Changes:
VERSION 2.1 : released 2018/05/07
2018/05/07:
CMake Modernize and cleanup CMakeLists.txt
Update MS Visual Studio projects
2018/04/30:
listdevices: show devices sorted by XML desc URL
2018/04/26:
Small fix in miniupnpcmodule.c (python module)
Support cross compiling in Makefile.mingw
2018/04/06:
Use SOCKET type instead of int (for Win64 compilation)
Increments API_VERSION to 17
2018/02/22:
Disable usage of MiniSSDPd when using -m option
2017/12/11:
Fix buffer over run in minixml.c
Fix uninitialized variable access in upnpreplyparse.c
2017/05/05:
Fix CVE-2017-8798 Thanks to tin/Team OSTStrom
2016/11/11:
check strlen before memcmp in XML parsing portlistingparse.c
fix build under SOLARIS and CYGWIN
2016/10/11:
Add python 3 compatibility to IGD test
2.7.9
- Minor fixes
2.7.8
- Adding henet to supported providers
2.7.7
- Fix for cloudns
2.7.6
- Tests fixes
2.7.5
- Add support for inwx provider
2.7.4
- Add support for Plesk API
Changes:
19 Sep 2018: chrony-3.4 released
Enhancements
Add filter option to server/pool/peer directive
Add minsamples and maxsamples options to hwtimestamp directive
Add support for faster frequency adjustments in Linux 4.19
Change default pidfile to /var/run/chrony/chronyd.pid to allow chronyd without root privileges to remove it on exit
Disable sub-second polling intervals for distant NTP sources
Extend range of supported sub-second polling intervals
Get/set IPv4 destination/source address of NTP packets on FreeBSD
Make burst options and command useful with short polling intervals
Modify auto_offline option to activate when sending request failed
Respond from interface that received NTP request if possible
Add onoffline command to switch between online and offline state according to current system network configuration
Improve example NetworkManager dispatcher script
Bug fixes
Avoid waiting in Linux getrandom system call
Fix PPS support on FreeBSD and NetBSD
4 Apr 2018: chrony-3.3 released
Enhancements
Add burst option to server/pool directive
Add stratum and tai options to refclock directive
Add support for Nettle crypto library
Add workaround for missing kernel receive timestamps on Linux
Wait for late hardware transmit timestamps
Improve source selection with unreachable sources
Improve protection against replay attacks on symmetric mode
Allow PHC refclock to use socket in /var/run/chrony
Add shutdown command to stop chronyd
Simplify format of response to manual list command
Improve handling of unknown responses in chronyc
Bug fixes
Respond to NTPv1 client requests with zero mode
Fix -x option to not require CAP_SYS_TIME under non-root user
Fix acquisitionport directive to work with privilege separation
Fix handling of socket errors on Linux to avoid high CPU usage
Fix chronyc to not get stuck in infinite loop after clock step
15 Sep 2017: chrony-3.2 released
Enhancements
Improve stability with NTP sources and reference clocks
Improve stability with hardware timestamping
Improve support for NTP interleaved modes
Control frequency of system clock on macOS 10.13 and later
Set TAI-UTC offset of system clock with leapsectz directive
Minimise data in client requests to improve privacy
Allow transmit-only hardware timestamping
Add support for new timestamping options introduced in Linux 4.13
Add root delay, root dispersion and maximum error to tracking log
Add mindelay and asymmetry options to server/peer/pool directive
Add extpps option to PHC refclock to timestamp external PPS signal
Add pps option to refclock directive to treat any refclock as PPS
Add width option to refclock directive to filter wrong pulse edges
Add rxfilter option to hwtimestamp directive
Add -x option to disable control of system clock
Add -l option to log to specified file instead of syslog
Allow multiple command-line options to be specified together
Allow starting without root privileges with -Q option
Update seccomp filter for new glibc versions
Dump history on exit by default with dumpdir directive
Use hardening compiler options by default
Bug fixes
Don’t drop PHC samples with low-resolution system clock
Ignore outliers in PHC tracking, RTC tracking, manual input
Increase polling interval when peer is not responding
Exit with error message when include directive fails
Don’t allow slash after hostname in allow/deny directive/command
Try to connect to all addresses in chronyc before giving up
31 Jan 2017: chrony-3.1 released
Enhancements
Add support for precise cross timestamping of PHC on Linux
Add minpoll, precision, nocrossts options to hwtimestamp directive
Add rawmeasurements option to log directive and modify measurements option to log only valid measurements from synchronised sources
Allow sub-second polling interval with NTP sources
Bug fixes
Fix time smoothing in interleaved mode
16 Jan 2017: chrony-3.0 released
Enhancements
Add support for software and hardware timestamping on Linux
Add support for client/server and symmetric interleaved modes
Add support for MS-SNTP authentication in Samba
Add support for truncated MACs in NTPv4 packets
Estimate and correct for asymmetric network jitter
Increase default minsamples and polltarget to improve stability with very low jitter
Add maxjitter directive to limit source selection by jitter
Add offset option to server/pool/peer directive
Add maxlockage option to refclock directive
Add -t option to chronyd to exit after specified time
Add partial protection against replay attacks on symmetric mode
Don’t reset polling interval when switching sources to online state
Allow rate limiting with very short intervals
Improve maximum server throughput on Linux and NetBSD
Remove dump files after start
Add tab-completion to chronyc with libedit/readline
Add ntpdata command to print details about NTP measurements
Allow all source options to be set in add server/peer command
Indicate truncated addresses/hostnames in chronyc output
Print reference IDs as hexadecimal numbers to avoid confusion with IPv4 addresses
Bug fixes
Fix crash with disabled asynchronous name resolving
21 Nov 2016: chrony-2.4.1 released
Bug fixes
Fix processing of kernel timestamps on non-Linux systems
Fix crash with smoothtime directive
Fix validation of refclock sample times
Fix parsing of refclock directive
7 Jun 2016: chrony-2.4 released
Enhancements
Add orphan option to local directive for orphan mode compatible with ntpd
Add distance option to local directive to set activation threshold (1 second by default)
Add maxdrift directive to set maximum allowed drift of system clock
Try to replace NTP sources exceeding maximum distance
Randomise source replacement to avoid getting stuck with bad sources
Randomise selection of sources from pools on start
Ignore reference timestamp as ntpd doesn’t always set it correctly
Modify tracking report to use same values as seen by NTP clients
Add -c option to chronyc to write reports in CSV format
Provide detailed manual pages
Bug fixes
Fix SOCK refclock to work correctly when not specified as last refclock
Fix initstepslew and -q/-Q options to accept time from own NTP clients
Fix authentication with keys using 512-bit hash functions
Fix crash on exit when multiple signals are received
Fix conversion of very small floating-point numbers in command packets
Removed features
Drop documentation in Texinfo format
16 Feb 2016: chrony-2.3 released
Enhancements
Add support for NTP and command response rate limiting
Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris
Add require and trust options for source selection
Enable logchange by default (1 second threshold)
Set RTC on Mac OS X with rtcsync directive
Allow binding to NTP port after dropping root privileges on NetBSD
Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled
Resolve names in separate process when seccomp filter is enabled
Replace old records in client log when memory limit is reached
Don’t reveal local time and synchronisation state in client packets
Don’t keep client sockets open for longer than necessary
Ignore poll in KoD RATE packets as ntpd doesn’t always set it correctly
Warn when using keys shorter than 80 bits
Add keygen command to generate random keys easily
Add serverstats command to report NTP and command packet statistics
Bug fixes
Fix clock correction after making step on Mac OS X
Fix building on Solaris
20 Jan 2016: chrony-2.2.1 and chrony-1.31.2 released
Security fixes
Restrict authentication of NTP server/peer to specified key (CVE-2016-1567)
CVE-2016-1567: Impersonation between authenticated peers
When a server/peer was specified with a key number to enable authentication with a symmetric key, packets received from the server/peer were accepted if they were authenticated with any of the keys contained in the key file and not just the specified key.
This allowed an attacker who knew one key of a client/peer to modify packets from its servers/peers that were authenticated with other keys in a man-in-the-middle (MITM) attack. For example, in a network where each NTP association had a separate key and all hosts had only keys they needed, a client of a server could not attack other clients of the server, but it could attack the server and also attack its own clients (i.e. modify packets from other servers).
To not allow the server/peer to be authenticated with other keys, the authentication test was extended to check if the key ID in the received packet is equal to the configured key number. As a consequence, it’s no longer possible to authenticate two peers to each other with two different keys, both peers have to be configured to use the same key.
This issue was discovered by Matt Street of Cisco ASIG.
19 Oct 2015: chrony-2.2 released
Enhancements
Add support for configuration and monitoring over Unix domain socket (accessible by root or chrony user when root privileges are dropped)
Add support for system call filtering with seccomp on Linux (experimental)
Add support for dropping root privileges on NetBSD
Control frequency of system clock on FreeBSD, NetBSD, Solaris
Add system leap second handling mode on FreeBSD, NetBSD, Solaris
Add dynamic drift removal on Mac OS X
Add support for setting real-time priority on Mac OS X
Add maxdistance directive to limit source selection by root distance (3 seconds by default)
Add refresh command to get new addresses of NTP sources
Allow wildcard patterns in include directive
Restore time from driftfile with -s option if later than RTC time
Add configure option to set default hwclockfile
Add -d option to chronyc to enable debug messages
Allow multiple addresses to be specified for chronyc with -h option and reconnect when no valid reply is received
Make check interval in waitsync command configurable
Bug fixes
Fix building on NetBSD, Solaris
Restore time from driftfile with -s option if reading RTC failed
Removed features
Drop support for authentication with command key (run-time configuration is now allowed only for local users that can access the Unix domain socket)
23 Jun 2015: chrony-2.1.1 released
Bug fixes
Fix clock stepping by integer number of seconds on Linux
22 Jun 2015: chrony-2.1 released
Enhancements
Add support for Mac OS X
Try to replace unreachable and falseticker servers/peers specified by name like pool sources
Add leaponly option to smoothtime directive to allow synchronised leap smear between multiple servers
Use specific reference ID when smoothing served time
Add smoothing command to report time smoothing status
Add smoothtime command to activate or reset time smoothing
Bug fixes
Fix crash in source selection with preferred sources
Fix resetting of time smoothing
Include packet precision in peer dispersion
Fix crash in chronyc on invalid command syntax
27 Apr 2015: chrony-2.0 released
Enhancements
Update to NTP version 4 (RFC 5905)
Add pool directive to specify pool of NTP servers
Add leapsecmode directive to select how to correct clock for leap second
Add smoothtime directive to smooth served time and enable leap smear
Add minsources directive to set required number of selectable sources
Add minsamples and maxsamples options for all sources
Add tempcomp configuration with list of points
Allow unlimited number of NTP sources, refclocks and keys
Allow unreachable sources to remain selected
Improve source selection
Handle offline sources as unreachable
Open NTP server port only when necessary (client access is allowed by allow directive/command or peer/broadcast is configured)
Change default bindcmdaddress to loopback address
Change default maxdelay to 3 seconds
Change default stratumweight to 0.001
Update adjtimex synchronisation status
Use system headers for adjtimex
Check for memory allocation errors
Reduce memory usage
Add configure options to compile without NTP, cmdmon, refclock support
Extend makestep command to set automatic clock stepping
Bug fixes
Add sanity checks for time and frequency offset
Don’t report synchronised status during leap second
Don’t combine reference clocks with close NTP sources
Fix accepting requests from configured sources
Fix initial fallback drift setting
Bugfixes:
#5038: Repeating INFO: UPnP parse: unrecognized UPnP device of type upnp:rootdevice
#5063: panic: cannot start already running folder
#5073: lib/logger: tests fail due to compilation error with go 1.11
#5089: Invalid files shouldn't affect global state
#5144: Tests fail on Go 1.11 / Windows
#5149: Index updates lost
Other issues:
#3595: stdiscosrv: Doesn't build on Solaris
#5043: root on symlinked path causes panic when using "Watch for changes"
Also:
This release includes initial support for "receive only" folders.
See https://docs.syncthing.net/users/foldertypes.html#receive-only-folder.
Haven't found anything that can be used as a NEWS/changelog, possibly
due to losing history in a repository move.
However, author states there's a few security/bug fixes.
update MAINTAINER, HOMEPAGE, etc.
PR pkg/53638
by default. Deprecate 'djbdns-qmerge1'.
When applying the 'djbdns-mergequeries' patch, also apply a missing
bounds check. Patch from Tim Stewart on dns@list.cr.yp.to.
Bump PKGREVISION.
Provided by Coy Hile in joyent/pkgsrc#131. Fixes an issue where the module
builds would fail if they found a system LDAP. Fix print-PLIST while here.
FreeRADIUS 3.0.17 Tue 17 Apr 2018 14:00:00 EDT urgency=low
Feature improvements
* Add CURLOPT_CAINFO. Patch from Nicolas C.
#2167
* "stats home server" now supports "src IPADDR",
to specify home server also by source IP. Fixes#2169.
* Add Dockerfiles for a selection of common systems.
* Increase number of permitted file descriptors, for
systems with many home servers.
* Add TLS-Client-Cert-X509v3-Extended-Key-Usage-OIDs.
Patch from Isaac Boukris. Fixes#2205.
* Update main READMEs. Patches from Matthew Newton.
* Added dictionary.mimosa
Bug fixes
* Don't call post-proxy twice when proxying to
a virtual server. Matthew Newton, #2161.
* Use "raw" string value for shared secrets and dynamic clients.
It now parses strings with backslashes and "special characters"
correctly. Fixes#2168.
* Fix RuntimeDirectory for RedHat, from Alan Buxey.
* Relax checks in 'if' parser from Isaac Bourkis
* Minor cleanups for %{debug_attr:&request} from Isaac Boukris.
* Be more aggressive about cleaning up cached certificate attributes,
due to deficiencies in OpenSSL. Reported by Nicolas Reich.
* Be more accepting when parsing IPv6 addresses. Bug noted
by Klara Mall.
* Fix double free in rlm_sql. Fixes#2180.
* rlm_detail now writes empty Access-Accept packets.
* rlm_python can now create tagged attributes.
* Don't crash on duplicate realm + authhost / accthost.
Bug found by Richard Palmer.
* Allow partial certificate chain to trusted CA. Fixes#2162
* Treat SSL_read() returning zero as error. Fixes#2164.
* detail writer now checks if the file was renamed or deleted.
* Add User-Name to Access-Accept if EAP-Message exists,
not Stripped-User-Name.
* RedHat Systemd updates. Fixes#2184
* Use correct API for State variable in rlm_securid.
* Remove broken radclient option "-i".
* Fix "users" file (and hints, etc). So that it does not
get confused about entry ordering with multiple $INCLUDEs.
* Fix rlm_sql to expand the un-escaped string, not the raw string.
* Link default and inner-tunnel only if they exist. Fixes#2206.
* Don't use both IP_PKTINFO and IP_SENDSRCADDR.
* Always install signal handler for SIGINT (needed by Docker).
