V0.87
Antonio Querubin (1):
Use setcap instead of setuid when installing the binary.
Baptiste Jonglez (4):
Allow enabling IP info and ASN lookup from the curses interface
Document the -y option in the manpage
Cosmetic cleanup of the option-parsing code
Fix wrap-around bug when displaying IP info (-y option)
Danek Duvall (1):
Fix issue #76: rationalize the discovery of a terminal handling library
Gareth Randall (6):
Corrected the "without gtk" reference to "./configure --without-gtk"
Filled in some of the missing man page sections.
Remove a warning message at compile time.
Fix typos and update mailing list references.
Add a section about granting limited security capabilities.
State that Github is the preferred way to report bugs.
Guo Yixuan (1):
Raw output: add x for a ping-packet-sent event.
Hajimu UMEMOTO (1):
Add aslookup support to gtk interface
Jakub Wilk (1):
Fix typos.
Kris Coward (1):
Added --displaymode option
Narthorn (1):
curses: Fix background transparency in terminal
Nikolai R Kristiansen (1):
Add support for JSON as report output format
R.E. Wolff (9):
explanation of the version numbers in NEWS.
Merge branch 'master' of github.com:traviscross/mtr
removed warning about IPV6 socket when IPV6 is not available at runtime
fix for printing space field in XML.
modified name of timeout variable to prevent warning on solaris.
changed the name of the ping timout timer from 'tag' to 'ping timeout timer'
net.c fix from AQ.
issue 128: compile should be in .gitignore
The release script bumped the version number
Rogier Wolff (1):
added use-default-colors...
Theo Baschak (1):
Update asn.c - 32bit asn widths
Tobias Rittweiler (5):
Fix typo in csv_close() that prevented any of the data columns from being printed.
--csv: Don't print spaces in columns.
--csv: Print a header line as the first line which names all columns.
asn.h: Guard against being included twice.
Fix setting length field of UDP header to broken value on BSD systems.
Vojtech Kurka (1):
Fixed behaviour of Pause button
aquerubin (3):
Correct psize for IPv6.
Fix Avg and Best column order to match column headers in GTK display.
Update Tony's email address in the GTK credits.
penyu (1):
add max-unknown option
russor (10):
allow setting local and remote port for UDP probing
fix checksum for odd sized packets
set the local address for display if it was bound
automatically set udp address if needed
fix improper aliasing
fix placement of zeros when running alternate udp checksum
endian neutral placement of alternate checksum
copy odd byte into a 16-bit temp value; used bit-sized types for calrity
correct checksum calculation when adding the overflow overflows
add option to set graceperiod
swordfeng (3):
Add SCTP support (same way with tcp)
remove comment
fix sctp header structure
Changes in version 0.2.8.6 - 2016-08-02
Tor 0.2.8.6 is the first stable version of the Tor 0.2.8 series.
The Tor 0.2.8 series improves client bootstrapping performance,
completes the authority-side implementation of improved identity
keys for relays, and includes numerous bugfixes and performance
improvements throughout the program. This release continues to
improve the coverage of Tor's test suite.
Below is a list of the changes since Tor 0.2.7.
o New system requirements:
- Tor no longer attempts to support platforms where the "time_t"
type is unsigned. (To the best of our knowledge, only OpenVMS does
this, and Tor has never actually built on OpenVMS.) Closes
ticket 18184.
- Tor no longer supports versions of OpenSSL with a broken
implementation of counter mode. (This bug was present in OpenSSL
1.0.0, and was fixed in OpenSSL 1.0.0a.) Tor still detects, but no
longer runs with, these versions.
- Tor now uses Autoconf version 2.63 or later, and Automake 1.11 or
later (released in 2008 and 2009 respectively). If you are
building Tor from the git repository instead of from the source
distribution, and your tools are older than this, you will need to
upgrade. Closes ticket 17732.
o Directory authority changes:
- Update the V3 identity key for the dannenberg directory authority:
it was changed on 18 November 2015. Closes task 17906. Patch
by teor.
- Urras is no longer a directory authority. Closes ticket 19271.
o Major features (directory system):
- Include a trial list of default fallback directories, based on an
opt-in survey of suitable relays. Doing this should make clients
bootstrap more quickly and reliably, and reduce the load on the
directory authorities. Closes ticket 15775. Patch by teor.
Candidates identified using an OnionOO script by weasel, teor,
gsathya, and karsten.
- Previously only relays that explicitly opened a directory port
(DirPort) accepted directory requests from clients. Now all
relays, with and without a DirPort, accept and serve tunneled
directory requests that they receive through their ORPort. You can
disable this behavior using the new DirCache option. Closes
ticket 12538.
- When bootstrapping multiple consensus downloads at a time, use the
first one that starts downloading, and close the rest. This
reduces failures when authorities or fallback directories are slow
or down. Together with the code for feature 15775, this feature
should reduces failures due to fallback churn. Implements ticket
4483. Patch by teor. Implements IPv4 portions of proposal 210 by
mikeperry and teor.
o Major features (security, Linux):
- When Tor starts as root on Linux and is told to switch user ID, it
can now retain the capability to bind to low ports. By default,
Tor will do this only when it's switching user ID and some low
ports have been configured. You can change this behavior with the
new option KeepBindCapabilities. Closes ticket 8195.
o Major bugfixes (client, bootstrapping):
- Check if bootstrap consensus downloads are still needed when the
linked connection attaches. This prevents tor making unnecessary
begindir-style connections, which are the only directory
connections tor clients make since the fix for 18483 was merged.
- Fix some edge cases where consensus download connections may not
have been closed, even though they were not needed. Related to fix
for 18809.
- Make relays retry consensus downloads the correct number of times,
rather than the more aggressive client retry count. Fixes part of
ticket 18809.
o Major bugfixes (dns proxy mode, crash):
- Avoid crashing when running as a DNS proxy. Fixes bug 16248;
bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
o Major bugfixes (ed25519, voting):
- Actually enable support for authorities to match routers by their
Ed25519 identities. Previously, the code had been written, but
some debugging code that had accidentally been left in the
codebase made it stay turned off. Fixes bug 17702; bugfix
on 0.2.7.2-alpha.
- When collating votes by Ed25519 identities, authorities now
include a "NoEdConsensus" flag if the ed25519 value (or lack
thereof) for a server does not reflect the majority consensus.
Related to bug 17668; bugfix on 0.2.7.2-alpha.
- When generating a vote with keypinning disabled, never include two
entries for the same ed25519 identity. This bug was causing
authorities to generate votes that they could not parse when a
router violated key pinning by changing its RSA identity but
keeping its Ed25519 identity. Fixes bug 17668; fixes part of bug
18318. Bugfix on 0.2.7.2-alpha.
o Major bugfixes (key management):
- If OpenSSL fails to generate an RSA key, do not retain a dangling
pointer to the previous (uninitialized) key value. The impact here
should be limited to a difficult-to-trigger crash, if OpenSSL is
running an engine that makes key generation failures possible, or
if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
Baishakhi Ray.
o Major bugfixes (security, client, DNS proxy):
- Stop a crash that could occur when a client running with DNSPort
received a query with multiple address types, and the first
address type was not supported. Found and fixed by Scott Dial.
