All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
Changes in libsoup from 2.69.90 to 2.70.0:
* Deprecate SoupSession:proxy-uri [Patrick Griffis]
* Update translations: Persian, Finnish, Ukrainian
Changes in libsoup from 2.68.3 to 2.69.90:
* Add new API to expose support for same-site cookies [Patrick Griffis]
* Fix TRACE method not being considered safe and idempotent internally [Patrick
Griffis]
* WebSockets: ensure a new connection is created for WebSocket requests [Carlos
Garcia Campos]
* WebSockets: do not start the input source when IO is closing [Carlos Garcia
Campos]
* Deprecate soup_date_to_timeval() [Claudio Saavedra]
* build: Update glib requirement to 2.58 [Xavier Claessens]
* Updated translations: Malay [Umarzuki Mochlis]
Changes in libsoup from 2.68.3 to 2.68.4:
* WebSockets: Ensure a new connection is created for WebSocket requests [Carlos
Garcia Campos]
* WebSockets: Do not start the input source when IO is closing [Carlos Garcia
Campos]
* build: Update glib requirement to 2.58 [Xavier Claessens]
Changes in libsoup from 2.68.2 to 2.68.3:
* Fixes to testing infrastructure [Simon McVittie]
* Enable GNOME support in mingw [Fabiano Fidêncio]
* Allow introspection in cross builds [Ross Burton]
* Updated translations: Chinese (Taiwan)
Changes in libsoup from 2.68.1 to 2.68.2:
* Documentation fixes [Sonny Piers]
* Windows compatibility test fixes [Ignacio Casal Quinteiro]
* WebSockets: client_max_window_bits in server must have a value [Carlos Garcia Campos]
* build: improve diagnostics when detecting Apache [Simon McVittie]
* NTLM: Make v2 authentication more robust [Claudio Saavedra]
* Updated translations: British English, Chinese (Taiwan), Danish, Dutch
Changes in libsoup from 2.68.0 to 2.68.1:
* Several memory leaks fixed in tests, examples, and parsing code [Claudio Saavedra]
* SoupServer: Fixes to Windows path handling [Ignacio Casal Quinteiro]
Changes in libsoup from 2.67.93 to 2.68.0:
* Updated translations: Brazilian Portuguese, Croatian,
Friulian, Italian, Turkish
Changes in libsoup from 2.67.92 to 2.67.93:
* SoupMessage: Handle Transfer-Encoding: identity for
compatibility reasons [#148, Thomas Bluemel, Normen Bolling]
* WebSockets: Only poll IO stream when needed [Carlos Garcia
Campos]
* WebSockets: Properly set cookies received during handshake
[Carlos Garcia Campos]
* WebSockets: Plug a couple of memory leaks and fix a few
read-after-free memory errors [Claudio Saavedra]
* WebSockets: document how web socket extensions should treat
buffers in case of error [Claudio Saavedrə]
* SoupSession: Don't reset user GCancellable internally [Tom
Bailey]
* Tests: Make tests installable [Simon McVittie]
* Remove deprecate GTimeVal internal usage [Claudio Saavedra]
* CI: increase coverage by enabling all features during
testing [Claudio Saavedra]
* Updated translations: Korean, German, Galician, Hungarian,
Slovenian, Latvian, Finnish, Serbian, Catalan, Polish
Changes in libsoup from 2.67.91 to 2.67.92:
* Silence GTimeVal deprecation warnings. [Michael Catanzaro]
* API documentation and annotation fixes [Дилян Палаузов, Claudio Saavedra]
* Plug a couple of NTLM authentication memory leaks [#156, Claudio Saavedra]
* Fix build in SmartOS/SunOS [#157, Juraj Lutter]
* Meson: Use feature options [Xavier Claessens]
* Meson: Do not fallback to system krb5-config for cross-compilation
[Xavier Claessens]
* NTLM: Fix build with NTLM enabled [Claudio Saavedra]
* Updated translations: Basque, Czech, Indonesian, Lithuanian, Swedish
Changes in libsoup from 2.67.90 to 2.67.91:
* HSTS: New API to retrieve information about existing HSTS policies
[Claudio Saavedra]
* Updated translations: French, Romanian, Spanish
Changes in libsoup from 2.67.3 to 2.67.90a:
* WebSockets: add support for WebSocket extensions via new
SoupWebsocketExtensionManager and SoupWebsocketExtension API
[Carlos Garcia Campos]
* WebSockets: add support for the permessage-deflate extension, enabled
