3.35.2 (2018-08-06)
- Fix functionality of --site and --local command-line options
- MSW: Fix local rename not updating file list
- OS X: Fix compatibility with old CPUs not supporting SSE4
1.3.6:
- gevent now depends on greenlet 0.4.14 or above. gevent binary wheels
for 1.3.5 and below must have greenlet 0.4.13 installed on Python
3.7 or they will crash.
- :class:gevent.local.local subclasses correctly supports @staticmethod functions.
1.3.5:
- Update the bundled libuv from 1.20.1 to 1.22.0.
- Test Python 3.7 on Appveyor. Fix the handling of Popen's
close_fds argument on 3.7.
- Update Python versions tested on Travis, including PyPy to 6.0.
- :mod:gevent.queue imports _PySimpleQueue instead of
SimpleQueue so that it doesn't block the event loop.
:func:gevent.monkey.patch_all makes this same substitution in
:mod:queue. This fixes issues with
:class:concurrent.futures.ThreadPoolExecutor as well.
- :meth:gevent.socket.socket.connect doesn't pass the port (service)
to :func:socket.getaddrinfo when it resolves an AF_INET or
AF_INET6 address. (The standard library doesn't either.) This
fixes an issue on Solaris.
- :meth:gevent.socket.socket.connect works with more address
families, notably AF_TIPC, AF_NETLINK, AF_BLUETOOTH, AF_ALG and AF_VSOCK.
Changes:
1.5.1
-----
- Added support for:
* `piczel` - https://piczel.tv/
- Added support for related pins on `pinterest`
- Fixed accessing "offensive" galleries on `exhentai` (#97)
- Fixed extraction issues for `mangadex`, `komikcast` and `behance`
- Removed original-image functionality from `tumblr`, since "raw"
images are no longer accessible
(Still using xorg-server 1.17, up to 1.20 is supported.)
The new TigerVNC 1.9.0 is now available. Lots of changes have been made
since the last release, but the highlights are:
- Alternative, "raw" keyboard mode in the native client and all servers
- CapsLock/NumLock/ScrollLock synchronisation in the native client and all servers
- Automatic "repair" of JPEG artefacts on screen in all servers
- Support for UNIX sockets in the native client and in the UNIX servers
- Both clients now warn when sending the password over a possibly insecure channel
- Performance improvements in the Java client
- The Java client now requires Java 7
- Improved high latency handling in all servers
- Better keyboard handling in the native client on Windows
- Slightly better keyboard handling in x0vncserver
- x0vncserver now supports cursors and screen resize
- Xorg 1.20 can now be used as a base for Xvnc/libvnc.so
4.1.3:
Improvements
: pdnsutil: use new domain in b2bmigrate
: Update copyright years to 2018
: Lower ‘packet too short’ loglevel
Bug Fixes
: Restrict creation of OPT and TSIG RRsets
: Fix handling of user-defined axfr filters return values
: Prevent the GeoIP backend from copying NetMaskTrees around, fixes slow-downs in certain configurations
: Ensure alias answers over TCP have correct name
Wireshark 2.6.2 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2018-34[1]
• BGP dissector large loop. Bug 13741[2]. CVE-2018-14342[3].
• wnpa-sec-2018-35[4]
• ISMP dissector crash. Bug 14672[5]. CVE-2018-14344[6].
• wnpa-sec-2018-36[7]
• Multiple dissectors could crash. Bug 14675[8]. CVE-2018-14340[9].
• wnpa-sec-2018-37[10]
• ASN.1 BER dissector crash. Bug 14682[11]. CVE-2018-14343[12].
• wnpa-sec-2018-38[13]
• MMSE dissector infinite loop. Bug 14738[14]. CVE-2018-14339[15].
• wnpa-sec-2018-39[16]
• DICOM dissector crash. Bug 14742[17]. CVE-2018-14341[18].
• wnpa-sec-2018-40[19]
• Bazaar dissector infinite loop. Bug 14841[20].
CVE-2018-14368[21].
• wnpa-sec-2018-41[22]
• HTTP2 dissector crash. Bug 14869[23]. CVE-2018-14369[24].
• wnpa-sec-2018-42[25]
• CoAP dissector crash. Bug 14966[26]. CVE-2018-14367[27].
The following bugs have been fixed:
• ISMP.EDP "Tuples" dissected incorrectly. Bug 4943[28].
• Wireshark - Race issue when switching between files using
Wireshark’s "Files in Set" dialog. Bug 10870[29].
