The Consumer and Server implementations share a few libraries which live
with this module. This module is here largely to hold the version number
and this documentation, though it also incorporates some utility functions
inherited from previous versions of Net::OpenID::Consumer.
Security Fixes
* On servers configured to perform DNSSEC validation using managed
trust anchors (i.e., keys configured explicitly via managed-keys,
or implicitly via dnssec-validation auto; or dnssec-lookaside
auto;), revoking a trust anchor and sending a new untrusted
replacement could cause named to crash with an assertion failure.
This could occur in the event of a botched key rollover, or
potentially as a result of a deliberate attack if the attacker was
in position to monitor the victim's DNS traffic.
This flaw was discovered by Jan-Piet Mens, and is disclosed in
CVE-2015-1349. [RT #38344]
* A flaw in delegation handling could be exploited to put named into
an infinite loop, in which each lookup of a name server triggered
additional lookups of more name servers. This has been addressed by
placing limits on the number of levels of recursion named will
allow (default 7), and on the number of queries that it will send
before terminating a recursive query (default 50).
The recursion depth limit is configured via the max-recursion-depth
option, and the query limit via the max-recursion-queries option.
The flaw was discovered by Florian Maury of ANSSI, and is disclosed
in CVE-2014-8500. [RT #37580]
* Two separate problems were identified in BIND's GeoIP code that
could lead to an assertion failure. One was triggered by use of
both IPv4 and IPv6 address families, the other by referencing a
GeoIP database in named.conf which was not installed. Both are
covered by CVE-2014-8680. [RT #37672] [RT #37679]
A less serious security flaw was also found in GeoIP: changes to
the geoip-directory option in named.conf were ignored when running
rndc reconfig. In theory, this could allow named to allow access to
unintended clients.
New Features
* None
Feature Changes
* ACLs containing geoip asnum elements were not correctly matched
unless the full organization name was specified in the ACL (as in
geoip asnum "AS1234 Example, Inc.";). They can now match against
the AS number alone (as in geoip asnum "AS1234";).
* When using native PKCS#11 cryptography (i.e., configure
--enable-native-pkcs11) HSM PINs of up to 256 characters can now be
used.
* NXDOMAIN responses to queries of type DS are now cached separately
from those for other types. This helps when using "grafted" zones
of type forward, for which the parent zone does not contain a
delegation, such as local top-level domains. Previously a query of
type DS for such a zone could cause the zone apex to be cached as
NXDOMAIN, blocking all subsequent queries. (Note: This change is
only helpful when DNSSEC validation is not enabled. "Grafted" zones
without a delegation in the parent are not a recommended
configuration.)
* NOTIFY messages that are sent because a zone has been updated are
now given priority above NOTIFY messages that were scheduled when
the server started up. This should mitigate delays in zone
propagation when servers are restarted frequently.
* Errors reported when running rndc addzone (e.g., when a zone file
cannot be loaded) have been clarified to make it easier to diagnose
problems.
* Added support for OPENPGPKEY type.
* When encountering an authoritative name server whose name is an
alias pointing to another name, the resolver treats this as an
error and skips to the next server. Previously this happened
silently; now the error will be logged to the newly-created "cname"
log category.
* If named is not configured to validate the answer then allow
fallback to plain DNS on timeout even when we know the server
supports EDNS. This will allow the server to potentially resolve
signed queries when TCP is being blocked.
Bug Fixes
* dig, host and nslookup aborted when encountering a name which,
after appending search list elements, exceeded 255 bytes. Such
names are now skipped, but processing of other names will continue.
[RT #36892]
* The error message generated when named-checkzone or named-checkconf
-z encounters a $TTL directive without a value has been clarified.
[RT #37138]
* Semicolon characters (;) included in TXT records were incorrectly
escaped with a backslash when the record was displayed as text.
This is actually only necessary when there are no quotation marks.
[RT #37159]
* When files opened for writing by named, such as zone journal files,
were referenced more than once in named.conf, it could lead to file
corruption as multiple threads wrote to the same file. This is now
detected when loading named.conf and reported as an error. [RT
#37172]
* dnssec-keygen -S failed to generate successor keys for some
algorithm types (including ECDSA and GOST) due to a difference in
the content of private key files. This has been corrected. [RT
#37183]
* UPDATE messages that arrived too soon after an rndc thaw could be
lost. [RT #37233]
* Forwarding of UPDATE messages did not work when they were signed
with SIG(0); they resulted in a BADSIG response code. [RT #37216]
* When checking for updates to trust anchors listed in managed-keys,
named now revalidates keys based on the current set of active trust
anchors, without relying on any cached record of previous
validation. [RT #37506]
* Large-system tuning (configure --with-tuning=large) caused problems
on some platforms by setting a socket receive buffer size that was
too large. This is now detected and corrected at run time. [RT
#37187]
* When NXDOMAIN redirection is in use, queries for a name that is
present in the redirection zone but a type that is not present will
now return NOERROR instead of NXDOMAIN.
* When a zone contained a delegation to an IPv6 name server but not
an IPv4 name server, it was possible for a memory reference to be
left un-freed. This caused an assertion failure on server shutdown,
but was otherwise harmless. [RT #37796]
* Due to an inadvertent removal of code in the previous release, when
named encountered an authoritative name server which dropped all
EDNS queries, it did not always try plain DNS. This has been
corrected. [RT #37965]
* A regression caused nsupdate to use the default recursive servers
rather than the SOA MNAME server when sending the UPDATE.
* Adjusted max-recursion-queries to accommodate the smaller initial
packet sizes used in BIND 9.10 and higher when contacting
authoritative servers for the first time.
* Built-in "empty" zones did not correctly inherit the
"allow-transfer" ACL from the options or view. [RT #38310]
* Two leaks were fixed that could cause named processes to grow to
very large sizes. [RT #38454]
* Fixed some bugs in RFC 5011 trust anchor management, including a
memory leak and a possible loss of state information.[RT #38458]
Security Fixes
* On servers configured to perform DNSSEC validation using managed
trust anchors (i.e., keys configured explicitly via managed-keys,
or implicitly via dnssec-validation auto; or dnssec-lookaside
auto;), revoking a trust anchor and sending a new untrusted
replacement could cause named to crash with an assertion failure.
This could occur in the event of a botched key rollover, or
potentially as a result of a deliberate attack if the attacker was
in position to monitor the victim's DNS traffic.
This flaw was discovered by Jan-Piet Mens, and is disclosed in
CVE-2015-1349. [RT #38344]
* A flaw in delegation handling could be exploited to put named into
an infinite loop, in which each lookup of a name server triggered
additional lookups of more name servers. This has been addressed by
placing limits on the number of levels of recursion named will
allow (default 7), and on the number of queries that it will send
before terminating a recursive query (default 50).
The recursion depth limit is configured via the max-recursion-depth
option, and the query limit via the max-recursion-queries option.
The flaw was discovered by Florian Maury of ANSSI, and is disclosed
in CVE-2014-8500. [RT #37580]
New Features
* None
Feature Changes
* NXDOMAIN responses to queries of type DS are now cached separately
from those for other types. This helps when using "grafted" zones
of type forward, for which the parent zone does not contain a
delegation, such as local top-level domains. Previously a query of
type DS for such a zone could cause the zone apex to be cached as
NXDOMAIN, blocking all subsequent queries. (Note: This change is
only helpful when DNSSEC validation is not enabled. "Grafted" zones
without a delegation in the parent are not a recommended
configuration.)
* NOTIFY messages that are sent because a zone has been updated are
now given priority above NOTIFY messages that were scheduled when
the server started up. This should mitigate delays in zone
propagation when servers are restarted frequently.
* Errors reported when running rndc addzone (e.g., when a zone file
cannot be loaded) have been clarified to make it easier to diagnose
problems.
* Added support for OPENPGPKEY type.
* When encountering an authoritative name server whose name is an
alias pointing to another name, the resolver treats this as an
error and skips to the next server. Previously this happened
silently; now the error will be logged to the newly-created "cname"
log category.
* If named is not configured to validate the answer then allow
fallback to plain DNS on timeout even when we know the server
supports EDNS. This will allow the server to potentially resolve
signed queries when TCP is being blocked.
Bug Fixes
* dig, host and nslookup aborted when encountering a name which,
after appending search list elements, exceeded 255 bytes. Such
names are now skipped, but processing of other names will continue.
[RT #36892]
* The error message generated when named-checkzone or named-checkconf
-z encounters a $TTL directive without a value has been clarified.
[RT #37138]
* Semicolon characters (;) included in TXT records were incorrectly
escaped with a backslash when the record was displayed as text.
This is actually only necessary when there are no quotation marks.
[RT #37159]
* When files opened for writing by named, such as zone journal files,
were referenced more than once in named.conf, it could lead to file
corruption as multiple threads wrote to the same file. This is now
detected when loading named.conf and reported as an error. [RT
#37172]
* dnssec-keygen -S failed to generate successor keys for some
algorithm types (including ECDSA and GOST) due to a difference in
the content of private key files. This has been corrected. [RT
#37183]
* UPDATE messages that arrived too soon after an rndc thaw could be
lost. [RT #37233]
* Forwarding of UPDATE messages did not work when they were signed
with SIG(0); they resulted in a BADSIG response code. [RT #37216]
* When checking for updates to trust anchors listed in managed-keys,
named now revalidates keys based on the current set of active trust
anchors, without relying on any cached record of previous
validation. [RT #37506]
* When NXDOMAIN redirection is in use, queries for a name that is
present in the redirection zone but a type that is not present will
now return NOERROR instead of NXDOMAIN.
* When a zone contained a delegation to an IPv6 name server but not
an IPv4 name server, it was possible for a memory reference to be
left un-freed. This caused an assertion failure on server shutdown,
but was otherwise harmless. [RT #37796]
* Due to an inadvertent removal of code in the previous release, when
named encountered an authoritative name server which dropped all
EDNS queries, it did not always try plain DNS. This has been
corrected. [RT #37965]
* A regression caused nsupdate to use the default recursive servers
rather than the SOA MNAME server when sending the UPDATE.
* Adjusted max-recursion-queries to better accommodate empty caches.
* Built-in "empty" zones did not correctly inherit the
"allow-transfer" ACL from the options or view. [RT #38310]
* A mutex leak was fixed that could cause named processes to grow to
very large sizes. [RT #38454]
* Fixed some bugs in RFC 5011 trust anchor management, including a
memory leak and a possible loss of state information.[RT #38458]
==============================
Release Notes for Samba 3.6.25
February 23, 2015
==============================
This is a security release in order to address CVE-2015-0240 (Unexpected
code execution in smbd).
o CVE-2015-0240:
All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an
unexpected code execution vulnerability in the smbd file server
daemon.
A malicious client could send packets that may set up the stack in
such a way that the freeing of memory in a subsequent anonymous
netlogon packet could allow execution of arbitrary code. This code
would execute with root privileges.
o CVE-2014-0178:
In preparing a response to an authenticated FSCTL_GET_SHADOW_COPY_DATA
or FSCTL_SRV_ENUMERATE_SNAPSHOTS client request, affected versions of
Samba do not initialize 8 bytes of the 16 byte SRV_SNAPSHOT_ARRAY
response field. The uninitialized buffer is sent back to the client.
A non-default VFS module providing the get_shadow_copy_data_fn() hook
must be explicitly enabled for Samba to process the aforementioned
client requests. Therefore, only configurations with "shadow_copy" or
"shadow_copy2" specified for the "vfs objects" parameter are vulnerable.
Changes with Apache Libcloud 0.17.0
General
Use match_hostname function from backports.ssl_match_hostname package to verify the SSL certificate hostname instead of relying on our own logic. (GITHUB-374) [Alex Gaynor]
Compute
GCE driver updated to include ex_stop_node() and ex_start_node() methods. (GITHUB-442) [Eric Johnson]
GCE driver now raises ResourceNotFoundError when the specified image is not found in any image project. Previously, this would return None but now raises the not-found exception instead. This fixes a bug where returning None caused ex_delete_image to raise an AttributeError. (GITHUB-441) [Eric Johnson]
GCE driver update to support JSON format Service Account files and a PY3 fix from Siim Põder for LIBCLOUD-627. (LIBCLOUD-627, LIBCLOUD-657, GITHUB-438) [Eric Johnson]
GCE driver fixed for missing param on ex_add_access_config. (GITHUB-435) [Peter Mooshammer]
GCE driver support for HTTP load-balancer resources. (LIBCLOUD-605, GITHUB-429) [Lee Verberne]
GCE driver updated to make better use of GCEDiskTypes. (GITHUB-428) [Eric Johnson]
GCE driver list_images() now returns all non-deprecated images by default. (LIBCLOUD-602, GITHUB-423) [Eric Johnson]
Improve GCE API coverage for create_node(). (GITHUB-419) [Eric Johnson]
GCE Licenses added to the GCE driver. (GITHUB-420) [Eric Johnson]
GCE Projects support common instance metadata and usage export buckets. (GITHUB-409) [Eric Johnson]
Improvements to TargetPool resource in GCE driver. (GITHUB-414) [Eric Johnson]
Adding TargetInstances resource to GCE driver. (GITHUB-393) [Eric Johnson]
Adding DiskTypes resource to GCE driver. (GITHUB-391) [Eric Johnson]
Fix boot disk auto_delete in GCE driver. (GITHUB-412) [Igor Bogomazov]
Add Routes to GCE driver. (GITHUB-410) [Eric Johnson]
Add missing ubuntu-os-cloud images to the GCE driver. (LIBCLOUD-632, GITHUB-385) [Borja Martin]
Add new us-east-2 and us-east-3 region to the Joyent driver. (GITHUB-386) [ZuluPro]
Add missing t2. instance types to the us-west-1 region in the EC2 driver. (GITHUB-388) [Matt Lehman]
Add option to expunge VM on destroy in CloudStack driver. (GITHUB-382) [Roeland Kuipers]
Add extra attribute in list_images for CloudStack driver. (GITHUB-389) [Loic Lambiel]
Add ex_security_group_ids argument to the create_node method in the EC2 driver. This way users can launch VPC nodes with security groups. (GITHUB-373) [Itxaka Serrano]
Add description argument to GCE Network. (GITHUB-397) [Eric Johnson]
GCE: Improve MachineType (size) coverage of GCE API. (GITHUB-396) [Eric Johnson]
GCE: Improved Images coverage. (GITHUB-395) [Eric Johnson]
GCE: Support for global IP addresses. (GITHUB-390, GITHUB-394) [Eric Johnson]
GCE: Add missing snapshot attributes. (GITHUB-401) [Eric Johnson]
AWS: Set proper disk size in c3.X instance types. (GITHUB-405) [Itxaka Serrano]
Fix a bug with handling of the ex_keyname argument in the Softlayer driver. (GITHUB-416, LIBCLOUD-647) [Dustin Oberloh]
Update CloudSigma region list (remove Las Vegas, NV region and add new San Jose, CA and Miami, FL region). (GITHUB-417) [Viktor Petersson]
Add ex_get_node method to the Joyent driver. (GITHUB-421) [ZuluPro]
Add support for placement group management to the EC2 driver. (GITHUB-418) [Mikhail Ovsyannikov]
Add new tok02 region to the Softlayer driver. (GITHUB-436, LIBCLOUD-656) [Dustin Oberloh]
Add new Honolulu, HI endpoint to the CloudSigma driver. (GITHUB-439) [Stephen D. Spencer]
Fix a bug with config_drive attribute in the OpenStack driver. New versions of OpenStack now return a boolean and not a string. (GITHUB-433) [quilombo]
Add support for Abiquo API v3.x, remove support for now obsolete API v2.x. (GITHUB-433, LIBCLOUD-652) [David Freedman]
Allow rootdisksize parameter in create_node CloudStack driver (GITHUB-440, LIBCLOUD-658) [Loic Lambiel]
Storage
Allow user to pass headers argument to the upload_object and upload_object_via_stream method.
This way user can specify CORS headers with the drivers which support that. (GITHUB-403, GITHUB-404) [Peter Schmidt]
Fix upload_object_via_stream so it works correctly under Python 3.x if user manually passes an iterator to the method.
Also improve how reading a file in chunks works with drivers which support chunked encoding - always try to fill a chunk with CHUNK_SIZE bytes instead of directly streaming the chunk which iterator returns.
Previously, if iterator returned 1 byte in one iteration, we would directly send this as a single chunk to the API. (GITHUB-408, LIBCLOUD-639) [Peter Schmidt]
Loadbalancer
Updates to CloudStack driver. (GITHUB-434) [Jeroen de Korte]
DNS
New driver for Softlayer DNS service. (GITHUB-413, LIBCLOUD-640) [Vanč Levstik]
Fix a bug with ex_create_multi_value_record method in the Route53 driver only returning a single record. (GITHUB-431, LIBCLOUD-650) [Itxaka Serrano]
Changes with Apache Libcloud 0.16.0
General
Add new OpenStackIdentity_3_0_Connection class for working with OpenStack Identity (Keystone) service API v3. [Tomaz Muraus]
Add support for prettifying JSON or XML response body which is printed to a file like object when using LIBCLOUD_DEBUG environment variable. This option can be enabled by setting LIBCLOUD_DEBUG_PRETTY_PRINT_RESPONSE environment variable. [Tomaz Muraus]
Add support for using an HTTP proxy for outgoing HTTP and HTTPS requests. [Tomaz Muraus, Philip Kershaw]
Compute
Fix an issue with LIBCLOUD_DEBUG not working correctly with the Linode driver. [Tomaz Muraus, Juan Carlos Moreno] (LIBCLOUD-598, GITHUB-342)
Add new driver for VMware vSphere (http://www.vmware.com/products/vsphere/) based clouds. [Tomaz Muraus]
Add two new default node states - NodeState.SUSPENDED and NodeState.ERROR. [Tomaz Muraus]
Fix to join networks properly in deploy_node in the CloudStack driver. (LIBCLOUD-593, GITUHB-336) [Atsushi Sasaki]
Create CloudStackFirewallRule class and corresponding methods. (LIBCLOUD-594, GITHUB-337) [Atsushi Sasaki]
Add support for SSD disks to Google Compute driver. (GITHUB-339) [Eric Johnson]
Add utility get_regions and get_service_names methods to the OpenStackServiceCatalog class. [Andrew Mann, Tomaz Muraus]
Fix a bug in ex_get_console_output in the EC2 driver which would cause an exception to be thrown if there was no console output for a particular node.
Reported by Chris DeRamus. [Tomaz Muraus]
Add ip_address parameter in CloudStack driver create_node method. (GITHUB-346) [Roeland Kuipers]
Fix ParamikoSSHClient.run and deploy_node method to work correctly under Python 3. (GITHUB-347) [Eddy Reyes]
Update OpenStack driver to map more node states to states recognized by Libcloud. [Chris DeRamus]
Fix a bug with ex_metadata argument handling in the Google Compute Engine driver create_node method. (LIBCLOUD-544, GITHUB-349, GITHUB-353) [Raphael Theberge]
Add SSH key pair management methods to the Softlayer driver. (GITHUB-321, GITHUB-354) [Itxaka Serrano]
Correctly categorize node IP addresses into public and private when dealing with OpenStack floating IPs. [Andrew Mann]
Add new t2 instance types to the EC2 driver. [Tomaz Muraus]
Add support for Amazon GovCloud to the EC2 driver (us-gov-west-1 region). [Chris DeRamus]
Allow user to pass "gp2" for "ex_volume_type" argument to the create_volume method in the EC2 driver.
