D-Bus 1.8.12 (2014-11-24)
==
The “days of fuchsia passed” release.
Fixes:
• Partially revert the CVE-2014-3639 patch by increasing the default
authentication timeout on the system bus from 5 seconds back to 30
seconds, since this has been reported to cause boot regressions for
some users, mostly with parallel boot (systemd) on slower hardware.
On fast systems where local users are considered particularly hostile,
administrators can return to the 5 second timeout (or any other value
in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
<busconfig>
<limit name="auth_timeout">5000</limit>
</busconfig>
(fd.o #86431, Simon McVittie)
• Add a message in syslog/the Journal when the auth_timeout is exceeded
(fd.o #86431, Simon McVittie)
• Send back an AccessDenied error if the addressed recipient is not allowed
to receive a message (and in builds with assertions enabled, don't
assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
20141124: Bumped up version number to 1.1.6
20141124: Properly quote backslashes for tcsh
20141124: Detect ambiguous long options properly
Thanks to Klaus Wulff <dinw.klswlff@dfgh.net>
20141123: Create test harnass and tests
20141122: Update translations (sync with util-linux (git 20141120))
20141120: Update manual page (sync with util-linux (git 20141120))
20141120: Minor code changes (sync with util-linux (git 20141120))
Release 3.10.1 (25 November 2014)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.10.1 is a bug fix release. It fixes various bugs reported in 3.10.0
and backports fixes for all reported missing AArch64 ARMv8 instructions
and syscalls from the trunk. If you package or deliver 3.10.0 for others
to use, you might want to consider upgrading to 3.10.1 instead.
The following bugs have been fixed or resolved. Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry. We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.
To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.
335440 arm64: ld1 (single structure) is not implemented
335713 arm64: unhanded instruction: prfm (immediate)
339020 ppc64: memcheck/tests/ppc64/power_ISA2_05 failing in nightly build
339182 ppc64: AvSplat ought to load destination vector register with [..]
339336 PPC64 store quad instruction (stq) is not supposed to change [..]
339433 ppc64 lxvw4x instruction uses four 32-byte loads
339645 Use correct tag names in sys_getdents/64 wrappers
339706 Fix false positive for ioctl(TIOCSIG) on linux
339721 assertion 'check_sibling == sibling' failed in readdwarf3.c ...
339853 arm64 times syscall unknown
339855 arm64 unhandled getsid/setsid syscalls
339858 arm64 dmb sy not implemented
339926 Unhandled instruction 0x1E674001 (frintx) on aarm64
339927 Unhandled instruction 0x9E7100C6 (fcvtmu) on aarch64
339938 disInstr(arm64): unhandled instruction 0x4F8010A4 (fmla)
== 339950
339940 arm64: unhandled syscall: 83 (sys_fdatasync) + patch
340033 arm64: unhandled insn dmb ishld and some other isb-dmb-dsb variants
340028 unhandled syscalls for arm64 (msync, pread64, setreuid and setregid)
340036 arm64: Unhandled instruction ld4 (multiple structures, no offset)
340236 arm64: unhandled syscalls: mknodat, fchdir, chroot, fchownat
340509 arm64: unhandled instruction fcvtas
340630 arm64: fchmod (52) and fchown (55) syscalls not recognized
340632 arm64: unhandled instruction fcvtas
340725 AVX2: Incorrect decoding of vpbroadcast{b,w} reg,reg forms
340788 warning: unhandled syscall: 318 (getrandom)
340807 disInstr(arm): unhandled instruction: 0xEE989B20
340856 disInstr(arm64): unhandled instruction 0x1E634C45 (fcsel)
340922 arm64: unhandled getgroups/setgroups syscalls
n-i-bz DRD and Helgrind: Handle Imbe_CancelReservation (clrex on ARM)
n-i-bz Add missing ]] to terminate CDATA.
n-i-bz Glibc versions prior to 2.5 do not define PTRACE_GETSIGINFO
n-i-bz Enable sys_fadvise64_64 on arm32.
n-i-bz Add test cases for all remaining AArch64 SIMD, FP and memory insns.
n-i-bz Add test cases for all known arm64 load/store instructions.
n-i-bz PRE(sys_openat): when checking whether ARG1 == VKI_AT_FDCWD [..]
n-i-bz Add detection of old ppc32 magic instructions from bug 278808.
n-i-bz exp-dhat: Implement missing function "dh_malloc_usable_size".
n-i-bz arm64: Implement "fcvtpu w, s".
n-i-bz arm64: implement ADDP and various others
n-i-bz arm64: Implement {S,U}CVTF (scalar, fixedpt).
n-i-bz arm64: enable FCVT{A,N}S X,S.
(3.10.1: 25 November 2014, vex r3026, valgrind r14785)
[CHANGES]
New facilities:
o Pygments plug-in parser: Support python 3.
o gozilla: added support of OSX's default browser.
Please set environment variable BROWSER to 'osx-default'.