by default in SoupServer and in the client side only if SoupWebsocketExtensionManager
is added to a session [Carlos Garcia Campos]
* WebSockets: Allow sending close frames with no body [Carlos Garcia Campos]
* WebSockets: ignore messages after close has been sent and received [Carlos Garcia Campos]
* Meson: tls-check improved [Xavier Claessens]
* Meson: improve Apache checks [Claudio Saavedra]
Changes in libsoup from 2.67.2 to 2.67.3:
* WebSockets: allow sending empty binary data [Carlos Garcia Campos]
* WebSockets: fail and load the connection on invalid payload length [Carlos Garcia Campos]
* WebSockets: allow NULL characters in text messages data [Carlos Garcia Campos]
* WebSockets: Close connection on wrongly masked/unmasked frame as per RFC [Carlos Garcia Campos]
* WebSockets: other code fixes [Carlos Garcia Campos]
* NTLM: Fix NTLMv2 authentication [Thibaut Robert]
* SoupMessage: fix several deprecation warnings related to private data [Claudio Saavedra]
Changes in libsoup from 2.67.1 to 2.67.2:
* gobject-introspection: Fix annotation for soup_auth_new()
[Rico Tzschichholz]
* brotli: Do not advertise the decoder as it's failing with
some websites [Patrick Griffis]
* Meson: Fix xml2 and sqlite fallbacks [Xavier Claessens]
* HSTS: Add SoupHSTSEnforcer:hsts-enforced signal [Claudio
Saavedra]
* HSTS: Fixes to the types used to store policies in the
SQLite storage [Claudio Saavedra]
* HSTS: Accept Strict-Transport-Security regardless of casing
[Claudio Saavedra]
* WebSockets: Ensure messages finishes when handshake fails
[Carlos Garcia Campos]
* WebSockets: Fix critical warnings and test failures [Carlos
Garcia Campos]
Changes in libsoup from 2.66.2 to 2.67.1:
* Add a brotli decoder. This adds a new dependency on libbrotli
[Patrick Griffis]
* Add strict secure cookies support [Patrick Griffis]
* Add HSTS enforcer SoupSession feature (with both memory
and sqlite backends) [Adrien Plazas, Claudio Saavedra]
* meson gtk-doc documentation fixes [Claudio Saavedra]
* Bump the CI test image to Fedora 30 and add libbrotli
dependency [Claudio Saavedra]
The motivation is to consider meson as an application, so there is only
one copy on the system, and as a python 3 program, it can build python 2
packages.
Switch to meson since autotools build system was removed.
Changes in libsoup from 2.66.1 to 2.66.2:
* Make gettext optional (might not be available in Windows)
[Seungha Yang]
* MSVC: set encoding to UTF-8 to avoid errors [Seungha Yang]
* MinGW tests build fix [Tomas Popela]
* Check for TLS support only when external glib dependency is available
[Seungha Yang]
Changes in libsoup from 2.66.0 to 2.66.1:
* Fix dylib versioning in MacOS [Tom Schoonjans]
* Visual Studio build fixes [Chun-wei Fan]
* MinGW build fixes [Руслан Ижбулатов]
* Meson build system improvements [Claudio Saavedra, Jakub Adam]
* Fix random CI failures due to parallel apache tests [Claudio Saavedra]
* Code cleanups [Claudio Saavedra]
Changes in libsoup from 2.65.92 to 2.66.0:
* Fix lookup for libxml2 on Visual Studio builds [Chun-wei Fan]
Changes in libsoup from 2.65.91 to 2.65.92:
* SoupConnection: Fix check for remote disconnectin idle state
[Michael Catanzaro, #134]
* Code cleanups and warnings fixed [Michael Catanzaro]
* Remove stale .pc.in files [Claudio Saavedra, #137]
* Updated translations: Dutch
Changes in libsoup from 2.65.90 to 2.65.91:
* Remove RFCs from sources [Tomas Popela, #133]
Changes in libsoup from 2.65.2 to 2.65.90:
* Avoid using threads in SoupRequestFile asynchronous API
[Ignacio Casal Quinteiro]
Changes in libsoup from 2.65.1 to 2.65.2:
* Remove autotools build system and change to meson by default
[#12, Tomas Popela]
* Many fixes to Meson [Claudio Saavedra, Tomas Popela, Xavier
Claessens]
* Improvements to the continuous integration infrastructure
[Xavier Claessens]
* Make sure SoupSession features are not disposed until all
pending messages are processed [#130, Claudio Saavedra]
* Updated translations: Greek, Slovak, French.
