Changelog picked from https://notabug.org/guile-sqlite3/guile-sqlite3/releases
0.1.2:
Allow sqlite-finalize to be called twice on the same statement.
0.1.1:
sqlite-finalize: Reset statement when called on cached statement.
Fix memory management of retrieved blob values.
Remove some patches that would get voting rights soon.
Remove support for NetBSD 1.5.
pkglint cleanup.
XXX: someone should send the remaining patches upstream.
Mutt 1.14.4 was released on June 18, 2020. This is an important
bug-fix release. It fixes a possible machine-in-the-middle response
injection attack when using STARTTLS with IMAP, POP3, and SMTP
(CVE-2020-14954).
Mutt 1.14.3 was released on June 14, 2020. This is an important
bug-fix release. It fixes a possible IMAP fcc/postpone
machine-in-the-middle attack (CVE-2020-14093). It also fixes some
GnuTLS certificate prompt issues.
Mutt 1.14.2 was released on May 25, 2020. This is a bug-fix release,
fixing a few prompt buffer-size issues and adding a potential DoS
mitigation.
Mutt 1.14.1 was released on May 16, 2020. This is a bug-fix release,
fixing a documentation build issue and a few other small bugs.
Mutt 1.14.0 was released on May 2, 2020. This release has new
features and bug fixes. See the UPDATING file, or for more details
see the release notes page.
2020-06-19 Richard Russon <rich@flatcap.org>
* Security
- Abort GnuTLS certificate check if a cert in the chain is rejected
- TLS: clear data after a starttls acknowledgement
- Prevent possible IMAP MITM via PREAUTH response
* Features
- add config operations +=/-= for number,long
- Address book has a comment field
- Query menu has a comment field
* Contrib
- sample.neomuttrc-starter: Do not echo promted password
* Bug Fixes
- make "news://" and "nntp://" schemes interchangeable
- Fix CRLF to LF conversion in base64 decoding
- Double comma in query
- compose: fix redraw after history
- Crash inside empty query menu
- mmdf: fix creating new mailbox
- mh: fix creating new mailbox
- mbox: error out when an mbox/mmdf is a pipe
- Fix list-reply by correct parsing of List-Post headers
- Decode references according to RFC2047
- fix tagged message count
- hcache: fix keylen not being considered when building the full key
- sidebar: fix path comparison
- Don't mess with the original pattern when running IMAP searches
- Handle IMAP "NO" resps by issuing a msg instead of failing badly
- imap: use the connection delimiter if provided
- Memory leaks
* Changed Config
- `$alias_format` default changed to include `%c` comment
- `$query_format` default changed to include `%e` extra info
* Translations
- 100% Lithuanian
- 84% French
- Log the translation in use
* Docs
- Add missing commands unbind, unmacro to man pages
* Build
- Check size of long using `LONG_MAX` instead of `__WORDSIZE`
- Allow ./configure to not record cflags
- fix out-of-tree build
- Avoid locating gdbm symbols in qdbm library
* Code
- Refactor unsafe TAILQ returns
- add window notifications
- flip negative ifs
- Update to latest acutest.h
- test: add store tests
- test: add compression tests
- graphviz: email
- make more opcode info available
- refactor: `main_change_folder()`
- refactor: `mutt_mailbox_next()`
- refactor: `generate_body()`
- compress: add `{min,max}_level` to ComprOps
- emphasise empty loops: "// do nothing"
- prex: convert `is_from()` to use regex
- Refactor IMAP's search routines
2020-05-01 Richard Russon <rich@flatcap.org>
* Bug Fixes
- Make sure buffers are initialized on error
- fix(sidebar): use abbreviated path if possible
* Translations
- 100% Lithuanian
* Docs
- make header cache config more explicit
The hts_engine API is an API version of hts_engine which has been released
since HTS version 1.1. It has been being developed by the HTS working group
and some graduate students in Nagoya Institute of Technology.
Packaging changes: depend on protobuf-c and json-c
PostGIS 3.0.1
2020/02/20
* Breaking Changes *
- #4637 svn number replaced by git hash in version output
(Sandro Santilli, Regina Obe, Bas Couwenberg)
* New Features *
- #4617, Add configure switch `--without-phony-revision` (Raúl Marín)
Use to prevent postgis_revision.h from rebuilding
(when building from tar ball) and building in a gitted folder.
* Bug Fixes and Enhancements *
[many, see NEWS]
PostGIS 3.0.0
2019/10/20
This version requires PostgreSQL 9.5+-12 and GEOS >= 3.6+
Additional features enabled if you are running Proj6+, PostgreSQL 12
and GEOS 3.8.0
* Breaking Changes *
- #4267, Bump minimum GEOS version to 3.6 (Regina Obe, Darafei Praliaskouski)
- #3888, Raster support now available as a separate extension
(Sandro Santilli)
- #3807, Extension library files no longer include the minor version.
