* Fix IDLE mode regression (it didn't worked) introduced
after v6.5.5 (pointy hat goes to Eygene Ryabinkin, kudos --
to Tomasz Żok)
* Add knob to invoke folderfilter dynamically on each sync (GitHub#73)
* Add knob to apply compression to IMAP connections (Abdó Roig-Maranges)
* Add knob to filter some headers before uploading message
to IMAP server (Abdó Roig-Maranges)
* Allow to sync GMail labels and implement GmailMaildir repository that
adds mechanics to change message labels (Abdó Roig-Maranges)
* Allow to migrate status data across differend backends
(Abdó Roig-Maranges)
* Support XDG Base Directory Specification
(if $XDG_CONFIG_HOME/offlineimap/config exists, use it as the
default configuration path; ~/.offlineimaprc is still tried after
XDG location) (GitHub#32)
* Allow multiple certificate fingerprints to be specified inside
'cert_fingerprint'
All Platforms
Licensing change: the GNU GPLv2 code can now be used under GNU GPL v2 or v3
Fix network hanging issues that could occur when both UTP and DHT were enabled
Fix 2.82 file descriptor leak when importing a blocklist
Disallow torrents that contain "/../" in the path
Fix 2.82 bug that didn't retain peers between sessions
Fix potential dangling memory error in UDP tracker DNS lookups
Remember a torrent's "queued" state between Transmission sessions
Updated third party libraries: DHT updated to v0.22; miniupnpc updated to v1.9
Autoconf script fixes: better detection of ccache, minupnpc
Fix the X-Transmission-Session-Id header to be valid with the SPDY protocol
Fix thread safety bugs in the tr_list datatype
When determining free disk space on NetBSD>=6, support its Quota feature
Windows portability improvements
Mac Client
Share option in File menu and context menu
Show all torrents when the filter bar is hidden
Show zero-byte files correctly
Coalesce multiple Speed Limit Auto Enabled/Disabled? notifications
Turkish localization
Removed Brazilian Portuguese localization because of lack of localizer (European Portuguese localization remains)
GTK+ Client
Fix threading issue on shutdown
Qt Client
Fix toggle-downloading-by-pressing-spacebar in the file list
Fix "Open URL" crash from dangling pointer
Support launching downloaded files from inside Transmission
On Windows, use native Windows icons
Improved network status info and tooltip in the status bar
Fix "Open Torrent" dialog crash in Qt 5.2
Daemon
On systemd systems, fix config reloading via 'systemctl reload'
Use libevent's event loop
Fix discrepancy in curl SSL setup between tr-daemon and tr-remote
Fix broken OS X build
Web Client
Support file renaming in the web client
Fix incorrect torrent state being displayed for magnet links
Make URLs in the torrent's comment field clickable (and sanitize them to prevent cross-scripting)
Version 3.5.2 released 2014-05-22
* Fix Windows build with VS2008
https://github.com/simplejson/simplejson/pull/97
Version 3.5.1 released 2014-05-21
* Consistently reject int_as_string_bitcount settings that are not
positive integers
Version 3.5.0 released 2014-05-20
* Added int_as_string_bitcount encoder option
https://github.com/simplejson/pull/96
* Fixed potential crash when encoder created with incorrect options
* Version 3.2.15 (released 2014-05-30)
** libgnutls: Eliminated memory corruption issue in Server Hello parsing.
Issue reported by Joonas Kuorilehto of Codenomicon.
** libgnutls: Several memory leaks caused by error conditions were
fixed. The leaks were identified using valgrind and the Codenomicon
TLS test suite.
** libgnutls: Increased the maximum certificate size buffer
in the PKCS #11 subsystem.
** libgnutls: Check the return code of getpwuid_r() instead of relying
on the result value. That avoids issue in certain systems, when using
tofu authentication and the home path cannot be determined. Issue reported
by Viktor Dukhovni.
** gnutls-cli: if dane is requested but not PKIX verification, then
only do verify the end certificate.
** ocsptool: Include path in ocsp request. This resolves#108582
(https://savannah.gnu.org/support/?108582), reported by Matt McCutchen.
** API and ABI modifications:
No changes since last version.
* Version 3.2.14 (released 2014-05-06)
** libgnutls: Fixed issue with the check of incoming data when two
different recv and send pointers have been specified. Reported and
investigated by JMRecio.
** libgnutls: Fixed issue in the RSA-PSK key exchange, which would
result to illegal memory access if a server hint was provided.
** libgnutls: Fixed client memory leak in the PSK key exchange, if a
server hint was provided.
** libgnutls: Several small bug fixes identified using valgrind and
the Codenomicon TLS test suite.
** libgnutls: Several small bug fixes found by coverity.
** libgnutls-dane: Accept a certificate using DANE if there is at least one
entry that matches the certificate. Patch by simon [at] arlott.org.
** configure: Added --with-nettle-mini option, which allows linking
with a libnettle that contains gmp.
