Changelog:
Most notable changes:
* Change the license from modified-bsd to apache-2.0.
* Require Java 8 or later.
* Support Java 9 or later.
* Fix a security bug, CVE-2017-15288,
sbt is a build tool for Scala, Java, and more.
Features of sbt
* Little or no configuration required for simple projects
* Scala-based build definition that can use the full flexibility of Scala
code
* Accurate incremental recompilation using information extracted from the
compiler
* Continuous compilation and testing with triggered execution
* Packages and publishes jars
* Generates documentation with scaladoc
* Supports mixed Scala/Java projects
* Supports testing with ScalaCheck, specs, and ScalaTest. JUnit is
supported by a plugin.
* Starts the Scala REPL with project classes and dependencies on
the classpath
* Modularization supported with sub-projects
* External project support (list a git repository as a dependency!)
* Parallel task execution, including parallel test execution
* Library management support: inline declarations, external Ivy or Maven
configuration files, or manual management
Add PHP 7.3.0 as php73.
PHP is a widely-used open source general-purpose scripting language
that is especially suited for web development and can be embedded
into HTML. It is modular, and object-oriented. Much of its syntax
is borrowed from C, Java and Perl with a couple of unique PHP-specific
features thrown in. The language is designed to allow web developers
to write dynamically generated pages quickly.
This package provides PHP version 7.3.x.
PHP 7.3.0 comes with numerous improvements and new features such as
* Flexible Heredoc and Nowdoc Syntax
* PCRE2 Migration
* Multiple MBString Improvements
* LDAP Controls Support
* Improved FPM Logging
* Windows File Deletion Improvements
* Several Deprecations
For source downloads of PHP 7.3.0 please visit our downloads page Windows
binaries can be found on the PHP for Windows site. The list of changes is
recorded in the ChangeLog.
PEAR 1.10.7
Release date: 2018-12-05 15:16 UTC
Release state: stable
Release uploaded by: ashnazg
Changelog:
* PR #79: Prevent Unable to find the wrapper "channel" Warning
* PR #80: fix Warning: "continue" targeting switch is equivalent to
"break". Did you mean to use "continue 2"
* PR #81: Add flags to PECL shell script for shared extensions
These releases include fixes to cgo, the compiler, linker, runtime,
documentation, go command, and the net/http and go/types packages.
They include a fix to a bug introduced in Go 1.11.3 and Go 1.10.6
that broke "go get" for import path patterns containing "...".
View the release notes for more information:
https://golang.org/doc/devel/release.html#go1.10.minor
Version 10.14.2 'Dubnium' (LTS)
This LTS release comes with 374 commits. This includes 165 which are test or benchmark related, 77 which are doc related, 29 which are build / tool related and 15 commits which update dependencies.
Notable Changes
* deps:
- upgrade to c-ares v1.15.0
* Windows:
- A crashing process will now show the names of stack frames if the node.pdb file is available.
Changelog:
New Features
security-libs/javax.net.ssl
➜ Support for Customization of Default Enabled Cipher Suites via System Properties
The system property jdk.tls.client.cipherSuites can be used to customize the default enabled cipher suites for the client side of SSL/TLS connections. In a similar way, the system property jdk.tls.server.cipherSuites can be used for customization on the server side.
The system properties contain a comma-separated list of supported cipher suite names that specify the default enabled cipher suites. All other supported cipher suites are disabled for this default setting. Unrecognized or unsupported cipher suite names specified in properties are ignored. Explicit setting of enabled cipher suites will override the system properties.
Please refer to the "Java Cryptography Architecture Standard Algorithm Name Documentation" for the standard JSSE cipher suite names, and the "Java Cryptography Architecture Oracle Providers Documentation" for the cipher suite names supported by the SunJSSE provider.
Note that the actual use of enabled cipher suites is restricted by algorithm constraints.
Note also that these system properties are currently supported by the JDK Reference Implementation. They are not guaranteed to be supported by other implementations.
Warning: These system properties can be used to configure weak cipher suites, or the configured cipher suites may become more weak over time. We do not recommend using the system properties unless you understand the security implications. Use them at your own risk.
See JDK-8162362
Bug Fixes
This release contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see the JDK 8u192 Bug Fixes page.
Security bugs:
CVE-2018-3183
CVE-2018-3209
CVE-2018-3169
CVE-2018-3149
CVE-2018-3211
CVE-2018-3180
CVE-2018-3214
CVE-2018-3157
CVE-2018-3150
CVE-2018-13785
CVE-2018-3136
CVE-2018-3139
pkgsrc changes:
- Add patches/patch-src_os_pl-files.c to avoid overlapping `src'
and `dst' in srtcpy(3). It is an undefined behaviour and it leads to build
issue in swi-prolog-packages on platforms that uses SSP.
- readline dependency is no longer needed for swi-prolog-lite.
The readline functionality is now provided as a package via
swi-prolog-packages.
- Inject CFLAGS via COFLAGS and pass -fPIC via CMFLAGS so that
swi-prolog-jpl will link
- Add patches/patch-src_pl-rsort.c to use FreeBSD qsort_r(3)
instead of using nested functions. This is probably more portable
and has less problems (e.g. does not need for PaX MPROTECT).
Changes:
7.6.x
-----
Major release. Multi-argument indexing, better multi-threaded
performance, threaded global GC (atoms and clauses), mode-directed
tabling, restored same expand and directive semantics for initial
load and reloading files, cleaner initializatin and command line
handling.
7.4.x
-----
Major release. More robust and better scalable support for multi-core
hardware, tabling, engines. Many enhancements to the RDF, HTTP and
SSL libraries. This is the first release licensed under the Simplified
BSD (BSD-2) license.
7.2.x
-----
Major release, providing native key-value support by means of dicts,
native strings using "hello world" syntax, web-accessible Prolog
engines (Pengines) and a high level SQL library called CQL.
Please note that this is just a summary of the most important changes,
for more information please give a look to:
<http://www.swi-prolog.org/ChangeLog?branch=stable>
LLVM 7.0.0 Release
The release contains the work on trunk up to SVN revision 338536 plus
work on the release branch. It is the result of the community's work
over the past six months, including: function multiversioning in Clang
with the 'target' attribute for ELF-based x86/x86_64 targets, improved
PCH support in clang-cl, preliminary DWARF v5 support, basic support
for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray
and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer
support for OpenBSD, UBSan checks for implicit conversions, many
long-tail compatibility issues fixed in lld which is now production
ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and
diagtool. And as usual, many optimizations, improved diagnostics, and
bug fixes.
For more details, see the release notes:
https://llvm.org/releases/7.0.0/docs/ReleaseNotes.htmlhttps://llvm.org/releases/7.0.0/tools/clang/docs/ReleaseNotes.htmlhttps://llvm.org/releases/7.0.0/tools/clang/tools/extra/docs/ReleaseNotes.htmlhttps://llvm.org/releases/7.0.0/tools/lld/docs/ReleaseNotes.html
Changelog:
Version 1.31.0 (2018-12-06)
Language
This version marks the release of the 2018 edition of Rust.
New lifetime elision rules now allow for eliding lifetimes in functions and impl headers. E.g. impl<'a> Reader for BufReader<'a> {} can now be impl Reader for BufReader<'_> {}. Lifetimes are still required to be defined in structs.
You can now define and use const functions. These are currently a strict minimal subset of the const fn RFC. Refer to the language reference for what exactly is available.
You can now use tool lints, which allow you to scope lints from external tools using attributes. E.g. #[allow(clippy::filter_map)].
#[no_mangle] and #[export_name] attributes can now be located anywhere in a crate, not just in exported functions.
You can now use parentheses in pattern matches.
Compiler
Updated musl to 1.1.20
Libraries
You can now convert num::NonZero* types to their raw equivalvents using the From trait. E.g. u8 now implements From<NonZeroU8>.
You can now convert a &Option<T> into Option<&T> and &mut Option<T> into Option<&mut T> using the From trait.
You can now multiply (*) a time::Duration by a u32.
Stabilized APIs
slice::align_to
sl
ice::align_to_mut
slice::chunks_exact
slice::chunks_exact_mut
slice::rchunks
slice::rchunks_mut
slice::rchunks_exact
slice::rchunks_exact_mut
Option::replace
Cargo
Cargo will now download crates in parallel using HTTP/2.
