* .dovecot.sieve.log file now includes year in the header.
* Change Sieve script result execution to delay definitive action
execution to the end of a successful Sieve script execution session.
This is part of an effort to solve problems with the Sieve duplicate
test. As a side-effect, some rare temporary-error cases yield
different results, in which partial failure is more likely.
* Any unexpected exit() will now result in a core dump. This can
especially help notice problems when a Lua script causes exit(0).
* auth-worker process is now restarted when the number of auth
requests reaches service auth-worker { service_count }. The default
is still unlimited.
+ Event improvements: Added data_stack_grow event and http-client
category. See https://doc.dovecot.org/admin_manual/list_of_events/
+ oauth2: Support RFC 7628 openid-configuration element. This allows
clients to support OAUTH2 for any server, not just a few hardcoded
servers like they do now. See openid_configuration_url setting in
dovecot-oauth2.conf.ext.
+ mysql: Single statements are no longer enclosed with BEGIN/COMMIT.
+ dovecot-sysreport --core supports multiple core files now and does
not require specifying the binary path.
+ imapc: When imap_acl plugin is loaded and imapc_features=acl is used,
IMAP ACL commands are proxied to the remote server. See
https://doc.dovecot.org/configuration_manual/mail_location/imapc/
+ dict-sql now supports the "UPSERT" syntax for SQLite and PostgreSQL.
+ imap: If IMAP client disconnects during a COPY command, the copying
is aborted, and changes are reverted. This may help to avoid many
email duplicates if client disconnects during COPY and retries it
after reconnecting.
- master process was using 100% CPU if service attempted to create more
processes due to process_min_avail, but process_limit was already
reached. v2.3.15 regression.
- Using attachment detection flags wrongly logged unnecessary "Failed
to add attachment keywords" errors. v2.3.13 regression.
- IMAP QRESYNC: Expunging UID 1 mail resulted in broken VANISHED
response, which could have confused IMAP clients. v2.3.13 regression.
- imap: STORE didn't send untagged replies for \Seen changes for
(shared) mailboxes using INDEXPVT. v2.3.10 regression.
- rawlog_dir setting would not log input that was pipelined after
authentication command.
- Fixed potential infinite looping with autoexpunging.
- Log event exporter: Truncate long fields to 1000 bytes
- LAYOUT=index: ACL inheritance didn't work when creating mailboxes
- Event filters: Unquoted '?' wildcard caused a crash at startup
- fs-metawrap: Fix to handling zero sized files
- imap-hibernate: Fixed potential crash at deinit.
- acl: dovecot-acl-list files were written for acl_ignore_namespaces
- program-client (used by Sieve extprograms, director_flush_socket)
may have missed status response from UNIX and network sockets,
resulting in unexpected failures.
Changes:
1.0
---
* Makefile: switch to use CPPFLAGS -D_DEFAULT_SOURCE preventing warning
messages on some systems.
* sfeed_curses:
* Fix (false-positive) compiler warnings with gcc 10.2+ and -Wall -O2.
* Check if capname is NULL for tparm(), noticed on netbsd-curses.
* Add [ and ] keybind to open the next visible feed in the pane while
keeping the current pane selection, thanks to adc for the feature
suggestion.
* Exit early on read errors and show a clear error message in these cases.
* Improve consistency of line counting (on an invalid file).
* Theme: add a version of the mono theme (mono_highlight) which highlights
the active panel.
* minicurses.h: fix parameter type for tparm() (long not int).
* sfeed_content:
* Content view optimizations.
* Show any other content-type than "html" as plain-text (because Atom
allows base64-encoded embedded content).
* Allow multiple file parameters as arguments.
* sfeed_markread:
* Make sure to use proper permissions when copying the merged temporary
file.
* For the unread items: create the file if it does not exist.
* Allow to set the url as a parameter or as an env variable.
* Use "-" instead of /dev/stdin which is slightly more portable.
* Code-style improvements.
* Documentation improvements: add examples, fix typos, etc.
Changes:
1.0
---
* Performance: enable unlocked I/O by default improving read performance.
* Makefile: switch to use CPPFLAGS -D_DEFAULT_SOURCE preventing warning
messages on some systems.
* sfeed:
* Fix regression with parsing RSS guid, by default ispermalink="true".
