This is last release of Drupal 8.x.
8.9.20 (2021-11-17)
This release fixes security vulnerabilities. Sites are urged to update
immediately after reading the notes below and the security announcement:
Drupal core - Critical - Third-party library - SA-CORE-2021-011
No other fixes are included.
Major bugfixes:
* Fixed encode from dwg and json for many objects: missing size and bitsize
recalculation for objects with strings and DD types. (GH #322, #326)
* dwgadd: Fixed the pspace command. (GH #319)
* Missed all binary DXF groups 0. Still not working, but added to oss-fuzz.
* Support older gperf, older than 3.1. eg. macOS
As for CHANGES prior to 4.0.0 (from 4.0.0.alpha1 to 4.0.0.rc2), please
refer: <https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES>.
4.1.0 (2021-11-22)
=========================
DevTools:
* Released selenium-devtools 0.95.0 (supports CDP v85, v93, v94, v95)
* Released selenium-devtools 0.96.0 (supports CDP v85, v94, v95, v96)
* Added support for secure websockets (#10017)
Ruby:
* Execute Script supports ShadowRoots (#10019)
* Fixed bug preventing zipping temp files on Windows (#9987)
* Sang Pumpkin Carol (thanks Jari!)
4.0.3 (2021-10-20)
=========================
Firefox:
* Fixed bug avoiding camel casing prefs (#9944 thanks @glaszig)
Ruby:
* Fixed bug in Select class for finding by index (#9945)
Remote:
* Fixed bug preventing sending keys with an empty value
4.0.2 (2021-10-19)
=========================
Server:
* Fixed bug in new download code.
4.0.1 (2021-10-19)
=========================
Server:
* Fixed download by pointing to new storage location.
- Only supports Selenium 4 versions
* Added default value for Server::get and Server::download to use the
latest server version
4.0.0 (2021-10-13)
=========================
Ruby:
* Updated minimum required Ruby version to 2.6
* Updated minimum required rexml gem version due to vulnerability
Chrome:
* Added default values for Network Conditions so no longer need to specify
everything
Firefox:
* Fixed bug where Firefox prefs were converting snake case to camel case
pkgsrc change: correct MAINTAINER.
0.20.0 (2021-12-06)
* Allow Raindrops objects to be backed by a file
* doc: update with IMAP(S) URLs and improve descriptions
5.5.2 (2021-10-12)
Bugfixes
* Allow UTF-8 in HTTP header values
5.5.1 (2021-10-12)
Feature (added as mistake - we don't normally do this on bugfix releases,
sorry!)
* Allow setting APP_ENV in preference to RACK_ENV or RAILS_ENV (#2702)
Security
* Do not allow LF as a line ending in a header (CVE-2021-41136)
5.5.0 (2021-09-19)
Features
* Automatic SSL certificate provisioning for localhost, via localhost gem
(#2610, #2257)
* add support for the PROXY protocol (v1 only) (#2654, #2651)
* Add a semantic CLI option for no config file (#2689)
Bugfixes
* More elaborate exception handling - lets some dead pumas die. (#2700,
#2699)
* allow multiple after_worker_fork hooks (#2690)
* Preserve BUNDLE_APP_CONFIG on worker fork (#2688, #2687)
Performance
* Fix performance of server-side SSL connection close. (#2675)
0.6.1 (2021-07-01)
* Update URIs in gemspec
* Link to https URIs in README
* Updated / added test cases for aborting the parser
* Better handling on upgraded connections
* Added support for HTTP status reason
* Add status support to JRuby
* Ensure HTTP parser uses later version
* Added statuses to spec responses
* Provide better safety around on_status and on_url
* Updated line folder spec as per joyent/http_parser
* Updated spec for status support
* Removed unfinished parse_url support
* Update sub module http-parser to version 2.8.1
* Use HTTPS to download submodules
* Check value passed to set_header_value_type
0.7.0 (2021-07-02)
* Add bundler/gem_tasks
0.8.0 (2021-09-01)
* mark all threads are ractor-safe
* avoid referring class instance variable if possible
* add kwarg to avoid specifying (nil, type)
* update specs about Ractor/kwarg
* rename the unappropriate name
* check the number of arguments for the safe
* it does not need extreme performance
* Revert "Add status support to JRuby"
* Disable test for status on JRuby
* Make sure to inject rake task dependencies
* spec: Use appropriate encoding to check request_url & status
0.15.0 (2021-10-12)
* Revert "Easy::Operations#handle: Thread-safe cleanup (#136)"
* Add optional socket_action mode to Ethon::Multi
* Fix tests to clean up correctly, rely on ongoing? and not socket count.
