Added
* none
Fixed
* crash at first startup
* support for Twitter API bug
* fire click even if too far location between a mousedown and a mousedown.
* not startup non-full-color environment
* remove a unwanted file
* crash at mis-extract bit.ly.
Changelog:
* Support short URI containing only video ID.
* Follow redirect in retriving watch page.
XXX At least on NetBSD 5.99.55, nicovide-dl hungs due to openssl issue.
* fixed a coredump in torrent on linux with a ppp interface.
* translation updated (ru).
Version 4.3.0 - 2011-06-17
* new command `attach' to control a backgrounded lftp.
* automatically fill torrent:ipv6 setting.
* slightly improved torrent status display.
* fixed reconnect interval (it was sometimes uninitialized).
* several fixes for the case of cmd:parallel>1
Bug Fixes:
* removed ldns-src tarball inside the unbound tarball.
* [bugzilla: 395 ]
fix that id bits of other query may leak out under conditions
* fix replyaddr count wrong after jostled queries, which leads to eventual starvation where the daemon has no replyaddrs left to use.
* fix that the listening socket is not closed when too many remote control connections are made at the same time.
* version number in example config file.
* fix that --enable-static-exe does not complain about it unknown.
* iana portlist updated
1.4.11:
Features:
* log-queries: yesno option, default is no, prints querylog.
* ignore-cd-flag: yesno to provide dnssec to legacy servers.
* Use -flto compiler flag for link time optimization, if supported.
* unbound-control has version number in the header, and uses port number registered with IANA, 8953.
Bug Fixes:
* Fix Makefile for U in environment, since wrong U is more common than deansification necessity.
* defense in depth against the assertion failure bug fixed in 1.4.10, an error is printed to log instead of an assertion failure.
* [bugzilla: 386 ]
--enable-allsymbols option links all binaries to libunbound and reduces install size significantly.
* Fix TTL of SOA so negative TTL is separately cached from normal TTL.
* configure created with newer autoconf 2.66.
* [bugzilla: 378 ]
Fix that configure checks for ldns_get_random presence.
* queries with CD flag set cause DNSSEC validation, but the answer is not withheld if it is bogus. Thus, unbound will retry if it is bad and curb the TTL if it is bad, thus protecting the cache for use by downstream validators.
* val-override-date: -1 ignores dates entirely, for NTP usage.
* harden-below-nxdomain: changed so that it activates when the cached nxdomain is dnssec secure. This avoids backwards incompatibility because those old servers do not have dnssec.
* statistics-interval prints the number of jostled queries to log.
* IPv6 service address for d.root-servers.net (2001:500:2D::D).
* updated ldns tarball to 1.6.10rc2 snapshot
* iana portlist updated.
* New example tool added: ldns-gen-zone.
* bugfix #359: Serial-arithmetic for the inception and expiration
fields of a RRSIG and correctly converting them to broken-out time
information.
* bugfix #364: Slight performance increase of ldns-verifyzone.
* bugfix #367: Fix to allow glue records with the same name as the
delegation.
* Fix ldns-verifyzone to allow NSEC3-less records for NS rrsets *and*
glue when the zone is opt-out.
* bugfix #376: Adapt ldns_nsec3_salt, ldns_nsec3_iterations,
ldns_nsec3_flags and ldns_nsec3_algorithm to work for NSEC3PARAMS too.
* pyldns memory leaks fixed by Bedrich Kosata (at the cost of a bit
performance)
* Better handling of reference variables in ldns_rr_new_frm_fp_l from
pyldns, with a very nice generator function by Bedrich Kosata.
* Decoupling of the rdfs in rrs in the python wrappers to enable
the python garbage collector by Bedrich Kosata.
* bugfix #380: Minimizing effect of discrepancies in sizeof(bool) at
build time and when used.
* bugfix #383: Fix detection of empty nonterminals of multiple labels.
