since they always need a C compiler, even when the source code is
completely in C++.
For some other packages, stated in the comment that a C compiler is
really not needed.
to all internal recursive make processes. As such, rename it to
"PKGSRC_MAKE_ENV".
XXX Note, some of the usage of this variable in package Makefiles seems
XXX incorrect. They probably want "MAKE_ENV", which is the environment
XXX passed to the make process when running "make" within ${WRKSRC}.
Wireshark is a network protocol analyzer and the successor of "ethereal".
Changes since "ethereal" version 0.99.0:
- The GSM BSSMAP dissector could crash. Versions affected:
0.10.11.
- The ANSI MAP dissector was vulnerable to a format string
overflow. Versions affected: 0.10.0.
- The Checkpoint FW-1 dissector was vulnerable to a format
string overflow. Versions affected: 0.10.10.
- The MQ dissector was vulnerable to a format string overflow.
Versions affected: 0.10.4.
- The XML dissector was vulnerable to a format string overflow.
Versions affected: 0.10.13.
- The MOUNT dissector could attempt to allocate large amounts of
memory. Versions affected: 0.9.4.
- The NCP NMAS and NDPS dissectors were susceptible to
off-by-one errors. Versions affected: 0.9.7.
- The NTP dissector was vulnerable to a format string overflow.
Versions affected: 0.10.13.
- The SSH dissector was vulnerable to an infinite loop. Versions
affected: 0.9.10.
- The NFS dissector may have been susceptible to a buffer
overflow. Versions affected: 0.8.16.
- The "Follow TCP Stream" dialog now wraps long lines.
- Problems with ring buffers under 0.99.0 have been fixed.
- It was possible for Wireshark to crash when closing the
capture information dialog. This has been fixed.
- It was possible for Wireshark to crash when using the "Find"
feature. This has been fixed.
- Wireshark could crash if an interface was removed while
viewing the interface list. This has been fixed.
- Multicast stream analysis (Statistics->Multicast Streams) has
been added. It lets you determine burst size, output buffer
size, and losses for multicast data.
- TCP reassembly has been updated and improved.
- Expert analysis has been updated and improved.
- SCSI service response time statistics have been added.
- You can now find next/previous marked frames.
- The LDAP and SNMP dissectors have been completely rewriten.
- The SMB dissector now tracks filenames and share names.
Effectively, it's a packet sniffer which runs as a background process
on a cable/DSL router, gathers all sorts of useless but interesting
statistics, and serves them over HTTP.
Features:
* Traffic graphs.
* Tracks traffic per host.
* Tracks traffic per TCP and UDP port for each host.
* Embedded web-server with deflate compression.
* Asynchronous reverse DNS resolution using a child process.
* Small. Portable. Single-threaded. Efficient.
pchar-1.5: Compile fixes, minor bug fixes. Last planned release of pchar.
(12 February 2005)
Source code moved from CVS to Subversion. Although generally
not user-visible, the version control strings now use
Subversion's format.
Builds on recent (RH 9.0-vintage) Linux systems seem to work
now.
Some off-by-one errors have been fixed, based on
patches submitted by Anil Madhavapeddy
pchar with SNMP enabled now has at least a chance of working
correctly.
pchar no longer incorrectly aborts after a hop with 100%
packet loss.
pchar now does a better job of linking libraries using
--with-snmp on machines where libsnmp depends on libcrypto,
thanks to Matt Zimmerman
Some problems using --with-pcap on RedHat 7.0/7.1 (possibly
other Linux distributions as well) were found thanks to a
debugging session with Fran Boon
Changes:
Version 3.5.1 - 2006-07-05
- a coredump in pget fixed.
Version 3.5.0 - 2006-07-05
- implemented pget -c (continue) with a status file. (`set
pget:save-status never' to disable periodic saving of the status).
- new options of `repeat' command: --count (-c), --delay (-d), --while-ok,
--until-ok.
- listing and dns cache optimized; added per host enable/disable for
caching.
- made ABOR more robust.
- added support for ALLO command and ftp:use-allo setting.
- use binary mode for `quote' (e.g. `quote POST' for http).
- sped up uploading in fish protocol.
- fixed coredump in pget when terminal lacks prev_line capability.
- fixed pget for URLs with question sign.
* Updated dictionaries (as always),
* Extended Ascend "abinary" support for Juniper,
* Configurable "cipher_list" for EAP methods that use TLS,
* Additional checks on cert issuer validation for EAP methods that use TLS,
* SQL IODBC bug fixes,
* Updates to the LDAP module,
* Better catching of errors in the config files,
* Miscellaneous other fixes
In addition to this add an extra option to options.mk which is
"freeradius-simul-use". This will enable Simultaneous-Use and is
enabled by default. If you disable it freeradius can be built without
depending on the net-snmp package. Original idea from John Nemeth.
the bootstrap process and which may be needed by pkg_install. This
is distinct from the net/tnftp package that is now a "normal" package.
