| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
=========
BUG FIXES:
- Change the nsd.db file version because of nanosecond precision fix.
|
|
1.3.5b - Released 10-Mar-2016
--------------------------------
- Bug 4187 - mod_geoip does not load all of the GeoIPTables properly.
- Bug 4191 - "Incorrect string value" reported by mod_sql_mysql for some UTF8
characters.
- Bug 4097 - SSH rekey fails when using RSA hostkey smaller than 2048 bits.
- Bug 4198 - MLSD/MLST fact type "cdir" is incorrectly used for the current
working directory.
- Bug 4201 - HiddenStores temporary files not removed when exceeding quota
using SCP.
- Bug 4202 - MLSD lines not properly terminated with CRLF.
- Bug 4209 - Zero-length memory allocation possible, with undefined results.
- Bug 4210 - Avoid unbounded SFTP extended attribute key/values.
- Bug 4212 - Ensure that FTP data transfer commands fail appropriately when
"RootRevoke on" is in effect.
- Bug 4217 - Handle FTP re-authentication attempts better.
- Bug 4223 - Permissions on files uploaded via STOU do not honor configured
Umask.
- Bug 4227 - Support SFTP clients that send multiple INIT requests.
- Bug 4230 - TLSDHParamFile directive appears ignored because unexpected DH is
chosen.
|
|
2016/03/14 : 1.6.4
- BUG/MINOR: http: fix several off-by-one errors in the url_param
parser
- BUG/MINOR: http: Be sure to process all the data received from a
server
- BUG/MINOR: chunk: make chunk_dup() always check and set
dst->size
- MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
- MINOR: chunks: add chunk_strcat() and chunk_newstr()
- MINOR: chunk: make chunk_initstr() take a const string
- MINOR: lru: new function to delete <nb> least recently used keys
- DOC: add Ben Shillito as the maintainer of 51d
- BUG/MINOR: 51d: Ensures a unique domain for each configuration
- BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy
best practices.
- BUG/MINOR: 51d: Releases workset back to pool.
- BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
- CLEANUP: 51d: Aligned if statements with HAProxy best practices
and removed casts from malloc.
- DOC: fix a few spelling mistakes
- DOC: fix "workaround" spelling
- BUG/MINOR: examples: Fixing haproxy.spec to remove references to
.cfg files
- MINOR: fix the return type for dns_response_get_query_id()
function
- MINOR: server state: missing LF (\n) on error message printed
when parsing server state file
- BUG/MEDIUM: dns: no DNS resolution happens if no ports provided
to the nameserver
- BUG/MAJOR: servers state: server port is erased when dns
resolution is enabled on a server
- BUG/MEDIUM: servers state: server port is used uninitialized
- BUG/MEDIUM: config: Adding validation to stick-table expire
value.
- BUG/MEDIUM: sample: http_date() doesn't provide the right day of
the week
- BUG/MEDIUM: channel: fix miscalculation of available buffer
space.
- MEDIUM: pools: add a new flag to avoid rounding pool size up
- BUG/MEDIUM: buffers: do not round up buffer size during
allocation
- BUG/MINOR: stream: don't force retries if the server is DOWN
- BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch
the table
- MINOR: unix: don't mention free ports on EAGAIN
- BUG/CLEANUP: CLI: report the proper field states in "show sess"
- MINOR: stats: send content-length with the redirect to allow
keep-alive
- BUG: stream_interface: Reuse connection even if the output
channel is empty
- DOC: remove old tunnel mode assumptions
- BUG/MAJOR: http-reuse: fix risk of orphaned connections
- BUG/MEDIUM: http-reuse: do not share private connections across
backends
- BUG/MINOR: ssl: Be sure to use unique serial for regenerated
certificates
- BUG/MINOR: stats: fix missing comma in stats on agent drain
- BUG/MINOR: lua: unsafe initialization
- DOC: lua: fix somme errors
- DOC: add server name at rate-limit sessions example
- BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
- BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
- DOC: LUA: fix some typos and syntax errors
- MINOR: cfgparse: warn for incorrect 'timeout retry' keyword
spelling in resolvers
- MINOR: mailers: increase default timeout to 10 seconds
- MINOR: mailers: use <CRLF> for all line endings
- BUG/MAJOR: lua: applets can't sleep.
- BUG/MINOR: server: some prototypes are renamed
- BUG/MINOR: lua: Useless copy
- BUG/MEDIUM: stats: stats bind-process doesn't propagate the
process mask correctly
- BUG/MINOR: server: fix the format of the warning on address
change
- BUG/MEDIUM: chunks: always reject negative-length chunks
- BUG/MINOR: systemd: ensure we don't miss signals
- BUG/MINOR: systemd: report the correct signal in debug message
output
- BUG/MINOR: systemd: propagate the correct signal to haproxy
- MINOR: systemd: ensure a reload doesn't mask a stop
- BUG/MEDIUM: cfgparse: wrong argument offset after parsing server
"sni" keyword
- CLEANUP: stats: Avoid computation with uninitialized bits.
- CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
- CLEANUP: map: Avoid memory leak in out-of-memory condition.
- BUG/MINOR: tcpcheck: fix incorrect list usage resulting in
failure to load certain configs
- BUG/MAJOR: samples: check smp->strm before using it
- MINOR: sample: add a new helper to initialize the owner of a
sample
- MINOR: sample: always set a new sample's owner before evaluating
it
- BUG/MAJOR: vars: always retrieve the stream and session from the
sample
- CLEANUP: payload: remove useless and confusing nullity checks
for channel buffer
- BUG/MINOR: ssl: fix usage of the various sample fetch functions
- MINOR: cfgparse: warn when uid parameter is not a number
- MINOR: cfgparse: warn when gid parameter is not a number
- BUG/MINOR: standard: Avoid free of non-allocated pointer
- BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
- CLEANUP: http: fix a build warning introduced by a recent fix
- BUG/MINOR: log: GMT offset not updated when entering/leaving DST
|
|
|
|
0.3.5
#466: Fixed a small issue that can effect new installions. Existing working installations do not need to upgrade.
0.3.4
Last build was broken, contained data in the Specific/ directory. This affected new installs but not upgrades.
0.3.3
#457: The realm was not correctly set from configuration for Digest auth.
Reduced memory usage in upgrade script. Should help with upgrading large databases.
Removed BAIKAL_PATH_SABREDAV setting. It was no longer used.
|
|
|
|
XXX: this package doesn't appear to honor VARBASE.
|
|
version bump.
|
|
build machine's hostname and then trying (often incorrectly) to
convert it to a FQDN. I was getting "Host" as the alleged FQDN; the
bulk build tnn@ just posted was getting ";;", which caused the package
to not even compile.
While 'localhost' is hardly an ideal hardwired loghost, it's better
than the possibly-internal-only name of some random package build host
used to build binary packages... even assuming the FQDN extraction
worked. If anyone has any better ideas, let me know. (See pkgsrc-users.)
PKGREVISION -> 12.
|
|
Should make it more likely to be able to find the right imake.
|
|
|
|
|
|
================
FEATURES:
- #732: tcp-mss, outgoing-tcp-mss options for nsd.conf.
- #739: zonefile changes when mtime is small are detected on reload,
if filesystem supports precision mtime values.
- RR type CSYNC (RFC7477) syntax is supported.
BUG FIXES:
- take advantage of arc4random_uniform if available.
- Fix flto check for OSX clang.
- Define _DEFAULT_SOURCE with _BSD_SOURCE for glibc 2.20 on Linux.
- Fix #736: segfault during zone transfer.
- Fix #744: Fix that NSD replies for configured but unloaded zone
with SERVFAIL, not REFUSED.
|
|
(but aren't strictly needed for most supported sites).
Thanks to coypu who pointed out that via a private email.
|
|
--- 9.9.8-P4 released ---
4319. [security] Fix resolver assertion failure due to improper
DNAME handling when parsing fetch reply messages.
(CVE-2016-1286) [RT #41753]
4318. [security] Malformed control messages can trigger assertions
in named and rndc. (CVE-2016-1285) [RT #41666]
|
|
--- 9.10.3-P4 released ---
4322. [security] Duplicate EDNS COOKIE options in a response could
trigger an assertion failure. (CVE-2016-2088)
[RT #41809]
4319. [security] Fix resolver assertion failure due to improper
DNAME handling when parsing fetch reply messages.
(CVE-2016-1286) [RT #41753]
4318. [security] Malformed control messages can trigger assertions
in named and rndc. (CVE-2016-1285) [RT #41666]
|
|
|
|
**** 1.05 March 7, 2016
Fix rt.cpan.org #111559
1.04: TSIG not working anymore (TSIG.pm)
Fix rt.cpan.org #108908
Installing recent version gets shadowed by old version.
Warnings added to Makefile.PL and t/00-version.t.
Fix rt.cpan.org #66900
Net::DNS::Async unable to retry truncated UDP using TCP because
of limitations in Net::DNS.
|
|
=============
Features:
---------
- ip-transparent option for FreeBSD with IP_BINDANY socket option.
- insecure-lan-zones: yesno config option.
- RR Type CSYNC support RFC 7477, in debug printout and config input.
- RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
- [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf
- Support RFC7686: handle ".onion" Special-Use Domain. It is blocked
by default, and can be unblocked with "nodefault" localzone config.
- ub_ctx_set_stub() function for libunbound to config stub zones.
Bug Fixes:
----------
- Fix that NSEC3 negative cache is used when there is no salt.
