This addresses PR#29271.
Changes include:
Version 4.5.3 adds a new commandline switch to f-protd, '-fullreport'
and new possible summary codes (see man page for details).
Version 4.5.2 is a bugfix release; f-protd would misidentify .pdf files
and block them from being delivered.
Version 4.5.1 is a bugfix release to fix a bug in scan-mail.pl where
scan-mail.pl would exit after first scan request on some unix platforms,
because of differing signal mechanism between BSD and SysV
Version 4.5.0 contains various bugfixes and improvements to the
documentation and software.
o check-updates.pl has been modified. It now identifies itself with a
unique user-agent string containing information on OS, kernel and
architecture.
o contains a major overhaul of the virus scanning engine
(new engine version 3.16.1). These changes improve its
detection capabilities. The engine can now better detect and
handle executable packers, often used by malware authors to conceal
malicious code.
o includes a more generic JPEG GDI+ exploit detection
o includes EMF/WMF image format exploit detection
o encrypted executables inside archives are now reported as
"could be a suspicious file (encrypted program in archive)",
previously reported as "could be a security risk".
o The argument switch "-archive" has been changed to support the form
"-archive=n" where n is a non-negative integer. This causes f-prot
to scan only n levels deep into nested archives of supported types in
order to protect against 'arhcive-bombs'.
The old form "-archive" is still supported, although depreciated, and
implies n==5. See the man page for details.
o Minor modifications in the DTD for the f-prot daemon XML.
o Bugfix where f-prot would return IO_ERROR when attempting to scan
unsupported partial archive files, e.g. .z01 files
o Improved RAR support. F-Prot fully supports rar versions 1.5, 2.0 and
2.6 and partially supports rar 2.9 (doesn't support RAR Virtual
Machine and the PPM model features)
- Fix --with-apr=/usr and/or --with-apr-util=/usr. Problem report 29740.
[Max Bowsher <maxb ukf.net>]
- mod_proxy: Fix ProxyRemoteMatch directive. Problem report 33170.
[Rici Lake <rici ricilake.net>]
- mod_proxy: Respect errors reported by pre_connection hooks.
[Jeff Trawick]
- --with-module can now take more than one module to be statically
linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
If the <modtype>-subdirectory doesn't exist it will be created and
populated with a standard Makefile.in. [Erik Abele]
- Fix the RPM spec file so that an RPM build now works. An RPM
build now requires system installations of APR and APR-util.
Remove some arbitrary moving around of binaries - the RPM now
maps to the ASF build of httpd.
[Graham Leggett]
- mod_dumpio, an I/O logging/dumping module, added to the
modules/expermimental subdirectory. [Jim Jagielski]
- mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
library handles special characters. Problem report 24437.
[Jess Holle]
- Win32 MPM: Correct typo in debugging output. [William Rowe]
- conf: Remove AddDefaultCharset from the default configuration because
setting a site-wide default does more harm than good.
Problem report 23421. [Roy Fielding]
- Add charset to example CGI scripts. [Roy Fielding]
- mod_ssl: fail quickly if SSL connection is aborted rather than
making many doomed ap_pass_brigade calls.
Problem report 32699. [Joe Orton]
- Remove compiled-in upper limit on LimitRequestFieldSize.
[Bill Stoddard]
- Start keeping track of time-taken-to-process-request again for
mod_status if ExtendedStatus is enabled. [Jim Jagielski]
- mod_proxy: Handle client-aborted connections correctly.
Problem report 32443. [Janne Hietamäki, Joe Orton]
- Fix handling of files >2Gb on all platforms (or builds) where
apr_off_t is larger than apr_size_t.
Problem report 28898. [Joe Orton]
- mod_include: Fix bug which could truncate variable expansions
of N*64 characters by one byte. Problem report 32985. [Joe Orton]
- Correct handling of certain bucket types in ap_save_brigade, fixing
possible segfaults in mod_cgi with #include virtual.
Problem report 31247. [Joe Orton]
- Allow for the use of --with-module=foo:bar where the ./modules/foo
directory is local only. Assumes, of course, that the required
files are in ./modules/foo, but makes it easier to statically
build/log "external" modules. [Jim Jagielski]
- Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that
ldap authorization only modules have access to the util_ldap
user cache without having to require ldap authentication as well.
