pkgsrc changes:
- We now need to run 'make depend' after configure to pick up algorithm
selection changes.
Upstream changes:
Changes between 1.0.2d and 1.0.2e [3 Dec 2015]
*) BN_mod_exp may produce incorrect results on x86_64
There is a carry propagating bug in the x86_64 Montgomery squaring
procedure. No EC algorithms are affected. Analysis suggests that attacks
against RSA and DSA as a result of this defect would be very difficult to
perform and are not believed likely. Attacks against DH are considered just
feasible (although very difficult) because most of the work necessary to
deduce information about a private key may be performed offline. The amount
of resources required for such an attack would be very significant and
likely only accessible to a limited number of attackers. An attacker would
additionally need online access to an unpatched system using the target
private key in a scenario with persistent DH parameters and a private
key that is shared between multiple clients. For example this can occur by
default in OpenSSL DHE based SSL/TLS ciphersuites.
This issue was reported to OpenSSL by Hanno Böck.
(CVE-2015-3193)
[Andy Polyakov]
*) Certificate verify crash with missing PSS parameter
The signature verification routines will crash with a NULL pointer
dereference if presented with an ASN.1 signature using the RSA PSS
algorithm and absent mask generation function parameter. Since these
routines are used to verify certificate signature algorithms this can be
used to crash any certificate verification operation and exploited in a
DoS attack. Any application which performs certificate verification is
vulnerable including OpenSSL clients and servers which enable client
authentication.
This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG).
(CVE-2015-3194)
[Stephen Henson]
*) X509_ATTRIBUTE memory leak
When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
memory. This structure is used by the PKCS#7 and CMS routines so any
application which reads PKCS#7 or CMS data from untrusted sources is
affected. SSL/TLS is not affected.
This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
libFuzzer.
(CVE-2015-3195)
[Stephen Henson]
*) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
This changes the decoding behaviour for some invalid messages,
though the change is mostly in the more lenient direction, and
legacy behaviour is preserved as much as possible.
[Emilia Käsper]
*) In DSA_generate_parameters_ex, if the provided seed is too short,
return an error
[Rich Salz and Ismo Puustinen <ismo.puustinen@intel.com>]
MySQL Server RPM packages now contain a conflict indicator for MySQL Connector C, such that an error occurs when installing MySQL Server if MySQL Connector C is also installed. To install MySQL Server, remove any MySQL Connector C packages first.
mysql_upgrade now attempts to print more informative errors than FATAL ERROR: Upgrade failed.
These client programs now support the --enable-cleartext-plugin option: mysqlcheck, mysqldump, mysqlimport, mysqlshow. This option enables the mysql_clear_password cleartext authentication plugin. (See The Cleartext Client-Side Authentication Plugin.)
Bugs Fixed
Fix auto export symbols for Dlls containing /bigobj for 64bit builds.
Cray: Implement Fortran compiler version detection
MSVC: Fix linking with /MANIFEST:NO option
Make C and C++ default dialect detection robust to advanced optimizations
FindGTest: Refactor test type checks to avoid cases triggering CMP0064
Android: Restore generation of non-versioned soname
Project: Guess default standard dialect if compiler was forced
Revert "Disable shared library support when compiler links statically"
Tests: Add case for add_subdirectory inside a function
Tests: Add case for unmatched cmake_policy({PUSH,POP})
Tests: Add case for package version file unmatched policy scope
cmState: Skip variable scope snapshots to avoid call stack duplicates
cmMakefile: Clarify purpose of method that pops a scope snapshot
cmMakefile: Remove unused PolicyPushPop interfaces
cmLocalGenerator: Use ScopePushPop RAII class to manage local variable scopes
cmState: Enforce policy scope balancing around variable scopes
cmLinkedTree: Rename 'Extend' method to 'Push'
cmLinkedTree: Add Pop method
cmListFileCache: Implement cmListFileBacktrace ctor/dtor out-of-line
cmState: Avoid accumulating policy stack storage for short-lived scopes
cmState: Avoid accumulating snapshot storage for short-lived scopes
cmOrderDirectories: Factor out directory comparison
cmOrderDirectories: Reduce repeat realpath() calls
Include `sys/types.h` header to get `mode_t`
Add NIOS2 CPU support
cmELF: Avoid divide by zero if there are no dynamic section entries
o fix a program hang upon invalid utf-8 sequences
o /set log and /window log no longer double the output
o /lastlog no longer adds trailing ^Os to log files
this also fixes an assert() in /server.
