Changelog:
Based on Firefox 52.4.1
SeaMonkey-specific changes
SeaMonkey should no longer crash when you start it or try to use the mail feature on OS X 10.12 or greater.
You were not always prompted for authentication in SeaMonkey 2.48 under certain scenarios resulting in login failures. The problem, tracked in bug 1347857, has been fixed.
Mail and News: The way images are included in a compose window has changed. Images are now included as data URIs and not as references to parts of other messages or operating system files. This allows better interoperability with office packages such as MS Office or LibreOffice. Images linked from locations on the internet will no longer be downloaded and attached to the message automatically. This can be changed globally by setting the preference mail.compose.attach_http_images.
Language support for nb-NO has been re-added.
SeaMonkey now uses gtk3 on Linux. If you experience a problem because of this please file a bug and link it to Switch Linux builds to GTK3 with SeaMonkey 2.49. Pleae try another OS theme first. Some of them are buggy and cause problems with SeaMonkey, Thunderbird and Firefox.
Quotes are now colored differently in Mails bug 1374708.
Under OSX the left panes in Bookmarks Manager, MailNews and Address Book are now styled like finder panes. See bug 1095904.
Quotes are now colored differently in Mails up to 5 levels deep depending on your OS. See bug 1374708. This may break custom themes for email composition because a new style sheet named "messageQuotes.css" has been added.
Major bugfixes in 1.12.3
Fix for infinite recursion on buffer free in v4l2
Fix for glimagesink crash on macOS when used via autovideosink
Fix for huge overhead in matroskamux caused by writing one
Cluster per audio-frame in audio-only streams. Also use
SimpleBlocks for Opus and other audio codecs, which works around
a bug in VLC that prevented Opus streams to be played and
decreases overhead even more
Fix for flushing seeks in rtpmsrc always causing an error
Fix for timestamp overflows in calculations in audio encoder base class
Fix for RTP h265 depayloader marking P-frames as I-frames
Fix for long connection delays of clients in RTSP server
Fixes for event handling in queue and queue2 elements, and
updates to buffering levels on NOT_LINKED streams
Various fixes to event and buffering handling in decodebin3/playbin3
Various fixes for memory leaks, deadlocks and crashes in all modules
... and many, many more!
1.11.185
api-change:ec2: Update ec2 command to latest version
1.11.184
api-change:elasticache: Update elasticache command to latest version
api-change:batch: Update batch command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:application-autoscaling: Update application-autoscaling command to latest version
1.11.183
api-change:rds: Update rds command to latest version
api-change:elbv2: Update elbv2 command to latest version
api-change:s3: Update s3 command to latest version
1.11.182
api-change:kms: Update kms command to latest version
api-change:stepfunctions: Update stepfunctions command to latest version
api-change:pricing: Update pricing command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:organizations: Update organizations command to latest version
1.11.181
api-change:ecs: Update ecs command to latest version
1.11.180
api-change:apigateway: Update apigateway command to latest version
bugfix:datapipeline: Fixed a bug in datapipeline where list-runs could only handle 100 runs.
1.7.43
api-change:ec2: Update ec2 client to latest version
1.7.42
api-change:application-autoscaling: Update application-autoscaling client to latest version
api-change:elasticache: Update elasticache client to latest version
api-change:batch: Update batch client to latest version
api-change:ec2: Update ec2 client to latest version
1.7.41
api-change:elbv2: Update elbv2 client to latest version
api-change:s3: Update s3 client to latest version
api-change:rds: Update rds client to latest version
1.7.40
api-change:stepfunctions: Update stepfunctions client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:kms: Update kms client to latest version
api-change:organizations: Update organizations client to latest version
api-change:pricing: Update pricing client to latest version
Version 4.3
The async= parameter to integrate with asyncio has become async_= (:ghpull:`431`), as async is becoming a Python keyword from Python 3.6. Pexpect will still recognise async as an alternative spelling.
Similarly, the module pexpect.async became pexpect._async (:ghpull:`450`). This module is not part of the public API.
Fix problems with asyncio objects closing file descriptors during garbage collection (:ghissue:`347`, :ghpull:`376`).
Set the .pid attribute of a :class:`~.PopenSpawn` object (:ghpull:`417`).
Fix passing Windows paths to :class:`~.PopenSpawn` (:ghpull:`446`).
:class:`~.PopenSpawn` on Windows can pass string commands through to Popen without splitting them into a list (:ghpull:`447`).
Stop shlex trying to read from stdin when :class:`~.PopenSpawn` is passed cmd=None (:ghissue:`433`, :ghpull:`434`).