• Sorting on "Source port" or "Destination port" column sorts
alphabetically, not numerically. Bug 11460[30].
• Wireshark crashes when changing profiles. Bug 11648[31].
• Crash when starting capture while saving capture file or
rescanning file after display filter change. Bug 13594[32].
• Crash when switching to TRANSUM enabled profile. Bug 13697[33].
• TCP retransmission with additional payload leads to incorrect
bytes and length in stream. Bug 13700[34].
• Wireshark crashes with single quote string display filter. Bug
14084[35].
• randpkt can write packets that libwiretap can’t read. Bug
14107[36].
• Wireshark crashes when loading new file before previous load has
finished. Bug 14351[37].
• Valid packet produces Malformed Packet: OpcUa. Bug 14465[38].
• Error received from dissect_wccp2_hash_assignment_info(). Bug
14573[39].
• CRC checker wrong for FPP. Bug 14610[40].
• Cross-build broken due to make-dissectors and make-taps. Bug
14622[41].
• Extraction of SMB file results in wrong size. Bug 14662[42].
• 6LoWPAN dissector merges fragments from different sources. Bug
14700[43].
• IP address to name resolution doesn’t work in TShark. Bug
14711[44].
• "Decode as" Modbus RTU over USB doesn’t work with 2.6.0 but with
2.4.6. Bug 14717[45].
• proto_tree_add_protocol_format might leak memory. Bug 14719[46].
• tostring for NSTime objects in lua gives wrong results. Bug
14720[47].
• Media type "application/octet-stream" registered for both Thread
and UASIP. Bug 14729[48].
• Crash related to SCTP tap. Bug 14733[49].
• Formatting of OSI area addresses/address prefixes goes past the
end of the area address/address prefix. Bug 14744[50].
• ICMPv6 Router Renumbering - Packet Dissector - malformed. Bug
14755[51].
• WiMAX HARQ MAP decoder segfaults when length is too short. Bug
14780[52].
• HTTP PUT request following a HEAD request is not correctly
decoded. Bug 14793[53].
• SYNC PDU type 3 miss the last PDU length. Bug 14823[54].
• Reversed 128 bits service UUIDs when Bluetooth Low Energy
advertisement data are dissected. Bug 14843[55].
• Issues with Wireshark when the user doesn’t have permission to
capture. Bug 14847[56].
• Wrong description when LE Bluetooth Device Address type is
dissected. Bug 14866[57].
• LE Role advertisement type (0x1c) is not dissected properly
according to the Bluetooth specification. Bug 14868[58].
• Regression: Wireshark 2.6.0 and 2.6.1 are unable to read NetMon
files which were readable by previous versions. Bug 14876[59].
• Wireshark doesn’t properly display (deliberately) invalid 220
responses from Postfix. Bug 14878[60].
• Follow TCP Stream and click reassembled content moves you to
incorrect current packet. Bug 14898[61].
• Crash when changing profiles while loading a capture file. Bug
14918[62].
• Duplicate PDU during C Arrays Output Export. Bug 14933[63].
• DCE/RPC not dissected when "reserved for use by implementations"
flag bits set. Bug 14942[64].
• Follow TCP Stream truncates output on missing (but ACKed)
segments. Bug 14944[65].
• There’s no option to include column headings when printing
packets or exporting packet dissections with Qt Wireshark. Bug
14945[66].
• Qt: SCTP Graph Dialog: Abort when doing analysis. Bug 14971[67].
• CMake is unable to find LUA libraries. Bug 14983[68].
Updated Protocol Support
6LoWPAN, ASN.1 BER, Bazaar, BGP, Bluetooth, Bluetooth HCI_CMD, CIGI,
Cisco ttag, CoAP, Data, DCERPC, Diameter 3GPP, DICOM, DOCSIS, FPP,
GSM A GM, GTPv2, HTTP, HTTP2, IAX2, ICMPv6, IEEE 1722, IEEE 802.11,
IPv4, ISMP, LISP, MMSE, MTP3, MySQL, NFS, OpcUa, PPI GPS, Q.931,
RNSAP, RPCoRDMA, S1AP, SCTP, SMB, SMTP, STUN, SYNC, T.30, TCP,
TRANSUM, WAP, WCCP, Wi-SUN, WiMax HARQ Map Message, and WSP
New and Updated Capture File Support
Alcatel-Lucent Ascend and Microsoft Network Monitor
Changes in libsoup from 2.62.2 to 2.62.3:
* Check for trailing dots in domains [#5, Claudio Saavedra]
* Set default cookie path for NULL origins [#1, Adrian Perez de Castro]
* Use atomic-refcounting in classes that are not using GObject-refcounting
[bgo#785110, Edward Hervey]
* Many Coverity-found code fixes [bgo#781771, Milan Crha]
* Bail out on cookie-jar calls with empty hostnames [#3, Michael Catanzaro]
Note: from now onwards bgo# references bugs in GNOME Bugzilla
and # issues in GNOME gitlab.
