v0.14.36
This is an unscheduled release to fix a bug that slipped through the cracks in 0.14.34 & 0.14.35.
Resolved issues:
#4297: Folders paths are no longer reset when editing a folder without a label
v0.14.35
This is an unscheduled release in panic mode to fix a significant problem in 0.14.34.
Resolved issues in 0.14.35:
#4288: Symlinks are deleted from versioned folders on startup
Resolved issues in 0.14.34:
#2157: The new folder dialog now suggests a default path. Adjustable via advanced config defaultFolderPath.
#4272: The build script no longer sets -installsuffix by default.
#4286: Prevents a vulnerability that allows file overwrite via versioned symlinks
Note that the last issue is a security vulnerability. Symlinks on Windows are not supported and have not been created by Syncthing for a while. Nonetheless, if you use symlinks on Windows and Syncthing versioning you may have symlinks in your versioning directory from earlier versions. You must remove these manually. Syncthing can not remove them automatically because there are other things that look to us like symlinks but are not - deduplicated files, primarily. (This is one of the reasons symlinks are not supported on Windows.)
On other platforms the versioning directory is cleaned from symlinks as part of the upgrade.
v0.14.34-rc.1
This is a release candidate for v0.14.34.
Resolved issues:
#2157: The new folder dialog now suggests a default path. Adjustable via advanced config defaultFolderPath.
#4272: The build script no longer sets -installsuffix by default.
v0.14.33
This is a regularly scheduled stable release.
Resolved issues:
#4188: Relative version paths are now correctly relative to the folder path
#4227: Remote devices now show bytes remaining to sync
#4249: Editing ignore patterns no longer incorrectly shows included patterns
v0.14.33-rc.1
This is a release candidate for v0.14.33.
Resolved issues:
#4188: Relative version paths are now correctly relative to the folder path
#4227: Remote devices now show bytes remaining to sync
#4249: Editing ignore patterns no longer incorrectly shows included patterns
v0.14.32
This is a regularly scheduled stable release.
Resolved issues:
#4157: "Nearby devices" are now shown in the add device dialog, avoiding the need to type their device ID.
#4219: Folders that were once ignored in a sharing request now actualproperly when later added manually.
v0.14.32-rc.2
This is a release candidate for v0.14.32.
v0.14.32-rc.1
This is a release candidate fo14.31:
#4157: "Nearby devices" are now shown in the add device dialog, avoiding the need to type their device ID.
#4219: Folders that were once ignored in a sharing request now actually work properly when later added manually.
This package installs a binary that is setuid-executable to the
"smmsp" user and it also needs to be owned by the "nagios" group.
Add hooks to create these users and groups in the package install
scripts when the binary package is installed.
Bump the PKGREVISION due to changes in the package install scripts.
The rss-newsfeed.html file was removed in the update to version
4.3.2, so we no longer need to change ownership and permissions on
the file after installation.
Arguably, nagios-base should have a postinstall check for the
rss-newsfeed.* files and remove them, as they were removed in
version 4.3.2 due to security concerns.
* Improve compatibility with GNU Hurd
* Fixed 2286 - improve CMake on Windows documentation
* Fixed 1235 - improved compatibility with mingw64
* Improve zmq_proxy documentation to state it can return ETERM as well
* Fixed 1442 - SO_NOSIGPIPE and connection closing by peer race condition
* Improve CMake functionality on Windows: ZeroMQConfig.cmake generation CPack
option, correct static library filename, ship FindSodium.cmake in tarball
* Fixed 2228 - setting HWM after connect on inproc transport leads to infinite
HWM
* Add support for Visual Studio 2017
* New DRAFT (see NEWS for 4.2.0) zmq_has option "draft" option that returns
true if the library was built with DRAFT enabled. Useful for FFI bindings.
See doc/zmq_has.txt for more information
* Fixed 2321 - zmq_z85_decode does not validate its input. The function has
been fixed to correctly follow RFC32 and return NULL if the input is invalid
* Fixed 2323 - clock_t related crash on Apple iOS 9.3.2 and 9.3.5
* Fixed 1801 - OSX: Cmake installs libzmq in a weird PATH
* Fixed potential divide by zero in zmq::lb_t::sendpipe
* Improve compatibility with OpenIndiana by skipping epoll and using poll/select
* Fix IPv4-in-IPv6 mapped addresses parsing error
Changes from release notes.
