| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
* BUG 9777: vfs_dirsort uses non-stackable calls, dirfd(), malloc instead
of talloc and doesn't cope with directories being modified whilst reading.
* BUG 9678: Windows 8 Roaming profiles fail.
* BUG 9636: Fix parsing linemarkers in preprocessor output.
* BUG 9880: Use of wrong RFC2307 primary group field.
* BUG 9983: Fix output of syslog-facility check.
* BUG 10064: Linux kernel oplock breaks can miss signals.
|
|
(drop dependency on libnotify, optional and alternative selectable).
bug fixes.
|
|
available as usual but it fixes video downloads from Youtube for me.
|
|
- trial now has an --exitfirst flag which stops the test run after
the first error or failure.
- twisted.internet.ssl.CertificateOptions now supports chain
certificates.
- twisted.internet.endpoints now provides ProcessEndpoint, a child
process endpoint.
- Factory now has a forProtocol classmethod that constructs an
instance and sets its protocol attribute.
- twisted.internet.endpoints.connectProtocol allows connecting to a
client endpoint using only a protocol instance, rather than
requiring a factory.
- twisted.trial.unittest.SynchronousTestCase.assertNoResult no longer
swallows the result, if the assertion succeeds.
- twisted.python.constants.FlagConstant implements __iter__ so that
it can be iterated upon to find the flags that went into a flag
set, and implements __nonzero__ to test as false when empty.
- assertIs and assertIsNot have now been added to
twisted.trial.unittest.TestCase.
- twisted.trial.unittest.TestCase.failureResultOf now takes an
optional expected failure type argument.
- The POSIX implementation of
twisted.internet.interfaces.IReactorProcess now does not change the
parent process UID or GID in order to run child processes with a
different UID or GID.
|
|
|
|
Upstream changes:
1.04 August 9, 2013
! #87605 Skip XML::Parser::Lite tests if it is missing [github.com/omega]
1.03 August 4, 2013
! #87195 Remove DIME::Tools dep until we can work around its issues
1.02 July 30, 2013
! #87421 1.01 release blew out xml versions. mea culpa.
1.01 July 29, 2013
! #84168 Test t/02-payload.t fails under Perl 5.17.10
! #87127 TEST.pl removed from MANIFEST
! revert #85713 - various reports of environment failures
1.0 July 16, 2013
! #85713 SOAP::Transport::HTTP, 500 error skips parsing of response
! No more Windows 98 client support. Wait, wut?
! Merge SOAP::Transport::TCP back into SOAP::Lite (for now)
! #82416: xop href cid: URI encoded support reported by Michael R. Davis (mrdvt92)
! #85208 bad test plan
! #83750 different headers for mod_perl vs mod_perl2 [Mithun Bhattacharya]
0.716 May 10, 2013
! #17275 Client unable to detect fatal SOAP failure (e.g. unable to connect to host)
! #81471 Force array context for correct Apache header parsing in SOAP::Transport::HTTP
! #45611 deserializing SOAP message with composite attachment raises exception
! #84168 Test t/02-payload.t fails under Perl 5.17.10
! #85098 Monkey patch for LWP::Protocol confuses the toolchain
! #78692 / #84724 / #83715 Sending large object (many levels deep) throws error Incorrect parameter
! #78502 t/08-schema.t noisy under 5.17.2 (unescaped left brace in regex is deprecated)
! #78608 Documentation for "+trace"
! #78639 Spelling error reported by Debian tools
|
|
Vino 2.32.2
===========
Fixes:
- Avoid out-of-bounds memory accesses.
- Exit immediately when the server is disabled.
- Bind both an IPv4 and an IPv6 socket.