Reported by Xavier Barbosa. [Tomaz Muraus, Xavier Barbosa]
Add new driver for ProfitBricks provider. (LIBCLOUD-589, GITHUB-352) [Matt Baldwin]
Various improvements and bugs fixes in the GCE driver. For a list, see https://github.com/apache/libcloud/pull/360/commits (GITHUB-360) [Evgeny Egorochkin]
Allow user to specify virtualization type when registering an EC2 image by passing virtualization_type argument to the ex_register_image method. (GITHUB-361) [Andy Grimm]
Add ex_create_image method to the GCE driver. (GITHUB-358, LIBCLOUD-611) [Katriel Traum]
Add some methods to CloudStack driver: create_volume_snapshot, list_snapshots, destroy_volume_snapshot create_snapshot_template, ex_list_os_types) (GITHUB-363, LIBCLOUD-616) [Oleg Suharev]
Added VPC support and Egress Firewall rule support fo CloudStack (GITHUB-363) [Jeroen de Korte]
Add additional attributes to the extra dictionary of OpenStack StorageVolume object. (GITHUB-366) [Gertjan Oude Lohuis]
Fix create_volume method in the OpenStack driver to return a created volume object (instance of StorageVolume) on success, instead of a boolean indicating operation success. (GITHUB-365) [Gertjan Oude Lohuis]
Add optional project parameters for ex_list_networks() to CloudStack driver (GITHUB-367, LIBCLOUD-615) [Rene Moser]
CLOUDSTACK: option to start VM in a STOPPED state (GITHUB-368) [Roeland Kuipers]
Support "config_drive" in the OpenStack driver. Allow users to pass ex_config_drive argument to the create_node and ex_rebuild_node method. (GITHUB-370) [Nirmal Ranganathan]
Add support for service scopes to the create_node method in the GCE driver. (LIBCLOUD-578, GITHUB-373) [Eric Johnson]
Update GCE driver to allow for authentication with internal metadata service. (LIBCLOUD-625, LIBCLOUD-276, GITHUB-276) [Eric Johnson]
Fix a bug in Elasticstack node creation method where it would raise exceptions because of missing data in a response, and also fix pulling the IP from the proper data item. (GITHUB-325) [Michael Bennett]
Fix a bug which prevented user to connect and instantiate multiple EC2 driver instances for different regions at the same time. (GITHUB-325) [Michael Bennett]
Add methods in CloudStack driver to manage mutiple nics per vm. (GITHUB-369) [Roeland Kuipers]
Implements VPC network ACLs for CloudStack driver. (GITHUB-371) [Jeroen de Korte]
Storage
Fix a bug with CDN requests in the CloudFiles driver. [Tomaz Muraus]
Fix a bug with not being able to specify meta_data / tags when uploading an object using Google Storage driver. (LIBCLOUD-612, GITHUB-356) [Stefan Friesel]
Loadbalancer
Allow user to specify session affinity algorithm in the GCE driver by passing ex_session_affinity argument to the create_balancer method. (LIBCLOUD-595, GITHUB-341) [Lee Verberne, Eric Johnson]
DNS
Various fixes in the Google DNS driver. (GITHUB-378) [Franck Cuny]
Changes with Apache Libcloud 0.15.1
Compute
Allow user to limit a list of subnets which are returned by passing subnet_ids and filters argument to the ex_list_subnets method in the EC2 driver. (LIBCLOUD-571, GITHUB-306) [Lior Goikhburg]
Allow user to limit a list of internet gateways which are returned by passing gateway_ids and filters argument to the ex_list_internet_gateways method in the EC2 driver. (LIBCLOUD-572, GITHUB-307) [Lior Goikhburg]
Allow user to filter which nodes are returned by passing ex_filters argument to the list_nodes method in the EC2 driver. (LIBCLOUD-580, GITHUB-320) [Lior Goikhburg]
Add network_association_id to ex_list_public_ips and CloudstackAddress object (GITHUB-327) [Roeland Kuipers]
Allow user to specify admin password by passing ex_admin_pass argument to the create_node method in the Openstack driver. (GITHUB-315) [Marcus Devich]
Fix a possible race condition in deploy_node which would occur if node is online and can be accessed via SSH, but the SSH key we want to use hasn't been installed yet.
Previously, we would immediately throw if we can connect, but the SSH key hasn't been installed yet. (GITHUB-331) [David Gay]
Propagate an exception in deploy_node method if user specified an invalid path to the private key file. Previously this exception was silently swallowed and ignored. [Tomaz Muraus]
DNS
Include a better message in the exception which is thrown when a request in the Rackspace driver ends up in an ERROR state. [Tomaz Muraus]
Changes with Apache Libcloud 0.15.0
General
Use lxml library (if available) for parsing XML. This should substantially reduce parsing time and memory usage for large XML responses (e.g. retrieving all the available images in the EC2 driver). [Andrew Mann]
Use --head flag instead of -X HEAD when logging curl lines for HEAD requests in debug mode.
Reported by Brian Metzler. (LIBCLOUD-552) [Tomaz Muraus]
Fix Python 3 compatibility bugs in the following functions:
import_key_pair_from_string in the EC2 driver
publickey._to_md5_fingerprint
publickey.get_pubkey_ssh2_fingerprint
(GITHUB-301) [Csaba Hoch]
Update CA_CERTS_PATH to also look for CA cert bundle which comes with openssl Homebrew formula on OS x (/usr/local/etc/openssl/cert.pem). (GITHUB-309) [Pedro Romano]
Update Google drivers to allow simultaneous authornization for all the supported Google Services. (GITHUB-302) [Eric Johnson]
Compute
Fix create_key_pair method which was not returning private key. (LIBCLOUD-566) [Sebastien Goasguen]
Map "Stopped" node state in the CloudStack driver to NodeState.STOPPED instead of NodeState.TERMINATED, "Stopping" to NodeState.PENDING instead of NodeState.TERMINATED and "Expunging" to NodeState.PENDING instead of NodeState.TERMINATED. (GITHUB-246) [Chris DeRamus, Tomaz Muraus]
Add ex_create_tags and ex_delete_tags method to the CloudStack driver. (LIBCLOUD-514, GITHUB-248) [Chris DeRamus]
Add new G2 instances to the EC2 driver. [Tomaz Muraus]
Add support for multiple API versions to the Eucalyptus driver and allows user to pass "api_version" argument to the driver constructor. (LIBCLOUD-516, GITHUB-249) [Chris DeRamus]
Map "Powered Off" state in the vCloud driver from "TERMINATED" to "STOPPED". (GITHUB-251) [Ash Berlin]
Add ex_rename_node method to the DigitalOcean driver. (GITHUB-252) [Rahul Ranjan]
Improve error parsing in the DigitalOcean driver.
Reported by Deni Bertovic. [Tomaz Muraus]
Add extension methods for the VPC internet gateway management to the EC2 driver. (LIBCLOUD-525, GITHUB-255) [Chris DeRamus]
Add CloudStackProject class to the CloudStack driver and add option to select project and disk offering on node creation. (LIBCLOUD-526, GITHUB-257) [Jim Divine]
Fix IP address handling in the OpenStack driver. (LIBCLOUD-503, GITHUB-235) [Markos Gogoulos]
Ad new ex_delete_image and ex_deprecate_image method to the GCE driver. (GITHUB-260) [Franck Cuny]
Ad new ex_copy_image method to the GCE driver. (GITHUB-258) [Franck Cuny]
Ad new ex_set_volume_auto_delete method to the GCE driver. (GITHUB-264) [Franck Cuny]
Add ex_revoke_security_group_ingress method to the CloudStack driver. [Chris DeRamus, Tomaz Muraus]
Allow user to pass ex_ebs_optimized argument to the create_node method in the EC2 driver. (GITHUB-272) [zerthimon]
Add "deprecated" attribute to the Node object in the Google Compute Engine driver. (GITHUB-276) [Chris / bassdread]
Update Softlayer driver to use "fullyQualifiedDomainName" instead of "hostname" attribute for the node name. (GITHUB-280) [RoelVanNyen]
Allow user to specify target tags using target_tags attribute when creating a firewall rule in the GCE driver. (GITHUB-278) [zerthimon]
Add new standard API for image management and initial implementation for the EC2 and Rackspace driver. (GITHUB-277) [Matt Lehman]
Allow user to specify "displayname" attribute when creating a CloudStack node by passing "ex_displayname" argument to the method.
Also allow "name" argument to be empty (None). This way CloudStack automatically uses Node's UUID for the name. (GITHUB-289) [Jeff Moody]
Deprecate "key" argument in the SSHClient class in favor of new "key_files" argument.
Also add a new "key_material" argument. This argument can contain raw string version of a private key.
Note 1: "key_files" and "key_material" arguments are mutually exclusive. Note 2: "key_material" argument is not supported in the ShellOutSSHClient.
Use node id attribute instead of the name for the "lconfig" label in the Linode driver. This way the label is never longer than 48 characters. (GITHUB-287) [earthgecko]
Add a new driver for Outscale SAS and Outscale INC cloud (http://www.outscale.com). (GITHUB-285, GITHUB-293, LIBCLOUD-536, LIBCLOUD-553) [Benoit Canet]
Add new driver for HP Public Cloud (Helion) available via Provider.HPCLOUD constant. [Tomaz Muraus]
Allow user to specify availability zone when creating an OpenStack node by passing "ex_availability_zone" argument to the create_node method. Note: This will only work if the OpenStack installation is running availability zones extension. (GITHUB-295, LIBCLOUD-555) [syndicut]
Allow user to pass filters to ex_list_networks method in the EC2 driver. (GITHUB-294) [zerthimon]
Allow user to retrieve container images using ex_get_image method in the Google Compute Engine driver. (GITHUB-299, LIBCLOUD-562) [Magnus Andersson]
Add new driver for Kili public cloud (http://kili.io/) [Tomaz Muraus]
Add "timeout" argument to the ParamikoSSHClient.run method. If this argument is specified and the command passed to run method doesn't finish in the defined timeout, SSHCommandTimeoutError is throw and the connection to the remote server is closed.
Note #1: If timed out happens, this functionality doesn't guarantee that the underlying command will be stopped / killed. The way it works it simply closes a connect to the remote server. [Tomaz Muraus]
Note #2: "timeout" argument is only available in the Paramiko SSH client.
Make "cidrs_ips" argument in the ex_authorize_security_group_egress method in the EC2 driver mandatory. (GITHUB-301) [Csaba Hoch]
Add extension methods for managing floating IPs (ex_get_floating_ip, ex_create_floating_ip, ex_delete_floating_ip) to the Openstack 1.1 driver. (GITHUB-301) [Csaba Hoch]
Fix bug in RimuHosting driver which caused driver not to work when the provider returned compressed (gzip'ed) response. (LIBCLOUD-569, GITHUB-303) [amastracci]
Fix issue with overwriting the server memory values in the RimuHosting driver. (GUTHUB-308) [Dustin Oberloh]
Add ex_all_tenants argument to the list_nodes method in the OpenStack driver. (GITHUB-312) [LIBCLOUD-575, Zak Estrada]
Add support for network management for advanced zones (ex_list_network_offerings, ex_create_network, ex_delete_network) in the CloudStack driver. (GITHUB-316) [Roeland Kuipers]
Add extension methods for routes and route table management to the EC2 driver (ex_list_route_tables, ex_create_route_table, ex_delete_route_table, ex_associate_route_table, ex_dissociate_route_table, ex_replace_route_table_association, ex_create_route, ex_delete_route, ex_replace_route) (LIBCLOUD-574, GITHUB-313) [Lior Goikhburg]
Fix ex_list_snapshots for HP Helion OpenStack based driver. [Tomaz Muraus]
Allow user to specify volume type and number of IOPS when creating a new volume in the EC2 driver by passing ex_volume_type and ex_iops argument to the create_volume method. [Tomaz Muraus]
Fix ex_unpause_node method in the OpenStack driver. (GITHUB-317) [Pablo Orduña]
Allow user to launch EC2 node in a specific VPC subnet by passing ex_subnet argument to the create_node method. (GITHUB-318) [Lior Goikhburg]
Storage
Fix container name encoding in the iterate_container_objects and get_container_cdn_url method in the CloudFiles driver. Previously, those methods would throw an exception if user passed in a container name which contained a whitespace.
Reported by Brian Metzler. (LIBCLOUD-552) [Tomaz MUraus]
Fix a bug in the OpenStack Swift driver which prevented the driver to work with installations where region names in the service catalog weren't upper case. (LIBCLOUD-576, GITHUB-311) [Zak Estrada]
Load Balancer
Add extension methods for policy managagement to the ELB driver. (LIBCLOUD-522, GITHUB-253) [Rahul Ranjan]
DNS
Fix update_record method in the Route56 driver so it works correctly for records with multiple values. [Tomaz Muraus]
Add ex_create_multi_value_record method to the Route53 driver which allows user to create a record with multiple values with a single call. [Tomaz Muraus]
Add new driver for Google DNS. (GITHUB-269) [Franck Cuny]
- patch-aa is now implemented (as below), that seems the only Change for
this version.
(upstream)
- Update to 0.603 (PKGVERSION is 0.6.3)
-------------------------------------
0.603 2014/09/07
- mark Net::FTP 2.79 as a valid base too, based on patch from
kimmo[AT]suominen[DOT]com, https://github.com/noxxi/p5-net-inet6glue/pull/3
- Add ${PERL5_LICENSE}
(upstream)
- Update 0.05 to 0.07
---------------------
0.07
General:
- Added unit tests
- Changed to proper source structure
Net/Gnats.pm
- Massive amount of refactoring around PBP.
- Removed unecessary 'dead' code
- Changed documentation according to PBP changes
- Began removing old 'data caching' mechanism, metadata needs to be
captured on a per db basis
- fixed/regressed bugs 4, 5, 7, 8, 9, 11 and created unit tests.
Net/Gnats/PR.pm
- reconstructed parse routine
- some PBP refactoring
Net/Gnats/Response.pm
- new module to hold all socket response (raw, code) and eventually
will replace old procedural method of capturing sets of responses.
0.06
Gnats.pm
- Added 'Net::Gnats::updatePR' method so multiple fields can be changed
with one call instead of having to call replaceField multiple times.
- Added 'Net::Gnats::newPR' method.
- Added 'Net::Gnats::filloutPR' method which fills out a new PR with the
field defaults specified in the gnats dbconfig.
- Fixed checking for when gnatsd will return a multiline response.
Previosuly all codes from 300-399 (except 350) where assumed to be
multiline. But the gnatsd spec says only 300-349 will be multiline.
- When PR's are unparsed into a string the MultiText fields are properly
escaped.
- Added ability to turn on debugging with '$Net::Gnats:debugGnatsd = 1'
- Work around a bug in gnatsd where it doesn't properly close file handles,
so gnatsperl closes and reopens the connection after 100 newPRs. I've
submitted a patch to gnats but it's not been incorporated yet.
- Disabled the listClasses method since gnatsd does not support it
anymore.
- Methods listFieldNames, listInitialInputFields, getFieldType,
isValidField, getFieldTypeInfo, getFieldFlags, getFieldDefault, only
query gnatsd once for the information so multiple calls to these methods
are much faster.
- Net::Gnats:lockPR extracts the PR data and returns a Net::Gnats::PR
object.
- Added Net::Gnats::checkPR method. Changed checkNewPR method to call
checkPR.
- Improved checking for "requireChangeReason" checking in replaceField
method.
- submitPR method calls PR::unparse method.
- Split out some code in _doGnatsCmd into new '_readAndPrcessResponse'
method so other methods could use the same code.
PR.pm
- Net::Gnats::PR::new method now requires the Net::Gnats object as the
first argument. This was done to provide better error checking. The
best was to fix existing code is to change any Net::Gnats::PR::new calls
to $g->new(). See documentation.
- The PR number is no longer tracked differently inside PR.pm. It's now
treated like all other fields. Users will not notice this change since
the getNumber method still works like previous versions. However if you
were accessing the $pr->{number} data directly it won't work anymore.
- The setField method takes an optional argument which is the changeReason.
- Currently setField does not require the changeReason to be specified,
but this may change in the next release.
- Major change to methods that parse and unparse PR's. A lot of code was
copied from gnatsweb so gnatsperl now does a much better job of handling
PR data. Also, in the future this will allow us to handle gnatsweb style
attachements.
-------------------
0.72 2015-02-08
- fix update_ref in gitdata (Mike Schilli)
0.71 2015-01-20
- When a query fails, include any additional error messages returned by the API,
in the croak message. (Neil Bowers)
- Make User-Agent header conform to RFCs (Zak Wilcox)
0.70 2014-10-08
add per_page in GET no matter it supports or not
0.69 2014-09-11
pass ua as the args so we can set up proxies for all
-------------------
1.07 Tue Jan 20 19:15:48 CET 2015
- update: copyright notice
- update: Kwalitee
1.06 Wed Apr 9 09:50:52 CEST 2014
- bugfix: https://rt.cpan.org/Ticket/Display.html?id=93409
- bugfix: https://rt.cpan.org/Ticket/Display.html?id=93408
- update: copyright notice
1.05 Wed Nov 14 21:47:44 CET 2012
- bugfix: on length calculation for IPv6::Option
- NEW: IPv6 HopByHop and Destination options extension header and Option
modules
=> contributed by vinsworld.com (Thanks Vince)
- UPDATE: IPv6::Fragment and IPv6::Routing do not export consts at all.
- update: added constants for hop-by-hop, destination and mobility
extension headers, and many other protocols
1.04 Thu Feb 23 20:18:58 CET 2012
- UPDATE: renamed IGMPv4 to IGMP
- NEW: IPv6 Fragment and Routing extension headers
=> contributed by vinsworld.com (Thanks Vince)
- update: copyright notice
-------------------
1.06 Fri Jan 23 07:32:52 CET 2015
- new: truncated attribute
- update: copyright notice
- update: Kwalitee
1.05 Wed Jan 25 22:48:18 CET 2012
- UPDATE: %Next variable population removed. Must be done from
developer's own layer 7 modules.
- bugfix: check when capture length is smaller than content length
- update: copyright notice
Features:
* local-zone: example.com inform makes unbound log a message with
client IP for queries in that zone. Eg. for finding infected hosts.
* patch from Stephane Lapie that adds to the python API, that
exposes struct delegpt, and adds the find_delegation function.
* Updated contrib warmup.cmd/sh to support two modes - load from
pre-defined list of domains or (with filename as argument) load from
user-specified list of domains, and updated contrib
unbound_cache.sh/cmd to support loading/save/reload cache to/from
default path or (with secondary argument) arbitrary path/filename
* patch for remote control over local sockets. Use control-interface:
/path/sock and control-use-cert: no.
* unbound-checkconf -f prints chroot with pidfile path.
* infra-cache-min-rtt patch from Florian Riehm, for expected long
uplink roundtrip times.
Bug Fixes:
* config.guess and config.sub update from libtoolize.
* getauxval test for ppc64 linux compatibility.
* make strip works for unbound-host and unbound-anchor.
* print query name when max target count is exceeded.
