cleanse environment of variables that alter behavior of Kerberos library
so the user can't override the default keytab location, and do *not*
ignore missing keytab errors. Prevents root compromise via spoofed KDC
on systems with Kerberos libraries but no host key in keytab, no keytab,
or keytab overidden via environment.
Don't insist that the keytab key be DES -- some Kerberos sites are 3DES/AES
only.
Somewhat less invasive than the fix Todd incorporated into the 1.6.9 branch
of sudo (presently beta) but equivalent (though not as clean).
Prompted by report from Peter Avalos that exim 4.66 would not build
against openssl 0.9.8e
Changelog:
MH/01 Fix for bug #448, segfault in Dovecot authenticator when interface_address
is unset (happens when testing with -bh and -oMi isn't used). Thanks to
Jan Srzednicki.
PH/01 Added a new log selector smtp_no_mail, to log SMTP sessions that do not
issue a MAIL command.
PH/02 In an ACL statement such as
deny dnslists = X!=127.0.0.2 : X=127.0.0.2
if a client was not listed at all, or was listed with a value other than
127.0.0.2, in the X list, but was listed with 127.0.0.2 in the Y list,
the condition was not true (as it should be), so access was not denied.
The bug was that the ! inversion was incorrectly passed on to the second
item. This has been fixed.
PH/03 Added additional dnslists conditions == and =& which are different from
= and & when the dns lookup returns more than one IP address.
PH/04 Added gnutls_require_{kx,mac,protocols} to give more control over the
cipher suites used by GnuTLS. These options are ignored by OpenSSL.
PH/05 After discussion on the list, added a compile time option ENABLE_DISABLE_
FSYNC, which compiles an option called disable_fsync that allows for
bypassing fsync(). The documentation is heavily laced with warnings.
SC/01 Updated eximstats to collate all SpamAssassin rejects into one bucket.
PH/06 Some tidies to the infrastructure of the Test Suite that is concerned
with the auxiliary C programs that it uses: (1) Arrange for BIND_8_COMPAT
to be defined when compiling on OSX (Darwin); (2) Tidies to the Makefile,
including adding "make clean"; (3) Added -fPIC when compiling the test
dynamically loaded module, to get rid of a warning.
MH/02 Fix for bug #451, causing paniclog entries to be written if a bounce
message fails, move_frozen_messages = true and ignore_bounce_errors_after
= 0s. The bug is otherwise harmless.
PH/07 There was a bug in the dovecot authenticator such that the value of
$auth1 could be overwritten, and so not correctly preserved, after a
successful authentication. This usually meant that the value preserved by
the server_setid option was incorrect.
PH/08 Added $smtp_count_at_connection_start, deliberately with a long name.
PH/09 Installed PCRE release 7.0.
PH/10 The acl_not_smtp_start ACL was, contrary to the documentation, not being
run for batched SMTP input. It is now run at the start of every message
in the batch. While fixing this I discovered that the process information
(output by running exiwhat) was not always getting set for -bs and -bS
input. This is fixed, and it now also says "batched" for BSMTP.
PH/11 Added control=no_pipelining.
PH/12 Added $sending_ip_address and $sending_port (mostly Magnus Holmgren's
patch, slightly modified), and move the expansion of helo_data till after
the connection is made in the smtp transport (so it can use these
values).
PH/13 Added ${rfc2047d: to decoded RFC 2047 strings.
PH/14 Added log_selector = +pid.
PH/15 Flush SMTP output before delaying, unless control=no_delay_flush is set.
PH/16 Add ${if forany and ${if forall.
PH/17 Added dsn_from option to vary the From: line in DSNs.
PH/18 Flush SMTP output before performing a callout, unless control =
no_callout_flush is set.
PH/19 Change 4.64/PH/36 introduced a bug: when address_retry_include_sender
was true (the default) a successful delivery failed to delete the retry
item, thus causing premature timeout of the address. The bug is now
fixed.
PH/20 Added hosts_avoid_pipelining to the smtp transport.
PH/21 Long custom messages for fakedefer and fakereject are now split up
into multiline reponses in the same way that messages for "deny" and
other ACL rejections are.
PH/22 Applied Jori Hamalainen's speed-up changes and typo fixes to exigrep,
with slight modification.
PH/23 Applied sieve patches from the maintainer "tracking the latest notify
draft, changing the syntax and factoring some duplicate code".
PH/24 When the log selector "outgoing_port" was set, the port was shown as -1
for deliveries of the second and subsequent messages over the same SMTP
connection.
PH/25 Applied Magnus Holmgren's patch for ${addresses, ${map, ${filter, and
${reduce, with only minor "tidies".
