Summary for 1.9.0 libpcap release
Added testing system to libpcap, independent of tcpdump
Changes to how pcap_t is activated
Adding support for Large stream buffers on Endace DAG cards
Changes to BSD 3-clause license to 2-clause licence
Additions to TCP header parsing, per RFC3168
Add CMake build process (extensive number of changes)
Assign a value for OpenBSD DLT_OPENFLOW.
Support setting non-blocking mode before activating.
Extensive build support for Windows VS2010 and MINGW (many many changes, over many months)
Added RPCAPD support when --enable-remote (default no)
Add the rpcap daemon source and build instructions.
Put back the greasy "save the capture filter string so we can tweak it"
hack, that keeps libpcap from capturing rpcap traffic.
Fixes for captures on MacOS, utun0
fixes so that non-AF_INET addresses, are not ==AF_INET6 addresses.
Add a linktype for IBM SDLC frames containing SNA PDUs.
pcap_compile() in 1.8.0 and later is newly thread-safe.
bound snaplen for linux tpacket_v2 to ~64k
Make VLAN filter handle both metadata and inline tags
D-Bus captures can now be up to 128MB in size
Added LORATAP DLT value
Added DLT_VSOCK for http://qemu-project.org/Features/VirtioVsock
probe_devices() fixes not to overrun buffer for name of device
Add linux-specific pcap_set_protocol_linux() to allow specifying a specific capture protocol.
RDMA sniffing support for pcap
Add Nordic Semiconductor Bluetooth LE sniffer link-layer header type.
fixes for reading /etc/ethers
Make it possible to build on Windows without packet.dll.
Add tests for large file support on UN*X.
Solaris fixes to work with 2.8.6
configuration test now looks for header files, not capture devices present
Fix to work with Berkeley YACC.
fixes for DragonBSD compilation of pcap-netmap.c
Clean up the ether_hostton() stuff.
Add an option to disable Linux memory-mapped capture support.
Add DAG API support checks.
Add Septel, Myricom SNF, and Riverbed TurboCap checks.
Add checks for Linux USB, Linux Bluetooth, D-Bus, and RDMA sniffing support.
Add a check for hardware time stamping on Linux.
Don't bother supporting pre-2005 Visual Studio.
Increased minimum autoconf version requirement to 2.64
Add DLT value 273 for XRA-31 sniffer
Clean up handing of signal interrupts in pcap_read_nocb_remote().
Use the XPG 4.2 versions of the networking APIs in Solaris.
Fix, and better explain, the "IPv6 means IPv6, not IPv4" option setting.
Explicitly warn that negative packet buffer timeouts should not be used.
rpcapd: Add support inetd-likes, including xinetd.conf, and systemd units
Rename DLT_IEEE802_15_4 to DLT_IEEE802_15_4_WITHFCS.
Add DISPLAYPORT AUX link type
Remove the sunos4 kernel modules and all references to them.
Add more interface flags to pcap_findalldevs().
Release v1.22.0
Core
building upb as part of cmake build is not necessary (for v1.22.x).
Convert TraceFlags in the hot path to DebugTraceFlags.
Fix a bug where POST_RECV_MESSAGE was not being triggered.
Adjust the order of IOMgr timer initialization and comment of grpc_timer::heap_index.
C++
use bazel wrapper for "bazel" invocations in grpc workspace.
Add method to validate service config json.
Update comment on ssl hostname override.
Rename root certificate bundle in gRPC-C++ pod.
Changes:
2019.07.02
----------
Core
+ [utils] Introduce random_user_agent and use as default User-Agent (#21546)
Extractors
+ [vevo] Add support for embed.vevo.com URLs (#21565)
+ [openload] Add support for oload.biz (#21574)
* [xiami] Update API base URL (#21575)
* [yourporn] Fix extraction (#21585)
+ [acast] Add support for URLs with episode id (#21444)
+ [dailymotion] Add support for DM.player embeds
* [soundcloud] Update client id
18.0.2
- Compatibility with Python 3.8 prerelease by regenerating Cython sources
with Cython 0.29.10.
- Fix language_level=2 in Cython sources, for compatibility with Cython 0.30
- Show missing path for ENOENT errors on ipc connections.
Changes:
Fixes:
- hub pull-request: Avoid crash when the current branch is pushed to a
non-GitHub remote
- BROWSER environment variable now supports values with spaces in them
(must be shell-quoted)
- hub help: support man appearing in a path that has spaces
- Docs: mention that comma-separated lists must not have spaces
Changes:
1.8.7
-----
Additions:
- Support for
- `vanillarock` (#254)
- `nsfwalbum` (#287)
- `artist` and `tags` metadata for `hentaicafe` (#238)
- `description` metadata for `instagram` (#310)
- Format string option to replace a substring with another
- `R<old>/<new>/` (#318)
Changes:
- Delete empty archives created by the `zip` post-processor (#316)
Fixes:
- Handle `hitomi` Game CG galleries correctly (#321)
- Miscellaneous fixes for `deviantart`, `hitomi`, `pururin`, `kissmanga`,
`keenspot`, `mangoxo`, `imagefap`
Changes:
20190627
--------
Extractors
+ [go] Add support for disneynow.com (#21528)
* [mixer:vod] Relax URL regular expression (#21531, #21536)
* [drtv] Relax URL regular expression
* [fusion] Fix extraction (#17775, #21269)
- [nfb] Remove extractor (#21518)
+ [beeg] Add support for api/v6 v2 URLs (#21511)
+ [brightcove:new] Add support for playlists (#21331)
+ [openload] Add support for oload.life (#21495)
* [vimeo:channel,group] Make title extraction non fatal
* [vimeo:likes] Implement extrator in terms of channel extractor (#21493)
+ [pornhub] Add support for more paged video sources
+ [pornhub] Add support for downloading single pages and search pages (#15570)
* [pornhub] Rework extractors (#11922, #16078, #17454, #17936)
+ [youtube] Add another signature function pattern
* [tf1] Fix extraction (#21365, #21372)
* [crunchyroll] Move Accept-Language workaround to video extractor since
it causes playlists not to list any videos
* [crunchyroll:playlist] Fix and relax title extraction (#21291, #21443)
This inadvertently opened up the named process to more privileges than
necessary and could be considered a security risk. This may affect chroot
support, adding back in support for that will need to be done carefully.
Bump PKGREVISIONs.
The server side public license, used by databases/mongodb (version 4),
appears to be incompatible with ubiquiti-license. Also,
databases/mongodb does not build on platforms where net/unifi works
(e.g., netbsd-8 amd64).
* OpenBSD: compiles again
* BSD: Check RTM lengths incase of kernel issues
* DHCP6: Don't stop even when last router goes away
* DHCP6: Fix inform from RA
* hostname: Fix short hostname check
Previously, an IPv6 split tunnel with a /128 request would result in a
default tunnel, rather than a specific route. Correctly set the default
route if we request a /0.
If `which ip` returns something on a non-Linux OS, it's an unrelated
tool that won't work for routing configuration; don't try to set IPROUTE
on another OS. This should fix the macOS issue discovered at:
<https://github.com/dlenski/openconnect/issues/132#issuecomment-470475009>
Jesse Smith <jessefrgsmith@yahoo.ca> -> 5.1
- Fixed duplicate error message when user tries to
sign in with invalid username.
- Make sure user can change username before
successfully authenticating.
- Fix error message when "type" command is not
given a parameter.
- Make sure we do not return multiple error
codes when an account is disabled.
- Do not drop connection to client when
selected account is disabled.
- Make sure when accounts are disabled/denied, they print the
proper reason (set in the config file) back to the client
Upstream changes:
* quickstep
* crash on a retweet tab in Tweet details tabs when non-Twitter World
is selected
* pass application name to notify-send
* thanks Shibafu Midorino
* improve performance of toot cache
* crash on Fav'ed from Mastodon World when Current World is not
fav'ed account
Update bind914 to 9.14.3 (BIND 9.14.3).
--- 9.14.3 released ---
5244. [security] Fixed a race condition in dns_dispatch_getnext()
that could cause an assertion failure if a
significant number of incoming packets were
rejected. (CVE-2019-6471) [GL #942]
5243. [bug] Fix a possible race between dispatcher and socket
code in a high-load cold-cache resolver scenario.
[GL #943]
5242. [bug] In relaxed qname minimizatiom mode, fall back to
normal resolution when encountering a lame
delegation, and use _.domain/A queries rather
than domain/NS. [GL #1055]
5241. [bug] Fix Ed448 private and public key ASN.1 prefix blobs.
[GL #225]
5240. [bug] Remove key id calculation for RSAMD5. [GL #996]
5238. [bug] Fix a possible deadlock in TCP code. [GL #1046]
5237. [bug] Recurse to find the root server list with 'dig +trace'.
[GL #1028]
5234. [port] arm: just use the compiler's default support for
yield. [GL #981]
Update bind912 to 9.12.4pl2 (BIND 9.12.4-P2).
--- 9.12.4-P2 released ---
5244. [security] Fixed a race condition in dns_dispatch_getnext()
that could cause an assertion failure if a
significant number of incoming packets were
rejected. (CVE-2019-6471) [GL #942]
Update bind911 to 9.11.8 (BIND 9.11.8).
--- 9.11.8 released ---
5244. [security] Fixed a race condition in dns_dispatch_getnext()
that could cause an assertion failure if a
significant number of incoming packets were
rejected. (CVE-2019-6471) [GL #942]
5241. [bug] Fix Ed448 private and public key ASN.1 prefix blobs.
[GL #225]
5237. [bug] Recurse to find the root server list with 'dig +trace'.
[GL #1028]
- fixed bug in tinydns-data with false translation of IPv6|v4 addresses
for MX records.
- fixed bug in dnsip abending while evaluating IPv6 addresses.
- fixed alignment bug in dd.c for dd6 (tx vise).
- fixed bug in dns_nd.c for IPv6; dnsfilter is working now for IPv4 and IPv6
(tx vise).
- dns_ip, dns_mx, dns_txt, and dns_name return now number of answers given
(fehQlibs-12).
