GitHub.
Changes include:
2.3.0
* Enable OCaml >= 4.02 compatibility
* Enable safe-string compatibility
* Backport fixes from 2.1.8
* Use OASIS to build the documentation
* Bug fixed: Ldap_protocol doesn't handle SASL correctly (RFC 4511 4.2.2)
(Patch by David Allsopp)
* Added paged result control
(Patch by Christian Wills)
* Fix: Add Str to the build dependencies
Fix support for dependency_links.
2.12:
Rework support for --allow-hosts and --index-url, removing dependence on setuptools.Distribution's private member. Additionally corrects logic in marker evaluation along with unit tests!
2017-09-07 Richard Russon <rich@flatcap.org>
* Contrib
- Add guix build support
* Bug Fixes
- Only match real mailboxes when looking for new mail
- Fix the printing of ncurses version in -v output
- Bind editor \<delete\> to delete-char
- Fix overflowing colours
- Fix empty In-Reply-To generation
- Trim trailing slash from completed dirs
- Add guix-neomutt.scm
- Fix setting custom query_type in notmuch query
* Website
- New technical documentation LINK
- Improve Gentoo distro page
* Build
- Better curses identification
- Use the system's wchar_t support
- Use the system's md5 tool (or equivalent)
- Clean up configure.ac
- Teach gen-map-doc about the new opcode header
* Source
- Rename functions (snake_case)
- Rename constants/defines (UPPER_CASE)
- Create library of shared functions
- Much tidying
- Rename globals to match user config
- Drop unnecessary functions/macros
- Use a standard list implementation
- Coverity fixes
- Use explicit NUL for string terminators
- Drop OPS\* in favour of opcodes.h
* Upstream
- Fix menu color calls to occur before positioning the cursor
- When guessing an attachment type, don't allow text/plain if there is a null character
- Add $imap_poll_timeout to allow mailbox polling to time out
- Handle error if REGCOMP in pager fails when resizing
- Change recvattach to allow nested encryption
- Fix attachment check_traditional and extract_keys operations
- Add edit-content-type helper and warning for decrypted attachments
- Add option to run command to query attachment mime type
- Add warning about using inline pgp with format=flowed
martin@ extracted from the source, see PR 52524.
The pattern matching and/or the list itself may need further fixes.
Retest on NetBSD 8 shows that the binaries are now mprotect-safe,
remove variable.
Bump PKGREVISION.
### Added
- The Nginx plugin now configures Nginx to use 2048-bit Diffie-Hellman
parameters.
### Changed
- certbot-auto now installs Certbot in directories under `/opt/eff.org`.
- The Nginx plugin can now be selected in Certbot's interactive output.
- Output verbosity of renewal failures when running with `--quiet` has
been reduced.
- The default revocation reason shown in Certbot help output now is a
human readable string instead of a numerical code.
- Plugin selection is now included in normal terminal output.
### Fixed
- A newer version of ConfigArgParse is now installed when using
certbot-auto causing values set to false in a Certbot INI
configuration file to be handled intuitively.
- New naming conventions preventing certbot-auto from installing OS
dependencies on Fedora 26 have been resolved.
already patched!) introducing a MANDIR variable instead of hardcoding
`share/man' and pass PKGMANDIR via MAKE_ENV.
No PKGREVISION bump since it should fix the build on platforms where moreutils
was already broken.
Pointed out by Joyent's Darwin bulk build.
Common
* [GCE] Scrape prices for GCE Australia Region [GITHUB-1085] (Francisco Ros)
Compute
* [ARM] Add option to create static public IP [GITHUB-1091, LIBCLOUD-918] (Aki Ketolainen)
* [SOFTLAYER] Add get_image method to class [GITHUB-1066] (Francois Regnoult)
* [ARM] Add Storage support, volumes, snapshots [GITHUB-1087] (Sergey Babak)
Container
* [DOCKER] Fixes to support TLS connection [GITHUB-1067] (johnnyWalnut)
DNS
* [ROUTE53] Fix for TXT and SPF records, when user didn’t escapsulate data in quotes, the API would fire error. As reported by @glyph [LIBCLOUD-875, GITHUB-1093] (Anthony Shaw)
* [LINODE] Add priority to the extra dictionary in record instances [GITHUB-1088] (@mete0r)
Load Balancer
* Fixed AWS ALB/ELB driver init method to instantiate nested connection object properly [LIBCLOUD-936, GITHUB-1089] (Anton Kozyrev)
Storage
* [CLOUDFILES] Update OpenStackSwiftConnection to work with auth version 3.0 [GITHUB-1068] (Hakan Carlsson)
* [CLOUDFILES] Add SSL URI support [GITHUB-1076, LIBCLOUD-458]
- p599: fix problems with implementation of 515.
