From www.quagga.net:
Stable release candidate
Most regressions in 0.99 over 0.98 are now believed to be fixed. This
release should be considered a release-candidate for a new stable
series, and we urge any remaining users of 0.98 to test this release
and report any bugs. A blocker meta-bug exists to track critical
regressions.
bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
Initial support for TCP-MD5 has been merged. This adds the neighbor
... password command, and some support for setting TCP-MD5 on
pure-IPv4 connections on Linux. On Linux systems with IPv6 available,
passing the -l 0.0.0.0 argument to bgpd may allow TCP-MD5 support to
work. It's not possible at this point to have IPv6 sessions and also
use TCP-MD5 on IPv4 sessions. This will hopefully be rectified in a
future release.
bgpd: Fix double-free crash in bgp_table_finish, seen with rs-client
Though diagnosed with rs-clients, this fix very likely addresses a
number of crashes reported to Quagga bugzilla.
zebra: ignore dead routes in RIB update
This fix may address some issues reported with routes not being
consistent between the zebra RIB and the kernel FIB, remaining after
the fixes in last release.
Solaris: Sync SMF bits with OpenSolaris SFW
The Quagga packaging support for Solaris has been updated to
synchronise with OpenSolaris SFW. Of particular note is that SMF
schema has been updated to match the Sun PSARC approved schema, which
is supported by the OpenSolaris routeadm utility. User's may need to
familiarise themselves with the changed FMRIs, and may need to update
any administrative scripts.
From NEWS:
* Changes in Quagga 0.99.10
- [bgpd] 4-byte AS support added
- [bgpd] MRT format changes to version 2. Those relying on
bgpd MRT table dumps may need to update their tools.
- [bgpd] Added new route-map set statement: "as-path exclude"
- Zebra RIB updates queue has evolved into a multi-level
structure to address RIB consistency issues.
* Many WHOIS data updates and translation updates; 4 new translations
* Reset euid and egid to uid and gid before calling the user specified browser
* Added support for libidn
* Added patch to support conversion of whois server output to local charset.
* Changed to GNU GPL v3
Local change: WHOIS servers for some geographical subdomains in .ru and .su TLDs.
OK by wiz@.
Version 2.1.2
(December 29, 2008)
* Removed "See --manual" from --version output
* Added support for evisortv
- http://code.google.com/p/clive/issues/detail?id=4
* Fixed: reused incorrectly last http error code for remaining urls in queue
* Fixed: progressbar reported 100% even if error had occurred (e.g. http/403)
Version 2.1.1
(December 19, 2008)
* Fixed "Requested range was not delivered by the server (http/33)" w/ -c
- this would occur with a batch of URLs while using the --continue option,
e.g. if the first file was continued, the following page fetches exited
with the above error
* Added --savebatch option
* Added --overwrite option
* Replaced the buggy progressbar with a "lazy man's progressbar"
* Fixed "print() on closed filehandle STDOUT" with --grep+delete
* Fixed progressbar display with --continue
Version 2.1.0
(December 10, 2008)
NOTE: Changed license GPL3 => ISC/OpenBSD.
