Changes:
5.3.0
=====
* Support for Python 3.9 (@mhils)
* Add MsgPack content viewer (@tasn)
* Use `@charset` to decode CSS files if available (@prinzhorn)
* Fix links to anticache docs in mitmweb and use HTTPS for links to
documentation (@rugk)
* Updated typing for WebsocketMessage.content (@prinzhorn)
* Add option `console_strip_trailing_newlines`, and no longer strip trailing
newlines by default (@capt8bit)
* Prevent transparent mode from connecting to itself in the basic
cases (@prinzhorn)
* Display HTTP trailers in mitmweb (@sanlengjingvv)
* Revamp onboarding app (@mhils)
* Add ASGI support for embedded apps (@mhils)
* Updated raw exports to not remove headers (@wchasekelley)
* Fix file unlinking before external viewer finishes loading (@wchasekelley)
* Add --cert-passphrase command line argument (@mirosyn)
* Add interactive tutorials to the documentation (@mplattner)
* Support `deflateRaw` for `Content-Encoding`'s (@kjoconnor)
* Fix broken requests without body on HTTP/2 (@Kriechi)
* Add support for sending (but not parsing) HTTP Trailers to the HTTP/1.1
protocol (@bburky)
* Add support to echo http trailers in dumper addon (@shiv6146)
* Fix OpenSSL requiring different CN for root and leaf certificates (@mhils)
* ... and various other fixes, documentation improvements, dependency
version bumps, etc.
Version 5.0 - 4/22/2020
Major security updates. The key exchange and key derivation algorithms
were modified and supported algorithms were pruned using TLS 1.3 as a
basis. This includes:
- HKDF used in multiple stages for key derivation from raw shared secrets.
- Included addtional context in key derivation and signatures to protect
against replay attacks and downgrade attacks.
- Reduced set of supported EC curves to those supported by TLS 1.3
- Removed RSA key exchange which does not provide perfect forward secrecy.
All key exchanges now use ECDH.
- Removed support for SHA-1 hashes in key exchanges.
- Supported symmetric ciphers are AES in AEAD mode (GCM or CCM).
- Increased supported RSA key sizes
Encrypted sessions are now enabled by default. It can be disabled by
specifying "none" for the key type in the server's -Y option.
Backward compatibility retained for version 4.x in clients and proxies.
When communicating with a 4.x server, only allow algorithms and key
exchange modes permitted in the new version.
Clients and proxies no longer need to use signature keys that match the
type and size used by the server. As a result, the -k and -K options to
the client now only accept a single key instead of multiple. The proxy
still supports multiple keys for 4.x compatibility, however only the first
key listed is used for any version 5.x session.
Proxies now send their keys in a separate message instead of injecting them
in the ANNOUNCE sent by the server. This allows clients to be fully
aware of proixes and allows them to authenticate servers and proxies
separately, as well as
Format of client's server list modified to specify the proxy that a server
communicates through. Fingerprints listed in this file now always
specify the server as opposed to having the proxy's key in some cases.
Added -R option to client to specify a list of proxies along with their
public key fingerprints. The old use of -R to specify a version 4.x
response proxy has moved to -r.
Previously, using -S in the client or proxy to specify a server list would
automatically enable source specific multicast (SSM). The use of SSM is
now enabled separately via the -o option on both the client and proxy.
Fixed a bug that caused ECDSA signatures created on Linux with curve
secp521r1 from being verified successfully on Windows.
Fixed cleanup on clients and proxies to prevent occasional crashes on
shutdown under Windows.
Update timstamps in messages to use 64-bit microseconds since the epoch,
addressing Y2038 issues.
VERSION 2.2.0 : released 2020/11/09
2020/09/24:
Check properly for reserved IP addresses
2020/09/23:
prevent infinite loop in upnpDiscover()
2020/02/16:
Add Haiku support
2019/10/22:
testminiwget.sh can use either "ip addr" or "ifconfig -a
2019/10/13:
fix UPNP_GetValidIGD() when several devices are found
which are reachable from != local address
2019/08/24:
Allow Remote Host on upnpc command line
fix error 708 description in strupnperror()
2019/04/05:
Fix memory leak in upnpreplyparse.c with NewPortListing element
2019/03/10:
connecthostport.c: Code simplification, error trace fix
2019/01/23:
set timeout for select() in connecthostport()
2018/10/31:
miniupnpcmodule.c: check return of WSAStartup()
2018/07/14:
Fix and improve MSVC project :
Add Dll configurations
improve genminiupnpcstrings.vbs
2018/06/18:
Fixes for windows 64-bits.
Version 1.17.1 (19 Nov 2020)
GitHub (19 Nov 2020)
- [Brad House brought this change]
Travis: add iOS target built with CMake (#378)
Issue #377 suggested that CMake builds for iOS with c-ares were broken. This PR adds an automatic Travis build for iOS CMake.
Fix By: Brad House (@bradh352)
bradh352 (18 Nov 2020)
- fix build
GitHub (18 Nov 2020)
- [Fabrice Fontaine brought this change]
External projects were using non-public header ares_dns.h, make public again (#376)
It appears some outside projects were relying on macros in ares_dns.h, even though it doesn't appear that header was ever meant to be public. That said, we don't want to break external integrators so we should distribute this header again.
Fix By: Fabrice Fontaine (@ffontaine)
bradh352 (17 Nov 2020)
- note that so versioning has moved to configure.ac
- note about 1.17.1
- fix sed gone wrong
GitHub (17 Nov 2020)
- [Daniel Stenberg brought this change]
autotools cleanup (#372)
* remove: install-sh mkinstalldirs
They're generated when needed, no need to store in it.
* buildconf: remove custom logic with autoreconf
Fix By: Daniel Stenberg (@bagder)
bradh352 (17 Nov 2020)
- attempt to fix 1.17.0 release distribution issues
Version 1.17.0 (16 Nov 2020)
bradh352 (16 Nov 2020)
- 1.17.0 release prep
- ares_getaddrinfo(): duplicate hints ai_socktype and ai_protocol into output
ai_socktype and ai_protocol were ignored from the hints input. They are now
duplicated into the output as expected. Currently no sanity checks on
proper values are taking place.
Fixes: #317
Fix By: Brad House (@bradh352)
- ares_parse_{a,aaaa}_reply could return larger *naddrttls than passed in
If there are more ttls returned than the maximum provided by the requestor, then
the *naddrttls response would be larger than the actual number of elements in
the addrttls array.
This bug could lead to invalid memory accesses in applications using c-ares.
This behavior appeared to break with PR #257Fixes: #371
Reported By: Momtchil Momtchev (@mmomtchev)
Fix By: Brad House (@bradh352)
GitHub (5 Nov 2020)
- [Dustin Lundquist brought this change]
docs: ares_set_local_ip4() uses host byte order (#368)
Properly document brain-dead behavior of ares_set_local_ip4() using host byte order instead of expected network byte order.
Fix By: Dustin Lundquist <d.lundquist@tempered.io>
- [Łukasz Marszał brought this change]
empty hquery->name could lead to invalid memory access (#367)
If hquery->name is empty (=="\0"), &hquery->name[strlen(hquery->name)-1] would point to "random" place in memory. This is causing some of my address sanitizer tests to fail.
