== June 28, 2002
Ethereal 0.9.5 has been released. This version fixes several potential
security problems revealed since the release of 0.9.4. See the security
advisory at http://www.ethereal.com/appnotes/enpa-sa-00005.html for
more details.
New Features:
The ability to read packet data from a pipe was enhanced. Printing
under Windows now works.
New Protocols
802.3 LACP, Apache JServ, AODV6, DCERPC Browser, Java RMI, TAPI
Updated Protocols
ATM, BGP, BOOTP, DCE RPC, EPM, Frame Relay, GTP, L2TP, LMP, MAPI, MIP,
MMSE, MTP3, NCP, NFS, NSPI, PPP, Q2931, RADIUS, RSVP, SCSI, SMB, SNA,
SOCKS, SPOOLSS, SRVSVC, SunATM, TFTP, TNS, Token Ring, UCP, VJ TCP/IP,
WCP, WEP, WSP, WTP
Capture File Updates
Ethereal can now write LANalyzer files. The Sniffer, nettl, snoop,
NetXRay, and libpcap code all received updates.
- Honor PKG_SYSCONFDIR and use bsd.pkg.install.mk to handle config files
and rc.d scripts.
- Memory access fixes.
- Now '{', '}', '#' and ';' characters are not allowed for naming
rules and limits.
*** SECURITY UPDATE ***
Removed SUID bit from ipastat(8) due to security problems (and don't
even try to set it back). Admins who use the "db_owner" parameter
*and* use some safe user/group, *and* didn't forget to set the same
safe user/group for the ipastat(8) program, as it was said in the
SECURITY NOTE on the ipastat(8) manual page, should not worry a lot.
Admins who ignored that SECURITY NOTE should double check the security
of their systems and change all passwords, secrets keys, etc. if you
think that somebody cracked your systems by ipastat(8).
--- 8.3.3-REL released --- (Wed Jun 26 21:15:43 PDT 2002)
1301. [func] log attempts to exploit #1300.
1300. [bug] Remote buffer overrun.
1299. [func] Log to xfer-in when a named-xfer fails and one of
the masters returned REFUSED.
1298. [bug] named could leak a OPT record when returning a
negative response.
1297. [func] 'ndc restart' will now attempt to preserve the
arguments named was started with.
Use 'ndc restart --' to clear the arguements.
Use 'ndc restart <new arguements>' to restart named
with a alternate set of arguements.
1296. [bug] delay setting need_restart until the response to
ndc exec has been sent.
1295. [func] new ndc command 'args'. returns the arguements that
named was started with %xx escaped.
1294. [bug] #1272 broke linkage for those OS's using -lfl (flex).
Move -ll/-lfl to LIBL for all platforms.
--- 8.3.2-REL released --- (Mon Jun 17 20:24:32 PDT 2002)
1293. [doc] update man pages for 'dig', 'dnsquery' and 'host'
to reflect IPv6 capabilities (nslookup and nsupdate
were already IPv4/IPv6 agnostic).
1292. [func] host: the default lookups now also include AAAA
records.
1291. [func] 'dig -x <ip6>' now works.
1290. [bug] 'dig @server' fail to report the IPv6 address of the
server in error messages.
1289. [contrib] normalize_zone now handles $TTL.
1288. [bug] named: -t and -w could not be used together.
1287. [func] report serial(s) in out going transfer operation.
--- 8.3.2-RC1 released --- (Thu May 30 23:06:11 PDT 2002)
1286. [func] libbind: no longer attempts bit string labels for
IPv6 reverse resolution. Try IP6.ARPA then IP6.INT
for nibble style resolution.
1285. [port] linux: ss_family vs __ss_family in sockaddr_storage.
1284. [port] freebsd: 5.0 uses gid_t rather that int for
GETGROUPLIST_ARGS
1283. [port] bsdi: 4.2 also has struct sockaddr_storage.
1282. [bug] nslookup was using inet_ntoa() to print out a IPv6
address.
1281. [bug] escape '(' and ')' when coverting to presentation
form.
1280. [func] server { edns yes_or_no; } is now supported.
1279. [bug] nslookup: partial coversion to similar style outputs
for both -type=aaaa and -type=a.
1278. [bug] free() of non-malloced memory in nslookup.
1277. [port] cast all instances of yytext in commands.l to (char*)
to silence compilers on OS's where lex declares it
as (unsigned char *).
1276. [port] hpux 11.22: ansify GetAnswer in getinfo.c to
silence compiler.
1275. [bug] bad declaration of si in tsig_key_from_addr().
1274. [port] hpux 11.22: ansify hexstring() and display() in
addr.c to silence compiler.
1273. [bug] const pointer conficts in res_debug.c.
1272. [port] hpux 11.22: don't link against -ll unless required.
