Changes from previous:
0.54 Sat Mar 21 21:23:32 BST 2011
- Fix for a naked qw() warning (patch by David Wheeler)
- Fixed path issues (patch by Pavel Karoukin)
*WARNING* THIS MIGHT BREAK EXISTING APPS *WARNING*
- Author and development information changes
0.53 Tue Mar 30 15:24:19 BST 2010
- fix authenticated urls to work with EU buckets (patch by Edmund
von der Burg)
- tiny POD fix (patch by Frank Wiegand)
- add an exists method to Net::Amazon::S3::Client (suggested by
David Golden)
- fix max_keys when listing buckets (spotted by Andrew Bryan)
- add content_encoding to Net::Amazon::S3::Object (suggested
by Egor Korablev)
- update s3cl: You need to use the module before you use it,
added the mkbucket command, now you can run the help without
your AWS secret key, add docs about the env variables you need
to run s3cl (patches by Jesse Vincent)
0.52 Thu Jul 2 09:17:11 BST 2009
- increase version prerequisites for some modules so that they
are known to work
0.51 Tue May 19 08:31:59 BST 2009
- use MooseX::Types::DateTimeX so that we work with latest Moose
(noticed by Ted Zlatanov)
* Old quvi package splits into 3 packages, quvi, libquvi, and libquvi-scripts.
Changelog:
0.4.0 Wed Oct 05 2011 Toni Gundogdu
Changes:
- Split from "quvi", new repo at <http://repo.or.cz/w/quvi-tool.git>
- Make --category-all new default (prev. --category-http)
- Extend --exec to support %t, page title (#41)
- Remove deprecated "--format (help|list)"
- Remove deprecated "--no-shortened"
- Remove deprecated "--old"
For earlier notes, see <http://repo.or.cz/w/quvi.git/blob/HEAD:/NEWS>.
The quvi is a command line tool for parsing video download links. It
supports Youtube and other similar video websites. libquvi is a
library for parsing video download links with C API. It is written in
C and intended to be a cross-platform library.
You can see the list of supported sites from 'quvi --support'.
This package provides library for quvi.
The quvi is a command line tool for parsing video download links. It
supports Youtube and other similar video websites. libquvi is a
library for parsing video download links with C API. It is written in
C and intended to be a cross-platform library.
You can see the list of supported sites from 'quvi --support'.
This package contains lua scripts for libquvi.
adjust Makefile to avoid/fix problems found by dholland
Upstream changelog:
Changes from 4.3.4 -> 4.3.5 (9 Sep 2011)
========================================
* rev 6754
* Fix crash in CGI generating the "info" status column.
* Fix broken handling of IGNORE for log-file analysis.
* Fix broken clean-up of obsolete cookies (no user impact).
* Devmon RRD handler: Fix missing initialisation, which
might cause crashes of the RRD handler.
* Fix crashes in xymond caused by faulty new library for
storing cookies and host-information.
* Fix memory corruption/crash in xymond caused by logging
of multi-source statuses.
* New "delayred" and "delayyellow" definitions for a host
can be used to delay change to a yellow/red status for
any status column (replaces the network-specific "badFOO"
definitions).
* analysis.cfg and alerts.cfg: New DISPLAYGROUP setting to
select hosts by the group/group-only/group-except text.
* New HOSTDOCURL setting in xymonserver.cfg. Replaces the
xymongen "--docurl" and "--doccgi" options, and is used
by all tools.
* xymond_history option to control location of PID file.
* Critical Systems view: Optionally show eventlog for the
hosts present on the CS view.
* Critical Systems view: Multiple --config options can
now be used, to display critical systems from multiple
configurations on one page.
* Detailed status display: Speedup by no longer having to
load the hosts.cfg file.
* xymongen and xymonnet: Optionally load the hosts.cfg
from xymond instead of having to read the file.
Changes from 4.3.3 -> 4.3.4 (1 Aug 2011)
========================================
* rev 6722
* Fix crashes and data corruption in Xymon worker modules
(xymond_client, xymond_rrd etc) after handling large
messages.
* Fix xymond lock-up when renaming/deleting hosts
* Fix xymond cookie lookup mechanism
* Webpages: Add new HOSTPOPUP setting to control what values from
hosts.cfg are displayed as a "comment" to the hostname (either
in pop-up's or next to the hostname).
* Fix xymond_client crash if analysis.cfg contains invalid configuration
entries, e.g. expressions that do not compile.
* Fix showgraph CGI crash when legends contain colon.
* xymonnet: Include hostname when reporting erroneous test-spec
* CGI utils: Multiple potential security fixes involving buffer-
overruns when generating responses.
* CGI utils: Fix crash when invoked with HTTP "HEAD"
* CGI utils: Fix crashes on 64-bit platforms due to missing prototype
of "basename()" function.
* svcstatus CGI: Dont crash if history log is not a file.
* Critical systems view CGI: Cross-site scripting fix
* Fix recovery-messages for alerts sent to a GROUP
* RRD "memory" status handler now recognizes the output from the
bb-xsnmp.pl module (for Cisco routers).
* Web templates modified so the menu CSS can override the default
body CSS.
* Acknowledge web page now allows selecting minutes/hours/days
* Enable/Disable webpage enhanced, so when selecting multiple hosts
the "Tests" column only lists the tests those hosts have.
Changes from 4.3.2 -> 4.3.3 (6 May 2011)
========================================
* rev6684
* SECURITY FIX: Some CGI parameters were used to construct
filenames of historical logfiles without being sanitized,
so they could be abused to read files on the webserver.
