Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Mar 30, 2013
  1. Pullup ticket #4103 - requested by taca

    tron authored
    net/bind99: security update
    
    Revisions pulled up:
    - net/bind99/Makefile                                           1.21-1.23
    - net/bind99/distinfo                                           1.12-1.14
    - net/bind99/options.mk                                         1.5-1.6
    - net/bind99/patches/patch-configure                            1.4
    
    ---
       Module Name:	pkgsrc
       Committed By:	jperkin
       Date:		Wed Feb  6 23:24:19 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind99: Makefile
    
       Log Message:
       PKGREVISION bumps for the security/openssl 1.0.1d update.
    
    ---
       Module Name:	pkgsrc
       Committed By:	wiz
       Date:		Sat Mar  2 20:33:35 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind96: Makefile
    
       Log Message:
       Bump PKGREVISION for mysql default change to 55.
    
    ---
       Module Name:    pkgsrc
       Committed By:   pettai
       Date:           Sat Feb  9 00:14:34 UTC 2013
    
       Modified Files:
               pkgsrc/net/bind99: distinfo options.mk
    
       Log Message:
       Updated rrl patch version + source
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar 26 22:12:14 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind99: Makefile distinfo
       	pkgsrc/net/bind99/patches: patch-configure
    
       Log Message:
       Update bind99 to 9.9.2pl2 (BIND 9.9.2-P2).
    
       	--- 9.9.2-P2 released ---
    
       3516.	[security]	Removed the check for regex.h in configure in order
       			to disable regex syntax checking, as it exposes
       			BIND to a critical flaw in libregex on some
       			platforms. [RT #32688]
    
    ---
       Module Name:	pkgsrc
       Committed By:	pettai
       Date:		Wed Mar 27 12:08:24 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind99: distinfo options.mk
    
       Log Message:
       Also update the corresponding RRL patch + distinfo file
  2. Pullup ticket #4104 - requested by taca

    tron authored
    net/bind98: security update
    
    Revisions pulled up:
    - net/bind98/Makefile                                    1.27 via patch
    - net/bind98/distinfo                                    1.19-1.20 via patch
    - net/bind98/options.mk                                  1.5 via patch
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar 26 22:12:56 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind98: Makefile distinfo
    
       Log Message:
       Update bind98 to 9.8.4pl2 (BIND 9.8.4-P2).
    
       	--- 9.8.4-P2 released ---
    
       3516.	[security]	Removed the check for regex.h in configure in order
       			to disable regex syntax checking, as it exposes
       			BIND to a critical flaw in libregex on some
       			platforms. [RT #32688]
  3. Pullup ticket #4106 - requested by taca

    tron authored
    net/isc-dhclient4: security update
    net/isc-dhcp4: security update
    net/isc-dhcpd4: security update
    net/isc-dhcrelay4: security update
    
    Revisions pulled up:
    - net/isc-dhclient4/Makefile                                    1.7
    - net/isc-dhcp4/Makefile                                        1.9-1.10
    - net/isc-dhcp4/Makefile.common                                 1.18-1.19
    - net/isc-dhcp4/distinfo                                        1.14-1.15
    - net/isc-dhcpd4/Makefile                                       1.7
    
    ---
       Module Name:	pkgsrc
       Committed By:	jperkin
       Date:		Wed Feb  6 23:24:19 UTC 2013
    
       Modified Files:
       	pkgsrc/net/isc-dhcp4: Makefile
    
       Log Message:
       PKGREVISION bumps for the security/openssl 1.0.1d update.
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Fri Jan 11 13:35:58 UTC 2013
    
       Modified Files:
       	pkgsrc/net/isc-dhclient4: Makefile
       	pkgsrc/net/isc-dhcp4: Makefile.common distinfo
       	pkgsrc/net/isc-dhcpd4: Makefile
    
       Log Message:
       Update ISC DHCP to 4.2.5.
    