1272. [bug] main_need_num was not last entry in enum.
main_need_tick nolonger required.
1271. [port] hpux: treat all hpux systems as BIG_ENDIAN, don't
include <sys/mbuf.h>.
1270. [port] hpux 11.22 namespace clash DATASIZE -> BIND_DATASIZE.
1269. [port] hpux 11.11 interface scaning.
1268. [port] solaris: 64 bit binary compatability.
1267. [bug] aix4: missing IN6_IS_ADDR_V4COMPAT macro.
1266. [bug] If you are using TSIG #1261 introduced the potential
of a infinite loop.
1265. [bug] nslookup failed on platforms that don't have BSD 43
style sockets.
1264. [bug] LINK_INIT and UNLINK were not compatible with
C++, use LINK_INIT_TYPE and UNLINK_TYPE instead.
--- 8.3.2-T1B released --- (Tue May 7 18:49:58 PDT 2002)
1263. [bug] gethostans() could get out of sync parsing the
response if there was a very long CNAME chain.
1262. [bug] winnt: dumpdb and stats should now work reliably.
1261. [bug] using a valid TSIG with a compressed ownername could
result a INSIST() failure.
1260. [func] "notify explicit;" from BIND 9.
1259. [misc] leave the verification of the OPT options to the
caller.
1258. [func] accept SOA MNAME field as legitimate additional
data.
1257. [bug] malformed response to query w/ tsig + edns.
1256. [port] darwin: probe for IPv6 support.
1255. [bug] xfers_running could become out of sync if a zone
was removed while it was being transfered.
1254. [func] nsupdate can now update IPv6 servers.
1253. [func] host now accepts IPv6 addresses.
1253. [bug] reserve space for the signature when performing a
zone transfer.
1252. [func] dnsquery now accepts IPv6 addresses.
1251. [bug] win32: it was possible to call RegCloseKey() on a
invalid key.
1250 [func] nslookup now accepts IPv6 addresses.
1249. [func] dig now accepts IPv6 addresses.
1248. [doc] correct some typos in named.conf.5 and corresponding
html.
1247. [bug] get_salen() IPv6 support was broken for OSs w/o sa_len.
1246. [support] add highly dangerous compile time option
NXDOMAIN_ON_DENIAL. it should not be used
except in testing.
1245. [bug] if we don't have enough file descriptors to open
a socket attempt to close a idle tcp client.
1244. [port] bsdi: 4.3 has struct sockaddr_storage.
1243. [bug] SERVFAIL can have too many other causes to be used
say whether a server supports EDNS or not.
1242. [port] 64k answer buffers were causing stack space to be
exceeded for certian OS. Use heap space instead.
1241. [bug] getnameinfo() failed to lookup IPv4 mapped /
compatible addresses.
1340. [bug] reference after free for included conf file name.
1339. [bug] doaddinfo would not always attempt to fetch missing
glue when it should have.
1338. [bug] an IPv6 only nameserver could generate spurious
sysquery errors.
1337. [port] linux: IN6ADDR_LOOPBACK_INIT, IN6ADDR_ANY_INIT and
sockaddr_storage not declared by early kernels.
1336. [bug] getaddrinfo() could call freeaddrinfo() with an
invalid pointer.
1335. [bug] res_nupdate() failed to update the name servers
addresses before sending the update.
1334. [bug] A6 is expected in the additional section.
Remove `-p' from mkdir arguments, it is already part of ${MKDIR}.
While here substitute a couple of ${PREFIX} by `%D' in
`@exec ${MKDIR} ...' lines and add a couple of missing `%D' in such lines too!
correct bad practice in the code - it uses two changing variables
to manage buffer (buf and buflen). we eliminate buflen and use
fixed point (ep) as the ending pointer.
this fix is critical.
This is modified version deveopled by Samba Users Group Japan.
o I18N for SWAT.
Select display language based on information supplied by
Web browser.
o L10N for Japanese.
Support various use of Japanese name; share name, computer
name, workgroup name, user name.
Solve some problems when different version of Windows are
mixed. Especially, vanilla samba dosen't support vendor
depended characters completely. (Those characters are
differently handled among Windows 95, Windows 98, Windows NT
and something changed in Windows XP.) This cause practical
problem on real world.
o Some Bugfix go ahead to original samba.
o Some original feature
Supoprt a recycle bin.
Currently it is samba 2.2.2 base, and they are developing newer
version based on samba 2.2.4.
Submitted by svs@ropnet.ru in pkg/12009
Eggdrop is an IRC bot, written in C. If you don't know what IRC is, this
is probably not whatever you're looking for! Eggdrop, being a bot, sits
on a channel and takes protective measures: to keep the channel from being
taken over (in the few ways that anything CAN), to recognize banished
users or sites and reject them, to recognize priveledged users and let
them gain ops, etc.
docsis is a small program that can be used to generate binary
configuration files for DOCSIS-compliant cable modems.
