1.14.30
api-change:budgets: Update budgets command to latest version
1.14.29
api-change:glue: Update glue command to latest version
api-change:transcribe: Update transcribe command to latest version
1.14.28
api-change:sagemaker: Update sagemaker command to latest version
1.14.27
api-change:ec2: Update ec2 command to latest version
api-change:autoscaling-plans: Update autoscaling-plans command to latest version
1.14.26
api-change:application-autoscaling: Update application-autoscaling command to latest version
api-change:rds: Update rds command to latest version
api-change:autoscaling-plans: Update autoscaling-plans command to latest version
1.14.25
api-change:lambda: Update lambda command to latest version
1.14.24
api-change:glue: Update glue command to latest version
1.14.23
api-change:elb: Update elb command to latest version
api-change:elbv2: Update elbv2 command to latest version
api-change:ssm: Update ssm command to latest version
api-change:rds: Update rds command to latest version
1.14.22
api-change:kms: Update kms command to latest version
1.14.21
api-change:ds: Update ds command to latest version
1.14.20
api-change:discovery: Update discovery command to latest version
api-change:codedeploy: Update codedeploy command to latest version
api-change:route53: Update route53 command to latest version
1.14.19
api-change:snowball: Update snowball command to latest version
api-change:ssm: Update ssm command to latest version
api-change:inspector: Update inspector command to latest version
1.14.18
api-change:rds: Update rds command to latest version
1.14.17
api-change:workspaces: Update workspaces command to latest version
1.14.16
api-change:ecs: Update ecs command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:inspector: Update inspector command to latest version
1.14.15
api-change:ec2: Update ec2 command to latest version
api-change:kinesisanalytics: Update kinesisanalytics command to latest version
api-change:codebuild: Update codebuild command to latest version
1.14.14
api-change:config: Update config command to latest version
api-change:iot: Update iot command to latest version
1.5.20
======
- api-change:``budgets``: [``botocore``] Update budgets client to
latest version
1.5.19
======
- api-change:``glue``: [``botocore``] Update glue client to latest
version
- api-change:``transcribe``: [``botocore``] Update transcribe client
to latest version
1.5.18
======
- api-change:``sagemaker``: [``botocore``] Update sagemaker client to
latest version
1.5.17
======
- api-change:``ec2``: [``botocore``] Update ec2 client to latest
version
- api-change:``autoscaling-plans``: [``botocore``] Update
autoscaling-plans client to latest version
1.5.16
======
- api-change:``application-autoscaling``: [``botocore``] Update
application-autoscaling client to latest version
- api-change:``autoscaling-plans``: [``botocore``] Update
autoscaling-plans client to latest version
- api-change:``rds``: [``botocore``] Update rds client to latest
version
1.5.15
======
- api-change:``lambda``: [``botocore``] Update lambda client to latest
version
- enhancement:cloudformation get_template template body ordering:
[``botocore``] fixesboto/boto3#1378
1.5.14
======
- api-change:``glue``: [``botocore``] Update glue client to latest
version
1.5.13
======
- api-change:``ssm``: [``botocore``] Update ssm client to latest
version
- api-change:``elbv2``: [``botocore``] Update elbv2 client to latest
version
- api-change:``rds``: [``botocore``] Update rds client to latest
version
- api-change:``elb``: [``botocore``] Update elb client to latest
version
1.5.12
======
- api-change:``kms``: [``botocore``] Update kms client to latest
version
1.5.11
======
- api-change:``ds``: [``botocore``] Update ds client to latest version
1.5.10
======
- api-change:``route53``: [``botocore``] Update route53 client to
latest version
- api-change:``discovery``: [``botocore``] Update discovery client to
latest version
- api-change:``codedeploy``: [``botocore``] Update codedeploy client
to latest version
1.5.9
=====
- api-change:``ssm``: [``botocore``] Update ssm client to latest
version
- api-change:``inspector``: [``botocore``] Update inspector client to
latest version
- api-change:``snowball``: [``botocore``] Update snowball client to
latest version
1.5.8
=====
- api-change:``rds``: [``botocore``] Update rds client to latest
version
1.5.7
=====
- api-change:``workspaces``: [``botocore``] Update workspaces client
to latest version
1.5.6
=====
- api-change:``ecs``: [``botocore``] Update ecs client to latest
version
- api-change:``ec2``: [``botocore``] Update ec2 client to latest
version
- api-change:``inspector``: [``botocore``] Update inspector client to
latest version
- api-change:``sagemaker``: [``botocore``] Update sagemaker client to
latest version
1.5.5
=====
- api-change:``ec2``: [``botocore``] Update ec2 client to latest
version
- enhancement:Paginator: [``botocore``] Added paginator support for
lambda list aliases operation.
- api-change:``kinesisanalytics``: [``botocore``] Update
kinesisanalytics client to latest version
- api-change:``codebuild``: [``botocore``] Update codebuild client to
latest version
1.5.4
=====
- api-change:``iot``: [``botocore``] Update iot client to latest
version
- api-change:``config``: [``botocore``] Update config client to latest
version
1.8.34
======
- api-change:``budgets``: Update budgets client to latest version
1.8.33
======
- api-change:``glue``: Update glue client to latest version
- api-change:``transcribe``: Update transcribe client to latest
version
1.8.32
======
- api-change:``sagemaker``: Update sagemaker client to latest version
1.8.31
======
- api-change:``ec2``: Update ec2 client to latest version
- api-change:``autoscaling-plans``: Update autoscaling-plans client to
latest version
1.8.30
======
- api-change:``application-autoscaling``: Update
application-autoscaling client to latest version
- api-change:``autoscaling-plans``: Update autoscaling-plans client to
latest version
- api-change:``rds``: Update rds client to latest version
1.8.29
======
- api-change:``lambda``: Update lambda client to latest version
- enhancement:cloudformation get_template template body ordering:
fixesboto/boto3#1378
1.8.28
======
- api-change:``glue``: Update glue client to latest version
1.8.27
======
- api-change:``ssm``: Update ssm client to latest version
- api-change:``elbv2``: Update elbv2 client to latest version
- api-change:``rds``: Update rds client to latest version
- api-change:``elb``: Update elb client to latest version
1.8.26
======
- api-change:``kms``: Update kms client to latest version
1.8.25
======
- api-change:``ds``: Update ds client to latest version
1.8.24
======
- api-change:``route53``: Update route53 client to latest version
- api-change:``discovery``: Update discovery client to latest version
- api-change:``codedeploy``: Update codedeploy client to latest
version
1.8.23
======
- api-change:``ssm``: Update ssm client to latest version
- api-change:``inspector``: Update inspector client to latest version
- api-change:``snowball``: Update snowball client to latest version
1.8.22
======
- api-change:``rds``: Update rds client to latest version
1.8.21
======
- api-change:``workspaces``: Update workspaces client to latest
version
1.8.20
======
- api-change:``ecs``: Update ecs client to latest version
- api-change:``ec2``: Update ec2 client to latest version
- api-change:``inspector``: Update inspector client to latest version
- api-change:``sagemaker``: Update sagemaker client to latest version
1.8.19
======
- api-change:``ec2``: Update ec2 client to latest version
- enhancement:Paginator: Added paginator support for lambda list
aliases operation.
- api-change:``kinesisanalytics``: Update kinesisanalytics client to
latest version
- api-change:``codebuild``: Update codebuild client to latest version
1.8.18
======
- api-change:``iot``: Update iot client to latest version
- api-change:``config``: Update config client to latest version
Improvements
- Don't process records for another class than IN
Bug Fixes
- Correctly handle ancestor delegation NSEC{,3} for children.
(CVE-2018-1000003)
- Fix the computation of the closest encloser for positive answers.
- Pass the correct buffer size to arecvfrom().
- Fix to make primeHints threadsafe, otherwise there's a small chance
on startup that the root-server IPs will be incorrect.
- Don't validate signature for "glue" CNAME, since anything else than
the initial CNAME can't be considered authoritative.
Release Notes for BIND Version 9.9.11-P1
Introduction
This document summarizes changes since BIND 9.9.11.
BIND 9.9.11-P1 addresses the security issue described in CVE-2017-3145.
Download
The latest versions of BIND 9 software can always be found at
http://www.isc.org/downloads/. There you will find additional
information about each release, source code, and pre-compiled versions
for Microsoft Windows operating systems.
New DNSSEC Root Key
ICANN is in the process of introducing a new Key Signing Key (KSK) for
the global root zone. BIND has multiple methods for managing DNSSEC
trust anchors, with somewhat different behaviors. If the root key is
configured using the managed-keys statement, or if the pre-configured
root key is enabled by using dnssec-validation auto, then BIND can keep
keys up to date automatically. Servers configured in this way should
have begun the process of rolling to the new key when it was published
in the root zone in July 2017. However, keys configured using the
trusted-keys statement are not automatically maintained. If your server
is performing DNSSEC validation and is configured using trusted-keys,
you are advised to change your configuration before the root zone
begins signing with the new KSK. This is currently scheduled for
October 11, 2017.
