series, users are encouraged to read /usr/pkg/share/doc/sympa/NEWS for
details. Summary of new features:
*** New bulk.pl daemon installed with Sympa. This daemon is dedicated to
mail distribution and allows to parallelize this process on a single
server as well as on multiple servers.
*** [Olivier Lumineau, CRU] Fresh new web CSS for the web interface.
*** Replace storage of password with encryption by md5 fingerprint. This
make remind password impossible. So now a one time ticket table is created
ticket are sent by email as an authentication token. Ticket can be used
for lost password, create account, moderation request . It should be
generalized to all operation that need a email chalenge.
*** New propertie in object message : spam_status . This feature is used in
modindex (listing of message waiting for moderation) to show message
tagued as spam.
4 new parameters :
- antispam_feature default off
- antispam_tag_header_name default X-Spam-Status
- antispam_tag_header_spam_regexp default ^\s*Yes
- antispam_tag_header_ham_regexp default ^\s*No
*** DKIM : Sympa now supports DKIM for message diffusion and control.
*** web_tt2/Makefile.am, web_tt2/ca.tt2, web_tt2/lca.tt2,
wwsympa/wwsympa.fcgi.in: It is now possible to create Custom actions
at the list or robot level. These custom actions allow you to create
new pages in the Sympa web interface. for now, you can only display
informations using this method. any post treatment (such as form
submission) must be handled outside of Sympa. See
https://www.sympa.org/manual_6.1/customizing#custom_actions for more
details.
*** [Submitted by J. jourdan] "suspension of membership." The user can suspend
his subscription to the lists
that he subscribes. For a finite length or not. Added a calendar in
javascript to select a date.
Also, lots of translastion updates, and bug fixes (including security ones)
Three main modules and some supporting program files are contained. For
more details read following POD documentations:
Text::LineFold - Line Folding for Plain Text
Unicode::GCString - String as Sequence of UAX #29 Grapheme Clusters
Unicode::LineBreak - UAX #14 Unicode Line Breaking Algorithm
AuthCAS aims at providing a Perl API to Yale's Central Authentication System
(CAS). Only a basic Perl library is provided with CAS whereas AuthCAS is a
full object-oriented library.
Fix seuciry problem of CVE-2012-2337.
What's new in Sudo 1.7.9p1?
* Fixed a bug when matching against an IP address with an associated
netmask in the sudoers file. In certain circumstances, this
could allow users to run commands on hosts they are not authorized
for.
What's new in Sudo 1.7.9?
* Fixed a false positive in visudo strict mode when aliases are
in use.
* The line on which a syntax error is reported in the sudoers file
is now more accurate. Previously it was often off by a line.
* The #include and #includedir directives in sudoers now support
relative paths. If the path is not fully qualified it is expected
to be located in the same directory of the sudoers file that is
including it.
* visudo will now fix the mode on the sudoers file even if no changes
are made unless the -f option is specified.
* The "use_loginclass" sudoers option works properly again.
* For LDAP-based sudoers, values in the search expression are now
escaped as per RFC 4515.
* Fixed a race condition when I/O logging is not enabled that could
result in tty-generated signals (e.g. control-C) being received
by the command twice.
* If none of the standard input, output or error are connected to
a tty device, sudo will now check its parent's standard input,
output or error for the tty name on systems with /proc and BSD
systems that support the KERN_PROC_PID sysctl. This allows
tty-based tickets to work properly even when, e.g. standard
input, output and error are redirected to /dev/null.
* Fixed a bug where a pattern like "/usr/*" included /usr/bin/ in
the results, which would be incorrectly be interpreted as if the
sudoers file had specified a directory.
* "visudo -c" will now list any include files that were checked
in addition to the main sudoers file when everything parses OK.
* Users that only have read-only access to the sudoers file may
now run "visudo -c". Previously, write permissions were required
even though no writing is down in check-only mode.
What's new in Sudo 1.7.8p2?
* Fixed a crash in the monitor process on Solaris when NOPASSWD
was specified or when authentication was disabled.
2012-05-14
* INSTALL: Fixing typo and updating reference to CVS.
* Makefile.mingw, packaging/windows/pidgin-otr.nsi:
Updating to support building the win32 installer on
GNU/Linux.
2012-05-12
* otr-plugin.c: Fixing a format string vulnerability.
Identified by intrigeri <intrigeri@boum.org>.
* Makefile.mingw, README, configure.ac, pidgin-otr.nsi:
Bumped version number to 3.2.1.
2010-03-02
* po/vi.po: Vietnamese translation from Lyndon Johnson
<lyndon.johnson58@gmail.com>
2009-11-14
* gtk-dialog.c (add_to_vbox_verify_fingerprint): Make
the fingerprints in the manual authentication dialog
selectable (but not selected by default).
2009-08-24
* po/fr.po: Fixed \n errors
2009-07-20
* po/fr.po: Complete French translation from Solveig
<perso@solveig.org>
2009-06-24
* po/fr.po: Spelling correction from intrigeri
<intrigeri@boum.org>
2009-03-18
* po/sv.po: Swedish translation from Daniel Nylander
<po@danielnylander.se>
2009-01-18
* po/pl.po: Polish translation from Paweł Czochański
<czochanski@gmail.com>
2008-09-24
* po/it.po: Italian translation from Vincenzo Reale
<smart2128@baslug.org>.
