Packaged by rxg@ and modified by me.
These are font bundles for the Chinese Arphic fonts which work with the
CJK package. Arphic is actually the name of the company that which
created the fonts (and put them under a GPL-like licence).
* ldns 1.6.9 is required for bugfixes.
* dnsruby-1.52 required for bugfixes.
Bugfixes:
* Auditor: 'make check' now works when srcdir != builddir.
* Auditor: Include the 'make check' files in the tarball.
* Enforcer: Fix the migration script for SQLite.
* Enforcer: Increase size of keypairs(id) field in MySQL to allow more than
32767 keys; see MIGRATION for details.
* Enforcer: Minor change to NOT_READY_KEY error message.
* libhsm: Increase the maximum number of attached HSM:s from 10 to 100.
* ods-ksmutil: Send trivial MySQL messages to stdout when exporting zonelist
etc. Otherwise the resulting XML needs to be edited by hand.
* ods-control: Fix for Bourne shell.
* Signer Engine: Prevent race condition when setting up the workers and
the command handler.
* Signer Engine: Check if the signature exists before recycling it.
* Signer Engine: Quit when there are errors in the configuration.
* Signer Engine: Enable core dump on failure.
* Signer Engine: Explicitly close down log msg with null.
* Signer Engine: Backup state after writing output.
* Signer Engine: Allow update of serial if internal structure is not
initialized.
Features:
* harden-below-nxdomain config option, default off (because very old software
may be incompatible). We could enable it by default in the future.
From draft-vixie-dnsext-resimprove-00.
* typetransparent localzone: does not block other RR types.
* so-sndbuf option for very busy servers, a bit like so-rcvbuf.
Bug Fixes:
* Fix so a changed NS RRset does not get moved name stuck on old server,
for type NS the TTL is not increased.
* Fix prefetch so it does not get stuck on old server for moved names.
* Fix insecure CNAME sequence marked as secure, reported by Bert Hubert.
* faster lruhash get_mem routine.
* [bugzilla: 346 ] remove ITAR scripts from contrib,
the service is discontinued, use the root.
* Fix in infra cache that could cause rto larger than TOP_TIMEOUT kept.
* algorithm compromise protection using the algorithms signalled in the DS
record. Also, trust anchors, DLV, and RFC5011 receive this, and thus,
if you have multiple algorithms in your trust-anchor-file then it will now
behave different than before. Also, 5011 rollover for algorithms needs to be
double-signature until the old algorithm is revoked.
* squelch 'tcp connect: bla' in logfile, (set verbosity 2 to see them)
* fix validation in this case: CNAME to nodata for co-hosted opt-in
NSEC3 insecure delegation, was bogus, fixed to be insecure.
* Fix our 'BDS' license (typo reported by Xavier Belanger).
* [bugzilla: 338 ] print address when socket creation fails.
* Fix storage of EDNS failures in the infra cache.
* silence 'tcp connect: broken pipe' and 'net down' at low verbosity.
* unbound-anchor compiles with openssl 0.9.7.
* Be lenient and accept imgw.pl malformed packet (like BIND).
* the included ldns tarball is updated (to 1.6.8)
* iana portlist updated.
unbound 1.47:
Features:
* unbound-anchor app, unbound requires libexpat (xml parser library).
It creates or updates a root.key file. Use it before you start the validator
(e.g. at system boot time).
* dump_infra and flush_infra commands for unbound-control.
Bug Fixes:
* GOST code enabled by default (RFC 5933).
* Configure detects libev-4.00.
* do not synthesize a CNAME message from cache for qtype DS.
* Use central entropy to seed threads.
* Change the rtt used to probe EDNS-timeout hosts to 1000 msec.
* Fix validation failure for parent and child on same server with an insecure
childzone and a CNAME from parent to child.
* Change of timeout code. No more lost and backoff in blockage. At 12sec timeout
(and at least 2x lost before) one probe per IP is allowed only. At 120sec,
the IP is blocked. After 15min, a 120sec entry has a single retry packet.
* no timeout backoff if meanwhile a query succeeded.