* Fix tests from multi_socket_action addition.
* HTTPS proxies - support for own SSL/TLS session
* Added size_upload, size_download, speed_upload, speed_download to
available informations
3.36.0 (2021-10-24)
Changed
* Ruby 2.6.0+ is now required
* Minimum selenium-webdriver supported is now 3.142.7
Added
* Support for selenium-webdriver 4.x
* allow_label_click accepts click options to be used when clicking an
associated label
* Deprecated allow_gumbo= in favor of use_html5_parsing= to enable use of
Nokogiri::HTML5 when available
* Session#active_element returns the element with focus - Not supported by
the RackTest driver [Sean Doyle]
* Support focused: filter for finding interactive elements - Not supported
by the RackTest driver [Sean Doyle]
Fixed
* Sibling and ancestor queries now work with Simple::Node - Issue #2452
* rack_test correctly ignores readonly attribute on specific input element
types
* Node#all_text always returns a string - Issue #2477
* have_any_of_selectors negated match - Issue #2473
* Document#scroll_to fixed for standards behavior - pass quirks: true if you
need the older behavior [Eric Anderson]
* Use capture on attach file event listener for better React compatibility
[Jeff Way]
* Animation disabler produces valid HTML [Javi Martin]
Removed
* References to non-w3c mode in drivers/tests. Non-w3c mode is obsolete and
no one should be using it anymore. Capybara hasn't been testing/supporting
it in a while
0.9.27 (2021-11-29)
* Add support for Ruby 3.0 endless method definitions. (#1376, #1381)
* Add existence check for README file (#1367)
* Support module_function decorator (#1365)
* Add CommonMarker markup support (-m commonmarker) (#1157, #1388)
* Fix nested array parsing (#1389)
* Add WEBrick as a runtime dependency for Ruby 3.0 support (#1400)
* Support fail_on_warning option in yard stats command (#1392)
* Better integration with Sorbet (#1401)
* Handle include mixins on complex paths (#1386)
* Fix @!scope maintaining state in lone comment blocks (#1411)
* Remove support for Travis CI
5.3.0 (2021-10-29)
New Features
* add the future of endnote. //endnote specifies the content of the
endnote, @<endnote> specifies the reference to the endnote, and
//printendnotes places endnotes (#1724)
Bug Fixes
* fixed an error in new jlreq that caused it to become independent of ifthen
package (#1718)
* fixed an issue with hidden folio being set to all 1 when using
review-jsbook with TeXLive 2020 or later (#1720)
* fixed an error that occurred when a non-existent file was specified in the
coverimage parameter (#1726, #1729)
* it now warns when a non-existent file is specified in the titlefile,
creditfile, and profile parameters (#1730)
* fixed @<tcy> op error in review-jlreq. this op will be expanded into
\reviewtcy macro (#1733)
* fixed exception errors in review-vol and review-index (#1740)
* fixed forgetting to copy __IMGMATH_BODY__.tex when math compiling error
occurs (#1747)
* fixed the problem that the position of //beginchild and //endchild is not
displayed when an error occurs (#1742)
* fixed a build error when using //graph op (#1744)
* fixed undefined variable in epubmaker.rb (#1755)
* fixed execution error in review-catalog-converter (#1753)
Enhancements
* warnings are now given when footnotes (//footnote) and endnotes
(//endnote) are defined but not referenced (@<fn>, @<endnote>) (#1725)
* \includefullpagegraphics macro that pastes an image over the entire page
now supports vertical writing (#1734)
* try to find plantuml.jar from the working folder, /usr/share/plantuml, or
/usr/share/java (#1760)
Docs
* format.ja.md, format.md: fixed a mistake in the command line for creating
SVG formulas (#1748)
Others
* added tests for Ruby 2.7 for Windows (#1743)
* refactor code with Rubocop 1.22.1 (#1759)
Contributors
* @munepi
* @huideyeren
On a microvax 3900 with qt0 ethernet, dhcp did not work because
a) netbsd doesn't receive broadcasts on qt0 (unless promiscuous mode is set)
b) the dhcp reply was sent as a broadcast.
