go1.5.2 (released 2015/12/02) includes bug fixes to the compiler,
linker, and the mime/multipart, net, and runtime packages. See the Go
1.5.2 milestone on our issue tracker for details.
https://github.com/golang/go/issues?q=milestone%3AGo1.5.2
0.15 2015-10-10 15:01:31+01:00 Europe/London
- Minor spelling check avoidance tweaks
- Enforce comments to be well formed, to resolve potential security issue
described in JVN53973084
0.14 2015-04-02 17:20:41+01:00 Europe/London
- Travis integration (thanks to mrcaron)
- Fix some packaging/dist-zilla issues (thanks to mrcaron)
- check for definedness before calling ->parse (github #3 leejo)
- Removed the link to HTML::Sanitizer (github #4 avereha)
- Removed circular reference (github #5 avereha)
- Fixed up dependancies from dzil bundles
- Enforced minimum perl version of 5.8
(0.12 and 0.13 seem to not have been released)
------------------
* The "configure" script did not test for -lpthread correctly, which
upset some linkers.
* Add support for talking http/https over socks proxy.
* Portability fix for Windows, which may rewrite $SHELL variable using
non-POSIX paths.
* We now consistently allow all hooks to ignore their standard input,
rather than having git complain of SIGPIPE.
* Fix shell quoting in contrib script.
* Test portability fix for a topic in v2.6.1.
* Allow tilde-expansion in some http config variables.
* Give a useful special case "diff/show --word-diff-regex=." as an
example in the documentation.
* Fix for a corner case in filter-branch.
* Make git-p4 work on a detached head.
* Documentation clarification for "check-ignore" without "--verbose".
* Just like the working tree is cleaned up when the user cancelled
submission in P4Submit.applyCommit(), clean up the mess if "p4
submit" fails.
* Having a leftover .idx file without corresponding .pack file in
the repository hurts performance; "git gc" learned to prune them.
* The code to prepare the working tree side of temporary directory
for the "dir-diff" feature forgot that symbolic links need not be
copied (or symlinked) to the temporary area, as the code already
special cases and overwrites them. Besides, it was wrong to try
computing the object name of the target of symbolic link, which may
not even exist or may be a directory.
* There was no way to defeat a configured rebase.autostash variable
from the command line, as "git rebase --no-autostash" was missing.
* Allow "git interpret-trailers" to run outside of a Git repository.
* Produce correct "dirty" marker for shell prompts, even when we
are on an orphan or an unborn branch.
* Some corner cases have been fixed in string-matching done in "git
status".
* Apple's common crypto implementation of SHA1_Update() does not take
more than 4GB at a time, and we now have a compile-time workaround
for it.
changes in sbcl-1.3.1 relative to sbcl-1.3.0:
* enhancement: SB-THREAD support for ARM64.
* enhancement: compiling an out-of-line DEFSTRUCT constructor call
will warn if a defaulted value is incompatible with its slot type.
* enhancement: a local INLINE declaration on a structure constructor
will work as intended, subject to any other factors that inhibit
inlining, even if the DEFSTRUCT was not itself within a global
INLINE proclamation for the named constructor
* enhancement: SB-EXT:DYNAMIC-SPACE-SIZE is now defined for cheneygc.
* enhancement: x86[-64] platforms support SB-EXT:CAS on structure slots
of type SB-EXT:WORD
* enhancement: the interleaved structure slot optimization from
release 1.2.6 has been ported to 32-bit x86, Sparc, PowerPC, ARM64.
* enhancement: SB-THREAD:JOIN-THREAD signals a proper error when an attempt
is made to join the current thread
* bug fix: NTH-VALUE does not cause stack overflow. (lp#1511419)
* bug fix: structure constructor type checking is better. (lp#1508735)
* bug fix: supplied-p variables for unused optional or keyword variables no
longer confuse SB-DI:PARSE-COMPILED-DEBUG-FUN-LAMBDA-LIST (and thus the
backtrace machinery) (lp#1498644)
* bug fix: Backtrace correctly handles undefined-function frames on MIPS.
* bug fix: WITH-FLOAT-TRAPS-MASKED correctly clears accrued traps on MIPS
(fixes issues with floating-point type derivation in the compiler).
* bug fix: FLOAT-NAN-P and FLOAT-TRAPPING-NAN-P now work correctly on MIPS
and HPPA.
* bug fix: MIPS context register access now masks to 32 bits (fixing issues
parsing negative-fixnum values for internal-error arguments and escaped
debug variables on 64-bit CPUs).
* bug fix: (SETF SAP-REF-DOUBLE) with constant offset on big-endian MIPS
now works correctly.
* bug fix: Callback parameter (argument) handling on MIPS is now vastly
more correct.
