In addition to PR#45024 by ISIHARA Takanori,
* also update refrence manual and examples PDF document files.
* exactly depend on csh, some installed scripts are csh script.
Version 3.4.1:
* add 'idct' command.
* remove all input/output data type except float from 'frame', 'snr', 'us16',
and 'uscd' command.
* add input/output data type to many commands.
* show number of byte for all input/output data type in 'x2x' command.
* rename 'pcap' command to 'pcas' command.
* add new constant (octave and cent) to 'sopr' command.
* bug fixes.
In addition to PR#45023 by ISIHARA Takanori,
* LICENSE=gnu-gpl-v3
* register egg
* convert some buildlink to simple DEPENDS, because no contents to buildlink.
* drop dependency on py-elementtree, it's py24 way.
* honor PKGMANDIR.
v1.6.2.1 - September 21, 2009
+ Library artwork caching/displaying improvements
+ Lyricwiki screen scraping workaround
+ Replace Amazon.com cover art fetching with Rhapsody.com
+ Bug: Fix library sorting when adding, e.g., albums to playlist
+ Bug: Fix window positioning weirdness when unwithdrawing from systray
+ Bug: Fix album being labeled various artists when a duplicate exists
+ Bug: Fix album tracks in the info tab being out of order sometimes
+ Bug: Show songs with a missing date in info album listing
+ Bug: Library icons change after adding stream to playlist
+ Bug: Cpu spike, tooltips missing in library search results with gtk 2.16.2
The phpredis extension provides an API for communicating with the Redis
key-value store. It is released under the PHP License, version 3.01.
This code has been developed and maintained by Owlient from
November 2009 to March 2011.
Version 1.5.3beta07 [May 11, 2011]
Added expand_16 support to the high level interface.
Added named value and 'flag' gamma support to png_set_gamma. Made a minor
change from the previous (unreleased) ABI/API to hide the exact value used
for Macs - it's not a good idea to embed this in the ABI!
Moved macro definitions for PNG_HAVE_IHDR, PNG_HAVE_PLTE, and PNG_AFTER_IDAT
from pngpriv.h to png.h because they must be visible to applications
that call png_set_unknown_chunks().
Check for up->location !PNG_AFTER_IDAT when writing unknown chunks
before IDAT.
Version 1.5.3beta08 [May 16, 2011]
Improved "pngvalid --speed" to exclude more of pngvalid from the time.
Documented png_set_alpha_mode(), other changes in libpng.3/libpng-manual.txt
The cHRM chunk now sets the defaults for png_set_rgb_to_gray() (when negative
parameters are supplied by the caller), while in the absence of cHRM
sRGB/Rec 709 values are still used.
The bKGD chunk no longer overwrites the background value set by
png_set_background(), allowing the latter to be used before the file
header is read. It never performed any useful function to override
the default anyway.
Added memory overwrite and palette image checks to pngvalid.c
Previously palette image code was poorly checked. Since the transformation
code has a special palette path in most cases this was a severe weakness.
Minor cleanup and some extra checking in pngrutil.c and pngrtran.c. When
expanding an indexed image, always expand to RGBA if transparency is
present.
Version 1.5.3beta09 [May 17, 2011]
Reversed earlier 1.5.3 change of transformation order; move png_expand_16
back where it was. The change doesn't work because it requires 16-bit
gamma tables when the code only generates 8-bit ones. This fails
silently; the libpng code just doesn't do any gamma correction. Moving
the tests back leaves the old, inaccurate, 8-bit gamma calculations, but
these are clearly better than none!
Version 1.5.3beta10 [May 20, 2011]
png_set_background() and png_expand_16() did not work together correctly.
This problem is present in 1.5.2; if png_set_background is called with
need_expand false and the matching 16 bit color libpng erroneously just
treats it as an 8-bit color because of where png_do_expand_16 is in the
transform list. This simple fix reduces the supplied colour to 8-bits,
so it gets smashed, but this is better than the current behavior.
Added tests for expand16, more fixes for palette image tests to pngvalid.
Corrects the code for palette image tests and disables attempts to
validate palette colors.
Version 1.5.3rc01 [June 3, 2011]
No changes.
