This is the release of ISC DHCP 4.3.4, a maintenance
release which contains a number of bug fixes and two
fixes for previously released security issues.
Full changes are too many to write here, please refer
<https://kb.isc.org/article/AA-01364/0/DHCP-4.3.4-Release-Notes.html>.
This is an update to address security issues, but contains more changes.
Packaging changes include:
remove lib/privs.c patch (integrated upstream)
opaque LSA no longer an option (always on)
pimd enabled by default upstream and hence in the package
Upstream changes from http://savannah.nongnu.org/news/?group=quagga
Quagga 1.0.20160315 Released
Quagga 1.0.20160309 has been released, and is available at
http://download.savannah.gnu.org/releases/quagga/
This is a bug fix release. It addresses a crash in protocols with a
redistribute statement.
Quagga 1.0.20160309 Released
Quagga 1.0.20160309 has been released, and is available at
http://download.savannah.gnu.org/releases/quagga/
This release addresses Security Vulnerability VU #270232.
Users using VPNv4 to untrusted peers and zebra that have
untrusted clients talking to it are advised to upgrade to
this release. For further details see the CERT Vulnerability note:
https://www.kb.cert.org/vuls/id/270232
Major user-visible changes:
[quagga] - Namespace VRF Support has been added.
[lib] - Add 'show commandtree'
[bgpd] - vpnv4 and vpnv6 handling has been included.
[bgpd] - Add 'set metric (rtt|+rtt|-rtt)' to route map handling.
[bgpd] - Addition of 'show ip bgp dampening' command tree.
[bgpd] - If route-map does not exist default to DENY for redistribute
statements
[bgpd] - Lower default 'timers connect' in BGP to 10 seconds.
[bgpd] - Enable "bgp log-neighbor-changes" by default
[bgpd] - Add support for timer commands with peer-group syntax
[bgpd] - Extend Dump to allow Extended Time Format
[babeld] - Removed from the distribution.
[isisd] - Allow the adjustment of lsp-mtu
[isisd] - Allow the import of routes from other protocols
[ospfd] - Add per interface 'ip ospf area' command
[ospfd] - Lower the default OSPF spf timers to '0 50 5000'
[ripngd] - Add ECMP support
[pimd] - Add multicast static routes.
[pimd] - Add ability to set DR priority for an interface
[pimd] - Add ability to modify hello and hold timers per interface
[vtysh] - Add 'show thread cpu ..' and 'show work-queues'
[vtysh] - Add 'show run <protocol>' command
[vtysh] - Fix history handling
Changelog:
Release 2.1.1 Februrary 10th 2016
UI improvements for HiDPI screens, error messages, RTL languages
Fix occurences of "Connection Closed" when a new unauthenticated TCP socket is used
Fix undeliberate WiFi scanning done by Qt Network classes
Several fixes/improvements to the sharing dialog
Several fixes/improvements to the server activity tab
Create the directory when using --confdir and it does not exist
Windows Overlay icons: Fix DLL and icon oddities
Mac Overlay icons: Don't install legacy Finder plugin on >= 10.10
Linux Overlay icons: Nemo plugin
Overlay icons: Fix several wrong icon state computations
Allow changeable upload chunk size in owncloud.cfg
Crash fixes on account deletion
Forget password on explicit sign-out
OS X: Fix the file system watcher ignoring unicode paths (#4424)
Windows Installer: Update to NSIS 2.50, fixes possible DLL injection
Sync Engine: .lnk files
Sync Engine: symlinked syn directories
Sync Engine: Windows: Fix deleting and replacing of read-only files (#4308, #4277)
Sync Engine: Fixes for files becoming directories and vice versa (#4302)
Misc other fixes/improvements
* Use RegEx literal instead of String literal
* Use regex literals instead of string literals for char class ranges that might get minized and decomposed
* added FULLWIDTH TILDE U+FF5E as a valid hashtag special character
* added WAVE DASH U+301C as a valid hashtag special character
* Ignore Emojified # or keycap # when scanning for hashtags
* Support Cyrillic characters in URLs path section
* Version in bower file is deprecated, rely solely on git tag
* also add a bower badge and removed old repo list
* Update bower.json
* update tlds and forward exit code from rake tests
* add desc, license and fix source_files for podfile
ipaddress 0.8.2
CHANGED merged bundler branch to cleanup gemspec and Rakefiles
FIXED IPAddress::IPv4.split handling (Issue #40)
NEW Added #[]= method to IPv4/6 classes to add octet writing support. (Issue #24)
NEW IPV4#multicast?
NEW IPV4#loopback?
NEW IPV4#to()
1.3.5b - Released 10-Mar-2016
--------------------------------
- Bug 4187 - mod_geoip does not load all of the GeoIPTables properly.
- Bug 4191 - "Incorrect string value" reported by mod_sql_mysql for some UTF8
characters.
- Bug 4097 - SSH rekey fails when using RSA hostkey smaller than 2048 bits.
- Bug 4198 - MLSD/MLST fact type "cdir" is incorrectly used for the current
working directory.
- Bug 4201 - HiddenStores temporary files not removed when exceeding quota
using SCP.
- Bug 4202 - MLSD lines not properly terminated with CRLF.
- Bug 4209 - Zero-length memory allocation possible, with undefined results.
- Bug 4210 - Avoid unbounded SFTP extended attribute key/values.
- Bug 4212 - Ensure that FTP data transfer commands fail appropriately when
"RootRevoke on" is in effect.
