| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.125
- net/wireshark/distinfo 1.77
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Sep 17 22:32:18 UTC 2014
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.10.10. Changes since 1.10.9:
- The following vulnerabilities have been fixed.
* wnpa-sec-2014-12
RTP dissector crash. (Bug 9920) CVE-2014-6421
CVE-2014-6422
* wnpa-sec-2014-13
MEGACO dissector infinite loop. (Bug 10333)
CVE-2014-6423
* wnpa-sec-2014-14
Netflow dissector crash. (Bug 10370) CVE-2014-6424
* wnpa-sec-2014-17
RTSP dissector crash. (Bug 10381) CVE-2014-6427
* wnpa-sec-2014-18
SES dissector crash. (Bug 10454) CVE-2014-6428
* wnpa-sec-2014-19
Sniffer file parser crash. (Bug 10461)
CVE-2014-6429 CVE-2014-6430 CVE-2014-6431
CVE-2014-6432
- The following bugs have been fixed:
* Wireshark can crash during remote capture (rpcap)
configuration. (Bug 3554, Bug 6922,
ws-buglink:7021)
* MIPv6 Service Selection Identifier parse error. (Bug
10323)
* 802.11 BA sequence number decode is broken. (Bug 10334)
* TRILL NLPID 0xc0 unknown to Wireshark. (Bug 10382)
* Wrong decoding of RPKI RTR End of Data PDU. (Bug 10411)
* Misparsed NTP control assignments with empty values.
(Bug 10417)
* 6LoWPAN multicast address decompression problems. (Bug
10426)
* GUI Hangs when Selecting Path to GeoIP Files. (Bug
10434)
* 6LoWPAN context handling not working. (Bug 10443)
* SIP: When export to a CSV, Info is changed to differ.
(Bug 10453)
* Typo in packet-netflow.c. (Bug 10458)
* UCP dissector bug of operation 30 - data not decoded.
(Bug 10464)
- Updated Protocol Support
6LoWPAN, DVB-CI, IEEE 802.11, MEGACO, MIPv6, Netflow, NTP, OSI,
RPKI RTR, RTP, RTSP, SES, SIP, and UCP
- New and Updated Capture File Support
DOS Sniffer, and NetScaler
To generate a diff of this commit:
cvs rdiff -u -r1.124 -r1.125 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.76 -r1.77 pkgsrc/net/wireshark/distinfo
|
|
net/socat: security update
Revisions pulled up:
- net/socat/Makefile 1.32
- net/socat/distinfo 1.20
- net/socat/patches/patch-aa deleted
- net/socat/patches/patch-configure 1.2
- net/socat/patches/patch-mytypes.h 1.2
---
Module Name: pkgsrc
Committed By: rodent
Date: Sun Sep 7 23:24:56 UTC 2014
Modified Files:
pkgsrc/net/socat: Makefile distinfo
pkgsrc/net/socat/patches: patch-configure patch-mytypes.h
Removed Files:
pkgsrc/net/socat/patches: patch-aa
Log Message:
Update to latest stable, 1.7.2.4, which is supposed to resolve CVE-2014-0019.
patches/patch-aa seems to have been committed upstream. Passing readline
location to configure and fixing CCOPTS in Makefile.in seems to not be
necessary anymore. From CHANGES:
####################### V 1.7.2.4:
corrections:
LISTEN based addresses applied some address options, e.g. so-keepalive,
to the listening file descriptor instead of the connected file
descriptor
make failed after configure with non gcc compiler due to missing
include.
configure checked for --disable-rawsocket but printed
--disable-genericsocket in the help text.
In xioshutdown() a wrong branch was chosen after RECVFROM type addresses.
Probably no impact.
procan could not cleanly format ulimit values longer than 16 decimal
digits. Thanks to Frank Dana for providing a patch that increases field
width to 24 digits.
OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with
"Invalid argument"
Changed some variable definitions to make gcc -O2 aliasing checker happy
On big endian platforms with type long >32bit the range option applied a
bad base address.