Features
* zone parser parses type AVC (it has TXT format).
* Fix#1272: use writev to put tcp length field
with data for outgoing zone transfer requests.
Bugfixes
* Fix potential null pointer in nsec3 adjustment tree.
* Fix text format of deletes for CDS and CDNSKEY,
single 0 to represent empty base64 or hex string.
https://github.com/Kozea/Radicale/issues/675#issuecomment-320029350
* override folder for storing local collections, from
/var/lib/radicale/collections to ${PREFIX}/share/radicale/collections
Update Radicale2 to 2.1.4
2.1.4 - Wild Radish
-------------------
This feature is not compatible with the 1.x.x versions. See
http://radicale.org/1to2/ if you want to switch from 1.x.x to
2.x.x.
* Fix incorrect time range matching and calculation for some edge-cases with
rescheduled recurrences
* Fix owner property
2.1.3 - Wild Radish
-------------------
This feature is not compatible with the 1.x.x versions. See
http://radicale.org/1to2/ if you want to switch from 1.x.x to
2.x.x.
* Enable timeout for SSL handshakes and move them out of the main thread
* Create cache entries during upload of items
* Stop built-in server on Windows when Ctrl+C is pressed
* Prevent slow down when multiple requests hit a collection during cache warm-up
2.1.2 - Wild Radish
-------------------
This feature is not compatible with the 1.x.x versions. See
http://radicale.org/1to2/ if you want to switch from 1.x.x to
2.x.x.
* Remove workarounds for bugs in VObject < 0.9.5
* Error checking of collection tags and associated components
* Improve error checking of uploaded collections and components
* Don't delete empty collection properties implicitly
* Improve logging of VObject serialization
Set PKG_SYSCONFSUBDIR where appropriate, and use {MAKE,OWN}_DIRS to
create the directory tree under ${PKG_SYSCONFDIR} instead of using
INSTALLATION_DIRS.
Bump the PKGREVISION of packages that changed due to changes in the
package install scripts.
Ensure that the ${NAGIOS_GROUP} group is created before the package
files are installed since the plugin binary must be made setgid to
that group.
Bump the PKGREVISIONs of these plugin packages due to package
install scripts being added.
-------------------------------------------------------------------
Ensure that the ${NAGIOS_GROUP} group is created before the package
files are installed since the binary must be made setgid to that
group.
Bump the PKGREVISON due to package install scripts being added.
* Ensure that ${PKG_SYSCONFDIR}/objects is created at package
installation time by adding it to OWN_DIRS.
* Don't explicitly add ${DESTDIR} to files listed in SPECIAL_PERMS
since it is automatically added by the pkgsrc infrastructure if
needed.
* It's "${DESTDIR}${PREFIX}", not "${DESTDIR}/${PREFIX}" -- avoid
having double slashes in pathnames for correctness.
Bump the PKGREVISION due to fixes in the package install scripts.
-------------------------------------------------------------------
Set PKG_SYSCONFSUBDIR to "knot" to have all of the config files
located in the "knot" subdirectory of ${PKG_SYSCONFBASE}.
Pass ${PKG_SYSCONFBASE} to the configure script since the package's
build infrastructure automatically appends "/knot" to the value
passed in through --sysconfdir.
Remove ${PKG_SYSCONFDIR} from INSTALLATION_DIRS since it is
automatically created by the package install script.
Bump the PKGREVISION due to changes in the package install scripts.
There is no REQUIRE_DIRS used by pkgsrc. I think that REQD_DIRS
was meant to be used; however, REQD_DIRS is also the wrong way to
create the config directory.
Set PKG_SYSCONFSUBDIR to "streaming" to automatically create
${PKG_SYSCONFBASE}/streaming during package installation, and
consistently use ${PKG_SYSCONFDIR} within the package Makefile to
refer to the config directory path.
Bump the PKGREVISION due to the changes in the resulting package
scripts.
- Collapse redundant code for invoking service-specific rc.d scripts.
- Don't try to run a service's rc.d script if it isn't enabled in rc.conf.
- Prefix "nb" to procnames.
Bump version.
o Updated the bundled Npcap from 0.91 to 0.93, fixing several issues
with installation and compatibility with the Windows 10 Creators Update.
o NSE scripts now have complete SSH support via libssh2,
including password brute-forcing and running remote commands, thanks to the
combined efforts of three Summer of Code students.
o Added 14 NSE scripts from 6 authors, bringing the total up to 579!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below:
+ ftp-syst sends SYST and STAT commands to FTP servers to get system version
and connection information.