Fix By: Łukasz Marszał (@lmarszal)
bradh352 (28 Sep 2020)
- Fix OSSFuzz reported issue in CAA reply parsing
OSS-Fuzz is reporting a use-of-uninitialized-value:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26012
Reported By: David Drysdale (@daviddrysdale)
GitHub (26 Sep 2020)
- [David Hotham brought this change]
fuzz CAA parsing (#363)
Add fuzz support for CAA parsing
Fix By: David Hotham (@dimbleby)
- [Daniela Sonnenschein brought this change]
Allow parsing of CAA Resource Record (#360)
CAA (Certification Authority Authorization) was introduced in RFC 6844.
This has been obsoleted by RFC 8659. This commit added the possibility
to query CAA resource records with adig and adds a parser for CAA
records, that can be used in conjunction with ares_query(3).
Closes Bug: #292
Fix By: Daniela Sonnenschein (@lxdicted)
Daniel Stenberg (17 Sep 2020)
- docs: remove the html and pdf make targets
They're rarely used in our daily work flow and mostly just add friction,
Closes#362
bradh352 (14 Sep 2020)
- ares_process needs to always include nameser.h as it has compat
- Define T_OPT if system doesn't provide it
GitHub (12 Sep 2020)
- [Gisle Vanem brought this change]
Change the mailman links (#358)
Links when wrapping become misleading. Insert newline to prevent wrapping.
Fix By: Gisle Vanem (@gvanem)
- [Gisle Vanem brought this change]
[adig] Update man-page for the '-x' option (#357)
Fix By: Gisle Vanem (@gvanem)
- [Gisle Vanem brought this change]
[adig] add '-x' option. (#356)
Added a 'dig-style' '-x' option. Also support '-xx' for a
IPv6 bit-string PTR query.
Fix By: Gisle Vanem (@gvanem)
bradh352 (12 Sep 2020)
- fix indentation
- ns_t_opt -> T_OPT
GitHub (12 Sep 2020)
- [Gisle Vanem brought this change]
Fixes for Watt-32 on djgpp + Windows (#355)
No longer any relation to libcurl since '<libcurl-root>/packages/DOS/common.dj' is dropped.
This Makefile.dj has been tested on Win-10 only (using the Windows hosted djgpp cross compiler).
Fix By: Gisle Vanem (@gvanem)
- [Gisle Vanem brought this change]
Fixes for Watt-32 on Windows and MSDOS (#354)
Move the prototype to 'ares_private.h'.
Fix By: Gisle Vanem (@gvanem)
bradh352 (11 Sep 2020)
- update path for include
- remove stale information
- remove stale information
Brad House (9 Sep 2020)
- silence compiler warnings
- Remove stale msvc files from makefile
GitHub (9 Sep 2020)
- [Brad House brought this change]
Reorganize source tree (#349)
Originally started by Daniel Stenberg (@bagder) with #123, this patch reorganizes the c-ares source tree to have a more modern layout. It also fixes out of tree builds for autotools, and automatically builds the tests if tests are enabled. All tests are passing which tests each of the supported build systems (autotools, cmake, nmake, mingw gmake). There may be some edge cases that will have to be caught later on for things I'm not aware of.
Fix By: Brad House (@bradh352)
Brad House (1 Sep 2020)
- remove CURLDEBUG as per #82
GitHub (1 Sep 2020)
- [Erik Lax brought this change]
Detect remote DNS server does not support EDNS as per RFC 6891 (#244)
EDNS retry should be based on FORMERR returned without an OPT RR record as per https://tools.ietf.org/html/rfc6891#section-7 rather than just treating any unexpected error condition as a reason to disable EDNS on the channel.
Fix By: Erik Lax (@eriklax)
Brad House (27 Aug 2020)
- Fix for #345, don't use 'true' use 1
GitHub (27 Aug 2020)
- [Seraphime Kirkovski brought this change]
ares_gethostbyname: Fix AF_UNSPEC support when using an ip address (#204)
fake_hostent() was not supporting AF_UNSPEC, so when an ip address was specified when using AF_UNSPEC it would attempt to do a DNS lookup rather than returning a fake hostent using the ip address.
Fix By: Seraphime Kirkovski (@Seraphime)
- [apenn-msft brought this change]
Tests should use dynamic system-assigned ports rather than static port (#346)
The c-ares test suite was hardcoded to use port 5300 (and possibly 5301, 5302) for the test suite. Especially in containers, there may be no guarantee these ports are available and cause tests to fail when they could otherwise succeed. Instead, request the system to assign a port to use dynamically. This is now the default. To override, the test suite still takes the "-p <port>" option as it always has and will honor that.
Fix By: Anthony Penniston (@apenn-msft)
Brad House (25 Aug 2020)
- Unset members of the addr struct contain garbage values (#343)
When generating the ares_sockaddr data by getaddrinfo() it was only filling
in certain members while leaving others uninitialized. This left garbage
data if a user tried to use the unset values. memset() the ares_sockaddr
to 0 prior to filling in the values to prevent this.
Reported By: @SmorkalovG
Fix By: Brad House (@bradh352)
GitHub (24 Aug 2020)
- [Jonathan Maye-Hobbs brought this change]
FQDN with trailing period should be queried first with larger ndot value (#345)
If a query is performed for dynamodb.us-east-1.amazonaws.com. with ndots=5, it was attempting to search the search domains rather than just attempting the FQDN that was passed it. This patch now at least attempts the FQDN first.
We may need to determine if we should abort any further searching, however as is probably intended.
Fix by: Jonathan Maye-Hobbs (@wheelpharoah)
- [Gisle Vanem brought this change]
Update acountry.c country code list (#341)
Updated country_list[]:
* 2-letter ISO-3166 country-codes.
* Add, rename some names + codes in accordance with latest table at https://en.wikipedia.org/wiki/ISO_3166-1.
Fix By: Gisle Vanem (@gvanem)
- [Bulat Gaifullin brought this change]
Test case should honor flag HAVE_WRITEV rather than WIN32 (#344)
Test cases where not honoring the HAVE_WRITEV flag but instead using WIN32 to determine if WRITEV was available or not. This patch fixes that.
Fix By: Bulat Gaifullin (@bgaifullin)
Brad House (18 Jul 2020)
- Ensure c89 support
A couple of for loops in Mac-specific code were using integer declarations
inside a for loop. Move the declaration to the top of the preceding
code block to retain c89 compliance.
Reported By: Jeffrey Walton
GitHub (2 Jul 2020)
- [Fionn Fitzmaurice brought this change]
Avoid buffer overflow in RC4 loop comparison (#336)
The rc4 function iterates over a buffer of size buffer_len who's maximum
value is INT_MAX with a counter of type short that is not guaranteed to
have maximum size INT_MAX.
In circumstances where short is narrower than int and where buffer_len
is larger than the maximum value of a short, it may be possible to loop
infinitely as counter will overflow and never be greater than or equal
to buffer_len.
The solution is to make the comparison be between types of equal width.
This commit defines counter as an int.
Fix By: Fionn Fitzmaurice (@fionn)
- [anonymoushelpishere brought this change]
Updated help information for adig, acountry, and ahost. (#334)
Provide more descriptive help information for various utilities.
