- Support for common raw disk image formats using 512 byte sectors,
specifically GPT, APM, and MBR partitioning.
- Experimental support of OpenIOC files. ClamAV will now extract file
hashes from OpenIOC files residing in the signature database location,
and generate ClamAV hash signatures. ClamAV uses no other OpenIOC
features at this time. No OpenIOC files will be delivered through
freshclam. See openioc.org and iocbucket.com for additional information
about OpenIOC.
- All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan, clamdtop)
now support IPV6 addresses and configuration parameters.
- Use OpenSSL file hash functions for improved performance. OpenSSL
is now prerequisite software for ClamAV 0.98.3.
- Improved detection of malware scripts within image files. Issue reported
by Maarten Broekman.
- Change to circumvent possible denial of service when processing icons within
specially crafted PE files. Icon limits are now in place with corresponding
clamd and clamscan configuration parameters. This issue was reported by
Joxean Koret.
- Improvements to the fidelity of the ClamAV pattern matcher, an issue
reported by Christian Blichmann.
- Opt-in collection of statistics. Statistics collected are: sizes and MD5
hashes of files, PE file section counts and section MD5 hashes, and names
and counts of detected viruses. Enable statistics collection with the
--enable-stats clamscan flag or StatsEnabled clamd configuration
parameter.
- Improvements to ClamAV build process, unit tests, and platform support with
assistance and suggestions by Sebastian Andrzej Siewior, Scott Kitterman,
and Dave Simonson.
- Patch by Arkadiusz Miskiewicz to improve error handling in freshclam.
- ClamAV 0.98.3 also includes miscellaneous bug fixes and documentation
improvements.
----------
3.3.58 16mar14 Added /Data Format/Popcnt function for ones counting.
Warnings fixes from new Clang 3.4 scan-build.
Updated VCD ID generation in various helpers to use a faster,
equivalent algorithm.
Change [1] at end of struct to C99 [] notation with appropriate
allocation size modification.
System_profiler speed fix for OSX.
3.3.59 26apr14 Use Duff's Device for 8 byte -> 1 byte binary value compression
algorithm in FST writer.
Warnings fixes from cppcheck.
Moved MinGW for FST to using different windows tempfile
generation instead of tmpfile().
Removed fflush() in FST for MinGW in places that can cause
crashes with read only files.
Updated man page for gtkwave.1 indicating that XID is in hex.
Allow decimal conversions on popcnt filtered vectors that are
greater than 64 bits (they will never overflow).
Collection.
OAuth often seems complicated and difficult-to-implement. There are several
prominent libraries for handling OAuth requests, but they all suffer from one
or both of the following:
* They predate the OAuth 1.0 spec, AKA RFC 5849.
* They predate the OAuth 2.0 spec, AKA RFC 6749.
* They assume the usage of a specific HTTP request library.
OAuthLib is a generic utility which implements the logic of OAuth without
assuming a specific HTTP request object or web framework. Use it to graft OAuth
client support onto your favorite HTTP library, or provider support onto your
favourite web framework. If you're a maintainer of such a library, write a thin
veneer on top of OAuthLib and get OAuth support for very little effort.
Collection.
Twython is the premier Python library providing an easy (and up-to-date) way to
access Twitter data. Actively maintained and featuring support for Python 2.6+
and Python 3. It's been battle tested by companies, educational institutions
and individuals alike.
update for libpng12
Description:
This libpng12 update fixes the following two security
issues.
- bnc#873123: Fixed integer overflow leading to a
heap-based buffer overflow in png_set_sPLT() and
png_set_text_2() (CVE-2013-7354).
- bnc#873124: Fixed integer overflow leading to a
heap-based buffer overflow in png_set_unknown_chunks()
(CVE-2013-7353).
Bump PKGREVISION.
mbuffer is a tool for buffering data streams with a large set of
unique features:
* direct support for TCP based network targets (IPv4 and IPv6)
* ability to send to multiple targets in parallel (distribution mode)
* support for multiple volumes
* I/O rate limitation
* high/low watermark based restart criteria
* configurable buffer size
* on the fly MD5 hash calculation
* highly efficient, multi-threaded implementation
It is especially useful, if you are writing backups to fast tape drives
or libraries.
If we don't install libgcc_s.10.[45].dylib, our gcc links binaries
with *both* /usr/lib/libgcc_s.1.dylib and
${GCC_PREFIX}/lib/libgcc_s.1.dylib, which is certainly a bad thing.
The problem was already reported to the upstream but it caught
seemingly no attention:
http://gcc.gnu.org/ml/gcc-help/2010-07/msg00164.html
This Python2/3 library provides an easy interface to the bitcoin data structures
and protocol. The approach is low-level and "ground up", with a focus on
providing tools to manipulate the internals of how Bitcoin works.
Collection.
Gunicorn 'Green Unicorn' is a Python WSGI HTTP Server for UNIX. It's a
pre-fork worker model ported from Ruby's Unicorn project. The Gunicorn
server is broadly compatible with various web frameworks, simply
implemented, light on server resource usage, and fairly speedy.
See ${WRKSRC}/libgcc/config/t-slibgcc-darwin: It uses strip(1) to
create a stub library, not just to remove symbols, so we must not
let strip(1) be a no-op regardless of ${INSTALL_UNSTRIPPED} or the
build fails for missing files.