Use New configure switch --with-library-minor-version
if you need the old behavior (Regina Obe)
- #4230, ND box operators (overlaps, contains, within, equals) now
don't look on dimensions that aren't present in both operands.
Please REINDEX your ND indexes after upgrade. (Darafei Praliaskouski)
- #4229, Dropped support for PostgreSQL < 9.5. (Darafei Praliaskouski)
- #4260, liblwgeom headers are not installed anymore.
If your project depends on them available, please use
librttopo instead. (Darafei Praliaskouski)
- #4258, Remove SFCGAL support for ST_Area, ST_Distance, ST_Intersection,
ST_Difference, ST_Union, ST_Intersects, ST_3DIntersects, ST_3DDistance
and postgis.backend switch (Darafei Praliaskouski)
- #4267, Enable Proj 6 deprecated APIs (Darafei Praliaskouski, Raúl Marín)
- #4268, Bump minimum SFCGAL version to 1.3.1 (Darafei Praliaskouski)
- #4331, ST_3DMakeBox now returns error instead of a miniscule box (Regina Obe)
- #4342, Removed "versioned" variants of ST_AsGeoJSON and ST_AsKML (Paul Ramsey)
- #4356, ST_Accum removed. Use array_agg instead. (Darafei Praliaskouski)
- #4414, Include version number in address_standardizer lib (Raúl Marín)
- #4334, Fix upgrade issues related to renamed function parameters (Raúl Marín)
- #4442, raster2pgsql now skips NODATA tiles. Use -k option if you still want
them in database for some reason. (Darafei Praliaskouski)
- #4433, 32-bit hash fix (requires reindexing hash(geometry) indexes) (Raúl Marín)
- #3383, Sorting now uses Hilbert curve and Postgres Abbreviated Compare.
You need to REINDEX your btree indexes if you had them.
(Darafei Praliaskouski)
* New Features *
- #2902, postgis_geos_noop (Sandro Santilli)
- #4128, ST_AsMVT support for Feature ID (Stepan Kuzmin)
- #4230, SP-GiST and GiST support for ND box operators overlaps, contains,
within, equals (Esteban Zimányi and Arthur Lesuisse from Université
Libre de Bruxelles (ULB), Darafei Praliaskouski)
- #4171, ST_3DLineInterpolatePoint (Julien Cabieces, Vincent Mora)
- #4311, Introduce WAGYU to validate MVT polygons. This option requires a C++11
compiler and will use CXXFLAGS (not CFLAGS). Add `--without-wagyu`
to disable this option and keep the behaviour from 2.5 (Raúl Marín)
- #1833, ST_AsGeoJSON(row) generates full GeoJSON Features (Joe Conway)
- #3687, Casts json(geometry) and jsonb(geometry) for implicit GeoJSON
generation (Paul Ramsey)
- #4198, Add ST_ConstrainedDelaunayTriangles SFCGAL function (Darafei
Praliaskouski)
* Enhancements *
- #4322, Support for Proj 6+ API, bringing more accurate datum transforms
and support for WKT projections
[many more; see NEWS]
Changes since 2.2.1:
OPDS catalogs:
* Catalogs are now opened in the main library window (#403)
* View current location
* Go to catalog start page
* Reload catalog
* Add current feed to catalogs
* HTTP authentication support (#421)
Other changes:
* Fixed unique identifier extraction for FictionBook (.fb2, .fb2.zip)
files (#462)
* Fixed newlines being ignored when copying text (#463)
* "Turn page on tap" is now disabled in non-paginated layouts (#464)
* Opening a book from the library view now closes the library window (#446)
* Language and publication dates in metadata are now parsed and formatted
* Export annotations from the library view
Technical changes:
* New optional dependency iso-codes (>= 3.67), which provides display
names for languages and regions. It is highly recommended to install
this dependency.
* Flag emojis are now displayed for books whose language property contains
a country/region code. For the best experience, an emoji font should be
installed.
The package textproc/hs-cgrep does not install a Haskell library. This
was unexpected to mk/haskell.mk, which generated an obviously wrong PLIST
file for that package, and for 3 other packages.
Noticed by wiz.
Firefox Decrypt is a tool to extract passwords from profiles of
Mozilla (Fire/Water)fox, Thunderbird, SeaMonkey, and some derivates.
It can be used to recover passwords from a profile protected by a
Master Password as long as the latter is known. If a profile is
not protected by a Master Password, a password will still be
requested but can be left blank.
This tool does not try to crack or brute-force the Master Password
in any way. If the Master Password is not known it will simply fail
to recover any data.