- sorted ubsyms.def file with exported libunbound functions.
- Print understandable debug log when unusable DS record is seen.
- load gost algorithm if digest is seen before key algorithm.
- Fix that "make install" fails due to "text file busy" error.
- Set IPPROTO_IP6 for ipv6 sockets otherwise invalid argument error.
- wait for sendto to drain socket buffers when they are full.
- Neater cmdline_verbose increment patch from Edgar Pettijohn.
- Made NetBSD sendmsg test nonfatal, in case of false positives.
- [bugzilla: 741 ] Fix: log message for dnstap socket connection is
more clear.
- [bugzilla: 734 ] Fix: chown the pidfile if it resides inside the
chroot.
- Fix cmsg alignment for argument to sendmsg on NetBSD.
- Fix that unbound complains about unimplemented IP_PKTINFO for
sendmsg on NetBSD (for interface-automatic).
- [bugzilla: 738 ] Fix: Swig should not be invoked with CPPFLAGS.
- Squelch 'cannot assign requested address' log messages unless
verbosity is high, it was spammed after network down.
- Fix to simplify empty string checking.
- [bugzilla: 734 ] Fix: Do not log an error when the PID file cannot
be chown'ed.
- Fix test if -pthreads unused to use better grep for portability.
- Fix mingw crosscompile for recent mingw.
- Update aclocal, autoconf output with new versions (1.15, 2.4.6).
- Define DEFAULT_SOURCE together with BSD_SOURCE when that is defined,
for Linux glibc 2.20.
- Fixup contrib/aaaa-filter-iterator.patch for moved contents in the
source code, so it applies cleanly again. Removed unused variable
warnings.
- [bugzilla: 729 ] Fix: omit use of escape sequences in echo since
they are not portable (unbound-control-setup).
- remove NULL-checks before free, patch from Michael McConville.
- updated ax_pthread.m4 to version 21 with clang support, this removes
a warning from compilation.
- OSX portability, detect if sbrk is deprecated.
- OSX clang, stop -pthread unused during link stage warnings.
- OSX clang new flto check.
- iana portlist update.
|
|
* Provide more metadata
* Add support for alternative layout
* add support pages of type embed
* add support for pages of type tag
* Fix resolution with missing height in output template dict
* fix video_id for --download-archive
* Fix config URL extraction
* support ap.vgtv.no and fix old videos extraction
|
|
|
|
|
|
Changelog:
v3.1 Sat Sep 11 12:03:58 PDT 2010
- Don't complain about missing dots for ip6.arpa ptr's
- Update default location of named.conf
- Fix Makefile.in to honor the CFLAGS environment variable when
configure is run
v3.0 Fri Mar 5 20:13:17 PST 2010
- Add IPv6 support.
v2.2 Fri Mar 13 22:29:52 PDT 2009
- Convert source tree to subversion
|
|
RabbitMQ 3.6.1 is a maintenance release that includes a fix for
CVE-2015-8786, a vulnerability in RabbitMQ management plugin.
Server
- Purging a lazy queue could result in an exception
- Ensure epmd is running before starting RabbitMQ node on Windows
- Channel error could make broker unreachable
- (Automatic) deletion of an auto-delete queue could lead
to blocked channels
- During (from scratch) queue sync, queue master node didn't respect
mirror alarm state. With large data sets this could drive mirror
node out of memory.
- Changing password for users with non-standard (think broker
configuration) password hashing function, for example, those migrated
from 3.5.x releases, didn't update effective hashing function.
- Heavy and/or prolonged rabbitmqctl use could exhaust Erlang VM atom table
- "Min masters" queue master location strategy could result in an error.
- Fixed a race condition in pause_minority handling mode.
- Significantly reduce possibility of a race condition when an exchange
is deleted and immediately re-declared, e.g. by a federation link.
- amq.rabbitmq.log messages now have information about originating
node in message headers
- scripts/rabbitmq-env now works with GNU sed 4.2.2
- Exceptions in VM memory use calculator no longer affect broker startup
- Direct Reply-to capability is now advertised to clients
- Paths with non-ASCII characters on Windows are now handled
- Configurable number of TCP connection acceptors
- rabbitmqctl cluster_status now includes cluster-wide resource alarm status
- Windows installer no longer jumps over installation log
- Improved rabbitmqctl reset error messages
- More unsigned field data types are supported.
Federation Plugin
- Significantly reduce possibility of a race condition when an exchange
is deleted and immediately re-declared, e.g. by a federation link
Management plugin
- CVE-2015-8786: user-provided query parameters lengths_age and
lengths_incr had no validation and could be used to exhaust server
resources.
- Password hashing function is now included in exported definitions
- Internet Explorer (9+) compatibility restored
- Internet Explorer 11 compatibility fixes
- When policy fails to be created with invalid paramaters a sensible
error message will be displayed.