* Detect the proper mime-type for XHTML (application/xhtml+xml).
* Support short digit years for RSS pubDate fields (specified in obsoleted
RFC822).
* Improve content-type "type" attribute handling/buffering.
* Improve "ispermalink", "rel" and "type" attribute handling/buffering.
* Add support time fields for old/legacy Atom 0.3 feeds.
* sfeed_frames/sfeed_html: show the total counts and improve the title format
to match the sfeed_curses title.
* sfeed_gopher: unveil: show path when it failed (OpenBSD).
* sfeed_mbox: add environment variable to print content (off by default because
it can be insecure for some clients).
* sfeed_update: fix message when the configuration file does not exist yet.
* Portability and standards: add BSD-like err() and errx() functions.
* Code-style improvements.
* Documentation improvements: add examples, fix typos, etc.
* README: update newsboat export script to support the content-type field
which is added in newer newsboat versions.
Version 0.8.6, 2021-08-06
Bug-fix: the --parse-no-intraemph flag would set the condition (i.e.,
intra-emphasis was not parse) instead of unsetting it. Now it does the
correct thing.
packaging changes: Clean up scons arg scheme, and ensure that scons is
always called with the same args (other than the action).
3.23: 2020-08-06
doc/*xml all moved into www/internals.adoc
Convert all DocBook (.xml) to AsciiDoctor (.adoc)
Remove all XSL remnants.
gpsplot: speedup, add new options.
driver_ubx.c: Add decode for UBX-NAV-STATUS
gps/ubx.py: Improve decode for UBX-NAV-STATUS
cgps: Add popup help, interactive options.
Reorganize and split the man pages.
Small updates for u-blox M8 and M10
Deprecated mtk3331 and ashtech build options. Use nmea0183 instead.
gpssnmp: Move from contrib/ to clients, add manpage
Add www/gpsd-client-example-code.adoc
Add gpsdebuginfo script and man page.
ubxtool: Add BeiDou, Galileo, GLONASS, QZSS, and partial SBAS subframe decodes
Max serial port speed raised to 921,600.
SUBFRAME JSON now includes new fields to support multiple constellations.
gpsd: Add some ADR and UDR message partial decodes.
ubxtool: Add some ADR and UDR message polls and decodes.
Remove COMPASS_ENABLE. Always compile attitude code.
contrib/webgps.py: use argparse, arguments -V, --version, --no-html-head.
Add readonly flag to DEVICE JSON.
Control messages to gpsd now return JSON, instead of, sometimes, OK or ERROR.
gpsfake uses "# Date: yyyy-mm-dd" to set initial time.
Don't compute wrong GPS rollover after 2021-10-23.
Bump libgps to version 29.
Changelog:
Version 3.1.0
Monday, August 2, 2021
Features:
+ knotd: automatic zone catalog generation based on actual configuration
+ knotd: zone catalog supports configuration groups
+ knotd: support for ZONEMD validation and generation
+ knotd: basic support for TCP over XDP processing
+ knotd: configuration option for enabling IP route check in the XDP mode
+ knotd: support for epoll (Linux) and kqueue (*BSD, macOS) socket
polling
+ knotd: extended EDNS error (EDE) is added to the response if
appropriate
+ knotd: DNSSEC operation with extra ready public-only KSK is newly
allowed
+ knotd: new zone backup/restore filters for more variable component
specification
+ knotd: adaptive systemd service start timeout and new zone loading
status #733
+ knotd: configuration option for enabling TCP Fast Open on outbound
communication
+ knotd: when the server starts, zone NOTIFY is send only if not sent
already
+ knotc: zone reload with the force flag triggers reload of the zone and
its modules
+ libs: support for parsing and dumping SVCB and HTTPS resource records
+ kdig: support for TCP Fast Open along with DoT/DoH #549
+ kxdpgun: basic support for DNS over TCP processing
+ kxdpgun: current traffic statistics can be printed using a USR1 signal
+ python: new libknot/probe API wrapper
Improvements:
+ knotd: PID file is created even in the foreground mode
+ knotd: more robust and enhanced zone data backup and restore operations
+ knotd: maximum length of an XFR message is limited to 16 KiB for better
compression
