| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
1.) Set minimum required GCC version to 4.1.3 because that is what has
been tested. Based on the bug-report it also seems that GCC 4.0.1
doesn't work.
2.) GCC 4.1.3 (as distributed with NetBSD 5.*) works fine under
NetBSD/macppc as reported by Matthias Kretschmer on IRCnet.
So don't insist on GCC 4.2.1 for this platform. This fixes seems
to fix the build as the GCC 4.4.6 package doesn't build for
this platform.
|
|
- Bug Fixes
The following vulnerabilities have been fixed.
o wnpa-sec-2012-01
Laurent Butti discovered that Wireshark failed to properly
check record sizes for many packet capture file formats. (Bug
6663, bug 6666, bug 6667, bug 6668, bug 6669, bug 6670)
Versions affected: 1.4.0 to 1.4.10, 1.6.0 to 1.6.4.
o wnpa-sec-2012-02
Wireshark could dereference a NULL pointer and crash. (Bug
6634)
Versions affected: 1.4.0 to 1.4.10, 1.6.0 to 1.6.4.
o wnpa-sec-2012-03
The RLC dissector could overflow a buffer. (Bug 6391)
Versions affected: 1.4.0 to 1.4.10, 1.6.0 to 1.6.4.
The following bugs have been fixed:
o "Closing File!" Dialog Hangs. (Bug 3046)
o Sub-fields of data field should appear in exported PDML as
children of the data field instead of as siblings to it. (Bug
3809)
o Incorrect time differences displayed with time reference set.
(Bug 5580)
o Wrong packet type association of SNMP trap after TFTP
transfer. (Bug 5727)
o SSL/TLS decryption needs wireshark to be rebooted. (Bug 6032)
o Export HTTP Objects -> save all crashes Wireshark. (Bug 6250)
o Wireshark Netflow dissector complains there is no template
found though the template is exported. (Bug 6325)
o DCERPC EPM tower UUID must be interpreted always as little
endian. (Bug 6368)
o Crash if no recent files. (Bug 6549)
o IPv6 frame containing routing header with 0 segments left
calculates wrong UDP checksum. (Bug 6560)
o IPv4 UDP/TCP Checksum incorrect if routing header present.
(Bug 6561)
o Incorrect Parsing of SCPS Capabilities Option introduced in
response to bug 6194. (Bug 6562)
o Various crashes after loading NetMon2.x capture file. (Bug
6578)
o Fixed compilation of dumpcap on some systems (when
MUST_DO_SELECT is defined). (Bug 6614)
o SIGSEGV in SVN 40046. (Bug 6634)
o Wireshark dissects TCP option 25 as an "April 1" option. (Bug
6643)
o ZigBee ZCL Dissector reports invalid status. (Bug 6649)
o ICMPv6 DNSSL option malformed on padding. (Bug 6660)
o Wrong tvb_get_bits function call in packet-csn1.c. (Bug 6708)
o [UDP] - Length Field of Pseudo Header while computing CheckSum
is not correct. (Bug 6711)
o pcapio.c: bug in libpcap_write_interface_description_block.
(Bug 6719)
o Memory leaks in various dissectors.
o Bytes highlighted in wrong Byte pane when field selected in
Details pane.
- Updated Protocol Support
BGP, BMC CSN1, DCERPC EPM, DCP(ETSI) DMP DTLS GSM Management, H245
HPTEAM, ICMPv6, IEEE 802.15.4 IPSEC IPv4, IPv6, ISAKMP KERBEROS
LDSS NFS RLC, RPC-NETLOGON RRC RTMPT SIGCOMP SSL SYSLOG TCP, UDP,
XML ZigBee ZCL
- New and Updated Capture File Support
Accellent 5Views, AIX iptrace, HP-UX nettl, I4B, Microsoft Network
Monitor, Novell LANalyzer, PacketLogger, Pcap-ng, Sniffer,
Tektronix K12, WildPackets {Airo,Ether}Peek.
|
|
remediation of memory leaks.
|
|
is not needed anymore
|
|
|
|
|
|
0.6.4 - Tulips
==============
* Fix the installation with Python 3.1
|
|
|
|
The Radicale Project is a complete CalDAV calendar server solution.