It can be used to implement a cable modem provisioning system, as well
as testing of DOCSIS-compliant cable modems.
It offers features like directory caching, tab completion, aliases, colored
ls, recursive commands, autologin, bookmarks, multiple connections opened
simultaneously, nohup mode transfers and SSH2 support (sftp).
Provided by Piotr Stolc in PR pkg/16675.
Enabling of Kerberos support from William Waites in PR pkg/16250
Cleaned up by me.
version 2.2.4nb1 is that there are the usual minor bug fixes, plus some
important ones:
* fix printing with Win2K/XP clients
* fixes related to using LDAP for the SAM
* fixes related to changing passwords
Pkgsrc changes:
* Fetch the .tar.bz2 file -- it's smaller.
* Use smb.conf.default as the sample config file and get rid of
the homegrown files/smb.conf.sample. smb.conf.default is more
informative and is a better resource.
* Remove irrelevant examples.
* Move convert_smbpasswd script to the examples/samba/misc
directory. It's pretty much outlived it's usefulness at this
point of the Samba release cycle.
include:
* Installing the relevant manpages with the server programs.
* Miscellaneous bug fixes.
* Coda servers were doing strncmp instead of memcmp on ip-addresses.
This fixes 'identity-crisis' problems for replicated servers, where
servers didn't know which volumes they were hosting etc. (Ivan Popov)
* Made ValidateAttrs on the server more resilient to bad input.
* Handle reintegration conflicts when doing a partial reintegration,
instead of endlessly looping.
* Searching the colon separated CODACONFPATH environment variable for
venus.conf and server.conf configuration files.
* Added some more paranoia checks while parsing the /vice/db/servers
file.
* No longer ordering VRDB entries entries by ip-address. This allows
us to resize a VSG without affecting version-vectors.
* Added rds_print_stats to the server's printstats output to aid in
finding whether an RVM allocation failure is due to running out of
RVM space, or due to a large defragmentation that cannot be logged
in the RVM log.
* Added getvolinfo program to be useful when debugging volume mounting
problems.
* Avoid servers getting stuck in file-creation when there are
pre-existing files in /vicepa.
* Always pre-allocate fids with the maximum possible stride, will become
useful when we allowing modifications to a volume's replication
group. However, any replicated volume over a mix of old and new
servers has a slightly higher probability on getting unwanted
fid-collissions.
* Reduced server memory usage during reintegration.
* Not returning ENOENT when testing inconsistent files with
access(F_OK).
* Allow server-server repair with only one existing replica, needed
for repairing conflicts after running out of diskspace.
* Added "skip volumes" argument to norton-reinit -load.
* The 'change id' function of pdbtool would silently corrupt the pdb
databases, group owner id's were not updated, users were missing
as members from groups. Group could become a member of a user.
Hueristics to fix these corruptions are added to the 'pdbtool cm'
functionality.
include:
* Installing the relevant manpages with the client programs.
* Miscellaneous bug fixes.
* Venus now gracefully handles the situation where getvolinfo returns
different replicas compared to the cached replication information.
Now we only need add server support for VSG changes and a trigger
that forces venus to make a getvolinfo call and we can start moving
volumes around in the system.
* Avoid killing clients when receiving truncated directory data.
* Block when accessing an uncached object during resolution instead of
failing. This is especially useful during weak-reintegration.
* Added -local flag to cfs lv to avoid client-server rpc2 traffic.
* Fetch data as well as status in write-disconnected mode, the dirty
status-only object would prevent subsequent data-fetches until
successful reintegration completed.
* Added venus.conf option 'validateattrs' to limit piggybacked fids
during validate attrs to help reducing IP layer fragmentation.
* Another new venus.conf option 'serverprobe' to increase server probe
intervals (keeps firewalls from dropping masqueraded connections).
* venus.conf.ex file now defaults to turning on both masquerading and
using private mmap's for RVM.
* Disallow unlinking special names with 'cfs rmm'
* Optimized local-global fid replacement.
* Moved /usr/bin/replay to /usr/bin/coda_replay to avoid name conflicts.
* Reintroduced VSGs in venus.
* Re-randomizing during hoardwalks to add fair reclaiming behaviour
in the low end of the priority queue.
sharing client.
Provided in PR 16081 by Alex Newman (dolemite@wuli.nu)
Nap is a powerful Java file sharing client. It has OpenFT support via
giFT. Other features include fetching a server list from Napigator,
connecting to multiple OpenNap servers, doing multiple concurrent
searches, and automatic downloading. You can view your MP3 files and
play them conveniently from within XNap. It also provides a
commandline interface for use on a terminal.
