and isc-dhcrelay4. Here is quote from DHCP 4.2.2 Release Notes.
(http://ftp.isc.org/isc/dhcp/dhcp-4.2.2-RELNOTES)
Internet Systems Consortium DHCP Distribution
Version 4.2.2
27 July 2011
Release Notes
NEW FEATURES
ISC DHCP 4.2.x includes features that were not included in DHCP 4.1.x.
These include:
Processing the DHCP to DNS server transactions in an asynchronous fashion.
The DHCP server or client can now continue with it's processing while
awaiting replies from the DNS server.
There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:
- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
- DHCPv6 includes human-readable text in status code messages, in
English. A method to reconfigure or support other languages would
be preferable.
- The "host-identifier" option is limited to a simple token.
- The client and server can only operate DHCPv4 or DHCPv6 at a time,
not both. To use both protocols simultaneously, two instances of the
relevant daemon are required, one with the '-6' command line option.
For information on how to install, configure and run this software, as
well as how to find documentation and report bugs, please consult the
README file.
ISC DHCP uses standard GNU configure for installation. Please review the
output of "./configure --help" to see what options are available.
The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.
Changes since 4.2.2rc1
! Two packets were found that cause a server to halt. The code
has been updated to properly process or reject the packets as
appropriate. Thanks to David Zych at University of Illinois
for reporting this issue. [ISC-Bugs #24960]
One CVE number for each class of packet.
CVE-2011-2748
CVE-2011-2749
Changes since 4.2.2b1
- Strict checks for content of domain-name DHCPv4 option can now be
configured during compilation time. Even though RFC2132 does not allow
to store more than one domain in domain-name option, such behavior is
now enabled by default, but this may change some time in the future.
See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
[ISC-Bugs #24167]
- DNS Update fix. A misconfigured server could crash during DNS update
processing if the configuration included overlapping pools or
multiple fixed-address entries for a single address. This issue
affected both IPv4 and IPv6. The fix allows a server to detect such
conditions, provides the user with extra information and recommended
steps to fix the problem. If the user enables the appropriate option
in site.h then server will be terminated
[ISC-Bugs #23595]
libnice 0.1.1 (2011-09-07)
==========================
Fixed BSD and Solaris compatibility
Fixed PPC64 symbol test
Removed a few possible leak/bugs
Fixed compatibility with google's recent protocol change
= Version 0.8.0
* [API] AMQP::Session#on_skipped_heartbeats callback that can be used to handle skipped heartbeats (for cases when TCP network failure detection is not timely enough)
* [API] AMQP::Exchange#publish calls now use a mutex on the channel exchange is declared on. Sharing channels between threads is discouraged but amqp gem covers your back in the most dangerous case.
* [API] AMQP::Channel#synchronize now can be used to guarantee mutual exclusion of multiple threads on channel instances.
* [BUG] Empty messages can finally be published fine. Yes, it took us just 3 years.
* [FEATURE] When connected to RabbitMQ, RabbitMQ-specific extensions are required automatically
* [FEATURE] AMQP::Session#broker and AMQP::Broker allow for broker capabilities inspection
* [FEATURE] New bitset-based channel id allocator
* [FEATURE] Multiple consumers per queue with AMQP::Consumer
* [FEATURE] Automatic recovery mode for channels
* [FEATURE] Network connection recovery callbacks for channels, exchanges, queues, consumers
* [API] Connection URI (string) format for vhosts no longer assumes that vhosts begin with a slash (/), learn more at http://bit.ly/mfzwcB
* [FEATURE] Returned messages, including header & content via AMQP::Exchange#on_publish. Callback accepts 3 args: basic_return, header, body
* [BUG] Ruby 1.8.7-p249 is not supported because of this (p249-specific) Ruby bug: http://bit.ly/iONBmH
* [FEATURE] AMQP::Utilities::EventLoopHelper detects app server (if any) being used and starts EventMachine reactor in an optimal way.
