Patch #314 - 2014/12/28
fix a minor bug in the termcap-specific version of resize when
the lines or columns values are at the very end of an incomplete
termcap string (prompted by coverity report).
improve paste64 feature (report by Olaf Rogalsky)
add configure option --with-man2html to allow an alternative
to groff's man/html conversion.
review and modify resource-settings which can be set via control
sequences, etc.
change passedPty from fixed-length to allocated to ensure that
it is long enough to hold the -S option value (report by Ben
Longbons).
improve ReGIS graphics initialization (Ross Combs):
Collection.
Password management should be simple and follow Unix philosophy. With pass,
each password lives inside of a gpg encrypted file whose filename is the title
of the website or resource that requires the password. These encrypted files
may be organized into meaningful folder hierarchies, copied from computer to
computer, and, in general, manipulated using standard command line file
management utilities.
pass makes managing these individual password files extremely easy. All
passwords live in ~/.password-store, and pass provides some nice commands for
adding, editing, generating, and retrieving passwords. It is a very short and
simple shell script. It's capable of temporarily putting passwords on your
clipboard and tracking password changes using git
Major changes:
General
- Show the number of approved comments, instead of total comments, in the “At A Glance” section in the dashboard.
- Site Language: Install translations on the fly on the General Settings screen. The language drop down now includes installed languages and all available translations when the filesystem is writable by WordPress.
- Admin notices: There are now four types of notices: success (green), warning (orange), error (red), and info (blue).
Posts
- Spellchecking is enabled for the post title field on the Edit Post screen.
Media
- Disable multi-file uploading in iOS 7.x Safari as it prevents uploading of videos.
- Allow PSDs (Photoshop documents) to be uploaded.
- oEmbed: Add support for the Vine endpoint.
- Display error message when Media Library upload fails.
Appearance
- Custom Header and Custom Background screens removed. Admin menu links now go to the Customizer.
- Widgets screen now has a Manage in Customizer link at top of screen.
- Themes: Make "Live Preview" the primary action and “Activate” secondary.
Users
- Introduce a button on the user profile screen which clears all other sessions, and on the user editing screen which clears all sessions.
Accessibility
- Admin menu separators are now hidden from screen readers.
- Improved keyboard control of Edit Selection mode in the media manager.
- Improved keyboard accessibility on Custom Header and Custom Background screen.
- Improved text contrast against dark backgrounds in the admin menu and toolbar.
- When switching to the Text editor, make the textarea visible to screen readers.
- Use <button> instead of <a> for the Visual/Text buttons to make them focusable.
- Improve the focus style for review links in the plugin info modal.
- TinyMCE:
-- Return focus to the editor on pressing Escape while the image toolbar is focused.
-- Add a Close button to the Help modal and close it on Escape.
-- Override the title on the editor iframe (read by screen reader apps), replace with the Alt+Shift+H shortcut.
-- Add focus shortcuts descriptions to the Help modal.
Multisite
- Set the default network language on the Network Settings screen.