* bug fix: %DECREMENT-SEMAPHORE adjusts the remaining timeout after a
spurious wakeup
Based on changes from Matthew Mondor as forwarded by Kamil Rytarowski.
Changes since 15.3.7:
API changes
- There is no UFFI nickname for FFI package - we piggyback on
cffi-uffi-compat for UFFI dependent systems (our UFFI wasn't version 2.0
compatible and there were problems with ADSF dependencies on UFFI - it
wasn't a system)
- CLOS has the new nickname "MOP"
- The new ext:run-program :error argument can automatically create a
separate stream if provided with the :stream keyword.
The external-process structure also has a new field to hold that stream.
- ext:run-program accepts new arguments - :if-input-does-not-exist,
:if-error-exists and :external-format
- ext:system no longer binds *standard-input* and *standard-output* and
now ignores input and output (use ext:run-program for more control)
- methods can be specialized on both single-float and double-float
(built-in classes were added for them)
- LET/FLET/LABELS will signal error if parameter of the same name will
appear multiple times
- lambda lists with repeated required parameter name are considered invalid
- deprecated configure options "--with-system-boehm=x" and
"--enable-slow-config" removed
Enhancements:
- Verification if manual is up-to-date, providing corrections for
outdated parts
- Documentation is now included in the main repository under the
toplevel directory `doc'
- Update libffi to version 3.2.1
- Update asdf to version 3.1.5.4
- Update Boehm-Demers-Weiser garbage collector to version 7.4.2
- Pathname string-parts internal representation is now character,
not base-char
- Dead code removal, tabulators were replaced by spaces
- Better quality of generated code (explicit casting when necessary)
Issues fixed:
- Various fixes of bogus declarations
- Remove deprecated GC calls
- ROTATEF, SHIFTF, PSETF reworked to conform to the ANSI standard.
Places were handled improperly in regard of multiple values.
- Improved unicode support in character handling
- Format handles floats and exponentials correctly (major format rework)
- Stack limits refinements and cleanup, inconsistency and bug fixes
- Duplicate large block deallocation with GMP 6.0.0a fixed
- ECL builds on OpenBSD with threads enabled
- Closures put in mapcar work as expected in both compiled and
interpreted code
- Improved readtable-case handling (:invert and character literals now
conform)
- Library initialization functions have unique names - no risk of
clashing symbol names in object files
- Format float bug fixed, when width and fdigits were not set, but k was
- `logical-pathname-translations' now throws an error if logical
pathname wasn't defined yet, to conform with ANSI (it used to return NIL)
- Wildcards in logical pathname translations are replaced correctly
- Regression testing framework and unit tests cleanup
- deftype ANSI conformity fix (deftype accepts macro labda-lists)
- ECL built with MSVC doesn't crash when Control-C is pressed
- Other minor tweaks
Changes in 15.3.7 since 15.2.21:
Issues fixed:
- DEFUN functions not defined as toplevel forms were also directly
referenced by other code in the same file.
- STABLE-SORT works as desired (bogus optimization for strings fixed).
- broken --with-sse=yes configure flag works once again.
Enhancements:
- autoconf scripts are rewritten to support version 2.69 stack.
- stack direction is now correctly determined, fixing gcc 5.x builds.
- compilation of ECL under MSVC (2008/2010/2012) even with custom
code pages.
- In compiled code it is possible to declare variables to have a C
type such as in (declare (:double a)) and then the variable is
enforced to be unboxed to such type.
- New form FFI:C-PROGN used to interleave C statements with lisp
code, where the lisp code may refer to any number of variables.
Example:
(lambda (i)
(let* ((limit i)
(iterator 0))
(declare (:int limit iterator))
(ffi:c-progn (limit iterator)
"for (#1 = 0; #1 < #0; #1++) {"
(print iterator)
"}")))
Changes in 15.2.21 since 13.5.1:
- Features coverity scan model, ffi-unload-module implementation,
probably more.
- Build system enhancements, parallel builds, fixes, simplifications,
cleanups, maintenance. minor cleanup, maintenance.
- Numerous fixes.
Version 1.3.3
=============
Enhancements
------------
* [r14802,r14813] Add character name for non-breaking space
Use a human readable name for character 160, #\No-break_space,
following sbcl, ccl and clisp. This permits the Quicklisp system
spinneret to load. The #\No-break_space name is a valid
CHAR-NAME/NAME-CHAR pair, but is not emitted as a glyph under the
current output encoding under the CL:FORMAT "~:c" directive as
these implementations do by default.
Thanks to Javier Olaechea.
Fixes
-----
* [r14808] CL:FILE-WRITE-DATE fixed for logical pathnames
* ANSI-TEST
** Update references to new git repository at
<git+https://gitlab.common-lisp.net/ansi-test/ansi-test.git>
** ABCL now runs the git master consolidated ANSI-TEST suite which
features subdirectories and distinquished value for
*DEFAULT-PATHNAME-DEFAULTS*.
