| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Changes from 3.1.7 include:
* Fixed CVE-2009-4009 and CVE-2009-4010
* Improved error messages when parsing zones
* Resilience against whitespace in configuration
* Performance increase
|
|
Changes from dnsmasq-2.51 include
* More conservative in detecing "A for A" queries
* Increased default number of leases to 1000
* Added support for RFC3925 "Vendor-Identifying Vendor Options"
* Default DNS packet size now 4096 as recommended by RFC5625
|
|
- Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
- Babi discovered several buffer overflows in the LWRES
dissector.
The following bugs have been fixed:
- Wireshark could crash while decrypting Kerberos data.
- Address display filters hang Wireshark. (Bug 658)
- PSML - structure context node missing. (Bug 1564)
- Wireshark doesn't dynamically update the packet list. (Bug 1605)
- LUA: There's no tvb_get_stringz() equivalent. (Bug 2244)
- tvb_new_real_data is prone to memory leak. (Bug 3917)
- Malformed OPC UA traffic makes Wireshark "freeze". (Bug 3986)
- Analyze->Expert... doesn't show IP "Bad Checksum" errors. (Bug 4177)
- Wireshark can't decrypt WPA(2)-PSK when passphrase is 63
bytes. (Bug 4183)
- RTP stream analysis: Wrong jitter values after clicking the
refresh button. (Bug 4340)
- Wireshark decodes bootp option 2 incorrectly. (Bug 4342)
- Deleting SMI modules causes Wireshark to crash. (Bug 4354)
- Wireshark decodes kerberos AS-REQ PADATA incorrect. (Bug 4363)
- PDML output from TShark includes invalid characters. (Bug 4402)
- Empty GPRS LLC S frames cause truncated data exception. (Bug 4417)
- Updated Protocol Support
BJNP, BOOTP/DHCP, DHCPv6, FIP, GPRS LLC, IEEE 802.11, IP,
Kerberos, OPCUA, SCTP, SSL, ZRTP
|
|
* Security fixes for fts in the internal ls.
Received from OpenBSD via US-CERT as VU #590371.
* Portability improvements.
* Add support for Tru64 Security Integration Architecture (SIA) authentication.
* Fix shadow password expiry check for users with large sp_max values.
|
|
|
|
|
|
|
|
* A number of bugs in KIO have been squashed, making updating of shown
directories work again and solving some other stability issues
* A crash when creating an avatar from the webcam in Kopete has been fixed
* kded taking 100% CPU time in certain situations has been cured
|
|
|
|
|
|
platforms that don't have MSG_NOSIGNAL like Solaris.
|
|
Identified by parsing the NetBSD-i386-5.0.1/2009Q3 pkg_summary files
and Robert Elz.
|
|
HTTP keep-alive support
|
|
Push \r\n up to the users of fetch_putln and remove it. Use send instead
of write(v) to avoid SIGPIPE.
|
|
|
|
|
|
Based on PR#42657 by Wen Heping.
1.2.4 2008-12-16
* Add charset and set_charset methods , as well as
the new attributes GeoIP.GEOIP_CHARSET_ISO_8859_1 and
GeoIP.GEOIP_CHARSET_UTF8 ( Boris Zentner )
* Add test_city_charset.py script showing howto use
charset and set_charset ( Boris Zentner )
* Add last_netmask ( Boris Zentner )
* Fix compile warnings ( Boris Zentner )
* fix small memoryleak in database_info, org_by_name and org_by_addr ( Boris Zentner )
* fix version number in setup.py ( Boris Zentner )
* remove dma_code from test_city.py example ( Boris Zentner )
1.2.3 2008-09-11
* update test.py - replace www.government.de with www.bundestag.de.
Add range_by_ip example. ( Boris Zentner )
* Add range_by_ip - returns largest start and stop ip for any ip.
Remember to use a IP not a name ( Boris Zentner )
* Add metro_code as a alias for the depreciated dma_code ( Boris Zentner )
1.2.2 2008-08-13
* Update test_city.py and test_region.py ( Boris Zentner )
* Add region_name to GeoIPRegion ( Boris Zentner )
* Add database_info and database_edition attributes to GeoIP object
(James Henstridge)
* Add region_name and time_zone keys to GeoIPRecord wrapper (James
Henstridge).