Federation Management plugin
- Federation link form now includes more settings (that are exchange-
and queue-federation specific)
|
|
* The test system can now run the tests without requiring dnspython
to be installed.
* The 64-bit version of Python on Windows has sys.maxint set to
2^31-1, yet passes 2^63-1 as the "unspecified bound" value in
slices. This is a bug in Python as the documentation says the
unspecified bound value should be sys.maxint. We now cope with
this.
* When reading from a masterfile, if the first content line
started with leading whitespace, we raised an ugly exception
instead of doing the right thing, namely using the zone origin as
the name.
* Added dns.zone.to_text() convenience method.
* The /etc/resolv.conf setting "options rotate" is now understood
by the resolver. If present, the resolver will shuffle the
nameserver list each time dns.resolver.query() is called. Thanks
to underrun for the patch. Note that you don't want to add
"options rotate" to your /etc/resolv.conf if your system's
resolver library does not understand it. In this case, just set
resolver.rotate = True by hand.
* Escaping of Unicode has been corrected. Previously we escaped
and then converted to Unicode, but the right thing to do is
convert to Unicode, then escape. Also, characters > 0x7f should
NOT be escaped in Unicode mode.
* dns.rdtypes.ANY.DNSKEY now has helpers functions to convert
between the numeric form of the flags and a set of human-friendly
strings.
* RRSIGs did not respect relativization settings in to_text().
* dns/rdtypes/IN/APL.py: The APL from_wire() method did not accept an
rdata length of 0 as valid.
* dns/ipv6.py: Add is_mapped()
* dns/reversename.py: Lookup IPv6 mapped IPv4 addresses in the v4
reverse namespace.
* dns/zone.py: Do not put back an unescaped token. This was
causing escape processing for domain names to break.
* dns/message.py: Making a response didn't work correctly if the
query was signed with TSIG and we knew the key.
* dns/query.py: Fix problems with the IXFR state machine which caused
long diffs to fail.
|
|
- avoid 409 Conflict when running 01api.t
- use README.md for tests
- The non-arrayref forms of enum and duck_type have been deprecated
- Fix some warnings about line endings from perl critic, add a missing
abstract to DeleteMultipleObjects.
- Merge fix for calculate of etags.
- Merge multipart upload aborting change.
- Fixed for enums in recent versions of Moose.
- Moose 2.1100 deprecates the non-arrayref form of enum.
- Fixed the bug with listing multipart uploaded files
- Added a test case demonstrating how listing a bucket fails when
trying to list a multipart-uploaded file
- Added support for cache-control header
- Add documentation for server-side encryption
- Support server side encryption
- adding support for multipart upload aborting
- Allow 'value' property to be ScalarRef
- fix synopsis for s3cl sync_up
|
|
* cidr_merge() algorithm is now O(n) and much faster.
* nmap target specification now fully supported including IPv4 CIDR
prefixes and IPv6 addresses.
|
|
Build with "on the fly" gzip compression since it's mentioned in DESCR.
Changelog:
4.4
- Fixed potential buffer overflow when
expanding symbolic link file names.
4.3
- Clarified license (COPYING file)
- Fixed compiler warning with regards to
pointer-to-integer cast.
4.2
- Improved user checking code to avoid locking out
valid users from the system.
(Thanks to Lauri Kasanen for reporting this bug
and supplying a patch.)
4.1
- Added checks to crypt() calls to prevent
operating on NULL pointer.
(Thanks to Lauri Kasanen for reporting this bug.)
4.0
- Added patch from Thomas Cort to make Bftpd
compile on NetBSD.
3.9
- Adjusted Makefile to allow for easy access to
non-default compiler options. Alternative compiler
can be used by running "make CC=compilername".
- Zhenbo Xu reported several potential memory
bugs which could cause Bftpd if the operating
system is out of memory. Also reported a memory
leak. Checks are now in place to prevent crashes
and the memory leak has been plugged.
- Added MINIX-specific configuration file which
should allow Bftpd to run smoothly and without
additional configuration on MINIX.
- Merged MINIX porting code into mainline Bftpd
so we can work with one, unified code base.
3.8
- Fixed bug in user tracking which could result
in corrupted times on 64-bit systems.
- When Bftpd is compiled with a "prefix" (which
is the default behaviour) the Bftpd will
check both /etc/bftpd.conf AND PREFIX/etc/bftpd.conf
when trying to find its configuration file.
This should avoid requiring the admin to pass
the location of the config file on the command line.
|
|
pkgsrc changes:
o Add a patch in order to also honor ffmpeg[23] and ffprobe[23].
Noticed by Adrien Fernandes.