* Added --modversion option
* Replaced Term::Progressbar with a built-in thermometer progressbar
* Removed --progress=bar:nominor support due to above changes
* Added liveleakcom support
- http://code.google.com/p/clive/issues/detail?id=3
Version 2.0.0
(December 2, 2008)
* Fixed gvideo/mp4 support (http/404 even if the extraction link existed)
* Changed "found redirect" message
* Changed --play, --rencode status messages to use file basename
Version 2.0beta4
(November 22, 2008)
* Removed metacafe support until fixed (see known issues)
* Changed Youtube login to report if there were "too many login failures"
* Fixed Youtube login support: reported failures incorrectly as OK
* Added support clivepass(1) utility (http://code.google.com/p/clive-utils)
* Added support for metacafe and sevenload embed URL translation
version 2.0beta3
(November 1, 2008)
* Fixed pasting from clipboard containing multiple URLs
* Fixed page fetch progress glitch that occured with 1+ batches
* Added --agent option
* Added --proxy option
* Added --savedir option
* Added --cclass option
* Added --filename-format option
* Added --show-format option
* Added --youtube-user and --youtube-pass options
* Added --emit-xml option
* Added --progress=[none|bar|dot]
* Replaced --noprogress with --progress=none
* Added avg. transfer rate notification
* Fixed filename printing for existing output files (e.g. output.flv.1)
* Added --play option
* Fixed metacafe support (error: failed to extract videoCDNURL)
* Added --rencode option
Version 2.0beta2
(October 15, 2008)
* clive now ignores input lines that start with the '#' character
* Added support for CLIVE_CONFIGDIR environment variable
* Ported lastfm video support from 1.x
* --version now displays XML::Simple
* Changed "= Play:" to "=> Playing ..."
* Playing occurs now subsequently after going over the URL batch
Version 2.0beta1
(September 23, 2008)
A complete overhaul and rewrite of 1.x.
* Users are expected to use the --continue/-c option to resume transfers
* Configuration file format (=> INI), path was changed (=> ~/.config/clive)
* All extractions now assume flv as the default download format
* Users are expected to understand when/how use the --format/-f option
* Reading input from multiple sources is possible (e.g. % clive -x URL URL)
* Added: --grep: used to grep and recall cached URL entries
* Added: --background and --output=logfile, --append=logfile options
* Many old cmdline and config options were removed due to new design
* Improved GoogleVideo support: handles redirects to other hosts
* Pager is used where needed (e.g. --show/-s)
* Changed default output file naming format to "%n-(%i)-[%d].%s"
* Removed: guba (deadweight), myvideo (borked), dmotion (bitches @ anon users)
2522. [security] Handle -1 from DSA_do_verify().
2498. [bug] Removed a bogus function argument used with
ISC_SOCKET_USE_POLLWATCH: it could cause compiler
warning or crash named with the debug 1 level
of logging. [RT #18917]
--- 3.0.41 2008/12/29
Fixed Fixed test that makes VERSION_SHA1 appear on dist versions too.
--- 3.0.40 2008/12/29
For configure, using option --without-xml2 also disables Libxslt/Libexslt
support.
Fixed bug #2352: yaz-marcdump crashes for certain record.
Added man page 'bib1-attr' which includes list of common Bib-1 attributes.
Added support for Danmarc2 to UTF-8 conversion.
Added support for ISO5426 to UTF-8 conversion.
zget_InitRequest/zget_InitResponse returns GIT SHA1 hash as part of
implementation version.
Function yaz_version returns GIT SHA1 hash for parameter sha1_str.
--- 3.0.38 2008/11/10
ZOOM C now only fires one ZOOM_EVENT_SEARCH per search-task. Previously,
ZOOM_EVENT_SEARCH was fired for each searchRetrieve Response received.
ZOOM C now interprets databaseName option for ZOOM connection as path
(SRU "database").
Windows version bundled with Libxml2 2.7.1 / Libxslt 1.1.24 / ICU 4.0.
Fixed CCL to RPN/PQF conversion which could result in invalid PQF.
Dummy Libxml2 types no longer defined in headers of YAZ'.
Fixed memory violation for ZOOM C - could occur when SRU diagnostics was
received.
pkgsrc changes:
PKG_DESTDIR_SUPPORT= user-destdir
### 2.0.24.1 ###
- fixed several \0 char exploits in the TCP query interface which could cause database corruption
### 2.0.23.22 ###
- fixed a security issue which could enable an attcker to read files from your harddisk via the
servers built-in web administration interface
### 2.0.23.21 ###
- fixed a XSS bug in the servers built-in web administration interface
### 2.0.23.20 ###
- fixed a SQL injection issue which only affects servers running on MySQL databases
The MiniUPnP project offers software which supports the UPnP Internet Gateway
Device (IGD) specifications. Recently, NAT-PMP support was added to
MiniUPnPd. For client side NAT-PMP support, use libnatpmp.