* Export the country list, country code -> country name mapping, and
country->continent mapping ( Ignacio Vazquez-Abrams )
* Raise country code counter from 251 to 253 ( Boris Zentner )
!! record_by_addr and record_by_name return None instead of throwing a
exception. See test_city.py ( Boris Zentner )
* Add a py_geoip.error Exception object. (Boris Zentner)
* Export the country list, country code -> country name mapping, and country->continent
mapping ( Ignacio Vazquez-Abrams )
* Changed license to LGPL from GPL
|
|
Use connection cache (one per host, up to 16 hosts).
Rename some parameters to avoid shadowing a global variable.
|
|
Revamp FTP connection cache. Move it to the common layer to be later
shared with HTTP (for persistent connection). The application controls
how much caching is desired. Drop the reference counting on connections.
Add a callback when the cached connection is dropped due to LRU.
Over all, this allows more than one session cached per host and sessions
cached to different servers.
|
|
|
|
|
|
BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3. It addresses a
potential cache poisoning vulnerability, in which data in the additional
section of a response could be cached without proper DNSSEC validation.
Changes since 9.4.3-P3:
2772. [security] When validating, track whether pending data was from
the additional section or not and only return it if
validates as secure. [RT #20438]
BIND 9.4.3-P5 is a SECURITY PATCH for BIND 9.4.3. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.4.3-P4:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
|
|
BIND 9.5.2-P2 is a SECURITY PATCH for BIND 9.5.2. It addresses two
potential cache poisoning vulnerabilities, both of which could allow
a validating recursive nameserver to cache data which had not been
authenticated or was invalid.
CVE identifiers: CVE-2009-4022, CVE-2010-0097
CERT advisories: VU#418861, VU#360341
Changes since 9.5.2-P1:
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
|
|
this switches to the Gnome-2.28 branch
|
|
|
|
behaviour, although I don't see any use in the pkgsrc ecosystem),
and propagate it properly
|
|
o Directory authority changes:
- Rotate keys (both v3 identity and relay identity) for moria1
and gabelmoo.
o Major bugfixes:
- Stop bridge directory authorities from answering dbg-stability.txt
directory queries, which would let people fetch a list of all
bridge identities they track. Bugfix on 0.2.1.6-alpha.
|
|
**** 0.66 Dec 30, 2009
Feature Truncation for Nameserver
fixes rt.cpan.org #33547 and #42744
TAKE CARE:
this feature may cause unexpected behavior for your nameservers
and can be turned off by setting Truncate to 0 during the creation
of the nameserver.
my $ns = Net::DNS::Nameserver->new(
Truncate => 0,
);
Net::DNS::Packet::truncate is a new method that is called from
within Net::DNS::Nameserver that truncates a packet according to
the rules of RFC2181 section 9.
Acknowledgement Aaron Crane for an elegant test and for
inspiration for a direction.
Feature: Added Net::DNS::Domain
Net::DNS::Domain is an attemt to consistently approach the various
ways we interface with what RFC 1035 calls <domain-name>.
The class and its test script t/02-domain.t are included to be
exposed to various architectures.
The class and its methods may be subject to change, both in terms of
naming and functionality.
A contribution by Dick Franks
Fix improved fuzzy matching of CLASS and TYPE in the Question
constructor method.
A contribution by Dick Franks.
Fix rt.cpan.org #43770
Update->rr_del() was reported broken for AAAA after 0.65.
The same bug also occured in HINFO RR.
Fix rt.cpan.org #43765
Code inconsistent with documentation for loop_once.
Note: Keeping timeout undefined in loop_once will now block until
something arrived on the socket.
Fix rt.cpan.org #47050
Fixed logic error in bgsend socket acquisition code.
Fix rt.cpan.org #47265 (partial)
Frequently Net:DNS under Windows XP has a UDP problem which is
caused by a buggy implementation of SOCKS under Windows.
One liner added to not continue UDP processing when that happens.
Feature KX RR
Added support for the KX RR, RFC2230
The implementation is trivial since the KX inherets almost all of
its functionality by inheritance from the MX RR.
Fix NSAP RR string representation
RFC1706 specifies the masterfile format to have a leading "0x" and
optional dot. This was not how the RR was represented with the
rdatastr method (and hence string and print).
Fix rt.cpan.org #52307 AAAA v4compat parsing bug
Acknowledgement: BLBLACK
Fix AAAA dynamic update
Dynamic update of AAAA caused FORMERR on the prerequisite caused
by AAAA creating rdata even when an address whas never specified.