Fix By: @anonymoushelpishere
- [lutianxiong brought this change]
avoid read-heap-buffer-overflow (#332)
Fix invalid read in ares_parse_soa_reply.c found during fuzzing
Fixes Bug: #333
Fix By: lutianxiong (@ltx2018)
- [Ivan Baidakou brought this change]
Fix: sizeof(sizeof(addr.saX)) -> sizeof(addr.saX) in readaddrinfo (#331)
Looks like a sed-gone-wrong, a sizeof inside of a sizeof.
Fix By: Ivan Baidakou (@basiliscos)
v4.3.0
- FEATURE: Many UI elements colors are themeable now (jagannatharjun)
- FEATURE: Allow changing GUI icons from theme bundles (jagannatharjun)
- FEATURE: Notify user when torrent moving finished (glassez)
- FEATURE: Shortcut CTRL + I opens Statistics window (LoopsGod)
- FEATURE: Add RSS functionality in Web UI (Sepro)
- FEATURE: Drop ".unwanted folder" feature (glassez)
- FEATURE: Expose libtorrent peer_turnover, max_concurrent_http_announces, no_connect_privileged_ports settings (Sophist, an0n666, NotTsunami)
- BUGFIX: Fix typo in Options dialog (Andrei Stepanov)
- BUGFIX: Remove "requires restart" from network interface settings (an0n666)
- BUGFIX: Rename "Create subfolder" to "Keep top-level folder" (thalieht)
- BUGFIX: Show tooltip for some properties in transfer list (Nick Korotysh)
- BUGFIX: Fix calculation of torrent current state (glassez)
- BUGFIX: Improve detecting completed files when adding, rechecking or moving a torrent (glassez)
- BUGFIX: Fixed broken announce logic in embedded tracker causing failures in some cases (FranciscoPombal)
- BUGFIX: Disable checkbox if torrent doesn't have root folder (thalieht)
- BUGFIX: Update country flag icons with upstream (Chocobo1)
- BUGFIX: Private torrent: If tracker entry is edited clear old peer list. Also don't allow user to manually add peers. (an0n666)
- BUGFIX: Fix large strings not visible in log widget (jagannatharjun)
- BUGFIX: Disable edit action in Peer list widget (Chocobo1)
- BUGFIX: Add a scroll area to torrent creator dialog (Ernesto Castellotti)
- BUGFIX: Content tab: Open double-clicked folder regardless on which column the click happens (Chocobo1)
- BUGFIX: "Open containing folder" on a folder now opens it in its parent folder (Chocobo1)
- BUGFIX: Fix GeoDB download in systems with non-C locales (FranciscoPombal)
- BUGFIX: Fix peer blocked message (FranciscoPombal)
- BUGFIX: Make more robust the banning of selected peers from the list (NotTsunami)
- BUGFIX: Use toned green color for downloading pieces in Pieces bar (jagannatharjun)
- BUGFIX: Correctly fill whole width of speed graph (jagannatharjun)
- BUGFIX: Fix impossible speed in speed graph (jagannatharjun)
- WEBUI: Hide additional search filters on small screens (Thomas Piccirello)
- WEBUI: Shrink search bar on small screens (Thomas Piccirello)
- WEBUI: Fix search categories only working in English (Thomas Piccirello)
- WEBUI: Add Trackers section to sidebar (Thomas Piccirello)
- WEBUI: Fix Enter button behavior in textarea (Tom Piccirello)
- WEBUI: Fix wrong file renaming selection range (MR)
- WEBUI: Preselect "Default save path" in watched folders (thalieht)
- WEBUI: Fix banning peers (brvphoenix)
- WEBUI: Fix seeding time checkbox placement (Chocobo1)
- WEBUI: Bump Web API version (Thomas Piccirello)
- RSS: Fix renaming RSS autodownload rule (glassez)
- RSS: Fix RSS article is not marked as "read" when torrent is downloaded (glassez)
- SEARCH: Update minimum Python version to 3.5.0 (ngosang)
- SEARCH: Make middle-click close search tabs (Will Da Silva)
- WINDOWS: NSIS: Update Dutch translation (Thomas De Rocker)
- WINDOWS: NSIS: Change the installers uninstallation question to clear confusion (an0n666)
- LINUX: Fix typo in systemd service file (Shane Allgeier)
- LINUX: Don't use HTML in tray tooltip (thalieht)
- LINUX: Don't create 'data' subdirectory in XDG_DATA_HOME (lbilli)
- LINUX/MACOS: Add HTTPS tracker certificate validation option (NotTsunami)
- OTHER: Many CMake improvements (FranciscoPombal)
- OTHER: Support for libtorrent 1.1.x is dropped (Chocobo1)
- OTHER: Many code cleanups and improvements (FranciscoPombal, Chocobo1, glassez)
libtorrent-1.2.11
Fixes since the 1.2.10 release:
fix issue with moving the session object
deprecate torrent_status::allocating. This state is no longer used
fix bug creating torrents with symbolic links
remove special case to save metadata in resume data unconditionally when added throught magnet link
fix bugs in mutable-torrent support (reusing identical files from different torrents)
fix incorrectly inlined move-assignment of file_storage
add session::paused flag, and the ability to construct a session in paused mode
fix session-pause causing tracker announces to fail
fix peer-exchange flags bug
allow saving resume data before metadata has been downloaded (for magnet links)
record blocks in the disk queue as downloaded in the resume data
fix bug in set_piece_deadline() when set in a zero-priority piece
fix issue in URL parser, causing issues with certain tracker URLs
use a different error code than host-unreachable, when skipping tracker announces
pkgsrc changes:
- Remove patch-go.mod, version was bumped upstream too
Changes:
1.2.1
=====
Security
--------
* This fixes the security vulnerability where running gh inside of an
untrusted directory on Windows could lead to .\git.exe, .\git.bat, or a
similarly crafted executable in the same directory being run instead of the
system git command. See GHSA-fqfh-778m-2v32
Fixes
-----
* issue list: fetch and display all labels instead of just the first three
* pr view <branch>: allow viewing closed PRs
* pr create: omit the unnecessary and misleading Create a pull request for
'<branch>' on GitHub by visiting: <URL> message generated by git push
* pr checks: improve error message when no checks are reported
* repo clone: print friendly error for the required argument
* release create: print friendly error for the required argument
* garden: completely reset status line when moving around
* Allow running gh commands from Windows Explorer search bar
1.2.0
=====
Features
--------
* api: add flag --hostname to set host target for api requests
* pr merge: add confirmation step in interactive mode
* auth login: add flag --scopes to set authorization scopes
* auth status: add flag --show-token to display auth token
* config set: add validation of configuration values
* config set: add warning for unknown configuration keys
* Codespaces: add support for "integration" tokens
* Add GH_NO_UPDATE_NOTIFIER environment variable to allow skipping of update
checks
* Skip update checks in CI environments
Bugs
----
* issue list: fix result inconsistencies when specifying limit
* issue list: fix filtering by milestone for large milestone numbers
* repo clone: use canonical capitalization for remote URLs
* pr create: fix continue in browser for branches with special characters
* repo garden: fix incorrect terminal state after Ctrl-C
* Improve shell autocompletions for bash, zsh, and PowerShell
Build
-----
* Rename the internal command package, resulting in a rename of Version and
Date variables passed via ldflags at build time.
