sqlmap is an open source penetration testing tool that automates
the process of detecting and exploiting SQL injection flaws and
taking over of database servers. It comes with a powerful detection
engine, many niche features for the ultimate penetration tester
and a broad range of switches lasting from database fingerprinting,
over data fetching from the database, to accessing the underlying
file system and executing commands on the operating system via
out-of-band connections.
v0.2.4
Yet another patch to deal with extra builders outside Spinx, such as the singlehtml builders from the Read the Docs Sphinx extension
v0.2.3
Temporarily patch Sphinx issue with singlehtml builder by inspecting the builder in template.
1.8.1 - 2017-03-10
~~~~~~~~~~~~~~~~~~
* Fixed macOS wheels to properly link against 1.1.0 rather than 1.0.2.
1.8 - 2017-03-09
~~~~~~~~~~~~~~~~
* Added support for Python 3.6.
* Windows and macOS wheels now link against OpenSSL 1.1.0.
* macOS wheels are no longer universal. This change significantly shrinks the
size of the wheels. Users on macOS 32-bit Python (if there are any) should
migrate to 64-bit or build their own packages.
* Changed ASN.1 dependency from ``pyasn1`` to ``asn1crypto`` resulting in a
general performance increase when encoding/decoding ASN.1 structures. Also,
the ``pyasn1_modules`` test dependency is no longer required.
* Added support for
:meth:`~cryptography.hazmat.primitives.ciphers.CipherContext.update_into` on
:class:`~cryptography.hazmat.primitives.ciphers.CipherContext`.
* Added
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization.private_bytes`
to
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization`.
* Added
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKeyWithSerialization.public_bytes`
to
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKeyWithSerialization`.
* :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`
and
:func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`
now require that ``password`` must be bytes if provided. Previously this
was documented but not enforced.
* Added support for subgroup order in :doc:`/hazmat/primitives/asymmetric/dh`.
Fast ASN.1 parser and serializer with definitions for private keys,
public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, PKCS#8,
PKCS#12, PKCS#5, X.509 and TSP.
2017-03-11 meld 3.17.1
======================
Features:
* Improve version checking, and try to show users a nice error dialog when
Meld's requirements aren't installed (Vasily Galkin)
Fixes:
* Help and documentation fixes (Anders Jonsson, Kai Willadsen)
* Re-silence GTK+ logging with glib 2.46 structured logging changes (Kai
Willadsen)
* Fix chunk deletion at EOF with CRLF endings (Kai Willadsen)
* Note filter performance effects in folder preferences (Kai Willadsen)
* Fix button alignment for new chunk action buttons (Kai Willadsen)
* Improve use of the newer emblem in folder comparison by showing it only
when meaningful (Kai Willadsen)
* Fix crash caused by bad colour theme lookup (Kai Willadsen)
Translations:
* Alan Mortensen (da)
* Anders Jonsson (sv)
* Daniel Mustieles (es)
* Josef Andersson (sv)
* Marek Černocký (cs)
* Paul Seyfert (de)
* Piotr Drąg (pl)
* Rafael Fontenelle (pt_BR)
* Мирослав Николић (sr, sr@latin)
Version 4.8.19
- Core
* Replace $MC_HOME with $MC_PROFILE_ROOT (#3684)
* Allow rebind TAB key to change panel (#3672)
* Support for True Color (16 millions colors) (#3145)
* Color aliases in skin files (#3711)
- VFS
* Support timestamps with nanosecond precision for copy/move operations (#3575)
* Introduce EXTFS helpers tester (#3730, #3744, #3752, #3753, #3751)
* Teach u7z to parse archive listings w/o sizes and/or dates (#2707)
* Teach rpm helper about transaction scripts (#3750)
* Fix hp48, uace & uarc extfs which used an obsolete date format (#3729, #3747)
- Editor
* Syntax:
- updates of HTML and ebuild highlighting
- highlight *.t (Perl test) files as Perl scripts
- disassociate .cl file extension from LISP syntax (#3691)
* Add syntax highlighting:
- OpenCL (#3690)
- OpenShadingLanguage (#3762)
- R
- YAML (#3293)
- Misc
* Code cleanup (#3693, #3703, #3721, #3763)
* Add true color skins: 'Four seasons' (#3724)
* Activate `--enable-tests` by default if `check` is found (#3708)
* Added new skin: YADT (MidnightCommander/mc#115)
- Fixes
* Segfault on switching left panel to Info (#3700)
* Broken compatibility with ncurses (#3697)
* Setting MC_HOME makes mc ignore ~/.bashrc (#3684)
* mc_tmpdir() use a buffer of only 64 characters (#3736)
