Many new features and refinements.
Notable changes include:
* Konqueror is the second web browser to pass the Acid2 CSS test,
ahead of Firefox and Internet Explorer
* Konqueror can also now free web pages from adverts with its
ad-block feature
* SuperKaramba is included in KDE, providing well-integrated and
easy-to-install widgets for the user's desktop
* Kopete has support for MSN and Yahoo! webcams
* The edutainment module has three new applications (KGeography,
Kanagram and blinKen), and has seen huge improvements in Kalzium
aalib-x11 and aview-x11.
SDL dependencies change, so bump PKGREVISION (and BUILDLINK_RECOMMENDED)
for affected packages.
Addresses PR 32046 by Leonard Schmidt.
"A vulnerability in FFmpeg libavcodec can be exploited by malicious people
to cause a DoS (Denial of Service) and potentially to compromise a user's
system."
http://secunia.com/advisories/17892/
Fix from ffmpeg CVS repository, libavcodec/utils.c rev. 1.162:
"default_get_buffer() cleanup
fixes probably exploitable heap overflow
heap overflow found by (Simon Kilvington)"
parameters instead of the one with two parameters. The setenv() function
has been added to Solaris recently, so this wasn't necessary before.
Should fix PR 32273.
Changes 2.54:
a few minor enhancements and fixes.
Changes 2.53:
mostly work around bugs and deficiencies in third-party packages
commonly used with MIMEDefang.
o Updated automake admin dir to compile with latest SuSE
o Updated documentation slightly
o Status Window patch for multiple-monitors
o Added CRAM-MD5 and APOP login support for POP and IMAP
o Fixed advanced options like keepalive propogating from the setup
dialog to the code that actually uses it
"Remote exploitation of an input validation vulnerability in the OSPF
protocol dissectors within Ethereal, as included in various vendors
operating system distributions, could allow attackers to crash the
vulnerable process or potentially execute arbitrary code."
http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
Patch from the Ethereal SVN repository.
Changes:
- the libcurl.pc pkgconfig file now gets installed on make install
- URL globbing now offers "range steps": [1-100:10]
- LDAPv3 is now the preferred LDAP protocol version
- --max-redirs and CURLOPT_MAXREDIRS set to 0 limits redirects
- improved MSVC makefile
Bugfixes:
- URL buffer overflow problem (CVE-2005-4077)
- using file:// on non-existing files are properly handled
- builds fine on DJGPP
- CURLOPT_ERRORBUFFER is now always filled in on errors
- curl outputs error on bad --limit-rate units
- fixed libcurl's use of poll() on cygwin
- the GnuTLS code didn't support client certificates
- TFTP over IPv6 works
- no reverse lookups on IP addresses when ipv6-enabled
- SSPI compatibility fix: using the proper DLLs
- binary LDAP properties are now shown base64 encoded
- Windows uploads from stdin using curl can now contain ctrl-Z bytes
- -r [num] would produce an invalid HTTP Range: header
- multi interface with multi IP hosts could leak socket descriptors
- the GnuTLS code didn't handle rehandshakes
- re-use of a dead FTP connection
- name resolve error codes fixed for Windows builds
- double WWW-Authenticate Digest headers are now handled
- curl-config --vernum fixed
Including fix for long title & history file problem.
http://www.mozilla.org/security/history-title.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=319004
What's New in Firefox 1.5
Firefox 1.5 is the next version of our award-winning Web browser.
Here's what's new in Firefox 1.5:
* Automated update to streamline product upgrades. Notification of an
update is more prominent, and updates to Firefox may now be half a
megabyte or smaller. Updating extensions has also improved.
* Faster browser navigation with improvements to back and forward
button performance.
* Drag and drop reordering for browser tabs.
* Improvements to popup blocking.
* Clear Private Data feature provides an easy way to quickly remove
personal data through a menu item or keyboard shortcut.
* Answers.com is added to the search engine list.
* Improvements to product usability including descriptive error pages,
redesigned options menu, RSS discovery, and "Safe Mode" experience.
* Better accessibility including support for DHTML accessibility and
assistive technologies such as the Window-Eyes 5.5 beta screen reader
for Microsoft Windows. Screen readers read aloud all available
information in applications and documents or show the information on a
Braille display, enabling blind and visually impaired users to use
equivalent software functionality as their sighted peers.
