** Security-related Bugfix
- Fix flaw that would allow a person who knows a storage index of a file to
delete shares of that file (#1528).
- Remove corner cases in mutable file bounds management which could expose
extra lease info or old share data (from prior versions of the mutable
file) if someone with write authority to that mutable file exercised these
corner cases in a way that no actual Tahoe-LAFS client does. (Probably not
exploitable.) (#1528).
Quote from release announce:
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.21 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix release:
* SECURITY: CVE-2011-3348 (cve.mitre.org)
mod_proxy_ajp when combined with mod_proxy_balancer: Prevents
unrecognized HTTP methods from marking ajp: balancer members
in an error state, avoiding denial of service.
* SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Further fixes to the handling of byte-range requests to use
less memory, to avoid denial of service. This patch includes fixes
to the patch introduced in release 2.2.20 for protocol compliance,
as well as the MaxRanges directive.
Note the further advisories on the state of CVE-2011-3192 will no longer
be broadcast, but will be kept up to date at;
http://httpd.apache.org/security/CVE-2011-3192.txt
We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.
Target "errorcheck" ("configure") cannot work in parallel.
Fix bug appeared in parallel builds (make -j).
Thanks to Alexander Nasonov.
Support for IRIX64 and Haiku was implemented.
PDF presentation update
Minor clean-ups
to kernel.org issues.
1.7.6.3:
* "git -c var=value subcmd" misparsed the custom configuration when
value contained an equal sign.
* "git fetch" had a major performance regression, wasting many
needless cycles in a repository where there is no submodules
present. This was especially bad, when there were many refs.
* "git reflog $refname" did not default to the "show" subcommand as
the documentation advertised the command to do.
* "git reset" did not leave meaningful log message in the reflog.
* "git status --ignored" did not show ignored items when there is no
untracked items.
* "git tag --contains $commit" was unnecessarily inefficient.
Also contains minor fixes and documentation updates.
1.7.6.2:
Junio C Hamano (3):
whitespace: have SP on both sides of an assignment "="
Revert "Merge branch 'cb/maint-quiet-push' into maint"
Git 1.7.6.2
Pang Yan Han (1):
update-ref: whitespace fix
Thomas Rast (1):
Documentation: clarify effects of -- <path> arguments
2011-09-12 (1.6.0)
* Extract utilities (prettifier and GUI-editor) in its own gem json-utils.
* Split json/add/core into different files for classes to be serialised.
(Dependency to devel/ruby-spruz has gone to force coming ruby-json-utils.)
2011-09-12 (1.6.0)
* Extract utilities (prettifier and GUI-editor) in its own gem json-utils.
* Split json/add/core into different files for classes to be serialised.
and isc-dhcrelay4. Here is quote from DHCP 4.2.2 Release Notes.
(http://ftp.isc.org/isc/dhcp/dhcp-4.2.2-RELNOTES)
Internet Systems Consortium DHCP Distribution
Version 4.2.2
27 July 2011
Release Notes
NEW FEATURES
ISC DHCP 4.2.x includes features that were not included in DHCP 4.1.x.
These include:
Processing the DHCP to DNS server transactions in an asynchronous fashion.
The DHCP server or client can now continue with it's processing while
awaiting replies from the DNS server.
There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:
- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
- DHCPv6 includes human-readable text in status code messages, in
English. A method to reconfigure or support other languages would
be preferable.
- The "host-identifier" option is limited to a simple token.
- The client and server can only operate DHCPv4 or DHCPv6 at a time,
not both. To use both protocols simultaneously, two instances of the
relevant daemon are required, one with the '-6' command line option.
For information on how to install, configure and run this software, as
well as how to find documentation and report bugs, please consult the
README file.
ISC DHCP uses standard GNU configure for installation. Please review the
output of "./configure --help" to see what options are available.
The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.
Changes since 4.2.2rc1
! Two packets were found that cause a server to halt. The code
has been updated to properly process or reject the packets as
appropriate. Thanks to David Zych at University of Illinois
for reporting this issue. [ISC-Bugs #24960]
One CVE number for each class of packet.