This release includes an updated version of the bind.keys file
containing the new root key. This file can also be downloaded from
https://www.isc.org/bind-keys .
Windows XP No Longer Supported
As of BIND 9.9.11, Windows XP is no longer a supported platform for
BIND, and Windows XP binaries are no longer available for download from
ISC.
Security Fixes
* Addresses could be referenced after being freed during resolver
processing, causing an assertion failure. The chances of this
happening were remote, but the introduction of a delay in
resolution increased them. (The delay will be addressed in an
upcoming maintenance release.) This bug is disclosed in
CVE-2017-3145. [RT #46839]
* An error in TSIG handling could permit unauthorized zone transfers
or zone updates. These flaws are disclosed in CVE-2017-3142 and
CVE-2017-3143. [RT #45383]
* The BIND installer on Windows used an unquoted service path, which
can enable privilege escalation. This flaw is disclosed in
CVE-2017-3141. [RT #45229]
* With certain RPZ configurations, a response with TTL 0 could cause
named to go into an infinite query loop. This flaw is disclosed in
CVE-2017-3140. [RT #45181]
Feature Changes
* Threads in named are now set to human-readable names to assist
debugging on operating systems that support that. Threads will have
names such as "isc-timer", "isc-sockmgr", "isc-worker0001", and so
on. This will affect the reporting of subsidiary thread names in ps
and top, but not the main thread. [RT #43234]
* DiG now warns about .local queries which are reserved for Multicast
DNS. [RT #44783]
Bug Fixes
* Fixed a bug that was introduced in an earlier development release
which caused multi-packet AXFR and IXFR messages to fail validation
if not all packets contained TSIG records; this caused
interoperability problems with some other DNS implementations. [RT
#45509]
* Semicolons are no longer escaped when printing CAA and URI records.
This may break applications that depend on the presence of the
backslash before the semicolon. [RT #45216]
* AD could be set on truncated answer with no records present in the
answer and authority sections. [RT #45140]
End of Life
BIND 9.9 (Extended Support Version) will be supported until at least
June, 2018. https://www.isc.org/downloads/software-support-policy/
Release Notes for BIND Version 9.10.6-P1
Introduction
This document summarizes changes since BIND 9.10.6.
BIND 9.10.6-P1 addresses the security issue described in CVE-2017-3145.
Download
The latest versions of BIND 9 software can always be found at
http://www.isc.org/downloads/. There you will find additional
information about each release, source code, and pre-compiled versions
for Microsoft Windows operating systems.
New DNSSEC Root Key
ICANN is in the process of introducing a new Key Signing Key (KSK) for
the global root zone. BIND has multiple methods for managing DNSSEC
trust anchors, with somewhat different behaviors. If the root key is
configured using the managed-keys statement, or if the pre-configured
root key is enabled by using dnssec-validation auto, then BIND can keep
keys up to date automatically. Servers configured in this way should
have begun the process of rolling to the new key when it was published
in the root zone in July 2017. However, keys configured using the
trusted-keys statement are not automatically maintained. If your server
is performing DNSSEC validation and is configured using trusted-keys,
you are advised to change your configuration before the root zone
begins signing with the new KSK. This is currently scheduled for
October 11, 2017.
This release includes an updated version of the bind.keys file
containing the new root key. This file can also be downloaded from
https://www.isc.org/bind-keys .
Windows XP No Longer Supported
As of BIND 9.10.6, Windows XP is no longer a supported platform for
BIND, and Windows XP binaries are no longer available for download from
ISC.
Security Fixes
* Addresses could be referenced after being freed during resolver
processing, causing an assertion failure. The chances of this
happening were remote, but the introduction of a delay in
resolution increased them. (The delay will be addressed in an
upcoming maintenance release.) This bug is disclosed in
CVE-2017-3145. [RT #46839]
* An error in TSIG handling could permit unauthorized zone transfers
or zone updates. These flaws are disclosed in CVE-2017-3142 and
CVE-2017-3143. [RT #45383]
* The BIND installer on Windows used an unquoted service path, which
can enable privilege escalation. This flaw is disclosed in
CVE-2017-3141. [RT #45229]
* With certain RPZ configurations, a response with TTL 0 could cause
named to go into an infinite query loop. This flaw is disclosed in
CVE-2017-3140. [RT #45181]
Feature Changes
* dig +ednsopt now accepts the names for EDNS options in addition to
numeric values. For example, an EDNS Client-Subnet option could be
sent using dig +ednsopt=ecs:.... Thanks to John Worley of Secure64
for the contribution. [RT #44461]
* Threads in named are now set to human-readable names to assist
debugging on operating systems that support that. Threads will have
names such as "isc-timer", "isc-sockmgr", "isc-worker0001", and so
on. This will affect the reporting of subsidiary thread names in ps
and top, but not the main thread. [RT #43234]
* DiG now warns about .local queries which are reserved for Multicast
DNS. [RT #44783]
Bug Fixes
* Fixed a bug that was introduced in an earlier development release
which caused multi-packet AXFR and IXFR messages to fail validation
if not all packets contained TSIG records; this caused
interoperability problems with some other DNS implementations. [RT
#45509]
* Semicolons are no longer escaped when printing CAA and URI records.
This may break applications that depend on the presence of the
backslash before the semicolon. [RT #45216]
* AD could be set on truncated answer with no records present in the
answer and authority sections. [RT #45140]
End of Life
The end of life for BIND 9.10 is yet to be determined but will not be
before BIND 9.12.0 has been released for 6 months.
https://www.isc.org/downloads/software-support-policy/
Version 1.0.21
- Updating fast_tls to version 1.0.20.
- Updating stun to version 1.0.20.
Version 1.0.20
- Updating stun to version 1.0.19.
- Updating fast_tls to version 1.0.19.
Version 1.0.19
- Updating stun to version 1.0.18.
- Updating fast_tls to version 71250ae.
- Support SNI for TLS connections
Version 1.0.20
- Updating fast_tls to version 1.0.20.
Version 1.0.19
- Updating fast_tls to version 1.0.19.
Version 1.0.18
- Updating fast_tls to version 71250ae.
- Fix compilation warnings
Changes:
version 2018.01.14
Extractors
* [youtube] Fix live streams extraction (#15202)
* [wdr] Bypass geo restriction
* [wdr] Rework extractors (#14598)
+ [wdr] Add support for wdrmaus.de/elefantenseite (#14598)
+ [gamestar] Add support for gamepro.de (#3384)
* [viafree] Skip rtmp formats (#15232)
+ [pandoratv] Add support for mobile URLs (#12441)
+ [pandoratv] Add support for new URL format (#15131)
+ [ximalaya] Add support for ximalaya.com (#14687)
+ [digg] Add support for digg.com (#15214)
* [limelight] Tolerate empty pc formats (#15150, #15151, #15207)
* [ndr:embed:base] Make separate formats extraction non fatal (#15203)
+ [weibo] Add extractor (#15079)
+ [ok] Add support for live streams
* [canalplus] Fix extraction (#15072)
* [bilibili] Fix extraction (#15188)
version 2018.01.07
Core
* [utils] Fix youtube-dl under PyPy3 on Windows
* [YoutubeDL] Output python implementation in debug header
Extractors
+ [jwplatform] Add support for multiple embeds (#15192)
* [mitele] Fix extraction (#15186)
+ [motherless] Add support for groups (#15124)
* [lynda] Relax URL regular expression (#15185)
* [soundcloud] Fallback to avatar picture for thumbnail (#12878)
* [youku] Fix list extraction (#15135)
* [openload] Fix extraction (#15166)
* [lynda] Skip invalid subtitles (#15159)
* [twitch] Pass video id to url_result when extracting playlist (#15139)
* [rtve.es:alacarta] Fix extraction of some new URLs
* [acast] Fix extraction (#15147)
version 2017.12.31
Core
+ [extractor/common] Add container meta field for formats extracted
in _parse_mpd_formats (#13616)
+ [downloader/hls] Use HTTP headers for key request
* [common] Use AACL as the default fourcc when AudioTag is 255
* [extractor/common] Fix extraction of DASH formats with the same
representation id (#15111)
Extractors
+ [slutload] Add support for mobile URLs (#14806)
* [abc:iview] Bypass geo restriction
* [abc:iview] Fix extraction (#14711, #14782, #14838, #14917, #14963, #14985,
#15035, #15057, #15061, #15071, #15095, #15106)
* [openload] Fix extraction (#15118)
- [sandia] Remove extractor
- [collegerama] Remove extractor
+ [mediasite] Add support for sites based on Mediasite Video Platform (#5428,
#11185, #14343)
+ [ufctv] Add support for ufc.tv (#14520)
* [pluralsight] Fix missing first line of subtitles (#11118)
* [openload] Fallback on f-page extraction (#14665, #14879)
* [vimeo] Improve password protected videos extraction (#15114)
* [aws] Fix canonical/signed headers generation on python 2 (#15102)
Upstream changes:
mikutter 3.6.1
* happy new year
* honor iPhone X
* require Diva gem 0.3.1 or later
* JSON exported Time was not in iso8601 format
* Spell to update user profile (thanks shibafu528)
* fix typo (thanks akkiesoft)
* twitter: crash when using World other than Twitter due to wrong assumption
that User#idname was always defined
* openimg: sporadic crash when opening images
version 4.2.3 stable:
* API change: previously ZMQ_POLLOUT on a ZMQ_ROUTER socket returned always
true due to how the type works. When ZMQ_ROUTER_MANDATORY is set, sending
fails when the peer is not available, but ZMQ_POLLOUT always returns true
anyway, which does not make sense. Now when ZMQ_ROUTER_MANDATORY is set,
ZMQ_POLLOUT on a ZMQ_ROUTER will return true only if at least one peer is
available.