This fix may cause difference in behavior for people who expect a
NULL address ("::") when creating a AAAA without an address
specified.
Feature HIP RR
Added support for the HIP RR, RFC5205
perldoc Net::DNS::RR::HIP for more information.
Feature DHCID RR
Added rudimentary support for the DHCID RR.
Fix rt.cpan.org #50883
This is basically #11931 but for cygwin.
Codepath in Cygwin and Win32 are now the same. This adds a
dependency in cygwin.
Acknowledgements "mikaraento"
Fix rt.cpan.org #45407 and #43190
Fixed escaping of semicolon.
Note a change in behavior:
For TXT and SPF the rdatastr method (and therefore the
print, and string method) returns the escaped format while the
chr_str_list method will return unescaped format.
Fix rt.cpan.org #43393
Typo in 01-resolver.t
Fix rt.cpan.org #43273
Added check for unitialized opcode in headermask in
Nameserver.pm
Fix rt.cpan.org #46635
Minor documentation error in opt.pm
Fix rt.cpan.org #51009
Fixed handling of empty string in Net::DNS::stripdot.
Elegant one-liner supplied by JMEHNLE.
Fix rt.cpan.org #49035
Comment parsing fixed: Semicolon in character string blocks (such
as in TXT and NPTR) were only recognized when escaped.
Also fixed the NAPTR regular expression to not interpret
"bla' 'foo" as two strings bla and foo, but as one: bla' 'foo
Fix cd flag settings
Resolver bug and fix reported by Jon Haidu.
|
|
|
|
*******************
* GUPnP IGD 0.1.6 *
*******************
- Add python bindings
*******************
* GUPnP IGD 0.1.5 *
*******************
- Use the new GUPnP Context Manager from GUPnP 0.13
*******************
* GUPnP IGD 0.1.4 *
*******************
- Make it compatible with the 0.13 API (does not yet use GUPnPContextManager)
- Bug fixes
|
|
|
|
0.13.2
======
Changes since 0.13.1:
- Utilize libconic (Maemo5) if available.
- Unix context manager must signal the unavailibility of all contexts when
disposed.
- Enable silent build rules if they are available.
- Fix race-conditions in client-side notification handling.
- Unix context manager ignores point-to-point interfaces.
- Context manager ignores interfaces without IP addresses.
- Don't require timeouts to be specified in subscription requests.
- Fix build against gcc 4.[1,2].
- Make network manager thread-safe.
- Remove idle source on dispose in context manager implementations.
- Warn in docs that gupnp_service_info_get_introspection() is evil and why.
- Service retrieves introspection data in truly async way.
- Fix some leaks.
- A bunch of code clean-ups.
All contributors:
Olivier Crête <olivier.crete@collabora.co.uk>
Zeeshan Ali (Khattak) <zeeshanak@gnome.org>
Ross Burton <ross@linux.intel.com>
Jens Georg <mail@jensge.org>
Cem Eliguzel <celiguzel@ubicom.com>
Bugs fixed:
1890 - Timeout parsing problem with SUBSCRIBE method
1880 - subscription/notification handling is racy
1906 - Tests failed with gupnp 0.13
1849 - Compile error when using gcc 4.[1,2] and strict aliasing
1494 - Ability to deal with multiple network interfaces
1881 - networkmanager interaction should use its own dbus connection
0.13.1
======
Changes since 0.13:
- Use unix context manager if NetworkManager service is not available.
- Fix some minor leaks.
All contributors:
Zeeshan Ali (Khattak) <zeeshanak@gnome.org>
Ross Burton <ross@linux.intel.com>
0.13
====
Changes since 0.12.8:
- Print reason when fail to fetch description doc
- Support for dynamic/multiple networks through a new class, ContextManager.
This class creates/destroys new context as new network interfaces go up/down.
It also provides two convenient methods to take care of control point and
device reference managment for you. Currently we have two implementations of
context manager:
* unix: The static but guaranteed to work on Unix, implementation. This is the
default if none chosen at configure-time.
* network-manager: A NetworkManager based implementation.
- Idle handlers should use the assigned GMainContext.
- Gracefully handle 'no root element in description' scenerio.
- "host-ip" property moved from GUPnPContext to parent GSSDPClient.
- ControlPoint set itself inactive before getting disposed.
- New function to retrieve the capabilities of a DLNA device as announced in
the device description.
- New function to retrieve the content of arbitrary elements in the device
description.