Red Hat issue 1022070: missing length check in xiolog_ancillary_socket()
Red Hat issue 1022063: out-of-range shifts on net mask bits
Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4()
Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy()
uses
Red Hat issue 1021958: fixed a bug with faulty buffer/data length
calculation in xio-ascii.c:_xiodump()
Red Hat issue 1021972: fixed a missing NUL termination in return string
of sysutils.c:sockaddr_info() for the AF_UNIX case
fixed some typos and minor issues, including:
Red Hat issue 1021967: formatting error in manual page
UNIX-LISTEN with fork option did not remove the socket file system entry
when exiting. Other file system based passive address types had similar
issues or failed to apply options umask, user e.a.
porting:
Red Hat issue 1020203: configure checks fail with some compilers.
Use case: clang
Performed changes for Fedora release 19
Adapted, improved test.sh script
Red Hat issue 1021429: getgroupent fails with large number of groups;
use getgrouplist() when available instead of sequence of calls to
getgrent()
Red Hat issue 1021948: snprintf API change;
Implemented xio_snprintf() function as wrapper that tries to emulate C99
behaviour on old glibc systems, and adapted all affected calls
appropriately
Mike Frysinger provided a patch that supports long long for time_t,
socklen_t and a few other libc types.
Artem Mygaiev extended Cedril Priscals Android build script with pty code
The check for fips.h required stddef.h
Check for linux/errqueue.h failed on some systems due to lack of
linux/types.h inclusion.
autoconf now prefers configure.ac over configure.in
type of struct cmsghdr.cmsg is system dependend, determine it with
configure; some more print format corrections
docu:
libwrap always logs to syslog
added actual text version of GPLv2
####################### V 1.7.2.3:
security:
CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
overflow with data from command line (see socat-secadv5.txt)
|
|
net/haproxy: security update
Revisions pulled up:
- net/haproxy/Makefile 1.13-1.15
- net/haproxy/PLIST 1.5
- net/haproxy/distinfo 1.9-1.11
- net/haproxy/options.mk 1.1
- net/haproxy/patches/patch-aa 1.5
- net/haproxy/patches/patch-ab deleted
- net/haproxy/patches/patch-standard_h 1.1
---
Module Name: pkgsrc
Committed By: fhajny
Date: Mon Jul 14 15:30:10 UTC 2014
Modified Files:
pkgsrc/net/haproxy: Makefile PLIST distinfo
pkgsrc/net/haproxy/patches: patch-aa
Added Files:
pkgsrc/net/haproxy: options.mk
pkgsrc/net/haproxy/patches: patch-standard_h
Removed Files:
pkgsrc/net/haproxy/patches: patch-ab
Log Message:
Update haproxy to 1.5.2. Introduce support for OpenSSL, PCRE and Zlib.
1.5.2
-----
Two extra important issues were discovered since 1.5.1 which were fixed
in 1.5.2. The first one can cause some sample fetch combinations to fail
together in a same expression, and one artificial case (but totally
useless) may even crash the process. The second one is an incomplete
fix in 1.5-dev23 for the request body forwarding. Hash-based balancing
algorithms and http-send-name-header may fail if a request contains
a body which starts to be forwarded before the contents are used.
A few other bugs were fixed, and the max syslog line length is now
configurable per logger.
1.5.1
-----
Version 1.5.1 fixes a few bugs from 1.5.0 among which a really annoying
one which can cause some file descriptor leak when dealing with clients
which disappear from the net, resulting in the impossibility to accept
new connections after some time.
1.5.0
-----
1.5 expands 1.4 with many new features and performance improvements,
including native SSL support on both sides with SNI/NPN/ALPN and OCSP
stapling, IPv6 and UNIX sockets are supported everywhere, full HTTP
keep-alive for better support of NTLM and improved efficiency in
static farms, HTTP/1.1 compression (deflate, gzip) to save bandwidth,
PROXY protocol versions 1 and 2 on both sides, data sampling on
everything in request or response, including payload, ACLs can use
any matching method with any input sample maps and dynamic ACLs
updatable from the CLI stick-tables support counters to track
activity on any input sample custom format for logs, unique-id,
header rewriting, and redirects, improved health checks (SSL,
scripted TCP, check agent, ...), much more scalable configuration
supports hundreds of thousands of backends and certificates without
sweating.
Full changelog for the 1.5 branch:
http://www.haproxy.org/download/1.5/src/CHANGELOG
---
Module Name: pkgsrc
Committed By: fhajny
Date: Sun Jul 27 16:33:36 UTC 2014
Modified Files:
pkgsrc/net/haproxy: Makefile distinfo
Log Message:
Update haproxy to 1.5.3.
