Changelog:
New functionality:
* Support for TLS_FALLBACK_SCSV has been added to the ssltap and
tstclnt utilities
Notable Changes:
* The QuickDER decoder now decodes lengths robustly
(CVE-2014-1569)
* The following 1024-bit CA certificates were Removed:
- GTE CyberTrust Global Root
- Thawte Server CA
- Thawte Premium Server CA
- America Online Root Certification Authority 1
- America Online Root Certification Authority 2
* The following CA certificates had the Websites and Code Signing
trust bits turned off:
- Class 3 Public Primary Certification Authority - G2
- Equifax Secure eBusiness CA-1
* The following CA certificates were Added:
- COMODO RSA Certification Authority
- USERTrust RSA Certification Authority
- USERTrust ECC Certification Authority
- GlobalSign ECC Root CA - R4
- GlobalSign ECC Root CA - R5
* The version number of the updated root CA list has been set
to 2.2
Changelog:
New Default search engine changed to Yahoo! for North America
New Default search engine changed to Yandex for Belarusian, Kazakh, and Russian locales
New Improved search bar (en-US only)
New Firefox Hello real-time communication client
New Easily switch themes/personas directly in the Customizing mode
New Wikipedia search now uses HTTPS for secure searching (en-US only)
New Implementation of HTTP/2 (draft14) and ALPN
New Recover from a locked Firefox process in the "Firefox is already running" dialog on Windows
Changed Disabled SSLv3
Changed Proprietary window.crypto properties/functions re-enabled (to be removed in Firefox 35)
Changed Firefox signed by Apple OS X version 2 signature
HTML5 ECMAScript 6 WeakSet Implemented
HTML5 JavaScript Template Strings Implemented
HTML5 CSS3 Font variants and features control (e.g. kerning) implemented
HTML5 WebCrypto: RSA-OAEP, PBKDF2 and AES-KW support
HTML5 WebCrypto: wrapKey and unwrapKey implemented
HTML5 WebCrypto: Import/export of JWK-formatted keys
HTML5 matches() DOM API implemented (formerly mozMatchesSelector())
HTML5 Performance.now() for workers implemented
HTML5 WebCrypto: ECDH support
Developer WebIDE: Create, edit, and test a new Web application from your browser
Developer Highlight all nodes that match a given selector in the Style Editor and the Inspector's Rules panel
Developer Improved User Interface of the Profiler
Developer console.table function added to web console
Fixed CSS transitions start correctly when started at the same time as changes to display, position, overflow, and similar properties
Fixed Various security fixes
2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer
2014-88 Buffer overflow while parsing media content
2014-87 Use-after-free during HTML5 parsing
2014-86 CSP leaks redirect data via violation reports
2014-85 XMLHttpRequest crashes with some input streams
2014-84 XBL bindings accessible via improper CSS declarations
2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Huge improvements to the FDC emulation
Support for STX files on any OS (with Hatari's own open source code), as well as support for IPF/CTR files
Write support for STX files, using .wd1772 files
Some various fixes to the video emulation
Many changes to the CPU related to prefetch
Some fixes to STE sound (microwire and LMC) and to Falcon sound
Some fixes to Gemdos HD emulation : clip filenames, autostart
Some fixes to ASCI HD : larger image, improve some commands
Changes to the UI : 2nd line of information at the bottom, better performances under SDL, more options in some screens
For developpers : more Natfeats commands, better tracing of OS calls (bios, xbios, ...), many additions to the debugger
Packaged in wip by Petar Bogdanovic.
The mail gopher (mopher) is an extension to all mail transfer agents
that implement the Sendmail Milter API. It reads a list of rules and
acts on each incoming mail delivery attempt based on various criteria
and existing states.