Given ZMQ_POLLOUT with ZMQ_ROUTER was not usable at all previously, we do
not consider this a breakage warranting a major or minor version increase.
* ZMQ_IDENTITY has been renamed to ZMQ_ROUTING_ID and ZMQ_CONNECT_RID has been
renamed to ZMQ_CONNTECT_ROUTING_ID to disambiguate. ZMQ_IDENTITY and
ZMQ_CONNECT_RID are still available to keep backward compatibility, and will
be removed in a future release after further advance notice.
* DRAFT API change: zmq_poller_wait, zmq_poller_wait_all and zmq_poller_poll
have been changed to be inline with other existing APIs that have a timeout
to return EAGAIN instead of ETIMEDOUT as the errno value.
* Existing non-DRAFT socket types ZMQ_REP/REQ, ZMQ_ROUTER/DEALER and
ZMQPUB/SUB, that were previously declared deprecated, have been reinstated
as stable and supported.
* Tweetnacl: add support for, and use preferably if available, getrandom() as
a simpler and less error-prone alternative to /dev/urandom on OSes where it
is available (eg: Linux 3.18 with glibc 2.25).
* Curve: all remaining traces of debug output to console are now removed, and
new DRAFT events are available to properly debug CURVE, PLAIN, GSSAPI and
ZAP events and failures. See below for details on the new events.
* New DRAFT (see NEWS for 4.2.0) socket options:
- ZMQ_GSSAPI_PRINCIPAL_NAMETYPE and ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE, for
the corresponding GSSAPI features. Additional definitions for principal
name types:
- ZMQ_GSSAPI_NT_HOSTBASED
- ZMQ_GSSAPI_NT_USER_NAME
- ZMQ_GSSAPI_NT_KRB5_PRINCIPAL
See doc/zmq_gssapi.txt for details.
- ZMQ_BINDTODEVICE (Linux only), which will bind the socket(s) to the
specified interface. Allows to use Linux VRF, see:
https://www.kernel.org/doc/Documentation/networking/vrf.txt
NOTE: requires the program to be ran as root OR with CAP_NET_RAW
- ZMQ_ZAP_ENFORCE_DOMAIN, enables strict RFC 27 compatibility mode and makes
the ZAP Domain mandatory when using security. See:
https://rfc.zeromq.org/spec:27/ZAP
See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details.
* New DRAFT (see NEWS for 4.2.0) context options:
- ZMQ_THREAD_AFFINITY_CPU_ADD and ZMQ_THREAD_AFFINITY_CPU_REMOVE (Posix only),
to add and remove CPUs to the affinity set of the I/O threads. Useful to pin
the background threads to specific CPUs.
- ZMQ_THREAD_NAME_PREFIX (Posix only), to add a specific integer prefix to the
background threads names, to easily identify them for debugging purposes.
See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details.
* New DRAFT (see NEWS for 4.2.0) message property name definitions to facilitate
the use of zmq_msg_gets:
- ZMQ_MSG_PROPERTY_ROUTING_ID
- ZMQ_MSG_PROPERTY_SOCKET_TYPE
- ZMQ_MSG_PROPERTY_USER_ID
- ZMQ_MSG_PROPERTY_PEER_ADDRESS
See doc/zmq_msg_gets.txt for details.
* New DRAFT (see NEWS for 4.2.0) API zmq_socket_get_peer_state, to be used to
query the state of a specific peer (via routing-id) of a ZMQ_ROUTER socket.
* New DRAFT (see NEWS for 4.2.0) Socket Monitor events:
- ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL, unknown system error and returns errno
- ZMQ_EVENT_HANDSHAKE_SUCCEEDED, handshake was successful
- ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL, protocol errors between peers or server
and ZAP handler. Returns one of ZMQ_PROTOCOL_ERROR_* - see manpage for list
- ZMQ_EVENT_HANDSHAKE_FAILED_AUTH, failed authentication, returns ZAP status
These events trigger when the ZMTP security mechanism handshake is
completed or failed. See doc/zmq_socket_monitor.txt for more information.
* New DRAFT (see NEWS for 4.2.0) zmq_proxy_steerable command 'STATISTICS' to
retrieve stats about the amount of messages and bytes sent and received by
the proxy. See doc/zmq_proxy_steerable.txt for more information.
* Add new autoconf --disable-libunwind option to stop building with libunwind
even if it is available.
* Add new autoconf --disable-Werror option to avoid building with the Werror
flag.
* Use pkg-config as the first method for finding and building with external
optional dependencies such as libnorm, libpgm and gssapi.
* On Posix platform where the feature is available, name the ZMQ background
threads to simplify debugging: "ZMQbg/<num_thread>"
* Improve performance of zmq_poller_* (and zmq_poll and zmq_proxy when building
with DRAFT APIs enabled).
* The TCP unit tests have been refactored to bind and connect to random ports
rather than hard-coded ones, to allow running tests in parallel.
There are 6 exceptions where it is necessary to use an hard-coded port to
test specific code paths that would not be exercised when binding to a
wildcard port. These are listed in tests/testutil.hpp so that distributions
can easily patch them if they wish to and so that they can be unique across
all the tests, allowing parallel runs.
The IPC unit tests have been changed as well to use unique socket file names
per test, where before there were some clashes.
* Fixed 2349 - fix building with libsodium when using CMake
* Fixed 2334 - do not assert when tuning socket options fails due to network
errors, but simply retry again when connecting or send a socket monitor
ZMQ_EVENT_ACCEPT_FAILED event when binding
* Fixed 2341 - fix source files path in VS2015 solution
* Fixed 2344 - Note that on Windows with VS2012 it is mandatory to increase
the default stack size to at least 2MB
* Fixed 2348 - ZMQ_ROUTER send with ZMQ_ROUTER_MANDATORY can be stuck in case of
network problem
* Fixed 2358 - occasional abort on zmq_connect on Windows
* Fixed 2370 - zmq_curve_keypair should return an error on failure rather
than ignoring them and always returning 0
* Fixed 2452 - __STDC_LIMIT_MACROS before precompiled headers causes VC++
warning
* Fixed 2457 - fix building with libsodium in Visual Studio solutions
* Fixed 2466 - add const qualifier to internal and public API that does not
modify parameters
* Fixed 2471 - do more checks for OOM conditions when dynamic allocations is
used
* Fixed 2476 - assertion causes abort after ZAP stop at shutdown
* Fixed 2479 - improve zmq_poller performance on Windows
* Fixed 2481 - potential memory leaks due to ZMTP handshake failures
* Fixed 2531 - ZMQ_GSSAPI_PRINCIPAL sockopt has no effect on client side
* Fixed 2535 - add BUILD_SHARED and BUILD_STATIC options to CMake, both on by
default, to toggle shared and static library builds
* Fixed 2537 - use SYSTEM_CLOCK on OSX and CLOCK_MONOTONIC elsewhere for
internal timers to avoid races
* Fixed 2540 - new zmq_poller used by zmq_poll without DRAFTs
* Fixed 2552 - Fix WITH_DOC CMake build to avoid checking for asciidoc if the
option is disabled
* Fixed 2567 - Memory leak in REP socket handling
* Fixed 2579 - Compilation issue on Windows with CMake + ninja
* Fixed 2588 - SIGBUS under 64-bit SunOS Sparc
* Fixed 2590 - crash when using ZMQ_IMMEDIATE and ZMQ_LINGER to non-zero
* Fixed 2601 - XPUB_MANUAL subscriptions not removed on peer term
* Fixed 2602 - intermittent memory leak for ZMQ_REQ/REP send/recv
* Fixed 2608 - CURVE server (connect) fails when client rebinds
* Fixed 2610 - print backtraces in mutual exclusion to avoid mixing
different traces
* Fixed 2621 - add missing CMake files to distributable tarball
* Fixed 2630 - improve compatibility with OpenBSD w.r.t. IPV6_V6ONLY
* Fixed 2638 - note in INSTALL that when using Windows builds on Linux with
Wine it is necessary to increase the minimum TCP buffers
* Fixed 2632 - Fix file descriptor leak when using Tweetnacl (internal NACL
implementation) instead of Libsodium, and fix race condition when using
multiple ZMQ contexts with Tweetnacl
* Fixed 2681 - Possible buffer overflow in CURVE mechanism handshake.