- libsodium compatibility checked and verified.
- dns_ip, dns_cname, dns_txt, dns_name and dns_mx
return now the number of DNS answers received
unlike the number of bytes for the given output.
- Added convenience routines for forthcoming s/qmail.
- Added ia4_fmt, ia6_fmt and dns_cname (for *qmail).
- Changed dns_transmit lookup time constants.
Release Notes for Samba 4.10.5
This is a security release in order to address the following defects:
o CVE-2019-12435 (Samba AD DC Denial of Service in DNS management server
(dnsserver))
o CVE-2019-12436 (Samba AD DC LDAP server crash (paged searches))
Details
=======
o CVE-2019-12435:
An authenticated user can crash the Samba AD DC's RPC server process via a
NULL pointer dereference.
o CVE-2019-12436:
An user with read access to the directory can cause a NULL pointer
dereference using the paged search control.
For more details and workarounds, please refer to the security advisories.
stagit generates .gph geomyidae pages for a Git repository, and
supports the following features:
- Log of all commits from HEAD.
- Log and diffstat per commit.
- Show file tree with line numbers.
- Show references: local branches and tags.
- Detect README and LICENSE file from HEAD and link it as a page.
- Detect submodules (.gitmodules file) from HEAD and link it as a page.
- Atom feed log (atom.xml).
- Make index page for multiple repositories with stagit-gopher-index.
- After generating the pages (relatively slow) serving the files is very fast,
simple and requires little resources (because the content is static), only
a geomyidae Gopher server is required.
In RT 4 when edit_ticket() is invoked but the ticket is not modified an empty
response is sent. Gracefully treat it as a successfull operation.
PKGREVISION++
SFTP stands for SSH File Transfer Protocol and is a method of
transferring files between machines over a secure, encrypted
connection (as opposed to regular FTP, which functions over an
insecure connection). The security in SFTP comes through its
integration with SSH, which provides an encrypted transport layer over
which the SFTP commands are executed.
Net::SFTP::Foreign is a Perl client for the SFTP version 3 as
defined in the SSH File Transfer Protocol IETF draft, which can be
found at http://www.openssh.org/txt/draft-ietf-secsh-filexfer-02.txt
This implementation uses an external OpenSSH-compatible program.
Packaged in wip by Angel M. Adames.
Upstream changes:
Features
- add type CAA to libpyunbound (accessing libunbound from python).
- Fix#17: Add python module example from Jan Janak, that is a
plugin for the Unbound DNS resolver to resolve DNS records in
multicast DNS [RFC 6762] via Avahi. The plugin communicates
with Avahi via DBus. The comment section at the beginning of
the file contains detailed documentation.
- travis build file.
- PR #16: XoT support, AXFR over TLS, turn it on with
master: <ip>#<authname> in unbound.conf. This uses TLS to
download the AXFR (or IXFR).
Bug Fixes
- Fix for #4233: guard use of NDEBUG, so that it can be passed in
CFLAGS into configure.
- Add log message, at verbosity 4, that says the query is encrypted
with TLS, if that is enabled for the query.
- Fix#4239: set NOTIMPL when deny-any is enabled, for RFC8482.
- Fix#4240: Fix whitespace cleanup in example.conf.
- Fix that tls-session-ticket-keys: "" on its own in unbound.conf
disables the tls session ticker key calls into the OpenSSL API.
- Fix crash if tls-servic-pem not filled in when necessary.
- Fix auth-zone NSEC3 response for empty nonterminals with exact
match nsec3 records.
- Fix for out of bounds integers, thanks to OSTIF audit. It is in
allocation debug code.
- Fix for auth zone nsec3 ent fix for wildcard nodata.
- Move goto label in answer_from_cache to the end of the function
where it is more visible.
- Fix auth-zone NSEC3 response for wildcard nodata answers,
include the closest encloser in the answer.
- Fix spelling error in log output for event method.
- Fix to reinit event structure for accepted TCP (and TLS) sockets.
- Fix to use event_assign with libevent for thread-safety.
- verbose information about auth zone lookup process, also lookup
start, timeout and fail.
- Fix to wipe ssl ticket keys from memory with explicit_bzero,
if available.
- Fix that auth zone uses correct network type for sockets for
SOA serial probes. This fixes that probes fail because earlier
probe addresses are unreachable.
- Fix that auth zone fails over to next master for timeout in tcp.
- Squelch SSL read and write connection reset by peer and broken pipe
messages. Verbosity 2 and higher enables them.
- Update python documentation for init_standard().
- Typos.
- Fix tls write event for read state change to re-call SSL_write and
not resume the TLS handshake.
- Better braces in if statement in TCP fastopen code.
- iana portlist updated.
- Scrub RRs from answer section when reusing NXDOMAIN message for
subdomain answers.
- For harden-below-nxdomain: do not consider a name to be non-exitent
when message contains a CNAME record.
- Fix wrong query name in local zone redirect answers with a CNAME,
the copy of the local alias is in unpacked form.
- contrib/fastrpz.patch updated for code changes, and with git diff.
- Fix#29: Solaris 11.3 and missing symbols be64toh, htobe64.
- Fix#30: AddressSanitizer finding in lookup3.c. This sets the
hash function to use a slower but better auditable code that does
not read beyond array boundaries. This makes code better security
checkable, and is better for security. It is fixed to be slower,
but not read outside of the array.
- Fix edns-subnet locks, in error cases the lock was not unlocked.
- Fix doxygen output error on readme markdown vignettes.
- Squelch log messages from tcp send about connection reset by peer.
They can be enabled with verbosity at higher values for diagnosing
network connectivity issues.
- Attempt to fix malformed tcp response.
- Fix#31: swig 4.0 and python module.
- Note that so-reuseport at extreme load is better turned off,
otherwise queries are not distributed evenly, on Linux 4.4.x.
- Fix that spoolbuf is not used to store tcp pipelined response
between mesh send and callback end.
- Fix double file close in tcp pipelined response code.
- Fix to define _OPENBSD_SOURCE to get reallocarray on NetBSD.
- Fix to guard _OPENBSD_SOURCE from redefinition.
- Fix that fixes the Fix that spoolbuf is not used to store tcp
pipelined response between mesh send and callback end, this fixes
error cases that did not use the correct spoolbuf.
- Fix that fixes the Fix that spoolbuf is not used to store tcp
pipelined response between mesh send and callback end, this fixes
error cases that did not use the correct spoolbuf.
- Fix another spoolbuf storage code point, in prefetch.
pkgsrc changes:
- remove patch for totoridipjp (removed in upstream too)
- remove patch for upstream ticket #1323 (integrated in 3.9)
Upstream changes (from "new features of mikutter 3.9"):
* Mastodon plugin
* Support for UI scaling
* World account can be assigned to shortcut key
* Reorder World accounts
* Non-PNG image support for Skin
* Generic Model viewer
* Quick Step
* PulseAudio
* Reorgenize gem dependencies
Upstream pull request log:
https://github.com/twitter/twitter-text/pull/265
* New v3.json config file with emojiParsingEnabled config option. When
true, twitter-text will parse and discount emoji supported by the
twemoji library (see https://github.com/twitter/twemoji). The length
of these emoji will be the default weight (200 or two characters) even
if they contain multiple code points combined by zero-width
joiners. This means that emoji with skin tone and gender modifiers no
longer count as more characters than those without such modifiers.
All 4 implementations updated to reflect this change in counting.