+ knotd: maximum CNAME/DNAME chain depth per reply was decreased from 20
to 5
+ knotd: improved performance of processing domain names with many short
labels
+ knotd: adaptive limit on the number of LMDB readers to avoid problems
with many workers
+ knotd: TTL of generated NSEC(3) records is set to min(SOA TTL, SOA
minimum)
+ knotd: TTL of generated NSEC3PARAM is equal to TTL of NSEC3 records
+ knotd: maximum TCP segment size is restricted to 1220 octets on Linux #
468
+ knotc: various improvements in error reporting
+ knotc: default control timeout is infinity in the blocking mode
+ dnssec: dnskey generator tries to return a key with a unique keytag
+ kxdpgun: RLIMIT_MEMLOCK is increased only if not high enough
+ kxdpgun: RTNETLINK is used for getting network information instead of
the ip command
Bugfixes:
+ knotd: DNAME not applied more than once to resolve the query #714
+ knotd: root zone not correctly purged from the journal
+ kzonecheck: incorrect check for opt-outed empty non-terminal nodes
+ libzscanner: wrong error line number
+ libzscanner: broken multiline rdata processing if an error occurs
+ mod-geoip: NXDOMAIN is responded instead of NODATA #745
+ make: build fails with undefined references if building using slibtool
#722
Packaging:
+ knotd: systemd service reload uses 'kill -HUP' instead of 'knotc
reload'
+ kxdpgun: new library dependency libmnl
+ mod-dnstap: new package separate from the knot package
+ mod-geoip: new package separate from the knot package
Compatibility:
+ configure: option '--enable-xdp=yes' means use an external libbpf if
available
or use the embedded one
+ libzsanner: omitted TTL value is correctly set to the last explicitly
stated value (RFC 1035)
+ knotc: zone restore from an old backup (3.0.x) requires forced
operation
+ knotd: configuration option 'server.listen-xdp' is replaced with
'xdp.listen'
+ knotd: zone file loading with automatic SOA serial incrementation newly
requires having full zone in the journal
+ knotd: obsolete configuration options 'zone.disable-any',
'server.tcp-handshake-timeout'
are silently ignored
+ knotd: obsolete configuration options 'zone.max-zone-size',
'zone.max-journal-depth',
'zone.max-journal-usage', 'zone.max-refresh-interval',
'zone.min-refresh-interval' 'server.max-ipv4-udp-payload',
'server.max-ipv6-udp-payload', 'server.max-udp-payload',
'server.tcp-reply-timeout', 'server.max-tcp-clients' are ignored
+ knotd: obsolete default template options 'template.journal-db',
'template.kasp-db', 'template.timer-db',
'template.max-journal-db-size', 'template.journal-db-mode',
'template.max-timer-db-size', 'template.max-kasp-db-size' are
ignored
Version 3.0.8
Friday, July 16, 2021
Features:
+ knotc: new command for loading DNSSEC keys without dropping all RRSIGs
when re-signing
+ knotd: new policy configuration option for disabling some DNSSEC safety
features #741
+ mod-geoip: new dnssec and policy configuration options
Bugfixes:
+ knotd: early KSK removal during a KSK rollover if automatic KSK
submission check
is enabled and DNSKEY TTL is lower than the corresponding DS TTL
+ knotd: failed to generate a new DNSKEY if previously generated shared
key not available
+ knotd: periodical error logging when a PKCS #11 keystore failed to
initialize #742
+ knotd: zone commit doesn't check for missing SOA record
Version 3.0.7
Wednesday, June 16, 2021
Features:
+ knotd: new configuration policy option for CDS digest algorithm setting
#738
+ keymgr: new command for primary SOA serial manipulation in on-secondary
signing mode
Improvements:
+ knotd: improved algorithm rollover to shorten the last step of old
RRSIG publication
Bugfixes:
+ knotd: zone is flushed upon server start, despite DNSSEC signing is
up-to-date
+ knotd: wildcard nonexistence is proved on empty-non-terminal query
+ knotd: redundant wildcard proof for non-authoritative data in a reply
+ knotd: missing wildcard proofs in a wildcard-cname loop reply
+ knotd: incorrectly synthesized CNAME owner from a wildcard record #715
+ knotd: zone-in-journal changeset ignores journal-max-usage limit #736