* Fix intermediate CA flow for OCSP. Fixes#2160.
Intermediate certs which are not self-signed will now be
checked.
* sqlippool now returns "fail" if it fails IP allocation.
* Fix rlm_yubikey to look for correct attribute in replay
attack check.
This is the latest git version of the program (from 2015 though).
Switch the build to use gnutls for the command line program,
since openssl 1.1 is not supported.
Various changes since the last released version, but only git log
available. Mostly bugfixes.
Update bl3.mk file: neither zlib nor openssl nor gnutls headers/libraries
are used by the library, so remove all bl3.mk includes.
Changes for version 1.3.1:
* Cleaned up deprecation warnings
* Fixed SNMP::Integer#<=> method for Ruby 2.3.0 and later
* Removed artificial limit on number of non-repeaters for GetBulkRequest
* SNMP::BER module no longer pollutes global namespace
v2.1.23 (2018/09/20)
* use yaml for remapping; remove json transpose code (#177)
- use yaml for remapping; remove json transpose code
- temporarily revert cpe change on win2k3
* TELNET: Initial commit (#178)
* Add better support for Array networks/ArrayOS
v.2.1.22 - 2018.09.04
* New fingerprint coverage: apache_modules.xml #174
- Adds support for performing version detection of Apache modules in HTTP
Server headers.
- Client software calling Recog is expected to split an Apache banner based
on spaces and toss the individual values at Recog.
- This is a first pass, more work will be required to fully flesh this out.
* Improved coverage: http_servers.xml #175
- Leveraging Project Sonar data from 2018.08.13 has resulted in significant
(multiple millions) improvement of fingerprinting against that data set.
- hw.* values added where possible
* Minor FTP tweaks
v.2.1.22 - 2018.08.29
* New capability: CPE 2.3 data #172
- Added preliminary support for returning CPE 2.3 information via a new
fingerprint param named service.cpe23 which can be literal strings or
interpolated values.
Example:
<param pos="0" name="service.cpe23" value="cpe:/a:vmware:zimbra_desktop:1"/>
or
<param pos="0" name="service.cpe23" value="cpe:/a:vmware:zimbra_desktop:{service.version}"/>
- Software, other than Ruby Recog, that leverage the XML directly will need
to support interpolating the values in order to fully utilize this
capability.
- Future changes to enhance this capability and make creating interpolated
results easier are expected in the near future.
- See PR #172 for more details
* Misc fingerprint updates and changes, some of which were to support CPE
changes.
- Changed the use of 'F5 Labs' to 'F5' in multiple files #171
- Change certain Cisco PIX fingerprints from 'service.' to 'os.' #170
v.2.1.20 - 2018.06.27
* Compatibility: Adjustments to the regex of multiple fingerprints to remove
negative lookaheads and other contructs that Golang doesn't support. #162
v.2.1.19 - 2018.04.16
* Improved coverage: xml/smtp_banners.xml #160
- Note: Due to effort to cleanup description lines (remove duplicates,
remove multilines, provide context, standardize format) almost every value
for <description> has changed. This will impact the value returned as
matched with tools such as DAP.
- Project Sonar SMTP survey data was used to enhance and improve the
coverage. Full details and metrics can be found in #160
- Improved the accuracy and/or flexibility of multiple fingerprints.
- Changed ALL instances of flags="REG_ICASE" to an inline flag (?i:) in
order to make the regex compatible with more languages.
- Implemented fingerprint examples for those fingerprints where examples
could be found.
- This sometimes resulted in removing fingerprints that were actually
duplicates or trivially different.
- Reworked description values so as to remove examples and ensure that this
field is unique within the file as the value of description serves as an
identifier when processing fingerprints. Multiline descriptions were
reduced to single line where possible. Many descriptions were modified.
- Fixed multiple instances where captures where under/over capturing. For
example, some fingerprints would have captured the examples but the
examples were missing leading or ending spaces. Other fingerprints were
over-broad in what they would capture leading to fall positives or
misidentification.
- Fixed multiple instances where the portion of the version banner that was
captured was different between two products in the same family.
- Removed various real and example hostnames from examples and standardized
on 'foo.bar'
- Corrected system.time.format so as to match timestamp provided by service
- Reworked date regex for multiple matches to remove inadvertent requirement
for two digit day value when the banner included a single digit day.
2.0.4 (2018/03/29)
* Fix for exception bug
2.0.5 (2018/08/17)
* Fixed a bug in the Ping::HTTP class where it didn't reflect user_agent
setting to actual http request
* Fixed Ping::HTTP to support custom User-Agent
4.1:
Fix problem when socket fd is 0
Fix running on servers with disabled IPv6
Allow running "fping -h" or "--help" even when raw socket can't be opened
Fix build issue with FreeBSD and IPv6
Update bind912 to 9.12.2pl2 (BIND 9.12.2-P2).
--- 9.12.2-P2 released ---
5022. [doc] Update ms-self, ms-subdomain, krb5-self, and
krb5-subdomain documentation. [GL !708]
5015. [bug] Reloading all zones caused zone maintenance to cease
for inline-signed zones. [GL #435]
5014. [bug] Signatures loaded from the journal for the signed
version of an inline-signed zone were not scheduled for
refresh. [GL #482]
5013. [bug] A referral response with a non-empty ANSWER section was
inadvertently being treated as an error. [GL #390]
5004. [bug] 'rndc reconfig' could cause inline zones to stop
re-signing. [GL #439]
Update bind911 to 9.11.4pl2 (BIND 9.11.4-P2).
--- 9.11.4-P2 released ---
5022. [doc] Update ms-self, ms-subdomain, krb5-self, and
krb5-subdomain documentation. [GL !708]
5015. [bug] Reloading all zones caused zone maintenance to cease
for inline-signed zones. [GL #435]
5014. [bug] Signatures loaded from the journal for the signed
version of an inline-signed zone were not scheduled for
refresh. [GL #482]
Changes:
1.5.3
-----
- Added support for:
+ hentaicafe - https://hentai.cafe/ (#101)
+ bobx - http://www.bobx.com/dark/
- Added black-/whitelist options for post-processor modules
- Added support for tumblr inline videos (#102)
- Fixed extraction of smugmug albums without owner (#100)
- Fixed issues when using default config values with reddit extractors (#104)
- Fixed pagination for user favorites on sankaku (#106)
• Fixed a crash when processing deviantart journals (#108)
Recent new features:
- client: Add ClientConn.ResetConnectBackoff to force reconnections on
demand
- channelz: stage 4 - add security and socket option info with
appengine build tags
- ClientConn: add Target() returning target string
- balancer: add rpc method to PickOptions
- transport: set and respect HTTP/2 SETTINGS_MAX_HEADER_LIST_SIZE
- client: Implement gRFC A6: configurable client-side retry support
- grpc: update dial/server buffer options to support a "disable"
setting
- credentials/alts: Add AuthInfoFromContext utility API
- status: Introduce FromContextError convenience function
- server: export ServerTransportStreamFromContext for unary
interceptors to control headers/trailers
- metadata: Add Get, Set, and Append methods to metadata.MD
- server: add grpc.Method function for extracting method from context
- grpclb: cache SubConns for 10 seconds after it is removed from the
backendlist
- clientconn: add support for unix network in DialContext
- client: introduce WithDisableServiceConfig DialOption
- stickiness: add stickiness support
- channelz: provide channel level info for live program network issue
diagnosis/debugging
Upstream changes:
Features
- unbound-control auth_zone_reload _zone_ option rereads the zonefile.
- unbound-control auth_zone_transfer _zone_ option starts the probe
sequence for a master to transfer the zone from and transfers when
a new zone version is available.
- num.queries.tls counter for queries over TLS.
- log port number with err_addr logs.
- dns64-ignore-aaaa: config option to list domain names for which the
existing AAAA is ignored and dns64 processing is used on the A
record.
- Fix#4112: Fix that unbound-anchor -f /etc/resolv.conf will not pass
if DNSSEC is not enabled. New option -R allows fallback from
resolv.conf to direct queries.
- Note RFC8162 support. SMIMEA record type can be read in by the
zone record parser.
- Patches from Jim Hague (Sinodun) for EDNS KeepAlive.
- Add config tcp-idle-timeout (default 30s). This applies to
client connections only; the timeout on TCP connections upstream
is unaffected.
- Add edns-tcp-keepalive and edns-tcp-keepalive timeout options
and implement option in client responses.
- Add delay parameter to streamtcp, -d secs.
To be used when testing idle timeout.
- Expose if a query (or a subquery) was ratelimited (not src IP
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
This also introduces a change to 'ub_event_callback_type' in
libunbound/unbound-event.h.
- Patch to implement tcp-connection-limit from Jim Hague (Sinodun).
This limits the number of simultaneous TCP client connections
from a nominated netblock.
- Fix#4142: unbound.service.in: improvements and fixes.
Add unit dependency ordering (based on systemd-resolved).
Add 'CAP_SYS_RESOURCE' to 'CapabilityBoundingSet' (fixes warnings
about missing privileges during startup). Add 'AF_INET6' to
'RestrictAddressFamilies' (without it IPV6 can't work). From
Guido Shanahan.
- unbound-checkconf checks if modules exist and prints if they are
not compiled in the name of the wrong module.
- Patch for stub-no-cache and forward-no-cache options that disable
caching for the contents of that stub or forward, for when you
want immediate changes visible, from Bjoern A. Zeeb.
- Upgraded crosscompile script to include libunbound DLL in the
zipfile.
- Set libunbound to increase current, because the libunbound change
to the event callback function signature. That needs programs,
that use it, to recompile against the new header definition.
- log-servfail: yes prints log lines that say why queries are
returning SERVFAIL to clients.
- log-local-actions: yes option for unbound.conf that logs all the
local zone actions, a patch from Saksham Manchanda (Secure64).
- #4146: num.query.subnet and num.query.subnet_cache counters.
- #4140: Expose repinfo (comm_reply) to the inplace_callbacks. This
gives access to reply information for the client's communication
point when the callback is called before the mesh state (modules).
Changes to C and Python's inplace_callback signatures were also
necessary.
- Set defaults to yes for a number of options to increase speed and
resilience of the server. The so-reuseport, harden-below-nxdomain,
and minimal-responses options are enabled by default. They used
to be disabled by default, waiting to make sure they worked. They
are enabled by default now, and can be disabled explicitly by
setting them to "no" in the unbound.conf config file. The reuseport
and minimal options increases speed of the server, and should be
otherwise harmless. The harden-below-nxdomain option works well
together with the recently default enabled qname minimisation, this
causes more fetches to use information from the cache.
- Added serve-expired-ttl and serve-expired-ttl-reset options.
Bug Fixes
- Windows example service.conf edited with more windows specific
configuration.
- #4108: systemd reload hang fix.
- Fix usage printout for unbound-host, hostname has to be last
argument on BSDs and Windows.
- Partial fix for permission denied on IPv6 address on FreeBSD.
- Fix that auth-zone master reply with current SOA serial does not
stop scan of masters for an updated zone.
- Fix that auth-zone does not start the wait timer without checking
if the wait timer has already been started.
- #4109: Fix that package config depends on python unconditionally.
- Patch, do not export python from pkg-config, from Petr Menšík.
- Fix checking for libhiredis printout in configure output.
- Fix typo on man page in ip-address description.
- Update libunbound/python/examples/dnssec_test.py example code to
also set the 20326 trust anchor for the root in the example code.
- Better documentation for unblock-lan-zones and insecure-lan-zones
config statements.
- Fix permission denied printed for auth zone probe random port nrs.
- Fix documentation ambiguity for tls-win-cert in tls-upstream and
forward-tls-upstream docs.
- iana port update.
- Fix round robin for failed addresses with prefer-ip6: yes
- Note in documentation that the cert name match code needs
OpenSSL 1.1.0 or later to be enabled.
- Fix to improve systemd socket activation code file descriptor
assignment.
- Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more
easily changed to adjust default rtt assumptions.
- Fix#4127 unbound -h does not list -p help.
- Print error if SSL name verification configured but not available
in the ssl library.
- Fix that ratelimit and ip-ratelimit are applied after reload of
changed config file.
- Resize ratelimit and ip-ratelimit caches if changed on reload.
- Fix#4129 unbound-control error message with wrong cert permissions
is too cryptic.
- Fix#4130: print text describing -dd and unbound-checkconf on
config file read error at startup, the errors may have been moved
away by the startup process.
- Fix#4131: for solaris, error YY_CURRENT_BUFFER undeclared.
- Fix use-systemd readiness signalling, only when use-systemd is yes
and not in signal handler.
- Fix#4135: 64-bit Windows Installer Creates Entries Under The
Wrong Registry Key, reported by Brian White.
- Fix man page, say that chroot is enabled by default.
- Sort out test runs when the build directory isn't the project
root directory.
- Error if EDNS Keepalive received over UDP.
- Correct and expand manual page entries for keepalive and idle timeout.
- Implement progressive backoff of TCP idle/keepalive timeout.
- Fix 'make depend' to work when build dir is not project root.
- Fix#4139: Fix unbound-host leaks memory on ANY.
- Fix to remove systemd sockaddr function check, that is not
always present. Make socket activation more lenient. But not
different when socket activation is not used.
- Fix#4136: insufficiency from mismatch of FLEX capability between
released tarball and build host. Fix to unconditionally call
destroy in daemon.c.
- Make capsforid fallback QNAME minimisation aware.
- document --enable-subnet in doc/README.
- Fix#4144: dns64 module caches wrong (negative) information.
- Fix that printout of error for cycle targets is a verbosity 4
printout and does not wrongly print it is a memory error.
- Fix segfault in auth-zone read and reorder of RRSIGs.
- Fix contrib/fastrpz.patch.
- Fix warning on compile without threads.
- print servfail info to log as error.
- added more servfail printout statements, to the iterator.
- Fix classification for QTYPE=CNAME queries when QNAME minimisation is
enabled.
- Fix only misc failure from log-servfail when val-log-level is not
enabled.
- Fix lintflags for lint on FreeBSD.
- Fix that a local-zone with a local-zone-type that is transparent
in a view with view-first, makes queries check for answers from the
local-zones defined outside of views.
2.7.2
- Update online cassette
- online api change: domain_id became simply domain name
2.7.1
- Remove route53 tests, boto recordings no longer work.
- Create a library unit test suite
- [Gehirn Web Service] fix 400 response on GET request
- Update setup.py adding cryptography to the setup.py file
- Use ImportError instead of subclass ModuleNotFoundError, which is
supported only by python 3.6
Add bind-9.12.2pl1 (BIND 9.12.2-P1) pacakge.
Note: named(8) requires writable permission to current directory when
start up or the directory specified by "directory" in options statement.
BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture. Some
of the important features of BIND-9 are:
- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self
This package contains the BIND 9.12 release.
- named and related libraries have been substantially refactored for
improved query performance.
- Code implementing the name server query processing logic has been
moved into a new libns library.
- The DNS Response Policy Service API (DNSRPS) is now supported.