NOTE: this was protected by an assert previously, so there is no security
risk.
* Fixed 2704 - test_sockopt_hwm fails occasionally on Windows
* Fixed 2701 - pgm build via cmake doesn't link libzmq with libpgm
* Fixed 2711 - ZAP handler communication errors should be handled consistently
* Fixed 2723 - assertion in src\select.cpp:111 or hang on zmq_ctx_destroy on
Windows
* Fixed 2728 - fix support O_CLOEXEC when building with CMake
* Fixed 2761 - improve compatibility with TrueOS (FreeBSD 12)
* Fixed 2764 - do not unlink IPC socket files when closing a socket to avoid
race conditions
* Fixed 2770 - support lcov 1.13 and newer
* Fixed 2787 - add libiphlpapi to PKGCFG_LIBS_PRIVATE for static mingw builds
* Fixed 2788 - document that adding -DZMQ_STATIC is required for Windows
static builds with Mingw
* Fixed 2789 - description of zmq_atomic_counter_value return value is cloned
from zmq_atomic_counter_new
* Fixed 2791 - fix building with DRAFT APIs on CentOS 6
* Fixed 2794 - router_t methods should not allocate memory for lookup in
outpipes
* Fixed 2809 - optimize select() usage on Windows
* Fixed 2816 - add CMake and autoconf check for accept4, as it is not
available on old Linux releases, and fallback to accept + FD_CLOEXEC
* Fixed 2824 - ZMQ_REQ socket does not report ZMQ_POLLOUT when ZMQ_REQ_RELAXED
is set
* Fixed 2827 - add support for Haiku
* Fixed 2840 - fix building with VS2008
* Fixed 2845 - correct the ZMQ_LINGER documentation to accurately reflect that
the default value is -1 (infinite). It never was 30 second in any released
version, it was only changed briefly and then changed back, but the manpage
was not reverted.
* Fixed 2861 - CMake/MSVC: export ZMQ_STATIC when needed.
Changes:
1.1.2
-----
* Added support for:
* `puremashiro` (#66)
* `idolcomplex`
* Added an option to filter reblogs on `tumblr` (#61)
* Added OAuth user authentication for `tumblr` (#65)
* Added support for `slideshare` mobile URLs (#67)
* Improved pagination for various ...booru sites to work around page limits
* Fixed chapter information parsing for certain manga on `kissmanga` (#58) and `batoto` (#60)
Changelog:
## Bug Fixes
The following bugs have been fixed:
wnpa-sec-2018-01
Multiple dissectors could crash. (Bug 14253) CVE-2018-5336
wnpa-sec-2018-03
The IxVeriWave file parser could crash. (Bug 14297) CVE-2018-5334
wnpa-sec-2018-04
The WCP dissector could crash. (Bug 14251) CVE-2018-5335
Prior to this release dumpcap enabled the Linux kernel's BPF JIT compiler
via the net.core.bpf_jit_enable sysctl. This could make systems
more vulnerable to Spectre variant 1 (CVE-2017-5753) and this feature
has been removed (Bug 14313).
Some keyboard shortcut mix-up has been resolved by assigning
new shortcuts to Edit -> Copy methods.
Remote interfaces are not saved. (Bug 8557)
Additional grouping in Expert Information dialog. (Bug 11753)
First start with non-empty extcap folder after install or reboot
hangs at "initializing tap listeners". (Bug 12845)
Can't hide expert categories in Expert Information. (Bug 13831)
Expert info dialog should have "Collapse All"/"Expand All" options.
(Bug 13842)
SIP Statistics extract does not work. (Bug 13942)
Service Response Time - SCSI dialog crashes. (Bug 14144)
Wireshark & Tshark 2.4.2 core dumps with segmentation fault. (Bug 14194)
SSH remote capture promiscuous mode. (Bug 14237)
SOCKS pseudo header displays incorrect Version value. (Bug 14262)
Only first variable of list is dissected in NTP Control request
message. (Bug 14268)
NTP Authenticator field dissection fails if padding is used. (Bug 14269)
BSSAP packet dissector issue - BSSAP_UPLINK_TUNNEL_REQUEST message.
(Bug 14289)
"[Malformed Packet]" for Mobile IP (MIP) protocol. (Bug 14292)
There is a potential buffer underflow in File_read_line function in
epan/wslua/wslua_file.c file. (Bug 14295)
Saving a temporary capture file may not result in the temporary
file being removed. (Bug 14298)
## Updated Protocol Support
Bluetooth, BSSAP, BT ATT, BT HCI, BT SMP, MIP, NTP, SCTP, SOCKS, UDS, and WCP
Bugfixes:
#1845: Files on deduplicated NTFS volumes are ignored by scanner
#4590: Path completion in new folder dialog does not work anymore
#4593: Fd leak when temp file cannot be truncated
#4605: Panic: runtime error related to KCP
Enhancements:
#2644: UI for debug levels and log access
#4369: GUI should indicate which files are out of sync on remote devices
#4400: Keep enough counters and state in the database to avoid initial database traversal
#4515: Should understand “socks” in addition to “socks5” in proxy URLs
Other issues:
#4407: Contribute kcp-go changes/features and/or fix tests
#4585: Update vendored github.com/minio/sha256-simd for AVX512 support
#4615: Update vendored x/sys/unix for dragonfly
Tor 0.3.2.9 is the first stable release in the 0.3.2 series.
The 0.3.2 series includes our long-anticipated new onion service
design, with numerous security features. (For more information, see
our blog post at https://blog.torproject.org/fall-harvest.) We also
have a new circuit scheduler algorithm for improved performance on
relays everywhere (see https://blog.torproject.org/kist-and-tell),
along with many smaller features and bugfixes.
gsutil is a Python application that lets you access Google Cloud Storage and
Amazon S3 from the command line. You can use gsutil to do a wide range of
bucket and object management tasks, including:
* Creating and deleting buckets
* Uploading, downloading, and deleting objects
* Listing buckets and objects
* Moving, copying, and renaming objects
* Editing object and bucket ACLs
The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.
There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
- Register pubsub#multi-items feature and add pubsub#max_items
field to meta-data
- Mention try_subtag/2 in the README
- Fix formatting in API.md
- New function: xmpp:try_subtag/2
- Make pretty printer understand jid records
- Support XEP-0184: Message Delivery Receipts
- Improve pretty printer and sub-elements processing
- Add PubSub error condition: 'precondition-not-met'
- pubsub_publish_options.xdata: Reject 'secret'
- Allow empty URIs in xmpp_uri:check/1
- Update muc#roominfo form and add validation for
'muc#room*_pubsub' fields
- Introduce xmpp_uri module
3.7.2
- Bug fix in the HTTP auth backend
3.7.1
- Bug fixes
3.7.0
- Minimum required Erlang version is now 19.3
- Automation-friendly cluster formation
- Distributed management plugin, including minor breaking HTTP API changes.
- Simpler, ini-style configuration format
- Per-vhost limits
- Operator policies
- Topic-based authorisation
- Cross-protocol Shovel (currently supports AMQP 0.9.1 and AMQP 1.0)
- Command-line tools are extensible via plugins
- Message store multi-tenancy
- Proxy protocol support
- Web STOMP no longer supports WebSocket emulation
- Java and .NET client releases no longer track RabbitMQ server releases
- .NET client now supports .NET Core.
- Management plugin extensions now must target Cowboy 2.0
- Java client for RabbitMQ HTTP API
Changelog:
Bug Fixes
The following bugs have been fixed:
wnpa-sec-2017-47
The IWARP_MPA dissector could crash. (Bug 14236)
wnpa-sec-2017-48
The NetBIOS dissector could crash. (Bug 14249)
wnpa-sec-2017-49
The CIP Safety dissector could crash. (Bug 14250)
"tshark -G ?" doesn't provide expected help. (Bug 13984)
File loading is very slow with TRANSUM dissector enabled. (Bug 14094)
packet-knxnetip.c:936: bad bitmask ?. (Bug 14115)
packet-q931.c:1306: bad compare ?. (Bug 14116)
SSL Dissection bug. (Bug 14117)
Wireshark crashes when exporting various files to .csv, txt and other
'non-capture file' formats. (Bug 14128)
RLC reassembly doesn't work for RLC over UDP heuristic dissector.
