iperf 3.9
* Notable user-visible changes
* A --timestamps flag has been added, which prepends a timestamp to
each output line. An optional argument to this flag, which is a
format specification to strftime(3), allows for custom timestamp
formats.
* A --server-bitrate-limit flag has been added as a server-side
command-line argument. It allows a server to enforce a maximum
throughput rate; client connections that specify a higher bitrate
or exceed this bitrate during a test will be terminated. The
bitrate is expressed in bits per second, with an optional trailing
slash and integer count that specifies an averaging interval over
which to enforce the limit.
* A bug that caused increased CPU usage with the --bidir option has
been fixed.
* Notable developer-visible changes
* Fixed various minor memory leaks.
Changes:
0.9.4
-----
- Fix for showing the entry on the files page of submodules for bare
repositories, thanks kst!
- There is now a separate Atom feed for tags called "tags.xml". This should make
it easier to track only software releases if using an RSS/Atom reader.
- The ordering of tags are now by commit date (descending). So it will now sort
by most recent first. The previous behaviour was to sort alphabetically by tag
name, but many projects use numeric versions which don't sort in a useful/clear
order.
- For OpenBSD: remove unveil(2) for stagit-index, because unveil(2) has an
argument limit. Now more than ~128 repositories for the index are supported.
Per repository stagit will still use unveil(2).
Version 4.9.2
* mkdir: fixed exit code with -f option.
* ftp: made ftp:use-pret setting tri-boolean.
* get/mget/put/mput: don't try next files after error if cmd:fail-exit is true.
* get/mget: fixed -O option with remote URL and xfer:use-temp-file being true.
* mirror: disallow empty patterns; don't delete "..".
* mirror: fixed --on-change with --reverse.
* sftp: fixed a bug with truncated files when packets are reordered (finally).
Wireshark 3.2.6 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2020-10[1] Kafka dissector crash. Bug 16672[2].
CVE-2020-17498[3].
The following bugs have been fixed:
• Kafka dissector fails parsing FETCH responses. Bug 16623[4].
• Dissector for ASTERIX Category 001 / 210 does not recognize bit 1
as extension. Bug 16662[5].
• "invalid timestamp" for Systemd Journal Export Block. Bug
16664[6].
• Decoding Extended Emergency number list IE length. Bug 16668[7].
• Some macOS Bluetooth PacketLogger capture files aren’t recognized
as PacketLogger files (regression, bisected). Bug 16670[8].
• Short IMSIs (5 digits) lead to wrong decoding+warning. Bug
16676[9].
• Decoding of PFCP IE 'PFD Contents' results in "malformed packet".
Bug 16704[10].
• RFH2 Header with 32 or less bytes of NameValue will not parse out
that info. Bug 16733[11].
• CDP: Port ID TLV followed by Type 1009 TLV triggers [Malformed
Packet]. Bug 16742[12].
• tshark crashed when processing opcda. Bug 16746[13].
• tshark with --export-dicom gives “Segmentation fault (core
dumped)”. Bug 16748[14].
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ASTERIX, BSSAP, CDP, CoAP, DCERPC SPOOLSS, DCOM, DICOM, DVB-S2,
E.212, GBCS, GSM RR, GSM SMS, IEEE 802.11, Kafka, MQ, Nano, NAS 5GS,
NIS+, NR RRC, PacketLogger, PFCP, RTPS, systemd Journal, TDS, TN3270,
and TN5250
New and Updated Capture File Support
PacketLogger and pcapng
Changelog:
7 July 2020: Wouter
- Tag for 4.3.2rc1.
6 July 2020: Wouter
- Fix compile includes for xfr-inspect tool on FreeBSD.
- Add tpkg/run_vm.sh that runs test when in a virtual machine.
- Merge #112 from jaredmauch: log old and new serials when NSD
rejects an IXFR due to an old serial number.
- Fix bug034 test for vm test changes.
22 June 2020: Wouter
- Remove errno reset behaviour from sendmmsg and recvmmsg
replacement functions.
- Fix unit test for different nsd-control-setup -h exit code.
19 June 2020: Wouter
- Merge #108 from Nomis: Make the max-retry-time description clearer.
- Retry when udp send buffer is full to wait until buffer space is
available.
18 June 2020: Wouter
- Do not log EAGAIN errors for sendmmsg, to stop log spam on OpenBSD.
17 June 2020: Wouter
- Fix#107: nsd -v shows configure line, openssl version and libevent version.
27 May 2020: Wouter
- Fix unlink of pidfile warning if not possible due to permissions,
nsd can display the message at high verbosity levels.
- Update contrib/nsd.service for chown of nsd.log and /var/log in
ReadWritePaths.
- Removed contrib/nsd.service, example is too complicated and not
useful.
15 May 2020: Wouter
- Merge PR#102 from and0x000: add missing default in documentation
for drop-updates.
- Fix checkconf test for log-only-syslog option.
14 May 2020: Wouter
- Document default value for tcp-timeout.
13 May 2020: Jeroen
- Fix#99: Fix copying of socket properties with reuseport enabled.
24 April 2020: Wouter
- Fix#97: EDNS unknown version: query not in response.
21 April 2020: Wouter
- Fix#96: log-only-syslog: yes sets to only use syslog, fixes
that the default configuration and systemd results in duplicate
log messages.
20 April 2020: Wouter
- Fix#95: Removed make test check because tpkg not included in
release tarballs.
- Fix unused parameter compile warnings.
Jesse Smith <jessefrgsmith@yahoo.ca> -> 5.6
- When Bftpd is run with the -n flag (no configuration file)
default ratio settings prevented files from downloading.
Samuel Hsu has patched Bftpd to assume no ratio ("") is
treated the same as "none" or no restrictions.
- Fixed potential overflow in buffer for directory listing.
- Used calloc() and single strlen() call to avoid having
a string without a NULL terminator mystring library.
Add bind916 version 9.16.5 package (BIND 9.16.5).
BIND, the Berkeley Internet Name Daemon. This package contains the BIND
9.16 release.
* New dnssec-policy statement to configure a key and signing policy for
zones, enabling automatic key regeneration and rollover.
* New network manager based on libuv.
* Added support for the new GeoIP2 geolocation API, libmaxminddb.
* Improved DNSSEC trust anchor configuration using the trust-anchors
statement, permitting configuration of trust anchors in DS as well as
DNSKEY format.
* YAML output for dig, mdig, and delv.
This hotfix release fixes an issue with block validation.
Bugfixes:
#6827: syncthing 1.6.1 -> 1.7.0 fails on "failed validating data"
v1.7.0
This release performs a database migration to optimize for clusters with
many devices.