* Some bugs in the parsing of hexadecimal search patterns (#3694)
* Hexadecimal search fails on binary data (#3589)
* Broken file list resorting on double click on panel header line (#3715)
* Wrong dialog resizing and positioning (#3714, #3723)
* Widget's 'disabled' status is not toggled immediately (#3716)
* Last item of 'Options/Layout/Horizontal' radiobuttons remains highlighted (#3717)
* 'Options/Layout/Equal split' checkbox gets reverted (#3718)
* Panels: cannot show more than one "column" in user defined listing mode (#3757)
* Mix of MSG_NOTIFY and MSG_FOCUS messages (#3731)
* skins: 'window-state-char' and 'window-close-char' are parsed as colors (#3710)
* Pressing <right> and <left> in the hotlist dialog doesn't refresh it (#3775)
* mcview: an error message about bad regexp isn't shown (#3720)
* mcedit: fix etags filenames parsing (#3698)
* mcedit: fix mouse active area for maximize / close buttons (#3774)
* mcedit: frames (MDI interface) don't reflect the focus state (#3766)
* mcedit: frames (MDI interface) sometimes obscure the buttonbar (#3760)
* mcedit doesn't show search error messages when searching backwards (#3735)
* help viewer: tab characters handled incorrectly (#3754)
* VFS: incorrect zoo archive listing (#3696)
* VFS: segfault in VFSs not setting block size in stat (#3749)
2017-03-10 Moritz Bunkus <moritz@bunkus.org>
* Released v1.4.7 with the single change of setting the version
number in the "KaxCodeVersion" variable correctly.
* Released v1.4.6.
* KaxSemantic: add new elements dealing with 360°/VR content and
for language descriptors based on IETF BPC 47.
Overview of changes leading to 1.4.5
Friday, March 10, 2017
====================================
- Revert "Fix Context lookup application when moving back after a glyph..."
This introduced memory access problems. To be fixed properly soon.
Overview of changes leading to 1.4.4
Sunday, March 5, 2017
====================================
- Fix Context lookup application when moving back after a glyph deletion.
- Fix buffer-overrun in Bengali.
Ilia Mirkin (7):
exa: add GM10x acceleration support
hwdefs: update nvc0_3d, add gm107_texture for new TIC format
nvc0: make use of the new hwdefs for TEX_CB_INDEX
nvc0: rename BEGIN_IMC0 to IMMED_NVC0
nvc0: refactor TIC uploads to allow different specifics per generation
copy: add maxwell/pascal copy engine classes
recognize and accelerate GM20x
Lyude (2):
Consider CRTCs disabled when DPMS is off
Bump version to 1.0.14
* don't require authentication when getting public collections
* allow submit_ratings() and submit_tags() to submit for all supported entities
* allow 'tags' and 'user-tags' includes on releases
* set the parser when the webservice format is changed
* read the error message from musicbrainz and return it in
a raised exception
* send authenticaion headers when required
* added get_series_by_id(), search_areas(), search_series()
* updated options for get_releases_by_discid() to support 'media-format'
and discid-less requests
* parse work attributes
* added various methods to retrieve data from the Cover Art Archive
* added support for pregap tracks
* return 'offset-list' and 'offset-count' for get_releases_by_discid()
* added support for search and browse of events
* added support for 'data-track-list' elements
* added support for get and search instruments
* added support to read all collection types
* added support for search and browse of places
* allow single strings to be used as includes for browse requests
* allow single strings to be used at tag submission
* added support for browse artist by work and work by artist
* added support for 'track-count' elements in 'medium-list's returned by search
* added support to read xml attributes in 'attribute-list' elements
Notable changes
- doc: add Daijiro Wachi to collaborators
- tty: add ref() so process.stdin.ref() etc. work
- util: fix inspecting symbol key in string
- version: 2.81.0
date: 2017-03-10
new features:
- title: "Amazon metadata download: Allow downloading amazon metadata from multiple sources. You can now configure the Amazon plugin via Preferences->Metadata download to use either the amazon servers, or various search engine caches to get the metadata. Should help with the recent CAPTCHA problems when downloading metadata from amazon"
- title: "Kobo driver: Add support for new firmware"
- title: "Edit Book: Spell Check dialog: Always add the original word as one of the spelling corrections, so that small edits to the word can be made easily."