1.0.3
=====
- Avoid a crash in gupnp_root_device_constructor
- Propagage User-Agent from Cache
- Fix potential issue with boolean vs. bitwise evaluation
- Fix a crash in GUPnPServiceProxy::subscription_expire
- Accept broken Action header without the "
- Fix issue with strcpy destination buffer size in linux context manager
3.35.1 (2018-07-23)
- Fix context menu in search dialog
3.35.0 (2018-07-23)
+ Improved appearance of activity indicators, sort direction indicators, and quick search panel buttons on high-DPI displays
3.35.0-rc2 (2018-07-17)
- OS X: Fix dependency problem in build system
3.35.0-rc1 (2018-07-16)
+ Add option to settings dialog to have FileZilla restore tabs and connections after a restart
- Fix initial size of Site Manager being too small on some systems
3.34.0 (2018-06-15)
+ After deleting files, the focus rectangle now stays near the previously deleted file
3.34.0-rc1 (2018-06-08)
+ Refactoring of the Site Manager internals
+ Moved protocol selection to the top in the Site Manager
+ Adjusted spacing in the Site Manager
+ Slightly reduced height of certificate details dialog
- MSW: Properly quote the uninstall command in the registry
- Updated builtin pugixml to version 1.9
0.13.0 (2018-07-16)
+ Add bool return value to replace_substrings to indicate whether something has been replaced.
+ fz::sprintf: Added %c format specifier
- MSW: Work around problematic DLL export of templates, timers now work if libfilezilla has been built as DLL
0.11.0:
Add putfo() method, allowing one to upload a file-like object
Add top-level get() and put() functions for convenience
Increase default socket time from 5 to 10 seconds
17.1.2:
Fix possible hang when working with asyncio
Remove some outdated workarounds for old Cython versions
Fix some compilation with custom compilers
Remove unneeded link of libstdc++ on PyPy
pkgsrc changes:
- Update DISTNAME, PKGNAME, MASTER_SITES and HOMEPAGE
- Take MAINTAINERship (discussed via private email with previous MAINTAINER)
- Remove (not so useful) MESSAGE
- Avoid NO_CONFIGURE=yes, also if a package does not provide a configure script
it is not needed and can lead to confusion due the several configure targets
that are removed
- Add several variable to BUILD_DEFS
- Honor GEOMYIDAE_USER, GEOMYIDAE_GROUP and GEOMYIDAE_ROOTDIR variables that
will respectively set the default user, group and rootdir of geomyidae
- Instead of copypasting several rc scripts write a new one ad-hoc for pkgsrc
that by default will run geomyidae unprivileged honoring the several
GEOMYIDAE_* variables.
If `geomyidae_flags' is defined in rc.conf these defaults are ignored.
- Do not install a LICENSE file (we have the LICENSE variable for it!)
Changes:
Geomyidae v0.32.2 fixes release
-------------------------------
Another fixes release for geomyidae is out. Now hopefully the OpenBSD people
fixed the whole pledge support in geomyidae.
Geomyidae v0.32.1 fixes release
-------------------------------
Soon after the v0.32 release I received patches, which I do not want to miss
in mainline.
* Fix and make OpenBSD pledge support better.
* Fix a typo in the slackware init script.
Thanks for all who sent in patches! All further patches are welcome!
Geomyidae v0.32 Release
-----------------------
I am glad to announce the release of geomyidae v0.32. Thanks to all the
contributors and people giving ideas!
Here is what changed:
* Minor fixed in the manpage, CGI handling and tools.
* Add example for tt escaping in the manpage.
* Add nocgi flag, which disables CGI execution.
* Add OpenBSD pledge support.
Geomyidae v0.31.1 release
-------------------------
There has been a geomyidae v0.31.1 release which fixes a major issue of the
pending bytes logic from v0.31.
Have fun!