Sipcalc is an ip subnet calculator. Features include:
- IPv4
* Retrieving of address information from interfaces.
* Classfull and CIDR output.
* Multiple address and netmask input and output formats (dotted
quad, hex, number of bits).
* Output of broadcast address, network class, Cisco wildcard,
* hosts/range,
network range.
* The ability to "split" a network based on a smaller netmask, now
* also with
recursive runs on the generated subnets. (also IPv6)
- IPv6
* Compressed and expanded input and output addresses.
* Standard IPv6 network output.
* v4 in v6 output.
* Reverse DNS address generation.
changes by me.
eDonkey2000 doesn't rely on one central server yet searches are
quick and your client doesn't get bogged down with endless search
requests. You have the ability to search all the files being shared
anywhere on the eDonkey2000 network.
It allows you to transfer any type of file. It automatically resumes
interrupted transfers from alternate sources. It even introduces
ways to share a whole collection of files together so you can be
sure to get all the songs in an album or all pieces of a movie.
Users will be able to download a file from multiple sources at the
same time thus insuring that transfers will be as fast as possible.
which the basesrc USE_KERBEROS variable. Discussed on packages@
This fixes PR#17182 from Takahiro Kambe. The problem was pointed out by
FUKAUMI Naoki on a Japanese NetBSD mailing list.
List of changes from 1.8.9d to 1.8.9i:
* Makefile patched for better compatibility with NetBSD
* s/PATH_MAX/MAXPATHLEN/
* GPL License file added
* sms-conf script added
* mimecut script fixed to handle Polish characters
* patch for easiest using sms on OpenBSD
* patch that allow us to sepcify source IP address
* with --from we can specify sender address
Changes since 1.0.11:
- New workarounds and conformance fixes were added to improve client
compatibility.
- Zero-copy downloads are now enabled on HPUX and Solaris.
- Russian and Chinese (simplified + traditional) translations were added.
- LDAP_FTPUID and LDAP_FTPGID are now really fetched from the directory.
- A protection against common bruteforce scanners for hidden directories
has been added.
- The FTP data connection assurance draft (ESTA/ESTP) has been implemented.
- Per-user (including anonymous) concurrency limits are now available.
0.6.6.6 -- 20020603 + Solaris porting
+ Sparc architecture support even for all other OSes
+ Windows 9X porting (developed by tavi)
+ Increased the speed of arp storm under windows (developed by tavi)
+ Added the ability to bind a port on which ettercap
forwards the sniffed trafic (press 'B' from the sniffing interface)
+ The -H option now supports range ip
(i.e. 192.168.1-5.10-20,30-40,50,100-150)
+ NEW PLUGIN:
- lamia (become root of a switches spanning tree)
+ Windows installer now have a nice splash screen ;)
+ Updated the passive OS fingerprint database (825 records)
!! Fixed the pthread_join problem under MacOSX
!! Fixed the -w options (openssl path related bug)
!! Fixed the conflicting options -Y and -a
!! Fixed the FindIface function under BSD
0.6.5 -- 20020423 + Windows (CYGWIN) porting
+ Dumping to tcpdump file format is now supported (-Y option)
+ New OffLine sniffing from tcpdump like files (-T option)
+ Sniffing from command line now capture UDP+TCP packet by default
- Changed the -t (--linktype option) to -g
+ Added the -t (--proto option) to sniff only that protocol in simple mode
+ Logging engine doesn't log the same user/pass/ip twice (as requested by Gushterul)
+ Under *BSD and MacOSX ettercap now uses only one bpf
+ Added the -J options (onlyposion) to allow multitarget arp sniffing
+ USER and PASS may have a length of 50 chars
+ NEW PLUGIN :
- roper (Tries to stop ISAKMP for IPSEC traffic)
+ NEW password collector for:
- QUAKE 3 (rcon command) (developed by LnZ)
- ICQ v7 (developed by LnZ)
- MSN (the pass is an MD5 hash)
- YMSG (the pass in in UNIX MD5 format) (as requested by tavi)
+ DISSECTORS enhanced: HTTPS - IMAP - NAPSTER (opennap) - IRC
+ PLUGIN enhanced:
- leech (now it rearps the victim after isolation)
+ Updated the passive OS fingerprint database (762 records)
+ Updated the active OS fingerprint database
nmap-os-fingerprints,v 1.77 2002/03/20 05:42:48 fyodor
+ DOCUMENTATION translated in Polish and Dutch
+ Added the 'cvs' target to the Makefile
!! Fixed an ntohs() problem in the phantom plugin
!! Fixed a bug in the SMB dissector dealing with unicode user and password
!! Better handling of CTRL+C
!! Fixed a bug in doppleganger
!! Fixed a bug the the dlsym on OpenBSD 3.0 (plugin related)
!! Fixed the visualization of password with length > 13
!! Fixed a bug in the handling of debug file
!! Fixed the "not scrolling" JOINED visualization
Changes :
Net::SMTP - Use Authen::SASL to do auth
Net::SMTP - Minor change to address sanitize code, mainly to allow <>
Net::FTP - Minor change to pattern to extract unique filename from
server response
bugs discoverd in version 0.9.3 including these four potential
security problems:
- The SMB dissector could potentially dereference a NULL pointer in two cases.