Bugfixes:
#6552: panic: Stop called more than once on ... created by nat.Service
#6564: Closing an already removed connection causes GUI error message
#6646: Misleading error message when to be deleted dir contains receive-only changes
#6653: panic: nil pointer dereference in leveldb.(*DB).isClosed()
#6654: panic: runtime error: index out of range in processNeeded()
#6655: panic: nil pointer dereference in checkUpgrade()
#6679: QUIC listener is not added when default TCP port is unavailable
#6697: Malformed listen address causes hang on startup
#6706: Changing a folder in web UI removes introduced-by info
Enhancements:
#1830: "Folder path missing" when folder path is a junction
#4703: Suggest setting up auth on initial startup
#5910: Add Badger database backend for testing and consideration
#6372: Reduce database size by optimizing version list storage
Other issues:
#6608: Data race in Windows fs watcher tests
#6625: TestRequestRemoteRenameChanged is racy/flaky
Changes:
1.52.3
------
* Bug Fixes
* docs
* Disable smart typography (eg en-dash) in MANUAL.* and man page
(Nick Craig-Wood)
* Update install.md to reflect minimum Go version (Evan Harris)
* Update install from source instructions (Nick Craig-Wood)
* make_manual: Support SOURCE_DATE_EPOCH (Morten Linderud)
* log: Fix --use-json-log going to stderr not --log-file on Windows
(Nick Craig-Wood)
* serve dlna: Fix file list on Samsung Series 6+ TVs (Matteo Pietro Dazzi)
* sync: Fix deadlock with --track-renames-strategy modtime (Nick Craig-Wood)
* Cache
* Fix moveto/copyto remote:file remote:file2 (Nick Craig-Wood)
* Drive
* Stop using root_folder_id as a cache (Nick Craig-Wood)
* Make dangling shortcuts appear in listings (Nick Craig-Wood)
* Drop "Disabling ListR" messages down to debug (Nick Craig-Wood)
* Workaround and policy for Google Drive API (Dmitry Ustalov)
* FTP
* Add note to docs about home vs root directory selection (Nick Craig-Wood)
* Onedrive
* Fix reverting to Copy when Move would have worked (Nick Craig-Wood)
* Avoid comma rendered in URL in onedrive.md (Kevin)
* Pcloud
* Fix oauth on European region "eapi.pcloud.com" (Nick Craig-Wood)
* S3
* Fix bucket Region auto detection when Region unset in config (Nick Craig-Wood)
1.2.8 released
* validate UTF-8 encoding of client version strings from peers
* don't time out tracker announces as eagerly while resolving hostnames
* fix NAT-PMP shutdown issue
* improve hostname lookup by merging identical lookups
* fix network route enumeration for large routing tables
* fixed issue where pop_alerts() could return old, invalid alerts
* fix issue when receiving have-all message before the metadata
* don't leave lingering part files handles open
* disallow calling add_piece() during checking
* fix incorrect filename truncation at multi-byte character
* always announce listen port 1 when using a proxy
NEWS for rsync 3.2.3
Changes in this version:
BUG FIXES:
Fixed a bug in the xattr code that was freeing the wrong object when trying to cleanup the xattr list.
Fixed a bug in the xattr code that was not leaving room for the "rsync." prefix in some instances where it needed to be added.
Restored the ability to use ‑‑bwlimit=0 to specify no bandwidth limit. (It was accidentally broken in 3.2.2.)
Fix a bug when combining ‑‑delete-missing-args with ‑‑no-implied-dirs & ‑R where rsync might create the destination path of a missing arg. The code also avoids some superfluous warnings for nested paths of removed args.
Fixed an issue where hard-linked devices could cause the rdev_major value to get out of sync between the sender and the receiver, which could cause a device to get created with the wrong major value in its major,minor pair.
Rsync now complains about a missing ‑‑temp-dir before starting any file transfers.
A completely empty source arg is now a fatal error. This doesn't change the handling of implied dot-dir args such as "localhost:" and such.
ENHANCEMENTS:
Allow ‑‑max-alloc=0 to specify no limit to the alloc sanity check.
Allow ‑‑block-size=SIZE to specify the size using units (e.g. "100K").
The name of the id-0 user & group are now sent to the receiver along with the other user/group names in the transfer (instead of assuming that both sides have the same id-0 names).
Added the ‑‑stop-after=MINS and ‑‑stop-at=DATE_TIME options (with the ‑‑time-limit=MINS option accepted as an alias for ‑‑stop-after). This is an enhanced version of the time-limit patch from the patches repo.
Added the name converter daemon parameter to make it easier to convert user & group names inside a chrooted daemon module. This is based on the nameconverter patch with some improvements, including a tweak to the request protocol (so if you used this patch in the past, be sure to update your converter script to use newlines instead of null chars).
Added ‑‑crtimes (‑N) option for preserving the file's create time (I believe that this is macOS only at the moment).
Added ‑‑mkpath option to tell rsync that it should create a non-existing path component of the destination arg.
Added ‑‑stderr=errors|all|client to replace the ‑‑msgs2stderr and ‑‑no-msgs2stderr options (which are still accepted). The default use of stderr was changed to be ‑‑stderr=errors where all the processes that have stderr available output directly to stderr, which should help error messages get to the user more quickly, especially when doing a push (which includes local copying). This also allows rsync to exit quickly when a receiver failure occurs, since rsync doesn't need to try to keep the connection alive long enough for the fatal error to go from the receiver to the generator to the sender. The old default can be requested via ‑‑stderr=client. Also changed is that a non-default stderr mode is conveyed to the remote rsync (using the older option names) instead of requiring the user to use ‑‑remote-option (‑M) to tell the remote rsync what to do.
Added the ability to specify "@netgroup" names to the hosts allow and hosts deny daemon parameters. This is a finalized version of the netgroup-auth patch from the patches repo.
Rsync can now hard-link symlinks on FreeBSD due to it making ues of the linkat() function when it is available.
Output file+line info on out-of-memory & overflow errors while also avoiding the output of alternate build-dir path info that is not useful to the user.
Change configure to know that Cygwin supports Linux xattrs.
Improved the testsuite on FreeBSD & Cygwin.
Added some compatibility code for HPE NonStop platforms.
Improved the INSTALL.md info.
Added a few more suffixes to the default skip-compress list.
Improved configure's error handling to notify about several issues at once instead of one by one (for the newest optional features).
INTERNAL:
Use a simpler overflow check idiom in a few spots.
Use a C99 Flexible Array for a trailing variable-size filename in a struct (with a fallback to the old 1-char string kluge for older compilers).
Release v1.31.0
Core
The following new xDS functionality is added in this release:
Requests matching based on path (prefix, full path and safe regex) and headers.
Requests routing to multiple clusters based on weights.
The features supported in a given release are documented here.
Other changes:
Remove MAX_EPOLL_EVENTS_HANDLED_EACH_POLL_CALL to ensure timely processing of events.
Include the target name in top-level DNS error messages.
Remove xds-experimental URI scheme.
fix memory leak of grpc_resource_user_quota.
Store ref to the ExternalConnectivityWatcher in external_watchers_ map.
Update grpclb configuration with field "service_name".
Fix possible deadlock in RemoveExternalConnectivityWatcher.
Enable TLS 1.3 in the C-core and all wrapped languages.
Add message-size check before message decompression with ordering change.
Fix race condition caused by simultaneous updates on SSL server handshaker.
Add missing reset for ping clocks to avoid mistakenly sending GOAWAY frames due to 'too_many_pings'.
C++
Simplify makefile: Get rid of "install" rules with pure make, recommend cmake and bazel instead.
Replaced grpc::string with std::string.
Fix wrong version in gRPCConfigVersion.cmake and grpc++*.pc.
Python
[Aio] Support tuple and aio.Metadata interaction.
[Aio] Allows poller to bind to ephemeral loops in multiple threads.
[Aio] Hide init_grpc_aio and guard async API outside of AsyncIO context.
[Aio] Implement methods to access auth context and peer info.
Add protobuf as an "extras" dependency to grpcio package.
[Aio] Use Metadata type.
Avoid attribute error in del of _ChannelCallState.
Default wait_for_ready to True in simple stubs.