This update fixes b) which is under control of simh.
Changes since previous snapshot (new to old):
ETHER: Fix NAT dhcp behavior to properly respond to the MAC of the requestor
SCP, makefile: Rename build conditional HAVE_DLOPEN to SIM_HAVE_DLOPEN
SCP: Prefer Posix 'command -v' over 'which'
AltairZ80: Improved vector interrupt implementation
SCSI, VAX & PDP11: Force Read Only attach for CDROM devices
SCP: Provide commit id information when archived simh content is used
H316: The UDP code doesn't need anything from h316_defs.h.
DISK: Properly allow/disallow containers of reasonable/unreasonavle sizes
DISK: Preserve container dates when adding or removing container meta data
FIO: Add support to set file access and modify times
makefile: Fix minor line ending inconsistencies
makefile: Support both .so and .a link libraries on Linux
FIO: Emit reasonable error message when shm_open() API isn't available locally
PDP8: Fix device conflict warnings to report problems correctly
3b2: Remove glibc-specific longjmp
TIMER: Be less aggressive to disable throttling after initial calibration
H316: Call the host interface TX service routine.
H316: Fix debugging host interface messages.
H316: Signal the host/IMP ready bits in the host interface.
H316: Fix reading messages from the host interface.
H316: Fix host interface word counts.
1.5.7 (2021-10-07)
* emergency fix for datatracker bibxml URIs that might trigger caching bug
1.5.8 (2021-10-07)
* Extend /xml -> .xml datatracker workaround to
kramdown-rfc-cache-i-d-bibxml
1.5.9 (2021-10-14)
* Work around bibxml8 http:// target
1.5.10 (2021-10-15)
* allow parens in DOI
1.5.11 (2021-10-19)
* New diagram tools: "protocol", "protocol-goat"
1.5.12 (2021-10-20)
* aasvg and protocol-aasvg support
1.5.13 (2021-10-29)
* Support auto-linking via abbrevs and # syntax
1.5.14 (2021-10-29)
* provide artwork-{txt,svg}-options for svg tools; Close#135
1.5.15 (2021-10-30)
* Prototype "Discussion Venues" mechanism
venue:
group: JSON Path
mail: jsonpath@ietf.org
github: ietf-wg-jsonpath/draft-ietf-jsonpath-base
* (add arch: for non-default mail archive and type: for non-default group
type)
* Also: make noabbrev available as a pseudo-attribute
1.5.16 (2021-11-01)
* work around gettalong/kramdown#717:
(line breaks in abbrev usage caused the abbrev to not match)
1.5.17 (2021-11-19)
* Add keys to venue block:
- `repo` for non-github repos
- `home` for a WG homepage
* Add json check, json-from-yaml to code block
1.5.18 (2021-11-29)
* Add more keys to venue block:
- `latest` for a pointer to the latest revision
- `text` for additional text (sent through markdown;
can be an array for multiple paragraphs)
* Rename venue note to "About This Document".
* Add datatracker link if a docname is available.
* Increase robustness.
