Changelog:
from http://owncloud.org/owncloud-4-0-1-release/
Verify if user exists when loggin (oc-863)
More efficient log file handling
PDO requirement check
Check if apps folder is writable
prevent division by zero problem during output of free space
better mysql error message
correctly configure ldap group backend (oc-887)
sort users and groups (oc-779)
LDAP. correctly handle group filter (oc-867)
try to switch magic quotes of globally
fix ategory error reporting (oc-874)
correctly handle reverse proxy / load balancer https handling
prevent session already started warning
fix the files breadcrumb
don¡Çt try to use smtp auth if config files says no
fix versioning path
security: fix a XSS problem in calendar
make LDAP pqsql compatible
fix pqsql database migration
fix ldap config interface
support for LDAP ¡Èmember¡É
don¡Çt hardcode /tmp
fix potential security problem for requested apps parameter
fix notes in contacts properly
fix timezone detection
fix interti_id in calendar
set DB prefix for pqsql
security: fix a XSS problem in contacts
correctly encode caldav link
allow longer path in gallery
disable not compatible apps during upgrade
fix HEAD request for downloads
fix private link sharing via email
use UTC as default timezone
style fixes for tasks app
* authpam.c (callback_pam): Call pam_end() after an authentication attempt.
* Makefile.am: Renamed authstaticlist.h to courierauthstaticlist.h, and
added it to the list of header files that 'make install' puts into
includedir.
* Fix gcc 4.6 warnings
* courier.spec.in: switch to systemd.
* Fix autoconf warnings.
* courier-authlib.spec: Make rmplint happy.
* rfc2045/rfc2045reply.c (mkreply): Fix copying of the contents of the
original message.
* msg2html.c (msg2html_download): rfc2231_udecodeDisposition() failure
is not fatal.
* cgi/cgi.c (cgiformdecode): Ditto.
* pcp/pcp.c (list_msg_mime): Ditto.
* liblock/mail.c (dotlock_exists): Handle getting here because of a
recycled pid.
* unicode/unicode.c (init_default_chset): Handle NULL from setlocale().
* rfc2045/reformime.c (main2): Fixed segfault on some arches from an
initial null given to strtok.
* rfc2045/reformime.c (main2): On ia64 and arm, argv is in readonly
memory.
* showmsg2html.c (error): Provide a definition for error().
* Fix gcc 4.6 warnings
* sqwebmail.spec.in: switch to systemd. Remove script used when
upgrading from ancient pre-sysconftool versions.
* Fix autoconf warnings.
* cone/gettext.C: gettext can't deal with literal ^Ds, so provide a
workaround: "\\D" literal.
* cone/cursesindexdisplay.C (drawLine): Misformatting of the date
column in some locales.
* rfc2045/rfc2045reply.c (mkreply): Fix copying of the contents of the
original message.
* rfc2045/reformime.c (do_print_info): rfc2231_udecodeDisposition()
failure is not fatal.
* rfc2045/reformime.c (get_suitable_filename): Ditto.
* rfc2045/reformime.c (main2): Fixed segfault on some arches from an
initial null given to strtok.
* mailbot: add "feedback" and "replyfeedback" formats, generating
RFC 5965-formatted feedback report. -a option attaches the entire
original message, instead of only its headers, for "replydsn",
"feedback", and "replyfeedback" formats.
* rfc2045/reformime.c (main2): On ia64 and arm, argv is in readonly
memory.
* imapd.c (main): Open IMAPDEBUGFILE only if it exists already.
(do_expunge): Optionally log deletions.
* pop3dserver.c (cleanup): Optionally log deletions.
* imapd.dist.in (IMAP_MOVE_EXPUNGE_TO_TRASH): Officially document how
IMAPDEBUGFILE works.
* imapscanclient.c: Postpone Y2038K for a while, for uid validities.
* liblock/mail.c (dotlock_exists): Handle getting here because of a
recycled pid.
* unicode/unicode.c (init_default_chset): Handle NULL from setlocale().
* rfc2045/reformime.c (main2): Fixed segfault on some arches from an
initial null given to strtok.
* rfc2045/reformime.c (main2): On ia64 and arm, argv is in readonly memory.
* pop3dserver.c (openpop3dlist): Try a few times to reopen pop3dsizelist
if it fails with ESTALE.
* pop3d.dist.in: Add AUTHSERVICE settings. They've been supported all along.
* Fix gcc 4.6 warnings
* courier-imap.spec.in: switch to systemd. Remove script used when
upgrading from ancient pre-sysconftool versions.
* Fix autoconf warnings.
* rfc2045mkboundary.c was broken in 0.68
Changes 0.68:
* rfc2045/rfc2045mkboundary.c (rfc2045_mk_boundary): truncate
the hostname portion of the boundary to 30 chars.
* courier/doc/courier.sgml: Remove descriptions of some configuration
files that were moved to the courier-authlib package a while ago.
They don't belong here any more.
* courier/submit.C: Use the authenticated address, instead of the
return address, for domain-based virtual configuration.
* courier/libs/cfilename.c (config_has_vhost): Checks whether
vhost.[ip] exists.
* courier/module.esmtp/courieresmtpd.c (main): Only set a message's
virtual host if vhost.[ip] exists.