- The X11 dissector could potentially overflow a buffer while parsing keysyms.
- The DNS dissector could go into an infinite loop while reading a malformed
packet.
- The GIOP dissector could potentially allocate large amounts of memory.
programmable, interactive system well-suited to the construction of
text-based adventure games, conferencing systems, and other collaborative
software. Provided by Ben Collver <collver@linuxfreemail.com>.
Together with the previous commits, this closes his PR pkg/13073.
library, and socks5's shared library is renamed to prevent packages from
picking it up by accident (so all 11 packages which respect USE_SOCKS
currently always link against a static socks library).
Update supplied by David Rankin (to version 1.5.2) in pkg/15642
further updated to 1.5.3.1 by me.
Changes since the old umich version (and netatalk-asun) are numerous
bug fixes, cleanups and new features and its actively being maintained.
User visible changes include:
- enable case insensitive fnmatch(3)ing for hostname globs in ftpusers(5)
- add 'denyquick' ftpd.conf(5) keyword
- add 'private' ftpd.conf(5) keyword
- use "advertise" in docco
User visible fixes:
- reject SIZE requests for ASCII files > 10KB long
- fixes for mlsd/mlst standards conformance
- fix passive transfers for various web browsers
- various glob(3) fixes
- don't log xferlog-style entries if the transfer didn't start
- fix skey password challenge
- don't try and use the motd directive if it's not set
GNet is a simple network library. It is written in C, object-oriented,
and built upon GLib. It is intended to be small, fast, easy-to-use,
and easy to port. GNet comes with documentation and examples.
rsync 2.5.5 "Snowy River" (2 April 2002)
ENHANCEMENTS:
* With --progress, when a transfer is complete show the time taken;
otherwise show expected time to complete. (Cameron Simpson)
* Make "make install-strip" works properly, and "make install"
accepts a DESTDIR variable for help in building binary packages.
(Peter Breitenlohner, Greg Louis)
* If configured with --enable-maintainer-mode, then on receipt of
a fatal signal rsync will try to open an xterm running gdb,
similarly to Samba's "panic action" or GNOME's bug-buddy.
(Martin Pool)
BUG FIXES:
* Fix situation where failure to fork (e.g. because out of process
slots) would cause rsync to kill all processes owned by the
current user. Yes, really! (Paul Haas, Martin Pool)
* Fix test suite on Solaris. (Jos Backus, Martin Pool)
* Fix minor memory leak in socket code. (Dave Dykstra, Martin
Pool.)
* Fix --whole-file problem that caused it to be the default even
for remote connections. (Martin Pool, Frank Schulz)
* Work around bug in Mac OS X mkdir(2), which cannot handle
trailing slashes.
<http://www.opensource.apple.com/bugs/X/BSD%20Kernel/2734739.html>
(Martin Pool)
* Improved network error handling. (Greg A. Woods)
interface as well as with others. If you're using "pppd" and want to be
able to use trafshow to see what's going on on this interface,
you want to update.
Bumb PKGREVISION
ftp.proxy is a proxy server for a subset of the file tranfer protocol
described in RFC 959. It forwards traffic between a client and a
server without looking too much if both hosts do real FTP. The FTP
server can be either given on the command line or supplied by the
client.
It starts from inetd(8).
number rollbacks)
- wildcards bug fixed
- AA bit for class ANY bug fixed
- minor coredumps with really broken zones in zonec fixed
- linux & SunOS port
- New translation : norwegian. Contributed by Kurt Inge Sm\xe5dal /
EasyISP.org <kurt@easyisp.org> .
- The server now compiles and runs on OpenBSD/Sparc64 and HPUX.
- Minor fixes and cleanups were made.
- The good'ol poweredby.jpg logo has been replaced by pure-ftpd.png, the
new official logo contributed by Gabriele Vinci <gabriele@pronto.it> .
Based on changes by Dawid Szymanski <dawszy@arhea.net> in PR 16585
Upclient is a program that keeps track of your server
uptime, and lets you compare it with the uptime of other
(similar) hosts. It consists of two parts, a client- and a
serverpart. The client runs on your server and sends the
uptime every few minutes to the server. The server
collects all data in a table on this site.