* Fixed the ommission of rrsets in nsec(3)s and rrsigs to all occluded
names (in stead of just the ones that contain glue only) and all
occluded records on the delegation points (in stead of just the glue).
* Clarify the operation of ldns_dnssec_mark_glue and the usage of
ldns_dnssec_node_next_nonglue functions in the documentation.
* Added function ldns_dnssec_mark_and_get_glue as an real fast
alternative for ldns_zone_glue_rr_list.
* Fix parse buffer overflow for max length domain names.
* Fix Makefile for U in environment, since wrong U is more common than
deansification necessity.
==============================
Release Notes for Samba 3.3.16
July 26, 2011
==============================
This is a security release in order to address
CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).
o CVE-2011-2522:
The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 3.5.9 are affected by a cross-site request forgery.
o CVE-2011-2694:
The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 3.5.9 are affected by a cross-site scripting
vulnerability.
Please note that SWAT must be enabled in order for these
vulnerabilities to be exploitable. By default, SWAT
is *not* enabled on a Samba install.
Changes since 3.3.15
--------------------
o Kai Blin <kai@samba.org>
* BUG 8289: SWAT contains a cross-site scripting vulnerability.
* BUG 8290: CSRF vulnerability in SWAT.
==============================
Release Notes for Samba 3.5.10
July 26, 2011
==============================
This is a security release in order to address
CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).
o CVE-2011-2522:
The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 3.5.9 are affected by a cross-site request forgery.
o CVE-2011-2694:
The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 3.5.9 are affected by a cross-site scripting
vulnerability.
Please note that SWAT must be enabled in order for these
vulnerabilities to be exploitable. By default, SWAT
is *not* enabled on a Samba install.
Changes since 3.5.9:
--------------------
o Kai Blin <kai@samba.org>
* BUG 8289: SWAT contains a cross-site scripting vulnerability.
* BUG 8290: CSRF vulnerability in SWAT.
Lose the only patch, since upstream fixed the "test ==" bashisms.
Use curl to fetch distfile from https site
From the CHANGES file:
btpd 0.16:
----------
Misc:
- Added "start all" (start -a) command.
- Allow adding multiple torrents at once.
- Custom list formatting options.
- Man pages for btpd, btcli, and btinfo.
Bug fixes:
- Handle .torrent files larger than 2MB.
- http parsing and addrinfo freeing fixes.
The major changes since version 1.4.* are:
- Wireshark is now distributed as an installation package rather
than a drag-installer on OS X. The installer adds a startup
item that should make it easier to capture packets.
- Large file (greater than 2 GB) support has been improved.
- Wireshark and TShark can import text dumps, similar to
text2pcap.
- You can now view Wireshark's dissector tables (for example the
TCP port to dissector mappings) from the main window.
- Wireshark can export SSL session keys via File→Export→SSL
Session Keys...
- TShark can show a specific occurrence of a field when using
'-T fields'.
- Custom columns can show a specific occurrence of a field.
- You can hide columns in the packet list.
- Wireshark can now export SMB objects.
- dftest and randpkt now have manual pages.
- TShark can now display iSCSI, ICMP and ICMPv6 service response
times.
- Dumpcap can now save files with a user-specified group id.
- Syntax checking is done for capture filters.
- You can display the compiled BPF code for capture filters in
the Capture Options dialog.
- You can now navigate backwards and forwards through TCP and
UDP sessions using Ctrl+, and Ctrl+. .
- Packet length is (finally) a default column.
- TCP window size is now avaiable both scaled and unscaled. A
TCP window scaling graph is available in the GUI.
- 802.1q VLAN tags are now shown in the Ethernet II protocol
tree instead of a separate tree.
- Various dissectors now display some UTF-16 strings as proper
Unicode including the DCE/RPC and SMB dissectors.
- The RTP player now has an option to show the time of day in
the graph in addition to the seconds since beginning of
capture.
- The RTP player now shows why media interruptions occur.
- Graphs now save as PNG images by default.