Fixes bug 18710; bugfix on 0.2.5.4-alpha.
o Major bugfixes (security, compilation):
- Correctly detect compiler flags on systems where _FORTIFY_SOURCE
is predefined. Previously, our use of -D_FORTIFY_SOURCE would
cause a compiler warning, thereby making other checks fail, and
needlessly disabling compiler-hardening support. Fixes one case of
bug 18841; bugfix on 0.2.3.17-beta. Patch from "trudokal".
- Repair hardened builds under the clang compiler. Previously, our
use of _FORTIFY_SOURCE would conflict with clang's address
sanitizer. Fixes bug 14821; bugfix on 0.2.5.4-alpha.
o Major bugfixes (security, pointers):
- Avoid a difficult-to-trigger heap corruption attack when extending
a smartlist to contain over 16GB of pointers. Fixes bug 18162;
bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
Reported by Guido Vranken.
o Major bugfixes (testing):
- Fix a bug that would block 'make test-network-all' on systems where
IPv6 packets were lost. Fixes bug 19008; bugfix on 0.2.7.3-rc.
o Major bugfixes (user interface):
- Correctly give a warning in the cases where a relay is specified
by nickname, and one such relay is found, but it is not officially
Named. Fixes bug 19203; bugfix on 0.2.3.1-alpha.
o Minor features (accounting):
- Added two modes to the AccountingRule option: One for limiting
only the number of bytes sent ("AccountingRule out"), and one for
limiting only the number of bytes received ("AccountingRule in").
Closes ticket 15989; patch from "unixninja92".
o Minor features (bug-resistance):
- Make Tor survive errors involving connections without a
corresponding event object. Previously we'd fail with an
assertion; now we produce a log message. Related to bug 16248.
- Use tor_snprintf() and tor_vsnprintf() even in external and low-
level code, to harden against accidental failures to NUL-
terminate. Part of ticket 17852. Patch from jsturgix. Found
with Flawfinder.
o Minor features (build):
- Detect systems with FreeBSD-derived kernels (such as GNU/kFreeBSD)
as having possible IPFW support. Closes ticket 18448. Patch from
Steven Chamberlain.
- Since our build process now uses "make distcheck", we no longer
force "make dist" to depend on "make check". Closes ticket 17893;
patch from "cypherpunks".
- Tor now builds once again with the recent OpenSSL 1.1 development
branch (tested against 1.1.0-pre5 and 1.1.0-pre6-dev). We have been
tracking OpenSSL 1.1 development as it has progressed, and fixing
numerous compatibility issues as they arose. See tickets
17549, 17921, 17984, 19499, and 18286.
- When building manual pages, set the timezone to "UTC", so that the
output is reproducible. Fixes bug 19558; bugfix on 0.2.2.9-alpha.
Patch from intrigeri.
o Minor features (clients):
- Make clients, onion services, and bridge relays always use an
encrypted begindir connection for directory requests. Resolves
ticket 18483. Patch by teor.
o Minor features (controller):
- Add 'GETINFO exit-policy/reject-private/[default,relay]', so
controllers can examine the the reject rules added by
ExitPolicyRejectPrivate. This makes it easier for stem to display
exit policies.
- Adds the FallbackDir entries to 'GETINFO config/defaults'. Closes
tickets 16774 and 17817. Patch by George Tankersley.
- New 'GETINFO hs/service/desc/id/' command to retrieve a hidden
service descriptor from a service's local hidden service
descriptor cache. Closes ticket 14846.
o Minor features (crypto):
- Add SHA3 and SHAKE support to crypto.c. Closes ticket 17783.
- Add SHA512 support to crypto.c. Closes ticket 17663; patch from
George Tankersley.
- Improve performance when hashing non-multiple of 8 sized buffers,
based on Andrew Moon's public domain SipHash-2-4 implementation.
Fixes bug 17544; bugfix on 0.2.5.3-alpha.
- Validate the hard-coded Diffie-Hellman parameters and ensure that
p is a safe prime, and g is a suitable generator. Closes
ticket 18221.
- When allocating a digest state object, allocate no more space than
we actually need. Previously, we would allocate as much space as
the state for the largest algorithm would need. This change saves
up to 672 bytes per circuit. Closes ticket 17796.
o Minor features (directory downloads):
- Add UseDefaultFallbackDirs, which enables any hard-coded fallback
directory mirrors. The default is 1; set it to 0 to disable
fallbacks. Implements ticket 17576. Patch by teor.
- Wait for busy authorities and fallback directories to become non-
busy when bootstrapping. (A similar change was made in 6c443e987d
for directory caches chosen from the consensus.) Closes ticket
17864; patch by teor.
o Minor features (geoip):
- Update geoip and geoip6 to the July 6 2016 Maxmind GeoLite2
Country database.
o Minor features (hidden service directory):
- Streamline relay-side hsdir handling: when relays consider whether
to accept an uploaded hidden service descriptor, they no longer
check whether they are one of the relays in the network that is
"supposed" to handle that descriptor. Implements ticket 18332.
o Minor features (IPv6):
- Add ClientPreferIPv6DirPort, which is set to 0 by default. If set
to 1, tor prefers IPv6 directory addresses.
- Add ClientUseIPv4, which is set to 1 by default. If set to 0, tor
avoids using IPv4 for client OR and directory connections.
- Add address policy assume_action support for IPv6 addresses.
- Add an argument 'ipv6=address:orport' to the DirAuthority and
FallbackDir torrc options, to specify an IPv6 address for an
authority or fallback directory. Add hard-coded ipv6 addresses for
directory authorities that have them. Closes ticket 17327; patch
from Nick Mathewson and teor.
- Allow users to configure directory authorities and fallback
directory servers with IPv6 addresses and ORPorts. Resolves
ticket 6027.
- Limit IPv6 mask bits to 128.
- Make tor_ersatz_socketpair work on IPv6-only systems. Fixes bug
17638; bugfix on 0.0.2pre8. Patch by teor.
- Try harder to obey the IP version restrictions "ClientUseIPv4 0",
"ClientUseIPv6 0", "ClientPreferIPv6ORPort", and
"ClientPreferIPv6DirPort". Closes ticket 17840; patch by teor.
- Warn when comparing against an AF_UNSPEC address in a policy, it's
almost always a bug. Closes ticket 17863; patch by teor.
- routerset_parse now accepts IPv6 literal addresses. Fixes bug
17060; bugfix on 0.2.1.3-alpha. Patch by teor.
o Minor features (Linux seccomp2 sandbox):
- Reject attempts to change our Address with "Sandbox 1" enabled.
Changing Address with Sandbox turned on would never actually work,
but previously it would fail in strange and confusing ways. Found
while fixing 18548.
o Minor features (logging):
- When logging to syslog, allow a tag to be added to the syslog
identity (the string prepended to every log message). The tag can
be configured with SyslogIdentityTag and defaults to none. Setting
it to "foo" will cause logs to be tagged as "Tor-foo". Closes
ticket 17194.
o Minor features (portability):
- Use timingsafe_memcmp() where available. Closes ticket 17944;
patch from <logan@hackers.mu>.
o Minor features (relay, address discovery):
- Add a family argument to get_interface_addresses_raw() and
subfunctions to make network interface address interogation more
efficient. Now Tor can specifically ask for IPv4, IPv6 or both
types of interfaces from the operating system. Resolves
ticket 17950.
