Upstream changes:
0.72 Sat Aug 29 21:51:19 2015
- The random seed was based on time of day and was a bit too
predictable. Applying patch provided by Jonathan Yu:
https://rt.cpan.org/Public/Bug/Display.html?id=48080
Upstream changes:
0.13 2016-07-02 NEILB
- Switched to using Test::RequiresInternet rather than the hand-rolled
online() function that was duplicated in 2 tests. Plus it was testing
whether google.com was contactable, and not the site used in the tests.
0.12 2016-06-23 NEILB
- Travis support added by Jason Hall.
- Added list of contributors to the doc.
Upstream changes:
6.66 2016-06-16
- Fixed support for CONNECT requests without keep alive connections in
Mojo::UserAgent. (anparker, sri)
6.65 2016-06-14
- Added password and username methods to Mojo::URL.
- Updated jQuery to version 3.0.0.
- Fixed "0" value bug in Mojo::UserAgent::CookieJar. (jamadam)
6.64 2016-06-09
- Updated HTML5 entities in Mojo::Util.
- Improved Mojo::IOLoop to fall back to Mojo::Reactor::Poll if Perl has been
compiled with fork emulation.
6.63 2016-06-03
- Removed deprecated check method from Mojo::Server::Morbo.
- Removed deprecated build, compile and interpret methods from Mojo::Template.
- Removed deprecated multi_accept methods from Mojo::IOLoop,
Mojo::IOLoop::Server and Mojo::Server::Daemon.
- Updated jQuery to version 2.2.4.
- Improved generator commands not to overwrite existing files.
v0.4.15 07-07-2016 Stephan Bosch <stephan@rename-it.nl>
* vacation extension: The sieve_user_email setting is now used in the check
for implicit delivery.
- imapsieve plugin: For any mail transaction, the mailbox was opened a second
time, even if no mailbox rule matched. This was unintentional, useless and
caused problems when the imapsieve plugin was used with other plugins like
acl.
- extprograms plugin: Significantly improved error handling. No stream errors
were logged.
- extprograms plugin: Fixed bug in handling of result code from remote program
(script service).
- extprograms plugin: Connection to remote program service was not retried.
- Several small fixes based on static analysis.
- Fixed handling of quoted string localparts in email addresses.
unusual build errors shown by old gcc versions (works fine for
gcc-5.2.1 on ubuntu and gcc-5.3.0 on NetBSD 7.99.32)
+ use ULL suffix on unsigned 64bit constants, not UL
+ don't typedef the public structs twice - second time just define it
without the typedef
Fixes PR pkg/51327
+ 20160705 introduced a bug whereby a key subid would match and verify
fine, but, if formatted, would not display the correct subkey
information. Fix to show the correct information in this case.
External API changes
====================
+ add a pgpv_cursor_close() function to free resources associated with
a cursor
Better memory management
========================
+ restructure the way dynamic arrays are used, to avoid memory
corruption issues and memory leaks - keep all dynamic arrays in the global
data structure, and use indices in the other data structures to index them.
Means lack of data localisation, but avoids stale pointers, and leaks.
+ make signer field of signature a uint8_t array, rather than a pointer
+ use our own version of strdup(3) - don't depend on it being
available in standard library
+ keep track of whether litdata filenames and userid were allocated or not,
and free memory in pgpv_close() if it was allocated
+ free up allocated resources which were allocated in pgpv_close()
New Features
* EPUB metadata: Support for reading and writing EPUB 3 specific
metadata. Now when processing EPUB 3 files, calibre will generate/use
EPUB 3 specific metadata constructs when available, for example for
series.
* Recognize the newest Kindle model, that started shipping today.
Bug Fixes
* Tag Mapper: Allow specifying a space as the split character when
creating a split tags rule
* Tag mapper: Fix upper case characters not working in 'contains'
rules
* Smarten punctuation: Fix double dashes and triple dots being
smartened even inside attribute values.