- TShark can read and write host name information from and to
pcapng-formatted files. Wireshark can read it. TShark can dump
host name information via
[-z hosts]
.
- TShark's -z option now uses the
[-z <proto>,srt]
syntax instead of
[-z <proto>,rtt]
for all protocols that support service response time
statistics. This matches Wireshark's syntax for this option.
- Wireshark and TShark can now read compressed Windows Sniffer
files.
- New Protocol Support
ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing
Protocol, Broadcast/Multicast Control, Constrained Application
Protocol (COAP), Digium TDMoE, Erlang Distribution Protocol,
Ether-S-I/O, FastCGI, Fibre Channel over InfiniBand (FCoIB),
Gopher, Gigamon GMHDR, IDMP, Infiniband Socket Direct Protocol
(SDP), JSON, LISP Control, LISP Data, LISP, MikroTik MAC-Telnet,
MRP Multiple Mac Registration Protocol (MMRP) Mongo Wire Protocol,
MUX27010, Network Monitor 802.11 radio header, OPC UA
ExtensionObjects, openSAFETY, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD
Framing, RObust Header Compression (ROHC), RSIP, SAMETIME, SCoP,
SGSAP, Tektronix Teklink, USB/AT Commands, uTorrent Transport
Protocol, WAI authentication, Wi-Fi P2P (Wi-Fi Direct)
- New and Updated Capture File Support
Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP
OpenVMS TCPTrace, IPFIX (the file format, not the protocol),
Lucent/Ascend debug, Microsoft Network Monitor, Network
Instruments, TamoSoft CommView
- Bug Fixes
- The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o The Lucent/Ascend file parser was susceptible to an infinite
loop.
Versions affected: 1.2.0 to 1.2.17, 1.4.0 to 1.4.7, and 1.6.0.
CVE-2011-2597
o The ANSI MAP dissector was susceptible to an infinite loop.
(Bug 6044)
Versions affected: 1.4.0 to 1.4.7, and 1.6.0.
CVE-2011-????
- The following bugs have been fixed:
o TCP dissector doesn't decode TCP segments of length 1. (Bug
4716)
o Wireshark 1.4.0rc1 and python - spurious message. (Bug 4878)
o Missing LUA function. (Bug 5006)
o Lua API description about creating a new Tvb from a bytearray
is not correct in wireshark's user guide. (Bug 5199)
o sflow decode error for some extended formats. (Bug 5379)
o White space in protocol field abbreviation causes runtime
failure while registering Lua dissector. (Bug 5569)
o "File not found" box uses wrong filename encoding. (Bug 5715)
o capinfos: #ifdef HAVE_LIBGCRYPT block includes a line too
many. (Bug 5803)
o Wireshark crashes if Lua contains "Pref.range()" with missing
arguments. (Bug 5895)
o The "range" field in Lua's "Pref.range()" serves as default
while the "default" field does nothing. (Bug 5896)
o Wireshark crashes when calling TreeItem:set_len() on TreeItem
without tvb. (Bug 5941)
o TvbRange_string(lua_State* L) call a wrong function. (Bug
5960)
o VoIP call flow graph displays BICC APM as a BICC ANM. (Bug
5966)
o H323 rate multiplier wrong. (Bug 6009)
o tshark crashes when loading Lua script that contains GUI
function. (Bug 6018)
o 802.11 Disassociation Packet's "Reason Code" field is
imprecisely decoded/described. (Bug 6022)
o Wireshark crashes when setting custom column's field name with
conditional. (Bug 6028)
o GTS Descriptor count limited to 3 instead of 7. (Bug 6055)
o The SSL dissector can not resemble correctly the frames after
TCP zero window probe packet. (Bug 6059)
o Packet parser takes too long for this trace. (Bug 6073)
o 802.11 Association Response Packet's "Status Code" field is
imprecisely decoded/described. (Bug 6093)
o Wireshark 1.6.0 and Python support: installer fails to create
the wspy_dissectors subdirectory and . (Bug 6110)
o Wireshark crash during RTP stream analysis. (Bug 6120)
o Tshark custom columns: Why don't I get an error message? (Bug
6131)
- Updated Protocol Support
ANSI MAP, GIOP, H.323, IEEE 802.11, MSRP, RPCAP, sFlow, TCP,
- New and Updated Capture File Support
Lucent/Ascend.