Package re-added after the service formerly offered by uptimes.net
is now again online as http://www.wonko.com/
Upclient is a program that keeps track of your server
uptime, and lets you compare it with the uptime of other
(similar) hosts. It consists of two parts, a client- and a
serverpart. The client runs on your server and sends the
uptime every few minutes to the server. The server
collects all data in a table on this site.
Package re-added after the service formerly offered by uptimes.net
is now again online as http://www.wonko.com/
WHAT'S NEW IN Samba 2.2.4 - 2nd May 2002
=========================================
This is the latest stable release of Samba. This is the version that all
production Samba servers should be running for all current bug-fixes.
There have been several fixes and internal enhancements which include:
* More/better SPOOLSS printing functionality for Windows
NT/2k/XP clients.
* Several fixes relating to serving PC database files such
as (Access and FoxPro) from a Samba file share.
* Several improves in Samba's VFS layer which can be seen
in the inclusion of a "Recycle Bin" vfs module. See
examples/VFS/README for more details on this.
* Addition of a tool (tdbbackup) for backup/restore of Samba's
tdb's
* Continued improvements to winbind for greater scalability
and stability
* Several fixes related to Samba's MS-DFS support
* Rpcclient's various printer commands now work (again)
New/Changed parameters in 2.2.4
--------------------------------
For more information on these parameters, see the man pages for
smb.conf(5).
Added/changed parameters
------------------------
* csc policy
* inherit acls
* nt status support
* lock spin count
* lock spin time
* pid directory
* winbind use default domain
Depreciated parameters
----------------------
The following parameters have been marked as depreciated
and will be removed in Samba 3.0
* postscript
* printer driver
* printer driver file
* printer driver location
Removed Parameters
------------------
none
Changes in 2.2.4
----------------
See the cvs log for SAMBA_2_2 for more details
1) added -c option to smbpasswd
2) reworked smbpasswd internal command line option parsing
3) small various bug fixes to experimental pdb_tdb.c
4) Enforce spoolss RPCs based on the access granted at PrinterOpen()
5) Added missing access checks to [add/delete/set]form
6) Compile fixes for pam_smbpass
7) fix smbd crash when netbios session request fails from
spoolss_connect_to_client().
8) fixed logic bug that prevent SetPrinter() from storing devmode
9) Removed extra get_printer_snum() calls from set_printer_hnd_name()
10) fix joining domain on big endian machine when using -U to smbpasswd
11) allow command line arg to override smb.conf log level
12) continue to retry to register 1b name with wins server if there is an old IP there
13) fix smbclient print crash bug
14) 9x pnp fix when the config file and driver file are different
15) force testparm to print the correct value for log level
16) fix swat to show full log level info
17) fix server GetPrinterData() fields to be more sensible
18) fix logic error in SetPrinterDataEx()
19) Only set smb_read_error if not already set
20) Fix string returns that require unicode
21) Merge of printing performance fixes from appliance
22) lpq parsing fixes
23) Back port tridge's xcopy /o fix from HEAD
24) Fix the printer change notify code (unfinished)
25) Patch for Domain users not showing up
26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
27) Ensure that all methods of looking up and connecting to DC's work
using identical logic.
28) Merge in the mutex code to stop multiple domain logon failure
29) Ignore 0/0 lock
30) Fix winbindd to respect command line debuglevel as nmbd/smbd
31) Update with tdbbackup from HEAD
32) Fix for typo on solaris nss
33) Merge in the locking changes from HEAD
34) Added POSIX ACL layer into the vfs
35) Fix the returning of domain enum
36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
37) Enable test for -rdynamic when building binaries
38) Remove the "stat open" code - make it inline
39) Fix the mp3 rename bug
40) Fix for Explorer DFS problems on older Windows 9X machines
41) implement OpenPrinter() opnum == 0x01
42) Matched W2K *insane* open semantics....
43) small fix that will prevent the "failed to marshall
R_NET_SAMLOGON" message in the logs
42) don't do checking of local passdb in smbpasswd if using -r option
43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
try to connect to a server named '*'
44) merge rpcclient code from HEAD
45) Ensure MACHINE.SID update done before child spawns
46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
47) Removed --with-vfs - always built if available
48) Fixed psec for 2.2
49) Fixed the handle leak in the connection management code
50) fix disable spoolss after the switch to nt status codes
51) Added Shirish's client side caching policy change
52) Honor the specversion when parsing the the DEVICEMODE
53) fix parsing bug when DEVICEMODE's private data does not end
on a 4 byte boundary
54) do not idle an smbd when there is an open pipe
55) when a new driver is added to a Samba server, cycle through
all printers and bump the change_id for each one bound to the driver
56) allow smbclient to work with a FIFO as well (needed for KDE
ioslave)
57) various updates to pdb_nisplus.c
58) many small documentation updates
59) removed many compiler warnings
Known Bugs
----------
* Under certain conditions when serving the MS Access 2000
executable file and an Access database from a Samba share,
it is possible to experience data corruption. This pug does
does occur when the database is served from a Samba file share
but the Access *.exe is stored on the client's local file system.