Propagate contextvars to auxiliary threads.
Simplify channel credentials in simple stubs.
1.5.0
Improvements
Use explicit flag for the specific version of c++ we are targeting.
Prevent a copy of a pool’s backends when selecting a server.
Bug Fixes
Fix compilation with h2o_socket_get_ssl_server_name().
Prevent a possible overflow via large Proxy Protocol values. (Valentei Sergey)
Avoid name clashes on Solaris derived systems.
Resize hostname to final size in getCarbonHostname(). (Aki Tuomi)
Fix compilation on OpenBSD/amd64.
Handle calling PacketCache methods on a nil object.
1.4.0
Improvements
Fix the default value of setMaxUDPOutstanding in the console’s help (phonedph1)
Add bindings for the noerrors and drops members of StatNode
Fix -Wshadow warnings (Aki Tuomi)
Fix typo: settting to setting (Chris Hofstaedtler)
Bug Fixes
Lowercase the name blocked by a SMT dynamic block
misc
Prefer the cipher suite from the server by default (DoH, DoT)
v0.6.8
Variety of small updates and bugfixes, but of note:
Support for namespace prefixes for XPath queries
edit-config parameter validation
Support for multiple RPC errors
API to get supported device types
Support for subtree filters with multiple top-level tags
19.0.2
- Regenerate Cython sources with 0.29.21 in sdists for compatibility with Python 3.9
- Handle underlying socket being closed in ZMQStream with warning instead of error
- Improvements to socket cleanup during process teardown
- Fix debug-builds on Windows
- Avoid importing ctypes during startup on Windows
- Documentation improvements
- Raise ``AttributeError`` instead of ``ZMQError(EINVAL)`` on attempts to read write-only attributes,
for compatibility with mocking
2.2.2
- BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
- BUILD: tools: fix build with static only toolchains
- BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
- BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
- BUG/MAJOR: dns: don't treat Authority records as an error
- MEDIUM: lua: Add support for the Lua 5.4
- BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
- BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
- BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
- BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
- BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
- MINOR: connection: Preinstall the mux for non-ssl connect
- MINOR: stream-int: Be sure to have a mux to do sends and receives
- SCRIPTS: announce-release: add the link to the wiki in the announce messages
- BUG/MEDIUM: backend: always attach the transport before installing the mux
- BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
(pkgsrc)
- Add adhoc patch to make it build.
(upstream)
Changelog:
- Fix tweet sending on 32bit architectures. #795 Wtf.
- Fix a few spelling mistakes. #798
- Work around a GTK+ bug increasing the window size
when typing DMs. #796
- Prevent the list statuses page from automatically focusing
the delete button, potentially resulting in accidentally
deleted lists. #811
- Show a language selection context menu in the
compose text view. #812
- Added the Guninski patch for alloc from Qualys (CVE-2005-1513).
- dns_ipq (IP qualify) now with unified IPv4/IPv6 handling and evaluation
of DNS well-know names 'localhost' and 'ipv[4|6]-loopback' (RFC 6761).
- Fixed DNS lookup for IPv6 addresses. Adjusted DNS man pages.
Bump default BUILDLINK_API_DEPENDS, as all fehware requires this version.
This is the 1.30.2 release (gradius) of gRPC Core.
Please see the notes for the previous releases here:
https://github.com/grpc/grpc/releases. Please consult https://grpc.io/
for all information regarding this product.
This release is a patch specifically for the Ruby plugin to address
#23490
Ruby
Fix ruby protoc plugin when message is in another package
(#23501)
!! Configuration format was updated !!
With the 0.7.0 release, our configuration format was updated to
use YAML files. Baikal stores data in both the Specific and the
config folders. Keep this in mind when upgrading! We recommend that
you make a full backup of your data, as a safety measure.
0.7.1
-----
* Fixed user deletion
* Fixed upgrading from versions older than 0.6.1
* Re-added config option for base uri
* Ships with sabre/dav 4.1.0
0.7.0 (2020-05-31)
------------------
* New configuration format
* Added support for php 7.4
* REMOVED support for php 7.0
* Shows event count per calendar
* Shows contact count per address book
* Ships with sabre/dav 4.1.0
0.2.3
* Fix handling of WSGI - not all versions of start_response take
keyword arguments.
* Add --no-strict option for clients that don't follow
the spec.
version 2.82
Improve behaviour in the face of network interfaces which come
and go and change index. Thanks to Petr Mensik for the patch.
Convert hard startup failure on NETLINK_NO_ENOBUFS under qemu-user
to a warning.
Allow IPv6 addresses ofthe form [::ffff:1.2.3.4] in --dhcp-option.
Fix crash under heavy TCP connection load introduced in 2.81.
Thanks to Frank for good work chasing this down.
Change default lease time for DHCPv6 to one day.
Alter calculation of preferred and valid times in router
advertisements, so that these do not have a floor applied
of the lease time in the dhcp-range if this is not explicitly
specified and is merely the default.
3.3.28:
Added
Redesign of the release process using Azure Pipelines
Create a dedicated documentation on ReadTheDoc, refactor README.md into README.rst
Modified
Fix localzone provider to make it work with dnspython 2.x
Update easyname provider against the recent API changes
2.2.1
- BUG/MINOR: sample: Free str.area in smp_check_const_bool
- BUG/MINOR: sample: Free str.area in smp_check_const_meth
- BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
- BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
- CONTRIB: da: fix memory leak in dummy function da_atlas_open()
- BUG/MEDIUM: mux-h2: Don't add private connections in available connection list
- BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list
- BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode
- BUG/MINOR: mux-fcgi: Handle empty STDERR record
- BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding
- BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT
- BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
- BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
- BUG/MEDIUM: server: resolve state file handle leak on reload
- BUG/MEDIUM: server: fix possibly uninitialized state file on close
- BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
- BUILD: config: address build warning on raspbian+rpi4
- BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
- BUILD: config: fix again bugs gcc warnings on calloc
- DOC: ssl: req_ssl_sni needs implicit TLS
- BUG/MEDIUM: arg: empty args list must be dropped
- BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
- BUG/MAJOR: tasks: don't requeue global tasks into the local queue
- BUG/MAJOR: dns: Make the do-resolve action thread-safe
- BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
- MEDIUM: htx: Add a flag on a HTX message when no more data are expected
- BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
- BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected
- BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
v1.11.4
IMPROVEMENTS:
Add resource for CSIDriver
Add resource for Pod Security Policies
Add data source for Pod and PVC
Add support for CSI volume type in persistent_volume resource
Add Kubernetes Job 'wait_for_completion' functionality
Support 'optional' flag for ConfigMap mounted as volume
Add specific error message when failing to load provider config
Support 'optional' on env valueFrom for secret key/configmap key
Skip tests for CSIDriver if cluster version is less than 1.16
Allow 'ttl_seconds_after_finished = 0' in kubernetes_job resource
Set service block to 'optional' for webhook configurations
0.12.29
BUG FIXES:
core: core: Prevent quadratic memory usage with large numbers of instances by not storing the complete resource state in each instance
Changes:
5.2
---
* Add Filter message to mitmdump (@sarthak212)
* Display TCP flows at flow list (@Jessonsotoventura, @nikitastupin, @mhils)
* Colorize JSON Contentview (@sarthak212)
* Fix console crash when entering regex escape character in half-open
string (@sarthak212)
* Integrate contentviews to TCP flow details (@nikitastupin)
* Added add-ons that enhance the performance of web application
scanners (@anneborcherding)
* Increase WebSocket message timestamp precision (@JustAnotherArchivist)
* Fix HTTP reason value on HTTP/2 reponses (@rbdixon)
* mitmweb: support wslview to open a web browser (@G-Rath)
* Fix dev version detection with parent git repo (@JustAnotherArchivist)
* Restructure examples and supported addons (@mhils)
* Certificate generation: mark SAN as critical if no CN is set (@mhils)
* Simplify Replacements with new ModifyBody addon (@mplattner)
* Rename SetHeaders addon to ModifyHeaders (@mplattner)
* mitmweb: "New -> File" menu option has been renamed to "Clear All"
(@yogeshojha)
* Add new MapRemote addon to rewrite URLs of requests (@mplattner)
* Add support for HTTP Trailers to the HTTP/2 protocol
(@sanlengjingvv and @Kriechi)
* Fix certificate runtime error during expire cleanup (@gorogoroumaru)
* Fixed the DNS Rebind Protection for secure support of IPv6 addresses
(@tunnelpr0)
* WebSockets: match the HTTP-WebSocket flow for the ~websocket filter
(@Kriechi)
* Fix deadlock caused by the "replay.client.stop" command (@gorogoroumaru)
* Add new MapLocal addon to serve local files instead of remote
resources (@mplattner and @mhils)
* Add minimal TCP interception and modification (@nikitastupin)
* Add new CheckSSLPinning addon to check SSL-Pinning on client (@su-vikas)
* Add a JSON dump script: write data into a file or send to an endpoint as
JSON (@emedvedev)
* Fix console output formatting (@sarthak212)
* Add example for proxy authentication using selenium
(@anneborcherding and @weichweich)
HAProxy 2.2.0 was released on 2020/07/07. It added 24 new commits
after version 2.2-dev12.