+ http-vuln-cve2017-8917 checks for an SQL injection vulnerability affecting
Joomla! 3.7.x before 3.7.1.
+ iec-identify probes for the IEC 60870-5-104 SCADA protocol.
+ openwebnet-discovery retrieves device identifying information and
number of connected devices running on openwebnet protocol.
+ puppet-naivesigning checks for a misconfiguration in the Puppet CA where
naive signing is enabled, allowing for any CSR to be automatically signed.
+ smb-protocols discovers if a server supports dialects NT LM 0.12
(SMBv1), 2.02, 2.10, 3.00, 3.02 and 3.11. This replaces the old
smbv2-enabled script.
+ smb2-capabilities lists the supported capabilities of SMB2/SMB3
servers.
+ smb2-time determines the current date and boot date of SMB2
servers.
+ smb2-security-mode determines the message signing configuration of
SMB2/SMB3 servers.
+ smb2-vuln-uptime attempts to discover missing critical patches in
Microsoft Windows systems based on the SMB2 server uptime.
+ ssh-auth-methods lists the authentication methods offered by an SSH server.
+ ssh-brute performs brute-forcing of SSH password credentials.
+ ssh-publickey-acceptance checks public or private keys to see if they could
be used to log in to a target. A list of known-compromised key pairs is
included and checked by default.
+ ssh-run uses user-provided credentials to run commands on targets via SSH.
o Removed smbv2-enabled, which was incompatible with the new SMBv2/3
improvements. It was fully replaced by the smb-protocols script.
o Added Datagram TLS (DTLS) support to Ncat in connect (client)
mode with --udp --ssl. Also added Application Layer Protocol Negotiation
(ALPN) support with the --ssl-alpn option.
o Updated the default ciphers list for Ncat and the secure ciphers list for
Nsock to use "!aNULL:!eNULL" instead of "!ADH". With the addition of ECDH
ciphersuites, anonymous ECDH suites were being allowed.
o Fix ndmp-version and ndmp-fs-info when scanning Veritas Backup
Exec Agent 15 or 16.
o Added wildcard detection to dns-brute. Only hostnames that
resolve to unique addresses will be listed.
o FTP scripts like ftp-anon and ftp-brute now correctly handle
TLS-protected FTP services and use STARTTLS when necessary.
o Function url.escape no longer encodes so-called "unreserved"
characters, including hyphen, period, underscore, and tilde, as per RFC 3986.
o Function http.pipeline_go no longer assumes that persistent
connections are supported on HTTP 1.0 target (unless the target explicitly
declares otherwise), as per RFC 7230.
o The HTTP response object has a new member, version, which
contains the HTTP protocol version string returned by the server, e.g. "1.0".
o Fix handling of the objectSID Active Directory attribute
by ldap.lua.
o Fix line endings in the list of Oracle SIDs used by oracle-sid-brute.
Carriage Return characters were being sent in the connection packets, likely
resulting in failure of the script.
o http-useragent-checker now checks for changes in HTTP status
(usually 403 Forbidden) in addition to redirects to indicate forbidden User
Agents.
Pkgsrc changes:
* The hosting of radsecproxy has changed to nordu.net.
Upstream changes:
2017-08-02 1.6.9
Misc:
- Use a listen(2) backlog of 128 (RADSECPROXY-72).
Bug fixes:
- Don't follow NULL the pointer at debug level 5 (RADSECPROXY-68).
- Completely reload CAs and CRLs with cacheExpiry (RADSECPROXY-50).
- Tie Access-Request log lines to response log lines (RADSECPROXY-60).
- Fix a couple of memory leaks and NULL ptr derefs in error cases.
- Take lock on realm refcount before updating it (RADSECPROXY-77).
2016-09-21 1.6.8
Bug fixes:
- Stop waiting on writable when reading a TCP socket.
- Stomp less on the memory of other threads (RADSECPROXY-64).
2016-03-14 1.6.7
Enhancements (security):
- Negotiate TLS1.1, TLS1.2 and DTLS1.2 when possible, client and
server side. Fixes RADSECPROXY-62.