Modify the bootstrap script to use pkgtools/tnftp instead, and clean up
some of the registration code.
The log file needs to be writable for user=daemon, since slpd setuid()s
to that user after starting up.
Put the extremely verbose and disk-filling logging of "Parse Erorr"
packets (is this an SLPv1 vs. SLPv2 protocol versioning issue gone
bad?!?) under DEBUG, which is not normally turned on in our builds.
Change HOMEPAGE, since Caldera appears to have seen fit to remove
the www.openslp.org DNS name and associated web server. Instead point
to the SourceForge home page.
Bump package revision to 1.
Changes in libsoup from 2.2.94 to 2.2.95.1:
* Even more fixes to XML-RPC, found by the new XML-RPC
regression test. This includes some API changes that I don't
feel guilty about, because the code totally didn't work at
all before.
* Fixed a bug in soup_mktime_utc()
* (2.2.95 was identical to 2.2.95.1. The only difference is
that the shared library version was belatedly bumped from
8.2.0 to 8.3.0 to reflect the API "additions")
Collection.
PHP is a programming language designed to be embedded into web pages.
This module implements a Z39.50 client for PHP using the YAZ toolkit.
Changes in version 0.1.1.22 - 2006-07-05
o Major bugfixes:
- Fix a big bug that was causing servers to not find themselves
reachable if they changed IP addresses. Since only 0.1.1.22+
servers can do reachability testing correctly, now we automatically
make sure to test via one of these.
- Fix to allow clients and mirrors to learn directory info from
descriptor downloads that get cut off partway through.
- Directory authorities had a bug in deciding if a newly published
descriptor was novel enough to make everybody want a copy -- a few
servers seem to be publishing new descriptors many times a minute.
o Minor bugfixes:
- Fix a rare bug that was causing some servers to complain about
"closing wedged cpuworkers" and skip some circuit create requests.
- Make the Exit flag in directory status documents actually work.
While here, patch sample config file to log to syslog per default to make
sure that tor starts as a daemon with the default config.
2006-01-04 Hajimu UMEMOTO <ume@mahoroba.org>
* dtcps.rb (service_dtcp): When new connection request for UDP
tunnel comes, don't disconnect existing connection even if is
comes from same IPv4 address.
* dtcpc.rb, dtcps.rb: Make an IPv6 over an IPv4 tunnel NAT
friendly. If -n option is specified to dtcpc, it is enabled. It
requires some modification to ng_ksocket of server side.
2006-01-02 Hajimu UMEMOTO <ume@mahoroba.org>
* dtcpc.rb, dtcps.rb: Add experimental support for an IPv6 over an
IPv4 tunnel using Netgraph. The relevant options are -b and -U.
* dtcps.rb: Trap SIGINT as well as SIGTERM, and ignore SIGHUP.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
From the change log:
# Patched security flaw in iaxclient
# Patched md5 to work on amd64 (Jasmin Buchert)
# Added Malay translation (Mohd Effendi Jaafar)
set OVERRIDE_DIRDEPTH to find any libtool scripts deeper in the WRKSRC
tree unless they're named something other than "libtool".
SHLIBTOOL_OVERRIDE generally doesn't need to be specified either -- just
define it to the empty list and shlibtool-override will look for libtool
scripts.
variables so that the default INSTALL/DEINSTALL scripts from the
pkginstall framework do the right thing. Where possible, move some
post-install directions for package setup into MESSAGE files so that
they may be re-inspected by querying the installed package using
"pkg_info -D ...".
Changes in libsoup from 2.2.93 to 2.2.94:
* Various fixes to the XML-RPC code (which apparently had not
actually ever worked before) from Brent Smith. [343973,
344222, 344458]
* Added client and server API tutorials to the docs
* auth-test now uses a local Apache 2.2 install, if possible,
rather than depending on files that used to be on an old
Ximian web server but haven't been anywhere for a long time.