2014/07/25 : 1.5.3
- DOC: fix typo in Unix Socket commands
- BUG/MEDIUM: connection: fix memory corruption when building a proxy
v2 header
- BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
- DOC: mention that Squid correctly responds 400 to PPv2 header
- BUG/MINOR: http: base32+src should use the big endian version of base32
- BUG/MEDIUM: connection: fix proxy v2 header again!
---
Module Name: pkgsrc
Committed By: morr
Date: Fri Sep 12 21:37:38 UTC 2014
Modified Files:
pkgsrc/net/haproxy: Makefile distinfo
Log Message:
Update to version 1.5.4.
Changes:
- BUG: config: error in http-response replace-header number of arguments
- BUG/MINOR: Fix search for -p argument in systemd wrapper.
- BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm
- BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
- MEDIUM: connection: add new bit in Proxy Protocol V2
- BUG/MINOR: server: move the directive #endif to the end of file
- BUG/MEDIUM: http: tarpit timeout is reset
- BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
- BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
- BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
- BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg()
- BUG/MEDIUM: acl: correctly compute the output type when a converter is used
- CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
- BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer
|
|
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.124
- net/wireshark/distinfo 1.76
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Aug 3 19:18:06 UTC 2014
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log Message:
Update "wireshark" package to version 1.10.9. Changes since 1.10.8:
- The following vulnerabilities have been fixed.
* wnpa-sec-2014-08
The Catapult DCT2000 and IrDA dissectors could underrun a
buffer.
Versions affected: 1.10.0 to 1.10.8
* wnpa-sec-2014-09
The GSM Management dissector could crash. (Bug 10216)
Versions affected: 1.10.0 to 1.10.8
* wnpa-sec-2014-10
The RLC dissector could crash. (Bug 9795)
Versions affected: 1.10.0 to 1.10.8
* wnpa-sec-2014-11
The ASN.1 BER dissector could crash. (Bug 10187)
Versions affected: 1.10.0 to 1.10.8
- The following bugs have been fixed:
* GSM MAP: ensure that p2p_dir is always initialized before
calling GSM SMS dissector (Bug 10234)
* BFCP: include padding length in calculation of correct
attribute length (Bug 10240)
* GTP: allow empty Data Record Packet IE (Bug 10277)
* WebSocket: increase max unmask payload size to 256K and
indicate that packet is truncated is going above the new
limit (Bug 10283)
To generate a diff of this commit:
cvs rdiff -u -r1.123 -r1.124 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.75 -r1.76 pkgsrc/net/wireshark/distinfo
|
|
net/tor: security update
Revisions pulled up:
- net/tor/Makefile 1.99
- net/tor/distinfo 1.60
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jul 30 11:49:26 UTC 2014
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Log Message:
Update to 0.2.4.23:
Changes in version 0.2.4.23 - 2014-07-28
Tor 0.2.4.23 brings us a big step closer to slowing down the risk from
guard rotation, and also backports several important fixes from the
Tor 0.2.5 alpha release series.
o Major features:
- Clients now look at the "usecreatefast" consensus parameter to
decide whether to use CREATE_FAST or CREATE cells for the first hop
of their circuit. This approach can improve security on connections
where Tor's circuit handshake is stronger than the available TLS
connection security levels, but the tradeoff is more computational
load on guard relays. Implements proposal 221. Resolves ticket 9386.
- Make the number of entry guards configurable via a new
NumEntryGuards consensus parameter, and the number of directory
guards configurable via a new NumDirectoryGuards consensus
parameter. Implements ticket 12688.
o Major bugfixes:
- Fix a bug in the bounds-checking in the 32-bit curve25519-donna
implementation that caused incorrect results on 32-bit
implementations when certain malformed inputs were used along with
a small class of private ntor keys. This bug does not currently
appear to allow an attacker to learn private keys or impersonate a
Tor server, but it could provide a means to distinguish 32-bit Tor
implementations from 64-bit Tor implementations. Fixes bug 12694;
bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from
Adam Langley.
o Minor bugfixes:
- Warn and drop the circuit if we receive an inbound 'relay early'
cell. Those used to be normal to receive on hidden service circuits
due to bug 1038, but the buggy Tor versions are long gone from
the network so we can afford to resume watching for them. Resolves
the rest of bug 1038; bugfix on 0.2.1.19.