There were very few last-minute changes since dev12, just as I hoped,
that's pretty fine.
We're late by about 1 month compared to the initial planning, which is
not terrible and should be seen instead as an investment on the debugging
cycle since almost only bug fixes were merged during that period. In the
end you get a better version later.
While I was initially worried that this version didn't seem to contain
any outstanding changes, looking back in the mirror tells be it's another
awesome one instead:
- dynamic content emission:
- "http-request return" directive to build dynamic responses ;
- rewrite of headers (including our own) after the response ;
- dynamic error files (errorfiles can be used as templates to
deliver personalized pages)
- further improvements to TLS runtime certificates management:
- insertion of new certificates
- split of key and cert
- manipulation and creation of crt-lists
- even directories can be handled
And by the way now TLSv1.2 is set as the default minimum version.
- significant reduction of server-side resources by sharing idle
connection pools between all threads ; till 2.1 if you had 64 threads,
each of them had its own connections, so the reuse rate was lower, and
the idle connection count was very high. This is not the case anymore.
- health-checks were rewritten to all rely on tcp-check rules behind the
curtains. This allowed to get rid of all the dirt we had accumulate over
18 years and to write extensible checks. New ones are much easier to add.
In addition we now have http-checks which support header and body
addition, and which pass through muxes (HTTP/1 and HTTP/2).
- ring buffer creation with ability to forward any event to any log server
including over TCP. This means that it's now possible to log over a TCP
syslog server, and that adding new protocols should be fairly easy.
- further refined and improved debugging (symbols in panic dumps, malloc
debugging, more activity counters)
- the default security was improved. For example fork() is forbidden by
default, which will block against any potential code execution (and
will also block external checks by default unless explicitly unblocked).
- new performance improvements in the scheduler and I/O layers, reducing
the cost of I/O processing and overall latency. I've known from private
discussions that some noticed tremendous gains there.
I'm pretty sure there are many other things but I don't remember, I'm
looking at my notes. I'm aware that HaproxyTech will soon post an in-depth
review on the haproxy.com blog so just have a look there for all the details.
(edit: it's already there: https://www.haproxy.com/blog/announcing-haproxy-2-2/
).
There are three things I noted during the development of this version.
The first one is that with the myriad of new tools we're using to help
users and improve our code quality (discourse, travis, cirrus, oss-fuzz,
mailing-list etc), some people really found their role in the project and
are becoming more autonomous. This definitely scales much better and helps
me spend less time on things that are not directly connected to my code
activities, so thank you very much for this (Lukas, Tim, Ilya, Cyril).
The second one is that this is the first version that has been tortured
in production long before the release. And when I'm saying "tortured", I
really mean it, because several of us were suffering as well. But it
allowed to address very serious issues that would have been a nightmare
to debug and fix post-release. For this I really want to publicly thank
William Dauchy for all his work and involvement on this, and for all the
very detailed reports he's sent us. For me this is the proof that running
code early on very limited traffic is enough to catch unacceptable bugs
that will not hit you later. And this pays off because he will be able to
deploy 2.2 soon without sweating. Others might face bugs that were not in
the perimeter he tested, hehe :-) I really encourage anyone who can to do
this. I know it's not easy and can be risky, but with some organization
and good prod automation it's possible and is great. What's nice with
reporting bugs during development is that you have a safe version to roll
back to and it can take the time it takes to fix the bug, it's not a
problem! Please think about it and what it would imply for you to adopt
such a model, it's a real time saver and risk saver for your production.
The last one is that we started to use the -next branch to queue some
pending work (that was already merged) and that the principle of finishing
one version while we're starting to queue some work for the next one is
well accepted and will help really us. I'd like this to continue and grow
in importance.
Enough talking, now's time to download and update, and for me to leave to
have dinner :-)
Release 4.52
Bug Fixes
- Fix tests using wrong AWS credentials if AWS CLI is installed.
- Fix `AttributeError: module 'gslib' has no attribute 'USER_AGENT'`.
- Fix encoding error in `user_agent_helper`.
- Fix stdout ordering issue in hash command.
- Fix multithread race condition for cp/mv command when multiple operations are attempting to create the same directory.
- Fix OSError on interrupted rsync -d.