[311825]
2006/06/19: version 2.7.7 = tag release-2-7-7
5196: IP: Store IPs with two int values instead of four to save RAM (pango)
5195: BT: Log tracker error messages in UTF-8
5194: HTML: Print warning on opening page when enable_servers is set to false
2006/06/18
5191: HTML: remove sysinfo on opening page & option motd_html
5192: Fix deactivation of verbosity "gui"
5163: Configure: CVS SCM support for Mac OS X 10.3 (gstat)
2006/06/17
5158: HTML: Use table for printing buildinfo and runinfo data (schlumpf, pango)
2006/06/16
5187: New option: BT_import_new_torrents_interval,
ignore Thumbs.db & desktop.ini in directory lists
5186: GUI: Send only non-empty real_startup_message string
2006/06/15
5156: HTML, improve Options output (schlumpf)
* new command html_mods_use_js_helptext (true|false)
to change display of helptext between javascript popup`s and html table
* fix some padding and border bugs
* add "toggle js_helptext" button to 'vo' and 'voo' to directly toggle the style
2006/06/12
5061: New option small_files_slot_limit to push release of small files (pango)
all files below the configured file size (default 10kb) are uploaded
through one reserved slot
5144: Increase default max_upload_rate to 10 (schlumpf)
5177: HTML, Options: update display after changing options (schlumpf)
5176: Swarming: Change error message text and verbosity for BAD WRITE
BAD WRITE is not really an error, MLDonkey just receives unwanted data
5175: GTK1 oldgui: Last compile fix for abstract verification bitmaps (pango)
5174: Abstract verification bitmaps:
compile fixes for GTK1 GUIs, move generic code to CDK (pango)
5173: Swarmer: Small fix for merged downloads (WIP7b') (pango)
2006/06/11
5172: EDK: Log error which causes pausing a download
5171: New command group "Driver/Users",
print help text for "Bad number of arguments" error message
5170: Fix default max_indirect_connections, minimum is 30
5169: HTML, Options: add description to option section buttons,
remove 'save' button (schlumpf)
5168: Global module to abstract verification bitmaps (pango)
5167: Swarmer: Fix saving ini data for merged downloads (pango)
5166: Swarmer: New module to abstract verification bitmaps (pango)
2006/06/07
5164: CommonSwarming: Pangos WIP5e'
* When cutting a range, the reciprocal link of the range after the right part
still references the left part
* When cutting a block in two parts can before empty, but then can also before
complete (if they have no ranges left)
* Added bad_writes_is_back patch
* When find_range can only find ranges already being downloaded, it now first
does a quick check to see if there's no other, probably more interesting,
blocks remaining. If so, it forces a block change (report no more ranges left)
* While it's a good feature in itself, it's probably a workaround for a bug in
select_block (?); It seems that blocks oversaturated with sources happen way
too often (4 or 5 sources on a single range shouldn't happen).
* Compute the size of unselected ranges in each blocks, so that sources don't
"rush" on blocks just left by a source.
* Some BAD WRITEs seems to happen because we forget ranges we requested
(when switching blocks ?)
* Replaced call to clear_uploader_ranges by a call to clear_uploader_intervals
in BitTorrent support Choke message handler.
5063: EDK: remove duplicate entries in shared_files_new.ini (pango)
5160: Remove stale avifile.ml, clean commonMultimedia logging
5159: Compute magic values only when needed
5157: add some line breaks to option help text for shorter lines (schlumpf)
2006/06/01
5153: New command: force_web_infos to manually download web_infos URLs
5152: Do not connect friends from disabled networks
5151: Options: New stringvalue functions needed for multiuser support
5150: Log: Fix log when server list is empty in check_blocked_servers
2006/05/31
5149: Log: Some additions for commonSwarming
5148: Mail: Fix for multiline SMTP responses (zet)
5143: HTML/Telnet: Country codes for servers
5147: G1/G2: Display proper filename (and therefore support rename) (zet)
5145: EDK: Fix md4 hashing when filesize is an exact multiple
of edk chunk size, MLDonkey is now eMule-compatible (zet)
2006/05/30
5141: Swarmer: New option swarming_block_selection_algorithm (pango)
* Allow to choose swarmer block selection algorithm at runtime.
- Algorithm 1 is the current default algorithm
- Algorithm 2, from WIP3o patch, should try harder to complete partially
downloaded chunks, specially with Bittorrent. It was previously
reverted because of unknown performance problem (slower download ?)
5140: Update .cvsignore files (pango)
5138: Catch ip banned exception (zet)
5137: HTML: Fix display of file magic values with '
5136: FileTP: fixes and enhancements (zet)
* Add "FTP-chunk_size" option (0 = no chunks = download full file at once)
-- A chunk_size would be required if downloading from > 1 source
* Add FTP downloads to bandwidth controller (for stats & speed limiter)
* Support FTP sites that do not buffer input (MS FTP)
* Add support for user/pass (http://user:pass@site or ftp://user:pass@site).
This also adds user/pass support to http_client.
* Error codes from HTTP (ie: 404) and some from FTP are supported (530 sometimes
signals a retry, sometimes a login failure so a regex was used (lftp)).
Downloads are paused when a hard error is received (and noted in the log).
2006/05/25
5131: New option gui_log_size: number of lines for GUI console messages
5129: HTML: Display client_bind_addr in options menu
5124: Log: Login messages can be disabled with verbosity "no-login"
5130: CommonSwarming: Pangos WIP4a'
thanks for testing goes to SchAmane, CruX, jave (forgot someone?)
That's a huge patch over CommonSwarming module (whose job is to select what data
to ask from connected sources, and the merging of received data),
I hope I'm not forgetting anything important :
* first, it's a mantainance patch; Lots of code have been reworked for
readability and compactness (iterators...), functions grouped together,
sometimes renamed to more descriptive names. Lots of comments have been added,
including the description of invariants I've found, and a nice ASCII art
schema of the swarming datastructures ;)
* naming has been made more consistant, to differenciate chunks (from each
network view) from blocks (internal to swarming), and intervals (list of
int64 * int64 beggining/end offset pairs)
* Support for bitmaps encoded as strings (AvailableCharBitmap) removed, since
it's no longer used anywhere; use the more compact AvailableBitv instead
* Removed range_current_begin from ranges, it's enough for a range to have a
beginning and a end ;)
* Rewrote compute_block_num to have precise preconditions, and algorithm proof
* Added some assertions to better enforce invariants
(on verification bitmaps, for example)
* Allocation of ranges is now delayed until the very last moment, instead of
when a chunk starts being downloaded. Main benefit (beside small memory gain)
is that requests for different ranges sizes can be fulfilled at any time.