* [FEATURE] AMQP 0.9.1 support, including tx.* operations class.
* [API] Default authentication handler now raises AMQP::PossibleAuthenticationFailureError
* [API] AMQP::Channel#initialize now takes 3rd (optional) options hash.
* [API] Broker connection class is now AMQP::Session.
* [API] AMQP::Error instance now may carry cause, an exception that caused exception in question to be raised.
* [API] When initial TCP connection fails, default action is now to raise AMQP::TCPConnectionFailed.
* [API] AMQP::BasicClient#reconnect now takes 2nd optional argument, period of waiting in seconds.
* [FEATURE] Handlers for initial connection failure, connection loss; channel-level exceptions handlers on Channel instances.
* [API] AMQP::Exchange#initialize now accepts :arguments option that takes a hash.
* [API] AMQP::Queue#initialize now accepts :arguments option that takes a hash.
* [API] AMQP#Logger is deprecated. It will be removed before 1.0 release.
* [API] AMQP#fork is deprecated. It will be removed before 1.0 release.
* [API] AMQP::RPC is deprecated. It will be removed before 1.0 release.
* [FEATURE] Significant improvements to the documentation. From now on lack of/poor documentation is considered a severe bug.
* [FEATURE] Support for RabbitMQ extensions to AMQP 0.9.1
* [API] AMQP::Exchange#publish now accepts (an optional) callback.
* [API] AMQP::Channel.new now accepts (an optional) callback.
* [API] AMQP::Header#ack now can acknowledge multiple deliveries
* [API] AMQP::Exchange#delete now takes (an optional) block that is called when exchange.delete-ok response arrives.
* [API] AMQP::Header now implements #to_hash
* [API] AMQP::Queue#pop block now can take 1, 2 or 3 arguments.
* [API] AMQP::Queue#purge now takes an optional block which is called when queue.purge-ok response arrives.
* [API] AMQP::Queue#delete now takes an optional block which is called when queue.delete-ok response arrives.
* [API] AMQP::Queue#delete now accepts :nowait option.
* [API] AMQP::Queue#unbind now takes an optional block which is called when queue.unbind-ok response arrives.
* [API] AMQP::Queue#unbind now accepts :routing_key as alias to :key. we believe it is a good idea to use AMQP terms.
* [API] AMQP::Channel#prefetch now takes (an optional) 2nd parameter that specifies that QoS settings should be applied to underlying connection, as well as optional callback.
* [API] AMQP::Channel#recover now takes (an optional) callback that is called when basic.recover-ok is received.
* [API] AMQP::Frame is gone.
* [API] AMQP::Buffer is gone. Serialization & framing are now handled primarily by amq-protocol.
* [API] AMQP::Queue#publish is deprecated.
* [API] Name argument for AMQP::Queue.new and Channel#queue is optional.
= Version 0.7.2
* [BUG] Server-named queues declared en masse now get their unique names instead of all beign assigned the first generated name
* [API] Connection URI (string) format for vhosts no longer assumes that vhosts begin with a slash (/), learn more at http://bit.ly/mfzwcB
* [BUG] Queue#reset leaks consumer tags [#40].
<s.tesch@science-computing.de> on pkgsrc-users.
- Avoid consuming excessive CPU when matching filenames to patterns. Thanks to
Maksymilian Arciemowicz <cxib@securityreason.com>.
- Some bugfixes from Rapha
no apparent security impact.
At this point: v2.3.3 released!
===============================
- Fix compile. Extreme suckage.
At this point: v2.3.4 released!
===============================
* Bug Fixes
o wnpa-sec-2011-12
A large loop in the OpenSafety dissector could cause a crash.
o wnpa-sec-2011-13
A malformed IKE packet could consume excessive resources.
o wnpa-sec-2011-14
A malformed capture file could result in an invalid root tvbuff and cause a crash.
o wnpa-sec-2011-15
Wireshark could run arbitrary Lua scripts.
o wnpa-sec-2011-16
The CSN.1 dissector could crash.
Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally
ready. More than two years in the making, this release features improved
client performance and hidden service reliability, better compatibility
for Android, correct behavior for bridges that listen on more than
one address, more extensible and flexible directory object handling,
better reporting of network statistics, improved code security, and
many many other features and bugfixes.
o Wedge in DESTDIR support. This is a little tricky since the
installation procedure wants to run scotty to parse and dump
the MIB files, and this needs to be done in DESTDIR. Therefore
we use the post-install target, to fix things up before packaging
and the real install.
o Fix the "dns" functionality not to use _res, since this program
is linked with libpthread that won't work on NetBSD (aborts the
program). Though the modified version still uses a global static
variable.
o Add comments to all the patch files.
o Eliminate use of ${WRKSRC}/.., since pkglint objects to it. Instead
use BUILD_DIRS and CONFIGURE_DIRS.
o Add a LICENSE setting, 2-clause-bsd appears most similar.
o Bump PKGREVISION for the above changes.
pkgsrc change: add a patch to fix build problem with some PKG_OPTIONS,
such as "ldap".
New Features
9.8.1
* Added a new include file with function typedefs for the DLZ
"dlopen" driver. [RT #23629]
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
* The root key is now provided in the file bind.keys allowing DNSSEC
validation to be switched on at start up by adding
"dnssec-validation auto;" to named.conf. If the root key provided
has expired, named will log the expiration and validation will not
work. More information and the most current copy of bind.keys can
be found at http://www.isc.org/bind-keys. *Please note this feature
was actually added in 9.8.0 but was not included in the 9.8.0
release notes. [RT #21727]
Security Fixes
9.8.1
* If named is configured with a response policy zone (RPZ) and a
query of type RRSIG is received for a name configured for RRset
replacement in that RPZ, it will trigger an INSIST and crash the
server. RRSIG. [RT #24280]
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Using Response Policy Zone (RPZ) to query a wildcard CNAME label
with QUERY type SIG/RRSIG, it can cause named to crash. Fix is
query type independant. [RT #24715]
* Using Response Policy Zone (RPZ) with DNAME records and querying
the subdomain of that label can cause named to crash. Now logs that
DNAME is not supported. [RT #24766]
* Change #2912 populated the message section in replies to UPDATE
requests, which some Windows clients wanted. This exposed a latent
bug that allowed the response message to crash named. With this
fix, change 2912 has been reduced to copy only the zone section to
the reply. A more complete fix for the latent bug will be released
later. [RT #24777]
Feature Changes
9.8.1
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* The DLZ "dlopen" driver is now built by default, no longer
requiring a configure option. To disable it, use "configure
--without-dlopen". (Note: driver not supported on win32.) [RT
#23467]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
* Make --with-gssapi default for ./configure. [RT #23738]
* Improved the startup time for an authoritative server with a large
number of zones by making the zone task table of variable size
rather than fixed size. This means that authoritative servers with
lots of zones will be serving that zone data much sooner. [RT
#24406]
* Per RFC 6303, RFC 1918 reverse zones are now part of the built-in
list of empty zones. [RT #24990]
* Image Preview: fix open failer with multi-line HTML tag.
* Image Preview: enable to force extracting short URL.
* With Ruby 1.8.7: fix crash at right-click on tweets contains URL.
* With Ruby 1.8.7: fix rare crash at connection timeout.
* fix rare crash at extracting bit.ly URL.
* improve URL extracting speed.
Flickcurl is a C library for the Flickr API, handling creating the
requests, signing, token management, calling the API, marshalling
request parameters and decoding responses. It uses libcurl to call
the REST web service and libxml2 to manipulate the XML responses.
