| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option.
|
|
* A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option.
|
|
|
|
the MonoTorrent library, 0.70, which contains numerous bugfixes and
performance enhancements. Numerous minor bugfixes were also included.
|
|
|
|
This is a bugfix release to address a few reported issues and also a few
issues that were discovered via my own testing.
* Add a helper method which ensures all data is flushed to disk
* Added additional error handling to prevent malformed DHT messages
crashing the library
* Fixed issue when zeroing unused bits for torrents with an exact
multiple of 32 pieces
* Fixed issue where data could be written to the wrong file if a file
with the same name existed in multiple torrents
* Fixed the handling of torrents where the last file(s) are of zero
length
* Fixed regression with global download rate limiting
* Fixed a performance regression with the new piece picking pipeline
which resulted in lots of CPU cycles being used up on peers which
have not sent an unchoke message
|
|
|
|
|
|
|
|
changes:
-bugfixes
-fixed interoperability problems, in particular for https and
for proxy use
|
|
maintainer update request via PR 41688.
Changes in version 0.2.0.35 - 2009-06-24
o Security fix:
- Avoid crashing in the presence of certain malformed descriptors.
Found by lark, and by automated fuzzing.
- Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
o Major bugfixes:
- Finally fix the bug where dynamic-IP relays disappear when their
IP address changes: directory mirrors were mistakenly telling
them their old address if they asked via begin_dir, so they
never got an accurate answer about their new address, so they
just vanished after a day. For belt-and-suspenders, relays that
don't set Address in their config now avoid using begin_dir for
all direct connections. Should fix bugs 827, 883, and 900.
- Fix a timing-dependent, allocator-dependent, DNS-related crash bug
that would occur on some exit nodes when DNS failures and timeouts
occurred in certain patterns. Fix for bug 957.
o Minor bugfixes:
- When starting with a cache over a few days old, do not leak
memory for the obsolete router descriptors in it. Bugfix on
0.2.0.33; fixes bug 672.
- Hidden service clients didn't use a cached service descriptor that
was older than 15 minutes, but wouldn't fetch a new one either,
because there was already one in the cache. Now, fetch a v2
descriptor unless the same descriptor was added to the cache within
the last 15 minutes. Fixes bug 997; reported by Marcus Griep.
|
|
to version 0.8.4. Changes since 0.12.2 respectively 0.8.2:
- Fixed EINTR handling in execute command.
- Fixed a couple of memory leaks in xmlrpc.cc.
- Initial seeding support added.
- Added a work-around for the stdin kqueue bug in MacOSX.
- Numerous bug-fixes and patches.
- Work-around for OpenBSD's broken sys/event.h, which fails to compile
if it's the first (or only) included header. (Ticket #1470)
- Fixes compilation with old libcurl versions. (Ticket #1471)
- Fix compile error on systems that lack mincore(2).
- Fixes a crash in epoll due to libcurl/c-ares bug:
PollEPoll::modify(...) epoll_ctl call failed.
- Enforce an http transfer timeout when libcurl fails to honor
it. Also set a 5-minute timeout for (previously unlimited) torrent
transfers and fixes the argument type for curl_easy_setopt values.
- Allows bandwidth throttles to work without floating point support.
- Added the 'd.add_peer=host[:port]' command to manually add a peer
(not for torrents marked "private"), port 6881 is the default.
- Allows banning the selected peer with "B". No unbanning is possible
yet.
- Added system.method.{insert,erase} commands that allows
user-specified commands. E.g "system.method.insert=foo,print=Bar".
- Differentiate between commands that have no target, and those that
take generic targets, when using XMLRPC.
- Added 'event.download.inserted_{new,session}' that are triggered
when a new or a session torrent is added. Ticket #1516.
- Added 'system.method.get', 'ui.current_view.set' and 'group.insert'
commands.
- Enabled different ratio settings for different groups of
downloads.
- Added 'view.persistance' command that makes downloads inserted into
that view persist across sessions. Only call on user-created views.
- Added 'ratio.*' commands that call the 'group.seeding.ratio.*'
equivalents.