- Correct a confusing error message when trying to extend a circuit
via the control protocol but we don't know a descriptor or
microdescriptor for one of the specified relays. Fixes bug 12718;
bugfix on 0.2.3.1-alpha.
- Avoid an illegal read from stack when initializing the TLS
module using a version of OpenSSL without all of the ciphers
used by the v2 link handshake. Fixes bug 12227; bugfix on
0.2.4.8-alpha. Found by "starlight".
o Minor features:
- Update geoip and geoip6 to the July 10 2014 Maxmind GeoLite2
Country database.
|
|
net/transmission: security update
Revisions pulled up:
- net/transmission/Makefile.common 1.5
- net/transmission/distinfo 1.7
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Jul 11 10:10:10 UTC 2014
Modified Files:
pkgsrc/net/transmission: Makefile.common distinfo
Log Message:
Update to 2.84:
* Fix peer communication vulnerability (no known exploits) reported
by Ben Hawkes
|
|
|
|
|
|
but it doesn't seem to be adequate. Should fix Linux build.
|
|
|
|
|
|
(lather, rinse, repeat)
|
|
Should fix shlib check failure.
|
|
|
|
* trivial bug fixes.
|
|
Bump PKGREVISION
|
|
|
|
2014-06-16: 0.7.0 "Kryoptonite"
- Partial IPv6 support (#107)
Client can connect to iodined through an relaying IPv6
nameserver. Server only supports IPv4 for now.
Traffic inside tunnel is IPv4.
- Add socket activation for systemd, by Michael Scherer.
- Add automated lookup of external ip (via -n auto).
- Bugfix for OS X (Can't assign requested address)
- Fix DNS tunneling bug caused by uninitialized variable, #94
- Handle spaces when entering password interactively, fixes #93.
Patch by Hagar.
- Add -R option to set OpenBSD routing domain for the DNS socket.
Patch by laurent at gouloum fr, fixes #95.
- Add android patches and makefile, from Marcel Bokhorst, fixes #105.
- Added missing break in iodine.c, by Pavel Pergamenshchik, #108.
- A number of minor patches from Frank Denis, Gregor Herrmann and
Barak A. Pearlmutter.
- Testcase compilation fixes for OS X and FreeBSD
- Do not let sockets be inherited by sub-processes, fixes #99.
- Add unspecified RR type (called PRIVATE; id 65399, in private use
range). For servers with RFC3597 support. Fixes #97.
- Fix authentication bypass vulnerability; found by Oscar Reparaz.
|
|
(The options need work too, after the freeze.)
|
|
==============================
Release Notes for Samba 3.6.24
June 23, 2014
==============================
This is a security release in order to address
CVE-2014-0244 (Denial of service - CPU loop) and
CVE-2014-3493 (Denial of service - Server crash/memory corruption).
o CVE-2014-0244:
All current released versions of Samba are vulnerable to a denial of
service on the nmbd NetBIOS name services daemon. A malformed packet
can cause the nmbd server to loop the CPU and prevent any further
NetBIOS name service.
This flaw is not exploitable beyond causing the code to loop expending
CPU resources.
o CVE-2014-3493:
All current released versions of Samba are affected by a denial of service
crash involving overwriting memory on an authenticated connection to the
smbd file server.
|
|
|
|
SyntaxError: Non-UTF-8 code starting with '\xb7' in file youtube-dl on line 3, but no encoding declared; see http://python.org/dev/peps/pep-0263/ for details
by installing the original unmodified file and a wrapper script.
I'm not sure why it broke or why this works better, but it does for me (TM).
Bump PKGREVISION.
|
|
|
|
|
|
|
|
From Youri Mout on tech-pkg.
|
|
A list of changes is not available unfortunately. But the update seems
to prevent crashes with a message like this one:
rtorrent: Read past initial payload after incoming encrypted handshake
|
|
======
- The wheel distribution did not support Python 2.6 by failing to list
the extra dependencies required.
- Durable and auto_delete queues/exchanges can be be cached using
``maybe_declare``.
|
|
|
|
* Fixes account authentication related issues.
* Change match empty extract condition to match all tweets.
|
|
|
|
3859. [bug] Don't call qsort with a null pointer. [RT #35968]
3858. [bug] Disable GCC 4.9 "delete null pointer check".