       Changes are too many to write here, please refer RELNOTES.
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Tue Mar 26 16:25:06 UTC 2013
    
       Modified Files:
       	pkgsrc/net/isc-dhcp4: Makefile Makefile.common distinfo
    
       Log Message:
       Update ISC DHCP packages to 4.2.5p1 (4.2.5-P1).
       	isc-dhclient4
       	isc-dhcp4
       	isc-dhcpd4
       	isc-dhcrelay4
  4. Pullup ticket #4105 - requested by taca

    tron authored
    net/bind97: security patch
    
    Revisions pulled up:
    - net/bind97/Makefile                                           1.25-1.27
    
    ---
       Module Name:	pkgsrc
       Committed By:	jperkin
       Date:		Wed Feb  6 23:24:19 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind97: Makefile
    
       Log Message:
       PKGREVISION bumps for the security/openssl 1.0.1d update.
    
    ---
       Module Name:	pkgsrc
       Committed By:	wiz
       Date:		Sat Mar  2 20:33:35 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind97: Makefile
    
       Log Message:
       Bump PKGREVISION for mysql default change to 55.
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Wed Mar 27 00:34:32 UTC 2013
    
       Modified Files:
       	pkgsrc/net/bind97: Makefile
    
       Log Message:
       Disable use of regex.h for fixing CVE-2013-2266.
    
       Bump PKGREVISION.
Commits on Mar 17, 2013
  1. Pullup ticket #4099 - requested by kim

    tron authored
    net/proftpd: security update
    
    Revisions pulled up:
    - net/proftpd/Makefile                                          1.72
    - net/proftpd/PLIST                                             1.24
    - net/proftpd/distinfo                                          1.40
    - net/proftpd/patches/patch-ab                                  deleted
    - net/proftpd/patches/patch-ac                                  deleted
    
    ---
       Module Name:    pkgsrc
       Committed By:   kim
       Date:           Fri Mar 15 13:34:32 UTC 2013
    
       Modified Files:
               pkgsrc/net/proftpd: Makefile PLIST distinfo
       Removed Files:
               pkgsrc/net/proftpd/patches: patch-ab patch-ac
    
       Log Message:
       Updated net/proftpd to 1.3.4c:
       - addresses CVE-2012-6095 <http://bugs.proftpd.org/show_bug.cgi?id=3841>
Commits on Mar 8, 2013
  1. Pullup ticket #4090 - requested by tron

    spz authored
    net/wireshark: security update
    
    Revisions pulled up:
    - net/wireshark/Makefile                                        1.97
    - net/wireshark/distinfo                                        1.63
    - net/wireshark/patches/patch-ae                                deleted
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	tron
       Date:		Thu Mar  7 12:44:11 UTC 2013
    
       Modified Files:
       	pkgsrc/net/wireshark: Makefile distinfo
       Removed Files:
       	pkgsrc/net/wireshark/patches: patch-ae
    