Mopher supports indiscriminate and selective grey- and whitelisting of
either individual addresses or whole domains (based on reverse lookups
and rules provided by Mozilla's Public Suffix List). Access to tables
and state-related data passes through a generic interface and is then
translated by one of the available backend drivers.
ryoon in wip and updated and prepared for import by dillo.
cgit is a cgi application implemented in C. It is non-forking, uses
an internal cache to speed things up. Also, it features virtual
URLs (unlike gitweb).
CCLD brasero
ld: eggsmclient-xsmp.o: undefined reference to symbol 'IceSetIOErrorHandler'
ld: note: 'IceSetIOErrorHandler' is defined in DSO /usr/X11R7/lib/libICE.so.7 so try adding it to the linker command line
Version 0.3.1
=============
*released on 24 November 2014*
- Fixed a bug where vdirsyncer would delete items if they're deleted on side A
but modified on side B. Instead vdirsyncer will now upload the new items to
side A. See :gh:`128`.
- Synchronization continues with the remaining pairs if one pair crashes, see
:gh:`121`.
- The ``processes`` config key is gone. There is now a ``--max-workers`` option
on the CLI which has a similar purpose. See :ghpr:`126`.
- The Read The Docs-theme is no longer required for building the docs. If it is
not installed, the default theme will be used. See :gh:`134`.
Release 0.1.14 (Nov 30, 2014)
-----------------------------
Bug Fixes
* Floats in UPDATE statements are now handled correctly (issue145).
* Properly handle string literals in comparisons (issue148, change proposed
by aadis).
* Fix indentation when using tabs (issue146).
Enhancements
* Improved formatting in list when newlines precede commas (issue140).
* doc: correct license template for t2h.pm
* avformat: replace some odd 30-60 rates by higher less odd ones in get_std_framerate()
* swscale: fix yuv2yuvX_8 assembly on x86
* avcodec/hevc_ps: Check num_long_term_ref_pics_sps
* avcodec/mjpegdec: Fix integer overflow in shift
* avcodec/hevc_ps: Check return code from pps_range_extensions()
* avcodec/rawdec: Check the return code of avpicture_get_size()
* avcodec/pngdec: Check IHDR/IDAT order
libcdr 0.1.1
* Fix several problems found by Coverity.
* Fix crash when NULL is passed as input stream.
* Fix various crashes and hangs when reading broken files found with the
help of american-fuzzy-lop.
* Only export public symbols on Linux.
--------------
Version 0.80b:
--------------
- Added a check for $PATH-induced loops. Spotted by Kartik Agaram.
- Added AFL_KEEP_ASSEMBLY.
- Override for AFL_USE_ASAN if set at afl compile time. Requested by
Hanno Boeck.
--------------
Version 0.79b:
--------------
- Minor adjustment to path skipping logic.
- Several documentation updates to reflect the changes made yesterday.
--------------
Version 0.78b:
--------------
- CPU governor check. Problem spotted by Joe Zbiciak.
- Favored paths are now selected strictly based on new edges, not hit
counts. This speeds up the first pass by a factor of 3-6x without
significantly impacting ultimate coverage (tested with libgif, libpng,
libjpeg).
It also allows some performance & memory usage improvements by making
some of the in-memory bitmaps much smaller.
- Multiple significant performance improvements to bitmap checking functions,
plus a switch to a faster hash.
- Owing largely to these optimizations, bitmap size is bumped to 64 kB
and a warning is added to detect older binaries that rely on smaller
bitmaps.
--------------
Version 0.77b:
--------------
- Added AFL_SKIP_CHECKS to bypass binary checks when really warranted.
Requested by Jakub Wilk.
- Typo fixes.
- Warning for runs that are aborted early on.
--------------
Version 0.76b:
--------------
- Another signal handling fix for Solaris. Submitted by Martin Carpenter.
--------------
Version 0.75b:
--------------
- A slightly more "elegant" kludge for the %llu glitch (see types.h).
- CPU load warnings relaxed a bit.
--------------
Version 0.74b:
--------------
- More responsive exec speed averages and better UI speed scaling.
- Fix for interrupted reads on Solaris. Submitted by Martin Carpenter.