Version 1.5.3rc02 [June 7, 2011]
Fixed 1-byte uninitialized memory reference in png_format_buffer() (Bug
report by Frank Busse, related to CVE-2004-0421).
changes:
Security update regarding an integer overflow in xspf demuxer
Rewrite of the pulseaudio audio output module
Major updates in most language translations
Many miscellaneous fixes in decoders, demuxers and subtitles
3rd party libraries updates
A security and bug fix release. The security aspect is to mitigate the
"billion laughs" denial-of-service attack against XML parsers and XMPP
servers.
Other changes:
- Reject XML DTDs, comments and processing instructions, preventing
the "billion laughs" attack
- Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating
large data (such as large avatars)
Prosody automatically upgrades the table in-place if possible, see:
http://prosody.im/doc/mysql
- Fix for endless loop when parsing certain invalid JSON
- Fix PostgreSQL compatibility in prosody-migrator
- Fix timestamp parsing for DST (affecting MUC scrollback retrieval)
- mod_legacyauth now correctly disabled for unencrypted connections by default
- Components properly inherit SSL settings and certificates from their
'parent' hosts
- Prevent startup with no VirtualHost entries in the config file
Small list of changes:
2.1.7
* BOSH: Keep the order of stanzas when BOSH sends several
* CAPTCHA in MUC: New whitelist option
* CAPTCHA: New captcha_limit option
* Core: Disable all entity expansions
* Core: Do not accept XML with undefined prefixes
* ejabberdctl: New DIST_USE_INTERFACE restricts IP erlang listen
* ejabberdctl: New ERL_EPMD_ADDRESS that works since Erlang/OTP R14B03
* extauth: If script crashes, ejabberd should restart it
* If a module start fails during server start, stop erlang
* mod_blocking: New XEP-0191 Simple Communications Blocking
* mod_pres_counter: Prevent subscription flood
* mod_register: Access now also controls account unregistrations
* mod_shared_roster: Fix support for anonymous accounts in @all@
* mod_shared_roster: New @online@ directive
* New Indonesian translation
* Pubsub: Apply filtered notification to PEP last items
* Pubsub: Owner can delete any items from its own node
2.1.6
* BOSH: Fix rare loop, support vhosts, allow module restart
* Config: Default configuration allows registrations only from localhost
* Config: Support to change loglevel per module at runtime
* Erlang/OTP: Fix compatibility from R10B-9 to R14B01
* ODBC: Compatibility with PostgreSQL 9.0
* Privacy lists: Fix to allow block by group and subscription again
* Pubsub: Fix cross domain eventing
* Register: Added CAPTCHA, password strength and ip_access to mod_register
* Register: New mod_register_web, with CAPTCHA support
* S2S: New options to require encryption, and verify certificates
* Shared Rosters: Added mod_shared_roster_ldap
* Bind listener ports early and start accepting connections later
-fix more potential problems on reallocation failures (CVE-2011-1944)
-Fix memory corruption
also replace an error handling which doesn't recover from
integer overflow
bump PKGREV
AST-2011-002, AST-2011-003, AST-2011-004, AST-2011-005, and AST-2011-006.
===========================================================================
1.6.2.18:
The Asterisk Development Team has announced the release of Asterisk 1.6.2.18.
The release of Asterisk 1.6.2.18 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Only offer codecs both sides support for directmedia.
* Resolution of several DTMF based attended transfer issues.
NOTE: Be sure to read the ChangeLog for more information about these changes.
* Resolve deadlocks related to device states in chan_sip
* Fix channel redirect out of MeetMe() and other issues with channel softhangup
* Fix voicemail sequencing for file based storage.
* Guard against retransmitting BYEs indefinitely during attended transfers with
chan_sip.
In addition to the changes listed above, commits to resolve security issues
AST-2011-005 and AST-2011-006 have been merged into this release. More
information about AST-2011-005 and AST-2011-006 can be found at:
http://downloads.asterisk.org/pub/security/AST-2011-005.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.18
===========================================================================
1.6.2.17.3
The Asterisk Development Team has announced security releases for Asterisk
branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.
The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two
issues:
* File Descriptor Resource Exhaustion (AST-2011-005)
* Asterisk Manager User Shell Access (AST-2011-006)
The issues and resolutions are described in the AST-2011-005 and AST-2011-006
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-005 and AST-2011-006, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3
Security advisory AST-2011-005 and AST-2011-006 are available at:
http://downloads.asterisk.org/pub/security/AST-2011-005.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf
===========================================================================
1.6.2.17.2:
The Asterisk Development Team has announced security releases for Asterisk
branches 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.6.1.24, 1.6.2.17.2, and 1.8.3.2.