* Modified received function so that no BAD WRITE message can happen anymore:
condition when data that does not start from the beginning of a range is
correctly detected and data discarded
(since ranges cannot handle that case anyway)
* Rewrote a much simpler version of present_intervals
* Rewrote block selection algorithm for readability and flexibility; select_block
simply "folds" over all available blocks, using compare_choices function to
keep the best available one(s). May need some more CPU (no fast exit)
* Fixed donkey uploaders calls when disconnected
* Reenable the copy of identical chunks between files. Opportunities for copies
are checked every 5 minutes.
* Made file writing a bit smarter in Unix32 module so that writing zeroed chunks
(as can happen a lot with chunks copying) on an otherwise sparse temp file
does not allocate disk space. A bit hackish.
2006/05/23
5121: EDK: Remove obsolete option emule_compression
5122: improve block_list output and runinfo ip blocking (schlumpf)
5123: Fix Invalid_argument("UTF8.length") bug in HTML, down-/uploaders
- bite the bullet and use GNU make, it's increasingly annoying to try
avoiding it
Changes:
- Added a dozens of more detailed SSH version detection signatures,
thanks to a SSH huge survey and integration effort by Doug Hoyte.
The results of his large-scale SSH scan are posted at
http://seclists.org/nmap-dev/2006/Apr-Jun/0393.html .
- Fixed the Nmap Makefile (actually Makefile.in) to correctly handle
include file dependencies. So if a .h file is changed, all of the
.cc files which depend on it will be recompiled. Thanks to Diman
Todorov (diman(a)xover.mud.at) for the patch.
- Fixed a compilation problem on solaris and possibly other platforms.
The error message looked like "No rule to make target `inet_aton.o',
needed by `libnbase.a'". Thanks to Matt Selsky
(selsky(a)columbia.edu) for the patch.
Fixes PR pkg/33806 from Gilles Dauphin.
- Applied a patch which helps with HP-UX compilation by linking in the
nm library (-lnm). Thanks to Zakharov Mikhail (zmey20000(a)yahoo.com)
for the patch.
- Added version detection probes for detecting the Nessus daemon.
Thanks to Adam Vartanian (flooey(a)gmail.com) for sending the patch.
dutifully installs whatever it thinks might be missing or just
substandard on the current system.
As the Makefile already adds the contents of share/doc/bind9
dynamically to the PLIST, do the same for include/bind.
Fixes the PLIST on RedHat EL 2 & 3, and does not break it on NetBSD/3
No PKGREVISION bump as no change to anything but generated PLIST
Changes:
4.10:
=====
- Updated nmap-mac-prefixes to reflect the latest OUI DB from the IEEE
(http://standards.ieee.org/regauth/oui/oui.txt) as of May 31, 2006.
Also added a couple unregistered OUI's (for QEMU and Bochs)
suggested by Robert Millan (rmh(a)aybabtu.com).
- Fixed a bug which could cause false öpen" ports when doing a UDP
scan of localhost. This usually only happened when you scan tens of
thousands of ports (e.g. -p- option).
- Fixed a bug in service detection which could lead to a crash when
"--version-intensity 0" was used with a UDP scan. Thanks to Makoto
Shiotsuki (shio(a)st.rim.or.jp) for reporting the problem and Doug
Hoyte for producing a patch.
- Made some AIX and HP-UX portability fixes to Libdnet and NmapFE.
These were sent in by Peter O'Gorman
(nmap-dev(a)mlists.thewrittenword.com).
- When you do a UDP«CP scan, the TCP ports are now shown first (in
numerical order), followed by the UDP ports (also in order). This
contrasts with the old format which showed all ports together in
numerical order, regardless of protocol. This was at first a "bug",
but then I started thinking this behavior may be better. If you
have a preference for one format or the other, please post your
reasons to nmap-dev.
- Changed mass_dns system to print a warning if it can't find any
available DNS servers, but not quit like it used to. Thanks to Doug
Hoyte for the patch.
4.04BETA1:
==========
- Integrated all of your submissions (about a thousand) from the first
quarter of this year! Please keep 'em coming! The DB has increased
from 3,153 signatures representing 381 protocols in 4.03 to 3,441
signatures representing 401 protocols. No other tool comes close!
Many of the already existing match lines were improved too. Thanks
to Version Detection Czar Doug Hoyte for doing this.
