0.7.10 [2014-07-21 18:06:54 +0200]:
- [87ebf13df38c] NEWS: add a word about json-c library support (Vincent Bernat)
- [5dcd280d1267] lldpcli: fix jansson implementation of the JSON output (Vincent Bernat)
- [71542b4ec734] configure: if --with-json, default to jansson implementation (Vincent Bernat)
- [368daef3d649] cdp: complete manual page with CDP-related options (Vincent Bernat)
- [611aba00053c] cdp: Make it possible to enable CDPv2 without enabling CDPv1 (Michel Stam)
- [5d8f75fe9fdc] lldpcli: Add json description to lldpcli usage (Michel Stam)
- [619c379964fd] cdp: Add power requirement to CDPv2 frames (Michel Stam)
- [8ff14a6d117e] lldpcli: Add support for JSON-C (Michel Stam)
- [62d6f99d2d17] lldpcli: make complete command work on privleged commands as well (Vincent Bernat)
- [314f382a5093] lldpcli: provide a hidden complete command for shell completion (Vincent Bernat)
- [e13945c02c44] lldpcli: change how privileged commands are declared (Vincent Bernat)
- [40df69956ad0] lldpcli: reformat a bit bash completion to be more readable (Vincent Bernat)
- [ecd41283aa58] priv: avoid a socket leak when interface is already in promisc (Vincent Bernat)
- [ba908c4eedaa] snmp: avoid deferencing a pointer when it may be NULL (Vincent Bernat)
- [5317a14a3f0e] dcbx tlv recd are printed as log_debug (Sam Tannous)
- [7efa65c16ec7] lldpcli: use protocol map from liblldpctl to select protocol (Vincent Bernat)
- [baaa96d1530c] lldpcli: document `-u` argument in synopsis (Vincent Bernat)
- [494264f0f831] lldpcli: add display filter to show nbrs running specific protocols (Sam Tannous)
- [e147917d5257] lib: update liblldpctl versioning (Vincent Bernat)
- [1fa64c11d337] Add call to process more messages from data already read. (Sam Tannous)
- [0469161dd554] Add error code to the multicast address add/delete failure msg (Sam Tannous)
- [4f670a1e8ace] Move interface update msg to debug level (Sam Tannous)
- [003620d3104b] Add ignore handler for SIGHUP in lldpcli (Sam Tannous)
- [aef05ae38c63] This patch adds bash completion for lldpcli. (Sam Tannous)
- [ea51049df882] snmp: use poll() to wait for AgentX socket to be ready (Vincent Bernat)
- [dc6436adb4db] snmp: preserve previous flags when making AgentX socket non-blocking (Vincent Bernat)
- [b93e39a16736] make agentx socket non-blocking (Sam Tannous)
- [ad21b578b215] Make "too many neighbors for port" msg appear less frequently (Sam Tannous)
- [aca48e4ba570] lldpd: Fix netlink notification group for address changes (Sam Tannous)
- [b0b8841b0b42] Increase event buffer (Sam Tannous)
- [e595efb4c177] log: info messages should be logged on syslog but not on first debug level (Vincent Bernat)
- [254e5134d933] lldpd: fix log_info (Sam Tannous)
- [5e23c6b99bd3] NEWS: credit seccomp fix (Vincent Bernat)
- [d64549384f6f] lldpd: fix use of NULL in execl* (Vincent Bernat)
- [d769cdb235cc] Merge pull request #70 from chutz/seccomp-whitelist (Vincent Bernat)
- [285b33afd0da] lldpd: whitelist sendto, poll, recvmsg and readv in seccomp sandbox (Patrick McLean)
- [1059a20e7e2d] NEWS: add a word about ability to disable LLDP (Vincent Bernat)
- [b8a802bc7d8a] lldpd: fix how LLDP can be disabled (Vincent Bernat)
- [806eaef4832a] cdp: don't expect and off-by-one checksum (Vincent Bernat)
- [a5a60bbf97ed] frame: fix CDP checksum (udbxtd2008)
- [f4da5f84837c] README: document the new promisc interface in README as well (Vincent Bernat)
- [0a6f3866b830] lldpcli: give more details in the manual page about promiscuous mode (Vincent Bernat)
- [f84199ddf6c9] lldpcli: add an option to enable promisc mode on managed interfaces (Vincent Bernat)
- [ace524261458] priv: don't output rc status twice when unable to open socket (Vincent Bernat)
- [50724a52606f] README: more about Cisco sending LLDP frames on VLAN 1 (Vincent Bernat)
- [af5f56616c7f] osx: update version to 0.7.9 (Vincent Bernat)
* Removed dhcpcd-dbus dependency
* Split icons off into dhcpcd-icons
* Add dhcpcd-qt front end
* Improved IPv6 support in dhcpcd-6 is now reported
* Numerous bug fixes
* SSID menus now update in realtime when new scans come in
* Fix an unaligned access error on BeagleBone Black with FreeBSD.