- Log file timestamps can now also be formatted in ISO 8601 (local)
or ISO 8601 (UTC) formats.
- Added support for the EDNS Padding and Keepalive options.
- 'new-zones-directory' option sets the location where the
configuration data for zones added by rndc addzone is stored.
- The default key algorithm in rndc-confgen is now hmac-sha256.
- filter-aaaa-on-v4 and filter-aaaa-on-v6 options are now available
by default without a configure option.
- The obsolete isc-hmac-fixup command has been removed.
Add bind9.11.4pl1 (BIND 9.11.4-P1) package.
Note: named(8) requires writable permission to current directory when
start up or the directory specified by "directory" in options statement.
BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture. Some
of the important features of BIND-9 are:
- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self
This package contains the BIND 9.11 release.
- Catalog Zones, a new method for provisioning servers
- "dnstap", a fast and flexible method of capturing and logging
DNS traffic.
- "dyndb", a new API for loading zone data from an external database
- dnssec-keymgr, a new key mainenance utility
- mdig, an alternate version of dig utility
- And more...
Upstream changes:
mikutter 3.8.0
* create a search tab if at least one search spell is defined
* explicitly specify Addressable 2.5.2 or later
* twitter: warn if User Stream API is used
* update a default message of the status bar for 3.8
* thanks @4pk
* streaming: change file layout since UserStream gone
* remove UserStream settings
* remove UserStream code
* remove unexpected executable bits in some files
* thanks Izumi Tsutsui
* remove unused devel directory
4.1.24
================
FEATURES:
- #4102: control interface via local socket.
configure it with control-interface: "/path/nsd.ctl" The path
has to start with a / to separate it from an IP address.
The local socket does not use SSL, but unencrypted traffic, use
file and containing directory permissions to restrict access.
- configure --enable-systemd (needs pkg-config and libsystemd) can
be used to then use-systemd: yes in nsd.conf and have readiness
signalling with systemd.
- RFC8162 support, for record type SMIMEA.
BUG FIXES:
- Patch to fix openwrt for mac os build darwin detection in configure.
- Fix that first control-interface determines if TLS is used. Warn
when IP address interfaces are used without TLS.
- #4106: Fix that stats printed from nsd-control are recast from
unsigned long to unsigned (remote.c).
- Fix that type CAA (and URI) in the zone file can contain
dots when not in quotes.
- #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM
chain, NSD leniently attempts to find a working NSEC3PARAM.
4.1.23
================
BUG FIXES:
- Fix NSD time sensitive TSIG compare vulnerability.
4.1.22
================
FEATURES:
- refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
and allows TCP queries like normal.
- Use accept4 to speed up answer of TCP queries, on Linux, FreeBSD
and OpenBSD.
BUG FIXES:
- Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones.
- Fix to use same condition for nsec3 hash allocation and free.
Improvements
- Split pdns_enable_unit_tests.
- Add a new max-udp-queries-per-round setting.
- Fix warnings reported by gcc 8.1.0.
- Tests: replace awk command by perl.
- Allow the snmp thread to retrieve statistics.
Bug Fixes
- Don’t account chained queries more than once.
- Make rec_control respect include-dir.
- Load lua scripts only in worker threads.
- Purge all auth/forward zone data including subtree.
Improvements
- Fix warnings reported by gcc 8.1.0.
- Make the gmysql backend future-proof.
- Initialize some missed qtypes.
Bug Fixes
- Avoid concurrent records/comments iteration from running out of
sync.
- Fix a crash in the API when adding records.
- pdns_control notify: handle slave without renotify properly.
- Reset the TSIG state between queries.
- Remove SOA-check backoff on incoming notify and fix lock handling.
- Fix an issue where updating a record via DNS-UPDATE in a child zone
that also exists in the parent zone, we would incorrectly apply the
update to the parent zone.
- Geoipbackend: check geoip_id_by_addr_gl and geoip_id_by_addr_v6_gl
return value.
Fix some pkglint warnings while here.
Wireshark 2.6.3 Release Notes
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2018-44[1]
• Bluetooth AVDTP dissector crash. Bug 14884[2]. CVE-2018-16058[3].
• wnpa-sec-2018-45[4]
• Bluetooth Attribute Protocol dissector crash. Bug 14994[5].
CVE-2018-16056[6].
• wnpa-sec-2018-46[7]
• Radiotap dissector crash. Bug 15022[8]. CVE-2018-16057[9].
The following bugs have been fixed:
• Wireshark Hangs on startup initializing external capture plugins.
Bug 14657[10].
• Qt: SCTP Analyse Association Dialog: Segmentation fault when
clicking twice the Filter Association button. Bug 14970[11].
• Incorrect presentation of dissected data item (NETMASK) in ISAKMP
dissector. Bug 14987[12].
• Decode NFAPI: CONFIG.request Error. Bug 14988[13].
• udpdump frame too long error. Bug 14989[14].
• ISDN - LAPD dissector broken since version 2.5.0. Bug 15018[15].
• ASTERIX Category 062 / 135 Altitude has wrong value. Bug
15030[16].
• Wireshark cannot decrypt SSL/TLS session if it was proxied over
HTTP tunnel. Bug 15042[17].
• TLS records in a HTTP tunnel are displayed as "Encrypted
Handshake Message". Bug 15043[18].
• BTATT Dissector: Temperature Measurement: Celsius and Fahrenheit
swapped. Bug 15058[19].
• Diameter AVP User Location Info, Mobile Network Code decoded not
correctly. Bug 15068[20].
• Heartbeat message "Info" displayed without comma separator. Bug
15079[21].
Updated Protocol Support
ASTERIX, Bluetooth, Bluetooth ATT, Bluetooth AVDTP, DHCP, DTLS,
E.212, FP, GSM A RR, HTTP, HTTP2, IEEE 802.11, ISAKMP, ISDN, K12,
NFAPI, Nordic BLE, PFCP, Radiotap, SSL, Steam IHS Discovery, and TLS
1.3
New and Updated Capture File Support
pcapng
New and Updated Capture Interfaces support
ciscodump, udpdump
3.36.0 (2018-08-27)
- Fix --site-manager command-line argument
- Fix potential crash with malformed directory listings
- Fix potential crash if opening/closing tabs or starting the queue while directories are being renamed or deleted
3.36.0-rc1 (2018-08-20)
+ Ask for explicit confirmation prior to falling back to insecure plaintext FTP if a server refuses to use TLS
+ Warn if an FTP server refuses TLS that is known from previous connections to be capable of TLS
Packaged for wip by esg@sdf.org.
Rename wip/taskd to net/taskserver to be consistent with time/taskwarrior.
The taskserver package provides a daemon to securely synchronize task data
over network.
Changes:
version 2018.09.01
Core
* [utils] Skip remote IP addresses non matching to source address' IP version
when creating a connection (#13422, #17362)
Extractors
+ [ard] Add support for one.ard.de (#17397)
* [niconico] Fix extraction on python3 (#17393, #17407)
* [ard] Extract f4m formats
* [crunchyroll] Parse vilos media data (#17343)
+ [ard] Add support for Beta ARD Mediathek
+ [bandcamp] Extract more metadata (#13197)
* [internazionale] Fix extraction of non-available-abroad videos (#17386)
version 2018.08.28
Extractors
+ [youtube:playlist] Add support for music album playlists (OLAK5uy_ prefix)
(#17361)
* [bitchute] Fix extraction by pass custom User-Agent (#17360)
* [webofstories:playlist] Fix extraction (#16914)
+ [tvplayhome] Add support for new tvplay URLs (#17344)
+ [generic] Allow relative src for videojs embeds (#17324)
+ [xfileshare] Add support for vidto.se (#17317)
+ [vidzi] Add support for vidzi.nu (#17316)
+ [nova:embed] Add support for media.cms.nova.cz (#17282)
Add missing {TEST_,}DEPENDS.
0.85 Tue 28 Aug 2018 20:14:38 BST
- Support standard_ia and onezone_ia storage classes (thanks Michele Beltrame)
- run 'use_ok' on all modules (thanks Yanick Champoux)
- spellings (thanks Gregor Herrmann)
- LOTS of cleanup and refactoring (thanks Branislav Zahradník)
This was announced in July on both pkgsrc-users and tech-pkg, and no one
objected to the removal.
The last release of gated was in 1999, its upstream
has disappeared, the homepage redirects to a sketchy company.
If you wanted to do routing in software today, you should probably use
quagga or another modern daemon.
ok to remove from gdt@
Changes:
2.5.1
-----
* `hub issue create`: ignore the `.github/ISSUE_TEMPLATE` directory instead of
crashing
* `hub pull-request`: avoid re-requesting reviewers in case of CODEOWNERS
* `hub ci-status`: handle cases when Checks API is unavailable, like older
GitHub Enterprise
* Handle HTTP 422 message format from server response
* Ignore crash for malformed `~/.config/hub` file
* Clarify `hub init -g` documentation that it doesn't imply `hub create`
* `hub clone`: add more documentation about git protocol used
Changes:
version 2018.08.22
------------------
Core
* [utils] Use pure browser header for User-Agent (#17236)
Extractors
+ [kinopoisk] Add support for kinopoisk.ru (#17283)
+ [yourporn] Add support for yourporn.sexy (#17298)
+ [go] Add support for disneynow.go.com (#16299, #17264)
+ [6play] Add support for play.rtl.hr (#17249)
* [anvato] Fallback to generic API key for access-key-to-API-key lookup
(#16788, #17254)
* [lci] Fix extraction (#17274)
* [bbccouk] Extend id URL regular expression (#17270)
* [cwtv] Fix extraction (#17256)
* [nova] Fix extraction (#17241)
+ [generic] Add support for expressen embeds
* [raywenderlich] Adapt to site redesign (#17225)
+ [redbulltv] Add support redbull.com tv URLs (#17218)
+ [bitchute] Add support for bitchute.com (#14052)
+ [clyp] Add support for token protected media (#17184)
* [imdb] Fix extension extraction (#17167)
Release 4.33:
Bug Fixes
- Fixed an issue with the "rsync" command on Windows that would cause gsutil
to incorrectly join file path segments when the source given was the root
of a drive, e.g. "C:".
- Fixed several places where gsutil referenced a variable that had not been
correctly imported.
Other Changes
- Several documentation updates and clarifications.
Release 4.32:
Bug Fixes
- Fixed a file path resolution issue on Windows that affected local-to-cloud
copy-based operations ("cp", "mv", "rsync"). If a local file URI containing
relative path components ("." or "..") or forward slashes (rather than
backslashes) was provided as a source argument, the resulting destination
object(s) was incorrectly named. For recursive operations, this resulted in
several files being copied to the same object path, overwriting each other.
- Fixed an issue with the "rsync" command on Windows that resulted in each rsync
invocation not being able to delete its temporary synchronization files on
disk.
- Fixed an issue where reading a specific generation of an object from S3 would
fail.
- Fixed an issue where running gsutil with the top-level "-q" flag would result
in credential-related logging statements being emitted to stderr.
- Gsutil no longer allows copying from streamed input if the top-level "-m" flag
is specified. While this was previously allowed, it did not work correctly.
Other Changes
- Several documentation updates and clarifications.
1.15.82
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:dynamodb: Update dynamodb command to latest version
1.15.81
api-change:secretsmanager: Update secretsmanager command to latest version
api-change:dax: Update dax command to latest version
api-change:sagemaker: Update sagemaker command to latest version
1.15.80
api-change:discovery: Update discovery command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:ssm: Update ssm command to latest version
api-change:redshift: Update redshift command to latest version
1.15.79
api-change:devicefarm: Update devicefarm command to latest version
1.15.78
api-change:autoscaling: Update autoscaling command to latest version
api-change:cloudfront: Update cloudfront command to latest version
api-change🇪🇸 Update es command to latest version
1.15.77
api-change:sagemaker: Update sagemaker command to latest version
1.15.76
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:rds: Update rds command to latest version
1.15.75
api-change:ecs: Update ecs command to latest version
api-change:dax: Update dax command to latest version
api-change:rds: Update rds command to latest version
1.15.74
api-change:ssm: Update ssm command to latest version
api-change:secretsmanager: Update secretsmanager command to latest version
1.15.73
api-change:logs: Update logs command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:codebuild: Update codebuild command to latest version
api-change:ssm: Update ssm command to latest version
1.15.72
api-change:health: Update health command to latest version
api-change:dynamodb: Update dynamodb command to latest version
1.15.71
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
1.15.70
api-change:polly: Update polly command to latest version
api-change:resource-groups: Update resource-groups command to latest version
api-change:ssm: Update ssm command to latest version
api-change:kinesis: Update kinesis command to latest version
1.7.81
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:dynamodb: [botocore] Update dynamodb client to latest version
1.7.80
api-change:dax: [botocore] Update dax client to latest version
api-change:secretsmanager: [botocore] Update secretsmanager client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
1.7.79
api-change:discovery: [botocore] Update discovery client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:redshift: [botocore] Update redshift client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
1.7.78
api-change:devicefarm: [botocore] Update devicefarm client to latest version
1.7.77
api-change🇪🇸 [botocore] Update es client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:cloudfront: [botocore] Update cloudfront client to latest version
1.7.76
api-change:sagemaker: [botocore] Update sagemaker client to latest version
1.7.75
api-change:rds: [botocore] Update rds client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
1.7.74
api-change:rds: [botocore] Update rds client to latest version
api-change:dax: [botocore] Update dax client to latest version
api-change:ecs: [botocore] Update ecs client to latest version
1.7.73
api-change:secretsmanager: [botocore] Update secretsmanager client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
1.7.72
api-change:logs: [botocore] Update logs client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:pinpoint: [botocore] Update pinpoint client to latest version
1.7.71
api-change:health: [botocore] Update health client to latest version
api-change:dynamodb: [botocore] Update dynamodb client to latest version
1.7.70
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
1.10.81
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:dynamodb: Update dynamodb client to latest version
1.10.80
api-change:dax: Update dax client to latest version
api-change:secretsmanager: Update secretsmanager client to latest version
api-change:sagemaker: Update sagemaker client to latest version
1.10.79
api-change:discovery: Update discovery client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:redshift: Update redshift client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
1.10.78
api-change:devicefarm: Update devicefarm client to latest version
1.10.77
api-change🇪🇸 Update es client to latest version
api-change:autoscaling: Update autoscaling client to latest version
api-change:cloudfront: Update cloudfront client to latest version
1.10.76
api-change:sagemaker: Update sagemaker client to latest version
1.10.75
api-change:rds: Update rds client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
1.10.74
api-change:rds: Update rds client to latest version
api-change:dax: Update dax client to latest version
api-change:ecs: Update ecs client to latest version
1.10.73
api-change:secretsmanager: Update secretsmanager client to latest version
api-change:ssm: Update ssm client to latest version
1.10.72
api-change:logs: Update logs client to latest version
api-change:codebuild: Update codebuild client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:pinpoint: Update pinpoint client to latest version
1.10.71
api-change:health: Update health client to latest version
api-change:dynamodb: Update dynamodb client to latest version
1.10.70
api-change:alexaforbusiness: Update alexaforbusiness client to latest version
boto v2.49.0:
Import the latest CA Bundle from certifi
Fix to support uploads to KMS-encrypted buckets.
