* Major changes in 0.0.14
** epa-file can handle remote files over Tramp.
** Workaround for a face initialization bug of GNU Emacs.
** Follow the face naming convention of GNU Emacs.
* Major changes in 0.0.13
** epa-file bug fixes.
*** Fixed a compatibility bug on XEmacs 21.5.
*** Do not mark the buffer as modified.
* Major changes in 0.0.12
** epa-file.el usability improvements.
*** Ask recipients only the first time.
*** Respect epa-armor and epa-textmode.
*** Customizing epa-file-name-regexp now works.
*** Backup files for "*.gpg" are also encrypted.
* Major changes in 0.0.11
** Include the EasyPG Assistant user's manual
** Decode user-id's encoded in UTF-8 with "%" or "\" escape
** If a user attempt to encrypt data to an untrusted recipient, EasyPG
prompt the key-id (it requires GnuPG version 2.0.2 or later)
** epa-file.el turns off auto-saving by default
binary-only packages that require binary "emulation" on the native
operating system. Please see pkgsrc/mk/emulator/README for more
details.
* Teach the plist framework to automatically use any existing
PLIST.${EMUL_PLATFORM} as part of the default PLIST_SRC definition.
* Convert all of the binary-only packages in pkgsrc to use the
emulator framework. Most of them have been tested to install and
deinstall correctly. This involves the following cleanup actions:
* Remove use of custom PLIST code and use PLIST.${EMUL_PLATFORM}
more consistently.
* Simplify packages by using default INSTALL and DEINSTALL scripts
instead of custom INSTALL/DEINSTALL code.
* Remove "SUSE_COMPAT32" and "PKG_OPTIONS.suse" from pkgsrc.
Packages only need to state exactly which emulations they support,
and the framework handles any i386-on-x86_64 or sparc-on-sparc64
uses.
* Remove "USE_NATIVE_LINUX" from pkgsrc. The framework will
automatically detect when the package is installing on Linux.
Specific changes to packages include:
* Bump the PKGREVISIONs for all of the suse100* and suse91* packages
due to changes in the +INSTALL/+DEINSTALL scripts used in all
of the packages.
* Remove pkgsrc/emulators/suse_linux, which is unused by any
packages.
* cad/lc -- remove custom code to create the distinfo file for
all supported platforms; just use "emul-fetch" and "emul-distinfo"
instead.
* lang/Cg-compiler -- install the shared libraries under ${EMULDIR}
instead of ${PREFIX}/lib so that compiled programs will find
the shared libraries.
* mail/thunderbird-bin-nightly -- update to latest binary
distributions for supported platforms.
* multimedia/ns-flash -- update Linux version to 9.0.48 as the
older version is no longer available for interactive fetch.
* security/uvscan -- set LD_LIBRARY_PATH explicitly so that
it's not necessary to install library symlinks into
${EMULDIR}/usr/local/lib.
* www/firefox-bin-flash -- update Linux version to 9.0.48 as the
older version is no longer available for interactive fetch.
Packages Collection.
The Perl 5 module Crypt::RC4 provides a simple implementation of
the RC4 algorithm, developed by RSA Security, Inc.
Disclaimer: Strictly speaking, this module uses the "alleged" RC4
algorithm. The Algorithm known as "RC4" is a trademark of RSA
Security Inc., and this document [the module documentation] makes
no claims one way or another that this is the correct algorithm,
and further, make no claims about the quality of the source code
nor any licensing requirements for commercial use.
changes:
- More protection : Automatic identification and
removal of viruses delivering the next generation
of best-of-breed anti-virus scanning engines.
It offers improved protection against existing,
new and potential threats and increases the depth
and breadth of the protection we provide.
- It's faster than before : We've listened to our
customers who asked for a faster Engine and it
delivers superior performance to current McAfee
Anti-Virus products on all supported platforms.
- Support for many more packed-executable formats
in which known malware is often re-packaged
for obfuscation purposes.
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
and visudo manpages in man/man1, and the sudoers manpage in man/man5.
Remove the platform-specific PLISTs that only differed in the location
of the man pages.
Bump the PKGREVISION to 5.
BUG FIXES
- in a milter setup log_id was left undefined, which resulted in log lines
without id, and a SQL constraint violation "Column 'am_id' cannot be null"
when logging to SQL was enabled. The bug was introduced in 2.5.1;
problem reported by Martin Svensson;
- suppress a quarantining attempt if the message also needs to be archived
to the same location (same sql key or same local filename);
reported by Wazir Shpoon;
- adjust $socketname in amavisd-release to match its default counterpart
in amavisd (i.e. /var/amavis/amavisd.sock); reported by Stanley Appel;
And more... please review the Changelog file.
(in fact, it's not clear that there is a good way to do so). The resulting
configuration works fine *except* if it encounters a host that has 3DES
but no DES service keys in its keytab.
Fix this by explicitly passing 0 ("default enctype") to Kerberos.
install script. The latter are special install-sh script options that
check whether the invoking user is the root user or not, which is
completely unnecessary.
cleanse environment of variables that alter behavior of Kerberos library
so the user can't override the default keytab location, and do *not*
ignore missing keytab errors. Prevents root compromise via spoofed KDC
on systems with Kerberos libraries but no host key in keytab, no keytab,
or keytab overidden via environment.
Don't insist that the keytab key be DES -- some Kerberos sites are 3DES/AES
only.
Somewhat less invasive than the fix Todd incorporated into the 1.6.9 branch
of sudo (presently beta) but equivalent (though not as clean).
things are restricted, pkgsrc's labeling rules aren't intended to
address export control issues, and there are vast numbers of packages
with apparently similar export control status and no RESTRICTED.)
Noteworthy changes in version 0.6.4 (2007-06-12)
------------------------------------------------
* Make sure the test suite uses non-guessable file names
for temporary files.
* Fix a problem in the file handling code.
Noteworthy changes in version 0.6.3 (2007-06-06)
------------------------------------------------
* Remove unused references in the opencdk config script.
This fixes an error because a variable were not referenced.
Interface changes relative to 0.6.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cdk_dek_get_cipher NEW
cdk_dek_get_mdc_flag NEW
Noteworthy changes in version 0.6.2 (2007-05-25)
------------------------------------------------
* Fix versioning script of the library.
* Bug fixes for the remaining memory leaks.
* Better way to handle gcrypt initialization.
Interface changes relative to 0.6.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cdk_lit_format_t NEW
functions:
cdk_pk_to_fingerprint NEW
v1.07
- fix t/nonblock.t on systems which have by default a larger
socket buffer. Set SO_SNDBUF explicitly with setsockopt
to force smaller writes on the socket
signing-party (0.4.10-1) unstable; urgency=low
* caff:
+ Fix syntax error in example config variables (Closes: #413020).
+ Fix perl warnings when calling pgp-fixkey with unknown keyid or
with empty signature create date.
* gpg-key2ps:
+ Add '-1' option to only display one column of slips, for extra
wide keys (Closes: #399474).
* keylookup:
+ Fix perl warnings caused by empty lines from gpg output.
* Drop transitional and now obsolete keylookup package.
* Remove no longer needed dependency on mailx.