Geomyidae v0.31 release
-----------------------
I am proud to announce the geomyidae v0.31 release. There were
some major issues fixed, so a new release is necessary:
* There is now gph vim syntax highlighting files in the archive.
* Gopher+ compatibility mode.
* No sockets are left behind anymore.
* New log format of geomyidae is now documented in the manpage.
* There was some ugly bug with curl connecting to a Linux system, where after
close() some bytes were lost. Now some check is added to be sure all data
has been sent to the client. If you want to have bad dreams, look at the
curl sourcecode.
Thanks for everyone contributing!
Geomyidae v0.30 release
-----------------------
What is new?
* The gph format now allows escaping of '|' characters. See the example
index.gph file in the distribution for how to or the manpage.
* Geomyidae has happy helping snowman support to help you with your dynamic
gph content generation in geomyidae. In case you add some spurious tab,
this little guy will appear and inform you about what happened.
* There is now a Links file for links to software related to application
development for geomyidae.
* The gentoo init.d script has been fixed.
* A slackware rc file was added.
* The makefile is now POSIX-compliant.
* The log format has been changed to be easier parsable for all kind of log
analyzers. (`[YYYY-MM-DD HH:mm:SS +ZZZZ|client|clientport|status] selector')
* A flag to not perform reverse lookups in log files has been added.
* Implement some CGI variables for cgi and dcgi. See the manpage for which
ones are available. Here you can see REMOTE_ADDR in action:
gopher://bitreich.org/0/ip
Geomyidae 0.29 release
----------------------
I am happy to announce the 0.29 release of geomyidae, a simple gopher server.
What has been changed:
* the OpenBSD rc.d files have been fixed due to arg.h fixes
* index.bin support added
* Create a file with the raw gopher menu content in a directory and is
served by geomyidae.
* This is useful for scripts generating static gopher content
* This is useful for serving a backup of a gopherhole.
* show errors on fork, in case there are constraints on process resources
* care for send errors
* huge speed up on different platforms when transferring huge binary files
* Linux is using sendfile(2) and TCP_CORK
* FreeBSD and DragonflyBSD are using sendfile(2)
* TCP_NOPUSH is used on all BSDs
* TCP_NODELAY is disabled on nearly all platforms
* other platforms (like OpenBSD) have a speed increase due to an
alignment of the send buffer to blocksize of the socket
I want to thank all contributors! All patches are welcome!
Geomyidae 0.28 release
----------------------
What's new in geomyidae?
* The parsing of gph files is now more liberal. When you do something wrong,
it will most of the time just display the line.
* DCGI speed was increased massively.
* Error messages are now more useful.
* More files are now handled as text files automatically.
* The OpenBSD rc.d file was fixed to modern days.
* Typos have been fixed.
Geomyidae 0.27 release
----------------------
I am proud to announce the 0.27 release of geomyidae.
* dramatic improvement of serving speed
* security fixes
* a OpenBSD rc.d file was added
* the manpage has been updated to the current state
* there is no support for index.gph, index.dcgi and index.cgi,
which helps to write more REST-friendly apps
I want to thank all contributors. All patches are welcome!
Update bind99 to 9.9.13pl1 (9.9.13-P1).
--- 9.9.13-P1 released ---
4997. [security] named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was
in use. (CVE-2018-5740) [GL #387]
Update bind910 to 9.10.8pl1 (9.10.8-P1).
--- 9.10.8-P1 released ---
4997. [security] named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was
in use. (CVE-2018-5740) [GL #387]
pkgsrc changes:
- Instead of maintaining patches/patch-setup.py rewrite the logic to avoid
too strict version dependencies via SUBST.
Changes:
31 July 2018: mitmproxy 4.0.4
* Security: Protect mitmweb against DNS rebinding. (CVE-2018-14505, @atx)
* Reduce certificate lifetime to two years to be conformant with
the current CA/Browser Forum Baseline Requirements. (@muffl0n)
(https://cabforum.org/2017/03/17/ballot-193-825-day-certificate-lifetimes/)
* Update cryptography to version 2.3.
15 June 2018: mitmproxy 4.0.3
* Add support for IPv6 transparent mode on Windows (#3174)
* Add Docker images for ARMv7 - Raspberry Pi (#3190)
* Major overhaul of our release workflow - you probably won't notice it, but for us it's a big thing!