Translations:
+ Daniel Korostil (uk)
+ Fran Diéguez (gl)
+ Gheyret T.Kenji (ug)
+ Wei-Lun Chao (zh_HK, zh_TW)
==============
Version 2.32.1
==============
Fixes:
+ Be compatible with old (< 0.7.0) and new (>= 0.7.0) libnotify
Translations:
+ Joan Duran (ca@valencia)
+ Thanos Lefteris (el)
+ Priit Laes (et)
+ Takayuki KUSANO (ja)
+ Changwoo Ryu (ko)
+ Sahran (ug)
Vino 2.32.0
===========
Translations:
+ Baurzhan Muftakhidinov (kk)
+ Takayuki KUSANO (ja)
Vino 2.31.91
============
Translations:
+ Fran Diéguez (gl)
+ krishnababu k (te)
+ Kristjan Schmidt (eo)
+ Petr Kovar (cs)
Vino 2.31.4
===========
Features:
+ Improvements on Telepathy tubes stuff
+ Various internal work on replacing deprecated stuff
Translations:
+ Andika Triwidada (id)
+ Carles Ferrando (ca@valencia)
+ Leonid Kanter (ru)
+ Luca Ferretti (it)
+ Matej Urbančič (sl)
+ Priit Laes (et)
+ Sira Nokyoongtong (th)
+ Theppitak Karoonboonyanan (th)
+ Thomas Thurman (en@shaw)
|
|
==============================
Release Notes for Samba 3.5.22
August 05, 2013
==============================
This is a security release in order to address
CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
server to loop with DOS).
o CVE-2013-4124:
All current released versions of Samba are vulnerable to a denial of
service on an authenticated or guest connection. A malformed packet
can cause the smbd server to loop the CPU performing memory
allocations and preventing any further service.
A connection to a file share, or a local account is needed to exploit
this problem, either authenticated or unauthenticated if guest
connections are allowed.
This flaw is not exploitable beyond causing the code to loop
allocating memory, which may cause the machine to exceed memory
limits.
Changes since 3.5.21:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
reading can cause server to loop with DOS.
|
|
==============================
Release Notes for Samba 3.6.17
August 05, 2013
==============================
This is a security release in order to address
CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause
server to loop with DOS).
o CVE-2013-4124:
All current released versions of Samba are vulnerable to a denial of
service on an authenticated or guest connection. A malformed packet
can cause the smbd server to loop the CPU performing memory
allocations and preventing any further service.
A connection to a file share, or a local account is needed to exploit
this problem, either authenticated or unauthenticated if guest
connections are allowed.
This flaw is not exploitable beyond causing the code to loop
allocating memory, which may cause the machine to exceed memory
limits.
Changes since 3.6.16:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list
reading can cause server to loop with DOS.
|
|
|
|
|
|
|
|
This is a major update, many fixes and improvements.
Main reason for the update was to sync the embedded sftp client
with putty after fixes for vulnerabilities.
|
|
Update HOMEPAGE, MASTER_SITES.
Set USE_GNU_READLINE to catch up to 2012Q3 devel/readline builtin detection.
0.99.22.3 basically contains a security bugfix for OSPF-API.
0.99.22.2 was not released.
0.99.22.1 contains a few non-security bugfixes.
Changes in 0.99.22 since 0.99.21:
- [bgpd] The semantics of default-originate route-map have changed.
The route-map is now used to advertise the default route conditionally.
The old behaviour which allowed to set attributes on the originated
default route is no longer supported.
- [bgpd] There is now a replace-as option to neighbor ... local-as ...
no-prepend. For details, refer to the user documentation.
- [zebra] An FPM interface has been added. This provides an alternate
interface to routing information and is geared at OpenFlow & co.
- [snmp] AgentX is now supported; the old smux backend is considered
deprecated. ospf6d has also had OSPFV3-MIB added.
- [*] several issues with configuration save/load/apply have been fixed,
in particular on ospf "max-metric router-lsa administrative" and
"distribute-list", bgpd "no neighbor activate", isisd "metric-style",
- [*] a lot of bugs have been fixed, please refer to the git log
|
|
|
|
fixes PR pkg/48084
|
|
bump PKGREV
|
|
bug fixes.
|
|
based on PR pkg/48082.