It can store multiple calendars.
Calendars are available for both local and remote access, possibly
limited through authentication policies. They can be viewed and
edited by calendar clients on mobile phones or computers. Technical
Description
Radicale aims to be a light solution, easy to use, easy to install,
easy to configure. As a consequence, it requires few software
dependencies and is pre-configured to work out-of-the-box.
|
|
|
|
arp-scan is a command-line tool for system discovery and fingerprinting.
It constructs and sends ARP requests to the specified IP addresses,
and displays any responses that are received.
arp-scan allows you to:
* Send ARP packets to any number of destination hosts, using a
configurable output bandwidth or packet rate.
* Construct the outgoing ARP packet in a flexible way.
* Decode and display any returned packets.
* Fingerprint IP hosts using the arp-fingerprint tool.
|
|
|
|
Calypso is a CalDAV/CardDAV server on Linux.
Calypso works with evolution, iceowl and the Android CalDAV/CardDAV
plugins. It does not yet work with aCal; for some reason aCal cannot
find any calendars on the server.
Calypso also supports importing calendar changes from the command
line, allowing you to integrate support into a text-based email
application like notmuch or mutt.
|
|
#if 0 these, possibly unbreaking build on Linux.
|
|
Changelog:
* Update translations.
* Improve IPv6 support.
* Many bugs are fixed.
|
|
Feature improvements
* Updates to dictionary.erx, dictionary.siemens, dictionary.starent,
dictionary.starent.vsa1, dictionary.zyxel, added dictionary.symbol
* Added support for PCRE from Phil Mayers
* Configurable file permission in rlm_linelog
* Added "relaxed" option to rlm_attr_filter. This copies attributes if at least
one match occurred.
* Added documentation on dynamic clients. See raddb/modules/dynamic_clients.
* Added support for elliptical curve cryptography. See ecdh_curve in
raddb/eap.conf.
* Added support for 802.1X MIBs in checkrad
* Added support for %{rand:...}, which generates a uniformly distributed number
between 0 and the number you specify.
* Created "man" pages for all installed commands, and documented options for all
commands. Patch from John Dennis.
* Allow radsniff to decode encrypted VSAs and CoA packets.
* Always send Message-Authenticator in radtest.
* Updated Oracle schema and queries
* Added SecurID module. See src/modules/rlm_securid/README
Bug fixes
* Fix memory leak in rlm_detail
* Fix "failed to insert event"
* Allow virtual servers to be reloaded on HUP. It no longer complains about
duplicate virtual servers.
* Fix %{string:...} expansion
* Fix "server closed socket" loop in radmin
* Set ownership of control socket when starting up
* Always allow root to connect to control socket, even if "uid" is set. They're
root. They can already do anything.
* Save all attributes in Access-Accept when proxying inner-tunnel EAP-MSCHAPv2
* Fixes for DHCP relaying.
* Check certificate validity when using OCSP.
* Updated Oracle "configure" script
* Fixed typos in dictionary.alvarion
* WARNING on potential proxy loop.
* Be more aggressive about clearing old requests from the internal queue
* Don't open network sockets when using -C
|
|
Bump PKGREVISION
|
|
Changes:
* Important fixes to High Availability
* Compatibility with Erlang R15B
* Bug fixes and performance improvements
|
|
|
|
chance and it's better than blindly failing because this file's missing.
|
|
http://open.nlnetlabs.nl/pipermail/ldns-users/2011-December/000452.html
(patch taken from trunk)
(ok'ed by wiz@)
|
|
* Remove dependency to x11/swing.
* Drop lang/kaffe support, because x11/swing had been removed.