Thanks to Guy Yur for the patch.
* Remove the fast loop trying to up an interface which does not
report carrier.
* Remove vis based encoding - instead validate against option type and
stop at invalid [1]
This removes all shell escaped encoding - dhcpcd will assume that IF
the --script option is a shell, it will quote variables correctly.
The stock dhcpcd-run-hooks does.
* dhcpcd -V now prints how the variables will be decoded.
* Changed some options in dhcpcd-definitions.conf to more sensible defaults.
* Don't daemonise on delegated address dad.
* Don't drop delegated reject route when forking.
* Fix IPv6 handling of link-local addresses on KAME stacks.
* Work on OpenBSD-5.6 without any special interface setup needed.
* Callout to handlecarrier when we don't have real carrier support and
rely on looking at IFF_UP and IFF_RUNNING.
This allows our hooks to know that dhcpcd thinks we have a carrier or not.
[1] DHCP option encodings defined in dhcpcd-definitions.conf
* domain (RFC3397)/dname (string) is strict domain name allowance
(ie, [alnum] with _- (but not at the start or end))
* string is now printable ascii (1-127) until invalid
* ascii is all ascii (1-127) until invalid
* raw is all chars (1-255) until NUL
* binhex is a hex representation of the option including embedded NULs
* ssid is still escpaed octal because it's expected to be human readable
AND can technically be all NUL
* everything else has strict option -> value encoding
- Version 3.3.5 fixes a number of bugs in 3.3.4 and earlier versions.
- Version 3.3.4 fixes a small number of bugs in 3.3.3 and earlier versions.
In particular it fixes a bug introduced in 3.3.3 which could cause startup
to fail under some circumstances.
- Version 3.3.3 fixes a small number of bugs in 3.3.2 and earlier versions.
In particular it fixes a bug introduced in 3.3.2 which could cause
logging to stop under some circumstances.
Changes in 0.5.2
fcdf0f8 Autoconf: check for htonll as declaration in a header file
5790ec7 SSL: correctly report hostname verification errors.
d60c28c Build: disable OpenSSL deprecation warnings on OSX
072191a Lib: include platform, version and copyright in AMQP handshake
8b448c6 Examples: print message body in amqp[s]_listen[q] examples
7188e5d Tools: Add flag to set prefetch for amqp-consume tool
Changes in 0.5.1
a566929 SSL: Add support for wildcards in hostname verification (Mike Steinert)
a78aa8a Lib: Use poll(2) instead of select(2) for timeouts on sockets.
357bdb3 Lib: support for specifying frame and decoding pool sizes. (Mike Stitt)
8956003 Lib: improve invalid frame detection code.
b852f84 Lib: Add missing amqp_get_server_properties() function.
7001e82 Lib: Add missing ssize_t on Win32 (emazv72)
c2ce2cb Lib: Correctly specify WINVER on Win32 when unspecified.
fe844e4 CMake: specify -DHAVE_CONFIG_H in examples.
932de5f Lib: correct time computation on Win32 (jestor)
3e83192 HPUX: use gethrtime on HP-UX for timers.
cb1b44e HPUX: correct include location of sys/uio.h
8ce585d Lib: incorrect OOM condition when 0-lenth exchange name is received.
c7716b8 CMake: correct htonll detection code on platforms defined with a macro.
4dc4eda Lib: remove unused assignment.
45302cf Lib: remove range-check of channel-ids.
Note that this announcement includes everything from 1.4.2 too, which was
never officially released as some critical bugs were found.
