on ssh anyways, but better to make sure). Fixed some
more ssh_*_{en,de}code calls missing necessary casts.
Disabled x11-security extension on x86_64 as it does not
work there (uses xauth instead). Updated pkgrevision.
* Version 1.4.4 (released 2006-09-12)
** Relax the test that caught signatures that exploit the variant of
** Bleichenbacher's Crypto 06 rump session attack on our
** verification logic flaw.
In particular, we now permit the digestAlgorithm.parameters field to
be present but empty, whereas in 1.4.3 we actually checked that the
field was absent.
** Revert the removal of debug information for the GNUTLS-SA-2006-3 problem.
The messages are only printed in debug mode, which is not recommended
for normal use, and thus logging this situation cannot be abused as an
oracle in typical recommended situations.
** API and ABI modifications:
No changes since last version.
2006-09-05 Fernando Herrera <fherrera@onirica.com>
* configure.ac: Release 2.16.0
2006-09-02 Daniel Nylander <po@danielnylander.se>
* docs/sv/sv.po: Updated Swedish translation.
2006-08-22 Fernando Herrera <fherrera@onirica.com>
* configure.ac: Relase 2.15.92
2006-08-22 Fernando Herrera <fherrera@onirica.com>
* src/gnome-keyring-manager-keyring-editor.c:
(gkm_keyring_editor_set_acl): Chage a crash by leak :)
2006-08-03 German Poo-Caaman~o <gpoo@ubiobio.cl>
* MAINTAINERS: Added myself there (Fernando Herrera asked me
to co-maintain this module)
2006-08-03 German Poo-Caaman~o <gpoo@ubiobio.cl>
Patch from Przemysrlaw Grzegorczyk <pgrzegorczyk@gmail.com>
* po/LINGUAS: New file listing all supported languages.
* configure.ac: Use po/LINGUAS instead of including all languages
directly in this file. See the wiki for more information:
http://live.gnome.org/GnomeGoals/PoLinguas. Fixed#337908
2006-08-03 Jovan Naumovski <jovan@lugola.net>
* Added sl.po to po/ and 'sl' to configure.ac
2006-08-02 German Poo-Caaman~o <gpoo@ubiobio.cl>
* data/gnome-keyring-manager.desktop.in.in: Switched 'GNOME;GTK;'
instead 'GNOME;' in 'Categories' in order to fix#328039.
2006-08-02 German Poo-Caaman~o <gpoo@ubiobio.cl>
* MAINTAINERS: Added this file in order to fix#335041. At the
moment I just set to Fernando Herrera as the current maintainer.
2006-08-02 Fernando Herrera <fherrera@onirica.com>
* src/gnome-keyring-manager.c: (main): Port to GOption API. Patch by
Sebastien Bacher. Closes bug #336077
2006-08-02 Fernando Herrera <fherrera@onirica.com>
* configure.ac: Branched for gnome-2-14, bump version number to
2.15.91
2006-07-23 Christophe Bliard <christophe.bliard@trux.info>
* docs/fr/fr.po: Added French translation.
* docs/Makefile.am: Added fr to DOC_LINGUAS.
2006-07-23 Daniel Nylander <po@danielnylander.se>
* sv/sv.po: Updated Swedish translation.
2006-07-03 Runa Bhattacharjee <runabh@gmail.com>
* configure.ac: Added Bengali India (bn_IN) to ALL_LINGUAS.
2006-06-29 Daniel Nylander <po@danielnylander.se>
* docs/sv/sv.po: Added Swedish translation.
2006-06-19 Raivis Dejus <orvils@gmail.com>
* configure.ac: Added "lv" Latvian in to ALL_LINGUAS line.
2006-06-12 Ahmad Riza H Nst <rizahnst@gnome.org>
* configure.ac: Added "id" Indonesian in to ALL_LINGUAS line.
* po/id.po: Added Indonesian translation.
2006-05-25 Åsmund Skjæveland <aasmunds@fys.uio.no>
* po/nn.po: Added Norwegian Nynorsk translation.
* configure.ac: Added nn to ALL_LINGUAS.
2006-04-17 Kjartan Maraas <kmaraas@gnome.org>
* configure.ac: Remove obsolete entry for no_NO.