Support fetching GCS bucket encryption metadata.
Update layer1.py
Fix tests/unit/glacier/test_writer.py to make work with pypy.
**** 1.17 Jul 25, 2018
Fix rt.cpan.org #125890
AXFR: 1 record per packet responses.
Fix rt.cpan.org #125889
New NSEC3 for empty non-terminal leaves type bitmap undefined.
Fix rt.cpan.org #125882
RDATA name compression pointer calculated incorrectly.
**** 1.16 Jul 15, 2018
Feature
New NSEC3 encloser(), nextcloser() and wildcard() instance
methods return closest encloser, "next closer" and putative
wildcard names respectively.
Feature
Add new NSEC covers() instance method.
Feature
New NSEC typemap() instance method interrogates type list.
IO::Socket::INET6 removed from recommended module metadata.
IPv6 requires IO::Socket::IP which is now a core package.
No requirement to escape @ in unquoted contiguous string.
New features (omitting bugfixes) since ~5.5.28:
-Add BaseStationXG LED bar color control to the device properties panel.
-Local SSO login.
-Add app switcher.
-Add speed and duplex config for USG interfaces.
-Add WiFi Happiness to client STA statistics.
-Allow users to opt-out wireless uplinking/meshing on per-radio basis.
-Assign USG Physical Ports to Logical Networks.
-Add netconsole logging to site config.
-Allow setting Management VLAN at Access Points.
-Property Panel: Show images of most popular client devices.
-Added support for USC8 switch.
-Add WeChat authentication to Hotspot.
-Add Elite Device service.
-Allow setting opacity on Image-type maps.
-New Channel Distribution widget.
-Add Scheduled Upgrades support (Beta).
-Add site VPN route distance.
-Add app switcher.
-Allow users to opt-out wireless uplinking/meshing on per-radio basis.
-Support Antenna selection for internal antenna.
-Add Intrusion Prevention System (IPS) [beta].
-Link to property panel from Location on Neighboring Access Points page.
-Add IPv6 support (Beta).
-Add restart devices permission.
-Add support for new Elite Device service.
-Add Bulgarian translations to the Hotspot Portal.
-Batch remove vouchers.
-Customize voucher columns.
-Ability to display historical statistics per Client (traffic, packets, signal power etc.).
-Add support for SNMPv3.
-Add GeoIP Filtering options to settings [Beta].
-Add Virtual devices on Maps to plan coverage.
-Add SSH keys to authenticate to device.
-Add Auto Channel feature on Maps.
-Add Release Notes.
-Add ability to create and set user defined DHCP options.
-Add Wireless Uplink priority.
-Add support for new Elite Device service.
-Add RADIUS MAC Authentication.
-Add Firmware Manager to cache locally firmwares.
-Add AirView (SHD exclusive).
-Add Switch Port Profiles.
-Add USG Performance Graphs.
-Add AirTime for UAP-SHD [alpha].
-Add temperatures to USG-Pro properties window.
-Add Facebook Wi-Fi Authentication [Alpha].
-Add DPI blocking per categories [Alpha].
-Add Insights / Controller Logs page.
-Add LAN traffic statistics for client in Property Panel.
-Add Debug Dashboard to Statistics section (Beta).
-Batch add and remove device tags.
-Add Arabic language to Hotspot Portal.
-Add permissions options when inviting a site admin (device adoption, etc.).
-Allow configure 8 SSIDs per radio (on supported devices).
-Add Finnish and Hungarian to the languages supported by Hotspot Portal.
-Add LLDP MED configuration.
-Add Outdoor / Indoor Switch.
-Add NTP server fields.
-Add batch device provision.
-Add DB migration page and show upgrade progress.
-Add date header to email notifications.
-Install and run service as `unifi` user instead of as root on Debian/Ubuntu.
-Add Logging settings.
-Add batch edit switches.
-Add UPnP service (moved from config.properties).
-Add Multicast DNS Service (moved from config.properties).
-Add RADIUS-based authorization in Hotspot [BETA].
-Add new type of map with predictive coverage [BETA].
-Add Ubiquiti store (buy devices directly from the controller) [BETA].
-Add EDU SIP settings.
-Add Greek translations.
* Don't use IP_PKTINFO on NetBSD-7 as it's incomplete.
* Workaround RTM_NEWADDR sending the wrong broadcast address
on NetBSD-7.
* Silence diagnostics if an address vanishes when reading
it's flags on all BSD's.
* Misc compiler warnings fixed.
Add missing DEPENDS
Upstream changes:
0.84 Mon 16 Jul 2018 17:49:10 BST
- Put back credential cache code lost in Signature 4 patch (Branislav Zahradník)
0.83 Tue 10 Jul 2018 22:30:23 BST
- All patches by Branislav Zahradník
- Use Signature 4 by default only for amazonaws host (issue #29)
- Relaxing constraint on owner id, accepting any string (issue #18)
- Enable secure by default (issue #23)
- Sanity object uris to avoid invalid signature (issue #28)
0.82 Sat 7 Jul 2018 14:28:06 BST
- Use HEAD request to determine bucket region (patch by Branislav Zahradník)
0.81 Thu 28 Jun 2018 20:27:44 GMT (TRIAL RELEASE)
- Restore CHANGES files format
- Change path to new github repo
- Add optional delimiter parameter to
Net::Amazon::S3::Client::Bucket->list (patch by Christian
Lackas)
- Add expected and received ETag value if upload is detected as
being incorrect.
- Add support for all location constraints when creating buckets
- making DateTime coercion optional for last_modified (something that
might happen million of times without ever been used, in a rather
expensive operation) (patch by Christian Lackas)
- avoiding MD5 calculation of large files (chunked uploads) that
are then never used (patch by Christian Lackas)
- add ability to set use_virtual_host to use virtual host method
of making requests which eliminate having to set the region
endpoint of a bucket. (patch by Christian Lackas)
- Add V4 support (patch by Branislav Zahradník)
3.35.2 (2018-08-06)
- Fix functionality of --site and --local command-line options
- MSW: Fix local rename not updating file list
- OS X: Fix compatibility with old CPUs not supporting SSE4
1.3.6:
- gevent now depends on greenlet 0.4.14 or above. gevent binary wheels
for 1.3.5 and below must have greenlet 0.4.13 installed on Python
3.7 or they will crash.
- :class:gevent.local.local subclasses correctly supports @staticmethod functions.
1.3.5:
- Update the bundled libuv from 1.20.1 to 1.22.0.
- Test Python 3.7 on Appveyor. Fix the handling of Popen's
close_fds argument on 3.7.
- Update Python versions tested on Travis, including PyPy to 6.0.
- :mod:gevent.queue imports _PySimpleQueue instead of
SimpleQueue so that it doesn't block the event loop.
:func:gevent.monkey.patch_all makes this same substitution in
:mod:queue. This fixes issues with
:class:concurrent.futures.ThreadPoolExecutor as well.
- :meth:gevent.socket.socket.connect doesn't pass the port (service)
to :func:socket.getaddrinfo when it resolves an AF_INET or
AF_INET6 address. (The standard library doesn't either.) This
fixes an issue on Solaris.
- :meth:gevent.socket.socket.connect works with more address
families, notably AF_TIPC, AF_NETLINK, AF_BLUETOOTH, AF_ALG and AF_VSOCK.
Changes:
1.5.1
-----
- Added support for:
* `piczel` - https://piczel.tv/
- Added support for related pins on `pinterest`
- Fixed accessing "offensive" galleries on `exhentai` (#97)
- Fixed extraction issues for `mangadex`, `komikcast` and `behance`
- Removed original-image functionality from `tumblr`, since "raw"
images are no longer accessible
(Still using xorg-server 1.17, up to 1.20 is supported.)
The new TigerVNC 1.9.0 is now available. Lots of changes have been made
since the last release, but the highlights are:
- Alternative, "raw" keyboard mode in the native client and all servers
- CapsLock/NumLock/ScrollLock synchronisation in the native client and all servers
- Automatic "repair" of JPEG artefacts on screen in all servers
- Support for UNIX sockets in the native client and in the UNIX servers
- Both clients now warn when sending the password over a possibly insecure channel
- Performance improvements in the Java client
- The Java client now requires Java 7
- Improved high latency handling in all servers
- Better keyboard handling in the native client on Windows
- Slightly better keyboard handling in x0vncserver
- x0vncserver now supports cursors and screen resize
- Xorg 1.20 can now be used as a base for Xvnc/libvnc.so
4.1.3:
Improvements
: pdnsutil: use new domain in b2bmigrate
: Update copyright years to 2018
: Lower ‘packet too short’ loglevel
Bug Fixes
: Restrict creation of OPT and TSIG RRsets
: Fix handling of user-defined axfr filters return values
: Prevent the GeoIP backend from copying NetMaskTrees around, fixes slow-downs in certain configurations
: Ensure alias answers over TCP have correct name
Wireshark 2.6.2 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2018-34[1]
• BGP dissector large loop. Bug 13741[2]. CVE-2018-14342[3].
• wnpa-sec-2018-35[4]
• ISMP dissector crash. Bug 14672[5]. CVE-2018-14344[6].
• wnpa-sec-2018-36[7]
• Multiple dissectors could crash. Bug 14675[8]. CVE-2018-14340[9].
• wnpa-sec-2018-37[10]
• ASN.1 BER dissector crash. Bug 14682[11]. CVE-2018-14343[12].
• wnpa-sec-2018-38[13]
• MMSE dissector infinite loop. Bug 14738[14]. CVE-2018-14339[15].
• wnpa-sec-2018-39[16]
• DICOM dissector crash. Bug 14742[17]. CVE-2018-14341[18].
• wnpa-sec-2018-40[19]
• Bazaar dissector infinite loop. Bug 14841[20].
CVE-2018-14368[21].
• wnpa-sec-2018-41[22]
• HTTP2 dissector crash. Bug 14869[23]. CVE-2018-14369[24].
• wnpa-sec-2018-42[25]
• CoAP dissector crash. Bug 14966[26]. CVE-2018-14367[27].
The following bugs have been fixed:
• ISMP.EDP "Tuples" dissected incorrectly. Bug 4943[28].
• Wireshark - Race issue when switching between files using
Wireshark’s "Files in Set" dialog. Bug 10870[29].
• Sorting on "Source port" or "Destination port" column sorts
alphabetically, not numerically. Bug 11460[30].
• Wireshark crashes when changing profiles. Bug 11648[31].
• Crash when starting capture while saving capture file or
rescanning file after display filter change. Bug 13594[32].
• Crash when switching to TRANSUM enabled profile. Bug 13697[33].
• TCP retransmission with additional payload leads to incorrect
bytes and length in stream. Bug 13700[34].
• Wireshark crashes with single quote string display filter. Bug
14084[35].
• randpkt can write packets that libwiretap can’t read. Bug
14107[36].
• Wireshark crashes when loading new file before previous load has
finished. Bug 14351[37].
• Valid packet produces Malformed Packet: OpcUa. Bug 14465[38].
• Error received from dissect_wccp2_hash_assignment_info(). Bug
14573[39].
• CRC checker wrong for FPP. Bug 14610[40].
• Cross-build broken due to make-dissectors and make-taps. Bug
14622[41].
• Extraction of SMB file results in wrong size. Bug 14662[42].
• 6LoWPAN dissector merges fragments from different sources. Bug
14700[43].
• IP address to name resolution doesn’t work in TShark. Bug
14711[44].
• "Decode as" Modbus RTU over USB doesn’t work with 2.6.0 but with
2.4.6. Bug 14717[45].
• proto_tree_add_protocol_format might leak memory. Bug 14719[46].
• tostring for NSTime objects in lua gives wrong results. Bug
14720[47].
• Media type "application/octet-stream" registered for both Thread
and UASIP. Bug 14729[48].
• Crash related to SCTP tap. Bug 14733[49].
• Formatting of OSI area addresses/address prefixes goes past the
end of the area address/address prefix. Bug 14744[50].
• ICMPv6 Router Renumbering - Packet Dissector - malformed. Bug
14755[51].
• WiMAX HARQ MAP decoder segfaults when length is too short. Bug
14780[52].
• HTTP PUT request following a HEAD request is not correctly
decoded. Bug 14793[53].
• SYNC PDU type 3 miss the last PDU length. Bug 14823[54].
• Reversed 128 bits service UUIDs when Bluetooth Low Energy
advertisement data are dissected. Bug 14843[55].
• Issues with Wireshark when the user doesn’t have permission to
capture. Bug 14847[56].
• Wrong description when LE Bluetooth Device Address type is
dissected. Bug 14866[57].
• LE Role advertisement type (0x1c) is not dissected properly
according to the Bluetooth specification. Bug 14868[58].
• Regression: Wireshark 2.6.0 and 2.6.1 are unable to read NetMon
files which were readable by previous versions. Bug 14876[59].
• Wireshark doesn’t properly display (deliberately) invalid 220
responses from Postfix. Bug 14878[60].
• Follow TCP Stream and click reassembled content moves you to
incorrect current packet. Bug 14898[61].
• Crash when changing profiles while loading a capture file. Bug
14918[62].
• Duplicate PDU during C Arrays Output Export. Bug 14933[63].
• DCE/RPC not dissected when "reserved for use by implementations"
flag bits set. Bug 14942[64].
• Follow TCP Stream truncates output on missing (but ACKed)
segments. Bug 14944[65].
• There’s no option to include column headings when printing
packets or exporting packet dissections with Qt Wireshark. Bug
14945[66].
• Qt: SCTP Graph Dialog: Abort when doing analysis. Bug 14971[67].
• CMake is unable to find LUA libraries. Bug 14983[68].
Updated Protocol Support
6LoWPAN, ASN.1 BER, Bazaar, BGP, Bluetooth, Bluetooth HCI_CMD, CIGI,
Cisco ttag, CoAP, Data, DCERPC, Diameter 3GPP, DICOM, DOCSIS, FPP,
GSM A GM, GTPv2, HTTP, HTTP2, IAX2, ICMPv6, IEEE 1722, IEEE 802.11,
IPv4, ISMP, LISP, MMSE, MTP3, MySQL, NFS, OpcUa, PPI GPS, Q.931,
RNSAP, RPCoRDMA, S1AP, SCTP, SMB, SMTP, STUN, SYNC, T.30, TCP,
TRANSUM, WAP, WCCP, Wi-SUN, WiMax HARQ Map Message, and WSP
New and Updated Capture File Support
Alcatel-Lucent Ascend and Microsoft Network Monitor
Changes in libsoup from 2.62.2 to 2.62.3:
* Check for trailing dots in domains [#5, Claudio Saavedra]
* Set default cookie path for NULL origins [#1, Adrian Perez de Castro]
* Use atomic-refcounting in classes that are not using GObject-refcounting
[bgo#785110, Edward Hervey]
* Many Coverity-found code fixes [bgo#781771, Milan Crha]
* Bail out on cookie-jar calls with empty hostnames [#3, Michael Catanzaro]
Note: from now onwards bgo# references bugs in GNOME Bugzilla
and # issues in GNOME gitlab.