[RT #35968]
3742. [port] linux: libcap support: declare curval at start of
block. [RT #35387]
--- 9.9.5-W1 released ---
3724. [bug] win32: Fixed a bug that prevented dig and
host from exiting properly after completing
a UDP query. [RT #35288]
|
|
|
|
|
|
- The following vulnerabilities have been fixed.
* wnpa-sec-2014-07
The frame metadissector could crash. (Bug 9999, Bug 10030)
Versions affected: 1.10.0 to 1.10.7
CVE-2014-4020
= The following bugs have been fixed:
* VoIP flow graph crash upon opening. (Bug 9179)
* Tshark with "-F pcap" still generates a pcapng file. (Bug 9991)
* IPv6 Next Header 0x3d recognized as SHIM6. (Bug 9995)
* Failed to export pdml on large pcap. (Bug 10081)
* TCAP: set a fence on info column after calling sub
dissector (Bug 10091)
* Dissector bug in JSON protocol. (Bug 10115)
* GSM RLC MAC: do not skip too many lines of the CSN_DESCR
when the field is missing (Bug 10120)
* Wireshark PEEKREMOTE incorrectly decoding QoS data packets
from Cisco Sniffer APs. (Bug 10139)
* IEEE 802.11: fix dissection of HT Capabilities (Bug 10166)
- Updated Protocol Support
CIP, EtherNet/IP, GSM RLC MAC, IEEE 802.11, IPv6, and TCAP
- New and Updated Capture File Support
pcap-ng, and PEEKREMOTE
|
|
heads-up.
|
|
- Change rancid script exec(); move cmd-line options to rancid.types.*
files. This allows older scripts to function without change, ie:
needing to support -t.
- clogin: missing variable initialization
- ios.pm: filter fan speed setting on 2900, etc.
- fnrancid: fix filter match for encrypted pwd
- ios.pm: filter vlan traffic counters on gsr, 6400 & switches
- srancid: fix up time filter for dell 3448
- ios.pm: some ASAs do not support show vlan
- ios.pm: bgp password filtering removing neighbor address
- rancid.types.base: dell definition missing inloop configuration
- rancid: display useful error if inloop is not configured
- dell.pm: missing variable declarations
- nxrancid: filter INTAKE temps and cycling file BufferMonitor-1HourData
|
|
|
|
(pkgsrc)
- Add following line to find -lperl
LDFLAGS+= -L${PREFIX}/${PERL5_SUB_INSTALLARCHLIB}/CORE
- Drop NetBSD-5, net/agr/if_agrioctl.h is missing
- Add options.mk and support json, snmp, xml selection,
those were missing in configured list
- Now includes readline.buildlink3.mk
(upstream)
lldpd (0.7.9)
* Changes:
+ Default location for chroot, socket and PID are now configurable
in `./configure`. The default location is based on the value of
`runstatedir` which in turn may be based on the value of
`localstatedir` which defaults to `/usr/local/var`. Therefore,
to get the previous locations, lldpd should be configured with
`./configure --localstatedir=/var`.
* Fixes:
+ Fix `configure system bond-slave-src-mac-type local`. Also use
it as default.
* Features:
+ Add support for shutdown LLDPU.
+ Ability to configure IP management pattern from lldpcli.
+ Ability to choose what port ID should be (MAC or interface name).
lldpd (0.7.8)
* Fixes:
+ Don't hard-code default values for system name, system
description and port description. When the field is not present,
just don't display it.
+ Fix lldpcli behaviour when suid.
+ On OSX, don't use p2p0 interfaces: it would break WLAN.
+ Fix SNMP support on RHEL.
* Features:
+ Android support
+ Add the possibility to disable privilege separation (lower
memory consumption, lower security, don't do it).
+ Interfaces can now be whitelisted. For example, *,!eth*,!!eth1
is a valid pattern for all interfaces except eth ones, except
eth1. Moreover, on exact match, an matching interface
circumvents most sanity checks (like VLAN handling).
+ Ability to override the hostname.
lldpd (0.7.7)
* Features:
+ Use a locally administered MAC address or an arbitrary one
instead of null MAC address for bond devices on Linux. This is
configurable through `lldpcli`.
