* Fix warnings reported by clang.
* Using -1 is the same as 0, except older libpcap left 0 undefined.
* Fixed non-conflict.
* Always process all waiting packets.
Tested on amd64.
Ok benoit@ (maintainer)
* Improved HTTPS cipher handling and added support for chained certificates.
* Allow the source password to be undefined. There was a corner case,
where a default password would have taken effect. It would require the
admin to remove the 'source-password' from the icecast config to take
effect. Default configs ship with the password set, so this
vulnerability doesn't trigger there.
* Prevent error log injection of control characters by substituting
non-alphanumeric characters with a '.' (CVE-2011-4612). Injection
attempts can be identified via access.log, as that stores URL encoded
requests. Investigation if further logging code needs to have
sanitized output is ongoing.
Tested on amd64.
Reads fine aja@
r1.1183 this is now subpackage-dependent - nfsen sets a different PREFIX for
different subpackages and this change caused failures in DPB builds (but not
normal builds) as they pass the subpackage in SUBDIR.
Problem reported by krw, ok espie@.
- MINOR: stats admin: allow unordered parameters in POST requests
- BUG/MAJOR: possible crash when using capture headers on TCP frontends
- MINOR: config: disable header captures in TCP mode and complain
- CLEANUP: http: message parser must ignore HTTP_MSG_ERROR
- BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set
- MINOR: proxy: make findproxy() return proxies from numeric IDs too
- BUG/MINOR: stop connect timeout when connect succeeds
And others (http://haproxy.1wt.eu/download/1.4/src/CHANGELOG), while here GROFF is not needed,
add a rc.d(8) script and maintainer drop maintainership.
Tested on i386.
Ok sthen@ (untested)
Changes in version 0.2.2.38 - 2012-08-12
Tor 0.2.2.38 fixes a rare race condition that can crash exit relays;
fixes a remotely triggerable crash bug; and fixes a timing attack that
could in theory leak path information.
CVE-2012-3570: An Error in the Handling of an Unexpected Client
Identifiers can Cause Server Crash When Serving DHCPv6
CVE-2012-3571: An Error in the Handling of Malformed Client Identifiers
can Cause a Denial-of-Service Condition in Affected Servers
CVE-2012-3954: Memory Leaks Found in ISC DHCP
- rc.d script now generates the unbound-control keys if they don't exist
and the sample config file is patched to enable this, various rc.d/unbound
actions depend on this, pointed out/ok aja@
version of BIND than is in the base OS (some people require features
from this version e.g. DNS64), but note that it does not include
the hardening changes made to the version in base.
feedback from naddy@ giovanni@, ok giovanni@.
"BIND is open source software that implements the Domain Name System
(DNS) protocols for the Internet. It is a reference implementation
of those protocols, but it is also production-grade software,
suitable for use in high-volume and high-reliability applications."
TTG is a small command-line utility to display the throughput (bandwidth
usage) on an interface of a remote device such as a router, switch, etc.,
over SNMP.
Unlike tools like MRTG which sample bandwidth over a relatively long
interval (often 5 minutes), TTG is normally used to display throughput
over as little as one second.
(from FreeBSD)
Fix a bug where manual tracker update for a preferred tracker that
fails would end up rerequesting instantly
(upstream git commit 78f56ee74cecd8e82d39baaea10395301fbec4b8)
* Creates a BitTorrent metainfo file from a file or directory in a
simple and fast way.
* Supports multiple trackers.
* Can add a custom comment to the metainfo file.
* Can add the private flag to dissalow DHT and Peer Exchange.
* Can add web seed URLs.
* Hashing can be done multi threaded and supports multiple CPUs.
Change Web and MASTER_SITE, zap some white spaces and change License, and
put myself as maintainer.
Tested on i386 and sparc64.
Ok stsp@ (ex-maintainer) naddy@
Net::SMTP::TLS::ButMaintained is a TLS and AUTH capable SMTP client
which offers an interface that users will find familiar from Net::SMTP.
Net::SMTP::TLS::ButMaintained implements a subset of the methods
provided by that module, but certainly not (yet) a complete mirror
image of that API.
It is forked from the no-longer-maintained Net::SMTP::TLS.
OSPFView Perl module OSPF::LSDB reads the link-state database from
an OSPF daemon. Then it creates a dot graphic which can be displayed
with graphviz.
The OSPF::LSDB Perl module and its submodules implement the
functionality to hold, parse, check, display the content of an OSPF
link-state database.
Additionally the OSPFView package contains command-line tools to
read the link-state database from an ospf daemon. Then it creates
a dot graphic which can be displayed with graphviz. At the moment
OpenBSD ospfd and ospf6d and gated 3.6 are supported. Cisco support
is experimental.
OK sthen@
Net::TCLink is a module that allows for fast, secure, reliable credit
card and check transactions via the TrustCommerce IP gateway. The
module consists of a single function call that accepts a hash
describing the requested transaction and returns a map that describes
the result.
o Fix possible memory leaks in the Samba master process (bug #8970).
o Fix uninitialized memory read in talloc_free().
o Fix joining of XP Pro workstations to 3.6 DCs (bug #8373).
from Jona Joachim, ok landry@.
WeeChat (Wee Enhanced Environment for Chat) is a fast and light chat
environment for many operating systems. Everything can be done with a
keyboard. It is customizable and extensible with scripts.
