0.9.1
=====
- Use https for all connections (bug #13645)
- Use the latest sunrise API (2.0) (bug #14972)
- Use xfce_panel_plugin_get_icon_size so the weather icon respects the
panel's configured icon size
- Fix link to the met.no logo
- Translation updates: Belarusian, Bulgarian, Catalan, Chinese (China),
Chinese (Taiwan), Czech, Danish, Dutch, English (Australia), Finnish,
French, Galician, German, Greek, Hebrew, Hungarian, Icelandic,
Italian, Japanese, Korean, Lithuanian, Malay, Polish, Portuguese,
Portuguese (Brazil), Russian, Serbian, Slovak, Spanish, Swedish, Thai,
Turkish, Ukrainian
Mostly based on work by tuxillo in pkgsrc-wip with some changes and additions
by me.
Gitea is a community managed fork of Gogs, lightweight code hosting solution
written in Go and published under the MIT license.
MediaTek mt7623 SoC than the previous 2019.01-rc2.
- Pull down the necessary SDMMC binary headers and preloader from BPI's
Github repository, and use them to assemble an image that can be written
directly to an SD card before adding an MBR partition table.
libmpg123 is the internally preferred mp3 decoder, according to codecs.conf.
The ffmpeg fallback complains a lot about many audio streams, causing
stuttering sound. Using mpg123 should avoid that.
2019.03.24 - GNU nano 4.0 "Thy Rope of Sands"
• An overlong line is no longer automatically hard-wrapped.
• Smooth scrolling (one line at a time) has become the default.
• A newline character is no longer automatically added at end of buffer.
• The line below the title bar is by default part of the editing space.
• Option --breaklonglines (-b) turns automatic hard-wrapping back on.
• Option --jumpyscrolling (-j) gives the chunky, half-screen scrolling.
• Option --finalnewline (-f) brings back the automatic newline at EOF.
• Option --emptyline (-e) leaves the line below the title bar unused.
• <Alt+Up> and <Alt+Down> now do a linewise scroll instead of a findnext.
• Any number of justifications can be undone (like all other operations).
• When marked text is justified, it becomes a single, separate paragraph.
• Option --guidestripe=<number> draws a vertical bar at the given column.
• Option --fill=<number> no longer turns on automatic hard-wrapping.
• When a line continues offscreen, it now ends with a highlighted ">".
• The halfs of a split two-column character are shown as "[" and "]".
• A line now scrolls horizontally one column earlier.
• The bindable functions 'cutwordleft' and 'cutwordright' were renamed
to 'chopwordleft' and 'chopwordright' as they don't use the cutbuffer.
• The paragraph-jumping functions were moved from Search to Go-to-Line.
• Option --rebinddelete is able to compensate for more misbindings.
• Options --morespace and --smooth are obsolete and thus ignored.
• The --disable-wrapping-as-root configure option was removed.
Changelog:
trust: Improve error handling if backed trust file is corrupted [#206]
url: Prefer upper-case letters in hex characters when encoding [#193]
trust/extract-jks.c: also honor SOURCE_DATE_EPOCH time [#202]
virtual: Prefer fixed closures to libffi closures [#196]
Fix issues spotted by coverity and cppcheck [#194, #204]
Build and test fixes [#164, #191, #199, #201]
* Startup is now way faster, especially when using DoH servers.
* A new action: CLOAK is logged when queries are being cloaked.
* A cloaking rule can now map to multiple IPv4 and IPv6 addresses, with load-balancing.
* New option: refused_code_in_responses to return (or not) a REFUSED code on blacklisted queries. This is disabled by default, in order to work around a bug in Android Pie.
* Time-based restrictions are now properly handled in the generate-domains-blacklist.py script.
* Other improvements have been made to the generate-domains-blacklist.py script.
* The Windows service is now installed as NT AUTHORITY\NetworkService.
Changes since 5.7.2:
PLIST files are checked for non-ASCII characters. Even though pkgsrc
sets up the environment with LC_ALL=C, there are still some cases
of encoding errors. The case discussed on the tech-pkg mailing list
was lang/go112.
