Three new features in this release, plus an unknown number of new
bugs:
1. When the `NO_COLOR` env variable is set, phetch won't use colors
when rendering menus. See https://no-color.org/ for more information.
2. CP437 encoding support! You can toggle it on or off using `ctrl-e`
(for encoding) when viewing a Gopher text document, or using the
`--encoding` command line flag. See
https://en.wikipedia.org/wiki/Code_page_437.
Huge thanks to Kjell for suggesting this feature and providing some
great test data!
_NOTE: This only works for text documents since there's no `TAB`
character in CP437._
3. phetch now supports a primitive form of wrapping long lines when
rendering Gopher text documents. It won't reflow the text, but it
will make some phlogs and other documents slightly more readable.
Enable it with `--wrap NUM` or by adding `wrap NUM` to your
`phetch.conf`. You can disable it with `wrap 0`.
Version 12.19.1 'Erbium' (LTS)
Notable changes
This is a security release.
Vulnerabilities fixed:
CVE-2020-8277: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service by getting the application to resolve a DNS record with a larger number of responses.
Version 14.15.1 'Fermium' (LTS)
Notable changes
This is a security release.
Vulnerabilities fixed:
CVE-2020-8277: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service by getting the application to resolve a DNS record with a larger number of responses.
0.16.18
Support custom function in update.
Add Model.refresh_from_db.
Add timezone support, be careful to upgrade to this version, see docs for details.
Remove aerich in case of cyclic dependency.
2.0.6
Significant changes relative to 2.0.5:
Fixed "using JNI after critical get" errors that occurred on Android platforms when using any of the YUV encoding/compression/decompression/decoding methods in the TurboJPEG Java API.
Fixed or worked around multiple issues with jpeg_skip_scanlines():
Fixed segfaults or "Corrupt JPEG data: premature end of data segment" errors in jpeg_skip_scanlines() that occurred when decompressing 4:2:2 or 4:2:0 JPEG images using merged (non-fancy) upsampling/color conversion (that is, when setting cinfo.do_fancy_upsampling to FALSE.) 2.0.0[6] was a similar fix, but it did not cover all cases.
jpeg_skip_scanlines() now throws an error if two-pass color quantization is enabled. Two-pass color quantization never worked properly with jpeg_skip_scanlines(), and the issues could not readily be fixed.
Fixed an issue whereby jpeg_skip_scanlines() always returned 0 when skipping past the end of an image.
The Arm 64-bit (Armv8) Neon SIMD extensions can now be built using MinGW toolchains targetting Arm64 (AArch64) Windows binaries.
Fixed unexpected visual artifacts that occurred when using jpeg_crop_scanline() and interblock smoothing while decompressing only the DC scan of a progressive JPEG image.
Fixed an issue whereby libjpeg-turbo would not build if 12-bit-per-component JPEG support (WITH_12BIT) was enabled along with libjpeg v7 or libjpeg v8 API/ABI emulation (WITH_JPEG7 or WITH_JPEG8.)
This package depends on ICU headers that now unconditionally expect C99
features, so it requires C99 just as ICU does. Patch around ICU API
changes that caused related breakages.
> In file included from ../test/api/test-aat-layout.c:25:0:
> ../test/api/hb-test.h: In function 'hb_test_assert_blobs_equal':
> ../test/api/hb-test.h:178:5: error: 'for' loop initial declarations are only allowed in C99 or C11 mode
> for (unsigned int i = 0; i < expected_length; i++)
> ^
> ../test/api/hb-test.h:178:5: note: use option -std=c99, -std=gnu99, -std=c11 or -std=gnu11 to compile your code
Version 0.15
------------
``Graph`` and ``Digraph`` instances created via the context-manager returned
by ``subgraph()`` now (re)use ``directory``, ``format``, ``engine``, and
``encoding`` from the parent instead of using defaults (behavioral change).
Note that these attributes are only relevant when rendering the
subgraph independently (i.e. as a stand-alone graph) from within the
``with``-block, which was previously underdocumented. To reflect that
the DOT language does not allow subgraph statements to specify ``strict``
(i.e. no way to override the setting of the containing graph), instances
created via the context-manager are now ``strict=None`` instead of ``False``
(so they continue to render stand-alone as non-strict by default).