+ Add support for "team" driver (alternative to bond devices).
+ Preliminary support for DTrace/systemtap.
+ Preliminary support for seccomp (for monitor process).
+ Setup chroot inside lldpd instead of relying on init script.
* Fixes:
+ Various bugs related to fixed point number handling (for
coordinates in LLDP-MED)
+ Fix a regression in how MAC address of an enslaved device is
retrieved.
|
|
|
|
Proxies incoming HTTP and TLS connections based on the hostname
contained in the initial request. This enables HTTPS name-based virtual
hosting to separate backend servers without installing the private key
on the proxy machine.
|
|
|
|
Changes since 3.3.1:
server
------
bug fixes
26180 prevent certain operations (including queue creation and deletion)
blocking until a connection closes when the socket limit is reached
(since 2.7.0)
26227 fix incorrect log message about config file location when running as
a Windows service, changing RABBITMQ_CONFIG_FILE and not reinstalling
the service (since 3.3.0)
26172 ensure slave queue does not hang if the GM process crashes at queue
startup (since 2.6.0)
26178 prevent error logger crash in rare circumstances (since 3.3.0)
26184 prevent small log messages being needlessly truncated (since 3.3.0)
26226 ensure rabbitmqctl status does not crash if invoked while Mnesia is
starting or stopping (since 3.0.0)
26200 fix garbled SSL log messages (since 3.0.3)
26203 prevent spurious log message if slave queue crashes early (since 3.2.2)
management plugin
-----------------
bug fixes
26197 fix garbled error message if importing JSON definitions file with invalid
input (since 2.1.0)
26209 ensure reasons for authentication failure are always logged (since 2.1.0)
enhancements
25376 add documentation on the JSON schema returned by GET queries
shovel plugin
-------------
bug fixes
26219 fix creation of dynamic shovels using direct connection URLs through
rabbitmqctl (since 3.3.1)
26176 prevent deadlock deleting virtual host with active dynamic shovel on
single core machine (since 3.3.0)
federation plugin
-----------------
bug fixes
26176 prevent deadlock deleting virtual host with active federation link on
single core machine (since 3.0.0)
shovel-management plugin
------------------------
bug fixes
26165 ensure the status of static shovels is correctly shown (since 3.3.1)
LDAP plugin
-----------
bug fixes
26190 fix crash when LDAP uses SSL and nothing else does (since 2.3.0)
auth-mechanism-ssl plugin
-------------------------
bug fixes
25550 allow use of both certificate and password based authentication at the
same time (since 2.3.0)
MQTT plugin
-----------
bug fixes
26194 prevent hang on broker shutdown when there are active MQTT connections
(since 3.0.0)
26189 fix connection crash on shutdown if the connection starts very early
(since 3.0.0)
STOMP plugin
------------
bug fixes
25550 allow use of both certificate and password based authentication at the
same time (since 2.3.0)
Java client
-----------
bug fixes
26187 ensure network recovery delay is used when recovering from all types of
exception (since 3.3.0)
26188 ensure TopologyRecoveryException includes cause's message (since 3.3.0)
26196 fix Javadoc for ConnectionFactory.setSocketConfigurator()
Erlang client
-------------
bug fixes
26160 declare xmerl application dependency (since 3.3.0)
|
|
|
|
support the AppleTalk ddp protocol, and here to stay while NetBSD
ships with AppleTalk support.
Add Netatalk 3.0.8 wip package as net/netatalk30.
"Netatalk 3 is a freely-available implementation of the Apple
Filesharing Protocol Suite (AFP) over TCP/IP.
Using Netatalk's AFP 3.1 compliant file-server leads to significantly
higher transmissions speeds compared with Macs accessing a server via
SMB or NFS, while providing clients with the best user experience (full
support for Macintosh metadata, flawlessly supporting mixed
environments of classic MacOS and MacOS X clients)."
|
|
|
|
|
|
|
|
Changes since 0.12.5:
- Fix some coverity issues.
- lazy-create XML namespaces so only used-ones are declared.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=705564
- https://bugzilla.gnome.org/show_bug.cgi?id=730590
- https://bugzilla.gnome.org/show_bug.cgi?id=730591
- https://bugzilla.gnome.org/show_bug.cgi?id=731033
All contributors to this release:
- Jens Georg <mail@jensge.org>
|
|
|
