2015-02-27 18:29
* New version 0.7.1 - to be used with xfce4-settings 4.11 or later;
do *not* use this version with XFCE 4.8 or 4.10, it won't work!
* Many translation updates
* Fix crash in xkb_util_normalize_group_name
* Add Montenegrin flag; add el.svg as a synonym for gr.svg
3.9.0 -> 3.9.1
- Fix off-by-one error which can lead to crash when copytruncate is used.
3.8.9 -> 3.9.0
- Fix crash when using long dateformat. [nmerdan]
- Add support for %H dateformat. [czchen]
- Fix regression introduced in 3.8.9 when when rotating multiple
logs when one of them is missing.
- In the debug mode, do not skip the code-path which handles the case when
the last rotation does not exist. [Sergey Vidishev]
- Show more precise description when "log does not need rotating".\
- Add new -l option to log verbose output to file. The file is overwritten
on every logrotate execution.
- Allow rotation of sparse files with copytruncate.
PKgsrc changes :
Switched from old Makefile to new building procedure, using autogen,
configure and (g)make, which was introduced in version 3.8.8.
The new patch file contains a workaround to get the new building procedure
working.
-----------------
* Use the new GtkTooltip API
* Fix a memory leak in the FreeBSD codepath (#11153)
* Add support for FreeBSD (bug #10350)
* New translations: th, ms, bg, oc, hr, en_AU, sr
* Updated translations: ar, ast, bg, cs, de, es, fr, it,
hr, hu. ko, nb, nl, ug, pl, sv, tr, zh_CN, zh_TW
- pkgin changed its output delimiter from a space to ';' when outputting
to a non-tty, breaking various configuration management systems which
relied on the previous behaviour. Handle both types in ansible until
NetBSDfr/pkgin#46 is resolved.
- OS X 10.10 changed the behaviour of sysctl(8) to hide certain entries
unless they are explicitly named. Apply patch to fix hw.model and
hw.usermem from https://github.com/ansible/ansible/pull/8171/files
Clean up patches while here. Bump PKGREVISION.
Note that the patch for XSA135 for qemu-traditional, which was
no applied to the 4.5 branch before the release due to an oversight,
is applied here (xentools45/patches/patch-XSA135).
Selected entries from the relase notes:
a246727: cpupool: fix shutdown with cpupools with different schedulers [Dario Faggioli]
5b2f480: libelf: fix elf_parse_bsdsyms call [Roger Pau Monné]
8faef24: VT-d: extend quirks to newer desktop chipsets [Jan Beulich]
24fcf17: x86/VPMU: add lost Intel processor [Alan Robinson]
131889c: x86/crash: don't use set_fixmap() in the crash path [Andrew Cooper]
8791a30: x86/apic: Disable the LAPIC later in smp_send_stop() [Andrew Cooper]
fbd26f2: x86/pvh: disable posted interrupts [Roger Pau Monné]
0d8cbca: libxl: In libxl_set_vcpuonline check for maximum number of VCPUs against the cpumap. [Konrad Rzeszutek Wilk]
bf06e40: libxl: event handling: ao_inprogress does waits while reports outstanding [Ian Jackson]
97051bd: libxl: event handling: Break out ao_work_outstanding [Ian Jackson]
0bc9f98: x86/traps: loop in the correct direction in compat_iret() [Andrew Cooper]
fcfbdb4: gnttab: add missing version check to GNTTABOP_swap_grant_ref handling [Jan Beulich]
09f76cb: cpupools: avoid crashing if shutting down with free CPUs [Dario Faggioli]
f237ee4: cpupool: assigning a CPU to a pool can fail [Dario Faggioli]
b986072: xen: common: Use unbounded array for symbols_offset. [Ian Campbell]
5eac1be: x86/irq: limit the maximum number of domain PIRQs [Andrew Cooper]
9c3d34d: x86: don't unconditionally touch the hvm_domain union during domain construction [Andrew Cooper]
9d5b2b0: tools/xenconsoled: Increase file descriptor limit [Andrew Cooper]
cfc4c43: ocaml/xenctrl: Fix stub_xc_readconsolering() [Andrew Cooper]
032673c: ocaml/xenctrl: Make failwith_xc() thread safe [Andrew Cooper]
c91ed88: ocaml/xenctrl: Check return values from hypercalls [Andrew Cooper]
fa62913: libxl: Domain destroy: fork [Ian Jackson]
c9b13f3: libxl: Domain destroy: unlock userdata earlier [Ian Jackson]
0b19348: libxl: In domain death search, start search at first domid we want [Ian Jackson]
ddfe333: x86: don't change affinity with interrupt unmasked [Jan Beulich]
bf30232: x86: don't clear high 32 bits of RAX on sub-word guest I/O port reads [Jan Beulich]
a824bf9: x86_emulate: fix EFLAGS setting of CMPXCHG emulation [Eugene Korenevsky]
f653b7f: x86/hvm: implicitly disable an ioreq server when it is destroyed [Paul Durrant]
8dbdcc3: x86/hvm: actually release ioreq server pages [Paul Durrant]
56fe488: x86/hvm: fix the unknown nested vmexit reason 80000021 bug [Liang Li]
4a52101: VT-d: improve fault info logging [Jan Beulich]
5a7c042: x86/MSI: fix error handling [Jan Beulich]
51d8325: LZ4 : fix the data abort issue [JeHyeon Yeon]
0327c93: hvmloader: don't treat ROM BAR like other BARs [Jan Beulich]
f2e08aa: domctl/sysctl: don't leak hypervisor stack to toolstacks [Andrew Cooper]
3771b5a: arm64: fix fls() [Jan Beulich]
9246d2e: domctl: don't allow a toolstack domain to call domain_pause() on itself [Andrew Cooper]
f5bca81: Limit XEN_DOMCTL_memory_mapping hypercall to only process up to 64 GFNs (or less) [Konrad Rzeszutek Wilk]
7fe1c1b: x86: don't apply reboot quirks if reboot set by user [Ross Lagerwall]