* SECURITY FIX: More cross-site scripting vulnerabilities.
* Remove extra "," before "History" button on status-view
* Critical view: Shring priority-column to 10% width
* hosts.cfg loader: Check for valid IP spec (nibbles in
0-255 range). Large numbers in a nibble were accepted,
triggering problems when trying to ping the host.
* Alert macros no longer limited to 8kB
- use the right environment variable to pass the rrdtool location;
- remove some stray commas from the NetBSD build config;
- make the toplevel configure script stop on error.
0.11 (2005-08-18)
Changes by Wojtek Kaniewski <wojtekka@toxygen.net>:
- changed license to GPL version 2. There was no license information before
which caused confusion. Code by Tomasz Lipski <lemur@irc.pl> and awayzzz
<awayzzz@digibel.org> had to be removed, because their e-mail addresses
were dead and googling for them gave no useful information. The missing
features have been rewritten from scratch. If any offending code is still
here, please let me know. I've done my best, but I haven't used any
version control 5 years ago.
- changed e-mail address.
Changes by Ramunas Lukosevicius <lukoramu@parok.lt>
- fixed source mapping bug,
- SIGHUP reloads map file.
0.10 (2003-06-12)
Changes by Wojtek Kaniewski <wojtekka@irc.pl>:
- major code cleanup,
- select() before accept(), so 6tunnel won't hang on sys_socketcall.
- fixed losing data under heavy load, when write() didn't send all
data. unsent data is stored in a buffer,
- autoconf,
- supports pid file (idea by misio <monster@qm.pl>).
Changes from previous:
1.13
- RT#67292: Tests are blocking in Windows 7.
https://rt.cpan.org/Ticket/Display.html?id=67292
- change port number range from 10000 .. 11000 to 50000 .. 60000 to
respect IANA.
https://rt.cpan.org/Ticket/Display.html?id=64012
1.12
- workaround for win32 test fails.
https://rt.cpan.org/Ticket/Display.html?id=66016
- more diagnostic messages
1.11
- localize $@ in Test::TCP::DESTROY
1.10
- added Test::TCP->stop method
1.09
- added document in FAQ section
1.08
- no feature changes
1.07_01
- new OO interface!
1.07
- allow forking in the client(lestrrat)
Changes from previous:
0.20 Sun Sep 18 22:02:11 UTC 2011
- Added fix for XML::Atom bug.
0.19 Wed May 18 02:29:57 UTC 2011
- Fixed handling of expired tokens. (RT #68245)
- Added response method.
0.18 Thu Apr 28 15:48:20 UTC 2011
- Fixed corner case in 'more' method to prevent an infinite loop.
0.17 Wed Mar 30 00:26:09 UTC 2011
- Required newer LWP with better HTTPS support.
0.16 Sun Mar 20 23:43:46 UTC 2011
- Added fix for google alert feeds. (ayanokouz)
- Added another example script.
0.15 Wed Mar 9 17:46:14 UTC 2011
- Updated LWP usage to accomodate a change to the default behaviour
(HTTPS requests now verify the hostname matches the issued certificate).
- Explicitly set the default sort order of entries to desc, as documented.
0.14 Mon Nov 1 02:51:37 UTC 2010
- Fixed search feeds.
- Fixed debug and compress constructor options.
- Added support for "liking" items.
- Updated some methods to accept both lists and array references.
0.13 Tue Oct 26 20:51:30 UTC 2010
- Fixed 'more' method to prevent an infinite loop. - Substituted deprecated API url.
- Added another example script- marks dead craigslist posts as read.
- Updated author tests.
Provide function in libiscsi to return the compile-time limit on number of
targets. Use this function in the initiator, to ensure that the same limit
is used throughout (i.e. stop you attempting to compile the initiator with a
different limit to the library - the initiator uses the library for most of
its functionality).
If truncating the number of targets in the initiator, truncate it to the
correct amount, not half of what it should be.
Obey RFC3720 when determining targets. SendTargets=All MUST be supported
on a discovery session, and MUST NOT be supported on an operational session.
Previously, SendTargets=All was used both in the initial discovery session
and the later session. (from Daisuke Aoyama - author of istgt).
PKG_SKIP_REASION if hesiod was builtin, which was causing dependent
packages (all one of them, AFAICT) to fail in the bulk builds.
Someone who knows more about builtin/buildlink stuff should probably
review this, but to casual inspection at least it seems to work; plus
it's not likely to make anything worse.
0MQ version 2.1.10 (Stable), released on 2011/10/03
===================================================
Bug fixes
---------
* Fixed issue 140, SWAP failed with assertion failure in pipe.cpp:187
if the current directory was not writeable. Behavior now is to return
-1 at zmq_setsockopt in this situation.
* Fixed issue 207, assertion failure in zmq_connecter.cpp:48, when an
invalid zmq_connect() string was used, or the hostname could not be
resolved. The zmq_connect() call now returns -1 in both those cases.
* Fixed issue 218, sockets not opened with SOCK_CLOEXEC, causing fork/exec
to sit on sockets unnecessarily.
* Fixed issue 250, build errors on Windows.
* Fixed issue 252, assertion failure in req.cpp:87 and req.cpp:88.
* Fixed issue 261, assertion failure in kqueue.cpp:76 on OS/X.
0MQ version 2.1.9 (Stable), released on 2011/08/29
==================================================
Bug fixes
---------
* Fixed issue 240, assertion failure in pgm_socket.cpp:437.
* Fixed issue 238, assertion failure in zmq.cpp:655, when zmq_poll is
used on an empty set, on Windows.
