A program that automatically queries the ARIN, RIPE, and APNIC
databases to obtain the registration information for a domain.
Package contributed by Mipam Ngarong <mipam@virginia.edu>
in pkg/12454, modified by me.
Changes in the package since version 3.1.1 (the last pkgsrc version):
=====================================================================
* tomcat is now always installed under ${PREFIX}/tomcat. Making
${TOMCAT_HOME} configurable added much complexity for not real
gain.
It had been my intention to aim for a hier(7) like install for
tomcat with this version, but at this point there are way to many
hard-coded relative paths (relative to tomcat.home) in tomcat,
and in addition, all of the (quite good, really) documentation
assumes the standard install paths.
Note that the previous default value of ${TOMCAT_HOME} was
${PREFIX}/jakarta/tomcat.
* an rc.subr compatible (but not requiring) startup script is now installed
as ${PREFIX}/etc/rc.d/tomcat.
* if Sun's JSSE (Java Secure Socket Extensions) is in ${CLASSPATH} when
the pkg is built, tomcat will be built with support for SSL in the
standalone server mode. This soft dependency will be replaced by a
hard dependency as soon as I get a chance to import a JSSE package
(soon).
* likewise, I will import an ap-jk package for the new apache connector
(mod_jk) soon. ap-jserv continues to be usable for this purpose.
Changes in tomcat itself since version 3.1.1:
=============================================
New in tomcat-3.2.1:
--------------------
Tomcat 3.2.1 is a maintenance and bug fix release, based on the Tomcat 3.2
(final) code base. The following changes are included:
- Disallowed requesting JSP pages under the WEB-INF directory
(/WEB-INF/dummy.jsp). Previously, only requests for static files
were being disallowed.
- The JDBCRealm request interceptor will now log the description of any
JDBC exception that occurs, to aid in debugging.
SECURITY VULNERABILITIES FIXED IN TOMCAT 3.2.1
(note that these fixes were also made to the tomcat-3.1 branch in tomcat 3.1.1)
Protection of Resources in /WEB-INF and /META-INF Directories
The servlet specification prohibits servlet containers from serving resources
in the /WEB-INF and /META-INF directories of a web application archive directly
to clients. In Tomcat 3.2, this means that URLs like:
http://localhost:8080/examples/WEB-INF/web.xml
will return an error message, rather than the contents of your deployment
descriptor. However, there is a vulnerability in Tomcat 3.2 that exposes
this information if the client requests a URL like this instead:
http://localhost:8080/examples//WEB-INF/web.xml
(note the double slash before "WEB-INF"). This vulnerability has been
corrected in Tomcat 3.2.1.
Show Source Vulnerability
The example application delivered with Tomcat 3.2 included a mechanism to
display the source code for the JSP page examples. This mechanism could
be used to bypass the restrictions on displaying sensitive information in
the WEB-INF and META-INF directories. This vulnerability has been removed.
New in tomcat-3.2:
------------------
Tomcat 3.2 is mainly a performance tune-up release, although a few new
features have been added.
- Support for mod_jk, which is a replacement to the elderly mod_jserv, has
had several bugs fixed and has received much more testing. It is now
recommended that all users use mod_jk instead of mod_jserv.
- Support JAXP-based XML parser independence.
- New and often requested "how-to" documents covering the following topics:
- Configuring workers.properties
- IIS and Netscape configuration
- Running tomcat inside an IIS or Netscape process
- Running Tomcat as a Windows NT service
- Configuring a JDBC realm
- Configuring mod_jk
- First round of policy-based security support intended for running untrusted
code inside of Tomcat. Interested users should test this support and post
feedback to the Tomcat users mailing list.
- SSL support for standalone Tomcat. (Preliminary support first appeared in
3.1, but the support in 3.2 has received more testing and documentation
support).
- Thread reuse is now enabled by default. The thread pool support code was part
of 3.1, but not enabled since it was new.
- Support for plug-able session managers. Unfortunately, no how-to documents
that support this functionality exist (yet). For the adventurous, be aware
that the interface that allows administrators to plug session managers is
the normal Interceptor interface.
- An almost total rewrite of the HTTP request handling now results in improved
performance when running Tomcat stand-alone.
- Significantly reduced garbage collection.
- The code underwent a refactoring effort resulting in improved readability.
- And of course, hundreds of miscellaneous improvements and fixes.
o add @exec/@unexecinstall-info directives to PLIST
o slightly change the path's for the documentation
(share/doc/octave instead of share/octave/doc etc.)
o install html docs into share/doc/html/octave
safetynet allows you to monitor and restart processes without having to
write large and complicated init scripts. The config file is easy to
understand and learn and you can have the whole script setup and running
in under 10m, so you can get on with doing more important things than
worrying if your ssh daemon is still running.
conflict with digest(1)'s manual page. The majordomo digest command
lives in libexec, anyway.
Bump version to majordomo-1.94.4nb1
Addresses PR 12385, from Jun-ichiro itojun Hagino
--- 9.1.1rc7 released ---
791. [bug] The control channel did not work over IPv6.
790. [bug] Wildcards created using dynamic update or IXFR
could fail to match. [RT #1111]
787. [bug] The DNSSEC tools failed to downcase domain
names when mapping them into file names.
786. [bug] When DNSSEC signing/verifying data, owner names were
not properly downcased.
--- 9.1.1rc6 released ---
785. [bug] A race condition in the resolver could cause
an assertion failure. [RT #673, #872, #1048]
784. [bug] nsupdate and other programs would not quit properly
if some signals were blocked by the caller. [RT #1081]
783. [bug] Following CNAMEs could cause an assertion failure
when either using an sdb database or under very
rare conditions.
780. [bug] Error handling code dealing with out of memory or
other rare errors could lead to assertion failures
by calling functions on unitialized names. [RT #1065]
first component is now a package name+version/pattern, no more
executable/patchname/whatnot.
While there, introduce BUILD_USES_MSGFMT as shorthand to pull in
devel/gettext unless /usr/bin/msgfmt exists (i.e. on post-1.5 -current).
Patch by Alistair Crooks <agc@netbsd.org>
even if they are not enabled in the category makefiles. This catches,
in particular, pkgtools/xpkgwedge which was missing before.
Thanks to Christoph Badura for noting this.