* patch from Stuart Henderson that fixes DESTDIR in
unbound-control-setup for installs where config is not in the prefix
location.
* [bugzilla: 634 ] Fix#634: fix fail to start on Linux LTS 3.14.X,
ignores missing IP_MTU_DISCOVER OMIT option.
* Patch to contrib/unbound_munin_ that uses type ABSOLUTE.
Allows munin.conf: [idleserver.example.net]
unbound_munin_hits.graph_period minute
* Fix pyunbound ord call, portable for python 2 and 3.
* Fix unintended use of gcc extension for incomplete enum types,
compile with pedantic c99 compliance.
* Fix pyunbound byte string representation for python3.
* Fix 0x20 capsforid fallback to omit gratuitous NS and additional
section changes.
* Fix validation failure in case upstream forwarder (ISC BIND) does
not have the same trust anchors and decides to insert unsigned NS
record in authority section.
* Fix scrubber with harden-glue turned off to reject NS (and other
not-address) records.
* iana portlist update.
* [bugzilla: 643 ] Fix doc/example.conf.in: unnecessary whitespace.
-------------------
1.14 Tue Dec 9 19:12:25 CET 2014
- BUGFIX: Dump::Online2: do not eat 100% and do not block for timeoutOnNext
seconds when it is not REALLY needed. We had to remove the
setnonblock option and to use pcap_dispatch i/o pcap_next_ex.
This should be the final bugfix...
There was also an infinite loop condition.
- new: Dump::Online2: maxRunTime() option to stop looping on next() forever
when we do not want. Default to loop forever.
1.13 Sun Dec 2 15:44:14 CET 2012
- BUGFIX: Dump::Online2: in non-blocking mode, we must handle our internal
received frame ring buffer. Many packets were missed because of
that.
1.12 Tue Nov 13 20:15:19 CET 2012
- UPDATE: Dump::Online2: now uses IO::Select to avoid eating 100% CPU
- update: mailing list link
1.11 Sun Nov 11 15:23:04 CET 2012
- bugfix: Dump::Online2 pod
- new: Dump::Online2: support for capture only mode
- new: examples for Dump::Online2
1.10 Wed Sep 12 20:15:09 CEST 2012
- bugfix: Online: use SUPER::next() instead of next()
- update: error messages scheme changed
- update: copyright notice
- Deleting patch-aa, no related line found (at all).
(upstream)
- Update 0.16 to 0.17
------------------
2012.11.28 - 0.17 - Sebastien Aperghis-Tramoni (SAPER)
- [BUGFIX] CPAN-RT#43308: Net::Pcap no longer enables immediate
(unsafe) signals delivery.
- [BUGFIX] Fix allocated size in pcap_open(), pcap_createsrcstr()
and pcap_parsesrcstr().
- [API] Now make the C-like API available by default. Added the
pcap_perl_settings() function and UNSAFE_SIGNALS pseudo-bloc.
- [CODE] Replaced all occurrences of safemalloc() with Newx().
- [CODE] Silenced some warnings.
- [DOC] Added a long note about Net::Pcap and signals delivery.
- [DOC] Improved README.
- [DOC] Mention Net::Pcap::Easy.
- [TESTS] Fixed t/17-lib_version.t to handle two digits versions.
- [TESTS] CPAN-RT#44448: Fixed t/17-lib_version.t to handle
versions from the CVS, thanks to Craig Davison.
- [TESTS] Refactored t/01-api.t and added checks for the new API.
-------------------
1.15 Sun Feb 15 18:09:23 CET 2015
- BUGFIX: IPv4 header length calculation on Mac OS X and OpenBSD
=> Read: support for OpenBSD and Mac OS X now ok
- bugfix: check if inet_ntop/getaddrinfo are *really* supported by trying to use them.
1.14 Wed Jan 28 20:01:48 CET 2015
- BUGFIX: getHostIpv6addr: not working on FreeBSD/Socket because of nasty getaddrinfo()
- tests: added tests for getHost* subs and inet* subs
1.13 Wed Jan 28 07:49:11 CET 2015
- BUGFIX: getHostIpv6Addr: use getaddrinfo/getnameinfo from Socket or Socket6
where available
=> Thanks to Vince
1.12 Tue Jan 20 19:33:06 CET 2015
- bugfix: TCP/UDP computeChecksums() so 6to4 and other encapsulations work
=> Thanks to Vince
- update: copyright notice
- update: Kwalitee
1.11 Tue Apr 8 15:33:43 CEST 2014
- bugfix: https://rt.cpan.org/Public/Bug/Display.html?id=94035
- bugfix: on making Socket6 optional, bugfix contributed by Andrew Feren
- optimization: convertMac() contributed by Andrew Feren
- optimization: inetChecksum() contributed by Andrew Feren
1.10 Mon Mar 10 13:26:53 CET 2014
- UPDATE: makes Socket6 optional, contributed by Andrew Feren
- update: copyright notice
1.09 Wed Jan 25 22:48:18 CET 2012
- UPDATE: %Next in UDP and TCP layers are now empty by default. The
developper who wants to add a new layer 7 seven will have to fill the
variable straight from his module.
1.08 Sat Jan 14 09:49:09 CET 2012
- bugfix: TCP and UDP checksum computation when using another
Net::Frame::Layer object (instead of plain payload).
=> Thanks to Vince
- update: copyright notice
-------------------
0.26 2015/02/10 08:30:00
- The deprecialted SSL_Advanced option now causes new() to call croak.
I'll remove any remaining reference to it in v0.27 or v0.28.
- The POD text no longer mentions the SSL_Advanced option at all.
- Added to README the new environment variable created for the test scripts
in the previous release.
- The RFC links in the SEE ALSO section had all expired. Located replacement
links for all referenced documents. Looks like they were just moved to
another location on the same web site. A victim of web-site remodeling.
- Enhanced _debug_print_hash(). It originally worked with just GLOBs, but
now works with regular hashes as well. Also fixed to follow SCALAR
references.
- Now dumps to the log file the contents of the SSL_Client_Certificate
hash if provided. Was difficult to debug logic when it wasn't logged.
- Bug Id # 101388, reusing SSL_Client_Certificate options on the data channel.
Added additional options to go with SSL_reuse_ctx to resolve this issue.
I checked the IO-Socket-SSL docs & all variables in the bug id are by
default part of SSL_reuse_ctx. So some low level code isn't resolving
the context correctly. This is a work arround. (Certificates were not
being used here. Just using the context for strict hostname verification.)
May be a case that when certificates are not used, the context isn't
fully used either.
0.25 2014/09/05 08:30:00
WARNING: This is a major upgrade & may not be 100% backwards compatible with
existing code. Also the response() redesign may not work for all
FTPS servers! It's a work in progress! So comments are welcome!
- Upgraded the minimum version of IO-Socket-SSL required from v1.08 to v1.26
so that I could remove the warnings in the POD for ccc(). But it should
still work with the earlier versions if you hack the code. But don't rely
on this in future releases. (minus the ccc command)
- Modified the Synopsis to use Croak since no one was reading my comments
about using it too closely anyway.
- Added a new pattern for uput() to check for file names with.
Also fixed to guarentee it will never return any path info, just the
base file name itself. [ This change may break existing programs. ]
- Another hack to recover from a garbled CCC response. This hack just
prevents unnecessary warnings.
- Hit a weird FTP server that requiers me to flip flop the binary/ASCII
settings on the server/client. See mixedModeAI() & mixedModeIA().
- Added a way to print Perl warnings to the log file. (trapWarn) It will
chain things if warnings were already trapped. Even between multiple open
Net::FTPSSL object logs. This is only usefull as a debugging tool when
reporting on errors via CPAN. It helps provide context to the warnings
that affect this code base.
- Added get_log_filehandle() to allow someone to gain access to the open
filehandle used to write to the log file generated when Debug is turned on
and you specified a log file via DebugLogFile.
- Now allows DebugLogFile to be an open file handle (GLOB).
- Fixed quot() to echo the command if it's one of those dissallowed.
Also now strips off any leading spaces from the command before using it.
- Found out use "sub DESTROY" rather than "sub END" for objects. (Just a FYI)
Surprise, Surprise! Sometimes END is called before DESTROY is!
- Moved some logic out of quit() into the new DESTROY() method. No longer
need to hack object termination logic via quit().
- Added END to handle final clean up for trapWarn().
- Fixed warnings in function _feat() caused by strange server returns.
- Fixed warnings in function _help() caused by strange server returns.
- Fixed 20-certificate.t bug where $ENV{HOME} is not defined for all OS.
- Fixed 10-complex.t to use the new warning logic.
- Fixed 20-certificate.t to use the new warning logic.
- Fixed t/10-complex.t & t/20-certificate.t to use a 30 second Timeout
instead of using the default 2 minutes.
- Reworked response() with regard to Bug # 97608. (related to Bug # 73115)
Had to redesign how this method worked. It was getting too convoluted
to patch any further. Was the only way to properly fix _help & _feat.
- Second issue for Bug # 9706 was an issue with very long login messsages
hit an unexpected Timeout issue (last release enhancement). Turns out the
Timeout logic in response() didn't always work properly if you didn't read
in the entire response via a single call to sysread(). Had two options,
make the buffer huge for the login response or make the logic more complex,
to only check for Timeouts on the command channel for new commands. Turns
out select() & sysread() don't actually compare notes. Hense another reason
to redesign how things worked.
- This rewrite of response() broke the ccc() hack. So had to redesign how
this hack worked as well. [May break existing programs using CCC!]
- Added special case Debug=>99 for more detailed logging for debugging
the new response code base in the future.
- Added new environment variable (FTPSSL_DEBUG_LEVEL) to t/10-complex.t to
enable low level debugging of the new response() code. There is no prompt
to turn on this feature. Added more as a reminder that it can be done!
- Updated the SSL_Advanced depreciated warning that it will soon be removed
in a future release. It was depreciated in v0.18 way back in 2011, so I
feel it's about time to have it removed. Just giving fair warning here!
I'll remove it in v0.26 or v0.27.
0.24 2014/06/30 08:30:00
- Makefile.PL fix, only asks question if Net::HTTPTunel isn't present!
Also now defaults to "N" instead of "Y" if module not present.
- Fixed bug in supported(). Unsupported commands are followed with "*"
in help. Most do "CMD*", but found some servers doing "CMD *" instead.
- Fixed bug in 20-certificate.t where we were getting a false failure
on nlst(). Fixed to explicitly check the response code instead of
assuming an error when nothing was found. Fixed list() as well.
- Same fix in 10-complex.t, even though tests designed to always return
something.
- Added transfer() to transfer files from one system to another system
without the need to make a local copy of the file.
- Added xtransfer() as well.
- Added transfer & xtransfer validation to 10-complex.t to test things out.
- Added a new environment variable default for *.t prompts.
- Bug # 95411 - Patch provided by ian@iansramblings.com. Fixes hang issue
when the command channel unexpectedly drops. Does this by implementing
a timeout in response().
#------- (Should I do this for the many data channel sysreads as well?)
0.23 2013/08/01 08:30:00
- Added clarification to use of SSL_Client_Certificate option in pod text.
- Added Bug Id 82094 to support tunneling through a proxy server via the
ProxyArgs option. Supports both proxy servers that require a password as
well as those that don't. This option requires Net::HTTPTunnel to use.
But this new module isn't required if you don't use tunneling.
(perl Makefile.PL will ask.)
- Added optional proxy server questions if Net::HTTPTunnel is installed for
the test scripts (t/*.t). It warns you if it's missing during the test.
- Fixed bug in login() so the call to help() only happens if the login is
successfull.
- Bug Id 84376 uncoverd bug in IO-Socket-SSL versions 1.79 to 1.85 when
using Certificats for the Data Channel & getting a Man-In-The-Middle (MITM)
warning that didn't apply. So skip those releases.
- Bug Id 85420 same MITM warning as the other bug, but this time without using
Certificates in the command channel. This required a code change in new()
to fix.
- Fixed masking issue when writing to the log file when the value that needed
to be masked contained regex special chars.
- Added clarification that any warnings printed below the 10-complex.t tests
are just that. Warnings, not errors preventing things from working. They
are collected so the developer can be notified about them for fixing in
furture releases. They are also written to the end of the log now as well.
- Add LICENSE as ${PERL5_LICENSE}
- Convert DEPENDS+= from p5-MooseX-Types-DateTimeX
to p5-MooseX-Types-DateTime
- Add REPLACE_PERL= bin/s3cl
- Add target post-install: to avoid (remove)
nonexecutable *.pm set permisson x
(upstream)
- Update 0.54 to 0.60
-------------------
0.60 Sun May 11 23:41:12 BST 2014
0.60 Sun May 11 23:36:38 BST 2013
- Moose enum fixes (patch by Tom Hukins)
- Support for reduced redundancy (patch by Aaron Crane)
- README file name fix (patch by Jay Hannah)
- Fixed s3cl synopsis for sync_up (patch by perlpong)
0.59 Sat Mar 17 09:36:38 GMT 2013
- Added support for security token authentication (patch by Miquel Ruiz)
0.58 Wed Nov 28 16:22:42 GMT 2012
- Added support for multi-part upload and multiple objects deletion (patch
by Robert B. Clarke)
0.57 Sun Sep 16 22:38:38 BST 2012
- Added support for Content-disposition (initial patch by Michele Beltrame)
- Added sync_up option to s3cl (patch by Leo Lapworth)
- Dist::Zilla tidying
0.56 Sun Dec 18 22:22:32 GMT 2011
- Spelling error (RT #69817, patch from Fabrizio Regalli)
- Added use_ok tests (RT #72856, suggested by Gregor Herrmann)
- Added missing use URI::Escape (RT #72857, patch from Gregor Herrmann)
- Bumped dependency on MooseX::StrictConstructor to 0.16 (RT #73229,
suggested by Andrew Main)
- Enforce dependency versions (RT #73193, suggested by Andrew Main)
0.55 Sat Dec 10 00:55:29 GMT 2011
- Replaced dependency on MooseX::Types::DateTimeX with
MooseX::Types::DateTime::MoreCoercions (RT #72472).
-------------------
3.05 2015-01-12
- Fixed infinite loop in Net::SMTP::auth(). [CPAN RT#100235]
3.04 2014-11-29
- SNI is now only used for SSL connections if it is supported by
IO::Socket::SSL (i.e. OpenSSL version >= 1). (The previous release
switched to using SNI by default, which caused some CPAN Testers
failures.) [Steffen Ullrich, PR#10]
3.03 2014-11-28
- Remodelled SSL support in Net::NNTP in the manner of Net::POP3 and
Net::SMTP. [Steffen Ullrich, PR#9]
- Increased minimum requred IO::Socket::SSL version from 1.999 to 2.007 to
fix data connection problems in Net::FTP. [Steffen Ullrich, CPAN
RT#100529]
- Fixed a broken port() call in pasv_xfer()/pasv_xfer_unique() in Net::FTP.
[Mario Preksavec, PR#8]
- Increased minimum required Socket version from 1.3 to 2.016. This may be
required when those modules that can support IPv6 load IO::Socket::IP (on
some OSes, at least). It does not appear to be necessary if they load
IO::Socket::INET6 or IO::Socket::INET instead, but this is not easy for
the end-user to control so it is simpler to always insist on Socket 2.016
or higher. [CPAN RT#100020]
- Fixed "Argument ... isn't numeric in subroutine entry" warnings when using
older versions of Perl. [CPAN RT#100020]
- Added optional Changes testing (skipped unless AUTHOR_TESTING).
- Reformatted Changes file as per CPAN::Changes::Spec.
3.02 2014-10-10
- Don't run interactive prompt() in Makefile.PL when in PERL_CORE.
- Fix $smtp->auth($sasl) to try the AUTH mechanism (if present) in the
Authen::SASL object before falling back on other mechanisms. [CPAN
RT#99415]
3.01 2014-10-09
- Require IO::Socket::SSL >= 1.999 to protect against a bad version (0.30)
of IO::Socket::IP and hopefully fix another bunch of CPAN Testers
failures.
3.00 2014-10-09
- Skip Perl Critic, Pod and Pod Coverage tests unless AUTHOR_TESTING. [CPAN
RT#99399]
- Synchronize all $VERSIONs to the distribution's version number, bumping
that to 3.00 so that no $VERSIONs end up going backwards.
1.30 2014-10-08
- Sigh. Fix PAUSE indexing problem again. Net::SMTP::SSL is already used by
Net-SMTP-SSL.
1.29 2014-10-08
- Fix PAUSE indexing problem. Net::POP3::_SSLified and Net::SMTP::_SSLified
are already used by Net-SSLGlue.
1.28 2014-10-08
- Improve code()/message() initialization and error handling in Net::Cmd.
[Tom Metro, CPAN RT#14875]
- Don't use the ALLO command on FTP servers that don't support it. [CPAN
RT#95717]
- Stop Makefile.PL from requiring interactive configuration when running via
cpan, cpanp or cpanm: just accept all defaults in these cases, as when
running non-interactively. [CPAN RT#48966]
- Add optional POD coverage testing.
- Add optional POD testing.
- Add optional Perl::Critic testing.
- Make code Perl::Critic clean.
- Move Net/*.pm into lib/Net/ sub-directory within distribution. This is
the usual layout style these days.
- Change Net::SMTP::auth() so that it now falls back to another supported
AUTH method if a given AUTH method fails. [Ivan Baktsheev, PR#3]
- Change Net::SMTP::auth() so that it uses the SMTP AUTH mechanism(s)
specified in the Authen::SASL object if one is provided instead of a
username. If a plain text username is specified then use the first
reported SMTP AUTH method supported, as usual. [Ewen McNeill, CPAN
RT#58002]
- Add support for IPv6 and SSL to Net::FTP, Net::NNTP, Net::POP3 and
Net::SMTP. These features are only available if the user has:
* a recent IO::Socket::SSL for SSL support;
* a recent IO::Socket::IP or an older IO::Socket::INET6 for IPv6 support.
If no SSL module is available it will work as before, but attempts to use
the SSL functionality will result in an error message. If no IPv6 modules
are available it will just use IPv4 as before. With IPv6 modules
installed one can of course still access IPv4 hosts. [Steffen Ullrich,
CPAN RT#93823]
----------------------------
1.143630 2014-12-29
- Updated country codes and names (including reservations)
- Updated database: Mon Dec 29 06:40:01 2014 UTC.
1.141670 2014-06-16
- Spelling fix (RT #93091)
- Updated database: Mon Jun 16 06:40:01 2014 UTC.
1.140470 2014-02-16
- Updated database: Sun Feb 16 06:40:01 2014 UTC.
--------------
IP-Country-2.28, 2013.05.15
---------------------------
Thanks to ANDK for bug report.
BUGFIX: http://rt.cpan.org/Public/Bug/Display.html?id=74843
minor robustness suggestion to work with CPAN::Reporter
Database update (thx NHORNE and darrenrh-at-gmail for reminder)
Most of our patches (mostly == for test in Bourne Shell) have been
integrated upstream. Retain a more minimal fix to the healthcheck
script. Add dependency on python setuptools.
The helper scripts of exabgp are now in share/exabgp/, to make
pkglint happy.
