announced by ISC dated 31 October (delivered via e-mail to the
bind-announce@isc.org list today):
Description:
Because of OpenSSL's recently announced vulnerabilities
(CAN-2006-4339, CVE-2006-2937 and CVE-2006-2940) which affect named,
we are announcing this workaround and releasing patches. A proof of
concept attack on OpenSSL has been demonstrated for CAN-2006-4339.
OpenSSL is required to use DNSSEC with BIND.
Fix for version 9.3.2-P1 and lower:
Upgrade to BIND 9.2.3-P2, then generate new RSASHA1 and
RSAMD5 keys for all old keys using the old default exponent
and perform a key rollover to these new keys.
These versions also change the default RSA exponent to be
65537 which is not vulnerable to the attacks described in
CAN-2006-4339.
* The volume probing helper can take up to a minute to run the isoinfo
command against data DVDs, so bump the timeout up to 60 seconds.
* Fix a spurious warning when running lshal
Add two new properties to SCSI block devices. The first is
block.freebsd.cam_path which is a bus,target,lun path to a SCSI device.
This is needed by tools such as cdrecord, and by adding a private freebsd
property, it is much easier to get apps like nautilus-cd-burner working.
The second property is block.freebsd.atapi_cam_device. This property is
actually attached to ATAPI CAM devices, and denotes the CAM block device
associated with this ATAPI block device. This may be useful for programs
that can only operate with CAM-compliant devices.
Finally, update the volume probing code so that blank discs are treated as
volumes. This is sort of crude. We basically say a disc is blank is it
is a disc and contains no data and no audio.
With all of these changes, plus a minor change to nautilus-cd-burner, n-c-b
now works again on FreeBSD.
for memory allocation instead of SER's own one. Stress tests failed to
show any considerable difference in the performance, while system version
provides much better scalability and in future should also provide some
benefits on SMP systems.
Changes the default error page from basically having a reload button
to having the following choices:
- Google cache
- Archival snapshot from the wayback machine
- Ping
- Trace route
- Whois lookup
- Coral cache
WWW: http://www.jaybaldwin.com/News.aspx?id=51
PR: ports/105079
Submitted by: Steven Kreuzer <skreuzer@f2o.org>
fdmf is portable perl/C software for finding pairs of music files in a
collection that are likely to contain the same music. It works on the
music itself, not on the filename, tags, or headers. It uses an audio
fingerprint, or perceptual hash to recognize the duplicate files. It is
currently under heavy development, so it might be buggy, broken, or
otherwise bad. But it works for me.
WWW: http://www.w140.com/audio/
Author: Kurt Rosenfeld <kurt at w140 dot com>
configuration.txt contains the configuration for server and port.
It will be read automatically by the program at beginning of execution,
so you don't have to fill the server and port value every time manually.
You can modify the configuration.txt file if necessary.
In order for the configuration.txt to work,
you have to put it in the same directory as the program.
Innerspace is a screensaver which is compatible with BackSpace
from the NeXTSTEP era. It can, with few changes to the module,
run old BackSpace modules.
WWW: http://www.nongnu.org/gap/innerspace/index.html
The well-known minesweeper game.
Left-click to uncover, right-click to mark.
The look is inspired by the KDE minesweeper program.
WWW: http://www.gnustep.it/marko/GMines/index.html