Changes:
2016.03.01:
[webofstories] Tolerate malforder og:title (Closes #8417)
[zdf] Ignore hls manifests that use https (closes #8665)
[mdr] Fix extraction (Closes #8702)
[rtve.es:live] Fix extraction
[*] other misc bug fixes and improvements
2016.02.27:
[xfileshare] Add support for powerwatch (Closes #8628)
[facebook] Support mobile URLs (closes #8638)
[uStudio] Add new extractor
[space] Remove extractor (Closes #8662) - Now uses ooyala embed
[vidzi] Fix extraction
[videomega] Fix extraction (closes #7606)
[bokecc] Add new extractor (#2336)
[imdb] Recognize 1080p formats (Closes #8677)
[tnaflixnetwork:embed] Add extractor
[dplay] add support for it.dplay.com and dplay.dk
[dplay] Add support for dplay.no
[*] other misc bug fixes and improvements
|
|
|
|
Changelog:
Version 1.2 (2016-02-29)
Changelog:
- Inline media and avatars are no longer cached on disk
- Videos now indicate download progress showing a preview thumbnail
with a circular progress overlay
- We download higher-resolution avatars on HiDPI displays now
- The build system usage has seen a major refactoring an cleanup,
thanks to Rico Tzschichholz
- The sidebar is now at the top and dark
- Favorites now us a heart icon
- Sending tweets is now cancellable (e.g. when multiple images
are attached, in which case it might take a while)
- Inline media are now displayed "full-size", scaled to the
current window size.
- Instagram videos are now correctly marked as videos, instead
of was images
- If you have GTK+ >= 3.19, there's now a GtkShortcutsWindow
accessible from the app menuexplaining the various keyboard
shortcuts. Note that Corebird still compiles and runs with
GTK+ 3.16
- The big "add media" button in the compose window has been
replaced with a regular text button. The added images are
scaled down and displayed below it
- You can quote your own tweets now
- The settings dialog now contains a setting to hide
"inappropriate content", and it is enabled by default.
- The file selection dialog in the compose window now keeps
you from selecting files > 3MB.
Version 1.1 (2015-09-30)
Changelog:
- Tweets now get hidden/shown more correctly
- Corebird now saves an application-wide list of snippets that you can use to
insert common phrases or longer unicode emoticons. It can be found in the
application settings in the "Snippets" tab.
- Corebird now supports showing quote tweets in timelines as well as creating
quote tweets. This replaces the old "Quote" item for tweets which would
simply copy the original tweet's text.
- Media links and trailing hashtags can now be hidden via the "Tweets" tab in
the application settings.
- Profiles can now also show followers and followees
- Twitter removed the 140 char limit on Direct Messages and so did we
- Lots of other small enhancments and bug fixes
Version 1.0.1 (2015-07-17)
nothing...
Version 1.0 (2015-03-19)
- All dialogs now use client-side decrations if the environment dictates it, otherwise they fall back to server-side decorations. Note that the compose dialog is an exception, since we use the client-side decorations there also for progress indication (and other things in the future).
- Many layout updates
- The compose window now allows for up to 4 pictures to be uploaded.
- We now save additional information about the account which makes it possible for blocked users to be actually blocked, i.e. streamed tweets won't appear in your timeline anymore.
- When (un)following someone, we now also correctly show/hide their retweets in the stream.
- The DM page now sorts threads with unread messages first.
- The @handle completion known from the compose window is now also available when composing Direct Messages, as well as in the account settings for the description.
- Everything app-specific should now be hidpi ready, the only thing missing are assets loaded from Twitter directly, i.e. avatars and media.
- Notifications should now get withdrawn whenever it makes sense, i.e. if you read a Direct Message before dismissing the notification, it should get withdrawn automatically.
- The hover buttons moved to a right-click menu on every tweet.
- Plurals are properly localized.
- We now also respect muted users (even though there's no UI to mute someone)
- A user's verification status is now also shown in the tweet info page.
- Everything should now work when the user's @handle (aka screen_name) changes.
- Switching to the same page (i.e. going to a profile from the profile page) now works much better, including the swipe transition as well as proper equality checking.
- Invalid inline media (file size too big, 404, ...) should now be properly detected and reacted upon (i.e. remove the widget in the stream, add the link back).
- Underlines in @handles are now properly displayed in the app menu (i.e. the "open account" submenu)
- Animated gifs from Twitter are now also handled (just like other videos).
- Tweets in timelines are now single-click activated. This unifies the behavior with all other lists in the application. Since this interferes with certain user behaviors, there's a setting to switch back to double-click activation.