Bug 14129)
HTTP Object export fails with long extension (possibly query string).
(Bug 14130)
3GPP Civic Address not displayed in Packet Details. (Bug 14131)
Wireshark prefers packet.dll in System32\\Npcap over the one in
System32. (Bug 14134)
PEEKREMOTE dissector does not decode 11ac MCS rates properly. (Bug 14136)
Visual Studio Community Edition 2015 lacks tools named in developer
guide. (Bug 14147)
TCP: Malformed data with Riverbed Probe option. (Bug 14150)
Wireshark Crash when trying to use Preferences | Advanced. (Bug 14157)
Right click on SMB2 Message ID and then Apply as Column causes Runtime
Error. (Bug 14169)
Return [Enter] should apply change (Column title - Button Label
toolbars). (Bug 14191)
Wireshark crashes if "rip.display_routing_domain" is set to TRUE in
preferences file. (Bug 14197)
Entry point inflatePrime not found for androiddump.exe and
randpktdump.exe. (Bug 14207)
BGP: IPv6 NLRI is received with Add-path ID, then Wire shark is not
able to decode the packet correctly. (Bug 14241)
Wrong SSL decryption when using EXTENDED MASTER SECRET and Client
certificate request (mutual authentication). (Bug 14243)
Frame direction isn't always set if it comes from the pcapng record
header rather than the packet pseudo-header. (Bug 14245)
Updated Protocol Support
3GPP NAS, BGP, CIP Safety, DTLS, IEEE 802.11 Radio, IWARP_MPA,
KNXnet/IP, LCSAP, MQTT, NetBIOS, PEEKREMOTE, Q.931, RIP, RLC, SIP,
SSL/TLS, TCP, and TRANSUM
Lua support no longer optional.
PowerDNS Recursor 4.1.0
===========================================================
- Improved DNSSEC support
- Improved documentation
- Improved RPZ support
- Improved EDNS Client Subnet support
- Support for Botan 2.x (and removal of support for Botan 1.10)
- SNMP support
- Lua engine has gained access to more parts of the recursor
- CPU affinity can now be specified
- TCP Fast Open support
- New performance metrics
Full changelog:
https://doc.powerdns.com/recursor/changelog/4.1.html
PowerDNS Recursor 4.0.7
===========================================================
- Insufficient validation of DNSSEC signatures (CVE-2017-15090)
- Cross-Site Scripting in the web interface (CVE-2017-15092)
- Configuration file injection in the API (CVE-2017-15093)
- Memory leak in DNSSEC parsing (CVE-2017-15094)
Bug fixes
- Update rec_control manpage
- Check in the detected OpenSSL/libcrypto for ECDSA
- Make more specific Netmasks < to less specific ones
- Fix validation at the exact RRSIG inception or expiration time
- Lowercase all outgoing qnames when lowercase-outgoing is set
- Fix libatomic detection on ppc64
- Edit configname definition to include the 'config-name' argument
Improvements
- Extract nested exception from Luawrapper
- Use explicit yes for default-enabled settings
- Throw an error when lua-conf-file can't be loaded
- get-remote-ring's "other" report should only have two items.
- PowerDNS sdig does not truncate trailing bits of EDNS Client Subnet
mask
- Only increase no-packet-error on the first read
- Add support for Botan 2.x
- Add more information to recursor cache dumps
- Fix typo in two log messages
- Add help text on autodetecting systemd support
- Be more resilient with broken auths
- Remove pdns.PASS and pdns.TRUNCATE
- Improve dnsbulktest experience in travis for more robustness
- Create socket-dir from init-script
- b.root renumbering, effective 2017-10-24
- Don't retry security polling too often when it fails
PowerDNS Authoritative Server 4.1.0
===========================================================
- Improved performance: 400% speedup in some scenarios
- Crypto API: DNSSEC fully configurable via RESTful API
- Improved documentation
- Database related improvements
- Enhanced tooling
- Support for TCP Fast Open
- Support for non-local bind
- Support for Botan 2.x (and removal of support for Botan 1.10)
- Our packages now ship with PKCS #11 support.
- Recursor passthrough removal
Full changelog:
https://doc.powerdns.com/authoritative/changelog/4.1.html
PowerDNS Authoritative Server 4.0.5
===========================================================
Fixes
- Fix for missing check on API operations (CVE-2017-15091)
- Bindbackend: do not corrupt data supplied by other backends in
getAllDomains
- API: prevent sending nameservers list and zone-level NS in rrsets
- gpgsql: make statement names actually unique
- Fix remotebackend params
- Fix godbc query logging
- For create-slave-zone, actually add all slaves, and not only first n
times
- Fix a regression in axfr-rectify + test
- When making a netmask from a comboaddress, we neglected to zero the
port
- Fix libatomic detection on ppc64
- Catch DNSName exception in the Zoneparser
- Publish inactive KSK/CSK as CDNSKEY/CDS
- Handle AFSDB record separately due to record structure.
- Treat requestor's payload size lower than 512 as equal to 512
- Correctly purge entries from the caches after a transfer
- Handle a signing pipe worker dying with work still pending
- Ignore SOA-EDIT for PRESIGNED zones.
- Check return value for all getTSIGKey calls.
Improvements
- Fix ldap-strict autoptr feature, including a test
- mydnsbackend: Add getAllDomains
- Stubresolver: Use only recursor setting if given
- LuaWrapper: Allow embedded NULs in strings received from Lua
- sdig: Clarify that the ednssubnet option takes "subnet/mask"
- Tests: Ensure all required tools are available
- PowerDNS sdig does not truncate trailing bits of EDNS Client Subnet
mask
- LuaJIT 2.1: Lua fallback functionality no longer uses Lua namespace
- Add support for Botan 2.x
- Ship ldapbackend schema files in tarball
- Collection of schema changes
- Fix typo in two log messages
- Add help text on autodetecting systemd support
- Use a unique pointer for bind backend's d_of
- Fix some of the issues found by @jpmens
Upstream changes:
3.3.2 (2018/01/02)
- support build on pkgsrc-2017Q4 (vala-0.38.1 and later)
- try to show images only if Content-Type is image/*
- update to mbedTLS-2.4.2
- implement --timeout-image option
Unsorted entries in PLIST files have generated a pkglint warning for at
least 12 years. Somewhat more recently, pkglint has learned to sort
PLIST files automatically. Since pkglint 5.4.23, the sorting is only
done in obvious, simple cases. These have been applied by running:
pkglint -Cnone,PLIST -Wnone,plist-sort -r -F
The actual cleanup has been done by pkglint:
* Added missing identifier comments
* Replaced ${PKGMANDIR} with a simple man, since the infrastructure does
all the magic for PLISTs
This has been a pkglint warning for several years now, and pkglint can even
fix it automatically. And it did for this commit.
Only in lang/mercury, two passes of autofixing were necessary because there
were nested variables.
* dhcp: when unicasting on L3, unicast on L2 as well
* dhcp: when rebooting, don't set cidaddr
* dhcp6: don't listen on IPv6 addresses when not using DHCPv6
* dhcp: only set probe state when probing (fixes REBOOT reason)
* linux: use IFA_F_NOPREFIXROUTE for IPv4 addresses
* ipv6: disable kernel RA if interface is active
* hooks: set protocol to link for link layer events
Bugfixes:
#4353: Symlinks as folder root broken on Windows
#4475: Discovering new files in a deleted directory does not resurrect the directory
#4561: "Panic: interface conversion: *errors.errorString is not net.Error" after restart
Enhancements:
#2299: Auto-accept shared folders from trusted devices
#4406: Empty directories in .stversions should be removed
#4476: Human readable errors on attempted deletion of non-empty directory
#4542: Support OneDrive folders on recent Windows 10
#4543: Add confirmation on Remove Folder / Device button
Changelog:
NSD 4.1.19
Dec 11, 2017
Bugfixes
* ignore fallthrough compiler warning in flex EOF rule.
* Fix warnings emitted by clang for --enable-packed. Alignment is
not a problem for x86_64, don't enable packed when the platform
requires aligned access.
* Fix spelling error in xfr-inspect.
* Fix 3392: Fix regression in 4.1.18 for notify lists with ip4 and ip6
targets.
* Add test for support of -Wno-address-of-packed-member for --enable-packed.