** This is a re-release of Asterisk 1.6.1.23, 1.6.2.17.1 and 1.8.3.1 which
contained a bug which caused duplicate manager entries (issue #18987).
The releases of Asterisk 1.6.1.24, 1.6.2.17.2, and 1.8.3.2 resolve two issues:
* Resource exhaustion in Asterisk Manager Interface (AST-2011-003)
* Remote crash vulnerability in TCP/TLS server (AST-2011-004)
The issues and resolutions are described in the AST-2011-003 and AST-2011-004
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-003 and AST-2011-004, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.2
Security advisory AST-2011-003 and AST-2011-004 are available at:
http://downloads.asterisk.org/pub/security/AST-2011-003.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-004.pdf
===========================================================================
1.6.2.17.1:
The Asterisk Development Team has announced security releases for Asterisk
branches 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.6.1.23, 1.6.2.17.1, and 1.8.3.1.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The releases of Asterisk 1.6.1.23, 1.6.2.17.1, and 1.8.3.1 resolve two issues:
* Resource exhaustion in Asterisk Manager Interface (AST-2011-003)
* Remote crash vulnerability in TCP/TLS server (AST-2011-004)
The issues and resolutions are described in the AST-2011-003 and AST-2011-004
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-003 and AST-2011-004, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.1
Security advisory AST-2011-003 and AST-2011-004 are available at:
http://downloads.asterisk.org/pub/security/AST-2011-003.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-004.pdf
===========================================================================
1.6.2.16.2:
The Asterisk Development Team has announced security releases for Asterisk
branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4.
The releases of Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4 resolve an
issue that when decoding UDPTL packets, multiple stack and heap based arrays can
be made to overflow by specially crafted packets. Systems configured for
T.38 pass through or termination are vulnerable. The issue and resolution are
described in the AST-2011-002 security advisory.
For more information about the details of this vulnerability, please read the
security advisory AST-2011-002, which was released at the same time as this
announcement.
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.16.2
Security advisory AST-2011-002 is available at:
http://downloads.asterisk.org/pub/security/AST-2011-002.pdf
AST-2011-002, AST-2011-003, AST-2011-004, AST-2011-005, and AST-2011-006.
===========================================================================
1.6.2.18:
The Asterisk Development Team has announced the release of Asterisk 1.6.2.18.
The release of Asterisk 1.6.2.18 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Only offer codecs both sides support for directmedia.
* Resolution of several DTMF based attended transfer issues.
NOTE: Be sure to read the ChangeLog for more information about these changes.
* Resolve deadlocks related to device states in chan_sip
* Fix channel redirect out of MeetMe() and other issues with channel softhangup
* Fix voicemail sequencing for file based storage.
* Guard against retransmitting BYEs indefinitely during attended transfers with
chan_sip.
In addition to the changes listed above, commits to resolve security issues
AST-2011-005 and AST-2011-006 have been merged into this release. More
information about AST-2011-005 and AST-2011-006 can be found at:
http://downloads.asterisk.org/pub/security/AST-2011-005.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.18
===========================================================================
1.6.2.17.3
The Asterisk Development Team has announced security releases for Asterisk
branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.
The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two
issues:
* File Descriptor Resource Exhaustion (AST-2011-005)
* Asterisk Manager User Shell Access (AST-2011-006)
The issues and resolutions are described in the AST-2011-005 and AST-2011-006
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-005 and AST-2011-006, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3
Security advisory AST-2011-005 and AST-2011-006 are available at:
http://downloads.asterisk.org/pub/security/AST-2011-005.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf
===========================================================================
1.6.2.17.2:
The Asterisk Development Team has announced security releases for Asterisk
branches 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.6.1.24, 1.6.2.17.2, and 1.8.3.2.
** This is a re-release of Asterisk 1.6.1.23, 1.6.2.17.1 and 1.8.3.1 which
contained a bug which caused duplicate manager entries (issue #18987).