You can now rename packages in your Cargo.toml We have a guide on how to use the package key in your dependencies.
We used to build PHP with its built-in, statically linked libsqlite3. When
used in an executable with dynamically looaded modules such as Apache, some
module may load a shared libsqlite3, which has the same symbols as PHP's
built-in libsqlite3. This causes unreliable cross-version calls and is
source of crashes.
The fix is to disable PHP's built-in libslite3 and always use an external,
shared libsqlite3.
what is new for perl v5.28.1:
Security
[CVE-2018-18311] Integer overflow leading to buffer overflow and segmentation fault
Integer arithmetic in "Perl_my_setenv()" could wrap when the combined length of the environment variable
name and value exceeded around 0x7fffffff. This could lead to writing beyond the end of an allocated buffer
with attacker supplied data.
[CVE-2018-18312] Heap-buffer-overflow write in S_regatom (regcomp.c)
A crafted regular expression could cause heap-buffer-overflow write during compilation, potentially allowing
arbitrary code execution.
Incompatible Changes
There are no changes intentionally incompatible with 5.28.0. If any exist, they are bugs, and we request
that you submit a report. See "Reporting Bugs" below.
Modules and Pragmata
Updated Modules and Pragmata
o Module::CoreList has been upgraded from version 5.20180622 to 5.20181129_28.
Selected Bug Fixes
o Perl 5.28 introduced an "index()" optimization when comparing to -1 (or indirectly, e.g. >= 0). When
this optimization was triggered inside a "when" clause it caused a warning ("Argument %s isn't numeric
in smart match"). This has now been fixed.
o Matching of decimal digits in script runs, introduced in Perl 5.28, had a bug that led to "1\N{THAI
DIGIT FIVE}" matching "/^(*sr:\d+)$/" when it should not. This has now been fixed.
o The new in-place editing code no longer leaks directory handles.
Vala 0.42.3
===========
* Various improvements and bug fixes:
- codegen:
+ Initialize internal temp-variables used as reference parameter
+ Improve ccode for fixed-length array parameters (#163)
+ Fix regex literal compile flags
+ Add prototype for *_register_type() function
+ Don't emit *_free() of derived compact classes
+ Add prototype for *_new() of abstact compact classes
- girwriter: Fix ctype of out/ref and array parameters
- ccode: Fix typo and actually check "end_decls" (#672)
- abstract syntax tree:
+ Always analyze nodes after they are inserted into the AST
+ Add source_reference to local variable of catch-clause
+ Add missing replace_expression() implementations
+ Fix several construction/parenting issues
+ DataType for GLib.Error should be should resolved as ErrorType
- libvaladoc: Add "unlock" to keywords in Highligher
- posix:
+ Add replacement for G_(BEGIN|END)_DECLS
+ Don't check for GLib.Variant casting
- testrunner: Reset $run_prefix before generating next test script
- build: Unconditionally add conditional VALAFLAGS to make bootstrap
- doc: Fix build of internal-api-docs
- manual: Update from wiki.gnome.org
* Bindings:
- glib-2.0: Computing length once is enough in string.to_utf8()/splice()
- glib-2.0: Add binding for g_test_add()
- glib-2.0: Add array length to string.skip (#695)
- gio-2.0: Result of DBusMessage.get_header() is unowned
- gobject-2.0,gtk+-*.0: Fix some GLib.Value out/ref parameters
- gstreamer: Update from 1.15+ git master
- gtk+-4.0: Update to 3.94.0+b4b30b49
Vala 0.42.2
===========
* Various improvements and bug fixes:
- codewriter: Prepend "yield" if is_yield_expression is set on
MethodCall and ObjectCreationExpression
- codegen: Fix typo in is_pure_ccode_expression() [#673]
- gobject-introspection: Fix use after free in scanner [#674]
- vala: Check if ArrayType supports its given element-type in analyzer pass
- valadoc: Fix some string escaping which gettext complains about
* Bindings:
- Update GIDL-based bindings to fix unsupported type-arguments
- glib-2.0: Add feature_test_macro details for Time struct's methods
- glib-2.0: Set DateTime.now () to use local time zone as the default
- gstreamer: Update from 1.15+ git master
- gtk+-4.0: Update to 3.94.0+d90e2733
- libxml-2.0: Add missing context parameter in OutputWriteCallback
- x11: Add binding for XCreateSimpleWindow
Vala 0.42.1
===========
* Various improvements and bug fixes:
- vapigen: Warn if the library argument doesn't match any package attribute
[#669]
* Bindings:
- glib-2.0: Add some 2.58 symbols
- gtk+-4.0: Update to 3.94.0+f3e6d00d
- Add gnome-desktop-3.0 bindings [#668]
- Remove libgda-4.0, libgda-report-4.0 bindings [#667]
- Update GIR-based bindings
Up to now, there was a central list of variable name patterns that
defined whether a variable was printed as a sorted list, as a list or as
a single value.
Now each variable group decides on its own which of the variables are
printed in which way, using the usual glob patterns. This is more
flexible since different files sometimes differ in their naming
conventions.
Two variable groups are added: license (for everything related to
LICENSE) and go (for lang/go).
Changes:
---------------------------------------------------------------------
--- kernel-6.1.1 ----------------------------------------------------
---------------------------------------------------------------------
Note! The kernel-6.1.1 application can *not* be applied independently
of other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependency has to be satisfied:
-- erts-10.1 (first satisfied in OTP 21.1)
--- Fixed Bugs and Malfunctions ---
OTP-15438 Application(s): kernel
Related Id(s): ERL-781
Fix bug causing net_kernel process crash on connection
attempt from node with name identical to local node.
Full runtime dependencies of kernel-6.1.1: erts-10.1, sasl-3.0,
stdlib-3.5
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
--- erts-10.1.3 -----------------------------------------------------
---------------------------------------------------------------------
Note! The erts-10.1.3 application can *not* be applied independently
of other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependency has to be satisfied:
-- kernel-6.1 (first satisfied in OTP 21.1)
--- Improvements and New Features ---
OTP-15430 Application(s): erts
Related Id(s): ERIERL-237
Added an optional ./configure flag to compile the
emulator with spectre mitigation:
--with-spectre-mitigation
Note that this requires a recent version of GCC with
support for spectre mitigation and the
--mindirect-branch=thunk flag, such as 8.1.
Full runtime dependencies of erts-10.1.3: kernel-6.1, sasl-3.0.1,
stdlib-3.5
---------------------------------------------------------------------
--- compiler-7.2.7 --------------------------------------------------
---------------------------------------------------------------------
The compiler-7.2.7 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15353 Application(s): compiler
Related Id(s): ERL-753
Fixed a bug where incorrect code was generated
following a binary match guard.
Full runtime dependencies of compiler-7.2.7: crypto-3.6, erts-9.0,
hipe-3.12, kernel-4.0, stdlib-2.5
---------------------------------------------------------------------
--- erts-10.1.2 -----------------------------------------------------
---------------------------------------------------------------------
Note! The erts-10.1.2 application can *not* be applied independently
of other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependency has to be satisfied:
-- kernel-6.1 (first satisfied in OTP 21.1)
--- Fixed Bugs and Malfunctions ---
OTP-15421 Application(s): erts
Fixed a rare bug where files could be closed on a
normal instead of an IO scheduler, resulting in system
instability if the operation blocked.
Full runtime dependencies of erts-10.1.2: kernel-6.1, sasl-3.0.1,
stdlib-3.5
---------------------------------------------------------------------
--- public_key-1.6.3 ------------------------------------------------
---------------------------------------------------------------------
The public_key-1.6.3 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15367 Application(s): public_key
Add DSA SHA2 oids in public_keys ASN1-spec and
public_key:pkix_sign_types/1
Full runtime dependencies of public_key-1.6.3: asn1-3.0, crypto-3.8,
erts-6.0, kernel-3.0, stdlib-3.5
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Trying to mix and match pkgsrc and bundled dependencies resulted in conflicts
between libgit and http-parser, such that cargo was unable to fetch indexes
from crates.io with spurious network error regarding Content-Type headers.
While here add a note about why these dependencies are currently disabled.
Bump PKGREVISION.