2.70.0
FEATURES:
* **New Resource:** `aws_ec2_client_vpn_authorization_rule`
* **New Resource:** `aws_ec2_client_vpn_route`
ENHANCEMENTS:
* resource/aws_launch_template: Add `default_version` argument (previously only an exported attribute)
* resource/aws_launch_template: Add `update_default_version` argument to set the launch template's default version to the latest version available on update
* resource/aws_organizations_organization: Support `BACKUP_POLICY` value in `enabled_policy_types` plan-time validation (Support Backup policies)
* resource/aws_organizations_policy: Support `BACKUP_POLICY` value in `type` plan-time validation (Support Backup policies)
fping 4.3
New features
Linux unprivileged ping support
Add SIGQUIT summary support similar to ping
Bugfixes and other changes
Corrected long option name of -s to --stats
Do not fail if using fping6 with -6 flag
Fail if interface binding (-I) does not work
Fix using option -4 when fping is compiled IPv4-only
Add Azure pipeline test build
GCC 10 compatibility fixes
Macos build fix
Fix xmt stats in Netdata output
Only increase num_alive if response is not a duplicate
Use line buffering for stdout
1.18.97
api-change:ebs: Update ebs command to latest version
api-change:sns: Update sns command to latest version
api-change:appmesh: Update appmesh command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:wafv2: Update wafv2 command to latest version
api-change:cloudhsmv2: Update cloudhsmv2 command to latest version
api-change:events: Update events command to latest version
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:amplify: Update amplify command to latest version
api-change:secretsmanager: Update secretsmanager command to latest version
api-change:comprehend: Update comprehend command to latest version
1.18.96
api-change:organizations: Update organizations command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:ce: Update ce command to latest version
api-change:forecast: Update forecast command to latest version
1.18.95
api-change:efs: Update efs command to latest version
api-change:storagegateway: Update storagegateway command to latest version
api-change:lakeformation: Update lakeformation command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:glue: Update glue command to latest version
api-change:cloudfront: Update cloudfront command to latest version
1.18.94
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:rds: Update rds command to latest version
api-change:quicksight: Update quicksight command to latest version
1.18.93
api-change:connect: Update connect command to latest version
api-change:elasticache: Update elasticache command to latest version
1.18.92
api-change:rds: Update rds command to latest version
api-change:appsync: Update appsync command to latest version
api-change:imagebuilder: Update imagebuilder command to latest version
api-change:codebuild: Update codebuild command to latest version
api-change:securityhub: Update securityhub command to latest version
api-change:chime: Update chime command to latest version
1.18.91
api-change:ec2: Update ec2 command to latest version
api-change:rds: Update rds command to latest version
api-change:codeguru-reviewer: Update codeguru-reviewer command to latest version
api-change:comprehendmedical: Update comprehendmedical command to latest version
api-change:ecr: Update ecr command to latest version
1.18.90
api-change:ec2: Update ec2 command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:codestar-connections: Update codestar-connections command to latest version
api-change:codeguruprofiler: Update codeguruprofiler command to latest version
1.18.89
api-change:sagemaker: Update sagemaker command to latest version
api-change:quicksight: Update quicksight command to latest version
api-change:cloudformation: Update cloudformation command to latest version
api-change:dms: Update dms command to latest version
api-change:cognito-idp: Update cognito-idp command to latest version
1.18.88
api-change:ec2: Update ec2 command to latest version
api-change:glue: Update glue command to latest version
1.18.87
api-change:fsx: Update fsx command to latest version
api-change:emr: Update emr command to latest version
api-change:amplify: Update amplify command to latest version
api-change:honeycode: Update honeycode command to latest version
api-change:codecommit: Update codecommit command to latest version
api-change:iam: Update iam command to latest version
api-change:backup: Update backup command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:organizations: Update organizations command to latest version
1.18.86
api-change:organizations: Update organizations command to latest version
api-change:mediatailor: Update mediatailor command to latest version
1.18.85
api-change:rds: Update rds command to latest version
api-change:rekognition: Update rekognition command to latest version
api-change:sqs: Update sqs command to latest version
api-change:emr: Update emr command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.84
api-change:elasticache: Update elasticache command to latest version
api-change:medialive: Update medialive command to latest version
api-change:opsworkscm: Update opsworkscm command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.83
api-change:rds: Update rds command to latest version
api-change:support: Update support command to latest version
api-change:route53: Update route53 command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
enchancement:codeartifact: Backport login command to AWS CLI v1
api-change:meteringmarketplace: Update meteringmarketplace command to latest version
api-change:sesv2: Update sesv2 command to latest version
api-change:ssm: Update ssm command to latest version
1.18.82
api-change:route53: Update route53 command to latest version
api-change:appmesh: Update appmesh command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:snowball: Update snowball command to latest version
1.18.81
api-change:lambda: Update lambda command to latest version
api-change:dataexchange: Update dataexchange command to latest version
api-change:qldb: Update qldb command to latest version
api-change:cloudfront: Update cloudfront command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:polly: Update polly command to latest version
1.18.80
api-change:appconfig: Update appconfig command to latest version
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:cognito-idp: Update cognito-idp command to latest version
api-change:chime: Update chime command to latest version
api-change:iot: Update iot command to latest version
1.18.79
api-change:storagegateway: Update storagegateway command to latest version
api-change:apigateway: Update apigateway command to latest version
api-change:glue: Update glue command to latest version
api-change:cloudformation: Update cloudformation command to latest version
1.18.78
api-change:ecs: Update ecs command to latest version
api-change:iot-data: Update iot-data command to latest version
api-change:lex-models: Update lex-models command to latest version
api-change:imagebuilder: Update imagebuilder command to latest version
1.18.77
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:compute-optimizer: Update compute-optimizer command to latest version
api-change:appconfig: Update appconfig command to latest version
api-change:dlm: Update dlm command to latest version
api-change:lightsail: Update lightsail command to latest version
api-change🛡️ Update shield command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:codeartifact: Update codeartifact command to latest version
1.18.76
api-change:transfer: Update transfer command to latest version
bugfix:config file: Improve config parsing to handle values with square brackets.
1.14.20
api-change:amplify: [botocore] Update amplify client to latest version
api-change:wafv2: [botocore] Update wafv2 client to latest version
api-change:ebs: [botocore] Update ebs client to latest version
api-change:events: [botocore] Update events client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:cloudhsmv2: [botocore] Update cloudhsmv2 client to latest version
api-change:appmesh: [botocore] Update appmesh client to latest version
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
api-change:sns: [botocore] Update sns client to latest version
api-change:secretsmanager: [botocore] Update secretsmanager client to latest version
api-change:comprehend: [botocore] Update comprehend client to latest version
1.14.19
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:forecast: [botocore] Update forecast client to latest version
api-change:ce: [botocore] Update ce client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
1.14.18
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:lakeformation: [botocore] Update lakeformation client to latest version
api-change:efs: [botocore] Update efs client to latest version
api-change:cloudfront: [botocore] Update cloudfront client to latest version
1.14.17
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
1.14.16
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:connect: [botocore] Update connect client to latest version
1.14.15
api-change:imagebuilder: [botocore] Update imagebuilder client to latest version
api-change:appsync: [botocore] Update appsync client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
1.14.14
api-change:ecr: [botocore] Update ecr client to latest version
api-change:codeguru-reviewer: [botocore] Update codeguru-reviewer client to latest version
api-change:comprehendmedical: [botocore] Update comprehendmedical client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.14.13
api-change:codestar-connections: [botocore] Update codestar-connections client to latest version
api-change:codeguruprofiler: [botocore] Update codeguruprofiler client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
1.14.12
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:cognito-idp: [botocore] Update cognito-idp client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
api-change:dms: [botocore] Update dms client to latest version
1.14.11
api-change:glue: [botocore] Update glue client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.14.10
api-change:iam: [botocore] Update iam client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
api-change:backup: [botocore] Update backup client to latest version
api-change:emr: [botocore] Update emr client to latest version
api-change:fsx: [botocore] Update fsx client to latest version
api-change:amplify: [botocore] Update amplify client to latest version
api-change:codecommit: [botocore] Update codecommit client to latest version
api-change:honeycode: [botocore] Update honeycode client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
1.14.9
api-change:mediatailor: [botocore] Update mediatailor client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
1.14.8
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:emr: [botocore] Update emr client to latest version
api-change:rekognition: [botocore] Update rekognition client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:sqs: [botocore] Update sqs client to latest version
1.14.7
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:opsworkscm: [botocore] Update opsworkscm client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
1.14.6
api-change:support: [botocore] Update support client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:meteringmarketplace: [botocore] Update meteringmarketplace client to latest version
api-change:route53: [botocore] Update route53 client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:sesv2: [botocore] Update sesv2 client to latest version
1.14.5
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:snowball: [botocore] Update snowball client to latest version
api-change:appmesh: [botocore] Update appmesh client to latest version
api-change:route53: [botocore] Update route53 client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
1.14.4
api-change:cloudfront: [botocore] Update cloudfront client to latest version
api-change:dataexchange: [botocore] Update dataexchange client to latest version
api-change:qldb: [botocore] Update qldb client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:lambda: [botocore] Update lambda client to latest version
api-change:polly: [botocore] Update polly client to latest version
1.14.3
api-change:chime: [botocore] Update chime client to latest version
api-change:appconfig: [botocore] Update appconfig client to latest version
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
api-change:cognito-idp: [botocore] Update cognito-idp client to latest version
api-change:iot: [botocore] Update iot client to latest version
1.14.2
api-change:apigateway: [botocore] Update apigateway client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
1.14.1
api-change:lex-models: [botocore] Update lex-models client to latest version
api-change:imagebuilder: [botocore] Update imagebuilder client to latest version
api-change:iot-data: [botocore] Update iot-data client to latest version
api-change:ecs: [botocore] Update ecs client to latest version
1.14.0
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:codeartifact: [botocore] Update codeartifact client to latest version
api-change:compute-optimizer: [botocore] Update compute-optimizer client to latest version
api-change🛡️ [botocore] Update shield client to latest version
api-change:lightsail: [botocore] Update lightsail client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:appconfig: [botocore] Update appconfig client to latest version
feature:SSO: [botocore] Added support for the SSO credential provider. This allows the SDK to retrieve temporary AWS credentials from a profile configured to use SSO credentials.