* po/no.po: And the translation.
2006-04-05 Behdad Esfahbod <behdad@gnome.org>
Approved by Fernando Herrera on IRC.
* gnome-keyring-manager-attribute-editor.h:
* gnome-keyring-manager-attribute-editor.c:
* gnome-keyring-manager-new-item-dialog.h:
* gnome-keyring-manager-new-item-dialog.c:
* gnome-keyring-manager-password-dialog.h:
* gnome-keyring-manager-password-dialog.c: Remove. Not needed
because of UI changes.
* po/POTFILES.in: Remove above files.
2006-04-05 Behdad Esfahbod <behdad@gnome.org>
* configure.ac, Makefile.am: Get rid of m4 directory that does not
exist. (bug #337310)
2006-04-03 Dan Williams <dcbw@redhat.com>
* src/gnome-keyring-manager-util.c
- (gkm_get_application_path): implement for FreeBSD
2006-04-03 Dan Williams <dcbw@redhat.com>
* src/gnome-keyring-manager-acl-display.c
- (gkm_acl_display_set_acl): deal with possibly NULL application path
2006-04-03 Dan Williams <dcbw@redhat.com>
* src/gnome-keyring-manager.c
- (gkm_application_open_keyring_manager): Fix "unused result" error
on return from g_slist_append()
2006-04-03 Dan Williams <dcbw@redhat.com>
Patch from Brent Smith <gnome@nextreality.net> Bug #327946
* Makefile.am, configure.ac, docs/gnome-keyring-manager.omf.in,
docs/Makefile.am: updates for gnome-doc-utils
2006-04-03 Dan Williams <dcbw@redhat.com>
Patch from Matthias Clasen <mclasen@redhat.com> Bug #317037
* src/gnome-keyring-manager-keyring-editor.c
- (gkm_keyring_editor_new): don't set edited keyring if not passed
a keyring name
* src/gnome-keyring-manager-main-ui.c
- (gkm_main_ui_init): Don't open 'default' keyring, but defer setting
the edited keyring until keyrings are loaded
- (on_keyrings_model_row_changed): new function; if there is no currently
edited keyring, use the first item in the keyring list
- (gkm_main_ui_connect_glade_signals): connect keyring treeview
row-changed signal
2006-04-03 Dan Williams <dcbw@redhat.com>
* data/gnome-keyring-manager.glade
- Remove "invisible_char" items because they override the GTK default,
which is now pretty, with ugly obfuscation characters
2006-04-03 Dan Williams <dcbw@redhat.com>
* src/gnome-keyring-manager-util.c
- (gkm_show_about_dialog): don't use "GNOME" in about
dialog title. Bug #326273
2006-04-03 Dan Williams <dcbw@redhat.com>
Patch from Christian Persch <chpe@gnome.org>, bug #336497
* src/gnome-keyring-manager-main-ui.c
- (on_about_activate): call gkm_show_about_dialog instead
* src/gnome-keyring-manager-util.c
src/gnome-keyring-manager-util.h
- (gkm_about_dialog_new): renamed to gkm_show_about_dialog
- (gkm_show_about_dialog): use gtk_show_about_dialog() rather than
gtk_about_dialog_new()
* src/gnome-keyring-manager.c
src/gnome-keyring-manager.h
- (gkm_application_open_about_dialog): removed
2006-04-03 Dan Williams <dcbw@redhat.com>
Fix network attribute mishandling when a default attribute isn't present in
the attribute list. For example, if the attribute list had no 'port', but
the user modified the 'port' in gnome-keyring-manager, the 'user' attribute
would be set instead.
* src/gnome-keyring-manager-attribute-display.c
- (gkm_attribute_display_init, network_password_update_page,
gkm_attribute_display_clear, on_attribute_entry_changed): Replace usage
of "NUM_ENTRIES - 3" with NON_PASSWORD_ENTRIES_MAX
- (gkm_attribute_display_init): initialize mappings to -1
- (network_password_update_page): enable widgets for attributes that are
present, and disable widgets for attributes that are not. Reset attribute
to widget mapping when changing keyring entries, since not all entries
have every default attribute.