The releases of Asterisk 1.6.1.24, 1.6.2.17.2, and 1.8.3.2 resolve two issues:
* Resource exhaustion in Asterisk Manager Interface (AST-2011-003)
* Remote crash vulnerability in TCP/TLS server (AST-2011-004)
The issues and resolutions are described in the AST-2011-003 and AST-2011-004
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-003 and AST-2011-004, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.2
Security advisory AST-2011-003 and AST-2011-004 are available at:
http://downloads.asterisk.org/pub/security/AST-2011-003.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-004.pdf
===========================================================================
1.6.2.17.1:
The Asterisk Development Team has announced security releases for Asterisk
branches 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.6.1.23, 1.6.2.17.1, and 1.8.3.1.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The releases of Asterisk 1.6.1.23, 1.6.2.17.1, and 1.8.3.1 resolve two issues:
* Resource exhaustion in Asterisk Manager Interface (AST-2011-003)
* Remote crash vulnerability in TCP/TLS server (AST-2011-004)
The issues and resolutions are described in the AST-2011-003 and AST-2011-004
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-003 and AST-2011-004, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.1
Security advisory AST-2011-003 and AST-2011-004 are available at:
http://downloads.asterisk.org/pub/security/AST-2011-003.pdfhttp://downloads.asterisk.org/pub/security/AST-2011-004.pdf
===========================================================================
1.6.2.17:
The Asterisk Development Team has announced the release of Asterisk 1.6.2.17.
The release of Asterisk 1.6.2.17 resolves several issues reported by the
community and would have not been possible without your participation.
The following is a sample of the issues resolved in this release:
* Resolve duplicated data in the AstDB when using DIALGROUP()
* Correct issue where res_config_odbc could populate fields with invalid data.
* When using cdr_pgsql the billsec field was not populated correctly on
unanswered calls.
* Resolve issue where re-transmissions of SUBSCRIBE could break presence.
* Fix regression causing forwarding voicemails to not work with file storage.
* This version of Asterisk includes the new Compiler Flags option
BETTER_BACKTRACES which uses libbfd to search for better symbol information
within both the Asterisk binary, as well as loaded modules, to assist when
using inline backtraces to track down problems.
* Resolve several issues with DTMF based attended transfers.
NOTE: Be sure to read the ChangeLog for more information about these changes.
* Resolve issue where no Music On Hold may be triggered when using
res_timing_dahdi.
* Fix regression that changed behavior of queues when ringing a queue member.
Additionally, this release has the changes related to security bulletin
AST-2011-002 which can be found at
http://downloads.asterisk.org/pub/security/AST-2011-002.pdf
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.17
===========================================================================
1.6.2.16.2:
The Asterisk Development Team has announced security releases for Asterisk
branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4.
The releases of Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4 resolve an
issue that when decoding UDPTL packets, multiple stack and heap based arrays can
be made to overflow by specially crafted packets. Systems configured for
T.38 pass through or termination are vulnerable. The issue and resolution are
described in the AST-2011-002 security advisory.
For more information about the details of this vulnerability, please read the
security advisory AST-2011-002, which was released at the same time as this
announcement.
For a full list of changes in the current release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.16.2
Security advisory AST-2011-002 is available at:
http://downloads.asterisk.org/pub/security/AST-2011-002.pdf
=============================================================================
Changes:
New features
* Support to preview images for Twitter official image upload service.
* If extracted short URL is gotten with Twitter API, use it.
Fixes
* fixes link string position gap on timeline.
* some memory leaks.
Required for updating chat/prosody to 0.8.1, which helps handle the
"billion laughs" exploits on XML parsers and XMPP servers.
Change log as recorded in the README:
Version 1.2.0 [02/Jun/2011]
* support for the StartDoctypeDecl handler
* add parser:stop() to abort parsing inside a callback
* Danish translation update. Closes: #625721
* Danish underlay translation update. Closes: #625765
(Thanks, Jonas Smedegaard)
* Support YAML::XS by not passing decoded unicode to Load. Closes: #625713
* openid, aggregate, pinger: Use Net::INET6Glue if available to
support making ipv6 connections. (Note that if LWPx::ParanoidAgent
is installed, it defeats this for openid.)
* Add additional directive quoting styles, to better support nested
directives. Both triple-single-quote and heredoc quotes can be used.
(Thanks, Timo Paulssen)
* Changed license of madduck's python plugins from GPL-2 to BSD-2-clause.
* po: support language codes in the form of 'es_AR', and 'arn'. (intrigeri)
Closes: #627844
* po: Make po4a warn, not error on a malformed document. (intrigeri)
* Support the Hiawatha web server which sets HTTPS=off rather than not
setting it. (There does not seem to be a standard here.)
pkgsrc changes:
* Adjust local modifications to improve our upstream chances.
* Quell pkglint.
* Indent consistently.
