* Fix macro creation.
* Add --funcall back.
* termcap terminal replaced with ncurses again.
* More code cleanup.
* .zilerc replaced by .zile, which is a pseudo-Lisp file.
* Various other bug, design and documentation fixes.
* Add case-replace and kill-whole-line.
* Change command-line options to be more like Emacs.
* Changes in zebra
** IRDP support is added.
* Changes in ripd
** Set receive UDP socket buffer to large value.
* Changes in ospfd
** Fix problem of OpenBSD-3.4 IP header length treatment.
* Changes in ospf6d
** Area support is added.
* Changes in bgpd
** Old commands are removed
"show ipv6 summary"
"show ipv6 mbgp summary"
** New ospf6d implementation is introduced. This is rewrite of whole
ospf6d code to make it far much better than old code.
* Changes in vtysh
** Many bugs and problems are fixed. All of user of vtysh should
update to zebra-0.95.
* imap: Implemented account groups, administrator group.
* imapd.c: New OUTBOX_MULTIPLE_SEND option.
* imap: add LOGGEROPTS and SSLLOGGEROPTS configuration settings
which are passed to courierlogger to set the application name for
syslog.
* tcpd/tcpd.c: Added --accesslocal option.
* smap: SMAP EXPUNGE >100 msg ranges was broken.
* PROXY_HOSTNAME: new setting in imap and pop3 config file overrides
gethostname() when checking if a proxy connection is required.
* msgbodystructure.c (msgbodystructure): Fix MSGBODYSTRUCTURE response
for a corrupted content-type of "text".
* sqwebmail: Implemented account groups, administrator group.
* sqwebmaild.dist.in (LOGGEROPTS): Added LOGGEROPTS setting.
* gpglib/gpg.c: gnupg returns non-zero exit even if succesfully
unencrypted, when just the signature is bad.
* sv-make_timezonelist.pl: Added /usr/share/lib/zoneinfo to the
search list.
* Exit with TEMPFAIL if temporary error indication from authlib.
* More descriptive error messages when permissions check fails.
* Documentation fixes.
distribution. Changes include teaching courier-maildiracl about
account groups and the administrator group for IMAP ACLs, which are
understood by courier-imap>=4.0.4 and sqwebmail>=5.0.4.
include:
* authlib: create the authtest and authpasswd manual pages.
* authdaemon.c (auth_generic): Silly bug in auth_generic().
* authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd().
* authpgsqllib.c (auth_pgsql_setpass): Ditto.
* authmysqllib.c (auth_mysql_setpass): Ditto.
* authmysqllib.c (auth_mysql_setpass): Fix a memory leak.
* authpipe: more fixes to the authpipe module.
* authpipe: various fixes to the authpipe module.
* authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe
module.
* New authpipe authentication module.
* authldap.schema: Add mailhost to the recommended LDAP schema.
* README_authlib.sgml: Document updated authpipe protocol.
* cryptpassword.c (authcryptpasswd): Fix handling of encryption hints.
* checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on
crypted passwords.
* checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords.
* authdaemond.c: Strip full name/gecos field after the first comma.
* authdaemond: Pass LOGGEROPTS option to authdaemond.
* liblog/logger.c: Fix wrong args to setuidgid().
* liblog/logger.c: Added -droproot option to courierlogger.
* liblock/lockdaemon.c: Try to recover if upgraded daemon process runs
under a different uid.
* Changed -uid and -gid options to -user and -group for consistency
with couriertcpd. Change them to affect courierlogger itself,
after it has spawned any child.
* Optional default domain for authentication requests.
* Fix the error code when an empty password is provided.
"A vulnerability has been reported in CUPS, which can be exploited by malicious
people to cause a DoS (Denial of Service) on a vulnerable system.
When processing a PDF file, bounds checking was not correctly performed on
some fields. This could cause the pdftops filter (running as user "lp") to
crash."
http://secunia.com/advisories/16380/http://rhn.redhat.com/errata/RHSA-2005-706.html
Patch from RedHat.
Gamin is a file and directory monitoring system defined to be a subset
of the FAM (File Alteration Monitor) system.
The main goals of the project are:
1. Minimize the security model of FAM -- the daemon runs under the
user account.
2. Simplify the code base, dropping some of the most exotic features
of FAM.
3. Provide an API and ABI compatible replacement for FAM.
4. Try to fix some other issues like resource consumption.
file's sole purpose was to provide a dependency on pkg-config and set
some environment variables. Instead, turn pkg-config into a "tool"
in the tools framework, where the pkg-config wrapper automatically
adds PKG_CONFIG_LIBDIR to the environment before invoking the real
pkg-config.
For all package Makefiles that included pkg-config/buildlink3.mk, remove
that inclusion and replace it with USE_TOOLS+=pkg-config.
* In addition to hot pixels in an otherwise black image, the `jpeghotp'
program can now also find dead pixels in an otherwise white image.
* Fail gracefully if the locale cannot be set.
For UNIX, 1.3.87 is the latest version in the 1.4 release cycle.
It includes several Linux client fixes as well as portability changes.
For UNIX, 1.3.86 is the latest version in the 1.4 release cycle.
It includes several Linux client fixes as well as portability changes.
http://openafs.org/frameset/dl/openafs/1.3.87/ChangeLog
Permission to copy and distribute XV in its entirety, for
non-commercial purposes, is hereby granted without fee, provided that
this license information and copyright notice appear in all copies.
Note that distributing XV 'bundled' in with any product is considered
to be a 'commercial purpose'.
Define NO_BIN_ON_{CDROM,FTP} because the package has been patched, and
because the binary package does not include source.
If you redistribute XV, the *entire* contents of this distribution
must be distributed, including the README, and INSTALL files, the
sources, and the complete contents of the 'docs' directory.
The software may be modified for your own purposes, but modified
versions may not be distributed without prior consent of the author.
pull in the Jumbo patches from http://www.sonic.net/~roelofs/greg_xv.html.
As far as I can see this covers all our existing patches for added
functionality, although I cannot claim that I have tested each and
every one of them in the new version.
These patches disable a number of image formats that I think are less
common, which have potential heap overflows in the code due to in-
sufficient validation of image dimensions.
The version of the Jumbo patch used here is the 20050501 version.
Package revision bumped to nb10.
- An error in the handling of away messages can be exploited to cause
a heap-based buffer overflow by sending a specially crafted away message
to a user logged into AIM or ICQ.
Successful exploitation allows execution of arbitrary code.
- An error in the handling of file transfers can be exploited to crash
the application by attempting to upload a file with a non-UTF8 filename
to a user logged into AIM or ICQ.
Patches from RedHat.