3.5.0 - 03/15/2013
------------------
* Fixed bug #403: The "configuration" page of the webui doesn't use entity
encoding when displaying the "command expansion" item (Eric Stanley, Phil
Randal)
* Fixed bug #424: Nagios Core 3.4.4 seg fault (core dump) on restart after
removing config for running service (Eric Stanley)
* Updated CGI utility functions to support UTF-8 characters (Eric Stanley)
* Fixed bug where selecting Command Expansion from Configuration CGI page would
display commands instead (Eric Stanley)
* Fixed bug #369: status.cgi crashes with segfault when there are german ulauts
(äöüß) in the hostname or the servicename (Eric Stanley)
* Fixed bug #418: Scheduled Downtime Notifications Resent On Nagios
Restart/reload (Eric Stanley)
|
|
|
|
3.4.4 - 01/12/2013
------------------
* Reenabled check for newer versions of Nagios Core (Mike Guthrie)
* Fixed bug #408: service checks get duplicated on reload (Eric Stanley)
* Fixed bug #401: segmentation fault on Solaris when parsing unknown timeperiod
directives. (Eric Stanley)
* Added NULL pointer checks to CGI code. (Eric Stanley)
* Fixed buffer overflow vulnerability in CGI code. Thanks to Neohapsis
(http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html)
for finding this. (Eric Stanley)
|
|
in the "Socket" module.
Bump package revision because of this bug fix.
|
|
PR pkg/48102.
|
|
|
|
* Change to tar.gz file fetch
* Use perl5 automatic PLIST
* Add a patch so this works with Net::DNS 0.69
* Modify dependence on Net::DNS to be >= 0.42 in accordance with distribution
* Bump PKGREVISION
Thanks to wiz@ for help when I got stuck (auto-plist, include order etc.)
|
|
nscount and arcount header fields, so that fpdns can be allowed to
craft particular packets.
|
|
Only print script warnings when a script is used. Remove stray mention of script-security system.
Move settings of user script into set_user_script function
Move checking of script file access into set_user_script
Provide more accurate warning message
Fix NULL-pointer crash in route_list_add_vpn_gateway().
Fix problem with UDP tunneling due to mishandled pktinfo structures.
Always push basic set of peer info values to server.
make 'explicit-exit-notify' pullable again
Fix proto tcp6 for server & non-P2MP modes
Fix Windows script execution when called from script hooks
Fixed tls-cipher translation bug in openssl-build
Fixed usage of stale define USE_SSL to ENABLE_SSL
Fix segfault when enabling pf plug-ins
|
|
python/application.mk and REPLACE_PYTHON in a number of files.
|
|
|
|
|
|
|
|
|
|
|
|
- The following vulnerabilities have been fixed.
* wnpa-sec-2013-41
The DCP ETSI dissector could crash. (Bug 8717)
Versions affected: 1.10.0, 1.8.0 to 1.8.7
CVE-2013-4083
* wnpa-sec-2013-42
The P1 dissector could crash. Discovered by Laurent Butti.
(Bug 8826)
Versions affected: 1.10.0
CVE-2013-4920
* wnpa-sec-2013-43
The Radiotap dissector could crash. Discovered by Laurent
Butti. (Bug 8830)
Versions affected: 1.10.0
CVE-2013-4921
* wnpa-sec-2013-44
The DCOM ISystemActivator dissector could crash. Discovered
by Laurent Butti. (Bug 8828)
Versions affected: 1.10.0
CVE-2013-4924
CVE-2013-4926
* wnpa-sec-2013-45
The Bluetooth SDP dissector could go into a large loop.
Discovered by Laurent Butti. (Bug 8831)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
CVE-2013-4927
* wnpa-sec-2013-46
The Bluetooth OBEX dissector could go into an infinite
loop. (Bug 8875)
Versions affected: 1.10.0
CVE-2013-4928
* wnpa-sec-2013-47
The DIS dissector could go into a large loop. (Bug
8911)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
CVE-2013-4929
* wnpa-sec-2013-48
The DVB-CI dissector could crash. Discovered by Laurent
Butti. (Bug 8916)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
CVE-2013-4930
* wnpa-sec-2013-49
The GSM RR dissector (and possibly others) could go into a
large loop. (Bug 8923)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
CVE-2013-4931
* wnpa-sec-2013-50
The GSM A Common dissector could crash. (Bug 8940)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
CVE-2013-4932
* wnpa-sec-2013-51
The Netmon file parser could crash. Discovered by G.
