1.0.6 (6 Sept 10)
~~~~~~~~~~~~~~~~~
* Security fix for CVE-2010-0405. This was reported by Mikolaj
Izdebski.
* Make the documentation build on Ubuntu 10.04
instead, which is the main thread instead of the currently executing thread
which is not what we want, since we've been running and nother thread might
have just started.
1. thread_self() returns a pointer, not an unsigned integer
2. Add NetBSD to Apple and FreeBSD defines
3. Add _NETBSD_SOURCE where needed
4. Add an extra define BEGIN_PROTECTV for void functions to avoid return
free(); where free is void.
5. Avoid weak symbol hacks to determine if we are threaded or not. We
have a threaded copy of the library, why bother?
6. change __attribute -> __attribute__ since the former is not covered by
our cdefs.h
causes gcc indigestion (internal compiler error) for all m68k ports.
mrg@ says this will do for now, and committing to this generated-
by-mknative file is ok.
Fixes CVE-2012-1147, CVE-2012-1148 and CVE-2012-0876 (other security
issues have been previously fixed in our tree)
relevant Changes:
Release 2.1.0 Sat March 24 2012
- Bug Fixes:
#1742315: Harmful XML_ParserCreateNS suggestion.
#2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
#1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3.
#1983953, 2517952, 2517962, 2649838:
Build modifications using autoreconf instead of buildconf.sh.
#2815947, #2884086: OBJEXT and EXEEXT support while building.
#1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.
#2517938: xmlwf should return non-zero exit status if not well-formed.
#2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml.
#2855609: Dangling positionPtr after error.
#2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
#2958794: CVE-2012-1148 - Memory leak in poolGrow.
#2990652: CMake support.
#3010819: UNEXPECTED_STATE with a trailing "%" in entity value.
#3206497: Unitialized memory returned from XML_Parse.
#3287849: make check fails on mingw-w64.
#3496608: CVE-2012-0876 - Hash DOS attack.
- Patches:
#1749198: pkg-config support.
#3010222: Fix for bug #3010819.
#3312568: CMake support.
#3446384: Report byte offsets for attr names and values.
- New Features / API changes:
Added new API member XML_SetHashSalt() that allows setting an intial
value (salt) for hash calculations. This is part of the fix for
bug #3496608 to randomize hash parameters.
When compiled with XML_ATTR_INFO defined, adds new API member
XML_GetAttributeInfo() that allows retrieving the byte
offsets for attribute names and values (patch #3446384).
Added CMake build system.
See bug #2990652 and patch #3312568.
Added run-benchmark target to Makefile.in - relies on testdata module
present in the same relative location as in the repository.
* Add a suffix to all our config files so that RA never stamps on IPv4
* All valgrind errors fixed on FreeBSD (with ./configure --debug=YES)
* When started with an interface list, respect that with signal handling
* Fix a potential route table corruption if we failed to add a route
* Added resolv_conf_local_only which defaults to true.
This means that if you configure a local nameserver we don't add
any other nameservers to resolv.conf to avoid duplicate queries.
* Add domain_blacklist and name_server_blacklist variables.
We default name_server_blacklist to 0.0.0.0 to handle some faulty
routers.
* Add .Lk macro to URLs.
* Fix IPv6 parsing on domains which include an IPv4 server for dnsmasq.
The full changelog is at
http://pcc.ludd.ltu.se/fisheye/changelog/~date=2012-03-25T06%3A00%3A00/pcc
and includes some bug and documentation fixes.
The siginifcant improvements were that the __returns_twice__ attribute is
now accepted, and a problem parsing attributes on parameters of function
prototypes was fixed.
(both of these issues caused problems compiling with the NetBSD headers)
mean average). Program behaviour now tallies with the man page, but more
importantly, the default behaviour is now sensible for modern multi-core
machines.
If you want the previous behaviour, please set TOP="-1" in your environment.
Fix multiple "1" options not toggling and thus allow settings in TOP
environmental variable to be reversed by a command line option.
Tweak description of "1" command in interactive mode.
OK christos@
New sentence, new line.
Sort options and option descriptions.
Sort SEE ALSO.
Use Fl Fl for long options.
Comment out --version description which binary doesn't support.
* We store the RA against the interface so we can do a comparsion
so we don't spam the log frequently.
* By default only fork on RA if it has a valid RDNSS option
* Add .Lk macros to the man pages
* Use correct event loop calls in RA handling code
* Fix several memory overrun issues
* Use CSR more than once
* Allow operation on Bridge and VLAN interfaces
- Add a -w flag which will make the sanity script sleep for a second before
and after checkouts, commits, and updates.
- Fix expected output to look for the right default action on empty log
message. It's now "abort".
- Add new requests "Checkin-prog" and "Update-prog" to expectation values.
- Add new "access"âand "group" files to CVSROOT admin database expectation
values.
- All tests pass except client-20, which hangs.
The problem has to do with the threaded initialization.
After we take the first breakpoint and we enter single step mode,
we set trap_expected = 1 in the thread_info structure for main <pid,0,0>.
After the threads initialize, the main thread becomes <pid,1,0>, and so
we get a new thread_info struct with trap_expected = 0, and so we break.
message.
Currently you can't prepare that in advance and then use cvs import -F
file to supply the log message in a file. Will file a PR on cvs for this.