api-change:dlm: [botocore] Update dlm client to latest version
1.13.26
api-change:transfer: [botocore] Update transfer client to latest version
1.17.20
api-change:amplify: Update amplify client to latest version
api-change:wafv2: Update wafv2 client to latest version
api-change:ebs: Update ebs client to latest version
api-change:events: Update events client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:cloudhsmv2: Update cloudhsmv2 client to latest version
api-change:appmesh: Update appmesh client to latest version
api-change:alexaforbusiness: Update alexaforbusiness client to latest version
api-change:sns: Update sns client to latest version
api-change:secretsmanager: Update secretsmanager client to latest version
api-change:comprehend: Update comprehend client to latest version
1.17.19
api-change:ec2: Update ec2 client to latest version
api-change:forecast: Update forecast client to latest version
api-change:ce: Update ce client to latest version
api-change:organizations: Update organizations client to latest version
1.17.18
api-change:storagegateway: Update storagegateway client to latest version
api-change:glue: Update glue client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:lakeformation: Update lakeformation client to latest version
api-change:efs: Update efs client to latest version
api-change:cloudfront: Update cloudfront client to latest version
1.17.17
api-change:quicksight: Update quicksight client to latest version
api-change:rds: Update rds client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
1.17.16
api-change:elasticache: Update elasticache client to latest version
api-change:connect: Update connect client to latest version
1.17.15
api-change:imagebuilder: Update imagebuilder client to latest version
api-change:appsync: Update appsync client to latest version
api-change:chime: Update chime client to latest version
api-change:rds: Update rds client to latest version
api-change:securityhub: Update securityhub client to latest version
api-change:codebuild: Update codebuild client to latest version
1.17.14
api-change:ecr: Update ecr client to latest version
api-change:codeguru-reviewer: Update codeguru-reviewer client to latest version
api-change:comprehendmedical: Update comprehendmedical client to latest version
api-change:rds: Update rds client to latest version
api-change:ec2: Update ec2 client to latest version
1.17.13
api-change:codestar-connections: Update codestar-connections client to latest version
api-change:codeguruprofiler: Update codeguruprofiler client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:autoscaling: Update autoscaling client to latest version
1.17.12
api-change:quicksight: Update quicksight client to latest version
api-change:cognito-idp: Update cognito-idp client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:cloudformation: Update cloudformation client to latest version
api-change:dms: Update dms client to latest version
1.17.11
api-change:glue: Update glue client to latest version
api-change:ec2: Update ec2 client to latest version
1.17.10
api-change:iam: Update iam client to latest version
api-change:organizations: Update organizations client to latest version
api-change:backup: Update backup client to latest version
api-change:emr: Update emr client to latest version
api-change:fsx: Update fsx client to latest version
api-change:amplify: Update amplify client to latest version
api-change:codecommit: Update codecommit client to latest version
api-change:honeycode: Update honeycode client to latest version
api-change:autoscaling: Update autoscaling client to latest version
1.17.9
api-change:mediatailor: Update mediatailor client to latest version
api-change:organizations: Update organizations client to latest version
1.17.8
api-change:ec2: Update ec2 client to latest version
api-change:emr: Update emr client to latest version
api-change:rekognition: Update rekognition client to latest version
api-change:rds: Update rds client to latest version
api-change:sqs: Update sqs client to latest version
1.17.7
api-change:elasticache: Update elasticache client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:opsworkscm: Update opsworkscm client to latest version
api-change:medialive: Update medialive client to latest version
1.17.6
api-change:support: Update support client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:meteringmarketplace: Update meteringmarketplace client to latest version
api-change:route53: Update route53 client to latest version
api-change:ssm: Update ssm client to latest version
api-change:rds: Update rds client to latest version
api-change:sesv2: Update sesv2 client to latest version
1.17.5
api-change:ec2: Update ec2 client to latest version
api-change:snowball: Update snowball client to latest version
api-change:appmesh: Update appmesh client to latest version
api-change:route53: Update route53 client to latest version
api-change:macie2: Update macie2 client to latest version
1.17.4
api-change:cloudfront: Update cloudfront client to latest version
api-change:dataexchange: Update dataexchange client to latest version
api-change:qldb: Update qldb client to latest version
api-change:autoscaling: Update autoscaling client to latest version
api-change:lambda: Update lambda client to latest version
api-change:polly: Update polly client to latest version
1.17.3
api-change:chime: Update chime client to latest version
api-change:appconfig: Update appconfig client to latest version
api-change:alexaforbusiness: Update alexaforbusiness client to latest version
api-change:cognito-idp: Update cognito-idp client to latest version
api-change:iot: Update iot client to latest version
1.17.2
api-change:apigateway: Update apigateway client to latest version
api-change:glue: Update glue client to latest version
api-change:cloudformation: Update cloudformation client to latest version
api-change:storagegateway: Update storagegateway client to latest version
1.17.1
api-change:lex-models: Update lex-models client to latest version
api-change:imagebuilder: Update imagebuilder client to latest version
api-change:iot-data: Update iot-data client to latest version
api-change:ecs: Update ecs client to latest version
1.17.0
api-change:macie2: Update macie2 client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:codeartifact: Update codeartifact client to latest version
api-change:compute-optimizer: Update compute-optimizer client to latest version
api-change🛡️ Update shield client to latest version
api-change:lightsail: Update lightsail client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:appconfig: Update appconfig client to latest version
feature:SSO: Added support for the SSO credential provider. This allows the SDK to retrieve temporary AWS credentials from a profile configured to use SSO credentials.
api-change:dlm: Update dlm client to latest version
1.16.26
api-change:transfer: Update transfer client to latest version
pkgsrc changes:
- Remove patch-configure: applied upstream
Changes:
Changes in version 0.4.3.6 - 2020-07-09
Tor 0.4.3.6 backports several bugfixes from later releases, including
some affecting usability.