** ABCL.TEST.ANSI:CLEAN-TESTS now acts recursively via appropiate
Pathname wildcards to match new directory structure.
* ASDF
Fix COMPILE-SYSTEM to offer full ANSI environment for ASDF and
ABCL-CONTRIB.
* ABCL-ASDF
** Use of Maven has been robustified.
*** [r14803] Fix usage with all known versions through maven-3.3.3
Addresses <http://abcl.org/trac/ticket/390>.
*** [r14806] Fix usage with specifying local Maven repository
** More complete attempt at re-initialization via
(ABCL-ASDF:INIT :force t)
Version 1.3.2
=============
Unreleased.
Enhancements
------------
* Make result of DEFINE-MODIFY-MACRO available at compilation time
[r14727]
Fixes
-----
* Fix failed AVER [#289] [r14763]
* Fix incorrect dead code elimination
Additionally, don't recurse into flet/labels upon elimination of a
single labels function; simply continue by changing the applicable
set. Reported by Vibhu Mohindra. [r14754][r14756]
* Numeric tower repairs on promoting floats across representation
boundaries [r14749-50] (Massimiliano Ghilardi).
* Return SIMPLE-ERROR for invalid external-format arguments.[r14735]
* Lisp stack frame representation now formatted as unreadable. [r14738-9]
Contrib
-------
* JSS
** Fix GET-JAVA-FIELD and SET-JAVA-FIELD [r14718]
** no longer error on NO-SUCH-JAVA-FIELD, by setting fields as
accessible where necessary [r14715] [r14725]
* ABCL-ASDF
** Update to current Maven support (keep up with changing APIs through
the Maven 3.2.3-3.2.5 hysteresis) [r14742-7] (Cyrus Hamon).
** Special-case JNA artifacts with alternate network location [r14733]
** Further work on ABCL-ASDF:RESOLVE [r14732] (Cyrus Hamon)
** Find Maven under FreeBSD ports [r14723], under OS X Homebrew [r14776]
* ABCL-JAR
** Fix ASDF-JAR:PACKAGE [#376] [r14717][r14720][r14736] (Eduardo Bellani)
* ASDF
** Updated to version 3.1.4.
**** 1.04 December 8, 2015
Fix rt.cpan.org #109183
Semantics of "retry" and "retrans" options has changed with 1.03
Fix rt.cpan.org #109152
Deprecated method make_query_packet breaks calling code
Fix rt.cpan.org #109135
Resolver behaves differently with long and short IPv6 address format
Fix rt.cpan.org #108745
Net::DNS::Resolver bgsend
syncthing upstream regularly breaks protocol compatibility. Define
that we will update when f-droid does and that testing against android
is required for major updates, in an attempt to avoid imposing pain on
users and also avoid having to have many versions. Take maintainership.
More or less discussed with tnn@ and jnemeth@.
Non-Windows CVE mentioned below was already fixed in pkgsrc.
Changes:
Two security flaws have been discovered in KeePassX 0.4.3.
Version 2.0 has a different codebase and is not affected.
* CVE-2015-8359: DLL Preloading vulnerability on Windows
The version of Qt bundled with KeePassX 0.4.3 is vulnerable to
a DDL preloading attack. This vulnerability only affects
KeePassX on Windows. If successfully exploited, arbitrary code
can be executed in the context of KeePassX. KeePassX 0.4.4
ships with Qt 4.8.7 and employs additional hardening measures.
Thanks to Trenton Ivey from SecureWorks for reporting this
vulnerability to us.
* CVE-2015-8378: Canceling XML export function creates export as ".xml"âfile
When canceling the "Export to > KeePassX XML file" function
the cleartext passwords were still exported. In this case the
password database was exported as the file ".xml" in the current
working directory (often $HOME or the directory of the database).
Originally reported as Debian bug #791858
KeePassX 0.4.4 fixes both vulnerabilities.
Upstream changes:
1.0039 2015-12-06 03:27:59 PST
[BUG FIXES]
- Revert the change to use the faster header builder because it breaks the legit
Plack::Response constructor that sets HTTP::Header object directly (#541)
1.0038 2015-11-25 12:36:29 PST
[IMPROVEMENTS]
- Added MIME type for apk files #514 (allanwhiteford)
- Allow passing custom formatters to Plack::Middleware::AccessLog #515 (frew)
- Allow '0' be a valid category for log4perl middleware #523
- Doc fix for Plack::Runner #528 (polettix)
- Doc improvements for -R/-M command line #529 (mickeyn)
- Bind test server explicitly on 127.0.0.1, not 0.0.0.0
- Support single-process manager in FCGI #535 (ianburrell)
- Optimize Plack::Response header builder #540 (kazeburo)