Drop Python 3.5 support and tag Python 3.9 support.
Add documentation link to new upstream installation procedure for Windows.
0.8.4:
Bugfixes:
* Fix preventing session logout when window is maxmimized.
* Fix empty space in organize window when copying songs/playlists to devices.
* Fix crash when opening about dialog in a wayland session.
* Fix stretched fancy/side tabbar style issue with adwaita style (Fedora/Gnome).
* Fix centering star icon on playlist tabbar.
* Fix network proxy settings for streaming.
* Fix copy URL to clipboard to handle non-ASCII characters.
* Fix HiDPI scaling for glow animation and drag over playlist.
* Fix smart playlist search by filename.
* Fix single letter collection nodes showing before dividers.
Enhancements:
* Add support for native global shortcuts on KDE.
* Add track progress in system tray icon as an option.
* Only strip problematic characters in suggested filename when saving a playlist to file.
* Change star/unstar playlist to doubleclick instead of singleclick.
* Don't edit playlist name on doubleclick in playlists view.
* Make context view top label text selectable.
* Add setting to change Qt style.
* Clear ID3v3 tags that are empty, and clear ID3v1 tags when setting ID3v3 tags.
* Remove remaining uses of QTextCodec.
* Remove Core5Compat dependency.
1.6.3:
Bugfixes
- No longer loose characters when decoding incorrect percent-sequences (like ``%e2%82%f8``). All non-decodable percent-sequences are now preserved.
- Provide x86 Windows wheels.
Fix some pkglint while here.
Changes between GMP version 6.2.0 and 6.2.1
BUGS FIXED
* A possible overflow of type int is avoided for mpz_cmp on huge operands.
* Overflows are more carefully detected and reported for mpz_pow_ui.
* A bug in longlong.h for aarch64 sub_ddmmss, not affecting GMP, was healed.
* mini-gmp: mpz_out_str and mpq_out_str now correctly handle out of
range bases.
FEATURES
* C90 compliance.
* Initial support for Darwin on arm64, and improved portability.
* Support for more processors.
SPEEDUPS
* None, except indirectly through recognition of new CPUs.
* Version 1.8.1 (released 2019-08-02) [stable]
** gsasl: IMAP client code now permits empty SASL tokens prefixed with '+'.
Normally servers should send '+ '. Buggy servers include Microsoft
Exchange. Reported by Adam Sjøgren.
** GSSAPI client: Now retrieves GSASL_AUTHZID for authorization identity.
** GSSAPI client: Can now transmit an empty/missing authorization identity.
See lib/NEWS for more information.
** Build fixes.
Update of gnulib, including how it is bootstrapped.
** i18n: Updated translations.
If you have an obscure multimedia file which needs a 32-bit binary
Windows codec to play you're probably better off converting it in
a VM these days.
While here, delint.
PostgreSQL 13.1, 12.5, 11.10, 10.15, 9.6.20, and 9.5.24
Security Issues
* CVE-2020-25695: Multiple features escape "security restricted operation" sandbox
* CVE-2020-25694: Reconnection can downgrade connection security settings
* CVE-2020-25696: psql's \gset allows overwriting specially treated variables
Bug Fixes and Improvements
This update also fixes over 65 bugs that were reported in the last several months. Some of these issues only affect version 13, but may also apply to other supported versions.
Some of these fixes include:
Fix a breakage in the replication protocol by ensuring that two "command completion" events are expected for START_REPLICATION.
Ensure fsync is called on the SLRU caches that PostgreSQL maintains. This prevents potential data loss due to an operating system crash.
Fix ALTER ROLE usage for users with the BYPASSRLS permission.
ALTER TABLE ONLY ... DROP EXPRESSION is disallowed on partitioned tables when there are child tables.
Ensure that ALTER TABLE ONLY ... ENABLE/DISABLE TRIGGER does not apply to child tables.
Fix for ALTER TABLE ... SET NOT NULL on partitioned tables to avoid a potential deadlock in parallel pg_restore.
Fix handling of expressions in CREATE TABLE LIKE with inheritance.
DROP INDEX CONCURRENTLY is disallowed on partitioned tables.