969df12: Revert "cpupools: update domU's node-affinity on the cpupool_unassign_cpu() path" [Jan Beulich]
483c6cd: honor MEMF_no_refcount in alloc_heap_pages() [Jan Beulich]
6616c4d: tools: libxl: Explicitly disable graphics backends on qemu cmdline [Ian Campbell]
d0b141e: x86/tboot: invalidate FIX_TBOOT_MAP_ADDRESS mapping after use [Jan Beulich]
902998e: x86emul: fully ignore segment override for register-only operations [Jan Beulich]
25c6ee8: pre-fill structures for certain HYPERVISOR_xen_version sub-ops [Aaron Adams]
7ef0364: x86/HVM: return all ones on wrong-sized reads of system device I/O ports [Jan Beulich]
3665563: tools/libxc: Don't leave scratch_pfn uninitialised if the domain has no memory [Andrew Cooper]
75ac8cf: x86/nmi: fix shootdown of pcpus running in VMX non-root mode [Andrew Cooper]
1e44c92: x86/hvm: explicitly mark ioreq server pages dirty [Paul Durrant]
2bfef90: x86/hvm: wait for at least one ioreq server to be enabled [Paul Durrant]
d976397: x86/VPMU: disable when NMI watchdog is on [Boris Ostrovsky]
84f2484: libxc: introduce a per architecture scratch pfn for temporary grant mapping [Julien Grall]
6302c61: Install libxlutil.h [Jim Fehlig]
d8e78d6: bunzip2: off by one in get_next_block() [Dan Carpenter]
8a855b3: docs/commandline: correct information for 'x2apic_phys' parameter [Andrew Cooper]
3a777be: x86: vcpu_destroy_pagetables() must not return -EINTR [Konrad Rzeszutek Wilk]
1acb3b6: handle XENMEM_get_vnumainfo in compat_memory_op [Wei Liu]
4eec09f: x86: correctly check for sub-leaf zero of leaf 7 in pv_cpuid() [Jan Beulich]
7788cbb: x86: don't expose XSAVES capability to PV guests [Jan Beulich]
4cfc54b: xsm/evtchn: never pretend to have successfully created a Xen event channel [Andrew Cooper]
2fdd521: common/memory: fix an XSM error path [Jan Beulich]
ad83ad9: x86emul: tighten CLFLUSH emulation [Jan Beulich]
1928318: dt-uart: use ':' as separator between path and options [Ian Campbell]
9ae1853: libxl: Don't ignore error when we fail to give access to ioport/irq/iomem [Julien Grall]
In addition, this release also contains the following fixes to qemu-traditional:
afaa35b: ... by default. Add a per-device "permissive" mode similar to pciback's to allow restoring previous behavior (and hence break security again, i.e. should be used only for trusted guests). [Jan Beulich]
3cff7ad: Since the next patch will turn all not explicitly described fields read-only by default, those fields that have guest writable bits need to be given explicit descriptors. [Jan Beulich]
ec61b93: The adjustments are solely to make the subsequent patches work right (and hence make the patch set consistent), namely if permissive mode (introduced by the last patch) gets used (as both reserved registers and reserved fields must be similarly protected from guest access in default mode, but the guest should be allowed access to them in permissive mode). [Jan Beulich]
37c77b8: xen_pt_emu_reg_pcie[]'s PCI_EXP_DEVCAP needs to cover all bits as read- only to avoid unintended write-back (just a precaution, the field ought to be read-only in hardware). [Jan Beulich]
2dc4059: This is just to avoid having to adjust that calculation later in multiple places. [Jan Beulich]
29d9566: xen_pt_pmcsr_reg_write() needs an adjustment to deal with the RW1C nature of the not passed through bit 15 (PCI_PM_CTRL_PME_STATUS). [Jan Beulich]
2e19270: There's no point in xen_pt_pmcsr_reg_{read,write}() each ORing PCI_PM_CTRL_STATE_MASK and PCI_PM_CTRL_NO_SOFT_RESET into a local emu_mask variable - we can have the same effect by setting the field descriptor's emu_mask member suitably right away. Note that xen_pt_pmcsr_reg_write() is being retained in order to allow later patches to be less intrusive. [Jan Beulich]
751d20d: Without this the actual XSA-131 fix would cause the enable bit to not get set anymore (due to the write back getting suppressed there based on the OR of emu_mask, ro_mask, and res_mask). [Jan Beulich]
51f3b5b: ... to avoid allowing the guest to cause the control domain's disk to fill. [Jan Beulich]
7f99bb9: It's being used by the hypervisor. For now simply mimic a device not capable of masking, and fully emulate any accesses a guest may issue nevertheless as simple reads/writes without side effects. [Jan Beulich]
6fc82bf: The old logic didn't work as intended when an access spanned multiple fields (for example a 32-bit access to the location of the MSI Message Data field with the high 16 bits not being covered by any known field). Remove it and derive which fields not to write to from the accessed fields' emulation masks: When they're all ones, there's no point in doing any host write. [Jan Beulich]
e42b84c: fdc: force the fifo access to be in bounds of the allocated buffer [Petr Matousek]
62e4158: xen: limit guest control of PCI command register [Jan Beulich]
3499745: cirrus: fix an uninitialized variable [Jan Beulich]
This release also contains the security fixes for XSA-117 to XSA-136, with the exception of XSA-124 which documents security risks of non-standard PCI device functionality that cannot be addressed in software. It also includes an update to XSA-98 and XSA-59.