Geshev. (Bug 8742)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
CVE-2013-4934
* wnpa-sec-2013-52
The ASN.1 PER dissector could crash. Discovered by
Oliver-Tobias Ripka. (Bug 8722)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
CVE-2013-4935
* wnpa-sec-2013-53
The PROFINET Real-Time dissector could crash. (Bug
8904)
Versions affected: 1.10.0
CVE-2013-4936
- The following bugs have been fixed:
* Mark retransmitted SYN and FIN packets as retransmissions.
* Wireshark hides under Taskbar. (Bug 3034)
* IEEE 802.15.4 frame check sequence in "Chipcon mode" not
displayed correctly. (Bug 4507)
* Mask in Lua ProtoField.uint32() does not work as expected.
(Bug 5734)
* Crash when applying filter with Voip calls. (Bug 6090)
* Delta time regressions to tshark introduced with SVN 45071.
(Bug 8160)
* Add MAC-DATA support to TETRA dissector and other minor
improvements. (Bug 8708)
* Crash analyzing VoIP Calls (T38). (Bug 8736)
* Wireshark writes empty NRB FQDN which makes trace
unloadable. (Bug 8763)
* Quick launch icon is absent, so it shows up as a generic
icon. (Bug 8773)
* Wrong encoding for 2 pod files, UTF-8 characters in
another. (Bug 8774)
* SCSI (SPC) sense key specific information field must not
include SKSV. (Bug 8782)
* Wireshark crashes when closing Flow Graph with Graph
Analysis opened. (Bug 8793)
* Wrong size of LLRP ProtocolID Parameter in Accessspec
Parameter. (Bug 8809)
* Detection of IPv6 works only on Solaris 8. (Bug 8813)
* ip.opt.type triggers for TCP NOP option. (Bug 8823)
* DCOM-SYSACT dissector crash. (Bug 8828)
* Incorrect decoding of MPLS Echo Request with BGP FEC.
(Bug 8835)
* Buggy IEC104 dissector caused by commit r48958. (Bug
8849)
* ansi_637_tele dissector displays MSB as MBS for Call-Back
Number. (Bug 8851)
* LISP Map-Notify flags I and R shown incorrectly. (Bug
8852)
* ONTAP_V4 fhandle decoding leads to dissector bug. (Bug
8853)
* Dropped bytes in imap dissector. (Bug 8857)
* Kismet drone/server dissector improvements. (Bug 8864)
* TShark iostat_draw sizeof mismatch. (Bug 8888)
* SCTP bytes graph crash. (Bug 8889)
* Patch to Wireshark/tshark usage info and man pages to
document all timestamp (-t) options. (Bug 8906)
* Strange behavior of tree expand/collapse in packet details.
(Bug 8908)
* Graph Filter field limited to 256 characters. (Bug
8909)
* Filter doesn't support cflow ASN larger than 65535.
(Bug 8959)
* Wireshark crashes when switching from a v1.11.0 profile to
a v1.4.6 prof and then to a v1.5.1 prof. (Bug 8884)
* SIP stats shows incorrect values for Max/Ave setup times.
(Bug 8897)
* NFSv4 delegation not reported correctly. (Bug 8920)
* Issue with Capture Options Adapter List. (Bug 8932)
* RFC 5844 - IPv4 Support for Proxy Mobile IPv6 - Mobility
option IPv4 DHCP Support Mode Option malformed packet.
(Bug 8957)
* RFC 3775 - Mobility Support in IPv6 - Mobility option PadN
incorrectly highlights + 2 bytes. (Bug 8958)
* All mongodb query show as .