NSD 4.1.18
Nov 30, 2017
Features
* xfr-inspect, it is not installed, it prints xfr files from /tmp made
with 'make xfr-inspect' in the source dir.
* retry timeout between sending notifies dropped from 15 to 3 sec.
* NSD sends 16 notifies simultaneously.
* configure --enable-packed reduces memory usage, at expense of unaligned
reads. Saves about 17%.
* Save memory by selectively allocate precompiled nsec3 hashes, saves
about 16% memory.
* make ip-transparent option work on OpenBSD.
* Save about 2% memory by changing usage count size in name tree.
* Fix#2871: Increase number of sockets for xfrd transfers.
Bugfixes
* Fix gcc 7.1.1 warnings.
* Fix writev compile warning on FreeBSD.
* Fix#1446: A corrupted zone file "propagates" to good ones.
* nsd-control zonestatus prints wait time between attempts, for zones
that are in that waiting time.
* Fix collision printout of nsec3 to print name, hash and reverse.
* Fix#1567: Change crit to err log level for gettimeofday failure.
Add defines for compile without syslog.
* Fix crash for DS query when parent and child zones both configured
in nsd.conf and parent zone has not loaded properly.
Proposed by Nils Ratusznik in June on tech-pkg. In short, the rules are
from 2012; they are too outdated to be useful.
No one spoke up for keeping the package. If you want to bring it back,
feel free to do so, after updating it.
**** 1.14 Dec 15, 2017
Fix rt.cpan.org #123702
'use base' should not be used in packages with several
subpackages defined
Fix rt.cpan.org #123676
Net::DNS::Nameserver malformed message on big axfr
Changes:
2017.12.28
----------
Extractors
+ [internazionale] Add support for internazionale.it (#14973)
* [playtvak] Relax video regular expression and make description optional
(#15037)
+ [filmweb] Add support for filmweb.no (#8773, #10368)
+ [23video] Add support for 23video.com
+ [espn] Add support for fivethirtyeight.com (#6864)
+ [umg:de] Add support for universal-music.de (#11582, #11584)
+ [espn] Add support for espnfc and extract more formats (#8053)
* [youku] Update ccode (#14880)
+ [openload] Add support for oload.stream (#15070)
* [youku] Fix list extraction (#15065)
2017.12.23
----------
Core
* [extractor/common] Move X-Forwarded-For setup code into _request_webpage
+ [YoutubeDL] Add support for playlist_uploader and playlist_uploader_id in
output template (#11427, #15018)
+ [extractor/common] Introduce uploader, uploader_id and uploader_url
meta fields for playlists (#11427, #15018)
* [downloader/fragment] Encode filename of fragment being removed (#15020)
+ [utils] Add another date format pattern (#14999)
Extractors
+ [kaltura] Add another embed pattern for entry_id
+ [7plus] Add support for 7plus.com.au (#15043)
* [animeondemand] Relax login error regular expression
+ [shahid] Add support for show pages (#7401)
+ [youtube] Extract uploader, uploader_id and uploader_url for playlists
(#11427, #15018)
* [afreecatv] Improve format extraction (#15019)
+ [cspan] Add support for audio only pages and catch page errors (#14995)
+ [mailru] Add support for embed URLs (#14904)
* [crunchyroll] Future-proof XML element checks (#15013)
* [cbslocal] Fix timestamp extraction (#14999, #15000)
* [discoverygo] Correct TTML subtitle extension
* [vk] Make view count optional (#14979)
* [disney] Skip Apple FairPlay formats (#14982)
* [voot] Fix format extraction (#14758)
2017.12.14
----------
Core
* [postprocessor/xattr] Clarify NO_SPACE message (#14970)
* [downloader/http] Return actual download result from real_download (#14971)
Extractors
+ [itv] Extract more subtitles and duration
* [itv] Improve extraction (#14944)
+ [byutv] Add support for geo restricted videos
* [byutv] Fix extraction (#14966, #14967)
+ [bbccouk] Fix extraction for 320k HLS streams
+ [toutv] Add support for special video URLs (#14179)
* [discovery] Fix free videos extraction (#14157, #14954)
* [tvnow] Fix extraction (#7831)
+ [nickelodeon:br] Add support for nickelodeon brazil websites (#14893)
* [nick] Improve extraction (#14876)
* [tbs] Fix extraction (#13658)
Changes:
1.1.1
-----
* Added support for:
`slideshare` - <https://www.slideshare.net/> (#54)
* Added pool- and post-extractors for `sankaku`
* Added OAuth user authentication for `deviantart`
* Updated `luscious` to support `members.luscious.net` URLs (#55)
* Updated `mangahere` to use their new domain name (mangahere.cc) and mobile URLs
* Updated `gelbooru` to not be restricted to the first 20,000 images (#56)
* Fixed extraction issues for `nhentai` and `khinsider`
Upstream change:
mikutter 3.6.0
* World
* Twitter functions are now implemented as a plugin
* Service is no longer available, so the World plugin provides an equivalent
of Service
* Spell
* Form DSL
* generalized modules for settings etc. so make it possible to use it
in Dialog etc.
* photo select
* select images
* label
* link (Model viewer)
* Dialog DSL/dialog method
* universal interface for plugins to show a dialog box
* no dependencies on Gtk
* Photo Model
* preserve image URLs for multiple sizes and use a proper larger size
one for requested image
* new setting in config for the maxinum number of tweets in timelines
* settings
* tree structure in side menu by "settings" block
* improve drawing speed for settings with many items
* appearance settings for PostBox and World Shifter
* requires Ruby 2.3 and later
* gems for mikutter project
* use Diva gem
* new gem derived from mikutter
* replacement of Retriever, mikutter still provides Retriever compatible
interfaces
* Delayer Deferred 2
* async/await
pkgsrc changes:
- DEPENDS on ruby-idn gem
Upstream changes:
https://github.com/twitter/twitter-text/blob/master/rb/CHANGELOG.md
## [2.1] - 2017-12-20
### Added
- This CHANGELOG.md file
### Changed
- Top-level namespace changed from `Twitter` to `Twitter::TwitterText`. This
resolves a namespace collision with the popular
[twitter gem](https://github.com/sferik/twitter). This is considered
a breaking change, so the version has been bumped to 2.1. This fixes
issue [#221](https://github.com/twitter/twitter-text/issues/221),
"NoMethodError Exception: undefined method `[]' for nil:NilClasswhen
using gem in rails app"
## [2.0.2] - 2017-12-18
### Changed
- Resolved issue
[#211](https://github.com/twitter/twitter-text/issues/211), "gem
breaks, asset file is a dangling symlink"
- config files, tld_lib.yml files now copied into the right place
- Rakefile now included `prebuild`, `clean` tasks
(no changelog for 2.0; 2.0.1 changes are mentioned in the 2.0.2 entry)
* Quiet type conversion warnings by adding const to one of the logging
functions
* Don't confuse the C preprocessor by converting one arg into two.
Fixes build on NetBSD/8.0 with SSP.
Bump PKGREVISION.
1.14.13
api-change:mediastore-data: Update mediastore-data command to latest version
api-change:route53: Update route53 command to latest version
api-change:apigateway: Update apigateway command to latest version
1.14.12
api-change:cloudwatch: Update cloudwatch command to latest version
1.5.3
api-change:route53: [botocore] Update route53 client to latest version
api-change:apigateway: [botocore] Update apigateway client to latest version
api-change:mediastore-data: [botocore] Update mediastore-data client to latest version
1.5.2
bugfix:presigned-url: [botocore] Fixes a bug where content-type would be set on presigned requests for query services.
api-change:cloudwatch: [botocore] Update cloudwatch client to latest version
1.8.17
api-change:route53: Update route53 client to latest version
api-change:apigateway: Update apigateway client to latest version
api-change:mediastore-data: Update mediastore-data client to latest version
1.8.16
bugfix:presigned-url: Fixes a bug where content-type would be set on presigned requests for query services.
api-change:cloudwatch: Update cloudwatch client to latest version
1.14.11
api-change:appstream: Update appstream command to latest version
1.14.10
api-change:apigateway: Update apigateway command to latest version
api-change:ses: Update ses command to latest version
bugfix:s3: Fixes a bug where calling the CLI from a context that has no stdin resulted in every command failing instead of only commands that required stdin.