Rdfind is a program that finds duplicate files. It is useful for compressing
backup directories or just finding duplicate files. It compares files based on
their content, not on their file names.
imported from wip (thanks to bartosz.kuzma for packaing there :)
Changes since 5.4.2:
* Build system: Ability to make out-of-tree builds has been fixed.
* Build system, Disk and Users plugins: Detection and use of libstatgrab
>=0.90 has been added.
* Build system, Memory, CPU, TCPConns and Processes plugins: Numerous
fixes related to OpenBSD support have been added.
* Build system: Plugins now only export "module_register()".
* Build system: Various cleanups and improvements have been done.
* collectd: Numerous internal changes and improvements to the daemon and
the plugin API have been make.
* collectd: Numerous spelling mistakes have been corrected in comments
and documentation and several error messages have been improved.
* collectd: Rules/Targets can now be appended to existing Filter Chains.
* collectd: Failing Filter Chains destinations will now log the list of
available write targets.
* collectd: Support for process signaling and management by upstart and
systemd has been implemented for the Linux platform.
* collectd: The "CollectInternalStats" option has been added.
* collectd: The daemon source code and dependencies have moved to the
"src/daemon/" directory.
* collectd: The new "MaxReadInterval" option allows to cap the
exponential retry interval of plugins read errors.
* collectd: The "-P" command-line option now has precedence over the
"PIDFile" option.
* collection.cgi: Various data-source related adjustments have been made.
* libcollectdclient: Now propagates errors when signing / encrypting
network packets.
* Configuration: Support for unquoted IPv6 addresses has been added.
* Documentation: Various improvements have been done.
* Examples: the sample C plugin has been updated to the current plugin API.
* Licensing: The following components have been relicensed to the MIT
license: the Apple Sensors, Ascent, DBI, E-Mail, Entropy, GenericJMX,
gmond, LogFile, nginx, Notify Desktop, NTPd, NUT, olsrd, Perl, Ping,
PostgreSQL, Protocols, RouterOS, RRDCacheD, SNMP, StatsD, SysLog,
Table, Tail, UnixSock, vmem, VServer, Wireless, Write Riemann and XMMS
plugins, the core collectd daemon, the collectdmon, collectd-nagios
and collectd-tg utilities, all the Targets and Matches, liboconfig,
most of the "utils_*" files and the plugin API.
* Tests: A test suite has been added.
* Threshold: The hysteresis calculation has been made more reliable.
* Threshold: Various fixes and improvements have been made.
* AMQP plugin: The "ConnectionRetryDelay" option has been added,
allowing to delay reconnection.
* AMQP plugin: The "QueueDurable" and "QueueAutoDelete" options have
been added, giving control over queue creation and deletion.
* Apache, Ascent, BIND, cURL, cURL-JSON, cURL-XML, nginx and Write HTTP
plugins: Customizing the "User-Agent" field is now possible at
compile-time.
* Apache, Ascent, BIND, cURL, cURL-JSON, cURL-XML, nginx plugins: The
connection will be reset if it hasn't completed within the configured
"Interval". The new "Timeout" option gives control over this behavior.
* Apache, Ascent, cURL, cURL-JSON, cURL-XML, nginx, Write HTTP plugins:
Allow usernames and passwords to contain colons if built against
libcurl >= 7.19.1.
* Apache plugin: The "SSLCiphers" option gives control over the
encryption algorithms to use with TLS connections.
* Barometer plugin: This new plugin reads sensor data from various
Freescale and Bosch digital barometers.
* Battery plugin: Reporting values as percentages and reporting degraded
batteries has been added.
* Battery plugin: Support for reading values from sysfs on Linux has
been added.
* Battery plugin: The value for current is no longer supplied unless the
battery provides this information.
* BIND plugin: Bind's XML v3 API is now supported.
* Ceph plugin: This new plugin collects statistics from the Ceph
distributed storage system.
* ConnTrack plugin: Support for reporting values as percentages as well
as legacy conntrack files in "/proc" has been added.
* CPU plugin: The plugin is now able to report values as percentages and
aggregate values per-state and per-CPU.
* cURL-JSON plugin: Extracting values from complex JSON structures has
been enhanced.
* cURL-JSON plugin: Intervals can now be configured on a per-URL basis.
* cURL-JSON, cURL-XML, Write HTTP plugins: These plugins now also follow
HTTP redirects.
* cURL, cURL-JSON, cURL-XML plugins: HTTP Digest authentication has been
implemented.
* DBI, Oracle, PostgreSQL plugins: A "MetadataFrom" parameter has been
added which allows to set metadata from database columns.
* DBI plugin: Querying several databases in parallel is now possible.
* Disk plugin: On the Linux platform, disk names can now get looked up
in udev with the "UdevNameAttr" option.
* Disk plugin: This plugin now collects several additional I/O-related
metrics on the Linux platform.
* DRBD plugin: This new plugin reads Linux's Distributed Replicated
Block Device (DRBD) statistics.
* Exec, UnixSock plugins: The "PUTNOTIF" command now allows to set
metadata on notifications.
* fhcount plugin: This new plugin reports the number of used file handles.
* GenericJMX plugin: A Class Loader for "JMXConnectorFactory" has been
added, allowing the plugin to work with JBOSS > 7.
* IPC plugin: This new plugin collects information related to shared memory.
* Java plugin: Now uses the hostname defined in the configuration file.
* Load plugin: The plugin is now able to report values as percentages.
* Log Logstash plugin: This new plugin writes collectd logs and events
as Logstash JSON formatted events.
* LVM plugin: The plugin collects thin pool data volumes size, and no
longer reports virtual volumes.
* memcached plugin: "listen_disabled_num" are now also reported.
* Memory plugin: Slab memory reporting on the Linux platform has been added.