2011-03-24 Bob Halley <halley@dnspython.org>
* dns/rdata.py (Rdata._wire_cmp): We need to specify no
compression and an origin to _wire_cmp() in case names in the
rdata are relative names.
* dns/rdtypes/ANY/SIG.py (SIG._cmp): Add missing 'import struct'.
Thanks to Arfrever Frehtes Taifersar Arahesis for reporting the
problem.
2011-03-24 Bob Halley <halley@dnspython.org>
* (Version 1.9.3 released)
2011-03-22 Bob Halley <halley@dnspython.org>
* dns/resolver.py: a boolean parameter, 'raise_on_no_answer', has
been added to the query() methods. In no-error, no-data
situations, this parameter determines whether NoAnswer should be
raised or not. If True, NoAnswer is raised. If False, then an
Answer() object with a None rrset will be returned.
* dns/resolver.py: Answer() objects now have a canonical_name field.
2011-01-11 Bob Halley <halley@dnspython.org>
* Dnspython was erroneously doing case-insensitive comparisons
of the names in NSEC and RRSIG RRs. Thanks to Casey Deccio for
reporting this bug.
2010-12-17 Bob Halley <halley@dnspython.org>
* dns/message.py (_WireReader._get_section): use "is" and not "=="
when testing what section an RR is in. Thanks to James Raftery
for reporting this bug.
2010-12-10 Bob Halley <halley@dnspython.org>
* dns/resolver.py (Resolver.query): disallow metaqueries.
* dns/rdata.py (Rdata.__hash__): Added a __hash__ method for rdata.
2010-11-23 Bob Halley <halley@dnspython.org>
* (Version 1.9.2 released)
2010-11-23 Bob Halley <halley@dnspython.org>
* dns/dnssec.py (_need_pycrypto): DSA and RSA are modules, not
functions, and I didn't notice because the test suite masked
the bug! *sigh*
2010-11-22 Bob Halley <halley@dnspython.org>
* (Version 1.9.1 released)
2010-11-22 Bob Halley <halley@dnspython.org>
* dns/dnssec.py: the "from" style import used to get DSA from
PyCrypto trashed a DSA constant. Now a normal import is used
to avoid namespace contamination.
2010-11-20 Bob Halley <halley@dnspython.org>
* (Version 1.9.0 released)
2010-11-07 Bob Halley <halley@dnspython.org>
* dns/dnssec.py: Added validate() to do basic DNSSEC validation
(requires PyCrypto). Thanks to Brian Wellington for the patch.
* dns/hash.py: Hash compatibility handling is now its own module.
2010-10-31 Bob Halley <halley@dnspython.org>
* dns/resolver.py (zone_for_name): A query name resulting in a
CNAME or DNAME response to a node which had an SOA was incorrectly
treated as a zone origin. In these cases, we should just look
higher. Thanks to Gert Berger for reporting this problem.
* Added zonediff.py to examples. This program compares two zones
and shows the differences either in diff-like plain text, or
HTML. Thanks to Dennis Kaarsemaker for contributing this
useful program.
2010-10-27 Bob Halley <halley@dnspython.org>
* Incorporate a patch to use poll() instead of select() by
default on platforms which support it. Thanks to
Peter Schüller and Spotify for the contribution.
2010-10-17 Bob Halley <halley@dnspython.org>
* Python prior to 2.5.2 doesn't compute the correct values for
HMAC-SHA384 and HMAC-SHA512. We now detect attempts to use
them and raise NotImplemented if the Python version is too old.
Thanks to Kevin Chen for reporting the problem.
* Various routines that took the string forms of rdata types and
classes did not permit the strings to be Unicode strings.
