and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
set OVERRIDE_DIRDEPTH to find any libtool scripts deeper in the WRKSRC
tree unless they're named something other than "libtool".
SHLIBTOOL_OVERRIDE generally doesn't need to be specified either -- just
define it to the empty list and shlibtool-override will look for libtool
scripts.
Since the heimdal install process will install additional headers in
${PREFIX}/include/krb5 depending on what the configure process detects,
simply query the source Makefile at install-time for the extra headers
that it will install and dynamically add them to the PLIST.
changes:
- Fix asn1_octet_der to handle writes of zero-length buffers, before
it did not write the ASN.1 length for a zero-length buffer. This caused
ASN.1 encodings to be incorrect on 64-bit platforms.
- Add self test that attempt to trigger the above bug.
- Fix test of -Wno-pointer-sign.
- Improve cross-compilation to MinGW by using AC_LIBTOOL_WIN32_DLL.
Noteworthy changes in version 1.4.4 (2006-06-25)
------------------------------------------------
* User IDs are now capped at 2048 byte. This avoids a memory
allocation attack (see CVE-2006-3082).
[was already fixed in pkgsrc]
* Added support for the SHA-224 hash. Like the SHA-384 hash, it
is mainly useful when DSS (the US Digital Signature Standard)
compatibility is desired.
* Added support for the latest update to DSA keys and signatures.
This allows for larger keys than 1024 bits and hashes other than
SHA-1 and RIPEMD/160. Note that not all OpenPGP implementations
can handle these new keys and signatures yet. See
"--enable-dsa2" in the manual for more information.
"parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions,
allows remote attackers to cause a denial of service (gpg crash) and
possibly overwrite memory via a message packet with a large length,
which could lead to an integer overflow, as demonstrated using the
--no-armor option."
Patch from GnuPG CVS repository.
Bump PKGREVISION.
Always use "man" instead of catpages.
Make sure "run" directory is precreated, so you don't get:
/usr/bin/sudo sudo: can't mkdir /var/run/sudo: No such file or directory
Bump PKGREVISION.
Okayed by maintainer back in December. The only concern was
that /var/run may not be for all platforms, but this is same
as other packages to (not specific to sudo).
Pkgsrc changes:
- none
Relevant changes since version 5.31:
====================================
- modified addfile to accept indirect filehandles
-- ref. rt.cpan.org #19627 and #19641
- modified shasum to warn rather than die for file errors
-- to follow conventions of GNU sha1sum/md5sum
- added new capabilities to the "addfile" method
-- now able to accept file names as well as handles
-- includes mode for portable digest calculation
-- thanks to Adam Kennedy for emails and ideas
ref. File::LocalizeNewlines
- used expanded addfile interface to simplify shasum (sumfile)
-- regex a tad less general than 5.37, but handles all
known newline variants in UNIX/Windows/MacOS
- enhanced WARNING messages from shasum checkfile processing
-- to mimic behavior of md5sum
- improved error handling of checksum files in shasum
-- to better mimic the behavior of md5sum
- refined line-break regex in shasum (ref. sub sumfile)
-- catches multiple CR's preceding LF
thanks to Gisle Aas for suggested patch
- changed loop vars to signed int's in shadump (ref. src/sha.c)
-- to prevent type mismatch warnings
- added "portable" option to shasum
-- to make digests match across Windows/Unix/MacOS
- enabled bundling of shasum command line options
-- to mimic behavior of md5sum
- removed \r's from text files in t/nist directory
-- resolves SIGNATURE clashes (rt.cpan.org #18983)
- changed suffix on SHA64_MAX (src/sha.h) to ULL
-- eliminates gcc warnings (rt.cpan.org #18988)
- specified minimum Perl version for module and Makefile.PL
-- closes rt.cpan.org #18984
- made minor code changes to silence compiler warnings
-- resulting from signed/unsigned integer mixing
> - 6/4/2006 1.2.5 (sarah)
> - Added base64 encoding support for MAC addresses presented on the screen for FLoP extended database -- Juergen Leising
> - Added base64 encoding support for rebuild of packet in pcap format for FLoP extended database -- Juergen Leising
> - Fixed issue with Oracle and schema version in base_db.inc.php -- Nikns
> - Fixed bug when alerts with sig references would fail to archive causing duplicates error -- Nikns
> - Added base64 encoding support for ICMP payload additional table in base_qry_alert.php -- Juergen Leising
> - Added check for PHP Logging Level against E_NOTICES in setup/index.php -- Nikns
> - Fixed bug when certain preprocessor alerts would not be cached (for example arpspoof) -- Nikns
> - Added setup/setup_db.inc.php with CreateBASEAG() to resolve redundancy in setup and base_db_setup.php -- Nikns
> - Removed unnecessary and broken search index stuff from Create BASE AG, since schemas are already with them -- Nikns
> - Added XSSPrintSafe() (array safe htmlspecilchars() function) and made filterSql() use ADOdb qmagic() -- Nikns
> - Changed input type of the password field to actually be password in setup3.php -- Nikns
> - Filtered all unfiltred (mainly auth system stuff) $_POST and $_GET variables using filterSql() -- Nikns
> - Santized all $_SERVER variables to be protected against XSS attacks -- Nikns
> - Added "Clear Data Tables" option in base_maintenance.php and "Repair Tables" option to execute CreateBASEAG() -- Nikns
> - Make use of FLoP's event reference. Signature name of alert which trigered "Tagged Packet" alert is shown too -- Nikns
> - Updated chinese.lang.php -- Johnson Chiang
> - Fixed Time error in searches -- Jeff Kell
> - Fixed refresh issue with ~ directories -- Kevin Johnson
> - Fixed cookie stored data and authentication scheme to correct Nikns' report on session forge issue -- GaRaGeD
> - Updated link to the Nessus plug in DB -- Jonathan W Miner
> - Fixed display after deleting alerts -- Bruce Briggs
> - Fixed Bug #1466392 - Back button doesn't work after refresh. -- Juergen Leising
> - Patches from jhart@spoofed.org to add missing ICMP and TCP type and codes - GaRaGeD
> - add support for ICMP redirect decoding. - Jon Hart
> - add decoding support for ICMP source quench and ICMP parameter problem - Jon Hart
> - split up "flags" into DF and MF, much like tcp flags are currently handled - Jon Hart
these indices web browser will often timeout before delete operation completes.
Update to libpreludedb 0.9.8. Changes:
- Always use prelude_escape_binary() when inserting additional data, even in case
we're inserting a string, since the database field might be of a type that require
binary kind of escaping. Fix#143.
- Implement reading of message_processing_model, security_model, security_level.
Handling of community member is deprecated (IDMEFv16 update).
- Fix a bug where Service->ip_version would not be read from database.
- Error reporting improvement.