* Memory plugin: The plugin is now able to report values as percentages.
* Modbus plugin: Selecting between holding and input registers is now
possible.
* Modbus plugin: Support for accessing devices through an RS-485 serial
port has been added.
* Multimeter plugin: This plugin isn't built by default on the AIX
platform anymore.
* MySQL and PostgreSQL plugins: Passing "127.0.0.1" as a host will now
result in the global Hostname being used in metric names.
* MySQL plugin: InnoDB, Select and Sort statistics collection has been added.
* MySQL plugin: The "Alias" and "ConnectTimeout" options have been added.
* Netlink plugin: Support for 64bit netlink counters has been added.
* Network plugin: The "ReconnectInterval" configuration option has been added.
* NFS plugin: Support for NFSv4.0 has been implemented.
* OneWire plugin: Support for more temperature-providing sensor families
has been added.
* OneWire plugin: Support for full OWFS path and more device families
has been implemented.
* OpenLDAP plugin: This new plugin reads monitoring information from
OpenLDAP's "cn=Monitor" subtree.
* OpenVPN plugin: Support for OpenVPN 2.3.0 has been implemented.
* OpenVZ plugin: Various improvements have been made, making the plugin
report values like the other collectd plugins do.
* Perl plugin: A new "listval_filter" method has been added, various
internal cleanups and improvements have been made and a test suite has
been added.
* PostgreSQL plugin: The new "ExpireDelay" option allows skipping older
values pending write when the database slows down.
* PowerDNS plugin: The plugin was updated for stats from pdns 3.4.3.
* Processes plugin: A memory-usage related optimization for low-profile
systems has been added.
* Python plugin: Support for Python3 has been improved, "ModulePath" is
now prepended to "sys.path", and the "get_dataset()" function has been
added to the Python API.
* Redis and Write_Redis plugins: The support library has been switched
from credis to hiredis.
* Redis plugin: Custom commands can now be used to fetch values stored
in Redis.
* Redis plugin: Support for passwords up to 512 characters long has been added.
* Sensors plugin: Support for lm_sensors' power sensors has been added.
* SMART plugin: This new plugin collects SMART statistics from disk drives.
* SNMP plugin: A blacklist/whitelist feature can now be used to filter
which OIDs to collect.
* SNMP plugin: SNMPv3 authentication and encryption support has been
implemented.
* SNMP plugin: Two error messages have been disambiguated.
* Swap plugin: The plugin is now able to report values as percentages.
* Swap plugin: The plugin no longer fails on Linux systems where
"SwapCached" isn't exposed by the kernel.
* Tail plugin: "GaugeInc" and "GaugeAdd" options have been implemented.
* Tail plugin: Intervals can now be configured on a per-File basis.
* TCPConns plugin: The "AllPortsSummary" option, allowing to summarize
all connections, has been added.
* TCPConns plugin: Three metrics were renamed on the AIX platform, for
the sake of consistency.
* Turbostat plugin: This new plugin reads CPU frequency and C-state
residency on modern Intel turbo-capable processors.
* UnixSock plugin: The "GETTHRESHOLD" command has been re-added.
* Varnish plugin: Varnish 4 support has been added, as well as as
monitoring metrics only available in Varnish 4.
* virt plugin: Guests memory usage is now also collected.
* virt plugin: It is now possible to chose between using guests' name or
UUID as plugin_instance.
* virt plugin: The libvirt plugin has been renamed to virt.
* Write Graphite plugin: When the connection to graphite fails,
reconnection attempts are now limited to once per second.
* Write HTTP plugin: Multi-instance support of this plugin has been
improved. The "<URL "url">" block has been deprecated in favor of
"<Node "identifier">".
* Write HTTP plugin: Several TLS-related configuration options have been
added.
* Write HTTP plugin: The "LowSpeedLimit" and "Timeout" options allow to
reset slow/stalled network connections.
* Write HTTP plugin: The size of the payload posted to the HTTP server
can now be controlled with the "BufferSize" option.
* Write Kafka plugin: This new plugin sends data to Apache Kafka, a
distributed messaging queue.
ciomaire, Vincent Bernat, Marc Fournier. #670, #694, #794, #853, #014
* Write Log plugin: This new plugin dispatches collected values to the
configured log destination(s).
* Write Riemann plugin: Extra meta strings are now added as attributes
in notifications.
* Write Riemann plugin: Notification message are now sent to the Riemann
server via the description field.
* Write Riemann plugin: Support for custom attributes has been added.
* Write Riemann plugin: Support had been implemented for sending events
to Riemann in batches (when using TCP), and is enabled by default.
* Write Riemann plugin: The "EventServicePrefix" option has been added,
which adds a prefix to event service names.
* Write Riemann plugin: Threshold checks can now be passed down to the
Riemann server.
* Write Sensu plugin: This new plugin submits values to Sensu, a stream
processing and monitoring system.
* Write TSDB plugin: This new plugin sends data to OpenTSDB, a scalable
time series database.
* ZFS ARC plugin: Support for ZFS-on-Linux has been added.
* Zookeeper plugin: This new plugin reads data from the Apache Zookeeper
"MNTR" command.
v2.10.0
@e2 e2 released this on 27 Mar, 6 commits to master since this release
Major changes
* #304 - lock to Cellulloid 0.16 (if you need Celluloid 0.15, use Listen 2.9.0 and ask for backports if necessary)
Bugfixes
* #301 - avoid BSD adapter crash when watched file doesn't exist
Improvements
* #303 - allow listen tool to watch multiple directories
Facter 2.4.4
Released May 20, 2015
Facter 2.4.4 is a bug fix release in the Facter 2.4 series. It also
deprecates the --puppet command line option, since it caused circular load
dependencies. To run Facter in Puppet’s context, you should use the puppet
facts command instead.
