Changes since 4.16.2
--------------------
* BUG 15099: Using vfs_streams_xattr and deleting a file causes a panic.
* BUG 14986: Add support for bind 9.18.
* BUG 15076: logging dsdb audit to specific files does not work.
* BUG 14979: Problem when winbind renews Kerberos.
* BUG 15095: Samba with new lorikeet-heimdal fails to build on gcc 12.1 in
developer mode.
* BUG 15105: Crash in streams_xattr because fsp->base_fsp->fsp_name is NULL.
* BUG 15118: Crash in rpcd_classic - NULL pointer deference in
mangle_is_mangled().
* BUG 15100: smbclient commands del & deltree fail with
NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS.
* BUG 15120: Fix check for chown when processing NFSv4 ACL.
* BUG 15082: The pcap background queue process should not be stopped.
* BUG 15097: testparm: Fix typo in idmap rangesize check.
* BUG 15106: net ads info returns LDAP server and LDAP server name as null.
* BUG 15108: ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link.
* BUG 15090: CTDB child process logging does not work as expected.
Changes since 4.16.1
--------------------
* BUG 15042: Use pathref fd instead of io fd in vfs_default_durable_cookie.
* BUG 15069: vfs_gpfs with vfs_shadowcopy2 fail to restore file if original
file had been deleted.
* BUG 15087: netgroups support removed.
* BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted
server.
* BUG 15062: Update from 4.15 to 4.16 breaks discovery of [homes] on
standalone server from Win and IOS.
* BUG 15071: waf produces incorrect names for python extensions with Python
3.11.
* BUG 15075: smbclient -E doesn't work as advertised.
* BUG 15071: waf produces incorrect names for python extensions with Python
3.11.
* BUG 15081: The samba background daemon doesn't refresh the printcap cache
on startup.
* BUG 14443: Out-by-4 error in smbd read reply max_send clamp..
Changes since 4.16.0
--------------------
* BUG 14831: Share and server swapped in smbget password prompt.
* BUG 15022: Durable handles won't reconnect if the leased file is written
to.
* BUG 15023: rmdir silently fails if directory contains unreadable files and
hide unreadable is yes.
* BUG 15038: SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on
renamed file handle.
* BUG 8731: Need to describe --builtin-libraries= better (compare with
--bundled-libraries).
* BUG 14957: vfs_shadow_copy2 breaks "smbd async dosmode" sync fallback.
* BUG 15035: shadow_copy2 fails listing snapshotted dirs with
shadow:fixinodes.
* BUG 15046: PAM Kerberos authentication incorrectly fails with a clock skew
error.
* BUG 15041: Username map - samba erroneously applies unix group memberships
to user account entries.
* BUG 14951: KVNO off by 100000.
* BUG 15027: Uninitialized litemask in variable in vfs_gpfs module.
* BUG 15055: vfs_gpfs recalls=no option prevents listing files.
* BUG 15054: smbd doesn't handle UPNs for looking up names.
Changes in release 2.21
- bugfixes
Changes in release 2.20 (2022-06-30)
- The new algorithm ICGS (iterated classical Gram-Schmidt) in the
class AdjGSO replaced the former algorithm MGS (modified
Gram-Schmidt), which was implemented with column pivoting as a
template class GSO. The template class GSO is meant only as a tool
for testing purposes. Both initial scaling and pivoting with
euclidean norms are not suitable for practical computations.
The old legacy code with MGS used in the AdjGSO class is still
available with conditional compilation directive statements if the
name GNU_GAMA_GSO_LEGACY_CODE is defined.
3.2: 26 Mar 2022
* [Conf] Score MIME_OBFUSCATED_ARCHIVE to 8 points
* [Conf] Set one_shot for URIBL rules by default
* [CritFix] Fix upstreams name resolution when there is also a port
* [Feature] Add ROC feature to neural network plugin
* [Feature] Add public suffic compilation utility
* [Feature] Add support of Cloudmark
* [Feature] Allow hyperscan for ppc64, as vectorscan now suports it.