* Fixed issue 239, assertion failure in zmq.cpp:223, when ZMQ_SWAP was
used with explicit identities and multiple SUB sockets.
* Fixed issue 236, zmq_send() and zmq_recv() did not always return
error conditions such as EFSM properly. This bug was introduced in
version 2.1.8 by the backport of changes for issue 231.
Building
--------
* 0MQ support for Android added (Bill Roberts, Mikko Koppanen).
0MQ version 2.1.8 (RC), released on 2011/07/28
==============================================
Bug fixes
---------
* Fixed issue 223, assertion failure in tcp_connecter.cpp:300 when
connecting to a server that is on an unreachable network (errno is
equal to ENETUNREACH).
* Fixed issue 228, assertion failure at rep.cpp:88 when HWM was reached.
* Fixed issue 231, assertion failure at mailbox.cpp:183 when too many
pending socketpair operations were queued (major backport from 3.0).
* Fixed issue 234, assertion failure at mailbox.cpp:77 when Ctrl-C was
used (only affected git master following backport for 231).
* Fixed issue 230, SIGPIPE killing servers when client disconnected, hit
OS/X only.
Note: this release was renamed "release candidate" due to issue 236,
fixed in 2.1.9.
* Fixes segfault if mod_sql_mysql and "SQLAuthenticate groupsetfast"
configuration used.
* Fixes mod_wrap syslog level (regression from Bug 3317).
* Fixes mod_ifsession segfault if regular expression patterns used in
a <VirtualHost> section.
- Fix a crash bug in checksum scanning when --inplace is used.
- Fix a hang if a hard-linked file cannot be opened by the sender (e.g.
if it has no read permission).
- Fix preservation of a symlink's system xattrs (e.g. selinux) on Linux.
- Fix a memory leak in the xattr code.
- Fixed a bug with --delete-excluded when a filter merge file has a rule
that specifies a receiver-only side restriction.
- Fix a bug with the modifying of unwritable directories.
- Fix --fake-super's interaction with --link-dest same-file comparisons.
- Fix the updating of the curr_dir buffer to avoid a duplicate slash.
- Fix the directory permissions on an implied dot-dir when using --relative
(e.g. /outside/path/././send/path).
- Fixed some too-long sleeping instances when using --bwlimit.
- Fixed when symlink ownership difference-checking gets compiled into
unchanged_attrs().
- Improved the socket-error reporting when multiple protocols fail.
- Fixed a case where a socket error could reference just-freed memory.
- Failing to use a password file that was specified on the command-line is
now a fatal error.
- Fix the non-root updating of directories that don't have the read and/or
execute permission.
- Make daemon-excluded file errors more error-like.
- Fix a compilation issue on older C compilers (due to a misplaced var
declaration).
- Make configure avoid finding socketpair on cygwin.
- Avoid trying to reference SO_BROADCAST if the OS doesn't support it.
- Fix some issues with the post-processing of the man pages.
- Fixed the user home-dir handling in the support/lsh script.
- Some minor manpage improvements.
Libfetch build failure with gcc 4.6 is due to the a couple of assigned
variables not getting used. This patch allows systems like Debian and
OpenIndiana to bootstrap pkgsrc.
Various pkgsrc fixes:
- Fix mangled PLIST from the previous commit.
- Depend on coreutils for readlink, which is used in rabbitmq-env.
- Depend on bash, which is assumed throughout the scripts.
- Make sure the shell is passed properly to make/install targets.
- Fix Python usage (add Python 2.7) and clean up other bits.
RabbitMQ changelog:
2.6.1 bug fixes
- The broker failed to (re)start on reboot on systems that keep
/var/run on a temporary file systems, e.g. Ubuntu.
- The Windows service failed to increase the Erlang process limit,
limiting the broker to a few thousand queues, connections and
channels.
2.6.0 bug fixes
- Upgrading from RabbitMQ 2.1.1 to any later release could break if
there were durable queues with persistent messages present.
- On very slow machines, starting rabbit via the supplied init scripts
could fail with a timeout.
- Rabbit could fail to stop (when asked to do so) in the presence of
some plug-ins (e.g. shovel).
- 'ram' nodes in a cluster could consume ever increasing amounts of
disk space.
- The presence of fast consumers on a queue could significantly delay
the addition of new consumers.
- When a client was issuing a tx.commit in one channel, and
simultaneously, in another channel, deleted a durable queue with
persistent messages involved in that tx, rabbit could terminate with
an error.
- When a client was using both basic.qos and channel.flow, the latter
would fail to re-enable message flow.
- When using 'confirm' mode, the deletion of queues could cause nacks
to be issued (incorrectly).
- In extremely rare circumstances (never observed in the wild), a
queue with a per-queue message ttl could break during sudden changes
in rabbit memory usage.
2.6.0 enhancements
- Introduce active-active HA, with queues getting mirrored on nodes in
a cluster. See http://www.rabbitmq.com/ha.html.
- Revamp the handling of AMQP's tx (transaction) class and clarify its
behaviour See http://www.rabbitmq.com/specification.html#tx.
- Replace the 'administrator' flag, as used by the management plugin,
with a more general 'user tags' mechanism. See
http://www.rabbitmq.com/man/rabbitmqctl.1.man.html#set_user_tags.
- Do not require 'configure' permissions for passive queue/exchange
declaration.
- Optimise of message delivery on channels with a basic.qos
prefetch limit that are consuming from many queues.
- In 'rabbitmqctl list_channels', do not show the tx mode by default.
- When a cluster 'degrades' to only containing ram nodes - through
'rabbitmqctl' actions or node failure - display/log a warning.