- Fixed a crash that happens when service-proxy goes down before subscribtion to
it completes.
- Correct condition for SID being NULL.
- Don't create redundant proxies.
- Must not announce earlier versions of resources. This is strictly forbidden
according to the latest UPnP specs. Instead GSSDP now handles M-SEARCH
requests independent of version requested.
- Free app developer from hosting of description documents.
- New API to get SoupMessage associated with ServiceAction.
- Handle the SOAPAction header being missing.
- Fixed strrchr result checking.
- Provide and use a wrapper class for xmlDoc objects, GUPnPXMLDoc that is a
first-class gobject.
- New domains for XML errors.
- Many other minor fixes.
Bugs fixed:
1626 - Print reason when fail to fetch description doc
1769 - audit issues
1760 - missing/invalid SOAPAction header crashes gupnp
1705 - Provide a public API to get information about a GUPnPServiceAction's HTTP
request
Dependencies changed:
- gssdp >= 0.7
All contributors:
Zeeshan Ali (Khattak) <zeeshanak@gnome.org>
Ross Burton <ross@linux.intel.com>
Sven Neumann <s.neumann@raumfeld.com>
Jens Georg <mail@jensge.org>
Steven Dorigotti <steven.dorigotti@tvblob.com>
WARNING: This release is API and ABI incompatible with previous releases.
|
|
0.7.1
=====
- Don't leak target regex.
- Make GSSDPClient ignore Point to Point interfaces.
- Use SO_REUSEPORT if present. Darwin and some BSDs don't have SO_REUSEADDR, but
SO_REUSEPORT.
- If we can't create a request socket don't try to create a multicast socket.
- Have specific GError code for interfaces without an IP address.
- Actually remove gssdp_client_new_full().
Bugs fixed:
1898 - GSSDPClient keeps autoselecting my VPN
1810 - Not possible to run multiple ssdp clients on darwin
1800 - leak of a gregex in gssdp-resource-browser
1796 - gssdp_client_new_full is declared in header but not implemented
All contributors:
Olivier Crête <olivier.crete@collabora.co.uk>
Ross Burton <ross@linux.intel.com>
Iain Holmes <iain@linux.intel.com>
Mattias Wadman <mattias.wadman@gmail.com>
Zeeshan Ali (Khattak) <zeeshanak@gnome.org>
0.7
===
- Join the multicast group on the specified interface.
- Put the message src timeout in the specified GMainContext.
- "host-ip" property moved from GUPnPContext to parent GSSDPClient.
- Use inet_aton instead of inet_addr and handle the error from it.
- gssdp-device-sniffer ported to GtkBuilder.
- Version-independent target match. This makes client forward and backward
compatible with resources that implement different version of the specs than
the client.
- Version-independent M-SEARCH response. This has the same effect as above but
only the other way around.
- GSSDPClient now binds to interface rather than IP.
- No need to find the default route.
- Add "active" property to GSSDPClient.
- Fix pkg-config paths.
- Add basic .gitignore.
- Other minor/internal changes.
Bugs fixed:
1621 - new gssdp timeout not added to the specific maincontext
1570 - gupnp doesn't set the pkgconfig lib dir correctly in 64 bit env
Dependencies dropped:
- libglade
All contributors:
Zeeshan Ali (Khattak) <zeeshanak@gnome.org>
Ross Burton <ross@linux.intel.com>
Jens Georg <mail@jensge.org>
Olivier Crête <olivier.crete@collabora.co.uk>
WARNING: This release is API and ABI incompatible with previous releases.
|
|
--- 9.6.1-P3 released ---
2831. [security] Do not attempt to validate or cache
out-of-bailiwick data returned with a secure
answer; it must be re-fetched from its original
source and validated in that context. [RT #20819]
2828. [security] Cached CNAME or DNAME RR could be returned to clients
without DNSSEC validation. [RT #20737]
2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
|
|
too many changes to list here - our last version was from 2006
|
|
(because we don't have nss support for it, and it conflicts with
"mdnsd" on NetBSD-current)
bump PKGREVISION
|
|
|
|
|
|
NEW: afpd: Time Machine support with new volume option "tm".
FIX: papd: Remove variable expansion for BSD printers. Fixes
CVE-2008-5718.
FIX: afpd: .AppleDxxx folders were user accessible if option 'usedots'
was set
FIX: afpd: vetoed files/dirs where still accessible
FIX: afpd: cnid_resolve: don't return '..' as a valid name.