UPnP and NAT-PMP are used to improve internet connectivity for devices behind
a NAT router. Any peer to peer network application such as games, IM, etc.
can benefit from a NAT router supporting UPnP and/or NAT-PMP.
The latest generation Microsoft XBOX 360 and Sony Playstation 3 game machines
use UPnP commands to enable the online play with the XBOX Live service and
the Playstation Network. It has been reported that miniupnpd is correctly
working with the two consoles.
Fixed the --script-updatedb command
Fixed several byte-order bugs in Traceroute
Service fingerprints in XML output are no longer be truncated
Added a UDP SNMPv3 probe to version detection
Zenmap no longer leaves any temporary files lying around.
*Lots* of Zenmap fixes
See CHANGELOG for all the details
pkgsrc changes:
- placate pkglint: fix SUBST_FILES.fixperl assignation and SUBST_SED.fixperl
style fix
Upstream changes:
4.022
In Util.xs 1.28
set uninitialized "carry" in XS bin2bcd to zero
This insidious bug only showed up on 64 bit hosts running perl 5.6.2
Thanks to Oliver Paukstadt <pstadt@sourcentral.org> for taking the
time to do the testing for me on his s390 system.
4.021 Wed Dec 10 11:09:36 PST 2008
Removed test code that produces a warning about all perl versions,
OOPS!! instead of just the buggy 5.8.0 - 5.8.5 versions.
Thanks to paul@city-fan.org for reporting this.
4.020 Tue Dec 9 16:25:46 PST 2008
cleaned up various typo's with good patch from
Rob Riepel <riepel@networking.Stanford.EDU>
thanks Rob.
revised UtilPP v1.7 to work around perl 5.8.4
failures with certain @_ operations of goto &sub...
see perl bug [ 23429]. Unfortunately, perl-5.8.4 is
the distribution of choice for many solaris boxes
ISC DHCP 4.1.x will have several new DHCPv6 features that were not in DHCP 4.0.x. These new features include:
* Support for the rapid-commit option on the client side
* Prefix Delegation support
* IA_TA address support
* A basic DHCPv6 relay agent
* basic DHCPv6 Leasequery support
which allows you to communicate with a Radius server from Perl. You can
just authenticate usernames/passwords via Radius, or comletely imitate
AAA requests and process server response.
Resolver could try unreachable servers multiple times.
Adb's handling of lame addresses was different for IPv4 and IPv6.
Remove NULL pointer dereference in dns_journal_print().
libbind: Out of bounds reference in dns_ho.c:addrsort.
Set initial timeout to 800ms.
TSIG context leak
For all the details see:
http://oldwww.isc.org/sw/bind/view/?release=9.4.3#RELEASE
Specifying a fixed query source port was broken.
Address race condition in the socket code.
Give TCP connections longer to complete.
libxml2: support versions 2.7.* in addition to 2.6.*.
Document -m (enable memory usage debugging) option for dig
Set initial timeout to 800ms.
For all the details see:
http://oldwww.isc.org/sw/bind/view/?release=9.5.1#RELEASE
timeval's seconds are "long" rather than "time_t". Passing these
seconds to localtime_r() breaks on 64-bit platforms where those types
aren't the same. Fixes PR 40323 from Andreas Burghardt.
PKGREVISION++ as a precaution, since I patched the source.
Add an "inet6" option for enabling IPv6 support.
Add a "ban" option for enabling mod_ban.
Make the "wrap" option compile all binaries successfully.
Fix generating language catalog with older versions of msgfmt.
configuration files and binaries in a number of cases. This should hopefully
fix them all. Without this patch they look in /etc only and fail to start
if the file is not present.
Based on PR 40241 by Taylor R Campbell.
While here, add DESTDIR support.