SC/02 Applied Daniel Tiefnig's patch to improve the '($parent) =' pattern match.
PH/26 Added a "continue" ACL modifier that does nothing, for the benefit of its
expansion side effects.
PH/27 When a message times out after an over-quota error from an Exim-imposed
quota, the bounce message says "mailbox is full". This message was not
being given when it was a system quota that was exceeded. It now should
be the same.
MH/03 Made $recipients available in local_scan(). local_scan() already has
better access to the recipient list through recipients_list[], but
$recipients can be useful in postmaster-provided expansion strings.
PH/28 The $smtp_command and $smtp_command_argument variables were not correct
in the case of a MAIL command with additional options following the
address, for example: MAIL FROM:<foo@bar> SIZE=1234. The option settings
were accidentally chopped off.
PH/29 SMTP synchronization checks are implemented when a command is read -
there is a check that no more input is waiting when there shouldn't be
any. However, for some commands, a delay in an ACL can mean that it is
some time before the response is written. In this time, more input might
arrive, invalidly. So now there are extra checks after an ACL has run for
HELO/EHLO and after the predata ACL, and likewise for MAIL and RCPT when
pipelining has not been advertised.
PH/30 MH's patch to allow iscntrl() characters to be list separators.
PH/31 Unlike :fail:, a custom message specified with :defer: was not being
returned in the SMTP response when smtp_return_error_details was false.
This has been fixed.
PH/32 Change the Dovecot authenticator to use read() and write() on the socket
instead of the C I/O that was originally supplied, because problems were
reported on Solaris.
PH/33 Compile failed with OpenSSL 0.9.8e. This was due to a coding error in
Exim which did not show up earlier: it was assuming that a call to
SSL_CTX_set_info_callback() might give an error value. In fact, there is
no error. In previous releases of OpenSSL, SSL_CTX_set_info_callback()
was a macro that became an assignment, so it seemed to work. This has
changed to a proper function call with a void return, hence the compile
error. Exim's code has been fixed.
PH/34 Change HDA_SIZE in oracle.c from 256 to 512. This is needed for 64-bit
cpus.
PH/35 Applied a patch from the Sieve maintainer which fixes a bug in "notify".
PH/36 Applied John Jetmore's patch to add -v functionality to exigrep.
PH/37 If a message is not accepted after it has had an id assigned (e.g.
because it turns out to be too big or there is a timeout) there is no
"Completed" line in the log. When some messages of this type were
selected by exigrep, they were listed as "not completed". Others were
picked up by some special patterns. I have improved the selection
criteria to be more general.
PH/38 The host_find_failed option in the manualroute router can now be set
to "ignore", to completely ignore a host whose IP address cannot be
found. If all hosts are ignored, the behaviour is controlled by the new
host_all_ignored option.
PH/39 In a list of hosts for manualroute, if one item (either because of multi-
homing or because of multiple MX records with /mx) generated more than
one IP address, and the following item turned out to be the local host,
all the secondary addresses of the first item were incorrectly removed
from the list, along with the local host and any following hosts (which
is what is supposed to happen).
PH/40 When Exim receives a message, it writes the login name, uid, and gid of
whoever called Exim into the -H file. In the case of the daemon it was
behaving confusingly. When first started, it used values for whoever
started the daemon, but after a SIGHUP it used the Exim user (because it
calls itself on a restart). I have changed the code so that it now always
uses the Exim user.
PH/41 (Following a suggestion from Tony Finch) If all the RCPT commands in a
message are rejected with the same error (e.g. no authentication or bad
sender address), and a DATA command is nevertheless sent (as can happen
with PIPELINING or a stupid MUA), the error message that was given to the
RCPT commands is included in the rejection of the DATA command. This is
intended to be helpful for MUAs that show only the final error to their
users.
PH/42 Another patch from the Sieve maintainer.
SC/02 Eximstats - Differentiate between permanent and temporary rejects.
Eximstats - Fixed some broken HTML links and added missing column headers
(Jez Hancock).
Eximstats - Fixed Grand Total Summary Domains, Edomains, and Email
columns for Rejects, Temp Rejects, Ham, and Spam rows.
SC/03 Eximstats - V1.58 Fix to get <> and blackhole to show in edomain tables.
PH/43 Yet another patch from the Sieve maintainer.
PH/44 I found a way to check for a TCP/IP connection going away before sending
the response to the final '.' that terminates a message, but only in the
case where the client has not sent further data following the '.'