1.14.9
api-change:codedeploy: Update codedeploy command to latest version
bugfix:sagemaker-runtime: Renamed the runtime.sagemaker service to sagemaker-runtime to be more consistent with existing services. The old service name is now aliased to sagemaker-runtime to maintain backwards compatibility.
api-change:workmail: Update workmail command to latest version
1.5.1
api-change:appstream: [botocore] Update appstream client to latest version
1.5.0
bugfix:Filters: Fixes a bug where parameters passed to resource collections could be mutated after the collections were created.
api-change:ses: [botocore] Update ses client to latest version
enhancement:credentials: [botocore] Moved the JSONFileCache from the CLI into botocore so that it can be used without importing from the cli.
feature:botocore dependency: Update dependency strategy to always take a floor on the most recent version of botocore. This means whenever there is a release of botocore, boto3 will release as well to account for the new version of botocore.
api-change:apigateway: [botocore] Update apigateway client to latest version
1.8.15
api-change:appstream: Update appstream client to latest version
1.8.14
api-change:ses: Update ses client to latest version
enhancement:credentials: Moved the JSONFileCache from the CLI into botocore so that it can be used without importing from the cli.
api-change:apigateway: Update apigateway client to latest version
1.8.13
api-change:codedeploy: Update codedeploy client to latest version
bugfix:sagemaker-runtime: Renamed the runtime.sagemaker service to sagemaker-runtime to be more consistent with existing services. The old service name is now aliased to sagemaker-runtime to maintain backwards compatibility.
bugfix:Stubber: This change makes the error handling more verbose in the case where a stubbed method has been called, but the Stubber is not expecting a call.
api-change:workmail: Update workmail client to latest version
- Updating fast_xml to version 1.1.25.
- Add support for NS_MAM_2
- Improve handling of pubsub requests
- Add support for RFC 7622
- Allow multiple text element inside stanza/stream_error
From Changelog:
* Remove blinking cursor from UI
Gerrit Renker <renker@ualberta.ca>
* Treat multicast packets as incoming, rather than incoming (IPv4) or not at
all (IPv6).
Andreas Schwab <schwab@linux-m68k.org>
* Minor fixes to the man page
* Man page documentation of -t mode.
* Compile time warning fixes.
Markus Koschany <apo@gambaru.de>
* Added text output mode (-t option)
Roman Hoog Antink <rha@open.ch> (originally by Patrik Bless)
* Fix for memory leak when DNS resolution is turned off
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677141
Olivier Allard-Jacquin <olivieraj@free.fr>
* Various typos in the UI
Gerben Roest <g.roest@grepit.nl>
* Documentation fixes
A. Costa <agcosta@gis.net> (via Debian)
* Fix for armeb specific bug
Lennert Buytenhek <buytenh+debian@wantstofly.org> (via Debian)
* Fix frozen order drives line totals crazy.
Max Alekseyev <relf@os2.ru> (via Debian)
* Fix for crash on arm.
Joey Hess <joeyh@debian.org> (via Debian)
* Fixed behaviour of "-b" option.
Eric Cooper <ecc@cmu.edu> (via Debian)
* Support for PFLOG Interfaces
Richard Tóth <risko@iklub.sk>
* Support for IPv6
* Fix for performance issue with address hashing
* Fix for failing link address detection for GNU/kfreebsd
* Multiple portability fixes
Mats Erik Andersson <mats.andersson@gisladisker.se>
* Improved behaviour of sort in sent/recv only mode
Damián Viano <des@debian.org>
* FreeBSD compilation fix
* IPv6 reverse resolution
Frédéric Perrin <frederic.perrin@resel.fr>
* Improved IPv6 code (removed s6_addr32 dependency)
* Fixed support for DLT_NULL
Scott Bertilson <ssb@umn.edu>
* Typo in usage message
* Workaround for PuTTY issue (https://bugzilla.redhat.com/show_bug.cgi?id=546032)
* Updates to licence text (change in FSF address)
* Avoid an assertion failure if an "invalid" (as in outside of IPv4 or IPv6)
address family is encountered (Red Hat bugs #839750, #847124, #868065, #961236
and #1007434)
* enable building iftop with more recent versions of autoconf/automake
* patch to remove compile time warnings
* Fix to avoid system call in text mode wherever possible.
Robert Scheck <robert@fedoraproject.org>
* Attempt to detect if interface is actually up when doing autodetection.
* Fixed segfault when selecting interfaces with empty MAC address (e.g. gprs
interface on Nokia N900)
Graham Inggs <graham@nerve.org.za>
* Avoid autodetecting wmaster interfaces
* Experimental support for IEEE802_11 radiotap interfaces (DLT 127)
* Fixed segfault / hang when supplying multiple -i options
* Added missing docs for -m option.
- no upstream activity for 4 years
- net/ruby-twitter gem includes the same functionality
- the only consumer net/ruby-tw no longer requires this gem
(switched to using userstream in twitter gem)
Changes:
1.1.0
-----
* Added the `-r/--limit-rate` command-line option to set a maximum download
rate
* Added the `--sleep` command-line option to specify the number of seconds
to sleep before each download
* Updated `gelbooru` to no longer use their now disabled API
* Fixed SWF extraction for `sankaku` (#52)
* Fixed extraction issues for `hentai2read` and `khinsider`
* Removed the deprecated `--images` and `--chapters` options
* Removed the `mangazuki` module
Major new features in 1.8:
- JSON stats
- server templates
- dynamic cookies
- per-certificate "bind" configuration
- pipelined and asynchronous SPOE
- seamless reloads
- PCRE2 support
- hard-stop-after
- support for OpenSSL asynchronous crypto engines
- replacement of the systemd-wrapper with a new master-worker model
- DNS autonomous resolver
- DNS SRV records
- configurable severity output on the CLI
- TLS 1.3 with support for Early-Data (AKA 0-RTT) on both sides
- multi-thread support
- HTTP/2 support
- small objects cache
For full changelog in 1.8, see:
http://www.haproxy.org/download/1.8/src/CHANGELOG
* Mark routes as set by RA/DHCP in Linux
* Don't flush prefix routes/routers if kernel does not support RA
* Remove OpenBSD route labels
* dhcp: improve errors around UDP checksum failure
* dhcp: announce existing addresses before rebooting
* bpf: rework loop so that we can close/reopen fd inside and abort
* ipv6nd: don't handle NA/RA for non active interfaces
* dhcp6: listen on all addresses in non master mode
* dhcpcd-run-hooks: set protocol in dhcpcd, don't guess
* Ensure that xid is unique across all interfaces
* dhcp6: redirect message to interface which uses the xid
* bsd: strip scope from LL addresses when detecting their addition
* ipv6nd: fix address lifetime overflow on carrier up
* dhcp6: fix confirmation of lease on carrier up
* eloop: fix signal catching before eloop is started on Linux
Highlights:
* get_iplayer no longer lists all programmes when invoked without a
search argument. If you wish to list all programmes, you must now
explicitly specify a wildcard search: get_iplayer ".*" - note the
quotes. The Web PVR Manager does that by default. Also remember to
use --refresh for ad hoc cache updates.
* get_iplayer no longer automatically attempts to add higher-quality
audio to "hls" mode downloads (functionality introduced in v3.03).
Some output files were being produced with audio and video out of
sync. get_iplayer should never produce output worse that what is
offered by iPlayer, so that functionality is now optional. Use the
new --hls-hq-audio option to enable it, and heed the warning that
you may need to edit your output files to sync audio and video. The
--no-hq-audio option is now ignored and will be removed in the next
release. If you added it to your preferences, remove it now with
get_iplayer --prefs-del --no-hq-audio. (@notnac)
* Added --audio-only option to download only the audio stream for a
TV programme. It is intended to enable users with visual
impairments to skip downloading the video stream for programmes
with audio description, but it can be used for any programme. It
does not work with "hls" modes, however, so do not try to use it
with --tvmode=hlshd, for example. Use of --audio-only also enables
--force so that you can re-download a different audio track for a
previously-downloaded TV programme. That will also produce an
additional entry in your download history for the audio file.
Audio-only downloads produce .m4a files.
* Web PVR: Updated to support HTTPS URLs for Quick URL recording. The
BBC has begun redirecting iPlayer episode pages to secure
equivalents, and Web PVR limitations have required changing
"https:" to "http:" for pages used in the Quick URL box. This did
not affect the CLI or recording from search results in Web PVR.
* Added support for World Service programme PIDs beginning with "w".
These WS programmes released since 11 Aug could not be downloaded
because their PIDs were not recognised by get_iplayer.
https://github.com/get-iplayer/get_iplayer/wiki/releasenotes
This project implements a simple STUN server and client on Windows, Linux,
and Solaris. The STUN protocol (Simple Traversal of UDP through NATs) is
described in the IETF RFC 3489.
This catches up with the project which has apparently moved
to github.com. With it comes fixes for two known CVEs (CVE-2016-6160,
CVE-2017-6429). There is otherwise a large set of changes,
see the release history on github for the details.
The license changed to gnu-gpl-v3, LICENSE setting added.
