Stop lying and drop maintainership of these packages. I have not
maintained them for a very long time already, so leave room for
fresh blood to take over them.
Noteworthy changes in version 1.4.1 (2008-04-25)
------------------------------------------------
* Fixed a bug introduced by 1.3.1 which led to the comsumption of far
too much entropy for the intial seeding.
* Improved AES performance for CFB and CBC modes.
* Removed build problems for the Padlock support.
* Enhanced gpg-connect-agent with a small scripting language.
* New option --list-config for gpgconf.
* Fixed a crash in gpgconf.
* The envvars XAUTHORITY and PINENTRY_USER_DATA are now passed to the
pinentry.
* Fixed the auto creation of the key stub for smartcards.
* Fixed a rare bug in decryption using the OpenPGP card.
* Creating DSA2 keys is now possible.
* New option --extra-digest-algo for gpgsm to allow verification of
broken signatures.
* Allow encryption with legacy Elgamal sign+encrypt keys with option
--rfc2440.
- Let the user choose the type of sorting (default to time descending,
available: time asc/desc, count asc/desc).
- Implement Prewikka Asynchronous DNS resolution in alert view
as well as message summary (require twisted.names and twisted.internet),
see the additional dns_max_delay settings parameters in prewikka.conf.
- In the alert summary view, handle portlist and ip_version service fields,
and show alert messageid.
- Fix exception when rendering ToolAlert.
- Fix double classification escaping (could result in non working link
for alert with classification containing escaped character).
- Improvement to heartbeat retrieval (heartbeat view speedup).
- Correct typo (fix#275), thanks Scott Olihovki <skippylou@gmail.com>
for pointing this out.
- Polish translation, by Konrad Kosmowski <konrad@kosmosik.net>.
- Update to pt_BR translation, by Edelberto Franco Silva <edeunix@edeunix.com>
- Various bug fixes and cleanup.
- [rulesets]: Remove successful/failure keyword from classification
(use IDMEF completion). Analyzer class sanitization.
- [nagios] Handle Nagios V2 log entry (fix#283).
- [spamassassin] Fix incorrect AdditionalData assignement.
- New Suhosin ruleset, by Sebastien Tricaud <toady@inl.fr>
- Fix invalid logfile inconsistency alert that could be triggered
in a rare case, after a renaming detection. Alert improvement.
- On logfile inconsistency alert, do not re-analyze the whole file.
- Remove the 1024 bytes per PCRE reference limit.
- Minor bug fixes, build system cleanup.
- Implement RFC 4122 UUIDv1 identifier generation, more resistant to
duplicate than our previous implementation in case of clock skew, or
multiple client with the same analyzerid sending alert in parallel.
- You can now provide NULL value to idmef_path_set() in order to
destroy existing value within an IDMEF message.
- Unify memory handling of value retrieval through idmef_path_t. This
allow the user to retrieve and keep any values, even through the
associated IDMEF message is freed.
- Build system cleanup, enable RELRO when possible.
- Implement PRELUDE_CLIENT_FLAGS_AUTOCONFIG, which is set by default,
but that applications might unset in order for their client not to
read the default profile/global configuration.
- Fix possible assertion when destroying un-started prelude-client.
- Improvement to the prelude-io API, the user might now hook its own
handling function.
- Fix dumping of (not) NULL criteria operator to string. Remove
gratuitous space insertion when dumping criteria.
- Headers fixes for C++ build.
- Fix printing and cloning of empty IDMEF string.
- In IDMEF to string convertion code, print <invalid enum value> in
place of NULL on invalid enumeration value.
- Various bug fixes.
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
Ignore temporary build files
make make install install stuff.
Bump NEWS.Debian.
Proposed solution for #462897: unconditionally sync keys between
normal gnupg home and caff gnupg home on startup, to cope with
changed keys.
- Added support for chaining modules within the version client library.
To use this, specify the module string as a list of modules separated
with commas. For example:
cvm-command:/path/to/module,cvm-local:/path/to/socket
This enhancement deprecates the cvm-chain module.
- Introduced an "out of scope" fact, to be used on credential rejection
results when the supplied credentials are outside of the scope of
authority of the module. The cvm-vmailmgr and cvm-qmail modules
report this fact as appropriate, and cvm-chain copies it as
appropriate from the modules it invokes.
- A random anti-spoofing tag is added to all version 2 client requests.
Its length is set by $CVM_RANDOM_BYTES and defaults to 8.
- Fixed a bug that caused the domain output to be set incorrectly when
doing qmail lookups with a domain not in the control files with
$CVM_QMAIL_ASSUME_LOCAL set.
and ${REAL_ROOT_GROUP} instead. The pkginstall framework checks for
the name of the user and group, not the uid and gid, when comparing
permissions. This fixes the following spurious warning from appearing:
The following files are used by sudo-1.6.9p15 and have
the wrong ownership and/or permissions:
/usr/pkg/etc/sudoers (m=0440, o=0, g=0)
653) Fixed installation of sudo_noexec.so on AIX.
654) Updated libtool to version 1.5.26.
655) Fixed printing of default SELinux role and type in -V mode.
656) The HOME environment variable is once again preserved by default,
as per the documentation.
Addresses a recent security issue that only impacts 1.4.8 and 2.0.8
* Improved AES encryption performance by more than 20% (on ia32).
Decryption is also a bit faster.
* Fixed possible memory corruption bug in 1.4.8 while importing
OpenPGP keys.
VIA PadLock Security Engine:
- The new option is turned on by default.
- The new option is only available on i386 systems except Mac OS X (which
doesn't work on VIA CPU).
- The new option isn't available on system which uses GCC 3.x because it
causes build failures. This fixes PR pkg/38197.
Approved by Dieter Baron.
