Changelog:
FIXED
Security fixes can be found here
Fixed in Firefox ESR 17.0.9
MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
MFSA 2013-90 Memory corruption involving scrolling
MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)
MFSA 2013-65 Buffer underflow when generating CRMF requests
Changelog:
The following security bug fixes should be applied to thunderbird-17.0.9.
But I cannot find any documents.
MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
MFSA 2013-90 Memory corruption involving scrolling
MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)
MFSA 2013-65 Buffer underflow when generating CRMF requests
Changelog:
2013-07-10 v3.5.2 allow ENV vars to be set from repo options, for use in
triggers and hooks
bug-fix: the new set-default-roles feature was being
invoked on every run of "perms" and overriding it!
Changelog:
0.0.15
- improved spacing for cyrillics (#703588)
- fixed hinting on numerals (704084)
- bold outlines improved (#706358)
- improved cyrillics (#706358)
- improved outlines and spacing (#703115)
- missing romanian accent glyphs (#705004)
- uppercase U shape improvements (#702955)
0.0.14
- Large improvement to shapes of latin and extended latin glyphs (Pooja Saxena)
- Improvements to the numeral shapes (Pooja)
- Greatly improved horizontal metrics of regular weight (Pooja)
- Corrected maths (Pooja)
- Corrected outlines & metrics of Cyrillics (Pooja)
0.0.13
- many l/rbearking tweaks
- extra symbols for Shell (bug #657957)
- balanced shape for s and S
- balanced shape for 6 and 9
- balanced 2 and 3
- improved hhints
- OT anchors for accents
- contrast tweaks to bold (b, B, e)
go1.1.2 (released 2013/08/13) includes fixes to the gc compiler and cgo,
and the bufio, runtime, syscall, and time packages. See the change
history for details. If you use package syscall's Getrlimit and
Setrlimit functions under Linux on the ARM or 386 architectures, please
note change 55ac276af5a7 that fixes issue 5949.
This is a leaf package, so it should be ok during the freeze.
Proposed at tech-pkg@ and supported by gdt@, thanks.
----------------------
Date: Saturday, September 21, 2013 8:32 PM
Subject: TQSL-2.0-RC6 Public release available
There's a new TQSL beta test release available for download.
This release corrects the following defects discovered since TQSL
2.0-RC5 (as well as severl enhancements).
Strip leading spaces and trailing spaces from station locations passed
on the command line to help correct for common user errors.
Display LoTW errors returned when a callsign certificate request fails
for some reason.
Record multiple outstanding certificate requests and delete the
pending status if the user deletes the corresponding callsign
certificate.
Remove an errant "M" on the certificate request signing page. Properly
wrap the text on that page for MacOS.
The TQSL version number is always displayed for command line usage
unless "-n" (check for new TQSL, configuration and program updates) is
used.
Added a new icon for TQSL contributed by K1GQ. The default shortcut
icon has not changed, but the new icon is available for selection.
Display an error when the TQSL configuration files (station locations,
callsign certificates, etc.) can't be opened. All earlier versions of
TQSL ignored these errors and started up with no callsign certificates
or station locations defined.
When a user selects a callsign in the Station Location window then
clicked on "Create new Station Location", the DXCC entity in the
station location wizard used the entity of the first callsign, not the
selected callsign.
The station location editor no longer shows multiple entries with the
same DXCC entity in the entity selection pulldown list when there are
multiple callsign certificates for a given callsign.
0.62 (01/26/2013)
(dc) Add support for HTTP compression where available, enabled by default.
(cb) Add support for EAN to the US locale, as reported by Jacob Turino.
(cb) Add Spain and Italy locales, as implemented by Menno Blom.
(cb) Add some new departments in Amazon.co.jp, as implemented Naoya Ito.
Features:
* New config option "ip-transparent:" to allow NSD to bind to non local
addresses. Default no.
* Use IPV6 minimum MTU settings with TCP to reduce failures that are caused
by delays in learning working PMTU when communicating through a tunnel.