       Log Message:
       Update "wireshark" package to version 1.8.6. Changes since 1.8.5:
       - Bug Fixes
          The following vulnerabilities have been fixed.
            o wnpa-sec-2013-10
              The TCP dissector could crash. (Bug 8274)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2475
            o wnpa-sec-2013-11
              The HART/IP dissectory could go into an infinite loop. (Bug
              8360)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2476
            o wnpa-sec-2013-12
              The CSN.1 dissector could crash. Discovered by Laurent Butti.
              (Bug 8383)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2477
            o wnpa-sec-2013-13
              The MS-MMS dissector could crash. Discovered by Laurent Butti.
              (Bug 8382)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2478
            o wnpa-sec-2013-14
              The MPLS Echo dissector could go into an infinite loop.
              Discovered by Laurent Butti. (Bug 8039)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2479
            o wnpa-sec-2013-15
              The RTPS and RTPS2 dissectors could crash. Discovered by
              Alyssa Milburn. (Bug 8332)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2480
            o wnpa-sec-2013-16
              The Mount dissector could crash. Discovered by Alyssa Milburn.
              (Bug 8335)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2481
            o wnpa-sec-2013-17
              The AMPQ dissector could go into an infinite loop. Discovered
              by Moshe Kaplan. (Bug 8337)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2482
            o wnpa-sec-2013-18
              The ACN dissector could attempt to divide by zero. Discovered
              by Alyssa Milburn. (Bug 8340)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2483
            o wnpa-sec-2013-19
              The CIMD dissector could crash. Discovered by Moshe Kaplan.
              (Bug 8346)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2484
            o wnpa-sec-2013-20
              The FCSP dissector could go into an infinite loop. Discovered
              by Moshe Kaplan. (Bug 8359)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2485
            o wnpa-sec-2013-21
              The RELOAD dissector could go into an infinite loop.
              Discovered by Even Jensen. (Bug 8364)
              Versions affected: 1.8.0 to 1.8.5.
              CVE-2013-2486
              CVE-2013-2487
            o wnpa-sec-2013-22
              The DTLS dissector could crash. Discovered by Laurent Butti.
              (Bug 8380)
              Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13.
              CVE-2013-2488
          The following bugs have been fixed:
            o Lua pinfo.cols.protocol not holding value in postdissector.
              (Bug 6020)
            o data combined via ssl_desegment_app_data not visible via
              "Follow SSL Stream" only decrypted ssl data tabs. (Bug 6434)
            o HTTP application/json-rpc should be decoded/shown as
              application/json. (Bug 7939)
            o Maximum value of 802.11-2012 Duration field should be 32767.
              (Bug 8056)
            o Voice RTP player crash if player is closed while playing. (Bug
              8065)
            o Display Filter Macros crash. (Bug 8073)
            o RRC RadioBearerSetup message decoding issue. (Bug 8290)
            o R-click filters add ! in front of field when choosing "apply
              as filter>selected". (Bug 8297)
            o BACnet - Loop Object - Setpoint-Reference property does not
              decode correctly. (Bug 8306)
            o WMM TSPEC Element Parsing is not done is wrong due to a wrong
              switch case number. (Bug 8320)
            o Incorrect RTP statistics (Lost Packets indication not ok).
              (Bug 8321)
            o Registering ieee802154 dissector for IEEE802.15.4 frames
              inside Linux SLL frames. (Bug 8325)
            o Version Field is skipped while parsing WMM_TSPEC causing wrong
              dissecting (1 byte offset missing) of all fields in the TSPEC.
              (Bug 8330)
            o [BACnet] UCS-2 strings longer than 127 characters do not
              decode correctly. (Bug 8331)
            o Malformed IEEE80211 frame triggers DISSECTOR_ASSERT. (Bug
              8345)
            o Decoding of GSM MAP SMS Diagnostics. (Bug 8378)
            o Incorrect packet length displayed for Flight Message Transfer
              Protocol (FMTP). (Bug 8407)
            o Netflow dissector flowDurationMicroseconds nanosecond
              conversion wrong. (Bug 8410)
            o BE (3) AC is wrongly named as "Video" in (qos_acs). (Bug 8432)
       - Updated Protocol Support
         ACN, AMQP, ASN.1 PER, BACnet, CIMD, CSN.1, DOCSIS TLVs, DTLS,
         FCSP, FMP/NOTIFY, FMTP, GSM MAP SMS, HART/IP, IEEE 802.11, IEEE
         802.15.4, JSON, Linux SLL, LTE RRC, Mount, MPLS Echo, Netflow,
         RELOAD, RSL, RTP, RTPS, RTPS2, SABP, SIP, SSL, TCP
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.96 -r1.97 pkgsrc/net/wireshark/Makefile
       cvs rdiff -u -r1.62 -r1.63 pkgsrc/net/wireshark/distinfo
       cvs rdiff -u -r1.3 -r0 pkgsrc/net/wireshark/patches/patch-ae
Commits on Feb 24, 2013
  1. Pullup ticket #4077 - requested by markd

    tron authored
    net/netatalk: build fix
    
    Revisions pulled up:
    - net/netatalk/distinfo                                         1.48
    - net/netatalk/patches/patch-etc_uams_uams_gss.c                1.1
    
    ---
       Module Name:	pkgsrc
       Committed By:	markd
       Date:		Fri Feb 22 22:41:32 UTC 2013
    
       Modified Files:
       	pkgsrc/net/netatalk: distinfo
       Added Files:
       	pkgsrc/net/netatalk/patches: patch-etc_uams_uams_gss.c
    
