- Bug Fixes
The following vulnerabilities have been fixed.
* wnpa-sec-2013-54
The Bluetooth HCI ACL dissector could crash. Discovered by
Laurent Butti. (Bug 8827)
Versions affected: 1.10.0 to 1.10.1
* wnpa-sec-2013-55
The NBAP dissector could crash. Discovered by Laurent
Butti. (Bug 9005)
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9
* wnpa-sec-2013-56
The ASSA R3 dissector could go into an infinite loop.
Discovered by Ben Schmidt. (Bug 9020)
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9
* wnpa-sec-2013-57
The RTPS dissector could overflow a buffer. Discovered by
Ben Schmidt. (Bug 9019)
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9
* wnpa-sec-2013-58
The MQ dissector could crash. (Bug 9079)
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9
* wnpa-sec-2013-59
The LDAP dissector could crash. Versions affected: 1.10.0
to 1.10.1, 1.8.0 to 1.8.9
* wnpa-sec-2013-60
The Netmon file parser could crash. Discovered by G.
Geshev. (Bug 8742)
Versions affected: 1.10.0 to 1.10.1, 1.8.0 to 1.8.9
- The following bugs have been fixed:
* Lua ByteArray:append() causes wireshark crash. (Bug
4461)
* Lua script can not get "data-text-lines" protocol data.
(Bug 5200)
* Lua: Trying to use Field.new("tcp.segments") to get
reassembled TCP data is failed. (Bug 5201)
* "Edit Interface Settings": "Capture Filter" combo box is
not populated across Wireshark sessions. (Bug 7278)
* PER normally small non-negative whole number decoding is
wrong when >= 64. (Bug 8841)
* Strange behavior of tree expand/collapse in packet details.
(Bug 8908)
* Incorrect parsing of IPFIX *IpTotalLength elements.
(Bug 8918)
* IO graph/advanced, max/min/summ error on frames with
multiple Diameter messages. (Bug 8980)
* pod2man error on reordercap.pod. (Bug 8982)
* SGI Nsym disambiguation is unconditionally displayed when
dissecting VHT. (Bug 8989)
* The Wireshark icon doesn't show up in OS X 10.5. (Bug
8993)
* Build fails if system Python is version 3+. (Bug 8995)
* SCSI dissector does not parse PERSISTENT RESERVE commands
correctly. (Bug 9012)
* SDP messages throws an assert. (Bug 9022)
* Wireshark fails to decode single-line, multiple Contact:
URIs in SIP responses. (Bug 9031)
* PN_MRP LinkUp Message is shown as LinkDown in info.
(Bug 9035)
* Dissector for EtherCAT: ADS highlighting in the Packet
Bytes Pane is incorrect. (Bug 9036)
* 802.11 HT Extended Capabilities B10 decode incorrect.
(Bug 9038)
* Wrong dissection of MSTI Root Identifiers for all MSTIs.
(Bug 9088)
* Weird malformed HTTP error. (Bug 9101)
* Warning for attempting to install 64-bit Wireshark on a
32-bit machine has an embedded "\n". (Bug 9103)
* Wireshark crashes when using "Export Specified Packets" >
"Displayed". (Bug 9106)
- Updated Protocol Support
ASN.1 PER, ASSA R3, Bluetooth HCI ACL, EtherCAT AMS, GTPv2,
HTTP, IEEE 802.11, IPFIX, ISDN SUP, LDAP, MQ, NBAP, Novell SSS,
PROFINET MRP, Radiotap, ROHC, RTPS, SCSI, SIP, and STP
- New and Updated Capture File Support
Microsoft Network Monitor, pcap-ng.
2013-09-01 Flickcurl Version 1.25 Released
More OAuth fixes including getting uploading fully working.
Multiple internal OAuth changes to simplify code.
Updated the coverage for API calls added in the last year
approximately.
Added new API call to get the most frequently used tags for a user.
This does not seem to work over OAuth:
flickcurl_tag** flickcurl_tags_getMostFrequentlyUsed(flickcurl* fc);
Added new API call to get the groups of a user:
flickcurl_group** flickcurl_people_getGroups(flickcurl* fc,
const char* user_id, const char* extras);
Added new API call to get contacts tagging suggestions but reordered
the parameters to match the rest of the contacts.get* API calls.
flickcurl_contact** flickcurl_contacts_getTaggingSuggestions(flickcurl* fc,
const char* include_self, const char* include_address_book,
int page, int per_page);
Added new API calls flickcurl_groups_join(),
flickcurl_groups_joinRequest() and flickcurl_groups_leave() for (some
of) the new group API:
int flickcurl_groups_join(flickcurl* fc, const char* group_id,
const char* accept_rules);
int flickcurl_groups_joinRequest(flickcurl* fc, const char* group_id,
const char* message, const char* accept_rules);
int flickcurl_groups_leave(flickcurl* fc, const char* group_id,
const char* delete_photos);
Updated the example code flickrdf.c to use the non-deprecated
flickcurl_photos_getInfo2()
Updated deprecated flickcurl-config(1) program to be independent of
pkg-config. This allows make distcheck to work.