Allow LOCK TABLE to succeed on a self-referential view instead of throwing an error.
Several fixes around statistics collection and progress reporting for REINDEX CONCURRENTLY.
Ensure that GENERATED columns are updated when any columns they depend on are updated via a rule or an updatable view.
Support hash partitioning with text array columns as partition keys.
Allow the jsonpath .datetime() method to accept ISO 8601-format timestamps.
During a "smart" shutdown, ensure background processes are not terminated until all foreground client sessions are completed, fixing an issue that broke the processing of parallel queries.
Several fixes for the query planner and optimizer.
Ensure that data is de-toasted before being inserted into a BRIN index. This could manifest itself with errors like "missing chunk number 0 for toast value NNN". If you have seen a similar error in an existing BRIN index, you should be able to correct it by using REINDEX on the index.
Fix the output of EXPLAIN to have the correct XML tag nesting for incremental sort plans.
Several fixes for memory leaks, including ones involving RLS policies, using CALL with PL/pgSQL, SIGHUP processing a configuration parameter that cannot be applied without a restart, and an edge-case for index lookup for a partition.
libpq can now support arbitrary-length lines in the .pgpass file.
On Windows, psql now reads the output of a backtick command in text mode, not binary mode, so it can now properly handle newlines.
Fix how pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb use complex connection-string parameters.
When the \connect command of psql reuses connection parameters, ensure that all non-overridden parameters from a previous connection string are also re-used.
Ensure that pg_dump collects per-column information about extension configuration tables, avoiding crashes when specifying --inserts.
Ensure that parallel pg_restore processes foreign keys referencing partitioned tables in the correct order.
Several fixes for contrib/pgcrypto, including a memory leak fix.
pkgsrc changes:
- remove a patch applied in the upstream
- pull an upstream fix for NetBSD/x68k VGA mode support:
0d3a3b0bdc
Upstream changes noted in doc/en/ReleaseNote:
ver 3.9.1
* Support copy mode which starts by Control+Shift+Return.
* Support OSC 1337;Setmark ST.
* Support CSI 3 J (ED) which clears backlog.
* Support gradle to build mlterm for Android. (See doc/en/README.android)
* Add --enable-utmp-suid option to ./configure script.
(The default value is disabled.)
* Add --with-utmp option which specifies the way of accessing to utmp database
to ./configure script.
* Add SCROLL_UP_TO_MARK, SCROLL_DOWN_TO_MARK and SET_MARK shortcut keys.
* Add resize_mode / --rz option, and drop scroll_on_resize / --sr option.
(If you want to revert to the old behavior, specify --rz=none option.)
* Add emoji_file_format / --emojifmt option.
* Add libvterm 0.1 API symbols to libvterm compatible library.
* Add vte 0.62 API symbols to libvte compatible library.
* Drop SCROLL_DOWN and PAGE_DOWN shortcut keys.
* Drop use_extended_scroll_shortcut option and SCROLL_UP shortcut key is enabled
by default. (If you want to disable it, add UNUSED=SCROLL_UP to ~/.mlterm/key.)
* Update unicode property table (generated from UnicodeData.txt and
EastAsianWidth.txt) to version 13.0.0.
* letter_space / --csp option accepts negative value.
* libvte compatible library supports XInput2.
* Bug fixes:
Fix a bug which caused a 'mlimgloader' process not to exit after loading a wall picture.
(Enbugged at 3.8.8)
Fix a bug which disabled keyboard and mouse on Haiku R1/beta2.
Mlconfig starts correctly by Ctrl + RightClick on cygwin 3.1.4.
Fix https://sourceforge.net/p/mlterm/mailman/message/37033060/
Fix segfault of mlcc in exiting after changing configurations.
Fix segfault in double click at RTL characters. (Enbugged at 3.6.2)
Fix corruption of data transferred by "OSC 5379; scp ... ST".
Fix https://github.com/arakiken/mlterm/issues/4.
Fix http://twitter.com/oshimyja/status/1320251099211649024.
This uses libbfd, a library which is not exposed on a typical NetBSD
system, but may be on Linux. libbfd does not appear to have a stable
API, so this code may unexpectedly break.
Reported by Dr. Thomas Orgis (problems manifest on CentOS 7)