- Changed torrent::DownloadList::close_directly() so doesn't save the
session if the underlying file/directory has been moved or
removed. This change, in addition to calling 'd.set_directory=' before
'execute=mv,...', as previously shown in the examples, will make
rtorrent behave correctly when 'check_hash=no' is set.
|
|
Changes from dhcpcd-5.0.4 include
* Fix crash on MIPS
* Default to requesting interface MTU
* Save and restore interface MTU when changing
* IP whitelist
* Fix detecting correct dstaddr for PtP interfaces at startup
* Ensure that the lease and pidfile directories exist at startup
|
|
- CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
This security fix has already been integrated into "pkggsrc" via a patch
previously. The package was only updated to make future maintenance easier.
|
|
|
|
|
|
(I had some partial success using it to connect "rhythmbox" to
a "mediatomb" media server.)
|
|
|
|
Setting license to artistic according to module documentation
Upstream changes:
4.027 Tue Jun 9 10:31:11 PDT 2009
In NetAddr::IP::Util v1.31,
ferret out shell value for Makefile.PL when calling
./configure for systems where the 'x' bit gets lost
due to bug in Archive::Tar
|
|
Setting license to artistic according to META.yml
Upstream changes:
1.05 Wed Jun 10 20:37:44 CEST 2009
- bugfix: removed a warning on AF_INET6 constant declaration
- update: copyright notice
1.04 Sun Oct 19 17:47:11 CEST 2008
- bugfix: IP_HDRINCL with IPv6 under Linux 2.6.x
|
|
Setting LICENSE to ${PERL5_LICENSE} according to module documentation
Upstream changes:
1.03:
* Enforce the rules from the Auth 2.0 spec about which fields
MUST be signed in positive assertion messages.
* Return a more sensible error (no_head_tag) if the identifier
URL returns an empty (0-byte) HTML document.
* Verify delegate on the non-fragment version of the resulting
identifier, so that you can delegate to providers that add
fragments to their identifiers.
Found and fixed by avarix <mindsectr@gmail.com>.
|
|
- Updating package for p5 module RPC::XML from 0.64 to 0.65
- Adjusting license and dependencies according to META.yml
Upstream changes:
0.65 Wednesday June 17, 2009, 06:00:00 AM -0700
* etc/make_method
* etc/rpc-method.dtd
* lib/RPC/XML/Procedure.pm
* t/30_method.t
* t/35_namespaces.t (added)
* t/namespace1.xpl (added)
* t/namespace2.xpl (added)
* t/namespace3.xpl (added)
Support for declaration of namespaces in XPL code. Adds a new
test suite and includes a rewrite/update of the method tests.
Change also covers the make_method tool and the DTD for XPL
files.
* lib/RPC/XML.pm
* lib/RPC/XML/Client.pm
* lib/RPC/XML/Server.pm
* t/02_pod_coverage.t
Interim fix for encoding issues, prior to the mega-encoding
work. This makes the library correctly create octet-based
messages, rather than letting UTF-8 leak in if it was passed in
initially.
* lib/Apache/RPC/Server.pm
* lib/RPC/XML.pm
* lib/RPC/XML/Client.pm
Follow-up to previous commit, some serialization-related
problems. Not all instances of bytelength() had been removed
after the previous slate of changes, and once that was done
some tests in 15_serialize.t broke.
* lib/RPC/XML.pm
* lib/RPC/XML/Parser.pm
* t/12_nil.t (added)
* t/30_method.t
RT #34132: Based on a patch from the requestor, added support
for <nil/>. Documentation and tests are present, but a little
sparse. This change also incorporates a small add to
lib/RPC/XML/Parser.pm to address RT #42033.
* t/40_server.t
* t/41_server_hang.t
RT #27778: Fix problems with child-process management on
Windows that was causing t/40_server.t to hang during test
runs. Also put skip-clause into t/41_server_hang.t, as
according to the person reporting, it doesn't work at all on
MSWin (the network code is very UNIX-y).
* lib/RPC/XML.pm
* t/10_data.t
Applied a regexp-fix from Joakim Mared for stringification of
doubles.
* lib/RPC/XML.pm
* lib/RPC/XML/Client.pm
* lib/RPC/XML/Parser.pm
* lib/RPC/XML/Procedure.pm
* lib/RPC/XML/Server.pm
* t/10_data.t
RT ticket #35106: Make the behavior of RPC::XML::array
constructor work as expected. This led to adding use of
Scalar::Util and cleaning up the places where I was still doing
"UNIVERSAL::isa(...)" hacks to test refs without the risk of
directly calling ->isa() on a potentially-unblessed ref.
* lib/Apache/RPC/Server.pm
* lib/Apache/RPC/Status.pm
* lib/RPC/XML.pm
* lib/RPC/XML/Client.pm
* lib/RPC/XML/Function.pm
* lib/RPC/XML/Method.pm
* lib/RPC/XML/Parser.pm
* lib/RPC/XML/Procedure.pm
* lib/RPC/XML/Server.pm
Update the copyright year and license information, and add
contact data to all POD sections for RT, AnnoCPAN, GitHub, etc.
* lib/RPC/XML/Client.pm
* t/50_client.t
RT ticket #34559: Allow control of LWP::UA timeouts from within
client class.