Bug reports fixed in this release:
GStreamer core:
* 734412 : multiqueue: The buffering logic can lead to a pipeline stuck in PAUSED forever
* 735574 : buffer: do not touch memory tag flag when copying buffer flags
* 736295 : multiqueue: posts buffering message holding lock
* 736424 : query: add annotations to gst_query_set_nth_allocation_pool
* 736680 : basesrc: possible pool and allocator leak in prepare_allocation()
* 736736 : query: add annotations to gst_query_add_allocation_pool
* 736813 : typefindelement leaks sticky events upon flush_stop
* 737102 : queue: Do not hold GST_QUEUE_LOCK while posting ERROR messages
* 737133 : Missing gstconfig.h include
GStreamer Plugins Base:
* 732908 : audioresample: skips samples unless input buffers have correct size
* 727255 : playbin: filter out buffering messages when switching URI and the previous URI is still playing
* 729811 : output-selector: test example in gstreamer plugin base is giving " Internal data flow error "
* 735569 : rtspconnection: Crash due to no protection of watchs readsrc
* 735748 : playbin: can't play an avi file in totem with audio-filter=scaletempo
* 735800 : textoverlay: Two textoverlay in sequence fail to negotiate (regression)
* 735844 : basetextoverlay/pango: overlay negotiation fails when it should not
* 735952 : videorate: GstStructure refcount critical message
* 736071 : audiobasesink: Don't hold object lock while calling into other objects like the clock
* 736118 : videofilter: The buffer is not writable in transform_frame_ip
* 736739 : audiocdsrc: do not leak uid after parsing TOC select event
* 736779 : typefind: h265 IRAP picture always true
* 736788 : audiodecoder: leaks events
* 736796 : videoencoder: do not leak events when flushing them
* 736861 : playbin: Reference count bug
* 736679 : videodecoder: do not leak pool and allocator in error case
* 736969 : queue2: dead lock when buffering
* 709868 : Keep still meaningfull pending events on FLUSH_STOP
GStreamer Plugins Good:
* 719359 : vp8dec: Doesn't handle changes in resolution
* 733607 : v4l2transform: Rank should have been NONE
* 734266 : vp8dec: fails when input format changes
* 735520 : aacparse: skip valid ADTS/LOAS frames
* 735804 : smpte: Creates incomplete raw video caps
* 735833 : matroskademux: parse error at end of file
* 735859 : videomixer: Dynamically changing the FPS leads to an incorrect buffer time
* 736192 : avidemux: some AVI files crash (regression)
* 736266 : wavparse: error in reading adtl chunk
* 736384 : v4l2sink: pool not unreffed after usage
* 736670 : v4l2allocator: O_CLOEXEC needs _GNU_SOURCE
* 736805 : multipartdemux leaks new stream events
* 736807 : rtpbin: pad leaked in error case
* 735660 : v4l2: fix new v4l2 code not working with certain devices (regression)
* 736944 : videoscale: vs_image_scale_4tap_Y offset should use stride to calculate buffer offset
* 737219 : flacparse: When generating headers, leave total_samples at 0 if upstream duration query returns GST_CLOCK_TIME_NONE.
GStreamer Plugins Bad:
* 735861 : dataurisrc: make src thread safe
* 736090 : aiffparse: duplicate else-if condition
* 736390 : tsdemux: plug for a memory leak
* 736426 : mpegpsmux: memory leak with h264/avc stream
* 736474 : vc1parse: malformed sequence layer header and STRUCT_C
* 736490 : tsdemux: fix overflow of packet_length field of PESHeader
* 736729 : glmixer: do not leak pool in error cases
* 736730 : gltestsrc: do not leak pool in error cases
* 736731 : openni2src: do not leak pool
* 736732 : glfilter: do not leak pool in error cases
* 736733 : vdpdecoder: do not leak pool
* 736735 : waylandsink: do not leak buffer pool in error case
* 736750 : vc1parse: fix sequence-layer/frame-layer endianness
* 736871 : codecparsers_vc1: sequence-layer parser is broken due to endianness issue.
* 736919 : hlsdemux: attempt to unlock an already unlocked mutex in gst_hls_demux_change_playlist
* 736951 : vc1parse: initialize sent_codec_tag before using it
GStreamer Plugins Ugly:
* 736060 : asfdemux: add GUID for ASF_Metadata_Library_Object
GStreamer libav Plugins:
* 734661 : avviddec: After draining frames, flush the libav decoder
* 736515 : avviddec: keep draining buffers from libav until libav says so
* 737144 : avauddec: keep draining buffers from libav until libav says so
GStreamer RTSP Server:
* 735570 : Race condition between close() and handle_tunnel() causing crash
* 736017 : Sequence number is not monotonic after PAUSE command
* Release 0.7.0 (23-Sep-2014)
** Security Fixes
The "flappserver" feature was found to have a vulnerability in the
service-lookup code which, when combined with an attacker who has the ability
to write files to a location where the flappserver process could read them,
would allow that attacker to obtain control of the flappserver process.