2008-07-10
* otr-plugin.c: Use /dev/urandom to generate keys instead of
/dev/random. [Really: on non-Win32, call
gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); before OTRL_INIT;.]
2008-07-07
* gtk-conv.c: Don't delete the OTR menus if a non-foreground
conversation window is closed.
2008-06-19
* Makefile.static: Forgot to add tooltipmenu.o to
Makefile.static. Fixed.
2008-06-17
* otr-plugin.c: Except on WIN32, set the umask to 0077 before
creating the otr.* files in the purple directory so that they
end up mode 0600. Based on a patch from Caspar Clemens Mierau
<damokles@ubuntu.com>.
* po/de.po: Updated German translation from Michael Meier
<mail@code.mmsources.de>.
OpenJDK7 wouldn't build on DragonFly for non-root users due to a conflict
with the bootstrap/LICENSE file. Both the -bin-common and the
-bin-dragonfly bootstraps contained the same file, both with 444 file
permissions. As a result, the extraction phase fails for non-root pbulk
builds and other under-privileged users.
The DragonFly bootstraps were repacked to exclude the duplicate
bootstrap/LICENSE file, and the bootstrap.mk file updated accordingly.
The new bootstraps are packed with xz, resulting in a tarball 6MB
smaller for i386.
Other changes while we're here:
1) Add LICENSE=gnu-gpl-v2
2) USE_TOOLS+= patch (pkglint complained)
3) Fix ONLY_FOR_PLATFORM triplet for DragonFly (pkglint complained)
Glib:
* Dispatcher: Don't send messages to a deleted Dispatcher.
* Make SignalTimeout/SignalIdle::connect_once() more thread safe.
* Document Glib::Property and Glib::PropertyBase.
gmmproc:
* Add macro _CUSTOM_CTOR_CAST in _CLASS_BOXEDTYPE.
* Generate the documentation of default constructors of interface classes.
Build:
* Update Visual Studio projects.
* The test scaffolding for git-daemon was flaky.
* The test scaffolding for fast-import was flaky.
* The filesystem boundary was not correctly reported when .git directory
discovery stopped at a mount point.
* HTTP transport that requires authentication did not work correctly when
multiple connections are used simultaneously.
* Minor memory leak during unpack_trees (hence "merge" and "checkout"
to check out another branch) has been plugged.
* In the older days, the header "Conflicts:" in "cherry-pick" and "merge"
was separated by a blank line from the list of paths that follow for
readability, but when "merge" was rewritten in C, we lost it by
mistake. Remove the newline from "cherry-pick" to make them match
again.
* The command line parser choked "git cherry-pick $name" when $name can
be both revision name and a pathname, even though $name can never be a
path in the context of the command.
* The "include.path" facility in the configuration mechanism added in
1.7.10 forgot to interpret "~/path" and "~user/path" as it should.
* "git config --rename-section" to rename an existing section into a
bogus one did not check the new name.
* The "diff --no-index" codepath used limited-length buffers, risking
pathnames getting truncated. Update it to use the strbuf API.
* The report from "git fetch" said "new branch" even for a non branch
ref.
* The http-backend (the server side of the smart http transfer) used
to overwrite GIT_COMMITTER_NAME and GIT_COMMITTER_EMAIL with the
value obtained from REMOTE_USER unconditionally, making it
impossible for the server side site-specific customization to use
different identity sources to affect the names logged. It now uses
REMOTE_USER only as a fallback value.
* "log --graph" was not very friendly with "--stat" option and its
output had line breaks at wrong places.
* Octopus merge strategy did not reduce heads that are recorded in the
final commit correctly.
* "git push" over smart-http lost progress output a few releases ago;
this release resurrects it.
* The error and advice messages given by "git push" when it fails due
to non-ff were not very helpful to new users; it has been broken
into three cases, and each is given a separate advice message.
* The insn sheet given by "rebase -i" did not make it clear that the
insn lines can be re-ordered to affect the order of the commits in
the resulting history.
* "git repack" used to write out unreachable objects as loose objects
when repacking, even if such loose objects will immediately pruned
due to its age.
* A contrib script "rerere-train" did not work out of the box unless
user futzed with her $PATH.
* "git rev-parse --show-prefix" used to emit nothing when run at the
top-level of the working tree, but now it gives a blank line.
* The i18n of error message "git stash save" was not properly done.
* "git submodule" used a sed script that some platforms mishandled.
* When using a Perl script on a system where "perl" found on user's
$PATH could be ancient or otherwise broken, we allow builders to
specify the path to a good copy of Perl with $PERL_PATH. The
gitweb test forgot to use that Perl when running its test.
* Add .htaccess file to package
* Fix MESSAGES, to be more useful
Changelog:
changelog is not available officially. The following is provided by SuSE.
- Security: Several CSRF fixes
- Security: .htaccess uploading blacklist
- Backport link in the Help center to the online documentatio
- Backport link in the Help center to the "Big Files" howto
- Check if JSon module is installed
- Check if GD module is installed