New features
- core: add completion "colors" (issue #481)
- core: start/stop search in buffer at current scroll position by default, add
key Ctrl+q to stop search and reset scroll (issue #76, issue #393)
- core: add option weechat.look.key_grab_delay to set the default delay when
grabbing a key with Alt+k
- core: add option weechat.look.confirm_upgrade (issue #463)
- core: allow Ctrl+c to exit WeeChat when the passphrase is asked on startup
(issue #452)
- core: allow pointer as list name in evaluation of hdata (issue #450)
- core: add signal "signal_sighup"
- api: add support of evaluated sub-strings and current date/time in function
string_eval_expression() and command /eval
- api: add function string_eval_path_home()
- alias: add options "add", "addcompletion" and "del" in command /alias, remove
command /unalias (issue #458)
- irc: add option irc.network.channel_encode (issue #218, issue #482)
- irc: add option irc.color.topic_current (issue #475)
- irc: evaluate content of server option "nicks"
- logger: evaluate content of option logger.file.path (issue #388)
- relay: display value of HTTP header "X-Real-IP" for websocket connections
(issue #440)
- script: rename option script.scripts.dir to script.scripts.path, evaluate
content of option (issue #388)
- xfer: evaluate content of options xfer.file.download_path and
xfer.file.upload_path (issue #388)
Bugs fixed
- core: flush stdout/stderr after sending text directly on them (fix corrupted
data sent to hook_process() callback) (issue #442)
- core: allow execution of command "/input return" on a buffer which is not
displayed in a window
- core: allow jump from current to previous buffer with default keys Alt+j, NN
(issue #466)
- core: fix crash if a file descriptor used in hook_fd() is too high (> 1024 on
Linux/BSD) (issue #465)
- core: fix display of invalid UTF-8 chars in bars
- core: fix bar item "scroll" after /buffer clear (issue #448)
- core: fix display of time in bare display when option
weechat.look.buffer_time_format is set to empty string (issue #441)
- api: add missing function infolist_search_var() in script API (issue #484)
- api: add missing function hook_completion_get_string() in script API (issue #484)
- api: fix type of value returned by functions strcasestr, utf8_prev_char,
utf8_next_char, utf8_add_offset and util_get_time_string
- api: fix type of value returned by function strcasestr
- fifo: fix send error on Cygwin when something is received in the pipe (issue #436)
- irc: fix update of lag item when the server lag changes
- irc: do not allow command /query with a channel name (issue #459)
- irc: decode/encode only text in IRC messages and not the headers (bug #29886,
issue #218, issue #451)
- irc: fix crash with commands /allchan, /allpv and /allserv if the executed
command closes buffers (issue #445)
- irc: do not open auto-joined channels buffers when option "-nojoin" is used
in command /connect (even if the option irc.look.buffer_open_before_autojoin
is on)
- irc: fix errors displayed on WHOX messages received (issue #376)
- lua: add detection of Lua 5.3
- ruby: add detection of Ruby 2.2
- xfer: fix crash if the DCC file socket number is too high (> 1024 on
Linux/BSD) (issue #465)
- xfer: fix parsing of DCC chat messages (handle "\r\n" at the end of messages)
(issue #425, issue #426)
- doc: replace PREFIX with CMAKE_INSTALL_PREFIX in cmake instructions (issue #354)
findnewest recursively scans the directories given on the command
line and prints the UNIX timestamp (seconds since UNIX epoch) of
the newest file found.
PHP 7.0.0 comes with a new version of the Zend Engine, numerous improvements
and new features such as
* Improved performance: PHP 7 is up to twice as fast as PHP 5.6
* Significantly reduced memory usage
* Abstract Syntax Tree
* Consistent 64-bit support
* Improved Exception hierarchy
* Many fatal errors converted to Exceptions
* Secure random number generator
* Removed old and unsupported SAPIs and extensions
* The null coalescing operator (??)
* Return and Scalar Type Declarations
* Anonymous Classes
* Zero cost asserts
--------------------------
2015-11-26 David Freese <iam_w1hkj@w1hkj.com>
16ede08: flrig xmlrpc
=Version 3.23.06=
3f577d9: WO woes
482d060: Smeter PWRmeter
e08e403: ARQ shutdown
2015-11-20 John Phelps <kl4yfd@gmail.com>
0b5b329: Developer Doxygen and BerliOS clean
- Cleaned and Fixed develo per Doxygen files
- Added GitStats to the Dev Doxygen info
-- run ./scripts/doxygen/gen_doxygen_docs.sh
2015-11-20 David Freese <iam_w1hkj@w1hkj.com>
b19fff8: Documentation
55e0d31: Compiler warnings