- Eliminate some spurious errors from the sasl log.
* Fixes redundant retry setting times, if mis-POST At reached to API limitation.
* At unstable Twitter RESET API, large number of new tweet notifications are
sometimes happened.
Features:
* Note that Unbound implements RFC6303 (since version 1.4.7).
tcp-upstream yes/no option (works with set_option) for tunnels.
* The format of answers to the qtype ANY with a CNAME have changed, so that there can be proper validated DNSSEC answers for them. This is for queries with qtype ANY where the domain name has a CNAME. Now an answer is returned, where before it resulted in SERVFAIL due to validation failure. When DNSSEC validation is disabled, the contents of the response have changed: the CNAME is not followed, and the correct contents of the RRsets at the initial name are included (where previously only partial contents of the initial names could have been included but the CNAME was followed). The qtype ANY is a query for debug where the resolver is to fill in relevant data that happens to be at hand from the cache.
Bug Fixes:
* Fix validation of qtype ANY responses with CNAMEs. Unbound responds with the RR types that are available at the name for qtype ANY and validates those RR types. It does not test for completeness (i.e. with NSEC or NSEC3 query), and it does not follow the CNAME or DNAME to another name (with even more data for the already large response)
* Documented the options that work with control set_option command.
* Fix that internally, CNAMEs with NXDOMAIN have that as rcode.
* Fix validation of . DS query.
* Fix wildcard expansion no-data reply under an optout NSEC3 zone is validated as insecure.
* Fix python site-packages path to /usr/lib64.
* fix memory and fd leak after out-of-memory condition.
* contrib. patch fixes load of python modules.
* contrib. patch that fixes a memory leak in the unbound python module, in string conversions.
* Fix num-threads 0 does not segfault.
* Fix autoconf 2.68 warnings
* iana portlist updated
and isc-dhcrelay4. Here is quote from DHCP 4.2.2 Release Notes.
(http://ftp.isc.org/isc/dhcp/dhcp-4.2.2-RELNOTES)
Internet Systems Consortium DHCP Distribution
Version 4.2.2
27 July 2011
Release Notes
NEW FEATURES
ISC DHCP 4.2.x includes features that were not included in DHCP 4.1.x.
These include:
Processing the DHCP to DNS server transactions in an asynchronous fashion.
The DHCP server or client can now continue with it's processing while
awaiting replies from the DNS server.
There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:
- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
- DHCPv6 includes human-readable text in status code messages, in
English. A method to reconfigure or support other languages would
be preferable.
- The "host-identifier" option is limited to a simple token.
- The client and server can only operate DHCPv4 or DHCPv6 at a time,
not both. To use both protocols simultaneously, two instances of the
relevant daemon are required, one with the '-6' command line option.
For information on how to install, configure and run this software, as
well as how to find documentation and report bugs, please consult the
README file.
ISC DHCP uses standard GNU configure for installation. Please review the
output of "./configure --help" to see what options are available.
The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.
Changes since 4.2.2rc1
! Two packets were found that cause a server to halt. The code
has been updated to properly process or reject the packets as
appropriate. Thanks to David Zych at University of Illinois
for reporting this issue. [ISC-Bugs #24960]
One CVE number for each class of packet.
CVE-2011-2748
CVE-2011-2749
Changes since 4.2.2b1
- Strict checks for content of domain-name DHCPv4 option can now be
configured during compilation time. Even though RFC2132 does not allow
to store more than one domain in domain-name option, such behavior is
now enabled by default, but this may change some time in the future.
See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
[ISC-Bugs #24167]
- DNS Update fix. A misconfigured server could crash during DNS update
processing if the configuration included overlapping pools or
multiple fixed-address entries for a single address. This issue
affected both IPv4 and IPv6. The fix allows a server to detect such
conditions, provides the user with extra information and recommended
steps to fix the problem. If the user enables the appropriate option
in site.h then server will be terminated
[ISC-Bugs #23595]
libnice 0.1.1 (2011-09-07)
==========================
Fixed BSD and Solaris compatibility
Fixed PPC64 symbol test
Removed a few possible leak/bugs
Fixed compatibility with google's recent protocol change
= Version 0.8.0
* [API] AMQP::Session#on_skipped_heartbeats callback that can be used to handle skipped heartbeats (for cases when TCP network failure detection is not timely enough)
* [API] AMQP::Exchange#publish calls now use a mutex on the channel exchange is declared on. Sharing channels between threads is discouraged but amqp gem covers your back in the most dangerous case.
* [API] AMQP::Channel#synchronize now can be used to guarantee mutual exclusion of multiple threads on channel instances.
* [BUG] Empty messages can finally be published fine. Yes, it took us just 3 years.
* [FEATURE] When connected to RabbitMQ, RabbitMQ-specific extensions are required automatically
* [FEATURE] AMQP::Session#broker and AMQP::Broker allow for broker capabilities inspection
* [FEATURE] New bitset-based channel id allocator
* [FEATURE] Multiple consumers per queue with AMQP::Consumer
* [FEATURE] Automatic recovery mode for channels
* [FEATURE] Network connection recovery callbacks for channels, exchanges, queues, consumers
* [API] Connection URI (string) format for vhosts no longer assumes that vhosts begin with a slash (/), learn more at http://bit.ly/mfzwcB
* [FEATURE] Returned messages, including header & content via AMQP::Exchange#on_publish. Callback accepts 3 args: basic_return, header, body
* [BUG] Ruby 1.8.7-p249 is not supported because of this (p249-specific) Ruby bug: http://bit.ly/iONBmH
* [FEATURE] AMQP::Utilities::EventLoopHelper detects app server (if any) being used and starts EventMachine reactor in an optimal way.