- Based on a user's protection status, we now disable (or hide) retweet buttons of tweets.
|
|
Upstream changes:
1.19 August 26, 2015
! #106665 Correct the version manually, no autoversioning, and the maintainer screwed up
1.18 August 25, 2015
! Fix a couple of cases where undefined values were being passed to functions [github/redhotpenguin]
! Do not set content_length for compressed request [github/bor]
! Add test for check return of send_receive(), add titles for some tests [github/bor]
1.17 July 30, 2015
! #106051 Fix utf8 encoding for CGI test (thanks cpan/ETHER for tips)
1.16 July 23, 2015
! Fix empty release. Note to self - do not release code when wife is in early labor
1.15 July 21, 2015
+ Preventing "billion laughs" exponential entity expansion attack [github/thilo-fester]
|
|
2.7.0 (2016-02-14):
* Remove sexplib.syntax, type_conv deps and camlp4 transitive dependency
* Add ppx_sexp_conv dependency
* Require OCaml 4.02.2+
* Add `Ipaddr.Prefix.subset`, `Ipaddr.V4.Prefix.subset` and `Ipaddr.V6.subset`
predicates to test containment of subnets (#52 from @seliopou)
2.6.1 (2015-02-20):
* Fix findlib requires in oasis to restore pre-4.02.1 compatibility
2.6.0 (2015-02-19):
* Change IPv6 link-local address prefix from fe80::/10 to fe80::/64. (#39)
* Remove type bytes = string alias (potentially breaking)
* Turn on -safe-string (#41)
* {V4,V6}.to_bytes_raw now uses Bytes.t rather than string (potentially breaking)
* Add multicast MAC conversions from RFC 1112 and RFC 2464
* Add to_domain_name conversions to DNS label lists (in-addr.arpa and ip6.arpa)
* Add V6.interface_routers, V6.site_routers, and V6.Prefix.solicited_node
* Add V6.link_address_of_mac to convert a MAC into a link local IP address
|
|
What's New
Bug Fixes
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-01
DLL hijacking vulnerability. [2]CVE-2016-2521
* [3]wnpa-sec-2016-03
DNP dissector infinite loop. ([4]Bug 11938) [5]CVE-2016-2523
* [6]wnpa-sec-2016-10
RSL dissector crash. ([7]Bug 11829) [8]CVE-2016-2530
[9]CVE-2016-2531
* [10]wnpa-sec-2016-11
LLRP dissector crash. ([11]Bug 12048) [12]CVE-2016-2532
* [13]wnpa-sec-2016-14
GSM A-bis OML dissector crash. ([14]Bug 11825)
* [15]wnpa-sec-2016-15
ASN.1 BER dissector crash. ([16]Bug 12106)
* [17]wnpa-sec-2016-18
ASN.1 BER dissector crash. ([18]Bug 11822)
The following bugs have been fixed:
* Questionable calling of ethernet dissector by encapsulating
protocol dissectors. ([19]Bug 9933)
* Improper RPC reassembly ([20]Bug 11913)
* GTPv1 Dual Stack with one static and one Dynamic IP. ([21]Bug
11945)
* Failed to parse M3AP IE (TNL information). ([22]Bug 12070)
* Wrong interpretation of Instance ID value in OSPFv3 packet.
([23]Bug 12072)
* MP2T Dissector does parse RTP properly in 2.0.1. ([24]Bug 12099)
* editcap does not adjust time for frames with absolute timestamp 0 <
t < 1 secs. ([25]Bug 12116)
Windows installers and PortableAppsĀ® packages are now dual signed using
SHA-1 and SHA-256 in order to comply with [26]Microsoft Authenticode
policy. Windows 7 and Windows Server 2008 R2 users should ensure that
[27]update 3123479 is installed. Windows Vista and Windows Server 2008
users should ensure that [28]hotfix 2763674 is installed.
Updated Protocol Support
ASN.1 BER, BATADV, DNP3, E100, EIGRP, GSM A DTAP, GSM SMS, GTP, HiQnet,
InfiniBand, LLRP, M3AP, MP2T, NFS, OSPF, RoHC, RPC, RSL, TRILL, VXLAN,
and X.509AF
|
|
|
|
version upstream.
|
|
The default stable version is 2.0.2.
Wireshark is a network traffic analyzer, or "sniffer", for Unix and
Unix-like operating systems. It uses GTK+, a graphical user interface
library, and libpcap, a packet capture and filtering library.
The Wireshark distribution also comes with TShark, which is a
line-oriented sniffer (similar to Sun's snoop, or tcpdump) that uses the
same dissection, capture-file reading and writing, and packet filtering
code as Wireshark, and with editcap, which is a program to read capture
files and write the packets from that capture file, possibly in a
different capture file format, and with some packets possibly removed
from the capture.