- Nmap now allows multiple ingored port states. If a 65K-port scan
had, 64K filtered ports, 1K closed ports, and a few dozen open
ports, Nmap used to list the dozen open ones among a thousand lines
of closed ports. Now Nmap will give reports like "Not shown: 64330
filtered ports, 1000 closed ports" or "All 2051 scanned ports on
192.168.0.69 are closed (1051) or filtered (1000)", and omit all of
those ports from the table. Open ports are never ignored. XML
output can now have multiple <extraports> directive (one for each
ignored state). The number of ports in a single state before it is
consolidated defaults to 26 or more, though that number increases as
you add -v or -d options. With -d3 or higher, no ports will be
consolidated. The XML output should probably be augmented to give
the extraports directive 'ip', 'tcp', and 'udp' attributes which
specify the corresponding port numbers in the given state in the
same listing format as the nmaprun.scaninfo.services attribute, but
that part hasn't yet been implemented. If you absoultely need the
exact port numbers for each state in the XML, use -d3 for now.
- Nmap now ignores certain ICMP error message rate limiting (rather
than slowing down to accomidate it) in cases such as SYN scan where
an ICMP message and no response mean the same thing (port filtered).
This is currently only done at timing level Aggressive (-T4) or
higher, though we may make it the default if we don't hear problems
with it. In addition, the --defeat-rst-ratelimit option has been
added, which causes Nmap not to slow down to accomidate RST rate
limits when encountered. For a SYN scan, this may cause closed
ports to be labeled 'filtered' becuase Nmap refused to slow down
enough to correspond to the rate limiting. Learn more about this
new option at http://www.insecure.org/nmap/man/ . Thanks to Martin
Macok (martin.macok(a)underground.cz) for writing the patch that
these changes were based on.
- Moved my Nmap development environment to Visual C++ 2005 Express
edition. In typical "MS Upgrade Treadmill" fashion, Visual Studio
2003 users will no longer be able to compile Nmap using the new
solution files. The compilation, installation, and execution
instructions at
http://www.insecure.org/nmap/install/inst-windows.html have been
upgraded.
- Automated my Windows build system so that I just have to type a
single make command in the mswin32 directory. Thanks to Scott
Worley (smw(a)pobox.com>, Shane & Jenny Walters
(yfisaqt(a)waltersinamerica.com), and Alex Prinsier
(aphexer(a)mailhaven.com) for reading my appeal in the 4.03
CHANGELOG and assisting.
- Changed the PortList class to use much more efficient data
structures and algorithms which take advantage of Nmap-specific
behavior patterns. Thanks to Marek Majkowski
(majek(a)forest.one.pl) for the patch.
- Fixed a bug which prevented certain TCPÙDP scan commands, such as
"nmap -sSU -p1-65535 localhost" from scanning both TCP and UDP.
Instead they gave the error message "WARNING: UDP scan was requested,
but no udp ports were specified. Skipping this scan type". Thanks to
Doug Hoyte for the patch.
- Nmap has traditionally required you to specify -T* timing options
before any more granular options like --max-rtt-timeout, otherwise the
general timing option would overwrite the value from your more
specific request. This has now been fixed so that the more specific
options always have precendence. Thanks to Doug Hoyte for this patch.
- Fixed a couple possible memory leaks reported by Ted Kremenek
(kremenek(a)cs.stanford.edu) from the Stanford University sofware
static analysis lab ("Checker" project).
- Nmap now prints a warning when you specify a target name which
resolves to multiple IP addresses. Nmap proceeds to scan only the
first of those addresses (as it always has done). Thanks to Doug
Hoyte for the patch. The warning looks like this:
Warning: Hostname google.com resolves to 3 IPs. Using 66.102.7.99.
- Disallow --host-timeout values of less than 1500ms, print a warning
for values less than 15s.
- Changed all instances of inet_aton() into calls to inet_pton()
instead. This allowed us to remove inet_aton.c from nbase. Thanks to
KX (kxmail(a)gmail.com) for the patch.
- When debugging (-d) is specified, Nmap now prints a report on the
timing variables in use. Thanks to Doug Hoyte for the patch. The
report loos like this:
---------- Timing report ----------
hostgroups: min 1, max 100000
rtt-timeouts: init 250, min 50, max 300
scan-delay: TCP 5, UDP 1000
parallelism: min 0, max 0
max-retries: 2, host-timeout 900000
-----------------------------------
- Modified the WinPcap installer file to explicitly uninstall an
existing WinPcap (if you select that you wish to replace it) rather
than just overwriting the old version. Thanks to Doug Hoyte for
making this change.
- Added some P2P application ports to the nmap-services file. Thanks
to Martin Macok for the patch.
- The write buffer length increased in 4.03 was increased even further
when the debugging or verbosity levels are more than 2 (e.g. -d3).
Thanks to Brandon Enright (bmenrigh(a)ucsd.edu) for the patch. The
goal is to prevent you from ever seeing the fatal error:
"log_vwrite: write buffer not large enough -- need to increase"
- Added a note to the Nmap configure dragon that people sick of him
can submit their own ASCII art to nmap-dev@insecure.org . If you
are wondering WTF I am talking about, it is probably because only
most elite Nmap users -- the ones who compile from source on UNIX --
get to see the 'l33t ASCII Art.