* HTML Input: Sanitize semi-colons from HTML filenames as they can
cause problems with other EPUB consuming software.
* EPUB Input: Speed up reading of the book spine from the OPF file
for books with a very large number of entries in the spine
* Edit Book: Reports: Characters: Fix sorting by count and name not
working.
* Fix KoboTouch configuration migration not working for older
settings
kBuild is a makefile framework for writing simple makefiles for complex tasks.
Due to infrequent releases repackage the latest version from upstream SVN via
Fedora Source RPM package.
LVM2 refers to the userspace toolset that provide logical volume management
facilities on linux. It is reasonably backwards-compatible with the original
LVM toolset.
This package is restricted for the Linux environment.
2016.05.09 -- Version 2.3.11
Fixed port-share bug with DoS potential
Make intent of utun device name validation clear
Fix buffer overflow by user supplied data
Correctly report TCP connection timeout on windows.
Report Windows bitness
Fix undefined signed shift overflow
Fix build with libressl
Improve LZO, PAM and OpenSSL documentation
Ensure input read using systemd-ask-password is null terminated
Support reading the challenge-response from console
openssl: improve logging
polarssl: improve logging
Update manpage: OpenSSL might also need /dev/urandom inside chroot
socks.c: fix check on get_user_pass() return value(s)
Fix OCSP_check.sh
hardening: add safe FD_SET() wrapper openvpn_fd_set()
Fix memory leak in argv_extract_cmd_name()
Replace MSG_TEST() macro for static inline msg_test()
Restrict default TLS cipher list
Various Changes.rst fixes
Clarify mssfix documentation
Clarify --block-outside-dns documentation
Update --block-outside-dns to work on Windows Vista
2016.01.04 -- Version 2.3.10
Prepare for v2.3.10 release, list PolarSSL 1.2 to 1.3 upgrade
Make certificate expiry warning patch (091edd8e299686) work on OpenSSL 1.0.1 and earlier.
Repair IPv6 netsh calls if Win XP is detected
Use bob.example.com and alice.example.com to improve clarity of documentation
Remove unused variables from ssl_verify_polarssl.c's x509_get_serial()
Upgrade OpenVPN 2.3 to PolarSSL 1.3
Warn user if their certificate has expired
Make assert_failed() print the failed condition
cleanup: get rid of httpdigest.c type warnings
Fix regression in setups without a client certificate
polarssl: fix unreachable code
2015.12.15 -- Version 2.3.9
Show extra-certs in current parameters.
Fix commit a3160fc1bd7368395745b9cee6e40fb819f5564c
Do not set the buffer size by default but rely on the operation system default.
Remove --enable-password-save option
Reflect enable-password-save change in documentation
Also remove second instance of enable-password-save in the man page
Detect config lines that are too long and give a warning/error
Log serial number of revoked certificate
Adjust server-ipv6 documentation
Avoid partial authentication state when using --disabled in CCD configs
Make "block-outside-dns" option platform agnostic
Un-break --auth-user-pass on windows
Replace unaligned 16bit access to TCP MSS value with bytewise access
Repair test_local_addr() on WIN32
Fix possible heap overflow on read accessing getaddrinfo() result.
Fix FreeBSD-specific mishandling of gc arena pointer in create_arbitrary_remote()
remove unused gc_arena in FreeBSD close_tun()
Fix isatty() check for good.
put virtual IPv6 addresses into env
Use adapter index instead of name for windows IPv6 interface config
Client-side part for server restart notification
Use adapter index for add/delete_route_ipv6
Pass adapter index to up/down scripts
Fix VS2013 compilation
Fix privilege drop if first connection attempt fails
Support for username-only auth file.