Changes in version 0.3.1.9 - 2017-12-01:
Tor 0.3.1.9 backports important security and stability fixes from the
0.3.2 development series. All Tor users should upgrade to this
release, or to another of the releases coming out today.
o Major bugfixes (security, backport from 0.3.2.6-alpha):
- Fix a denial of service bug where an attacker could use a
malformed directory object to cause a Tor instance to pause while
OpenSSL would try to read a passphrase from the terminal. (Tor
instances run without a terminal, which is the case for most Tor
packages, are not impacted.) Fixes bug 24246; bugfix on every
version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
Found by OSS-Fuzz as testcase 6360145429790720.
- Fix a denial of service issue where an attacker could crash a
directory authority using a malformed router descriptor. Fixes bug
24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
and CVE-2017-8820.
- When checking for replays in the INTRODUCE1 cell data for a
(legacy) onion service, correctly detect replays in the RSA-
encrypted part of the cell. We were previously checking for
replays on the entire cell, but those can be circumvented due to
the malleability of Tor's legacy hybrid encryption. This fix helps
prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
and CVE-2017-8819.
o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
- Fix a use-after-free error that could crash v2 Tor onion services
when they failed to open circuits while expiring introduction
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
also tracked as TROVE-2017-013 and CVE-2017-8823.
o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
- When running as a relay, make sure that we never build a path
through ourselves, even in the case where we have somehow lost the
version of our descriptor appearing in the consensus. Fixes part
of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
as TROVE-2017-012 and CVE-2017-8822.
- When running as a relay, make sure that we never choose ourselves
as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
o Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
- Fix an issue causing DNS to fail on high-bandwidth exit nodes,
making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
identifying and finding a workaround to this bug and to Moritz,
Arthur Edelstein, and Roger for helping to track it down and
analyze it.
o Minor features (bridge):
- Bridges now include notice in their descriptors that they are
bridges, and notice of their distribution status, based on their
publication settings. Implements ticket 18329. For more fine-
grained control of how a bridge is distributed, upgrade to 0.3.2.x
or later.
o Minor features (directory authority, backport from 0.3.2.6-alpha):
- Add an IPv6 address for the "bastet" directory authority. Closes
ticket 24394.
o Minor features (geoip):
- Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
Country database.
o Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
- Avoid unnecessary calls to directory_fetches_from_authorities() on
relays, to prevent spurious address resolutions and descriptor
rebuilds. This is a mitigation for bug 21789. Fixes bug 23470;
bugfix on in 0.2.8.1-alpha.
o Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
- Fix unused variable warnings in donna's Curve25519 SSE2 code.
Fixes bug 22895; bugfix on 0.2.7.2-alpha.
o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
- When a circuit is marked for close, do not attempt to package any
cells for channels on that circuit. Previously, we would detect
this condition lower in the call stack, when we noticed that the
circuit had no attached channel, and log an annoying message.
Fixes bug 8185; bugfix on 0.2.5.4-alpha.
o Minor bugfixes (onion service, backport from 0.3.2.5-alpha):
- Rename the consensus parameter "hsdir-interval" to "hsdir_interval"
so it matches dir-spec.txt. Fixes bug 24262; bugfix
on 0.3.1.1-alpha.
o Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
- Avoid a crash when transitioning from client mode to bridge mode.
Previously, we would launch the worker threads whenever our
"public server" mode changed, but not when our "server" mode
changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.
1.14.1
api-change:ssm: Update ssm command to latest version
api-change:waf: Update waf command to latest version
api-change:lightsail: Update lightsail command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:resource-groups: Update resource-groups command to latest version
api-change:waf-regional: Update waf-regional command to latest version
1.8.5
api-change:autoscaling: Update autoscaling client to latest version
api-change:waf: Update waf client to latest version
api-change:waf-regional: Update waf-regional client to latest version
api-change:resource-groups: Update resource-groups client to latest version
api-change:ssm: Update ssm client to latest version
api-change:lightsail: Update lightsail client to latest version
api-change:ec2: Update ec2 client to latest version
Bonjour provides service advertising and discovery on the local
network via multicast DNS. These files use SWIG to provide a Python
interface for use by applications to interact with Bonjour.through
mDNSResponder.
1.12.2
api-change:mediastore: Update mediastore command to latest version
api-change:mediastore-data: Update mediastore-data command to latest version
api-change:medialive: Update medialive command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:mediapackage: Update mediapackage command to latest version
1.8.2
api-change:mediapackage: Update mediapackage client to latest version
api-change:medialive: Update medialive client to latest version
api-change:mediastore: Update mediastore client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:mediastore-data: Update mediastore-data client to latest version
1.8.1
bugfix:Credentials: Fixes a bug causing cached credentials to break in the CLI on Windows.
api-change:acm: Update acm client to latest version
1.8.0
api-change:rekognition: Update rekognition client to latest version
api-change:emr: Update emr client to latest version
api-change:xray: Update xray client to latest version
feature:Credentials: When creating an assume role profile, you can now specify a credential source outside of the config file using the credential_source key.
api-change🛡️ Update shield client to latest version
api-change:cloudformation: Update cloudformation client to latest version
feature:Credentials: When creating an assume role profile, you can now specify another assume role profile as the source. This allows for chaining assume role calls.
api-change:codebuild: Update codebuild client to latest version
feature:credentials: Adds support for the process credential provider, allowing users to specify a process to call to get credentials.
api-change:apigateway: Update apigateway client to latest version
api-change:storagegateway: Update storagegateway client to latest version
enhancement:Response: Allow reads of zero on streaming bodies
Changelog:
- Increase maximum tweet length to 280 characters
- Increase maximum name length to 50 characters and improve
certain parts of the UI to cope better with longer names
- Fix the emoji button not showing up in the compose window
- Update translations
Changes:
1.0.2
-----
* Added an option to set a custom user-agent string
* Improved retry behavior for failed HTTP requests
* Improved `seiga` by providing better metadata and getting more than the
latest 200 images
* Improved `tumblr` by adding support for all post types, scanning for inline
images and following external links] (#48)
* Fixed extraction issues for `hbrowse`, `khinsider` and `senmanga`
2017/11/21 (1.1)
* Add facility to add HTTP *Basic* Auth
* Require LWP::Protocol::https to be installed
(hey, it's 2017, we can assume that https is available....)
This implicitly fixes bug 118475 "XML::RPC not reporting error if https connection requested but LWP::Protocol::https not installed"
* Implement recommended patch for #75078 "autodetection of XML datatyp <i4> for string of digits starting with 0"
2017/11/21 (1.0) Rene "cavac" Schickbauer
* First release by me for this module
* Integrate/Merge changes from XML::RPC::CustomUA
(and deprecate CustomUA module at the same time)
2.54.1
======
* gnutls: Fix using different client certs for different connections
[#781578, Martin Pitt]
* Updated translations: Catalan (Valencian), Greek, Persian
Bug Fixes
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2017-42
BT ATT dissector crash ([2]Bug 14049) [3]CVE-2017-15192
* [4]wnpa-sec-2017-43
MBIM dissector crash ([5]Bug 14056) [6]CVE-2017-15193
* [7]wnpa-sec-2017-44
DMP dissector crash ([8]Bug 14068) [9]CVE-2017-15191
The following bugs have been fixed:
* Wireshark crash when end capturing with "Update list of packets in
real-time" option off. ([10]Bug 13024)
* Diameter service response time statistics broken in 2.2.4. ([11]Bug
13442)
* Some Infiniband Connect Req fields are not decoded correctly.
([12]Bug 13997)
* wireshark-2.4.1/epan/dissectors/packet-dmp.c:1034: sanity check in
wrong place ?. ([13]Bug 14016)
* [oss-fuzz] ASAN: 232 byte(s) leaked in 4 allocation(s). ([14]Bug
14025)
* [oss-fuzz] ASAN: 47 byte(s) leaked in 1 allocation(s). ([15]Bug
14032)
* RTP Analysis "save as CSV" saves twice the forward stream, if two
streams are selected. ([16]Bug 14040)
* Cannot Apply Bitmask to Long Unsigned. ([17]Bug 14063)
Updated Protocol Support
BT ATT, DCERPC, DMP, E.212, H.248, InfiniBand, MBIM, RPC, and WSP
2017-11-06 - FileZilla Client 3.29.0 released
Bugfixes and minor changes:
Fix activity indicators not working after the update check has been run
2017-10-31 - FileZilla Client 3.29.0-rc1 released
New features:
Added new quick search filter to file lists, accessed through Ctrl+F
FTP over TLS: Mismatched hostnames are now highlighted in red in the certificate verification dialog
Filters using regular expressions can now be case-insensitive
Bugfixes and minor changes:
Explicitly wait for the settings to be written to disk before removing the backup file to prevent loss of data in case of system crashes