The checks for variable permissions ("may not be set in this file")
have been reworked completely. Many of the variable permissions had
different rules for Makefile and Makefile.common. These different
rules tried to prevent accidental overwriting of variables. Starting
in July 2018, pkglint got a check for redundant variables that is
far more accurate than the previous variable permissions. Therefore
these fine-grained permissions are no longer necessary. This removes
a few hundred wrong warnings about insufficient permissions.
The check that adds missing SHA512 hashes to distinfo files has been
fixed to work correctly in DIST_SUBDIR cases.
Improved the checks regarding tools that are used by a package but
not added to USE_TOOLS. For example, the "make" tool is always
available, as are all tools that are added to TOOLS_CREATE.
Lots of small improvements, as always.
Changelog:
60.6.1
#CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information
#CVE-2019-9813: Ionmonkey type confusion with __proto__ mutations
60.6.0
#CVE-2019-9790: Use-after-free when removing in-use DOM elements
#CVE-2019-9791: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey
#CVE-2019-9792: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
#CVE-2019-9793: Improper bounds checks when Spectre mitigations are disabled
#CVE-2019-9794: Command line arguments not discarded during execution
#CVE-2019-9795: Type-confusion in IonMonkey JIT compiler
#CVE-2019-9801: Windows programs that are not 'URL Handlers' are exposed to web content
#CVE-2018-18506: Proxy Auto-Configuration file can define localhost access to be proxied
#CVE-2019-9788: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
Enterprise
In the network connections settings, sites added to the "No proxy for" list will now honor that setting regardless of any other specified proxy settings
Changelog:
60.6.0
fixed
Calendar: Can't create repeating event with end date when using certain time zones, for example Europe/Minsk
60.5.3
fixed
Problem when using "Send to > Mail recipient" on Windows introduced in version 60.5.2.
If files with non-ASCII characters in their name still cause a malfunction, use one of the following two alternative solutions:
Reset this registry entry
HKLM\SOFTWARE\Clients\Mail\Mozilla Thunderbird - SupportUTF8 to 0. Also reset HKLM\SOFTWARE\Wow6432Node\Clients\Mail\Mozilla Thunderbird - SupportUTF8 if present.
On Windows 10, set the system code page to UTF-8 (beta feature, see Region Settings, system locale)
Before, the tool arguments were written to the log as plain strings. Now
the arguments are properly quoted, which makes it possible to replay the
commands by copying them from the .work.log file.
This only affects tools that are shell builtins (echo, true, false), get
additional arguments (mkdir -p) or define a custom TOOLS_SCRIPT
(pkg-config, to set an environment variable; or autotools). Tools that
are symlinked to the real tool are not affected.
The calls to the compiler are already properly logged since cwrappers
takes care of that. This commit therefore makes the log entries for the
compilers and the other tools more similar.
3.8.0:
New features
* Speed-up ECC performance. ECDSA is 33 times faster on the NIST P-256 curve.
* Added support for NIST P-384 and P-521 curves.
* EccKey has new methods size_in_bits() and size_in_bytes().
* Support HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, and HMAC-SHA512 in PBE2/PBKDF2.
Resolved issues
* DER objects were not rejected if their length field had a leading zero.
* Allow legacy RC2 ciphers to have 40-bit keys.
* ASN.1 Object IDs did not allow the value 0 in the path.
Breaks in compatibility
* point_at_infinity() becomes an instance method for Crypto.PublicKey.ECC.EccKey, from a static one.
3.9.3
* Added cross-database support for NULLS FIRST/LAST when specifying the
ordering for a query. Previously this was only supported for Postgres. Peewee
will now generate an equivalent CASE statement for Sqlite and MySQL.
* Added [EXCLUDED](http://docs.peewee-orm.com/en/latest/peewee/api.html#EXCLUDED)
helper for referring to the EXCLUDED namespace used with INSERT...ON CONFLICT
queries, when referencing values in the conflicting row data.
* Added helper method to the model Metadata class for setting the table name
at run-time. Setting the Model._meta.table_name directly may have appeared
to work in some situations, but could lead to subtle bugs. The new API is
Model._meta.set_table_name().