Thanks to Ryan Workman for reporting the issue.
* dns/tsig.py: Added symbolic constants for the algorithm strings.
E.g. you can now say dns.tsig.HMAC_MD5 instead of
"HMAC-MD5.SIG-ALG.REG.INT". Thanks to Cillian Sharkey for
suggesting this improvement.
* dns/tsig.py (get_algorithm): fix hashlib compatibility; thanks to
Kevin Chen for the patch.
* dns/dnssec.py: Added key_id() and make_ds().
* dns/message.py: message.py needs to import dns.edns since it uses
it.
2010-05-04 Bob Halley <halley@dnspython.org>
* dns/rrset.py (RRset.__init__): "covers" was not passed to the
superclass __init__(). Thanks to Shanmuga Rajan for reporting
the problem.
2010-03-10 Bob Halley <halley@dnspython.org>
* The TSIG algorithm value was passed to use_tsig() incorrectly
in some cases. Thanks to 'ducciovigolo' for reporting the problem.
Changes:
added
* none
fixed
* On icons of voter, screen_name is not shown in tip help. And user profile is
not shown on click.
* Wheel scroll does not work on follow/follower list.
* at fire /statuses/update, with include_entities=1, so that own tweet with
entity.
* correct index with counting escaped string in an appropriate manner (wip)
* crash when retweet at the tweet is removed from TL.
libtrace 3.0.10 (2011-03-11)
Bug Fixes
Improvements
* Significantly improved performance of libtrace event API
* Transport headers and payload length are now cached for each
packet, saving time on subsequent lookups
libtrace 3.0.9 (2011-01-25)
Bug Fixes
Improvements
* tracesplit can now accept multiple input URIs which are read in turn
libtrace 3.0.8 (2010-12-03)
Bug Fixes
New Features
* Added a new API function called trace_get_payload_length() that returns
the length of the original payload content (i.e. the size of the
post-transport header payload prior to any snapping)
Improvements
* Added IPv6 and IPv6 fragmentation header decoders to libpacketdump
* traceanon can now read cryptopan keys from a file
Changelog:
1.12.0
Changes
-------
* Use ServerStat to find faster server. This is useful when several
downloads were started in parallel, but one download is slow and
the other downloads have completed. Then aria2 knows which servers
are fast by the results of completed downloads, and check the
available URIs of slow downloads to see faster server is available
there. If so, use it instead of current slow one to make download
faster.
* Added Russian translation of man page and HTML manual contributed
by ITriskTI.
* Added aria2.getGlobalStat RPC method. It returns overall
download/upload speed and the number of active/stopped/waiting
downloads.
* Added --pause option. This option pauses download after
added. This option is effective only when --enable-rpc=true is
given. When --save-session option is used and there are paused
downloads, they are saved with --pause=true so that it will become
paused state when the session is recovered.
* Abort aria2 if it could not setup any RPC server.
* Added --truncate-console-readout option. This option truncates
console readout to fit in a single line. This is default. Give
false value to this option to tell aria2 not to truncate console
readout.
* Cache and reuse RpcMethod objects.
* Allowed missing params in system.multicall RPC method.
* Added --stream-piece-selector option. This option specifies piece
selection algorithm used in HTTP/FTP download. Piece means fixed
length segment which is downloaded in parallel in segmented
download. If 'default' is given, aria2 selects piece so that it
reduces the number of establishing connection. This is reasonable
default behaviour because establishing connection is an expensive
operation. If 'inorder' is given, aria2 selects piece which has
minimum index. Index=0 means first of the file. This will be useful
to view movie while downloading it. --enable-http-pipelining option
may be useful to reduce reconnection overhead. Please note that
aria2 honors --min-split-size option, so it will be necessary to
specify a reasonable value to --min-split-size option.
* Removed unnecessary template parameter from std::make_pair call.
The patch was contributed from Dan Fandrich.