* FACT-96: Deprecate ‘facter –puppet’
* FACT-628: facter returns incorrect value for facter virtual for Solaris Ldoms
* FACT-697: If NetworkManager is installed but not used facter throws a warning.
* FACT-975: On PPC64LE architecture, processors aren’t detected
* FACT-963: Remove pre-suite environment setup for AIO
Facter 2.4.3
Released April 2, 2015
Facter 2.4.3 is an AIO support release in the Facter 2.4 series that also
includes two improvements to performance, and multiple bug fixes.
AIO External Facts Directory Change
Changed external facts directory from /opt/puppetlabs/agent/facts.d to
/opt/puppetlabs/facter/facts.d on *nix. Windows is unchanged.
* FACT-826: Prepend AIO external facts directory for root
Improvements to Performance and Speed
* Reduced calls to ip link show for
performance. Facter::Util:IP.get_interface_value called
get_bonding_interface for every possible value, which could have caused
performance issues if many interfaces were being used.
* Improved the speed of puppetversion in standalone Facter. There is no
notable difference when calling Facter while Puppet is already
running. Previously, running Facter with --timing showed that puppetversion
was by far the slowest fact. This was not true when executed by Puppet, but
gave the impression that Puppet is slow.
Bugs
* FACT-893: selinux_config_policy returns “unknown” on Debian and RHEL7
* FACT-596: Fix to selinux_config_policy, always returned “unknown” on
Debian and RHEL7.
* FACT-825: Default timeout for prtdiag in the ‘virtual’ fact is too low
for large Solaris systems
* FACT-830: xendomains returning empty on debian hosts
* FACT-834: Only load ec2 rest once to avoid double loading warnings
* FACT-888: Facter does not properly detect KVM when CPU type is not
qenu32/qumu64
* FACT-894: Prepend ~/.puppetlabs/opt/facter/facts.d to external search path
for non-root
* FACT-805: use /etc/os-release on CoreOS
Full List of Issues
See Jira for a full list of issues resolved in Facter 2.4.3.
Facter 2.4.2
Facter 2.4.2 was not publicly released, and no packages were provided.
Version 8.10.0 [v8-stable] 2015-05-19
- imfile: add capability to process multi-line messages based on regex
input parameter "endmsg.regex" was added for that purpose. The new
mode provides much more power in processing different multiline-formats.
- pmrfc3164: add new parameters
* "detect.yearAfterTimestamp"
This supports timestamps as generated e.g. by some Aruba Networks
equipment.
* "permit.squareBracesInHostname"
Permits to use "hostnames" in the form of "[127.0.0.1]"; also seen in
Aruba Networks equipment, but we strongly assume this can also happen
in other cases, especially with IPv6.
- supplementary groups are now set when dropping privileges
closes https://github.com/rsyslog/rsyslog/issues/296
Thanks to Zach Lisinski for the patch.
- imfile: added brace glob expansion to wildcard
Thanks to Zach Lisinski for the patch.
- zmq: add the ability for zeromq input and outputs to advertise their
presence on UDP via the zbeacon API.
Thanks to Brian Knox for the contribution.
- added omhttpfs: contributed module for writing to HDFS via HTTP
Thanks to sskaje for the contribution.
- Configure option "--disable-debug-symbols" added which is disabled per
default. If you set the new option, configure won't set the appropriate
compiler flag to generate debug symbols anymore.
- When building from git source we now require rst2man and yacc (or a
replacement like bison).
That isn't any new requirement, we only added missing configure checks.
- Configure option "--enable-generate-man-pages" is now disabled for non git
source builds per default but enforced when building from git source.
- mmpstrucdata: some code cleanup
removed lots of early development debug outputs
- bugfix imuxsock: fix a crash when setting a hostname
Setting a hostname via the legacy directive would lead to a crash
during shutdown caused by a double-free.
Thanks to Tomas Heinrich for the patch.
- bugfix: memory leak in mmpstrucdata
Thanks to Gregoire Seux for reporting this issue.
closes https://github.com/rsyslog/rsyslog/issues/310
- bugfix (minor): default action name: assigned number was one off
see also https://github.com/rsyslog/rsyslog/pull/340
Thanks to Tomas Heinrich for the patch.
- bugfix: memory leak in imfile
A small leak happened each time a new file was monitored based on
a wildcard. Depending on the rate of file creation, this could result
in a serious memory leak.
Privilege escalation via emulated floppy disk drive
The code in qemu which emulates a floppy disk controller did not
correctly bounds check accesses to an array and therefore was
vulnerable to a buffer overflow attack.
A guest which has access to an emulated floppy device can exploit this
vulnerability to take over the qemu process elevating its privilege to
that of the qemu process.
All Xen systems running x86 HVM guests without stubdomains are
vulnerable to this depending on the specific guest configuration. The
default configuration is vulnerable.
Guests using either the traditional "qemu-xen" or upstream qemu device
models are vulnerable.
Guests using a qemu-dm stubdomain to run the device model are only
vulnerable to takeover of that service domain.
Systems running only x86 PV guests are not vulnerable.
ARM systems are not vulnerable.