This minor maintenance release provides accumulated build configuration
improvements and janitorial cleanups.
Alan Coopersmith (8):
xfindproxy only depends on xproto, not x11
Convert STRING_BYTES & STORE_STRING from macros to inline functions
Fix some clang warnings about implicit integer size/sign conversions
Stop casting malloc return values
Move global appContext into main() to avoid shadow warnings
Mark input string to cvthexkey() as const
Fix some clang integer conversion warnings in cvthexkey()
xfindproxy 1.0.3
Changes from History.txt:
=== 0.5.0 2013-08-26
* show RT/Fav count on % tw --id=1234552234
=== 0.4.9 2013-08-22
* show tweet by status_id % tw --id=1234543234
The PowerDNS nameserver is a modern, advanced and high performance
authoritative-only nameserver. It is written from scratch and conforms
to all the relevant DNS standards documents. PowerDNS is open source.
The PowerDNS nameserver utilizes a flexible backend architecture that
can access DNS information from any data source. This includes file
formats, BIND zone files, relational databases or LDAP directories.
This packages provides the SQLite version 3 backend module.
**** 0.72 Dec 28, 2012
Fix rt.cpan.org #82148
nxrrset fails to ignore RDATA.
Fix rt.cpan.org #82134
TSIG key and algorithm names not downcased in digest.
Class not forced to ANY.
Fix rt.cpan.org #82063
yxrrset, nxrrset and rr_del functions should force zero TTL.
Fix rt.cpan.org #82047
Clarify documentation to indicate that header counts may
differ from the number of RRs present if a packet is corrupt.
Fix rt.cpan.org #81941
Clarify documentation to make clear that bgread will not switch to
TCP when a truncated packet is received.
**** 0.71 Dec 15, 2012
Temporary workaround rt.cpan.org #81760
The rdatastr method for TXT RRs will return unconditionally
quoted rdata fields to work around an issue with updating
SpamAssassin rules. This workaround will be reverted after
release of a version of SpamAssassin which resolves the issue.
Fix rt.cpan.org #81942
Fix memory leak on packet cleanup. The back-reference via the
header attribute (with xbody) caused the garbage collector not
to clean a packet. Header is now explicitly cleaned via
Net::DNS::Packet::DESTROY.
Fix TSIG initialization
Uninitialised algorithm attribute caused signature generation
to fail silently when creating a TSIG signed packet.
Fix rt.cpan.org #81869
The rr_del auxilliary function broken by a conflicting change
in the RR.pm string parser. Note the ambiguous use of ANY,
which may stand for CLASS255 or TYPE255 depending upon the
argument string presented.
Fix rt.cpan.org #81756
Test failures on Perl 5.8.5 .. 5.8.8.
lc(), uc() and case insensitive regex matching broken for UTF8.
Thanks are due to Paul Howarth for patient work with perl -d.
Fix rt.cpan.org #81787
NXDOMAIN no longer reported by $resolver->errorstring.
Fix rt.cpan.org #81814
Allow zero in format, tag and algorithm fields of CERT RR.
Fix rt.cpan.org #81786
Substitute last owner for leading spaces in multiline zonefile RR.
Fix rt.cpan.org #77444
Make use of new extended header modus operandi for OPT records
also in the resolver. Preventing a warning.
**** 0.70 Dec 6, 2012
Feature added support for NID L32 L64 LP, RFC6742.
(allow ruby-2.0 and fixes locale data installation)
== 2.0.1: 2013-08-29
A bug fix release for the first time in a year!
=== Improvements
* Supported initial setup on environments that don't support opening a URI
from GTK+ such as OS X.
0.20.4
======
Changes since 0.20.3:
- Fix warnings in gtk-doc run.
- Some minor improvements to the documentation.
- Make the user-agent ASCII-only to fix issues with discovery when
g_get_application_name () returned a translated string.
- Force HTTP version to be 1.1 in SOAP requests.
- Fix potential crashes in XML parsing.
- Fix potential memory leak in gupnp_service_proxy_send_action_valist.
- Some codestyle fixes.