To set version and date when building from source, use the GH_VERSION and
BUILD_DATE environment variables in conjunction with our Makefile.
1.1.0
=====
Features
--------
* Support GH_PAGER environment override for PAGER
* Disable terminal pager when its value is set to cat
* repo view: add option to specify a branch
* repo view: render :emoji: syntax as emoji characters
Bugs
----
* Fix pr create when branch was already pushed to a non-base remote
* pr status/view/create: fix API-related failures with GitHub Enterprise
Server
* Fix markdown rendering when terminal pager is enabled
* repo create: respect repo name input given in interactive prompt
* auth login: display correct hostname in Personal Access Token instructions
* auth login: document minimum required token scopes
* pr checkout: fix running on detached HEAD
* pr merge: default to "no" for "delete branch after merge" prompt
* gist list: switch to GraphQL API to improve fetching
+ support fetching more than 100 gists
+ list gists ordered by creation time, descending
+ for machine-readable output, serialize timestamps in RFC 3339 format
+ ensure newlines in gist description are rendered as spaces
* gist view/edit: fix passing Gist URL as argument
* gist edit: check ownership before editing
* gist edit: avoid updating gist when the contents haven't changed
* repo garden: fix for repositories with only a few commits
* repo garden: restore tty settings on exit
* Fix reading the current git branch name when it contains a non-breaking
space
* Document gh config set pager ... option
* Fix .tar upload tests on different OSs
* dhcpcd: Don't create a launcher process if keeping in foreground
* dhcpcd: Add --noconfigure option
* control: Create an unpriv socket for non master mode
* options: Don't log unknown ones when printing pidfile location
* privsep: Fix Linux ARM32 and operating over a serial terminal
* Linux: Fix detection of IPv4 addresses
* Linux: Fix namespace matching issue
pkgsrc changes:
- Move all GO_MODULE_FILES to a separate go-modules.mk file (a bit easier to
maintain), NFCI.
Changes:
1.53.3
------
* Bug Fixes
* random: Fix incorrect use of math/rand instead of crypto/rand
CVE-2020-28924 (Nick Craig-Wood)
* Passwords you have generated with `rclone config` may be insecure
* See [issue #4783](https://github.com/rclone/rclone/issues/4783) for
more details and a checking tool
* random: Seed math/rand in one place with crypto strong seed (Nick Craig-Wood)
* VFS
* Fix vfs/refresh calls with fs= parameter (Nick Craig-Wood)
* Sharefile
* Fix backend due to API swapping integers for strings (Nick Craig-Wood)
1.53.2
------
* Bug Fixes
* acounting
* Fix incorrect speed and transferTime in core/stats (Nick Craig-Wood)
* Stabilize display order of transfers on Windows (Nick Craig-Wood)
* operations
* Fix use of --suffix without --backup-dir (Nick Craig-Wood)
* Fix spurious "--checksum is in use but the source and destination
have no hashes in common" (Nick Craig-Wood)
* build
* Work around GitHub actions brew problem (Nick Craig-Wood)
* Stop using set-env and set-path in the GitHub actions
(Nick Craig-Wood)
* Mount
* mount2: Fix the swapped UID / GID values (Russell Cattelan)
* VFS
* Detect and recover from a file being removed externally from the cache
(Nick Craig-Wood)
* Fix a deadlock vulnerability in downloaders.Close (Leo Luan)
* Fix a race condition in retryFailedResets (Leo Luan)
* Fix missed concurrency control between some item operations and reset
(Leo Luan)
* Add exponential backoff during ENOSPC retries (Leo Luan)
* Add a missed update of used cache space (Leo Luan)
* Fix --no-modtime to not attempt to set modtimes (as documented)
(Nick Craig-Wood)
* Local
* Fix sizes and syncing with --links option on Windows (Nick Craig-Wood)
* Chunker
* Disable ListR to fix missing files on GDrive (workaround) (Ivan Andreev)
* Fix upload over crypt (Ivan Andreev)
* Fichier
* Increase maximum file size from 100GB to 300GB (gyutw)
* Jottacloud
* Remove clientSecret from config when upgrading to token based
authentication (buengese)
* Avoid double url escaping of device/mountpoint (albertony)
* Remove DirMove workaround as it's not required anymore - also (buengese)
* Mailru
* Fix uploads after recent changes on server (Ivan Andreev)
* Fix range requests after june changes on server (Ivan Andreev)
* Fix invalid timestamp on corrupted files (fixes) (Ivan Andreev)
* Onedrive
* Fix disk usage for sharepoint (Nick Craig-Wood)
* S3
* Add missing regions for AWS (Anagh Kumar Baranwal)
* Seafile
* Fix accessing libraries > 2GB on 32 bit systems (Muffin King)
* SFTP
* Always convert the checksum to lower case (buengese)
* Union
* Create root directories if none exist (Nick Craig-Wood)
Unix systems. It includes command-line client and server management, TCP
access control, privilege escalation across UNIX domain sockets, IDENT
protocol management, clock synchronization, and secure connections using
the TLS protocol.
s6-dns is a suite of DNS client programs and libraries for Unix systems,
as an alternative to the BIND, djbdns or other DNS clients.
s6-dns may include its own series of DNS caches and servers at some
point in the future.
Version 2.3.2 - The "don't close tabs" version.
----------
2016-09-16
circulosmeos:
* amuleweb cookies read behind a "lowercase" proxy (http/2 compliant)
Dan64:
* Read AICH root hashes from binary eMuleCollection files
gnazio:
* Fixed configure of libpng when sh != bash
GonoszTopi:
* Allow any kind of file links in collections
* Make UPnP log go to the appropriate category (#1681)
* Use the C++ compiler to check for features we're about to use
in C++ source files (#1572)
* Adapt configure to handle subversion repository clones in
mercurial and git
* Fix bfd detection for systems missing -liberty
* Add support for 'canceled.met' to the fileview tool
* Implemented the missing 'show shared' command in amulecmd
* Fix check for a valid locale config entry being done *after*
the locale has been set
* Fix Crypto++ detection routine happily using build library
for host when cross-compiling
* Fix bug #1711: Kad Info tab should display my own user ID
* Fix wrong sized images in the priscilla skin
* Fix bug #1423: Add the possibility to not create sparse files
* Fix bug #1743: crash when importing part files
* Review assertions in the eD2k and Kademlia code and remove
those that could be triggered by a malformed incoming packet
* Fix a possible uninitialized variable access and a definite
memory leak in the UPnP code
iz0bbz:
* Fix WinSock library version detection with MinGW-w64
* Fix compilation with MinGW-w64
kam:
* WebServer serves .json, .manifest and .appacache files
Mr Hyde:
* Fix "Disable computer's timed standby mode" for MacOS 10.9 Mavericks
* Compilation fix on Linux Slackware 64bit and MacOS 10.9.4
* Fix configure on Mac
sc0w:
* Add ability to use middle-click to close search tabs
Stu Redman:
* Display hashing progress in progress bars
* Assertion from background thread now prints a message and not just closes the app
* Backtrace (crash or assertion) is written to logfile
* Fix: disabling protocol obfuscation broke Kad and triggered assertions
* Fixed "Prompt on exit" preference
* Fixed country flags for Turkish localization
* Fixed loading of zipped IP filter (#1674)
* Fixed showing of shared files to other clients
* Fixed assertions in CFormat("%p") on 64 bit OS with wx 2.9
* Boost Asio can now be used as networking layer instead of wxWidgets
* Fixed memory leak when AICH hashing already known files
* New download links for server list and nodes.dat (with gav616 and xosevp)
* Projects for Visual Studio 2013 (which is now the preferred Win32 compiler)
* Fixed build with wx 3.0 (including STL build)
tgragnato:
* Fixed ASIO compilation with libcxx
Tianming Xie:
* Fix for debian bug #795061: There is no rule to generate Scanner.h
local-domain client-server applications. They conform to the UNIX
Client-Server Program Interface, UCSPI.