* [FEATURE] AMQP 0.9.1 support, including tx.* operations class.
* [API] Default authentication handler now raises AMQP::PossibleAuthenticationFailureError
* [API] AMQP::Channel#initialize now takes 3rd (optional) options hash.
* [API] Broker connection class is now AMQP::Session.
* [API] AMQP::Error instance now may carry cause, an exception that caused exception in question to be raised.
* [API] When initial TCP connection fails, default action is now to raise AMQP::TCPConnectionFailed.
* [API] AMQP::BasicClient#reconnect now takes 2nd optional argument, period of waiting in seconds.
* [FEATURE] Handlers for initial connection failure, connection loss; channel-level exceptions handlers on Channel instances.
* [API] AMQP::Exchange#initialize now accepts :arguments option that takes a hash.
* [API] AMQP::Queue#initialize now accepts :arguments option that takes a hash.
* [API] AMQP#Logger is deprecated. It will be removed before 1.0 release.
* [API] AMQP#fork is deprecated. It will be removed before 1.0 release.
* [API] AMQP::RPC is deprecated. It will be removed before 1.0 release.
* [FEATURE] Significant improvements to the documentation. From now on lack of/poor documentation is considered a severe bug.
* [FEATURE] Support for RabbitMQ extensions to AMQP 0.9.1
* [API] AMQP::Exchange#publish now accepts (an optional) callback.
* [API] AMQP::Channel.new now accepts (an optional) callback.
* [API] AMQP::Header#ack now can acknowledge multiple deliveries
* [API] AMQP::Exchange#delete now takes (an optional) block that is called when exchange.delete-ok response arrives.
* [API] AMQP::Header now implements #to_hash
* [API] AMQP::Queue#pop block now can take 1, 2 or 3 arguments.
* [API] AMQP::Queue#purge now takes an optional block which is called when queue.purge-ok response arrives.
* [API] AMQP::Queue#delete now takes an optional block which is called when queue.delete-ok response arrives.
* [API] AMQP::Queue#delete now accepts :nowait option.
* [API] AMQP::Queue#unbind now takes an optional block which is called when queue.unbind-ok response arrives.
* [API] AMQP::Queue#unbind now accepts :routing_key as alias to :key. we believe it is a good idea to use AMQP terms.
* [API] AMQP::Channel#prefetch now takes (an optional) 2nd parameter that specifies that QoS settings should be applied to underlying connection, as well as optional callback.
* [API] AMQP::Channel#recover now takes (an optional) callback that is called when basic.recover-ok is received.
* [API] AMQP::Frame is gone.
* [API] AMQP::Buffer is gone. Serialization & framing are now handled primarily by amq-protocol.
* [API] AMQP::Queue#publish is deprecated.
* [API] Name argument for AMQP::Queue.new and Channel#queue is optional.
= Version 0.7.2
* [BUG] Server-named queues declared en masse now get their unique names instead of all beign assigned the first generated name
* [API] Connection URI (string) format for vhosts no longer assumes that vhosts begin with a slash (/), learn more at http://bit.ly/mfzwcB
* [BUG] Queue#reset leaks consumer tags [#40].
<s.tesch@science-computing.de> on pkgsrc-users.
- Avoid consuming excessive CPU when matching filenames to patterns. Thanks to
Maksymilian Arciemowicz <cxib@securityreason.com>.
- Some bugfixes from Rapha
no apparent security impact.
At this point: v2.3.3 released!
===============================
- Fix compile. Extreme suckage.
At this point: v2.3.4 released!
===============================
* Bug Fixes
o wnpa-sec-2011-12
A large loop in the OpenSafety dissector could cause a crash.
o wnpa-sec-2011-13
A malformed IKE packet could consume excessive resources.
o wnpa-sec-2011-14
A malformed capture file could result in an invalid root tvbuff and cause a crash.
o wnpa-sec-2011-15
Wireshark could run arbitrary Lua scripts.
o wnpa-sec-2011-16
The CSN.1 dissector could crash.
Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally
ready. More than two years in the making, this release features improved
client performance and hidden service reliability, better compatibility
for Android, correct behavior for bridges that listen on more than
one address, more extensible and flexible directory object handling,
better reporting of network statistics, improved code security, and
many many other features and bugfixes.
o Wedge in DESTDIR support. This is a little tricky since the
installation procedure wants to run scotty to parse and dump
the MIB files, and this needs to be done in DESTDIR. Therefore
we use the post-install target, to fix things up before packaging
and the real install.
o Fix the "dns" functionality not to use _res, since this program
is linked with libpthread that won't work on NetBSD (aborts the
program). Though the modified version still uses a global static
variable.
o Add comments to all the patch files.
o Eliminate use of ${WRKSRC}/.., since pkglint objects to it. Instead
use BUILD_DIRS and CONFIGURE_DIRS.
o Add a LICENSE setting, 2-clause-bsd appears most similar.
o Bump PKGREVISION for the above changes.
pkgsrc change: add a patch to fix build problem with some PKG_OPTIONS,
such as "ldap".
