This adds a dependency on devel/colordiff.
Changelog for this version:
* Greatly improve speed for large archives by fixing O(n^2) complexity for
archive member lookup.
- There is still O(n^2) complexity for archive member extraction, but this
is less noticeable for various reasons and would require more complexity
to fix, so for now is left as a task for the future.
* Text output: add coloured diff support via colordiff(1).
* Html-dir output: add +/- buttons to fold sub-diffs (i.e. toggle their
visibility) as well as the whole diff itself. As with similar features in
other programs, the effect affects all descendants if you shift-click.
The complete list of changes between version 44 and 63 can be found at
https://anonscm.debian.org/git/reproducible/diffoscope.git/tree/debian/changelog
v 3.6.1
Bug fixes in custom HTTP methods.
Support for PEM files in SSL truststore / keystore configuration.
JS and CSS file content rendered with correct syntax highlighting.
v 3.6
#46#47 Added support for custom HTTP methods.
#48#50 option to ignore all SSL certificate warnings.
#49 GET now supports body.
Build moved to Gradle.
Incorrect multi-keyword mode cipherstring parsing.
Fixes CVE-2015-3276.
Submitted upstream as ITS#8543, it apparently wasn't already(!)
http://www.openldap.org/its/index.cgi/Incoming?id=8543
Bump PKGREVISION for both openldap, openldap-server and openldap-client
(to be on the safe side...)
I had intended to migrate the ada framework to use gcc6-aux instead of
lang/gcc5-aux, but unfortunately there's been a regression on NetBSD.
It builds and tests perfectly on DragonFly and FreeBSD, but it only
builds on NetBSD. All the ACAT tests that involve tasking fail, but
the cause is unclear. All the modifications used on gcc5-aux for NetBSD
are present in gcc6-aux but pthread destruction results in a segfault.
Since then gcc5-aux support has been improved, so I'm putting this away
for a while. NetBSD has been removed from the platform support list
for now, but I'll review any patches I get to fix NetBSD tasking.
This compiler is based on gcc 6.2 and is primarily used for the Ada
frontend.
Changes since 5.4.12:
* Added check for unintended # comments, especially in HOMEPAGE
* Added check for quotes in COMMENT
* Fixed hardcoded package versions for PHP, Python, Lua, etc.
* Code cleanup in the tests
Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.
Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.
Bugs Fixed
Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.
Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.
* MySQL Server now includes a plugin library that enables administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts. This capability provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts. For more information, see The Connection-Control Plugin.
* OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.
This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.
Functionality Added or Changed
------------------------------
* InnoDB: By default, InnoDB reads uncommitted data when calculating statistics. In the case of an uncommitted transaction that deletes rows from a table, InnoDB excludes records that are delete-marked when calculating row estimates and index statistics, which can lead to non-optimal execution plans for other transactions that are operating on the table concurrently using a transaction isolation level other than READ UNCOMMITTED. To avoid this scenario, a new configuration option, innodb_stats_include_delete_marked, can be enabled to ensure that InnoDB includes delete-marked records when calculating persistent optimizer statistics. (Bug 23333990)
* Unit testing now uses Google Mock 1.8. (Bug 24572381, Bug 82823)
Bugs Fixed
Compilation Notes
-----------------
For GCC versions higher than 4.4, -fno-expensive-optimizations was replaced with -ffp-contract=off, which has the effect of enabling more optimizations.
Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.
Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.
* MySQL Server now includes a plugin library that enables administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts. This capability provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts. For more information, see The Connection-Control Plugin.
* OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.
This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.
Common Changes
* CLDR 30.0.3
* Time zone database version 2016j
* ICU SVN repository structure change. See the note on the Source Code Access page for more information.
ICU4C Fixes
* 12815 uspoof_getSkeleton sets backwards-incompatible illegal argument exception
* 12822 digitlist.cpp won't compile on msvc under Node.js
* 12825 uspoof_check goes into an "infinite loop" when U+30FB is in an input string
* 12832 GreekUpper::toUpper skips the final character on a non-terminated UTF-8 string
* 12849 u_strToTitle returns incorrect length if destination is NULL
* 12868 uprv_convertToPosix() Windows bug
This way they got added as dependencies to sqlite3.so, while
only the sqlite3 binary really needs libreadline.
However, even without the LDFLAGS, the sqlite3 binary correctly
links the library in for me (on NetBSD).
Addresses PR 50776.
Bump PKGREVISION.
* What is new in gsl-2.3:
** bug fix in documentation for gsl_linalg_LU_refine
(bug #49728, Joey De Pauw)
** added gsl_multifit_linear_tsvd and gsl_multifit_wlinear_tsvd
to give user more control over cutoff for truncated SVD
** added routines for Generalized Cross Validation for
regularized linear least squares
** improved rstat example program and added documentation for
gsl_rstat_sd_mean (Jonathan Leto)
** added function gsl_multifit_linear_rank
** bug fix in nonlinear least squares when using data weights with
finite-difference Jacobian
** add 2D subspace method for large systems (multilarge_nlinear)
** bug fix in gsl_ran_beta for small parameters
(bug #47646, Yu Liu)
** bug fix in gsl_complex_tan for negative imaginary arguments
(bug #47347, Yu Liu)
** doc bug fix: value of golden ratio
** fixed scaling issue in 2D subspace nonlinear least squares
method
** optimize dogleg methods to calculate Gauss-Newton point
only when needed
iso-codes 3.72
--------------
Dr. Tobias Quathamer <toddy@debian.org>
Thu, 8 Dec 2016
[ ISO 3166-2 ]
* Update from iso.org for Great Britain. Thanks to Vitali Yakavenka
for the bug report. Closes: alioth#315563
[ ISO 3166-2 translations ]
* German by Dr. Tobias Quathamer
Notmuch 0.23.3 (2016-11-27)
===========================
Command Line Interface
----------------------
Treat disappearing files during notmuch new as non-fatal.