* Configure errors if ldns is not found.
* Windows 7 fix for the installer.
* Fix bug where fallback_tcp causes wrong roundtrip and edns observation to be
noted in cache. Fix bug where EDNSprobe halted exponential backoff if EDNS
status unknown.
* interface automatic works for some people with ip6 disabled. Therefore the
error check is removed, so they can use the option.
* Fix TCP so it uses a random outgoing-interface.
* Fix bug when DLV below a trust-anchor that uses NSEC3 optout where the zone
has a secure delegation hosted on the same server did not verify as secure
(it was insecure by mistake).
* Fix alloc_reg_release for longer uptime in out of memory conditions.
* [bugzilla: 329 ] in example.conf show correct ipv4 link-local 169.254/16.
* compliance with draft-ietf-dnsop-default-local-zones-14,
removed reverse ipv6 orchid prefix from builtin list.
* Algorithm rollover operational reality intrudes, for trust-anchor and
5011-store, if one key matches it's good enough.
* Fix reported validation error in out of memory condition.
* Abide RFC5155 section 9.2: no AD flag for replies with NSEC3 optout.
* increased mesh-max-activation from 1000 to 3000 for crazy domains like
_tcp.slb.com with 262 servers.
* [bugzilla: 327 ] Fix for cannot access stub zones until the root is primed.
* openbsd-lint fixes
* [bugzilla: 321 ] Fix resolution of rs.ripe.net artifacts with 0x20.
Delegpt structures checked for duplicates always.
No more nameserver lookups generated when depth is full anyway.
* [bugzilla: 322 ] Fix, configure does not respect CFLAGS on Solaris.
Pass CFLAGS="-xO4 -xtarget=generic" on the configure command line if use
sun-cc, but some systems need different flags.
* Fix acx_nlnetlabs.m4 configure output for autoconf-2.66 AS_TR_CPP changes,
uses m4_bpatsubst now.
* make test (or make check) should be more portable and run the unit test and
testbound scripts. (make longtest has special requirements).
* More pleasant remote control command parsing.
* Fix name of rrset printed that failed validation.
* Return NXDOMAIN after chain of CNAMEs ends at name-not-found.
* Fix validation in case a trust anchor enters into a zone with
unsupported algorithms.
* iana portlist updated.
* updated ldns tarball.
* TXT record presentation format parsing fixes.
* NAPTR record presentation format parsing fixes.
* SEP flag no longer required (for use with Combined Signing Key).
* Validation routines improved.
* Recursor now handles hints and nameservers better.
* Various bug fixes.
* Fix creating NSEC(3) bitmaps: make array size 65536,
don't add doubles.
* Fix printout of escaped binary in TXT records.
* Parsing TXT records: don't skip starting whitespace that is quoted.
* bugfix #358: Check if memory was successfully allocated in
ldns_rdf2str().
* Added more memory allocation checks in host2str.c
* python wrapper for ldns_fetch_valid_domain_keys.
* fix to compile python wrapper with swig 2.0.2.
* Don't fallback to SHA-1 when creating NSEC3 hash with another
algorithm identifier, fail instead (no other algorithm identifiers
are assigned yet).
1.6.8
* Fix ldns zone, so that $TTL definition match RFC 2308.
* Fix lots of missing checks on allocation failures and parse of
NSEC with many types and max parse length in hosts_frm_fp routine
and off by one in read_anchor_file routine.
* bugfix #335: Drill: Print both SHA-1 and SHA-256 corresponding DS
records.
* Print correct WHEN in query packet (is not always 1-1-1970)
* ldns-test-edns: new example tool that detects EDNS support.
* fix ldns_resolver_send without openssl.
* bugfix #342: patch for support for more CERT key types (RFC4398).
* bugfix #351: fix udp_send hang if UDP checksum error.
* fix set_bit (from NSEC3 sign).
* changed ssl:verify-certificate default to yes.
* check certificate common name in openssl case (code from curl).
* disable weak algorithms in openssl.
* new setting xfer:log-file.
* support for netkey pasword in ftp.