New Features
9.8.1
* Added a new include file with function typedefs for the DLZ
"dlopen" driver. [RT #23629]
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
* The root key is now provided in the file bind.keys allowing DNSSEC
validation to be switched on at start up by adding
"dnssec-validation auto;" to named.conf. If the root key provided
has expired, named will log the expiration and validation will not
work. More information and the most current copy of bind.keys can
be found at http://www.isc.org/bind-keys. *Please note this feature
was actually added in 9.8.0 but was not included in the 9.8.0
release notes. [RT #21727]
Security Fixes
9.8.1
* If named is configured with a response policy zone (RPZ) and a
query of type RRSIG is received for a name configured for RRset
replacement in that RPZ, it will trigger an INSIST and crash the
server. RRSIG. [RT #24280]
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Using Response Policy Zone (RPZ) to query a wildcard CNAME label
with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
query type independant. [RT #24715]
* Using Response Policy Zone (RPZ) with DNAME records and querying
the subdomain of that label can cause named to crash. Now logs that
DNAME is not supported. [RT #24766]
* Change #2912 populated the message section in replies to UPDATE
requests, which some Windows clients wanted. This exposed a latent
bug that allowed the response message to crash named. With this
fix, change 2912 has been reduced to copy only the zone section to
the reply. A more complete fix for the latent bug will be released
later. [RT #24777]
Feature Changes
9.8.1
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* The DLZ "dlopen" driver is now built by default, no longer
requiring a configure option. To disable it, use "configure
--without-dlopen". (Note: driver not supported on win32.) [RT
#23467]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
* Make --with-gssapi default for ./configure. [RT #23738]
* Improved the startup time for an authoritative server with a large
number of zones by making the zone task table of variable size
rather than fixed size. This means that authoritative servers with
lots of zones will be serving that zone data much sooner. [RT
#24406]
* Per RFC 6303, RFC 1918 reverse zones are now part of the built-in
list of empty zones. [RT #24990]
* Image Preview: fix open failer with multi-line HTML tag.
* Image Preview: enable to force extracting short URL.
* With Ruby 1.8.7: fix crash at right-click on tweets contains URL.
* With Ruby 1.8.7: fix rare crash at connection timeout.
* fix rare crash at extracting bit.ly URL.
* improve URL extracting speed.
Flickcurl is a C library for the Flickr API, handling creating the
requests, signing, token management, calling the API, marshalling
request parameters and decoding responses. It uses libcurl to call
the REST web service and libxml2 to manipulate the XML responses.
Flickcurl supports all of the API including the functions for
photo/video uploading, browsing, searching, adding and editing
comments, groups, notes, photosets, categories, activity, blogs,
favorites, places, tags, machine tags, institutions, pandas and
photo/video metadata. It also includes a program flickrdf to turn
photo metadata, tags, machine tags and places into an RDF triples
description.
0.2.19 Fri Aug 05 2011 Toni Gundogdu
Fixes: Webscripts
- ted.lua: attempt to index local 's' (#65)
- youtube.lua: no match: fmt_url_map (#63)
- Thanks to Zefram <zefram@fysh.org> for the patch
- funnyordie.lua: no match: flv url (#64)
Fixes
* With Ruby 1.8.7, crash with right click at tweet contains URL.
* on scroll timeline top to down, accidently auto scroll-up once.
* Not mute for various notify.
* rare crash at refresh timeline.
* user information may be old one.
* rare crash at timeout.
1.3.2:
Release date: 2011-08-06 23:05 UTC
Release state: stable
Changelog:
* Fix referrals if host data or user credentials are passed to connect() and
login() instead of the constructor (Aleksander Machniak, Bug #17107).
1.3.1:
Release date: 2011-08-06 01:56 UTC
Release state: stable
Changelog:
* Query capabilities again after successful authentication (Jesse Crawford,
Request #18382).
* Escape quotes and backslashes in script names, and use literal strings for
script names with non-ASCII characters (Aleksander Machniak, Bug #16691).
* Work around broken STARTTLS behavior in Cyrus versions before 2.3.10
(Aleksander Machniak, Bug #18241).
* Improve string literal parsing (Aleksander Machniak, Bug #18228).
Revision history for Perl extension Net::Amazon:
0.60 (08/01/2011)
(cb) Fix the page and max_pages parameter to correctly fetch the specified
number of pages, and start at the correct offset. Reported as rt 69201.
(cb) Add a method to get similar products. Patch submitted by Jennifer.
(cb) Push from cpanservice: Small dist maintenance. Please use latest
ExtUtils::MakeMaker for release.
For some reason the "Checking for work-directory references" test
didn't catch the fact that ${DESTDIR}${LIBDIR} was being compiled
into the main binary as its library search path.
Noted by moof.
PKGREVISION -> 7
Here is partial changes:
= Version 0.7.2
* [BUG] Server-named queues declared en masse now get their unique names instead of all beign assigned the first generated name
* [API] Connection URI (string) format for vhosts no longer assumes that vhosts begin with a slash (/), learn more at http://bit.ly/mfzwcB
* [BUG] Queue#reset leaks consumer tags [#40].
For full changes, please refer:
ftp://ftp.isc.org/isc/bind9/9.7.4/RELEASE-NOTES-BIND-9.7.4.html
New Features
9.7.4
* A new test has been added to check the apex NSEC3 records after
DNSKEY records have been added via dynamic update. [RT #23229]
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
Security Fixes
9.7.4
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. [RT #24777] [CVE-2011-2464]
Feature Changes
9.7.4
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
For full changes, please refer:
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html
New Features
9.6-ESV-R5
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
Security Fixes
9.6-ESV-R5
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 populated the message section in replies to UPDATE
requests, which some Windows clients wanted. This exposed a latent
bug that allowed the response message to crash named. With this
fix, change 2912 has been reduced to copy only the zone section to
the reply. A more complete fix for the latent bug will be released
later. [RT #24777]
Feature Changes
9.6-ESV-R5
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
Changelog:
aria2 1.12.1
============
Release Note
------------
This release adds RFC 6249 Metalink/HTTP support. Current
implementation only uses rel=duplicate links. --enable-direct-io
option was deprecated because of performance issue. Since recent
GnuTLS uses libnettle as default instead of libgcrypt, this release
added initialization code for libgcrypt.