* Bump PKGREVISION.
|
|
bug fix.
|
|
inet6 option was added. Comment out the option for now; if you want
IPv6, uncomment and turn off other conflicting options. Addresses
PR pkg/45358. While here, update to the latest version of the patch.
No PKGREVISION bump needed.
|
|
|
|
|
|
|
|
Without this fix, tcptraceroute would try to reach or source 0.0.0.0
always on big-endian LP64 architectures.
|
|
|
|
to be MAKE_JOBS_SAFE.
|
|
and that does look at builtin implementations.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
|
|
bug#0001963: Bandwidth summation "total in" and "total out"
are always 0
bug#0002040: ICMP ping errors for Windows 7 with PHP 5.3
bug#0002062: Multiple security vulnerabilities
bug#0002063: Multiple value poller output incorrectly interpreted
as hexadecimal value
bug#0002064: Removing "~" (tilde) by sanitize_uri() conflicts with
Apache UserDir translation
bug#0002066: Graph without host id "Notice: Undefined variable:
host_id"
bug#0002067: Custom time range filter not working
bug#0002068: Missing header include in analyze_database.php
bug#0002071: MySQL table poller_item is dropped always when "Data
Input Method" is changed or added.
bug#0002079: Using input field of a script in graph title does not
work
bug#0002080: Database password containing "@" does not connect
bug#0002083: Adding a new users generates errors in apache logs
bug#0002084: Incorrect normalization of hrStorageTable values
over 2^31
bug#0002086: Incorrect usage of mysql custom tcp port
bug#0002087: PHP recache problems due to missing slashes in reindex
table
bug#0002093: Unit exponent value of 0 not imported with graph
template
bug#0002094: CDEF: "another cdef" references not included in
template export
bug#0002106: Command line add device does not accept "None" for
host template
bug: Update host template cli script help to fix incorrect options
bug: Refresh of Cacti log viewer not working
bug: Problems saving User Graph Permissions in IE9
bug: Bandwidth summation fails if NAN values are present
bug: Special Type Code "host_id" available in Data Queries by Not
Data Input Methods
bug: Do not generate error messages when creating non host based
graphs
bug: Wrong index used for Data Queries using VALUE/REGEXP
bug: Fix issue with title variable replacement failing when no host
is associated with graph
bug: Cacti generating MySQL 1100 Errors when modifying the tree
bug: Resolved "Fatal error: Cannot use string offset as an array"
in lib/data_query.php
feature: Properly support ifHighSpeed replacement variable
feature: Increase granularity of availability options to correct
spine bug
feature: Replace "event count" with last changed date for host
availability
|
|
Features:
* Makefile changed for BSD make compatibility.
* dns over ssl support as a client, ssl-upstream yes turns it on.
It performs an SSL transaction for every DNS query.
* dns over ssl support as a server, ssl-service-pem and ssl-service-key files
can be given and then TCP queries are serviced wrapped in SSL.
* lame-ttl and lame-size options no longer exist, it is integrated with the
host info. They are ignored (with verbose warning) if encountered
to keep the config file backwards compatible.
* TCP-upstream calculates tcp-ping so server selection works if there are
alternatives.
* Unbound probes at EDNS1480 if there an EDNS0 timeout.
Bug Fixes:
* Fix for VU#209659 CVE-2011-4528: Unbound denial of service vulnerabilities
from nonstandard redirection and denial of existence
http://www.unbound.net/downloads/CVE-2011-4528.txt
* Fix for tcp-upstream and ssl-upstream for if a laptop sleeps,
causes SERVFAILs. Also fixed for UDP (but less likely).
* Fix quartile time estimate, it was too low.
* Fix double free in unbound-host.
* fix -flto detection on Lion for llvm-gcc.
* [bugzilla: 416 ] Infra cache stores information about ping and lameness
per IP, zone.
* [bugzilla: 415 ] Fix resolve of partners.extranet.microsoft.com with a fix
for the server selection for choosing out of a (particular) list of bad
choices.