Changes in libsoup from 2.64.0 to 2.65.1:
* Added MTLMv2 responses support [Michal Hrubý]
* Many fixes to the meson build system [Tomas Popela]
* Remove Visual Studio project files [Chun-wei Fan]
* Enable VAPI by default [#119, Jeremy Bicha]
* New strict header field parameter parsing API [Claudio Saavedra]
* Code cleanups [Claudio Saavedra]
* Updated translations: Belarusian, Serbian
pkgsrc changes:
- Add a dependency to www/libpsl
- Add a patch to adjust running of the tests (otherwise because
`APACHE_HTTPD' is defined to `no' a `no' program will be executed but
will fail because no `no' program is usually available)
Changes:
Changes in libsoup from 2.64.1 to 2.64.2:
* TLD tests updated (Claudio Saavedra)
* Updated translations: Serbian
Changes in libsoup from 2.63.92 to 2.64.1:
* Many fixes to the meson build system (which, by the way, is
NOT official yet) (#13, Tomas Popela)
* Updated translations: Belarusian.
Changes in libsoup from 2.63.92 to 2.64.0:
* Many fixes to the meson build system [#7, #8, #9, #11, Tomas Popela]
* Updated translations: Brazilian Portuguese, Galician,
Hungarian, Latvian, Danish.
Changes in libsoup from 2.63.91 to 2.63.92:
* Make sure that XMLRPC tests build in Debian too [Claudio Saavedra]
* Distribute missing meson files [Claudio Saavedra]
* Some fixes to the meson build files [Claudio Saavedra]
* Updated Korean and Swedish translations
Changes in libsoup from 2.63.90 to 2.63.91:
* Simplify soup_hosts_matches_host() [Claudio Saavedra]
* Add new tests for trailing dots in domain names [Claudio Saavedra]
* Updated Turkish translation
Changes in libsoup from 2.63.2 to 2.63.90:
* Set default cookie path for NULL origins [#1, Adrian Perez de Castro]
* Fixes to GObject-introspection [bgo#794787, Corentin Noël]
* Use atomic-refcounting in classes that are not using GObject-refcounting
[bgo#785110, Edward Hervey]
* Many Coverity-found code fixes [bgo#781771, Milan Crha]
* Bail out on cookie-jar calls with empty hostnames [#3, Michael Catanzaro]
* Fixes to the simple-httpd example [#2, Mooffie]
* Updated translations: Chinese (Taiwan), Catalan
Note: from now onwards bgo# references bugs in GNOME Bugzilla
and # issues in GNOME gitlab.
Changes in libsoup from 2.63.1 to 2.63.2:
* Many fixes to the meson build system support [#795324,
#782410, Tomas Popela, Jan Alexander Steffens]
* Fixes to xmlrpc-server test with PHP >= 7.2 and related
[#795111, #782410 Jan Alexander Steffens]
* Fix critical warning in SoupSocket [Carlos Garcia Campos]
* Updated translations: Romanian, Friulian, Slovenian,
Czech, Spanish, Indonesian, Chinese (China).
Changes in libsoup from 2.62.2 to 2.62.3:
* Check for trailing dots in domains [#5, Claudio Saavedra]
* Set default cookie path for NULL origins [#1, Adrian Perez de Castro]
* Use atomic-refcounting in classes that are not using GObject-refcounting
[bgo#785110, Edward Hervey]
* Many Coverity-found code fixes [bgo#781771, Milan Crha]
* Bail out on cookie-jar calls with empty hostnames [#3, Michael Catanzaro]
Note: from now onwards bgo# references bugs in GNOME Bugzilla
and # issues in GNOME gitlab.
Changes in libsoup from 2.62.1 to 2.62.2:
* Fixes to instrospection annotation [#795135,
Claudio Saavedra]
* Fixes to the test suite with PHP version >= 7.2
[#795111, Jan Alexander Steffens]
* Critical warning fixes to SoupSocket [Carlos Garcia Campos]
* Updated Romanian translation.
Changes in libsoup from 2.62.0 to 2.62.1:
* Fix digest authentication with encoded URIs
[#794208, Claudio Saavedra]
* Avoid unaligned memory accesses in WebSocket implementation
[#794421, Rolf Eike Beer]
* Use base domain to decide if cookies are third-party
[#792130, Michael Catanzaro]
* Fix crash under soup_socket_new()
[#762138, Milan Crha]
Changes in libsoup from 2.61.91 to 2.62.0:
* Updated translations.
Changes in libsoup from 2.61.90 to 2.61.91:
* Add limit to header length to avoid DOS attacks
[#792173, Michele Dionisio]
* Update the public-suffix list.