* Updates known gTLDs to recognize recent additions by IANA (#261)
Upstream changes (from CHANGELOG.md):
# Addressable 2.6.0
- added `tld=` method to allow assignment to the public suffix
- most `heuristic_parse` patterns are now case-insensitive
- `heuristic_parse` handles more `file://` URI variations
- fixes bug in `heuristic_parse` when uri starts with digit
- fixes bug in `request_uri=` with query strings
- fixes template issues with `nil` and `?` operator
- `frozen_string_literal` pragmas added
- minor performance improvements in regexps
- fixes to eliminate warnings
Changes:
2.12.0
------
## Features
* Add `hub pr show [<number>]` command to open a pull request in the browser
* Add `hub api --paginate` option to automatically fetch all pages of results
* Add `hub pull-request --no-maintainer-edits` flag to disallow project
maintainers being able to push to your branch
* `hub issue -M` can now accept milestone names instead of just numbers
* Abort `hub pull-request` with a helpful error message if the current branch
wasn't pushed to a git remote
* Drop support for legacy `hub.http-clone` git config value
## Fixes
* Fix querying git configuration when GIT_TRACE is used
* Support detached HEAD if `hub pull-request --head` was passed
* Fix newline in `hub create` error message
* Ensure HTTP connection reuse across API calls
1.16.178
api-change:guardduty: Update guardduty command to latest version
api-change:appmesh: Update appmesh command to latest version
api-change:elasticache: Update elasticache command to latest version
api-change:ec2: Update ec2 command to latest version
1.16.177
api-change:servicecatalog: Update servicecatalog command to latest version
1.16.176
api-change:sagemaker: Update sagemaker command to latest version
1.16.175
api-change:personalize-runtime: Update personalize-runtime command to latest version
api-change:codecommit: Update codecommit command to latest version
api-change:personalize: Update personalize command to latest version
api-change:personalize-events: Update personalize-events command to latest version
api-change:codebuild: Update codebuild command to latest version
1.16.174
api-change:ec2: Update ec2 command to latest version
1.16.173
api-change:ecs: Update ecs command to latest version
api-change:dynamodb: Update dynamodb command to latest version
api-change:logs: Update logs command to latest version
api-change:ssm: Update ssm command to latest version
api-change:guardduty: Update guardduty command to latest version
api-change:mediaconnect: Update mediaconnect command to latest version
api-change:organizations: Update organizations command to latest version
api-change:ses: Update ses command to latest version
1.16.172
api-change:glue: Update glue command to latest version
1.16.171
api-change:storagegateway: Update storagegateway command to latest version
api-change:iam: Update iam command to latest version
api-change:s3: Update s3 command to latest version
api-change:elasticache: Update elasticache command to latest version
api-change:ec2: Update ec2 command to latest version
1.16.170
api-change:rds: Update rds command to latest version
api-change:ec2: Update ec2 command to latest version
1.16.169
api-change:iotanalytics: Update iotanalytics command to latest version
api-change:rds: Update rds command to latest version
api-change:iotevents-data: Update iotevents-data command to latest version
api-change:codecommit: Update codecommit command to latest version
api-change:rds-data: Update rds-data command to latest version
api-change:kafka: Update kafka command to latest version
api-change:pinpoint-email: Update pinpoint-email command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:iotevents: Update iotevents command to latest version
1.16.168
api-change:dlm: Update dlm command to latest version
api-change:securityhub: Update securityhub command to latest version
api-change:ssm: Update ssm command to latest version
api-change:rds: Update rds command to latest version
api-change:iotthingsgraph: Update iotthingsgraph command to latest version
api-change:ec2: Update ec2 command to latest version
1.16.167
api-change:robomaker: Update robomaker command to latest version
api-change:transcribe: Update transcribe command to latest version
api-change:storagegateway: Update storagegateway command to latest version
api-change:rds: Update rds command to latest version
api-change:groundstation: Update groundstation command to latest version
api-change:sts: Update sts command to latest version
api-change:pinpoint-email: Update pinpoint-email command to latest version
api-change:waf: Update waf command to latest version
api-change:chime: Update chime command to latest version
1.16.166
api-change:codedeploy: Update codedeploy command to latest version
api-change:mediastore-data: Update mediastore-data command to latest version
api-change:opsworkscm: Update opsworkscm command to latest version
1.16.165
api-change:ec2: Update ec2 command to latest version
api-change:waf-regional: Update waf-regional command to latest version
1.16.164
api-change:apigateway: Update apigateway command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:budgets: Update budgets command to latest version
api-change:efs: Update efs command to latest version
api-change:devicefarm: Update devicefarm command to latest version
api-change:worklink: Update worklink command to latest version
api-change:rds: Update rds command to latest version
1.16.163
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:datasync: Update datasync command to latest version
1.16.162
api-change:kafka: Update kafka command to latest version
api-change:mediapackage-vod: Update mediapackage-vod command to latest version
api-change:meteringmarketplace: Update meteringmarketplace command to latest version
1.16.161
api-change:appstream: Update appstream command to latest version
1.16.160
api-change:medialive: Update medialive command to latest version
api-change:s3: Update s3 command to latest version
1.16.159
api-change:ec2: Update ec2 command to latest version
api-change:codepipeline: Update codepipeline command to latest version
api-change:rds: Update rds command to latest version
api-change:transcribe: Update transcribe command to latest version
api-change:mediapackage: Update mediapackage command to latest version
1.16.158
api-change:storagegateway: Update storagegateway command to latest version
api-change:comprehend: Update comprehend command to latest version
api-change:chime: Update chime command to latest version
api-change:ec2: Update ec2 command to latest version
1.16.157
api-change:datasync: Update datasync command to latest version
api-change:lambda: Update lambda command to latest version
api-change:iotanalytics: Update iotanalytics command to latest version
1.16.156
api-change:glue: Update glue command to latest version
api-change:sts: Update sts command to latest version
1.16.155
api-change:sagemaker: Update sagemaker command to latest version
api-change:kinesisanalytics: Update kinesisanalytics command to latest version
api-change:eks: Update eks command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:kinesisanalyticsv2: Update kinesisanalyticsv2 command to latest version
1.16.154
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:storagegateway: Update storagegateway command to latest version
api-change:ssm: Update ssm command to latest version
api-change:appsync: Update appsync command to latest version
1.9.168
api-change:appmesh: [botocore] Update appmesh client to latest version
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:guardduty: [botocore] Update guardduty client to latest version
1.9.167
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
1.9.166
api-change:sagemaker: [botocore] Update sagemaker client to latest version
1.9.165
api-change:codebuild: [botocore] Update codebuild client to latest version
api-change:personalize-runtime: [botocore] Update personalize-runtime client to latest version
api-change:codecommit: [botocore] Update codecommit client to latest version
api-change:personalize-events: [botocore] Update personalize-events client to latest version
api-change:personalize: [botocore] Update personalize client to latest version
1.9.164
api-change:ec2: [botocore] Update ec2 client to latest version
1.9.163
api-change:ecs: [botocore] Update ecs client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
api-change:logs: [botocore] Update logs client to latest version
api-change:dynamodb: [botocore] Update dynamodb client to latest version
api-change:guardduty: [botocore] Update guardduty client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ses: [botocore] Update ses client to latest version
api-change:mediaconnect: [botocore] Update mediaconnect client to latest version
1.9.162
api-change:glue: [botocore] Update glue client to latest version
1.9.161
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:s3: [botocore] Update s3 client to latest version
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:iam: [botocore] Update iam client to latest version
1.9.160
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:rds: [botocore] Update rds client to latest version
1.9.159
api-change:iotevents-data: [botocore] Update iotevents-data client to latest version
api-change:iotevents: [botocore] Update iotevents client to latest version
api-change:pinpoint-email: [botocore] Update pinpoint-email client to latest version
api-change:iotanalytics: [botocore] Update iotanalytics client to latest version
api-change:codecommit: [botocore] Update codecommit client to latest version
api-change:rds-data: [botocore] Update rds-data client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:kafka: [botocore] Update kafka client to latest version
1.9.158
api-change:ssm: [botocore] Update ssm client to latest version
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:iotthingsgraph: [botocore] Update iotthingsgraph client to latest version
api-change:dlm: [botocore] Update dlm client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.9.157
api-change:groundstation: [botocore] Update groundstation client to latest version
api-change:transcribe: [botocore] Update transcribe client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:waf: [botocore] Update waf client to latest version
api-change:pinpoint-email: [botocore] Update pinpoint-email client to latest version
api-change:robomaker: [botocore] Update robomaker client to latest version
api-change:sts: [botocore] Update sts client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
1.9.156
api-change:mediastore-data: [botocore] Update mediastore-data client to latest version
api-change:codedeploy: [botocore] Update codedeploy client to latest version
api-change:opsworkscm: [botocore] Update opsworkscm client to latest version
1.9.155
api-change:waf-regional: [botocore] Update waf-regional client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.9.154
api-change:efs: [botocore] Update efs client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:apigateway: [botocore] Update apigateway client to latest version
api-change:worklink: [botocore] Update worklink client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:devicefarm: [botocore] Update devicefarm client to latest version
api-change:budgets: [botocore] Update budgets client to latest version
1.9.153
api-change:datasync: [botocore] Update datasync client to latest version
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
1.9.152
api-change:kafka: [botocore] Update kafka client to latest version
api-change:meteringmarketplace: [botocore] Update meteringmarketplace client to latest version
api-change:mediapackage-vod: [botocore] Update mediapackage-vod client to latest version
1.9.151
api-change:appstream: [botocore] Update appstream client to latest version
1.9.150
api-change:medialive: [botocore] Update medialive client to latest version
api-change:s3: [botocore] Update s3 client to latest version
1.9.149
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:transcribe: [botocore] Update transcribe client to latest version
api-change:mediapackage: [botocore] Update mediapackage client to latest version
api-change:codepipeline: [botocore] Update codepipeline client to latest version
enhancement:Environment Variables: [botocore] Ignore env var credentials is values are empty
api-change:rds: [botocore] Update rds client to latest version
1.9.148
api-change:comprehend: [botocore] Update comprehend client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.9.147
api-change:datasync: [botocore] Update datasync client to latest version
api-change:iotanalytics: [botocore] Update iotanalytics client to latest version
api-change:lambda: [botocore] Update lambda client to latest version
1.9.146
api-change:glue: [botocore] Update glue client to latest version
api-change:sts: [botocore] Update sts client to latest version
1.9.145
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:eks: [botocore] Update eks client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:kinesisanalytics: [botocore] Update kinesisanalytics client to latest version
api-change:kinesisanalyticsv2: [botocore] Update kinesisanalyticsv2 client to latest version
1.9.144
api-change:appsync: [botocore] Update appsync client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
1.12.168
api-change:appmesh: Update appmesh client to latest version
api-change:elasticache: Update elasticache client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:guardduty: Update guardduty client to latest version
1.12.167
api-change:servicecatalog: Update servicecatalog client to latest version
1.12.166
api-change:sagemaker: Update sagemaker client to latest version
1.12.165
api-change:codebuild: Update codebuild client to latest version