** certtool: The ECDSA keys generated by default use the SECP256R1 curve
which is supported more widely than the previously used SECP224R1.
** API and ABI modifications:
No changes since last version.
* Version 3.2.13 (released 2014-04-07)
** libgnutls: gnutls_openpgp_keyring_import will no longer fail silently
if there are no base64 data. Report and patch by Ramkumar Chinchani.
** libgnutls: gnutls_record_send is now safe to be called under DTLS when
in corked mode.
** libgnutls: Ciphersuites that use the SHA256 or SHA384 MACs are
only available in TLS 1.0 as SSL 3.0 doesn't specify parameters for
these algorithms.
** libgnutls: Changed the behaviour in wildcard acceptance in certificates.
Wildcards are only accepted when there are more than two domain components
after the wildcard. This drops support for the permissive RFC2818 wildcards
and adds more conservative support based on the suggestions in RFC6125. Suggested
by Jeffrey Walton.
** certtool: When no password is provided to export a PKCS #8 keys, do
not encrypt by default. This reverts to the certtool behavior of gnutls
3.0. The previous behavior of encrypting using an empty password can be
replicating using the new parameter --empty-password.
** p11tool: Avoid dual initialization of the PKCS #11 subsystem when
the --provider option is given.
** API and ABI modifications:
No changes since last version.
e version: 1.39.0
date: 2014-05-29
new features:
- title: "Edit Book: Allow creation of custom color schemes
for the editor (Preferences->Editor settings)"
- title: "Check Book: When reporting unmanifested file warnings,
allow auto fixing by adding the file to the manifest if it is
referenced elsewhere or removing the file if it is not."
- title: "Edit book: Preview panel: Allow syncing of position
more accurately when there are multiple tags on the same source
code line"
- title: "Edit book: Live CSS: Indicate which CSS properties
are overridden by higher priority rules"
- title: "Kindle driver: When generating page numbers automatically,
add an additional method to detect page boundaries, using the
presence of <mbp:pagebreak> tags in the source of the book.
You can use this setting by right clicking on the Kindle icon
in calibre when the kindle is connected and choosing customize
this device."
bug fixes:
- title: "Virtual Libraries: If the user selects a virtual
library whose tab has been closed via the Virtual Library
button, re-open the tab instead of displaying the virtual
library in the All Books tab."
- title: "DOCX Input: Fix a regression that broke conversion
of documents with an index that contains fields with special
page text."
- title: "Edit Book: When editing a book in a language for
which no dictionary is installed, consider all words to be
correctly spelt, rather than misspelt."
Just a simple maintenance release. User-visible changes include
one invalid #define fixed in the header file and the conditional
removal of the "Pointer" typedef to avoid name clashes and the
matching changes of the struct tmask.
Note: unless _XITYPEDEF_POINTER is defined, the Pointer typedef is
still there, so we're not breaking anything here. And the struct
tmask is only used by the server anyway and shouldn't be in the
header to begin with.
The preprocessor macro XP_MACOSX is misused everywhere. They tend to
say "#if defined(XP_MACOSX)" to actually mean
"#if defined(MOZ_WIDGET_COCOA)". It's okay to equate XP_MACOSX with
XP_DARWIN but equating it with MOZ_WIDGET_COCOA is just wrong. As a
result, cairo-gtk2 build on Darwin is completely broken and needs
heavy patching. Ideally they should be fixed individually but that
will be an extremely hard work, so don't define XP_MACOSX for now.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
packaged for wip.
A variety of alternative parser combinator libraries, including the
original HuttonMeijer set. The Poly sets have features like good error
reporting, arbitrary token type, running state, lazy parsing, and so on.
Finally, Text.Parse is a proposed replacement for the standard Read class,
for better deserialisation of Haskell values from Strings.
and remove it during deinstallation. This matches the behaviour of the
"nss_pam" package and makes configuring NetBSD as an LDAP client easier.
Bump package revision because of this fix.
This is a SECURITY release, addressing a CRITICAL remote code execution
flaw in Exim version 4.82 (only) when built with DMARC support (an
experimental feature, not on by default). This release is identical to
4.82 except for the small change needed to plug the security hole. The
next release of Exim will, eventually, be 4.83, which will include the
many improvements we've made since 4.82, but which will require the
normal release candidate baking process before release.
You are not vulnerable unless you built Exim with EXPERIMENTAL_DMARC.
This issue is known by the CVE ID of CVE-2014-2957, was reported
directly to the Exim development team by a company which uses Exim for
its mail server. An Exim developer constructed a small patch which
altered the way the contents of the From header is parsed by converting
it to use safer and better internal functions. It was applied and
tested on a production server for correctness. We were notified of the
vulnerability Friday night, created a patch on Saturday, applied and
tested it on Sunday, notified OS packagers on Monday/Tuesday, and are
releasing on the next available work day, which is Wednesday.
This is why we have made the smallest feasible changes to prevent
exploit: we want this chagne to be as safe as possible to expedite into
production (if the packages were built with DMARC).
