in src/lib as that is the location it wants to pick it up. Work around
the dependencies in other places by symlinking to that, effectively
reverting the direction. Link telnet(d) consistently. Add DESTDIR support.
pkgsrc changes:
- Adjust dependencies
- Add license definition
Upstream changes:
***0.16 March 12, 2010
Feature: KEY inherits DNSKEY
This helps maintenance in one part of the code.
Feature: keylength methode rt.cpan.org #53468
Added keylength method for RSA and DSA
Acknowledgements Hugo Salgado
Fix: rt.cpan.org #51778
Empty bitmap would cause error about undefined ARRAY in NSEC/NSEC3.
Now the code will allow empty bitmaps gracefully
Feature: New Algorithm Support (rt.cpan.org #51092)
SHA2 algorithm support, including NSEC3 algorithm parameters updated
Acknowledgement Jakob Shlyter
Fix: rt.cpan.org #42089
NSEC3 Algorithm support in NSEC3 broken
patch by Wes Hardaker
pkgsrc changes:
- Adding license definition
- Adjusting dependencies
Upstream changes:
version 0.008; 2010-03-11
* bugfix: avoid memory leak when returning block to Perl space
* check for required Perl version at runtime
* in XS, avoid using "class" as a variable name, for compatibility
with C++ compilers
* in Build.PL, explicitly declare configure-time requirements
* remove bogus "exit 0" from Build.PL
* Fixed bug with reading gzipped aide.db files
* Removed dead ustat code
Version 0.13
* Added support for selinux and xattr attributes
* Added support for the Linux Audit System
* Fixed usage of libgcrypt instead of libmhash
* Added file locking for output files
* Fixed bugs
Version 0.12
* Fixed bugs
* Allow http/https/ftp URLs through libcurl
* Support posix_fadvice() to avoid caching files
Version 0.11
* Fixed many bugs
* Updated automake/autoconf scripts
* Use snprintf by Mark Martinec if not in C library
* Support for more (legacy) Unix systems and cygwin
* Open files with O_NOATIME on supported Linux systems
* Added I/ANF/ARF directives
Changes to 2.99.1/20100313
+ add functionality to parse basic signature subkeys
+ in doing so, add expiration of keys
+ at the same time, add revocation of keys
+ recognise the primary user id, and use it when displaying user ids
+ recognise self signed keys and subkeys
+ rework the indentation of output
+ add the --list-sigs [userid] option to netpgpkeys(1)
+ use memcmp(3) rather than strcmp(3) when checking binary user ids to
be exported
+ add expiration display to subkey signature output
+ update libnetpgp library version major number to 3
The Zone Key Tool consist of two commands:
* dnssec-zkt to create and list dnssec zone keys and
* dnssec-signer to sign a zone and manage the lifetime of the zone signing keys
Both commands are simple wrapper commands around the dnssec-keygen(8) and
dnssec-signzone(8) commands provided by BIND.
PKCS#11 interface. You can use it to explore PKCS#11 without having a
Hardware Security Module. It is being developed as a part of the OpenDNSSEC
project. SoftHSM uses Botan for its cryptographic operations.
While here,
* set LICENSE=gnu-gpl-v2
* marked as user-destdir installation ready
* switch to use system argp
* add missing zlib buildlink
News for the 2.0.4 release
Fixed x11 forwarding bug in the lsh client.
News for the 2.0.3 release
At startup, lshd now tries to close any spurious open file
descriptors. New test case for lshd fd leakage.
lshd --daemonic --no-syslog now sets up a proper daemonic
environment, except that log messages are still sent to
stderr. Improved testing of this feature.
This PAM module support authentication, authorization (account
management) and accounting (session management) performed using
TACACS+ protocol designed by Cisco.
pkgsrc changes:
- Add recommeded minimum version for Crypt::CBC dependency
Upstream changes:
2.12 04 Mar 2010
- updated Changes to mesh with revision.
2.11 Feb 2010
- patched _blowfish.c to stop spurious warnings.
- updated POD
instead of rolling a private _llseek syscall using now-nonexistent type
declarations; (2) as noted in PR 33893 use errno.h instead of "extern int
errno".
Changes to 1.99.20/20100304
+ move args to some functions around to be consistent
+ use uint*_t where appropriate
+ fix bug in verify memory
+ add documentation to manual pages to show how to do combined
signing/encryption and decryption/verification
+ make verification of ascii-armoured memory work the same as binary
+ eliminate use of strdup(3), strcasecmp(3), and strptime(3).
NetBSD/pkgsrc PR 42922 applies - need to define
_XOPEN_SOURCE and _BSD_SOURCE for newer linux platforms with
glibc 2.10.1. solved a bit differently, by implementing
strdup(3) and strcasecmp(3) independently, and using regexps
to avoid calling strptime(3).
2009-08-15 - 0.9.29
- Fixing crash bugs with PHP 5.3.0 caused by unexpected NULL in
EG(active_symbol_table)
- Added more compatible way to retrieve ext/session globals
- Increased default length and count limit for POST variables (for
people not reading docu)
2009-08-14 - 0.9.28
- Fixed crash bug with PHP 5.2.10 caused by a change in extension
load order of ext/session
- Fixed harmless parameter order error in a bogus memset()
- Disable suhosin.session.cryptua by default because of Internet
Explorer 8 "features"
- Added suhosin.executor.include.allow_writable_files which can be
disabled to disallow inclusion of files writable by the webserver
The OpenSSL project team is pleased to announce the release of
version 0.9.8m of our open source toolkit for SSL/TLS. This new
OpenSSL version is a security and bugfix release which implements
RFC5746 to address renegotiation vulnerabilities mentioned in
CVE-2009-3555. For a complete list of changes,
please see http://www.openssl.org/source/exp/CHANGES.
Major changes between version 1.7.2p3 and 1.7.2p4:
* Fix a bug that could allow users with permission to run sudoedit
to run arbitrary commands.
Major changes between version 1.7.2p2 and 1.7.2p3:
* Fix printing of entries with multiple host entries on a single line.
* Fix use after free when sending error messages via email.
* Use setrlimit64(), if available, instead of setrlimit() when
setting AIX resource limits since rlim_t is 32bits.
* Fix size arg when realloc()ing include stack.
* Avoid a duplicate fclose() of the sudoers file.