Version 10.14.0 'Dubnium' (LTS):
This is a security release. All Node.js users should consult the security release summary at:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* Node.js: Denial of Service with large HTTP headers (CVE-2018-12121)
* Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122 / Node.js)
* Node.js: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)
* OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734)
* OpenSSL: Timing vulnerability in ECDSA signature generation (CVE-2019-0735)
Notable Changes
* deps: Upgrade to OpenSSL 1.1.0j, fixing CVE-2018-0734 and CVE-2019-0735
* http:
- Headers received by HTTP servers must not exceed 8192 bytes in total to prevent possible Denial of Service attacks. Reported by Trevor Norris. (CVE-2018-12121 / Matteo Collina)
- A timeout of 40 seconds now applies to servers receiving HTTP headers. This value can be adjusted with server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. Reported by Jan Maybach (liebdich.com). (CVE-2018-12122 / Matteo Collina)
* url: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol.
Add type annotations to your Python programs, and use mypy to type check them.
Mypy is essentially a Python linter on steroids, and it can catch many
programming errors by analyzing your program, without actually having to run
it. Mypy has a powerful type system with features such as type inference,
gradual typing, generics and union types.
- use 'build' target for building, not 'dist'
- set jobs also for install target
- do not generate tarballs; we don't need them, but they take a lot of disk-space
- do not install 'src'
- do not generate 'install.log' nor 'uninstall.sh'
- on Darwin, use headerpad_max_install_names to be able to fix all dylibs
- make optimized bootstrap
- pkglint fixes
- get ready to depend on lang/llvm and devel/jemalloc
This allows users to simply install a "go" package and pull in the latest
version available for their host operating system without having to figure
out the name for the correct suffixed package.
isn't an upstream choice, but is likely a result of using bsd.prog.mk in
files/
At least one person had an issue with it, although it (mysteriously) builds
fine with GCC 6.5 and -Werror, even now.
PR pkg/48482
Version 10.13.0 'Dubnium' (LTS)
This release marks the transition of Node.js 10.x into Long Term Support (LTS) with the codename 'Dubnium'. The 10.x release line now moves in to "Active LTS" and will remain so until April 2020. After that time it will move in to "Maintenance" until end of life in April 2021.
Notable Changes
This release only includes minimal changes necessary to fix known regressions prior to LTS.
Version 10.12.0 (Current)
Notable changes
assert
* The diff output is now a tiny bit improved by sorting object properties when inspecting the values that are compared with each other.
cli
* The options parser now normalizes _ to - in all multi-word command-line flags, e.g. --no_warnings has the same effect as --no-warnings.
* Added bash completion for the node binary. To generate a bash completion script, run node --completion-bash. The output can be saved to a file which can be sourced to enable completion.
crypto
* Added support for PEM-level encryption.
* Added an API asymmetric key pair generation. The new methods crypto.generateKeyPair and crypto.generateKeyPairSync can be used to generate public and private key pairs. The API supports RSA, DSA and EC and a variety of key encodings (both PEM and DER).
fs
* Added a recursive option to fs.mkdir and fs.mkdirSync. If this option is set to true, non-existing parent folders will be automatically created.
http2
* Added a 'ping' event to Http2Session that is emitted whenever a non-ack PING is received.
* Added support for the ORIGIN frame.
* Updated nghttp2 to 1.34.0. This adds RFC 8441 extended connect protocol support to allow use of WebSockets over HTTP/2.
module
* Added module.createRequireFromPath(filename). This new method can be used to create a custom require function that will resolve modules relative to the filename path.
process
* Added a 'multipleResolves' process event that is emitted whenever a Promise is attempted to be resolved multiple times, e.g. if the resolve and reject functions are both called in a Promise executor.
url
* Added url.fileURLToPath(url) and url.pathToFileURL(path). These methods can be used to correctly convert between file: URLs and absolute paths.
util
* Added the sorted option to util.inspect(). If set to true, all properties of an object and Set and Map entries will be sorted in the returned string. If set to a function, it is used as a compare function.
The util.instpect.custom symbol is now defined in the global symbol registry as Symbol.for('nodejs.util.inspect.custom').
* Added support for BigInt numbers in util.format().
V8 API
* A number of V8 C++ APIs have been marked as deprecated since they have been removed in the upstream repository. Replacement APIs are added where necessary.
Windows
* The Windows msi installer now provides an option to automatically install the tools required to build native modules.
Workers
* Debugging support for Workers using the DevTools protocol has been implemented.
* The public inspector module is now enabled in Workers.
works and cabs*() handling is correct.
also:
- extract using bsdtar. saves about 4 minutes during extract for me.
- remove duplicated part of gcc/config/netbsd.h -- it's already
upstream by this version.
1. Enhancements
Elixir
[Kernel] Expand left..right at compile time in more cases, which leads to improved performance under different scenarios, especially on x in left..right expressions
Mix
[mix deps.loadpaths] Add --no-load-deps flag. This is useful for Rebar 3 compatibility
2. Bug fixes
Elixir
[Calendar] Fix for converting from negative iso days on New Year in a leap year
[Kernel] Ensure @spec, @callback, @type and friends can be read accordingly
[Module] Avoid warnings when using Module.eval_quoted in the middle of existing definitions
Mix
[mix archive.build] Unload previous archive versions before building
[mix format] Expand paths so mix format path\for\windows.ex works
[mix test] Ensure that --cover displays correct coverage in an umbrella app
changes in erlang/OTP 21.1.1:
---------------------------------------------------------------------
--- compiler-7.2.6 --------------------------------------------------
---------------------------------------------------------------------
The compiler-7.2.6 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15335 Application(s): compiler
Related Id(s): ERL-689, OTP-15219
In rare circumstances, the matched out tail of a binary
could be the entire original binary. (There was partial
correction to this problem in version 7.2.5 of the
compiler application.)
Full runtime dependencies of compiler-7.2.6: crypto-3.6, erts-9.0,
hipe-3.12, kernel-4.0, stdlib-2.5
---------------------------------------------------------------------
--- eldap-1.2.6 -----------------------------------------------------
---------------------------------------------------------------------
The eldap-1.2.6 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15342 Application(s): eldap
Related Id(s): ERIERL-242
A race condition at close could cause the eldap client
to exit with a badarg message as cause.
Full runtime dependencies of eldap-1.2.6: asn1-3.0, erts-6.0,
kernel-3.0, ssl-5.3.4, stdlib-2.0
---------------------------------------------------------------------
--- erts-10.1.1 -----------------------------------------------------
---------------------------------------------------------------------
Note! The erts-10.1.1 application can *not* be applied independently
of other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependency has to be satisfied:
-- kernel-6.1 (first satisfied in OTP 21.1)
--- Fixed Bugs and Malfunctions ---
OTP-14297 Application(s): erts
Related Id(s): OTP-15141
A bug where the socket option 'pktoptions' caused a
read of uninitialized memory has been fixed. Would
cause malfunction on FreeBSD.
OTP-15318 Application(s): erts
Fixed a memory leak on errors when reading files.
OTP-15333 Application(s): erts
Related Id(s): ERL-737
File access through UNC paths works again on Windows.
This regression was introduced in OTP 21.
Full runtime dependencies of erts-10.1.1: kernel-6.1, sasl-3.0.1,
stdlib-3.5
---------------------------------------------------------------------
--- ssl-9.0.3 -------------------------------------------------------
---------------------------------------------------------------------
The ssl-9.0.3 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15337 Application(s): ssl
Related Id(s): ERL-738
Correct alert handling with new TLS sender process,
from ssl-9.0.2. CLOSE ALERTS could under some
circumstances be encoded using an incorrect cipher
state. This would cause the peer to regard them as
unknown messages.
OTP-15348 Application(s): ssl
Related Id(s): ERL-747
Correct handling of socket packet option with new TLS
sender process, from ssl-9.0.2. When changing the
socket option {packet, 1|2|3|4} with ssl:setopts/2 the
option must internally be propagated to the sender
process as well as the reader process as this
particular option also affects the data to be sent.
Full runtime dependencies of ssl-9.0.3: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.5, stdlib-3.5
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
changes in erlang/OTP 21.1:
---------------------------------------------------------------------
--- HIGHLIGHTS ------------------------------------------------------
---------------------------------------------------------------------
OTP-15133 Application(s): ssh
Related Id(s): OTP-15240
The key exchange methods
'curve25519-sha256@libssh.org', 'curve25519-sha256' and
'curve448-sha512' are implemented. The last two are
defined in
https://tools.ietf.org/html/draft-ietf-curdle-ssh-curves
They all depends on that OpenSSL 1.1.1 or higher is
used as cryptolib.