Upstream changes:
Version 3.4.7
* Package: be more pythonic and use enty points with pip installation
* Package: automatically update debian's changelog on release
* Fix: issue with aggregator generation
reported by: Yan Filyurin
Version 3.4.6
* Fix: a badly formated flow route would throw the parser in limbo
reported by: NickGudov (issue #203)
* Fix: allow multiple extended attribute (like flow rediction with a
origin/target)
* Fix: use ICMP Type and Code when printing flows (respectively using
name and number)
* Fix: do not use space printing redirect extended community
* Fix: not parsing correctly multisession configurations
* Fix: bug in ASPath parsing
reported by: Terry Hardie (issue #205)
* Feature: use ETC environment variable for configuration location if set
* Feature: JSON now includes ASN (local,peer) and IP (local,IP)
requested by: jtkdpu (issue #196)
patch by: Ryan Tinianov (pull #199) for the IP
* Feature: API support for sending eor
requested by: spakka (issue #109)
* Feature: allow routes to have a name (which can be used as comment)
requested by: lazy404 (issue #167)
* Feature: improve release code to prevent version mismatch (issue #202)
reported by: Anand Buddhdev
* Fix: systemd file is not installed anymore by default (issue #202)
to add to the file installation list use "python setup.py install systemd"
requested by: Anand Buddhdev
* QA: moved all testing code (used by travis-ci) in the ./qa folder
* QA: added nosetest, updating some of the old unittest code
* QA: integrated travis-ci with coveralls.io to have real time code coverage
* QA: ExaBGP can take more than one configuration file and on configuration
reload rotate between them
* QA: checking that broken flows do not break the parser
* QA: checking that configuration routes are well added and removed on SIGUSR1
* QA: checking that incoming notifications are handled correctly
* QA: moved many sample configuration file from etc/exabgp to the new qa/conf
Version 3.4.5
* Fix: improper distribution of events to process workers
reported by: Tim Epkes
Version 3.4.4
* Fix: bug with IPv4 / ipv6 handling
* Fix: better peer isolation when parsing messages
* Fix: IPv6 decoding when the routes includes link-local
* Fix: missing text API paramter
* Fix: no JSON for Aggregator
* Fix: show route extensive
patch by: Michal Grzedzicki, thank you
* Fix: 4-Octet AS Specific BGP Extended Community (RFC 5668)
patch by: Michal Grzedzicki
* Fix: bug with label encoding
patch by: Jesse Mather
* Improvement: add support for add-path with family MPLS
requested by: Tim Epkes
* Fix: bug when process writes multiple lines
reported by: Ilya Voronin
* Feature: accept packet with confedation (RFC 3065)
requested by: oriordan (with a patch, thank you)
* Fix: do not bark if an unknown ASPath attribute is found
* Fix: correctly accept connection on AF_INET6 socket
patch by: John W. O'Brien
* Fix: restore lost python2.6 compatibility
reported by: Minsuk Song
* Fix: IPv6 MD5
reported by: Dave J Knight
* Add framework to debug SIGUSR1 related problems
* Fix: do not drop session when receiving an unknown capability
patch by: Peter van Dijk (PowerDNS)
Version 3.4.3
* Fix: JSON message increment
reported by: Daniel Neiter, with a patch, thank you.
* Fix: JSON message format for operational
reported by: Rob Barnes, with a patch, thank you.
* Fix: JSON message for route-refresh
* Fix: EOR unpack issue
* Fix: ASPath encoding
* Fix: possible bad notify call
* Fix: Aggregator configuration issue
* Fix: pycharm reported issues
* operational, using afi instead of safi
* bad function paramters
* missing return keyword
* many cleanups
* Change: use RFC MULTISESSION capability and not CISCO variant anymore
Version 3.4.2
* Feature: add more information in crash report
* Fix: problem when trying to report exception errors
* Fix: better handling of on PIPE errors
reported by: Thomas Raabo
* Fix: could not split MPLS routes
reported by: Hideaki HAYASHI
* Fix: not correctly handling NOTIFICATION message
reported by: Hideaki HAYASHI
* Fix: do not block on a peer should a socket become blocking
reported by: Wouter Miltenburg
* Fix: API JSON message id incrementation
reported by: Wouter Miltenburg
Version 3.4.1
* Fix: on bad JSON message
patch from: Wouter Miltenburg
* Fix: parsing of default route
reported by: Wouter Miltenburg
* Fix: remove legacy exabgp.tcp.timeout
* Fix: forgot some processes options when printing neighbor
* Fix: bad function call for API
* Fix: correct JSON for OPEN
* Fix: issues with bad naming of APIOption
patch from: Wouter Miltenburg
* Fix: do not try to be clever (and possibly get it wrong) and rely on
keepalive timer to detect TCP faults
* Fix: formating issue of extended community
* Fix: issue with EOR
* Fix: caching issue
reported by: Wouter Miltenburg
* Fix: make sure we do not call select with a negative time
reported by: Wouter Miltenburg, Daniel Piekacz
patch from: Wouter Miltenburg
* Fix: handle AS4_PATH with PARTIAL bit set
reported by: Daniel Piekacz
* Fix: bug with generic attribute generation
* Fix: bad Notification
patch from: Wouter Miltenburg
* Fix: bad Keepalive JSON message
patch from: Wouter Miltenburg
Version 3.4.0
* Feature: add support for extended-attribute for FlowSpec
* Feature: more detailed JSON objects
patch from: Wouter Miltenburg
* Feature: support for L2VPN (experimental)
patch from: Nikita V. Shirokov
* Improvement: better handling of NOTIFICATION received during OPEN
negotiation
* Improvement: ExaBGP can restart failed helper process
* Fix: Do not reconnect too fast when connection fails
reported by: Robert Barnes
* Fix: Invalid JSON object for route-refresh
reported by: Robert Barnes
* Fix: We were not reporting the NLRI of the route received when
exabgp.log.routes was set
* Fix: accept exabgp_tcp_port as configuration option and not only
exabgp.tcp.port
* Fix: duplicate line output
* Fix: bad refactorisation which caused an bad ASN4 bug
* Fix: change EOR from IPv4 multicast (mistake) to IPv4 unicast
reported by: Mark Treacy
* Fix: bad encoding of flow fragment encoding
reported by: Andrei-Marius Radu
* Fix: bad reporting of process open sending
reported by: Mark Treacy (with patch, thank you)
* Fix: Incorporating NETBSD compatibility patches
* Fix: Generation of Generic Attributes
* Fix: Faster reactor (should be able to process much more API/BGP messages)
* Change: new commands for the configuration of the API
* Change: JSON objects now include a unique neighbor identifier
* Change: JSON objects now include a counter for unique message id
* Change: JSON objects now include a "type" to now how to best parse them
* Change: JSON new EOR object
* Change: JSON new Flow format
* Change: slight variation with the command line option names, now using
docopt patch from: Michael Robert Watson
* Change: the profile information is now exported in kcachegrind format
* Compatibility: JSON re-introduced the family under the "announce"
section (removed by mistake)
* Compatibility: restoring integer as default time, high resolution must
be enabled to not break older installations
* Change: JSON and Text shutdown object now shows the PID and PPID
--- 9.10.1-P2 released ---
4053. [security] Revoking a managed trust anchor and supplying
an untrusted replacement could cause named
to crash with an assertion failure.
(CVE-2015-1349) [RT #38344]
4027. [port] Net::DNS 0.81 compatibility. [RT #38165]
--- 9.9.6-P2 released ---
4053. [security] Revoking a managed trust anchor and supplying
an untrusted replacement could cause named
to crash with an assertion failure.
(CVE-2015-1349) [RT #38344]
4027. [port] Net::DNS 0.81 compatibility. [RT #38165]
from "ifconfig lo0" -- no sense in insisting on leading spaces in the
regexp after having done string.strip() on the target string...
Add dependency on py-ipaddr for healthcheck.py.
Remove *.orig files before installing, and make install target re-runnable.
Bump PKGREVISION.
This makes rdesktop work with Windows Server 2012 and 2012 R2.
rdesktop (1.8.3)
* Added a persistent mode used with SeamlessRDP
* Added US international keyboard layout with dead keys
* Code cleanup to match specifications, use constants defined
instead of magic numbers, remove of dead code
* Fix regression with failed connection and a invalid licensing
message, introduced in 1.8.2
* Fix issue with Non ASCII user / password when using CredSSP
* Fix issues using smartcard redirection with Windows 2012 R2
* Fix issue with windows key functionality
* Fix memory corruption when using rdp_out_unistr()
* Fix workaround for the lack of support for alpha cursors
* Fix silent exit when redirected when using CredSSP
* Fix crash when starting rdesktop without domain specified
while using CredSSP
* Fix issue in SeamlessRDP protocol parser upon reconnect
* Fix issue were a new SeamlessRDP application is respawned
upon a reconnection
-- Henrik Andersson <hean01@users.sourceforge.net> 2014-10-31
rdesktop (1.8.2)
* Support enhanced server redirection (Session broker 2012)
* Support License Error Alert PDU
* Changed default driver for printer redirection
* Fix CredSSP login using non-ASCII username/password
* Fix double login prompt bug with Win2008 server redirection
* Fix keysym collisions
* Fix mouse cursor with 2012 R2
* Fix local drive redirection with Win8 / Win2012
* Fix issue with mouse cursor hotspot
* Fix issue with mouse / keyboard against VirtualBox RDP
* Fix uncomplete czech keymap
* Fix error in dutch keymap
-- Henrik Andersson <hean01@users.sourceforge.net> 2014-05-20
appears to be maintained and where contributions are being integrated.
Particularly, this fixes a SEGV crash on LP64 (amd64).
Upstream changes since 4.0.4a in reverse chronological order:
F4.0.4.28
- Fix buffer length argument to ntop() - Muhammad Muquit
- Fix two missing free()s
- Fix segfault from incorrect pointer returned from value(). Reported
here:
http://www.shrubbery.net/pipermail/tac_plus/2014-January/001384.html
- update autoconf bits for autoconf 2.69
- put tac_plus daemon in sbin, where it ought to be
- fix hdr->datalength handling in dump_nas_pak()
- add -m option to specify the client listen queue max and increase
the default to 64 if the O/S does not define SOMAXCONN
- fix config.h include syntax - David M. Syzdek
- added -U and -Q flags to allow runtime setuid/setgid change - from
from Robert Drake with some alteration
- Make implicit time_t conversions explicit in expire.c - from David M.
Syzdek
- initialize newsockfd in main() - from David M. Syzdek
- recent changes in autoconf are causing the + of the package name to
become -, so just drop it from the tarball name.
F4.0.4.27
- add "port" to clarify log messages of default_fn.c
- use program name (filename) instead of hard-coded "tac_plus" for
name given to PAM
- change socket binding to allow an IPv6 address with the -B argument
- bind v4 and v6 sockets if system claims its has addresses for the AFs
- fix command authorization debug message logic for match/no match -
reported by Dereck Chan
F4.0.4.26
- add optional securid support via aceclient library - Matt Addison
- use localtime instead of gmtime for log messages so that the timezone
is inheritted.
- allow file authentication for PAP authorization
F4.0.4.25
- add -m (md5) option to tac_pwd. XXX could use better salt generation
- use random() in tac_pwd if available and generate 4 bytes of salt for
md5.
- sprintf -> snprintf - Robert Swiecki
- more pkt size checking in acct.c, authen.c, author.c - Robert Swiecki
- free(pak) in start_session() not in account(), for consistency
F4.0.4.24
- allow PAM for pap authentication - Jeroen Nijhof
- replace home-grown vprintf in report() with vsnprintf - Robert Swiecki
- dont use report in signal handler, since report uses syslog which uses
malloc - Robert Swiecki
- use volatile sig_atomic_t 'reinitialize' variable - Robert Swiecki
- use snprintf in get_authen_continue() and send_authen_error() and
check return - Robert Swiecki
- make snprintf buffers of get_authen_continue() and send_authen_error()
at least NI_MAXHOST bytes - Robert Swiecki
F4.0.4.23
- fix build on netbsd
- update PAM includes for OSX - YiJia Zhang
F4.0.4.22
- check of regexec() return value inverted - from Ignas Kazlauskas
F4.0.4.21
- do_auth.py - better Nexus support, better AV replacement, and only
send roles to Nexus - from Daniel Schmidt
- fix bug in checking the return value of regexec() for login and enable
ACLs.
- do_auth.py - better Nexus support, better AV replacement, and only
F4.0.4.20
- remove stupid error message about running as root
- Drop the private regex library in favor of libc's. A system w/o a
regex is one I dont care about.
- finally remove config parsing for 'default authorization = permit'
- apply ACLs to pap, chap, arap and ms-chap authentication too
- change accounting log time format to match syslog
- do_auth.py fix from Daniel Schmidt
- import fdes from David G. Koontz (1991) for ARAP/MSCHAP_DES
- move MSCHAP define to autoconf; --enable-mschap
- use the fdes code for ARAP_DES and MSCHAP_DES. NOTE: I have no way to
test this. lmk if it does not work.
- increase NAC address array size. affects the format of the tacacs
wholog file (TACPLUS_WHOLOGFILE); existing file should be removed.
- add comments to tac_plus.conf.5 about cipher algorithms in
password_spec
- do_auth.py - Fixed reression, Support for replacing av pairs - from
Daniel Schmidt
F4.0.4.19
- offer $ip to before/after authorization scripts
- wtmp and accounting files do not need to be mutually exclusive
- add authorization script example - from Daniel Schmidt
- add partial support for single-connection mode
- convert select()s to poll()s
F4.0.4.18
- Fix missing printf argument in debug output
- Add "enable = nopassword" to users, groups and hosts.
F4.0.4.17
- Move REARMSIGNAL definition to autoconf
- Move REAPCHILD definition to autoconf and check if SIG_IGN works
- Move SIGCHLD handling to apply to all daemon personalities - partly
from John Payne
F4.0.4.16
- Few innocuous changes from or inspired by FreeBSD ports
- Deal with max-session finger format difference in a way that does not
require knowing which IOS is being fingered.
- The header encryption field is really a flags field which includes
a single-session option (which we'd like to support)
- Check return of write() for interrupts when writing arguments to
external scripts.
- -G was not remaining in foreground - From Nathan Schrenk
- Do not attempt to remove the pidfile if the pidfilebuf was truncated
or we could not open the file.
- Add 'accounting syslog;' configuration knob - mostly from Mark Ellzey
Thomas
- Notes about PAM - from Aaron Scarisbrick
- Allow PAM debug message with tac_plus password debugging option - from
Aaron Scarisbrick
- Allow \'s within quoted words in tac_plus.conf - from Jesse Zbikowski
- Allow 'file' <password_spec> for host and user enable - part from
Jeff Gehlbach via Daniel Schmidt
- Fix possible buffer overflow for arap - noted by Oren Nechushtan
F4.0.4.15
- Check data lengths in debugging functions - reported by Antonin
Vitecek
- Fix syslog facility selection - from Timo Vanoni & Josef Voggesser
- Add -G/foreground option
- Deal with missing socklen_t
F4.0.4.14
- Add notes about PAM to the user guide and tac_plus.conf(5)
- Log login failures with the username, NAS address and NAS tty -
requested by Andi Bauer
- ACLs were not applied through the default authentication
(ie: user=DEFAULT) path - reported by Robert Lister
F4.0.4.13
- Rename convert.pl to tac_convert and install it
- install users_guide
F4.0.4.12
- Fix typo in usage message - from Georg Schwarz
- Various tac_plus.conf.5 fixes - from Georg Schwarz
- escape the escape backslash of the ACL examples - from Georg Schwarz
- Fix a LP64 bug where VALUE (union v) consisting of pointer was
intialized like an int - reported by brad dreisbach
F4.0.4.11
- Fix OS X and build problems and do not prototype errno - from
Georg Schwarz
F4.0.4.10
- Fix PAM for linux, which does not offer PAM_AUTHOK for pam_set_item()
and requires a pam_conv function even with PAM_SILENT - reported and
tested by Stefan Oettl
F4.0.4.9
- clean-up bogus nopasswd_str protoypes that gcc4 did not like
F4.0.4.8
- if -B is used, add the bind address in the PID filename - from
Ian Dickinson
- "acl" is an AV pair for service exec. Within service attribute
parsing, do not parse "acl" as the acl (or connection ACL) keyword.
This is a hack; the parser is rather lame - noted by Bryce Kahle
- fix md4 for LP64
- do not accept skey keywords unless compiled with skey support
- fix skey enable password type - bit from Ed Ravin
- skey prompt ("challenge") is "S/Key challenge", not "Password"
- make "daemon" the default syslog facility and add a syslog config
statement
- add support for user authentication via PAM
F4.0.4.7
- make configure option --with-skey work
- raise a few logs from INFO to NOTICE, to allow syslogd filtering of
some rather noisey logs
- add ACL checking for authorization, for the case where tacacs is only
used for authorization.
F4.0.4.6
- fix a few compiler warnings
- add -e and -h options to tac_pwd
- include crypt.h if it exists (solaris)
- make configure options --with-{user,group}id work
F4.0.4.5
- use C99 stdint.h for int types
- linux's libwrap needs libnsl
- variable index in md5.c conflicts with index()
F4.0.4.4
- added more autoconf stuff
- fix-up tac_plus.8 manpage - still need to do autoconf-time option
replacement
- fix-up tac_plus.conf manpage - incomplete
- fix-up tac_plus help message
- whitespace and formatting nits
- port host clause (minus type keyword) from devrim seral's tac_plus v9
(http://www.gazi.edu.tr/tacacs/) at user request
- changed user-specific enable password handling such that it if one
is specified for the user, the daemon does not check the host-specific
or global enable password.
- make TACPLUS_ACCTFILE, TACPLUS_PIDFILE, and TACPLUS_LOGFILE autoconf
knobs filling in pathsl.h and appopriate bits in manpages
- separated the frequently asked questions portion of the user_guide
into the file FAQ
- OR successive -d (debug) options
- fix md5 for LP64
F4.0.4.3
- comment out the unnecessary lex and yacc tests from autoconf
F4.0.4.2
- partial autoconf setup - much more to be done
- compile option IGN_HUP (ignore HUP signal) is history
- rename generated_password -> tac_pwd and add manpage
- rename tac_plus.1 -> tac_plus.8
- add tac_plus.confg.5
- add -h option to display usage info
F4.0.4.1
- {log,pid}file permissions fixes - partically from ian freislich
- add bind address (-B) option - partically from ian freislich
- fix pidfile removal on exit
Changes from release F4.0.3 to F4.0.4
- merge F4.0.4 changes from disaster.com
and mwdavies, who added the Xvnc build.
TigerVNC is a high-performance, platform-neutral implementation of
VNC (Virtual Network Computing), a client/server application that
allows users to launch and interact with graphical applications on
remote machines. TigerVNC provides the levels of performance
necessary to run 3D and video applications, and it attempts to
maintain a common look and feel and re-use components, where
possible, across the various platforms that it supports. TigerVNC
also provides extensions for advanced authentication methods and
TLS encryption.
congestion window on each test interval.
Also fix the FreeBSD version to do the same (wrong variable
in the tcp_info struct was used...).
Bump PKGREVISION.
File::RsyncP is a perl implementation of an Rsync client. It is
compatible with Rsync 2.x (protocol versions up to 28). It can send
or receive files, either by running rsync on the remote machine, or
connecting to an rsyncd deamon on the remote machine.