       Log Message:
       Dont override the value of GSS_C_NT_HOSTBASED_SERVICE that recent
       Heimdal's set.
Commits on Feb 14, 2013
  1. Pullup ticket #4047 - requested by tron

    spz authored
    net/wireshark: security update
    
    Revisions pulled up:
    - net/wireshark/Makefile                                        1.93
    - net/wireshark/distinfo                                        1.62
    
    -------------------------------------------------------------------
       Module Name:	pkgsrc
       Committed By:	tron
       Date:		Thu Jan 31 10:40:38 UTC 2013
    
       Modified Files:
       	pkgsrc/net/wireshark: Makefile distinfo
    
       Log Message:
       Update "wireshark" package to version 1.8.5. Changes since 1.8.4:
       - Bug Fixes
         The following vulnerabilities have been fixed.
           o wnpa-sec-2013-01
             Infinite and large loops in the Bluetooth HCI, CSN.1, DCP-ETSI
             DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS,
             SDP, and SIP dissectors. Reported by Laurent Butti. (Bugs
             8036, 8037, 8038, 8040, 8041, 8042, 8043, 8198, 8199, 8222)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-02
             The CLNP dissector could crash. Discovered independently by
             Laurent Butti and the Wireshark development team. (Bug 7871)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-03
             The DTN dissector could crash. (Bug 7945)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-04
             The MS-MMC dissector (and possibly others) could crash. (Bug
             8112)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-05
             The DTLS dissector could crash. Discovered by Laurent Butti.
             (Bug 8111)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-06
             The ROHC dissector could crash. (Bug 7679)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-07
             The DCP-ETSI dissector could corrupt memory. Discovered by
             Laurent Butti. (Bug 8213)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-08
             The Wireshark dissection engine could crash. Discovered by
             Laurent Butti. (Bug 8197)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
           o wnpa-sec-2013-09
             The NTLMSSP dissector could overflow a buffer. Discovered by
             Ulf H=E4rnhammar. (Bug X)
             Versions affected: 1.8.0 to 1.8.4, 1.6.0 to 1.6.12.
             GENERIC-MAP-NOMATCH
       - The following bugs have been fixed:
           o SNMPv3 Engine ID registration. (Bug 2426)
           o Wrong decoding of gtp.target identification. (Bug 3974)
           o Reassemble.c leaks memory for GLIB > 2.8. (Bug 4141)
           o Wireshark crashes when starting due to out-of-date plugin left
             behind from earlier installation. (Bug 7401)
           o Failed to dissect TLS handshake packets. (Bug 7435)
           o ISUP dissector problem with empty Generic Number. (Bug 7632)
           o Illegal character is used in temporary capture file name. (Bug
             7877)
           o Lua code crashes wireshark after update to 1.8.3. (Bug 7976)
           o Timestamp info is not saved correctly when writing DOS Sniffer
             files. (Bug 7998)
           o 1.8.3 Wireshark User's Guide version is 1.6. (Bug 8009)
           o Core dumped when the file is closed. (Bug 8022)
           o LPP is misspelled in APDU parameter in
             e-CIDMeasurementInitiation request for LPPA message. (Bug
             8023)
           o Wrong packet bytes are selected for ISUP CUG binary code. (Bug
             8035)
           o Decodes FCoE Group Multicast MAC address as Broadcom MAC
             address. (Bug 8046)
           o The SSL dissector stops decrypting the SSL conversation with
             Malformed Packet:SSL error messages. (Bug 8075)
           o Unable to Save/Apply [Unistim Port] in Preferences. (Bug 8078)
           o Some Information Elements in GTPv2 are not dissected
             correctly. (Bug 8079)
           o Wrong bytes highlighted with "Find Packet...". (Bug 8085)
           o 3GPP ULI AVP. SAI is not correctly decoded. (Bug 8098)
           o Wireshark does not show "Start and End Time" information for
             Cisco Netflow/IPFIX with type 154 to 157. (Bug 8105)
           o GPRS Tunnel Protocoll GTP Version 1 does not decode DAF flag
             in Common Flags IE. (Bug 8193)
           o Wrong parcing of ULI of gtpv2 messages - errors in SAC, RAC &
             ECI. (Bug 8208)
           o Version Number in EtherIP dissector. (Bug 8211)
           o Warn Dissector bug, protocol JXTA. (Bug 8212)
           o Electromagnetic Emission Parser parses field Event Id as
             Entity Id. (Bug 8227)
       - Updated Protocol Support
         ANSI IS-637-A, ASN.1 PER, AX.25, Bluetooth HCI, CLNP, CSN.1,
         DCP-ETSI, DIAMETER, DIS PDU, DOCSIS CM-STATUS, DTLS, DTN, EtherIP,
         Fibre Channel, GPRS, GTP, GTPv2, HomePlug AV, IEEE 802.3 Slow,
         IEEE 802.15.4, ISUP, JXTA, LAPD, LPPa, MPLS, MS-MMC, NAS-EPS,
         NTLMSSP, ROHC, RSL, RTPS, SDP, SIP, SNMP, SSL
       - New and Updated Capture File Support
         DOS Sniffer
    