Test Suite
----------
Fix incompatibility (related to signature size) with gnupg 2.1.16.
v30.4.0
-------
* #879: For declarative config:
- read_configuration() now accepts ignore_option_errors argument. This allows scraping tools to read metadata without a need to download entire packages. E.g. we can gather some stats right from GitHub repos just by downloading setup.cfg.
- packages find: directive now supports fine tuning from a subsection. The same arguments as for find() are accepted.
v30.3.0
-------
* #394 via #862: Added support for `declarative package
config in a setup.cfg file
<http://setuptools.readthedocs.io/en/latest/setuptools.html#configuring-setup-using-setup-cfg-files>`_.
v30.2.1
-------
* #850: In test command, invoke unittest.main with
indication not to exit the process.
v30.2.0
-------
* #854: Bump to vendored Packaging 16.8.
v30.1.0
-------
* #846: Also trap 'socket.error' when opening URLs in
package_index.
* #849: Manifest processing now matches the filename
pattern anywhere in the filename and not just at the
start. Restores behavior found prior to 28.5.0.
v30.0.0
-------
* #864: Drop support for Python 3.2. Systems requiring
Python 3.2 support must use 'setuptools < 30'.
* #825: Suppress warnings for single files.
* #830 via #843: Once again restored inclusion of data
files to sdists, but now trap TypeError caused by
techniques employed rjsmin and similar.
Overview of changes leading to 1.3.4
Monday, December 5, 2016
====================================
- Fix vertical glyph origin in hb-ot-font.
- Implement CBDT/CBLC color font glyph extents in hb-ot-font.
* Release 0.12.5 (07-Dec-2016)
** Connection Status Reporting
This release adds an object named `ConnectionInfo`, which encapsulates
information about a connection (both progress while being established, and
the outcome once connected). This includes which connection hint was
successful, what happened with the other hints, which handlers were used for
each, and when the connection was made or lost. To get one of these, use
`tub.getConnectionInfoForFURL(furl)` any time after `getReference()` is
called, or `rref.getConnectionInfo()` after it resolves. #267
It also adds `ReconnectionInfo`, a similar object for Reconnectors. These
capture the state of reconnection process (trying, established, waiting), and
will provide a `ConnectionInfo` for the most recent (possibly successful)
connection attempt. The API is `reconnector.getReconnectionInfo()`. #268
For details, see "Connection Progress/Status" and "Reconnector Status" in
`doc/using-foolscap.rst`.
** Connection Handler API Changes
To support `ConnectionInfo`, the Connection Handler API was changed.
The one backwards-incompatible change was that the `hint_to_endpoint()`
method now takes a third argument, to update the status as the handler makes
progress. External handler functions will need to be modified to accept this
new argument, and applications which use them should declare a dependency
upon the latest Foolscap version, to avoid runtime breakage.
Several backwards-compatible changes were made too: handlers can provide a
`describe()` method (which feeds `ConnectionInfo.connectionHandlers`), and
they can now set a special attribute on any exception they raise, to further
influence the status string.
In addition, the `tor.control_endpoint_maker()` handler now accepts an
optional second argument, which causes the maker function to be called with a
additional `update_status` argument. This backwards-compatible change allows
the maker function to influence the `ConnectionInfo` status too.
The Tor connection handler was enhanced to report distinct statuses for the
different phases of connection: launching a new copy of Tor, connecting to an
existing Tor daemon, etc.
** Minor Fixes
Foolscap-0.12.0 broke `flappserver create`, causing the command to hang
rather than exiting cleanly (although the flappserver directory itself was
probably created properly). This release finally fixes it. #271
Many of these definitely do not depend on readline.
So there must be a different underlying problem, and that
should be tracked down instead of papering over it.
Noteworthy changes in version 1.7.4 (2016-12-09) [C21/A1/R4]
------------------------------------------------
* Performance:
- More ARMv8/AArch32 improvements for AES, GCM, SHA-256, and SHA-1.
- Add ARMv8/AArch32 assembly implementation for Twofish and
Camellia.
- Add bulk processing implementation for ARMv8/AArch32.
- Add Stribog OIDs.
- Improve the DRBG performance and sync the code with the Linux
version.
* Internal changes:
- When secure memory is requested by the MPI functions or by
gcry_xmalloc_secure, they do not anymore lead to a fatal error if
the secure memory pool is used up. Instead new pools are
allocated as needed. These new pools are not protected against
being swapped out (mlock can't be used). However, these days
this is considered a minor issue and can easily be mitigated by
using encrypted swap space.
* Bug fixes:
- Fix GOST 28147 CryptoPro-B S-box.
- Fix error code handling of mlock calls.