+ knotd: incorrect processing of zone-in-journal changeset with SOA
serial 0
+ knotd: broken initialization of processing workers if SO_REUSEPORT(_LB)
not available
+ kjournalprint: reported journal usage is incorrect #736
+ keymgr: cannot parse algorithm name ed448 #739
+ keymgr: default key size not set properly
+ kdig: failed to process huge DoH responses
+ libknot/probe: some corner-case bugs
Version 3.0.6
Wednesday, May 12, 2021
Features:
+ mod-probe: new module for simple traffic logging (Python API not yet
included)
Improvements:
+ keymgr: new mode for listing zones with at least one key stored
+ keymgr: the pregenerate command accepts optional timestamp-from
parameter
+ kzonecheck: accept '-' as substitution for standard input #727
+ knotd: print an error when unable to change owner of a logging file
+ knotd: new warning log if no interface is configured
+ knotd: new signing policy check for NSEC3 iterations higher than 20
+ knotd: don't allow backup to/restore from the DB storage directory
+ Various code (mostly zone backup/restore), tests, and documentation
improvements
Bugfixes:
+ knotd: secondary fails to load zone file if HTTPS or SVCB record is
present #725
+ knotd: (KSK roll-over) new KSK is not signing DNSKEY long enough before
DS submission
+ knotd: (KSK roll-over) old KSK uselessly published after roll-over
finished
+ knotd: malformed address in TCP-related logs when listening on a UNIX
socket
+ knotd: server responds FORMERR instead of BADTIME if TSIG signed time
is zero #730
+ modules: incorrect local and remote addresses in the XDP mode
+ modules: failed to read configuration from a section without
identifiers
+ mod-synthrecord: queries on synthesized empty-non-terminals not
answered with NODATA
+ keymgr: confusing error if del-all-old command fails
Changelog:
22 July 2021: Wouter
- tag 4.3.7 release, with the fixes between rc1 and this release.
20 July 2021: Wouter
- Fix typo in xfrd-tcp.c.
15 July 2021: Wouter
- tag for 4.3.7rc1.
- Fix compile of cookies on FreeBSD without IPv6.
- Fix for loop initial declaration for nonc99 compiler.
14 July 2021: Wouter
- Fix truncate test for EDNS COOKIE making one less RR is added.
- Attempt to fix gcc11 warning.
13 July 2021: Willem
- Fixes for child server processes getting out of sync with the
dnstap-collector process
13 July 2021: Willem
- Interoperable DNS Cookies support as per RFC7873 and RFC9018
9 July 2021: Willem
- Client side DNS Zone Transfer-over-TLS (XoT) support as per
draft-ietf-dprive-xfr-over-tls
29 June 2021: Willem
- Fix#168: Buffer overflow in the dname_to_string() function
14 June 2021: Wouter
- Update configure nonblocking test to use host.
25 May 2021: Wouter
- Fix#179: log notice and server-count.
21 May 2021: Wouter
- Test code has -q option for quiet output.
17 May 2021: Wouter
- Update the ACX_CHECK_NONBLOCKING_BROKEN test for the configure
script.
7 May 2021: Wouter
- Fix#176: please review Loglevel on missing zonefile.
6 May 2021: Wouter
- Fix#174: NS Records below delegation are not ignored (nsd-checkzone
also does not raise any issue).
4 May 2021: Wouter
- Fix SVCB sort call sizeof to be the size of the elements sorted.
29 April 2021: Tom
- Implement Syntax of SVCB and HTTPS RR type as per draft-ietf-dnsop-svcb-https
13 April 2021: Wouter
- Fix for #128: Skip over sendmmsg invalid argument when port is zero.
- Fix#171: Invalid negative response (NSEC3) after IXFR.
- Fix to make nsec3_chain_find_prev return NULL if one nsec3 left.
- remove debug settings from unit test.
9 April 2021: Wouter
- Fix for #170: Fix build warnings when IPv6 is disabled.
- Fix#170: Disabled IPv6 and DNSTAP enabled triggers a build error.
30 March 2021: Wouter
- Fix configure failure for enable systemd because of autoconf.
- This became release 4.3.6, the repository continues for 4.3.7
in development.
29 March 2021: Wouter
- Note unlisted changes in RELNOTES and prepare for 4.3.6rc1 tag.
29 March 2021: Willem
- Per zone Access Control List for queries
with an allow-query: option.