Enhancements:
- Build HTML documentation properly.
api-change:config: Update config command to latest version
api-change:codedeploy: Update codedeploy command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:ses: Update ses command to latest version
1.11.128
api-change:ssm: Update ssm command to latest version
api-change:inspector: Update inspector command to latest version
api-change:ses: Update ses client to latest version
api-change:pinpoint: Update pinpoint client to latest version
api-change:codedeploy: Update codedeploy client to latest version
api-change:config: Update config client to latest version
1.5.91
api-change:ssm: Update ssm client to latest version
api-change:inspector: Update inspector client to latest version
Bug fixes
- Use the incoming ECS for cache lookup if use-incoming-edns-subnet is
set
- when making a netmask from a comboaddress, we neglected to zero the
port. This could lead to a proliferation of netmasks.
- Don't take the initial ECS source for a scope one if EDNS is off
- also set d_requestor without Lua: the ECS logic needs it
- Fix IXFR skipping the additions part of the last sequence
- Treat requestor's payload size lower than 512 as equal to 512
- make URI integers 16 bits, fixes ticket #5443
- unbreak quoting
Improvements
- EDNS Client Subnet becomes compatible with the packet cache, using
the existing variable answer facility.
- Remove just enough entries from the cache, not one more than asked
- Move expired cache entries to the front so they are expunged
- changed IPv6 addr of b.root-servers.net
- e.root-servers.net has IPv6 now
- hello decaf signers (ED25519 and ED448)
- don't use the libdecaf ed25519 signer when libsodium is enabled
(Kees Monshouwer)
- do not hash the message in the ed25519 signer (Kees Monshouwer)
- Disable use-incoming-edns-subnet by default
Here is release note except security (already fixed by bind-9.9.10pl3, BIND
9.9.10-P3).
Release Notes for BIND Version 9.9.11
Introduction
This document summarizes significant changes since the last production
release of BIND on the corresponding major release branch. Please see
the CHANGES file for a further list of bug fixes and other changes.
Download
The latest versions of BIND 9 software can always be found at
http://www.isc.org/downloads/. There you will find additional
information about each release, source code, and pre-compiled versions
for Microsoft Windows operating systems.
New DNSSEC Root Key
ICANN is in the process of introducing a new Key Signing Key (KSK) for
the global root zone. BIND has multiple methods for managing DNSSEC
trust anchors, with somewhat different behaviors. If the root key is
configured using the managed-keys statement, or if the pre-configured
root key is enabled by using dnssec-validation auto, then BIND can keep
keys up to date automatically. Servers configured in this way should
have begun the process of rolling to the new key when it was published
in the root zone in July 2017. However, keys configured using the
trusted-keys statement are not automatically maintained. If your server
is performing DNSSEC validation and is configured using trusted-keys,
you are advised to change your configuration before the root zone
begins signing with the new KSK. This is currently scheduled for
October 11, 2017.
This release includes an updated version of the bind.keys file
containing the new root key. This file can also be downloaded from
https://www.isc.org/bind-keys .
Windows XP No Longer Supported
As of BIND 9.9.11, Windows XP is no longer a supported platform for
BIND, and Windows XP binaries are no longer available for download from
ISC.
Feature Changes
* Threads in named are now set to human-readable names to assist
debugging on operating systems that support that. Threads will have
names such as "isc-timer", "isc-sockmgr", "isc-worker0001", and so
on. This will affect the reporting of subsidiary thread names in ps
and top, but not the main thread. [RT #43234]
* DiG now warns about .local queries which are reserved for Multicast
DNS. [RT #44783]
Bug Fixes
* Fixed a bug that was introduced in an earlier development release
which caused multi-packet AXFR and IXFR messages to fail validation
if not all packets contained TSIG records; this caused
interoperability problems with some other DNS implementations. [RT
#45509]
* Semicolons are no longer escaped when printing CAA and URI records.
This may break applications that depend on the presence of the
backslash before the semicolon. [RT #45216]
* AD could be set on truncated answer with no records present in the
answer and authority sections. [RT #45140]
End of Life
BIND 9.9 (Extended Support Version) will be supported until at least
June, 2018. https://www.isc.org/downloads/software-support-policy/
Here is release note except security (already fixed by bind-9.10.5pl3, BIND
9.10.5-P3).
Release Notes for BIND Version 9.10.6
Introduction
This document summarizes changes since the last production release on
the BIND 9.10 branch. Please see the CHANGES file for a further list of
bug fixes and other changes.