Changes
-------
* Initialize libgcrypt. We relied initialization of libgcrypt on
gnutls_global_init(), but recent change in gnutls, which changes
default crypto backend from libgcrypt to libnettle, leaves
libgcrypt uninitialized if it uses libnettle as backend(and this is
likely because libnettle is chosen by default). To fix this issue,
we simply initialize libgcrypt on our own.
* Throw exception with error message if gnutls_global_init() failed.
* Implemented Metalink/HTTP. Link header fields from first Metalink
server is utilized as described in rfc6249. We only set digest from
Digest header field to DownloadContext only when PieceStorage is
not initialized(in other words, before file size is known). After
PieceStorage is initialized, Digest header field is used to check
the value is the same in digest in DownloadContext. Current
implementation only handles rel=duplicate.
* Remove Metalink content-type after first server response. We don't
accept Metalink content-type after first server response.
* Updated Russian translation of aria2 man page. Thanks to ITriskTI
for translation.
* Fixed the bug due to dangling pointers in RequestGroup.
RequestGroup holds a poitner to btRuntime_ and peerStorage_. After
removing them from BtRegistry, we failed to set 0 to them. When
program access them, it goes undefined world, such as random crash.
We found this bug when pasuing download and valgrind warned memory
corruption.
* Added log message to clarify error for BitTorrent server socket.
* Added #deprecated help tag.
* Removed deprecated options: --enable-xml-rpc, --xml-rpc-listen-all,
--xml-rpc-listen-port, --xml-rpc-max-request-size, --xml-rpc-user,
--xml-rpc-passwd.
* Removed use of O_DIRECT because of performance issue. Deprecated
--enable-direct-io option.
* Increased the maximum number of in-flight request in BitTorrent.
* Added --log option to aria2rpc
* Added
* speed up MIKU Lang
* add `open URL' mikutter command
* Fixed
* fail to start with no full color environment
* with UserStream, follow notification will be risen twice per one person
* not work configuration `up FAVed tweet on TL'
* crash if removed a tweet from TL in getting in_reply_to_status of the tweet.
- can not replace a file by renaming another to its name under WIN32
fix in rateup #104
- Fix scaling when noo and noi options are used. fix for #95
- Stop staticly linking rateup. fix for #97
- Only set LD_RUN_PATH if it is actually necessary. patch from #98
- Net::SNMP only support aes128, des and 3des ... fix for cfgmaker from #99
- Understand desc and descr in ifdesc option of cfgmaker
- only set $args{'-maxrepetitions'} if $Net_SNMP_util::MaxRepetitions > 0
- do not load Net_SNMP_util unless snmpv3 is requested ... fix for #75
- be more agressive about updating the confcache. If a key is missing, go
looking for it again and complain. fix for #74
- only apply 32bit counter wrap compensation when the wrap is within 32bit
range. fix for #70
- implement pngdate as TimeStrPos[x]: RU instead of separately. for for #68
- add missing <p> tag arount 'last updated ... ' in html output. fix for #63
- remove rececondition when writing new trafic graph files by writing to a
temp file and moving it later. fix for #51
- make snmpopt_current available in cfgmaker templates. fix for #48
- explicitly import Socket6 routines in SNMP_Session. fix for #45
- default ThreshHyst to 0.1 only if ThreshDir is define. fix for #42
- point out when there is an unknown interface found. fix for #41.
- allow for $speed to return 0 and still use SNMPv2 ... some Cisco Gear
seems todo that. Fix for #33
- add dlink support for ifAlias OIDs to cfgmaker from #50
- add WWP (Ciena) support for ifAlias OIDs to cfgmaker from #66
- Updated squid docu #80
- Fix russian translation bug #92
- added rrdcached support
- new keyword: RRDCached: which overrides anything set in the RRDCACHED_ADDRESS
environment variable and sets MRTG to work in RRDCached mode. This verifies
that you're using a unix-domain socket and the socket is writeable.
- Check for environment variable RRDCACHED_ADDRESS and use this if no
explicit address was set in the cfg file, making the same config validity
checks.
- Make warning if using rrdcached to the effect that the thresholding
checks will no longer work.
- If in rrdcached-mode, and using RRDTool 1.4, then force use of update
rather than updatev (as rrdcached does not yet support updatev) and
consequently bypass the thresholding checks.
- Changes to validity check error messages to also report the file
containing the error (as well as the line).
- Added support for glob patterns in include
- Make daemon reload cfg automatically when it changes
- added support for Arista to cfgmaker
- fix cfgmaker to work in mixed v1/2/3 snmp environment
- do not strigify arguments to conversion function let eval take care of this
- untaint inlast and outlast to make perl taint mode happy
- teach cfgmaker about openbsd
pkgsrc changes:
- Avoid "Subroutine SNMP_Session::pack_sockaddr_in6 redefined" warnings
with the Perl 5.14.1. As the patch might break "mrtg" with older version
of Perl require at least version 5.14.1 of the "perl5" package.
Changes since version 2.65:
- IO-Socket is doing some imports so we now do use IO::Socket ().
- Fixed the rest of the imports.
- Thanks to LeoNerd
- Made the use Socket call import constants selectively, and not rely
on @EXPORT's whims:
- http://www.cpantesters.org/cpan/report/d6e547be-19b5-11e0-bbdc-e5c0d6c987b5
This update stops warnings about re-defining "sockaddr_in6" produced
by e.g. "mrtg" or "spamassassin".