- When get_interface_address6_list(.,AF_UNSPEC,.) is called and
fails to enumerate interface addresses using the platform-specific
API, have it rely on the UDP socket fallback technique to try and
find out what IP addresses (both IPv4 and IPv6) our machine has.
Resolves ticket 17951.
o Minor features (replay cache):
- The replay cache now uses SHA256 instead of SHA1. Implements
feature 8961. Patch by teor, issue reported by rransom.
o Minor features (robustness):
- Exit immediately with an error message if the code attempts to use
Libevent without having initialized it. This should resolve some
frequently-made mistakes in our unit tests. Closes ticket 18241.
o Minor features (security, clock):
- Warn when the system clock appears to move back in time (when the
state file was last written in the future). Tor doesn't know that
consensuses have expired if the clock is in the past. Patch by
teor. Implements ticket 17188.
o Minor features (security, exit policies):
- ExitPolicyRejectPrivate now rejects more private addresses by
default. Specifically, it now rejects the relay's outbound bind
addresses (if configured), and the relay's configured port
addresses (such as ORPort and DirPort). Fixes bug 17027; bugfix on
0.2.0.11-alpha. Patch by teor.
o Minor features (security, memory erasure):
- Make memwipe() do nothing when passed a NULL pointer or buffer of
zero size. Check size argument to memwipe() for underflow. Fixes
bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
patch by teor.
- Set the unused entries in a smartlist to NULL. This helped catch
a (harmless) bug, and shouldn't affect performance too much.
Implements ticket 17026.
- Use SecureMemoryWipe() function to securely clean memory on
Windows. Previously we'd use OpenSSL's OPENSSL_cleanse() function.
Implements feature 17986.
- Use explicit_bzero or memset_s when present. Previously, we'd use
OpenSSL's OPENSSL_cleanse() function. Closes ticket 7419; patches
from <logan@hackers.mu> and <selven@hackers.mu>.
o Minor features (security, RNG):
- Adjust Tor's use of OpenSSL's RNG APIs so that they absolutely,
positively are not allowed to fail. Previously we depended on
internal details of OpenSSL's behavior. Closes ticket 17686.
- Never use the system entropy output directly for anything besides
seeding the PRNG. When we want to generate important keys, instead
of using system entropy directly, we now hash it with the PRNG
stream. This may help resist certain attacks based on broken OS
entropy implementations. Closes part of ticket 17694.
- Use modern system calls (like getentropy() or getrandom()) to
generate strong entropy on platforms that have them. Closes
ticket 13696.
o Minor features (security, win32):
- Set SO_EXCLUSIVEADDRUSE on Win32 to avoid a local port-stealing
attack. Fixes bug 18123; bugfix on all tor versions. Patch
by teor.
o Minor features (unix domain sockets):
- Add a new per-socket option, RelaxDirModeCheck, to allow creating
Unix domain sockets without checking the permissions on the parent
directory. (Tor checks permissions by default because some
operating systems only check permissions on the parent directory.
However, some operating systems do look at permissions on the
socket, and tor's default check is unneeded.) Closes ticket 18458.
Patch by weasel.
o Minor features (unix file permissions):
- Defer creation of Unix sockets until after setuid. This avoids
needing CAP_CHOWN and CAP_FOWNER when using systemd's
CapabilityBoundingSet, or chown and fowner when using SELinux.
Implements part of ticket 17562. Patch from Jamie Nguyen.
- If any directory created by Tor is marked as group readable, the
filesystem group is allowed to be either the default GID or the
root user. Allowing root to read the DataDirectory prevents the
need for CAP_READ_SEARCH when using systemd's
CapabilityBoundingSet, or dac_read_search when using SELinux.
Implements part of ticket 17562. Patch from Jamie Nguyen.
- Introduce a new DataDirectoryGroupReadable option. If it is set to
1, the DataDirectory will be made readable by the default GID.
Implements part of ticket 17562. Patch from Jamie Nguyen.
o Minor bugfixes (accounting):
- The max bandwidth when using 'AccountRule sum' is now correctly
logged. Fixes bug 18024; bugfix on 0.2.6.1-alpha. Patch
from "unixninja92".
o Minor bugfixes (assert, portability):
- Fix an assertion failure in memarea.c on systems where "long" is
shorter than the size of a pointer. Fixes bug 18716; bugfix
on 0.2.1.1-alpha.
o Minor bugfixes (bootstrap):
- Consistently use the consensus download schedule for authority
certificates. Fixes bug 18816; bugfix on 0.2.4.13-alpha.
o Minor bugfixes (build):
- Avoid spurious failures from configure files related to calling
exit(0) in TOR_SEARCH_LIBRARY. Fixes bug 18625; bugfix on
0.2.0.1-alpha. Patch from "cypherpunks".
- Do not link the unit tests against both the testing and non-
testing versions of the static libraries. Fixes bug 18490; bugfix
on 0.2.7.1-alpha.
- Resolve warnings when building on systems that are concerned with
signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha
and 0.2.6.1-alpha.
- Silence spurious clang-scan warnings in the ed25519_donna code by
explicitly initializing some objects. Fixes bug 18384; bugfix on
0.2.7.2-alpha. Patch by teor.
- When libscrypt.h is found, but no libscrypt library can be linked,
treat libscrypt as absent. Fixes bug 19161; bugfix
on 0.2.6.1-alpha.
- Cause the unit tests to compile correctly on mingw64 versions that
lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha.
- Don't try to use the pthread_condattr_setclock() function unless
it actually exists. Fixes compilation on NetBSD-6.x. Fixes bug
17819; bugfix on 0.2.6.3-alpha.
- Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix
on 0.2.5.2-alpha.
- Fix search for libevent libraries on OpenBSD (and other systems
that install libevent 1 and libevent 2 in parallel). Fixes bug
16651; bugfix on 0.1.0.7-rc. Patch from "rubiate".
- Isolate environment variables meant for tests from the rest of the
build system. Fixes bug 17818; bugfix on 0.2.7.3-rc.
- Mark all object files that include micro-revision.i as depending
on it, so as to make parallel builds more reliable. Fixes bug
17826; bugfix on 0.2.5.1-alpha.
- Remove config.log only from make distclean, not from make clean.
Fixes bug 17924; bugfix on 0.2.4.1-alpha.
- Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix
on 0.0.2pre8.
- Remove an #endif from configure.ac so that we correctly detect the
presence of in6_addr.s6_addr32. Fixes bug 17923; bugfix
on 0.2.0.13-alpha.
o Minor bugfixes (client, bootstrap):
- Count receipt of new microdescriptors as progress towards
bootstrapping. Previously, with EntryNodes set, Tor might not
successfully repopulate the guard set on bootstrapping. Fixes bug
16825; bugfix on 0.2.3.1-alpha.
o Minor bugfixes (code correctness):
- Fix a bad memory handling bug that would occur if we had queued a
cell on a channel's incoming queue. Fortunately, we can't actually
queue a cell like that as our code is constructed today, but it's
best to avoid this kind of error, even if there isn't any code
that triggers it today. Fixes bug 18570; bugfix on 0.2.4.4-alpha.
- Assert that allocated memory held by the reputation code is freed
according to its internal counters. Fixes bug 17753; bugfix
on 0.1.1.1-alpha.