OTP-15134 Application(s): crypto, public_key
The typing in the CRYPTO and PUBLIC_KEY applications
are reworked and a few mistakes are corrected.
The documentation is now generated from the typing and
some clarifications are made.
A new chapter on Algorithm Details such as key sizes
and availability is added to the CRYPTO User's Guide.
OTP-15145 Application(s): erts, kernel
Related Id(s): ERIERL-187
The socket options recvtos, recvttl, recvtclass and
pktoptions have been implemented in the socket modules.
See the documentation for the gen_tcp, gen_udp and inet
modules. Note that support for these in the runtime
system is platform dependent. Especially for pktoptions
which is very Linux specific and obsoleted by the RFCs
that defined it.
OTP-15209 Application(s): ssh
Related Id(s): OTP-15164
The cipher 'chacha20-poly1305@openssh.com' is now
supported if OpenSSL 1.1.1 or higher is used as
cryptolib.
---------------------------------------------------------------------
--- asn1-5.0.7 ------------------------------------------------------
---------------------------------------------------------------------
The asn1-5.0.7 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-14440 Application(s): asn1
Related Id(s): ERIERL-220
A bug in ASN.1 BER decoding has been fixed. When
decoding a recursively enclosed term the length was not
propagated to that term decoding, so if the length of
the enclosed term was longer than the enclosing that
error was not detected.
A hard coded C stack limitation for decoding recursive
ASN.1 terms has been introduced. This is currently set
to 8 kWords giving a nesting depth of about 1000
levels. Deeper terms can not be decoded, which should
not be much of a real world limitation.
Full runtime dependencies of asn1-5.0.7: erts-7.0, kernel-3.0,
stdlib-2.0
---------------------------------------------------------------------
--- common_test-1.16.1 ----------------------------------------------
---------------------------------------------------------------------
The common_test-1.16.1 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15307 Application(s): common_test
The Logger handler cth_log_redirect earlier called the
report callback (report_cb) before calling the logger
formatter. In some cases this would fail, since
cth_log_redirect could not handle report callbacks with
two arguments. This is now corrected, so only the
formatter will call the report callback.
Full runtime dependencies of common_test-1.16.1: compiler-6.0,
crypto-3.6, debugger-4.1, erts-7.0, ftp-1.0.0, inets-6.0, kernel-4.0,
observer-2.1, runtime_tools-1.8.16, sasl-2.4.2, snmp-5.1.2, ssh-4.0,
stdlib-3.5, syntax_tools-1.7, tools-2.8, xmerl-1.3.8
---------------------------------------------------------------------
--- compiler-7.2.5 --------------------------------------------------
---------------------------------------------------------------------
The compiler-7.2.5 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15186 Application(s): compiler
Related Id(s): ERL-665
Fixed a bug that prevented certain variable-sized
binary comprehensions from compiling.
OTP-15188 Application(s): compiler
Related Id(s): ERL-658
When compiling from Core Erlang, funs created in
certain expressions that were only used for their
side-effects were subtly broken.
OTP-15218 Application(s): compiler
Related Id(s): ERL-684
There could be an internal consistency failure when a
receive was nested in a try/catch.
OTP-15219 Application(s): compiler
Related Id(s): ERL-689
In rare circumstances, the matched out tail of a binary
could be the entire original binary.
OTP-15227 Application(s): compiler
Related Id(s): ERL-699
When is_map_key/2 was used in a guard together with the
not/1 or or/2 operators, the error behavior could be
wrong when is_map_key/2 was passed a non-map as the
second argument.
In rare circumstances, compiling code that uses
is_map_key/2 could cause an internal consistency check
failure.
OTP-15235 Application(s): compiler
Related Id(s): ERL-703
The compiler could crash when compiling a function with
multiple receives in multiple clauses.
Full runtime dependencies of compiler-7.2.5: crypto-3.6, erts-9.0,
hipe-3.12, kernel-4.0, stdlib-2.5
---------------------------------------------------------------------
--- crypto-4.3.3 ----------------------------------------------------
---------------------------------------------------------------------
The crypto-4.3.3 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15212 Application(s): crypto
Related Id(s): ERL-675, PR1899, PR838
The RSA options rsa_mgf1_md, rsa_oaep_md, and
rsa_oaep_label were always disabled. They will now be
enabled when a suitable cryptolib is used.
They are still experimental and may change without
prior notice.
OTP-15283 Application(s): crypto
The ciphers aes_ige256 and blowfish_cbc had naming
issues in crypto:next_iv/2.
OTP-15303 Application(s): crypto
the RSA_SSLV23_PADDING is disabled if LibreSSL is used
as cryptlib. This is due to compilation problems.
This will be investigated further in the future.
--- Improvements and New Features ---
OTP-14717 Application(s): crypto
Related Id(s): OTP-15244
The supported named elliptic curves are now reported in
crypto:supports/0 in a new entry tagged by 'curves'.
The function crypto:ec_curves/0 is kept for
compatibility.
OTP-15134 Application(s): crypto, public_key
*** HIGHLIGHT ***
The typing in the CRYPTO and PUBLIC_KEY applications
are reworked and a few mistakes are corrected.
The documentation is now generated from the typing and
some clarifications are made.
A new chapter on Algorithm Details such as key sizes
and availability is added to the CRYPTO User's Guide.
OTP-15153 Application(s): crypto
Support for SHA3 both as a separate hash and in HMAC is
now available if OpenSSL 1.1.1 or higher is used as
cryptolib.
Available lengths are reported in the 'hashs' entry in
crypto:supports/0 as sha3_*.
OTP-15164 Application(s): crypto
Related Id(s): OTP-15209
The mac algorithm poly1305 and the cipher algorithm
chacha20 are now supported if OpenSSL 1.1.1 or higher
is used as cryptolib.
OTP-15240 Application(s): crypto
Related Id(s): OTP-15133
The key exchange Edward curves x25519 and x448 are now
supported if OpenSSL 1.1.1 or higher is used as
cryptolib.
OTP-15260 Application(s): crypto
The supported RSA options for sign/verify and
encrypt/decrypt are now reported in crypto:supports/0
in a new entry tagged by 'rsa_opts'.
The exakt set is still experimental and may change
without prior notice.
OTP-15286 Application(s): crypto
The cipher aes_ccm is added.
Full runtime dependencies of crypto-4.3.3: erts-9.0, kernel-5.3,
stdlib-3.4
---------------------------------------------------------------------
--- debugger-4.2.6 --------------------------------------------------
---------------------------------------------------------------------
The debugger-4.2.6 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of debugger-4.2.6: compiler-5.0, erts-9.0,
kernel-5.3, stdlib-3.4, wx-1.2
---------------------------------------------------------------------
--- dialyzer-3.3.1 --------------------------------------------------
---------------------------------------------------------------------
The dialyzer-3.3.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Improvements and New Features ---
OTP-15268 Application(s): dialyzer
Related Id(s): ERL-680
Optimize Dialyzer's handling of left-associative use of
andalso and orelse in guards.
Full runtime dependencies of dialyzer-3.3.1: compiler-7.0, erts-9.0,
hipe-3.16.1, kernel-5.3, stdlib-3.4, syntax_tools-2.0, wx-1.2
---------------------------------------------------------------------
--- diameter-2.1.6 --------------------------------------------------
---------------------------------------------------------------------
The diameter-2.1.6 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15198 Application(s): diameter
Related Id(s): ERIERL-213
Fix function_clause when sending an outgoing request
after DPA has been sent in response to an incoming DPR.
The caused the diameter_peer_fsm gen_server associated
with the peer connection to fail, which could then
result in the transport connection being reset before
the peer closed it upon reception of DPA.
Full runtime dependencies of diameter-2.1.6: erts-10.0, kernel-3.2,
ssl-9.0, stdlib-2.4
---------------------------------------------------------------------
--- edoc-0.9.4 ------------------------------------------------------
---------------------------------------------------------------------
The edoc-0.9.4 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of edoc-0.9.4: erts-6.0, inets-5.10,
kernel-3.0, stdlib-2.5, syntax_tools-1.6.14, xmerl-1.3.7
---------------------------------------------------------------------
--- eldap-1.2.5 -----------------------------------------------------
---------------------------------------------------------------------
The eldap-1.2.5 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of eldap-1.2.5: asn1-3.0, erts-6.0,
kernel-3.0, ssl-5.3.4, stdlib-2.0
---------------------------------------------------------------------
--- erl_docgen-0.8.1 ------------------------------------------------
---------------------------------------------------------------------
The erl_docgen-0.8.1 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-14406 Application(s): erl_docgen
Indexing for the online search function has been
corrected for CREF documents.