- (on_attribute_entry_changed): don't do anything for attributes which
don't have a mapping, should we ever get here (widget should be disabled),
and clean up function a bit
2006-04-03 Dan Williams <dcbw@redhat.com>
* data/gnome-keyring-manager.glade
- Allow ports higher than 100. Bug #336692
2006-04-03 Dan Williams <dcbw@redhat.com>
Patch from Christian Persch <chpe@gnome.org>
* src/gnome-keyring-manager.c
- (gkm_application_window_destroyed_callback): Fix "unused result" error
on return from g_slist_remove()
2006-03-24 Tommi Vainikainen <thv@iki.fi>
* configure.ac (ALL_LINGUAS): Added Dzongkha (dz).
2006-03-21 Vladimer Sichinava <vlsichinava@gmail.com>
* configure.ac: Added "ka" (Georgian) to ALL_LINGUAS
* NetBSD fixes
* Crash fix
* Typo fix
* Translations
Changes in version 0.5.2 are:
* Translation updates
* Better title in docs
* Fixed crashes
* New function: gnome_keyring_item_grant_access_rights_sync
Changes in version 0.5.1 are:
* Support changing password of a keyring
* Create ~/.gnome2 if needed
* Save keyring when an ACL is added
* Add password strength meter
* Small bugfixes
* Version 1.4.3 (released 2006-09-08)
** Fix PKCS#1 verification to avoid a variant of Bleichenbacher's
** Crypto 06 rump session attack.
In particular, we check that the digestAlgorithm.parameters field is
empty, to avoid that it can contain "garbage" that may be used to
alter the numeric properties of the signature. See
<http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html> (which is
not exactly the same as the problem we fix here). Reported by Yutaka
OIWA <y.oiwa@aist.go.jp>.
See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more
up to date information.
** Fix PKCS#1 decryption to avoid Bleichenbacher's Crypto 98 attack.
See <http://www.bell-labs.com/user/bleichen/papers/pkcs.ps.gz>.
Reported by Werner Koch <wk@gnupg.org>.
See GNUTLS-SA-2006-3 on http://www.gnutls.org/security.html for more
up to date information.
** Fix crash in gnutls_x509_crt_sign2 if passed a NULL issuer_key.
** API and ABI modifications:
No changes since last version.
* Version 1.4.2 (released 2006-08-12)
** Fix a crash (strcmp() on a NULL value) in the certificate verification logic.
This can happen if you call gnutls_certificate_verify_peers2 and have
a certain mix of local CA certificates and the peer send special
certificates, that together trigger certain behaviour. It is not
known at this point whether the crash can be triggered without the
special local CA certificate, and thus turn this into a remote crash
of clients that verify server certificates when they talk to a server
with the special server certificate. See GNUTLS-SA-2006-2 on
http://www.gnu.org/software/gnutls/security.html for more up to date
information. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>.
** Change SRP and Cert-Type extensions to match IANA registry.
** OpenCDK updated to 0.5.9 to fix some problems with OpenPGP support.
** Make --without-included-libtasn1 work.
Reported by Daniel Black <dragonheart@gentoo.org>.
** API and ABI modifications:
No changes since last version.
Noteworthy changes in version 0.5.9 (2006-08-06)
------------------------------------------------
* Fix cdk_kbnode_write_to_mem to return CDK_Too_Short when buf is
NULL, tiny patch from Mario Lenz.
* Fixed opencdk-config script to include -lz, thanks to Weng Liong, Low.
* Fix prototypes for AIX compiler, reported by John Heiden.
* Don't use trailing comma in last enum constant, for IBM C v6. Tiny
patch from Albert Chin.
This resolves PR pkg/34394 by Martin Wilke.
Pkgsrc changes:
- none
Changes since version 2.09:
===========================
2.10 Fri Dec 02 07:36:18 EST 2005
- updated the README file to remove the reference
to CBC_R - no longer available.
- updated the README file to include performance
results for G4/1.2GHz PPC Mac OS X 10.4.X
This resolves PR pkg/34407 by Martin Wilke.