$ htags --suggest --map-file
$ export BROWSER=osx-default
$ gozilla +120 main.c # shows line 120 in main.c
$ gozilla -d main # shows definitions of main()
o vim74-gtags-cscope.patch: New patch for vim + gtags-cscope to treat
file names which include spaces correctly. Please see README.PATCHES.
Release for beta test:
o Added --sqlite3 option which uses SQLite3 API instead of BSD/DB API for
making tag files. If you will test the code then please do as follows:
[configuration phase]
$ ./configure --with-sqlite3 # use sqlite3 API
[execution phase]
$ gtags --sqlite3 # make sqlite3 tag files
[FIXED BUGS]
o gtags-cscope.vim: There was a calling to undefined function.
Now it works.
transactional database, combining 99.999% availability with the
low TCO of open source.
Designed around a distributed, multi-master architecture with no
single point of failure, MySQL Cluster scales horizontally on
commodity hardware to serve read and write intensive workloads,
accessed via SQL and NoSQL interfaces.
Open Chinese Convert (OpenCC) is an opensource project for conversion between
Traditional Chinese and Simplified Chinese, supporting character-level
conversion, phrase-level conversion, variant conversion and regional idioms
among Mainland China, Taiwan and Hong kong.
- Adjusted libtool flags for building DLLs for windows
- Update to the latest upstream opencore source
- Updated and improved example applications
- Add options for enabling the arm inline assembly
- Add options for disabling the encoder or decoder in the amrnb library
- Avoid dependencies on libstdc++ if building the source as C
- Hide internal symbols in shared libraries
- Minor tweaks
- Remove old static makefiles and corresponding build scripts
Ports
* Building on older MacOS X systems automatically sets
the necessary NO_APPLE_COMMON_CRYPTO build-time option.
* Building with NO_PTHREADS has been resurrected.
* Compilation options have been updated a bit to better support the
z/OS port.
UI, Workflows & Features
* "git archive" learned to filter what gets archived with a pathspec.
* "git config --edit --global" starts from a skeletal per-user
configuration file contents, instead of a total blank, when the
user does not already have any global config. This immediately
reduces the need to later ask "Have you forgotten to set
core.user?", and we can add more to the template as we gain
more experience.
* "git stash list -p" used to be almost always a no-op because each
stash entry is represented as a merge commit. It learned to show
the difference between the base commit version and the working tree
version, which is in line with what "git stash show" gives.
* Sometimes users want to report a bug they experience on their
repository, but they are not at liberty to share the contents of
the repository. "fast-export" was taught an "--anonymize" option
to replace blob contents, names of people, paths and log
messages with bland and simple strings to help them.
* "git difftool" learned an option to stop feeding paths to the
diff backend when it exits with a non-zero status.
* "git grep" learned to paint (or not paint) partial matches on
context lines when showing "grep -C<num>" output in color.
* "log --date=iso" uses a slight variant of the ISO 8601 format that is
more human readable. A new "--date=iso-strict" option gives
datetime output that conforms more strictly.
* The logic "git prune" uses is more resilient against various corner
cases.
* A broken reimplementation of Git could write an invalid index that
records both stage 0 and higher-stage entries for the same path.
We now notice and reject such an index, as there is no sensible
fallback (we do not know if the broken tool wanted to resolve and
forgot to remove the higher-stage entries, or if it wanted to unresolve
and forgot to remove the stage 0 entry).
* The temporary files "git mergetool" uses are renamed to avoid too
many dots in them (e.g. a temporary file for "hello.c" used to be
named e.g. "hello.BASE.4321.c" but now uses underscore instead,
e.g. "hello_BASE_4321.c", to allow us to have multiple variants).
* The temporary files "git mergetool" uses can be placed in a newly
created temporary directory, instead of the current directory, by
setting the mergetool.writeToTemp configuration variable.
* "git mergetool" understands "--tool bc" now, as version 4 of
BeyondCompare can be driven the same way as its version 3 and it
feels awkward to say "--tool bc3" to run version 4.
* The "pre-receive" and "post-receive" hooks are no longer required
to consume their input fully (not following this requirement used
to result in intermittent errors in "git push").
* The pretty-format specifier "%d", which expands to " (tagname)"
for a tagged commit, gained a cousin "%D" that just gives the
"tagname" without frills.
* "git push" learned "--signed" push, that allows a push (i.e.
request to update the refs on the other side to point at a new
history, together with the transmission of necessary objects) to be
signed, so that it can be verified and audited, using the GPG
signature of the person who pushed, that the tips of branches at a
public repository really point the commits the pusher wanted to,
without having to "trust" the server.
* "git interpret-trailers" is a new filter to programmatically edit
the tail end of the commit log messages, e.g. "Signed-off-by:".
* "git help everyday" shows the "Everyday Git in 20 commands or so"
document, whose contents have been updated to match more modern
Git practice.
* On the "git svn" front, work progresses to reduce memory consumption and
to improve handling of mergeinfo.