(unfortunately, this is allowed). However, in many cases there won't be
any further data because there won't be any more messages to send. A call
to select() can be used: if it shows that the input is "ready", there is
either input waiting, or the socket has been closed. An attempt to read
the next input character can distinguish the two cases. Previously, Exim
would have sent an OK response which the client would never have see.
This could lead to message repetition. This fix should cure that, at
least in a lot of common cases.
PH/45 Do not advertise STARTTLS in response to HELP unless it would be
advertised in response to EHLO.
things are restricted, pkgsrc's labeling rules aren't intended to
address export control issues, and there are vast numbers of packages
with apparently similar export control status and no RESTRICTED.)
and CVE-2007-2754).
Changes from 2.2.0:
* freetypettg: fix CVE-2007-2754 for the internal freetype copy
* autotext02: A showstopper fix for OOo2.2.1
* l10n77316fix: contains fix for i77316
* notepaint: Fix for invisible text in Calc notes while editing
* macosxpbuildrepair_OOF680:
This cws fixes broken Mac OS X 10.3 build, and does contain :
- a fix for a build breaker in slideshow ( fixed by thb ) #i74325#
- gcc-3.3 parser fixes #i75990#
- a complete fix in sal for security.c ( with sb help ) #i76159#
- a fix for broken linking ( because of extra symbols, due to bad
filtering ) #i72922#
- a fix for main.applescript ( build borken on Panther ) #i75972#
All issue targeted 2.2.1 ( supposing the changes will be integrated
in SRC680 too)
* ause078_OOF680: quick and small to get back correct dependencies
* os95_OOF680,plthes: add license-fixed polish thesaurus
* olenoserver: A fix for a regression.
* hro15: Unicode command line support fix for Windows only.
* custompropsfix: Small bug fix in Word import for import of document
variables
* dba221b: fix issue 73722, in its incarnation as issue 76434, for 2.2.1.
* swvalgrind: Fix for i76133
* calc221: Calc fixes for OOo2.2.1
* fix75967: fix issue 75967
* c03v8,c07v012,native86,nativebroffice: New Product BrOffice.org
* impress120: Bugfix workspace for OOo 2.2.1
sj->wg: the performance test hasn|t been finished yet, but I think
it should be no problem to hand over this issue without the test.
* larsbehr01: Bugfix for i66661: Slideshow bug fixing for 2.2.1
* dba221a: ongoing DBA-related bugfixing towards OOo 2.2.1
* sch17: Fixes for sch
* tbe29: OOo 2.2.1 accessibility bug fixes
* impress119: Bug fixes for OOo 2.2.1.
* printhelpfix: Bugfix for 134037.
* autotext01: A showstopper cws related to autotext bug.
* native79: Preparing OOo 2.2.1 and SO 8 Update 7
* vcl73_OOF680: 2.2.1 issues
* cmcfixes32_OOF680: minor customized build fixes
* jl57_OOF680: Contains a patch for building with an older gcc compiler.
* fsfixes06_OOF680: Fix for a bug in WordPerfect typedetection that caused
us to crash on unsupported documents instead of refusing
them with grace
* jl62,oasisrng02: Fixes of violations of the RelaxNG schema in ODF.
* aw050: OOo 2.2.1 BugFixing
* swqbugfix01: Issues in Writer regarding saving of documents
* Fixed 64-bit portability bug in time_string function
(Thomas Habets).
* Clean up configure on FreeBSD for recent autotool versions
that require that all .h files have to be compiled.
Also, FreeBSD install does not support GNU long options
which the Makefile in easy-rsa/2.0 uses (not checked the
others as we don't install those on Gentoo) (Roy Marples).
by Sergey Svishchev.
Changes in 2.1.4
- Fixed crash in parsing of DHT messages
- Fixed problem with files with .. in their name
- ScanFolder can now handle incomplete torrent files properly
Changes in 2.1.3
- Fixed crash in torrent parsing
Changes in 2.1.2
- Fix 2 security vulnerabilities (thanks to Bryan Burns from Juniper Networks
for finding them)
Changes in 2.1.1
- Rewrite of webserver
- New webgui : coldmilk
- Networking thread has been split up in 2 threads, one for upload, one for
download
- Significant speed improvements when downloading over a LAN
Changes in 2.1
- Some minor bug fixes
Changes in 2.1rc1
- Share ratio column added in main view
- Added option to use a different proxy then the default KDE proxy for HTTP trackers
- Added feature to show/hide columns in main view
- Moved search box to bottom, so that the window is not enlarged in 1024 x 768 resolutions, when you search for something
- Made sure no duplicates get into search box history
- Fixed 'Trackers' tab in InfoWidget to properly resize tracker URL label
- Zeroconf plugin added
- Added µTorrent compatible PEX
- Fixed a bug in WebInterface plugin causing JS tooltips not to show.