24 March 2021: Wouter
- Update acx_nlnetlabs.m4 to version 38, fix deprecation test.
- Fix configure to use header checks with compile.
- Fix warning about unused function log_addr.
18 March 2021: Tom
- Add Extended DNS Errors RFC8914
15 March 2021: Wouter
- Fix double config.h include in configlexer.c
- Fix to remove configyyrename from makedist.sh and also
update the flex and bison rules there to add the "c_" prefix.
13 March 2021: Willem
- Fix#154: TXT with parentheses fails in 4.3.5.
- Align parsing of TXT elements with how bind does it.
- A -p option to nsd-checkzone to print a successfully read zone.
12 March 2021: Wouter
- Fix that wildcard is printed as a star instead of escaped, in
logs and in written zone files.
- Fix unit test for wildcard printout change.
11 March 2021: Wouter
- Fix#163: A TSIG noncompliance with RFC 2845.
9 March 2021: Willem
- Enable configuring a control-interface by interface name.
19 February 2021: Wouter
- Fix segfault on high verbosity for TLS channels with dnstap log
local address.
18 February 2021: Wouter
- Fix#146 with #147: DNSTAP log the local address of the server
with the dnstap logs.
16 February 2021: Wouter
- Man page documentation for dnstap options.
8 February 2021: Wouter
- Fix AF_LOCAL compile error for Solaris.
- Fix ifaddrs compile error for Solaris.
- Fix ifaddrs.h compile error for Solaris.
4 February 2021: Wouter
- Merge PR #153 from fobser: Repair -fno-common linker errors
automatically.
- Fix uninitialized access of log_buf in error printout on apply ixfr.
26 January 2021: Wouter
- Prevent a few more yacc clashes.
[0.7.4] - 2021-08-07
Added:
Add config for splash screen to check SHA256 hash of assets
Changed:
Bump rust-embed to 6.0.0
Bump tui to 0.16.0
Bump gpgme to 0.10.0
Center the options menu title
Fixed:
Mark the unsupported algorithms as unrecognized/unknown
Fix the failing test about options menu title
New in version 2.1.7
* incompatible change: on certain platforms (currently just
x86-64), dynamic-extent arrays specialized on character and
numeric types and created without either :INITIAL-ELEMENT or
:INITIAL-CONTENTS will reflect previous contents of the stack
instead of #\null (or 0) in all elements.
* minor incompatible change: SB-SPROF:START-PROFILING no longer
silently does nothing if the clock is already running. It
instead stop and restarts with the newly provided options, and
warns.
* minor incompatible change: the system attempts to refer to the
supplied pathname in compiler diagnostics, if relevant, rather
than the truename.
* enhancement: new contrib module sb-graph producing graphical
visualizations of Intermediate Representations of SBCL
compilation data structures.
* platform support:
* improved code generation for unary minus in modular contexts
on arm64.
* make the disassembler annotations slightly more robust on arm64.
* release space back to the Operating System on Windows.
* improve the test for whether pages need to be committed on Windows.
* fix a bug in the use of the VPCMPEQD opcode on
x86-64. (#1928516, thanks to Marco Heisig)
* optimization: the type of (LOOP ... COLLECT ...), and the type
of COLLECT INTO variables, is derived as LIST. (#1934577,
reported by SATO shinichi)
New in version 2.1.6
* minor incompatible change: COMPILE-FILE does not merge the input
file's pathname-directory into the output path if :OUTPUT-FILE
was specified and has a directory that is not :UNSPECIFIC.
* platform support:
* improvements to unwind code generation on arm64.
* on x86-64, accept three operands for vshufpd. (reported by
Bela Pecsek)
* on x86-64, improvements to use of popcount
* improve exception handling on 64-bit Windows. (thanks to
Luis Borges de Oliveira)
* bug fix: allow use of macros with improper argument
list. (#1929623, thanks to Sean Maher)
* bug fix: COERCE no longer attempts to guess what the user meant
if they provide a type specifier of a union of types other than
STRING. (#1929614)
* bug fix: print a single trailing zero after the decimal point
for FORMAT ~E if there are no digits remaining to be printed and
the width allows it. (#883520)
Many changes, including:
. Implemented &&& continuation lines, mainly for new replicator (see next).
. Implemented &* replication feature.