[Claudio Saavedra]
* Revert "cookie-jar: use base domain to decide if cookie is third party"
[#792130, Claudio Saavedra]
Changes in libsoup from 2.61.2 to 2.61.90:
* Various improvements to the WebSocket implementation
[#792113, Italo Guerrieri]
* cookie-jar: use base domain to decide if cookie is third party
[#792130, Michael Catanzaro]
* Add new API to create a new connection from a SoupSession
[#792212, Carlos Garcia Campos]
* soup-headers: accept any 3 digit number as message status code
[#792124, Carlos Garcia Campos]
Changes in libsoup from 2.61.1 to 2.61.2:
* session: don't request Keep-Alive for upgraded connections
[#788723, Lionel Landwerlin]
Changes in libsoup from 2.60.2 to 2.60.3:
* heap-buffer-overflow in soup_ntlm_parse_challenge()
[#788037, Milan Crha]
* session: don't request Keep-Alive for upgraded connections
[#788723, Lionel Landwerlin]
* soup-headers: accept any 3 digit number as message status code
[#792124, Carlos Garcia Campos]
Changes in libsoup from 2.60.1 to 2.60.2:
* Fix documentation typos [#788920, Nirbheek Chauhan]
* format-zero-length warning triggered in soup-logger.c
[#789096, Tomas Popela]
* Warnings while generating inrospection files
[#789099, Tomas Popela]
* Visual Studio builds: Enhance security of x64 binaries
[Chun-wei Fan]
* Updated translation: Nepali.
Changes in libsoup from 2.60.0 to 2.60.1:
* Fallback to another authentication type if the current
failed [#788238, Tomas Popela]
* Fix unbalanced G_GNUC_BEGIN_IGNORE_DEPRECATIONS use in
soup-session.c [#787166, Zan Dobersek]
* SoupCache: fix setting default value for cache dir
[#788452, Cosimo Cecchi]
* Updated translations: Catalan (Valencian).
Changes in libsoup from 2.59.90.1 to 2.60.0:
* New/updated translations: Catalan, Danish, Dutch, Nepali
Changes in libsoup from 2.59.90 to 2.59.90.1:
* CVE-2017-2885: Fixed a chunked decoding buffer overrun that
could be exploited against either clients or servers.
[#785774]
Changes in libsoup from 2.58.0 to 2.59.90:
* Several SoupAuthNegotiate compatibility fixes [#783780,
#783781, Tomas Popela]
* Include a payload in SoupWebsocketConnection's "ping"
messages (to avoid problems with certain buggy server
implementations), and emit a signal when receiving a "pong"
(to allow apps to notice when the remote peer has
disconnected them). [#785660, David Woodhouse]
* Fix the interpretation of wss:// URIs, which previously
mostly didn't work. [#784766, Nirbheek Chauhan].
* Fixed SoupContentSniffer behavior on XML files with no
Content-Type
[https://bugs.webkit.org/show_bug.cgi?id=173923]
* Fixed a bug with cancelling async requests [#773257, Carlos
Garcia Campos]
* Reverted the (undocumented) change in 2.58.0 to call
soup_session_abort() after changing
SoupSession:proxy-resolver; while this made its behavior
more consistent with :proxy-uri, it ended up breaking
things. [#781590]
* Allow HTTP responses that have no trailing CRLF after the
response headers (and no body) [#780352, Carlos Garcia
Campos]
* Fixed an out-of-bounds read in SoupURI parsing [#785042]
* Fixed a spurious (debug-level) error message in
SoupWebsocketConnection [#784935, Ignacio Casal Quinteiro]
* Fixed introspection annotations on
soup_message_headers_get_content_range() [Philip Withnall]
* Fixed a flake in tests/header-parsing [#777258]
* Update tests/test-cert.pem to use stronger algorithms to
avoid problems with newer gnutls. [#784949, Jan Alexander
Steffens]
* Fixed examples/get to not accidentally break https
certificate validation [#784259, Sebatian Dröge]
* Misc updates to apache/php stuff in unit tests:
* Dropped support for Apache 2.2
* Deal with mod_unixd being compiled-in [#776478]
* Switched PHP support from PHP 5 to PHP 7
* Updated translations:
Esperanto, Turkish
Changes in libsoup from 2.58.1 to 2.58.2:
* CVE-2017-2885: Fixed a chunked decoding buffer overrun that
could be exploited against either clients or servers.