Change logs:
1.6.10
======
- Do not track thunar/thunar-marshal.{c,h} (Harald Judt)
- Remove Makefile and Makefile.in files when running distclean (Harald Judt)
- Remove subversion $Id$ tags (Harald Judt)
- Really fix trash state at startup (bug #9513 and #11913) (Harald Judt)
- Use proper return type for thunar_file_reload (bug #11913) (Harald Judt)
- Revert "Fix loading the trash bin status at startup (bug #9513)" (Harald Judt)
1.6.9
=====
- Fix ThunarBulkRename script not supporting spaces (bug #9713) (Harald Judt)
- Use "Name" column for drag & drop instead of first column (bug #11905) (Harald Judt)
- Update the path entry icon when current file changes (Harald Judt)
- Revert changes for restoring the trash in the session client (bug #9513) (Harald Judt)
- Fix loading the trash bin status at startup (bug #9513) (Harald Judt)
- Turn off building gtk-docs API reference (Harald Judt)
- Fix cppcheck warning about uninitialized variable (Harald Judt)
- Disable "Set as default application" by default in the chooser dialog (bug #10548) (Harald Judt)
- Remember chosen application in the chooser dialog as last used (Harald Judt)
- Remember the last used application when opening files (Harald Judt)
- Fix reload when file is replaced with directory of the same name (Harald Judt)
- Do listen for G_FILE_MONITOR_EVENT_ATTRIBUTE_CHANGED (bug #11896) (Harald Judt)
- Fix comments for toggle-menubar (Harald Judt)
- Allow opening by middle-click in tree view only for mounted devices and resources (Harald Judt)
- Keep selection in original tree view when middle-clicking for new tab/window (Harald Judt)
- Keep path selected after unmounting a device via KEY_Left (Harald Judt)
- Unmount device if collapsing a collapsed device tree with KEY_Left in the tree view (Harald Judt)
- Fix wrong network icon shown in tree view (Harald Judt)
- Fix tree view opening mounted devices in new tab (Harald Judt)
- Use only open selection instead of open action with KEY_Up and KEY_Down (Harald Judt)
- Fix assertion when hitting KEY_Left on a top-level item in the tree view (Harald Judt)
- Revert workaround for desktop toplevel item in the tree view (Harald Judt)
- Always select the proper toplevel item in the thunar tree view (Harald Judt)
- Unescape URI in history error message (Harald Judt)
- Remove unmounted files from history when going back or forward (Harald Judt)
- Translation updates: Basque, French, Galician
Version 0.16
------------
(bugfix release, released on May 16, 2015)
- Fix typo preventing the security confirmation prompt from working (#303)
- Improve handling of systems with improperly configured file system encoding (#289)
- Fix "All archives" output for attic info. (#183)
- More user friendly error message when repository key file is not found (#236)
- Fix parsing of iso 8601 timestamps with zero microseconds (#282)
1.6.8
- Watch for CHANGES_DONE_HINT instead of CHANGED and ATTRIBUTE_CHANGED =
(bug #8377) (Harald Judt)
- Shortcut view: Fix "selection in selection" graphical bug when =
renaming shortcut (Harald Judt)
- Fix broken shortcut renaming (bug #11885) (Harald Judt)
- Unescape URIs in the shortcut view (bug #10831) (Harald Judt)
- Fix compiler warning because of missing curly braces (Harald Judt)
- Fix compilation error because of wrong variable name (Harald Judt)
- Fix unescaping of local paths in path entry (bug #8190) (Harald Judt)
- Fix escaping and unescaping URI in path entry (bug #8910) (Harald =
Judt)
- Let the tree view keep the focus when clicking on an item (bug #11863) =
(Harald Judt)
- Fix switching to the 10th tab via <alt>-<0> keyboard shortcut (Harald =
Judt)
- Fix removal of a directory wrongly affecting the current tab (bug =
#10981) (Harald Judt)
- Keep the scroll position when restoring the file selection (Harald =
Judt)
- Restore selection only when rows-reordered signal is received (bug =
#11855) (Harald Judt)
- For folders copied always append "copy #" to the end of their names =
(bug #11862) (Harald Judt)
- Update F5 binding for new ThunarWindow::reload signal (Evangelos =
Foutras)
- Do not perform the complete folder reload in idle (bug #11849) (Harald =
Judt)
- Coverity CID 60623: Unused value (Harald Judt)
- Coverity CID 60621: Missing return statement (Harald Judt)
- Coverity CID 60620: Explicit null dereferenced (Harald Judt)
- Coverity CID 60619: Explicit null dereferenced (Harald Judt)
- Coverity CID 60617: Unchecked return value (Harald Judt)
- Remove unused variable in thunar_standard_view_set_history (Harald =
Judt)
- Remove startup notification dependencies (bug #11837) (Harald Judt)
- Translation updates: Galician, German, Lithuanian
1.6.7
=====
- Improve drag & drop and selecting in the details view (bug #11605) (Harald Judt)
- Let row changes accumulate a bit before restoring selection (Harald Judt)
- Implement reloading file information on manual reload (Harald Judt)
- Extend reload functions to allow a full reload (Harald Judt)
- Check in thunar-marshal with new _thunar_marshal_BOOLEAN__BOOLEAN (Harald Judt)
- Reload files changed by jobs in an idle loop (bug #11008) (Harald Judt)
- Refactor code for moving thumbnail cache file on renames/moves (Harald Judt)
- Rework thunar_file_monitor to properly register moved files (Harald Judt)
- Add function to reload parent file of a file (Harald Judt)
- Fix updating file info for moved files (bug #11008) (Harald Judt)
- Revert "Refresh file info after getting it from cache (bug #11008)" (Harald Judt)
- Update the location bar after reload (bug #10518) (Harald Judt)
- Fix updating custom actions (bug #11749) (Harald Judt)
- Update rows on changes of case-sensitive and folders-first settings (Harald Judt)
- Fix typos and grammar mistakes in a few comments (Harald Judt)
- Make new windows inherit the history of the origin view (bug #5538) (Harald Judt)
- Make new tabs inherit the history of the origin view (bug #5538) (Harald Judt)
- Keep the history across view changes (bug #10171) (Harald Judt)
- Implement functions for copying the history of a view (Harald Judt)
- Rename tsv_restore_selection to tsv_select_after_row_deleted (Harald Judt)
- Redraw the details view on row changes (Harald Judt)
- Restore selection on row changes too (bug #9886) (Harald Judt)
- Improve mouse wheel zoom behaviour (Harald Judt)
- Remember and restore file selection on view changes (Harald Judt)
- Restore file selection when changing sort order (bug #9886) (Harald Judt)
- Update model with changed binary file size setting immediately (Harald Judt)
- Fix typo busy_pulse in thunar-shortcuts-model.c (Harald Judt)
- Fix typo in thunar-clipboard-manager (Harald Judt)
- Fix Gdk-CRITICAL error (Thaddaeus Tintenfisch)
- Clean up more files with make clean (Harald Judt)
- Rework usage of binary file size properties (bug #11450) (Harald Judt)
- Remove duplicate break statement in thunar-standard-view (Harald Judt)
- Fix compiler warning about shadowing 'basename' (bug #11633) (Matt Thirtytwo)
- thunar/thunar-dbus-service-infos.xml corrections (Thaddaeus Tintenfisch)
- Fix startup id handling for launch requests over D-Bus (bug #9646) (Thaddaeus Tintenfisch)
- Fallback to non-cached version of source file (bug #9142) (Thaddaeus Tintenfisch)
- Translation updates: Chinese (China), Croatian, English (Australia), French, German,
Greek, Italian, Lithuanian, Polish, Swedish, Ukrainian
D-Bus 1.8.18 (2015-05-14)
==
The “unicorn rifts” release.