1.0.3
=====
- Avoid a crash in gupnp_root_device_constructor
- Propagage User-Agent from Cache
- Fix potential issue with boolean vs. bitwise evaluation
- Fix a crash in GUPnPServiceProxy::subscription_expire
- Accept broken Action header without the "
- Fix issue with strcpy destination buffer size in linux context manager
3.35.1 (2018-07-23)
- Fix context menu in search dialog
3.35.0 (2018-07-23)
+ Improved appearance of activity indicators, sort direction indicators, and quick search panel buttons on high-DPI displays
3.35.0-rc2 (2018-07-17)
- OS X: Fix dependency problem in build system
3.35.0-rc1 (2018-07-16)
+ Add option to settings dialog to have FileZilla restore tabs and connections after a restart
- Fix initial size of Site Manager being too small on some systems
3.34.0 (2018-06-15)
+ After deleting files, the focus rectangle now stays near the previously deleted file
3.34.0-rc1 (2018-06-08)
+ Refactoring of the Site Manager internals
+ Moved protocol selection to the top in the Site Manager
+ Adjusted spacing in the Site Manager
+ Slightly reduced height of certificate details dialog
- MSW: Properly quote the uninstall command in the registry
- Updated builtin pugixml to version 1.9
0.13.0 (2018-07-16)
+ Add bool return value to replace_substrings to indicate whether something has been replaced.
+ fz::sprintf: Added %c format specifier
- MSW: Work around problematic DLL export of templates, timers now work if libfilezilla has been built as DLL
0.11.0:
Add putfo() method, allowing one to upload a file-like object
Add top-level get() and put() functions for convenience
Increase default socket time from 5 to 10 seconds
17.1.2:
Fix possible hang when working with asyncio
Remove some outdated workarounds for old Cython versions
Fix some compilation with custom compilers
Remove unneeded link of libstdc++ on PyPy
pkgsrc changes:
- Update DISTNAME, PKGNAME, MASTER_SITES and HOMEPAGE
- Take MAINTAINERship (discussed via private email with previous MAINTAINER)
- Remove (not so useful) MESSAGE
- Avoid NO_CONFIGURE=yes, also if a package does not provide a configure script
it is not needed and can lead to confusion due the several configure targets
that are removed
- Add several variable to BUILD_DEFS
- Honor GEOMYIDAE_USER, GEOMYIDAE_GROUP and GEOMYIDAE_ROOTDIR variables that
will respectively set the default user, group and rootdir of geomyidae
- Instead of copypasting several rc scripts write a new one ad-hoc for pkgsrc
that by default will run geomyidae unprivileged honoring the several
GEOMYIDAE_* variables.
If `geomyidae_flags' is defined in rc.conf these defaults are ignored.
- Do not install a LICENSE file (we have the LICENSE variable for it!)
Changes:
Geomyidae v0.32.2 fixes release
-------------------------------
Another fixes release for geomyidae is out. Now hopefully the OpenBSD people
fixed the whole pledge support in geomyidae.
Geomyidae v0.32.1 fixes release
-------------------------------
Soon after the v0.32 release I received patches, which I do not want to miss
in mainline.
* Fix and make OpenBSD pledge support better.
* Fix a typo in the slackware init script.
Thanks for all who sent in patches! All further patches are welcome!
Geomyidae v0.32 Release
-----------------------
I am glad to announce the release of geomyidae v0.32. Thanks to all the
contributors and people giving ideas!
Here is what changed:
* Minor fixed in the manpage, CGI handling and tools.
* Add example for tt escaping in the manpage.
* Add nocgi flag, which disables CGI execution.
* Add OpenBSD pledge support.
Geomyidae v0.31.1 release
-------------------------
There has been a geomyidae v0.31.1 release which fixes a major issue of the
pending bytes logic from v0.31.
Have fun!
Geomyidae v0.31 release
-----------------------
I am proud to announce the geomyidae v0.31 release. There were
some major issues fixed, so a new release is necessary:
* There is now gph vim syntax highlighting files in the archive.
* Gopher+ compatibility mode.
* No sockets are left behind anymore.
* New log format of geomyidae is now documented in the manpage.
* There was some ugly bug with curl connecting to a Linux system, where after
close() some bytes were lost. Now some check is added to be sure all data
has been sent to the client. If you want to have bad dreams, look at the
curl sourcecode.
Thanks for everyone contributing!
Geomyidae v0.30 release
-----------------------
What is new?
* The gph format now allows escaping of '|' characters. See the example
index.gph file in the distribution for how to or the manpage.
* Geomyidae has happy helping snowman support to help you with your dynamic
gph content generation in geomyidae. In case you add some spurious tab,
this little guy will appear and inform you about what happened.
* There is now a Links file for links to software related to application
development for geomyidae.
* The gentoo init.d script has been fixed.
* A slackware rc file was added.
* The makefile is now POSIX-compliant.
* The log format has been changed to be easier parsable for all kind of log
analyzers. (`[YYYY-MM-DD HH:mm:SS +ZZZZ|client|clientport|status] selector')
* A flag to not perform reverse lookups in log files has been added.
* Implement some CGI variables for cgi and dcgi. See the manpage for which
ones are available. Here you can see REMOTE_ADDR in action:
gopher://bitreich.org/0/ip
Geomyidae 0.29 release
----------------------
I am happy to announce the 0.29 release of geomyidae, a simple gopher server.
What has been changed:
* the OpenBSD rc.d files have been fixed due to arg.h fixes
* index.bin support added
* Create a file with the raw gopher menu content in a directory and is
served by geomyidae.
* This is useful for scripts generating static gopher content
* This is useful for serving a backup of a gopherhole.
* show errors on fork, in case there are constraints on process resources
* care for send errors
* huge speed up on different platforms when transferring huge binary files
* Linux is using sendfile(2) and TCP_CORK
* FreeBSD and DragonflyBSD are using sendfile(2)
* TCP_NOPUSH is used on all BSDs
* TCP_NODELAY is disabled on nearly all platforms
* other platforms (like OpenBSD) have a speed increase due to an
alignment of the send buffer to blocksize of the socket
I want to thank all contributors! All patches are welcome!
Geomyidae 0.28 release
----------------------
What's new in geomyidae?
* The parsing of gph files is now more liberal. When you do something wrong,
it will most of the time just display the line.
* DCGI speed was increased massively.
* Error messages are now more useful.
* More files are now handled as text files automatically.
* The OpenBSD rc.d file was fixed to modern days.
* Typos have been fixed.
Geomyidae 0.27 release
----------------------
I am proud to announce the 0.27 release of geomyidae.
* dramatic improvement of serving speed
* security fixes
* a OpenBSD rc.d file was added
* the manpage has been updated to the current state
* there is no support for index.gph, index.dcgi and index.cgi,
which helps to write more REST-friendly apps
I want to thank all contributors. All patches are welcome!
Update bind99 to 9.9.13pl1 (9.9.13-P1).
--- 9.9.13-P1 released ---
4997. [security] named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was
in use. (CVE-2018-5740) [GL #387]
Update bind910 to 9.10.8pl1 (9.10.8-P1).
--- 9.10.8-P1 released ---
4997. [security] named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was
in use. (CVE-2018-5740) [GL #387]
pkgsrc changes:
- Instead of maintaining patches/patch-setup.py rewrite the logic to avoid
too strict version dependencies via SUBST.
Changes:
31 July 2018: mitmproxy 4.0.4
* Security: Protect mitmweb against DNS rebinding. (CVE-2018-14505, @atx)
* Reduce certificate lifetime to two years to be conformant with
the current CA/Browser Forum Baseline Requirements. (@muffl0n)
(https://cabforum.org/2017/03/17/ballot-193-825-day-certificate-lifetimes/)
* Update cryptography to version 2.3.
15 June 2018: mitmproxy 4.0.3
* Add support for IPv6 transparent mode on Windows (#3174)
* Add Docker images for ARMv7 - Raspberry Pi (#3190)
* Major overhaul of our release workflow - you probably won't notice it, but for us it's a big thing!
* Fix the Python version detection on Python 3.5, we now show a more intuitive error message (#3188)
* Fix application shutdown on Windows (#3172)
* Fix IPv6 scope suffixes in block addon (#3164)
* Fix options update when added (#3157)
* Fix "Edit Flow" button in mitmweb (#3136)
15 June 2018: mitmproxy 4.0.2
* Skipped!
From Mike Pumford on pkgsrc-users@
Three years of changes including
+ lldpcli can now display local interfaces with LLDP data sent on
each of them ("show interfaces").
+ Attach remote TTL to port instead of chassis.
+ Maximum number of neighbors for an interface is increased from 4 to 32.
+ Fix 100% CPU on some rare error condition.
+ Ability to change multicast MAC address to two additional values
to reach customer bridges.
+ Ensure large netlink messages can be received.
+ Update LLDP-MED policy L2 priority values to match
802.1Q-2005. This may be a breaking change.
4.2.1:
- **Result Backend**: Fix deserialization of exceptions that are present in the producer codebase but not in the consumer codebase.
- **Message Protocol Compatibility**: Fix error caused by an invalid (None) timelimit value in the message headers when migrating messages from 3.x to 4.x.
- **Result Backend**: Fix serialization of exception arguments when exception arguments are not JSON serializable by default.
- **Worker**: Fixed multiple issues with rate limited tasks
Maintain scheduling order.
Fix possible scheduling of a :class:celery.worker.request.Request with the wrong :class:kombu.utils.limits.TokenBucket which could cause tasks' rate limit to behave incorrectly.
Fix possible duplicated execution of tasks that were rate limited or if ETA/Countdown was provided for them.
- **Worker**: Defensively handle invalid timelimit header values in requests.
Changes:
- On Unix-like systems, the server can run as an unprivileged user,
and the main process will automatically restart if an error occurs.
- pledge() on OpenBSD.
- New "offline" mode to serve queries locally without contacting any
upstream servers. This can be especially useful along with the
cloaking module for local development.
- New logo.
- TTL of OPT records is properly ignored by the caching module.
- The proxy doesn't quit any more if new TCP connections cannot be
created.
Notable changes:
- Eliminate grpcio package dependency on protobuf package
- A new grpc.Channel.close method is introduced and correct use of
gRPC Python now requires that channels be closed after use.
- Python errors have become more verbose.
- GRPC_ENABLE_FORK_SUPPORT=false is no longer required when running
fork-exec.
- Relying on an explicit with statement or explicitly calling
Channel.close to release the underlying resources in Channel objects
is now a required coding practice starting in v1.13.0.
New features:
- Add support for more than one TLS certificate
- Add a negative ttl option to the packet cache
- Add the ability to dump a summary of the cache content
- Add netmask-based {ex,in}clusions to DynblockRulesGroup
- Add DNSAction.NoOp to debug dynamic blocks
- Add SetECSAction to set an arbitrary outgoing ecs value
- Add support for rotating certificates and keys
Notable changes since 1.11.0:
- Make GrpcBuffer{Reader|Writer} Public
- Compile Out Tracers Option
- Add RpcException.StatusCode property
- gRPC stats will only be collected for debug builds or if
GRPC_COLLECT_STATS is defined.
- cmake install now also installs should also installs the roots.pem
file
Each R package should include ../../math/R/Makefile.extension, which also
defines MASTER_SITES. Consequently, it is redundant for the individual
packages to do the same. Package-specific definitions also prevent
redefining MASTER_SITES in a single common place.
Upstream changes:
mikutter 3.7.4
* change to get thumnails of gyazo via Twitter Card
* thanks cob odo
* support quoted_tweet by perma_link for tweets with mobile.twitter.com
* thanks cob odo
* use fileselect to choose a browser
* thanks cob odo
* twitter: change character count method to using weighted length
* Tweeting Made Easier
https://blog.twitter.com/official/en_us/topics/product/2017/tweetingmadeeasier.html
* appease tons of Gdk-CRITICAL error messages
* thanks ncaq net
* misc improvements of photo_support plugin
* unify code to get images via og:image for OpenGraphProtocol (OGP)
* also unify code to get images via OGP and via Twitter Card
* support specification updates of Twitter Card
* could not get Fotolog images
* support marshmallow https://marshmallow-qa.com/ as an image hosting service
* support peing https://peing.net/ja as an image hosting service
* thanks cob odo
This improves privacy by restricting cookies to a well-known list of
public suffixes.
We can consider turning that option on by default in the future.
Fixes PR pkg/53459.
Bugfixes:
#4854: macOS panic in FS watcher setup
#4925: Deleted files within deleted directories aren't detected with FS watcher
#4944: Edit Folder UI displays default "Full Rescan Interval (s)" value instead
of the actual one
#4981: Race on folder restart
#4983: Impossible to edit folder with path "/"
#4990: Incorrect large block size chosen for large files on 32 bit archs
#4994: Database schema from the future should be rejected
#5002: v0.14.48 panic: runtime error: index out of range
#5017: "kiB" should be "KiB"
#5025: Stuck in CPU consuming accept loop when out of file descriptors
#5050: Filesystem watcher doesn't notify changes on Windows when the file size
remains the same
Enhancements:
#4863: Snap package could use removable-media slot
#4953: Speed up delete propagation when it's not a rename
#4969: Executable files edited on Windows should retain execute bit on Unixes
#4977: Disable rescan button while scanning instead of hiding it
Other issues:
#4900: Replace deprecated github.com/kardianos/osext with standard library's os
#5000: Snap build is broken
- rblsmtpd Greetdelay add-on and removal of the compiled-in default-RBL
- Felix von Leitner's's IPv6 patch ucspi-tcp-0.88-ipv6.diff19.bz2
- Jens Wehrenbrecht's IPv4 CIDR extension
- Li Minh Bui's IPv6 support for compactified IPv6 addresses and CIDR
notation support
Twisted 18.7.0:
Features
--------
- Cancelling a Deferred returned by twisted.internet.defer.inlineCallbacks now cancels the Deferred it is waiting on.
- twisted.application.internet.ClientService now accepts a function to initialize or validate a connection before it is returned by the whenConnected method as the prepareConnection argument.
- Traceback generated for twisted.internet.defer.inlineCallbacks now includes the full stack of inlineCallbacks generators between catcher and raiser (before it only contained raiser's stack).
- Add optional cwd argument to twisted.runner.procmon.ProcMon.addProcess
- twisted.python.failure.Failure tracebacks generated by coroutines scheduled with twisted.internet.defer.ensureDeferred - i.e. any Deferred-awaiting coroutine - now contain fewer extraneous frames from the trampoline implementation, and correctly indicate the source of exceptions raised in other call stacks - i.e. the function that raised the exception. In other words: if you 'await' a function that raises an exception, you'll be able to see where the error came from.
Bugfixes
--------
- On UNIX-like platforms, Twisted attempts to recover from EMFILE when accepting connections on TCP and UNIX ports by shedding incoming clients.