Changes:
8.2.0684 Vim9: memory leak when using lambda
8.2.0685 Build failure
8.2.0686 formatoptions not sufficiently tested
8.2.0687 some tests do not work on FreeBSD
8.2.0688 output clobbered if setting 'verbose' to see shell commands
8.2.0689 when using getaddrinfo() the error message is unclear
8.2.0690 line number of option set by modeline is wrong
8.2.0691 startup test fails
8.2.0692 startup test fails on MS-Windows
8.2.0693 closure using argument not tested
8.2.0694 Haiku: channel and terminal do not work
8.2.0695 Vim9: cannot define a function inside a function
8.2.0696 Vim9: nested function does not work properly
8.2.0697 Vim9: memory leak when using nested function
8.2.0698 insert mode completion not fully tested
8.2.0699 Vim9: not all errors tested
8.2.0700 Vim9: converting error message to exception not tested
8.2.0701 Vim9 test fails without job feature
8.2.0702 running channel tests may leave running process behind
8.2.0703 Vim9: closure cannot store value in outer context
8.2.0704 Vim9: memory leak in disassemble test
8.2.0705 indent tests don't run on CI for FreeBSD
8.2.0706 Vim9: using assert_fails() causes function to finish
8.2.0707 Vim9 function test fails
8.2.0708 Vim9: constant expressions are not simplified
8.2.0709 MS-Windows: compiler warning for int vs size_t
8.2.0710 Netbeans test sometimes fails
8.2.0711 temp directory might be cleared
8.2.0712 various code not fully tested
8.2.0713 the pam_environment file is not recognized
8.2.0714 Vim9: handling constant expression does not scale
8.2.0715 Vim9: leaking memory
8.2.0716 Vim9: another memory leak
8.2.0717 Vim9: postponed constant expressions does not scale
8.2.0718 gcc warning for returning pointer to local variable
8.2.0719 Vim9: more expressions can be evaluated at compile time
8.2.0720 occasional exit when encountering an X error
8.2.0721 Vim9: leaking memory when skipping
8.2.0722 Vim9: not handling constant expression for elseif
8.2.0723 Vim9: nested constant expression not evaluated compile time
8.2.0724 Vim9: appending to buffer/window/tab variable not tested
8.2.0725 Vim9: cannot call a function declared later in Vim9 script
8.2.0726 Vim9: leaking memory when calling not compiled :def function
8.2.0727 MS-Windows: new gcc compiler does not support scanf format
8.2.0728 messages about a deadly signal are not left aligned
8.2.0729 Vim9: When reloading a script variables are not cleared
8.2.0730 Vim9: Assignment to dict member does not work
8.2.0731 Vim9: parsing declarations continues after :finish
8.2.0732 Vim9: storing value in dict messes up stack
8.2.0733 Vim9: assigning to dict or list argument does not work
8.2.0734 Vim9: leaking memory when using :finish
8.2.0735 Vim9: using unitialized memory
8.2.0736 some files not recognized as pamenv
8.2.0737 when shell doesn't support CTRL-Z Vim still handles it
8.2.0738 mouse handling in a terminal window not well tested
8.2.0739 incomplete profiling when exiting because of a deadly signal
8.2.0740 minor message mistakes
8.2.0741 Python tests fail because of changed message
8.2.0742 handling of a TERM signal not tested
8.2.0743 can move to another buffer from a terminal in popup window
8.2.0744 the name vim is not capitalized in a message
8.2.0745 crash on exit when not all popups are closed
8.2.0746 popup_clear() hangs when a popup can't be closed
8.2.0747 cannot forcefully close all popups
8.2.0748 cannot get a list of all popups
8.2.0749 TERM signal test fails on FreeBSD
8.2.0750 netbeans test is a bit flaky
8.2.0751 Vim9: performance can be improved
8.2.0752 terminal in popup window test is a bit flaky
8.2.0753 Vim9: expressions are evaluated in the discovery phase
8.2.0754 Vim9: No test for forward declaration
8.2.0755 Vim9: No error when variable initializer is not a constant
8.2.0756 MS-Windows: still a compiler warning
8.2.0757 Vim9: no test for MEMBER instruction
8.2.0758 Vim9: no test for STORELIST and STOREDICT
8.2.0759 Vim9: missing changes for performance improvements
8.2.0760 Vim9: dict member errors not tested
8.2.0761 Vim9: instructions not tested
8.2.0762 buffer is not considered modified after setting crypt key
8.2.0763 GUI test fails without the terminal feature
8.2.0764 Vim9: assigning to option not fully tested
8.2.0765 In the GUI can't use all the modifiers.
8.2.0766 display error when using 'number' and 'breakindent'
8.2.0767 modifyOtherKeys active when using a shell command in autocmd
8.2.0768 Vim9: memory leak in script test
8.2.0769 VimLeavePre not triggered when Vim is terminated
8.2.0770 cannot map CTRL-B when using the GUI
8.2.0771 Vim9: cannot call a compiled closure from not compiled code