--------------
Version 0.73b:
--------------
- Fix a stray memcpy() instead of memmove() on overlapping buffers.
Mostly harmless but still dumb. Spotted thanks to David Higgs.
--------------
Version 0.72b:
--------------
- Map size bumped up to 32k. You may want to recompile instrumented
binaries (but nothing horrible will happen if you don't).
- Huge performance improvements for bit-counting functions.
- Default optimizations now include -funroll-loops. This should have
interesting effects on the instrumentation. Frankly, I'm just going to
ship it and see what happens next. I have a good feeling about this.
- Fix for stack alignment crash on MacOS X 10.10; looks like the
rhetorical question in the comments in afl-as.h has been answered.
Spotted by Mudge Zatko.
--------------
Version 0.71b:
--------------
- A fix for the nonsensical MacOS ELF check. Spotted by Mudge Zatko.
- Improvements to ASAN checks.
--------------
Version 0.70b:
--------------
- Explicit detection of ASAN.
- Patches to compile on Solaris. Contributed by Martin Carpenter.
--------------
Version 0.69b:
--------------
- Improved detection of non-instrumented binaries.
- Crash counter in -C mode is now accurate.
- Fix for an obscure install bug that made afl-as non-functional with the tool
installed to /usr/bin instead of /usr/local/bin. Found by Florian Kiersch.
- Fix for a cosmetic SIGFPE when Ctrl-C is pressed while the fork server
is spinning up.
--------------
Version 0.68b:
--------------
- Crash exploration mode! Woot!
--------------
Version 0.67b:
--------------
- Several more typos fixed, the project is now cartified 100% typo-free.
Thanks to Thomas Jarosch and Jakub Wilk.
- Write fuzzer_stats early on.
- Minor fix for MacOS X operation as root. Spotted by Tobias Ospelt.
- Make it possible to override -O3. Patch by Jakub Wilk.
--------------
Version 0.66b:
--------------
- Fix for a very obscure issue with build systems that use gcc as an assembler
for hand-written .s files, confusing afl-as. Affected nss. Reported by
Hanno Boeck.
- Fix for a bug when cleaning up synchronized fuzzer output dirs. Reported by
Thomas Jarosch.
D-Bus 1.8.12 (2014-11-24)
==
The “days of fuchsia passed” release.
Fixes:
• Partially revert the CVE-2014-3639 patch by increasing the default
authentication timeout on the system bus from 5 seconds back to 30
seconds, since this has been reported to cause boot regressions for
some users, mostly with parallel boot (systemd) on slower hardware.
On fast systems where local users are considered particularly hostile,
administrators can return to the 5 second timeout (or any other value
in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
<busconfig>
<limit name="auth_timeout">5000</limit>
</busconfig>
(fd.o #86431, Simon McVittie)
• Add a message in syslog/the Journal when the auth_timeout is exceeded
(fd.o #86431, Simon McVittie)
• Send back an AccessDenied error if the addressed recipient is not allowed
to receive a message (and in builds with assertions enabled, don't
assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
20141124: Bumped up version number to 1.1.6
20141124: Properly quote backslashes for tcsh
20141124: Detect ambiguous long options properly
Thanks to Klaus Wulff <dinw.klswlff@dfgh.net>
20141123: Create test harnass and tests
20141122: Update translations (sync with util-linux (git 20141120))
20141120: Update manual page (sync with util-linux (git 20141120))
20141120: Minor code changes (sync with util-linux (git 20141120))
Release 3.10.1 (25 November 2014)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.10.1 is a bug fix release. It fixes various bugs reported in 3.10.0
and backports fixes for all reported missing AArch64 ARMv8 instructions
and syscalls from the trunk. If you package or deliver 3.10.0 for others
to use, you might want to consider upgrading to 3.10.1 instead.
The following bugs have been fixed or resolved. Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry. We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.
To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.