- Assert when the TLS contexts fail to initialize. Fixes bug 17683;
bugfix on 0.0.6.
- Update to the latest version of Trunnel, which tries harder to
avoid generating code that can invoke memcpy(p,NULL,0). Bug found
by clang address sanitizer. Fixes bug 18373; bugfix
on 0.2.7.2-alpha.
- When closing an entry connection, generate a warning if we should
have sent an end cell for it but we haven't. Fixes bug 17876;
bugfix on 0.2.3.2-alpha.
o Minor bugfixes (configuration):
- Fix a tiny memory leak when parsing a port configuration ending in
":auto". Fixes bug 18374; bugfix on 0.2.3.3-alpha.
o Minor bugfixes (containers):
- If we somehow attempt to construct a heap with more than
1073741822 elements, avoid an integer overflow when maintaining
the heap property. Fixes bug 18296; bugfix on 0.1.2.1-alpha.
o Minor bugfixes (controller, microdescriptors):
- Make GETINFO dir/status-vote/current/consensus conform to the
control specification by returning "551 Could not open cached
consensus..." when not caching consensuses. Fixes bug 18920;
bugfix on 0.2.2.6-alpha.
o Minor bugfixes (crypto):
- Check the return value of HMAC() and assert on failure. Fixes bug
17658; bugfix on 0.2.3.6-alpha. Patch by teor.
o Minor bugfixes (directories):
- When fetching extrainfo documents, compare their SHA256 digests
and Ed25519 signing key certificates with the routerinfo that led
us to fetch them, rather than with the most recent routerinfo.
Otherwise we generate many spurious warnings about mismatches.
Fixes bug 17150; bugfix on 0.2.7.2-alpha.
- When generating a URL for a directory server on an IPv6 address,
wrap the IPv6 address in square brackets. Fixes bug 18051; bugfix
on 0.2.3.9-alpha. Patch from Malek.
o Minor bugfixes (downloading):
- Predict more correctly whether we'll be downloading over HTTP when
we determine the maximum length of a URL. This should avoid a
"BUG" warning about the Squid HTTP proxy and its URL limits. Fixes
bug 19191.
o Minor bugfixes (exit policies, security):
- Refresh an exit relay's exit policy when interface addresses
change. Previously, tor only refreshed the exit policy when the
configured external address changed. Fixes bug 18208; bugfix on
0.2.7.3-rc. Patch by teor.
o Minor bugfixes (fallback directories):
- Mark fallbacks as "too busy" when they return a 503 response,
rather than just marking authorities. Fixes bug 17572; bugfix on
0.2.4.7-alpha. Patch by teor.
- When requesting extrainfo descriptors from a trusted directory
server, check whether it is an authority or a fallback directory
which supports extrainfo descriptors. Fixes bug 18489; bugfix on
0.2.4.7-alpha. Reported by atagar, patch by teor.
o Minor bugfixes (hidden service, client):
- Handle the case where the user makes several fast consecutive
requests to the same .onion address. Previously, the first six
requests would each trigger a descriptor fetch, each picking a
directory (there are 6 overall) and the seventh one would fail
because no directories were left, thereby triggering a close on
all current directory connections asking for the hidden service.
The solution here is to not close the connections if we have
pending directory fetches. Fixes bug 15937; bugfix
on 0.2.7.1-alpha.
o Minor bugfixes (hidden service, control port):
- Add the onion address to the HS_DESC event for the UPLOADED action
both on success or failure. It was previously hardcoded with
UNKNOWN. Fixes bug 16023; bugfix on 0.2.7.2-alpha.
o Minor bugfixes (hidden service, directory):
- Bridges now refuse "rendezvous2" (hidden service descriptor)
publish attempts. Suggested by ticket 18332.
o Minor bugfixes (IPv6):
- Update the limits in max_dl_per_request for IPv6 address length.
Fixes bug 17573; bugfix on 0.2.1.5-alpha.
o Minor bugfixes (Linux seccomp2 sandbox):
- Allow more syscalls when running with "Sandbox 1" enabled:
sysinfo, getsockopt(SO_SNDBUF), and setsockopt(SO_SNDBUFFORCE). On
some systems, these are required for Tor to start. Fixes bug
18397; bugfix on 0.2.5.1-alpha. Patch from Daniel Pinto.
- Allow IPPROTO_UDP datagram sockets when running with "Sandbox 1",
so that get_interface_address6_via_udp_socket_hack() can work.
Fixes bug 19660; bugfix on 0.2.5.1-alpha.
- Allow the setrlimit syscall, and the prlimit and prlimit64
syscalls, which some libc implementations use under the hood.
Fixes bug 15221; bugfix on 0.2.5.1-alpha.
- Avoid a 10-second delay when starting as a client with "Sandbox 1"
enabled and no DNS resolvers configured. This should help TAILS
start up faster. Fixes bug 18548; bugfix on 0.2.5.1-alpha.
- Fix a crash when using offline master ed25519 keys with the Linux
seccomp2 sandbox enabled. Fixes bug 17675; bugfix on 0.2.7.3-rc.
- Allow statistics to be written to disk when "Sandbox 1" is
enabled. Fixes bugs 19556 and 19957; bugfix on 0.2.5.1-alpha and
0.2.6.1-alpha respectively.
o Minor bugfixes (logging):
- In log messages that include a function name, use __FUNCTION__
instead of __PRETTY_FUNCTION__. In GCC, these are synonymous, but
with clang __PRETTY_FUNCTION__ has extra information we don't
need. Fixes bug 16563; bugfix on 0.0.2pre8. Fix by Tom van
der Woerdt.
- Remove needless quotes from a log message about unparseable
addresses. Fixes bug 17843; bugfix on 0.2.3.3-alpha.
- Scrub service name in "unrecognized service ID" log messages.
Fixes bug 18600; bugfix on 0.2.4.11-alpha.
- When logging information about an unparsable networkstatus vote or
consensus, do not say "vote" when we mean consensus. Fixes bug
18368; bugfix on 0.2.0.8-alpha.
- When we can't generate a signing key because OfflineMasterKey is
set, do not imply that we should have been able to load it. Fixes
bug 18133; bugfix on 0.2.7.2-alpha.
- When logging a malformed hostname received through socks4, scrub
it if SafeLogging says we should. Fixes bug 17419; bugfix
on 0.1.1.16-rc.
o Minor bugfixes (memory safety):
- Avoid freeing an uninitialized pointer when opening a socket fails
in get_interface_addresses_ioctl(). Fixes bug 18454; bugfix on
0.2.3.11-alpha. Reported by toralf and "cypherpunks", patch
by teor.
- Fix a memory leak in "tor --list-fingerprint". Fixes part of bug
18672; bugfix on 0.2.5.1-alpha.
- Fix a memory leak in tor-gencert. Fixes part of bug 18672; bugfix
on 0.2.0.1-alpha.
o Minor bugfixes (pluggable transports):
- Avoid reporting a spurious error when we decide that we don't need
to terminate a pluggable transport because it has already exited.
Fixes bug 18686; bugfix on 0.2.5.5-alpha.
o Minor bugfixes (pointer arithmetic):
- Fix a bug in memarea_alloc() that could have resulted in remote
heap write access, if Tor had ever passed an unchecked size to
memarea_alloc(). Fortunately, all the sizes we pass to
memarea_alloc() are pre-checked to be less than 128 kilobytes.