api-change:personalize-runtime: Update personalize-runtime client to latest version
api-change:codecommit: Update codecommit client to latest version
api-change:personalize-events: Update personalize-events client to latest version
api-change:personalize: Update personalize client to latest version
1.12.164
api-change:ec2: Update ec2 client to latest version
1.12.163
api-change:ecs: Update ecs client to latest version
api-change:organizations: Update organizations client to latest version
api-change:logs: Update logs client to latest version
api-change:dynamodb: Update dynamodb client to latest version
api-change:guardduty: Update guardduty client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ses: Update ses client to latest version
api-change:mediaconnect: Update mediaconnect client to latest version
1.12.162
api-change:glue: Update glue client to latest version
1.12.161
api-change:ec2: Update ec2 client to latest version
api-change:storagegateway: Update storagegateway client to latest version
api-change:s3: Update s3 client to latest version
api-change:elasticache: Update elasticache client to latest version
api-change:iam: Update iam client to latest version
1.12.160
api-change:ec2: Update ec2 client to latest version
api-change:rds: Update rds client to latest version
1.12.159
api-change:iotevents-data: Update iotevents-data client to latest version
api-change:iotevents: Update iotevents client to latest version
api-change:pinpoint-email: Update pinpoint-email client to latest version
api-change:iotanalytics: Update iotanalytics client to latest version
api-change:codecommit: Update codecommit client to latest version
api-change:rds-data: Update rds-data client to latest version
api-change:rds: Update rds client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:kafka: Update kafka client to latest version
1.12.158
api-change:ssm: Update ssm client to latest version
api-change:securityhub: Update securityhub client to latest version
api-change:iotthingsgraph: Update iotthingsgraph client to latest version
api-change:dlm: Update dlm client to latest version
api-change:rds: Update rds client to latest version
api-change:ec2: Update ec2 client to latest version
1.12.157
api-change:groundstation: Update groundstation client to latest version
api-change:transcribe: Update transcribe client to latest version
api-change:chime: Update chime client to latest version
api-change:rds: Update rds client to latest version
api-change:waf: Update waf client to latest version
api-change:pinpoint-email: Update pinpoint-email client to latest version
api-change:robomaker: Update robomaker client to latest version
api-change:sts: Update sts client to latest version
api-change:storagegateway: Update storagegateway client to latest version
1.12.156
api-change:mediastore-data: Update mediastore-data client to latest version
api-change:codedeploy: Update codedeploy client to latest version
api-change:opsworkscm: Update opsworkscm client to latest version
1.12.155
api-change:waf-regional: Update waf-regional client to latest version
api-change:ec2: Update ec2 client to latest version
1.12.154
api-change:efs: Update efs client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:apigateway: Update apigateway client to latest version
api-change:worklink: Update worklink client to latest version
api-change:rds: Update rds client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:devicefarm: Update devicefarm client to latest version
api-change:budgets: Update budgets client to latest version
1.12.153
api-change:datasync: Update datasync client to latest version
api-change:alexaforbusiness: Update alexaforbusiness client to latest version
1.12.152
api-change:kafka: Update kafka client to latest version
api-change:meteringmarketplace: Update meteringmarketplace client to latest version
api-change:mediapackage-vod: Update mediapackage-vod client to latest version
1.12.151
api-change:appstream: Update appstream client to latest version
1.12.150
api-change:medialive: Update medialive client to latest version
api-change:s3: Update s3 client to latest version
1.12.149
api-change:ec2: Update ec2 client to latest version
api-change:transcribe: Update transcribe client to latest version
api-change:mediapackage: Update mediapackage client to latest version
api-change:codepipeline: Update codepipeline client to latest version
enhancement:Environment Variables: Ignore env var credentials is values are empty
api-change:rds: Update rds client to latest version
1.12.148
api-change:comprehend: Update comprehend client to latest version
api-change:chime: Update chime client to latest version
api-change:storagegateway: Update storagegateway client to latest version
api-change:ec2: Update ec2 client to latest version
1.12.147
api-change:datasync: Update datasync client to latest version
api-change:iotanalytics: Update iotanalytics client to latest version
api-change:lambda: Update lambda client to latest version
1.12.146
api-change:glue: Update glue client to latest version
api-change:sts: Update sts client to latest version
1.12.145
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:eks: Update eks client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:kinesisanalytics: Update kinesisanalytics client to latest version
api-change:kinesisanalyticsv2: Update kinesisanalyticsv2 client to latest version
1.12.144
api-change:appsync: Update appsync client to latest version
api-change:storagegateway: Update storagegateway client to latest version
api-change:ssm: Update ssm client to latest version
api-change:alexaforbusiness: Update alexaforbusiness client to latest version
Changelog:
Knot DNS 2.8.2 (2019-06-05)
===========================
Features:
---------
- New blocking mode for zone event triggers in knotc
- New weighted records mode in the module geoip (Thanks to Conrad Hoffmann)
- Module noudp allows UDP allow rate configuration
Improvements:
-------------
- NSEC3 salt lifetime can be set to infinity
- New 'running' zone event status in the knotc output
- Knotc in the forced mode returns failure also if zone check emits any warning
- Ignoring PMTU information for IPv4/UDP via IP_PMTUDISC_OMIT (Thanks to Daisuke Higashi)
- Various improvements in the documentation
Bugfixes:
---------
- Broken setting of CPU affinity for UDP workers
- Unexpected results with the geoip subnet mode
- Sometimes insufficient zone adjusting
- Incoherent DNSKEY RRSIG lifetimes in SKR
- Confusing output from keymgr if an error occurs during KSR generation
- Non-functional changeset history depth limitation in kjournalprint
- Wrong processing of multiple $INCLUDE directives #646
Changelog:
4.2.0
================
FEATURES:
- Print IP address when bind socket fails with error.
- Fix#4249: The option hide-identity: yes stops NSD from responding
with the hostname for chaos class queries. Implements the RFC4829
security considerations.
- Patch to add support for TCP Fast Open, from Sara
Dickinson (Sinodun).
- Patch to add support for tls service on a specified tls port,
from Sara Dickinson (Sinodun).
- Use travis for build check, initial unit test and clang analysis.
BUG FIXES:
- Fix to delete unused zparser.default_apex member.
- Fix that the TLS handshake routine sets the correct event to
continue when done.
- Fix that TLS renegotiation calls the read and write routines again
with the same parameters when the desired event has been satisfied.
- Fix that TCP Fastopen has better error message and supports OSX.
- Fix to avoid buffer alloc with global buffer in tls write handler.
- Fix to initialize event structure when accepting TCP connection.
- Disable TLS1.0, TLS1.1 and weak ciphers, enable
CIPHER_SERVER_PREFERENCE, patch from Andreas Schulze.
- further setup ssl ctx after the keys are loaded, for ECDH.
- TLS OCSP stapling support, enabled with tls-service-ocsp: filename,
patch from Andreas Schulze.
- Fix#10: Fix memory leaks caused by duplicate rr and include
instructions.
- Fix to define _OPENBSD_SOURCE to get reallocarray on NetBSD.
4.1.27
================
FEATURES:
- Deny ANY with only one RR in response, by default. Patch from
Daisuke Higashi. The deny-any statement in nsd.conf sets ANY
queries over UDP to be further moved to TCP as well.
Also no additional section processing for type ANY, reducing
the response size.
- Fix#4215: on-the-fly change of TSIG keys with patch from Igor, adds
nsd-control print_tsig, update_tsig, add_tsig, assoc_tsig
and del_tsig. These changes are gone after reload, edit the
config file (or a file included from it) to make changes that
last after restart.
BUG FIXES:
- Fix#4213: disable-ipv6 and dnstap compile error.
- Fix to reduce region_log_stats if condition, this removes a
debug statement.
- Fix for FreeBSD port with dnstap enabled.
- Fix to remove unused code.
- Fix#6: nsd-control-setup: Change validity time to a shorter
period (<2038).
- Fix unused definition in header remote.h.
- Fix#4236: IPV4_MINIMAL_RESPONSE_SIZE=1480 is slightly too big.
- Fix#4235: IP_PMTUDISC_OMIT on IPv4/UDP sockets.
- Fixed radtree_insert memory leak.
- Fixed access recycled variable.
1.8.20
- BUG/MAJOR: listener: Make sure the listener exist before using it.
- BUG/MINOR: listener: keep accept rate counters accurate under saturation
- BUG/MEDIUM: logs: Only attempt to free startup_logs once.
- BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees()
- BUG/MINOR: ssl: fix warning about ssl-min/max-ver support
- MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API.
- BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes
- BUG/MAJOR: spoe: Fix initialization of thread-dependent fields
- BUG/MAJOR: stats: Fix how huge POST data are read from the channel
- BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts
- BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites
- DOC: The option httplog is no longer valid in a backend.
- BUG/MAJOR: checks: segfault during tcpcheck_main
- BUILD: makefile: work around an old bug in GNU make-3.80
- MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf()
- BUILD: makefile: fix build of IPv6 header on aix51
- BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51
- BUILD: Makefile: disable shared cache on AIX 5.1
- BUG/MINOR: cli: correctly handle abns in 'show cli sockets'
- MINOR: cli: start addresses by a prefix in 'show cli sockets'
- BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release.
- BUILD: use inttypes.h instead of stdint.h
- BUILD: connection: fix naming of ip_v field
- BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
- BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream
- BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages
- BUG/MINOR: threads: fix the process range of thread masks
- MINOR: lists: Implement locked variations.
- BUG/MEDIUM: lists: Properly handle the case we're removing the first elt.
- BUG/MEDIUM: list: fix the rollback on addq in the locked liss
- BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer
- BUG/MEDIUM: list: add missing store barriers when updating elements and head
- MINOR: list: make the delete and pop operations idempotent
- BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element
- BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED
- BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED()
- MAJOR: listener: do not hold the listener lock in listener_accept()
- BUG/MEDIUM: listener: use a self-locked list for the dequeue lists
- BUG/MEDIUM: listener: make sure the listener never accepts too many conns
- BUILD/MINOR: listener: Silent a few signedness warnings.
- MINOR: skip get_gmtime where tm is unused
- BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
- BUG/MEDIUM: maps: only try to parse the default value when it's present
- BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
- BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules
- BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
- BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
- BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler
1.8.19
- DOC: ssl: Clarify when pre TLSv1.3 cipher can be used
- DOC: ssl: Stop documenting ciphers example to use
- BUG/MINOR: spoe: do not assume agent->rt is valid on exit
- BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
- BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
- BUG/MEDIUM: server: initialize the idle conns list after parsing the config
- BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
- BUG/MAJOR: stream: avoid double free on unique_id
- BUG/MINOR: config: Reinforce validity check when a process number is parsed
1.8.18
- DOC: http-request cache-use / http-response cache-store expects cache name
- BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key
- BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
- DOC: Be a bit more explicit about allow-0rtt security implications.
- BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
- BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH
- BUG/MINOR: backend: balance uri specific options were lost across defaults
- BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit
- BUG/MINOR: stick_table: Prevent conn_cur from underflowing
- BUG/MINOR: server: don't always trust srv_check_health when loading a server state
- BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk()
- BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
- DOC: mention the effect of nf_conntrack_tcp_loose on src/dst
- MINOR: h2: add a bit-based frame type representation
- MINOR: h2: declare new sets of frame types
- BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY
- BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error
- BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream
- BUG/MINOR: hpack: return a compression error on invalid table size updates
- DOC: nbthread is no longer experimental.
