Notable changes in Gromacs 4.5.5:
* Improved pdb2gmx -chainsep option and reintroduced the -merge option.
* Fixed mdrun file appending truncating files to 0 bytes when
continuation runs stopped before writing new output.
* Fixed COM pulling with multiple constraints checking the
convergence of one constraint instead of all.
* Fixed some dihedrals in sugars in Gromos53a5/6 working on the wrong atoms.
* AmberGS force field is now based on Amber94 instead of Amber96.
* Moved hydrogens in Charmm27 protein termini to separate
charge groups and added ACE and CT3 residue types.
* Many small fixes which avoid termination with fatal errors
or crashes in mdrun and tools.
* Many small updates to the manual pages of programs.
it should provide the jpeg-8 API/ABI rather than the -6b one.
So switch to 1.1.0 with the jpeg8 "configure" option.
Tested to be binary compatible on i386, at least for simple
image viewers.
being here, add "test" target
Alwo update isc-dhclient4, isc-dhcpd4 and isc-dhcrelay4.
Changes since 4.2.3-P1
! Modify the DDNS handling code. In a previous patch we added logging
code to the DDNS handling. This code included a bug that caused it
to attempt to dereference a NULL pointer and eventually segfault.
While reviewing the code as we addressed this problem, we determined
that some of the updates to the lease structures would not work as
planned since the structures being updated were in the process of
being freed: these updates were removed. In addition we removed an
incorrect call to the DDNS removal function that could cause a failure
during the removal of DDNS information from the DNS server.
Thanks to Jasper Jongmans for reporting this issue.
[ISC-Bugs #27078]
CVE: CVE-2011-4868
== MediaWiki 1.17.2 ==
2012-01-11
This a maintenance and security release of the MediaWiki 1.17 branch.
=== Security changes ===
* (bug 33117) prop=revisions allows deleted text to be exposed through cache pollution.
=== Changes since 1.17.1 ===
* (bug 32709) Private Wiki users were always taken to Special:Badtitle on login.
== MediaWiki 1.17.1 ==
2011-11-24
This a maintenance and security release of the MediaWiki 1.17 branch.
=== Security changes ===
* (bug 32276) Skins were generating output using the internal page title which
would allow anonymous users to determine wheter a page exists, potentially
leaking private data. In fact, the curid and oldid request parameters would
allow page titles to be enumerated even when they are not guessable.
* (bug 32616) action=ajax requests were dispatched to the relevant internal
functions without any read permission checks being done. This could lead to
data leakage on private wikis.
Release 1.9.1 (2012-01-12)
--------------------------
Security-related Bugfix
'''''''''''''''''''''''
- Fix flaw that would allow servers to cause undetected corruption when
retrieving the contents of mutable files (both SDMF and MDMF). (`#1654`_)
.. _`#1654`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1654
* InnoDB Storage Engine: Issuing INSERT...ON DUPLICATE KEY statements for
InnoDB tables from concurrent threads could cause a deadlock, particularly
with the INSERT...ON DUPLICATE KEY UPDATE form. The fix avoids deadlocks
caused by the same row being accessed by more than one transaction. Deadlocks
could still occur when multiple rows are inserted and updated simultaneously
by different transactions in inconsistent order; those types of deadlocks
require the standard error handling on the application side, of re-trying the
transaction.
* An incorrect InnoDB assertion could cause the server to halt. This issue only
affected debug builds. The assertion referenced the source file btr0pcur.ic
and the variable cursor->pos_state.
* The handle_segfault() signal-handler code in mysqld could itself crash due to
calling unsafe functions.
* ARCHIVE tables with NULL columns could cause server crashes or become corrupt
under concurrent load.
* Enabling myisam_use_mmap could cause the server to crash.
* Concurrent access to ARCHIVE tables could cause corruption.
* Don't specify upper limit version to depend. Since PHP extensions are
prefixed with PHP_PKG_PREFIX, it is no need to specify.
* Relax lower limit version to depend for php extensions which aren't
bundled in PHP 5.3.9 distribution file; reflecting recent change of
lang/php/ext.mk
To be safer, bump PKGREVISION.
* A new server option, --slow-start-timeout, controls the Windows service
control manager's service start timeout. The value is the maximum number of
milliseconds that the service control manager waits before trying to kill the
MySQL service during startup. The default value is 15000 (15 seconds). If the
MySQL service takes too long to start, you may need to increase this value.
A value of 0 means there is no timeout.
Bugs Fixed:
* Important Change: Replication: Setting an empty user in a CHANGE MASTER TO
statement caused an invalid internal result and is no longer permitted. Trying to use MASTER_USER='' or setting MASTER_PASSWORD while leaving MASTER_USER
unset causes the statement to fail with an error.
* Important Change: Replication: Moving the binary log file, relay log file, or
both files to a new location, then restarting the server with a new value for
--log-bin, --relay-log, or both, caused the server to abort on start. This
was because the entries in the index file overrode the new location. In
addition, paths were calculated relative to datadir (rather than to the
--log-bin or --relay-log values).
* InnoDB Storage Engine: When doing a live downgrade from MySQL 5.6.4 or later, with innodb_page_size set to a value other than 16384, now the earlier MySQL
version reports that the page size is incompatible with the older version,
rather than crashing or displaying a “corruption” error.
* InnoDB Storage Engine: Issuing INSERT...ON DUPLICATE KEY statements for
InnoDB tables from concurrent threads could cause a deadlock, particularly
with the INSERT...ON DUPLICATE KEY UPDATE form. The fix avoids deadlocks
caused by the same row being accessed by more than one transaction. Deadlocks
could still occur when multiple rows are inserted and updated simultaneously
by different transactions in inconsistent order; those types of deadlocks
require the standard error handling on the application side, of re-trying the
transaction.
* An incorrect InnoDB assertion could cause the server to halt. This issue only
affected debug builds. The assertion referenced the source file btr0pcur.ic
and the variable cursor->pos_state.
* Locale information for FORMAT() function instances was lost in view
definitions.
* The handle_segfault() signal-handler code in mysqld could itself crash due to
calling unsafe functions.
* Enabling myisam_use_mmap could cause the server to crash.
* Concurrent access to ARCHIVE tables could cause corruption.
* Do not append a slash to the directory name if it already has one.
Changes 1.7.23:
* Ignore any attempt to use "-ow" with the "-d" or "-e" options, with warning.
* Include zlib.h if ZLIB_H is not defined (instead of checking the libpng
version; see entry below for pngcrush-1.7.14), and include string.h
if _STRING_H_ is not defined (because libpng-1.6 does not include string.h)
* Define SLASH = backslash on Windows platforms so the "-d" option will work.