- Bug 4217 - Handle FTP re-authentication attempts better.
- Bug 4223 - Permissions on files uploaded via STOU do not honor configured
Umask.
- Bug 4227 - Support SFTP clients that send multiple INIT requests.
- Bug 4230 - TLSDHParamFile directive appears ignored because unexpected DH is
chosen.
2016/03/14 : 1.6.4
- BUG/MINOR: http: fix several off-by-one errors in the url_param
parser
- BUG/MINOR: http: Be sure to process all the data received from a
server
- BUG/MINOR: chunk: make chunk_dup() always check and set
dst->size
- MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
- MINOR: chunks: add chunk_strcat() and chunk_newstr()
- MINOR: chunk: make chunk_initstr() take a const string
- MINOR: lru: new function to delete <nb> least recently used keys
- DOC: add Ben Shillito as the maintainer of 51d
- BUG/MINOR: 51d: Ensures a unique domain for each configuration
- BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy
best practices.
- BUG/MINOR: 51d: Releases workset back to pool.
- BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
- CLEANUP: 51d: Aligned if statements with HAProxy best practices
and removed casts from malloc.
- DOC: fix a few spelling mistakes
- DOC: fix "workaround" spelling
- BUG/MINOR: examples: Fixing haproxy.spec to remove references to
.cfg files
- MINOR: fix the return type for dns_response_get_query_id()
function
- MINOR: server state: missing LF (\n) on error message printed
when parsing server state file
- BUG/MEDIUM: dns: no DNS resolution happens if no ports provided
to the nameserver
- BUG/MAJOR: servers state: server port is erased when dns
resolution is enabled on a server
- BUG/MEDIUM: servers state: server port is used uninitialized
- BUG/MEDIUM: config: Adding validation to stick-table expire
value.
- BUG/MEDIUM: sample: http_date() doesn't provide the right day of
the week
- BUG/MEDIUM: channel: fix miscalculation of available buffer
space.
- MEDIUM: pools: add a new flag to avoid rounding pool size up
- BUG/MEDIUM: buffers: do not round up buffer size during
allocation
- BUG/MINOR: stream: don't force retries if the server is DOWN
- BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch
the table
- MINOR: unix: don't mention free ports on EAGAIN
- BUG/CLEANUP: CLI: report the proper field states in "show sess"
- MINOR: stats: send content-length with the redirect to allow
keep-alive
- BUG: stream_interface: Reuse connection even if the output
channel is empty
- DOC: remove old tunnel mode assumptions
- BUG/MAJOR: http-reuse: fix risk of orphaned connections
- BUG/MEDIUM: http-reuse: do not share private connections across
backends
- BUG/MINOR: ssl: Be sure to use unique serial for regenerated
certificates
- BUG/MINOR: stats: fix missing comma in stats on agent drain
- BUG/MINOR: lua: unsafe initialization
- DOC: lua: fix somme errors
- DOC: add server name at rate-limit sessions example
- BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
- BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
- DOC: LUA: fix some typos and syntax errors
- MINOR: cfgparse: warn for incorrect 'timeout retry' keyword
spelling in resolvers
- MINOR: mailers: increase default timeout to 10 seconds
- MINOR: mailers: use <CRLF> for all line endings
- BUG/MAJOR: lua: applets can't sleep.
- BUG/MINOR: server: some prototypes are renamed
- BUG/MINOR: lua: Useless copy
- BUG/MEDIUM: stats: stats bind-process doesn't propagate the
process mask correctly
- BUG/MINOR: server: fix the format of the warning on address
change
- BUG/MEDIUM: chunks: always reject negative-length chunks
- BUG/MINOR: systemd: ensure we don't miss signals
- BUG/MINOR: systemd: report the correct signal in debug message
output
- BUG/MINOR: systemd: propagate the correct signal to haproxy
- MINOR: systemd: ensure a reload doesn't mask a stop
- BUG/MEDIUM: cfgparse: wrong argument offset after parsing server
"sni" keyword
- CLEANUP: stats: Avoid computation with uninitialized bits.
- CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
- CLEANUP: map: Avoid memory leak in out-of-memory condition.
- BUG/MINOR: tcpcheck: fix incorrect list usage resulting in
failure to load certain configs
- BUG/MAJOR: samples: check smp->strm before using it
- MINOR: sample: add a new helper to initialize the owner of a
sample
- MINOR: sample: always set a new sample's owner before evaluating
it
- BUG/MAJOR: vars: always retrieve the stream and session from the
sample
- CLEANUP: payload: remove useless and confusing nullity checks
for channel buffer
- BUG/MINOR: ssl: fix usage of the various sample fetch functions
- MINOR: cfgparse: warn when uid parameter is not a number
- MINOR: cfgparse: warn when gid parameter is not a number
- BUG/MINOR: standard: Avoid free of non-allocated pointer
- BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
- CLEANUP: http: fix a build warning introduced by a recent fix
- BUG/MINOR: log: GMT offset not updated when entering/leaving DST
0.3.5
#466: Fixed a small issue that can effect new installions. Existing working installations do not need to upgrade.
0.3.4
Last build was broken, contained data in the Specific/ directory. This affected new installs but not upgrades.
0.3.3
#457: The realm was not correctly set from configuration for Digest auth.
Reduced memory usage in upgrade script. Should help with upgrading large databases.
Removed BAIKAL_PATH_SABREDAV setting. It was no longer used.