Flickcurl supports all of the API including the functions for
photo/video uploading, browsing, searching, adding and editing
comments, groups, notes, photosets, categories, activity, blogs,
favorites, places, tags, machine tags, institutions, pandas and
photo/video metadata. It also includes a program flickrdf to turn
photo metadata, tags, machine tags and places into an RDF triples
description.
0.2.19 Fri Aug 05 2011 Toni Gundogdu
Fixes: Webscripts
- ted.lua: attempt to index local 's' (#65)
- youtube.lua: no match: fmt_url_map (#63)
- Thanks to Zefram <zefram@fysh.org> for the patch
- funnyordie.lua: no match: flv url (#64)
Fixes
* With Ruby 1.8.7, crash with right click at tweet contains URL.
* on scroll timeline top to down, accidently auto scroll-up once.
* Not mute for various notify.
* rare crash at refresh timeline.
* user information may be old one.
* rare crash at timeout.
1.3.2:
Release date: 2011-08-06 23:05 UTC
Release state: stable
Changelog:
* Fix referrals if host data or user credentials are passed to connect() and
login() instead of the constructor (Aleksander Machniak, Bug #17107).
1.3.1:
Release date: 2011-08-06 01:56 UTC
Release state: stable
Changelog:
* Query capabilities again after successful authentication (Jesse Crawford,
Request #18382).
* Escape quotes and backslashes in script names, and use literal strings for
script names with non-ASCII characters (Aleksander Machniak, Bug #16691).
* Work around broken STARTTLS behavior in Cyrus versions before 2.3.10
(Aleksander Machniak, Bug #18241).
* Improve string literal parsing (Aleksander Machniak, Bug #18228).
Revision history for Perl extension Net::Amazon:
0.60 (08/01/2011)
(cb) Fix the page and max_pages parameter to correctly fetch the specified
number of pages, and start at the correct offset. Reported as rt 69201.
(cb) Add a method to get similar products. Patch submitted by Jennifer.
(cb) Push from cpanservice: Small dist maintenance. Please use latest
ExtUtils::MakeMaker for release.
For some reason the "Checking for work-directory references" test
didn't catch the fact that ${DESTDIR}${LIBDIR} was being compiled
into the main binary as its library search path.
Noted by moof.
PKGREVISION -> 7
Here is partial changes:
= Version 0.7.2
* [BUG] Server-named queues declared en masse now get their unique names instead of all beign assigned the first generated name
* [API] Connection URI (string) format for vhosts no longer assumes that vhosts begin with a slash (/), learn more at http://bit.ly/mfzwcB
* [BUG] Queue#reset leaks consumer tags [#40].
For full changes, please refer:
ftp://ftp.isc.org/isc/bind9/9.7.4/RELEASE-NOTES-BIND-9.7.4.html
New Features
9.7.4
* A new test has been added to check the apex NSEC3 records after
DNSKEY records have been added via dynamic update. [RT #23229]
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
Security Fixes
9.7.4
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. [RT #24777] [CVE-2011-2464]
Feature Changes
9.7.4
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
For full changes, please refer:
ftp://ftp.isc.org/isc/bind9/9.6-ESV-R5/RELEASE-NOTES-BIND-9.6-ESV.html
New Features
9.6-ESV-R5
* Added a tool able to generate malformed packets to allow testing of
how named handles them. [RT #24096]
Security Fixes
9.6-ESV-R5
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 populated the message section in replies to UPDATE
requests, which some Windows clients wanted. This exposed a latent
bug that allowed the response message to crash named. With this
fix, change 2912 has been reduced to copy only the zone section to
the reply. A more complete fix for the latent bug will be released
later. [RT #24777]
Feature Changes
9.6-ESV-R5
* Merged in the NetBSD ATF test framework (currently version 0.12)
for development of future unit tests. Use configure --with-atf to
build ATF internally or configure --with-atf=prefix to use an
external copy. [RT #23209]
* Added more verbose error reporting from DLZ LDAP. [RT #23402]
* Replaced compile time constant with STDTIME_ON_32BITS. [RT #23587]