* added torrent ipv6 support (new setting torrent:ipv6)
* don't accept new connections when no torrent can accept them.
* allow to specify job numbers in `jobs' command.
* fixed a segfault in pget when an error happens on second chunk.
2011-01-23 : zyGrib Version 3.9.9.1
* New russian translation (thanks Yaroslav/Specter).
* Bug fixed : drawing wind arrows on the grid for Meteoblue files.
* Personnal "cities" list :
o All files whose name begins with cities and located in maps / gis / are read.
o Format : text, encoding UTF8
o One city by line (5 data, separator ';') :
country;name;population;latitude;longitude
1. country: 2 chars international code ISO-3166 A2
2. name
3. population : "importance" of the city. 4 levels:
1. population >= 1000000
2. population >= 200000
3. population >= 50000
4. population < 50000
4. latitude
5. longitude
o Sample:
AD;Andorra la Vella;20430;42.5;1.5166667
A variable name that should be set as staged installation location
presented as ${DESTDIR} at installation phase.
"DESTDIR" is set by default.
for packages using different variable for staged installation prefix,
and/or using DESTDIR variable for different purpose.
an array of pointer (in struct fdtab) rather than a pointer of pointers.
Sadly for us, no, arrays and pointers are not equivalent from a memory
perspective: while pointers from/to another address space can
be consumed by kvm(3) to query for data in kernel space, arrays
are more tricky, especially when their content is copied in userland:
they are part of the copied struct.
Address of array members are only valid in their own address space,
in our case userland, which is (fortunately?) different from kernel space.
This breaks the various kvm_read() calls that query for file descriptor
information. Consequence: lsof(1) cannot print filedescriptor information
(starting from 5.99.14), and silently ignores the errors, as using
the userland fdtab (``dt'' variable) is not valid for kernel.
Fix that by using the ``fd_dt'' member of struct filedes, which stores
the address of the fdtab struct in kernel address space. Took a few hours
to understand what was going on with lsof(1), hmmm.
Luckily, fstat(1) uses the proper model (checked about 5min ago). Why
lsof(1) decided not to log an error on kvm_read() is... a good question.
Bump rev.
Upstream changes:
1.14 2011-03-17 00:00:00
- Added support for multiple dns servers to Mojo::IOLoop.
- Added config helper to Mojolicious::Plugin::Config.
- Changed resolv.conf parser in Mojo::IOLoop to use the first
nameserver.
- Changed lookup method in Mojo::IOLoop to pick records randomly.
- Fixed small optional tag bugs in Mojo::DOM.
- Fixed JavaScript/CSS bug in Mojo::DOM.
- Fixed Windows home directory detection bug. (akron)
- Fixed a few warnings.
- Fixed typos.
1.13 2011-03-14 00:00:00
- Deprecated Mojo::Client in favor of the much sleeker
Mojo::UserAgent.
- Made the most common Mojo::IOLoop methods easier to access for the
singleton instance.
- Fixed typos.
1.12 2011-03-10 00:00:00
- Relicensed all artwork to CC-SA, so the whole distribution can be
considered "open" again.
- Deprecated MOJO_JSON_CONFIG environment variable in favor of
MOJO_CONFIG. (crab)
- Added EXPERIMENTAL support for IPv6.
- Added more Perl-ish configuration plugin.
- Added drain callback support for WebSockets.
- Added line numbers to Mojo::JSON error messages. (marcus)
- Removed experimental status from hypnotoad and
Mojolicious::Plugin::TagHelpers.
- Removed experimental status from many attributes and methods all
over Mojolicious.
- Improved attribute support of the select_field tag helper. (yko)
- Improved text_field tag helper.
- Improved tag helper attribute escaping.
- Improved attrs method in Mojo::DOM.
- Updated to jQuery to version 1.5.1.
- Fixed XSS issue in link_to helper.
- Fixed route unescaping bug.
- Fixed small Mojo::DOM bug. (yko)
- Fixed small documentation bug.
- Fixed typos. (kimoto)
From Christian Sturm in PR pkg/44740.