8.2.0772 Vim9: some variable initializations not tested
8.2.0773 switching to raw mode every time ":" is used
8.2.0774 t_TI and t_TE are output when using 'visualbell'
8.2.0775 not easy to call a Vim function from Lua
8.2.0776 libvterm code lags behind the upstream version
8.2.0777 terminal test fails
8.2.0778 libvterm code lags behind the upstream version
8.2.0779 tmode_T not used everywhere
8.2.0780 libvterm code lags behind the upstream version
8.2.0781 compiler warning for not using value in Lua
8.2.0782 cannot build with Lua on MS-Windows
8.2.0783 libvterm code lags behind the upstream version
8.2.0784 libvterm code lags behind the upstream version
8.2.0785 libvterm code lags behind the upstream version
8.2.0786 channel test is flaky on FreeBSD
8.2.0787 libvterm code lags behind the upstream version
8.2.0788 memory leak in libvterm
8.2.0789 Vim9: expression testing lost coverage using constants
8.2.0790 Vim9: list index not well tested
8.2.0791 a second popup window with terminal causes trouble
8.2.0792 build failure with small features
8.2.0793 MS-Windows: cannot build GUI with small features
8.2.0794 libvterm code lags behind the upstream version
8.2.0795 libvterm code lags behind the upstream version
8.2.0796 MS-Windows: compiler can't handle C99 construct in libvterm
8.2.0797 MS-Windows: compiler still can't handle C99 construct
8.2.0798 libvterm code lags behind the upstream version
8.2.0799 build fails if snprintf is not available
8.2.0800 errors from failing test are unclear
8.2.0801 terminal test fails on Mac
8.2.0802 libvterm code lags behind the upstream version
8.2.0803 libvterm code lags behind the upstream version
8.2.0804 libvterm code lags behind the upstream version
8.2.0805 terminal key codes test fails on some systems
8.2.0806 using "func!" after vim9script gives confusing error
8.2.0807 cannot easily restore a mapping
8.2.0808 not enough testing for the terminal window
8.2.0809 build failure with small features
8.2.0810 error when appending "tagfile" to 'wildoptions'
8.2.0811 terminal keycode test is flaky
8.2.0812 mapset() does not properly handle &lt;&gt; notation
8.2.0813 libvterm code is slightly different from upstream
8.2.0814 clang warning for implicit conversion
8.2.0815 maparg() does not provide enough information for mapset()
8.2.0816 terminal test fails when compiled with Athena
8.2.0817 not enough memory allocated when converting string
8.2.0818 Vim9: using a discovery phase doesn't work well
8.2.0819 compiler warning for unused variable
8.2.0820 Vim9: function type isn't set until compiled
8.2.0821 Vim9: memory leak in expr test
8.2.0822 Vim9: code left over from discovery phase
8.2.0823 Vim9: script reload test is disabled
8.2.0824 still not enough memory allocated when converting string
8.2.0825 def_function() may return pointer that was freed
8.2.0826 Vim9: crash in :defcompile
8.2.0827 Vim9: crash in :defcompile
8.2.0828 Travis: regexp patttern doesn't work everywhere
8.2.0829 filter() may give misleading error message
8.2.0830 Motif: can't map "!"
8.2.0831 compiler warnings for integer sizes
8.2.0832 compiler warning for uninitialized variable
8.2.0833 mapping &lt;C-bslash&gt; doesn't work in the GUI
8.2.0834 :drop command in terminal popup causes problems
8.2.0835 Motif: mapping &lt;C-bslash&gt; still doesn't work
8.2.0836 not all :cdo output is visible
8.2.0837 compiler warning for value set but not used
8.2.0838 MS-Windows: compiler warning for uninitialized variables
8.2.0839 dropping modifier when putting a character back in typeahead
8.2.0840 search match count wrong when only match is in fold
8.2.0841 'verbose' value 16 causes duplicate output
8.2.0842 MS-Windows: channel tests fail
8.2.0843 filetype elm not detected
8.2.0844 text properties crossing lines not handled correctly
8.2.0845 text properties crossing lines not handled correctly
8.2.0846 build failure with small features
8.2.0847 typval related code is spread out
8.2.0848 MS-Windows: the Windows terminal code has some flaws
8.2.0849 BeOS code is not maintained and probably unused
8.2.0850 MS-Windows: exepath() works different from cmd.exe
8.2.0851 can't distinguish &lt;M-a&gt; from accented "a" in the GUI
8.2.0852 cannot map CTRL-S on some systems
8.2.0853 ml_delete() often called with FALSE argument
8.2.0854 xxd cannot show offset as a decimal number
8.2.0855 GUI tests fail because the test doesn't use a modifier
8.2.0856 CTRL-S stops output
8.2.0857 GTK cell height can be a pixel too much
8.2.0858 not easy to require Lua modules
8.2.0859 no Turkish translation of the manual
8.2.0860 cannot use CTRL-A and CTRL-X on unsigned numbers