Users who run flappservers should upgrade to 0.7.0, where this was fixed as
part of #226.
Each flappserver runs from a "base directory", and uses multiple files within
the basedir to track the services that have been configured. The format of
these files has changed. The flappserver tool in 0.7.0 remains capable of
reading the old format (safely), but will upgrade the basedir to the new
format when you use "flappserver add" to add a new service. Brand new
servers, created with "flappserver create", will use the new format.
The flappserver tool in 0.6.5 (or earlier) cannot handle this new format, and
will believe that no services have been configured. Therefore downgrading to
an older version of Foolscap will require manual reconstruction of the
configured services.
** Major Changes
UnauthenticatedTub has been deprecated, and will be removed in the next
release (0.8.0). This seldom-used feature provides Foolscap's RPC semantics
without any of the security, and was included to enable the use of Foolscap
without depending upon the (challenging-to-install) PyOpenSSL library.
However, in practice, the lack of a solid dependency on PyOpenSSL has made
installation more difficult for applications that *do* want the security, and
UnauthenticatedTub is a footgun waiting to go off. Foolscap's code and
packaging will be simpler without it. (#67)
** Minor Changes
The "git-foolscap" tools, which make it possible to publish and clone Git
repositories over a Foolscap (flappserver) connection, have been moved from
their hiding place in doc/examples/ into their own project, hosted at
https://github.com/warner/git-foolscap . They will also be published on PyPI,
to enable "pip install git-foolscap".
The documentation was converted from Lore to ReStructuredText (.rst). Thanks
to Koblaid for the patient work. (#148)
The connection-hint parser in 0.7.0 has been changed to handle all TCP forms
of Twisted's "Client Endpoint Descriptor" syntax, including the short
"tcp:127.0.0.1:9999" variant. A future version should handle arbitrary
endpoint descriptors (including Tor and i2p, see #203), but this small step
should improve forward compatibility. (#216, #217)
**** 0.80 Sep 22, 2014
Removal of Win32::IPHelper support with cygwin
Resolvers on Cygwin can get their DNS configuration from the
registry directly via the /proc filesystem. Getting rid of
the other method reduces dependencies and makes installations
less error prone.
Rework rt.cpan.org #96119
"Too late to run INIT block" warning for require Net::DNS
3.9.0.3 (2014-08-13)
- Fix potential crash on connection failures
- Fixed navigating through the different controls in FileZilla's main window using the Tab key
- OS X: If FileZilla becomes the active program, the focus no longer jumps to the quickconnect bar
- MSW: Improve compatibility with DFS network shares
3.9.0.2 (2014-07-31)
+ Handle setting files redirected using symbolic links
- MSW: Updated installer to fix an issue with re-registring the shell extension after a reboot on 32bit system if a another program keeps the extension locked
- Closing FileZilla during a recursive operation no longer hangs
- OS X: Manually handle CMD+V and CMD+A for password fields as Cocoa cannot seem to do it by itself
- OS X: Manually handle CMD+X, CMD+C, CMD+V and CMD+A in the path combo boxes
- OS X: Creating new tabs selects the newly created tab again
- Detect some types TLS error conditions earlier instead of waiting for a timeout
- Small performance imprvement for TLS handshakes
- Do not show error message if "Create and enter" is used with synchronized browsing enabled
3.9.0.1 (2014-07-22)
- MSW: Fix installation issue with locked DLLs affecting users of 32bit Windows
3.9.0 (2014-07-21)
+ Added Lao translation
+ Added an additional icon set
+ OS X: Holding modifier key while clicking Site Manager toolbar icon now shows the site dropdown menu
- MSW: Fix assertion when entering UNC paths
- Fix button layout of editing dialogs
- *nix, OS X: Small performance improvement recursing through local directories
3.9.0-rc3 (2014-07-16)
- OS X: Fix random crashes if adding text to the message log
- Fixed drag&drop when dropping on local file list and directory tree
- Fixed assertion when using format specified for date/time formatting
- Fixed assertion when closing FileZilla in response to system shutdown
- Various code cleanup
3.9.0-rc2 (2014-07-09)
+ Display a helpful message if login fails and either username or password starts or begins with a space.