Note: this is the first version with disabled-by-default SSL3, if you need it, you can re-enable with --ssl-enable3 option
Bugfixes
fixed PHP SCRIPT_NAME usage when --php-app is in place
allow "appendn" hook without second argument
fix heap corruption in the Carbon plugin (credits: Nigel Heron)
fix getifaddrs() memory management
fixed tcsetattr() usage
fixed kevent usage of return value (credits: Adriano Di Luzio)
ensure PSGI response headers are in the right format
fixed reloading of attached daemons
fixed SSL/TLS shutdown
fixed mountpoint logic for paths not ending with / (credits: Adriano Di Luzio)
fixed Python3 support in spooler decorators (credits: Adriano Di Luzio)
New Features
RTSP and chunked input backports from 2.1 for the HTTP router
The --http-manage-rtsp and ``--http-chunked-input` have been backported from 2.1 allowing the HTTP router to detect RTSP and chunked requests automatically. This is useful for the upcoming https://github.com/unbit/uwsgi-realtime plugin.
--hook-post-fork
This custom hook allows you to call actions after each fork().
fallback to trollius for asyncio plugin
If you build the asyncio plugin for python2, a fallback to the trollius module will be tried.
This feature has gotten basically zero test coverage, so every report (bug or success alike) is welcome.
added sweep_on_full, clear_on_full and no_expire to --cache2
Three new options for --cache2 have been added for improving the caching expire strategies:
sweep_on_full will call a sweep (delete all of the expired items) as soon as the cache became full
clear_on_full will completely clear the cache as soon as it is full
no_expire forces the cache to not generate a cache sweeper thread, delegating items removal to the two previous options
backported wait-for-fs/mountpoints from 2.1
--wait-for-fs <path> suspend the uWSGI startup until a file/directory is available
--wait-for-file <path> suspend the uWSGI startup until a file is available
--wait-for-dir <path> suspend the uWSGI startup until a directory is available
--wait-for-mountpoint <path> suspend the uWSGI startup until a mountpoint is available
improved the offload api (backport from 2.1)
uWSGI 2.0.8 is compatible with the upcoming https://github.com/unbit/uwsgi-realtime plugin that allows the use of realtime features (like websockets or audio/video streaming) using the uWSGI offload engine + Redis publish/subscribe.
Allows building plugins from remote sources as embedded
The UWSGI_EMBED_PLUGINS environment variable has been extended to support remote plugins. As an example you can build a monolithic uwsgi binary with the Avahi and realtime plugins as:
UWSGI_EMBED_PLUGINS="avahi=https://github.com/20tab/uwsgi-avahi,realtime=https://github.com/unbit/uwsgi-realtime" make
Automatically manage HTTP_X_FORWARDED_PROTO
Albeit a new standard is available in the HTTP world for forwarded sessions (http://tools.ietf.org/html/rfc7239) this release adds support for the X-Forwarded-Proto header, automatically setting the request scheme accordingly.
mkc.configure.mk:
- New variables MKC_CHECK_CC_OPTS and MKC_CHECK_CXX_OPTS were
introduced for checking C/C++ compiler's options
Makefile.inc and Makefile.common are included after system variables
are set, in particular CC and CXX.
CC_TYPE is now set in mk.init.mk
Fixes for "err" and "warn" features. Now verr(3), verrx(3),
vwarn(3) and vwarnx(3) functions are detected correctly (the problem
was seen on gcc-4.9/armv7).
Fix support for COMPATLIB. Objects for "features" should not be
generated outside compatibility library.
A number of fixes in regression tests: support for latest GCC,
lib64 and lib/tri-ple-ts Linuxes.
mkc_check_custom:
- new option -e was introduced for checking stderr for emptyness
- new option -b was introduced for printing yes/no instead of 1/0
- additional options to compiler are passed via CARGS env. variable.
- BUILD: fix "make install" to support spaces in the install dirs
- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthcheck
s
- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OO
M.
- BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
- BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address
information
- BUG/MEDIUM: pattern: don't load more than once a pattern list.
- BUG/MEDIUM: ssl: force a full GC in case of memory shortage
- BUG/MINOR: config: don't inherit the default balance algorithm in frontend
s
- BUG/MAJOR: frontend: initialize capture pointers earlier
- BUG/MINOR: stats: correctly set the request/response analysers
- DOC: fix typo in the body parser documentation for msg.sov
- BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
- MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping)
- BUG/MAJOR: sessions: unlink session from list on out of memory
4.10 2014-11-27
[ SPEC / BUG FIXES ]
- favour -content-type arg in header if -type and -charset options are also
passed in (GH #155, thanks to kaoru for the test case). this change also
sorts the hash keys in the rearrange method in CGI::Util meaning the order
of the arrangement will always be the same for params that have multiple
aliases. really you shouldn't be passing in multiple aliases, but this will
make it consistent should you do that
[ DOCUMENTATION ]
- fix some typos
2.007 2014/11/26
- make getline/readline fall back to super class if class is not sslified yet,
i.e. behave the same as sysread, syswrite etc.
This fixes RT#100529