8.2.0861 cannot easily get all the current marks
8.2.0862 ":term ++curwin" makes the current buffer hidden
8.2.0863 cannot set a separate color for underline/undercurl
8.2.0864 pragmas are indented all the way to the left
8.2.0865 syntax foldlevel is taken from the start of the line
8.2.0866 not enough tests for buffer writing
8.2.0867 using \{xxx} for encoding a modifier is not nice
8.2.0868 trim() always trims both ends
8.2.0869 it is not possible to customize the quickfix window contents
8.2.0870 MS-Windows: Control keys don't work in the GUI
8.2.0871 cannot use getmarklist() as a method
8.2.0872 XIM code is mixed with multi-byte code
8.2.0873 a .jl file can be sawfish (lisp) or Julia
8.2.0874 signals test is a bit flaky
8.2.0875 getting attributes for directory entries is slow
8.2.0876 :pwd does not give a hint about the scope of the directory
8.2.0877 cannot get the search statistics
8.2.0878 no reduce() function
8.2.0879 compiler warning for unused function argument
8.2.0880 leaking memory when using searchcount()
8.2.0881 compiler warning for argument type
8.2.0882 leaking memory when using reduce()
8.2.0883 memory leak in test 49
8.2.0884 searchcount() test fails on slower systems
8.2.0885 "make shadow" does not link new lua test dir
8.2.0886 cannot use octal numbers in scriptversion 4
8.2.0887 searchcount().exact_match is 1 right after a match
8.2.0888 readdirex() returns size -2 for a directory
8.2.0889 using old style comments
8.2.0890 no color in terminal window when 'termguicolor' is set
8.2.0891 clang warns for invalid conversion
8.2.0892 ubsan warns for undefined behavior
8.2.0893 assert_equalfile() does not take a third argument
8.2.0894 :mkspell can take very long if the word count is high
8.2.0895 :mkspell output does not mention the tree type
8.2.0896 crash when calling searchcount() with a string
8.2.0897 list of functions in patched version is outdated
8.2.0898 missing help for a function goes unnoticed
8.2.0899 assert_equalfile() does not give a hint about the difference
8.2.0900 function list test fails on MS-Windows
8.2.0901 formatting CJK text isn't optimal
8.2.0902 using searchcount() in 'statusline' causes an error
8.2.0903 comparing WINVER does not work correctly
8.2.0904 assuming modifyOtherKeys for rhs of mapping
8.2.0905 test coverage could be better
8.2.0906 when setting 'termguicolors' SpellBad is no longer red
8.2.0907 when using :global clipboard isn't set correctly
8.2.0908 crash when changing the function table while listing it
8.2.0909 cannot go back to the previous local directory
8.2.0910 Vim is not reproducibly buildable
8.2.0911 crash when opening a buffer for the cmdline window fails
8.2.0912 a few test cases for CJK formatting are disabled
8.2.0913 code for resetting v:register is duplicated
8.2.0914 MS-Windows: cannot specify a "modified by" text
8.2.0915 search() cannot skip over matches like searchpair() can
8.2.0916 mapping with partly modifyOtherKeys code does not work
8.2.0917 quickfix entries do not suport a "note" type
8.2.0918 duplicate code for evaluating expression argument
8.2.0919 merging modifier for modifyOtherKeys is done twice
8.2.0920 writing viminfo fails with a circular reference
8.2.0921 CTRL-W T in cmdline window causes trouble
8.2.0922 search test fails
8.2.0923 cmdline test is slow
8.2.0924 cannot save and restore a register properly
8.2.0925 getcompletion() does not return command line arguments
8.2.0926 cmdline test fails on Appveyor
8.2.0927 some sshconfig and ssdhconfig files are not recognized
8.2.0928 many type casts are used for vim_strnsave()
8.2.0929 v:register is not cleared after an operator was executed
8.2.0930 script filetype detection trips over env -S argument
8.2.0931 some remarks about BeOS remain
8.2.0932 missspelling spelllang
8.2.0933 'quickfixtextfunc' does not get window ID of location list
8.2.0934 lhelpgrep twice in help window doesn't jump to the help topic
8.2.0935 flattening a list with existing code is slow
8.2.0936 some terminals misinterpret the code for getting cursor style
8.2.0937 asan failure in the flatten() test
8.2.0938 NFA regexp uses tolower ()to compare ignore-case
8.2.0939 checking for term escape sequences is long and confusing
8.2.0940 build failure with tiny features
8.2.0941 detecting terminal properties is unstructured
8.2.0942 expanding to local dir after homedir keeps "~/"
8.2.0943 displaying ^M or ^J depends on current buffer
8.2.0944 xxd test leaves file behind
8.2.0945 cannot use "z=" when 'spell' is off
8.2.0946 cannot use "q" to cancel a number prompt
8.2.0947 readdirex() doesn't handle broken link properly
8.2.0948 spell test fails