- Small performance and memory consumption optimizations
- Various code cleanup and modernization
3.9.0-rc1 (2014-07-04)
+ Binaries are now being built with DEP and ASLR enabled where supported
- OS X: Fixed creating new tabs
- OS X: Fixed assertion and crash when renaming files
- Fixed assertion when sorting by modification time
- Fixed toolbar button to hide remote directory tree
3.9.0-beta3 (2014-07-01)
- OS X: Fixed rendering of the main window
- MSW: Fixed support for right-to-left languages
- Fixed several small layout problems
3.9.0-beta2 (2014-06-26)
- Natural sort now also works with directory comparison
- Toolbar state now updates if directory tree visibility is toggled by enabling directory comparison
- *nix: Fixed minimizing to tray not working
- Fixed background of activity indicators
- Several dialog layout fixes
- Removed spurious error message when closing FileZilla
3.9.0-beta1 (2014-06-21)
+ Added natural sort to file name comparison and added option to select which algorithm to use
+ FileZilla now builds against wxWidgets 3.0 instead of wxWidgets 2.8
3.8.1 (2014-06-01)
! Updated official binaries to use GnuTLS 3.2.15, addressing CVE-2014-3466
+ OS X: Partial support for retina displays
- Fixed several small memory leaks
3.8.1-rc3 (2014-05-25)
- Fixed bundling of .xrc resources in non-Windows binaries
3.8.1-rc2 (2014-05-25)
- Rebuilt to address a problem with the filenames of the rc1 binaries.
3.8.1-rc1 (2014-05-25)
+ MSW: Windows XP and derivatives are no longer supported. Minimum supported operating system is Windows Vista.
+ OS X: The old PowerPC architecture is no longer supported
+ Added checkbox to remember the selected action of the "Already connected" dialog
+ Added context menu item in file lists to create and enter a new directory
+ *nix: FileZilla now honors the XDG_CONFIG_HOME environment variable
+ Small usability improvement for setting number of concurrent transfers in the settings dialog
- Additional fixes to the focus handling in directory listings
- Fixed compatibility with FTP servers sending French directory listings
- *nix: Fixed DBus integration
- MSW: Fixed installation error when auto-uninstalling in order to update to a new version.
================
FEATURES:
- database: "" starts without mmap of database. Less memory is used,
zones are read from text zonefile.
- optimised zonefile parse code and zonefile write code.
- zonefiles-write option in nsd.conf, enabled when database is "".
The server writes changed zonefiles to disk every hour.
- xfrdfile: "" disables xfrd.state. If enabled, zones that are
same as before are not checked for a serial update at server start.
- include: "foo/nsd.d/*.conf" works, wildcard glob on includes.
- nsd shuts down during init process if given signal.
- log-time-ascii option, default yes, with readable timestamp in log.
- nsd-control addzone reports if zone already exists.
- Fix#564: add nsd-checkzone tool to check zonefile correctness.
- Increased default --with-max-ips from 8 to 16, this increases the
number of interfaces you can specify in nsd.conf to listen to.
BUG FIXES:
- Fixed shutdown message sporadically not printed on exit.
- Documented zonefile %s syntax in nsd.conf man page.
- Fix manpage to put colon after zonefiles check and write.
- Change from 'Zone" to "zone" with ".. serial .. is updated" log
message.
- Changed maxbackoff for no-content secondary zones from 4h to 24h.
- Fix print filename of encompassing config file on read failure.
- Fix delete or rename of a lot of zones and make it take a
non-enormous time.
- Speed up deletion of zone contents a lot, (56s to 1s), speeds up
delete, rename and AXFR for zones.
- Fix#571: unused variable and incompatible pointer warnings when
compiled on a system without INET6.
- Fix write_socket return value check in server.c
- Fix that xfrd reaps children also if the signal is lost.
- Fix#577: makefile incorrectly installed manpages from srcdir.
- Fix#587: Default value for statistics is 0.
- Fix#553: Improve TXT parsing.
- Fix#590: rrl log does not print wildcard as a star but escaped.
- Fix#591: rrl log messages at verbosity level 1.