ChangeLog:
7.4.431 compiler warning
7.4.432 MS-Windows: setting 'encoding' does not convert arguments
7.4.433 test 75 fails on MS-Windows
7.4.434 gettabvar() is not consistent with getwinvar() and getbufvar()
7.4.435 line formatting behaves differently when 'linebreak' is set
7.4.436 ml_get error for autocommand that moves the cursor
7.4.437 new and old regexp engine are not consistent
7.4.438 cached values for 'cino' not reset for ":set all&"
7.4.439 duplicate message in message history
7.4.440 omni complete popup drawn incorrectly
7.4.441 endless loop and other problems when 'cedit' is set to CTRL-C
7.4.442 (after 7.4.434) using unitinialized variable
7.4.443 error reported by ubsan when running test 72
7.4.444 reversed question mark not recognized as punctuation
7.4.445 clipboard may be cleared on startup
7.4.446 environment for executing autocommand may not be restored
7.4.447 spell files from Hunspell may generate a lot of errors
7.4.448 MS-Windows: Using ETO_IGNORELANGUAGE causes problems
7.4.449 can't easily close the help window
7.4.450 some commands that edit another buffer don't support +cmd
7.4.451 calling system() with empty input gives an error
7.4.452 can't build with tiny features
7.4.453 still can't build with tiny features
7.4.454 CTRL-W-] does not work when using a Visual selection
7.4.455 completion for :buf does not use 'wildignorecase'
7.4.456 'backupcopy' is global, can't set a local value
7.4.457 cannot recognize getchar() returning K_CURSORHOLD
7.4.458 issue 252: Cursor moves in a zero-height window
7.4.460 (after 7.4.454) can't build without the quickfix feature
7.4.461 MS-Windows: When collate is on the number of copies is too high
7.4.462 Setting the local value of 'backupcopy' empty gives an error
7.4.463 tests 86 and 87 may hang on MS-Windows
7.4.464 (after 7.4.459) compiler warning
7.4.465 crash when expanding a very long string
7.4.466 (after 7.4.460) CTRL-W } does not open preview window
7.4.467 'linebreak' does not work well together with Visual mode
7.4.469 (after 7.4.467) can't build with MSVC
7.4.470 test 11 and 100 do not work properly on Windows
7.4.471 MS-Windows: multi-byte printer name is displayed as ???
7.4.472 drawing "precedes" entry of 'listchar' when 'list' is not set
7.4.473 cursor position incorrect with number column and 'sbr'
7.4.474 AIX compiler can't handle // comment
7.4.475 can't compile if Xutf8SetWMProperties() is not in X11 library
7.4.476 MingW: compiling with "XPM=no" doesn't work
7.4.477 ":%diffput" adds an empty line if the other file is empty
7.4.478 using byte length instead of character length for 'showbreak'
7.4.479 MS-Windows: The console title can be wrong
7.4.480 (after 7.4.479) MS-Windows: Can't build
7.4.481 (after 7.4.471) compiler warning on MS-Windows
7.4.482 when 'balloonexpr' results in a list, text has a trailing NL
7.4.483 a 0x80 byte is not handled correctly in abbreviations
7.4.484 (after 7.4.483) compiler warning
7.4.485 (after 7.4.484) abbreviations don't work
7.4.486 check for writing to a yank register is wrong
7.4.487 ":sign jump" may unnecessarily use another window
7.4.488 test_mapping fails for some people
7.4.489 cursor movement wrong when 'lbr' with a number column
7.4.490 cannot specify the buffer to use for "do" and "dp"
7.4.491 negative "topline" value for winrestview() has display errors
7.4.492 Ctrl-O in Insert mode moves right after insert comment leader
7.4.493 a TextChanged autocommand is triggered when saving a file
7.4.494 cursor shape is wrong after a CompleteDone autocommand
7.4.495 XPM isn't used correctly in the Cygwin Makefile
7.4.496 many lines are both in Make_cyg.mak and Make_ming.mak
7.4.497 NFA engine is very slow with some regexp patterns
7.4.498 (after 7.4.497) typo in DOS makefile
7.4.499 substitute() can be slow with long strings
7.4.500 test 72 still fails once in a while
7.4.501 (after 7.4.497) typo in file pattern
7.4.502 language mapping also applies to mapped characters
7.4.503 cannot append a list of lines to a file
7.4.504 MS-Windows installer restricts install path to end in "vim"
7.4.505 problem on MS-Windows file name longer than MAX_PATH bytes
7.4.506 MS-Windows: Cannot open a file with 259 characters
7.4.507 (after 7.4.496) building with MingW and Perl may fail
7.4.508 when generating ja.sjis.po, header is not correctly adjusted
7.4.509 users are not aware their encryption is weak
7.4.510 "-fwrapv" argument breaks use of cproto
7.4.511 generating proto for if_ruby.c uses type not defined elsewhere
7.4.512 cannot generate prototypes for Win32 files and VMS
7.4.513 crash because reference count is wrong for list from getreg()
