(pointed out by aniou@ircnet).
The problem is avoided by not declaring in make.h if defined(HAVE_UNISTD_H).
(I wish people would actually use configure's findings after it spent several
billions(en_US) of CPU cycles computing them.)
changes:
-Fix a heap overflow (probably allows remote code execution)
(CVE-2011-0427)
-Prevent a denial-of-service attack by disallowing any
zlib-compressed data whose compression factor is implausibly
high
-Zero out a few more keys in memory before freeing them
-bugfixes
-Update to the January 1 2011 Maxmind GeoLite Country db
-Introduce output size checks on all of our decryption functions
0.65.0:
I have just uploaded the archives for a new luatex release, 0.65.0.
This release mostly fixes a number of bugs, but it also deprecates
a number of existing lua and macro commands. Please read the News
section carefully if you are the current maintainer of a luatex
macro package.
News:
* The Aleph and Omega version primitives are deprecated.
* The Apple Snow Leopard Truetype font collections now work
properly.
* Libpng has been updated to 1.4.4, and zlib to 1.2.5.
* New lua functions node.next() and node.prev().
* The already deprecated for some time node.protrusion_skipable()
function has been removed.
* fontloader.apply_featurefile() and
fontloader.apply_afmfile() now return nil,<errortable> on failure.
* The various node list fields in the lua node interface have
been renamed from 'list' to 'head', e.g. tex.box[0].head,
and the 'list' name is deprecated. For now, the deprecation
is silent, as 'list' will stay for quite some time. Please
update your lua source as soon as possible, though.
* The call node.type(<node>) now returns "node". The existing
functionality is otherwise unchanged.
* Luafilesystem has been updated to 1.5.0. NOTE: there is an
incompatible change in the directory iterator method.
* The restriction on linebreak_filter has been eased: at least one
horizontal box should be returned, but that is not necessarily
the last node any more.
* Backward compatibility has been restored for \meaning\mathchar
* node.first_character() has been renamed to node.first_glyph()
to better match its actual functionality.
* The \Umathaccent primitive now supports both/bottom keywords,
and \Umathbotaccent / \Umathaccents are now deprecated.
* The \Umathaccent primitive now also supports the fixed keyword,
which supports non-growing math accents even if the font says
there are extensible variants.
* Ongoing work on the epdf library.
0.64.0:
I have just uploaded the archives for a new luatex release, 0.64.0.
This is a development release, but it also fixes a few rather
annoying bugs in 0.63.0.
News:
* New lua functions pdf.refobj(), pdf.maxobjnum() and pdf.objtype()
* New lua function node.is_node()
* The max_strings configuration variable's maximum value is
raised to be identical to texlive's maximum (2097151), and
same for param_size (32767).
* The embedded mplib is now 1.503.
* Minor cleanups in the output of fontloader.to_table():
- removed out-of-range altuni's from the output
- don't dump the extra encodings, just the actual font encoding
- export the encoding's name also as 'enc_name' at one level up
- no longer exporting unset macstyles, nor zero uniqueids
- fix creationtime and modification time
* Ongoing work on the epdf library
Bugfixes:
* Fix a bug where an explicit hyphen prevented hyphenation for the
whole rest of the paragraph
* Internal font copying forgot to copy the last font dimen
* os.selfdir() is now documented
* patch quad (\fontdimen6) in \letterspacefont to be compatible
with pdftex
* Multi-page pdf inclusion was very slow in 0.63.0
* Some extra checks added to the handling of glue_spec node
objects in lua code.
* Some node.prev pointers have been corrected (but this is not
quite finished).
* A small fix to lpeg 0.9.
The release of Asterisk 1.8.2 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* 'sip notify clear-mwi' needs terminating CRLF.
(Closes issue #18275. Reported, patched by klaus3000)
* Patch for deadlock from ordering issue between channel/queue locks in
app_queue (set_queue_variables).
(Closes issue #18031. Reported by rain. Patched by bbryant)
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Fix reloading of peer when a user is requested. Prevent peer reloading from
causing multiple MWI subscriptions to be created when using realtime.
(Closes issue #18342. Reported, patched by nivek.)
* Fix XMPP PubSub-based distributed device state. Initialize pubsubflags to 0
so res_jabber doesn't think there is already an XMPP connection sending
device state. Also clean up CLI commands a bit.
(Closes issue #18272. Reported by klaus3000. Patched by Marquis42)
* Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of
setting peer->cdr = NULL, set it to not post.
(Closes issue #18415. Reported by macbrody. Patched, tested by jsolares)
* Fixes issue with outbound google voice calls not working. Thanks to az1234
and nevermind_quack for their input in helping debug the issue.
(Closes issue #18412. Reported by nevermind_quack. Patched by dvossel)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2
FOP is a print formatter driven by XSL formatting objects (XSL-FO).
It is a Java application that reads a formatting object (FO) tree
and renders it into a specified output.
Many output formats are supported, including PDF, PS, PCL, AFP, XML,
Print, AWT, Tiff, PNG, RTF, TXT. The primary output target is PDF.
The release of Asterisk 1.6.2.16 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Fix cache of device state changes for multiple servers.
(Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested
by russellb)
* Resolve issue where channel redirect function (CLI or AMI) hangs up the call
instead of redirecting the call.
(Closes issue #18171. Reported by: SantaFox)
(Closes issue #18185. Reported by: kwemheuer)
(Closes issue #18211. Reported by: zahir_koradia)
(Closes issue #18230. Reported by: vmarrone)
(Closes issue #18299. Reported by: mbrevda)
(Closes issue #18322. Reported by: nerbos)
* Linux and *BSD disagree on the elements within the ucred structure. Detect
which one is in use on the system.
(Closes issue #18384. Reported, patched, tested by bjm, tilghman)
* app_followme: Don't create a Local channel if the target extension does not
exist.
(Closes issue #18126. Reported, patched by junky)
* Revert code that changed SSRC for DTMF.
(Closes issue #17404, #18189, #18352. Reported by sdolloff, marcbou. rsw686.
Tested by cmbaker82)
* Resolve issue where REGISTER request with a Call-ID matching an existing
transaction is received it was possible that the REGISTER request would
overwrite the initreq of the private structure.
(Closes issue #18051. Reported by eeman. Patched, tested by twilson)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.16