The ipcserver program listens for connections on a local-domain
stream socket, and runs a program for each connection it accepts. The
program environment includes variables that hold the local and remote
socket addresses, and the effective user and group IDs of the process
that called connect. ipcserver offers a concurrency limit on
acceptance of new connections, and selective handling of connections
based on client identity.
The ipcclient program requests a connection to a local-domain socket,
and runs a program. The program environment includes a variable that
holds the local socket address.
The ipcperl program is an example of an ipchandle server. It invokes a
perl subroutine for each request.
between two connections set up by a UCSPI server and a UCSPI client. The
simple usage is:
UCSPIserver [address] UCSPIclient [address] ucspi-proxy
Replace "UCSPIserver" with the program that will accept connections, and
"UCSPIclient" with the program that will make connections.
Overview of changes in 2.5
==========================
New features
------------
Client-specific tls-crypt keys (``--tls-crypt-v2``)
``tls-crypt-v2`` adds the ability to supply each client with a unique
tls-crypt key. This allows large organisations and VPN providers to profit
from the same DoS and TLS stack protection that small deployments can
already achieve using ``tls-auth`` or ``tls-crypt``.
ChaCha20-Poly1305 cipher support
Added support for using the ChaCha20-Poly1305 cipher in the OpenVPN data
channel.
Improved Data channel cipher negotiation
The option ``ncp-ciphers`` has been renamed to ``data-ciphers``.
The old name is still accepted. The change in name signals that
``data-ciphers`` is the preferred way to configure data channel
ciphers and the data prefix is chosen to avoid the ambiguity that
exists with ``--cipher`` for the data cipher and ``tls-cipher``
for the TLS ciphers.
OpenVPN clients will now signal all supported ciphers from the
``data-ciphers`` option to the server via ``IV_CIPHERS``. OpenVPN
servers will select the first common cipher from the ``data-ciphers``
list instead of blindly pushing the first cipher of the list. This
allows to use a configuration like
``data-ciphers ChaCha20-Poly1305:AES-256-GCM`` on the server that
prefers ChaCha20-Poly1305 but uses it only if the client supports it.
See the data channel negotiation section in the manual for more details.
Removal of BF-CBC support in default configuration:
By default OpenVPN 2.5 will only accept AES-256-GCM and AES-128-GCM as
data ciphers. OpenVPN 2.4 allows AES-256-GCM,AES-128-GCM and BF-CBC when
no --cipher and --ncp-ciphers options are present. Accepting BF-CBC can be
enabled by adding
data-ciphers AES-256-GCM:AES-128-GCM:BF-CBC
and when you need to support very old peers also
data-ciphers-fallback BF-CBC
To offer backwards compatibility with older configs an *explicit*
cipher BF-CBC
in the configuration will be automatically translated into adding BF-CBC
to the data-ciphers option and setting data-ciphers-fallback to BF-CBC
(as in the example commands above). We strongly recommend to switching
away from BF-CBC to a more secure cipher.
Asynchronous (deferred) authentication support for auth-pam plugin.
See src/plugins/auth-pam/README.auth-pam for details.
Deferred client-connect
The ``--client-connect`` option and the connect plugin API allow
asynchronous/deferred return of the configuration file in the same way
as the auth-plugin.
Faster connection setup
A client will signal in the ``IV_PROTO`` variable that it is in pull
mode. This allows the server to push the configuration options to
the client without waiting for a ``PULL_REQUEST`` message. The feature
is automatically enabled if both client and server support it and
significantly reduces the connection setup time by avoiding one
extra packet round-trip and 1s of internal event delays.
Netlink support
On Linux, if configured without ``--enable-iproute2``, configuring IP
addresses and adding/removing routes is now done via the netlink(3)
kernel interface. This is much faster than calling ``ifconfig`` or
``route`` and also enables OpenVPN to run with less privileges.
If configured with --enable-iproute2, the ``ip`` command is used
(as in 2.4). Support for ``ifconfig`` and ``route`` is gone.
Wintun support
On Windows, OpenVPN can now use ``wintun`` devices. They are faster
than the traditional ``tap9`` tun/tap devices, but do not provide
``--dev tap`` mode - so the official installers contain both. To use
a wintun device, add ``--windows-driver wintun`` to your config
(and use of the interactive service is required as wintun needs
SYSTEM privileges to enable access).
IPv6-only operation
It is now possible to have only IPv6 addresses inside the VPN tunnel,
and IPv6-only address pools (2.4 always required IPv4 config/pools
and IPv6 was the "optional extra").
Improved Windows 10 detection
Correctly log OS on Windows 10 now.
Linux VRF support
Using the new ``--bind-dev`` option, the OpenVPN outside socket can
now be put into a Linux VRF. See the "Virtual Routing and Forwarding"
documentation in the man page.
TLS 1.3 support
TLS 1.3 support has been added to OpenVPN. Currently, this requires
OpenSSL 1.1.1+.
The options ``--tls-ciphersuites`` and ``--tls-groups`` have been
added to fine tune TLS protocol options. Most of the improvements
were also backported to OpenVPN 2.4 as part of the maintainance
releases.
Support setting DHCP search domain
A new option ``--dhcp-option DOMAIN-SEARCH my.example.com`` has been
defined, and Windows support for it is implemented (tun/tap only, no
wintun support yet). Other platforms need to support this via ``--up``
script (Linux) or GUI (OSX/Tunnelblick).
per-client changing of ``--data-ciphers`` or ``data-ciphers-fallback``
from client-connect script/dir (NOTE: this only changes preference of
ciphers for NCP, but can not override what the client announces as
"willing to accept")
Handle setting of tun/tap interface MTU on Windows
If IPv6 is in use, MTU must be >= 1280 (Windows enforces IETF requirements)
Add support for OpenSSL engines to access private key material (like TPM).
HMAC based auth-token support
The ``--auth-gen-token`` support has been improved and now generates HMAC
based user token. If the optional ``--auth-gen-token-secret`` option is
used clients will be able to seamlessly reconnect to a different server
using the same secret file or to the same server after a server restart.
Improved support for pending authentication
The protocol has been enhanced to be able to signal that
the authentication should use a secondary authentication
via web (like SAML) or a two factor authentication without
disconnecting the OpenVPN session with AUTH_FAILED. The
session will instead be stay in a authenticated state and
wait for the second factor authentication to complete.
This feature currently requires usage of the managent interface
on both client and server side. See the `management-notes.txt`
``client-pending-auth`` and ``cr-response`` commands for more
details.