7.4.514 (after 7.4.492) memory access error
7.4.515 in a help buffer the global 'foldmethod' is used
7.4.516 issue 253: completing function name with a # does not work
7.4.517 cursor may not end up in the right place on a wrapping line
7.4.518 using status line height in width computations
7.4.519 (after 7.4.497) crash when using syntax highlighting
7.4.520 Sun PCK locale is not recognzed
7.4.521 when using "vep" a mark is moved to the next line
7.4.522 specifying wrong buffer size for GetLongPathName()
7.4.523 copy/paste no longer works is X11 server is restarted
7.4.524 when using ":ownsyntax" spell checking is messed up
7.4.525 map() leaks memory when there is an error in the expression
7.4.526 matchstr() fails on long text
7.4.527 still confusing regexp failure and NFA_TOO_EXPENSIVE
7.4.528 crash when using matchadd()
7.4.529 no test for what 7.4.517 fixes
7.4.530 many commands take count/range that is not using line numbers
7.4.531 comments about parsing an Ex command are wrong
7.4.532 when using 'incsearch' "2/pattern/e" highlights first match
7.4.533 ":hardcopy" leaks memory in case of errors
7.4.534 warnings when compiling if_ruby.c
7.4.535 (after 7.4.530) can't build with tiny features
7.4.536 test 63 fails when using a black&white terminal
7.4.537 value of v:hlsearch reflects an internal variable
7.4.538 tests fail with small features plus Python
7.4.539 (after 7.4.530) crash when computing buffer count
7.4.540 (after 7.4.539) cannot build with tiny and small features
7.4.541 crash when doing a range assign
7.4.542 cannot specify the type of range for a user command
7.4.543 (after 7.4.232) "1,3s/\n//" joins two lines instead of three
7.4.544 warnings for unused arguments with a combination of features
ejabberd Community 14.12 includes many bugfixes, and a few new features:
- New module mod_client_state implements XEP-0352: Client State Indication
- New module mod_fail2ban to ban IPs that show malicious signs
- New option store_empty_body in mod_offline
- New option disable_sasl_mechanisms
- Improve option resend_on_timeout to support if_offline
- More robust offline server
- Better charset support in XMLRPC
- Some PEP issues fixed
Changelog:
# What's New in SeaMonkey 2.31
SeaMonkey 2.31 contains the following major changes relative to SeaMonkey 2.30:
## SeaMonkey-specific changes
Text zoom is now available in Composer.
GStreamer and PulseAudio support has been re-enabled on Linux.
## Mozilla platform changes
Support for H264 (MP4) is now built in on Mac OS X Snow Leopard (10.6) and newer through native APIs.
HTTP/2 (draft14) and ALPN have been implemented.
Added ability to recover from a locked process in the "SeaMonkey is already running" dialog on Windows.
Added ECDH support for WebCrypto.
The console.table function has been added to the Error Console.
CSS transitions start correctly now when started at the same time as changes to display, position, overflow, and similar properties.
Also see Firefox 34 for Developers.
Fixed several stability issues.
# Security fixes
Fixed in SeaMonkey 2.31
2014-91 Privileged access to security wrapped protected objects
2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer
2014-88 Buffer overflow while parsing media content
2014-87 Use-after-free during HTML5 parsing
2014-86 CSP leaks redirect data via violation reports
2014-85 XMLHttpRequest crashes with some input streams
2014-84 XBL bindings accessible via improper CSS declarations
2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Python 3.3.6 was released on October 11, 2014.
Python 3.3.6 includes fixes for a few of our previously added patches,
as well as other important security-related fixes. Local changes:
rename the configure patch, remove now-included patches.
Upstream list of changes for this version:
Core and Builtins
-----------------
- Issue #22518: Fixed integer overflow issues in "backslashreplace",
"xmlcharrefreplace", and "surrogatepass" error handlers.
- Issue #22520: Fix overflow checking when generating the repr of a unicode
object.
- Issue #22519: Fix overflow checking in PyBytes_Repr.
- Issue #22518: Fix integer overflow issues in latin-1 encoding.
Library
-------
- Issue #22517: When a io.BufferedRWPair object is deallocated, clear its
weakrefs.
- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
65536 bytes and send a 414 error code for higher lengths. Patch contributed
by Devin Cook.
- Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers. Reported by
Sergey Bobrov.
- Issue #21766: Prevent a security hole in CGIHTTPServer by URL unquoting paths
before checking for a CGI script at that path.