* Implemented fast file allocation in MinGW32 build. We use
SetFilePointerEx and SetEndOfFile to allocate extents. This only
works with NTFS. To enable this feature, --file-allocation=falloc
must be given.
* Only percent-encode non-printable ASCII chars(0x00-0x1f), non-ASCII
chars(>0x7f), ' ', '"', '<' and '>' for URIs supplied by user and
remote server(usually Location header field).
* Don't throw exception if Z_BUF_ERROR is encountered in GZipEncoder.
This fixed the bug that compressed RPC request failed.
* Don't save removed download in --save-session text file. Now stat
column of removed downloads in Download Results is 'RM' instead of
INPR.
1.11.2
Changes
-------
* Updated Japanese, Spanish and Simplified Chinese translation.
Thanks to all translators.
* Eliminated few seconds delay when downloads stop or pause.
* Added --metalink-base-uri option. --metalink-uri option specifies
base URI to resolve relative URI in metalink file stored in local
disk. If URI points to a directory, URI must end with '/'.
* Run batch file with cmd.exe. Quoted user command. It seems that we
have to specify the full path to cmd.exe in the first argument of
CreateProcess() to run batch file in proper manner. We first
determine the full path to cmd.exe. To do this, we get windir
environment variable and concatenate it with "\system32\cmd.exe".
* Fixed the bug that the message "Loaded cookies from ..." appears
when loading cookies from that file failed.
* Applied patch from Dan Fandrich. This patch fixes compatibility
issue when compiling aria2 on older systems.
* Support relative URI in Metalink file. If relative URI is found in
Metalink file, aria2 resolves its full URI contatenating the URI
from which Metalink file is retrieved and relative URI in Metalink
file. This feature is not available if Metalink file in local disk
is specified in command line.
* Erase user and password specified in command-line from argv. The
user and password is masked with '*'.
* If no data type tag is used in XML-RPC, treat the data as string.
Changes:
added
* none
fixes
* rare crash at startup
* all process invoked by mikutter will be zombie
* crash with replying to deleted tweets
* rare crash at deleting own tweets
== 2.3 ==
2.3.1.1 Sun Jun 19 2011 Toni Gundogdu
Fixes:
- Missing details in --help output
2.3.1 Sat Jun 18 2011 Toni Gundogdu
Changes:
- Add --query-formats, deprecate "--format list"
- Detect quvi and/or download command from $PATH
- In the absence of --quvi and/or --get-with
- Bump quvi prerequisite to 0.2.17
- Revise manual
* Don't define ENABLE_PUSH_PEER_INFO if SSL is not available
* Fix compiling issues with pkcs11 when --disable-management is configured
* Remove support for Linux 2.2 configuration fallback
* Fix compile issues when using --enable-small and
--disable-ssl/--disable-crypto
* Fix 2.2.0 build failure when management interface disabled
* Added info about --show-proxy-settings
* Documented --x509-username-field option
* Updated "easy-rsa" for OpenSSL 1.0.0
* Fixes to easy-rsa/2.0
* Made domake-win builds to use easy-rsa/2.0/openssl-1.0.0.cnf
* Fix a build-ca issue on Windows
* Fix issues with some older GCC compilers
* Fix segfault when typing invalid oid number
Changes 0.4.2:
* Fix spurious autoscrolling
Changes 0.4.1:
* Code cleanup, get rid of some deprecated components
* Support saving of window size
* Support more oid types/input conventions
Changes 0.4.0:
* New maintainer
* Upgrade to gtk2
* Improve autodetection of oid type (now supports unsigned, etc.)
* Handle gui events while performing long tasks
* Put scrollbars on the right side
* Make output wrapping configurable
The package name was selected as:
- Make sure to greater version from bind-9.6.3.
- Include "ESV" (Extended Support Version) string.