Full runtime dependencies of erl_docgen-0.8.1: edoc-0.7.13, erts-9.0,
stdlib-3.4, xmerl-1.3.7
---------------------------------------------------------------------
--- erl_interface-3.10.4 --------------------------------------------
---------------------------------------------------------------------
The erl_interface-3.10.4 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15161 Application(s): erl_interface
Related Id(s): ERIERL-191
Make ei_connect and friends also accept state
ok_simultaneous during handshake, which means the other
node has initiated a connection setup that will be
cancelled in favor of this connection.
OTP-15171 Application(s): erl_interface
Fixed bug in ei_receive_msg, ei_xreceive_msg,
ei_receive_msg_tmo and ei_xreceive_msg_tmo. The
x->index was set to entire buffer size instead of the
number of bytes actually received.
OTP-15191 Application(s): erl_interface
Fixed bug in ei_connect_init which could be provoked if
called by concurrent threads. ei_connect_init called
posix interface gethostbyname which is documented as
not thread safe.
OTP-15277 Application(s): erl_interface
Related Id(s): PR-1929
Fixed bug in erl_compare_ext() ignoring the tail of
lists of otherwise equal content. Example: [a | b] and
[a | c] compared equal and {[a], b} and {[a], c}
compared equal.
---------------------------------------------------------------------
--- erts-10.1 -------------------------------------------------------
---------------------------------------------------------------------
Note! The erts-10.1 application can *not* be applied independently of
other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependency has to be satisfied:
-- kernel-6.1 (first satisfied in OTP 21.1)
--- Fixed Bugs and Malfunctions ---
OTP-15038 Application(s): erts
Related Id(s): ERL-602
Fix the seq_trace token to not be cleared when a
process receives messages sent by erts. Some examples
of when this could happen is all port BIFs, i.e.
open_port, port_command etc etc.
Fix so that messages sent by nifs can be traced using
normal and seq_trace tracing.
OTP-15180 Application(s): erts
Related Id(s): ERL-648
Fixed specs and documentation for process_info item
monitored_by to include port identifiers and nif
resources as possible types.
OTP-15181 Application(s): erts
Fix bug in generation of erl_crash.dump, which could
cause VM to crash.
Bug exist since erts-9.2 (OTP-20.2).
OTP-15205 Application(s): erts
Fix bug where ctrl-break or ctrl-c would not trigger
the break mode properly on Windows. This bug was
introduced in erts-10.0 (OTP-21).
OTP-15206 Application(s): erts
Fix a performance bug for reception of UDP packages,
where a memory buffer would be reallocated when it
should not have been.
Introduce a limit on the maximum automatic increase of
the UDP user-space buffer to the theoretical max of the
network PATH, i.e. 65535.
OTP-15208 Application(s): erts
Related Id(s): ERL-677, PR-1897
Fix alignment of erts allocator state internally in
erts. With the improper alignment the emulator would
refuse to start when compiled with clang on 32-bit
systems.
OTP-15210 Application(s): erts
Fix bug where too many concurrent calls to
erlang:open_port({spawn,"cmd"},...) would result in the
emulator terminating with the reason "Failed to write
to erl_child_setup: ". After this fix the open_port
call will throw an emfile exception instead.
OTP-15217 Application(s): erts
Upgraded the ERTS internal PCRE library from version
8.41 to version 8.42. See
http://pcre.org/original/changelog.txt for information
about changes made to PCRE. This library implements
major parts of the re regular expressions module.
OTP-15236 Application(s): erts
Related Id(s): ERL-692
Fix open_port({fd,X,Y}, ...) to release the file
descriptors from the pollset when closing the port.
Without this fix the same file descriptor number could
not be reused when doing multiple open_port and
port_close sequences.
OTP-15276 Application(s): erts
Related Id(s): PR-1920
Fixed bug in float_to_list/2 and float_to_binary/2 with
options [{decimals,0},compact] causing totally wrong
results. Bug exists since OTP-21.0.
OTP-15278 Application(s): erts
Fixed bug in erlang:memory causing ets to report too
much. This small false memory leak (16 bytes each time)
can only happen when a specific race condition occurs
between scheduler threads on a table with option
write_concurrency.
OTP-15282 Application(s): erts
Minor configure test fixes
OTP-15297 Application(s): erts, kernel
Related Id(s): OTP-15279, OTP-15280
Improved robustness of distribution connection setup.
In OTP-21.0 a truly asynchronous connection setup was
introduced. This is further improvement on that work to
make the emulator more robust and also be able to
recover in cases when involved Erlang processes
misbehave.
--- Improvements and New Features ---
OTP-15145 Application(s): erts, kernel
Related Id(s): ERIERL-187
*** HIGHLIGHT ***
The socket options recvtos, recvttl, recvtclass and
pktoptions have been implemented in the socket modules.
See the documentation for the gen_tcp, gen_udp and inet
modules. Note that support for these in the runtime
system is platform dependent. Especially for pktoptions
which is very Linux specific and obsoleted by the RFCs
that defined it.
Full runtime dependencies of erts-10.1: kernel-6.1, sasl-3.0.1,
stdlib-3.5
---------------------------------------------------------------------
--- et-1.6.3 --------------------------------------------------------
---------------------------------------------------------------------
The et-1.6.3 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of et-1.6.3: erts-9.0, kernel-5.3,
runtime_tools-1.10, stdlib-3.4, wx-1.2
---------------------------------------------------------------------
--- eunit-2.3.7 -----------------------------------------------------
---------------------------------------------------------------------
The eunit-2.3.7 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of eunit-2.3.7: erts-9.0, kernel-5.3,
stdlib-3.4
---------------------------------------------------------------------
--- ftp-1.0.1 -------------------------------------------------------
---------------------------------------------------------------------
The ftp-1.0.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of ftp-1.0.1: erts-7.0, kernel-6.0,
stdlib-3.5
---------------------------------------------------------------------
--- hipe-3.18.1 -----------------------------------------------------
---------------------------------------------------------------------
The hipe-3.18.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of hipe-3.18.1: compiler-5.0, erts-9.3,
kernel-5.3, stdlib-3.4, syntax_tools-1.6.14
---------------------------------------------------------------------
--- inets-7.0.2 -----------------------------------------------------
---------------------------------------------------------------------
The inets-7.0.2 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15192 Application(s): inets
Enhance error handling, that is mod_get will return 403
if a path is a directory and not a file.
OTP-15241 Application(s): inets
Do not use chunked-encoding with 1xx, 204 and 304
responses when using mod_esi. Old behavior was not
compliant with HTTP/1.1 RFC and could cause clients to
hang when they received 1xx, 204 or 304 responses that
included an empty chunked-encoded body.
OTP-15242 Application(s): inets
Add robust handling of chunked-encoded HTTP responses
with an empty body (1xx, 204, 304). Old behavior could
cause the client to hang when connecting to a faulty
server implementation.
Full runtime dependencies of inets-7.0.2: erts-6.0, kernel-3.0,
mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5
---------------------------------------------------------------------
--- jinterface-1.9.1 ------------------------------------------------
---------------------------------------------------------------------
The jinterface-1.9.1 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
---------------------------------------------------------------------
--- kernel-6.1 ------------------------------------------------------
---------------------------------------------------------------------
Note! The kernel-6.1 application can *not* be applied independently
of other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependency has to be satisfied:
-- erts-10.1 (first satisfied in OTP 21.1)
--- Fixed Bugs and Malfunctions ---
OTP-15143 Application(s): kernel
The values all and none are documented as valid value
for the Kernel configuration parameter logger_level,
but would cause a crash during node start. This is now
corrected.
OTP-15162 Application(s): kernel
Related Id(s): ERIERL-191
Fix some potential buggy behavior in how ticks are sent
on inter node distribution connections. Tick is now
sent to c-node even if there are unsent buffered data,
as c-nodes need ticks in order to send reply ticks. The
amount of sent data was also calculated wrongly when
ticks were suppressed due to unsent buffered data.