- Fix arbitrary memory access in JSONDecoder.raw_decode with a negative second
parameter. Bug reported by Guido Vranken.
- Issue #20633: Replace relative import by absolute import.
- Issue #21082: In os.makedirs, do not set the process-wide umask. Note this
changes behavior of makedirs when exist_ok=True.
- Issue #20875: Prevent possible gzip "'read' is not defined" NameError.
Patch by Claudiu Popa.
- Issue #11599: When an external command (e.g. compiler) fails, distutils now
prints out the whole command line (instead of just the command name) if the
environment variable DISTUTILS_DEBUG is set.
- Issue #4931: distutils should not produce unhelpful "error: None" messages
anymore. distutils.util.grok_environment_error is kept but doc-deprecated.
- Issue #20283: RE pattern methods now accept the string keyword parameters
as documented. The pattern and source keyword parameters are left as
deprecated aliases.
- Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435. Patch by Zach Byrne.
Tests
-----
- Issue #17752: Fix distutils tests when run from the installed location.
- Issue #20946: Correct alignment assumptions of some ctypes tests.
- Issue #20939: Fix test_geturl failure in test_urllibnet due to
new redirect of http://www.python.org/ to https://www.python.org.
Berkeley DB is an embeddable database system that supports keyed access to
data. The software is distributed in source code form, and developers can
compile and link the source code into a single library for inclusion
directly in their applications.
Developers may choose to store data in any of several different storage
structures to satisfy the requirements of a particular application. In
database terminology, these storage structures and the code that operates on
them are called access methods. The library includes support for the
following access methods:
* B+tree: Stores keys in sorted order, using either a programmer-supplied
ordering function or a default function that does lexicographical
ordering of keys. Applications may perform equality or range searches.
* Hashing: Stores records in a hash table for fast searches based on
strict equality. Extended Linear Hashing modifies the hash function
used by the table as new records are inserted, in order to keep buckets
underfull in the steady state.
* Fixed and Variable-Length Records: Stores fixed- or variable-length
records in sequential order. Record numbers may be immutable or
mutable, i.e., permitting new records to be inserted between existing
records or requiring that new records be added only at the end of the
database.
This package privides Berkeley DB 6 released under GNU AGPL3.
Changelog:
Version 4.1 of WordPress, named "Dinah" in honor of jazz singer
Dinah Washington, is available for download or update in your
WordPress dashboard. New features in WordPress 4.1 help you focus
on your writing, and the new default theme lets you show it off in
style.
# Introducing Twenty Fifteen
Our newest default theme, Twenty Fifteen, is a blog-focused theme
designed for clarity.
Twenty Fifteen has flawless language support, with help from Google's
Noto font family.
The straightforward typography is readable on any screen size.
Your content always takes center stage, whether viewed on a phone,
tablet, laptop, or desktop computer.
# Distraction-free writing
Just write.
Sometimes, you just need to concentrate on putting your thoughts
into words. Try turning on distraction-free writing mode. When you
start typing, all the distractions will fade away, letting you
focus solely on your writing. All your editing tools instantly
return when you need them.
# The Finer Points
## Choose a language
Right now, WordPress 4.1 is already translated into over forty
languages, with more always in progress. You can switch to any
translation on the General Settings screen.
## Log out everywhere
If you've ever worried you forgot to sign out from a shared computer,
you can now go to your profile and log out everywhere.
## Vine embeds
Embedding videos from Vine is as simple as pasting a URL onto its
own line in a post. See the full list of supported embeds.
## Plugin recommendations
The plugin installer suggests plugins for you to try. Recommendations
are based on the plugins you and other users have installed.
# Under the Hood
## Complex Queries
Metadata, date, and term queries now support advanced conditional
logic, like nested clauses and multiple operators â A AND ( B OR
C ).
## Customizer API
The customizer now supports conditionally showing panels and sections
based on the page being previewed.
## <title> tags in themes
add_theme_support('title-tag') tells WordPress to handle the
complexities of document titles.
## Developer Reference
Continued improvements to inline code documentation have made the
developer reference more complete than ever.