This release also fixes TROVE-2020-001, a medium-severity denial of
service vulnerability affecting all versions of Tor when compiled with
the NSS encryption library. (This is not the default configuration.)
Using this vulnerability, an attacker could cause an affected Tor
instance to crash remotely. This issue is also tracked as CVE-2020-
15572. Anybody running a version of Tor built with the NSS library
should upgrade to 0.3.5.11, 0.4.2.8, 0.4.3.6, or 0.4.4.2-alpha
or later.
o Major bugfixes (NSS, security, backport from 0.4.4.2-alpha):
- Fix a crash due to an out-of-bound memory access when Tor is
compiled with NSS support. Fixes bug 33119; bugfix on
0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001
and CVE-2020-15572.
o Minor bugfix (CI, Windows, backport from 0.4.4.2-alpha):
- Use the correct 64-bit printf format when compiling with MINGW on
Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
o Minor bugfixes (client performance, backport from 0.4.4.1-alpha):
- Resume use of preemptively-built circuits when UseEntryGuards is set
to 0. We accidentally disabled this feature with that config
setting, leading to slower load times. Fixes bug 34303; bugfix
on 0.3.3.2-alpha.
o Minor bugfixes (compiler warnings, backport from 0.4.4.2-alpha):
- Fix a compiler warning on platforms with 32-bit time_t values.
Fixes bug 40028; bugfix on 0.3.2.8-rc.
o Minor bugfixes (linux seccomp sandbox, nss, backport from 0.4.4.1-alpha):
- Fix a startup crash when tor is compiled with --enable-nss and
sandbox support is enabled. Fixes bug 34130; bugfix on
0.3.5.1-alpha. Patch by Daniel Pinto.
o Minor bugfixes (logging, backport from 0.4.4.2-alpha):
- Downgrade a noisy log message that could occur naturally when
receiving an extrainfo document that we no longer want. Fixes bug
16016; bugfix on 0.2.6.3-alpha.
o Minor bugfixes (manual page, backport from 0.4.4.1-alpha):
- Update the man page to reflect that MinUptimeHidServDirectoryV2
defaults to 96 hours. Fixes bug 34299; bugfix on 0.2.6.3-alpha.
o Minor bugfixes (onion service v3, backport from 0.4.4.1-alpha):
- Prevent an assert() that would occur when cleaning the client
descriptor cache, and attempting to close circuits for a non-
decrypted descriptor (lacking client authorization). Fixes bug
33458; bugfix on 0.4.2.1-alpha.
o Minor bugfixes (portability, backport from 0.4.4.1-alpha):
- Fix a portability error in the configure script, where we were
using "==" instead of "=". Fixes bug 34233; bugfix on 0.4.3.5.
o Minor bugfixes (relays, backport from 0.4.4.1-alpha):
- Stop advertising incorrect IPv6 ORPorts in relay and bridge
descriptors, when the IPv6 port was configured as "auto". Fixes
bug 32588; bugfix on 0.2.3.9-alpha.
o Documentation (backport from 0.4.4.1-alpha):
- Fix several doxygen warnings related to imbalanced groups. Closes
ticket 34255.
Release v1.30.1
This release is a patch specifically for the Ruby bindings
Release v1.30.0
Core
This release adds an xDS URI scheme called xds. This is the stable version of the scheme xds-experimental that was introduced in v1.28.0. xds-experimental scheme will be removed in subsequent releases so you must switch to xds scheme instead. xds scheme is a client side implementation of xDSv2 APIs. This allows a gRPC client written in C++, Python, Ruby, PHP and C# to receive configuration from an xDSv2 API compatible server and use that configuration to load balance RPCs. In this release, only the virtual host matching, default path (“” or “/”) matching and cluster route action are supported. The features supported in a given release are documented here.
Remove unnamed typedef structs in src/core.
Support xDS via both xds and xds-experimental URI schemes.
Fix sorting of gRPCLB addresses when resolved via DNS.
Support local creds in grpc_cli.
Add some additional delay when sending pings without there being activity on receive side.
Added GRPC_TSAN_SUPPRESSED and GRPC_ASAN_SUPPRESSED.
Fail decompression when the gzip trailer is missing.
Include source address in tcp posix async connect errors.
Fix HTTP status conversion inconsistencies.
Add GRPC_ARG_HTTP_PROXY channel argument.
Include the query type and name in all c-ares DNS error messages.
Include the destination address in synchronous TCP connect errors.
Use aligned calculation to determine transport stream from call data.
Fixing bug with END_STREAM if header has continuations.
Fail writes when End of stream has been received.
C++
Fix missing include for std::string.
Don't override cmake cxx standard when already set by the user.
Grpc.Tools: Fix cpp paths in tools to match actual codegen.
TlsCredentialsOption API optimization.
Fixed MinGW 7.3.0 shared library compile and link issues.
Fix interceptor batch method FailHijackedRecvMessage for async APIs.
Python
Add Aio stream stream client interceptor support.
[Aio] Add AsyncIO support for Channelz.
Stop memory leak when Python channel is deallocated without invoking "close".
Expose ALTS client/server credentials in Python API.
[Aio] Stream Unary client interceptor.
[Aio] Make sync handlers runnable in AsyncIO server.
[Aio] Add AsyncIO support to grpcio-status.
[Aio] Implement the Unary Stream client interceptor.
Changes
0.10.1
======
gh api --paginate
-----------------
The api command now offers functionality to recursively fetch next
pages of results until all results have been fetched.
Fixes
-----
- Fix pr create not respecting template when editor was skipped #1243
- Fix pr checkout OWNER:BRANCH invocation setting up upstream configuration in
case maintainers are allowed to modify the pull request branch #1252
- Fix pr status not working in detached HEAD state #1155
- Do not output ANSI colour escape sequences from issue/pr/repo view if standard
output is redirected elsewhere #1187
- Improve error reporting and exit status for mistyped command names #1221
- Improve error reporting when someone might have forgotten to quote values with
spaces #1147
Tweaks
------
- Documentation improvements #1179#1204
- Added description text to Debian/RPM packages #1211
0.28.0
Improved Windows support when using socket errno checks.
Added support for passing text addresses to ServiceInfo.
Improved logging (includes fixing an incorrect logging call)
Improved Windows compatibility by using Adapter.index from ifaddr.
Improved Windows compatibility by stopping using socket.if_nameindex.
Fixed an OS X edge case which should also eliminate a memory leak.
Technically backwards incompatible:
ifaddr 0.1.7 or newer is required now.
It now includes its own vendored copy of Boto.
Release 4.51 (release date: 2020-03-26)
======================================
- Fixed file permissions for credstor2 and tracker files (#1002 and # 1005)
- Added a check to restrict the duration (-d option) for signurl command
to 12 hours if -u flag is used. (#1014)
- Updated rsync command to try patching before overwriting,
rather than checking ACL (#1016)
- Several documentation updates and clarifications.
Release 4.50 (release date: 2020-04-30)
======================================
- Switched to Using V4 signature as default for S3 (#981)
- Updated rsa library to release-4.0 (#992)
- Updated test script to install pyenv if missing for kokoro (#990)
- Fixed print ordering in kms set by using print instead of
text_util.print_to_fd (#974)
- Several documentation updates and clarifications (#969) (#987)
Release 4.49 (release date: 2020-03-26)
======================================
- Added support for service account impersonation for signurl.