Changes from Ant 1.9.3 TO Ant 1.9.4
===================================
Changes that could break older environments:
-------------------------------------------
* the prefixValues attribute of <property> didn't work as expected
when set to false (the default).
It is quite likely existing build files relied on the wrong
behavior and expect Ant to resolve the value side against the
properties defined in the property file itself - these build files
must now explicitly set the prefixValues attribute to true.
Bugzilla Report 54769
* when matching an entry of a zip/tarfileset against a pattern a
leading slash will be stripped from the entry name. Most archives
don't contain paths with leading slashes anyway.
This may cause include/exclude patterns that start with a / to stop
matching anything. Such patterns only used to work by accident and
only on platforms with multiple file system roots.
Bugzilla Report 53949
* DirectoryScanner and thus fileset/dirset will now silently drop all
filesystem objects that are neither files nor directories according
to java.io.File. This prevents Ant from reading named pipes which
might lead to blocking or other undefined behavior.
Bugzilla Report 56149
* BuildFileTest and BaseSelectorTest have both been deprecated in
favour of BuildFileRule and BaseSelectorRule respectively, and the
tests that previously extended these base tests have been converted to
JUnit 4 tests using the new "rule"s. Any external test that sub-classed
a test in the Ant workspace, rather than BuildFileTest, will need
changed to either use JUnit4's annotations, or be modified to
extend BuildFileTest directly. This will not affect any tests that are
being executed by Ant's junit or batchtest tasks that are not specifically
testing Ant's code.
Fixed bugs:
-----------
* <import>/<include> failed when the importing file was loaded from an
URI or a jar and it imported a file from the local file system via
an absolute path.
Bugzilla Report 50953
* <import> could import the same resource twice when imported via
different resource types.
Bugzilla Report 55097
* several calls to File#mkdirs could fall victim to a race condition
where another thread already created the same directory.
Bugzilla Report 55290
* <manifestclasspath> created '/' rather than './' for the parent
directory of the given jarfile.
Bugzilla Report 55049
* <concat>'s fixlastline="true" didn't work when using certain filter
readers.
Bugzilla Report 54672
* several places where resources are read from jars will now
explicitly disable caching to avoid problems with reloading jars.
Bugzilla Report 54473
* AntClassloader will now ignore files that are part of the classpath
but not zip files when scanning for resources. It used to throw an
exception.
Bugzilla Report 53964
* <javadoc> caused a NullPointerException when no destdir was set.
Bugzilla Report 55949
* <jar filesetmanifest="mergewithoutmain"> would still include the
Main section of the fileset manifests if there was no nested
manifest or manifest attribute.
Bugzilla Report 54171
* reading of compiler args has become more defensive
Bugzilla Report 53754
* <copy> without force="true" would not only fail to overwrite a
read-only file as expected but also remove the existing file.
Bugzilla Report 53095
* <delete removeNotFollowedSymlinks="true"> would remove symbolic
links to not-included files. It will still delete symlinks to
directories that would have been followed even if they are not
explicitly included. exclude-Patterns can still be used to
preserve symbolic links.
Bugzilla Report 53959
* Sometimes copy-operations using NIO FileChannels fail. Ant will
now try to use a Stream based copy operation as fallback when the
Channel based copy fails.
Bugzilla Reports 53102 and 54397
* Javadoc.postProcessGeneratedJavadocs() fails for Classes that
extend Javadoc
Bugzilla Report 56047
* TarInputStream will now read archives created by tar
implementations that encode big numbers by not adding a trailing
NUL.
* the isExists() method of URLResource returned false positives for
HTTP and FTP URLs.
Other changes:
--------------
* initial support for Java 1.9
* <sshexec> can optionally pass System.in to the remote process
Bugzilla Report 55393
* <sshexec> now supports capturing error output of the executed
process and setting a property from the return code.
Bugzilla Report 48478
* <javadoc> now has an option to fail if javadoc issues warnings.
Bugzilla Report 55015
* <sql> has a new outputencoding attribute.
Bugzilla Report 39541
* changes to JUnitTestRunner and PlainJUnitResultFormatter to make
OutOfMemoryErrors less likely.
Bugzilla Report 45536
* changes to DOMElementWriter to make OutOfMemoryErrors less likely.
Bugzilla Report 54147
* <redirector> has a new attribute binaryOutput that prevents Ant
from splitting the output into lines. This prevents binary output
from being corrupted but may lead to error and normal output being
mixed up.
Bugzilla Report 55667
Bugzilla Report 56156
* the nested <message> elements of <mail> now have an optional
inputEncoding attribute that can be used to specify the encoding of
files read that don't use the platform's default encoding.
Bugzilla Report 56258
* The <get> task now explicitly accepts and supports the gzip content encoding.
Bugzilla Report 49453
* A new resourcecollection type <multirootfileset> acts like a union
of <fileset>s and <dirset>s that share the same configuration but
have different base directories.
Bugzilla Report 48621
* <get> has a quiet attribute that makes the task log errors only
when enabled.
GitHub Pull Request #1
* <junit> has now a threads attribute allowing to run the tests in several threads.
Bugzilla Report 55925
* addition of a new ProcessUtil class providing the process id of the current process
* changes to allow to run the JUnit testcases of Ant in parallel,
by making them use unique temporary directories