================
FEATURES:
- RFC 7344: CDS and CDNSKEY (read record types).
- per zone statistics with --enable-zone-stats, config zone with
zonestats: "name", zones configured with the same string are added.
- Disabled use of SSLv3 in nsd-control.
- nsd-checkconf -f prints out full name of pidfile (with dir).
- Synthesize CNAMEs with same TTL as DNAME.
BUG FIXES:
- Fix that expired zones stay expired after a server restart.
- Fix "xfrd_handle_ipc: bad mode" log errors when compiled
with --disable-bind8-stats.
- Fix#616: retry xfer for zones with no content after command.
- Fix char used as array index warnings on NetBSD.
- Fix that queries for noname CH TXT are REFUSED instead of nodata.
- Fixes for wildcard addition and deletion, speedup for some cases.
- Fix that failure to add tcp to tcp base does not leak the socket.
- Patch nsd_munin_ from Philip Paeps to use type ABSOLUTE.
- Fix spinning NSD with lots of failing transfers, due to pointer
comparison using void pointer subtraction.
- Fix bug#637: fix that nsd.db grows limitlessly, an off by one
on one megabyte free chunks, created during AXFRs of large zones,
that caused the one megabyte chunk to be leaked.
- Fix casts for ctype functions.
- correct some hyphen-used-as-minus-sign (from Andreas Schulze) in
man pages.
- Fix zonesdir chroot error message.
Changelog:
0.5.0
* Completely removed the dependency on InMemory server for unit tests
* Minimized the number of HTTP requests sent by SessionFactory::createSession
* Added Session::getBaseTypes()
== 1.7.7 - 22-Jan-2015
* Pull request #1 from Mike George. This fixes domains which have http in them.
== 1.7.6 - 13-Dec-2014
* Changed TCP handling yet again, as it was returning false positives. Thanks
go to Marcos Piccinini for the spot.
== 1.7.5 - 2-Nov-2014
* Added packet count and intervals for external pings. Thanks go to Jack Hayter
for the patch.
* No longer report closed TCP port as active. Thanks go to Joshua Yanovski for
the spot and patch.
== 1.7.4 - 16-Apr-2014
* Remove the Timeout block for the Ping::HTTP class because it wasn't working
with JRuby. Instead, we use the builtin open_timeout and read_timeout
accessors on the underlying http request. Thanks go to Ian Heggie for the
spot.
* The Ping::HTTP#ping? more robustly parses out the port from the uri argument
if provided. In addition, the default port is again set back to 80 as a
last resort in the constructor.
* Added timeout and port tests for the Ping::HTTP class.
* If a host is unreachable explicitly set the result to false regardless of
the actual exit status. This appears to only affect Windows 7 and later.
* Reinstated the Timeout block for the Ping::ICMP class. Without it, threaded
pings could end up in an infinite loop. Thanks go to muirmanders for the spot.
== 1.7.3 - 3-Apr-2014
* Removed the Timeout block for the Ping::External class as it apparently
hasn't worked with open3 for some time. Instead, it now uses your command
line ping's timeout switch. Thanks go to Andrea Bernardo Ciddio for the
spot.
* Made ICMP pings thread safe. I think.
* Removed a redundant Timeout block in the Ping::ICMP class.
* If an ICMP ping times out, the exception attribute is set to "timeout".
* Added explicit support for AIX for the Ping::External class.
* Bumped minimum required Ruby version to 1.9.3.
## v1.57.0
* Add query_raw method as alias for send_plain_message, with option to raise or return error.
* Fixed a bug in RR hash calculation where TTL should have been ignored but wasn't.
* Add support for (obsolete) GPOS resource record type.
* Tweak Travis CI configuration.
* Fix zone reader for case where a line contains whitespace preceding a comment.
* Add post install message.
* Improve README.
* Moved content of NEWS to RELEASE_NOTES.md.
* Use git ls-files now to determine files for inclusion in gem.
## v1.56.0
* Drop support for Ruby 1.8, using lambda -> and hash 'key: value' notations.
* First release since the move from Rubyforge to Github (https://github.com/alexdalitz/dnsruby).
* Add EDNS client subnet support.
* Relocate CodeMapper subclasses, Resolv, RR, and RRSet classes.
* Add Travis CI and coveralls integration.
* Improve Google IPV6 support.
* Convert some file names to snake case.
* Remove trailing whitespace from lines, and ensure that comments have space between '#' and text.
* Restore test success when running under JRuby.
* Disabled attempt to connect to Nominet servers, which are no longer available.
* Convert from test/unit to minitest/autorun to support Ruby 2.1+.
* Remove setup.rb.
* Other minor refactoring and improvements to production code, test code, and documentation.
## Changes Between 1.4.x and 1.5.0
### Only Await basic.consume-ok If nowait is false
Contributed by Rian McGuire.
### Server-Named Queue Recovery Fix
Server-named queues are now correctly recovered again.
Contributed by Jack C Hong.
## Changes Between 1.3.x and 1.4.0
### connection.blocked Support
[connection.blocked](https://www.rabbitmq.com/connection-blocked.html) notifications
are now correctly supported by the library:
``` ruby
EventMachine.run do
connection = AMQP.connect(:host => '127.0.0.1')
connection.on_blocked do |conn, conn_blocked|
puts "Connection blocked, reason: #{conn_blocked.reason}"
end
connection.on_unblocked do |conn, _|
puts "Connection unblocked"
end
end
```
1.6.2
=====
Bug #4227 - Helper tool crashes when service checks elevation state
Bug #4091 - Zeroconf on server advertises bogus IP address
Bug #4249 - Drag file causes client crash on Mac (10.10)
Enhancement #4196 - Optional Bonjour requirement for Windows
Enhancement #4235 - Automatic Bonjour download and install
Enhancement #4218 - Auto-config available servers combo box
Enhancement #4230 - More user friendly dialog when client is detected
Enhancement #4240 - Minimize auto config message box usage
Enhancement #4247 - Firewall exception for GUI (needed for Bonjour)
Enhancement #4242 - Consistent naming for auto config feature
1.6.1
=====
Bug #4002 - Carbon loop not ready within 5 sec
Bug #4191 - Accessibility helper tool crashes
Bug #4149 - Mac 10.9.5 or 10.10 gatekeeper blocks Synergy
Bug #4139 - Exception thrown when ProcessIdToSessionId() fails
Bug #4055 - Shift keys are not sent to clients (Win 8.1 server)
Bug #4021 - Copy & paste not working for EFL applications
Bug #3749 - Linux Chrome hover doesn't work
Bug #4128 - Daemon logging not written with "log to file"
Enhancement #4122 - Enable drag and drop by default
Enhancement #4158 - Build for Mac OS X 10.10
Enhancement #4130 - Auto elevate for Windows UAC and screen lock
Enhancement #4126 - 64-bit support for OS X
Enhancement #4141 - DMRM message support for μSynergy
Enhancement #4124 - More robust argument parsing
1.6.0
=====
Feature #65 - Auto config feature using Zeroconf/Bonjour
1.5.1
=====
Bug #3307 - Configuration file paths containing spaces don't work
Bug #3404 - Log path needs to be in quotes on windows
Bug #3996 - Installer fails when Windows Firewall is disabled
1.5.0
=====
Bug #4060 - Key stuck down on Windows server
Bug #4061 - Windows server repeats modifier keys
1.4.18
======
Bug #3980 - Shell extension DLL causes explorer.exe to crash
Task #4049 - Correct code style in OSXKeyState compilation unit
Task #4050 - Fix subversion issue tracker URL
Task #4053 - Improve deb package quality
Task #4054 - Improve rpm package quality
1.4.17
======
Bug #2836 - Unable to begin screen name or alias with numbers
Bug #3796 - Some files being unintentionally dragged (including explorer.exe)
Bug #3886 - Alias is allowed to match screen name
Bug #3919 - RPM install fails on Fedora 20, failed dependencies: libcurl
Bug #3921 - Error: synwinxt.dll outdated (upgrading from 1.4.15 to 1.4.16)
Bug #3927 - Mavericks accessibility exception not working (when upgrading from 1.4.15 to 1.4.16)
Bug #3933 - Plus signs in the email address cause premium login to fail
Bug #3939 - Compile fails on ARM (Raspberry Pi) because of cryptopp/Crypto++ lib
Bug #3947 - Conflicts when using yum localinstall on Fedora 20
Bug #3959 - Premium title doesn't always show on first login
Bug #3968 - GUI auto-hides on initial first install (with no config)
Task #3936 - Change installer to WiX for improved file upgrade process
Task #3950 - Poll modifier after key down on Mac OS X and log results
Task #3951 - Clear filename stored in synwinxt on mouse up
Task #3952 - Make Premium wizard page cleaner
Task #3953 - Inherit XArch and XBase from std::exception
Task #3954 - Make "lock to screen" log message go to NOTE level instead of DEBUG
Task #3960 - Split CMSWindowsHookLibraryLoader into hook and shellex loaders
Task #3961 - Remove Windows 95 support
Task #3963 - Disable failing Linux unit/integ tests on Fedora 20 32-bit (valgrind SIGILL)
Task #3964 - Make Premium login error more verbose
Task #3969 - Merge String.cpp and StringUtil.cpp
1.4.16
======
Bug #3338 - Alt tab not working with Windows 8
Bug #3642 - Failed to start server on Mac OS X 10.9 Mavericks, assistive devices problem
Bug #3785 - Synwinxt.dll error opening file for writing during install of 1.4.15
Bug #3787 - Wont automatically load after login on OS X
Bug #3788 - Configuration wizard: Premium login fails when behind a proxy
Bug #3796 - Some files being unintentionally dragged (including explorer.exe)
Bug #3799 - Synergy Client on Fedora crashes on drag/drop operations
Bug #3818 - Client freezes on Mac OS 10.6.8
Bug #3874 - Premium GUI login is case sensitive for email
Bug #3911 - Drag and drop error on OS X 10.9 Mavericks
1.4.15
======
Bug #3765 - Synergy Service - Error 87: The parameter is incorrect.
Bug #3781 - Option not supported on Linux: --enable-drag-drop (server not starting)
- Add comment on patches, by picking from cvs log
(upstream)
- Update bird and bird6 from 1.3.11 to 1.4.5
----------------------
Version 1.4.5 (2014-10-06)
o New 'show route noexport' command option.
o Port option for BGP sessions.
o Better constant handling in set literals.
o Better rate filtering of log messages.
o Several minor bugfixes.
Version 1.4.4 (2014-07-09)
o Extended OSPF multipath support.
o Default router preference for RAdv.
o Significant changes in socket layer.
o Important bugfix in BGP.
o Several minor bugfixes.
Version 1.4.3 (2014-04-14)
o Important bugfix in IPv6 BGP.
Version 1.4.2 (2014-04-02)
o Important bugfix in BFD.
Version 1.4.1 (2014-03-31)
o BGP add-path support (RFC draft).
o BGP graceful restart (RFC 4724).
o OSPF: many changes in socket layer.
o OSPF: support for secondary addresses in BSD.
o OSPF: names for vlink pseudointerfaces (vlinkX).
o Several bugfixes.
Version 1.4.0 (2013-11-25)
o BFD protocol (RFC 5880).
o BFD support for OSPF and BGP.
o New 'allow local as' option for BGP.
o Filters allows setting gw, ifname and ifindex.
o Filter operator 'delete/filter' extended to bgp_paths.
o Filter operator 'len' extended to [e]clists.
o BIRD client now allows shorthands for noninteractive commands.
o Flag -P for PID file support.
o Flag -f added to force BIRD to run in foreground.
o Protocol export/import/receive limits are checked during reconfiguration.
o Several bugfixes and minor improvements.
o Several minor but incompatible changes:
- IBGP is multihop by default.
- Changes primary address selection on BSD to the first one.
- Integers in filters are handled as unsigned.
- ISO 8601 time formats used by default.
- Import of device routes from kernel protocol allowed.
- Last state change now tracks just protocol state change.
- Minor changes to default router ID calculation.
Iperf3 is a tool for active measurements of the maximum achievable
bandwidth on IP networks. It supports tuning of various parameters
related to timing, protocols, and buffers. For each test it reports
the bandwidth, loss, and other parameters.
This version, sometimes referred to as iperf3, is a redesign of an
original version developed at NLANR/DAST. iperf3 is a new
implementation from scratch, with the goal of a smaller, simpler code
base, and a library version of the functionality that can be used in
other programs. Iperf3 also has a number of features found in other tools
such as nuttcp and netperf, but were missing from the original iperf.
These include, for example, a zero-copy mode and optional JSON output.
Note that iperf3 is NOT backwards compatible with the original iperf.
libnice 0.1.10 (2015-01-28)
===========================
Fix bug on component change on the sink
libnice 0.1.9 (2015-01-28)
==========================
Make it possible to statically build the GStreamer plugins
Bug fixes, in particular fix compatibility with coTurn servers
Documentation fixes
Twisted Core 15.0.0 (2015-01-24)
================================
Features
--------
- twisted.internet.protocol.ClientFactory (and subclasses) may now
return None from buildProtocol to immediately close the connection.
(#710)
- twisted.trial.unittest.SynchronousTestCase.assertRaises can now
return a context manager. (#5339)
- Implementations of
twisted.internet.interfaces.IStreamClientEndpoint included in
Twisted itself will now handle None being returned from the client
factory's buildProtocol method by immediately closing the
connection and firing the waiting Deferred with a Failure. (#6976)
- inlineCallbacks now supports using the return statement with a
value on Python 3 (#7624)
- twisted.spread.banana.Banana.sendEncoded() now raises a more
informative error message if the user tries to encode objects of
unsupported type. (#7663)
Bugfixes
--------
- twisted.internet.interfaces.IReactorMulticast.listenMultiple works
again RHEL 6's python 2.6. (#7159)
- Allow much more of the code within Twisted to use ProcessEndpoint
by adding IPushProducer and IConsumer interfaces to its resulting
transport. (#7436)
- twisted.internet.ssl.Certificate(...).getPublicKey().keyHash() now
produces a stable value regardless of OpenSSL version.
Unfortunately this means that it is different than the value
produced by older Twisted versions. (#7651)
- twisted.python.reflect.safe_str on Python 3 converts utf-8 encoded
bytes to clean str instead of "b'a'" (#7660)
- twisted.spread.banana.Banana now raises NotImplementedError when
receiving pb messages without pb being the selected dialect (#7662)
- The SSL server string endpoint parser
(twisted.internet.endpoints.serverFromString) now constructs
endpoints which, by default, disable the insecure SSLv3 protocol.
(#7684)
- The SSL client string endpoint parser
(twisted.internet.endpoints.clientFromString) now constructs
endpoints which, by default, disable the insecure SSLv3 protocol.
(#7686)
Improved Documentation
----------------------
- inlineCallbacks now has introductory documentation. (#1009)
- The echoclient example now uses twisted.internet.task.react.
(#7083)
- Twisted Trial's how-to documentation now has a link to Twisted's
contribution guidelines and has been reformatted. (#7475)
- Fixed a path error in the make.bat file for building Sphinx
documentation, so that it is now possible to build the documenation
using make.bat on Windows. (#7542)
Deprecations and Removals
-------------------------
- twisted.python.filepath.FilePath.statinfo was deprecated. (#4450)
- twisted.internet.defer.deferredGenerator is now deprecated.
twisted.internet.defer.inlineCallbacks should be used instead.
(#6044)
- Pickling twisted.internet.ssl.OptionSSLCertificationOptions and
twisted.internet.ssl.Keypair is no longer supported. __getstate__
and __setstate__ methods of these classes have been deprecated.
(#6166)
- twisted.spread.jelly's support for unjellying "instance" atoms is
now deprecated. (#7653)
Other
-----
- #3404, #4711, #5730, #6042, #6626, #6947, #6953, #6989, #7032,
#7038, #7039, #7097, #7098, #7142, #7143, #7154, #7155, #7156,
#7157, #7158, #7160, #7161, #7162, #7164, #7165, #7176, #7234,
#7252, #7329, #7333, #7355, #7369, #7370, #7419, #7529, #7531,
#7534, #7537, #7538, #7620, #7621, #7633, #7636, #7637, #7638,
#7640, #7641, #7642, #7643, #7665, #7667, #7713, #7719
Twisted Conch 15.0.0 (2015-01-24)
=================================
Features
--------
- The new APIs: twisted.conch.checkers.IAuthorizedKeysDB,
twisted.conch.checkers.InMemorySSHKeyDB,
twisted.conch.checkers.UNIXAuthorizedKeyFiles, and
twisted.conch.checkers.SSHPublicKeyChecker have been added to
provide functionality to check the validity of SSH public keys and
specify where authorized keys are to be found. (#7144)
Deprecations and Removals
-------------------------
- twisted.conch.checkers.SSHPublicKeyDatabase is now deprecated in
favor of a twisted.conch.checkers.SSHPublicKeyChecker instantiated
with a twisted.conch.checkers.UNIXAuthorizedKeyFiles. (#7144)
Other
-----
- #6626, #7002, #7526, #7532, #7698
Twisted Lore 15.0.0 (2015-01-24)
================================
No significant changes have been made for this release.
Twisted Mail 15.0.0 (2015-01-24)
================================
No significant changes have been made for this release.
Other
-----
- #6999, #7708
Twisted Names 15.0.0 (2015-01-24)
=================================
Bugfixes
--------
- twisted.names.secondary.SecondaryAuthority can now answer queries
again (broken since 13.2.0). (#7408)
Other
-----
- #7352
Twisted News 15.0.0 (2015-01-24)
================================
No significant changes have been made for this release.
Other
-----
- #7703
Twisted Pair 15.0.0 (2015-01-24)
================================
No significant changes have been made for this release.
Other
-----
- #7722
Twisted Runner 15.0.0 (2015-01-24)
==================================
No significant changes have been made for this release.
Twisted Web 15.0.0 (2015-01-24)
===============================
Features
--------
- twisted.web.client.Agent.usingEndpointFactory allows creating an
Agent that connects in non-standard ways, e.g. via a proxy or a
UNIX socket. (#6634)
- The Deferred returned by twisted.web.client.readBody can now be
cancelled. (#6686)
Deprecations and Removals
-------------------------
- twisted.web.iweb.IRequest.getClient is now deprecated. Its
implementation in Twisted, twisted.web.http.Request.getClient, is
also deprecated and will no longer attempt to resolve the client IP
address to a hostname. (#2252)
Other
-----
- #7247, #7302, #7680, #7689
Twisted Words 15.0.0 (2015-01-24)
=================================
No significant changes have been made for this release.
Other
-----
- #6994, #7163, #7622
"configure fix patch" was sent to MAINTAINER, but not approved yet.
Moreover, this package is a part of bootstrap dependency, so changes must be
proposed/discussed first.
Changes since OpenNTPD 5.7p2
============================
* Fixed issue resolving hostnames when the network is initially unavailable.
* Fixed process name logging on Linux and OS X.
* Fixed adjfreq failures on Solaris due to uninitialized struct timex.
* Support building on Linux musl libc.
- Add comments on patches from cvs log
(upsteam)
- update 1.4 to 1.5.0
-------------------
Changes in adns 1.5.0, since adns 1.4, are:
New features:
* This release provides full IPv6 support. Applications can request
AAAA records (containing IPv6 addresses) as well as, or instead of,
A records (containing IPv4 addresses). adns 1.5 can speak to
nameservers over IPv6.