SSL libraries to build couriertls, which encapsulates the logic for
handling SSL connections for Courier services. Drop the dependency
on openssl from both courier-imap and courier-mta, which only need
the "openssl" tool instead. Bump the PKGREVISIONs for all three
packages due to the changed dependencies. Problem noted by Ondrej
Tuma in private email.
1.2.6:
Sam Lantinga - Sun Apr 30 01:48:40 PDT 2006
* Added gcc-fat.sh for generating Universal binaries on Mac OS X
* Updated libtool support to version 1.5.22
Sam Lantinga - Wed Nov 19 00:23:44 PST 2003
* Updated libtool support for new mingw32 DLL build process
Shard - Thu, 05 Jun 2003 09:30:20 -0500
* Fixed compiling on BeOS, which may not have SO_BROADCAST
Kyle Davenport - Sat, 19 Apr 2003 17:13:31 -0500
* Added .la files to the development RPM, fixing RPM build on RedHat 8
Bump BUILDLINK_ABI_DEPENDS for SDL shlib changes.
o Crash and assert fixes from 0.1.1.20:
- Fix a rare crash on Tor servers that have enabled hibernation.
- Fix a seg fault on startup for Tor networks that use only one
directory authority.
- Fix an assert from a race condition that occurs on Tor servers
while exiting, where various threads are trying to log that they're
exiting, and delete the logs, at the same time.
- Make our unit tests pass again on certain obscure platforms.
[Noncritical changes, of which there are many, are in the ChangeLog.]
Pkgsrc changes:
- The module is available in the IP subdirectory on CPAN, so use the shorter
URL for MASTER_SITES.
Relevant changes since version 2.20:
====================================
- Small bug fixes
- Database update:
Apr 6 01:20 ripe.db.inetnum.gz
Apr 6 00:18 delegated-afrinic-20060406
Apr 5 18:16 delegated-apnic-20060406
Apr 6 05:03 delegated-arin-20060406
Apr 6 03:50 delegated-lacnic-20060405
net/couriertcpd.
This package contains couriertcpd(1), used to daemonize the Courier
services, and couriertls(1) used to provide TLS support for the Courier
services that support them.
These releases have better performance, numerous new features and
incorporate many bug fixes. Notable bug fixes and improvements include:
* Tcp stream properly reassembled after failed sequence check,
which may lead to possible detection evasion.
* Added configurable stream flushpoints.
* Improved rpc processing.
* Improved portscan detection.
* Improved http request processing and handling of possible
evasion cases.
* Improved performance monitoring.
Security:
ripd:
- RIPD unauthenticated route table broadcast:
CVE-2006-2223, OSVDB ID 25224, Secunia SA19910
- RIPD unauthenticated route injection:
CVE-2006-2224, OSVDB ID 25225, Secunia SA19910
[ripd] 0.98 specific command changes, allow no-auth to be set
[ripd] bugs #261, #262: Fix RIPv1 info-leak and unauthenticated route updates
[doc] Add text on 0.98 specific RIP authentication changes
[docs] Update ripd docs on version and authentication, see bugs #261,#262
Thanks to Konstantin V. Gavrilenko for report and testing.
bgpd:
- bgpd Telnet Interface DoS:
OSVDB ID 25245:
http://www.osvdb.org/displayvuln.php?osvdb_id=25245
[quagga-dev 4051]:
http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html
[bgpd] Fix infinite loop in community_str2com
[No NEWS entries for 0.98.2 to 0.98.6; many bugfixes]
From Changes:
1.27 September 8th 2005
- Fixed Autoloader/open issue (Alexander Vasiljev)
- Fixed compilation error in Perl 5.005 with semicolon
in GeoIP_database_info in IP.xs (Stephen Schulte)
- Added support for open_type (Frank Mather)
1.26 May 19th 2005
- Fixed segfault issue if non-resolvable domain name is
passed to region_by_addr or region_by_name
- Added support for GEOIP_INDEX_CACHE - which just caches
the most frequently accessed index portion of the database, resulting
in faster lookups than GEOIP_STANDARD, but less memory usage than
GEOIP_MEMORY_CACHE
From ChangeLog:
1.3.17 2006-5-14
* Fixed headers for Windows/Netware compliation (Guenter Knauf)
* Fixed Received Error -21 (Sanity check database_info string failed)
when running geoipupdate with GeoIP Country when UserId and
productIds were not specified. Bug was introduced in 1.3.15.
1.3.16 2006-4-17
* Fixed compliation error in GeoIPUpdate.c
1.3.15 2006-4-14
* Updated README documentation
* Updated geoipupdate so that it writes file as it is uncompressed instead
of storing entire GeoIP.dat file in memory (Frank Mather)
* Updated geoiplookup so that it returns GeoIP Domain Name if available
(Frank Mather)
* Updated geoipupdate so that it reports whether databases are updated
in non-verbose mode (Frank Mather)
documents that the user may wish to employ Geography::Countries in his/her
own code. Remove extraneous DEPENDS.