8.2.0949 strptime() does not use DST
8.2.0950 tagjump test fails
8.2.0951 search stat test has leftover from debugging
8.2.0952 no simple way to interrupt Vim
8.2.0953 spell checking doesn't work for CamelCased words
8.2.0954 not all desktop files are recognized
8.2.0955 build fails
8.2.0956 spell test fails
8.2.0957 compiler warning for uninitialized variable
8.2.0958 not sufficient testing for buffer writing
8.2.0959 using 'quickfixtextfunc' is a bit slow
8.2.0960 cannot use :import in legacy Vim script
8.2.0961 MS-Windows: no completion for locales
8.2.0962 terminal test sometimes hangs on Travis
8.2.0963 number increment/decrement does not work with 'virtualedit'
8.2.0964 TextYankPost does not provide info about Visual selection
8.2.0965 has_funcundefined() is not used
8.2.0966 'shortmess' flag "n" not used in two places
8.2.0967 unnecessary type casts for vim_strnsave()
8.2.0968 no proper testing of the 'cpoptions' flags
8.2.0969 assert_equal() output for dicts is hard to figure out
8.2.0970 terminal properties are not available in Vim script
8.2.0971 build with tiny features fails
8.2.0972 Vim9 script variable declarations need a type
8.2.0973 Vim9: type is not checked when assigning to a script variable
8.2.0974 Vim9: memory leak when script var has wrong type
8.2.0975 Vim9: script variable does not accept optional s: prefix
8.2.0976 some 'cpoptions' not tested
8.2.0977 t_8u is made empty for the wrong terminals
8.2.0978 leaking memory in termcodes test
8.2.0979 a couple of screendump tests fail
8.2.0980 raku file extension not recognized
8.2.0981 Vim9: cannot compile "[var, var] = list"
8.2.0982 insufficient testing for reading/writing files
8.2.0983 SConstruct file type not recognized
8.2.0984 not using previous window when closing a shell popup window
8.2.0985 simplify() does not remove slashes from "///path"
8.2.0986 MS-Windows: functions test fails
8.2.0987 Vim9: cannot assign to [var; var]
8.2.0988 getting directory contents is always case sorted
8.2.0989 crash after resizing a terminal window
8.2.0990 Using duplicate error number
8.2.0991 cannot get window type for autocmd and preview window
8.2.0992 Vim9: crash when using :import in the Vim command
8.2.0993 Vim9 script test fails with normal features
8.2.0994 Vim9: missing function causes compilation error
8.2.0995 insufficient testing for the readdir() sort option
8.2.0996 using "aucmdwin" in win_gettype() is not ideal
8.2.0997 cannot execute a register containing line continuation
8.2.0998 not all tag code is tested
8.2.0999 moving to next sentence gets stuck on quote
8.2.1000 get error when leaving Ex mode with :visual
8.2.1001 Vim9: crash with nested "if" and assignment
8.2.1002 test may fail when run directly
8.2.1003 Vim9: return type of sort() is too generic
8.2.1004 line numbers below filler lines not always updated
8.2.1005 Vim9: using TRUE/FALSE/MAYBE for ctx_skip is confusing
8.2.1006 Vim9: require unnecessary return statement
8.2.1007 completion doesn't work after ":r ++arg !"
8.2.1008 Vim9: no test for disassambling newly added instructions
8.2.1009 Vim9: some failures not checked for
8.2.1010 build failure in libvterm with debug enabled
8.2.1011 Vim9: some code not tested
8.2.1012 Vim9: cannot declare single character script variables
8.2.1013 channel tests can be a bit flaky
8.2.1014 using "name" for a string result is confusing
8.2.1015 popup filter gets key with modifier prepended
8.2.1016 Vim9: test fails when channel feature is missing
8.2.1017 Appveyor output doesn't show MinGW console features
8.2.1018 typo in enum value
8.2.1019 mapping &lt;M-S-a&gt; does not work in the GUI
8.2.1020 popupwin test fails in the GUI
8.2.1021 Ruby interface not tested enough
8.2.1022 various parts of code not covered by tests
8.2.1023 Vim9: redefining a function uses a new index every time
8.2.1024 Vim9: no error for using "let g:var = val"
8.2.1025 tabpage menu and tabline not sufficiently tested
8.2.1026 Vim9: cannot break the line after "-&gt;"
8.2.1027 GUI: multi-byte characters do not work in a terminal
8.2.1028 Vim9: no error for declaring buffer, window, etc. variable
8.2.1029 Vim9: cannot chain function calls with -&gt; at line start
8.2.1030 reducing size of a terminal window may cause a crash
8.2.1031 build failure with Perl5.32
8.2.1032 error message for declaring a variable cannot be translated
8.2.1033 not easy to read the test time in the test output
Changes:
WordPress versions 5.4 and earlier are affected by the following bugs, which are fixed in version 5.4.2. If you haven’t yet updated to 5.4, there are also updated versions of 5.3 and earlier that fix the security issues.