Problem report 31898. [Jari Ahonen jah progress.com, Brad Nicholes]
- mod_auth_ldap: Added the directive "Requires ldap-attribute" that
allows the module to only authorize a user if the attribute value
specified matches the value of the user object. Problem report 31913
[Ryan Morgan <rmorgan pobox.com>]
- SECURITY: CAN-2004-0942 (cve.mitre.org)
Fix for memory consumption DoS in handling of MIME folded request
headers. [Joe Orton]
- SECURITY: CAN-2004-0885 (cve.mitre.org)
mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be
bypassed during an SSL renegotiation. Problem report 31505.
[Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton]
- mod_ssl: Fail at startup rather than segfault at runtime if a
client cert is configured with an encrypted private key.
Problem report 24030. [Joe Orton]
- apxs: fix handling of -Wc/-Wl and "-o mod_foo.so".
Problem report 31448 [Joe Orton]
- mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d.
[Jeff Trawick]
- mod_cache: CacheDisable will only disable the URLs it was meant to
disable, not all caching. Problem report 31128.
[Edward Rudd <eddie omegaware.com>, Paul Querna]
- mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale
cache responses. [Justin Erenkrantz]
- mod_rewrite: Handle per-location rules when r->filename is unset.
Previously this would segfault or simply not match as expected,
depending on the platform. [Jeff Trawick]
- mod_rewrite: Fix 0 bytes write into random memory position.
Problem report 31036. [André Malo]
- mod_disk_cache: Do not store aborted content. Problem report 21492.
[Rüdiger Plüm <r.pluem t-online.de>]
- mod_disk_cache: Correctly store cached content type.
Problem report 30278.
[Rüdiger Plüm <r.pluem t-online.de>]
- mod_ldap: prevent the possiblity of an infinite loop in the LDAP
statistics display. Problem report 29216. [Graham Leggett]
- mod_ldap: fix a bogus error message to tell the user which file
is causing a potential problem with the LDAP shared memory cache.
Problem report 31431 [Graham Leggett]
- mod_disk_cache: Do not store hop-by-hop headers. [Justin Erenkrantz]
- Fix the re-linking issue when purging elements from the LDAP cache
Problem report 24801. [Jess Holle <jessh ptc.com>]
- mod_disk_cache: Fix races in saving responses. [Justin Erenkrantz]
- Fix Expires handling in mod_cache. [Justin Erenkrantz]
- Alter mod_expires to run at a different filter priority to allow
proper Expires storage by mod_cache. [Justin Erenkrantz]
version 0.9.5.2.0.52:
- Add apr_threadattr_stacksize_set() for overriding the default
stack size for threads created by apr_thread_create().
- Add an RPM spec file.
- Add a build script to create a solaris package.
Changes:
- Nmap now prints a warning message on Windows if Winpcap is not found
(it then reverts to raw sockets mode if available, as usual).
- documentation fixes and updates.
Changes since 0.8.8:
* Probe fixes
* Thread and queue fixes fixes
* Documentation updates
* Important GstBin state change fix - see #166371 if you subclass
Bugs fixed since 0.8.8:
* 94464 : [threads] gst_scheduler_add_scheduler() doesn't ref passe...
* 123775 : [PATCH] [api] setting state on element should force highe...
* 142588 : [threads] if all elements have been removed from a bin, s...
* 150546 : [api] Error for calling gst_pad_push in a get function is...
* 162276 : [build] gstregistry.h and gstxmlregistry.c don't build wi...
* 163234 : [PATCH] plugin loading isn't thread-safe
* 163383 : [PATCH] ogm plugins won't register
* 163801 : [PATCH] mem leak in xml registry loading
* 164062 : [PATCH] tee capsnego is broken
* 164261 : [PATCH] GST parsing doesn't recognise urls without a file...
* 165272 : [PATCH] Problem compiling gstreamer 0.8.8
* 165365 : [PATCH] gst_string_wrap() segfaults on NULL strings
* 165922 : add locking in opt
* 166269 : Typo in current .po file msgid string
* 166362 : data discarded by probes is leaked
* 166371 : GstBin derived classes not notified of state change
There are many FTP clients around these days. Most are console based, some
feature a graphical user interface. What most clients are missing is support
for latest or not so common technologies like ZeroConf, TLS/SSL or FXP (just
to name a few), accompanied by a decent user interface, that tries to support
the user instead of frustrating him.
