* Several fixes incl. multi-core MS-Windows threading problem.
* New MS-Windows native audio driver.
* New Grandstream ringtone file format.
* New support in libSoX for memory based file IO.
* Now able to set MP3 compression parameters.
* New variants of the TIGER algorithm.
* New cipher algorithm mode for AES-WRAP.
* Interface changes relative to the 1.4.2 release:
GCRY_MD_TIGER1 NEW.
GCRY_MD_TIGER2 NEW.
GCRY_CIPHER_MODE_AESWRAP NEW.
While one would expect a python wrapper for a library to link with the
library, this packages's source has files from crypto++, and it
doesn't try to link against the installed crypto++.
* Partially rewritten ntop processing engine to address reliability and
performance
* Several bugs and stability issues fixed
* Added better support for IPFIX and NetFlow v9, as well as ntop PEN
(Private Enterprise Number)
* Added support for Cisco ASA firewalls
* Added ntop engine scriptability via the python programming language
* Added RRDalarm plugin for generating alerts based on thresholds
* Improved google maps integration
* Enhanced sFlow support
* Added support for write-ahead logging.
* Query planner enhancement - automatic transient indices are created when
doing so reduces the estimated query time.
* Query planner enhancement - the ORDER BY becomes a no-op if the query also
contains a GROUP BY clause that forces the correct output order.
* Add the SQLITE_DBSTATUS_CACHE_USED verb for sqlite3_db_status().
* The logical database size is now stored in the database header so that bytes
can be appended to the end of the database file without corrupting it and so
that SQLite will work correctly on systems that lack support for ftruncate().
Some of the highlights are:
o [NSE] Added more scripts, bringing the total to 131!
o Performed a major OS detection integration run.
o Performed a large version detection integration run.
o [Zenmap] Added the ability to print Nmap output to a printer.
o [Nmap, Ncat, Nping] The default unit for time specifications is now
seconds, not milliseconds, and times may have a decimal point.
o Ports are now considered open during a SYN scan if a SYN packet
(without the ACK flag) is received in response.
o [Ncat] In listen mode, the --exec and --sh-exec options now accept a
single connection and then exit, just like in normal listen mode.
o UDP payloads are now stored in an external data file, nmap-payloads,
instead of being hard-coded in the executable.
o Added a new library, libnetutil, which contains about 2,700 lines of
networking related code which is now shared between Nmap and Nping
o Improved service detection match lines.
o Improved our brute force password guessing list by mixing in some
data sent in by Solar Designer of John the Ripper fame.
o [Zenmap] IP addresses are now sorted by octet rather than their
string representation.
o [Ncat] When receiving a connection/datagram in listen mode, Ncat now
prints the connecting source port along with the IP address.
o Added EPROTO to the list of known error codes in service scan.
o Updated IANA IP address space assignment list for random IP (-iR)
generation.
o Zenmap's "slow comprehensive scan profile" has been modified to use
the best 7-probe host discovery combination we were able to find in
extensive empirical testing
o Zenmap now lets you save scan results in normal Nmap text output
format or (as before) as XML.
o [NSE] Raw packet sending at the IP layer is now supported, in
addition to the existing Ethernet sending functionality.
o Nmap now honors routing table entries that override interface
addresses and netmasks.
o [Ncat] The HTTP proxy server now accepts client connections over
SSL, and added support for HTTP digest authentication of proxies, as
both client and server.
o Improved the MIT Kerberos version detection signatures.
Plus many bugfixes and improvements.
For full changelog, see http://nmap.org/changelog.html
Python extensions using OpenSSL which contains hashing algorithms,
This package more or less supersedes py-amkCrypto.
chaffing/winnowing, random number generation, various utility modules,
and several block encryption and digital signature algorithms.
(Since pkgsrc-2010Q2 has the 3.0 branch of thunderbird I will send a
separate diff to releng for the 3.0.6 security update.)
MFSA 2010-47 Cross-origin data leakage from script filename in error messages
MFSA 2010-46 Cross-domain data theft using CSS
MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent
character to vanish
MFSA 2010-43 Same-origin bypass using canvas context
MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
MFSA 2010-41 Remote code execution using malformed PNG image
MFSA 2010-40 nsTreeSelection dangling pointer remote code execution
MFSA 2010-39 nsCSSValue::Array index integer overflow
MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
changes:
added the --proto and -proto-redir options
new configure option --enable-threaded-resolver
improve TELNET ability with libcurl
added support for PolarSSL
added support for FTP wildcard matching and downloads
added support for RTMP
added CURLINFO_PRIMARY_PORT, CURLINFO_LOCAL_IP and CURLINFO_LOCAL_PORT
MFSA 2010-47 Cross-origin data leakage from script filename in error messages
MFSA 2010-46 Cross-domain data theft using CSS
MFSA 2010-45 Multiple location bar spoofing vulnerabilities
MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent
character to vanish
MFSA 2010-43 Same-origin bypass using canvas context
MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
MFSA 2010-41 Remote code execution using malformed PNG image
MFSA 2010-40 nsTreeSelection dangling pointer remote code execution
MFSA 2010-39 nsCSSValue::Array index integer overflow
MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution
MFSA 2010-36 Use-after-free error in NodeIterator
MFSA 2010-35 DOM attribute cloning remote code execution vulnerability
MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
"this release irons out all known stability problems with Qt 4.6"
other changes:
-New -f [--force-overwrite] command line flag
-New preference setting for selecting what to do when existing files are
going to be overwritten on export from the GUI
-Detect LyXBlogger if installed
-UI improvements
-doc / translation improvements
-bugfixes
approved by Jeremy C. Reed (the MAINTAINER)