335440 arm64: ld1 (single structure) is not implemented
335713 arm64: unhanded instruction: prfm (immediate)
339020 ppc64: memcheck/tests/ppc64/power_ISA2_05 failing in nightly build
339182 ppc64: AvSplat ought to load destination vector register with [..]
339336 PPC64 store quad instruction (stq) is not supposed to change [..]
339433 ppc64 lxvw4x instruction uses four 32-byte loads
339645 Use correct tag names in sys_getdents/64 wrappers
339706 Fix false positive for ioctl(TIOCSIG) on linux
339721 assertion 'check_sibling == sibling' failed in readdwarf3.c ...
339853 arm64 times syscall unknown
339855 arm64 unhandled getsid/setsid syscalls
339858 arm64 dmb sy not implemented
339926 Unhandled instruction 0x1E674001 (frintx) on aarm64
339927 Unhandled instruction 0x9E7100C6 (fcvtmu) on aarch64
339938 disInstr(arm64): unhandled instruction 0x4F8010A4 (fmla)
== 339950
339940 arm64: unhandled syscall: 83 (sys_fdatasync) + patch
340033 arm64: unhandled insn dmb ishld and some other isb-dmb-dsb variants
340028 unhandled syscalls for arm64 (msync, pread64, setreuid and setregid)
340036 arm64: Unhandled instruction ld4 (multiple structures, no offset)
340236 arm64: unhandled syscalls: mknodat, fchdir, chroot, fchownat
340509 arm64: unhandled instruction fcvtas
340630 arm64: fchmod (52) and fchown (55) syscalls not recognized
340632 arm64: unhandled instruction fcvtas
340725 AVX2: Incorrect decoding of vpbroadcast{b,w} reg,reg forms
340788 warning: unhandled syscall: 318 (getrandom)
340807 disInstr(arm): unhandled instruction: 0xEE989B20
340856 disInstr(arm64): unhandled instruction 0x1E634C45 (fcsel)
340922 arm64: unhandled getgroups/setgroups syscalls
n-i-bz DRD and Helgrind: Handle Imbe_CancelReservation (clrex on ARM)
n-i-bz Add missing ]] to terminate CDATA.
n-i-bz Glibc versions prior to 2.5 do not define PTRACE_GETSIGINFO
n-i-bz Enable sys_fadvise64_64 on arm32.
n-i-bz Add test cases for all remaining AArch64 SIMD, FP and memory insns.
n-i-bz Add test cases for all known arm64 load/store instructions.
n-i-bz PRE(sys_openat): when checking whether ARG1 == VKI_AT_FDCWD [..]
n-i-bz Add detection of old ppc32 magic instructions from bug 278808.
n-i-bz exp-dhat: Implement missing function "dh_malloc_usable_size".
n-i-bz arm64: Implement "fcvtpu w, s".
n-i-bz arm64: implement ADDP and various others
n-i-bz arm64: Implement {S,U}CVTF (scalar, fixedpt).
n-i-bz arm64: enable FCVT{A,N}S X,S.
(3.10.1: 25 November 2014, vex r3026, valgrind r14785)
[CHANGES]
New facilities:
o Pygments plug-in parser: Support python 3.
o gozilla: added support of OSX's default browser.
Please set environment variable BROWSER to 'osx-default'.
$ htags --suggest --map-file
$ export BROWSER=osx-default
$ gozilla +120 main.c # shows line 120 in main.c
$ gozilla -d main # shows definitions of main()
o vim74-gtags-cscope.patch: New patch for vim + gtags-cscope to treat
file names which include spaces correctly. Please see README.PATCHES.
Release for beta test:
o Added --sqlite3 option which uses SQLite3 API instead of BSD/DB API for
making tag files. If you will test the code then please do as follows:
[configuration phase]
$ ./configure --with-sqlite3 # use sqlite3 API
[execution phase]
$ gtags --sqlite3 # make sqlite3 tag files
[FIXED BUGS]
o gtags-cscope.vim: There was a calling to undefined function.
Now it works.