KFTPGrabber tries to make a complete FTP client solution with support for
plugins, scripting and everything else the users needs, based on the
latest technologies KDE provides.
Here are some of the features:
- Multiple FTP sessions (tabs)
- Transfer queue
- TLS/SSL support for encrypted connections (implicit and explicit)
- Partial X509 certificate support for authentication
- FXP transfer support (site-to-site)
- OTP (one time password) support - s/key, md5, rmd160, sha1
- Drag&Drop support
- Site bookmarking
- Encrypted bookmark support (password can be saved to KWallet)
- Distributed FTP support (PRET)
- SSCN and CPSV support
- Skiplist
- ZeroConf (aka. Rendezvous) support for local site discovery
- Bookmark sharing with Kopete contacts (KDE >= 3.3)
- Bookmark import plugins
- Support for SFTP protocol [experimental]
PyTables 0.9.1:
This release is mainly a maintenance version. In it, some bugs has been
fixed and a few improvements has been made. One important thing is that
chunk sizes in EArrays has been re-tuned to get much better performance
and compression rations. Besides, it has been tested against the latest
Python 2.4 and all test units seems to pass fine.
PyTables 0.9:
In this release you will find a series of quite exciting new features,
the most important being new indexing capabilities, in-kernel selections,
support for complex datatypes and the possibility to modify values in both
tables and arrays (yeah, finally :).
Support Python 2.4
1.1.1 changes:
numarray-1.1.1 is a bugfix release to numarray-1.1. Notable bugs
fixed include memory leaks in matrixmultiply and comparison ufuncs.
1.1 changes:
I. ENHANCEMENTS
CharArray eval() sped up
Document memmap.py (memory mapping)
Unsigned int type support limited
Add kroenecker product
II. BUGS FIXED / CLOSED
max.reduce of byteswapped array
numeric compatibility byteoffset
matrixmultiply (a,b) leaves b transposed
random_array.randint exceeds boundaries
buffer not aligned on 8 byte boundary (Windows-98 broken)
Object Array repr for >1000 elements
Invalid sequences errors
Segfault in array element deletion
Incorrect handling of overlapping assignments in Numarray
Weirdness with 'new' method
searchsorted bug and fix
randint bug fix patch
a.is_c_array() mixed int/bool results
argsort of string arrays
III. CAUTIONS
1. This release is binary incompatible with numarray-1.0. Writers of
C-extensions which directly reference the byteoffset field of the
PyArrayObject should be aware that the data pointer is now the sum of
byteoffset and the buffer base pointer. All C extensions which use
the numarray C-API must be recompiled. This incompatibility was an
unfortunate consequence of the fix for "numeric compatibility
byteoffset".
Unfortunately, configure doesn't always manage to correctly pick up these
values from GREP and EGREP, so we pass them in as cached values. This way,
configure still doesn't always print them correctly, but they end up in
config.status, which is the end goal.
This solves the problem where on Solaris, configure detects the wrong grep
and worse still, fails to detect a suitable egrep at all.
1.51
======================
ADDED: Portuguese translation (thanks Bruno Queiros)
ADDED: Fn keys can have custom shortcuts
ADDED: krusader can be resized to a small size even with Fn keys showing
ADDED: Total-commander style refresh (at last)
ADDED: ctrl-up arrow (from the panel) goes up to the origin bar
ADDED: New commandline option: --profile <panel-profile>
ADDED: Heiner's selection mode patch. Still alpha.
ADDED: Ukrainian translation (thanks Ivan Petrouchtchak)
ADDED: disk usage tool (alpha version)
ADDED: vertical krusader: hit alt+ctrl+v to test
ADDED: extra information in the totals bar
FIXED: separators were not displayed in the bookmarks list
FIXED: deleting a folder didn't update the bottom stats correctly
FIXED: useraction: parse the default-value "__goto" again
FIXED: useraction: Crash when filename contained brackets '(...)'
FIXED: world-class-annoying-bug when sometimes while using quicksearch,
the file that was selected by quicksearch got hidden beneath the bar
FIXED: mime types are shown only in english
FIXED: when using quicksearch, current item wasn't visible
FIXED: a crash when packing/unpacking to partial URL
UPDATED: Dutch translation (thanks Frank Schoolmeesters)
UPDATED: Hungarian translation (thanks Arpad Biro)
UPDATED: German translation
