Unfortunately no changelog is provided by upstream, main changes between 1.4.2
are added support for CrateDB, Cubid, Drizzle, Apache Ignite, Amazon Aurora
forks, InterSystems cache, eXtremeDB.
OAuth often seems complicated and difficult-to-implement. There are several
prominent libraries for handling OAuth requests, but they all suffer from one
or both of the following:
* They predate the OAuth 1.0 spec, AKA RFC 5849.
* They predate the OAuth 2.0 spec, AKA RFC 6749.
* They assume the usage of a specific HTTP request library.
OAuthLib is a generic utility which implements the logic of OAuth without
assuming a specific HTTP request object or web framework. Use it to graft OAuth
client support onto your favorite HTTP library, or provider support onto your
favourite web framework. If you're a maintainer of such a library, write a thin
veneer on top of OAuthLib and get OAuth support for very little effort.
Single sign-on framework for GNOME. It aims to provide a way for users to
setup online accounts to be used by the core system and core applications
only. Calendar entries show up in GNOME Shell, e-mail in Evolution, online
storages are exposed as GVolumes, and so on.
Update to ruby-net-ssh 6.1.0.
=== 6.1.0
* adapt to ssh's default bahaviors when no username is provided.
When Net::SSH.start user is nil and config has no entry
we default to Etc.getpwuid.name() instead of Etc.getlogin(). [#749]
=== 6.1.0.rc1
* Make sha2-{256,512}-etm@openssh.com MAC default again [#761]
* Support algorithm subtraction syntax from ssh_config [#751]
Add openssl-cmac package version 2.0.1.
Ruby Gem for
* RFC 4493 - The AES-CMAC Algorithm (http://tools.ietf.org/html/rfc4493)
* RFC 4494 - The AES-CMAC-96 Algorithm and Its Use with IPsec
(http://tools.ietf.org/html/rfc4494)
* RFC 4615 - The Advanced Encryption Standard-Cipher-based Message
Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128)
Algorithm for the Internet Key Exchange Protocol (IKE)
(http://tools.ietf.org/html/rfc4615)
Changes:
3.6.14
------
* libgnutls: Fixed insecure session ticket key construction, since 3.6.4.
The TLS server would not bind the session ticket encryption key with a
value supplied by the application until the initial key rotation, allowing
attacker to bypass authentication in TLS 1.3 and recover previous
conversations in TLS 1.2 (#1011).
[GNUTLS-SA-2020-06-03, CVSS: high]
* libgnutls: Fixed handling of certificate chain with cross-signed
intermediate CA certificates (#1008).
* libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997).
* libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName
(2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority
Key Identifier (AKI) properly (#989, #991).
* certtool: PKCS #7 attributes are now printed with symbolic names (!1246).
* libgnutls: Added several improvements on Windows Vista and later releases
(!1257, !1254, !1256). Most notably the system random number generator now
uses Windows BCrypt* API if available (!1255).
* libgnutls: Use accelerated AES-XTS implementation if possible (!1244).
Also both accelerated and non-accelerated implementations check key block
according to FIPS-140-2 IG A.9 (!1233).
* libgnutls: Added support for AES-SIV ciphers (#463).
* libgnutls: Added support for 192-bit AES-GCM cipher (!1267).
* libgnutls: No longer use internal symbols exported from Nettle (!1235)
* API and ABI modifications:
GNUTLS_CIPHER_AES_128_SIV: Added
GNUTLS_CIPHER_AES_256_SIV: Added
GNUTLS_CIPHER_AES_192_GCM: Added
gnutls_pkcs7_print_signature_info: Added
Certbot 1.5.0
Added
Require explicit confirmation of snap plugin permissions before connecting.
Changed
Improved error message in apache installer when mod_ssl is not available.
Fixed
Add support for OCSP responses which use a public key hash ResponderID, fixing
interoperability with Sectigo CAs.
Fix TLS-ALPN test that fails when run with newer versions of OpenSSL.
More details about these changes can be found on our GitHub repo.
EVP_sha1 and EVP_sha256. Without this, opendnssec would build
but would not recognize any of those algorithms for tsig, and
therefore be pretty useless. I'll admit that I'm not entirely
certain why this is now suddenly required; those functions are
in the same library in 9.0 as in 8.0.
Bump PKGREVISION.
1.0 - 2020-05-13
- Limit support to GnuPG 2.2+ and 1.4
- Additional information from keys when using GnuPG 2.2 or higher
- Add support for use of agent/pinentry
- Updated options to add ignore_mdc_error and logging
- Improvements to tests
- Update pubkey_data documentation
- Special thanks to dkg on Github for a large PR with updates for GnuPG 2
- Thanks also to ntyni on Github for a pointer to test updates also dealing
with version changes
This release includes important security updates to Firefox.
This new Tor Browser release is focused on helping users understand
onion services.
Tor's onion routing remains the best way to achieve end-to-end
anonymous communication on the Internet. With onion services (.onion
addresses), website administrators can provide their users with
anonymous connections that are metadata-free or that hide metadata
from any third party. Onion services are also one of the few
censorship circumvention technologies that allow users to route
around censorship while simultaneously protecting their privacy
and identity.
For the first time, Tor Browser users on desktop will be able to
opt-in for using onion sites automatically whenever the website
makes them available. For years, some websites have invisibly used
onion services with alternative services (alt-svc), and this
continues to be an excellent choice. Now, there is also an opt-in
mechanism available for websites that want their users to know
about their onion service that invites them to upgrade their
connection via the .onion address.
5.68
[KAuth] Add support for action details in Polkit1 backend
[policy-gen] Fix the code to actually use the correct capture group
Drop Policykit backend
[polkit-1] Simplify Polkit1Backend action exists lookup
[polkit-1] Return an error status in actionStatus if there is an error
Calculate KAuthAction::isValid on demand
5.69
Fix type namespace requirement
ChangeLog:
- New option: -R to recover the public key from a secret key.
- minisign can now be compiled to WebAssembly.
- Error messages have been improved.
- Key derivation is now possible on devices with limited memory.
- Compilation on OpenWRT is now possible using cmake.
- A Docker image is now available.
- 64-bit Windows binaries have been added, and macOS binaries are notarized.
2020.5.20
not documented
2020.5.19
* Reverting Onboarding page for the time being
* Patch for whitelisting rules and EASE mode issue
* Double rule load patch in update channels
* Fix minor JS and UX issues
v 11.0.30
============================================================
x Discoverable option to force site-leaking UI in
PBM/Incognito
x [L10n] Updated he
x Easier keyboard navigation of preset configuration
x Yellow-less UI palette
lxqt-sudo-0.15.0 / 2020-04-23
=============================
* sudo: Fix (re)setting HOME with sudo backend.
* sudo: Add TERM to allowed/preserved env vars.
* Build on NetBSD.
lxqt-policykit-0.15.0 / 2020-04-22
==================================
* Bumped version to 0.15.0.
* Delete Password from line-edit.
* Made the infobox non-modal.
* Removed (duplicated) string casts definitions.