Security hardening:
• On Unix platforms, change the default configuration for the session bus
to only allow EXTERNAL authentication (secure kernel-mediated
credentials-passing), as was already done for the system bus.
This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
unpredictable pseudo-random numbers; under certain circumstances
(/dev/urandom unreadable or malloc() returns NULL), dbus could
fall back to using rand(), which does not have the desired unpredictability.
The fallback to rand() has not been changed in this stable-branch since
the necessary code changes for correct error-handling are rather intrusive.
If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
NFS or similar, you will need to reconfigure the session bus to accept
DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration
is not recommended.
(fd.o #90414, Simon McVittie)
Other fixes:
• Add locking to DBusCounter's reference count and notify function
(fd.o #89297, Adrian Szyndela)
• Ensure that DBusTransport's reference count is protected by the
corresponding DBusConnection's lock (fd.o #90312, Adrian Szyndela)
• On Windows, listen on the same port for IPv4 and IPv6 (previously
broken by an endianness mistake), and fix a failure to bind TCP
sockets on approximately 1 attempt in 256 (fd.o #87999, Ralf Habacker)
• Correctly release DBusServer mutex before early-return if we run out
of memory while copying authentication mechanisms (fd.o #90004,
Ralf Habacker)
• Fix some missing \n in verbose (debug log) messages (fd.o #90004,
Ralf Habacker)
• Clean up some memory leaks in test code (fd.o #90004, Ralf Habacker)
1.6.0 - 15 March 2015
fix lstat64 support when unavailable - separate patches supplied by
Ganael Laplanche and Peter Korsgaard
(#1506) new option "-D" / "--delay-start" to only show bar after N
seconds (Damon Harper)
new option "--fineta" / "-I" to show ETA as time of day rather than
time remaining - patch supplied by Erkki Seppälä (r147)
(#1509) change ETA (--eta / -e) so that days are given if the hours
remaining are 24 or more (Jacek Wielemborek)
(#1499) repeat read and write attempts on partial buffer fill/empty to
work around post-signal transfer rate drop reported by Ralf Ramsauer
(#1507) do not try to calculate total size in line mode, due to bug
reported by Jacek Wielemborek and Michiel Van Herwegen
cleanup: removed defunct RATS comments and unnecessary copyright
notices
clean up displayed lines when using --watchfd PID, when PID exits
output errors on a new line to avoid overwriting transfer bar
Changes in older releases :
new option --watchfd
new option --null
new option --skip-errors
new option --format
new option --remote (-R) to control an already-running process
new option --line-mode (-l) to count lines instead of bytes
Fixes for AIX, Cygwin, Solaris, MacOSX
Change license to Artistic 2.0
- Drop patches/patch-lib_parse-datetime.c (the comment of the patch was)
| Fix CVE-2014-9471 TZ parsing bug.
| Via https://debbugs.gnu.org/cgi/bugreport.cgi?bug=16872
- Set MAKE_JOBS_SAFE= no, to avoid following problem
# --- man/chroot.1 ---
# GEN man/chroot.1
# help2man: can't get `--help' info from chroot.td/chroot
# Try `--no-discard-stderr' if option outputs to stderr
# *** [man/chroot.1] Error code 127
(upstream)
- update to 8.23
------------------
* Noteworthy changes in release 8.23 (2014-07-18) [stable]
** Bug fixes
chmod -Rc no longer issues erroneous warnings for files with special bits set.
[bug introduced in coreutils-6.0]
cp -a, mv, and install --preserve-context, once again set the correct SELinux
context for existing directories in the destination. Previously they set
the context of an existing directory to that of its last copied descendent.
[bug introduced in coreutils-8.22]
cp -a, mv, and install --preserve-context, no longer seg fault when running
with SELinux enabled, when copying from file systems that return an error
when reading the SELinux context for a file.
[bug introduced in coreutils-8.22]
cp -a and mv now preserve xattrs of symlinks copied across file systems.
[bug introduced with extended attribute preservation feature in coreutils-7.1]
date could crash or go into an infinite loop when parsing a malformed TZ="".
[bug introduced with the --date='TZ="" ..' parsing feature in coreutils-5.3.0]
dd's ASCII and EBCDIC conversions were incompatible with common practice and
with POSIX, and have been corrected as follows. First, conv=ascii now
implies conv=unblock, and conv=ebcdic and conv=ibm now imply conv=block.