- Props to Sam Thomas (jazzy2fives) for finding an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor.
- Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
- Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
- Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads.
- Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation.
- Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions.
Thank you to all of the reporters for privately disclosing the vulnerabilities. This gave the security team time to fix the vulnerabilities before WordPress sites could be attacked.
More details on https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/
Also put misc pkgsrc tweaks:
- Disable SPECIAL_PERMS for mlterm. It was required for utmp support
only on ancient systems that have none of pututxline(3), setutent(3),
or addToUtmp(3) but have to use logwtmp(3) or open system's _PATH_UTMP
or _PATH_WTMP file directly to update utmp entries, but no easy way
to statically identify them per OS and version basis.
- Add hacks.mk to avoid gcc SIGSEGV on NetBSD/sh3 9.0 (PR/55265)
- Appease several pkglint warnings/errors.
Bump PKGREVISION.
Update durpal8 to latest 8.x release, 8.9.1.
pkgsrc change: update PHP support to 7.3.x and 7.4.x.
Changes from 8.7.14 are too many to write here.
Please refer <https://www.drupal.org/project/drupal/releases/> for
each release.
Update php-ja-wordpress to 5.4.2
pkgsrc changes: clean up Makefile a little.
Quote from release document but omit maintenance updates for 5.4.1 and
later.
5.3.2 (2019-12-18)
Maintenance updates
- Date/Time: Ensure that get_feed_build_date() correctly handles a modified
post object with invalid date.
- Uploads: Fix file name collision in wp_unique_filename() when uploading a
file with upper case extension on non case-sensitive file systems.
- Media: Fix PHP warnings in wp_unique_filename() when the destination
directory is unreadable.
- Administration: Fix the colors in all color schemes for buttons with the
.active class.
- Tests/build tools: In wp_insert_post(), when checking the post date to set
future or publish status, use a proper delta comparison.
5.4 (2020-03-31)
Too much to include here, visit
https://wordpress.org/support/wordpress-version/version-5-4/
5.4.1 (2020-04-29)5.4
Six security issues affect WordPress versions 5.4 and earlier; version 5.4.1
fixes them, so you'll want to upgrade. If you haven't yet updated to 5.4,
there are also updated versions of 5.3 and earlier that fix the security
issues.
- Props to Muaz Bin Abdus Sattar and Jannes who both independently reported
an issue where password reset tokens were not properly invalidated
- Props to ka1n4t for finding an issue where certain private posts can be
viewed unauthenticated
- Props to Evan Ricafort for discovering an XSS issue in the Customizer
- Props to Ben Bidner from the WordPress Security Team who discovered an XSS
issue in the search block
- Props to Nick Daugherty from WPVIP.com / WordPress Security Team who
discovered an XSS issue in wp-object-cache
- Props to Ronnie Goodrich (Kahoots) and Jason Medeiros who independently
reported an XSS issue in file uploads.
- Additionally, an authenticated XSS issue in the block editor was
discovered by Nguyen the Duc in WordPress 5.4 RC1 and RC2. It was fixed in
5.4 RC5. We wanted to be sure to give credit and thank them for all of
their work in making WordPress more secure.
5.4.2 (2020-06-10)
Security Updates
WordPress versions 5.4 and earlier are affected by the following bugs, which
are fixed in version 5.4.2. If you haven't yet updated to 5.4, there are
also updated versions of 5.3 and earlier that fix the security issues.
- Props to Sam Thomas (jazzy2fives) for finding an XSS issue where
authenticated users with low privileges are able to add JavaScript to
posts in the block editor.
- Props to Luigi - (gubello.me) for discovering an XSS issue where
authenticated users with upload permissions are able to add JavaScript to
media files.
- Props to Ben Bidner of the WordPress Security Team for finding an open
redirect issue in wp_validate_redirect().
- Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme
uploads.
- Props to Simon Scannell of RIPS Technologies for finding an issue where
set-screen-option can be misused by plugins leading to privilege
escalation.
- Props to Carolina Nymark for discovering an issue where comments from
password-protected posts and pages could be displayed under certain
conditions.
Update ruby-sshkey to 2.0.0.
pkgsrc change: add "USE_LANGUAGES= # none".