* Enhanced helpers for working with Peewee interactively, [see doc](http://docs.peewee-orm.com/en/latest/peewee/interactive.html).
* Fix cache invalidation bug in DataSet that was originally reported on the
sqlite-web project.
* New example script implementing a [hexastore]
Because of the fixed new API changes, bump the API version in buildlink3.mk
to 2.0.3 - since 1.x API will likely disappear (it's already deprecated)
# log4cplus 2.0.3
- Fix compilation on systems without `O_CLOEXEC`. This affects, e.g.,
Solaris 10. GitHub issue #326. (Patch by Jiangrz).
- Provide `log4cplus::deinitialize()` to make the API symmetric
(`log4cplus::initialize()` already exists) and to allow
de-/initialization without `log4cplus::Initializer` instance. GitHub
issue #340.
- Deal with `register` keyword being generated in SWIG based bindings. The
keyword is unused and reserved in C++17. Remove use of
`std::unary_function`, it was removed in C++17.
- Add ability to define new log levels using C API. Add reconfiguration
API. (Jens Rehsack)
- Add `NDCMatchFilter` and `MDCMatchFilter`. (Franck)
Changelog:
Changes
Show autocompletion as soon as "@" is typed (server#13961)
Trim filename in webfrontend for windows compatibility (server#13978)
Clean code and fix drop zone shadow (server#13982)
Show original path in trashbin (server#14029)
Update icewind/smb to 3.0.1 (server#14068)
Fix: Check if `$this->params['user']` is an array (server#14085)
[Security] Bump lodash from 4.17.10 to 4.17.11 in /apps/updatenotification (server#14093)
[Security] Bump lodash from 4.17.10 to 4.17.11 in /apps/accessibility (server#14094)
[Security] Bump lodash from 4.17.10 to 4.17.11 in /apps/oauth2 (server#14095)
Make sure the relative path is always a string (server#14101)
Fix the thorrtler whitelist bitmask (server#14151)
[Security] Bump handlebars from 4.0.12 to 4.1.0 in /build (server#14187)
Fix recent files (server#14195)
Update CRL to contain revoked files_external_dropbox, passman & payback (server#14201)
Ensure attribute names are lower cased (server#14203)
Fix small glitches in update notification page (server#14207)
Fix expiration date changing (server#14212)
Fix trashbin restore translation (server#14213)
Remove trailing spaces from localized strings (server#14225)
Fixing phpdoc in FullTextSearch/Model/ISearchResult (server#14268)
Fix empty file uploads to S3 (and other streaming storages) (server#14273)
Do not do redirect handling when loggin out (server#14275)
Catch Request exception in testRemoteUrl (server#14277)
Correctly determinate the owner in case of shared external storages (server#14283)
Fix header label visibility on open menu (server#14287)
Prefix $path for filename for internal file cache (server#14288)
Set false as default for requirePNG (server#14292)
Use proper scroll container when dragging files (server#14301)
Fix OC.getCurrentUser() on guest pages (server#14308)
Fix ocm end-point discovery discovery (server#14312)
Apply theme to 2FA button (server#14331)
Fix "Undefined index: user_uid" on login page (server#14339)
Fix unsafe array access (server#14340)
Always query lookup server in GS mode (server#14368)
Use latest ca-bundle.crt from https://curl.haxx.se/docs/caextract.html (server#14371)
Try to support 7.3 for DAV (3rdparty#213)
Backport/stable15/streams 0.7.1 (3rdparty#244)
Don't add empty entries to the objects array (activity#347)
Ensure parameters are always an array (activity#350)
Bye, Scrutinizer! (notifications#293)
When a package or the infrastructure defined a tool with custom
TOOLS_ARGS or TOOLS_SCRIPT containing special characters, these could
lead to unintuitive interactions at the time when that tool invocation
was logged in the tool wrapper log. Some of the logging output ended up
on stdout, while some of the normal output ended up in the log, and parts
of the quoted arguments were even evaluated as shell commands.
The logging of the wrapped tool commands is not perfect yet, but at least
it's much more predictable now.