Second, the translation tables for dd conv=ascii and conv=ebcdic have been
corrected as shown in the following table, where A is the ASCII value, W is
the old, wrong EBCDIC value, and E is the new, corrected EBCDIC value; all
values are in octal.
A W E
041 117 132
133 112 255
135 132 275
136 137 232
174 152 117
176 241 137
313 232 152
325 255 112
345 275 241
[These dd bugs were present in "the beginning".]
df has more fixes related to the newer dynamic representation of file systems:
Duplicates are elided for virtual file systems like tmpfs.
Details for the correct device are output for points mounted multiple times.
Placeholder values are output for inaccessible file systems, rather than
than error messages or values for the wrong file system.
[These bugs were present in "the beginning".]
df now outputs all appropriate entries in the presence of bind mounts.
On some systems, entries would have been incorrectly elided due to
them being considered "dummy" mounts.
[bug introduced in coreutils-8.22]
du now silently ignores directory cycles introduced with bind mounts.
Previously it would issue a warning and exit with a failure status.
[bug introduced in coreutils-8.1]
head --bytes=-N and --lines=-N now handles devices more
consistently, not ignoring data from virtual devices like /dev/zero,
or on BSD systems data from tty devices.
[bug introduced in coreutils-5.0.1]
head --bytes=-N - no longer fails with a bogus diagnostic when stdin's
seek pointer is not at the beginning.
[bug introduced with the --bytes=-N feature in coreutils-5.0.1]
head --lines=-0, when the input does not contain a trailing '\n',
now copies all input to stdout. Previously nothing was output in this case.
[bug introduced with the --lines=-N feature in coreutils-5.0.1]
id, when invoked with no user name argument, now prints the correct group ID.
Previously, in the default output format, it would print the default group ID
in the password database, which may be neither real nor effective. For e.g.,
when run set-GID, or when the database changes outside the current session.
[bug introduced in coreutils-8.1]
ln -sf now replaces symbolic links whose targets can't exist. Previously
it would display an error, requiring --no-dereference to avoid the issue.
[bug introduced in coreutils-5.3.0]
ln -sr '' F no longer segfaults. Now works as expected.
[bug introduced with the --relative feature in coreutils-8.16]
numfmt now handles blanks correctly in all unibyte locales. Previously
in locales where character 0xA0 is a blank, numfmt would mishandle it.
[bug introduced when numfmt was added in coreutils-8.21]
ptx --format long option parsing no longer falls through into the --help case.
[bug introduced in TEXTUTILS-1_22i]
ptx now consistently trims whitespace when processing multiple files.
[This bug was present in "the beginning".]
seq again generates correct output with start or end values = -0.
[bug introduced in coreutils-8.20.]
shuf --repeat no longer dumps core if the input is empty.
[bug introduced with the --repeat feature in coreutils-8.22]
sort when using multiple threads now avoids undefined behavior with mutex
destruction, which could cause deadlocks on some implementations.
[bug introduced in coreutils-8.6]
tail -f now uses polling mode for VXFS to cater for its clustered mode.
[bug introduced with inotify support added in coreutils-7.5]
** New features
od accepts a new option: --endian=TYPE to handle inputs with different byte
orders, or to provide consistent output on systems with disparate endianness.
configure accepts the new option --enable-single-binary to build all the
selected programs in a single binary called "coreutils". The selected
programs can still be called directly using symlinks to "coreutils" or
shebangs with the option --coreutils-prog= passed to this program. The
install behavior is determined by the option --enable-single-binary=symlinks
or --enable-single-binary=shebangs (the default). With the symlinks option,
you can't make a second symlink to any program because that will change the
name of the called program, which is used by coreutils to determine the
desired program. The shebangs option doesn't suffer from this problem, but
the /proc/$pid/cmdline file might not be updated on all the platforms. The
functionality of each program is not affected but this single binary will
depend on all the required dynamic libraries even to run simple programs.
If you desire to build some tools outside the single binary file, you can
pass the option --enable-single-binary-exceptions=PROG_LIST with the comma
separated list of programs you want to build separately. This flag
considerably reduces the overall size of the installed binaries which makes
it suitable for embedded system.
** Changes in behavior
chroot with an argument of "/" no longer implicitly changes the current
directory to "/", allowing changing only user credentials for a command.
chroot --userspec will now unset supplemental groups associated with root,
and instead use the supplemental groups of the specified user.
cut -d$'\n' again outputs lines identified in the --fields list, having
not done so in v8.21 and v8.22. Note using this non portable functionality
will result in the delayed output of lines.
ls with none of LS_COLORS or COLORTERM environment variables set,
will now honor an empty or unknown TERM environment variable,
and not output colors even with --colors=always.
** Improvements
chroot has better --userspec and --group look-ups, with numeric IDs never
causing name look-up errors. Also look-ups are first done outside the chroot,
in case the look-up within the chroot fails due to library conflicts etc.
install now allows the combination of the -D and -t options.
numfmt supports zero padding of numbers using the standard printf
syntax of a leading zero, for example --format="%010f".
Also throughput was improved by up to 800% by avoiding redundant processing.
shred now supports multiple passes on GNU/Linux tape devices by rewinding
the tape before each pass, avoids redundant writes to empty files,
uses direct I/O for all passes where possible, and attempts to clear
inode storage used for small files on some file systems.
split avoids unnecessary input buffering, immediately writing input to output
which is significant with --filter or when writing to fifos or stdout etc.
stat and tail work better with HFS+, HFSX, LogFS and ConfigFS. stat -f
--format=%T now reports the file system type, and tail -f now uses inotify,
rather than the default of issuing a warning and reverting to polling.