(Bug 8960)
- Updated Protocol Support
ANSI IS-637-A, ASN.1, ASN.1 PER, Bluetooth OBEX, Bluetooth SDB,
DCERPC NDR, DCOM ISystemActivator, DCP ETSI, Diameter 3GPP,
DIS, DVB-CI, Ethernet, GSM Common, GSM SMS, H.235, IEC104, IEEE
802.15.4, IEEE 802a, IMAP, IP, KDSP, LISP, LLRP, MAC-LTE,,
Mobile IPv6, MONGO, MPLS Echo, Netflow, NFS, NFSv4, P1,
PDCP-LTE, PN-IO, PN-RT, PPP, Radiotap, RLC,, RLC-LTE,, SCSI,
SIP, SMTP, SoulSeek, TCP, TETRA, and VNC
- New and Updated Capture File Support
Microsoft Network Monitor, pcap-ng.
|
|
* hostname is not stamped on anymore if already set
* hostname will be set to a FQDN when possible as per RFC4702 section 3.1
* a domain is derived from the FQDN if no domain option is set
* add new hostname_short command to send a short hostname for DDNS
* hostname_fqdn is now documented, along with a new server setting and the
potential problems associated with it
* the FQDN option is no longer sent by default for DHCPv4 messages
|
|
available but it fixes video downloads from Youtube for me.
|
|
* Netplex_container: emits now backtraces if these are enabled.
* Http_fs: adding [last_response_status] method
* Rpc_client: fixing a potential endless loop when session IDs
are reused
* Rpc_client: fixing the shutdown when a TCP connection is
immediately refused, and GSS-API authentication is active.
* Netcgi_fcgi.run: no longer ignoring the sockaddr argument
(problem reported by Watanabe Masaki)
* Remove duplicate method Netpop.stat
|
|
--- 9.8.5-P2 released ---
3621. [security] Incorrect bounds checking on private type 'keydata'
can lead to a remotely triggerable REQUIRE failure
(CVE-2013-4854). [RT #34238]
|
|
--- 9.9.3-P2 released ---
3621. [security] Incorrect bounds checking on private type 'keydata'
can lead to a remotely triggerable REQUIRE failure
(CVE-2013-4854). [RT #34238]
|
|
|
|
changes:
-bugfixes, minor improvements
-added i18n
-added magnatune plugin
-flickr plugin not built per default due to new dependencies
|
|
|
|
changes:
-bugfixes, minor improvements
-added i18n
|
|
Changes in 2.2.5
================
* FIX: Fix errors searching volumes
* NEW: Configurable symlink handling with a new volume option
'followsymlinks'. Setting the option causes afpd to follow
symlinks on the server side.
* UPD: Reload groups when reloading volumes. FR #71.
* FIX: Fix a possible crash in cname() where cname_mtouname calls
dirlookup() where the curdir is freed because the dircache
detected a dev/inode cache difference and evicted the object
from the cache. Fixes bug #498.
* FIX: Change default FinderInfo for directories to be all 0, fixes
bug 514.
|
|
Bump PKGREVISION.
|
|
|
|
Upstream changes:
0.22 2012/05/21 08:30:00
- Bug # 77072 requested to autodetect the need for using the PRET command.
The old test in t/10-complex.t was different & doesn't interfere. The docs
in the POD now mark the Pret option as optional for cases where auto-detect
doesn't work!
- Fixed issue with ccc that the server sometimes responds to a successful NOOP
twice, resulting in command/resonses getting out of sync. (Another hack)
- Fixed quot() bug introduced with Bug # 74025 uc() fix in the last release.
Accidently shifted off the arguments a 2nd time during the uc() call.
- Fixed the return code in restart() to always be 1 instead of undef, since
it never fails. Also moved its description towards the end of the POD text.
0.21 2012/02/15 08:30:00
- Fixed bad call to _croak_or_return () in _get_data_channel() when dealing
with failed certificates for data connections.
- Bug # 74547, a request to support ftp PRET command for distributed FTP data
channel transfers. New option to execute PRET before all PASV calls.
- updated t/10-complex.t to dynamically check if PRET is needed.