    
       To generate a diff of this commit:
       cvs rdiff -u -r1.92 -r1.93 pkgsrc/net/wireshark/Makefile
       cvs rdiff -u -r1.61 -r1.62 pkgsrc/net/wireshark/distinfo
Commits on Feb 2, 2013
  1. Pullup ticket #4054 - requested by taca

    tron authored
    net/samba: security update
    
    Revisions pulled up:
    - net/samba/Makefile                                            1.228 via patch
    - net/samba/distinfo                                            1.88
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Wed Jan 30 11:42:55 UTC 2013
    
       Modified Files:
       	pkgsrc/net/samba: Makefile distinfo
    
       Log Message:
       Update samba to 3.6.12.
    
                          ==============================
                          Release Notes for Samba 3.6.12
                                 January 30, 2013
                          ==============================
    
       This is a security release in order to address
       CVE-2013-0213 (Clickjacking issue in SWAT) and
       CVE-2013-0214 (Potential XSRF in SWAT).
    
       o  CVE-2013-0213:
          All current released versions of Samba are vulnerable to clickjacking in the
          Samba Web Administration Tool (SWAT). When the SWAT pages are integrated into
          a malicious web page via a frame or iframe and then overlaid by other content,
          an attacker could trick an administrator to potentially change Samba settings.
    
          In order to be vulnerable, SWAT must have been installed and enabled
          either as a standalone server launched from inetd or xinetd, or as a
          CGI plugin to Apache. If SWAT has not been installed or enabled (which
          is the default install state for Samba) this advisory can be ignored.
    
       o  CVE-2013-0214:
          All current released versions of Samba are vulnerable to a cross-site
          request forgery in the Samba Web Administration Tool (SWAT). By guessing a
          user's password and then tricking a user who is authenticated with SWAT into
          clicking a manipulated URL on a different web page, it is possible to manipulate
          SWAT.
    
          In order to be vulnerable, the attacker needs to know the victim's password.
          Additionally SWAT must have been installed and enabled either as a standalone
          server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has
          not been installed or enabled (which is the default install state for Samba)
          this advisory can be ignored.
    
       Changes since 3.6.11:
       --------------------
    
       o   Kai Blin <kai@samba.org>
           * BUG 9576: CVE-2013-0213: Fix clickjacking issue in SWAT.
           * BUG 9577: CVE-2013-0214: Fix potential XSRF in SWAT.
  2. Pullup ticket #4053 - requested by taca

    tron authored
    net/samba35: security update
    
    Revisions pulled up:
    - net/samba35/Makefile                                          1.26
    - net/samba35/distinfo                                          1.15
    
    ---
       Module Name:	pkgsrc
       Committed By:	taca
       Date:		Wed Jan 30 11:41:44 UTC 2013
    
       Modified Files:
       	pkgsrc/net/samba35: Makefile distinfo
    
       Log Message:
       Update samba35 to 3.5.21.
    