* [Feature] Allow to skip DNS resolution for keep-alive connections
* [Feature] Aws_s3: Allow to store large parts separately
* [Feature] BIMI: Add preliminary version of the BIMI plugin
* [Feature] JSON endpoint for querying maps
* [Feature] Lua_magic: Add a sane CSV heuristic
* [Feature] Lua_mime: Add schema for message transfer
* [Feature] Output average scan time in /stat endpoint
* [Feature] Show average scan time in `rspamc stat` output
* [Fix] Add guards to avoid race condition on TCP connection
* [Fix] Allow spaces in DKIM key records
* [Fix] Apply the similar fix to the url_reputation
* [Fix] Avoid overwriting whitelisted_signers_map
* [Fix] Backport PR from libucl
* [Fix] Clear SSL errors
* [Fix] ClickHouse cleanup of old partitions
* [Fix] Do not double call error handler on ssl errors in the timeout path
* [Fix] Do not forget to clear pointers on IOC reset
* [Fix] External_relay: Remove useless check of the map value
* [Fix] Find suspicious url encodings that could break url extraction
* [Fix] Fix HTTP(s) client timeout
* [Fix] Fix exclude flags setting
* [Fix] Fix expanding of the variables
* [Fix] Fix host header usage in lua_http
* [Fix] Fix http maps shared memory cache cleanup
* [Fix] Fix logic in HTML processing FSM
* [Fix] Fix parsing of the compound mailto urls
* [Fix] Fix processing captures from pcre2
* [Fix] Fix removing from khash
* [Fix] Fix stuctured headers pushing
* [Fix] Further fix for i386 compilation
* [Fix] Improve duplicate settings error reporting
* [Fix] Lua: task:remove_result didn't work in some cases
* [Fix] Output service parts as well
* [Fix] Phishing: Deal with phishing + redirected URL
* [Fix] Phishing: Fix finding domains in the phishing map
* [Fix] Plug memory leak by using mempool for a copied address
* [Fix] Properly find the request and the number of requested entries
* [Fix] Rbl: Fix inversed logic of the url_full_hostname
* [Fix] Read file maps if they were not pre-read during preload
* [Fix] Restrict x86_64 assembly to x86_64
* [Fix] Return a real number of recipients when dealing with aliases
* [Fix] Rework unshedule DNS request function
* [Fix] Support definition of ungrouped symbol in conf file, use group info from lua or other conf file
* [Fix] Unschedule DNS request when clearing IO channel
* [Fix] When checking for phishing, we need to convert punicode -> UTF8, not vice versa
* [Fix] lua_cfg_transform - actions without score (discard)
* [Fix] lua_cfg_transform - silly break break actions
* [Fix] ratelimit - symbol per bucket
* [Project] BIMI: Fix helper integration issues
* [Project] Further DNS over TCP architecturing
* [Project] Rdns: Add more functions for TCP based requests
* [Project] Rdns: Add preliminary reading logic for TCP channels
* [Project] Rdns: Add reaper for inactive TCP connections
* [Project] Rdns: Add timeout logic for TCP requests
* [Project] Rdns: Do not treat TCP channels failure as fatal
* [Project] Rdns: Fix TCP connection mess
* [Project] Rdns: Fix TCP stuff cleanup
* [Project] Rdns: Fix various ownership issues
* [Project] Rdns: Implement TCP writing logic
* [Project] Rdns: Initial support of TCP IO channels
* [Project] Rdns: More fixes in TCP handling
* [Project] Rdns: Restore the previous EDNS0 size
* [Project] Rdns: Send truncated replies via TCP
* [Project] Rdns: Unregister TCP requests
* [Rework] Allow to restore SSL handlers after keepalive pooling
* [Rework] Allow to set a different behaviour for actions from settings
* [Rework] Include SSL flag into keepalive hash
* [Rework] Make `rspamadm dmarc_report` default behaviour more sane
* [Rework] Mempool: Use explicit alignment
* [Rework] Rdns: Use faster and more compact hash table for DNS requests
* [Rework] Rework SSL flag operations
* [Rework] Take disabled flag into account
* [Rework] Timeouts are now global per event and not reseted by IO activity
* [Rework] Use xxh3 as a default hash and fix memory/alignment issues
* [Rules] Fix old rules to stop global functions usage
* [Rules] Fix symbol for DKIM temporary failure
* [Rules] Remove ancient and inefficient rules
* [Rules] Slightly reduce MULTIPLE_FROM score
9.6.31 (2022-07-20)
5917. [bug] Update ifconfig.sh script as is miscomputed interface
identifiers when destroying interfaces. [GL #3061]
5915. [bug] Detect missing closing brace (}) and computational
overflows in $GENERATE directives. [GL #3429]
5913. [bug] Fix a race between resolver query timeout and
validation in resolver.c:validated(). Remove
resolver.c:maybe_destroy() as it is no loger needed.
[GL #3398]
5909. [bug] The server-side destination port was missing from dnstap
captures of client traffic. [GL #3309]
5905. [bug] When the TCP connection would be closed/reset between
the connect/accept and the read, the uv_read_start()
return value would be unexpected and cause an assertion
failure. [GL #3400]
5903. [bug] When named checks that the OPCODE in a response matches
that of the request, if there is a mismatch named logs
an error. Some of those error messages incorrectly
used RCODE instead of OPCODE to lookup the nemonic.
This has been corrected. [GL !6420]
0.10.8 (2022-07-12)
Import `Match` and `Pattern` from `re`, not `typing`
0.10.7 (2022-05-07)
Import generics from standard modules in all third-party stubs
v0.5.0 (2022-01-20)
Feature
Support all documented options in requirements files
v0.4.0 (2022-01-18)
Feature
Library is now typed according to PEP561 (0e1bb6a)
v0.3.1 (2021-12-17)
Fix
Readthedocs config (ac1e7fb)
v0.3.0 (2021-12-17)
Feature
Added some typing (169ff6e)
Removed Python 2 code (82f9473)
Fix
Removed version from init
This notably fixes security issues (CVE-2012-1257, CVE-2022-26491).