- BUG/MINOR: spoe: corrected fragmentation string size
- BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit
- SCRIPTS: add the slack channel URL to the announce script
- SCRIPTS: add the issue tracker URL to the announce script
- BUG/MINOR: stream: don't close the front connection when facing a backend error
- MINOR: xref: Add missing barriers.
- BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
- BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
- BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
- BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection
- MINOR: stream-int: expand the flags to 32-bit
- MINOR: stream-int: add a new flag to mention that we want the connection to be killed
- MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection
- BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
- BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
- BUG/MINOR: config: fix bind line thread mask validation
- BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
- BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes
- BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
pkgsrc changes:
- Add options.mk in order to be able to select between `gnutls' and
`openssl'. However, no defaults are changed: `openssl' is
considered experimental by upstream at the moment.
- Remove dependency to mozilla-rootcerts (default gnutls/openssl
certificates are now honored instead, should be part of
Makefile,-r1.41 commit, sorry!)
Changes:
2.60.3
======
- Fix clobbering of the thread-default main context after certificate
verification failure during async handshakes since 2.60.1 (#85)
- Fix GTlsDatabase initialization failures in OpenSSL backend due to
uninitialized memory use
- Fix minor leak of ALPN protocols
2.60.2
======
- OpenSSL backend now defaults to system trust store (#62)
- Fix client auth failure error with GnuTLS 3.6.7 (#70)
As of version 3.41, Filezilla now requires 64-bit atomic integer ops,
handle accordingly. (XXX: Filezilla will presumably also break on other
architectures as a result, e.g. macppc.)
2.60.1 - April 1, 2019
======================
- Improve reliability of client auth failure tests (#66)
- Fix excessive CPU usage after sync handshake (#69)
2.60.0.1 - March 12, 2019
=========================
- Fix build with OpenSSL pkg-config unavailable (Nirbheek Chauhan)
2.60.0 - March 11, 2019
=======================
This is the first stable release featuring the new OpenSSL backend. Please be
advised that this new backend is still experimental and known to not work on
some systems, including Debian. Linux distributions are encouraged to stick to
the default build options, where OpenSSL is not yet enabled.
- Fix build with GnuTLS disabled (Nirbheek Chauhan)
- Fix build on Windows (Chun-Wei Fan)
2.59.92 - March 4, 2019
=======================
- Many OpenSSL backend fixes for Windows (Nirbheek Chauhan)
- GnuTLS: reject sync operations during handshake to avoid deadlocks (#46)
- Temporarily disable DTLS and OpenSSL tests due to #49 and #54
2.59.91 - February 18, 2019
===========================
- Update OpenSSL SSL struct when certificate is changed (#55, Fredrik Ternerot)
- Fix tests build when GnuTLS is disabled (#59)
- Remove Fedora-specific PROFILE=SYSTEM default cipher list (#61)
- Fix some problems with the connection tests (Fredrik Ternerot)
2.59.90 - February 4, 2019
==========================
This release adds an OpenSSL backend, obsoleting the glib-openssl project.
Credit to all the contributors to the glib-openssl project, especially
Ignacio Casal Quinteiro. Also thanks to Xavier Claessens for helping with the
transition.
The OpenSSL backend seems to be mature, though it is less well-tested for
desktop usage than the GnuTLS backend. It will remain disabled by default at
build time due to the GPL-incompatible nature of the OpenSSL license -- and the
GPLv2-incompatible nature of the Apache license that will be used by future
versions of OpenSSL -- and because the GnuTLS backend is sufficient for Linux
distros.
Use the OpenSSL backend if you are building an embedded system where
(GPLv2+ or LGPLv3+) dependencies are unacceptable (e.g. nettle or GMP, both
dependencies of GnuTLS) and you are OK with the GPL-incompatible OpenSSL
license. If the OpenSSL backend is enabled at build time, you should probably
disable build of the GnuTLS backend, or it will take precedence over the OpenSSL
backend at runtime. For example, you could configure with:
$ mkdir build && cd build
$ meson -Dgnutls=disabled -Dopenssl=enabled ..
2.59.2 - January 7, 2019
========================
- Add support for application layer protocol negotiation (#47, Scott Hutton)
2.59.1 - November 11, 2018
==========================
This release removes the gnutls-pkcs11 backend, which was disabled in 2.57.2,
due to lack of any feedback whatsoever regarding its disablement. If you think
it is still useful to you, given that the normal gnutls backend now supports
PKCS#11, speak up now.
This release also includes several changes to properly support TLS 1.3.
Other changes:
- Perform certificate verification during, not after, TLS handshake
- Dramatically improve the reliability of the non-DTLS tests. (DTLS is still having problems.)
- Regenerate test certificates to prepare for OpenSSL support
- Several meson build system improvements to prepare for OpenSSL support
2.58.0 - September 2, 2018
==========================
- Updated translations
2.57.92 - August 27, 2018
=========================
- Revert fixes for #4 and #6 due to regression (#43)
- Fix installed tests (Sébastien Bacher, !7)
2.57.90 - August 12, 2018
=========================
- Properly check for server errors in connection tests (#4)
- Perform certificate verification during, not after, TLS handshake (#6)
- Avoid trailing dots in SNI hostnames (#11)
- Send fallback SCSV with fallback connection attempts
- Fail unsafe rehandshake attempts initiated by API request
2.57.3 - July 16, 2018
======================
- Fix memory leaks when calling g_tls_connection_gnutls_get_certificate()
- Use .so for modules on macOS instead of dylib (Nirbheek Chauhan)
- Fix build with MSVCC (Nirbheek Chauhan)
2.57.2 - May 21, 2018
=====================
This release disables build of the gnutls-pkcs11 backend by default. Please
direct any complaints to https://gitlab.gnome.org/GNOME/glib-networking/issues/7
- Several meson build system improvements
(#794978, #795043, and #795982, Xavier Claessens and Nirbheek Chauhan)
2.57.1 - April 16, 2018
=======================
- Use GnuTLS system trust and remove build option to specify cert bundle (#753260)
- Fix criticals when child streams outlast the parent GTlsConnection (#792219)
- Fix crash when setting client cert without private key (#793712)
- Update tests for compatibility with GnuTLS 3.6.2 (#794286)
- Never install GIO modules outside build prefix (#794358)
- Don't install test files if installed tests are disabled (#794372)
- Fix build with -Dpkcs11=false (#794292, Tom Schoonjans)
- Allow building as meson subproject (#794709, Mathieu Duponchelle)
- g_tls_certificate_verify() no longer manually verifies certificate
activation/expiration time, matching the current behavior of
g_tls_database_verify_chain().
0.7.0:
[ENHANCEMENT] Multiprocess exposition speed boost
[ENHANCEMENT] optimize openmetrics text parsing (~4x perf)
[ENHANCEMENT] Add python3.7 support
[ENHANCEMENT] Change exemplar length limit to be only for label names+values
[BUGFIX] Disable gcCollector for pypy
At least on RT 4 blank lines can be present at the end of the search response,
backport upstream commit bb07009c4f62dd2ac393aab82fded6424eead82f to address
that.
Bump PKGREVISION
1.22.1 - 2019-06-03
- Fix segfault with ADC client connections
1.22 - 2019-04-30
- Add 'b' and 'B' keys to connections tab (Daniel Kamil Kozar)
- Add 'max_ul_per_user' setting to support multiple upload slots per user (Daniel Kamil Kozar)
- Add support for TLS ALPN (Denys Smirnov)
- Fix build against ncurses with separate libtinfo (Lars Wendler)
* Version 2.0.25
- The example IP address for network probes didn't work on Windows.
The example configuration file has been updated and the fallback
resolver IP is now used when no netprobe address has been configured.
* Version 2.0.24
- The query log now includes the time it took to complete the
transaction, the name of the resolver that sent the response and if
the response was served from the cache. Thanks to Ferdinand Holzer for
his help!
- The list of resolvers, sorted by latency, is now printed after all
the resolvers have been probed.
- The "fastest" load-balancing strategy has been renamed to "first".
- On Windows, a nul byte is sent to the netprobe address. This is
required to check for connectivity on this platform. Thanks to Mathias
Berchtold.
- The Malwaredomainlist URL was updated to directly parse the host
list. Thanks to Encrypted.Town.
- The Python script to generate lists of blacklisted domains is now
compatible both with Python 2 and Python 3. Thanks to Simon R.
- A warning is now displayed for DoH is requested but the server
doesn't speak HTTP/2.
- A crash with loaded-balanced sets of cloaked names was fixed.
Thanks to @inkblotadmirer for the report.
- Resolvers are now tried in random order to avoid favoring the first
ones at startup.
Note that mongodb does not build, and hence this was tested with mongodb 3.4.4.
This is a minor update, from .23. Upstream does not apear to publish
change information, and this is opaque proprietary software.
3.2.6:
Added provider specific dependency to setup.py
Futher pylint and python3 import
Pylint
Add gratisdns provider
3.2.5:
Update appveyor.yml
Update test_route53.py
Update CONTRIBUTING.md
Fix configuration of route53 tests
Update test running instructions to include top-level directory
Fix line too long
Use the logger.warning instead of the logger.warn shortcut
Skip dnsimple accounts without a plan
upstream changes:
-----------------
Bugfixes
#4613: Progress emitter doesn't start from config change if disabled at startup
#5338: Version restore not possible with custom versioning path set
#5421: WebGui: Locally Changed Items vanish when clicking 10|25|50
#5578: Filesystem watcher error when watching disk root directory on Windows
#5641: Syncthing gets stuck in a high CPU "Failed Files" state - Possibly a symlink issue?