- The documentation of IReactorTime.getDelayedCalls() has been corrected to indicate that the method returns a list, not a tuple.
- "python -m twisted web --help" now refers to "--listen" instead of the non-existing "--http"
- twisted.python.htmlizer.TokenPrinter now explicitly works on bytestrings.
- twisted.enterprise.adbapi.ConnectionPool.runWithConnection and runInteraction now use the reactor that is passed to ConnectionPool's constructor.
Improved Documentation
----------------------
- The Twisted Coding Standard now contains examples of how to mark up a feature as added in the next Twisted release.
Deprecations and Removals
-------------------------
- Deprecate direct introspection of ProcMon's processes: processes should not be directly accessed or pickled.
- twisted.internet.address.IPv4Address._bwHack and twisted.internet.address.UNIXAddress._bwHack, as well as the parameters to the constructors, deprecated since Twisted 11.0, have been removed.
Version 1.2.2
- Updating fast_xml to version 1.1.32.
- Fix crash when trying to encode xmlcdata
- Add missing files to hex package
Version 1.2.1
- Updating p1_utils to version 1.0.12.
- Updating fast_xml to version 1.1.31.
- Updating stringprep to version 1.0.12.
Version 1.2.0
- Support XEP-0377: Spam Reporting
- New xmpp_lang module to validate language tags
- Improve muc#roominfo and muc#roomconfig data forms
- XEP-0363: support and tags
- XEP-0363: data form support
- Add more functions to format errors
- Change arity of err_gone(), err_redirect() and serr_see_other_host()
THIS CHANGE INTRODUCES API INCOMPATIBILITY: use xref to check the code
- Support multiple namespaces for the same data form
- Updating fast_tls to version 1.0.23.
- Updating p1_utils to version 1.0.12.
- Use p1_fsm instead of gen_fsm
- Remove unused dependency on port compiler
# if __BYTE_ORDER == __BIG_ENDIAN
is always true, and e.g. x11vnc wrongly sets bigEndian in the wire
strucure, causing clients to fail.
Check that __BYTE_ORDER is defined before using it, and add a test for
_BYTE_ORDER too.
Bump PKGREVISION
2.7.0.
- Subreg.cz: Use Zeep instead of PySimpleSOAP library
2.6.0
- Improvements to argument handling
2.5.0
- Add Google Cloud DNS provider
2.4.7
- Add Zeit provider
2.4.6
- Fixes to dnsimple
2.4.5
- Add support for Exoscale
2.4.4
- Add support for online.net
2.4.3
- Test fixes
2.4.2
- Minor fixes to OVH provider
2.4.1
- add support for Gandi LiveDNS API
Changes in version 0.3.3.9 - 2018-07-13
Tor 0.3.3.9 moves to a new bridge authority, meaning people running
bridge relays should upgrade.
o Directory authority changes:
- The "Bifroest" bridge authority has been retired; the new bridge
authority is "Serge", and it is operated by George from the
TorBSD project. Closes ticket 26771.
- use $GO as the path to the go tool
- set a cache directory so that the build does not try to cache stuff
under $HOME.
Prodded by wiz@, thanks for reminding me!
17.1.0:
- Bump bundled libzmq to 4.2.5
- Improve tornado 5.0 compatibility
(use :meth:~tornado.ioloop.IOLoop.current instead of :meth:~tornado.ioloop.IOLoop.instance
to get default loops in :class:.ZMQStream and :class:.IOLoopAuthenticator)
- Add support for :func:.curve_public
- Remove delayed import of json in send/recv_json
- Add :meth:.Authenticator.configure_curve_callback
- Various build fixes
- sdist sources generated with Cython 0.28.3
- Stop building wheels for Python 3.4, start building wheels for Python 3.7
0MQ version 4.2.5 stable:
* Fixed 3018 - fix backward-incompatible change in the NULL auth
mechanism that slipped in 4.2.3 and made connections
with a ZAP domain set on a socket but without a working
ZAP handler fail. See ZMQ_ZAP_ENFORCE_DOMAIN and RFC27.
* Fixed 3016 - clarify in zmq_close manpage that the operation will
complete asynchronously.
* Fixed 3012 - fix CMake build problem when using LIBZMQ_WERROR and a
compiler other than GCC.
0MQ version 4.2.4 stable:
* New DRAFT (see NEWS for 4.2.0) socket options:
- ZMQ_LOOPBACK_FASTPATH to enable faster TCP loopback on Windows
- ZMQ_METADATA to set application-specific metadata on a socket
See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details.
* New DRAFT (see NEWS for 4.2.0) context options:
- ZMQ_ZERO_COPY_RECV to disable zero-copy receive to save memory
at the expense of slower performance
See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details.
* New DRAFT API zmq_stopwatch_intermediate which returns the time
elapsed without stopping the stopwatch.
* TIPC: support addressing TIPC Port Identity addresses.
* Added CMake option to disable tests: BUILD_TESTS
* Added CMake and autotools make targets to support clang-formatter:
make clang-format, clang-format-check and clang-format-diff to
help developers make sure their code conforms to the style guidelines
* For distributors: a new test framework has been added, which
includes a copy of the Unity source code. This source code library is
distributed under the MIT license and thus is compatible with
libzmq's LGPL3.
* Fixed 2867 - add ZeroMQConfig.cmake.in to distributable tarball
* Fixed 2868 - fix OpenBSD build
* Fixed 2870 - fix VC++ 11.0 (VS2012) build
* Fixed 2879 - prevent duplicate connections on PUB sockets
* Fixed 2872 - fix CMake tests on Windows
* Fixed 2895 - fix assert on Windows with POLL
* Fixed 2920 - fix Windows build with Intel compiler
* Fixed 2930 - use std::atomic when available with VC++ and VS2015
* Fixed 2910 - fix race condition with ZMQ_LINGER socket option
* Fixed 2927 - add support for ZMQ_XPUB_NODROP on ZMQ_RADIO
* Fixed 2820 - further clarify ZMQ_XPUB_VERBOSE(R) documentation.
* Fixed 2911 - ZMQ_DISH over UDP triggers errno_assert() after hitting
watermark
* Fixed 2942 - ZMQ_PUB crash when due to high volume of subscribe and
unsubscribe messages, an unmatched unsubscribe message is
received in certain conditions
* Fixed 2946 - fix Windows CMake build when BUILD_SHARED is off
* Fixed 2960 - fix build with GCC 8
* Fixed 2967 - fix race condition on thread safe sockets due to pthread
condvar timeouts on OSX
* Fixed 2977 - fix TIPC build-time availability check to be more relaxed
* Fixed 2966 - add support for WindRiver VxWorks 6.x
* Fixed 2963 - fix some PVS Studio static analysis warnings
* Fixed 2983 - fix MinGW cross-compilation
* Fixed 2991 - fix mutex assert at shutdown when the zmq context is part
of a class declared as a global static
Upstream changes:
mikutter 3.7.3
* crashed on start up when the twitter plugin was removed
* thanks cob odo
* reduce cpu load of drawing timeline when higher calculation load of score
* World: could not switch accounts in some cases
* hight of buttons was changed per hight of the listview
* thanks Yuto Tokunaga
* make a background color of tab icons transparent
* thanks Yuto Tokunaga
* make a background color of thumbnail of form DSL photoselect
* thanks Yuto Tokunaga
* command: remove dependency of Web plugin
* command: non-browser applications were suggested as the Intent for
"Open in browser" command
* thanks ncaq net
Changes:
1.4.2
-----
- Added image-pool extractors for safebooru and rule34
- Added option for extended tag information on booru sites (#92)
- Added support for DeviantArt's new URL format
- Added support for mangapark mirrors
- Changed imagefap extractors to use HTTPS
- Fixed crash when skipping downloads for files without known extension
pkgsrc changes:
- Delete patch-github_editor.go, imported upstream
- Adjust SUBST_SEDs commands for the current man page
- Manually regen files/hub.1 man page
Changes:
2.5.0
-----
Features
- Have ci-status also query Checks API
Fixes
- Do not pass `--cmd' to vi editor to ensure compatibility with older vi
- Simplify cherry-picking commits from pull request URLs
- Allow single-character branches/tag names in hub compare
- Fix hub compare for Enterprise when <USER> is specified
- Support remote add -t BRANCH argument
- Bash shell completion fixes for git 2.18
- Documentation fixes
Changes in version 0.3.3.8:
Tor 0.3.3.8 backports several changes from the 0.3.4.x series, including
fixes for a memory leak affecting directory authorities.
o Major bugfixes (directory authority, backport from 0.3.4.3-alpha):
- Stop leaking memory on directory authorities when planning to
vote. This bug was crashing authorities by exhausting their
memory. Fixes bug 26435; bugfix on 0.3.3.6.
o Major bugfixes (rust, testing, backport from 0.3.4.3-alpha):
- Make sure that failing tests in Rust will actually cause the build
to fail: previously, they were ignored. Fixes bug 26258; bugfix
on 0.3.3.4-alpha.
o Minor features (compilation, backport from 0.3.4.4-rc):
- When building Tor, prefer to use Python 3 over Python 2, and more
recent (contemplated) versions over older ones. Closes
ticket 26372.
o Minor features (geoip):
- Update geoip and geoip6 to the July 3 2018 Maxmind GeoLite2
Country database. Closes ticket 26674.
o Minor features (relay, diagnostic, backport from 0.3.4.3-alpha):
- Add several checks to detect whether Tor relays are uploading
their descriptors without specifying why they regenerated them.
Diagnostic for ticket 25686.
o Minor bugfixes (circuit path selection, backport from 0.3.4.1-alpha):
- Don't count path selection failures as circuit build failures.
This change should eliminate cases where Tor blames its guard or
the network for situations like insufficient microdescriptors
and/or overly restrictive torrc settings. Fixes bug 25705; bugfix
on 0.3.3.1-alpha.
o Minor bugfixes (compilation, backport from 0.3.4.4-rc):
- Fix a compilation warning on some versions of GCC when building
code that calls routerinfo_get_my_routerinfo() twice, assuming
that the second call will succeed if the first one did. Fixes bug
26269; bugfix on 0.2.8.2-alpha.
o Minor bugfixes (control port, backport from 0.3.4.4-rc):
- Handle the HSADDRESS= argument to the HSPOST command properly.
(Previously, this argument was misparsed and thus ignored.) Fixes
bug 26523; bugfix on 0.3.3.1-alpha. Patch by "akwizgran".
o Minor bugfixes (memory, correctness, backport from 0.3.4.4-rc):
- Fix a number of small memory leaks identified by coverity. Fixes
bug 26467; bugfix on numerous Tor versions.
o Minor bugfixes (relay, backport from 0.3.4.3-alpha):
- Relays now correctly block attempts to re-extend to the previous
relay by Ed25519 identity. Previously they would warn in this
case, but not actually reject the attempt. Fixes bug 26158; bugfix
on 0.3.0.1-alpha.
o Minor bugfixes (restart-in-process, backport from 0.3.4.1-alpha):
- When shutting down, Tor now clears all the flags in the control.c
module. This should prevent a bug where authentication cookies are
not generated on restart. Fixes bug 25512; bugfix on 0.3.3.1-alpha.
o Minor bugfixes (testing, compatibility, backport from 0.3.4.4-rc):
- When running the hs_ntor_ref.py test, make sure only to pass
strings (rather than "bytes" objects) to the Python subprocess
module. Python 3 on Windows seems to require this. Fixes bug
26535; bugfix on 0.3.1.1-alpha.
- When running the ntor_ref.py test, make sure only to pass strings
(rather than "bytes" objects) to the Python subprocess module.
Python 3 on Windows seems to require this. Fixes bug 26535; bugfix
on 0.2.5.5-alpha.
1.3.4:
Be more careful about issuing MonkeyPatchWarning for ssl imports. Now, we only issue it if we detect the one specific condition that is known to lead to RecursionError. This may produce false negatives, but should reduce or eliminate false positives.
Based on measurements and discussion in issue 1233, adjust the way gevent.pywsgi generates HTTP chunks. This is intended to reduce network overhead, especially for smaller chunk sizes.
Additional slight performance improvements in gevent.pywsgi.
1.3.3:
gevent.sleep() updates the loop’s notion of the current time before sleeping so that sleep duration corresponds more closely to elapsed (wall clock) time. gevent.Timeout does the same.
Fix an UnboundLocalError in SSL servers when wrapping a socket throws an error.
1.3.2.post0:
Fix a packaging error in manylinux binary wheels that prevented some imports from working.
1.3.2:
Allow weak refeneces to gevent.queue.Queue.
1.3.1:
Allow weak references to gevent.event.Event.
Fix embedded uses of gevent.Greenlet.spawn(), especially under uwsgi.
Fix gevent.os.nb_write() and gevent.os.nb_read() not always closing the IO event they opened in the event of an exception. This would be a problem especially for libuv.
1.3.0:
Python 3.7 passes the automated memory leak checks.
Update autoconf’s config.guess and config.sub to the latest versions for c-ares and libev.
gevent.local.local subclasses that mix-in ABCs can be instantiated.
ChangeLog:
2018/06/27 : 1.8.12
- BUG/MAJOR: stick_table: Complete incomplete SEGV fix
- MINOR: stick-tables: make stktable_release() do nothing on NULL
2018/06/26 : 1.8.11
- BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table
- BUG/BUILD: threads: unbreak build without threads
2018/06/22 : 1.8.10
- BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
- BUG/MEDIUM: spoe: Flags are not encoded in network order
- BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
- BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
- BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
- BUG/MEDIUM: cache: don't cache when an Authorization header is present
- BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
- BUG/BUILD: threads: unbreak build without threads
- BUG/BUILD: fd: fix typo causing a warning when threads are disabled
- BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
- BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
- BUG/MEDIUM: lua/socket: Length required read doesn't work
- BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
- BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
- MINOR: task/notification: Is notifications registered ?
- BUG/MEDIUM: lua/socket: wrong scheduling for sockets
- BUG/MAJOR: lua: Dead lock with sockets
- BUG/MEDIUM: lua/socket: Notification error
- BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
- BUG/MEDIUM: lua/socket: Buffer error, may segfault
- MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
- BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
- BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
- BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
- BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
- BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
- DOC: SPOE.txt: fix a typo
- DOC: contrib/modsecurity: few typo fixes
- BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
- BUG/MEDIUM: threads: handle signal queue only in thread 0
- BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
- BUG/MINOR: signals: ha_sigmask macro for multithreading
- MINOR: lua: Increase debug information
- BUG/MAJOR: map: fix a segfault when using http-request set-map
- BUG/MINOR: lua: Segfaults with wrong usage of types.
- BUG/MAJOR: ssl: Random crash with cipherlist capture
- BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
- BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
- BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
- MINOR: threads: Be sure to remove threads from all_threads_mask on exit
2018/05/18 : 1.8.9
- BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
- BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
- BUG/MINOR: log: t_idle (%Ti) is not set for some requests
- BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
- MINOR: h2: detect presence of CONNECT and/or content-length
- BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
- BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
- BUG/MINOR: config: disable http-reuse on TCP proxies
- BUG/MINOR: checks: Fix check->health computation for flapping servers
- BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
- BUG/MINOR: lua: Put tasks to sleep when waiting for data
- DOC/MINOR: clean up LUA documentation re: servers & array/table.
- BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
- BUG/MEDIUM: task: Don't free a task that is about to be run.
- BUG/MINOR: lua: schedule socket task upon lua connect()
- BUG/MINOR: lua: ensure large proxy IDs can be represented
- BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
- BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
- BUG/MEDIUM: ssl: properly protect SSL cert generation
- BUG/MINOR: spoe: Mistake in error message about SPOE configuration
2018/04/19 : 1.8.8
- BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes
- BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
- BUG/MINOR: http: Return an error in proxy mode when url2sa fails
- BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
- BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
- MINOR: cli: Ensure the CLI always outputs an error when it should
- DOC: lua: update the links to the config and Lua API
- BUG/CRITICAL: h2: fix incorrect frame length check
The logic to find a Python executable can be summarized as:
- CLOUDSDK_PYTHON environment variable defined:
+ If it matches `*python2*', use it
- Otherwise:
+ Try `python2'
+ Fallback to `python'
Substitute the latter fallback to ${PYTHONBIN} in order to have a
safe choice.
Should fix PR pkg/52122 reported by <jklos>.
This patch is based on the one proposed by <maya> (but restricted
to CLOUDSDK_PYTHON lines and the fallback `python').
Bump PKGREVISION.
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
0.9.7:
Bug-fix release while feature-bind is being worked on.
Fixed ip filter memory usage.
Add space to fmt str in log_gz_file_write.
Fix compilation issue with gcc v6.x and empty CXXFLAGS.
Fix BEP7 compatibility with IPv6 trackers and IPv4 peers.
Include SCGI/XMLRPC example in rtorrent.rc.
Handle SIGHUP like SIGINT.
Fix Throttle args.
Fix missing ranlib - not defined but used.
Fix no // are at start of expanded paths.
Fix ncurses header include.
Fix segfault when viewing a magnet download in the leeching view.
Changes:
1.4.1
-----
- Added an ugoira post-processor to convert pixiv animations to WebM
- Added --zip and --ugoira-conv command-line options
- Changed how ugoira frame information is handled
* instead of being written to a separate file, it is now made
available as metadata field of the ZIP archive
- Fixed manga and chapter titles for mangadex
- Fixed file deletion by post-processors
a perl5 module to access DNS registries/registrars w/EPP.
DRI stands for Domain Registration Interface and aims to be,
for domain name registries/registrars/resellers
what Perl DBI is for databases.
Net::DRI offers a uniform API to access services.
It can be used by registries to test their systems.
It can be used by registrars to access registries.
It can be used by clients to access registrars and/or resellers.
It can be used by anonyone to do whois, DAS or IRIS DCHK queries.
It is an OO framework that can be easily extended to
handle various protocols (RRP, EPP, custom protocols) and
various transports methods (TCP, TLS, SOAP, email, etc...).
Upstream changes:
1.17 Sun 17 Jun 13:10:12 CEST 2018
- bugfix: Dump::Online*: fixed a memleak due to the lack of freeing the pcap filter
in stop() method in N:F:Dump::Online and N:F:Dump::Online2.
Upstream changes:
Features
- #4102 for NSD, but for Unbound. Named unix pipes do not use
certificate and key files, access can be restricted with file and
directory permissions. The option control-use-cert is no longer
used, and ignored if found in unbound.conf.
- Rename tls-additional-ports to tls-additional-port, because every
line adds one port.
Bug Fixes
- Don't count CNAME response types received during qname minimisation
as query restart.
- #4100: Fix stub reprime when it becomes useless.
- Fix crash if ratelimit taken into use with unbound-control
instead of with unbound.conf.
- Patch to fix openwrt for mac os build darwin detection in configure.
- #4103: Fix that auth-zone does not insist on SOA record first in
file for url downloads.
- Fix that first control-interface determines if TLS is used. Warn
when IP address interfaces are used without TLS.
- Fix that control-use-cert: no works for 127.0.0.1 to disable certs.
- Fix unbound-checkconf for control-use-cert.
- Fix for unbound-control on Windows and set TCP socket parameters
more closely.
- Fix windows unbound-control no cert bad file descriptor error.
Changes:
version 2018.06.18
Core
* [downloader/rtmp] Fix downloading in verbose mode (#16736)
Extractors
+ [markiza] Add support for markiza.sk (#16750)
* [wat] Try all supported adaptive URLs
+ [6play] Add support for rtlplay.be and extract hd usp formats
+ [rtbf] Add support for audio and live streams (#9638, #11923)
+ [rtbf] Extract HLS, DASH and all HTTP formats
+ [rtbf] Extract subtitles
+ [rtbf] Fixup specific HTTP URLs (#16101)
+ [expressen] Add support for expressen.se
* [vidzi] Fix extraction (#16678)
* [pbs] Improve extraction (#16623, #16684)
* [bilibili] Restrict cid regular expression (#16638, #16734)
version 2018.06.14
Core
* [downloader/http] Fix retry on error when streaming to stdout (#16699)
Extractors
+ [discoverynetworks] Add support for disco-api videos (#16724)
+ [dailymotion] Add support for password protected videos (#9789)
+ [abc:iview] Add support for livestreams (#12354)
* [abc:iview] Fix extraction (#16704)
+ [crackle] Add support for sonycrackle.com (#16698)
+ [tvnet] Add support for tvnet.gov.vn (#15462)
* [nrk] Update API hosts and try all previously known ones (#16690)
* [wimp] Fix Youtube embeds extraction
version 2018.06.11
Extractors
* [npo] Extend URL regular expression and add support for npostart.nl (#16682)
+ [inc] Add support for another embed schema (#16666)
* [tv4] Fix format extraction (#16650)
+ [nexx] Add support for free cdn (#16538)
+ [pbs] Add another cove id pattern (#15373)
+ [rbmaradio] Add support for 192k format (#16631)
- Added `correct` pid display in error log.
- Fixed cosmetic bug in sslserver displaying parent and not child pid in log.
Tx Bruce Guenter.
pkgsrc changes:
- Adjust path to OpenSSL certs
- Install the provided example DH params
- Look for /etc/dnsrewrite under PKG_SYSCONFBASE
- Create a user and group for privilege separation
- Install manpages and more documentation
latest IPv6 patch (still conflicting with other default patches, so
commented out). Enable 'djbdns-tinydns64' by default, regardless of
platform. Bump PKGREVISION.
4.2.0:
- **Task**: Add ignore_result as task execution option
- **Redis Result Backend**: Do not create PubSub subscriptions when results are ignored
- **Redis Result Backend**: Result consumer always unsubscribes when task state is ready
- **Development/Testing**: Add docker-compose and base Dockerfile for development
- **Documentation/Sphinx**: Teach autodoc to document tasks if undoc-members is not set
- **Documentation/Sphinx**: Put back undoc-members option in sphinx test
- **Documentation/Sphinx**: Sphinx autodoc picks up tasks automatically only if undoc-members is set
- **Task**: Fix shadow_name issue when using previous version Task class
- **Task**: Add support for bound tasks as link_error parameter
- **Deployment**: Add a command line option for setting the Result Backend URL
- **CI**: Enable pip cache in appveyor build
- **Concurrency/Asynpool**: Fix errno property name shadowing.
- **DynamoDB Backend**: Configurable endpoint URL
- **Timezones**: Correctly detect UTC timezone and timezone from settings
- **Control**: Cleanup the mailbox's producer pool after forking
- **Documentation**: Start Celery and Celery Beat on Azure WebJob
- **Celery Beat**: Schedule due tasks on startup, after Beat restart has occurred
- **Worker**: Use absolute time when task is accepted by worker pool
- **Canvas**: Propagate arguments to chains inside groups
- **Canvas**: Fix Task.replace behavior in nested chords
- **Installation**: Pass python_requires argument to setuptools
- **Message Protocol Compatibility**: Handle "hybrid" messages that have moved between Celery versions
- **Canvas**: request on_timeout now ignores soft time limit exception
- **Redis Result Backend**: Integration test to verify PubSub unsubscriptions
- **Message Protocol Properties**: Allow the shadow keyword argument and the shadow_name method to set shadow properly
- **Canvas**: Run chord_unlock on same queue as chord body
- **Canvas**: Support chords with empty header group
- **Timezones**: make astimezone call in localize more safe
- **Canvas**: Fix length-1 and nested chords
- **CI**: Run Openstack Bandit <https://pypi.org/project/bandit/1.0.1/>_ in Travis CI in order to detect security issues.
- **CI**: Run isort <https://github.com/timothycrosley/isort>_ in Travis CI in order to lint Python **import** statements.
- **Canvas**: Resolve TypeError on .get from nested groups
- **CouchDB Backend**: Correct CouchDB key string type for Python 2/3 compatibility
- **Group Result**: Fix current_app fallback in GroupResult.restore()
- **Consul Backend**: Correct key string type for Python 2/3 compatibility
- **Group Result**: Correctly restore an empty GroupResult
- **Result**: Disable synchronous waiting for sub-tasks on eager mode
- **Celery Beat**: Detect timezone or Daylight Saving Time changes
- **Canvas**: Fix append to an empty chain.
- **Task**: Allow shadow to override task name in trace and logging messages.
- **Documentation/Sphinx**: Fix getfullargspec Python 2.x compatibility in contrib/sphinx.py
- **Documentation**: Updated installation instructions for SQS broker
- **Celery Beat**: Better equality comparison for ScheduleEntry instances
- **Task**: Adding 'shadow' property to as_task_v2
- Try to import directly, do not use deprecated imp method
- **Task**: Enable kwargsrepr and argsrepr override for modifying task argument representation
- **Result Backend**: Add Redis Sentinel backend
- Use unique time values for Collections/LimitedSet
- **CI**: Report coverage for all result backends.
- **Django**: Use Django DB max age connection setting
- **Canvas**: Properly take into account chain tasks link_error
- **Canvas**: Allow to create group with single task
- **Canvas**: Copy dictionary parameter in chord.from_dict before modifying
- **Results Backend**: Add Cassandra options
- **Worker**: Apply rate limiting for tasks with ETA
- **Celery Beat**: support scheduler entries without a schedule
- **SQS Broker**: Updated SQS requirements file with correct boto3 version
- Remove unused code from _create_app contextmanager
- **Group Result**: Modify GroupResult.as_tuple() to include parent
- **Beat**: Set default scheduler class in beat command.
- **Worker**: Retry signal receiver after raised exception
- **Task**: Allow custom Request class for tasks
- **Django**: Django fixup should close all cache backends
- **Deployment**: Adds stopasgroup to the supervisor scripts
- Using Exception.args to serialize/deserialize exceptions
- **Timezones**: Correct calculation of application current time with timezone
- **Remote Debugger**: Set the SO_REUSEADDR option on the socket
- **Django**: Celery ignores exceptions raised during django.setup()
- Use heartbeat setting from application configuration for Broker connection
- **Celery Beat**: Fixed exception caused by next_transit receiving an unexpected argument.
- **Task** Introduce exponential backoff with Task auto-retry
- **AsyncResult**: Remove weak-references to bound methods in AsyncResult promises.
- **Development/Testing**: Allow eager application of canvas structures
- **Command Line**: Flush stderr before exiting with error code 1.
- **Task**: Escapes single quotes in kwargsrepr strings.
- **AsyncResult**: Restore ability to join over ResultSet after fixing celery/3818.
- **Redis Results Backend**: Unsubscribe on message success.
Previously Celery would leak channels, filling the memory of the Redis instance.
- **Task**: Only convert eta to isoformat when it is not already a string.
- **Redis Results Backend**: The result_backend setting now supports rediss:// URIs
- **Canvas** Keyword arguments are passed to tasks in chain as expected.
- **Django** Fix a regression casuing Celery to crash when using Django.
- **Canvas** Chain with one task now runs as expected.
- **Kombu** Celery 4.2 now requires Kombu 4.2 or better.
- GreenletExit is not in __all__ in greenlet.py which can not be imported by Python 3.6.
The import was adjusted to work on Python 3.6 as well.
- Fixed a regression that occured during the development of Celery 4.2 which caused celery report to crash when Django is installed.
- Matched the behavior of GroupResult.as_tuple() to that of AsyncResult.as_tuple().
The group's parent is now serialized correctly.
- Use Redis coercion mechanism for converting URI query parameters.
- Fixed the representation of GroupResult.
4.2.1:
The 4.2.0 release contained remains of the async module by accident.
This is now fixed.
- Handle librabbitmq fileno raising a ValueError when socket is not connected.
4.2.0:
- Now passing max_retries, interval_start, interval_step,
interval_max parameters from broker transport_options to
:meth:~kombu.Connection.ensure_connection when returning
:meth:~kombu.Connection.default_connection
- Qpid: messages are now durable by default
- Kombu now requires version 2.10.4 or greater of the redis library,
in line with Celery
- Fixed ImportError in some environments with outdated simplejson
- MongoDB: fixed failure on MongoDB versions with an "-rc" tag
- Ensure periodic polling frequency does not exceed timeout in
virtual transport
- Fixed string handling when using python-future module
- Replaced "async" with "asynchronous" in preparation for Python 3.7
- Allow removing pool size limit when in use
2.3.1
- Fix a regression that occurs when running amqp under Python 2.7.
2.3.2
- Fix a regression that occurs when running amqp under Python 2.7 on OSX.
TCP_USER_TIMEOUT is not available when running on OSX.
We now remove it from the set of known TCP options.
Changes in version 0.3.3.7 - 2018-06-12
Tor 0.3.3.7 backports several changes from the 0.3.4.x series, including
fixes for bugs affecting compatibility and stability.
o Directory authority changes:
- Add an IPv6 address for the "dannenberg" directory authority.
Closes ticket 26343.
o Minor features (geoip):
- Update geoip and geoip6 to the June 7 2018 Maxmind GeoLite2
Country database. Closes ticket 26351.
o Minor bugfixes (compatibility, openssl, backport from 0.3.4.2-alpha):
- Work around a change in OpenSSL 1.1.1 where return values that
would previously indicate "no password" now indicate an empty
password. Without this workaround, Tor instances running with
OpenSSL 1.1.1 would accept descriptors that other Tor instances
would reject. Fixes bug 26116; bugfix on 0.2.5.16.
o Minor bugfixes (compilation, backport from 0.3.4.2-alpha):
- Silence unused-const-variable warnings in zstd.h with some GCC
versions. Fixes bug 26272; bugfix on 0.3.1.1-alpha.
o Minor bugfixes (controller, backport from 0.3.4.2-alpha):
- Improve accuracy of the BUILDTIMEOUT_SET control port event's
TIMEOUT_RATE and CLOSE_RATE fields. (We were previously
miscounting the total number of circuits for these field values.)
