Google Croscore fonts package contains a collections of fonts that
offers improved on-screen readability characteristics and the
pan-European WGL character set and solves the needs of developers
looking for width-compatible fonts to address document portability
across platforms.
changes:
The following bugs have been fixed:
-showing Malformed Packets H263-1996 (RFC2190).
-Wireshark could crash while trying to open an rpcap: URL.
Updated Protocol Support: H.263
changes:
Fixes: CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, CVE-2011-3936,
CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947
Several security issues that dont have CVE numbers.
and about 150 bugfixes
Bugs Fixed
* Security Fix: Bug 59533 was fixed.
* Performance: Partitioning: InnoDB Storage Engine: The statistics used by the
optimizer for queries against partitioned InnoDB tables were based only on the
first partition of each such table, leading to use of the wrong execution
plan.
* References: This bug was introduced by Bug 11756867.
* Performance: InnoDB Storage Engine: Improved the performance of the DROP TABLE
statement for InnoDB tables, especially on systems with a large buffer pool.
The fix speeds up the processing for freeing entries in the adaptive hash
index.
* InnoDB Storage Engine: Deleting a huge amount of data from InnoDB tables
within a short time could cause the purge operation that flushes data from the
buffer pool to stall. If this issue occurs, restart the server to work around
it. This issue is only likely to occur on 32-bit platforms.
* InnoDB Storage Engine: If the server crashed during a TRUNCATE TABLE or CREATE
INDEX statement for an InnoDB table, or a DROP DATABASE statement for
a database containing InnoDB tables, an index could be corrupted, causing an
error message when accessing the table after restart:
InnoDB: Error: trying to load index index_name for table table_name
InnoDB: but the index tree has been freed!
In MySQL 5.1, this fix applies to the InnoDB Plugin, but not the built-in
InnoDB storage engine.
* InnoDB Storage Engine: When data was removed from an InnoDB table, newly
inserted data might not reuse the freed disk blocks, leading to an unexpected
size increase for the system tablespace or .ibd file (depending on the
setting of innodb_file_per_table. The OPTIMIZE TABLE could compact a .ibd file
in some cases but not others. The freed disk blocks would eventually be
reused as additional data was inserted.
More...
(CVE-2012-0845 is already fixed in pkgsrc)
What's New in Python 3.1.5?
===========================
*Release date: 2012-04-08*
Core and Builtins
-----------------
- Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED
environment variable, to provide an opt-in way to protect against denial of
service attacks due to hash collisions within the dict and set types. Patch
by David Malcolm, based on work by Victor Stinner.
Library
-------
- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash
table internal to the pyexpat module's copy of the expat library to avoid a
denial of service due to hash collisions. Patch by David Malcolm with some
modifications by the expat project.
- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
SimpleXMLRPCServer upon malformed POST request.
- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
IV attack countermeasure.
- Issue #11603: Fix a crash when __str__ is rebound as __repr__. Patch by
Andreas Stührk.
Upstream changes:
-----------------
## 2.12.0 / April 13 2012
This release revserts the very verbose logging introduced in the previous
version, it also enables a handful of power-user features which are largely
un-documented, but shouldn't be important unless you are looking for them.
Undocumented code shouldn't scare you, simply read through deploy.rb in the Gem
if you want to know how a new feature works!
* Update mapped commands to remove symlink deprecation warning. Despo Pentara
(despo)
* Add the "rpm" remote dependency. Nick Hoffman (nickhoffman)
* Add commented deploy:cleanup task to default recipe. Jean-Philippe Doyle
(j15e)
* Teach deploy:web:enable to fail gracefully. Lee Marlow (lmarlow)
* Ticket 193 alias task show wrong name when it is not overridden. Rafa García
(rgo)
* Allow configuration of which roles assets are precompiled on. Frederick
Cheung (fcheung)
* Fix transfer action to honor dry-run flag. Serg Podtynnyi (shtirlic)
* Changed single to double quotes for Windows, fixes a Windows bug in the HG
module. Matthew J Morrison (mattjmorrison)
* Add UnsharedRemoteCache (copied from eycap gem). Ben Symonds (bensymonds)
As ever, a sincere thanks to all contributors, and do not hesitate to contact
me if this release causes problems for you.
(CVE-2012-0845, CVE-2012-1150 are alredy fixed in pkgsrc,
CVE-2012-0876 is not affect to pkgsrc, using external expat)
What's New in Python 2.6.8?
===========================
*Release date: 2012-04-10*
No changes since 2.6.8rc2.
What's New in Python 2.6.8 rc 2?
================================
*Release date: 2012-03-17*
Library
-------
- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash
table internal to the pyexpat module's copy of the expat library to avoid a
denial of service due to hash collisions. Patch by David Malcolm with some
modifications by the expat project.
What's New in Python 2.6.8 rc 1?
================================
*Release date: 2012-02-23*
Core and Builtins
-----------------
- Issue #13703: oCERT-2011-003 CVE-2012-1150: add -R command-line
option and PYTHONHASHSEED environment variable, to provide an opt-in
way to protect against denial of service attacks due to hash
collisions within the dict and set types. Patch by David Malcolm,
based on work by Victor Stinner.
Library
-------
- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
SimpleXMLRPCServer upon malformed POST request.
- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
IV attack countermeasure.
Upstream changes:
-----------------
2012-04-04: released Fabric 1.4.1
2012-04-04: released Fabric 1.3.6
[Bug] #608: Add capture kwarg to rsync_project to aid in debugging rsync
problems.
[Bug] #607: Allow local to display stdout/stderr when it warns/aborts, if it
was capturing them.
[Bug] #395: Added an FAQ entry detailing how to handle init scripts which
misbehave when a pseudo-tty is allocated.
[Bug] #568: execute allowed too much of its internal state changes (to
variables such as env.host_string and env.parallel) to persist after execution
completed; this caused a number of different incorrect behaviors. execute has
been overhauled to clean up its own state changes - while preserving any state
changes made by the task being executed.
[Bug] #584: upload_project did not take explicit remote directory location into
account when untarring, and now uses cd to address this. Thanks to Ben Burry
for the patch.
[Bug] #458: with_settings did not perfectly match settings, re: ability to
inline additional context managers. This has been corrected. Thanks to Rory
Geoghegan for the patch.
[Bug] #499: contrib.files.first used an outdated function signature in its
wrapped exists call. This has been fixed. Thanks to Massimiliano Torromeo for
catch & patch.
[Bug] #551: --list output now detects terminal window size and truncates (or
doesn't truncate) accordingly. Thanks to Horacio G. de Oro for the initial pull
request.
[Bug] #572: Parallel task aborts (as oppposed to unhandled exceptions) now
correctly print their abort messages instead of tracebacks, and cause the
parent process to exit with the correct (nonzero) return code. Thanks to Ian
Langworth for the catch.
[Bug] #306: Remote paths now use posixpath for a separator. Thanks to Jason
Coombs for the patch.
2012-02-13: released Fabric 1.4.0
2012-02-13: released Fabric 1.3.5
2012-02-13: released Fabric 1.2.6
2012-02-13: released Fabric 1.1.8
[Bug] #495: Fixed documentation example showing how to subclass Task. Thanks to
Brett Haydon for the catch and Mark Merritt for the patch.
[Bug] #410: Fixed a bug where using the task decorator inside/under another
decorator such as hosts could cause that task to become invalid when invoked by
name (due to how old-style vs new-style tasks are detected.) Thanks to Dan
Colish for the initial patch.
[Feature] #559: rsync_project now allows users to append extra SSH-specific
arguments to rsync`s --rsh flag.
[Feature] #138: env.port may now be written to at fabfile module level to set a
default nonstandard port number. Previously this value was read-only.
[Feature] #3: Fabric can now load a subset of SSH config functionality directly
from your local ~/.ssh/config if env.use_ssh_config is set to True. See
Leveraging native SSH config files for details. Thanks to Kirill Pinchuk for
the initial patch.
[Feature] #12: Added the ability to try connecting multiple times to
temporarily-down remote systems, instead of immediately failing. (Default
behavior is still to only try once.) See env.timeout and
env.connection_attempts for controlling both connection timeouts and total
number of attempts. reboot has also been overhauled (but practically deprecated
- see its updated docs.)
[Feature] #474: execute now allows you to access the executed task's return
values, by itself returning a dictionary whose keys are the host strings
executed against.
[Bug] #487: Overhauled the regular expression escaping performed in append and
contains to try and handle more corner cases. Thanks to Neilen Marais for the
patch.
[Support] #532: Reorganized and cleaned up the output of fab --help.
[Feature] #8: Added --skip-bad-hosts/env.skip_bad_hosts option to allow
skipping past temporarily down/unreachable hosts.
[Feature] #13: Env vars may now be set at runtime via the new --set
command-line flag.
[Feature] #506: A new output alias, commands, has been added, which allows
hiding remote stdout and local "running command X" output lines.
[Feature] #72: SSH agent forwarding support has made it into Fabric's SSH
library, and hooks for using it have been added (disabled by default; use -A or
env.forward_agent to enable.) Thanks to Ben Davis for porting an existing
Paramiko patch to ssh and providing the necessary tweak to Fabric.
MySQL 5.0 series.
5.0.96
* yaSSL was upgraded from version 1.7.2 to 2.2.0.
5.0.95
* No change log entries.
5.0.94
* Some files in the MySQL Server sources containing legacy code still used the
LGPL license. Such files that were no longer in use have been removed. Any
such code that remains following this removal now appears under the GPL
only. (Bug #11896296)
References: See also Bug #11840513.
* Under some circumstances, the result of SUBSTRING_INDEX() incorrectly
depended on the contents of the previous row. (Bug #42404, Bug #11751514)
5.0.93
* Security Fix: The PolyFromWKB() function could crash the server when
improper WKB data was passed to the function. (Bug #51875, Bug #11759554,
CVE-2010-3840)
* Security Fix: Bug #36544 was fixed.
* Security Fix: Bug #49124 and Bug #11757121 were fixed.
* Two unused test files in storage/ndb/test/sql contained incorrect versions
of the GNU Lesser General Public License. The files and the directory
containing them have been removed. (Bug #11810224)
References: See also Bug #11810156.
* On FreeBSD and OpenBSD, the server incorrectly checked the range of the
system date, causing legal values to be rejected. (Bug #55755, Bug
#11763089)