The exact reason for this bug is unknown at this time.
--- 9.2.1 released ---
1271. [port] win32: a make file contained absolute version specific
references.
1269. [bug] Missing masters clause was not handled gracefully.
[RT #2703]
1244. [bug] Receiving a TCP message from a blackhole address would
prevent further messages being received over that
interface.
1178. [bug] Follow and cache (if appropriate) A6 and other
data chains to completion in the additional section.
--- 9.2.1rc2 released ---
1240. [bug] It was possible to leak zone references by
specifying an incorrect zone to rndc.
1239. [bug] Under certain circumstances named could continue to
use a name after it had been freed triggering
INSIST() failures. [RT #2614]
1238. [bug] It is possible to lockup the server when shutting down
if notifies are being processed. [RT #2591]
1237. [bug] nslookup: "set q=type" failed.
1236. [bug] dns_rdata{class,type}_fromtext() didn't handle non
NULL terminated text regions. [RT #2588]
1232. [bug] unix/errno2result() didn't handle EADDRNOTAVAIL.
1231. [port] HPUX 11.11 recvmsg() can return spurious EADDRNOTAVAIL.
1230. [bug] isccc_cc_isreply() and isccc_cc_isack() were broken.
1229. [bug] named would crash if it received a TSIG signed
query as part of an AXFR response. [RT #2570]
1228. [bug] 'make install' did not depend on 'make all'. [RT #2559]
1227. [bug] dns_lex_getmastertoken() now returns ISC_R_BADNUMBER
if a number was expected and some other token was
found. [RT#2532]
1222. [bug] Specifying 'port *' did not always result in a system
selected (non-reserved) port being used. [RT #2537]
1221. [bug] Zone types 'master', 'slave' and 'stub' were not being
compared case insensitively. [RT #2542]
1218. [bug] Named incorrectly returned SERVFAIL rather than
NOTAUTH when there was a TSIG BADTIME error. [RT #2519]
1216. [bug] Multiple server clauses for the same server were not
reported. [RT #2514]
1215. [port] solaris: add support to ifconfig.sh for x86 2.5.1
1214. [bug] Win32: isc_file_renameunique() could leave zero length
files behind.
1212. [port] libbind: 64k answer buffers were causing stack space
to be exceeded for certian OS. Use heap space instead.
1211. [bug] dns_name_fromtext() incorrectly handled certain
valid octal bitlabels. [RT #2483]
1210. [bug] libbind: getnameinfo() failed to lookup IPv4 mapped /
compatible addresses. [RT #2461]
1208. [bug] dns_master_load*() failed to log a error message if
an error was detected when parsing the ownername of
a record. [RT #2448]
--- 9.2.1rc1 released ---
1207. [bug] libbind: getaddrinfo() could call freeaddrinfo() with
an invalid pointer.
1206. [bug] SERVFAIL and NOTIMP responses to an EDNS query should
trigger a non-EDNS retry.
1205. [bug] OPT, TSIG and TKEY cannot be used to set the "class"
of the message. [RT #2449]
1204. [bug] libbind: res_nupdate() failed to update the name
server addresses before sending the update.
1201. [bug] Require that if 'callbacks' is passed to
dns_rdata_fromtext(), callbacks->error and
callbacks->warn are initialized.
1200. [bug] Log 'errno' that we are unable to convert to
isc_result_t. [RT #2404]
1198. [bug] OPT printing style was not consistant with the way the
header fields are printed. The DO bit was not reported
if set. Report if any of the MBZ bits are set.
1197. [bug] Attempts to define the same acl multiple times were not
detected.
1196. [contrib] update mdnkit to 2.2.3.
1195. [bug] Attempts to redefine builtin acls should be caught.
[RT #2403]
1194. [bug] Not all duplicate zone definitions were being detected
at the named.conf checking stage. [RT #2431]
1193. [bug] Best effort parsing didn't handle packet truncation.
1191. [bug] A dynamic update removing the last non-apex name in
a secure zone would fail. [RT #2399]
1189. [bug] On some systems, malloc(0) returns NULL, which
could cause the caller to report an out of memory
error. [RT #2398]
1188. [bug] Dynamic updates of a signed zone would fail if
some of the zone private keys were unavailable.
1186. [bug] isc_hex_tobuffer(,,length = 0) failed to unget the
EOL token when reading to end of line.
1185. [bug] libbind: don't assume statp->_u._ext.ext is valid
unless RES_INIT is set when calling res_*init().
