- improved support for Amazon Glacier
- removed support for Ubuntu One, which is closing shop
- new locking mechanism to avoid concurrent execution with same cache
- many other bugfixes and minor improvements. See CHANGELOG.
The gold linker is overly pedantic for dynamic references to symbols
with hidden visibility. It will spew error messages about weak symbols
in libc.so that ld.bfd does not complain about. Until the bug is resolved
disable the hidden symbol warnings. These warning also cause > 200
false failures in the gcc gnat.dg testsuite.
https://sourceware.org/bugzilla/show_bug.cgi?id=15574
This patch will keep the internal symbol warnings but suppress those
regaring symbols with hidden visibility because they aren't considered
errors by the bfd linker.
The Gold linker defaults to the use of --new-dtags which uses DT_RUNPATH
instead of DT_RPATH. In previous version of binutils, --new-dtags would
write set both DT_RUNPATH and DT_PATH, but not anymore. The problem is
that neither NetBSD nor OpenBSD runtime linkers properly handle it
AFAICT. Use macros to make DT_RPATH get set when -rpath switch is used
so that linked libraries can get found on these platforms.
Similarly, it appears that DT_INIT_ARRAY tags are also not handled by
rtld, so don't use these tags by default otherwise C++ will not link
on these platforms.
The copy-as-needed attribute has been left at its binutils default of
--no-copy-dt-needed. This has been the default since binutils 2.22.
The gold linker isn't a default option on binutils. Change the Makefile
to make gold build on recent *BSD. Tested on NetBSD 6.1.4 and OpenBSD 5.5.
Gold is known to build on FreeBSD although FreeBSD 10 may need additional
patches. Gold is part of the system binutils on DragonFly.
Version 5.8
New: Monit no longer purge the environment for sub-processes
New: Add command line option to view Monit ID (-i/--id)
New: Add command line option to reset Monit ID (-r/--resetid)
New: Add client support for using TLS version 1.1 and 1.2. A recent
1.x version of OpenSSL is required and of course that the server
speaks this TLS version. At this time, not many does. Example:
if failed port 443 with type TCPSSL tlsv11 protocol http then alert
New: Process UID, EUID and GID tests. Allows to test if the
process is running as a given user. Example:
check process syslog with pidfile /var/run/rsyslogd.pid
if failed uid "syslog" then alert
if failed euid "syslog" then alert
if failed gid "syslog" then alert
New: Add WebSocket protocol test support for port check. Example:
check host websocket.org with address "echo.websocket.org"
if failed
port 80 protocol websocket
host "echo.websocket.org"
request "/"
origin "http://www.websocket.com"
version 13
then alert
New: Simplified HTTP protocol test to allow testing content without
creating an URL object. It is now possible to say in a more natural way,
check host mmonit.com with address mmonit.com
if failed
port 80 protocol http
and request /monit/ with content = "Monit 5.7"
then alert
meaning that if the page mmonit.com/monit does not contain the text
"Monit 5.7" then the test will fail. To reverse the test, i.e. to test
that the page should not contain a specific string simply use '!='
instead, like,
if failed
port 80 protocol http
with content != "Nagios"
then alert
Remember also that the string to test can be a regular expression
New: The HTTP protocol test now support testing the HTTP status code
returned by the server by using "status <operator> <number>".
Backward compatible defaults (return error if status >= 400):
if failed
port 80 protocol http
and status < 400
then alert
Return error if a page DOES exist (for success 404 is expected):
if failed
port 80 protocol http
request "/non/existent.php"
status = 404
then alert
Fixed: Unix Socket test now use the communication type (TCP or UDP)
specified in port statement. Previously TCP was always used.
Fixed: Improved test to check if a socket was connected. Since we use
non-blocking connect, we now poll a few ms to avoid "connection failed,
XXX is not ready for i|o" errors which could occur, especially on high
latency networks or long distance connect.
Fixed: Simplified if-statements reported in UI
Fixed: Ignore lines starting with '#' in an 'allow htpasswd' file
statement. Thanks to Michael Bakker for reporting the issue
Fixed: Show service restart program on Monit startup in debug mode.