#5649: Checking block content on unexpected request results doesn't work for the last block
#5654: Incorrect file info passed as argument to delete existing dir/symlink
#5704: Failure to fsync() files should not be fatal
Enhancements
#1634: Use copy instead of rename for version folder on other file systems
#4531: GUI folder/device status rows should handle longer values nicer
#4586: Versioner file tagging is inconsistent
#4631: In-GUI restoration should be possible from trashcan versioner
#5419: File versioning across drives
#5659: Old sync errors should not linger while retrying
Other issues
#5505: Leaking goroutines through model and leveldb
#5706: Spurious test failures on Windows
v1.10.2-stable
==============
Bug fixes:
- #6495 Event queue memory leak in server cleanup
- #6471 Unable to stop core retry loop in config app
- #6460 TLS memory leak on Linux server when using client
- #6407 Enterprise config app shows auto-config elements
- #6403 Mouse cursor movement drifts over time
- #6392 Hostname alert shows unnecessarily on every open
- #6373 Compile fails on BSD Unix with dl error
Enhancements:
- #6485 Readme for master branch with download help
- #6475 Change master branch to current version
- #6470 CI solution with on-demand containers
- #6397 Remember last server used in Auto Config
- #6375 Support for Qt 5.11 framework on Windows
1.3.2
This new version adds better compilation compatibility with a wider
range of system versions and improvements to the whitelist extension
(acl_wl).
Note: 1.3.1 was exactly the same as 1.3.0 but fixes a version number
problem only...
Changes:
1.8.5
-----
### Additions
- Support for
- `keenspot` (#223)
- `sankakucomplex` (#258)
- `folders` option for `deviantart` to add a list of containing folders to
each file's metadata (#276)
- `captcha` option for `kissmanga` and `readcomiconline` to control CAPTCHA
handling (#279)
- `filename` metadata for files downloaded with youtube-dl (#291)
### Changes
- Adjust `wallhaven` extractors to new page layout:
- use API and add `api-key` option
- removed traditional login support
- Provide original filenames for `patreon` downloads (#268)
- Use e-hentai.org or exhentai.org depending on input URL (#278)
### Fixes
- Fix pagination over `sankaku` popular listings (#265)
- Fix folder and collection extraction on `deviantart` (#271)
- Detect "AreYouHuman" redirects on `readcomiconline` (#279)
- Miscellaneous fixes for `hentainexus`, `livedoor`, `ngomik`
rt allows you to interact with an RT server over HTTP, and offers
an interface to RT's functionality that is better-suited to automation
and integration with other tools.
Release v1.21.2
This is the 1.21.2 patch release for the PHP extension only. Please do not use this release for other language.
PkgSrc:
Fix linking with c-ares.
pypiserver is a minimal PyPI compatible server for pip or easy_install. It is
based on bottle and serves packages from regular directories. Wheels, bdists,
eggs and accompanying PGP-signatures can be uploaded either with pip,
setuptools, twine, pypi-uploader, or simply copied with scp.
freediameter (1.3.0)
Many thanks to Thomas Klausner for his contribution of several important extensions.
freediameter (1.2.1) UNRELEASED; urgency=low
* New extension: rt_randomize (load-balancing on possible destinations)
* New contrib: Gx extension.
* rt_redirect.fdx and rt_load_balance.fdx improvement: use a hash table. Thanks Thomas.
* New hook HOOK_MESSAGE_SENDING to give a last chance to edit messages before they are sent.
This will be mostly used for enforcing interoperability constraints on non-compliant peers.
* Simplified log output. Old output can be recovered with DEBUG_WITH_META build option.
* Updated the internal counters for finer control on the load.
* Fixes in message expiry mechanism.
* Bug fixes in error messages generation and various parts.
* Improvements on shutdown sequence handling.
* Improvements to the dict_dcca_* extensions.
* Improved default CMake configuration.
* Improved build for MacOSX
* Fixes for a few newer operating systems compatibility.
* Fixed default secure Diameter port number 5868 instead of5658 (errata of RFC 6733)
-- Sebastien Decugis <sdecugis@freediameter.net> Sat, 30 Jan 2016 23:38:03 +0800
Release v1.21.1
This is the 1.21.1 patch release of gRPC Core. This patch is for gRPC-Python only. gRPC Python pkgs for 1.21.0 release could not be uploaded to PyPi due to the issue 19105.
Release v1.21.1
This is the 1.21.1 patch release of gRPC Core. This patch is for gRPC-Python only. gRPC Python pkgs for 1.21.0 release could not be uploaded to PyPi.
pkgsrc changes:
- pull upstream patch for ticket #1323
(insert newline to each attached image URL)
Upstream changelog:
mikutter 3.8.8
* <>& in Twitter messages are not converted from HTML entity references
* thanks cob odo
* keep world account settings even if restoring account fails
on loading the world
* pluggaloid 1.1.2
3.42.1 (2019-06-08)
- OS X: Fix a compatibility issue with macOS 10.13
3.42.0 (2019-05-02)
- Fixed a potential crash if the first-launch welcome dialog is shown at an inopportune moment
- Fixed display of subject and issuer details in the certificate verification dialogs with some certificates
- Official binaries are now built againt GnuTLS 3.6.7, minimum required GnuTLS version to build FileZilla is now 3.5.7
3.42.0-rc1 (2019-04-26)
- Switching from using a master password to not saving passwords at all no longer requires entering the master password
- *nix: Fixed support for internationalized domain names on systems having AI_IDN when using SFTP
- Fixed an assertion after importing a manipulated queue file
- When importing sites, any imported passwords are now immediately protected/deleted depending on the password protection settings
- The ability to import Site Manager entries from antique FileZilla 2, last updated over a dozen years ago, has been removed
3.42.0-beta1 (2019-04-21)
- Building and running FileZilla now depends on libfilezilla >= 0.16.0 (https://lib.filezilla-project.org/)
- Limit the maximum length of site, bookmark and filter names to prevent display issues and crashes due to some operating systems badly handling long texts
- When displaying message boxes, insert zero-width spaces into long unbroken words to prevent display issues and crashes due to some operating systems badly handling long texts
- Fix crash in the external IP address resolver
- Fix some assertions if a server sends bad file sizes
- Large refactoring of the socket code
- The thread pool from libfilezilla is now used for all worker threads
ok gdt
Bugfixes
#5332: Duplicate Files Names in Out of Sync List
#5456: Folder marked as "Up to Date" with failed items
#5578: Filesystem Watcher Error on v1.1.0
#5624: Simple Syncthing invocations take a long time to run
#5676: Systemd circular dependency prevents startup
#5531: Flush to database based on size instead of entries
#5571: Dir/symlink updates overwrite conflicts & unscanned files
#5599: Default folder in v1.1.0 isn’t created with useLargeBlocks = true
#5482: minHomeDiskFreePct is still present in fresh configs
#5493: Monitor bug: TERM signaling not passed to syncthing process
#5557: Hashing performance degradation when using large blocks
Enhancements
#1223: Mention license in "About" dialog
#5554: Unnecessary time precision in pendingFolder/pendingDevice config entries
#4921: Syncthing should guard against running old versions with new config
#5065: Add support for TLS1.3
#5346: Systemd unit should declare after=multiuser.target
#5560: Change "Introduced by" icon
#5569: Outdated copyright notes in "About" dialog
#5365: .desktop files: desktop-entry-lacks-keywords-entry
#5445: User/group ownership following parent dir
Other issues:
#1101: Syncthing has no easter eggs
#5480: Better describe exposed volumes in our Docker image
#5077: TestWatchIgnore is flaky (OpenBSD (-current) Test failed)
#5246: TestParentDeletion fails on OpenBSD
#5311: Update prometheus/common/expfmt to pass tests on go1.11
#5454: build.go setup problems with gomodules
#5495: Dockerhub Docker builds fail continously
#5515: Missing string from Transifex
API Changes
Change #5479 introduces the new copyOwnershipFromParent folder
configuration option. The default, false, matches the old behavior of
not copying ownership information.
Since change #5405, large (variable size) blocks are enabled by default for newly created folders.
3.0.2:
What’s New
• The Windows installers now ship with Qt 5.12.3. They previously
shipped with Qt 5.12.1.
• The Windows installers now ship with Npcap 0.995. They previously
shipped with Npcap 0.992.
• The macOS packages are now notarized[1].
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2019-19[2] Wireshark dissection engine crash. Bug
15778[3].
The following bugs have been fixed:
• Add (IETF) QUIC Dissector. Bug 13881[4].
• Wireshark Hangs on startup initializing external capture plugins.
Bug 14657[5].
• [oss-fuzz] ERROR: Adding ospf.v3.prefix.options.nu would put more
than 1000000 items in the tree — possible infinite loop. Bug
14978[6].
• Wireshark can call extcap with empty multicheck argument. Bug
15065[7].
• CMPv2 KUR message disection gives unexpected value for
serialNumber under OldCertId fields. Bug 15154[8].
• "(Git Rev Unknown from unknown)" in version string for official
tarball. Bug 15544[9].
• External extcap does not get all arguments sometimes. Bug
15586[10].
• Help file doesn’t display for extcap interfaces. Bug 15592[11].
• Buildbot crash output: randpkt-2019-03-14-4670.pcap. Bug
15604[12].
• Building only libraries on windows fails due to CLEAN_C_FILES
empty. Bug 15662[13].
• Statistics→Conversations→TCP→Follow Stream - incorrect behavior.
Bug 15672[14].
• Wrong NTP timestamp for RTCP XR RR packets (hf_rtcp_xr_timestamp
field). Bug 15687[15].
• ws_pipe: leaks pipe handles on errors. Bug 15689[16].
• Build issue in Wireshark - 3.0.1 on RHEL6. Bug 15706[17].
• ISAKMP: Segmentation fault with non-hex string for IKEv1
Decryption Table Initiator Cookie. Bug 15709[18].
• extcap: non-boolean call arguments can be appended without value
on selector Reload. Bug 15725[19].
• Incorrectly interpreted format of MQTT PUBLISH payload data. Bug
15738[20].
• print.c: Memory leak in ek_check_protocolfilter. Bug 15758[21].
• IETF QUIC dissector incorrectly parses retry packet. Bug
15764[22].
• Bacnet(app): fix wrong value for id 183 (logging-device →
logging-object). Bug 15767[23].
• The SMB2 code to look up decryption keys by session ID assumes
it’s running on a little-endian machine. Bug 15772[24].
• tshark -G folders leaves mmdbresolve process behind. Bug
15777[25].
• Dissector bug, protocol TLS - failed assertion "data". Bug
15780[26].
• WSMP : header_opt_ind field is not correctly set.