1184. [bug] libbind: call res_ndestroy() if RES_INIT is set
when res_*init() is called.
1183. [bug] Handle ENOSR error when writing to the internal
control pipe. [RT #2395]
1182. [bug] The server could throw an assertion failure when
constructing a negative response packet.
1176. [doc] Document that allow-v6-synthesis is only performed
for clients that are supplied recursive service.
[RT #2260]
1175. [bug] named-checkzone failed to call dns_result_register()
at startup which could result in runtime
exceptions when printing "out of memory" errors.
[RT #2335]
1174. [bug] Win32: add WSAECONNRESET to the expected errors
from connect(). [RT #2308]
1173. [bug] Potential memory leaks in isc_log_create() and
isc_log_settag(). [RT #2336]
1172. [doc] Add CERT, GPOS, KX, NAPTR, NSAP, PX and TXT to
table of RR types in ARM.
1170. [bug] Don't attempt to print the token when a I/O error
occurs when parsing named.conf. [RT #2275]
1168. [bug] Empty also-notify clauses were not handled. [RT #2309]
1167. [contrib] nslint-2.1a3 (from author).
1166. [bug] "Not Implemented" should be reported as NOTIMP,
not NOTIMPL. [RT #2281]
1165. [bug] We were rejecting notify-source{-v6} in zone clauses.
1164. [bug] Empty masters clauses in slave / stub zones were not
handled gracefully. [RT #2262]
1162. [bug] The allow-notify option was not accepted in slave
zone statements.
1161. [bug] named-checkzone looped on unbalanced brackets.
[RT #2248]
1160. [bug] Generating Diffie-Hellman keys longer than 1024
bits could fail. [RT #2241]
1156. [port] The configure test for strsep() incorrectly
succeeded on certain patched versions of
AIX 4.3.3. [RT #2190]
1154. [bug] Don't attempt to obtain the netmask of a interface
if there is no address configured. [RT #2176]
1152. [bug] libbind: read buffer overflows.
1144. [bug] rndc-confgen would crash if both the -a and -t
options were specified. [RT #2159]
1142. [bug] dnssec-signzone would fail to delete temporary files
in some failure cases. [RT #2144]
1141. [bug] When named rejected a control message, it would
leak a file descriptor and memory. It would also
fail to respond, causing rndc to hang.
[RT #2139, #2164]
1140. [bug] rndc-confgen did not accept IPv6 addresses as arguments
to the -s option. [RT #2138]
1136. [bug] CNAME records synthesized from DNAMEs did not
have a TTL of zero as required by RFC2672.
[RT #2129]
1125. [bug] rndc: -k option was missing from usage message.
[RT #2057]
1124. [doc] dig: +[no]dnssec, +[no]besteffort and +[no]fail
are now documented. [RT #2052]
1123. [bug] dig +[no]fail did not match description. [RT #2052]
1109. [bug] nsupdate accepted illegal ttl values.
1108. [bug] On Win32, rndc was hanging when named was not running
due to failure to select for exceptional conditions
in select(). [RT #1870]
1081. [bug] Multicast queries were incorrectly identified
based on the source address, not the destination
address.
1072. [bug] The TCP client quota could be exceeded when
recursion occurred. [RT #1937]
1071. [bug] Sockets listening for TCP DNS connections
specified an excessive listen backlog. [RT #1937]
1070. [bug] Copy DNSSEC OK (DO) to response as specified by
draft-ietf-dnsext-dnssec-okbit-03.txt.
1014. [bug] Some queries would cause statistics counters to
increment more than once or not at all. [RT #1321]
1012. [bug] The -p option to named did not behave as documented.
988. [bug] 'additional-from-auth no;' did not work reliably
in the case of queries answered from the cache.
[RT #1436]
995. [bug] dig, host, nslookup: using a raw IPv6 address as a
target address should be fatal on a IPv4 only system.
jvm supported by pkgsrc (such as the blackdown jdk on powerpc), not just
the sun jvm on i386.
If user is using a java-1.1 jdk (pkgsrc/lang/jdk or kaffe), pull in swing
from the swing package.
Changes:
* Updated translations
* Updated English manual and translated it to Portuguese
* Fixed bugs:
- When checking if the user could write to a certain
directory all the groups the user was in where not
checked so it was possible to write while the application
said otherwise.
- Spec file rewrote to be more correct, thanks to Gregory
Leblanc <gleblanc@linuxweasel.com>
XNap is a Java file sharing client. It is powerful, easy to use, and
efficient. Features include fetching a server list from Napigator,
connecting to multiple OpenNap servers, doing multiple concurrent
searches, and automatic downloading. You can view your MP3 files and
play them conveniently from within XNap. It also provides a
commandline interface for use on a terminal.
Contributed by ben@wongs.net in PR 16528
