1.6.8p7 include:
562) Fixed noexec functionality on Linux.
564) Fixed a bug that prevented Heimdal authentication from working.
566) A sudoers entry with sudo ALL no longer overwrites the value of
safe_cmnd. This fixes the privilege escalation vulnerability
noted in http://www.courtesan.com/sudo/alerts/path_race.html
http://svn.edgewall.com/repos/trac/tags/trac-0.8.4
Upstream changelog:
* Fixed file upload vulnerability. Trac could be tricked into
uploading files outside the environment directory. All users
are recommended to upgrade. Vulnerability found by the Hardened-PHP
project.
Thanks adrianp@NetBSD.org for the heads-up.
"-mcpu=<cpu>" into the compiler options. This should allow this
package to build on platforms that GCC does not yet recognize as a
cpu-type for which it can optimize, e.g "x86_64".
files are only built and installed if "opt" is passed as a build
target. This fixes installation on platforms on which the native-code
compiler is not supported, e.g. NetBSD/amd64.
at any directories starting with ${WRKDIR}. This fixes the various
netsaint plugin scripts that had hardcoded ${WRKDIR} paths to tools.
Bump the PKGREVISION to 8.
audio/libvisual-plugins
editors/vigor
print/chktex
security/nessus-plugins
www/screws
after fixing problems with paths to the build directories being included
in the packages.
Patch-aa is no longer necessary (creation of correct symlinks to
"razor-client").
This release fixes two recently discovered DoS vulnerabilities: Certain
HTML messages could crash the process and a bug sometimes caused server
discovery to go into an infinite loop.
Changes since version 2.67
==========================
2.72 (June 16, 2005)
+ "razor-client" no longer creates symlinks to itself
upon installation; four new scripts have been added to
the distribution to replace this functionality
("razor-admin", "razor-check", "razor-report",
"razor-revoke").
2.71 (June 15, 2005)
+ A fix to Makefile.PL script to correctly invoke
"razor-client" after installation. Thanks to Liam
Quinn for the patch.
2.70 (June 10, 2005)
+ Fixed preprocessing of unusual HTML messages. This
resolves the segfault issue in razor-agents. [Bug
#1001417]
+ Fixed handling of certain malformed headers.
+ Explicitly specify the record separator as "\n" when
reading files, to ensure that someone else hasn't set
it to undef. [Patch #537813]
+ "razorzone" is no longer supported and has been
removed from the documentation.
+ Allow the config file to set razorhome. [Bug
#1074391]
+ Razor Agents no longer go into an infinite loop when
discovery fails. [Bug #1016039]
+ Properly creates "razor-*" symlinks after installa-
tion. [Bug #874468]
+ Default to PERLPREFIX instead of PREFIX when
installing man5 pages. [Bug #1001320]
+ Removed a call to $sha1->reset() which was breaking
SHA1 calculation. [Bug #1004858]
+ "use_engines" is no longer supported and has been
removed from the documentation. [Bug #1120311]
+ Shuffle the discovery, catalogue, and nomination
server lists after loading them from disk; this pre-
vents razor-agents from always starting with the same
catalogue server.
+ Replace the complex DNS lookup logic for discovery
servers with a single DNS round robin. [Bug #604679]
+ Remove the ICMP ping logic for finding the "fastest"
catalogue server; the configuration option for this
logic is now ignored. [Support #739464]
+ Removed stale engine code for various signature types
that are no longer used.
This solves the update request in PR pkg/30452.
No pkgsrc related changes. This release fixes a recently reported DoS
vulnerability.
Highlights of the release
-------------------------
- Certain invalid "Content-Type" headers would cause SpamAssassin to
incorrectly process parts of the message.
- Certain long message headers could cause slowness when parsing the message.
- Added in SURBL JP list.
- URI anti-obfuscation updates.
- Additional bug fixes.
- Fix security problem up fixed by 2.2.12 and recent problem reported
by CAN-2004-1154.
- pkgsrc changes:
* Overhaul pkgsrc structure (as net/samba).
* Adapt PKG_OPTIONS frame work.
* Add support for winbind (not tested).
* Add SAMBA_USER/SAMBA_GROUP for default user.
* move codepages directory from share/samba to lib/samba.