CVE-2011-2748
CVE-2011-2749
Changes since 4.2.2b1
- Strict checks for content of domain-name DHCPv4 option can now be
configured during compilation time. Even though RFC2132 does not allow
to store more than one domain in domain-name option, such behavior is
now enabled by default, but this may change some time in the future.
See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
[ISC-Bugs #24167]
- DNS Update fix. A misconfigured server could crash during DNS update
processing if the configuration included overlapping pools or
multiple fixed-address entries for a single address. This issue
affected both IPv4 and IPv6. The fix allows a server to detect such
conditions, provides the user with extra information and recommended
steps to fix the problem. If the user enables the appropriate option
in site.h then server will be terminated
[ISC-Bugs #23595]
2011-09-07
* version 3.1.2
2011-08-03
* src/quick_search.c: applied a patch to fix quick search text color
on dark themes (thanks to speps).
2011-06-24
* src/update_check.c: win32: also check the file size of updater exe.
2011-06-24
* libsylph/utils.c: my_tmpfile(): win32: fixed a memory leak.
unix: removed alloca().
The PostgreSQL BuildFarm is a distributed build system designed to
detect build failures of the source code of PostgreSQL on a large
collection of platforms and configurations. This is the client
software that enables to perform automated test builds and checks.
FntSample is a tool that can be used to make font samples that show coverage
of the font and are similar in appearance to Unicode Charts.
# Support for various font formats using FreeType library, including
TrueType, OpenType, and Type1.
# Creating samples in PDF, PostScript, and SVG formats.
# Adding outlines with Unicode block names for PDF samples.
# Selection of code ranges to show in charts.
# Comparing of two font files with highlighting of added glyphs.
New in the 0.9.13 x11vnc release:
Improved support for non-X11 touchscreen devices (e.g. handheld or
cell phone) via Linux uinput input injection. Additional
tuning parameters are added. TSLIB touchscreen calibration
is supported. Tested on Qtmoko Neo Freerunner.
A tool, misc/uinput.pl, is provided to diagnose uinput
behavior on new devices.
The env. vars. X11VNC_UINPUT_BUS and X11VNC_UINPUT_VERSION
are available if leaving them unset does not work.
The Linux uinput non-X11 input injection can now be bypassed:
events can be directly written to the /dev/input/event
devices specified by the user (direct_abs=..., etc.)
A -pipeinput input injection helper script,
misc/qt_tslib_inject.pl is provided as a tweakable
non-builtin direct input injection method.
The list of new uinput parameters for the above two features is:
pressure, tslib_cal, touch_always, dragskip, btn_touch;
direct_rel, direct_abs, direct_btn, direct_key.
The included SSL enabled Java VNC Viewers now handle Mouse
Wheel events.
miscellaneous new features and changes:
In -reflect mode, the libvncclient connection can now have
the pixel format modified via the environment
variables X11VNC_REFLECT_bitsPerSample,
X11VNC_REFLECT_samplesPerPixel, and
X11VNC_REFLECT_bytesPerPixel
In -create mode the following environment variables are added
to fine tune the behavior: FIND_DISPLAY_NO_LSOF:
do not use lsof(1) to try to determine the Linux VT,
FIND_DISPLAY_NO_VT_FIND: do not try to determine the
Linux VT at all, X11VNC_CREATE_LC_ALL_C_OK: do not bother
undoing the setting LC_ALL=C that the create_display
script sets. The performance of the -create script
has been improved for large installations (100's of
user sessions on one machine.)
In -unixpw mode, one can now Tab from login: to Password.
An environment variable, X11VNC_SB_FACTOR, allows one to scale
the -sb screenblank sleep time from the default 2 secs.
In -rawfb mode, a bug is fixed in setting the number of bits
per pixel.
Documented that -grabkbd is no longer working with some/most
window managers (it can prevent resizing and menu posting.)
The macosx deprecated interface GetMainDevice() call is removed.
Compile with -DX11VNC_MACOSX_USE_GETMAINDEVICE if needed
for an old macosx version...
Miscellaneous code cleanup.
pulled in from ../../devel/glib2/modules.mk, but it's now needed
in sysutils/gio-fam/Makefile.
Not bumping PKGREVISION because the package did not build before.