Ensure that an error closing a Pexpect spawn object raises a Pexpect error, rather than a Ptyprocess error (:ghissue:`383`, :ghpull:`386`).
Cleaned up invalid backslash escape sequences in strings (:ghpull:`430`, :ghpull:`445`).
The pattern for a password prompt in :mod:`pexpect.pxssh` changed from password to password: (:ghpull:`452`).
Correct docstring for using unicode with spawn (:ghpull:`395`).
Various other improvements to documentation.
HPLIP 3.17.10 - This release has the following changes:
Added Support for the following new Scanners:
- HP Scanjet Enterprise Flow N9120 fn2 Document Scanner
- HP Digital Sender Flow 8500 fn2 Document Capture Workstation
Added Support for the following new Distros:
- Debian 9.1
HPLIP 3.17.9 - This release has the following changes:
Added Support for the following new Printers:
- HP OfficeJet Pro 7720 Wide Format All-in-One
- HP DeskJet AMP All-in-One Printer
- HP OfficeJet 5220 All-in-One Printer
- HP OfficeJet 5230 All-in-One Printer
- HP OfficeJet 5232 All-in-One Printer
- HP ENVY Photo 6220 All-in-One Printer
- HP ENVY Photo 6232 All-in-One Printer
- HP ENVY Photo 7120 All-in-One Printer
- HP ENVY Photo 7134 All-in-One Printer
- HP ENVY Photo 7820 All-in-One Printer
- HP ENVY 5020 All-in-One Printer
- HP ENVY 5032 All-in-One Printer
- HP DeskJet Ink Advantage 3735 All-in-One
- HP ENVY Photo 6234 All-in-One Printer
- HP ENVY Photo 6230 All-in-One Printer
- HP AMP 130 All-in-One Printer
- HP OfficeJet Pro 7730 Wide Format All-in-One
- HP ENVY Photo 7155 All-in-One Printer
- HP ENVY Photo 7164 All-in-One Printer
- HP ENVY Photo 7155 All-In-One Printer
- HP ENVY Photo 7800 All-In-One Printer
- HP ENVY Photo 6200 All-In-One Printer
- HP ENVY Photo 7130 All-in-One Printer
- HP ENVY Photo 7830 All-in-One Printer
- HP ENVY Photo 7120 All-in-One Printer
- HP ENVY Photo 7820 All-in-One Printer
- HP ENVY Photo 7855 All-in-One Printer
- HP DeskJet Ink Advantage 5075 All-in-One Printer
- HP PageWide Enterprise Color 765dn
- HP PageWide Managed Color E75160dn
- HP PageWide Enterprise Color MFP 780dn
- HP PageWide Enterprise Color Flow MFP 785f
- HP PageWide Enterprise Color Flow MFP 785zs
- HP PageWide Enterprise Color Flow MFP 785z+
- HP PageWide Managed Color MFP E77650dn
- HP PageWide Managed Color MFP E77650dns
- HP PageWide Managed Color MFP E77660dn
- HP PageWide Managed Color Flow MFP E77650z
- HP PageWide Managed Color Flow MFP E77650zs
- HP PageWide Managed Color Flow MFP E77650z+
- HP PageWide Managed Color Flow MFP E77660z
- HP PageWide Managed Color Flow MFP E77660zs
- HP PageWide Managed Color Flow MFP E77660z+
- HP ENVY 5030 All-in-One Printer
Added support for the following new Distros:
- openSuse 42.3 (64-bit)
- LinuxMint-18.2 (32-bit and 64-bit)
- Fedora-26 (32-bit and 64-bit)
- RHEL -7.3 (64-bit)
Changes:
- Security: Fix double-free in server TCP listener cleanup
A double-free in the server could be triggered by an authenticated
user if dropbear is running with -a (Allow connections to forwarded
ports from any host)
This could potentially allow arbitrary code execution as root by an
authenticated user. Affects versions 2013.56 to 2016.74. Thanks to
Mark Shepard for reporting the crash.
CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
- Security: Fix information disclosure with ~/.ssh/authorized_keys
symlink. Dropbear parsed authorized_keys as root, even if it were
a symlink. The fix is to switch to user permissions when opening
authorized_keys
A user could symlink their ~/.ssh/authorized_keys to a root-owned
file they couldn't normally read. If they managed to get that file
to contain valid authorized_keys with command= options it might be
possible to read other contents of that file.
This information disclosure is to an already authenticated user.
Thanks to Jann Horn of Google Project Zero for reporting this.
CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
- Generate hostkeys with dropbearkey atomically and flush to disk with
fsync. Thanks to Andrei Gherzan for a patch.
- Fix out of tree builds with bundled libtom
Thanks to Henrik Nordström and Peter Krefting for patches.
changes in version 2.2.2:
* gpg: Avoid duplicate key imports by concurrently running gpg
processes.
* gpg: Fix creating on-disk subkey with on-card primary key.
* gpg: Fix validity retrieval for multiple keyrings.
* gpg: Fix --dry-run and import option show-only for secret keys.
* gpg: Print "sec" or "sbb" for secret keys with import option
import-show.
* gpg: Make import less verbose.
* gpg: Add alias "Key-Grip" for parameter "Keygrip" and new
parameter "Subkey-Grip" to unattended key generation.
* gpg: Improve "factory-reset" command for OpenPGP cards.
* gpg: Ease switching Gnuk tokens into ECC mode by using the magic
keysize value 25519.
* gpgsm: Fix --with-colon listing in crt records for fields > 12.
* gpgsm: Do not expect X.509 keyids to be unique.
* agent: Fix stucked Pinentry when using --max-passphrase-days.
* agent: New option --s2k-count.
* dirmngr: Do not follow https-to-http redirects.
* dirmngr: Reduce default LDAP timeout from 100 to 15 seconds.
* gpgconf: Ignore non-installed components for commands
--apply-profile and --apply-defaults.
* Add configure option --enable-werror.
Version 2.10:
- Added a new extension node called OverlayScope which can be used to
create an unoptimized scope that will look up all variables from a
derived context.
- Added an in test that works like the in operator. This can be used
in combination with reject and select.
- Added previtem and nextitem to loop contexts, providing access to the
previous/next item in the loop. If such an item does not exist, the value is
undefined.
- Added changed(*values) to loop contexts, providing an easy way of
checking whether a value has changed since the last iteration (or rather
since the last call of the method)
- Added a namespace function that creates a special object which allows
attribute assignment using the set tag. This can be used to carry data
across scopes, e.g. from a loop body to code that comes after the loop.
- Added a trimmed modifier to {% trans %} to strip linebreaks and
surrounding whitespace. Also added a new policy to enable this for all
trans blocks.
- The random filter is no longer incorrectly constant folded and will
produce a new random choice each time the template is rendered.
- Added a unique filter.
- Added min and max filters.
- Added tests for all comparison operators: eq, ne, lt, le,
gt, ge.
- import statement cannot end with a trailing comma.
- indent filter will not indent blank lines by default.
- Add reverse argument for dictsort filter.
- Add a NativeEnvironment that renders templates to native Python types
instead of strings.
- Added filter support to the block set tag.
- tojson filter marks output as safe to match documented behavior.
- Resolved a bug where getting debug locals for tracebacks could
modify template context.
- Fixed a bug where having many {% elif ... %} blocks resulted in a
"too many levels of indentation" error. These blocks now compile to
native elif ..: instead of else: if ..:
3.36.0:
This release adds a setting to the public API, and does some internal cleanup:
The :attr:`~hypothesis.settings.derandomize` setting is now documented
Removed - and disallowed - all 'bare excepts' in Hypothesis
Documented the :attr:`~hypothesis.settings.strict` setting as deprecated, and updated the build so our docs always match deprecations in the code.
Security fix for CVE-2017-16651.
RELEASE 1.2.7
-------------
- Fix rewind(): stream does not support seeking (#5950)
- Fix bug where HTML messages could have been rendered empty on some systems
(#5957)
- Fix (again) bug where image data URIs in css style were treated as
evil/remote in mail preview (#5580)
- Managesieve: Fix parsing dot-staffed lines in multiline text (#5838, #5959)
- Fix file disclosure vulnerability caused by insufficient input validation
[CVE-2017-16651] (#6026)
By default redland is configured with `--disable-gtk-doc'. However,
despite that it will checks several `gtkdoc-*' tools anyway ending
in an failure during the installation phase because only a couple
of them are available.
Add a kludge via CONFIGURE_ENV to avoid picking up gtkdoc-* tools.
Pointed out by <oster>, thanks!
6.29 2017-11-06
- Fix some version numbers
6.28 2017-11-06
- Remove last use of Geopt::Std (Sergey Remanov) (GH #267)
- Include unmatched connect error in status string (Patrik Lundin) (GH #269)
- Fix insecure open FILEHANDLE,EXPR (Takumi Akiyama) (GH #270)