- fix strptime implicit declaration error on OpenBSD.
- Fix -O3 compile flag to -O2 to avoid miscompilations.
- Allow user to override the -g -O2 CFLAGS in ./configure.
- Fix endian.h include for OpenBSD.
- Fix#600: document that provide-xfr provides AXFR and not IXFR.
- Fix rising-load-average or memory-leaks in OSes (Linux since 2.6),
that keep track of all past process parents, or leak memory
for them. Fix makes it so there is no very deep string of
process parents.
- Remove .LP after .SH in man pages.
* make test works again
* Many bounds checking fixes from Tobias Stoeckmann
* Improve error when the authentication token cannot be found
* close the IPv4 specific UDP socket when done sending
* Implemented a write queue to the control sockets
* Only send interfaces to control sockets when in a BOUND state
* Add a sample controlgroup directive to dhcpcd.conf to make setup easier
* Add variables if_oneup and if_ipwaited so hook scripts know the overall
state of dhcpcd better
* Pass RC_SVCNAME from enviromment to hooks so that a service hook can
know it's name (may not be dhcpcd)
* Document every variable set for dhcpcd-run-hooks(8)
* Use the nl80211 interface on Linux to get the wireless SSID if we fail
to get it via WEXT
* Allow SSIDs with non printable characters to be used in ssid selection
in dhcpcd.conf
* Add an unprivileged control socket so that normal users can obtain
dhcpcd running state
* Remove all instances of if_indextoname as we already know the index
* Only bring in linux/ipv6.h for linux AND glibc
* Add _DEFAULT_SOURCE #define to to make glibc-2.20 happy
* Check we have allocated IPv6 resources before checkings RA's
* configure errors are now logged to config.log
* Only hunt for a cross compiler if build != host
* Detect removal of IPv6 routes
* Don't add link-local addresses to POINTOPOINT interfaces
* Don't discard expired DHCPv6 leases when dumping them
* If a DHCPv6 lease has no timers, expire it right away
* Report delegated addresses
* Call dhcpcd-run-hooks correctly when delegated prefixes already exist
* Fix a memory error when ia_* config exists but IPv6 is disabled
* Ensure servername and bootfile are safely exported
* Sanitise the following characters using svis(3) with VIS_CTYLE and
VIS_OCTAL:
| ^ & ; < > ( ) $ ` \ " ' <tab> <newline>
This allows a non buggy unvis(1) to decode it 100% and stays compatible
with how dhcpcd used to handle encoding on most platforms.
For systems that supply svis(3) there is a code reduction, for systems
that do not, a slight code increase. This change mitigates systems
affected by bash CVE-2014-6271 and CVE-2014-7169.
OK: jperkin@
fix inode check result rrd handling for all BSDish systems; if you use
xymon-4.3.17nb1 on *BSD you may have lots of inode<number>.rrd files
in /var/xymon/rrd, since it used iavail instead of the name of the
filesystem mount to identify the inode usage stats.
* Update translations
* Add Portuguese language
* Fixes crash with passing Listner to select of setting DSL
* Remove unused remaining UI settings
* show retweets
* show faved
* Fixes to work some checkbox in standard plugins' settings properly.
On behalf of Twisted Matrix Laboratories, Iâm releasing Twisted
14.0.1, a security release for Twisted 14.0. It is strongly suggested
that users of 14.0.0 upgrade to this release.
This patches a bug in Twisted Webâs Agent, where BrowserLikePolicyForHTTPS
would not honour the trust root given, and would use the system
trust root instead. This would have broken, for example, attempting
to pin the issuer for your HTTPS application because you only trust
one issuer.
Note: on OS X, with the system OpenSSL, you still can't fully rely
on this API for issuer pinning, due to modifications by Apple â
please see https://hynek.me/articles/apple-openssl-verification-surprises/
for more details.
Changes:
- BUG: config: error in http-response replace-header number of arguments
- BUG/MINOR: Fix search for -p argument in systemd wrapper.
- BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm
- BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
- MEDIUM: connection: add new bit in Proxy Protocol V2
- BUG/MINOR: server: move the directive #endif to the end of file
- BUG/MEDIUM: http: tarpit timeout is reset
- BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
- BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
- BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
- BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg()
- BUG/MEDIUM: acl: correctly compute the output type when a converter is used
- CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
- BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer
