for LIST or NLST, although many clients
attempt to use them. De facto FTP server behaviors handle options for LIST;
options for NLST will be explicitly rejected.
- Bug 2315 - Overlapping virtual server causes error. If a <VirtualHost>
was configured to handle the same IP address and port as the "server config"
server, the wrong server configuration was being removed.
- Bug 2324 - Directories whose names contain whitespace are inaccessible.
- Bug 2306 - ftpcount output should handle case of no users. When no clients
are connected, ftpcount now displays "0 users".
- Bug 2337 - TLSRenegotiate parameters not processed correctly.
- Bug 2340 - Problem with parallel builds. Proper dependencies added when
building ftpwho and ftptop.
- Bug 2327 - SQLNegativeCache causes unnecessary errors in server logging.
- Bug 2237 - HiddenStores does not check for existing file in edge case.
- Bug 2171 - Add delete options to ftpasswd. The ftpasswd script now
supports the --delete-user and --delete-group options.
- Bug 2105 - Remove Authoritative directives. The AuthPAMAuthoritative
directive, and the "*" syntax of SQLAuthenticate, have been deprecated.
- Bug 1696 - Include directive should support directories. The Include
directive now functions just like Apache's Include directive, including
handling glob characters.
- Bug 2311 - MaxClients counts unauthenticated users. According to the
documentation, the MaxClients configuration directive should only count
authenticated clients.
- Bug 2339 - STAT command doesn't follow RFC959. Previously, ProFTPD did
not support use of the STAT command during file transfers. This
functionality is now implemented. Sites wishing to prevent this can
limit use of the STAT command by using <Limit STAT>.
- Bug 2257 - Add SITE SYMLINK command to mod_site. Rather than adding
this command to the mod_site module, a new module, mod_site_misc, has
been added to the contrib area. The mod_site_misc module implements
SITE SYMLINK, and a few other SITE commands. See contrib/mod_site_misc.html
for details.
- Bug 2355 - Send error message to client when 'TLSRequired on' is in effect.
Previously, if SSL/TLS was configured to be required for both control
and data channels, if the client did not perform the SSL/TLS handshake for
a data transfer, the connection would hang. Now, an error message is sent
to the client if no handshake is done.
- Bug 2353 - REST doesn't handle offsets greater than 2 GB.
- Bug 2357 - ftptop should use COLS for determining display width.
- Bug 2321 - FTP permission checks inconsistent for DELE and RMD/XRMD when
symlink is in directory path. This bug affected the RNFR command as well.
- Bug 2361 - Second USER command causes problems with chrooted session.
- Bug 2363 - ABOR response RFC 959 compliance. The 226 response was being
sent before closing the data connection; RFC 959 implies that the data
connection is closed first.
- Bug 2369 - EPSV should not send network address when MasqueradeAddress is
used. RFC 2428 does not address the case where a server may wish to
return an address in the EPSV response that differs from the control
connection address, as is done in a PASV response for forwarding devices
(e.g. NAT, firewall). Until the proper behavior can be determined,
do not honor MasqueradeAddress for EPSV.
- Bug 2367 - LIST *.* strange behaviour. The builtin listing mechanism
was inadvertently recursing into globbed directories when recursion was
not actually requested.
- Bug 2371 - ftpasswd should have option to compare password against value
in passwd file. ftpasswd now supports a --not-previous-password option.
- Added a `howto' directory under `doc/', for mini-HOWTOs.
- Bug 2221 - proftpd on hp-ux 11.22. The default data type of socklen_t
on HP-UX 11 is problematic; many system calls expect an int, and the
default type is a size_t. This mismatch causes problems for 64-bit
builds.
- Bug 2385 - Renames fail with error "Invalid cross-device link".
- Bug 2383 - mod_ctrls.c: ctrls_listen(): Invalid size in bind() argument.
The size of struct sockaddr_un is not consistent across platforms.
- Bug 2387 - PRIVS_USER macro should set effective GID to user's primary GID.
- Added a `modules/' directory under `doc/', for core module documentation.
Currently there are HTML docs for mod_auth_file, mod_cap, and mod_ctrls.
- Bug 2317 - Wrong order of privs calls on HP generates "unable to setregid()"
error.
|
|
|
|
vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating
an IPSec-like connection as a tunneling network device for the
local system.
This is a slightly changed version of the pkgsrc-wip/vpnc (by me ;)).
|
|
No vulnerability exists because of this, but I think
it is best to have this applied. (However, no entry
in the vulnerabilities file will be added.)
|
|
a build failure reported by build builds.
And while here, suppress GCC3 warnings by doing s/log()/xlog()/.
|
|
in private email.
|
|
changed again (see previous commit) and to avoid breakage for people
who have the old distfile.
|
|
|
|
|
|
|
|
|
|
Changes:
Some bugs fixed; http:authorization setting added.
- made http:cache-control host specific; added hftp:cache-control.
- new setting http:authorization.
- fixed sftp and fish protocols working with FreeBSD servers.
- fixed transfer of zero length files when modification time is not known.
- fixed put over fish protocol when source file grows.
- fixed a core dump in FXP transfer mode.
|
|
|
|
o Fixes for two Denial of Service vulnerabalities
(CVE ID# CAN-2004-0807 & CAN-2004-0808).
o Winbind failure to return user entries under certain conditions.
o Syntax errors in the OpenLDAP schema file (samba.schema).
o Printing errors caused by not setting default values for the various
printing commands.
* Disable 'winbind enable local accounts' by default.
o Schannel failure in winbindd.
o Incompatibilities between the 'write list' and 'force user' smb.conf
options.
o Premature optimization of the open_directory() internal function that
broke tools such as the ArcServe backup agent, Macromedia HomeSite,
and Robocopy.
o Sharing violation errors commonly seen when opening when serving
Microsoft Office documents from a Samba file share.
o Browsing problems caused by an apostrophe (') in the computer's
description field.
o Problems creating special file types from UNIX CIFS clients and
enabling 'unix extensions'.
o Fix stalls in smbd caused by inaccessible LDAP servers.
o Remove various memory leaks.
o Fix issues in the password lockout feature.
o Using a cups server other than localhost.
o Maintaining the service principal entry in the system keytab for
integration with other kerberized services. Please refer to the
'use kerberos keytab' entry in smb.conf(5). When using the heimdal
kerberos libraries, you must also specify the following in /etc/krb5.conf:
[libdefaults]
default_keytab_name = FILE:/etc/krb5.keytab
o Support for maintaining individual printer names stored separately
from the printer's sharename.
o Support for maintaining user password history.
o Support for honoring the logon times for user in a Samba domain.
* Reintroduce 'force unknown acl user' parameter. When getting a security
descriptor for a file, if the owner sid is not known, the owner uid is
set to the current uid. Same for group sid.
|
|
Remove NOT_FOR_PLATFORM line.
|
|
|
|
WINS modules. Fix from PR pkg/26640 by John Benninghoff with
modifications by me.
|
|
|
|
if_ieee80211.h header file.
|
|
check and set PKG_FAIL_REASON to get a better error msg
|
|
2. py-soappy needs a threaded Python
1+2: we need threads
|
|
|
|
|
|
|
|
Add dante to CONFLICTS as they install files with the same name (dante already
has socks4 in its own CONFLICTS).
|
|
|