- Fixed a bug with 'Stop All' not stopping queued torrents.
Fixed a serious bug where spamdyke was closing the connection to qmail and
exiting as soon as the remote host exited. When the remote host sends its
SMTP data in one burst and closes the connection without waiting for the
response code from the DATA segment, qmail doesn't accept the message and
nothing gets delivered.
Added some code to log_writeln() to translate bare carriage returns into
carriage return/linefeed combinations. This allows poorly written remote
servers to send mail, most notably Microsoft web servers. Dogmatically
refusing to accept mail by refusing to be more flexible than RFC 822
will never change the world; let's be reasonable instead of bouncing
messages back to our friends who can't change their mail servers anyway.
Fixed smtp_filter() to accept parameters to AUTH LOGIN when the MUA sends the
authentication information with the command instead of waiting for the
prompts. Thanks to Carlo Blohm for reporting this one.
files into its own directory under ${PREFIX}/share/elinks/locale.
This avoids any potential conflicts between these specially hacked
files installed for elinks and the system-wide ones owned by gettext-lib
and libiconv.
This fixes the installation conflict noted in the latest bulk build.
Bump PKGREVISION to 1.
mined 2000.13
* Documentation enhancements: Revised manual structure, featuring more comprehensive new chapters on
o Structured editing support
o Character handling support
o Language support
* Character encoding support enhancements: Auto-detection and explicit selection of UTF-16 with and without BOM (big endian and little endian).
* Updated to Unicode 5.0.0 (final, from beta2 in 2000.12).
* Character input support enhancements: Added support for multiple accented character input.
* Additional accent prefix keys for most frequent accents of all Latin-based languages (macron, breve, dot above, ogonek, caron, stroke).
* Added support for convenient combining character input with accent prefix keys.
* Added support for convenient quotation marks input with accent prefix keys.
* Support for Greek (monotonic and polytonic).
* Support for Cyrillic accented characters.
* Interactive enhancements: Revised menu structure to be more intuitive.
* Improved menu handling system.
* Interoperability enhancements: Making use of xterm 216 mode which provides detection of Alt-/Control-modified digits and punctuation keys.
* Improved support for some legacy terminals.
* File handling enhancements: Consistent setting of file access modes when cloning a file or creating a new file with executable permission.
mined 2000.12
* Character encoding support enhancements: Updated to Unicode 5.0.0 beta2:
o Case conversion, Script information.
o Combining character width properties.
o Han information (from Unihan database) for CJK characters.
o Radical/Stroke input method.
o Added character input mnemonics for new LATIN characters.
* Supplemented Big5 character set with HKSCS-2004 update from http://info.gov.hk/digital21/eng/hkscs/, adding more than 100 characters. Handling covers mappings to two Unicode characters, like for JIS encodings.
* Revised interpretation of locale environment variables to comply with de-facto locale standard but yet allowing flexible locale configuration for both text and terminal encoding. This mechanism is supplemented by other options with useful precedences. Command line options to specify text or terminal encoding were revised, enhanced, and made more comprehensive.
* Revised terminal encoding handling to support also mapped 8-bit encodings including handling of combining characters (with auto-detection).
* Generally revised handling of text and terminal encoding to support all combinations of them.
* Supporting lots of additional 8-bit encodings for both text encoding and terminal encoding. Structured Encoding menu with submenus for concise text encoding selection.
* Optional Unicode Copy/Paste buffer mode with implicit conversion.
* Character handling support enhancements: Supplemented Cangjie input method with additional mappings from HKSCS-2004 Changjie input code table.
* Case conversion is now always (i.e. in all encodings) based on Unicode.
* Shift-F3 case cycling function now uses actual Unicode title case characters when appropriate and available.
* Smart quotes enabled in all text encodings.
* Updated HTML character mnemonics to HTML 4.01.
* Interworking enhancements: Improved intuitive assignment of copy/paste functions to keypad, enhanced flexbility of usage.
* Further improvements on terminal interworking (even version-specific), especially with KDE konsole. Added kterm encoding auto-detection.
* Other enhancements: New password hiding feature, selected by default for "hidden" files.