Download
The latest versions of BIND 9 software can always be found at
http://www.isc.org/downloads/. There you will find additional
information about each release, source code, and pre-compiled versions
for Microsoft Windows operating systems.
New DNSSEC Root Key
ICANN is in the process of introducing a new Key Signing Key (KSK) for
the global root zone. BIND has multiple methods for managing DNSSEC
trust anchors, with somewhat different behaviors. If the root key is
configured using the managed-keys statement, or if the pre-configured
root key is enabled by using dnssec-validation auto, then BIND can keep
keys up to date automatically. Servers configured in this way should
have begun the process of rolling to the new key when it was published
in the root zone in July 2017. However, keys configured using the
trusted-keys statement are not automatically maintained. If your server
is performing DNSSEC validation and is configured using trusted-keys,
you are advised to change your configuration before the root zone
begins signing with the new KSK. This is currently scheduled for
October 11, 2017.
This release includes an updated version of the bind.keys file
containing the new root key. This file can also be downloaded from
https://www.isc.org/bind-keys .
Windows XP No Longer Supported
As of BIND 9.10.6, Windows XP is no longer a supported platform for
BIND, and Windows XP binaries are no longer available for download from
ISC.
Feature Changes
* dig +ednsopt now accepts the names for EDNS options in addition to
numeric values. For example, an EDNS Client-Subnet option could be
sent using dig +ednsopt=ecs:.... Thanks to John Worley of Secure64
for the contribution. [RT #44461]
* Threads in named are now set to human-readable names to assist
debugging on operating systems that support that. Threads will have
names such as "isc-timer", "isc-sockmgr", "isc-worker0001", and so
on. This will affect the reporting of subsidiary thread names in ps
and top, but not the main thread. [RT #43234]
* DiG now warns about .local queries which are reserved for Multicast
DNS. [RT #44783]
Bug Fixes
* Fixed a bug that was introduced in an earlier development release
which caused multi-packet AXFR and IXFR messages to fail validation
if not all packets contained TSIG records; this caused
interoperability problems with some other DNS implementations. [RT
#45509]
* Semicolons are no longer escaped when printing CAA and URI records.
This may break applications that depend on the presence of the
backslash before the semicolon. [RT #45216]
* AD could be set on truncated answer with no records present in the
answer and authority sections. [RT #45140]
End of Life
The end of life for BIND 9.10 is yet to be determined but will not be
before BIND 9.12.0 has been released for 6 months.
https://www.isc.org/downloads/software-support-policy/
Core
[YoutubeDL] Improve default format specification (#13704)
[YoutubeDL] Do not override id, extractor and extractor_key for
url_transparent entities
[extractor/common] Fix playlist_from_matches
Extractors
[itv] Fix production id extraction (#13671, #13703)
[vidio] Make duration non fatal and fix typo
[mtv] Skip missing video parts (#13690)
[sportbox:embed] Fix extraction
[npo] Add support for npo3.nl URLs (#13695)
[dramafever] Remove video id from title (#13699)
[egghead:lesson] Add support for lessons (#6635)
[funnyordie] Extract more metadata (#13677)
[youku:show] Fix playlist extraction (#13248)
[dispeak] Recognize sevt subdomain (#13276)
[adn] Improve error reporting (#13663)
[crunchyroll] Relax series and season regex (#13659)
[spiegel:article] Add support for nexx iframe embeds (#13029)
[nexx:embed] Add support for iframe embeds
[nexx] Improve JS embed extraction
[pearvideo] Add support for pearvideo.com (#13031)
This perl module will search the MusicBrainz database through their
web service and return objects with the found data.
This package contains the old 0.x branch of the package, using v1
of the MusicBrainz API.
Bug #5196 - Some keys on Korean and Japanese keyboards have the same keycode
Bug #5578 - Pressing Hangul key results in alt+'a'
Bug #5785 - Can't switch screens when cursor is in a corner
Bug #3197 - Linux: switchDoubleTap option is not working
Bug #4477 - Linux: Mouse buttons higher than id 10 result in crash
Bug #5832 - Linux: Screen size misdetected on multi-monitor display
Enhancement #4504 - Improved Korean language description
Enhancement #5525 - Added support for precise screen positioning in config file
api-change:ec2: Update ec2 command to latest version
api-change:appstream: Update appstream command to latest version
1.11.123
api-change:emr: Update emr command to latest version
1.11.122
api-change:budgets: Update budgets command to latest version
api-change:appstream: Update appstream client to latest version
api-change:ec2: Update ec2 client to latest version
1.5.86
api-change:emr: Update emr client to latest version
1.5.85
api-change:budgets: Update budgets client to latest version
- Configuration: CELERY_SEND_EVENTS instead of CELERYD_SEND_EVENTS for 3.1.x compatibility
- App: Restore behavior so Broadcast queues work.
