more information on the release:
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
In particular, this release fixes a couple long-standing bugs related to
JIT and LinuxThreads (clone(2)-based).
that is(?!) when trying to find the default route:
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default link#2 UC - tlp0
default 132.199.210.131 UGS - tun0
Changes include:
1.5a
* A typo in an assert caused Honeyd to crash for most services.
* The subsystem support did not correctly support
getsockname for sockets coming via accept().
1.5b
* A crash when processing ARP packets.
* Correct default action handling for UDP packets.
* Fixed --without-python flag when using configure.
"A vulnerability in libtunepimp can be potentially exploited by
malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the
"LookupTRM::lookup()" function when retrieving album release dates.
This can be exploited to cause a buffer overflow by returning an overly
long release date string (more than 100 bytes).
Successful exploitation may allow execution of arbitrary code in context
of an application using the vulnerable library."
http://secunia.com/advisories/21026/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600
Patch from MusicBrainz SVN. Bump PKGREVISION.
0.29 release. Code cleanups and bug fixes.
New features:
- The output of 'mtn status' has been changed significantly; the
output formerly used by 'mtn status --brief' has become the
default. For output similar to the old 'mtn status', see
'mtn automate get_revision'.
- It is now significantly easier to control what merger
monotone uses to resolve conflicts; for instance, to use
emacs to resolve conflicts, add:
merge = "emacs"
to your .monotonerc file. To override temporarily, you can
also use the environment variable MTN_MERGE, which takes the
same strings. Currently recognized strings are "kdiff3",
"xxdiff", "opendiff", "tortoisemerge", "emacs", "vim", and
"meld".
- Formerly, monotone's sync-over-ssh support required that an
absolute path be used, with a URL like:
ssh://venge.net/home/njs/my-db.mtn
The following syntaxes are now supported as well:
ssh://venge.net/~/my-db.mtn
ssh://venge.net/~njs/my-db.mtn
Bugs fixed:
- The bug where monotone would sometimes respond to a control-C
(or several other signals) by locking up and refusing to exit,
has been fixed.
- Monotone now properly respects SIGPIPE. In particular, this
means that 'mtn log | less' should now exit promptly when
'less' is exited.
- 'mtn log' now flushes its output after each message; this
makes 'mtn log <FILES>' significantly more usable.
- 'mtn log <FILES>' formerly listed irrelevant revisions (in
particular, any revision which contained a delete of any files
or directories, was always included). This has been fixed.
- If, during an update, two files both had conflicts, which,
when resolved, resulting the two files becoming identical, the
update would error out. This has been fixed.
- If _MTN/log exists and does not end in a newline, we now add a
newline before using the log message. This removes a problem
where the string "MTN:" would end up appended to the last line
of the log message.
- We no longer buffer up an arbitrarily large number of pending
writes in the database. This improves speed and memory usage
for 'commit', and fixes the problem where 'cvs_import' would
run out of memory.
- Monotone's tree walking code (used by 'ls unknown', 'ls
missing', and friends) now uses much less memory, especially
on reiserfs.
Automate changes:
- 'mtn automate stdio' now uses a configurable block size,
controlled by command-line option --automate-stdio-size. This
is mostly useful for testing speed/memory trade-offs.
- 'automate attributes' has a new format, which includes more
information.
Code cleanup:
- We now use boost::program_options to parse command line
options, rather than popt. The only user-visible change
should be that --option="" no longer works as a way to set
some option to the empty string; use --option "". (This
change also removes a lot of orphaned and historically buggy
code from monotone.)
Other:
- zsh completion script significantly revised and updated (see
contrib/monotone.zsh_completion).
Finally add packages for the "new" version of blackbox, 0.70.x.
This window manager is incompatible with older versions, and older
add-on applications (aka "bbtools") will not work with this version.
Hence, add new versions of bbkeys and bbpager as well, to provide
at least the basics. (Again, these will not work with older versions.)
Why are we adding these? Well, I'm told that blackbox 0.70.x is
fully EWMH compliant and has better fonts. And people always ask
"why is blackbox 0.70.x not in pkgsrc?".
blackbox version 0.65 and the other bbtools that work with blackbox
will remain in pkgsrc.
"A vulnerability in libwmf can be potentially exploited by malicious
people to compromise an application using the vulnerable library.
The vulnerability is caused due to an integer overflow error when
allocating memory based on a value taken directly from a WMF file
without performing any checks. This can be exploited to cause a
heap-based buffer overflow when a specially crafted WMF file is
processed.
Successful exploitation may allow execution of arbitrary code."
http://secunia.com/advisories/20921/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376
Patch from Red Hat. Bump PKGREVISION.
Event::RPC supports you in developing Event based networking client/server
applications with transparent object/method access from the client to the
server. Network communication is optionally encrypted using IO::Socket::SSL.
Several event loop managers are supported due to an extensible API.
Currently Event and Glib are implemented.
Changes between release 0.4.1 and 0.4.2 include, among other things:
o) The NetWinder emulation mode now works well enough to let
NetBSD/netwinder run from a disk image.
(NetBSD/netwinder has to be installed manually, though, because
there is no installation ramdisk kernel. The GXemul documentation
has an example of how to install NetBSD/netwinder using an emulated
NetBSD/pmax machine.)
o) Algorithmics P5064 emulation works well enough to let NetBSD/algor
run from a disk image. (Similar to NetBSD/netwinder, it has to
be installed manually, using another emulated machine.)
o) PCI configuration register writes can now be handled, which allows
NetBSD/Malta (evbmips) 3.0.1 and NetBSD/cobalt 3.0.1 to run from
PCI IDE harddisk images. (Previously, only NetBSD 2.1 worked for
the Malta and Cobalt emulation modes.)
o) Some performance increases:
The virtual translation table update routine has been simplified
to work the same way for 32-bit and 64-bit emulation, and this
apparently results in a speedup for all 64-bit modes.
For 32-bit MIPS, some more instruction combinations have been added.