* Extended default installation by some aliases and wrappers:
o minmacs, mstar, mpico for invocation of mined in emulation modes for emacs, WordStar, pico (alpha), respectively
o umined, xmined for invocation of mined in a separate terminal window
o uterm to invoke a new terminal window with a maximum of Unicode support achievable on the system, including best-choice font selection
mined 2000.11
* Unicode support enhancements: Updated to Unicode 4.1.0:
o Case conversion, Script information.
o Combining character width properties.
o Han information (from Unihan database) for CJK characters.
o Radical/Stroke input method (to include new CJK characters).
o Added Hanyu Pinlu and Tang pronunciation information (from Unihan database) to Han information options.
o Added generic and supplemental character input mnemonics for new LATIN characters.
* Indication and character information of Unicode combining characters now refers to the most recent Unicode version, not the actual terminal capabilities.
* Interactive enhancements: Conciliated keypad assignment preference conflict between Cut/Paste functions (as propagated by mined) and character deletion / line positioning functions (as often commonly expected):
o The more common Home/End/Delete function assignments to the respective keypad keys are also easily accessible (e.g. Alt-Del).
o Documentation for alternative assignment option improved.
o Using Del without a paste buffer gives an additional hint on alternative usage.
* Additional assignment of "Delete single" function (to delete without auto-undent, or to delete the last combining accent only) to F5 Backarrow.
* Additional commands (HOP) F1 F1 / Shift-F1 / Control-F1 / Alt-F1 to display a help status line of (shifted) function key assignments.
* Slight revision of function key assignments to improve intuitive usage and compliance with common usage. Unification of DOS version function key assignments.
* Interoperability enhancements: Improved detection of shifted function keys on various kinds and modes of terminals.
* Added keyboard configuration examples for Control-function key detection for rxvt and mlterm to the runtime support library.
* Added script to support Unicode X font installation to the runtime support library.
* Modified xterm start script "uterm" so that with newer xterm versions (from 201) usage of the xterm built-in most recent version of Unicode width data is enabled (which is often more current than the system-provided locale version).
* Provided makefile for Interix.
* Feature enhancements: Smart arrows added to optional smart input text replacements.
* New word case toggle function Shift-F3 cycling word casing between all small, beginning capital, and all capitals.
* The "search corresponding bracket" commands ESC ( or ESC ) now also match /* */ pairs and #if #else/#elsif #endif structures.
* New TAB expansion option (-+4 or -+8) that expands TAB key input to an appropriate number of Space characters.
* Further enhancements: Using paps (a Pango printing script) for printing if available.
* Added PC DOS encoding ("codepage 437") to available encodings.
mined 2000.10
* Character encoding, CJK, and input support enhancements: Printing feature revamped; now working with all encodings.
* Updated character properties to Unicode 4.0.1.
* Added support for major mapped 8 bit character encodings.
* Added transparent handling of UTF-16 encoded files (with BOM).
* Full support for combining characters in CJK encodings and 8 bit encodings, including optional separated display mode and partial editing (within combined character).
* Added Han character information (description / pronunciation) while browsing text or input method pick lists.
* Enhanced character information conforming to ISO 14755.
* Additional input support for CJK, Vietnamese, Thai, Hebrew.
* Added preinstalled WuBi input method (used by professional typists in mainland China).
* Added radical/stroke lookup input method for CJK characters, especially useful for not CJK speaking users.
* Added two Vietnamese input methods (VIQR and VNI) to preconfigured keyboard mappings, as well as a Vietnamese accent prefixing input support method.
* Added two more ways of supporting input of Vietnamese multiple accented characters.
* Revamped mnemonic input support; completed mnemonic patterns and enhanced documentation.
* Enhanced numeric character input support; conforming to ISO 14755.
* Interactive enhancements: Revamped menu control; added subtitles and flag markers (showing active options); enabled menu navigation by item letters or mouse wheel movement.
* Runtime environment enhancements: Enhanced interoperability with various terminals; enhanced detection and handling of available menu border styles as well as screen attributes used for scrollbar and special character display for a wide range of terminals.
* Providing runtime support library with X configuration patterns and terminal startup scripts.
* Portability enhancements: Revamped makefiles; enhanced portability and compilation on legacy systems.
* Enhanced makefiles to provide more installation options; fixed default target directories for a wider range of target systems.
mined 2000.9
* Position stack and return function also work across files (esp. after identifier definition searches using tags file)
* Smart quotes: auto-detection of quotation marks style on file loading
* Interactive Latin-1 / UTF-8 conversion support
* Support for VIM keyboard mapping files
mined 2000.8
* Major extension of CJK character set support: GB18030, full EUC-JP, CNS (EUC-TW)
* Vietnamese VISCII character set support
* Auto-detection of UTF-8 / CJK terminal features
* Flexible locale configuration for both text and terminal encoding
* Smart dashes
* Multiple paste buffers (emacs-style)
* emacs command mode