After long time, a new xine-ui version is now available. There are fixes
for security issues with playlists (upgrade recommended!), fixes for crashes,
memleaks and bugs. Functional enhancements and features are added,
appearance of non-skinned windows is harmonized (with more space for
text), translations are updated.
Change since version 5.0.41:
- Functionality added or changed:
- A new status variable, Com_call_procedure, indicates the number of calls
to stored procedures. (Bug#27994)
- NDB Cluster: The server source tree now includes scripts to simplify
building MySQL with SCI support. For more information about SCI
interconnects and these build scripts, see Section 15.9.1,
Configuring MySQL Cluster to use SCI Sockets. (Bug#25470)
- Prior to this release, when DATE values were compared with DATETIME values
the time portion of the DATETIME value was ignored. Now a DATE value is
coerced to the DATETIME type by adding the time portion as 00:00:00. To
mimic the old behavior use the CAST() function in the following way:
SELECT date_field = CAST(NOW() as DATE);. (Bug#28929)
- A large number of bugs including these security problems have been fixed:
- A malformed password packet in the
connection protocol could cause the server to crash. Thanks for Dormando
for reporting this bug and providing details and a proof of concept.
(Bug#28984)
- CREATE TABLE LIKE did not require any privileges on the source table. Now
it requires the SELECT privilege. (Bug#25578)
- In addition, CREATE TABLE LIKE was not isolated from alteration by other
connections, which resulted in various errors and incorrect binary log
order when trying to execute concurrently a CREATE TABLE LIKE statement
and either DDL statements on the source table or DML or DDL statements on
the target table. (Bug#23667)
When fixing vsftpd, other FTP server were broken as they return
different error codes for unmatching glob patterns. Basically ignore the
error code and just try the other pattern. chdir errors are still
considered fatal.
Bump version to 20070715.
- Updated c-ares to 1.4.0, TRE to 0.7.5
- chmode +L does no longer require chmode +l
- Oper blocks now can have CIDR, as in "userhost *@127.0.0.1/32";
- Services coders: SVSNOLAG/SVS2NOLAG (described in Changes) will allow a user to avoid fake lag (ie, flood as much as he/she wants).
- More intelligent accept() handling - that is, take in multiple times at a time instead of one per I/O loop
- A lot of bug fixes, basically.
- Install ares_dns.h too
- Brad House added ares_save_options() and ares_destroy_options() that can be
used to keep options for later re-usal when ares_init_options() is used.
- Brad House's man pages for ares_save_options() and ares_destroy_options()
were added.
- James Bursa reported a major memory problem when resolving multi-IP names
and I found and fixed the problem. It was added by Ashish Sharma's patch
two days ago.
* Removed unused tre_filter code.
* Fixed printf format string and argument types for 64 bit builds.
* Fixed params array signedness inconsistencies.
* Fixed not to build agrep if --disable-approx is used.
* Included GNU getopt implementation from gnulib.
* Fixed backtracking matcher to work if malloc(0) returns NULL.
* Removed guessing of best optimizing CFLAGS.
* Fixed agrep exit status when no matches found.
* Fixed regex parser on big-endian 64 bit architectures.
* Added support for the -q command line option.
Merge of audit-packages with various improvements:
* Version 20070714
Initial release of re-write in C
Add support for notfication of eol packages (-e)
Multiple levels of verbosity (e.g. -v -v)
Specify a custom config file to use (-c)
Query running config values (-Q)
Default to download .gz compress pkg-vulnerabilities file
Support for .bz2 compress pkg-vulnerabilities file
Verify signature on downloaded files (-s)
Thanks to tron@, jschauma@, agc@, joerg@ and pkgsrc-security@ for feedback
and testing.
changes:
-Add support for beryl in gnome-wm
-Make it possible to save a session with multiple clients that are the
same program
-bugfixes
-translation updates