* Fix access to Samba shares when Windows security patch KB2536276 is installed
* Fix DoS in Winbind and smbd with many file descriptors open
* Fix Winbind panics if verify_idpool() fails
- openvpn_chrootdir variable was introduced for running openvpn in chroot
- openvpn_flags variable was introduced for extra flag passed to openvpn
++pkgrevision
Changes since 3.2.3:
ENHANCEMENTS
* Added support for same host service dependencies with servicegroups (Mathieu Gagné)
* Empty hostgroups referenced from services now optionally generate a warning instead of an error.
* Documentation links now point to online resources
* Matt Wall's Exfoliation theme is now installed by default. You can reinstall the classic theme with "make install-classicui"
* Downtime delete commands made "distributable" by deleting by host group name, host name or start time/comment (Opsview team)
* Allow status.cgi to order by "host urgency" (Jochen Bern)
* Added news items and quick links to main splash page
* Added ability to authenticate to CGIs using contactgroup name (Stephen Gran)
FIXES
* Fixes status.cgi when called with no parameters, where host should be set to all if none specified (Michael Friedrich)
* Fixes possible validation error with empty hostgroups/servicegroups (Sven-Göran Bergh)
* Performance-data handling and checking is now thread-safe so long as embedded perl is not used.
* Children should no longer hang on mutex locks held in parent for localtime() (and similar) calls.
* Debug logging is now properly serialized, using soft-locking with a timeout of 150 milliseconds to avoid multiple threads competing for the privilege to write debug info.
* Fixed extraneous alerts for services when host is down
* Fixed incorrect parsing of multi-line host check results (Jochen Bern)
* Fixed bug with passive host checks being incorrectly sent to event brokers as active checks
* Fixed bug where passive host check status updates were not being propagated to event brokers
* Reverted 'Fix for retaining host display name and alias, as well as service display name' as configuration information stored incorrectly over a reload
* Fixed compile warnings for size_t (Michael Friedrich)
* Fixed problem where acknowledgements were getting reset when a hard state change occurred
* Removed duplicated unlinks for check result files with multiple results
* Fixed race condition on flexible downtime commands when duration not set or zero (Michael Friedrich)
* Fixed flexible downtime on service hard state change doesn't get triggered/activated (Michael Friedrich)
* Fixed XSS vulnerability in config.cgi and statusmap.cgi (Stefan Schurtz)
* Fixed segfault when sending host notifications (Michael Friedrich)
* Fixed bug where unauthorized contacts could issue hostgroup and servicegroup commands (Sven Nierlein)
"checking for replacing readdir using getdirentries()".
The functions in samba-3.5.10/lib/replace/repdir_getdirentries.c
fail on NetBSD 5.99.54, and the test code in
samba-3.5.10/lib/replace/test/os2_delete.c
did not handle the failure.
Not bumping PKGREVISION, because this affects only the
configure script, and the package did not build on
NetBSD-current before.
to version 0.8.9. Changes since version 0.12.6 respectively 0.8.6:
- Added multithreading support for XMLRPC calls. Sponsored by Xirvik.
- Discard dht cache if it is corrupt, instead of killing rtorrent.
- Better handling of resume after crash/reboot alliviating the need to
full hash checks. Sponsored by anonymous source.
- Added support for Linux's fallocate and Darwin's
fcntl(...,F_PREALLOCATE,...) to preallocate files by default. The
'system.file_allocate' setting will now only be used to indicate you
want posix_fallocate called, which may block while it zeros out the
file manually.
- Added 'event.download.hash_failed' and 'event.download.hash_final_failed'.
- Cleaning up command names. The deprecated commands will be redirected.
- Renamed 'system.method.*' to 'method.*'.
- Added 'system.files.{opened,closed,failed}_counter' commands.
- Added xmlrpc calls for peer snubbed, banned and disconnect.
- Added '-D' flag which turns of redirects for deprecated commands.
Use this to ensure your scripts/webui's will be compatible with future
releases.
- Added separate '-I' and '-K' switches for command redirects, the
former is for testing rtorrent code, the latter for webui's.
- Added a static_map implementation based on Josef's patches.
- Commited the DHT changes from dht-pex-static_map.diff with changes
so it works with the modified static_map implementation.
- Applied the magnet-uri patch.
- Don't install the out-of-date man page.
- Added 'execute.*.bg' commands for non-blocking calls. Always returns 0.
- Added support for prioritizing first/last chunk of files matching
specified patterns. Default:
file.prioritize_toc.set=0
file.prioritize_toc.first.set = {*.avi,*.mp4,*.mkv,*.gz}
file.prioritize_toc.last.set = {*.zip}
- Added 'method.rlookup' and 'method.rlookup.clear' commands for looking
up the event handlers holding a specified key, and set views to support
rlookup.
- Added 'd.timestamp.finished' that is set when a downloading torrent
completes. For torrents that only seed it remains '0'.
- Added 'elapsed.{less,greater}' for checking the time elapsed since a
time is less/greater, and it also returns false in all cases where
the time is '0'.
- Moved the default value for 'system.files.max_size' to rtorrent, and
set the default in libtorrent to ~0.
- Increased the default values for min/max_peers and max_uploads.
- Fixed a bug that would cause hash checking to block excessively in some
cases.
- Fixed a bug when setting the pex flags.
- Fixed an issue where DHT's hashing function for TR1 unordered_map was
casting unaligned size_t pointers.
- Fixed default session name.
- Added a missing inline that could cause linking errors.