|
|
|
|
What's New
Bug Fixes
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-01
DLL hijacking vulnerability. [2]CVE-2016-2521
* [3]wnpa-sec-2016-02
ASN.1 BER dissector crash. ([4]Bug 11828) [5]CVE-2016-2522
* [6]wnpa-sec-2016-03
DNP dissector infinite loop. ([7]Bug 11938) [8]CVE-2016-2523
* [9]wnpa-sec-2016-04
X.509AF dissector crash. ([10]Bug 12002) [11]CVE-2016-2524
* [12]wnpa-sec-2016-05
HTTP/2 dissector crash. ([13]Bug 12077) [14]CVE-2016-2525
* [15]wnpa-sec-2016-06
HiQnet dissector crash. ([16]Bug 11983) [17]CVE-2016-2526
* [18]wnpa-sec-2016-07
3GPP TS 32.423 Trace file parser crash. ([19]Bug 11982)
[20]CVE-2016-2527
* [21]wnpa-sec-2016-08
LBMC dissector crash. ([22]Bug 11984) [23]CVE-2016-2528
* [24]wnpa-sec-2016-09
iSeries file parser crash. ([25]Bug 11985) [26]CVE-2016-2529
* [27]wnpa-sec-2016-10
RSL dissector crash. ([28]Bug 11829) [29]CVE-2016-2530
[30]CVE-2016-2531
* [31]wnpa-sec-2016-11
LLRP dissector crash. ([32]Bug 12048) [33]CVE-2016-2532
* [34]wnpa-sec-2016-12
Ixia IxVeriWave file parser crash. ([35]Bug 11795)
* [36]wnpa-sec-2016-13
IEEE 802.11 dissector crash. ([37]Bug 11818)
* [38]wnpa-sec-2016-14
GSM A-bis OML dissector crash. ([39]Bug 11825)
* [40]wnpa-sec-2016-15
ASN.1 BER dissector crash. ([41]Bug 12106)
* [42]wnpa-sec-2016-16
SPICE dissector large loop. ([43]Bug 12151)
* [44]wnpa-sec-2016-17
NFS dissector crash.
* [45]wnpa-sec-2016-18
ASN.1 BER dissector crash. ([46]Bug 11822)
The following bugs have been fixed:
* HTTP 302 decoded as TCP when "Allow subdissector to reassemble TCP
streams" option is enabled. ([47]Bug 9848)
* Questionable calling of ethernet dissector by encapsulating
protocol dissectors. ([48]Bug 9933)
* [Qt & Legacy & probably TShark too] Delta Time Conversation column
is empty. ([49]Bug 11559)
* extcap: abort when validating capture filter for DLT 147. ([50]Bug
11656)
* Missing columns in Qt Flow Graph. ([51]Bug 11710)
* Interface list doesn't show well when the list is very long.
([52]Bug 11733)
* Unable to use saved Capture Filters in Qt UI. ([53]Bug 11836)
* extcap: Capture interface options snaplen, buffer and promiscuous
not being used. ([54]Bug 11865)
* Improper RPC reassembly ([55]Bug 11913)
* GTPv1 Dual Stack with one static and one Dynamic IP. ([56]Bug
11945)
* Wireshark 2.0.1 MPLS dissector not decoding payload when control
word is present in pseudowire. ([57]Bug 11949)
* "...using this filter" turns white (not green or red). Plus
dropdown arrow does nothing. ([58]Bug 11950)
* EIGRP field eigrp.ipv4.destination does not show the correct
destination. ([59]Bug 11953)
* tshark -z conv,type[,filter] swapped frame / byte values from / to
columns. ([60]Bug 11959)
* The field name nstrace.tcpdbg.tcpack should be
nstrace.tcpdbg.tcprtt. ([61]Bug 11964)
* 6LoWPAN IPHC traffic class not decompressed correctly. ([62]Bug
11971)
* Crash with snooping NFS file handles. ([63]Bug 11972)
* 802.11 dissector fails to decrypt some broadcast messages. ([64]Bug
11973)
* Wireshark hangs when adding a new profile. ([65]Bug 11979)
* Issues when closing the application with a running capture without
packets. ([66]Bug 11981)
* New Qt UI lacks ability to step through multiple TCP streams with
Analyze > Follow > TCP Stream. ([67]Bug 11987)
* GTK: plugin_if_goto_frame causes Access Violation if called before
capture file is loaded. ([68]Bug 11989)
* Wireshark 2.0.1 crash on start. ([69]Bug 11992)
* Wi-Fi 4-way handshake 4/4 is displayed as 2/4. ([70]Bug 11994)
* ACN: acn.dmx.data has incorrect type. ([71]Bug 11999)
* editcap packet comment won't add multiple comments. ([72]Bug 12007)
* DICOM Sequences no longer able to be expanded. ([73]Bug 12011)
* Wrong TCP stream when port numbers are reused. ([74]Bug 12022)
* SSL decryption fails in presence of a Client certificate. ([75]Bug
12042)
* LUA: TVBs backing a data source is freed too early. ([76]Bug 12050)
* PIM: pim.group filter have the same name for IPv4 and IPv6.
([77]Bug 12061)
* Failed to parse M3AP IE (TNL information). ([78]Bug 12070)
* Wrong interpretation of Instance ID value in OSPFv3 packet.