VLAN support
OpenVPN servers in TAP mode can now use 802.1q tagged VLANs
on the TAP interface to separate clients into different groups
that can then be handled differently (different subnets / DHCP,
firewall zones, ...) further down the network. See the new
options ``--vlan-tagging``, ``--vlan-accept``, ``--vlan-pvid``.
802.1q tagging on the client side TAP interface is not handled
today (= tags are just forwarded transparently to the server).
Support building of .msi installers for Windows
Allow unicode search string in ``--cryptoapicert`` option (Windows)
Support IPv4 configs with /31 netmasks now
(By no longer trying to configure ``broadcast x.x.x.x'' in
ifconfig calls, /31 support "just works")
New option ``--block-ipv6`` to reject all IPv6 packets (ICMPv6)
this is useful if the VPN service has no IPv6, but the clients
might have (LAN), to avoid client connections to IPv6-enabled
servers leaking "around" the IPv4-only VPN.
``--ifconfig-ipv6`` and ``--ifconfig-ipv6-push`` will now accept
hostnames and do a DNS lookup to get the IPv6 address to use
Deprecated features
-------------------
For an up-to-date list of all deprecated options, see this wiki page:
https://community.openvpn.net/openvpn/wiki/DeprecatedOptions
- ``ncp-disable`` has been deprecated
With the improved and matured data channel cipher negotiation, the use
of ``ncp-disable`` should not be necessary anymore.
- ``inetd`` has been deprecated
This is a very limited and not-well-tested way to run OpenVPN, on TCP
and TAP mode only, which complicates the code quite a bit for little gain.
To be removed in OpenVPN 2.6 (unless users protest).
- ``no-iv`` has been removed
This option was made into a NOOP option with OpenVPN 2.4. This has now
been completely removed.
- ``--client-cert-not-required`` has been removed
This option will now cause server configurations to not start. Use
``--verify-client-cert none`` instead.
- ``--ifconfig-pool-linear`` has been removed
This option is removed. Use ``--topology p2p`` or ``--topology subnet``
instead.
- ``--compress xxx`` is considered risky and is warned against, see below.
- ``--key-method 1`` has been removed
User-visible Changes
--------------------
- If multiple connect handlers are used (client-connect, ccd, connect
plugin) and one of the handler succeeds but a subsequent fails, the
client-disconnect-script is now called immediately. Previously it
was called, when the VPN session was terminated.
- Support for building with OpenSSL 1.0.1 has been removed. The minimum
supported OpenSSL version is now 1.0.2.
- The GET_CONFIG management state is omitted if the server pushes
the client configuration almost immediately as result of the
faster connection setup feature.
- ``--compress`` is nowadays considered risky, because attacks exist
leveraging compression-inside-crypto to reveal plaintext (VORACLE). So
by default, ``--compress xxx`` will now accept incoming compressed
packets (for compatibility with peers that have not been upgraded yet),
but will not use compression outgoing packets. This can be controlled with
the new option ``--allow-compression yes|no|asym``.
- Stop changing ``--txlen`` aways from OS defaults unless explicitly specified
in config file. OS defaults nowadays are actually larger then what we used
to configure, so our defaults sometimes caused packet drops = bad performance.
- remove ``--writepid`` pid file on exit now
- plugin-auth-pam now logs via OpenVPN logging method, no longer to stderr
(this means you'll have log messages in syslog or openvpn log file now)
- use ISO 8601 time format for file based logging now (YYYY-MM-DD hh:mm:dd)
(syslog is not affected, nor is ``--machine-readable-output``)
- ``--clr-verify`` now loads all CRLs if more than one CRL is in the same
file (OpenSSL backend only, mbedTLS always did that)
- when ``--auth-user-pass file`` has no password, and the management interface
is active, query management interface (instead of trying console query,
which does not work on windows)
- skip expired certificates in Windows certificate store (``--cryptoapicert``)
- ``--socks-proxy`` + ``--proto udp*`` will now allways use IPv4, even if
IPv6 is requested and available. Our SOCKS code does not handle IPv6+UDP,
and before that change it would just fail in non-obvious ways.
- TCP listen() backlog queue is now set to 32 - this helps TCP servers that
receive lots of "invalid" connects by TCP port scanners
- do no longer print OCC warnings ("option mismatch") about ``key-method``,
``keydir``, ``tls-auth`` and ``cipher`` - these are either gone now, or
negotiated, and the warnings do not serve a useful purpose.
- ``dhcp-option DNS`` and ``dhcp-option DNS6`` are now treated identically
(= both accept an IPv4 or IPv6 address for the nameserver)
Maintainer-visible changes
--------------------------
- the man page is now in maintained in .rst format, so building the openvpn.8
manpage from a git checkout now requires python-docutils (if this is missing,
the manpage will not be built - which is not considered an error generally,
but for package builders or ``make distcheck`` it is). Release tarballs
contain the openvpn.8 file, so unless some .rst is changed, doc-utils are
not needed for building.
- OCC support can no longer be disabled
- AEAD support is now required in the crypto library
- ``--disable-server`` has been removed from configure (so it is no longer
possible to build a client-/p2p-only OpenVPN binary) - the saving in code
size no longer outweighs the extra maintenance effort.
- ``--enable-iproute2`` will disable netlink(3) support, so maybe remove
that from package building configs (see above)
- support building with MSVC 2019
- cmocka based unit tests are now only run if cmocka is installed externally
(2.4 used to ship a local git submodule which was painful to maintain)
- ``--disable-crypto`` configure option has been removed. OpenVPN is now always
built with crypto support, which makes the code much easier to maintain.
This does not affect ``--cipher none`` to do a tunnel without encryption.
- ``--disable-multi`` configure option has been removed
Three new features in this release, plus an unknown number of new
bugs:
1. When the `NO_COLOR` env variable is set, phetch won't use colors
when rendering menus. See https://no-color.org/ for more information.
2. CP437 encoding support! You can toggle it on or off using `ctrl-e`
(for encoding) when viewing a Gopher text document, or using the
`--encoding` command line flag. See
https://en.wikipedia.org/wiki/Code_page_437.
Huge thanks to Kjell for suggesting this feature and providing some
great test data!
_NOTE: This only works for text documents since there's no `TAB`
character in CP437._
3. phetch now supports a primitive form of wrapping long lines when
rendering Gopher text documents. It won't reflow the text, but it
will make some phlogs and other documents slightly more readable.
Enable it with `--wrap NUM` or by adding `wrap NUM` to your
`phetch.conf`. You can disable it with `wrap 0`.
Disable rust option since it currently doesn't work.
Changes in version 0.4.4.6 - 2020-11-12
Tor 0.4.4.6 is the second stable release in the 0.4.4.x series. It
backports fixes from later releases, including a fix for TROVE-2020-
005, a security issue that could be used, under certain cases, by an
adversary to observe traffic patterns on a limited number of circuits
intended for a different relay.
o Major bugfixes (security, backport from 0.4.5.1-alpha):
- When completing a channel, relays now check more thoroughly to
make sure that it matches any pending circuits before attaching
those circuits. Previously, address correctness and Ed25519
identities were not checked in this case, but only when extending
circuits on an existing channel. Fixes bug 40080; bugfix on
0.2.7.2-alpha. Resolves TROVE-2020-005.
o Minor features (directory authorities, backport from 0.4.5.1-alpha):
- Authorities now list a different set of protocols as required and
recommended. These lists have been chosen so that only truly
recommended and/or required protocols are included, and so that
clients using 0.2.9 or later will continue to work (even though
they are not supported), whereas only relays running 0.3.5 or
later will meet the requirements. Closes ticket 40162.