* Fix the Python version detection on Python 3.5, we now show a more intuitive error message (#3188)
* Fix application shutdown on Windows (#3172)
* Fix IPv6 scope suffixes in block addon (#3164)
* Fix options update when added (#3157)
* Fix "Edit Flow" button in mitmweb (#3136)
15 June 2018: mitmproxy 4.0.2
* Skipped!
From Mike Pumford on pkgsrc-users@
Three years of changes including
+ lldpcli can now display local interfaces with LLDP data sent on
each of them ("show interfaces").
+ Attach remote TTL to port instead of chassis.
+ Maximum number of neighbors for an interface is increased from 4 to 32.
+ Fix 100% CPU on some rare error condition.
+ Ability to change multicast MAC address to two additional values
to reach customer bridges.
+ Ensure large netlink messages can be received.
+ Update LLDP-MED policy L2 priority values to match
802.1Q-2005. This may be a breaking change.
4.2.1:
- **Result Backend**: Fix deserialization of exceptions that are present in the producer codebase but not in the consumer codebase.
- **Message Protocol Compatibility**: Fix error caused by an invalid (None) timelimit value in the message headers when migrating messages from 3.x to 4.x.
- **Result Backend**: Fix serialization of exception arguments when exception arguments are not JSON serializable by default.
- **Worker**: Fixed multiple issues with rate limited tasks
Maintain scheduling order.
Fix possible scheduling of a :class:celery.worker.request.Request with the wrong :class:kombu.utils.limits.TokenBucket which could cause tasks' rate limit to behave incorrectly.
Fix possible duplicated execution of tasks that were rate limited or if ETA/Countdown was provided for them.
- **Worker**: Defensively handle invalid timelimit header values in requests.
Changes:
- On Unix-like systems, the server can run as an unprivileged user,
and the main process will automatically restart if an error occurs.
- pledge() on OpenBSD.
- New "offline" mode to serve queries locally without contacting any
upstream servers. This can be especially useful along with the
cloaking module for local development.
- New logo.
- TTL of OPT records is properly ignored by the caching module.
- The proxy doesn't quit any more if new TCP connections cannot be
created.
Notable changes:
- Eliminate grpcio package dependency on protobuf package
- A new grpc.Channel.close method is introduced and correct use of
gRPC Python now requires that channels be closed after use.
- Python errors have become more verbose.
- GRPC_ENABLE_FORK_SUPPORT=false is no longer required when running
fork-exec.
- Relying on an explicit with statement or explicitly calling
Channel.close to release the underlying resources in Channel objects
is now a required coding practice starting in v1.13.0.
New features:
- Add support for more than one TLS certificate
- Add a negative ttl option to the packet cache
- Add the ability to dump a summary of the cache content
- Add netmask-based {ex,in}clusions to DynblockRulesGroup
- Add DNSAction.NoOp to debug dynamic blocks
- Add SetECSAction to set an arbitrary outgoing ecs value
- Add support for rotating certificates and keys
Notable changes since 1.11.0:
- Make GrpcBuffer{Reader|Writer} Public
- Compile Out Tracers Option
- Add RpcException.StatusCode property
- gRPC stats will only be collected for debug builds or if
GRPC_COLLECT_STATS is defined.
- cmake install now also installs should also installs the roots.pem
file
Each R package should include ../../math/R/Makefile.extension, which also
defines MASTER_SITES. Consequently, it is redundant for the individual
packages to do the same. Package-specific definitions also prevent
redefining MASTER_SITES in a single common place.
Upstream changes:
mikutter 3.7.4
* change to get thumnails of gyazo via Twitter Card
* thanks cob odo
* support quoted_tweet by perma_link for tweets with mobile.twitter.com
* thanks cob odo
* use fileselect to choose a browser
* thanks cob odo
* twitter: change character count method to using weighted length
* Tweeting Made Easier
https://blog.twitter.com/official/en_us/topics/product/2017/tweetingmadeeasier.html
* appease tons of Gdk-CRITICAL error messages
* thanks ncaq net
* misc improvements of photo_support plugin
* unify code to get images via og:image for OpenGraphProtocol (OGP)
* also unify code to get images via OGP and via Twitter Card
* support specification updates of Twitter Card
* could not get Fotolog images
* support marshmallow https://marshmallow-qa.com/ as an image hosting service
* support peing https://peing.net/ja as an image hosting service
* thanks cob odo
This improves privacy by restricting cookies to a well-known list of
public suffixes.
We can consider turning that option on by default in the future.
Fixes PR pkg/53459.