- Sphinx: Make appstr use standard format
- App: Make id, name always accessible from logging.Formatter via extra
- Worker: Add worker_shutting_down signal
- PyPy: Support PyPy version 5.8.0
- Results: Elasticsearch: Fix serializing keys
- Canvas: Deserialize all tasks in a chain
- Systemd: Recover loglevel for ExecStart in systemd config
- Sphinx: Use the Sphinx add_directive_to_domain API.
- App: Pass properties to before_task_publish signal
- Results: Add SSL option for Redis backends
- Beat: celery.schedule.crontab: fix reduce
- State: Fix celery issues when using flower REST API
- Results: Elasticsearch: Fix serializing document id.
- Beat: Make shallow copy of schedules dictionary
- Beat: Populate heap when periodic tasks are changed
- Task: Allow class methods to define tasks
- Platforms: Always return boolean value when checking if signal is supported.
- Canvas: Avoid duplicating chains in chords
- Canvas: Lookup task only if list has items
- Results: Allow unicode message for exception raised in task
- Python3: Support for Python 3.6
- App: Fix retried tasks with expirations
- * Fixes items format route in docs
- Utils: Fix maybe_make_aware
- Task: Fix task ETA issues when timezone is defined in configuration
- Concurrency: Consumer does not shutdown properly when embedded in gevent application
- Canvas: Fix 3725: Task replaced with group does not complete
- Task: Correct order in chains with replaced tasks
- Result: Enable synchronous execution of sub-tasks
- Task: Fix request context for blocking task apply (added hostname)
- Utils: Fix task argument handling
- Beat: Provide a transparent method to update the Scheduler heap
- Beat: Specify default value for pidfile option of celery beat.
- Results: Elasticsearch: Stop generating a new field every time when a new result is being put
- Results: Elasticsearch now reuses fields when new results are added.
- Results: Fixed MongoDB integration when using binary encodings
- Worker: Making missing ``*args`` and ``kwargs`` in Task protocol 1
return empty value in protocol 2.
- App: Fixed :exc:`TypeError` in AMQP when using deprecated signal
- Beat: Added a transparent method to update the scheduler heap.
- Task: Fixed handling of tasks with keyword arguments on Python 3
- Task: Fixed request context for blocking task apply by adding missing
hostname attribute.
- Task: Added option to run subtasks synchronously with
``disable_sync_subtasks`` argument.
- App: Fixed chaining of replaced tasks.
- Canvas: Fixed bug where replaced tasks with groups were not completing
- Worker: Fixed problem where consumer does not shutdown properly when
embedded in a gevent application.
- Results: Added support for using AWS DynamoDB as a result backend.
- Testing: Added caching on pip installs.
- Worker: Prevent consuming queue before ready on startup.
- App: Fixed task ETA issues when timezone is defined in configuration
- Utils: ``maybe_make_aware`` should not modify datetime when it is
already timezone-aware.
- App: Fixed retrying tasks with expirations.
- Results: Allow unicode message for exceptions raised in task
- Canvas: Fixed :exc:`IndexError` raised when chord has an empty header.
- Canvas: Avoid duplicating chains in chords.
- Utils: Allow class methods to define tasks.
- Beat: Populate heap when periodic tasks are changed.
- Results: Added support for Elasticsearch backend options settings.
- Events: Ensure ``Task.as_dict()`` works when not all information about
task is available.
- Schedules: Fixed pickled crontab schedules to restore properly.
- Results: Added SSL option for redis backends
1.7.7. It fixes some major issues, a memory leak in the compression code, a
segfault when you dump a map on the CLI while trying to remove an entry and a
bug introduced by a fix in 1.7.5 that causes haproxy to ignore "timeout
http-keep-alive".
go14 has no relro support AFAICT.
go-1.8.3 has if you use -buildmode=pie, but it claims it's not supported
on Linux.
Disable relro checking for go packages until bsiegert has time to
look at this.