Changes in version 0.2.0.32 - 2008-11-20
o Security fixes:
- The "User" and "Group" config options did not clear the
supplementary group entries for the Tor process. The "User" option
is now more robust, and we now set the groups to the specified
user's primary group. The "Group" option is now ignored. For more
detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
- The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.
o Major bugfixes:
- Fix a DOS opportunity during the voting signature collection process
at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
o Major bugfixes (hidden services):
- When fetching v0 and v2 rendezvous service descriptors in parallel,
we were failing the whole hidden service request when the v0
descriptor fetch fails, even if the v2 fetch is still pending and
might succeed. Similarly, if the last v2 fetch fails, we were
failing the whole hidden service request even if a v0 fetch is
still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha.
- When extending a circuit to a hidden service directory to upload a
rendezvous descriptor using a BEGIN_DIR cell, almost 1/6 of all
requests failed, because the router descriptor has not been
downloaded yet. In these cases, do not attempt to upload the
rendezvous descriptor, but wait until the router descriptor is
downloaded and retry. Likewise, do not attempt to fetch a rendezvous
descriptor from a hidden service directory for which the router
descriptor has not yet been downloaded. Fixes bug 767. Bugfix
on 0.2.0.10-alpha.
o Minor bugfixes:
- Fix several infrequent memory leaks spotted by Coverity.
- When testing for libevent functions, set the LDFLAGS variable
correctly. Found by Riastradh.
- Avoid a bug where the FastFirstHopPK 0 option would keep Tor from
bootstrapping with tunneled directory connections. Bugfix on
0.1.2.5-alpha. Fixes bug 797. Found by Erwin Lam.
- When asked to connect to A.B.exit:80, if we don't know the IP for A
and we know that server B rejects most-but-not all connections to
port 80, we would previously reject the connection. Now, we assume
the user knows what they were asking for. Fixes bug 752. Bugfix
on 0.0.9rc5. Diagnosed by BarkerJr.
- If we overrun our per-second write limits a little, count this as
having used up our write allocation for the second, and choke
outgoing directory writes. Previously, we had only counted this when
we had met our limits precisely. Fixes bug 824. Patch from by rovv.
Bugfix on 0.2.0.x (??).
- Remove the old v2 directory authority 'lefkada' from the default
list. It has been gone for many months.
- Stop doing unaligned memory access that generated bus errors on
sparc64. Bugfix on 0.2.0.10-alpha. Fixes bug 862.
- Make USR2 log-level switch take effect immediately. Bugfix on
0.1.2.8-beta.
o Minor bugfixes (controller):
- Make DNS resolved events into "CLOSED", not "FAILED". Bugfix on
0.1.2.5-alpha. Fix by Robert Hogan. Resolves bug 807.
GNOME VFS provides an abstraction layer of the file system; applications
use this layer to access many different protocols and simulate that they
are part of the local file system.
This package provides the dns-sd module for GNOME VFS, which allows it to
discover sftp, webdav, and ftp services advertised with multicast DNS.
then majorly reworked by myself. You can blame us both now ;)
Avahi is an Implementation the DNS Service Discovery and Multicast DNS
specifications for Zeroconf Computing. It uses D-BUS for communication
between user applications and a system daemon. The daemon is used to
coordinate application efforts in caching replies, necessary to minimize
the traffic imposed on networks.
This should fix PR#39952
MAKE_JOBS_SAFE=no
05 December 2008 - Version 2.1.3 has been released.
The focus of this release is stability.
Feature Improvements
* Allow running with user=radiusd and binding to secure sockets.
* Start sending Status-Server "are you alive" messages earlier, which helps with proxying multiple realms to a home server.
* Removed thread pool code from rlm_perl. It's not necessary.
* Added example Perl configuration to raddb/modules/perl
* Force OpenSSL to support certificates with SHA256. This seems to be necessary for WiMAX certs.
Bug Fixes
* Fix Debian patch to allow it to build.
* Fix potential NULL dereference in debugging mode on certain platforms for TTLS and PEAP inner tunnels.