1.5.19 (2021-11-29)
* v3 rfc attributes update
- Move four "processing instructions" into `<rfc` attributes in v3
- Handle indexInclude like another one of these PIs
- Default to consensus: true for cat: std or bcp
1.5.20 (2021-12-01)
* Fix#150 (v2 regression fail): ParameterSet: skip nil in #attrs parameter
list
1.5.21 (2021-12-01)
* Fix more PI regressions
2.83.0 (2021-10-21)
* Remove fallback from checking services to checking processes
2.83.1 (2021-10-26)
* Use 'onestatus' to check if services are running on FreeBSD
* Remove Ruby 1.9 from CI and add 2.7 and 3.0
4.2.4 (2021-09-13)
* (FACT-3062) Remove snyk test on PR
* (FACT-3060) Update mountpoints regex
* (FACT-3062) Fix snyk_monitor workflow
4.2.5 (2021-09-29)
* (FACT-3059) Fix AIX reporting odd number of arguments for Hash
* (FACT-3057) Downcase environment facts
* (FACT-3063) OS 11 arm64 processors shifted output
* Revert "(maint) Skip os facts in acceptance on Debian 11 - 4.x"
* (FACT-3073) Fix timeout option processing for
Facter::Core::Execution.execute
* (FACT-3073) Emit a warning when unsupported options are used
* (FACT-3073) Add unit tests for options processing
* (FACT-3073) Improve documentation formatting
* (FACT-3047) --http_debug cli shows HTTP debug logs in Facter 4
* (FACT-3067) Fix resolution of custom facts that partial match legacy fact
names
* (FACT-2955) Only use the available processors (4.x)
* (FACT-3075) Fix the os.release fact on Windows 2022
* (FACT-3058) Fix os.windows.release_id and add `os.windows.display_version`
fact
Changelog:
New
* RLBox --- a new technology that hardens Firefox against potential security
vulnerabilities in third-party libraries --- is now enabled on all
platforms.
* Good news! You can now download Firefox from the Microsoft Store on Windows
10 and Windows 11 platforms.
* We've reduced CPU usage on macOS in Firefox and WindowServer during event
processing.
* We've also reduced the power usage of software decoded video on macOS,
especially in fullscreen. This includes streaming sites such as Netflix and
Amazon Prime Video.
* You can now move the Picture-in-Picture toggle button to the opposite side
of the video. Simply look for the new context menu option Move
Picture-in-Picture Toggle to Left (Right) Side.
* To better protect Firefox users against side-channel attacks such as
Spectre, Site Isolation is now enabled for all Firefox 95 users.
Fixed
* After starting Firefox, users of the JAWS screen reader and ZoomText
magnifier will no longer need to switch applications in order to access
Firefox.
* You'll find the state of controls using the ARIA switch role is now
correctly reported by Mac OS VoiceOver.
* You'll see a faster content process startup on macOS.
* We've also made memory allocator improvements.
* And we've improved page load performance by speculatively compiling
JavaScript ahead of time.
* Various security fixes
Changed
* We've added a User Agent override for Slack.com, which allows Firefox
users to use more Call features and have access to Huddles.
Security fixes:
Mozilla Foundation Security Advisory 2021-52
#CVE-2021-43536: URL leakage when navigating while executing asynchronous
function
#CVE-2021-43537: Heap buffer overflow when using structured clone
#CVE-2021-43538: Missing fullscreen and pointer lock notification when
requesting both
#CVE-2021-43539: GC rooting failure when calling wasm instance methods
#MOZ-2021-0010: Use-after-free in fullscreen objects on MacOS
#CVE-2021-43540: WebExtensions could have installed persistent ServiceWorkers
#CVE-2021-43541: External protocol handler parameters were unescaped
#CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of
an external protocol handler
#CVE-2021-43543: Bypass of CSP sandbox directive when embedding
#CVE-2021-43544: Receiving a malicious URL as text through a SEND intent could
have led to XSS
#CVE-2021-43545: Denial of Service when using the Location API in a loop
#CVE-2021-43546: Cursor spoofing could overlay user interface when native
cursor is zoomed
#MOZ-2021-0009: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