- Add gupnp_device_info_list_dlna_device_class_identifier () to retrieve the
content of <dlna:X_DLNADOC> nodes.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=704953
- https://bugzilla.gnome.org/show_bug.cgi?id=702555
- https://bugzilla.gnome.org/show_bug.cgi?id=704094
- https://bugzilla.gnome.org/show_bug.cgi?id=700947
All contributors to this release:
Ludovic Ferrandis <ludovic.ferrandis@intel.com>
Jens Georg <mail@jensge.org>
Sébastien Bianti <sebastien.bianti@linux.intel.com>
Bastien Nocera <hadess@hadess.net>
0.14.4
======
- Fix gtk-doc warnings.
- Use SO_REUSEPORT on FreeBSD and Debian/kFreeBSD.
- Fix discovery issue with some devices when g_get_application_name returned a
non-ASCII translated version of the name.
- Fix a compiler warning about parentheses.
- Use GNOME_COMPILE_WARNINGS for a safe set of strict compiler warnings.
- Remove the use of INCLUDES which has been deprecated for a while.
All contributors to this release:
Jens Georg <jensg@openismus.com>
Bastien Nocera <hadess@hadess.net>
* Fix build with lua 5.2.
Changelog:
Main changes for LuaSocket 3.0-rc1 are IPv6 support and Lua 5.2 compatibility.
* Added: Compatible with Lua 5.2
- Note that unless you define LUA_COMPAT_MODULE, package
tables will not be exported as globals!
* Added: IPv6 support;
- Socket.connect and socket.bind support IPv6 addresses;
- Getpeername and getsockname support IPv6 addresses, and
return the socket family as a third value;
- URL module updated to support IPv6 host names;
- New socket.tcp6 and socket.udp6 functions;
- New socket.dns.getaddrinfo and socket.dns.getnameinfo functions;
* Added: getoption method;
* Fixed: url.unescape was returning additional values;
* Fixed: mime.qp, mime.unqp, mime.b64, and mime.unb64 could
mistaking their own stack slots for functions arguments;
* Fixed: Receiving zero-length datagram is now possible;
* Improved: Hidden all internal library symbols;
* Improved: Better error messages;
* Improved: Better documentation of socket options.
* Fixed: manual sample of HTTP authentication now uses correct
"authorization" header (Alexandre Ittner);
* Fixed: failure on bind() was destroying the socket (Sam Roberts);
* Fixed: receive() returns immediatelly if prefix can satisfy
bytes requested (M Joonas Pihlaja);
* Fixed: multicast didn't work on Windows, or anywhere
else for that matter (Herbert Leuwer, Adrian Sietsma);
* Fixed: select() now reports an error when called with more
sockets than FD_SETSIZE (Lorenzo Leonini);
* Fixed: manual links to home.html changed to index.html (Robert Hahn);
* Fixed: mime.unb64() would return an empty string on results that started
with a null character (Robert Raschke);
* Fixed: HTTP now automatically redirects on 303 and 307 (Jonathan Gray);
* Fixed: calling sleep() with negative numbers could
block forever, wasting CPU. Now it returns immediately (MPB);
* Improved: FTP commands are now sent in upper case to
help buggy servers (Anders Eurenius);
* Improved: known headers now sent in canonic
capitalization to help buggy servers (Joseph Stewart);
* Improved: Clarified tcp:receive() in the manual (MPB);
* Improved: Decent makefiles (LHF).
* Fixed: RFC links in documentation now point to IETF (Cosmin Apreutesei).
PR pkg/48156
* add a sc_warts2json utility program that prints out JSON renderings
of trace, ping, and dealias objects in scamper warts files. this is
useful when developing simple analysis programs in perl. the
initial implementation of JSON output for ping and trace was
supplied by Internap. Thanks a lot Internap!
* add a sc_speedtrap utility program that resolves a set of IPv6
interfaces for aliases (which interfaces belong to the same router).
documented in sc_speedtrap(1) man page.
http://www.caida.org/~mjl/pubs/speedtrap.pdf
* add a sc_ipiddump utility program that prints out all IPIDs received
in ping and dealias objects. documented in sc_ipiddump(1) man page.
in ping and dealias objects. documented in sc_ipiddump(1) man page.
in scamper:
* output json objects with -O json
* add -O debugfileappend, causing the debugfile to be appended to
rather than truncated
* do not output debugging information to stderr if NDEBUG was
specified
* drain fds that are not used by any measurement but have not been
closed yet
* improve the use of poll()
* allow a control socket client to specify its mixing priority
* correctly interpret the neighbour discovery cache sysctl on MacOS.