Fixes bug 19150; bugfix on 0.2.1.1-alpha. Bug found by
Guido Vranken.
o Minor bugfixes (private directory):
- Prevent a race condition when creating private directories. Fixes
part of bug 17852; bugfix on 0.0.2pre13. Part of ticket 17852.
Patch from jsturgix. Found with Flawfinder.
o Minor bugfixes (relays):
- Check that both the ORPort and DirPort (if present) are reachable
before publishing a relay descriptor. Otherwise, relays publish a
descriptor with DirPort 0 when the DirPort reachability test takes
longer than the ORPort reachability test. Fixes bug 18050; bugfix
on 0.1.0.1-rc. Reported by "starlight", patch by teor.
- Resolve some edge cases where we might launch an ORPort
reachability check even when DisableNetwork is set. Noticed while
fixing bug 18616; bugfix on 0.2.3.9-alpha.
o Minor bugfixes (relays, hidden services):
- Refuse connection requests to private OR addresses unless
ExtendAllowPrivateAddresses is set. Previously, tor would connect,
then refuse to send any cells to a private address. Fixes bugs
17674 and 8976; bugfix on 0.2.3.21-rc. Patch by teor.
o Minor bugfixes (security, hidden services):
- Prevent hidden services connecting to client-supplied rendezvous
addresses that are reserved as internal or multicast. Fixes bug
8976; bugfix on 0.2.3.21-rc. Patch by dgoulet and teor.
o Minor bugfixes (statistics):
- Consistently check for overflow in round_*_to_next_multiple_of
functions, and add unit tests with additional and maximal values.
Fixes part of bug 13192; bugfix on 0.2.2.1-alpha.
- Handle edge cases in the laplace functions: avoid division by
zero, avoid taking the log of zero, and silence clang type
conversion warnings using round and trunc. Add unit tests for edge
cases with maximal values. Fixes part of bug 13192; bugfix
on 0.2.6.2-alpha.
- We now include consensus downloads via IPv6 in our directory-
request statistics. Fixes bug 18460; bugfix on 0.2.3.14-alpha.
o Minor bugfixes (test networks, IPv6):
- Allow internal IPv6 addresses in descriptors in test networks.
Fixes bug 17153; bugfix on 0.2.3.16-alpha. Patch by teor, reported
by karsten.
o Minor bugfixes (testing):
- Check the full results of SHA256 and SHA512 digests in the unit
tests. Bugfix on 0.2.2.4-alpha. Patch by teor.
- Fix a memory leak in the ntor test. Fixes bug 17778; bugfix
on 0.2.4.8-alpha.
- Fix a small memory leak that would occur when the
TestingEnableCellStatsEvent option was turned on. Fixes bug 18673;
bugfix on 0.2.5.2-alpha.
- Make unit tests pass on IPv6-only systems, and systems without
localhost addresses (like some FreeBSD jails). Fixes bug 17632;
bugfix on 0.2.7.3-rc. Patch by teor.
- The test for log_heartbeat was incorrectly failing in timezones
with non-integer offsets. Instead of comparing the end of the time
string against a constant, compare it to the output of
format_local_iso_time when given the correct input. Fixes bug
18039; bugfix on 0.2.5.4-alpha.
- We no longer disable assertions in the unit tests when coverage is
enabled. Instead, we require you to say --disable-asserts-in-tests
to the configure script if you need assertions disabled in the
unit tests (for example, if you want to perform branch coverage).
Fixes bug 18242; bugfix on 0.2.7.1-alpha.
o Minor bugfixes (time handling):
- When correcting a corrupt 'struct tm' value, fill in the tm_wday
field. Otherwise, our unit tests crash on Windows. Fixes bug
18977; bugfix on 0.2.2.25-alpha.
- Avoid overflow in tor_timegm when parsing dates in and after 2038
on platforms with 32-bit time_t. Fixes bug 18479; bugfix on
0.0.2pre14. Patch by teor.
o Minor bugfixes (tor-gencert):
- Correctly handle the case where an authority operator enters a
passphrase but sends an EOF before sending a newline. Fixes bug
17443; bugfix on 0.2.0.20-rc. Found by junglefowl.
o Code simplification and refactoring:
- Clean up a little duplicated code in
crypto_expand_key_material_TAP(). Closes ticket 17587; patch
from "pfrankw".
- Decouple the list of streams waiting to be attached to circuits
from the overall connection list. This change makes it possible to
attach streams quickly while simplifying Tor's callgraph and
avoiding O(N) scans of the entire connection list. Closes
ticket 17590.
- Extract the more complicated parts of circuit_mark_for_close()
into a new function that we run periodically before circuits are
freed. This change removes more than half of the functions
currently in the "blob". Closes ticket 17218.
- Move logging of redundant policy entries in
policies_parse_exit_policy_internal into its own function. Closes
ticket 17608; patch from "juce".
- Quote all the string interpolations in configure.ac -- even those
which we are pretty sure can't contain spaces. Closes ticket
17744. Patch from zerosion.
- Remove code for configuring OpenSSL dynamic locks; OpenSSL doesn't
use them. Closes ticket 17926.
- Remove specialized code for non-inplace AES_CTR. 99% of our AES is
inplace, so there's no need to have a separate implementation for
the non-inplace code. Closes ticket 18258. Patch from Malek.
- Simplify return types for some crypto functions that can't
actually fail. Patch from Hassan Alsibyani. Closes ticket 18259.
- When a direct directory request fails immediately on launch,
instead of relaunching that request from inside the code that
launches it, instead mark the connection for teardown. This change
simplifies Tor's callback and prevents the directory-request
launching code from invoking itself recursively. Closes
ticket 17589.
o Documentation:
- Add a description of the correct use of the '--keygen' command-
line option. Closes ticket 17583; based on text by 's7r'.
- Change build messages to refer to "Fedora" instead of "Fedora
Core", and "dnf" instead of "yum". Closes tickets 18459 and 18426.
Patches from "icanhasaccount" and "cypherpunks".
- Document the contents of the 'datadir/keys' subdirectory in the
manual page. Closes ticket 17621.
- Document the minimum HeartbeatPeriod value. Closes ticket 15638.
- Explain actual minima for BandwidthRate. Closes ticket 16382.
- Fix a minor formatting typo in the manpage. Closes ticket 17791.
- Mention torspec URL in the manpage and point the reader to it
whenever we mention a document that belongs in torspce. Fixes
issue 17392.
- Stop recommending use of nicknames to identify relays in our
MapAddress documentation. Closes ticket 18312.
o Removed features:
- Remove client-side support for connecting to Tor relays running
versions of Tor before 0.2.3.6-alpha. These relays didn't support
the v3 TLS handshake protocol, and are no longer allowed on the
Tor network. Implements the client side of ticket 11150. Based on
patches by Tom van der Woerdt.
- We no longer maintain an internal freelist in memarea.c.
Allocators should be good enough to make this code unnecessary,
and it's doubtful that it ever had any performance benefit.
o Testing:
- Add unit tests to check for common RNG failure modes, such as
returning all zeroes, identical values, or incrementing values
(OpenSSL's rand_predictable feature). Patch by teor.
