0.27.0:
- Fix licence: it is MIT, not BSD
- At least minimal support of SNI in httpslib.
- Small bugfixes and cleanups.
- More effort to make build system more robust (now should work even on
Debian LTS).
- Restore m2.rsa_set_e() and m2.rsa_set_n().
- Make sure that every exceptional return throws and exception and vice
versa.
nghttp2 v1.27.0
build: Fixed accidental compiler flags concatenation for MSVC
build: Reduce libxml2 version requirement to 2.6.26
asio: Support for Windows / MinGW
h2load: Print out h2 header fields with --verbose option
nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client only
Logbook is a logging system for Python that replaces the standard
library's logging module. It was designed with both complex and simple
applications in mind and the idea to make logging fun.
Packaged by Kamel Derouiche and improved/updated by wiz@ and me.
Changelog:
A fix for CVE-2017-12617.
Stricter validation of the HTTP Host header.
Add ExtractingRoot, a new WebResourceRoot implementation that extracts JARs to the work directory for improved performance when deploying packed WAR files.
Added support for the OpenSSL SSL_CONF API. To support this the minimum required Tomcat Native version is 1.2.14.
zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you cannot
recover from it, while on some versions it throws an exception.
Node.js will now gracefully set windowBits to 9 replicating the legacy
behavior to avoid a DOS vector.
zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you cannot
recover from it, while on some versions it throws an exception.
Node.js will now gracefully set windowBits to 9 replicating the legacy
behavior to avoid a DOS vector.
crypto:
- expose ECDH class
http2:
- http2 is now exposed by default without the need for a flag
- a new environment variable NODE_NO_HTTP2 has been added to allow
userland http2 to be required
- support has been added for generic Duplex streams
module:
- resolve and instantiate loader pipeline hooks have been added
to the ESM lifecycle
zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes
an error to be raised when a raw deflate stream is initialized
with windowBits set to 8. On some versions this crashes Node and
you cannot recover from it, while on some versions it throws an
exception. Node.js will now gracefully set windowBits to 9
replicating the legacy behavior to avoid a DOS vector.
Backport patches from upstream to address CVE-2017-14685, CVE-2017-14686,
CVE-2017-14687, CVE-2017-15369 and CVE-2017-15587.
These will not be needed for the next mupdf stable release.
Bump PKGREVISION.
don't mess with the declaration of tparm_solaris_kludge unnecessarily.
uwe thinks the non-variadic tparm is wrong (so might be broken for
solaris curses), but I'm not sure how to correct it.
PR pkg/52649
bump PKGREVISION
0.14:
* Fixed I201 error raising for cryptography style.
* Added I202 error when there is an additional newline in a section of
imports.
* Added ``ntpath`` and ``os2emxpath`` to stdlib list.