Substitutions from other sections were not made anymore if they were not in `envlist`.
2.8.0:
- 276: Remove easy_install from docs (TL;DR: use pip).
- 301: Expand nested substitutions in tox.ini
- 315: add --help and --version to helptox-quickstart
- 326: Fix OSError 'Not a directory' when creating env on Jython 2.7.0.
- 429: Forward MSYSTEM by default on Windows
- 449: add multi platform example to the docs.
- 474: Start using setuptools_scm for tag based versioning.
- 484: Renamed `py.test` to `pytest` throughout the project
- 504: With `-a`: do not show additional environments header if there are none
- 515: Don't require environment variables in test environments where they
are not used.
- 517: Forward NUMBER_OF_PROCESSORS by default on Windows to fix
`multiprocessor.cpu_count()`.
- 518: Forward `USERPROFILE` by default on Windows.
- p528: Fix some of the warnings displayed by pytest 3.1.0.
- p547: Add regression test for 137
- p553: Add an XFAIL test to reproduce upstream bug 203
- p556: Report more meaningful errors on why virtualenv creation failed
- 575: Add announcement doc to end all announcement docs
(using only CHANGELOG and Github issues since 2.5 already)
- p580: Do not ignore Sphinx warnings anymore
- 585: Expand documentation to explain pass through of flags from deps to pip
(e.g. -rrequirements.txt, -cconstraints.txt)
- 588: Run pytest wit xfail_strict and adapt affected tests.
* Add support for MMC / SD card emulation in SPI mode
* Add class recognition for MLT files
* Various minor bug fixes/improvements:
* Fix typo in libspectrum.txt
* Additional unit tests for SZX reading/writing
Changed:
* Increase required version of the cryptography package to >=1.4.0.
Fixeda:
* Remove uses of deprecated functions from the cryptography package.
* Warn about missing algorithms param to decode() only when verify param is True
CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page¶
In older versions, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn’t affect most production sites since you shouldn’t run with DEBUG = True (which makes this page accessible) in your production settings.
Bugfixes:
Fixed GEOS version parsing if the version has a commit hash at the end (new in GEOS 3.6.2).
Added compatibility for cx_Oracle 6.
Fixed select widget rendering when option values are tuples.
Django 1.11 inadvertently changed the sequence and trigger naming scheme on Oracle. This causes errors on INSERTs for some tables if 'use_returning_into': False is in the OPTIONS part of DATABASES. The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily requires an update to Oracle tables created with Django 1.11.[1-4]. Use the upgrade script in 28451 comment 8 to update sequence and trigger names to use the pre-1.11 naming scheme.
Added POST request support to LogoutView, for equivalence with the function-based logout() view.
Omitted pages_per_range from BrinIndex.deconstruct() if it’s None.
Fixed a regression where SelectDateWidget localized the years in the select box.
Fixed a regression in 1.11.4 where runserver crashed with non-Unicode system encodings on Python 2 + Windows.
Fixed a regression in Django 1.10 where changes to a ManyToManyField weren’t logged in the admin change history and prevented ManyToManyField initial data in model forms from being affected by subsequent model changes.
Fixed non-deterministic results or an AssertionError crash in some queries with multiple joins.
Fixed a regression in contrib.auth’s login() and logout() views where they ignored positional arguments
v0.10.2 2017/07/01
While procs are flexible about arity, lambdas and converted methods are not.
Thus passing in two parameters broke any such callbacks. The only change in
this release is that callback block arity is checked before passing in any
values.
v0.10.1 2017/06/30
* rebuilt fsevent_watch against 10.8
* fixed documentation
v0.10.0 2017/06/30
* MacOS 10.13 specific flags added to compatibility code
* Added second parameter to callback with more detailed event info
* Switched communication format to OTNetstrings, fixing a bug where some
events were ignored if they contained certain characters
* Removed custom path fixture from tests as there have been complaints about
using the gem with maven (??)