FIX: uniconv: -d option wasn't working
|
|
linux anyway). Fixes PR pkg/42622.
|
|
|
|
|
|
|
|
|
|
pkgsrc changes:
- Adding dependency to p5-XML-LibXML>=1.70
Upstream changes:
0.72 Sunday December 13, 2009, 09:45:00 PM -0700
* Makefile.PL
* t/40_server_xmllibxml.t
RT #52662: Fix requirement specification for XML::LibXML.
* lib/RPC/XML.pm
Some more clean-up of the docs, removing a redundant section.
0.71 Monday December 7, 2009, 08:00:00 PM -0700
* MANIFEST
* t/01_pod.t (deleted)
* t/02_pod_coverage.t (deleted)
* t/03_meta.t (deleted)
* t/04_minimumversion.t (deleted)
* t/05_critic.t (deleted)
* xt/01_pod.t (added)
* xt/02_pod_coverage.t (added)
* xt/03_meta.t (added)
* xt/04_minimumversion.t (added)
* xt/05_critic.t (added)
Moved author-only tests to xt/, updated MANIFEST.
* MANIFEST
Add test suite 28_parser_bugs_50013.t, which was omitted from
last release.
* xt/01_pod.t
* xt/02_pod_coverage.t
* xt/03_meta.t
* xt/04_minimumversion.t
* xt/05_critic.t
Re-engineered the author-only/release tests, since they're no
longer in the t/ directory and thus should not interfere.
0.70 Sunday December 6, 2009, 10:00:00 PM -0700
* lib/RPC/XML.pm
* t/10_data.t
RT #49406: Make Base64 data-type allow zero-length data.
* lib/RPC/XML.pm
* t/10_data.t
Hand-applied a patch (most likely from Bill Moseley) to extend
the construction of dateTime.iso8601 data-types.
* t/40_server.t
Fixed another corner-case for the url() test.
* lib/RPC/XML.pm
Fixed a case from previous work that caused "undef" warnings.
* lib/RPC/XML.pm
* lib/RPC/XML/Parser.pm
* t/28_parser_bugs_50013.t
RT #50013: Restore backwards-compatibility for projects that
use RPC::XML::Parser directly.
* lib/RPC/XML/Procedure.pm
RT #50143: Incorrectly called server_fault() as if it were a
coderef.
* lib/Apache/RPC/Server.pm
Applied patch from Frank Wiegand to fix a POD problem.
* lib/RPC/XML.pm
Some additional regexp issues on dateTime.iso8601, to handle
backwards-compatibility.
* lib/RPC/XML/ParserFactory.pm
Fixed some minor doc errors.
* lib/RPC/XML/Parser/XMLParser.pm
Moved the 'require' of some libraries to the point where they
are first needed, to delay loading until/unless necessary.
* lib/RPC/XML/Parser/XMLLibXML.pm (added)
* t/21_xml_libxml.t (added)
* t/29_parserfactory.t
* t/40_server_xmllibxml.t (added)
Implement support for XML::LibXML in the parser-factory.
|
|
Changelog:
* Implement missing tab creation from context menu
* *nix: Reduce flicker on tab creation
* Set initial focus in chmod dialog to input box for numeric value
* Correct handling of unexpected closure of SFTP connection
* New tab context menu, can be used to close or refresh current tab or to close all but the current tab.
* *nix, OS X: Display sort indicators in filelist header control
* Remember size of dialog showing all files opened for editing
* Add refresh item to filelist context menus
* Scroll treeview horizontally if needed to keep item in view on changing directories
* Fix crash of fzsftp if server closes connection
* Successfully downloaded update file is no longer deleted if user cancels the finish page of the update check wizard
* Do not retry connecting if not trusting certificate on FTP over TLS connections
* Better reporting of handshake failures on FTP over TLS connections
* *nix: Check for xdg-open. This program from the xdg-utils is an indirect runtime dependency. It is used by wxWidgets to open URLs in the default browser
* Refactored most of the tabbing code
* Use proper address type on SOCKS proxies
* Add missing default button in bookmarks dialog
|
|
The connection sharing didn't handle the case of active transfers
correctly and tried to close the connection in that case (PR 42607).
Correctly check if there is a transfer going on and just leave the
connection alone in that case.
|
|
While here set the license to "gnu-gpl-v2".
|
|
|