* fix build on MacOS systems without IPFW.
* fixes prompted by clang static analysis.
* fixes prompted by clang static analysis.
in sc_analysis_dump:
* improvements to the comment header printed automatically at the start
* add -M option to print out MPLS headers in ICMP extensions.
* add -Q option to print out Quoted IP TTL
* add -T option to print out the IP TTL of the response packet
in scamper-ping
* implement stats function so that the stats printed are not junk
* add an -M <mtu> option which causes scamper to send a PTB in
response to a packet larger than the given size.
* add a -P icmp-time option which causes ping to send ICMP timestamp
requests.
requests.
in scamper-sting:
* various improvements in the hole filling phase.
* add -U <userid>
in scamper-dealias:
* implement IPv6 support for Ally and RadarGun which is induced by
sending ICMP echo packets larger than a given pseudo MTU size
(causing a responses to be fragmented and thus an ID field revealed.
* implement IPv6 support for Mercator
* be more strict in declaring two interfaces to be aliases: infer
the byte ordering by determining if the shortest distance in a
sequence of ID values is in byte-swapped or not, and then using
that byte ordering mode.
=============================================
Release Highlights
==================
server
------
bug fixes
25713 fix crash in the delegate mechanism leading to various crashes, and
intra-cluster incompatibility between RabbitMQ 3.1.4 and other members
of the 3.1.x series (since 3.1.4)
25700 25710 prevent (harmless) errors being logged when pausing in
pause_minority mode (since 3.1.0)
LDAP plugin
-----------
bug fixes
25703 prevent channel crash when attempting to retrieve LDAP attribute that
does not exist (since 2.7.0)
Changes in 3.1.4
=============================================
Security Fixes
==============
server
------
25686 ensure DLX declaration checks for publish permission (since 2.8.0)
management plugin
-----------------
24803 update to a later version of Mochiweb that fixes a directory traversal
vulnerability allowing arbitrary file access on Windows (since 2.1.0)
Release Highlights
==================
server
------
bug fixes
25638 fix resource leak with mirrored queues when whole clusters stop
(since 3.0.0)
25624 fix queue crash in mirrored queue handling of messages during promotion
(since 2.6.0)
25615 25670 fix race conditions in mirrored queues when different cluster
nodes start and stop near-simultaneously (since 2.6.0)
25617 fix corrupt_cluster_status_files error after abrupt node shutdown
(since 3.0.0)
25645 fix mirrored queue sync failure in the presence of un-acked messages
not at the head of the queue (since 3.1.0)
25640 fix race condition leading to channel crash with low prefetch count
repeated basic.consume and basic.cancel (since 3.1.0)
25625 fix memory leak of mirrored queue messages during promotion
(since 2.6.0)
25649 allow hipe compilation on Erlang R16B01
25659 allow offline cluster node removal with a node which is not second
from last (since 3.0.0)
25648 make `rabbitmqctl join_cluster' idempotent (since 3.0.0)
25651 improve `rabbitmqctl cluster_status' handling of partition info when
cluster nodes are in the process of stopping (since 3.1.0)
25689 ensure launch of subprocesses to monitor disk space and file handles
works correctly when clink shell is installed on Windows (since 2.1.0)
25594 fix rabbit_error_logger crash during failed startup (since 1.4.0)
25631 fix bug in shutdown sequence that could lead to spurious
INTERNAL_ERRORs being sent to clients (since 3.1.0)
erlang client
-------------
bug fixes
25632 fix broken error handling in amqp_network_connection that could lead
to a crash during broker shutdown (since 2.4.0)
25688 fix bug in challenge-response auth handling (since 2.3.0)
enhancements
25674 add amqp_rpc_{client,server}:start_link()
STOMP plugin
------------
bug fixes
25691 fix connection crash on consumer cancellation notification (since 3.0.0)
build and packaging
-------------------
bug fixes
25668 add ssl support to OS X standalone package
25584 ensure that VERSION is set correctly when building src packages
(since 2.7.0)
Upstream changes:
1.06 August 21, 2013
! #87935 skip all MIME-Parser tests if it is not installed
! #87787 Use of uninitialized value $ns in Lite.pm
1.05 August 18, 2013
! #87848 Fix manifest, fix invalid http version from release blunder
======
* proxy/gnome: Fix "automatic" mode, which was mistakenly being
treated as "none" (Dan)
* proxy/gnome: Use this in Unity sessions as well as GNOME ones.
(#698936, Iain Lane)
* proxy/libproxy: Fix handling of SOCKS proxies (#699359, Dan)