Add CONTRIBUTING.rst
Updates to Changes.rst
Fix termination when windows suspends/sleeps
Do not hard-code windows systemroot in env_block
Handle ctrl-C and ctrl-break events on Windows
Unbreak read username password from management
Replace strdup() calls for string_alloc() calls
Check return value of ms_error_text()
Increase control channel packet size for faster handshakes
hardening: add insurance to exit on a failed ASSERT()
Fix memory leak in auth-pam plugin
Fix (potential) memory leak in init_route_list()
Fix unintialized variable in plugin_vlog()
Add macro to ensure we exit on fatal errors
Fix memory leak in add_option() by simplifying get_ipv6_addr
openssl: properly check return value of RAND_bytes()
Fix rand_bytes return value checking
Add Windows DNS Leak fix using WFP ('block-outside-dns')
Fix "White space before end tags can break the config parser"
2015.08.03 -- Version 2.3.8
Report missing endtags of inline files as warnings
Fix commit e473b7c if an inline file happens to have a line break exactly at buffer limit
Produce a meaningful error message if --daemon gets in the way of asking for passwords.
Document --daemon changes and consequences (--askpass, --auth-nocache).
Del ipv6 addr on close of linux tun interface
Fix --askpass not allowing for password input via stdin
write pid file immediately after daemonizing
Make __func__ work with Visual Studio too
fix regression: query password before becoming daemon
Fix using management interface to get passwords.
Fix overflow check in openvpn_decrypt()
2015.06.02 -- Version 2.3.7
Default gateway can't be determined on illumos/Solaris platforms
Warn that tls-auth with free form files is going to be removed from OpenVPN 2.4
autotools: Fix wrong ./configure help screen default values
down-root plugin: Replaced system() calls with execve()
down-root: Improve error messages
plugin, down-root: Fix compiler warnings
sockets: Remove the limitation of --tcp-nodelay to be server-only
plugins, down-root: Code style clean-up
pkcs11: Load p11-kit-proxy.so module by default
Make 'provider' option to --show-pkcs11-ids optional where p11-kit is present
Use OPENVPN_ETH_P_* so that <netinet/if_ether.h> is unecessary
New approach to handle peer-id related changes to link-mtu (2.3 version)
Fix incorrect use of get_ipv6_addr() for iroute options.
Print helpful error message on --mktun/--rmtun if not available.
explain effect of --topology subnet on --ifconfig
Add note about file permissions and --crl-verify to manpage.
repair --dev null breakage caused by db950be85d37
assume res_init() is always there.
Correct note about DNS randomization in openvpn.8
Disallow usage of --server-poll-timeout in --secret key mode.
slightly enhance documentation about --cipher
Enforce "serial-tests" behaviour for tests/Makefile
Revert "Enforce "serial-tests" behaviour for tests/Makefile"
On signal reception, return EAI_SYSTEM from openvpn_getaddrinfo().
Use configure.ac hack to apply serial_test AM option only if supported.
Use EAI_AGAIN instead of EAI_SYSTEM for openvpn_getaddrinfo().
Move res_init() call to inner openvpn_getaddrinfo() loop
Fix FreeBSD ifconfig for topology subnet tunnels.
Fix --redirect-private in --dev tap mode.
include ifconfig_ environment variables in --up-restart env set
Fix null pointer dereference in options.c
Fix mssfix default value in connection_list context
Manual page update for Re-enabled TLS version negotiation.
Include systemd units in the source tarball (make dist)
Updated manpage for --rport and --lport
Properly escape dashes on the man-page
Improve documentation in --script-security section of the man-page
Really fix '--cipher none' regression
Update doxygen (a bit)
Set tls-version-max to 1.1 if cryptoapicert is used
Account for peer-id in frame size calculation
Disable SSL compression
Fix frame size calculation for non-CBC modes.
Allow for CN/username of 64 characters (fixes off-by-one)
Remove unneeded parameter 'first_time' from possibly_become_daemon()
Re-enable TLS version negotiation by default
Remove size limit for files inlined in config
Improve --tls-cipher and --show-tls man page description
Re-read auth-user-pass file on (re)connect if required
Clarify --capath option in manpage
Call daemon() before initializing crypto library