OTP-15170 Application(s): kernel
Non semantic change in dist_util.erl to silence
dialyzer warning.
OTP-15182 Application(s): kernel
Related Id(s): ERL-643
Fixed net_kernel:connect_node(node()) to return true
(and do nothing) as it always has before OTP-21.0. Also
documented this successful "self connect" as the
expected behavior.
OTP-15228 Application(s): kernel
The single_line option on logger_formatter would in
some cases add an unwanted comma after the association
arrows in a map. This is now corrected.
OTP-15297 Application(s): erts, kernel
Related Id(s): OTP-15279, OTP-15280
Improved robustness of distribution connection setup.
In OTP-21.0 a truly asynchronous connection setup was
introduced. This is further improvement on that work to
make the emulator more robust and also be able to
recover in cases when involved Erlang processes
misbehave.
--- Improvements and New Features ---
OTP-15132 Application(s): kernel
A new macro, ?LOG(Level,...), is added. This is
equivalent to the existing ?LOG_<LEVEL>(...) macros.
A new variant of Logger report callback is added, which
takes an extra argument containing options for size
limiting and line breaks. Module proc_lib in STDLIB
uses this for crash reports.
Logger configuration is now checked a bit more for
errors.
OTP-15145 Application(s): erts, kernel
Related Id(s): ERIERL-187
*** HIGHLIGHT ***
The socket options recvtos, recvttl, recvtclass and
pktoptions have been implemented in the socket modules.
See the documentation for the gen_tcp, gen_udp and inet
modules. Note that support for these in the runtime
system is platform dependent. Especially for pktoptions
which is very Linux specific and obsoleted by the RFCs
that defined it.
OTP-15146 Application(s): kernel
Add logger:set_application_level/2 for setting the
logger level of all modules in one application.
Full runtime dependencies of kernel-6.1: erts-10.1, sasl-3.0,
stdlib-3.5
---------------------------------------------------------------------
--- megaco-3.18.4 ---------------------------------------------------
---------------------------------------------------------------------
The megaco-3.18.4 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of megaco-3.18.4: asn1-3.0, debugger-4.0,
erts-7.0, et-1.5, kernel-3.0, runtime_tools-1.8.14, stdlib-2.5
---------------------------------------------------------------------
--- mnesia-4.15.5 ---------------------------------------------------
---------------------------------------------------------------------
The mnesia-4.15.5 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15201 Application(s): mnesia
Related Id(s): PR-1881
Fixed type spec for mnesia:change_config/2.
OTP-15221 Application(s): mnesia
Related Id(s): ERIERL-217
When master node is set do not force a load from
ram_copies replica when there are no available
disc_copies, since that would load an empty table. Wait
until a disk replica is available or until user
explicitly force_loads the table.
OTP-15226 Application(s): mnesia
Related Id(s): ERIERL-221
Allow to add replicas even if all other replicas are
down when the other replicas are not stored on disk.
OTP-15231 Application(s): mnesia
Related Id(s): PR-1858
Fixed mnesia:delete_object/1 bug, where delete_object
was deleting the record if it was written in the same
transaction even if it was written to a different
value.
OTP-15243 Application(s): mnesia
Fixed a bug where the bag table index data was not
deleted when objects were deleted.
Full runtime dependencies of mnesia-4.15.5: erts-9.0, kernel-5.3,
stdlib-3.4
---------------------------------------------------------------------
--- observer-2.8.1 --------------------------------------------------
---------------------------------------------------------------------
The observer-2.8.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of observer-2.8.1: erts-7.0, et-1.5,
kernel-3.0, runtime_tools-1.8.14, stdlib-3.5, wx-1.2
---------------------------------------------------------------------
--- odbc-2.12.2 -----------------------------------------------------
---------------------------------------------------------------------
The odbc-2.12.2 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of odbc-2.12.2: erts-6.0, kernel-3.0,
stdlib-2.0
---------------------------------------------------------------------
--- os_mon-2.4.6 ----------------------------------------------------
---------------------------------------------------------------------
The os_mon-2.4.6 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of os_mon-2.4.6: erts-6.0, kernel-3.0,
mnesia-4.12, otp_mibs-1.0.9, sasl-2.4, snmp-4.25.1, stdlib-2.0
---------------------------------------------------------------------
--- otp_mibs-1.2.1 --------------------------------------------------
---------------------------------------------------------------------
The otp_mibs-1.2.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of otp_mibs-1.2.1: erts-6.0, kernel-3.0,
mnesia-4.12, snmp-4.25.1, stdlib-2.0
---------------------------------------------------------------------
--- parsetools-2.1.8 ------------------------------------------------
---------------------------------------------------------------------
The parsetools-2.1.8 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of parsetools-2.1.8: erts-6.0, kernel-3.0,
stdlib-2.5
---------------------------------------------------------------------
--- public_key-1.6.2 ------------------------------------------------
---------------------------------------------------------------------
The public_key-1.6.2 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15284 Application(s): public_key
Removed #DSAPrivateKey{} as acceptable input to
public_key:verify/5.
--- Improvements and New Features ---
OTP-15134 Application(s): crypto, public_key
*** HIGHLIGHT ***
The typing in the CRYPTO and PUBLIC_KEY applications
are reworked and a few mistakes are corrected.
The documentation is now generated from the typing and
some clarifications are made.
A new chapter on Algorithm Details such as key sizes
and availability is added to the CRYPTO User's Guide.
Full runtime dependencies of public_key-1.6.2: asn1-3.0, crypto-3.8,
erts-6.0, kernel-3.0, stdlib-3.5
---------------------------------------------------------------------
--- reltool-0.7.7 ---------------------------------------------------
---------------------------------------------------------------------
The reltool-0.7.7 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of reltool-0.7.7: erts-7.0, kernel-3.0,
sasl-2.4, stdlib-3.4, tools-2.6.14, wx-1.2
---------------------------------------------------------------------
--- runtime_tools-1.13.1 --------------------------------------------
---------------------------------------------------------------------
The runtime_tools-1.13.1 application can be applied independently of
other applications on a full OTP 21 installation.
--- Improvements and New Features ---
OTP-15163 Application(s): runtime_tools
Related Id(s): PR-1844
Optimize observer by using new system_info(ets_count)
instead of more expensive length(ets:all()).
Full runtime dependencies of runtime_tools-1.13.1: erts-8.0,
kernel-5.0, mnesia-4.12, stdlib-3.0
---------------------------------------------------------------------
--- sasl-3.2.1 ------------------------------------------------------
---------------------------------------------------------------------
The sasl-3.2.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of sasl-3.2.1: erts-9.0, kernel-5.3,
stdlib-3.4, tools-2.6.14
---------------------------------------------------------------------
--- snmp-5.2.12 -----------------------------------------------------
---------------------------------------------------------------------
The snmp-5.2.12 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15287 Application(s): snmp
Related Id(s): ERIERL-206
Conversion of (agent) Audit Trail Log (ATL) failed due
to invalid log entries.
The conversion aborted completely midway because the
ATL contained invalid entries. The conversion has been
improved so that it now firstly handles encountered
errors and write an informative message (into the
converted stream) and secondly keeps count of the
number of successful or failed entry conversions. See
log_to_txt for more info.
The reason the ATL contained invalid entries have also
been fixed. The reason was that for some outgoing
messages (not response):
-- encrypted (v3 messages)
Was logged "as is" (encrypted) without the info to
decrypt, making conversion impossible (which was the
reason the log contained bad entries).
-- un-encrypted
Was not logged at all.
OTP-15290 Application(s): snmp
[compiler] Spurious version message removed. The snmp
mib compiler printed an spurious version message if the
'version' option was provided.
Full runtime dependencies of snmp-5.2.12: crypto-3.3, erts-6.0,
kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-2.5
---------------------------------------------------------------------
--- ssh-4.7.1 -------------------------------------------------------
---------------------------------------------------------------------
The ssh-4.7.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Improvements and New Features ---
OTP-15020 Application(s): ssh
Extended the undocumented ssh_dbg debug module with an
api for a circular trace buffer. This makes it easy to
record the last low-level events before an error is
detected. It is intended for solving difficult errors.