Since changes from BIND 9.6.3 are too may, please refer changes in detail:
ftp://ftp.isc.org/isc/bind/9.6-ESV-R4/CHANGES
ftp://ftp.isc.org/isc/bind/9.6-ESV-R4-P1/RELEASE-NOTES-BIND-9.6-ESV-R4-P1.html
ftp://ftp.isc.org/isc/bind/9.6-ESV-R4-P3/RELEASE-NOTES-BIND-9.6-ESV-R4-P3.html
--- 9.7.3-P3 released ---
3124. [bug] Use an rdataset attribute flag to indicate
negative-cache records rather than using rrtype 0;
this will prevent problems when that rrtype is
used in actual DNS packets. [RT #24777]
--- 9.7.3-P2 released (withdrawn) ---
3123. [security] Change #2912 exposed a latent flaw in
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777]
Introduction
BIND 9.8.0-P4 is security patch for BIND 9.8.0.
Please see the CHANGES file in the source code release for a complete
list of all changes.
--- 9.8.0-P4 released ---
3124. [bug] Use an rdataset attribute flag to indicate
negative-cache records rather than using rrtype 0;
this will prevent problems when that rrtype is
used in actual DNS packets. [RT #24777]
--- 9.8.0-P3 released (withdrawn) ---
3126. [security] Using DNAME record to generate replacements caused
RPZ to exit with a assertion failure. [RT #23766]
3125. [security] Using wildcard CNAME records as a replacement with
RPZ caused named to exit with a assertion failure.
[RT #24715]
3123. [security] Change #2912 exposed a latent flaw in
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777]
3115. [bug] Named could fail to return requested data when
following a CNAME that points into the same zone.
[RT #2445]
---
Release messages:
The RabbitMQ team is pleased to announce the release of RabbitMQ 2.1.1.
This release fixes a number of bugs and introduces some enhancements,
including exchange to exchange bindings and some performance improvements,
in the server and clients.
The RabbitMQ team is pleased to announce the release of RabbitMQ 2.2.0.
This release fixes a number of bugs and introduces some enhancements,
including automatic upgrades of non-clustered brokers, per-queue message
TTLs and significantly reduced memory usage for pending acknowledgements.
Perfectly timed one day before the start of the year of the Rabbit,
the RabbitMQ team is pleased to announce the release of RabbitMQ 2.3.0.
This release fixes a number of bugs and introduces some enhancements,
including streaming publish confirmations, new plugin mechanisms for
authentication and authorisation, and a great deal more.
The RabbitMQ team is pleased to announce the release of RabbitMQ 2.3.1.
This release fixes a small number of bugs, in particular one serious bug
in 2.3.0 which could lead to queue processes crashing.
The RabbitMQ team is delighted to announce the release of RabbitMQ 2.4.0.
This release fixes a number of bugs and introduces some enhancements,
including fast routing for topic exchanges, sender-selected distribution
and server-side consumer cancellation notifications.
The RabbitMQ team is delighted to announce the release of RabbitMQ 2.4.1.
This release fixes a number of bugs, in particular one bug in 2.4.0 that
would break upgrades if durable queues were present. A notable enhancement
included in this release are cluster upgrades.
The RabbitMQ team is delighted to announce the release of RabbitMQ 2.5.0.
This release fixes a number of bugs. In particular:
recovery has been simplified, improving startup times when many exchanges
or bindings exist
bindings are recovered between durable queues and non-durable exchanges
on restart of individual cluster nodes
better performance under high load and memory pressure
source compatibility with the new Erlang R14B03 release
New features include:
tracing facility for debugging incoming and outgoing messages, (see firehose)
improved inbound network performance
improved routing performance
new rabbitmqctl commands ('report', 'environment', and 'cluster_status')
The RabbitMQ team is pleased to announce the release of RabbitMQ 2.5.1.
This release correctly upgrades from RabbitMQ 2.1.1 and 2.2.0.
There are no other changes compared with 2.5.0.
Added
* resume last retrieved follow/follower at startup.
Fixes
* only get last 200 follow/follower.
* crash when leaving a tweet selected.
* crash if failed to extract URL.
* rare crash at startup.
