This contains various bugfixes (hangs, excessive logging) related to SSL
protocol use.
There is no mention in release notes but please be advised that the client
appears to refuse to talk to servers running old versions due to protocol
incompatibility.
Changelog:
2015-05-22: Version 7.2.2. Check UTF-16 for invalid surrogate pairs.
Print system error and line number when UTF-16 conversion error occurs.
Bug fix: When conversion of an UTF-16 file with binary symbols was forced,
null characters were not written in the output.
Fixed symlink support on FreeBSD.
Pkgsrc changes: adapt PLIST; the healtcheck script moved
Upstream changes:
This release is a bug fix "mostly" release, back porting fixes
performed in master.
* Change: install healthcheck in bin
* Feature: Allow single line flow route requested by: Pavel Odintsov
* Feature: show route (extensive) can take a neighbor as parameter
requested by: jtkdpu
* Fix: Do shutdown when waiting for a new connection to a peer
* Fix: Bad ASN enconding when ASN4 is not negotiated reported by:
Orangefish on github
* Fix: Shutdown when waiting for a new outgoing connection to establish
* Fix: JSON counter reported by:
* Fix: JSON flow printing for source and destination
* Fix: Do not always locate exabgp.env reported by: Florian Obser
* Fix: Correctly drop root privileges reported by: Florian Obser
* Fix: validation of flow routes
* Fix: Python differences between Unix version breaking process forking
* Fix: Allow = with flowspec singleton reported by: Pavel Odintsov
* Fix: selfcheck feature
* Fix: do not refuse to parse multiple MP attributes in an update
* Fix: possible bug with attribute information due to caching
Changelog:
The Apache Tomcat Project is proud to announce the release of version
8.0.23 of Apache Tomcat. Apache Tomcat 8.0.23 includes a numerous fixes
for issues identified in 8.0.22 as well as a number of other enhancements
and changes. The notable changes since 8.0.22 include:
Fixed corruption issues with NIO2 and TLS
Added a workaround for SPNEGO authentication and a JRE regression in Java 8 update 40 onwards
Added the new HttpHeaderSecurityFilter
Changelog:
Tomcat 7.0.62 (violetagg)
Catalina
add Allow logging of the remote port in the access log using the format pattern %{remote}p. (rjung)
fix 57765: When checking last modified times as part of the automatic deployment process, account for the fact that File.lastModified() has a resolution of one second to ensure that if a file has been modified within the last second, the latest version of the file is always used. Note that a side-effect of this change is that files with modification times in the future are treated as if they are unmodified. (markt)
fix Align redeploy resource modification checking with reload modification checking so that now, in both cases, a change in modification time rather than an increase in modification time is used to determine if the resource has changed. (markt)
fix Cleanup o.a.tomcat.util.digester.Digester from debug messages that do not give any valuable information. Patch provided by Polina Genova. (violetagg)
fix 57772: When reloading a web application and a directory representing an expanded WAR needs to be deleted, delete the directory after the web application has been stopped rather than before to avoid potential ClassNotFoundExceptions. (markt)
fix 57801: Improve the error message in the start script in case the PID read from the PID file is already owned by a process. (rjung)
fix 57824: Correct a regression in the fix for 57252 that broke request listeners for non-async requests that triggered an error that was handled by the ErrorReportingValve. (markt/violetagg)
fix 57841: Improve error logging during web application start. (markt)
fix 57856: Ensure that any scheme/port changes implemented by the RemoteIpFilter also affect HttpServletResponse.sendRedirect(). (markt)
fix 57896: Support defensive copying of "cookie" header so that unescaping double quotes in a cookie value does not corrupt original value of "cookie" header. This is an opt-in feature, enabled by org.apache.tomcat.util.http.ServerCookie.PRESERVE_COOKIE_HEADER system property. (kkolinko)
Coyote
fix 57779: When an I/O error occurs on a non-container thread only dispatch to a container thread to handle the error if using Servlet 3+ asynchronous processing. This avoids potential deadlocks if an application is performing I/O on a non-container thread without using the Servlet 3+ asynchronous API. (markt)
fix 57833: When using JKS based keystores for NIO, ensure that the key alias is always converted to lower caes since that is what JKS key stores expect. Based on a patch by Santosh Giri Govind M. (markt)
fix 57837: Add text/css to the default list of compressable MIME types. (markt)
Jasper
fix 57845: Ensure that, if the same JSP is accessed directly and via a <jsp-file> declaration in web.xml, updates to the JSP are visible (subject to the normal rules on re-compilation) regardless of how the JSP is accessed. (markt)
fix 57855: Explicitly handle the case where a MethodExpression is invoked with null or the wrong number of parameters. Rather than failing with an ArrayIndexOutOfBoundsException or a NullPointerException throw an IllegalArgumentException with a useful error message. (markt)
Cluster
add Add new attribute that send all actions for session across Tomcat cluster nodes. (kfujino)
fix Remove unused pathname attribute in mbean definition of BackupManager. (kfujino)
fix 57338: Improve the ability of the ClusterSingleSignOn valve to handle nodes being added and removed from the Cluster at run time. (markt)
fix Avoid unnecessary call of DeltaRequest.addSessionListener() in non-primary nodes. (kfujino)
WebSocket
fix 57762: Ensure that the WebSocket client correctly detects when the connection to the server is dropped. (markt)
fix 57776: Revert the 8.0.21 fix for the permessage-deflate implementation and incorrect op-codes since the fix was unnecessary (the bug only affected trunk) and the fix broke rather than fixed permessage-deflate if an uncompressed message was converted into more than one compressed message. (markt)
fix Fix log name typo in WsRemoteEndpointImplServer class, caused by a copy-paste. (markt/kkolinko)
fix 57788: Avoid NPE when looking up a class hierarchy without finding anything. (remm)
Web applications
add 57759: Add information to the keyAlias documentation to make it clear that the order keys are read from the keystore is implementation dependent. (markt)
fix 57864: Update the documentation web application to make it clearer that hex values are not valid for cluster send options. Based on a patch by Kyohei Nakamura. (markt)
Tribes
fix Fix a concurrency issue when a backup message that has all session data and a backup message that has diff data are processing at the same time. This fix ensures that MapOwner is set to ReplicatedMapEntry. (kfujino)
fix Clarify the handling of Copy message and Copy nodes. (kfujino)
fix Copy node does not need to send the entry data. It is enough to send only the node information of the entry. (kfujino)
fix ReplicatedMap should send the Copy message when replicating. (kfujino)
fix Fix behavior of ReplicatedMap when member has disappeared. If map entrprimary, rebuild the backup members. If primary node of map entry has disappeared, backup node is promoted to primary. (kfujino)
fix When a map member has been added to ReplicatedMap, make sure to add it to backup nodes list of all other members.
LGOGDownloader 2.23
- Option to show wishlist is no longer saved to config file
- Added simple login check as a fallback to current complex HTTP login check
* This fallback method should work even if GOG changes the site layout as long as account page location remains the same
- Fixed error with login when cookies didn't exist but API login worked because config.cfg contained valid secret and token
LGOGDownloader 2.22
- Added option to download files by using file id
* --download-file "gamename/fileid"
- Fixed multiple DLCs when using cache (patch by: Ismo Toijala)
- Made progressbar display 10 second average download speed instead of average for the whole download
- Added support for new account page layout
- Added --wishlist option to show wishlist
- Makefile change: "make install" will now install debug build if it has been built
Add support for monitors and fixes requires on libX11.
Keith Packard (2):
libXrandr: Clean up compiler warnings
Add monitors, update to version 1.5 (v2)
Michael Joost (1):
Remove fallback for _XEatDataWords, require libX11 1.6 for it
* Fix: deadlock when thread join is issued in read-side C.S.
* Fix: rename RCU_DEBUG to DEBUG_RCU in urcu-qsbr.h
* Mark braced-groups within expressions with __extension__
* Fix: compat_futex_noasync race condition
* Fix: documentation: urcu-pointer.h: s/rcu_dereference_pointer/rcu_dereference/
* Fix: call rcu should call internal RCU API
Changelog:
Fixed in Thunderbird 31.7
2015-57 Privilege escalation through IPC channel messages
2015-54 Buffer overflow when parsing compressed XML
2015-51 Use-after-free during text processing with vertical text enabled
2015-48 Buffer overflow with SVG content and CSS
2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer
2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
Changelog:
Fixed in Firefox ESR 31.7
2015-57 Privilege escalation through IPC channel messages
2015-54 Buffer overflow when parsing compressed XML
2015-51 Use-after-free during text processing with vertical text enabled
2015-48 Buffer overflow with SVG content and CSS
2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer
2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