- Fixed an issue with rsync throwing error when the destination url is a prefix of
an existing object.
- Several documentation updates and clarifications.
Release 4.48 (release date: 2020-02-28)
======================================
- Fixed special character handling in filenames on Windows with Python3.
- Fixed issue while transferring binary files from S3 with Python3.
- Fixed KMS tests, so that keys are created in the same region as their buckets.
- Several documentation updates and clarifications.
NEWS for rsync 3.2.2
BUG FIXES:
- Avoid a crash when a daemon module enables `transfer logging` without
setting a `log format` value.
- Fixed installing rsync-ssl script from an alternate build dir.
- Fixed the updating of configure.sh from an alternate build dir.
- Apple requires the asm function name to begin with an underscore.
- Avoid a test failure in the daemon test when --atimes is disabled.
ENHANCEMENTS:
- Allow the server side to restrict checksum & compression choices via the
same environment variables the client uses. The env vars can be divided
into "client list & server list" by the "`&`" char or the same list can
apply to both.
- Simplify how the negotiation environment variables apply when interacting
with an older rsync and also when a list contains only invalid names.
- Do not allow a negotiated checksum or compression choice of "none" unless
the user authorized it via an environment variable or command-line option.
- Added the `--max-alloc=SIZE` option to be able to override the memory
allocator's sanity-check limit. It defaults to 1G (as before) but the error
message when exceeding it specifically mentions the new option so that you
can differentiate an out-of-memory error from a failure of this limit. It
also allows you to specify the value via the RSYNC_MAX_ALLOC environment
variable.
- Add the "open atime" daemon parameter to allow a daemon to always enable or
disable the use of O_NOATIME (the default is to let the user control it).
- The default systemd config was changed to remove the `ProtectHome=on`
setting since rsync is often used to serve files in /home and /root and this
seemed a bit too strict. Feel free to use `systemctl edit rsync` to add
that restriction (or maybe `ProtectHome=read-only`), if you like. See the
3.2.0 NEWS for the other restrictions that were added compared to 3.1.3.
- The memory allocation functions now automatically check for a failure and
die when out of memory. This eliminated some caller-side check-and-die
code and added some missing sanity-checking of allocations.
- Put optimizations into their own list in the `--version` output.
- Improved the man page a bit more.
PACKAGING RELATED:
- Prepared the checksum code for an upcoming xxHash release that provides new
XXH3 (64-bit) & XXH128 (128-bit) checksum routines. These will not be
compiled into rsync until the xxhash v0.8.0 include files are installed on
the build host, and that release is a few weeks away at the time this was
written. So, if it's now the future and you have packaged and installed
xxhash-0.8.0-devel, a fresh rebuild of rsync 3.2.2 will give you the new
checksum routines. Just make sure that the new rsync package depends on
xxhash >= 0.8.0.
DEVELOPER RELATED:
- Moved the version number out of configure.ac into its own version.h file so
that we don't need to reconfigure just because the version number changes.
- Moved the daemon parameter list into daemon-parm.txt so that an awk script
can create the interrelated structs and accessors that loadparm.c needs.
v2.69.0
NOTES:
data-source/aws_availability_zones: The blacklisted_names and blacklisted_zone_ids arguments have been deprecated in preference for exclude_names and exclude_zone_ids respectively.
ENHANCEMENTS:
data-source/aws_availability_zones: Add exclude_names and exclude_zone_ids arguments
data-source/aws_elasticsearch_domain: Add advanced_security_options attribute
resource/aws_ecs_service: Increase delete retry timeout from 5 to 20 minutes
resource/aws_ecs_service: Support configurable delete timeout
resource/aws_elasticsearch_domain: Add advanced_security_options configuration block
resource/aws_sfn_state_machine: Add arn attribute
BUG FIXES:
resource/aws_autoscaling_group: Prevent unexpected differences in tags for Terraform 0.11 and earlier with boolean propagate_at_launch values
resource/aws_backup_selection: Correctly handle the associated backup plan being deleted outside Terraform
resource/aws_customer_gateway: Continue allowing 4-byte ASN values in bgp_asn argument
resource/aws_db_instance: Prevent schema version 1 upgrade panic on missing state
resource/aws_db_instance_role_association: Prevent immediate read after creation panic
resource/aws_efs_mount_target: Ensure empty string ("") validation in ip_address argument continues to work for Terraform 0.11 support
resource/aws_route53_record: Ensure old Route53 record is deleted when updating name argument
resource/aws_route53_record: Prevent errors when health_check_id argument is configured and updating set_identifier or type arguments
resource/aws_sfn_state_machine: Handle IAM Role eventual consistency on creation and wait for state machine deletion
resource/aws_spot_fleet_request: Increase default delete timeout to 15 minutes
resource/aws_wafv2_web_acl: Support additional nested and/or/not statement in rule statement and rule statement rate_based_statement attributes
Release: 0.8.0
* Fixed weak reference support in classes with ``__slots__``
* Added ``__bytes__`` to ``IPAddress`` for intuitive usage
* Added ``format()`` function to EUI
* Added ``IPNetwork.netmask`` property setter
* Added support for IABs in the ``40:D8:55`` OUI
* Drastically optimized ``spanning_cidr()``
* Fixed ``"x.x.x.x/x" in IPNetwork`` tests
* Added support for passing iterables of ``IPRange`` to ``IPSet`` and ``cidr_merge()``
Specific bug fixes addressed in this release
- N log N complexity instead of linear
- Efficiently creating a large IPSet from a list of IPRanges?
- Weak reference support
StatZone 1.0.3 (2020-07-06)
- Remove some unneeded seccomp related includes
- Validate architectures for seccomp
- Add seccomp support on i386, tested on glibc and musl
- Use __NR_ instead of SYS_ prefix in #if defined checks
Changes since 4.12.4
--------------------
* BUG 14301: Fix smbd panic on force-close share during async io.
* BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share
folder that contains incorrect symbols in any file name.
* BUG 14391: Fix DFS links.
* BUG 14310: Can't use DNS functionality after a Windows DC has been in
domain.
* BUG 14413: ldapi search to FreeIPA crashes.
* BUG 14396: Add net-ads-join dnshostname=fqdn option.
* BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC.
* BUG 14386: docs-xml: Update list of posible VFS operations for
vfs_full_audit.
* BUG 14382: winbindd: Fix a use-after-free when winbind clients exit.
* BUG 14370: Client tools are not able to read gencache anymore.
Samba 4.12.4
============
o CVE-2020-10730:
A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer
de-reference and further combinations with the LDAP paged_results feature can
give a use-after-free in Samba's AD DC LDAP server.
o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU.
o CVE-2020-10760:
The use of the paged_results or VLV controls against the Global Catalog LDAP
server on the AD DC will cause a use-after-free.
o CVE-2020-14303:
The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process
further requests once it receives an empty (zero-length) UDP packet to
port 137.
For more details, please refer to the security advisories.
Changes since 4.12.3
--------------------
* BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use
several seconds of CPU each.
* BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
and VLV combined.
* BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP
server with paged_result or VLV.
* BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to
AD DC nbt_server.
* BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
and VLV combined, ldb: Bump version to 2.1.4.
Upstream changes:
mikutter 4.0.6
* bundle pulseaudio plugin
* thanks to Shibafu Midorino
* backport a minor improvement from 4.1.0
(fix compatibility issue with pluggaloid 1.3.0 and later)