* adns_addr2text and adns_text2addr: Convenient C functions for
converting between addresses and address literals. These carry
less baggage than getaddrinfo and getnameinfo.
Bugfixes:
* We fix a crashing bug in adnslogres. (Debian#392102.)
* Previously, parsing of some adns_specific options in resolv.conf
would go awry if multiple options were specified on the same line.
(Fixed since 1.5.0~rc0.)
* adns now knows to ignore more things in resolv.conf, rather than
warn about them, and there's also an option to disable all of these
warnings. (Debian#411263.) (Fixed since 1.5.0~rc0.)
* Previously, some harmless but wrong owner names for checked ptr
queries would be accepted; now they are rejected with `Domain
invalid for particular DNS query type'.
Other:
* There are some minor API/ABI changes and improvements, for future
proofing.
* There are also some build system, test suite and coding style
improvements.
* Licence is now GPLv3.
Compatibility:
adns 1.5 is fully forwards API- and ABI-compatible with 1.4.
adns 1.5 is not backwards ABI-compatible, in the sense that
applications built against adns 1.5 but run with adns 1.4 may
experience `Function not implemented' errors, or `symbol lookup
error' due to undefined symbols. But applications built against 1.4
will not experience data corruption due to ABI mismatches.
adns_r_addr queries (general `address' queries where the application
does not specify the kind of address) used to only return AF_INET
(IPv4) addresses. To avoid surprising existing applications,
AF_INET6 (IPv6) addresses will be returned only if the application
explicitly states its support for handling a mixture of address
families in the results from adns_r_addr. In a future version of
adns this will become the default.
adnshost and the other command-line utilities are fully forward- and
backward-compatible, except that in adns 1.5, adnshost will return
IPv6 as well as IPv4 information if simply asked for `addresses'.
Calling programs which did not ask for a specific address type ought
to cope with this.
The API in 1.5.0 also fixes a technical nonconformance to the C
specification. On platforms where an `enum' type might be an
integer type whose size is bits is not a power of two, there could
be an incompatible ABI change between 1.4 and 1.5 - but we don't
think there are many (if any) such platforms which are sufficiently
POSIX-like for adns. (Changed since 1.5.0~rc0.)
-------------------
1.45 2014-09-29
* Fixed typo in 1.44 release notes.
* Replaced `use vars` with `our`.
1.44 2014-09-29
- On installation, this API will now default to the pure Perl version rather
than failing if libGeoIP is not found. (GitHub #6, #11)
- Add support for GEOIP_SILENCE ( Philip Prindeville )
- Unit tests for different databases were added.
1.43 2013-12-02
- Update FIPS codes ( Boris Zentner )
- Fix test case ( Boris Zentner )
- Update time zones ( Boris Zentner )
1.42 2013-06-06
- Fix testcase any CAPI >= 1.5.0 should work ( Boris Zentner )
- Add new pure perl region code TH 81 Bueng Kan ( Boris Zentner )
1.41 2013-02-20
- Add South Sudan ( Boris Zentner )
- Doc fixes ( Tina Mueller )
- Update FIPS Codes ( Boris Zentner )
- Update PurePerl country list. ( Boris Zentner )
- Add LICENSE as gnu-gpl-v2
- delete patch for gnutls, upstream now takes care, although the boundary
is little bit different as:
(patch) #if GNUTLS_VERSION_NUMBER < 0x020c00
(upstream) #if GNUTLS_VERSION_NUMBER < 0x030003
- Add comment on patch-src_select.cpp (from cvs log)
(upstream)
- Update 1.3.10 to 1.3.14
Version 1.3.14:
* Ensure that overflows on the user ID assigned to each connection
do not yield one that is already in use. (Reported by Vasiliy
Kulikov.) [CVE-2011-4093]
* Do not leak information about logged-in users. (Reported by
Vasiliy Kulikov.) [CVE-2011-4091]
* Fix build failures with GnuTLS 3.0 and above, thanks to
Vincent Untz.
* Updated translations
Version 1.3.13:
* Updated translations
Version 1.3.12:
* Allow non-blocking sockets on *nix.
* New translations:
- Korean
- English (Great Britain)
Version 1.3.11:
* Fix possible TLS lockup on Windows.
* New translation:
- Ukrainian, thanks to Yuri Chornoivan!
- Add editting on EGG_NAME to drop the third part ( 3.2.1 -> 3.2 etc)
(upstream)
- Update 3.2 to 3.2.1
-------------------
mimms 3.2.1 released 2008-05-11
-----------
* Correctly use filename argument; it was ignored because of a bug.
---------------------
Explicit ChangeLog or Release Note not found, but
- option -6 is added for IPv6 (default is IPv4)
- sun (__sun) support for termios.h seems added
that ship with Coda kernel support, which excludes SunOS at this time.
Those patches should go upstream, instead.
Remove reference to coda.wikidev.net, it went 404.
Replace /etc with PKG_SYSCONFDIR in more places, to avoid mismatches
between configuration examples and default values.
Some cleanup.
Bump PKGREVISION.
--------------
Explicit ChangeLog not found, but looking into the source, the option -m is added.
------------
+ " -m type"
+#ifndef HAVE_PCAP_LIST_TSTAMP_TYPES
+ " (Disabled on this system. Option ignored)"
+#endif
+ "\n Type of timestamp to use for incoming packets. Use -vv when\n"
+ " pinging to list available ones.\n"
- "[ -C <count> ] [ -i <interface> ] "
+ "[ -C <count> ] [ -i <interface> ] [ -m <type> ] "
needed to run publicfile services and provides NetBSD-style rc.d
scripts, in the pkgsrc tradition of qmail-run and djbdns-run. By
J. Lewis Muir, from wip.
(Feel free to add platforms as they are verified to have kernel
support.)
CVS: ----------------------------------------------------------------------
CVS: CVSROOT cvs.NetBSD.org:/cvsroot
CVS: please use "PR category/123" to have the commitmsg appended to PR 123
o various explicit #includes
o sources use {u_,u}int*_t in equal share, so just build with -D
o providing Solaris' MAXHOSTNAMELEN with -D avoids patching half a dozen files
o misc. build fixes
Use pkgsrc CONF_FILES framework
Make pkglint happy
TODO: Test on Solaris, SMF config files for venus and server
* Add `with sexp` (de)serializers to all of the Ipaddr and Macaddr types.
* Add `Ipaddr.V6.Prefix.of_netmask` for conversion from an IPv6
address/netmask to prefix (useful for some binary interfaces).
* Add `Ipaddr.V6.Prefix.netmask` to generate a netmask address from a
prefix (useful for some binary interfaces).
* Add `Ipaddr.Prefix.network` for generic prefix -> address conversion
* Add `Ipaddr.Prefix.netmask` for generic prefix -> netmask conversion
* Add `Ipaddr.V4.Prefix.of_netmask` for conversion from an
address/netmask to prefix
* Add `Ipaddr.V4.Prefix.netmask` to generate a netmask address from a prefix
* Add an [Ipaddr_unix] module to convert to-and-from the standard library.
* Add a toplevel pretty printer in the `ipaddr.top` package.
* Add `of_string_raw` to `Ipaddr.V4.Prefix` and `Ipaddr.V6.Prefix`
* Add `of_addr` to `Ipaddr.V4.Prefix` and `Ipaddr.V6.Prefix`
* Add type `('v4,'v6) v4v6` to `Ipaddr` to represent version disjuncts
* Add `Ipaddr.Prefix` module for generic prefix manipulation
* Change `Ipaddr.V4.make` to accept `int` rather than `int32` (breaking)
* Add IPv6 support
* Add generic IP address support
* Add type `scope` for classifying address scopes
* Add `Ipaddr.V4.of_string_raw` for parsing inside of larger strings
* Add `Ipaddr.V4.to_int16` and `Ipaddr.V4.of_int16`
* Add `unspecified`, `nodes`, and `routers` constants to `Ipaddr.V4`
* Add `Ipaddr.V4.Prefix.network_address` to put an address into a subnet
* Add `of_address_string_exn`, `of_address_string`, `to_address_string`,
`to_address_buffer` to `Ipaddr.V4.Prefix` to parse/print combined addr/prefix
* Add `multicast_org`, `multicast_admin`, `multicast_link` subnet constants to
`Ipaddr.V4.Prefix`
* Add `Ipaddr.V4.scope` to classify IPv4 addresses
* Add `Ipaddr.V4.is_global` and `Ipaddr.V4.is_multicast` predicates
* Add optional `sep:char` argument to `Macaddr.to_string`
* Remove internal use of Scanf.scanf
2015-01-20 OpenNTPD 5.7p2
* Switched the drift file from an unscaled frequency offset to ppm.
The latter format is compatible with that of ntp.org. This allows
easy switching between ntpd daemons
* Fixed a memory leak in DNS lookups.
* Added support for setting the process title on Linux and OS X.
The different processes are now possible to tell apart by role in
the process list.
* Import NetBSD support.
* Various bugfixes and refinements from the community.
2015-01-08 OpenNTPD 5.7p1
* Support for a new build infrastructure based on the LibreSSL
framework. Source code is integrated directly from the OpenBSD tree
with few manual changes, easing maintenance.
* Removed support for several OSes pending test reports and updated
portability code.
* Supports the Simple Network Time Protocol version 4 as described in
RFC 5905
* Added route virtualization (rdomain) support.
* Added ntpctl(8), which allows for querying ntpd(8) at runtime.
* Finer-grained clock adjustment via adjfreq / ntp_adjtime where
available.
* Improved latency on heavily-loaded machines.
The aim of Net::DHCP is to provide a set of classes to low level handle
the DHCP protocol (rfc2131, rfc2132, etc.). With Net::DHCP you will be
able to craft custom DHCP packages and have access to all the fields
defined for the protocol.
3.10.0.2 (2015-01-16)
- Fix a crash if a keyfile has been configured for SFTP and this file has become missing or corrupted
- *nix, OS X: Fix permissions on files uploaded via SFTP.
3.10.0.1 (2015-01-12)
- TLS handshakes no longer stall if the server sends ginormous packets during the handshake that do not fit into a single TLS record
- Fix loading and saving the same queue item multiple times
- Post-login commands now work with the protocol set to plain FTP
- MSW: Allow uploading files that are locally opened for writing by another program
- OS X: Fix layout issues in search dialog and filter conditions dialog
3.10.0 (2015-01-07)
- Fixed default file exists actions broken by rc1
3.10.0-rc2 (2015-01-03)
+ Added Welsh translation
+ Data type indicator in the status bar now reacts to left-clicks as well
- MSW: Fix crash when displaying the drive list
3.10.0-rc1 (2014-12-29)
+ Reduced memory consumption of large queues
+ Preliminary support for Windows 10 technical preview
+ MSW: FileZilla running on a 64bit Windows can now use up to 4GiB of RAM, up from 2GiB
- Fixed memory leaks in SFTP component
- Fixed fzsftp crashing on disconnect if using keyfiles
- Various code cleanup and minor fixes
3.10.0-beta3 (2014-12-19)
+ The search dialog now has checkboxes to only search for files or directories
+ In the file lists, Ctrl+Shift+N can now be used to create new directories
+ Added an additional icon theme
+ Small performance improvements parsing large directory listings
+ Updated SFTP components from PuTTY
- Fixed applying file exists actions to files currently in the queue
- Don't send the PBSZ and PROT commands to servers that have rejected AUTH TLS/SSL
3.10.0-beta2 (2014-12-05)
- Fixed uploads constantly timing out
- Log abbreviation now works correctly when cancelling a pending connection retry
- Fixed a timing issue in the updater. Users of 3.10.0-beta1 need to update manually.
- Speed limits no longer reset when opening the settings dialog
- Fix reporting of transfer progress
- Theme preview in the settings dialog now properly displays non-standard theme sizes
3.10.0-beta1 (2014-12-03)
+ FTP over TLS is now used by default if the server supports it. Use of plain FTP can be enforced for a server in the Site Manager
+ Connection handling and transferring files has been moved into its own thread to improve GUI responsivenes
+ The message log now only shows abbreviated logs unless an error occurs
+ Added option to pre-allocate disk space when downloading files
+ Files editing can now be started from the search dialog
+ Directory trees and the Site Manager tree can now be drag-scrolled
+ *nix: FileZilla no longer depends on libidn if getaddrinfo supports AI_IDN
3.9.0.6 (2014-10-16)
! Disabled support for legacy SSL 3.0 to address the POODLE vulnerability in SSLv3. (CVE-2014-3566)
- Fixed generic proxy support in IPv6 environments
- Small improvements of control sizes on high-dpi displays
- OS X: Fix Drag&Drop while holding down the Ctrl key (or equivalent)
- Fix potential crash dragging files over an empty list
3.9.0.5 (2014-09-06)
- Fix auto-updater not being able to download updates
3.9.0.4 (2014-09-06)
- MSW: Fixed crash if starting file rename in an unusual way
- OS X: Fixed a bug im wxWidgets so that a right-click after a left-click no longer counts as double-click
- OS X: Fixed pasting of passwords into the "Enter password" dialog
- OS X: Fixed context menu site manager tree not working
- *nix, OS X: Fixed context menu of search dialog not working
- Fixed loading of resources if FileZilla is installed in a directory containing the # character
- Fixed support for SOCKS4 proxies
- Attempt reading settings from temporary backup files if loading of settings files fails
Version 2.91 -- Sun, 21 Dec 2014
* suppress warnings for > 32-bit dates in obsolete Perl versions
* Fudge a thumbnail for S4C
* Added S4C to live tv, changed HDS manifest URLs
* Enable --aactomp3 with HLS
* Deal with obsolete live tv modes
* Updated thumbnail size help text
* Use correct URI escape method
* HLS tweaks
* Don't rely on order of version types in programme metadata (2nd try)
* Revert "Don't rely on order of version types in programme metadata"
* Don't rely on order of version types in programme metadata
* Web PVR accessibility improvements
* Fixes for 2c381ae9c08a8a55cc84dbb05a86e66548315976
* Web PVR: When the description column for a result is clicked, open the info page in a new tab.
* Add better checks for missing data to brand/series parsing
* Check 3 levels for programme brand
* Use media_file_size attribute if available
* Make clear that {hls,ffmpeg}*opts only apply to re-muxing/encoding of download or output file
* Copy authentication params to derived HLS playlist URLs
* Windows installer 4.10
* Updated GitHub repo location
* Allow 3 category levels
* Always print warning if no programme versions found
* Added S4C to channels
* Revert "Added support for live radio Shoutcast streams"
* Added support for live radio Shoutcast streams
* Added HLS mode warnings about missing ffmpeg
* More improvements to multiple/missing versions
* Improve handling of multiple/missing versions
* Always call get_metadata() in download_retry_loop()
* Fixed skipped call to get_metadata() when AtomicParsley not installed
* Backstop <desc> with <descshort>
* Copy firstbcast/lastbcast when replacing default with iplayer version
* Revamped replacement of missing default version by iplayer version
* Added larger thumbnail sizes
* Always use iplayer version as default if found
* Don't force episode numbers into cache episode field
* Added support for HLS streaming and restored live tv
* Ignore --quiet with --stdout
* Tidy XML::Simple warnings
* Added tagging options for new metadata processing
* Changes to <episode> <nameshort> <desclong>
* Added verbose message to print programme metadata URL
* Revert "Added verbose message to indicate if new metadata code is used"
* Added verbose message to indicate if new metadata code is used
* Change web scraping with now-obsolete metadata extraction code
* Strip line breaks for --info output
* Add long description to Kodi/Freevo metadata
* Fix long description parsing
* Tidy up episode number insertion
* Updated SWF player URL
* tighten PID check in get_metadata
* Fixed versions parsing in JSON playlist
* Fixed versions parsing from programme metadata
* Implemented brand/series parsing for cache
* Added --refresh-abortonerror option
* Implemented ION feeds for tv and radio
* Don't allow --info with --pvr
* Segment channels into groups (national, regional, local)
* Use /programmes data endpoints as primary source for metadata
* Misc metadata cleanup
* Cygwin changes #2
* Suppress "Added:" messages with --quiet
* Web PVR: fixed escaping in form post parsing
* Cygwin changes
* Switch to mediaselector 5 API, added --mediaselector (2nd attempt)
* Revert "Switch to mediaselector 5 API, added --mediaselector"
* Fix application of --whitespace to final file/path
* Switch to mediaselector 5 API, added --mediaselector
* Suppress spurious errors in PVR log.
* Apply JSON parsing fix to radio programmes
* Fixed json playlist parsing to avoid "warning" vpids
* Fixed sanitising --file-prefix and --subdir-format
* Fixes for --pvr-queue with multiple PIDs
* Web PVR: add /usr/local/bin/get_iplayer to search list
* Prevent duplicate default versions if JSON playlist used
* Use brand/series thumbnails in radio cache
* Restore subcategories in metadata
* Revert "add subcategories after the main categories in the 'catergories' property"
* add subcategories after the main categories in the 'catergories' property
* Fix episode number search
* Fixed web pvr imports for ancient versions of URI::Escape
* Add BBC Sport as a masterbrand to fetch
below.
Changes in libsoup from 2.48.0 to 2.48.1:
* Fixed a bug in the SoupMessage:event signal that broke
evolution's ability to connect to https hosts with "bad"
certificates. [#739951, Dan Winship]
* Fixed a case where the async codepaths could potentially
block on a synchronous write [#727138, Dan Winship]
* Fixed the symbol soup_server_set_ssl_cert_file() to get
exported, and added soup_server_get_uris() to the
documentation. [Tristan Van Berkom]
* Improved a bunch of introspection annotations [#729987, Evan
Nemerson]
* Clarified some documentation. [Tristan Van Berkom, Dan
Winship]
* Fixed Windows build, twice [#738003, Kouhei Sutou, and
#738551, Kalev Lember].
* Updated translations:
Bengali (Indian), Chinese (Traditional), Italian, Latvian,
Serbian, Telugu, Ukranian
Changes in libsoup from 2.47.92 to 2.48.0:
* Updated translations:
Bengali (India), Danish, German, Hindi, Kannada, Punjabi
Changes in libsoup from 2.47.4 to 2.47.92:
* Fixed a crash in SoupCache when receiving certain invalid
Cache-Control headers. [#733587, Raveendra Karu]
* Updated translations:
Assamese, Basque, Catalan (Valencian), Catalan, Chinese
(Traditional), French, Gujarati, Hungarian, Indonesian,
Korean, Marathi, Norwegian bokmål, Oriya, Polish, Swedish,
Tamil
Changes in libsoup from 2.47.3 to 2.47.4:
* Fixed two crashes that could occur in multithreaded use
(in particular, with the latest git gvfs). [#732783,
#732925, Ross Lagerwall]
* Fixed the handling of data: URIs with base64-encoded data
but no explicit MIME type. [#732112, Raveendra Karu]. Added
tests for this and other data: URI cases. [Dan]
* Fixed a bug in SoupAuthNTLM that affected 28-character-long
passwords. [#732087, David Woodhouse]
* Fixed tests to pass with GLib git master (which warns if you
use deprecated GObject properties, and which also caught a
mutex-handling bug in test-utils.c)
* Updated translations:
Galician, Greek, Lithuanian, Russian
Changes in libsoup from 2.46.0 to 2.47.3:
* Added new-and-improved SoupServer API, and deprecated much
of the existing API:
* Servers can now listen on multiple ports, including
listening on both IPv4 and IPv6 (which is the default
behavior when using the new API), or serving both http
and https from a single SoupServer.