[#785774]
Changes in libsoup from 2.58.0 to 2.58.1:
* Reverts a change to SoupSession to close all open
connections when the :proxy-resolver property is changed
[#777326; this change was made in 2.58.0 but accidentally
left out of the NEWS for that release]; although that
behavior made :proxy-resolver more consistent with
:proxy-uri, it ended up breaking Evolution EWS. [#781590]
* Fixed undefined behavior in tests/header-parsing that could
make the test spuriously fail. [#777258]
* Updates to the configure tests for Apache for use in tests/:
* Dropped support for Apache 2.2
* Changed PHP support from PHP 5 to PHP 7
* mod_unixd can now be either built-in or dynamically
loaded [#776478]
* Updated translations:
Turkish
Changes in libsoup from 2.57.1 to 2.58.0:
* Fix authentication issues when the SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE
flag is used. [#778497, #777936, Carlos Garcia Campos]
* MSVC build improvements (Chun-wei Fan)
* Updated translations:
Basque, Belarusian, Brazilian Portuguese, Chinese (Taiwan), Danish,
French, Galician, Greek, Indonesian, Italian, Korean, Latvian,
Lithuanian, Norwegian bokmål, Russian, Serbian, Slovak, Slovenian,
Spanish, zh_CN
Changes in libsoup from 2.56.0 to 2.57.1:
* Added SoupWebsocketConnection:keepalive-interval, to make a
connection send regular pings. [#773253, Ignacio Casal
Quinteiro]
* Added soup_auth_manager_clear_cached_credentials() and
SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE, to allow greater control
over the use of cached HTTP auth credentials. [#774031,
#774033, Carlos Garcia Campos]
* Fixed the use of SoupSession:proxy-uri values containing
passwords. [#772932, Jonathan Lebon]
* Various minor WebSocket fixes [Ignacio Casal Quinteiro]:
* Avoid sending data after we start closing the
connection [#774957]
* Do not log a critical if the peer sends an invalid
close status code
* Log a debug message when a "pong" is received
* Fixed introspection of
soup_message_headers_get_content_range() [Jasper St. Pierre]
* Replaced Vala [Deprecated] annotations with [Version] to
avoid build warnings [#773177, Evan Nemerson]
* MSVC build improvements (Chun-wei Fan)
* Updated error/message strings to use Unicode punctuation.
[#772217, Piotr Drąg]
* Updated translations:
Czech, Friulian, German, Hebrew, Hungarian,
Norwegian bokmål, Polish, Swedish
Changes in libsoup from 2.55.90 to 2.56.0:
* Added SoupWebsocketConnection:max-incoming-payload-size
property, to override the default maximum incoming payload
size. [#770022, Ignacio Casal Quinteiro]
* Added soup-version.h symbols (in particular
soup_check_version()) to introspection. [#771439, Rico
Tzschichholz]
* Updated the copy of the public suffix list used by SoupTLD
[#769650, Michael Catanzaro]
* Updated translations:
British English, Greek, Polish
Changes in libsoup from 2.54.1 to 2.55.90:
* Removed support for SSLv3 fallback; sites that reject TLS
1.x handshakes will now just fail with an error. (Firefox
and Chrome have both already switched to this behavior.)
[#765940, Dan Winship]
* Fixed the parsing of <double>s in the new GVariant-based
XMLRPC code. [#767707, Dan Winship]
* Fixed soup_server_set_ssl_cert_file(), which was added in
2.48 but didn't actually work... [patch on libsoup-list from
Sean DuBois]
* Added GObject properties to SoupLogger to make it
bindings-friendly. [#768053, Jonh Wendell]
* Fixed build error on FreeBSD [#765376, Ting-Wei Lan]
* Fixed build with certain new versions of glibc that define
"EOF" as a macro. [#768731, Philip Withnall]
* Updated m4/ax_code_coverage.m4 with support for lcov 1.12
[Philip Withnall]
* Updated po files for future gettext versions [Piotr Drąg]
* New/updated translations:
Occitan, Scottish Gaelic
Note: ABI issue
Changes in libsoup from 2.54.0.1 to 2.54.1:
* *** IMPORTANT ***
Fixed an ABI break in 2.54.0 caused by adding a member to
SoupAuthClass; 2.54.1 is ABI-compatible with 2.53.92 and
earlier, but NOT with the anomalous 2.54.0. If you built
packages against 2.54.0, you will need to rebuild them
against 2.54.1.
* Fixed NTLM authentication when ntlm_auth from the latest
version of Samba is present. [#765106, Milan Crha]
* Updates to MSVC build, including for GSS-API support
[Chun-wei Fan]
* Updated translations:
Friulian