* lib/RPC/XML/Server.pm
RT ticket #43019: Small hack to the existing SSL hack for
Socket6 problems.
* lib/Apache/RPC/Server.pm
* lib/Apache/RPC/Status.pm
* lib/RPC/XML.pm
* lib/RPC/XML/Client.pm
* lib/RPC/XML/Function.pm
* lib/RPC/XML/Method.pm
* lib/RPC/XML/Parser.pm
* lib/RPC/XML/Procedure.pm
* lib/RPC/XML/Server.pm
Since Scalar::Util requires 5.006, make that (5.006001,
actually) the base required Perl version.
|
|
as mandated by X/Open.
|
|
Support PPP interfaces on NetBSD. Bump revision.
|
|
Upstream changes:
Not logged
|
|
- removing dependencies which are included in perl core meanwhile
- removed empty PLIST
|
|
|
|
|
|
|
|
bump PKGREVISION
|
|
bump PKGREVISION
|
|
work with gnutls-2.8
|
|
|
|
|
|
MAKE_JOBS=2 and worked without.
|
|
|
|
|
|
OK'ed by wiz@
Pkgsrc changes:
o Explicitly mark dependency on openssl >= 0.9.7, should fix PR#41633
Upstream changes:
1.5.1
Example tools:
* ldns-signzone was broken in 1.5.0 for multiple keys, this
has been repaired
Build system:
* Removed a small erroneous output warning in
examples/configure and drill/configure
1.5.0
Bug fixes:
* fixed a possible memory overflow in the RR parser
* build flag fix for Sun Studio
* fixed a building race condition in the copying of header
files
* EDNS0 extended rcode; the correct assembled code number
is now printed (still in the EDNS0 field, though)
* ldns_pkt_rr no longer leaks memory (in fact, it no longer
copies anything all)
API addition:
* ldns_key now has support for 'external' data, in which
case the OpenSSL EVP structures are not used;
ldns_key_set_external_key() and ldns_key_external_key()
* added ldns_key_get_file_base_name() which creates a
'default' filename base string for key storage, of the
form "K<zone>+<algorithm>+<keytag>"
* the ldns_dnssec_* family of structures now have deep_free()
functions, which also free the ldns_rr's contained in them
* there is now an ldns_match_wildcard() function, which checks
whether a domain name matches a wildcard name
* ldns_sign_public has been split up; this resulted in the
addition of ldns_create_empty_rrsig() and
ldns_sign_public_buffer()
Examples:
* ldns-signzone can now automatically add DNSKEY records when
using an OpenSSL engine, as it already did when using key
files
* added new example tool: ldns-nsec3-hash
* ldns-dpa can now filter on specific query name and types
* ldnsd has fixes for the zone name, a fix for the return
value of recvfrom(), and an memory initialization fix
(Thanks to Colm MacCárthaigh for the patch)
* Fixed memory leaks in ldnsd
1.4.1
Bug fixes:
* fixed a build issue where ldns lib existence was done too early
* removed unnecessary check for pcap.h
* NSEC3 optout flag now correctly printed in string output
* inttypes.h moved to configured inclusion
* fixed NSEC3 type bitmaps for empty nonterminals and unsigned
delegations
API addition:
* for that last fix, we added a new function
ldns_dname_add_from() that can clone parts of a dname
|
|
unresolved variables
bump PKGREVISION
|
|
SSL support is built in again
approved by tron The Maintainer
bump PKGREVISION
|
|
|
|
|
|
CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
bump PKGREVISION
|
|
|
|
|
|
|
|
Fix build on NetBSD-current/i386 by papering over a build time assertion.
(Probably due to 64-bit time_t.)
|
|
(Probably due to 64-bit time_t.)
cvs: ----------------------------------------------------------------------
|
|
While here, set LICENSE=${PERL5_LICENSE}.
Revision history for Perl extension Net::Amazon:
0.53 (06/13/2009)
(cb) Nathan Handler re-reported a man page issue on Ubuntu, rt 46708.
I managed to fix 197 issues, except for the specific one he called
out in the bug.
0.52 (06/09/2009)
(cb) Nathan Handler reported a man page issue on Ubuntu, rt 46708.
0.51 (06/05/2009)
(cb) Vince Veselosky submitted a patch to support request signing, a
feature that is required for accessing AWS after 2009-08-15.
Upgrading is recommended.
(cb) Complete the upgrade to WSDL 2009-03-31 that was started by
Vince Veselosky.
(cb) Clean-up POD issues found by pod checker.
(cb) Indicate the code has moved to github.com.
(cb) Update the README to reflect the actual date of the WSDL.
|
|
|