* Report a broken Web site wizard to report Web sites that are not
working in Firefox.
* Better support for Mac OS X (10.2 and greater) including profile
migration from Safari and Mac Internet Explorer.
* New support for Web Standards including SVG, CSS 2 and CSS 3, and
JavaScript 1.6.
* Many security enhancements.
The Burning Edge has more detailed lists of new features and notable bug fixes.
http://www.squarefree.com/burningedge/releases/1.5-comprehensive.html
2005/12/06: version 2.7.1 = tag release-2-7-1
4679: FileTP: Fix HTTP downloading for URLs with space chars, log cleaning
4674: EDK: Re-enable checking old_files before starting a download
and force_download command
4676: BT: decode_version fix and html sort fix (bogeyman)
2005/12/05
4673: IPBlock: display original length and optimized length in block_list,
log file clean up
2005/12/04
4672: FileTP: Fix major bug in HTTP downloading, introduced in 2.6.0
2005/12/03
4671: Compile fix in CryptoPP.h for gcc-2.96 (trdw)
4670: Increase max_buffer_size limit for high-volume connections
2005/12/02
4649: Updates for file_completed_cmd (pango, spiralvoice)
* some log cleaning
* added information to notification email if auto_commit is disabled,
email is sent by file_completed, not file_commit
* moved execution of !!file_completed_cmd from file_completed
to file_commit, kept option name for easier upgrading
this was done because the filename of a downloading file can be
different than the filename of the committed file if a file
with the same name as the to be committed file is already in
incoming. older method did not take this into account at all..
* added environment variables for file_completed_cmd, see description:
A command that is called when a file is committed, does not work on MinGW.
Arguments are (kept for compatability):
$1 - temp file name, without path
$2 - file size
$3 - filename of the committed file
Also these environment variables can be used (prefered way):
$TEMPNAME - temp file name, including path
$FILEID - same as $1
$FILESIZE - same as $2
$FILENAME - same as $3
$FILEHASH - internal hash
$DURATION - download duration
$INCOMING - directory used for commit
$NETWORK - network used for downloading
$ED2K_HASH - ed2k hash if MD4 is known
4667: Update Ocaml download URL
4666: Always create incoming directories before commit
4663: CryptoPP: Latest fixes ported from aMule CVS
2005/12/01
4657: Fix for C files for AMD64, mipsel platforms
improve endianness checking in tiger.c, md5_c.c and CryptoPP.h,
print endianness in buildinfo, removed sha1_old code
4661: Log: Print newline before exception message when MLDonkey can´t use a port
BT: exit if client_port = tracker_port
2005/11/28
4654: Fix guiprot when addr not resolvable (zet)
4655: Set conn_user on gui (zet)
4656: BT: update last seen complete field and fix bitfield reading (zet)
2005/11/27
4653: GTK2 GUI: add isohunt statistics (su_blanc)
2005/11/22
4364: Let mlnet build under the cygwin unix emulation layer (Amorphous)
4648: GTK2 GUI: improve display of razorback stats (su_blanc)
added the display of filedonkey.com data
4646: BT: little change to recognise Clients (bogeyman)
4645: Fix donkey total uptime stats order (bogeyman)
2005/11/21
4406: Unicode: Fix filenames in shared_files_new.ini and file rename
in HTML interface (mld_unicode_patch6.patch) (CML)
4440: New option shutdown_timeout, 3 sec, was hardcoded before (Amorphous)
4644: Update GNU config.guess and config.sub to current versions
4643: HTML: Fix gdstats output when html_use_gzip true
4640: Calendar: view calendar command: vcal
4641: Fix exception in load_web_infos
4642: HTML: Improve preview via webbrowser (pango)
2005/11/19
These patches are experimental, please test carefully and report your findings.
4563: replace all Printf.printf occurences by Printf2.lprintf (su_blanc)
4479: Callback mechanism for low ID users does not work (miriup)
Reactivating submission of server IP and port during client
handshake in edonkey
"However, sometimes, especially when I have no files to download I do
not receive callbacks at all. It is suggested to apply this patch in
a testing mldonkey for a week on a non-low id connection before including
it in a stable release, ... I can't test high-ID at all."
4574: Friends upload slot (pango)