- Make it possible to specify multiple ConsensusParams torrc lines.
Now directory authority operators can for example put the main
ConsensusParams config in one torrc file and then add to it from a
different torrc file. Closes ticket 40164.
o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
- Tor no longer allows subprotocol versions larger than 63.
Previously version numbers up to UINT32_MAX were allowed, which
significantly complicated our code. Implements proposal 318;
closes ticket 40133.
o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
- Fix a rendezvous cache unit test that was triggering an underflow
on the global rend cache allocation. Fixes bug 40125; bugfix
on 0.2.8.1-alpha.
- Fix another rendezvous cache unit test that was triggering an
underflow on the global rend cache allocation. Fixes bug 40126;
bugfix on 0.2.8.1-alpha.
o Minor bugfixes (compilation, backport from 0.4.5.1-alpha):
- Fix compiler warnings that would occur when building with
"--enable-all-bugs-are-fatal" and "--disable-module-relay" at the
same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha.
- Resolve a compilation warning that could occur in
test_connection.c. Fixes bug 40113; bugfix on 0.2.9.3-alpha.
o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
- Remove a debug logging statement that uselessly spammed the logs.
Fixes bug 40135; bugfix on 0.3.5.0-alpha.
o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
- Avoid a fatal assert() when failing to create a listener
connection for an address that was in use. Fixes bug 40073; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (v2 onion services, backport from 0.4.5.1-alpha):
- For HSFETCH commands on v2 onion services addresses, check the
length of bytes decoded, not the base32 length. Fixes bug 34400;
bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan.
Wireshark 3.4.0
New and Updated Features
The following features are new (or have been significantly updated) since version 3.4.0rc1:
Nothing of note.
The following features are new (or have been significantly updated) since version 3.3.1:
The Protobuf fields defined as google.protobuf.Timestamp type of Protobuf standard library can now be dissected as Wireshark fields of absolute time type.
The following features are new (or have been significantly updated) since version 3.3.0:
The Windows installers now ship with Npcap 1.00. They previously shipped with Npcap 0.9997.
The Windows installers now ship with Qt 5.15.1. They previously shipped with Qt 5.12.8.
The following features are new (or have been significantly updated) since version 3.2.0:
Windows executables and installers are now signed using SHA-2 only.
Save RTP stream to .au supports any codec with 8000 Hz rate supported by Wireshark (shown in RTP player). If save of audio is not possible (unsupported codec or rate), silence of same length is saved and warning is shown.
Asynchronous DNS resolution is always enabled. As a result, the c-ares library is now a required dependency.
Protobuf fields can be dissected as Wireshark (header) fields that allows user input the full names of Protobuf fields or messages in Filter toolbar for searching.
Dissectors based on Protobuf can register themselves to a new 'protobuf_field' dissector table, which is keyed with the full names of fields, for further parsing fields of BYTES or STRING type.
Wireshark is able to decode, play, and save iLBC payload on platforms where the iLBC library is available.
Wireshark is able to decode, play, and save opus payload on platforms where the opus library is available.
“Decode As” entries can now be copied from other profiles using a button in the dialog.
sshdump can now be copied to multiple instances. Each instance will show up a different interface and will have its own profile.
The main window now supports a packet diagram view, which shows each packet as a textbook-style diagram.
Filter buttons (“Preferences → Filter Buttons”) can be grouped by using “//” as a path separator in the filter button label.
IPP Over USB packets can now be dissected and displayed
New Protocol Support
Arinc 615A (A615A), Asphodel Protocol, AudioCodes Debug Recording (ACDR), Bluetooth HCI ISO (BT HCI ISO), Cisco MisCabling Protocol (MCP), Community ID Flow Hashing (CommunityID), DCE/RPC IRemoteWinspool SubSystem, (IREMOTEWINSPOOL), Dynamic Link Exchange Protocol (DLEP), EAP Generalized Pre-Shared Key (EAP-GPSK), EAP Password Authenticated Exchange (EAP-PAX), EAP Pre-Shared Key (EAP-PSK), EAP Shared-secret Authentication and Key Establishment (EAP-SAKE), Fortinet Single Sign-on (FSSO), FTDI Multi-Protocol Synchronous Serial Engine (FTDI MPSSE), Hypertext Transfer Protocol Version 3 (HTTP3), ILDA Digital Network (IDN), Java Debug Wire Protocol (JDWP), LBM Stateful Resolution Service (LBMSRS), Lithionics Battery Management, .NET Message Framing Protocol (MC-NMF), .NET NegotiateStream Protocol (MS-NNS), OBSAI UDP-based Communication Protocol (UDPCP), Palo Alto Heartbeat Backup (PA-HB-Bak), ScyllaDB RPC, Technically Enhanced Capture Module Protocol (TECMP), Tunnel Extensible Authentication Protocol (TEAP), UDP based FTP w/ multicast V5 (UFTP5), and USB Printer (USBPRINTER)
Updated Protocol Support
Too many protocols have been updated to list here.