- Always test both ed25519 backends, so that we can be sure that our
batch-open replacement code works. Part of ticket 16794.
- Cover dns_resolve_impl() in dns.c with unit tests. Implements a
portion of ticket 16831.
- Fix several warnings from clang's address sanitizer produced in
the unit tests.
- Log more information when the backtrace tests fail. Closes ticket
17892. Patch from "cypherpunks."
- More unit tests for compat_libevent.c, procmon.c, tortls.c,
util_format.c, directory.c, and options_validate.c. Closes tickets
17075, 17082, 17084, 17003, and 17076 respectively. Patches from
Ola Bini.
- Treat backtrace test failures as expected on FreeBSD until we
solve bug 17808. Closes ticket 18204.
- Unit tests for directory_handle_command_get. Closes ticket 17004.
Patch from Reinaldo de Souza Jr.
-----------------------------------
0.57 2016.08.11
- Set up travisci
- Localize $/ to avoid hang (plicease)
- Add dist metadata. Some other things (plicease)
- Fix to work with newer stacktrace (picease)
Notable changes
- build: zlib symbols and additional OpenSSL symbols are now
exposed on Windows platforms.
- child_process, cluster: Forked child processes and cluster
workers now support stdio configuration.
- child_process: argv[0] can now be set to arbitrary values in
spawned processes.
- fs: fs.ReadStream now exposes the number of bytes it has read so
far.
- repl: The REPL now supports editor mode.
- util: inspect() can now be configured globally using
util.inspect.defaultOptions.
----------------------------------------
version 1.44 at 2016-08-18 11:38:32 +0000
-----------------------------------------
Date : 2016-08-18 12:38:32 +0000
Updated hints for darwin, freebsd and gnu (hurd)
I've released 2.12.1 containing some fixes:
- IMPORTANT: properly validate offsets in cache files. see changelog and
CVE-2016-5384 for more details. thanks to Tobias Stoeckmann for catching
this up!
- build issues regarding to Python.
- add --with-default-hinting to configure.
- fix segfault in FcWeightFromOpenType()
FFTW 3.3.5:
* New SIMD support:
- Power8 VSX instructions in single and double precision.
To use, add --enable-vsx to configure.
- Support for AVX2 (256-bit FMA instructions).
To use, add --enable-avx2 to configure.
- Experimental support for AVX512 and KCVI. (--enable-avx512, --enable-kcvi)
This code is expected to work but the FFTW maintainers do not have
hardware to test it.
- Support for AVX128/FMA (for some AMD machines) (--enable-avx128-fma)
- Double precision Neon SIMD for aarch64.
This code is expected to work but the FFTW maintainers do not have
hardware to test it.
- generic SIMD support using gcc vector intrinsics
* Add fftw_make_planner_thread_safe() API
* fix#18 (disable float128 for CUDACC)
* fix#19: missing Fortran interface for fftwq_alloc_real
* fix#21 (don't use float128 on Portland compilers, which pretend to be gcc)
* fix: Avoid segfaults due to double free in MPI transpose
* Special note for distribution maintainers: Although FFTW supports a
zillion SIMD instruction sets, enabling them all at the same time is
a bad idea, because it increases the planning time for minimal gain.
We recommend that general-purpose x86 distributions only enable SSE2
and perhaps AVX. Users who care about the last ounce of performance
should recompile FFTW themselves.
0.7.2 - 2016-08-04
------------------
- Fix bug with query string matcher where query-strings without values (e.g.,
``?foo&bar`` as opposed to ``?foo=1&bar=2``) were treated as if there were
no query string.
--------------
Version 2.31b:
--------------
- Changed havoc cycle counts for a marked performance boost, especially
with -S / -d. See the discussion of FidgetyAFL in:
https://groups.google.com/forum/#!topic/afl-users/fOPeb62FZUg
While this does not implement the approach proposed by the authors of
the CCS paper, the solution is a result of digging into that research;
more improvements may follow as I do more experiments and get more
definitive data.
--------------
Version 2.30b:
--------------
- Made minor improvements to persistent mode to avoid the remote
possibility of "no instrumentation detected" issues with very low
instrumentation densities.
- Fixed a minor glitch with a leftover process in persistent mode.
Reported by Jakub Wilk and Daniel Stender.
- Made persistent mode bitmaps a bit more consistent and adjusted the way
this is shown in the UI, especially in persistent mode.
--------------
Version 2.29b:
--------------
- Made a minor #include fix to llvm_mode. Suggested by Jonathan Metzman.
- Made cosmetic updates to the docs.
--------------
Version 2.28b:
--------------
- Added "life pro tips" to docs/.
- Moved testcases/_extras/ to dictionaries/ for visibility.
- Made minor improvements to install scripts.
- Added an important safety tip.
--------------
Version 2.27b:
--------------
- Added libtokencap, a simple feature to intercept strcmp / memcmp and
generate dictionary entries that can help extend coverage.
- Moved libdislocator to its own dir, added README.
- The demo in experimental/instrumented_cmp is no more.
--------------
Version 2.26b:
--------------
- Made a fix for libdislocator.so to compile on MacOS X.
- Added support for DYLD_INSERT_LIBRARIES.
- Renamed AFL_LD_PRELOAD to AFL_PRELOAD.
--------------
Version 2.25b:
--------------
- Made some cosmetic updates to libdislocator.so, renamed one env
variable.
--------------
Version 2.24b:
--------------
- Added libdislocator.so, an experimental, abusive allocator. Try
it out with AFL_LD_PRELOAD=/path/to/libdislocator.so when running
afl-fuzz.
Test failures reported upstream.
==========================
SciPy 0.18.0 Release Notes
==========================
.. contents::
SciPy 0.18.0 is the culmination of 6 months of hard work. It contains
many new features, numerous bug-fixes, improved test coverage and
better documentation. There have been a number of deprecations and
API changes in this release, which are documented below. All users
are encouraged to upgrade to this release, as there are a large number
of bug-fixes and optimizations. Moreover, our development attention
will now shift to bug-fix releases on the 0.19.x branch, and on adding
new features on the master branch.
This release requires Python 2.7 or 3.4-3.5 and NumPy 1.7.1 or greater.
Highlights of this release include:
- A new ODE solver for two-point boundary value problems,
`scipy.optimize.solve_bvp`.
- A new class, `CubicSpline`, for cubic spline interpolation of data.
- N-dimensional tensor product polynomials, `scipy.interpolate.NdPPoly`.
- Spherical Voronoi diagrams, `scipy.spatial.SphericalVoronoi`.
- Support for discrete-time linear systems, `scipy.signal.dlti`.
New features
============
`scipy.integrate` improvements
------------------------------
A solver of two-point boundary value problems for ODE systems has been
implemented in `scipy.integrate.solve_bvp`. The solver allows for non-separated
boundary conditions, unknown parameters and certain singular terms. It finds
a C1 continious solution using a fourth-order collocation algorithm.
`scipy.interpolate` improvements
--------------------------------
Cubic spline interpolation is now available via `scipy.interpolate.CubicSpline`.
This class represents a piecewise cubic polynomial passing through given points
and C2 continuous. It is represented in the standard polynomial basis on each
segment.
A representation of n-dimensional tensor product piecewise polynomials is
available as the `scipy.interpolate.NdPPoly` class.