- Bug # 74035, as of Perl 5.12, uc($x) gives warning if $x is undef. Added
checks to avoid these warnings. Did via [ uc($x||""); ]
- Fixed both test cases to no longer send Port as undefined to get rid of
warnings in log file. (Passing undef wasn't realistic, was just convenient.)
- t/10-complex.t now explicity checks if any warnings are generated and does
a request for feadback instead of as an error if any are found. Should help
considerably with debugging any code changes in the future.
- Added new internal method _feat() to get additional commands to be
recognized by supported().
- Enhanced _help() in parsing it's response from the server & other significnt
enhancements. Major rewrite of this one method.
- Above rewite uncovered bug in t/10-complex.t to fix in a supported() test.
- Did some tweaking to the workings of the OverrideHELP option due to changes
in _help() & supported().
- Updated POD for supported() to describe changes to functionality.
0.20 2012/01/01 08:30:00
- Fixed bug # 73115 where it looks like the response() had unexpected breaks
in it. Instead of returning "xyz message" the FTPS server was returning
"x" on one line and "yz message" on another line. And the code was
treating "x" as the entire response (since there was no "-" after it.)
Fixed so that if a response starts with a number that's less than 3
digits with nothing else following it, to assume we hit this bug.
The risk to this fix is that we might try to read past the response
on some other server and cause things to hang. So that's an issue to
keep an eye out for after this release.
- Fixed minor issue with "HELP" not supported on some boxes. If this happens
supported() will now always return false unless you use OverrideHELP.
- Now prints the hash values chosen for new() to the logs.
- Fixed so scrubbing out sensitive info from the logs is only done when debug
is turned on instead of doing it all the time.
- Reorganized the options to new() in the POD to put the less useful and
special case options to new() last.
- Other minor POD corrections and additions.
0.19 2011/09/26 08:30:00
- If you use SSL_Advanced, it now writes to STDERR that you are using a
depreciated feature.
- Modified 10-complex.t & 20-certificate.t to honor the PERL_MM_USE_DEFAULT
envionment variable for the smoke testers to always use defaults, which
skips executing these 2 scripts. BUG # 69982.
(Same thing now happens for "make test < /dev/null" as well.)
Couldn't use ExtUtils::MakeMaker::prompt() per request since "make test"
wouldn't display the questions it was asking & it looked like it hung in
interactive mode for normal users! So based my solution on that function
using diag() instead of print.
- Fixed Typos in POD text Bug # 70438 & some misleading comments.
- Updated the README file to include comments on t/20-certificate.t and what
changes are required before you can use it.
- Updated t/20-certificate.t to highlight the section of code that the README
file is talking about and the initial prompt to remind the user to see the
the README file for the needed modifications before running the test!
0.18 2011/07/29 08:30:00
- Added SSL_Client_Certificate to support client certificates on the data
channel as well as the command channel. Bug ID: 69327.
- Depreciated SSL_Advanced in favor of SSL_Client_Certificate. SSL_Advanced
is now just an alias for SSL_Client_Certificate for backwards compatibility.
I just feel the new name better describes what we are trying to do with it
now that this feature is supported.
- More fixes/clarifications to the POD text.
- Fixed minor wild card issue with LIST & NLST if "+" was in the file name.
- Added restart() function to be compatable with Net::FTP for restarts.
- Added ability to restart downloads/get() where previous attempt left off.
- Added ability to restart uploads/put() where the previous attempt left off.
- Added append() command [APPE], it also uses OFFSET, but doesn't send the
REST command to the server.
- Added LocalAddr option to new(). Works against both the command channel
and the data channel.
- Masks out the user name used when generating a log file. Similar to how
this is already done for the password. Except it must also hide it in the
response to USER & PASS. Only masked when written to the log, message()
and last_message() still returns the user name unmasked in any response
string!
- Fixed a bug in t/10-complex.t and added optional environment variables
for some of the connection values to make it easier for me to quickly
rerun tests during development without having to key in ansers to questions
with no good default values over & over again.