IP::Country only requires Geo::IP if using the MaxMind database wrapper
IP::Country::MaxMind. The default recommended database in IP::Country doc
(IP::Country::{Medium,Fast}) is builtin to IP::Country and does not require
Geo::IP at all. Remove optional DEPENDS, and add a MESSAGE instead.
Bump PKGREVISION for changes.
specified in additional variables, i.e. PKG_GECOS, PKG_HOME, PKG_SHELL,
etc., as stated in both the pkgsrc guide and the pkginstall.mk comments
since 2006/04/23, or one month before this package was imported.
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
Changes:
* Hot key screen switching now restores last cursor position
* Fixed loss of hot keys when reloading configuration
* Fixed autorepeating on win32 (no longer sending repeating key releases)
* Fixed autorepeating on X11 (non-repeating keys were repeating)
* Fixed AltGr issues on X11
* Fixed modifier mapping bug on OS X client (caused wrong characters)
* Fixed one way for modifiers to get stuck active on all platforms
* Fixed bugs in win32 GUI
* Removed alloca() from unix code (should fix FreeBSD build)
* Added more debugging output for network problems
* Fixed failure to detect some errors on X11
Changes:
* Added preliminary support for configurable hot keys (Lorenz Schori)
* Major rewrite of keyboard handling code
* Fixed non-US keyboard handling (AltGr and ISO_Level3_Shift)
* Now supporting all installed keyboard layouts simultaneously
* Fixed bug in handling remapped caps-lock on X11
* Fixed control and alt keys getting stuck on on X11
* Fixed desktop focus problems requiring extra clicks on win32
* Fixed alt key event getting passed to server when on client on win32
* Synergy would prevent alt+numpad character entry; this is fixed
* Fixed suppression of xscreensaver 2.21 on X11
* Fixed middle mouse button dragging on OSX server (Brian Kendall)
* Fixed caps/num/scroll lock toggles getting out of sync
* Enhanced support for converting clipboard text to the Latin-1 encoding
* Added autostart documentation for KDE users
* Added more details about using Terminal for OSX users
* Fixed crash when using --help on certain platforms
Changes:
* Kopete
o Fix automatic spellchecking when turning off rich text
o Prevent contacts from being added to a server side group called
Top Level
o Message notification in contactlist
o Fix crash for AIM
o Kopete is closing down all connections and reconnects after
about each 1 minute
o Fix Kopete crash after change ICQ status to online.
o Fix crash in ICQ on disconnect due to connect elsewhere.
Changes in libsoup from 2.2.92 to 2.2.93:
* Fixed outgoing data corruption caused when SoupServer
started writing out a response a second time after already
having started once. [334469]. Also fixed 342640 and another
bug caused by the workaround for 334469 in 2.2.92. Based on
patches and analysis from William Jon McCann and Armin
Bauer.
* Fixed a deadlock when changing a session's proxy URI.
[309867 / bnc 174255, based on a patch by Veerapuram
Varadhan].
* Fixed https-via-proxies in the synchronous case. [bnc 174255]
* Fixed a crash in evolution-exchange [342545, fix based on an
analysis by Wang Xin].
* Fixed simple-proxy to not crash at startup. Oops. (Alex
Larsson)
Changes:
- get1 can now automatically rename files to server suggested file name.
- new settings fish:charset and sftp:charset (for sftp version<4).
- fixed http chunked transfers with explicit Content-Length.
- fixed compilation with sun c++ compiler.
- fixed compilation without ssl.
2006/05/21: version 2.7.6 = tag release-2-7-6
5119: HTML, Options: Include Wiki link in options names
5117: Telnet: replace "avail" by "last seen"/fix non-ASCII-filename column width
2006/05/20
5118: Log: Correct prefix for donkeyClient.ml
5116: HTML: Fix javascript popup in search results for Opera (dextarr)
5112: Fix lprintf_nl (search/replace ()'s) (zet)
5113: Fix config/wget.c (zet)
5111: Configure: Fix $SOURCE_DIR broken since patch #5095
5109: New option: pause_new_downloads
- Set to true all new downloads will be paused automatically.
- This option is automatically set to false on core start.