Univariate piecewise polynomial classes, `PPoly` and `Bpoly`, can now be
evaluated on periodic domains. Use ``extrapolate="periodic"`` keyword
argument for this.
`scipy.fftpack` improvements
----------------------------
`scipy.fftpack.next_fast_len` function computes the next "regular" number for
FFTPACK. Padding the input to this length can give significant performance
increase for `scipy.fftpack.fft`.
`scipy.signal` improvements
---------------------------
Resampling using polyphase filtering has been implemented in the function
`scipy.signal.resample_poly`. This method upsamples a signal, applies a
zero-phase low-pass FIR filter, and downsamples using `scipy.signal.upfirdn`
(which is also new in 0.18.0). This method can be faster than FFT-based
filtering provided by `scipy.signal.resample` for some signals.
`scipy.signal.firls`, which constructs FIR filters using least-squares error
minimization, was added.
`scipy.signal.sosfiltfilt`, which does forward-backward filtering like
`scipy.signal.filtfilt` but for second-order sections, was added.
Discrete-time linear systems
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
`scipy.signal.dlti` provides an implementation of discrete-time linear systems.
Accordingly, the `StateSpace`, `TransferFunction` and `ZerosPolesGain` classes
have learned a the new keyword, `dt`, which can be used to create discrete-time
instances of the corresponding system representation.
`scipy.sparse` improvements
---------------------------
The functions `sum`, `max`, `mean`, `min`, `transpose`, and `reshape` in
`scipy.sparse` have had their signatures augmented with additional arguments
and functionality so as to improve compatibility with analogously defined
functions in `numpy`.
Sparse matrices now have a `count_nonzero` method, which counts the number of
nonzero elements in the matrix. Unlike `getnnz()` and ``nnz`` propety,
which return the number of stored entries (the length of the data attribute),
this method counts the actual number of non-zero entries in data.
`scipy.optimize` improvements
-----------------------------
The implementation of Nelder-Mead minimization,
`scipy.minimize(..., method="Nelder-Mead")`, obtained a new keyword,
`initial_simplex`, which can be used to specify the initial simplex for the
optimization process.
Initial step size selection in CG and BFGS minimizers has been improved. We
expect that this change will improve numeric stability of optimization in some
cases. See pull request gh-5536 for details.
Handling of infinite bounds in SLSQP optimization has been improved. We expect
that this change will improve numeric stability of optimization in the some
cases. See pull request gh-6024 for details.
A large suite of global optimization benchmarks has been added to
``scipy/benchmarks/go_benchmark_functions``. See pull request gh-4191 for details.
Nelder-Mead and Powell minimization will now only set defaults for
maximum iterations or function evaluations if neither limit is set by
the caller. In some cases with a slow converging function and only 1
limit set, the minimization may continue for longer than with previous
versions and so is more likely to reach convergence. See issue gh-5966.
`scipy.stats` improvements
--------------------------
Trapezoidal distribution has been implemented as `scipy.stats.trapz`.
Skew normal distribution has been implemented as `scipy.stats.skewnorm`.
Burr type XII distribution has been implemented as `scipy.stats.burr12`.
Three- and four-parameter kappa distributions have been implemented as
`scipy.stats.kappa3` and `scipy.stats.kappa4`, respectively.
New `scipy.stats.iqr` function computes the interquartile region of a
distribution.
Random matrices
~~~~~~~~~~~~~~~
`scipy.stats.special_ortho_group` and `scipy.stats.ortho_group` provide
generators of random matrices in the SO(N) and O(N) groups, respectively. They
generate matrices in the Haar distribution, the only uniform distribution on
these group manifolds.
`scipy.stats.random_correlation` provides a generator for random
correlation matrices, given specified eigenvalues.
`scipy.linalg` improvements
---------------------------
`scipy.linalg.svd` gained a new keyword argument, ``lapack_driver``. Available
drivers are ``gesdd`` (default) and ``gesvd``.
`scipy.linalg.lapack.ilaver` returns the version of the LAPACK library SciPy
links to.
`scipy.spatial` improvements
----------------------------
Boolean distances, `scipy.spatial.pdist`, have been sped up. Improvements vary
by the function and the input size. In many cases, one can expect a speed-up
of x2--x10.
New class `scipy.spatial.SphericalVoronoi` constructs Voronoi diagrams on the
surface of a sphere. See pull request gh-5232 for details.
`scipy.cluster` improvements
----------------------------
A new clustering algorithm, the nearest neighbor chain algorithm, has been
implemented for `scipy.cluster.hierarchy.linkage`. As a result, one can expect
a significant algorithmic improvement (:math:`O(N^2)` instead of :math:`O(N^3)`)
for several linkage methods.
`scipy.special` improvements
----------------------------
The new function `scipy.special.loggamma` computes the principal branch of the
logarithm of the Gamma function. For real input, ``loggamma`` is compatible
with `scipy.special.gammaln`. For complex input, it has more consistent
behavior in the complex plane and should be preferred over ``gammaln``.
Vectorized forms of spherical Bessel functions have been implemented as
`scipy.special.spherical_jn`, `scipy.special.spherical_kn`,
`scipy.special.spherical_in` and `scipy.special.spherical_yn`.
They are recommended for use over ``sph_*`` functions, which are now deprecated.
Several special functions have been extended to the complex domain and/or
have seen domain/stability improvements. This includes `spence`, `digamma`,
`log1p` and several others.
Deprecated features
===================
The cross-class properties of `lti` systems have been deprecated. The
following properties/setters will raise a `DeprecationWarning`:
Name - (accessing/setting raises warning) - (setting raises warning)
* StateSpace - (`num`, `den`, `gain`) - (`zeros`, `poles`)
* TransferFunction (`A`, `B`, `C`, `D`, `gain`) - (`zeros`, `poles`)
* ZerosPolesGain (`A`, `B`, `C`, `D`, `num`, `den`) - ()
Spherical Bessel functions, ``sph_in``, ``sph_jn``, ``sph_kn``, ``sph_yn``,
``sph_jnyn`` and ``sph_inkn`` have been deprecated in favor of
`scipy.special.spherical_jn` and ``spherical_kn``, ``spherical_yn``,
``spherical_in``.
The following functions in `scipy.constants` are deprecated: ``C2K``, ``K2C``,
``C2F``, ``F2C``, ``F2K`` and ``K2F``. They are superceded by a new function
`scipy.constants.convert_temperature` that can perform all those conversions
plus to/from the Rankine temperature scale.
Backwards incompatible changes
==============================
`scipy.optimize`
----------------
The convergence criterion for ``optimize.bisect``,
``optimize.brentq``, ``optimize.brenth``, and ``optimize.ridder`` now
works the same as ``numpy.allclose``.
`scipy.ndimage`
---------------
The offset in ``ndimage.iterpolation.affine_transform``
is now consistently added after the matrix is applied,
independent of if the matrix is specified using a one-dimensional
or a two-dimensional array.
`scipy.stats`
-------------
``stats.ks_2samp`` used to return nonsensical values if the input was
not real or contained nans. It now raises an exception for such inputs.
Several deprecated methods of `scipy.stats` distributions have been removed:
``est_loc_scale``, ``vecfunc``, ``veccdf`` and ``vec_generic_moment``.