- Wrote t/20-certificate.t to test certificates out. But this and
t/10-complex.t are probably incompatable in most settings. Anyone else
trying to use this test case will have to modify this code to point to their
certificate and provide it's password, since I'm not going to publish my
test client certificate.
- Calls to command() now return a reference to this class so that you can
code something like: "if ($ftps->command("NOOP")->response() == CMD_OK)".
This should be compatible since it shouldn't be called externally, and
you should always be calling response() afterwards anyway. It still calls
die if "Croak=>1" is used. Response() will return CMD_ERROR should
command() have issues to avoid hangs.
- Modifed Net::FTPSSL to use the new command()->response() format internally.
0.17 2011/01/03 08:30:00
- Fixed a subtle bug in response(), now tests if a parse succeeded instead
of assuming it. Allowed me to simplify this messy code quite a bit.
- Reordered the methods in the POD to put some of the more relevant FTP
commands closer to the top & the more obscure at the bottom to make
for easier reading of the documentation.
- Reworked t/10-complex.t quite a bit. Made sure croak was always turned
off immediately after a successful login. Also now using the same hash
for all the connection attempts. I really need to take the time to do
further redesign this script to make it easier to troubleshoot.
- Fixed the smoke tester failures. (They always answer NO to the deeper test)
- t/10-complex.t now checks if OverridePASV or OverrideHELP are needed against
the test server & dynamically adds it for the test cases if needed.
Net::FTPSSL still can't dynamically figure this out for itself.
- Added PASV/EPSV prompt to t/10-complex.t script instead of assuming PASV.
0.16 2010/11/30 08:30:00
- Used Perl's special variables to write the Perl verion and OS to the logs
to make support easier when trouble shooting tickets.
- Fixes for Bug Id 61432.
- On systems like "Connect:Enterprise UNIX", it incorrectly sends the
response to HELP partially in clear text and partially encrypted on the
command channel. This causes this class to barf and never recover once it
hits the clear text. So a new "OverrideHELP" option was created to bypass
calls to HELP if your server has this strange behavior. This is needed
since HELP is called internally by the Net::FTPSSL class via supported()!
** Maybe in the future I'll figure out a way to dynamically handle this. **
- On some systems the server administrator won't configure their servers
correctly to use the correct IP Address in the PASV response through a
firewall when establishing a new Data Channel Connection. To get arround
this, a new "OverridePASV" option was created to force the use of the
Specified Server Name instead of the invalid IP Address returned in the
PASV response!
** Maybe in the future I'll figure out a way to dynamically handle this. **
- Added "OverridePASV" & "OverrideHELP" test cases to t/10-complex.t
- Added EPSV support. Required the reorginization of some internal
undocumented methods that no one should be using.
- Added EPSV test to t/10-complex.t
0.15 2010/04/27 08:30:00
- Fixes for Bug Id 53719. Requested all internal calls to "ALLO" be
conditional since some server connections die when it receives an "ALLO"
command.
- Fixing the above bug uncovered an infinite loop if Croak was also turned on.
Now _croak_or_return() doesn't try to close the connection if called by
command() or response() or if recursion was detected.
- Fixed quot() to no longer upshift the command to upper case. Discovered
case where lower case was required. So it's now up the the caller to
put in upper case if it's required! Also no longer checks if the command
is valid according to HELP. Some servers attempt to be sneeky by not
advertising all available commands.
|
|
Upstream changes:
Changes for 1.31
- Eliminate global variables %D - thanks to bonsaiviking
Changes for 1.30
- Merged features of pull request #6 (bonsaiviking)
https://github.com/apersaud/Nmap-Parser/commit/7ccf752af
- Allow osclass elements within osmatch, Nmap XML format changed in 6.00
|
|
- the --checkzone option now actually works.
- canonical hostname checks are not done if the answer they are
found in doesn't have the "recursion available" flag set.
- the logic for printing the warning when canonical hostname
checks are skipped has been corrected.
- the way that canonical hostname checks are done has been fixed
so that only initial results from the query for A RRs are used.
- a warning is now printed whenever a query requesting recursion
results in an answer without the "ra" (recursion available) flag.
|