                          ==============================
                          Release Notes for Samba 3.5.21
       			 January 30, 2013
                          ==============================
    
       This is a security release in order to address
       CVE-2013-0213 (Clickjacking issue in SWAT) and
       CVE-2013-0214 (Potential XSRF in SWAT).
    
       o  CVE-2013-0213:
          All current released versions of Samba are vulnerable to clickjacking in the
          Samba Web Administration Tool (SWAT). When the SWAT pages are integrated into
          a malicious web page via a frame or iframe and then overlaid by other content,
          an attacker could trick an administrator to potentially change Samba settings.
    
          In order to be vulnerable, SWAT must have been installed and enabled
          either as a standalone server launched from inetd or xinetd, or as a
          CGI plugin to Apache. If SWAT has not been installed or enabled (which
          is the default install state for Samba) this advisory can be ignored.
    
       o  CVE-2013-0214:
          All current released versions of Samba are vulnerable to a cross-site
          request forgery in the Samba Web Administration Tool (SWAT). By guessing a
          user's password and then tricking a user who is authenticated with SWAT into
          clicking a manipulated URL on a different web page, it is possible to manipulate
          SWAT.
    
          In order to be vulnerable, the attacker needs to know the victim's password.
          Additionally SWAT must have been installed and enabled either as a standalone
          server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has
          not been installed or enabled (which is the default install state for Samba)
          this advisory can be ignored.
    
       Changes since 3.5.20:
       ---------------------
    
       o   Kai Blin <kai@samba.org>
           * BUG 9576: CVE-2013-0213: Fix clickjacking issue in SWAT.
           * BUG 9577: CVE-2013-0214: Fix potential XSRF in SWAT.
Commits on Jan 30, 2013
  1. Pullup ticket #4046 - requested by drochner

    tron authored
    net/libupnp: security patch
    
    Revisions pulled up:
    - net/libupnp/Makefile                                          1.20
    - net/libupnp/distinfo                                          1.19
    
    ---
       Module Name:    pkgsrc
       Committed By:   drochner
       Date:           Tue Jan 29 16:22:47 UTC 2013
    
       Modified Files:
               pkgsrc/net/libupnp: Makefile distinfo
    
       Log Message:
       update to 1.6.18
       changes:
       -fix multiple buffer overflows (CVE-2012-5958..65)
       -more bugfixes, Compilation optimisation
Commits on Jan 13, 2013
  1. Pullup ticket #4012 - requested by dholland

    tron authored
    net/p5-Net-LibIDN: build fix
    
    Revisions pulled up:
    - net/p5-Net-LibIDN/distinfo                                    1.4
    - net/p5-Net-LibIDN/patches/patch-aa                            1.4
    
    ---
       Module Name:	pkgsrc
       Committed By:	dholland
       Date:		Thu Jan  3 20:48:47 UTC 2013
    
       Modified Files:
       	pkgsrc/net/p5-Net-LibIDN: distinfo
       	pkgsrc/net/p5-Net-LibIDN/patches: patch-aa
    
       Log Message:
       Insert rpath for BUILDLINK_PREFIX.libidn as well as using the one that
       comes from Perl, so this will still build if libidn and Perl are
       installed in different trees. Belt-and-suspenders fix for PR 47187 on
       NetBSD, may also fix the problem seen on Dragonfly.
Commits on Jan 2, 2013
  1. Update to 16.0.1

    ryoon authored
    Changelog:
    aria2 1.16.1
    ============
    
    Release Note
    ------------
    
    This release adds the ability to persist GID across sessions. The GID
    will be saved with --save-session. There are several restrictions how
    GID is persisted. See the manual for details. For this change, now GID
    is 64 bits binary data and represented by 16 characters hex string in
    RPC query.  The disk cache feature was added, which may reduce disk
    activity. The console readout was redesigned. The warning displayed
    when --file-allocation=falloc is used on MinGW32 build was removed as
    a bug.
    
    Changes
    -------
    
    * mingw32: Re-open files with read-only mode enabled on seeding
    
      On Mingw32 build, if aria2 opens file with GENERIC_WRITE access
      right, some programs cannot open the file aria2 is seeding. To avoid
      this situation, re-open files with read-only enabled when seeding is
      about to begin.
    