* You can create a SoupServer from an existing listening
socket (either a file descriptor or a GSocket).
* When using the new APIs, SoupServer now obeys the
thread-default GMainContext rather than using the
:async-context property.
* soup_server_set_ssl_cert_file() allows setting the
certificate and key files with feedback if it fails
(unlike the old construct-time "ssl-cert-file" and
"ssl-key-file" properties, which fail with a
g_warning() and a NULL return from g_object_new() if
they fail).
* SoupClientContext has new methods that return GSocket
and GSocketAddress, rather than SoupSocket and
SoupAddress.
* SoupSession now has a :tls-interaction property, which can
be used to add a GTlsInteraction to a session, allowing it
to provide a client-side certificate if the server requests
one. [#334021, Colin Walters]
* soup_session_abort() no longer tries to close active
connections, which was causing crashes in evolution
[rh#1093314]
* Fixed a GMainContext-handling bug that could cause crashes
in gstreamer's souphttpsrc. [#729737, Dmitry Shatrov]
* Fixed a memory leak when requesting to delete a cookie that
didn't exist [Joseph Artsimovich]
* Updated translations:
Brazilian Portuguese, Czech, Hebrew, Spanish
Changes in libsoup from 2.45.92 to 2.46.0:
* (No changes, just a version bump)
Changes in libsoup from 2.45.90 to 2.45.92:
* Fixed problems with using an http proxy on port 80. [patch
from Slava Monich on libsoup-list]
* Plugged a small per-connection leak. [patch from Slava
Monich on libsoup-list]
* Belatedly bumped up the glib requirement to 2.38, which is
required for the TAP driver.
* Fixed up some leftover issues from the test porting to
gtestutils:
test-utils: change http_debug command-line flag
xmlrpc-test: use g_test_skip()
redirect-test: remove a flaky test
auth-test: remove some erroneous SKIP_IF_NO_APACHEs
tests: split up some test programs into more tests
tests: remove debug_printf()s that are redundant with test names
tests: use g_test_bug() to annotate test cases
Changes in libsoup from 2.45.3 to 2.45.90:
* Fixed a problem where libsoup would use the "http" proxy
settings for "https" requests [#724316, Matt Barnes]
* Updated SoupContentSniffer to match the current version of
the MIME sniffing specification [#648849 / #715126, Gustavo
Noronha Silva]
* Updated the soup-tld APIs to accept ASCII-encoded hostnames
in addition to UTF-8 ones.
* Ported the test programs to the gtestutils framework, added
support for installed tests, and made the tests use the TAP
driver.
Some tests still need to be split up into more pieces, and
the debug output is now somewhat less useful in some cases.
* Fixed the test programs to not depend on local proxy
settings.
* Added some more checks to header-tests [#722341, Lionel
Landwerlin]
* Fixed the "simple-proxy" example program, which had been
broken for a while.
* Updated translations:
Korean
Changes in libsoup from 2.44.1 to 2.45.3:
* The documentation has finally been updated to reflect the
new APIs added in 2.42.
* Added GBytes-valued :request-body-data and
:response-body-data properties to SoupMessage, which should
help some bindings.
* We now set TCP_NODELAY on sockets, improving throughput a
bit. In particular, this avoids an unnecessary extra round
trip in the TLS handshake.
* The SoupSession APIs that return GErrors now return the
actual underlying gio errors in the event of connection
failures and the like.
* Updated the copy of the Public Suffix list used by soup-tld.
* Fixed a hang with internet radio streams in Rhythmbox (and
some other places). [#710494, Dan]
* Fixed a connection leak when cancelling the close of
a message GInputStream. [#711260, Dan]
* Updated the soup_server_pause_message() /
soup_server_unpause_message() documentation to clarify when
you can and can't call them. [#710602, Philip Withnall]
* soup_message_set_request() and soup_message_set_response()
now g_warn_if_fail() if you pass an invalid Content-Type.
(And they also have better introspection annotations.)
[#686766, Dan]
* Plugged a few memory leaks [#711085, Christophe Fergeau]
* Fixed connection-test to pass with current glib [#711361,
Colin Walters]
* session-test now passes when run against the dummy TLS
backend (ie, if you don't have glib-networking installed),
as long as you have the latest glib.
* Fixed build with -Werror=format-nonliteral [#720082, Ryan
Lortie]
* Fix build with --without-ntlm [#710267, Dan]
* Fixed a few warnings [Dan, Fabiano Fidêncio]
* Tests are now more verbose by default under "make check",
since current automake just redirects all the output to a
log file anyway.
* Updated translations:
Chinese
0.14.11
=======
- Fix memory leak in GSSDPClient.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=737870
All contributors to this release:
- Richard Röjfors <richard@puffinpack.se>
- Jens Georg <mail@jensge.org>
0.14.10
=======
- DOAP fixes
- Fix SSDP when running on the same host.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=733851
All contributors to this release:
- Olav Vitters <olav@vitters.nl>
- Jussi Kukkonen <jku@goto.fi>
- Jens Georg <mail@jensge.org>
- Andre Klapper <a9016009@gmx.de>
0.9 - Rivers
============
* Custom handlers for auth, storage and rights (by Sergey Fursov)
* 1-file-per-event storage (by Jean-Marc Martins)
* Git support for filesystem storages (by Jean-Marc Martins)
* DB storage working with PostgreSQL, MariaDB and SQLite (by Jean-Marc Martins)
* Clean rights manager based on regular expressions (by Sweil)
* Support of contacts for Apple's clients
* Support colors (by Jochen Sprickerhof)
* Decode URLs in XML (by Jean-Marc Martins)
* Fix PAM authentication (by Stepan Henek)
* Use consistent etags (by 9m66p93w)
* Use consistent sorting order (by dnnr)
* Return 401 on unauthorized DELETE requests (by Eduard Braun)
* Move pid file creation in child process (by Mathieu Dupuy)
* Allow requests without base_prefix (by jheidemann)
- Bug Fixes
The following vulnerabilities have been fixed.
* wnpa-sec-2014-20
SigComp UDVM buffer overflow. (Bug 10662)
CVE-2014-8710
* wnpa-sec-2014-21
AMQP crash. (Bug 10582) CVE-2014-8711
* wnpa-sec-2014-22
NCP crashes. (Bug 10552, Bug 10628) CVE-2014-8712
CVE-2014-8713
* wnpa-sec-2014-23
TN5250 infinite loops. (Bug 10596) CVE-2014-8714
The following bugs have been fixed:
* 6LoWPAN Mesh headers not treated as encapsulating address.
(Bug 10462)
* UCP dissector bug of operation 31 - PID 0639 not
recognized. (Bug 10463)
* iSCSI dissector rejects PDUs with "expected data transfer
length" > 16M. (Bug 10469)
* GTPv2: trigging_tree under Trace information has wrong
length. (Bug 10470)
* Attempt to render an SMS-DELIVER-REPORT instead of an
SMS-DELIVER. (Bug 10547)
* IPv6 Mobility Option IPv6 Address/Prefix marks too many
bytes for the address/prefix field. (Bug 10576)
* IPv6 Mobility Option Binding Authorization Data for FMIPv6
Authenticator field is read beyond the option data.
(Bug 10577)
* IPv6 Mobility Option Mobile Node Link Layer Identifier
Link-layer Identifier field is read beyond the option data.
(Bug 10578)
* Malformed PTPoE announce packet. (Bug 10611)
* IPv6 Permanent Home Keygen Token mobility option includes
too many bytes for the token field. (Bug 10619)
* IPv6 Redirect Mobility Option K and N bits are parsed
incorrectly. (Bug 10622)
* IPv6 Care Of Test mobility option includes too many bytes
for the Keygen Token field. (Bug 10624)
* IPv6 MESG-ID mobility option is parsed incorrectly.
(Bug 10625)
* IPv6 AUTH mobility option parses Mobility SPI and
Authentication Data incorrectly. (Bug 10626)
* IPv6 DNS-UPDATE-TYPE mobility option includes too many
bytes for the MD identity field. (Bug 10629)
* IPv6 Local Mobility Anchor Address mobility option's code
and reserved fields are parsed as 2 bytes instead of 1.
(Bug 10630)
* TShark crashes when running with PDML on a specific packet.
(Bug 10651)
* IPv6 Mobility Option Context Request reads an extra
request. (Bug 10676)
- Updated Protocol Support
6LoWPAN, AMQP, GSM MAP, GTPv2, H.223, IEEE 802.11, iSCSI, MIH,
Mobile IPv6, PTPoE, TN5250, and UCP
- New and Updated Capture File Support
Catapult DCT2000, HP-UX nettl, pcap-ng, and Sniffer (DOS)
* New icons when theme ones do not exist, taken from GNOME,
KDE Oxygen and Elementary themes.
* Tick icon rather than a radio button is used to show selected SSID
* Associated SSID is displayed in bold at the top of the list.
* Progress bar displaying percentage has been removed in favour of a
4-bar connection strength icon which other implementation seen to
favour.
* dhcpcd-qt should now almost be identical to dhcpcd-gtk bar
platform specific differences.
* Pop-ups now appear near the mouse cursor
* Pressing enter or OK on the wpa password screen will select that
SSID to connect to without changing any existing password
* Duplicate SSIDs are merged, the BSSID actually used is the
strongest signal.
* On Linux and FreeBSD enable background scanning (5 seconds if the
SSID menu is shown, otherwise 60 seconds)
* If a wireless interface is present, display the strongest
connection in the system tray instead of the normal LAN style icon.
* SSID toolip removed.
* Numerous stability issues resolved.
* Clarify timeout and reboot timeout, make it more sane
* A server should not NAK an INFORM
* The noalias directive will now remove any IPv4 addresses existing on
the interface when we want to add our own
* For BSD systems stop polling for IPv6 router reachability
Instead, expect for cached neighour route additions/changes/removals
to be announced by the kernel. Currently only NetBSD-7.99.3 does this.
* Store acquired time for each IPv6 address so we can correctly offset
pltime and vltime if we need to re-add them
* test mode no longer turns off kernel rtadv handling
Changes in Version 2.48.3
Changes since 2.45:
* Incorporated a patch from Christopher Zimmermann to replace the
Uprintf module (which doesn't work with OCaml 4.02, causing Unison
to crash) with equivalent functionality from the standard library.
* Incorporated a refresh of the OSX GUI, contributed by Alan Shutko.
* Added a maxsizethreshold option, which prevents the transfer of
files larger than the size specified (in Kb).
* Added a "copyonconflict" preference, to make a copy of files that
would otherwise be overwritten or deleted in case of conflicting
changes. (This makes it possible to automatically resolve conflicts
in a fairly safe way when synchronizing continuously, in
combination with the "repeat = watch" and "prefer = newer"
preferences.
* File system monitoring:
+ The file watcher now fails when unable to watch a directory,
rather than silently ignoring the issue.
+ File system monitoring: more robust communication with the
helper program (in socket mode, the unison server will still
work properly despite unexpected unison client
disconnections).
+ A bytecode version of unison-fsmonitor is now produced by
"make NATIVE=false"
+ Improved search for unison-fsmonitor
+ Detect when the helper process exits.
+ More robust file watching helper programs for Windows and
Linux. They communicate with Unison through pipes (Unison
redirects stdin and stdout), using a race-free protocol.
+ Retries paths with failures using an exponential backoff
algorithm.
+ The information returned by the file watchers are used
independently for each replica; thus, when only one replica
has changes, Unison will only rescan this replica.
+ When available, used by the graphical UIs to speed up
rescanning (can be disabled by setting the new watch
preference to
+ Small fix to the way fsmonitor.py gets invoked when using the
file watching functionality, suggested by Josh Berdine. Unison
will now look for fsmonitor.py in the same directory where the
Unison executable itself lives.
* Minor:
+ Fixed a bug in export procedure that was messing up
documentation strings.
+ Incorporated a patch from Irányossy Knoblauch Artúr to make
temp file names fit within 143 characters (to make eCryptFS
happy).
+ Added a string to the Conflict direction to document the
reason of the conflict.
+ Log conflicts and problems in the text UI even if nothing is
propagated.
+ Use hash function from OCaml 3.x for comparing archives, even
when compiled with OCaml 4.x.
+ Do not restart Unison in case of uncaught exception when the
repeat preference is set. This seems safer. And it does not
work, for instance, in case of lost connection.
+ Fix Unix.readlink invalid argument error under Windows
+ Fix a crash when the output of the diff program is too large.
+ Fixed Makefile for cross-compiling towards Windows (updated to
MinGW-w64)
Changes since 2.40.63:
* New preference fastercheckUNSAFE, which can be used (with care!) to
achieve much faster update detection when all the common files in
the two replicas are known to be identical. See the manual for more
information.
This feature should still be considered experimental, but it's
ready for other people to try out.
* Added option clientHostName. If specified, it will be used to as
the client host name, overriding UNISONLOCALHOSTNAME and the actual
host name.
* OS X GUI:
+ fix crash under Lion, because of problems with the toolbar,
using the fix suggested in
http://blitzbasic.com/Community/posts.php?topic=95778.
+ uimacnew09 is now the standard graphical interface on OSX
+ A small improvement to the uimacnew09 interface from Alan
Schmitt and Steve Kalkwarf: when Unison is run with the -batch
flag, the interface will now automatically propagate changes
and terminate, without waiting for user interaction.
+ Show a modal warning window if there is no archive for the
hosts. The user can then choose to exit or proceed (proceed is
the default). The window is not shown if the batch preference
is true.
+ file details panel selectable
* GTK GUI:
+ New version of uigtk2.ml from Matt Zagrabelny that reorganizes
the icons in a slightly more intuitive way.
* Minor fixes:
+ Setting the prefer preference to older or newer now propagates
deletions when there is no conflict.
+ Correctly quote the path when running merge commands.
+ Add quotes to paths when calling external file watcher
utility.
+ Incorporate a patch to fsmonitor.py (the external filewatcher
utility) from Tomasz Zernicki to make it work better under
Windows.
+ Incorporated new version of fsmonitor.py from Christophe Gohle
+ Fixed incompatibility with OpenSSH 5.6.
+ Fixed fingerprint cache: do not cache file properties
+ Some spelling corrections in documentation and comments from
Stephane Glondu
+ Fixed O_APPEND mode for open under Windows
+ Fixed String.sub invalid argument error when an AppleDouble
file does not contain a finder information field
+ Trim duplicate paths when using "-repeat watch"
+ Unison now passes path arguments and -follow directives to
fsmonitor.py. This seems to work except for one small issue
with how fsmonitor.py treats -follow directives for
directories that don't exist (or maybe this is an issue with
how it treats any kind of monitoring when the thing being
monitored doesn't exist?). If we create a symlink to a
nonexistant directory, give Unison (hence fsmonitor.py) a
'follow' directive for the symlink, start unison, and then
create the directory, fsmonitor.py misses the change.
+ Lines added in profile files by unison always start at a new
line
Unison is a file-synchronization tool for Unix and Windows. It allows
two replicas of a collection of files and directories to be stored
on different hosts (or different disks on the same host), modified
separately, and then brought up to date by propagating the changes
in each replica to the other.
NOT_FOR_PLATFORM restriction. There's a good chance the thing won't
build on these OSes, but if so we can always reinsert the restrictions
as BROKEN_ON_PLATFORM.
GStreamer core:
* 736969 : queue2: dead lock when buffering
* 738092 : basesink: clamp reported position based on direction
* 740001 : task: race condition when pausing and stopping
GStreamer Plugins Base:
* 741420 : video pools: should update size in configuration after applying alignment
* 715050 : add typefinder for audio/x-audible
* 739544 : tcp: Add test and fix memory leak in tcp elements
* 739840 : typefind should recognize Apple Core Audio Format (CAF)
* 740556 : videodecoder: don't complain when DTS != PTS on keyframes
* 740675 : playsink: continues playback, reset mute property
* 740730 : rtspconnection: don't remove child source if parent source is already destroyed
* 740853 : audiodecoder: Push pending events before sending EOS.
* 740952 : alsa: NetBSD fixes
* 741045 : audiorate can can lose timestamp precision in some cases
* 741198 : playbin: leaks GstPads
GStreamer Plugins Good:
* 711437 : apev2mux: should not put APEv2 tags at beginning of WavPack files
* 726194 : v4l2src does not cope well when a capture card is sometimes interlaced, sometimes progressive at the same resolution
* 736397 : flvdemux: Per-stream resyncing behavior causes A/V-desyncs
* 737603 : v4l2bufferpool: set buffer interlace flags when field is V4L2_FIELD_INTERLACED
* 739476 : vpx: fails to build against libvpx from git
* 739722 : matroskamux: Thread safe register GstMatroskamuxPad
* 739789 : v4l2allocator: fix error message if allocator is already active
* 739791 : v4l2bufferpool: unref pool when v4l2_allocator_new() fails
* 739792 : v4l2allocator: fix gst_v4l2_allocator_stop prototype
* 739996 : videomixer: Drops a lot of frames, if one of the sources is live
* 740040 : v4l2src: Fails in presence of V4L2_BUF_FLAG_ERROR
* 740392 : rtspsrc: mikey base64 decoded key-mgmt leak
* 740407 : qtmux limits capture to 4096x4096
* 740633 : v4l2src: RW io-mode is broken
* 740636 : v4l2src: framerate is not always set on driver
* 740671 : aspectratiocrop: crop needs to be reset when video size changes
* 740905 : v4l2: still has 1 include to linux/videodev.h
* 741271 : rtph264pay: Buffer leak in H.264 payloader when using SPS/PPS
* 741381 : rtph264pay: Race condition may cause crash when going from PAUSED- > READY
* 741407 : deinterlace: in query_caps return only supported formats if filter is interlaced
* 737579 : v4l2object: set colorspace for output devices
* 739754 : v4l2bufferpool: Should validate that all memories are writeable before queueing back
GStreamer Plugins Bad:
* 722764 : rawparse: fix SEEKING query handling
* 729768 : mpegtsbase: Raise limit to read more bytes initially to find PCR
* 739152 : gl/cocoa: build with GNUStep fails
* 740191 : dvbbasesink: segfaults on 32-bit (rpi)
* 740201 : gl/cocoa: Does not compile on OSX < 10.7 anymore
* 740451 : srtpdec: leaks rtp/rtcp sink events
* 740953 : configure.ac: unportable test(1) comparison operator
* 741321 : opusparse: fix header parsing esp. of encoded output of libopus
GStreamer RTSP Server:
* 739481 : rtsp-stream: leaks srtp decoder when leaving rtpbin
Many many bug fixes and minor improvements
snmpd, snmptrapd and apps:
- Patch 2525: from Ryan Steinmetz: Fix argument length parsing of the
host resources mib
- Make ENV_SEPARATOR_CHAR configurable
- SECURITY: a denial of service attack vector was discovered on
the linux implementation of the ICMP-MIB. This release fixes
this bug and all users are encouraged to update their SNMP
agent if they make use of the ICMP-MIB table objects.
perl:
- BUG: 2402: Add support for SNMPv3 traps
Windows:
- Port batch build infrastructure to Visual Studio 2010 and later
From Visual Studio 2010 on it is no longer possible to specify
include or library directories globally - these have to be
specified per project. Hence two additional menu entries in
build.bat that allow to specify these directories.