* courier/module.esmtp/esmtpclient.c (get_sourceaddr): Make sure the
input buffer is null-terminated.
* courier/submit.C (getrcpts): If there's no vhost setting from the
sender's IP address (this includes local mail!) if vhost.domain exists,
use [domain] as the virtual host.
* Remove config_search(), which simply called config_localfilename().
Change all current callers to call config_localfilename().
* courier/libs/cfilename.c (config_set_local_vhost): saves a string
that gets appended as a suffix, by config_localfilename(), and if that
filename exists, that's returned as the filename, otherwise it's the
original string without the suffix. config_get_local_vhost() returns
the suffix string.
to config_set_local_vhost().
* courier/libs/comsubmitclient.c (submit_fork): If
config_get_local_vhost(), add a -vhost parameter to submit().
* courier/submit.C (cppmain): -vhost sets config_set_local_vhost().
* courier/submit2.C (closectl): New COMCTLFILE_VHOST parameter in the
config file, taken from the vhost setting.
* courier/libs/comctlfile.c (ctlfile_setvhost): If COMCTLFILE_VHOST is
set, call ctlfile_setvhost(), return an indication if the vhost has
changed. Absence of a COMCTLFILE_VHOST treated as a discrete "(null)"
setting.
* courier/module.esmtp/esmtpclient.c (esmtpchild): If ctlfile_setvhost()
then disconnect the current socket, if one is open.
* courier/module.esmtp/esmtpclient.c (get_sourceaddr): The IP address
specified in ipout or ip6out overrides SOURCE_ADDRESS and
SOURCE_ADDRESS_IPV6 environment variable.
* courier/module.local/localmail.c (main): Call ctlfile_setvhost().
* courier/module.uucp/uucp.c (uux): Call ctlfile_setvhost().
* courier/module.dsn/dsn.c (main): Call ctlfile_setvhost().
* liblock/mail.c (dotlock_exists): Quell a compiler warning.
* courier/courierd.dist.in SOURCE_ADDRESS: Add a note that this setting
is deprecated.
hex digits, so patching the makefile to compare it as decimal will
not work. Just patch out the test entirely, as pkgsrc guarantees
curl will always be present and the packaging is not equipped to
deal with this check failing anyhow.
Features:
* unbound-control forward_add, forward_remove, stub_add, stub_remove can modify stubs and forwards for running unbound they can also add and remove domain-insecure for the zone. This is to support reconfiguration of a DNSSEC validator on a computer that changes networks and has to enable new network config for the new location.
* new approach to NS fetches for DS lookup that works with cornercases, and is more robust and considers forwarders.
* contrib/validation-reporter follows rotated log file
* Applied patch for rrset-roundrobin and minimal-responses features (new options, enable in unbound.conf to use).
* ECDSA support (RFC 6605) by default. Use --disable-ecdsa for older openssl.
* Patch for access to full DNS packet data in unbound python module
* forward-first option. Tries without forward if a query fails. Also stub-first option that is similar.
Bug Fixes:
* Fix possible uninitialised variable in windows pipe implementation.
* Fix alignment problem in util/random on sparc64/freebsd.
* Fix for accept spinning reported by OpenBSD.
* Fix validation of nodata for DS query in NSEC zones
* [bugzilla: 444 ] Fix that setusercontext was called too late
* [bugzilla: 443 ] Fix --with-chroot-dir not honoured by configure.
* [bugzilla: 442 ] Fix that Makefile depends on pythonmod headers even using --without-pythonmodule.
* Fix to locate nameservers for DS lookup with NS fetches.
* Applied line-buffer patch from Augie Schwer to validation.reporter.sh.
* flush_infra cleans timeouted servers from the cache too.
* Fix from code review, if EINPROGRESS not defined chain if statement differently.
* [bugzilla: 434 ] Fix windows port to check registry for config file location for unbound-control.exe, and unbound-checkconf.exe.
* Fix to squelch 'network unreachable' errors from tcp connect in logs, high verbosity will show them.
* Fix prefetch and sticky NS ghost domain. It picks nameservers that 'would be valid in the future', and if this makes the NS timeout, it updates that NS by asking delegation from the parent again. If child NS has longer TTL, that TTL does not get refreshed from the lookup to the child nameserver.
* RT#2955 Fix for cygwin compilation.
* Slightly smaller critical region in one case in infra cache.
* Fix timeouts to keep track of query type, A, AAAA and other, if another has caused timeout blacklist, different type can still probe.
unit test fix for nomem_cnametopos.rpl race condition.
* fix memory leak in errorcase for DSA signatures.
* workaround for openssl 0.9.8 ecdsa sha2 and evp problem.
* fix for windows, rename() is not posix compliant on windows.
* iana portlist updated
Changelog:
* Security fixes can be found here
MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
MFSA 2012-39 NSS parsing errors with zero length items
MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
MFSA 2012-36 Content Security Policy inline-script bypass
MFSA 2012-34 Miscellaneous memory safety hazards
* The MAPIResolveName API has been added to Simple MAPI
interfaces which should improve interoperability (244222)
quagga installs man pages for several programs only if the programs
are built. This commit just moves some man pages to PLIST.v6 and
PLIST.opaquelsa.
No revbump because the package, if it built before, will be unchanged.
But now building with non-default options should work.