Thanks to Michael Bakker for reporting the issue
Version 5.7
New: Merged https://bitbucket.org/tildeslash/monit/pull-request/1/
from Philippe Kueck:
1) Handle sockets (unix domain) as regular files when checking timestamp.
2) Use mysql 4.1 protocol in MySQL check, required for checking mysql-proxy
3) Skip connection checks during startup timeout.
New: Arguments added to 'check program'. Arguments are whitespace
separated strings. For instance:
check program list-files with path "/bin/ls -l -r -t /tmp"
if status != 0 then alert
New: Implemented restart as an optional service action. When Monit
is called to restart a service, it previously called the stop
program registered with the service and then the start program.
Now, if a restart program is registred with the service, this
will be called instead, otherwise Monit fall back to its old
behaviour. Example:
check process apache with pidfile /var/run/httpd.pid
start = "/usr/sbin/apachectl start"
stop = "/usr/sbin/apachectl stop"
restart = "/usr/sbin/apachectl restart" <- New
New: Improved communication with M/Monit. Thanks to Hippo Lin. For
scalability purpose, this Monit version should only be used with
M/Monit version 3.1 or later.
BUGFIXES:
* Monit stopped if an error occurred during MTA connection close.
* Make the Memcache protocol test faster.
* Solaris zone: fix system memory usage report.
* Use chiper list with SSL server instead of relying on default
Collection.
daemonize is a library for writing system daemons in Python. It has some bits
from daemonize.sourceforge.net. It is distributed under MIT license.
## Rails 3.2.18 (May 6, 2014) ##
* Only accept actions without File::SEPARATOR in the name.
This will avoid directory traversal in implicit render.
Fixes: CVE-2014-0130
*Rafael Mendon«®a Fran«®a*
Drupal 7.28, 2014-05-08
-----------------------
- Fixed a regression introduced in Drupal 7.27 that caused JavaScript to break
on older browsers (such as Internet Explorer 8 and earlier) when Ajax was
used.
- Increased the timeout used by the Update Manager module when it fetches data
from drupal.org (from 5 seconds to 30 seconds), to work around a problem
which causes incomplete information about security updates to be presented to
site administrators. This fix may lead to a performance slowdown on the
Update Manager administration pages, when installing Drupal distributions,
and (for sites that use the automated cron feature) on occasional page loads
by site visitors.
- Fixed the behavior of the token system's "[node:summary]" token when the body
field does not have a manual summary.
- Changed the behavior of db_query_temporary() so that it works on SELECT
queries even when they have leading comments/whitespace. A side effect of
this fix is that db_query_temporary() will now fail with an error if it is
ever used on non-SELECT queries.
- Added a "node_admin_filter" tag to the database query used to build the list
of nodes on the content administration page, to make it easier to alter.
- Made the cron queue system log any exceptions that are thrown while an item
in the queue is being processed, rather than stopping the entire PHP request.
- Improved screen reader support by adding an aria-live HTML attribute to file
upload fields when there is an error uploading the file (minor markup
change).
- Made the pager on the Tracker module listing pages show the same number of
items as other pagers throughout Drupal core (minor UI change).
- Fixed a bug which caused caches not to be properly cleared when a file entity
was saved or deleted.
- Added several missing countries to the default list returned by
country_get_list() (string change).
- Replaced the term "weight" with "influence" in the content ranking settings
for search, and added help text for administrators (string change).
- Fixed untranslatable text strings in the administrative interface for the
"Crop" effect provided by the Image module (minor string change).
- Fixed a bug in the Taxonomy module update function introduced in Drupal 7.26
that caused memory and CPU problems on sites with very large numbers of
unpublished nodes.
- Numerous small bug fixes.
- Numerous API documentation improvements.
- Additional automated test coverage.
* 3.4.1 (stable)
* Fixed Bug #193: Lose mails when mailbox is inaccessible.
* 3.4.0 (stable)
* 3.4.0rc (release candidate)
* SSL wildcard certificate is also validated now (#167).
* The compile error with OpenSSL disabled was fixed.
* 3.4.0beta8 (development)
* Mac OS X support was improved.
* SSL certificate hostname is validated now (#167).
* The Japanese manual was modified so that IE correctly detect its
character encoding.