Tested on NetBSD/amd64.
XXX pull-up to the pkgsrc-2022Q2 branch
The complete changelog for the new versions is reproduced here:
version 2.14.10 (06/02/2022):
General:
* Audit and correct the COPYRIGHT file. (RR 1425) (Richard Laager)
* Fix a spelling error in a debug message for proxies. (RR 1426) (Richard
Laager)
* Install some emojis already in the theme but not being installed.
(RR 1428) (Richard Laager)
* Drop the QQ smileys as we don't ship QQ anymore. (PIDGIN-14385) (RR 1429)
(Richard Laager)
* Modernize the desktop file. (RR 1433) (Richard Laager)
* Modernize the appdata file. (RR 1431) (Richard Laager)
* Make privacy settings persist. (PIDGIN-17137) (RR 1463) (Belgin Știrbu)
Pidgin:
* Fix a use after free that was introduced in 2.14.9. (RR 1488) (ivanhoe)
IRC:
* Fix a crash if the server sends a short form JOIN message. (PIDGIN-17375)
(RR 1484) (Belgin Știrbu)
XMPP:
* Fix a regression from 2.14.9 where XMPP accounts state would get lost
after failing to connect. (PIDGIN-17621) (RR 1455) (Belgin Știrbu)
* Fix a crash when requesting your own info in an XMPP conference. (RR 1465)
(Belgin Știrbu)
* Fix hang when completing a file transfer over XMPP. (RR 1466) (Belgin
Știrbu)
* Fix updating custom smileys. (PIDGIN-17153) (RR 1477) (Belgin Știrbu)
* Fix unblocking users. (PIDGIN-16414) (RR 1479) (Belgin Știrbu)
* Fix a crash when cancelling a file transfer. (PIDGIN-17189) (RR 1485)
(Belgin Știrbu)
version 2.14.9 (04/28/2022):
Security:
* Remove _xmppconnect support. (RR 1357) (CVE-2022-26491) (Gary Kramlich)
libpurple:
* Fix a GLib CRITICAL message with typing time outs. (RR 1123) (Mohammed
Sadiq)
* Fix an issue where the unit tests for purple_str_to_time would fail.
(GENTOO-819774) (RR 1238) (Gary Kramlich)
Pidgin:
* Fix a memory leak in pidgin_conversations_set_tab_colors. (RR 1244)
(ivanhoe)
* Fixed the majority of the infinite resizing issues in the input box.
(PIDGIN-16753, PIDGIN-16999, PIDGIN-17287, PIDGIN-17413, PIDGIN-17430,
PIDGIN-17568, PIDGIN-17602) (RR 1342) (Belgin Știrbu)
* Add transient-buddy back which is used to show some context menus and
other things. (PIDGIN-17523) (RR 1381) (Belgin Știrbu)
Windows:
* Fix the download of dictionaries in the Windows installer. (PIDGIN-14618,
PIDGIN-15648, PIDGIN-15540, PIDGIN-14612, PIDGIN-14893) (RR 1303) (Gary
Kramlich)
Translations:
* Fix a typo in the German translations. (PIDGIN-17575) (RR 1242) (ivanhoe)
* Synced all of the translations with Transifex.
IRC:
* Fix IRC file transfers on Windows. (PIDGIN-17175) (RR 1382) (Belgin
Știrbu)
* Fix file transfers failing at 99% on IRC. (PIDGIN-15893) (RR 1385) (Belgin
Știrbu)
* Default realname and ident name in IRC to the username (nickname) of the
account. (PIDGIN-17610) (RR 1386) (Belgin Știrbu)
* Add an advanced account option to IRC accounts for explicitly setting the
SASL login name. (PIDGIN-15451) (RR 1388) (Belgin Știrbu)
* Added a rate limiter that should make it impossible to excess flood.
(RR 1391) (Gary Kramlich)
SIMPLE:
* Fix an issue with the CSeq numbers in SIMPLE. (PIDGIN-9675) (RR 1379)
(dohmniq)
XMPP:
* Fix XMPP attention messages being sent to incorrect JIDs. (PIDGIN-14714)
(RR 1387) (itsnotabigtruck, Belgin Știrbu)
The script that un-installs the configuration content placed under the
PKG_SYSCONFDIR wasn't removing one of the files that's installed. (This
had been incorrect since it was added to the installation script back
in 2017.)
Separately, simplify the previous changes I made to fix installation of
configuration files to PKG_SYSCONFDIR. I had used redundancy to force
certain directories necessary for startup to be present and populated,
but the pre-existing code in the scripts had almost all of it covered,
just not the creation of the directories themselves and a single file.