2.0.0 (2019-02-11)
* Breaking Change: Drop support for Ruby 1.9
* Feature: Accept valid ed25519 keys with leading zero byte (#37)
* Feature: Support sshfp (#30)
05/20/2020 Version 4.3.3
- Increase cache buffers size to accomodate VLAN edits (#594)
- Correct L2 header length to correct IP header offset (#583)
- Fix warnings from gcc version 10 (#580)
- Heap Buffer Overflow in randomize_iparp (#579)
- Use after free in get_ipv6_next (#578)
- Heap Buffer Overflow in git_ipv6_next (#576)
- Call pcap_freecode() on pcap_compile() (#572)
- Increase max snaplen to 262144 (#571)
- Fix divide by zero in fuzzing (#570)
- Unique IP repeats at very high iteration counts (#566)
- Fails to compile on FreeBSD amd64 13.0 (#558)
- Heap Buffer Overflow in do_checksum (#556) (#577)
- Attempt to correct corrupt pcap files, if possible (#557)
- Fix GCC v10 warnings (#555)
- Remove some duplicated SOURCES entries (#551)
- Expand /dev/bpfX hard limit to fix macOS Mojave (#550)
- Implement --loopdelay-ms when using --loop=0 (#546)
- Heap overflow packet2tree and get_l2len (#530)
03/12/2019 Version 4.3.2
- CVE-2019-8381 memory access in do_checksum() (#538)
- CVE-2019-8376 NULL pointer dereference get_layer4_v6() (#537)
- CVE-2019-8377 NULL pointer dereference get_ipv6_l4proto() (#536)
- Rename Ethereal to Wireshark (#545)
12/27/2018 Version 4.3.1
- Fix checkspell detected typos (#531)
11/10/2018 Version 4.3.0
- Fix maxOS TOS checksum failure (#524)
- TCP sequence edits seeding (#514)
- Fix issues identifed by Codacy (#493)
- CVE-2018-18408 use-after-free in post_args (#489)
- CVE-2018-18407 heap-buffer-overflow csum_replace4 (#488)
- CVE-2018-17974 heap-buffer-overflow dlt_en10mb_encode (#486)
- CVE-2018-17580 heap-buffer-overflow fast_edit_packet (#485)
- CVE-2018-17582 heap-buffer-overflow in get_next_packet (#484)
- Out-of-tree build (#482)
- CVE-2018-13112 heap-buffer-overflow in get_l2len (#477 dup #408)
- Closing stdin on pipe (#479)
- Second pcap file hangs on multiplier option (#472)
- Jumbo frame support for fragroute option (#466)
- TCP sequence edit ACK corruption (#451)
- TCP sequence number edit initial SYN packet should have zero ACK (#450)
- Travis CI build fails due to new build images (#432)
- Upgrade libopts to 5.18.12 to address version build issues (#430)
- Add ability to change tcp SEQ/ACK numbers (#425)
- Hang using loop and netmap options (#424)
- tcpprep -S not working for large cache files (#423)
- Unable to tcprewrite range of ports with --portmap (#422)
- --maxsleep broken for values less than 1000 (#421)
- -T flag breaks traffic replay timing (#419)
- Respect 2nd packet timing (#418)
- Avoid non-blocking behaviour when using STDIN (#416)
- pcap containing >1020 packets produces invalid cache file (#415)
- manpage typos (#413)
- Fails to open tap0 on Zephyr (#411)
- Heap-buffer-overflow in get_l2protocol (#410)
- Heap-buffer-overflow in packet2tree (#409)
- Heap-buffer-overflow in get_l2len (#408)
- Heap-buffer-overflow in flow_decode (#407)
- Rewrite zero IP total length field to match the actual packet length (#406)
- Stack-buffer-overflow in tcpcapinfo (#405)
- tcpprep --include option does not exclude (#404)
- Negative-size-param memset in dlt_radiotap_get_80211 (#402)
- tcpeplay --verbose option not working (#398)
- Fix replay when using --with-testnic (#178)
Update ruby-twitter to 7.0.0.
7.0.0
* Add Twitter::DirectMessageEvent (@FabienChaynes)
* Create Twitter::DirectMessageEvent with media (@FabienChaynes)
* Support for DM welcome messages (@FabienChaynes)
* Support for closing Twitter::Streaming::Connection (@okkez)
* Add Twitter::REST::Client#create_direct_message_event (@cyu)
* Add Twitter::REST::Client#premium_search
* Add Twitter::REST::AccountActivity
* Update all direct message methods to return Twitter::DirectMessageEvent
(@flikglick)
* Correctly handle different Twitter::Error::AlreadyRetweeted error messages
(@knu)
* Fix proxy setting sample (@nicklegr)
* Add Active Support presence methods on Twitter::NullObject (@davebrace)
* Upload GIFs over 5MB in chunks (@wild_dmitry)
* Track rate limit when searching tweets (@dsalahutdinov1)
* Add quote_count and reply_count attributes to Twitter::Tweet
* Drop support for Ruby 2.0, 2.1, and 2.2