- title: "Edit Book: Saved searched Dialog: Allow re-arranging the saved searches using drag and drop."
- title: "Implement auto update of builtin metadata download plugins, just as for recipes and Get Books plugins. Needed as the websites they get data from often change."
- title: "Edit Book: When inserting full screen images, use the actual image dimensions in the generated SVG code, when available"
- title: "Linux installer: Check that the umask is suitable before running the installer. Should fix breakage on systems where users have changed the user umask but neglected to also alter it for sudo"
- title: "Bulk metadata edit: Remove the control to delete specific formats as it is redundant. This functionality is already present by right clicking the Remove books button"
bug fixes:
- title: "TXT Input: When detecting the encoding of txt files only use the first four kilobytes of text. Fixes excessively slow conversion of very large text files."
- title: "Get Books: Fix price not being displayed for books from Amazon dues to website changes"
- title: "GetBooks: Update Google Books plugin for website changes"
- title: "E-book viewer: Fix slow startup when recently opened files are on a slow/malfunctioning networked filesystem."
- title: "Google metadata download: Fix metadata not being found when the title of the book includes a sub-title"
- title: "Improve downloading of covers from the google books metadata source"
- title: "News download: Fix a bug that could cause a crash when downloading an SVG image."
- title: "Edit book: Fix a regression that caused pasting copied text from programs that generate both HTML and plain text when copying to paste the HTML in preference to the plain text"
improved recipes:
- tyzden
- The Economist
- Kansas City Star
- NYTimes
- The Spectator
ver 0.20.6 (2017/03/10)
* input
- curl: fix headers after HTTP redirect to Shoutcast server
* decoder
- ffmpeg: re-enable as fallback
- mpcdec: fix crash (division by zero) after seeking
- sidplay: make compatible with libsidplayfp < 1.8
* fix stream tags after automatic song change
* workaround for GCC 4.9.4 / libstdc++ bug (build failure)
libopenmpt 0.2-beta22 (2017-03-11)
[Bug] Possible NULL-pointer dereference read during obscure out-of-memory situations while handling exceptions in the C API.
[Bug] libmodplug: libmodplug.pc was wrong.
[Bug] Cross-compiling libopenmpt with autotools for Windows now properly sets -municode and -mconsole as well as all required Windows system libraries.
[Bug] Excessive loading times with malformed ITP / truncated AMS files.
[Bug] libopenmpt on Windows did not properly guard against current working directory DLL injection attacks.
[Change] The Makefile and Autotools build system got new options USE_DLOPEN and --enable-dlopen respectively which are required to be set in order to load 3rd-party libraries dynamically. Additionally, the defaults for detecting libdl and libltdl now also default to off with autotools. This change has been made in order to make the default configuration as secure as possible. Both build systems default to dependencies that facilitate native MO3 decoding internally anyway, thus there is actually no practical disadvantage with the new default settings at all.
[Change] Un4seen unmo3 support is now completely disabled by default in all configurations and build systems.
[Regression] In order to securely load libmpg123, the Windows binary packages only support the precise libmpg123 binary that is downloaded by the download_mpg123.vbs script. Other binaries might also work, but this has neither been tested nor is officially supported from now on.
Autotools build system now has options --disable-openmpt123, --disable-tests and --disable-examples which may be desireable when cross-compiling.
Windows binary packages now include a script download_mpg123.vbs which downloads libmpg123 and copies it to the appropriate directories relative to the uncompressed binary archive.
Do not set note volume to 0 on out-of-range offset in XM files.
Better import of some slide commands in SFX files.
Sample 15 in "Crew Generation" by Necros requires short loops at the beginning of the sample to not be ignored. Since we need to ignore them in some (non-ProTracker) modules, we heuristically disable the old loop sanitization behaviour based on the module channel count.
Both normal and percentage offset in PLM files were handled as percentage offset.
seek.sync_samples=1 did not apply PTM reverse offset effect and the volume slide part of combined volume slide + vibrato commands.
libopenmpt 0.2-beta21 (skipped)
Version 0.2-beta21 has been skipped in order to avoid confusion with libtool version of libopenmpt 0.3.0-pre.0 and 0.3.0-pre.1 development versions.