* Fix uninitialized memory in handling of vendor definitions
* Fix parsing of quoted (but non-string) attributes in the users< file.
* Initialize unknown NAS IP to 255.255.255.255, rather than 0.0.0.0
* use SUN_LEN in control socket, to avoid truncation on some platforms.
* Correct internal handling of debug condition to prevent it from being over-written.
* Check return code of regcomp in unlang, so that invalid regular expressions are caught rather than mishandled.
* Make rlm_sql use <ltdl.h>. Addresses bug #610.
* Document list "type = status" better. Closes bug #580.
* Set "default days" for certificates, because OpenSSL won't do it. This closes bug #615.
* Reference correct list in example raddb/modules/ldap. Closes#596.
* Increase default schema size for Acct-Session-Id to 64. Closes#540.
* Fix use of temporary files in dialup-admin. Closes#605 and addresses CVE-2008-4474.
* Addressed a number of minor issues found by Coverity.
* Added DHCP option 150 to the dictionary. Closes#618.
04 December 2008 - Version 2.1.2 has been released.
Due to packaging issues, 2.1.2 has been pulled from the net.
Noteable changes include:
NetBSD-5 support
Optional DBus and IPv6 support
ISC leasefile support removed
Support DHCP clients in multiple DNS domains
Re-read /etc/resolv.conf when an "interface up" event occurs
- improve chroot handling
- even stricter validation
- support for blocking DNS rebinding attacks
- DLV support
- bugfixes
The package now uses the normal net/ldns package instead of the local
copy.
- better TCP fallback, improved TSIG support
- namespace cleanup
- bugfixes
Require the new version and switch to normal runtime dependencies as it
is normally linked dynamically.
- improved IXFR support
- support for hmac-sha1 and hmac-sha256 in TSIG
- selection of source ip for notifies and zone requests
- NSEC3 is enabled by default
- option to disable CHAOS version support
- bugfixes
resolution of domain names. Normally this file is either static or maintained
by a local daemon, normally a DHCP daemon. But what happens if more than one
thing wants to control the file? Say you have wired and wireless interfaces to
different subnets and run a VPN or two on top of that, how do you say which one
controls the file? It's also not as easy as just adding and removing the
nameservers each client knows about as different clients could add the same
nameservers.
Enter resolvconf, the middleman between the network configuration services and
/etc/resolv.conf. resolvconf itself is just a script that stores, removes and
lists a full resolv.conf generated for the interface. It then calls all the
helper scripts it knows about so it can configure the real /etc/resolv.conf
and optionally any local nameservers other can libc.
Note this is the development version and this package is not marked
-devel.
(The version in NetBSD -current is also a development version.)
The patch is based on changes as seen in NetBSD's custom driver_netbsd.c
(as compared to driver_bsd.c).
The wpa_supplicant package provides a wireless client daemon that supports
WPA, WPA2 (IEEE 802.11i / RSN), and WEP. It implements key
negotiation with a WPA Authenticator and it controls the roaming
and IEEE 802.11 authentication/association of the wlan driver. It
supports several EAP authentication methods.
This package also includes the wpa_cli console frontend.
Requested by maintainer in PR 40128.
Changes since 3.0.711:
- Web: Add --no-macs option to hide mac addresses.
Thanks Dennis!
- Web: Make tables prettier.
- Host detail view now triggers a DNS lookup.
- Manpage tweaks, also move from section 1 to section 8.
- Track and show how long ago a host was last seen.
Suggested by: Prof A Olowofoyeku (The African Chief)
- Show pcap_stats (like number of packets dropped) in the web
interface and also upon exit.
Changes since version 0.11.9 respectively 0.7.9:
- Support for DHT.
- Cleanup and refactoring of the API.
- Enable PEX by default.
- A lot of bug fixes and minor improvements
gnome-nettool: GNOME interface for various networking tools
GNOME Nettool is a set of front-ends to various networking command-line
tools, like ping, netstat, ifconfig, whois, traceroute, finger.