Deprecated functions ``nanmean``, ``nanstd`` and ``nanmedian`` have been removed
from `scipy.stats`. These functions were deprecated in scipy 0.15.0 in favor
of their `numpy` equivalents.
A bug in the ``rvs()`` method of the distributions in `scipy.stats` has
been fixed. When arguments to ``rvs()`` were given that were shaped for
broadcasting, in many cases the returned random samples were not random.
A simple example of the problem is ``stats.norm.rvs(loc=np.zeros(10))``.
Because of the bug, that call would return 10 identical values. The bug
only affected code that relied on the broadcasting of the shape, location
and scale parameters.
The ``rvs()`` method also accepted some arguments that it should not have.
There is a potential for backwards incompatibility in cases where ``rvs()``
accepted arguments that are not, in fact, compatible with broadcasting.
An example is
stats.gamma.rvs([2, 5, 10, 15], size=(2,2))
The shape of the first argument is not compatible with the requested size,
but the function still returned an array with shape (2, 2). In scipy 0.18,
that call generates a ``ValueError``.
`scipy.io`
----------
`scipy.io.netcdf` masking now gives precedence to the ``_FillValue`` attribute
over the ``missing_value`` attribute, if both are given. Also, data are only
treated as missing if they match one of these attributes exactly: values that
differ by roundoff from ``_FillValue`` or ``missing_value`` are no longer
treated as missing values.
`scipy.interpolate`
-------------------
`scipy.interpolate.PiecewisePolynomial` class has been removed. It has been
deprecated in scipy 0.14.0, and `scipy.interpolate.BPoly.from_derivatives` serves
as a drop-in replacement.
Other changes
=============
Scipy now uses ``setuptools`` for its builds instead of plain distutils. This
fixes usage of ``install_requires='scipy'`` in the ``setup.py`` files of
projects that depend on Scipy (see Numpy issue gh-6551 for details). It
potentially affects the way that build/install methods for Scipy itself behave
though. Please report any unexpected behavior on the Scipy issue tracker.
PR `#6240 <https://github.com/scipy/scipy/pull/6240>`__
changes the interpretation of the `maxfun` option in `L-BFGS-B` based routines
in the `scipy.optimize` module.
An `L-BFGS-B` search consists of multiple iterations,
with each iteration consisting of one or more function evaluations.
Whereas the old search strategy terminated immediately upon reaching `maxfun`
function evaluations, the new strategy allows the current iteration
to finish despite reaching `maxfun`.
The bundled copy of Qhull in the `scipy.spatial` subpackage has been upgraded to
version 2015.2.
The bundled copy of ARPACK in the `scipy.sparse.linalg` subpackage has been
upgraded to arpack-ng 3.3.0.
The bundled copy of SuperLU in the `scipy.sparse` subpackage has been upgraded
to version 5.1.1.
2.4.0 (2016-08-17)
- ping now ignores all TransportError exceptions and just returns
False
- expose scroll_id on ScanError
- increase default size for scan helper to 1000
- changed Transport.perform_request to just return the body, not
status as well.
2.3.0 (2016-02-29)
- added client_key argument to configure client certificates
- debug logging now includes response body even for failed requests
2.3.5
There are no changes in Elasticsearch 2.3.5 except for the version
bump. This is a compatibility release for bug fixes in Marvel,
Watcher, and Shield.
2.3.4
Bulk
- Copy headers and context to individual requests inside a bulk
CAT API
- Fix merge stats rendering in RestIndicesAction
- Expand wildcards to closed indices in /_cat/indices
Cluster
- Fix block checks when no indices are specified
Core
- Fix misplaced cast when parsing seconds
Highlighting
- Skip all geo point queries in plain highlighter
Internal
- Fix filtering of node ids for TransportNodesAction
Percolator
- Fixed NPE when percolator filter option is "empty".
REST
- Do not decode path when sending error
Translog
- Translog can delete valid .ckp file when views are closed after
the translog
- Dates
Upgrade joda-time to 2.9.4
The latest Go release, version 1.7, arrives six months after 1.6. Most of its
changes are in the implementation of the toolchain, runtime, and libraries.
There is one minor change to the language specification. As always, the release
maintains the Go 1 promise of compatibility. We expect almost all Go programs
to continue to compile and run as before.
There is one tiny language change in this release. The section on terminating
statements clarifies that to determine whether a statement list ends in a
terminating statement, the “final non-empty statement” is considered the end,
matching the existing behavior of the gc and gccgo compiler toolchains. In
earlier releases the definition referred only to the “final statement,” leaving
the effect of trailing empty statements at the least unclear. The go/types
package has been updated to match the gc and gccgo compiler toolchains in this
respect. This change has no effect on the correctness of existing programs.
Go 1.7 adds support for macOS 10.12 Sierra. This support was backported to Go
1.6.3. Binaries built with versions of Go before 1.6.3 will not work correctly
on Sierra.
py-sqlite3. Add missing test dependency on py-nose.
Add comments with links to bug reports about test failures.
Bump PKGREVISION for dependency change.
Add 70 to PHP_VERSIONS_ACCEPTED
Upstream changes:
1.1.1 * Add IPv6 support (geoip_country_code_by_*_v6)
* PHP7 support (thanks to Adam and Dan Ackroyd)
1.1.0 * Add geoip_setup_custom_directory() to setup custom directories per request.
* Remove E_NOTICES for IPs not found in database.
* Fix a segfault with geoip_db_get_all_info() on newer libs (bug #64692).
* Add support for geoip_netspeedcell_by_name(), geoip_asnum_by_name() and geoip_domain_by_name() (bug #67121).
* Fix memory leak with custom directories (bug #67138).
* Support changing custom directory via ini_set() (bug #61607).
Version 3.8.2 released 2016-02-14
* Fix implicit cast compiler warning in _speedups.c
* simplejson is now available as wheels for OS X and Windows thanks to Travis-CI
and AppVeyor respectively! Many thanks to @aebrahim for getting this party
started.
https://github.com/simplejson/simplejson/pull/130https://github.com/simplejson/simplejson/issues/122
Version 3.8.1 released 2015-10-27
* Fix issue with iterable_as_array and indent option
https://github.com/simplejson/simplejson/issues/128
* Fix typo in keyword argument name introduced in 3.8.0
https://github.com/simplejson/simplejson/pull/123
Version 3.8.0 released 2015-07-18
* New iterable_as_array encoder option to perform lazy serialization of
any iterable objects, without having to convert to tuple or list.
Version 3.7.3 released 2015-05-31
* Fix typo introduced in 3.7.0 (behavior should be indistinguishable)
e18cc09b68 (commitcomment-11443842)
Version 3.7.2 released 2015-05-22
* Do not cache Decimal class in encoder, only reference the decimal module.
This may make reload work in more common scenarios.
Version 3.7.1 released 2015-05-18
* Fix compilation with MSVC
https://github.com/simplejson/simplejson/pull/119
Version 3.7.0 released 2015-05-18
* simplejson no longer trusts custom str/repr methods for int, long, float
subclasses. These instances are now formatted as if they were exact
instances of those types.
https://github.com/simplejson/simplejson/issues/118
Upstream changes:
0.21 2016-08-16 01:31:28Z
- no changes since 0.20
0.20 2016-06-19 02:41:02Z (TRIAL RELEASE)
- switch to plain old Exporter, removing build_* subs from the API,