* Fix make_new_space function so that the incoming query is not overwritten
if a jostled out query causes a waiting query to be resumed that then fails
and sends an error message.
* fix unbound-anchor for broken strptime on OSX lion, detected in configure.
* Detect if GOST really works, openssl1.0 on OSX fails.
* Implement ipv6%interface notation for scope_id usage.
* better documentation for inform_super.
* Fix for out-of-memory condition in libunbound.
* Fix --enable-allsymbols, it depended on link specifics of the target platform, or fptr_wlist assertion failures could occur.
* updated contrib/unbound_munin_ to family=auto so that it works with
munin-node-configure automatically.
* Fix classification of NS set in answer section, where there is a
parent-child server, and the answer has the AA flag for dir.slb.com.
* [bugzilla: 408 ] accept patch from Steve Snyder that comments out unused
functions in lookup3.c.
* fix various compiler warnings.
* max sent count. EDNS1480 only for rtt < 5000. No promiscuous fetch if
sentcount > 3, stop query if sentcount > 16. Count is reset when referral
or CNAME happens. This makes unbound better at managing large NS sets,
they are explored when there is continued interest (in the form of queries).
* remove uninit warning from cachedump code.
* Fix parse error on negative SOA RRSIGs if badly ordered in the packet.
* fix infra cache comparison.
* Fix to constrain signer_name to be a parent of the lookupname.
* robust checks for next-closer NSEC3s.
* iana portlist updated.
(Ok'ed by wiz@)
|
|
This fixes packaging and installation on Linux.
|
|
|
|
|
|
Drop ${PHP_BASE_VARS} from PKGVERSION by default.
It used to be required to support multiple php version.
But after PHP version based ${PHP_PKG_PREFIX} was introduced,
such trick is not required anymore.
In addition to this, such version name schme invokes unwanted version bump
when base php version is bumped, plus, such version scheme is hard to
use for DEPENDS pattern.
To avoid downgrading of package using such legacy version scheme,
PECL_LEGACY_VERSION_SCHEME is introduced.
If it is defined, current version scheme is still used for currently
supported PHP version (5 and 53), but instead of ${PHP_BASE_VARS},
current fixed PHP base version in pkgsrc is used to avoid unwanted version bump
from update of PHP base package.
With newer PHP (54, or so on), new version scheme will be used if
it is defined.
This trick will not be required and should be removed after php5 and php53 will
be gone away from pkgsrc.
|
|
changes:
-fixes a critical heap-overflow security issue (CVE-2011-2778)
-more fixes, mostly affecting hidden services and relays
|
|
Bump PKGREVISION
|
|
Bump PKGREVISION
|
|
Respect LDFLAGS
Bump PKGREVISION
|
|
|
|
This is the latest stable release of Samba 3.5.
Major enhancements in Samba 3.5.12 include:
o Fix race condition in Winbind (bug 7844).
o The VFS ACL modules are no longer experimental but production-ready.
See full release notes at http://www.samba.org/samba/history/samba-3.5.12.html
|
|
Major enhancements in Samba 3.6.1 include:
o Fix smbd crashes triggered by Windows XP clients (bug #8384).
o Fix a Winbind race leading to 100% CPU load (bug #8409).
o Several SMB2 fixes.
o The VFS ACL modules are no longer experimental but production-ready.
Full release notes at http://www.samba.org/samba/history/samba-3.6.1.html
Major enhancements in Samba 3.6.0 include:
- Changed security defaults:
client ntlmv2 auth = yes
client use spnego principal = no
send spnego principal = no
- SMB2 support (fully functional with one omission)
- Internal Winbind passdb changes
- New Spoolss code
- ID Mapping Changes
- Endpoint Mapper
- Internal restructuring
- SMB Traffic Analyzer (http://holger123.wordpress.com/smb-traffic-analyzer/)
- NFS quota backend on Linux
Full release notes at http://www.samba.org/samba/history/samba-3.6.0.html
|