- Patch from Bart Van Assche to improve cygwin building
Changelog:
aria2 1.18.8
============
Release Note
------------
This releases fixes the bug that aria2 cannot read piped stdin on
mingw32. It also fixes busy loop on mingw32 when SSL/TLS is used. We
also fixed 2 crashes which can occur on all platforms.
Changes
-------
* WinTLS: Fix abrupt connection closing and closing in general.
Fixes GH-277
* LibsslTLSSession: Treat 0 from readData as EOF
* Enable dynamicbase and nxcompat in Windows binaries
* Fix crash in OpenedFileCounter::ensureMaxOpenFileLimit()
The crash happens if PieceStorage and/or DiskAdaptor are not
initialized in one of active RequestGroups.
* mingw32: Fix bug that aria2 does not read piped stdin
* Fix std::length_error when no_proxy is used
This is regression introduced in 8cada497.
* Try to set sane limits for RLIMIT_NO_FILE
E.g. on OSX the default is 256, which isn't exactly compatible with
torrent downloads.
Closes GH-257
* Delay auth failures instead of PBKDF2
Closes GH-256
aria2 1.18.7
============
Release Note
------------
This release fixes regression which makes 100% CPU utilization in
multi-file torrent download with -V option. It also fixes build error
on big endian platforms.
Changes
-------
* Fixed segfault unsupported encodings
Patch from diadistis
* Fix regression 100% CPU utility when -V is used and download is
multi-file bittorrent downloads.
This is regression of a3426821c8a7f9cf8d80a81726157d4eb844f661
* Fix compile error on big endian platform
aria2 1.18.6
============
Release Note
------------
This release fixes several bugs reported in github issues and adds a
feature to make RPC authentication more resilient to certain attacks.
New option --pause-metadata is added. The explanation is a bit log,
so check the changelog and manual. The session is now only saved if
there are changes from the last saved state.
From this release, MinGW32 build uses Windows native TLS
implementation and no longer use OpenSSL library.
Changes
-------
* Disard cache when checking checksum
This will slow down checksum checking but does not thrash cache.
* Compat with libuv 0.11 (Unstable)
Fixes#241
* Drop WinMessageDigestImpl.
The algorithms the `CryptProv` on Windows supports does not
currently include SHA-224, so there is a "dark spot" in this
implementation. Also on Win XP < SP3, most of the SHA-2 family is
not actually supported. All other implementation provide support
for MD5, SHA-1 and all of the SHA-2 family, hence drop the
incomplete WinMessageDigest implementation in favor of any other
supported implementation (at least the internal implementation is
always available at compile-time).
* Add --pause-metadata option
This option pauses downloads created as a result of metadata
download. There are 3 types of metadata downloads in aria2: (1)
downloading .torrent file. (2) downloading torrent metadata using
magnet link. (3) downloading metalink file. These metadata
downloads will generate downloads using their metadata. This option
pauses these subsequent downloads.
* Improve compiler/platform/libs information in logs
Add and use usedCompilerAndPlatform(). This adds compiler
information to INFO logs and the --version output, and may be
helpful when trying to diagnose/reproduce user-reported problems.
Also make INFO logs include usedLibs() output.
Closes#235
* Fix use-after-free on exit with multi-file torrent download + DHT
DefaultPieceStorage may be referenced by one of DHT task (e.g.,
DHTPeerLookupTask), after RequestGroup was deleted, and even after
RequestGroupMan was deleted. DefaultPieceStorage has a reference to
MultiDiskAdaptor which calls RequestGroupMan object on destruction.
So when DHT task is destroyed, DefaultPieceStorage is destroyed,
which in turn destroys MultiDiskAdaptor. DHT task is destroyed
after RequestGroupMan was destroyed, MultiDiskAdaptor will use now
freed RequestGroupMan object, this is use-after-free.
* Fix bug that zero length file is not opened when flushing cache
This bug was only seen when MultiDiskAdaptor was used.
* Support PREF_DIR change for Metalink files
Reworked previous commit adeead6f0396e2f8551d1182972e277728fd6c8b,
and now support changing PREF_DIR for Metalink downloads.
* Fix assertion failure when dir option of paused HTTP/FTP download is
changed
When the directory is changed via aria2.changeOption RPC method, we
directly change first FileEntry's path using FileEntry::setPath().
If there is no PREF_OUT option is given, basically file name is
unknown, so we just set empty string and let the next run determine
the correct file name and new directory is applied there. But
previous code does not reset length property of FileEntry, so the
unexpected code path is taken when unpaused and its path expects
path is not empty string. This commit fixes this issue by setting
length to 0 using FileEntry::setLength().
* Save session only when there is change since the last serialization
This is a slight optimization not to cause useless disk access.
This only applies to saving session automatically (see
--save-session-interval). aria2.saveSession and serialization at
the end of the session are always performed as before.
When serialization, we first check that whether there is any change
since the last serialization. To do this, we first calculate hash
value of serialized content without writing into file. Then compare
this value to the value of last serialization. If they do not
match, perform serialization.
* Fix (unknown length) downloads larger than 2GiB
Closes#215
* Fix F_PREALLOC based allocation on some OSX versions
* Use index.html as filename for conditional-get when file is missing
in URI
Previously we disabled conditional-get if file part is missing in
URI. But we use constant string "index.html" in this case, so we
can do the same to determine the modification time. In this patch,
if we have file part in URI, we are not going to set absolute file
path in FileEntry, since it prevents content-disposition from
working.
* Always add README.html to dist_doc_DATA
rst2html is required to produce README.html from README.rst. We
include generated README.html to distribution. And rst2html is not
required when compiling sources in distribution and always
README.html is available.
* Validate token using PBKDF2-HMAC-SHA1.
This change should make token validation more resilient to:
- timing attacks (constant time array compare)
- brute-force/dictionary attacks (PBKDF2)
Closes#220
* Add --disable-websocket configure option
* mingw32: Enable wintls and compile with GMP
By enabling wintls, we can use Windows certificate store to validate
server's certificate. Previously, we built windows build using
openssl and since we don't bundle CA certificates, aria2 fails to
validate server's certificate unless user setups their CA
certificates. GMP provides fast big integer calculations, whic is
used in BitTorrent encryption.
* AppleTLS: Enable BEAST mitigations in ST
Only available in 10.9+, but since we might be building on a
previous version but running on 10.9+, always try to set the option.
* WinTLS: Accept chains with no revocation information.
This is kind what browser do anyway (IE, Firefox, Chrome tested),
what AppleTLS does, what GnuTLS does and what OpenSSL
does. Actually, most browsers will also be OK with the CRL/OCSP
provider being offline. WinTLS will still fail in that case.
Should revocation information be available in the trust chain (CRL
or OCSP) the certificate still will be checked!
"Real" CAs, aka. those provided by the OS or system CA bundle,
usually provide revocation information and are thus still checked.
It should be mostly (only?) custom (organization) CAs that lack
revocation information, but those users might want to use aria2 in
their intranets and VPNs anyway ;)
See #217
* Fix GnuTLS 2.x compatiblity
Closes GH-216
* AppleTLS: Use newer, non-deprecated API in 10.8+
aria2 1.18.5
============
Release Note
------------
This release fixes BitTorrent download failure on Mingw build.
Changes
-------
* Ignore error when setting DSCP value
Setting DSCP is additional feature and failure to enable it should
not abort download entirely. This change fixes the bug that windows
build does not perform bittorrent downloads.
* Use libinotify under NetBSD.
* Treat NetBSD like Linux.
* Workaround for rpath of owncloud command etc.
Changelog:
Release 1.7.1 Dec 18th 2014
Documentation fixes and updates
Nautilus Python plugin fixed for Python 3
GUI wording fixes plus improved log messages
Fix hiding of the database files in the sync directories
Compare http download size with the header value to avoid broken downloads, bug #2528
Avoid initial ETag fetch job at startup, which is not needed.
Add chunk size http header to PUT requests
Fixed deteteCookie method of our CookieJar, fix for Shibboleth
Added fallback for distros where XDG_RUNTIME_DIR is undefined
Fix the setup wizard, bug #1989, #2264
Fix scheduling of ETag check jobs, bug #2553
Fix to avoid syncing more than one folder at a time, bug #2407
Use fife minutes timeout for all network jobs
Cleanup for Folderwizard wording
Improve journal check: Remove corrupted journal files, bug #2547
Fix item count in progress dialog for deletes, bug #1132
Display correct file count on deletion (#1132)
Fix reinitializing the folder using the wizard in certain cases (#2606)
Mac OS: Fixed branding of the pkg file
Mac OS: Fix display of overlay icons in certain situations (#1132)
Mac OS: Use a bundled version of OpenSSL (#764, #2600, #2510)
Win32: improved filesystem watcher
Win32: Improve threading with shell integration
Win32: Upgraded to OpenSSL 1.0.1j
Win32: Improve reliability of Installer, fix removal of Shell Extensions
Release 1.7.0 Nov 7th 2014
oC7 Sharing: Handle new sharing options of ownCloud 7 correctly.
Added Selective sync: Ability to unselect server folders which are
excluded from syncing, plus GUI and setup GUI
Improved local change detection: consider file size, detect files
with ongoing changes and do not upload immediately
Improved HTTP request timeout handler: all successful requests reset the timeout counter
Improvements for syncing command line tool: netrc support, improved SSL support, non interactive mode
Added a socket based API to provide file management shells with status information about the sync status of files. That is a prerequisite for the overlay icons in the file managers.
Permission system: ownCloud 7 delivers file and folder permissions, added ability to deal with it for shared folders and more.
Ignore handling: Do not recurse into ignored or excluded directories
Major sync journal database improvements for more stability and performance
New library interface to sqlite3
Improve "resync handling" if errors occur
Blacklist improvements
Improved logging: more useful meta info, removed noise
Updated to latest Qt5 versions on Windows and OS X
OS X: Sparkle update to provide pkg format properly
OS X: Change distribution format from dmg to pkg with new installer.
Win: Fix handling of filenames with trailing dot or space
Release 1.6.4 Oct 23th 2014
Fix startup logic, fixes bug #1989
Fix raise dialog on X11
Win32: fix overflow when computing the size of file > 4GiB
Use a fixed function to get files modification time, the original one was broken for certain timezone issues, see core bug #9781 for details
Added some missing copyright headers
Avoid data corruption due to wrong error handling, bug #2280
Do improved request timeout handling to reduce the number of timed out jobs, bug #2155
Release 1.6.3 Sep 3rd 2014
Fixed updater on OS X
Fixed memory leak in SSL button that could lead to quick memory draining
Fixed upload problem with files >4 GB
MacOSX, Linux: Bring Settings window to front properly
Branded clients: If no configuration is detected, try to import the data from a previously configured community edition.
Release 1.6.2 Jul 28th 2014
Limit the HTTP buffer size when downloading to limit memory consumption.
Another small mem leak fixed in HTTP Credentials.
Fix local file name clash detection for MacOSX.
Limit maximum wait time to ten seconds in network limiting.
Fix data corruption while trying to resume and the server does not support it.
HTTP Credentials: Read password from legacy place if not found.
Shibboleth: Fix the waiting curser that would not disapear (#1915)
Limit memory usage to avoid mem wasting and crashes
Propagator: Fix crash when logging out during upload (#1957)
Propagator_qnam: Fix signal slot connection (#1963)
Use more elaborated way to detect that the server was reconfigured (#1948)
Setup Wizard: Reconfigure Server also if local path was changed (#1948)
Release 1.6.1 Jun 26th 2014
Fix 'precondition failed' bug with broken upload
Fix 'precondition failed' bug with broken upload
Fix openSSL problems for windows deployment
Fix syncing a folder with '#' in the name
Fix#1845: do not update parent directory etag before sub directories are removed
Fix reappearing directories if dirs are removed during its upload
Fix app version in settings dialog, General tab
Fix crash in FolderWizard when going offline
Shibboleth fixes
More specific error messages (file remove during upload, open local sync file)
Use QSet rather than QHash in SyncEngine (save memory)
Fix some memory leaks
Fix some thread race problems, ie. wait for neon thread to finish before the propagator is shut down
Fix a lot of issues and warnings found by Coverity
Fix Mac some settings dialog problems
Release 1.6.0 May 30th 2014
Minor GUI improvements
Qt5 compile issues fixed
Ignore sync log file in filewatcher
Install libocsync to private library dir and use rpath to localize
Fix reconnect after server disconnect
Fix "unknown action" display in Activity window
Fix memory leaks
Respect XDG_CONFIG_HOME environment var
Handle empty fileids in the journal correctly
Add abilility to compile libowncloudsync without GUI dependendy
Fix SSL error with previously-expired CAs on Windows
Fix incorrect folder pause state after start
Fix a couple of actual potential crashes
Improve Cookie support (e.g. for cookie-based load-balancers)
Introduce a general timeout of 300s for network operations
Improve error handling, blacklisting
Job-based change propagation, enables faster parallel up/downloads (right now only if no bandwidth limit is set and no proxy is used)
Significantly reduced CPU load when checking for local and remote changes
Speed up file stat code on Windows
Enforce Qt5 for Windows and Mac OS X builds
Improved owncloudcmd: SSL support, documentation
Added advanced logging of operations (file .???.log in sync directory)
Avoid creating a temporary copy of the sync database (.ctmp)
Enable support for TLS 1.2 negotiation on platforms that use Qt 5.2 or later
Forward server exception messages to client error messages
Mac OS X: Support Notification Center in OS X 10.8+
Mac OS X: Use native settings dialog
Mac OS X: Fix UI inconsistencies on Mavericks
Shibboleth: Warn if authenticating with a different user
Remove vio abstraction in csync
Avoid data loss when a client file system is not case sensitive
Release 1.5.4 April 11th 2014
Fix security issue on Windows and Mac OS X. No functional changes
Release 1.5.3 March 10th 2014
Fix usage of proxies after first sync run (#1502, #1524, #1459, #1521)
Do not wipe the credentials from config for reconnect (#1499, #1503)
Do not erase the full account config if an old version of the client stored the password (related to above)
Fix layout of the network tab (fixes#1491)
Handle authentication requests by a Shibboleth IdP
Shibboleth: If no connection is available, don't open the login window
[Packaging] Debian/Ubuntu: ship sync-exclude.lst
[Packaging] Fix issues with access to gnome keychain in Fedora and RHEL6
[Packaging] Ensure all sub packages get updated
[Packaging] Fix incorrect path in desktop file (RHEL6/CentOS6)
Release 1.5.2 February 26th 2014
Fix behavior when attempting to rename Shared folder
Fix potential endless sync loops on Mac OS (#1463)
Fix potential crash when pausing during update phase (#1442)
Fix handing of shared directories
Fix online state handling (#1441, #1459)
Fix potential crash in c_iconv on Mac OS
Fix certificate chain display in SSLButton
Fix sporadicly appearing multiple auth prompts on sign-in
Show correct state icon in Account Settings right away
Re-fetch content that gets deleted from read only shared directories
Do not store the password in the config file, erase existing ones (#1469)
Shibboleth: Close browser window after login
Shibboleth: Proper invalidation if timeout during sync
Shibboleth: Do not pop up IdP login immediately when modifying account
Shibboleth: Avoid auth on restart by storing cookies in the wallet
Fix license headers
Release 1.5.1 February 14th 2014
Please note that for the time being csync and mirall/ownCloud Client (oCC) are going to be released together for now. In the future, separated releases will be possible.
Added an auto updater that updates the client if a more recent version was found automatically (Windows, Mac OS X)
Added a button to the account dialog that gives information about the encryption layer used for communication, plus a certificate information widget
Preserve the permission settings of local files rather than setting them to a default (Bug #820)
Handle windows lnk files correctly (Bug #1307)
Detect removes and renames in read only shares and restore the gone away files. (Bug #1386)
Fixes sign in/sign out and password dialog. (Bug #1353)
Fixed error messages (Bug #1394)
Lots of fixes for building with Qt5
Changes to network limits are now also applied during a sync run
Fixed mem leak after via valgrind on Mac
Imported the ocsync library into miralls repository. Adopted all build systems and packaging to that.
Introduce a new linux packaging scheme following the debian upstream scheme
Use a refactored Linux file system watcher based on inotify, incl. unit tests
Wizard: Gracefully fall back to HTTP if HTTPS connection fails, issuing a warning
Fixed translation misses in the propagator
Fixes in proxy configuration
Fixes in sync journal handling
Fix the upload progress if the local source is still changing when the upload begins.
Add proxy support to owncloud commandline client
NSIS fixes
A lot of other fixes and minor improvements
Improve Qt5 compatability
Release 1.5.0 December 12th 2013
This is a bugfix release with fixes for the 1.5 line. Update is recommended.
Mirall/ownCloud Client, version 1.5.0
csync 0.91.4 required
New owncloud propagator that skips the vio abstraction layer
Add owncloudcmd to replace the ocsync command line tool
Localize Windows installer
Allow to sign in and out
Ask for password if missing
Introduce activity view
Introduce black list for files which could not be synced
Enabling accessibility by shipping accessibility enables on OS X (#736)
Toggle Settings window when clicking on systray icon on Win and KDE (#896)
FolderWizard: Sanitize error detection (#1201)
Set proper enable state of blacklist button after the dialog was opened
Set proper tooltips in blacklist
Translatable error messages for file errors
Add man page for owncloudcmd (#1234)
Don't close setup wizard when the initial sync run is started
Close the sync journal if a folder gets removed (#1252)
Activity: Avoid horizontal scrollbar (#1213)
Fix crash (#1229)
Resize wizard appropriately (#1130)
Fix account identity test (#1231)
Maintain the file type correctly
Display rename-target in sync protocol action column
Let recursive removal also remove the top dir
If item is a directory, remove its contents from the database as well (#1257)
Install headers for owncloudsync library
Fix opening the explorer with a selected file in Windows (#1249)
Add build number into versioning scheme
Windows: Fix rename of temporary files
Windows: Fix move file operation
with gcc48 on amd64; also closes PR 36974 relating to -Wcast-align on
arm and other non-x86 platforms.
Whether the offending code *works* on non-x86 platforms isn't clear,
but it might and someone will eventually have to try it out. If it
doesn't, please try to get upstream to fix it as the code probably
needs fundamental restructuring.
All modules/*/README will be installed, but modules/mediaproxy/Readme exists,
Rename "Readme" to "README", and let to be installed with case-sensitive filesystem.
Fixes PR pkg/49498 by Sevan Janiyan.
This version is not the latest, but apparently good enough to solve a
security issue (according to audit-packages).
New features:
Feature #46 – Drag and drop between computers (Windows and Mac)
Fixed bugs:
Bug #3287 – Mac does not wake up
Bug #3758 – Unstable service (synergyd)
Bug #3759 – Exploit: C:Program.exe (if it exists) is run by service (elevated)
Bug #3760 – Encryption broken (GCM, CTR and OFB)
Bug #3761 – Start button is visible when Synergy is running
Bug #3762 – Apply button is disabled for Mac and Linux