* Bugfix #496: Support for EUI48 and EUI64 RR types. Experimental,
turned off by default. Enable with --enable-draft-rrtypes.
* New config option "rrl-slip:" to set the average number of packets
discarded before we send back a truncated response.
* New config option "rrl-ipv4-prefix-length:" and "rrl-ipv6-prefix-length:"
to set the prefix lengths.
* Improved RRL logging, also print triggering query src address and QTYPE.
* Provide RRL documentation in nsd.conf.sample.
Bugfixes:
* Bugfix #357: Parent process waits until children closed down sockets,
to prevent NSD failing to bind to sockets when restarting.
* Bugfix #487: lookup3.c determine endianness for BSD systems.
* Bugfix #491: pick program name (0th argument) as syslog identity.
* Bugfix #494: Exit with return code 1 if socket code fails.
* Bugfix #495: Wrong bufsize in dname_to_string for root.
* Fix outgoing-interface: Don't fail if family is IPv6 but only IPv4
outgoing-interface is set, or vice versa.
* RRtypes ASFDB, RP, RT should not compress dnames.
* Check that zone directory is within chroot directory.
* Better XFR checking, fallback to AXFR (if allowed) if three malformed
XFR packets have been seen.
- New Features
- OWL - The Owl Monitoring System uses timed DNS queries
to monitor basic network functionality. The system
consists of a manager host and a set of sensor hosts.
The Owl sensors perform periodic DNS queries and
report to the Owl manager the time taken for each
query. Over time, this shows the responsiveness of
the DNS infrastructure.
- dnssec-nodes - Many new features have been added:
- The validation tree now supports clicking on
boxes to highlight it and the arrows that derive
from it. Great for use when teaching about
DNSSEC.
- An extensive filter/effect editor now lets you
tailor the look of a graph to color-code, set
the alpha levels, etc of nodes based on their
names, status, data types, etc.
- Right clicking on a node lets you center the
graph on that node.
- More data types are collected and shown in the
data view.
- Support for arguments on the command line for
parsing log files, pcap files and domain names.
- The validation view has received a visual clean-up
- Many other bug fixes
- Bloodhound: - A mozilla-based DNSSEC-enabled browser with DANE support
- Added support for validation of SSL certificates
using the DANE protocol.
- curl - Added support for validation of SSL certificates
using the DANE protocol.
- libval - Added support for local DANE validation
- Extended the dt-danechk commandline tool to check
the X509 cert provided over the SSL connection
against the TLSA record.
- Optimized glue record lookup when the only ip
addresses configured for the host are for a single
address family (ipv4 or ipv6)
- fine tune res_io source management
- dnssec-check - dnssec-check now checks DNAME support
- rollerd - A new set of steps for KSK rollover has been
implemented. A cache-expiration wait phase has
been moved after the publication of DS records in
order to allow name caches to reflect the changes.
In addition to rollerd, supporting program have
been modified to recognize this change.
- rollrec files - A new "information rollrec" has been added to the
rollrec files. This will allow infomration to be
specified for the collection of rollrecs. At this
time, the only information stored in this rollrec
is the version number of the rollrec file.
In addition to the rollrec.pm Perl module, programs
which use this module have been modified to recognize
this change.
If you use the rollrec.pm module, you should test
to see if your code is affected. The modifications
for the info rollrec have been made to minimize
affected programs. If you parse the rollrec files
yourself, you will have to account for this change.
- multiple - The perl-based tools can now use either the
ZoneFile::Fast or the Net::DNS zone file parser,
thanks to a patch from Sebastian Schmidt (yath@yath.de).
- ZoneFile:Fast - Support for TLSA
- Made it compatible with newer Net::DNS releases
- Qt5 - A patch to support DNSSEC checks in Qt5 DNS lookups
- Bug Fixes
- zonesigner - Fixed SOA parsing and serial number update issues
- libval - Properly initialize memory in sockaddr structures
before use.