. Added escapes \<< and \>> for double typographic quotes.
. Implemented bracketed noteheads facility.
. Implemented key N.
. Transposition values of multiples of 11 or 12 caused PMW to give up with a
hard internal error for some note values.
. A maximum (accumulated) transposition value of 60 is now implemented. This
is 5 octaves, which should be enough for anybody.
. Added \nh\ and \nc\ so that individual notes can have noteheads set as
harmonic or cross. This makes it possible to have chords containing
different noteheads.
. Added /cx, /llc, /lrc, /rlc, and /rrc to slurs and lines to allow for
horizontal positioning by musical offset a la MusicXML.
. Added Unicode support for non-standardly encoded PostScript fonts via .utr
files.
. Added new "rest" letter T, the crotchet version giving a single slash beat
indicator and the whole bar rest version giving a "percent" repetition sign.
Version 3.18 04-May-2021
------------------------
1. Allow mark textblock and mark rectangle keystrokes in readonly mode (the
corresponding commands and the "copy" keystroke were already allowed; this was
an oversight).
2. Two casts in sysunix.c for the 2nd argument of tgetstr().
3. The buffers for file names were too small for very long file names. They
have been increased in size and put on the stack instead of statics in the
binary.
4. Some obsolete memory-handling code has been tidied up. Use size_t for memory
sizes. NE now frees all its memory via an atexit() function, but in screen mode
ncurses doesn't free everything (see various online discussions).
Version 3.17 21-October-2018
----------------------------
1. Added support for Page-up, Page-down, Home, and End keys via terminfo or
termcap.
2. Fix 2 for 3.16 had a bug when the build date was greater than the 9th of the
month.
Version 3.16 07-August-2018
---------------------------
1. In screen mode, if an empty line was given in response to the "Write" prompt
at the end of editing, NE crashed.
2. Refactor to use memcpy() instead of strncpy() when messing with substrings
in order to avoid GCC string truncation warnings.
3. Implemented the "unformat" command.
4. Allow up to function key 30 (previously was 29, don't know why), and set
function keystring 30 to "unformat".
5. When screen mode was temporarily suspended via the "*" command, if the
"load" or "g" commands required a user response, NE crashed.
6. Recognize -version as well as --version and -v since all other long options
have just a single hyphen.
Notable Items
InnoDB
* InnoDB no longer acquires advisory file locks by default (MDEV-24393)
* Encryption: Automatically disable key rotation checks for
file_key_management plugin (MDEV-14180)
* Some fixes from MySQL 5.7.35 (MDEV-26205)
* Fixed scrubbing on AIX (MDEV-26110)
* buf_pool.flush_list corrupted by buffer pool resizing or
ROW_FORMAT=COMPRESSED (MDEV-26200)
Optimizer
* A query that uses ORDER BY .. LIMIT clause and "Range checked for each
record optimization" could produce incorrect results under some
circumstances (MDEV-25858)
* Queries that have more than 32 equality conditions comparing columns
of different tables ("tableX.colX=tableY.colY) could cause a stack
overrun in the query optimizer (MDEV-17783, MDEV-23937)
* "Condition pushdown into derived table" optimization cannot be applied
if the expression being pushed refers to a derived table column which
is computed from expression that has a stored function call, @session
variable reference, or other similar construct. The fix for MDEV-25969
makes it so that only the problematic part of the condition is not
pushed. The rest of the condition is now pushed. (MDEV-25969)
* A query with window function on the left side of the subquery could
cause a crash. (MDEV-25630)
* Fixed the issue fixed in MySQL Bug #76803: DML or locking SELECT
statements that use outer joins could produce this warning in the
error log: [ERROR] InnoDB: Unlock row could not find a 3 mode lock on
the record. (MDEV-26106)
Security
* Fixes for the following security vulnerabilities:
* CVE-2021-2372
* CVE-2021-2389
- Bug fixes
- Opening a readonly file now only causes a warning
- Bracketed paste fix
- Terminal title fix
- Allow opting out of loading a backup file
- Default binding of Alt-Shift-f (Alt-F) for FindLiteral
- Find will prefill with selected text
- Syntax highlighting improvements (for nix, racket, v, rust, cpp,
erlang, nim)
- Minor documentation improvements
- Shellcheck linter support