OTP-15133 Application(s): ssh
Related Id(s): OTP-15240
*** HIGHLIGHT ***
The key exchange methods
'curve25519-sha256@libssh.org', 'curve25519-sha256' and
'curve448-sha512' are implemented. The last two are
defined in
https://tools.ietf.org/html/draft-ietf-curdle-ssh-curves
They all depends on that OpenSSL 1.1.1 or higher is
used as cryptolib.
OTP-15209 Application(s): ssh
Related Id(s): OTP-15164
*** HIGHLIGHT ***
The cipher 'chacha20-poly1305@openssh.com' is now
supported if OpenSSL 1.1.1 or higher is used as
cryptolib.
Full runtime dependencies of ssh-4.7.1: crypto-4.2, erts-6.0,
kernel-3.0, public_key-1.5.2, stdlib-3.3
---------------------------------------------------------------------
--- ssl-9.0.2 -------------------------------------------------------
---------------------------------------------------------------------
The ssl-9.0.2 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15122 Application(s): ssl
Use separate processes for sending and receiving
application data for TLS connections to avoid potential
deadlock that was most likely to occur when using TLS
for Erlang distribution. Note does not change the API.
OTP-15168 Application(s): ssl
Correct handling of empty server SNI extension
OTP-15172 Application(s): ssl
Correct PSK cipher suite handling and add
selected_cipher_suite to connection information
OTP-15173 Application(s): ssl
Adopt to the fact that cipher suite sign restriction
are relaxed in TLS-1.2
OTP-15174 Application(s): ssl
Enhance error handling of non existing PEM files
OTP-15216 Application(s): ssl
Correct close handling of transport accepted sockets in
the error state
OTP-15224 Application(s): ssl
Correct PEM cache to not add references to empty
entries when PEM file does not exist.
OTP-15285 Application(s): ssl
Correct handling of all PSK cipher suites
Before only some PSK suites would be correctly
negotiated and most PSK ciphers suites would fail the
connection.
--- Improvements and New Features ---
OTP-12983 Application(s): ssl
TLS will now try to order certificate chains if they
appear to be unordered. That is prior to TLS 1.3,
тАЬcertificate_listтАЭ ordering was required to be strict,
however some implementations already allowed for some
flexibility. For maximum compatibility, all
implementations SHOULD be prepared to handle
potentially extraneous certificates and arbitrary
orderings from any TLS version.
OTP-15060 Application(s): ssl
TLS will now try to reconstructed an incomplete
certificate chains from its local CA-database and use
that data for the certificate path validation. This
especially makes sense for partial chains as then the
peer might not send an intermediate CA as it is
considered the trusted root in that case.
OTP-15193 Application(s): ssl
Option keyfile defaults to certfile and should be
trumped with key. This failed for engine keys.
OTP-15234 Application(s): ssl
Error message improvement when own certificate has
decoding issues, see also issue ERL-668.
OTP-15281 Application(s): ssl
Correct dialyzer spec for key option
Full runtime dependencies of ssl-9.0.2: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.5, stdlib-3.5
---------------------------------------------------------------------
--- stdlib-3.6 ------------------------------------------------------
---------------------------------------------------------------------
The stdlib-3.6 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15252 Application(s): stdlib
Related Id(s): ERL-667
The specs of filename:basedir/2,3 are corrected.
--- Improvements and New Features ---
OTP-15253 Application(s): stdlib
Related Id(s): ERL-55, OTP-13229
Let dets:open_file() exit with a badarg message if
given a raw file name (a binary).
OTP-15304 Application(s): stdlib
The Format argument of the formatting functions in
modules io and io_lib is accepted even if it is, for
example, a list of binaries. This is how it used to be
before Erlang/OTP 21.0.
Full runtime dependencies of stdlib-3.6: compiler-5.0, crypto-3.3,
erts-10.0, kernel-6.0, sasl-3.0
---------------------------------------------------------------------
--- syntax_tools-2.1.6 ----------------------------------------------
---------------------------------------------------------------------
The syntax_tools-2.1.6 application can be applied independently of
other applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15207 Application(s): syntax_tools
Related Id(s): PR-1888
Fix the TypeName type in erl_syntax_lib.
OTP-15291 Application(s): syntax_tools
Related Id(s): ERL-719
Correct unfolding of the stacktrace variable.
OTP-15294 Application(s): syntax_tools
Correct erl_syntax:revert/1 bug regarding the types
map() and tuple().
--- Improvements and New Features ---
OTP-15165 Application(s): syntax_tools
Related Id(s): PR-1842
Support bitstrings as literals in module erl_syntax.
Full runtime dependencies of syntax_tools-2.1.6: compiler-7.0,
erts-9.0, kernel-5.0, stdlib-3.4
---------------------------------------------------------------------
--- tftp-1.0.1 ------------------------------------------------------
---------------------------------------------------------------------
The tftp-1.0.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of tftp-1.0.1: kernel-6.0, stdlib-3.5
---------------------------------------------------------------------
--- tools-3.0.1 -----------------------------------------------------
---------------------------------------------------------------------
The tools-3.0.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Improvements and New Features ---
OTP-15213 Application(s): tools
Related Id(s): PR-1807
The HTML pages generated by cover:analyse_to_file/1 and
related functions is improved for readability.
OTP-15239 Application(s): tools
Related Id(s): PR-1728
Add alignment functionality in emacs.
Full runtime dependencies of tools-3.0.1: compiler-5.0, erts-9.1,
kernel-5.4, runtime_tools-1.8.14, stdlib-3.4
---------------------------------------------------------------------
--- wx-1.8.5 --------------------------------------------------------
---------------------------------------------------------------------
The wx-1.8.5 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15230 Application(s): wx
Related Id(s): PR-1860
Fixed compilation warning on Darwin.
Full runtime dependencies of wx-1.8.5: erts-6.0, kernel-3.0,
stdlib-2.0
---------------------------------------------------------------------
--- xmerl-1.3.18 ----------------------------------------------------
---------------------------------------------------------------------
The xmerl-1.3.18 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15190 Application(s): debugger, edoc, eldap, et, eunit, ftp,
hipe, jinterface, megaco, observer, odbc, os_mon,
otp_mibs, parsetools, reltool, sasl, tftp, xmerl
Improved documentation.
Full runtime dependencies of xmerl-1.3.18: erts-6.0, kernel-3.0,
stdlib-2.5
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
08 Nov 2018, PHP 7.2.12
- Core:
. Fixed bug #76846 (Segfault in shutdown function after memory limit error).
(Nikita)
. Fixed bug #76946 (Cyclic reference in generator not detected). (Nikita)
. Fixed bug #77035 (The phpize and ./configure create redundant .deps file).
(Peter Kokot)
. Fixed bug #77041 (buildconf should output error messages to stderr)
(Mizunashi Mana)
- Date:
. Upgraded timelib to 2017.08. (Derick)
. Fixed bug #75851 (Year component overflow with date formats "c", "o", "r"
and "y"). (Adam Saponara)
. Fixed bug #77007 (fractions in `diff()` are not correctly normalized).
(Derick)
- FCGI:
. Fixed#76948 (Failed shutdown/reboot or end session in Windows). (Anatol)
. Fixed bug #76954 (apache_response_headers removes last character from header
name). (stodorovic)
- FTP:
. Fixed bug #76972 (Data truncation due to forceful ssl socket shutdown).
(Manuel Mausz)
- intl:
. Fixed bug #76942 (U_ARGUMENT_TYPE_MISMATCH). (anthrax at unixuser dot org)
- Reflection:
. Fixed bug #76936 (Objects cannot access their private attributes while
handling reflection errors). (Nikita)
. Fixed bug #66430 (ReflectionFunction::invoke does not invoke closure with
object scope). (Nikita)
- Sodium:
. Some base64 outputs were truncated; this is not the case any more.
(jedisct1)
. block sizes >= 256 bytes are now supposed by sodium_pad() even
when an old version of libsodium has been installed. (jedisct1)
. Fixed bug #77008 (sodium_pad() could read (but not return nor write)
uninitialized memory when trying to pad an empty input). (jedisct1)
- Standard:
. Fixed bug #76965 (INI_SCANNER_RAW doesn't strip trailing whitespace).
