on builtins (broke longjmp usage) and a better cross-compiling support
in combination with -m32/-m64.
Update configuration to include /usr/include/clang-3.0 in the search
path.
- many security related fixes
- no MAXPATHLEN limits
- fixed missing text specification on ascii magic
- new ``pascal'' style string formats
- whitespace comparison fix
- more magic
Postfix releases 2.8.3, 2.7.4, 2.6.10 and 2.5.13 are available. These contain
a fix for CVE-2011-1720 which affects Postfix SMTP server configurations that
use Cyrus SASL authentication. Besides full releases, patches are available
for Postfix 1.1 and later.
This defect was introduced with the Postfix SASL patch, and is present in all
Postfix versions where the command "postconf mail_release_date" reports a
value of 20000314 (March 14, 2000) or greater.
Note: CVE-2011-1720 does not affect Postfix SMTP servers that use Dovecot
SASL authentication. It also does not affect the common Postfix SMTP server
configurations that use only Cyrus SASL mechanisms PLAIN and LOGIN.
More details will be available at http://www.postfix.org/CVE-2011-1720.html.
Merge the libraries into a single frontend, libmandoc.
Iinitial support for eqn(1) functionality.
Additional changes:
Portability fixes (tbl_opts.c 1.11, tbl_layout.c 1.18, tbl.c 1.25)
HTML space fixe (mdocml_html.c 1.163)
ROFF conditional nesting bug (roff.c 1.131)
* 20-resolv.conf now uses the correct variable for $IF_METRIC
* Exclude interface values when dumping the lease
* Parse static value subnet_mask when it exists instead of deriving from
ip address
* logger calls now resemble dhcpcd calls to syslog(3)
* Reject offered IP address if INADDR_BROADCAST or INADDR_ANY
* Change the route if source address has changed
* Note the address we are requesting in the broadcast log entry
* When operating on one interface, respect the timeout for in dhcpcd.conf
* Escape | and & characters before passing the value to the shell
Ensure we set a valid hostname, DNS domain and NIS domain.
Document the need for input validation in dhcpcd-run-hooks(8).
Fixes CVE-2011-996
Based on a patch to dhcpcd-3 by Marius Tomaschewski <mt@suse.de>
Unset TERM when running GDB
GDB inserts some funny control characters in its output when TERM is set to
e.g. xterm. Workaround this by simply unsetting TERM.
Reported by martin@ and diagnosed by pooka@/martin@.
make the lzf_compress() prototype match the function definition - the
prototype always added the state table argument, although it should be
conditionally compiled in. use the same cpp magic as in the source
file to prototype the function in the header file.
Experimental version released on March 31st, 2011.
This is the first release after the creation of the Kyua project, a more
modular and reliable replacement for ATF. From now on, ATF will change to
accomodate the transition to this new codebase, but ATF will still continue
to see development in the short/medium term. Check out the project page at
http://code.google.com/p/kyua/ for more details.
The changes in this release are:
* Added support to run the tests with the Kyua runtime engine (kyua-cli), a
new package that aims to replace atf-run and atf-report. The ATF tests
can be run with the new system by issuing a 'make installcheck-kyua' from
the top-level directory of the project (assuming the 'kyua' binary is
available during the configuration stage of ATF).
* atf-run and atf-report are now in maintenance mode (but *not* deprecated
yet!). Kyua already implements a new, much more reliable runtime engine
that provides similar features to these tools. That said, it is not
complete yet so all development efforts should go towards it.
* If GDB is installed, atf-run dumps the stack trace of crashing test
programs in an attempt to aid debugging. Contributed by Antti Kantee.
* Reverted default timeout change in previous release and reset its value
to 5 minutes. This was causing several issues, specially when running
the existing NetBSD test suite in qemu.
* Fixed the 'match' output checker in atf-check to properly validate the
last line of a file even if it does not have a newline.
* Added the ATF_REQUIRE_IN and ATF_REQUIRE_NOT_IN macros to atf-c++ to
check for the presence (or lack thereof) of an element in a collection.
* PR bin/44176: Fixed a race condition in atf-run that would crash atf-run
when the cleanup of a test case triggered asynchronous modifications to
its work directory (e.g. killing a daemon process that cleans up a pid
file in the work directory).
* PR bin/44301: Fixed the sample XSLT file to report bogus test programs
instead of just listing them as having 0 test cases.
Retry calls that raise file system errors during cleanup
If a test case mounts user-space (puffs/fuse) file systems or spawns
server processes that create pid files, the termination of the
corresponding processes does not guarantee that the file system is
left in a consistent state immediately. The cleanup routines of both
components (file systems and daemons) may still be running.
This situation causes a race condition between the termination of the
auxiliary processes and our own file system cleanup: the file system
calls performed from within the cleanup routine may raise errors
because the file system is still changing underneath. (E.g. we first
enumerate the contents of a directory and get file X, but when we
attempt to delete file X, it may be gone.)
Deal with this by retrying failing file system calls a few times and
ignoring "expected" errors before giving up.
- Bugfix: postscreen DNSBL scoring error. When a client disconnected
and then reconnected before all DNSBL results for the earlier
session arrived, DNSBL results for the earlier session would be
added to the score for the later session. This is very unlikely
to have affected any legitimate mail.
- Workaround: the SMTP client did not support mail to [ipv6:ipv6addr].
name, provides a proper CPP mode and fixes a number of compat issues
in the integrated assembler.
Build the toolchain compiler optimized and without assertions now.
Really kill subprocesses of a test case before waiting for its completion
Before waiting for any leftover output of the test case after it terminates,
we must ensure that all of its subprocess are really, really dead. Otherwise,
these subprocesses may be sharing the stdout of the test case, in which case
our wait will block (potentially indefinitely).
This finally (well, hopefully) fixes some random lockups exposed by the
NetBSD test suite. Reported by Antti Kantee after
tests/fs/vfs/t_full:p2k_ffs_fillfs was exposing this problem in a pretty
reproducible manner.
tmux is a "terminal multiplexer". It enables a number of terminals (or
windows) to be accessed and controlled from a single terminal. tmux is
intended to be a simple, modern, BSD-licensed alternative to programs
such as GNU screen.
The import of tmux is intended to replace window(1) in the not-too-distant
future. For reference, tmux is also present in the base system of FreeBSD
and OpenBSD.
Approved by core@.
in particular, parse.y was being processed twice.. with one
process leaving a y.tab.h file behind
no need to explicitly add scan.c, parse.c and parse.h to CLEANFILES,
the framework knows they are generated and will remove them
Postfix stable release 2.8.0 is available. This release continues the
move towards improving code and documentation, and making the system
better prepared for changes in the threat environment.
The postscreen daemon (a zombie blocker in front of Postfix) is now
included with the stable release. postscreen now supports TLS and can
log the rejected sender, recipient and helo information. See the
POSTSCREEN_README file for recommended usage scenarios.
Support for DNS whitelisting (permit_rhswl_client), and for pattern
matching to filter the responses from DNS white/blacklist servers
(e.g., reject_rhsbl_client zen.spamhaus.org=127.0.0.[1..10]).
Improved message tracking across SMTP-based content filters; the
after-filter SMTP server can log the before-filter queue ID (the
XCLIENT protocol was extended).
Read-only support for sqlite databases. See sqlite_table(5) and
SQLITE_README.
Support for 'footers' that are appended to SMTP server "reject"
responses. See "smtpd_reject_footer" in the postconf(5) manpage.