Release v1.21.0
Core
Service Config Changes to set channel in transient failure on invalid service config.
Add a backup poller to c-ares resolver to take better advantage of c-ares query timeout/retry logic.
Pass WSA_FLAG_NO_HANDLE_INHERIT flag to the WSASocketA() to avoid handle leaking on the Windows in case of using CreateProcess() on the server.
Add fallback-at-startup into xds.
Retire the GRPC_ARENA_INIT_STRATEGY env variable.
Fix gevent segfault with C-Ares as DNS resolver.
Explicitly call getsockname after accept for unix sockets to get the sun_path.
RBE Windows c-core build.
Loosen the dependency on the googleapis-common-protos-types gem.
pick_first: don't go into TRANSIENT_FAILURE upon empty update when in IDLE.
Add guard to the tv_nsec field of gpr_now return value.
Re-enable ALPN check in gRPC C core SSL stack.
C++
Global config variables migration.
Make cc_grpc_library compatible with native proto_library and cc_proto_library rules.
Add alarm in callback streaming test.
Make C++ Channel Interceptors work for lame channels.
libnice 0.1.16 (2019-05-09)
===========================
Add API to make it easier to implement ICE trickle
Add async closing of agent, to cleanly close TURN allocations
Add Google non-standard NOMINATION STUN attribute
Fix tests on Windows
Fix some racy tests
pkgsrc change: remove "USE_CWRAPPERS=no".
--- 9.14.2 released ---
5233. [bug] Negative trust anchors did not work with "forward only;"
to validating resolvers. [GL #997]
5231. [protocol] Add support for displaying CLIENT-TAG and SERVER-TAG.
[GL #960]
5229. [protocol] Enforce known SSHFP fingerprint lengths. [GL #852]
5228. [cleanup] If trusted-keys and managed-keys are configured
simultaneously for the same name, the key cannot
be rolled automatically. This configuration now
logs a warning. [GL #868]
5224. [bug] Only test provide-ixfr on TCP streams. [GL #991]
5223. [bug] Fixed a race in the filter-aaaa plugin accessing
the hash table. [GL #1005]
5222. [bug] 'delv -t ANY' could leak memory. [GL #983]
5221. [test] Enable parallel execution of system tests on
Windows. [GL !4101]
5220. [cleanup] Refactor the isc_stat structure to take advantage
of stdatomic. [GL !1493]
5219. [bug] Fixed a race in the filter-aaaa plugin that could
trigger a crash when returning an instance object
to the memory pool. [GL #982]
5218. [bug] Conditionally include <dlfcn.h>. [GL #995]
5217. [bug] Restore key id calculation for RSAMD5. [GL #996]
5216. [bug] Fetches-per-zone counter wasn't updated correctly
when doing qname minimization. [GL #992]
5215. [bug] Change #5124 was incomplete; named could still
return FORMERR instead of SERVFAIL in some cases.
[GL #990]
5214. [bug] win32: named now removes its lock file upon shutdown.
[GL #979]
5213. [bug] win32: Eliminated a race which allowed named.exe running
as a service to be killed prematurely during shutdown.
[GL #978]
5211. [bug] Allow out-of-zone additional data to be included
in authoritative responses if recursion is allowed
and "minimal-responses" is disabled. This behavior
was inadvertently removed in change #4605. [GL #817]
5210. [bug] When dnstap is enabled and recursion is not
available, incoming queries are now logged
as "auth". Previously, this depended on whether
recursion was requested by the client, not on
whether recursion was available. [GL #963]
5209. [bug] When update-check-ksk is true, add_sigs was not
considering offline keys, leaving record sets signed
with the incorrect type key. [GL #763]
5208. [test] Run valid rdata wire encodings through totext+fromtext
and tofmttext+fromtext methods to check these methods.
[GL #899]
5207. [test] Check delv and dig TTL values. [GL #965]
5206. [bug] Delv could print out bad TTLs. [GL #965]
5205. [bug] Enforce that a DS hash exists. [GL #899]
5204. [test] Check that dns_rdata_fromtext() produces a record that
will be accepted by dns_rdata_fromwire(). [GL #852]
5203. [bug] Enforce whether key rdata exists or not in KEY,
DNSKEY, CDNSKEY and RKEY. [GL #899]
5202. [bug] <dns/ecs.h> was missing ISC_LANG_ENDDECLS. [GL #976]
5190. [bug] Ignore trust anchors using disabled algorithms.
[GL #806]
Update bind911 to 9.11.7, this is maintenance releases.
--- 9.11.7 released ---
5233. [bug] Negative trust anchors did not work with "forward only;"
to validating resolvers. [GL #997]
5232. [bug] Fix a high-load race/crash in isc_socket_cancel().
[GL #834]
5231. [protocol] Add support for displaying CLIENT-TAG and SERVER-TAG.
[GL #960]
5229. [protocol] Enforce known SSHFP fingerprint lengths. [GL #852]
5228. [cleanup] If trusted-keys and managed-keys are configured
simultaneously for the same name, the key cannot
be rolled automatically. This configuration now
logs a warning. [GL #868]
5224. [bug] Only test provide-ixfr on TCP streams. [GL #991]
5222. [bug] 'delv -t ANY' could leak memory. [GL #983]
5221. [test] Enable parallel execution of system tests on
Windows. [GL !4101]
5218. [bug] Conditionally include <dlfcn.h>. [GL #995]
5214. [bug] win32: named now removes its lock file upon shutdown.
[GL #979]
5213. [bug] win32: Eliminated a race which allowed named.exe running
as a service to be killed prematurely during shutdown.
[GL #978]
5210. [bug] When dnstap is enabled and recursion is not
available, incoming queries are now logged
as "auth". Previously, this depended on whether
recursion was requested by the client, not on
whether recursion was available. [GL #963]
5209. [bug] When update-check-ksk is true, add_sigs was not
considering offline keys, leaving record sets signed
with the incorrect type key. [GL #763]
5208. [test] Run valid rdata wire encodings through totext+fromtext
and tofmttext+fromtext methods to check these methods.
[GL #899]
5207. [test] Check delv and dig TTL values. [GL #965]
5205. [bug] Enforce that a DS hash exists. [GL #899]
5204. [test] Check that dns_rdata_fromtext() produces a record that
will be accepted by dns_rdata_fromwire(). [GL #852]
5203. [bug] Enforce whether key rdata exists or not in KEY,
DNSKEY, CDNSKEY and RKEY. [GL #899]
5197. [bug] dig could die in best effort mode on multiple SIG(0)
records. Similarly on multiple OPT and multiple TSIG
records. [GL #920]
5194. [bug] Enforce non empty ZOMEMD hash. [GL #899]
5193. [bug] EID and NIMLOC failed to do multi-line output
correctly. [GL #899]
5192. [bug] configure --fips-mode failed. [GL #946]
5191. [port] Darwin: dlzexternal/driver.so was not building.
[GL #948]
5189. [cleanup] Remove revoked root DNSKEY from bind.keys. [GL #945]
5187. [test] Set time zone before running any tests in dnstap_test.
[GL #940]
5185. [bug] PKCS11 build could fail if ECDSA is not supported.
[GL #935]
5184. [bug] Missing unlocks in sdlz.c. [GL #936]
5182. [bug] Fix a high-load race/crash in handling of
isc_socket_close() in resolver. [GL #834]
5180. [bug] delv now honors the operating system's preferred
ephemeral port range. [GL #925]
5179. [cleanup] Replace some vague type declarations with the more
specific dns_secalg_t and dns_dsdigest_t.
Thanks to Tony Finch. [GL !1498]
5178. [bug] Handle EDQUOT (disk quota) and ENOSPC (disk full)
errors when writing files. [GL #902]
5176. [tests] Remove a dependency on libxml in statschannel system
test. [GL #926]
5175. [bug] Fixed a problem with file input in dnssec-keymgr,
dnssec-coverage and dnssec-checkds when using
python3. [GL #882]
5174. [doc] Tidy dnssec-keygen manual. [GL !1557]
5172. [bug] nsupdate now honors the operating system's preferred
ephemeral port range. [GL #905]
5170. [test] Added --with-dlz-filesystem to feature-test. [GL !1587]
5168. [test] Do not crash on shutdown when RPZ fails to load. Also,
keep previous version of the database if RPZ fails to
load. [GL #813]
5167. [bug] nxdomain-redirect could sometimes lookup the wrong
redirect name. [GL #892]
_ Fix detection of utun support on OS X (#18).
_ Fix Cisco DTLSv1.2 support for AES256-GCM-SHA384.
_ Fix Solaris 11.4 build by properly detecting memset_s().
_ Fix recognition of OTP password fields (#24).
2019-04-21 - libfilezilla 0.16.0 released
New features:
Add fz::socket
Add operator*= to fz::duration
fz::event_loop can now also be created using fz::thread_pool or threadless.
Bugfixes and minor changes:
fz::async_task now releases the thread back to the pool immediately when the task has completed without waiting for the join
*nix: Fix file descriptor leaks on exec()
1.22 - 2019-04-30
- Add 'b' and 'B' keys to connections tab (Daniel Kamil Kozar)
- Add 'max_ul_per_user' setting to support multiple upload slots per user (Daniel Kamil Kozar)
- Add support for TLS ALPN (Denys Smirnov)
- Fix build against ncurses with separate libtinfo (Lars Wendler)
0.6.4:
Pin selectors2 to Python versions <= 3.4
Fix config examples to actually use the nc namespace
fix: correctly set port for paramiko when using ssh_config file
test: add test to check ProxyCommand uses correct port
Update commits for py3
Enhance Alcatel-Lucent -support
Juniper RPC: allow specifying format in CompareConfiguration
Parsing of NETCONF 1.1 frames no longer decodes each chunk of bytes...