2006/05/19
5107: Configure: Check for MAGIC_ERROR in magic.h
5106: BT: only send stop once on exit and then wait for success (Amorphous)
5105: BT: Avoid starting torrent which has the same name
as a currently downloading torrent
2006/05/18
5097: HTML: Improved DL multiline input button (jave)
5103: Fix compile bug in magiclib_stub.c on Solaris & NetBSD
2006/05/17
5101: G2: Gnutella2 fixes/log updates (zet)
- Gnutella2 (G2) is working again
- Re-enables search result networks
- Log logged-in users
5098: EDK: Update option description for initial_score
2006/05/15
5090: Http_client: Fix 302 redirect when Location starts with "."
and filename changes
5095: Configure: improve libpng detection, optical improvements
2006/05/14
5094: Wget: New internal variable req_save <bool>
5093: CommonSwarming: Verbose error message if file size does not match
5092: HTML, rss: Add startbt link
5091: HTML: update EDK history links
2006/05/13
5089: IPBlock: Print seperate lists in block_list command for IPs
blocked by local and web IP blocklists (pango)
2006/05/12
4976: Filetype recognition with libmagic
- new debug command: debug_dir, prints magic values for all files
- display file magic values in vd & upstats HTML popup & vd #num
NetBSD/Solaris users have to disable this function "--disable-magic"
until this bug is fixed:
http://savannah.nongnu.org/patch/?func=detailitem&item_id=4976#comment9
5088: Gnutella/FT/http_client fixes (zet)
- Gnutella (G1) is working again
2006/05/11
5087: HTML, upstats: new tooltip with complete filename,
respect max_name_len for filename
2006/05/10
5083: HTML: Update EDK file history links (unease)
2006/05/09
5082: FileTP/Fasttrack/Soulseek: Fix splitting chunks off-by-one (pango)
5081: Change default ip_blocking_descriptions to false for faster startup
5080: Only print servers of enabled networks (pango)
5079: Ignore ._* in directory lists (pango)
5078: Telnet: Remove HTML code from sysinfo command
5077: FT: Fix fasttrack connection problem and adds a bootstrap nodes file url
Removes old/broken imesh bootstrap node (zet)
2006/05/07
5076: Gd: Do not disable html_mods_vd_gfx if core is compiled without GD support
5075: DNS round robin, keep all IP addresses associated with DNS names,
and return next one upon each request. (pango)
2006/05/06
5069: EDK: Fix broken unicode URIs parsing broken since 2.7.4 (pango)
5074: Change default Ocaml version to 3.09.2
5073: Update default IP blocklist URL, replaced
http://www.bluetack.co.uk/config/antip2p.txt with
http://www.bluetack.co.uk/config/level1.gz
5068: New global option user_agent, current option BT-user_agent overrides
the global value in BT module (pango)
5064: BT: only try to connect to http trackers (pango)
5040: Overnet: Open TCP port only when network is active
2006/04/14
5036: BT: Correctly parse .torrent files with an empty directory (again)
5039: Fix dp500 compile
against "libttf" because the "net/mrtg/Makefile" enforced that. Only
depend on "freetype2" (indirectly via "gd") which is what "mrtg" really
uses these days. Bump package revision.
Fix bug when displaying bad DB names used with !j command.
Changes 2.2.7:
Fixed file descriptor leak when journal file is corrupted.
Changes 2.2.6:
Fixed UII "show ip" command so that it does not crash IRRd. Also
fixed incorrect output when more specific option is used with this command.
Changes 2.2.5:
Allow more specific expansions for /8's or longer (instead of /16).
o Disabled code for shutting down idle sockd processes, appears to need
more testing.
o Upgrade to Automake 1.9.6.
o Use __libc_enable_secure if it exists and issetugid() doesn't.
Should allow the SOCKS_CONF environment variable to be used on Linux.
o Check if large files need special support; logfiles can grow large.
o Drop trying to optimize away unnecessary PAM calls, creates
obscure problems on some PAM-Linux implementations.
o Fixed bug introduced as part of additions to better preserve TCP
semantics across connections.
o New module available: session. This gives control over how
many sessions different clients can create.
o In order to share some code, there were some api changes
made to the bandwidth module, requiring users to upgrade.
Users of the bandwidth module can contact sales for a free upgrade.
o Fix bug preventing immediate-error on wrong password to take effect
for servers configured to use PAM.
o Update usage of 'head'.
o Support server-chaining. Currently only the tcp connect command
is supported. It might be possible to add support for udp and
tcp bind if requested.
o Fix PAM-related bug introduced in version 1.1.16.
- maintainer -> tv
Changes (summary):
some major security fixes, including entry guards to protect the
beginning of the circuit, exit enclaves to protect the end, and better
firewall support; a new directory protocol that improves bandwidth use
and keeps clients more up to date; two new directory authorities;
a new ascii-based controller protocol that lets people easily write
applications to interact with Tor; and
many scalability and performance improvements
Full changes available at
http://archives.seul.org/or/announce/May-2006/msg00000.html:
it will live with other "check" targets run after package installation.
Get rid of SHLIB_HANDLING, whose meaning had mutated over the years
from one thing to another. Currently, it is used to basically note
whether the system's "ldd" command can be usefully run on the package's
binaries and libraries. Rename this variable to CHECK_SHLIBS_SUPPORTED
for more clarity.
CHECK_SHLIBS is now a variable set exclusively by the user in /etc/mk.conf
to note whether the check for missing run-time search paths is performed
after a package is installed. It defaults to "no" unless PKG_DEVELOPER
is set.