    * Save gid option with --save-session option
    
    * Added --gid option
    
      This option sets GID manually. aria2 identifies each download by the
      ID called GID. The GID must be hex string of 16 characters, thus
      [0-9a-zA-Z] are allowed and leading zeros must not be stripped. The
      GID all 0 is reserved and must not be used. The GID must be unique,
      otherwise error is reported and the download is not added.  This
      option is useful when restoring the sessions saved using
      --save-session option. If this option is not used, new GID is
      generated by aria2.
    
    * Use 64 bits random bytes as GID
    
      This change replaces the current 64 bit sequential GID with 64 bits
      random bytes GID in an attempt to support persistent
      GID. Internally, the GID is stored as uint64_t. For human
      representation and RPC interface, GID is represented as 16 bytes hex
      string. For console readout, 16 bytes are too long, so it is
      abbreviated to first 6 bytes.  When querying GID in RPC calls, user
      can speicfy the prefix of GID as long as the prefix is shared by
      more than 1 GID entries.
    
    * Fixed BitfieldMan::getOffsetCompletedLength overflow on 32-bit systems
    
    * mingw32: Use HANDLE only for MinGW32 build
    
    * Changed console readout, making it more compact
    
      "SIZE:" is removed because it is obvious. SEEDING, SEED, SPD and UP
      are now replaced with SEED, SD, DL and UL respectively.
    
    * Compact readout when more than 1 simultaneous downloads are going on
    
      If more than 1 simultaneous downloads are going on, use more compact
      format in readout. Currently, at most 5 download stats are
      displayed.
    
      util::abbrevSize() is rewritten to support "Gi" unit and provides
      more compact abbreviation.
    
    * Console color output
    
      Log level and download result string is now colored.
    
    * Logger: Simplified console output and change level format in log
    
      The date and time are now removed from console output.  The log
      level is now formatted as "[LEVEL]".
    
    * Start to find faster host before the number of missing segments becomes 1
    
      The old implementation starts to find faster host when the number of
      missing segment becomes 1. Because of --min-split-size option,
      before the number of missing segment becomes 1, the number of
      connection becomes 1 and it can be slow. In this case, we have to
      wait until the last segment is reached. The new implementation
      starts to find faster host when the remaining length is less than
      --min-split-size * 2, to mitigate the problem stated above.
    
    * Removed warning when --file-allocation=falloc is used in MinGW32 build
    
      The warning was just a mistake. SetFilePointerEx + SetEndOfFile
      actually allocate disk space.
    
    * Write data in 4K aligned offset in write with disk cache enabled
    
      This greatly reduces disk activity especially on Win + NTFS.  Not so
      much difference on Linux.
    
    * mingw32: Removed FSCTL_SET_SPARSE set
    
    * Added --disk-cache option
    
      This option enables disk cache. If SIZE is 0, the disk cache is
      disabled. This feature caches the downloaded data in memory, which
      grows to at most SIZE bytes. The cache storage is created for aria2
      instance and shared by all downloads. The one advantage of the disk
      cache is reduce the disk seek time because the data is written in
      larger unit and it is reordered by the offset of the file. If the
      underlying file is heavily fragmented it is not the case.
Commits on Jan 1, 2013
  1. Needs pkg-config

    joerg authored
Commits on Dec 31, 2012
  1. Fix build on Linux (CentOS 6.3).

    ryoon authored
    Add workaround not to try toinclude util.h on Linux.
    Configure should handle util.h properly.
Commits on Dec 26, 2012
  1. Patch inline usage.

    dholland authored
Commits on Dec 25, 2012
  1. Allow building with libxml 2.9.

    joerg authored
  2. stddef.h needed for size_t.

    joerg authored
  3. Fix inline use.

    joerg authored
  4. Update distinfo.

    ryoon authored
  5. Unbound 1.4.19

    pettai authored
    Features:
    
    * RFC6725 deprecates RSAMD5: this DNSKEY algorithm is disabled.
      The contrib/patch_rsamd5_enable.diff patch enables RSAMD5 validation
      otherwise it is treated as insecure. The MD5 hash is considered weak for
      some purposes, if you want to sign your zone, then RSASHA256 is an
      uncontested hash.
    * unbound-control -q option is quiet
    * include: directive in config file accepts wildcards.
      Suggested use: include: "/etc/unbound.d/conf.d/*"
    