Fix filter in create_subscription
Validate 'with-defaults' mode based on supported modes advertised in capability URI
Changes:
### Additions
- Support for
- `patreon` (#226)
- `hentainexus` (#256)
- `date` metadata fields for `pixiv` (#248), `instagram` (#250),
`exhentai`, and `newgrounds`
### Changes
- Improved `flickr` metadata and video extraction (#246)
### Fixes
- Download original GIF animations from `deviantart` (#242)
- Ignore missing `edge_media_to_comment` fields on `instagram` (#250)
- Fix serialization of `datetime` objects for `--write-metadata` (#251, #252)
- Allow multiple post-processor command-line options at once (#253)
- Prevent crash on `booru` sites when no tags are available (#259)
- Fix extraction on `instagram` after `rhx_gis` field removal (#266)
- Avoid Cloudflare CAPTCHAs for Python interpreters built
against OpenSSL < 1.1.1
- Miscellaneous fixes for `luscious`
New in version 3.5
==================
Enhancements
------------
* Add support for more accurate reading of PHC on Linux 5.0
* Add support for hardware timestamping on interfaces with read-only
timestamping configuration
* Add support for memory locking and real-time priority on FreeBSD,
NetBSD, Solaris
* Update seccomp filter to work on more architectures
* Validate refclock driver options
Bug fixes
---------
* Fix bindaddress directive on FreeBSD
* Fix transposition of hardware RX timestamp on Linux 4.13 and later
* Fix building on non-glibc systems
Samba 4.10.3, 4.9.8 and 4.8.12 Security Releases Available
These are security releases in order to address CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum).
Some vpn clients pass multiple domains for DNS search scope, which
requires that we use search rather than domain. The generic path was
already using search, so just switch the resolvconf path to also use
search.
In a container, /etc/nsswitch.conf might not exist.
Silence the error grep: /etc/nsswitch.conf: No such file or directory
Inside a container, running 'ip route flush cache' can spam with
"ip: can't open '/proc/sys/net/ipv4/route/flush': Read-only file system"
Hide that the error output for that command.
Changes:
2019.05.11
----------
Core
* [utils] Transliterate "þ" as "th" (#20897)
Extractors
+ [cloudflarestream] Add support for videodelivery.net (#21049)
+ [byutv] Add support for DVR videos (#20574, #20676)
+ [gfycat] Add support for URLs with tags (#20696, #20731)
+ [openload] Add support for verystream.com (#20701, #20967)
* [youtube] Use sp field value for signature field name (#18841, #18927,
#21028)
+ [yahoo:gyao] Extend URL regular expression (#21008)
* [youtube] Fix channel id extraction (#20982, #21003)
+ [sky] Add support for news.sky.com (#13055)
+ [youtube:entrylistbase] Retry on 5xx HTTP errors (#20965)
+ [francetvinfo] Extend video id extraction (#20619, #20740)
* [4tube] Update token hosts (#20918)
* [hotstar] Move to API v2 (#20931)
* [fox] Fix API error handling under python 2 (#20925)
+ [redbulltv] Extend URL regular expression (#20922)
1.16.153
api-change:config: Update config command to latest version
api-change:iam: Update iam command to latest version
api-change:codepipeline: Update codepipeline command to latest version
api-change:sts: Update sts command to latest version
1.16.152
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:workmail: Update workmail command to latest version
api-change:medialive: Update medialive command to latest version
api-change:cognito-idp: Update cognito-idp command to latest version
1.16.151
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:kms: Update kms command to latest version
1.16.150
api-change:xray: Update xray command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:ecs: Update ecs command to latest version
1.16.149
api-change:codepipeline: Update codepipeline command to latest version
api-change:neptune: Update neptune command to latest version
api-change:managedblockchain: Update managedblockchain command to latest version
api-change:s3control: Update s3control command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:directconnect: Update directconnect command to latest version
1.16.148
api-change:transfer: Update transfer command to latest version
api-change:ec2: Update ec2 command to latest version
1.16.147
api-change:iam: Update iam command to latest version
api-change:sns: Update sns command to latest version
1.16.146
api-change:batch: Update batch command to latest version
api-change:gamelift: Update gamelift command to latest version
api-change:inspector: Update inspector command to latest version
api-change:dynamodb: Update dynamodb command to latest version
api-change:lambda: Update lambda command to latest version
api-change:workspaces: Update workspaces command to latest version
1.16.145
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:textract: Update textract command to latest version
api-change:storagegateway: Update storagegateway command to latest version
bugfix:Cloudformation: Support non-AWS partition regions in CloudFormation deploy and package.
api-change:mediatailor: Update mediatailor command to latest version
api-change:route53: Update route53 command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:ssm: Update ssm command to latest version
api-change:mediaconnect: Update mediaconnect command to latest version
api-change:rds: Update rds command to latest version
api-change:cloudformation: Update cloudformation command to latest version
1.16.144
api-change:transcribe: Update transcribe command to latest version
api-change:workspaces: Update workspaces command to latest version
api-change:resource-groups: Update resource-groups command to latest version
1.16.143
api-change:cognito-idp: Update cognito-idp command to latest version
api-change:worklink: Update worklink command to latest version
api-change:rds: Update rds command to latest version
api-change:kafka: Update kafka command to latest version
api-change:organizations: Update organizations command to latest version
api-change:workspaces: Update workspaces command to latest version
api-change:discovery: Update discovery command to latest version
1.16.142
api-change:polly: Update polly command to latest version
api-change:ec2: Update ec2 command to latest version
1.16.141
api-change:redshift: Update redshift command to latest version
api-change:organizations: Update organizations command to latest version
api-change:cognito-idp: Update cognito-idp command to latest version
api-change:storagegateway: Update storagegateway command to latest version
api-change:mq: Update mq command to latest version
api-change:cloudwatch: Update cloudwatch command to latest version
1.16.140
api-change:medialive: Update medialive command to latest version
api-change:iot1click-devices: Update iot1click-devices command to latest version
api-change:glue: Update glue command to latest version
api-change:comprehend: Update comprehend command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
1.16.139
api-change:eks: Update eks command to latest version
api-change:iam: Update iam command to latest version
1.16.138
api-change:batch: Update batch command to latest version
api-change:comprehend: Update comprehend command to latest version
1.16.137
api-change:acm: Update acm command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:securityhub: Update securityhub command to latest version
1.16.136
api-change:ssm: Update ssm command to latest version
api-change:emr: Update emr command to latest version
1.16.135
api-change:greengrass: Update greengrass command to latest version
api-change:cloudwatch: Update cloudwatch command to latest version
api-change:comprehend: Update comprehend command to latest version
1.16.134
api-change:workspaces: Update workspaces command to latest version
api-change:pinpoint-email: Update pinpoint-email command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:medialive: Update medialive command to latest version
1.16.133
api-change:appmesh: Update appmesh command to latest version
api-change:elbv2: Update elbv2 command to latest version
api-change:storagegateway: Update storagegateway command to latest version
api-change:ecs: Update ecs command to latest version
api-change:s3: Update s3 command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:transfer: Update transfer command to latest version
1.16.132
api-change:glue: Update glue command to latest version
api-change:workmail: Update workmail command to latest version
1.16.131
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:iot1click-devices: Update iot1click-devices command to latest version
api-change:iotanalytics: Update iotanalytics command to latest version
api-change:directconnect: Update directconnect command to latest version
api-change:transcribe: Update transcribe command to latest version
api-change:robomaker: Update robomaker command to latest version
api-change:fms: Update fms command to latest version
1.16.130
api-change:transcribe: Update transcribe command to latest version
api-change:iot1click-projects: Update iot1click-projects command to latest version
1.9.143
api-change:config: [botocore] Update config client to latest version
api-change:iam: [botocore] Update iam client to latest version
api-change:sts: [botocore] Update sts client to latest version
api-change:codepipeline: [botocore] Update codepipeline client to latest version
1.9.142
api-change:workmail: [botocore] Update workmail client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:cognito-idp: [botocore] Update cognito-idp client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
1.9.141
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
api-change:kms: [botocore] Update kms client to latest version
1.9.140
api-change:ecs: [botocore] Update ecs client to latest version
api-change:xray: [botocore] Update xray client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.9.139
api-change:neptune: [botocore] Update neptune client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:managedblockchain: [botocore] Update managedblockchain client to latest version
api-change:s3control: [botocore] Update s3control client to latest version
api-change:directconnect: [botocore] Update directconnect client to latest version
api-change:codepipeline: [botocore] Update codepipeline client to latest version
1.9.138
api-change:transfer: [botocore] Update transfer client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.9.137
api-change:iam: [botocore] Update iam client to latest version
api-change:sns: [botocore] Update sns client to latest version
1.9.136
api-change:gamelift: [botocore] Update gamelift client to latest version
api-change:workspaces: [botocore] Update workspaces client to latest version
api-change:dynamodb: [botocore] Update dynamodb client to latest version
api-change:inspector: [botocore] Update inspector client to latest version
api-change:lambda: [botocore] Update lambda client to latest version
api-change:batch: [botocore] Update batch client to latest version
1.9.135
api-change:mediatailor: [botocore] Update mediatailor client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:route53: [botocore] Update route53 client to latest version
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:mediaconnect: [botocore] Update mediaconnect client to latest version
api-change:textract: [botocore] Update textract client to latest version
1.9.134
api-change:resource-groups: [botocore] Update resource-groups client to latest version
api-change:transcribe: [botocore] Update transcribe client to latest version
api-change:workspaces: [botocore] Update workspaces client to latest version
1.9.133
api-change:kafka: [botocore] Update kafka client to latest version
api-change:cognito-idp: [botocore] Update cognito-idp client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:worklink: [botocore] Update worklink client to latest version
api-change:workspaces: [botocore] Update workspaces client to latest version
api-change:discovery: [botocore] Update discovery client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
1.9.132
api-change:polly: [botocore] Update polly client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.9.131
api-change:organizations: [botocore] Update organizations client to latest version
api-change:mq: [botocore] Update mq client to latest version
api-change:redshift: [botocore] Update redshift client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:cloudwatch: [botocore] Update cloudwatch client to latest version
api-change:cognito-idp: [botocore] Update cognito-idp client to latest version
1.9.130
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:comprehend: [botocore] Update comprehend client to latest version
api-change:iot1click-devices: [botocore] Update iot1click-devices client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