* The rightmost column of folder view and summary view became easier to
resize.
* Appropriate columns of folder view, summary view, etc. are
auto-expanded by window resize when using GTK+ 2.14 or later.
* The initial setup dialog is now resizabe.
* PGP encrypt-to-self feature was added.
* The display period of notification window became configurable.
* 3.4.0beta7 (development)
* Win32: the tray icon is recreated when explorer.exe crashes now.
* The bug that 'File - Folder - Move folder...' menu didn't work was
fixed.
* The bug that MIME nest level restriction was not working was fixed.
* Many defects discovered by Coverity Scan were fixed:
- FILE handle resource leaks
- memory leaks
- possible buffer overrun
- strict error checks
- correct null pointer checks
* 3.4.0beta6 (development)
* Icon theme feature was added.
* HTML mail is distinguished from other messages with attachments now.
* 'Last 30 days' was added to the quick search menu.
* Attached images are rotated based on Exif orientation tag.
* Config.guess and config.sub included in the tarball were updated to the
latest version.
* 3.4.0beta5 (development)
* Basque translation was added.
* Escaped special characters in HTML links are now properly unescaped
(#120).
* IMAP: parsing of folder names that contain brackets was fixed.
* Config.guess and config.sub included in the tarball were updated.
* The order of templates became stable.
* 3.4.0beta4 (development)
* The feature to save message as plain text was added.
* Printing now prints all texts in messages, not only the first one.
* The HTML parser now supports <blockquote> tag.
* An option to prefer HTML part in multipart/alternative was added
(default: off).
* Compose window is raised when the external editor exits.
* Bugfixes of HTML display were made.
* 3.4.0beta3 (development)
* Rebuilding of folder tree which was broken at 3.4.0beta1 was fixed
(#103).
* The bug that double-quote (") and backslash (\) in
folder/username/password were not escaped and could not be used on IMAP4
was fixed.
* Quotation of forwarded messages is enabled for template now.
* When marking a message as junk and moving it to a junk folder, proper
junk folder is selected instead of default one.
* When applying a template for a new message, current date is inserted
with '%d'.
* 3.4.0beta2 (development)
* New message notification window was added.
* An option to the junk filter setting was added:
'Do not classify message as junk if sender is in the address book'.
* Some non-standard Date header patterns are handled now.
* Win32: start menu shortcuts are translated.
* 3.4.0beta1 (development)
* Safe mode (which does not load plug-ins) was added (--safe-mode).
* The existence of destination folders are checked when creating a filter
rule.
* The recursion level is restricted up to 64 when scanning local mailbox
(prevents infinite loop with symlink. Note: Linux automatically limits
the symlink loop up to 40)
* The labels used in POP3 remote mailbox dialog was modified.
* POP3: do not disconnect immediately but send QUIT command on normal
POP3 errors (prevents deleted messages appear again).
* IMAP: "INBOX" folder became case insensitive as specified in RFC 3501.
* IMAP: server name for cache directory is escaped now
(fixes cache creation when using IPv6 address for server name on Windows).
* Win32: socket timeout setting now works on Windows.
Bugfixes (fixed in Postfix 2.11 and Postfix 2.12):
* With connection caching enabled (the default), recipients could
be given to the wrong mail server. The root cause was an incorrect
predicate. Due to this, the Postfix SMTP client could under
rare conditions save and restore plaintext connections that
should not be cached, under a fixed lookup key that did not
distinguish by destination. Problem reported by Sahil Tandon.
* Enforce TLS when TLSA records exist, but all are unusable.
* Don't leak memory when TLSA records exist, but all are unusable.
Workarounds:
* Prepend "-I. -I../../include" to the compiler command-line
options, to avoid name clashes with non-Postfix header files.
Documentation cleanup:
* Corrected postconf(1) manpage for missing version attribution
and incorrect "author" formatting.
* The documentation for Postfix > 2.8 TLS activity logging was
incorrect. Loglevel 0 produces no logging. Instead, information
is logged only with loglevel 1 or higher.
Logging cleanup:
* The TLS client logged that an "Untrusted" TLS connection was
established instead of "Anonymous".
* For consistency, TLS policy lookup errors are now logged as
warnings.