    Bug Fixes:
    
    * Fix openssl race condition, initializes openssl locks.
    * Improved forward-first and stub-first documentation.
    * Fix that enables modules to register twice for the same serviced_query,
      without race conditions or administration issues.
    * Fix forward-first option where it sets the RD flag wrongly.
    * added manpage links for libunbound calls.
    * Add documentation to libunbound for default nonuse of resolv.conf.
    * Fix timeouts so that when a server has been offline for a while and is
      probed to see it works, it becomes fully available for server selection again.
    * Fallback to 1472 and 1232, one fragment size without headers.
    * [bugzilla: 465 ] Nicer comments outgoing-port-avoid.
    * chdir to / after chroot call (suggested by Camiel Dobbelaar).
    * updated contrib/unbound.spec.
    * ignore trusted-keys globs that have no files (from Paul Wouters).
    * fix text in unbound-anchor man page.
    * fix build of pythonmod in objdir.
    * make clean and makerealclean remove generated python and docs.
    * Fix validation for responses with both CNAME and wildcard expanded CNAME
      records in answer section.
    * [bugzilla: 477 ] Fix unbound-anchor segfault if EDNS is blocked.
    * Fix unbound-control forward disables configured stubs below it.
    * [bugzilla: 481 ] Fix python example0.
    * iana portlist updated.
Commits on Dec 24, 2012
  1. Fix build on Solaris.

    ryoon authored
    * Define LDFLAGS.SunOS for missing libs
    * Pass LDFLAGS to linker
Commits on Dec 23, 2012
  1. v1.1.3 - Dec 19, 2012

    pettai authored
    ---------------------
    
    Bugfixes
            * Updated manpage.
    
    v1.1.3-rc1 - Dec 6, 2012
    ------------------------
    
    Bugfixes
            * Fixed answering DS queries (RRSIGs not together with DS, AA bit
              missing).
            * Fixed setting ARCOUNT in some error responses with EDNS enabled.
            * Fixed crash when compiling zone zone with NSEC3PARAM but no NSEC3
              and semantic checks enabled.
Commits on Dec 22, 2012
  1. Fixed install for python 2.7, setup.py seems buggy and does not create

    imil authored
    requires.txt when version is > 2.6. There's room for improvement, that's
    a quick fix.
  2. Completely disable manual page compression for this package as it uses

    tron authored
    nested manual page extensively.
    
    Bump package revision for this bug fix.
Commits on Dec 20, 2012
  1. Fix build on Solaris.

    ryoon authored
    curl is also required in link stage.
  2. Added flex

    pettai authored
  3. add and enable grilo-testui

    jnemeth authored
Commits on Dec 19, 2012
  1. Update to 1.122880

    wen authored
    Add LICENSE
    
    Upstream changes:
    1.122880 2012-10-14
        - Updated database: Sun Oct 14 06:40:02 2012 UTC.
        - Added Bonaire, Sint Eustatius and Saba country code: BQ
    
    1.121660 2012-06-14
        - Updated database: Thu Jun 14 06:40:01 2012 UTC.
    
    1.120460 2012-02-15
        - Updated database: Wed Feb 15 06:40:01 2012 UTC.
        - Fix tests due to updated data
    
    1.112870 2011-10-14
        - Added South Sudan country code: .ss
        - Updated database: Fri Oct 14 06:40:01 2011 UTC.
    
    1.112490 2011-09-06
        - Add a "country name" for code ZZ (private IP addresses) (Neil Bowers)
        - Various POD improvements (Neil Bowers)
        - Updated database: Tue Sep  6 06:40:01 2011 UTC.
    
    1.111650 2011-06-14
        - Updated database: Tue Jun 14 06:40:01 2011 UTC.
    
    1.110450 2011-02-14
        - Updated database: Mon Feb 14 06:40:01 2011 UTC.
    
    1.102870 2010-10-14
        - Updated database: Thu Oct 14 06:40:01 2010 UTC.
    
    1.101650 2010-06-14
        - Minor code and test cleanup
        - Updated database: Mon Jun 14 06:40:01 2010 UTC.
Something went wrong with that request. Please try again.