Fixes bug 26121; bugfix on 0.3.3.1-alpha.
o Minor bugfixes (hardening, backport from 0.3.4.2-alpha):
- Prevent a possible out-of-bounds smartlist read in
protover_compute_vote(). Fixes bug 26196; bugfix on 0.2.9.4-alpha.
o Minor bugfixes (path selection, backport from 0.3.4.1-alpha):
- Only select relays when they have the descriptors we prefer to use
for them. This change fixes a bug where we could select a relay
because it had _some_ descriptor, but reject it later with a
nonfatal assertion error because it didn't have the exact one we
wanted. Fixes bugs 25691 and 25692; bugfix on 0.3.3.4-alpha.
Bugfixes:
#4897: Pausing on introducer removes device on other devices
#4901: API returns empty response if non-existing files are #included
#4903: Syncthing recreates the directories for deleted/missing "Folders"
#4915: .stignore is accidentaly overwritten by web UI on slow machines
#4918: GUI unresponsive or unusable with many folders or devices
#4941: "Watching for Changes" dialog undismissable
#4947: Recent Changes shows empty folder label
Enhancements:
#4807: Support variable sized blocks
#4896: Thousand separator for numbers in GUI
Other issues:
#4909: Custom Windows icon missing in latest release
Fix all dependencies. This time, there is an actual working gsutil binary.
Thus, fix PR pkg/52941.
Release 4.31 (release date: 2018-04-26)
=======================================
New features
------------------
- Added support for reauthentication within gsutil. Note that this only affects
authentication when "gs_oauth2_refresh_token" is configured under the
"Credentials" section of the boto config file and that token corresponds to a
user account enrolled in 2-step verification.
Bug Fixes
------------------
- When creating a signed URL via the "signurl" command, gsutil now verifies that
the specified expiration isn't longer than 7 days (the maximum allowed by the
service).
- To support rewriting objects to be encrypted using a bucket's default KMS key,
the "rewrite" command now rewrites all specified objects if no value is
specified for "encryption_key" under the "GSUtil" section in the boto config
file.
Other Changes
------------------
- Several documentation updates and clarifications.
Release 4.30 (release date: 2018-03-28)
=======================================
New features
------------------
- Added Cloud KMS support for Google Cloud Storage resources, allowing the use
of customer-managed encryption keys (CMEKs). Bucket-related functionality
includes the new "kms" command, which can be used to get or set a bucket's
default KMS key. Concerning objects, users may now specify the CMEK to be used
for encryption via their boto config file, in the "encryption_key" attribute.
In this way, users may specify either a CSEK or a CMEK to encrypt new objects,
but not both. For more information, see "gsutil help encryption".
Other Changes
------------------
- Several documentation updates and clarifications.
Release 4.29 (release date: 2018-03-14)
=======================================
New features
------------------
- Added transport compression support, available through the "-j" and "-J"
options for the "cp", "mv", and "rsync" commands. This is useful when
uploading files with highly-compressible content. When specificed, files being
uploaded are compressed on-the-fly in memory, sent to GCS, and uncompressed by
GCS before they are stored. See "gsutil help cp" for additional information.
- When "use_magicfile=True" is set in the boto config file, gsutil will now
append the detected charset, if present, to the object's Content-Type metadata
field. For example, a Content-Type might be populated with
"text/html; charset=us-ascii" rather than simply "text/html".
Bug Fixes
------------------
- Improved error handling and logging for upload resumption.
- After encountering a PreconditionException, the "acl ch" command will now
re-fetch the object generation before retrying.
- Fixed issue with parsing lifecycle conditions when using the XML API.
Conditions whose values could be evaluated by Python as "falsy" (e.g. setting
an "age" condition to the number 0 or "isLive" to false) would be omitted from
the lifecycle configuration when "prefer_api=xml" was set in the boto config
file. Note that the JSON API is preferred by default, so most users were
unlikely to encounter this issue.
- For commands that fetch bucket ACLs or default ACLs, when the user does not
have storage.buckets.getIamPolicy on the GCS bucket, using the XML API will
now behave consistently with the JSON API and display ACL/default ACL fields
as empty, rather than throwing a CommandException.
Other Changes
------------------
- Several documentation updates and clarifications.
- The "signurl" command now uses signature V4 signing format to generate URLs.
1.7.38
api-change:ssm: [botocore] Update ssm client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
1.7.37
api-change:ecs: [botocore] Update ecs client to latest version
api-change:devicefarm: [botocore] Update devicefarm client to latest version
1.7.36
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:clouddirectory: [botocore] Update clouddirectory client to latest version
1.7.35
api-change:mediatailor: [botocore] Update mediatailor client to latest version
1.7.34
api-change:medialive: [botocore] Update medialive client to latest version
1.7.33
api-change:polly: [botocore] Update polly client to latest version
api-change:ce: [botocore] Update ce client to latest version
api-change:secretsmanager: [botocore] Update secretsmanager client to latest version
api-change🛡️ [botocore] Update shield client to latest version
api-change:rds: [botocore] Update rds client to latest version
1.7.32
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:mgh: [botocore] Update mgh client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:appstream: [botocore] Update appstream client to latest version
api-change:eks: [botocore] Update eks client to latest version
dd
1.7.31
api-change:ds: [botocore] Update ds client to latest version
api-change:mediatailor: [botocore] Update mediatailor client to latest version
api-change:sns: [botocore] Update sns client to latest version
api-change:redshift: [botocore] Update redshift client to latest version
api-change:iot: [botocore] Update iot client to latest version
1.7.30
api-change:neptune: [botocore] Update neptune client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
1.10.38
api-change:ssm: Update ssm client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
1.10.37
api-change:ecs: Update ecs client to latest version
api-change:devicefarm: Update devicefarm client to latest version
1.10.36
api-change:storagegateway: Update storagegateway client to latest version
api-change:rds: Update rds client to latest version
api-change:clouddirectory: Update clouddirectory client to latest version
1.10.35
api-change:mediatailor: Update mediatailor client to latest version
1.10.34
api-change:medialive: Update medialive client to latest version
1.10.33
api-change:polly: Update polly client to latest version
api-change:ce: Update ce client to latest version
api-change:secretsmanager: Update secretsmanager client to latest version
api-change🛡️ Update shield client to latest version
api-change:rds: Update rds client to latest version
1.10.32
api-change:ec2: Update ec2 client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:mgh: Update mgh client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:appstream: Update appstream client to latest version
api-change:eks: Update eks client to latest version
- Handle namespace variations of DnsEntry in transip provider
- Allow to toggle live tests using LEXICON_LIVE_TESTS env variable.
Tests are offline by default.
- GoDaddy provider improvements
pkgsrc changes:
* drop json_pure dependency
https://dev.mikutter.hachune.net/issues/1246
Upstream changes:
mikutter 3.7.2
* add a setting to disable extracting custom emoji
* handle a case that Twitter API returns non-URL strings as an entity
* thanks cob odo
* unify options of remain_charcount with compose spell
* thanks Shibafu Midorino
* stack overflow when strings which include URL are entered
* thanks Shibafu Midorino
* import https://github.com/cobodo/photo_support_extra
* thanks cob odo
* remain_charcount Spell
* thanks Shibafu Midorino
* not enough height of a list in the extract tab's setting window
in some case
* thanks Yuto Tokunaga
Fixed several crash bugs.
Upstream changes:
Features
- Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand.
- Qname minimisation default changed to yes.
- Use accept4 to speed up incoming TCP (and TLS) connections,
available on Linux, FreeBSD and OpenBSD.
- tls-win-cert option that adds the system certificate store for
authenticating DNS-over-TLS connections. It can be used instead
of the tls-cert-bundle option, or with it to add certificates.
- Patch from Syzdek: Add ability to ignore RD bit and treat all
requests as if the RD bit is set.
- Rename additional-tls-port to tls-additional-ports.
The older name is accepted for backwards compatibility.
Bug fixes:
- Fix for crash in daemon_cleanup with dnstap during reload,
from Saksham Manchanda.
- Also that for dnscrypt.
- Fix spelling error in man page and note defaults as no instead of
off.
- Fix that unbound-control reload frees the rrset keys and returns
the memory pages to the system.
- Fix fail to reject dead peers in forward-zone, with ssl-upstream.
- Fix that configure --with-libhiredis also turns on cachedb.
- Fix gcc 8 buffer warning in testcode.
- Fix function type cast warning in libunbound context callback type.
- Fix windows to not have sticky TLS events for TCP.
- Fix read of DNS over TLS length and data in one read call.
- Fix mesh state assertion failure due to callback removal.
- Fix contrib/libunbound.pc for libssl libcrypto references,
from https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=226914
- Fix that libunbound can do DNS-over-TLS, when configured.
- Fix that windows unbound service can use DNS-over-TLS.
- unbound-host initializes ssl (for potential DNS-over-TLS usage
inside libunbound), when ssl upstream or a cert-bundle is configured.
- For TCP and TLS connections that don't establish, perform address
update in infra cache, so future selections can exclude them.
- Fix that tcp sticky events are removed for closed fd on windows.
- Fix close events for tcp only.
- Fix windows tcp and tls spin on events.
- Add routine from getdns to add windows cert store to the SSL_CTX.
- in compat/arc4random call getentropy_urandom when getentropy fails
with ENOSYS.
- Fix that fallback for windows port.
- Fix deadlock caused by incoming notify for auth-zone.
Changes:
2.4.0
-----
### Features
* `hub delete [<OWNER>/]<REPO>`
* Add `hub compare --copy` flag
* Add `hub release --format=<FORMAT>` option
* Add `hub pull-request --no-edit` flag
* When checking out a pull request, ensure that `git push`with no arguments
works
* Support XDG Base Directory Specification
### Tweaks
* Enable `hub pr list -h <BRANCH>` when owner isn't specified
* Include `docs/` in list of locations to look up pull request and issue
templates in
Changes:
1.4.0
-----
* Added support for:
- `simplyhentai` (#89)
* Added extractors for
- `pixiv` search results and followed users
- `deviantart` search results and popular listings
* Added post-processors to perform actions on downloaded files
* Added options to configure logging behavior
* Added OAuth support for `smugmug`
* Changed `pixiv` extractors to use the AppAPI,
this breaks `favorite` archive IDs and changes some metadata fields
* Changed the default filename format for `tumblr` and renamed `offset` to
`num`
* Fixed a possible UnicodeDecodeError during installation (#86)
* Fixed extraction of `mangadex` manga with more than 100 chapters (#84)
* Fixed miscellaneous issues for `imgur`, `reddit`, `komikcast`, `mangafox`
and `imagebam`
If the editor used matches the `\b(?:[gm]?vim|vi)(?:\.exe)?$' regular
expression hub automatically add as arguments `--cmd'. The `--cmd' passed is
probably supported only by vim so delete the `|vi' from the RE in order to not
append possible non-standard arguments to non-vim vi-s.
(This was spotted using `hub pull-request' that failed due non supported
argument passed to vi)
Bump PKGREVISION
Changelog:
Features
--enable-memclean cleans up memory for use with memory checkers,
eg. valgrind.
refuse-any nsd.conf option that refuses queries of type ANY.
lower memory usage for tcp connections, so tcp-count can be higher.
Bug Fixes
Fix unused variable warnings and uninit variable in statistics printout
from clang analyzer.
Fix spelling error in xfr-inspect.
Fix#3562: explain build error when flex missing.
Fix buffer size warnings from compiler on filename lengths.
Fix#4093: Release notes not using 2018.
This works around an assumption by the py-meson build system
that loadable modules should have a .dylib suffix on Darwin.
glib2 expects those modules to have a .so suffix.
* dhcp: Clarified some checksumming code, style and commentary
(thanks to Maxime Villard)
* dhcp6: IAID is now unique per IA type rather than global
* ip6: if an IA callback causes a fork, exit earlier
pkgsrc changes:
- Add a files/hub.1 to avoid picking up devel/ruby-ronn as a TOOL_DEPENDS
Changes:
2.3.0
-----
This is a long-awaited release of hub with an abudance of new features.
Thank you everyone for testing out prereleases, reporting bugs, and
submitting pull requests! The work of 76 contributors went into
this release.
## New commands
* `hub issue`: list and create issues and labels
Usage: hub issue [-a <ASSIGNEE>] [-c <CREATOR>] [-@ <USER>]
[-s <STATE>] [-f <FORMAT>] [-M <MILESTONE>]
[-l <LABELS>] [-d <DATE>] [-o <SORT_KEY> [-^]]
[-L <LIMIT>]
hub issue create [-oc] [-m <MESSAGE>|-F <FILE>] [-a <USERS>]
[-M <MILESTONE>] [-l <LABELS>]
hub issue labels [--color]
* `hub pr list`: list pull requests for the current repository
* `hub pr checkout <NUMBER>`: checkout a pull request by its number
* `hub release`: list, create, edit, and delete releases and attachments
Usage: hub release [--include-drafts] [--exclude-prereleases]
[-L <LIMIT>]
hub release show <TAG>
hub release create [-dpoc] [-a <FILE>] [-m <MESSAGE>|-F <FILE>]
[-t <TARGET>] <TAG>
hub release edit [<options>] <TAG>
hub release delete <TAG>
* `hub sync`: fetch updates from remote repository and sync all local
branches to their upstream equivalents, purging merged ones
## Improved commands
* `hub pull-request` now has the ability to set assignees, labels,
reviewers, and milestones.
Usage: hub pull-request [-focp] [-b <BASE>] [-h <HEAD>]
[-r <REVIEWERS> ] [-a <ASSIGNEES>]
[-M <MILESTONE>] [-l <LABELS>]
hub pull-request -m <MESSAGE>
hub pull-request -F <FILE> [--edit]
hub pull-request -i <ISSUE>
* `hub pull-request` and `hub issue create` now support pull request and
issue templates.
* Commands that print the resulting URL, such as `hub pull-request` or
`hub create`, now accept `--copy` to put the URL to the system clipboard
instead.
* `hub pull-request` now supports `--push` and `--open` flags to push the
head branch to the remote and open the resulting PR in a web browser,
respectively.
* `hub pull-request` now strips away the `Signed-off-by` line and the commit
signature when generating the default pull request message.
* Commands that take input via `-m` or `-F` arguments now also respect
`--edit` to additionally edit the text in a text editor before submitting.
* Support `core.commentchar=auto` git configuration when editing
pull request/issue/release message in a text editor.
* Support `/OWNER/REPO/pull/XYZ/commits/SHA` format of URLs as argument to
`cherry-pick`, `am`, and `apply`.
* Commands such as `cherry-pick`, `merge <PR-URL>`, and `checkout <PR-URL>`
don't leave leftover git remotes anymore.
* New `hub compare -b BASE` flag.
* New `hub fork --org=ORGANIZATION` flag.
* New `hub fork --remote-name=NAME` flag to configure the new git remote.
* New, manpage-based help system; see `hub help hub` and
`hub help hub-<command>`.
* Added fish shell completion script.
* When prompted to authenticate with username/password, pasting a
Personal Access Token now works just as well instead of the password.