([79]Bug 12072)
* MP2T Dissector does parse RTP properly in 2.0.1. ([80]Bug 12099)
* editcap does not adjust time for frames with absolute timestamp 0 <
t < 1 secs. ([81]Bug 12116)
* Guard Interval is not consistent between Radiotap & wlan_radio.
([82]Bug 12123)
* Calling dumpcap -i- results in access violation. ([83]Bug 12143)
* Qt: Friendly Name and Interface Name columns should not be
editable. ([84]Bug 12146)
* PPTP GRE call ID not always decoded. ([85]Bug 12149)
* Interface list does not show device description anymore. ([86]Bug
12156)
* Find Packet does not highlight the matching tree item or packet
bytes. ([87]Bug 12157)
* "total block length ... is too large" error when opening pcapng
file with multiple SHB sections. ([88]Bug 12167)
* http.request.full_uri is malformed if an HTTP Proxy is used.
([89]Bug 12176)
* SNMP dissector fails at msgSecurityParameters with long length
encoding. ([90]Bug 12181)
Windows installers and PortableAppsĀ® packages are now dual signed using
SHA-1 and SHA-256 in order to comply with [91]Microsoft Authenticode
policy. Windows 7 and Windows Server 2008 R2 users should ensure that
[92]update 3123479 is installed. Windows Vista and Windows Server 2008
users should ensure that [93]hotfix 2763674 is installed.
Updated Protocol Support
6LoWPAN, ACN, ASN.1 BER, BATADV, DICOM, DNP3, DOCSIS INT-RNG-REQ, E100,
EIGRP, GSM A DTAP, GSM SMS, GTP, HiQnet, HTTP, HTTP/2, IEEE 802.11,
IKEv2, InfiniBand, IPv4, IPv6, LBMC, LLRP, M3AP, MAC LTE, MP2T, MPLS,
NFS, NS Trace, OSPF, PIM, PPTP, RLC LTE, RoHC, RPC, RSL, SNMP, SPICE,
SSL, TCP, TRILL, VXLAN, WaveAgent, and X.509AF
New and Updated Capture File Support
3GPP TS 32.423 Trace, iSeries, Ixia IxVeriWave, pcap, and pcapng
|
|
|
|
|
|
set IPv6 Hop limit to 10
fix HOST: header of event notifications in IPv6
be more compliant on 64bit machines : ui4 in [0;2^32-1]
|
|
|
|
===========================
Bugfixes:
---------
- DNSSEC: Allow import of duplicate private key into the KASP
- DNSSEC: Avoid duplicate NSEC for Wildcard No Data answer
- Fix server crash when an incomming transfer is in progress and reload is issued
- Fix socket polling when configured with many interfaces and threads
- Fix compilation against Nettle 3.2
Improvements:
-------------
- Select correct source address for UDP messages recieved on ANY address
- Extend documentation of knotc commands
Knot DNS 2.1.0 (2016-01-14)
===========================
Features:
---------
- Per-thread UDP socket binding using SO_REUSEPORT on Linux
- Support for dynamic configuration database
- DNSSEC: Support for cryptographic tokens via PKCS #11 interface
- DNSSEC: Experimental support for online signing
Improvements:
-------------
- Support for zone file name patterns
- Configurable location of zone timer database
- Non-blocking network operations and better timeout handling
- Caching of Critical configuration values for better performance
- Logging of ACL failures
- RRL: Add rate-limit-slip zero support to drop all responses
- RRL: Document behavior for different rate-limit-slip options
- kdig: Warning instead of error on TSIG validation failure
- Cleanup of support libraries interfaces (libknot, libzscanner, libdnssec)
- Remove possibly insecure server control over a network socket
- Remove implementation limit for the number of network interfaces
Bugfixes:
---------
- synth-record module: Fix application of default configuration options
- TSIG: Allow compressed TSIG name when forwarding DDNS updates
- Schedule zone bootstrap after slave zone fails to load from disk
|
|
|
|
Sayaka is a light-weight terminal specific twitter client which
supports userstream and sixel graphics etc.
There are two variants (PHP based version and and Vala based version)
in the sayaka distribution and this package uses the newer Vala based one.
|
|
Upstream changes:
* cannot preview instagram pictures
* twitter authentication on the first startup didn't work with
some library version
Remarks:
OAuth::RequestToken#build_authorize_url is broken in the latest
oauth gem 0.5.0:
https://github.com/oauth-xx/oauth-ruby/pull/108
|
|
|
|
|
|
pkgsrc changes:
o Take the MAINTAINERship
Changes:
2016.02.22:
o [animeondemand] Add extractor (#8518)
o [noz] Add new extractor
o [screenjunkies] Add new extractor
o [arte:magazine] Add extractor
o Misc bug fixes and improvements.
|