Pkgsrc changes:
- took maintainership
Changes since version 5.41:
===========================
5.43 Sat Aug 5 02:36:18 MST 2006
- undid Perl Best Practice of favoring 3-argument "open"
-- 3-arg version uses different semantics for "-"
causing bugs in addfile and shasum
- modified underlying C functions to use ANSI prototypes
-- requested by Steve Hay (ref. Smoke [5.9.4] 28630)
-- K&R style was causing numerous warnings from
Borland compiler
5.42 Mon Jul 24 04:04:40 MST 2006
- minor code changes suggested by Perl::Critic
-- e.g. no bareword filehandles, no 2-argument open's
- updated public key (ref. B538C51C)
-- previous one (0AF563FE) expired July 2, 2006
- added documentation to warn that Base64 digests are NOT padded
-- padding must be done by user if interoperability
with other software is required
This resolves PR pkg/34398 by Martin Wilke.
Pkgsrc changes:
- none
Changes since version 2.17:
===========================
2.19 Tue Jul 18 18:39:57 EDT 2006
- Renamed Crypt::CBC-2.16-vulnerability.txt so that package installs
correctly under Cygwin
2.18 2006/06/06 23:17:04
- added more documentation describing how to achieve compatibility
with old encrypted messages
tools which allow to use GnuPG from Emacs (EasyPG Assistant), and a
fully functional interface library to GnuPG (EasyPG Library.) It does
not cache passphrases, so gpg-agent (security/gnupg-devel) is
recommended.
- If SSL_cipher_list is not given it uses the openssl default
instead of setting it to 'ALL:!LOW:!EXP' like before. The old
value included ADH and this might be a bad idea, see BUGS why.
Resolves PR pkg/34392 by Martin Wilke
Noteworthy changes in version 1.2.3 (2006-08-28)
------------------------------------------------
* Rewrote gcry_mpi_rshift to allow arbitrary shift counts.
* Minor bug fixes.
be sure not to use them (NULL pointers) when showing information to the user.
Fixes crashes when clicking on saved keyring items.
Bump PKGREVISION to 2.
This fixes gnome-keyring under NetBSD which, AFAICT, didn't work at all.
There are still some problems remaining in gnome-keyring-manager, but I
think these are not related to this issue.
- In case an IDMEF-Service object contain neither name or port
attribute, set name to "unknown" in order to avoid IDMEF DTD
validation issue.
- Normalize analyzer(*).node.
PKG_SYSCONFDIR: 1) prelude-manager and 2) prelude (install by libprelude).
Consequently, PKG_SYSCONFSUBDIR can't be set to prelude-manager.
Corrected and PKGREVISION bumped.
For OpenSSL 0.9.8b SSLeay_add_all_algorithms() does not setup any
algorithms, wheras SSL_library_init() does. The net result was that
SSL_CTX_new() would return a NULL pointer causing a perl coredump
in such cases as:
my $request = HTTP::Request->new( "GET", 'https://<some_url>' );
my $ua = LWP::UserAgent->new;
my $response = $ua->request($request);
Tracking this down was an entire flaming evening and change of my
life that I'm never going to get back, but at least my NetBSD-4
retail machines can now run NetBSD-4 built perl binaries again.
Changes include:
1.5a
* A typo in an assert caused Honeyd to crash for most services.
* The subsystem support did not correctly support
getsockname for sockets coming via accept().
1.5b
* A crash when processing ARP packets.
* Correct default action handling for UDP packets.
* Fixed --without-python flag when using configure.
- Use preludedb_delete_(alert|heartbeat)_from_list(). Require
libpreludedb 0.9.9. Provide a deletion performance improvement
of around 3000%.
- Handle multiple listed source/target properly. Separate
source/target in the message listing.
- Make host command/Information link available from the Sensor
listing.
- Always take care of the "external_link_new_window" configuration
parameter.
- Make external command handling more generic. Allow to specify
command line arguments.
- Allow to define unlimited number of external commands rather than
only a defined subset (fix#134).
- Avoid toggling several popup at once in the HeartbeatListing.
- Only provide lookup capability for known network address type (fix#76).
- New address and node name lookup provided through prelude-ids.com service.
- Link to new prelude-ids.com port lookup instead of broken portsdb
database (fix#162).
- Various bug fixes.