New and Updated Capture File Support
MP4 (ISO/IEC 14496-12)
1.18.176
api-change:amplify: Update amplify command to latest version
api-change:databrew: Update databrew command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:quicksight: Update quicksight command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:forecast: Update forecast command to latest version
1.18.175
api-change:elbv2: Update elbv2 command to latest version
api-change:ssm: Update ssm command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.174
api-change:s3: Update s3 command to latest version
api-change:iotanalytics: Update iotanalytics command to latest version
api-change:macie2: Update macie2 command to latest version
api-change🇪🇸 Update es command to latest version
api-change:ssm: Update ssm command to latest version
api-change:storagegateway: Update storagegateway command to latest version
api-change:dynamodb: Update dynamodb command to latest version
api-change:datasync: Update datasync command to latest version
api-change:ecs: Update ecs command to latest version
api-change:fsx: Update fsx command to latest version
1.18.173
api-change:medialive: Update medialive command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:dlm: Update dlm command to latest version
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:ssm: Update ssm command to latest version
1.18.172
api-change:frauddetector: Update frauddetector command to latest version
api-change:events: Update events command to latest version
api-change:dynamodb: Update dynamodb command to latest version
api-change:lambda: Update lambda command to latest version
api-change:appmesh: Update appmesh command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:rds: Update rds command to latest version
api-change:kendra: Update kendra command to latest version
api-change🇪🇸 Update es command to latest version
1.18.171
api-change:iot: Update iot command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:cloudwatch: Update cloudwatch command to latest version
api-change:xray: Update xray command to latest version
api-change🇪🇸 Update es command to latest version
api-change:mq: Update mq command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:meteringmarketplace: Update meteringmarketplace command to latest version
1.18.170
api-change:ec2: Update ec2 command to latest version
1.18.169
api-change:elasticache: Update elasticache command to latest version
api-change:imagebuilder: Update imagebuilder command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:medialive: Update medialive command to latest version
api-change:braket: Update braket command to latest version
api-change:dms: Update dms command to latest version
api-change:sns: Update sns command to latest version
1.18.168
api-change:elbv2: Update elbv2 command to latest version
api-change:codeartifact: Update codeartifact command to latest version
api-change:sesv2: Update sesv2 command to latest version
api-change:marketplacecommerceanalytics: Update marketplacecommerceanalytics command to latest version
api-change:apigateway: Update apigateway command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:storagegateway: Update storagegateway command to latest version
1.18.167
api-change:ec2: Update ec2 command to latest version
api-change:workmail: Update workmail command to latest version
api-change:iot: Update iot command to latest version
1.18.166
api-change:glue: Update glue command to latest version
1.18.165
api-change:neptune: Update neptune command to latest version
api-change:kendra: Update kendra command to latest version
api-change:sagemaker: Update sagemaker command to latest version
1.18.164
api-change:macie2: Update macie2 command to latest version
api-change:mediatailor: Update mediatailor command to latest version
api-change:quicksight: Update quicksight command to latest version
1.18.163
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:appflow: Update appflow command to latest version
api-change:sns: Update sns command to latest version
api-change:accessanalyzer: Update accessanalyzer command to latest version
1.16.16
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:databrew: [botocore] Update databrew client to latest version
api-change:forecast: [botocore] Update forecast client to latest version
api-change:amplify: [botocore] Update amplify client to latest version
api-change:quicksight: [botocore] Update quicksight client to latest version
1.16.15
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
1.16.14
api-change:dynamodb: [botocore] Update dynamodb client to latest version
api-change🇪🇸 [botocore] Update es client to latest version
api-change:fsx: [botocore] Update fsx client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:iotanalytics: [botocore] Update iotanalytics client to latest version
api-change:s3: [botocore] Update s3 client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ecs: [botocore] Update ecs client to latest version
api-change:datasync: [botocore] Update datasync client to latest version
1.16.13
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:dlm: [botocore] Update dlm client to latest version
1.16.12
api-change:frauddetector: [botocore] Update frauddetector client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:kendra: [botocore] Update kendra client to latest version
api-change:events: [botocore] Update events client to latest version
api-change:dynamodb: [botocore] Update dynamodb client to latest version
api-change:lambda: [botocore] Update lambda client to latest version
api-change🇪🇸 [botocore] Update es client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:appmesh: [botocore] Update appmesh client to latest version
1.16.11
api-change:cloudwatch: [botocore] Update cloudwatch client to latest version
api-change🇪🇸 [botocore] Update es client to latest version
api-change:xray: [botocore] Update xray client to latest version
api-change:mq: [botocore] Update mq client to latest version
api-change:iot: [botocore] Update iot client to latest version
api-change:meteringmarketplace: [botocore] Update meteringmarketplace client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
1.16.10
api-change:ec2: [botocore] Update ec2 client to latest version
1.16.9
api-change:medialive: [botocore] Update medialive client to latest version
api-change:dms: [botocore] Update dms client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:imagebuilder: [botocore] Update imagebuilder client to latest version
api-change:braket: [botocore] Update braket client to latest version
api-change:sns: [botocore] Update sns client to latest version
api-change:elasticache: [botocore] Update elasticache client to latest version
1.16.8
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:codeartifact: [botocore] Update codeartifact client to latest version
api-change:marketplacecommerceanalytics: [botocore] Update marketplacecommerceanalytics client to latest version
api-change:apigateway: [botocore] Update apigateway client to latest version
api-change:sesv2: [botocore] Update sesv2 client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
1.16.7
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:iot: [botocore] Update iot client to latest version
api-change:workmail: [botocore] Update workmail client to latest version
1.16.6
api-change:glue: [botocore] Update glue client to latest version
1.16.5
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:neptune: [botocore] Update neptune client to latest version
api-change:kendra: [botocore] Update kendra client to latest version
1.16.4
api-change:mediatailor: [botocore] Update mediatailor client to latest version
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
1.16.3
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:sns: [botocore] Update sns client to latest version
api-change:accessanalyzer: [botocore] Update accessanalyzer client to latest version
api-change:appflow: [botocore] Update appflow client to latest version
1.19.16
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:databrew: Update databrew client to latest version
api-change:forecast: Update forecast client to latest version
api-change:amplify: Update amplify client to latest version
api-change:quicksight: Update quicksight client to latest version
1.19.15
api-change:ec2: Update ec2 client to latest version
api-change:elbv2: Update elbv2 client to latest version
api-change:autoscaling: Update autoscaling client to latest version
api-change:ssm: Update ssm client to latest version
1.19.14
api-change:dynamodb: Update dynamodb client to latest version
api-change🇪🇸 Update es client to latest version
api-change:fsx: Update fsx client to latest version
api-change:macie2: Update macie2 client to latest version
api-change:iotanalytics: Update iotanalytics client to latest version
api-change:s3: Update s3 client to latest version
api-change:storagegateway: Update storagegateway client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ecs: Update ecs client to latest version
api-change:datasync: Update datasync client to latest version
1.19.13
api-change:ssm: Update ssm client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
api-change:medialive: Update medialive client to latest version
api-change:dlm: Update dlm client to latest version
1.19.12
api-change:frauddetector: Update frauddetector client to latest version
api-change:rds: Update rds client to latest version
api-change:kendra: Update kendra client to latest version
api-change:events: Update events client to latest version
api-change:dynamodb: Update dynamodb client to latest version
api-change:lambda: Update lambda client to latest version
api-change🇪🇸 Update es client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:appmesh: Update appmesh client to latest version
1.19.11
api-change:cloudwatch: Update cloudwatch client to latest version
api-change🇪🇸 Update es client to latest version
api-change:xray: Update xray client to latest version
api-change:mq: Update mq client to latest version
api-change:iot: Update iot client to latest version
api-change:meteringmarketplace: Update meteringmarketplace client to latest version
api-change:autoscaling: Update autoscaling client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
1.19.10
api-change:ec2: Update ec2 client to latest version
1.19.9
api-change:medialive: Update medialive client to latest version
api-change:dms: Update dms client to latest version
api-change:macie2: Update macie2 client to latest version
api-change:imagebuilder: Update imagebuilder client to latest version
api-change:braket: Update braket client to latest version
api-change:sns: Update sns client to latest version
api-change:elasticache: Update elasticache client to latest version
1.19.8
api-change:elbv2: Update elbv2 client to latest version
api-change:codeartifact: Update codeartifact client to latest version
api-change:marketplacecommerceanalytics: Update marketplacecommerceanalytics client to latest version
api-change:apigateway: Update apigateway client to latest version
api-change:sesv2: Update sesv2 client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:storagegateway: Update storagegateway client to latest version
1.19.7
api-change:ec2: Update ec2 client to latest version
api-change:iot: Update iot client to latest version
api-change:workmail: Update workmail client to latest version
1.19.6
api-change:glue: Update glue client to latest version
1.19.5
api-change:sagemaker: Update sagemaker client to latest version
api-change:neptune: Update neptune client to latest version
api-change:kendra: Update kendra client to latest version
1.19.4
api-change:mediatailor: Update mediatailor client to latest version
api-change:quicksight: Update quicksight client to latest version
api-change:macie2: Update macie2 client to latest version
1.19.3
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:sns: Update sns client to latest version
api-change:accessanalyzer: Update accessanalyzer client to latest version
api-change:appflow: Update appflow client to latest version