(Pierrick)
- Tidy:
. Fixed bug #77027 (tidy::getOptDoc() not available on Windows). (cmb)
- XML:
. Fixed bug #30875 (xml_parse_into_struct() does not resolve entities). (cmb)
. Add support for getting SKIP_TAGSTART and SKIP_WHITE options. (cmb)
- XMLRPC:
. Fixed bug #75282 (xmlrpc_encode_request() crashes). (cmb)
go1.11.2 (released 2018/11/02) includes fixes to the compiler, linker,
documentation, go command, and the database/sql and go/types packages. See the
Go 1.11.2 milestone on our issue tracker for details.
go1.10.5 (released 2018/11/02) includes fixes to the go command, linker,
runtime and the database/sql package. See the Go 1.10.5 milestone on our issue
tracker for details.
SunOS now needs -D_POSIX_PTHREAD_SEMANTICS and a patch to the rand module
to work around getrandom() system call failures.
Add -j argument to x.py for the number of make jobs.
Upstream changes:
Language
* Procedural macros are now available. These kinds of macros allow
for more powerful code generation. There is a new chapter available
in the Rust Programming Language book that goes further in depth.
* You can now use keywords as identifiers using the raw identifiers
syntax (r#), e.g. let r#for = true;
* Using anonymous parameters in traits is now deprecated with a
warning and will be a hard error in the 2018 edition.
* You can now use crate in paths. This allows you to refer to the
crate root in the path, e.g. use crate::foo; refers to foo in
src/lib.rs.
* Using a external crate no longer requires being prefixed with
::. Previously, using a external crate in a module without a
use statement required let json = ::serde_json::from_str(foo);
but can now be written as let json = serde_json::from_str(foo);.
* You can now apply the #[used] attribute to static items to
prevent the compiler from optimising them away, even if they
appear to be unused, e.g. #[used] static FOO: u32 = 1;
* You can now import and reexport macros from other crates with
the use syntax. Macros exported with #[macro_export] are now
placed into the root module of the crate. If your macro relies
on calling other local macros, it is recommended to export with
the #[macro_export(local_inner_macros)] attribute so users won't
have to import those macros.
* You can now catch visibility keywords (e.g. pub, pub(crate)) in
macros using the vis specifier.
* Non-macro attributes now allow all forms of literals, not just
strings. Previously, you would write #[attr("true")], and you
can now write #[attr(true)].
* You can now specify a function to handle a panic in the Rust
runtime with the #[panic_handler] attribute.
Compiler
* Added the riscv32imc-unknown-none-elf target.
* Added the aarch64-unknown-netbsd target
Libraries
* ManuallyDrop now allows the inner type to be unsized.
Stabilized APIs
* Ipv4Addr::BROADCAST
* Ipv4Addr::LOCALHOST
* Ipv4Addr::UNSPECIFIED
* Ipv6Addr::LOCALHOST
* Ipv6Addr::UNSPECIFIED
* Iterator::find_map
* The following methods are replacement methods for trim_left,
trim_right, trim_left_matches, and trim_right_matches, which
will be deprecated in 1.33.0:
* str::trim_end_matches
* str::trim_end
* str::trim_start_matches
* str::trim_start
Cargo
* cargo run doesn't require specifying a package in workspaces.
* cargo doc now supports --message-format=json. This is equivalent
to calling rustdoc --error-format=json.
* Cargo will now provide a progress bar for builds.
Misc
* rustdoc allows you to specify what edition to treat your code
as with the --edition option.
* rustdoc now has the --color (specify whether to output color)
and --error-format (specify error format, e.g. json) options.
* We now distribute a rust-gdbgui script that invokes gdbgui with
Rust debug symbols.
* Attributes from Rust tools such as rustfmt or clippy are now
available, e.g. #[rustfmt::skip] will skip formatting the next
item.
Pkgsrc changest:
* Explicitly list bootstrap kit version number for each kit we carry,
so that one entry's version doesn't "bleed into" following kits.
* Tweak for handling "earmv7hf" CPU type for NetBSD in the bootstrap.py
script
* Add two patches from Debian for sparc64; rust would generate code
generating unaligned accesses, causing SIGBUS on sparc64
* Update most of the bootstrap kits to version 1.29.2; need minimum
1.29.0 to build 1.30.0.
* Rust regrettably doesn't build for powerpc or earmv7hf in this version,
most probably due to "char" being "unsigned char" on these platforms.
Ref. https://github.com/rust-lang/rust/issues/55465
Upstream changes:
* Workaround for an aliasing-related LLVM bug, which caused miscompilation.
* The rls-preview component on the windows-gnu targets has been restored.
Pkgsrc changes:
* More commented-out settings for cross builds on NetBSD.
* Bump bootstrap kit versions to 1.29.2 for powerpc, sparc64
and earm7hf. Anyone up for testing for earm7hf?
* Because the built-in versions of libgit2, libssh2 and curl
can no longer be built with the pkgsrc-provided headers for
those packages (due to version skew; the built-in versions
have been updated to un-released newer code), the buildlink3.mk
files for those packages have been commented out.
* Similarly, to avoid using the native pkgsrc host's headers when cross-
building, the gcc-wrap script has been adjusted to also re-point
/usr/pkg/include into the destination's root (where those above pacakges
are not to be installed).
* Also have the gcc-wrap script deal with "-I dir" style directives,
and re-point these also into the destination's root.
* One patch has been integrated upstream, so removed here.
- Move GO_PLATFORM definition in lang/go/version.mk in order that also lang/go*
packages can (re)use it
- Change PRINT_PLIST_AWK pattern that replace all ${GO_PLATFORM} and apply it
only when ${GO_PLATFORM} is a directory (between two "/"). There are only
3 exceptions to that in lang/go14.
Move it to version.mk so lang/go* PLIST can be mostly automatically
generated.
These changes should help to avoid (most) manual editing of
lang/go*/PLIST.
Discussed with and thanks to <bsiegert>!
While it is debatable whether we want to have this definition upstream,
this is very necessary in the package for the purpose of building
www/firefox once it is updated to 63.0.
This is because netbsd's base libstdc++ has some __float128 in headers
and otherwise we get fatal errors in clang builds, or in firefox's case,
when generating bindings for Rust via clang.
PR toolchain/53679
Bump PKGREVISION.
This is necessary for firefox 63.0
This project can be used to generate C bindings for Rust code.
It is currently being developed to support creating bindings for WebRender,
but has been designed to support any project.
Changes:
3.7.1
-----
Documentation
=============
- bpo-32174: chm document displays non-ASCII charaters properly on some
MBCS Windows systems.
- bpo-34790: Document how passing coroutines to asyncio.wait() can be
confusing.
- bpo-28617: Fixed info in the stdtypes docs concerning the types that
support membership tests.
- bpo-34065: Fix wrongly written basicConfig documentation markup syntax
- bpo-33460: replaced ellipsis with correct error codes in tutorial
chapter 3.
- bpo-33847: Add `@' operator entry to index.
- bpo-25041: Document AF_PACKET in the socket module.
Changes:
3.6.7
-----
Documentation
=============
- bpo-32174: chm document displays non-ASCII charaters properly on some
MBCS Windows systems.
- bpo-28617: Fixed info in the stdtypes docs concerning the types that
support membership tests.
- bpo-34065: Fix wrongly written basicConfig documentation markup syntax
- bpo-33847: Add `@' operator entry to index.
- bpo-25041: Document AF_PACKET in the socket module.
Notable changes in Python 3.7.1
Starting in 3.7.1, Py_Initialize() now consistently reads and respects all of the same environment settings as Py_Main() (in earlier Python versions, it respected an ill-defined subset of those environment variables, while in Python 3.7.0 it didn’t read any of them due to bpo-34247). If this behavior is unwanted, set Py_IgnoreEnvironmentFlag to 1 before calling Py_Initialize().
In 3.7.1 the C API for Context Variables was updated to use PyObject pointers.
xml.dom.minidom and xml.sax modules no longer process external entities by default.
This was previously Darwin-only but I ran into the same situation when
building finance/gnucash on NetBSD. /usr/pkg/bin/python happened to be
2.7, but it was used instead of python3.7, leading to a build failure.
This commit fixes that.
Ruby 2.3.8 Released
Ruby 2.3.8 has been released. This release includes several security
fixes. Please check the topics below for details.
* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives
* CVE-2018-16395: OpenSSL::X509::Name equality check does not work
correctly This release also includes a non-security fix to support
Visual Studio 2014 with Windows 10 October 2018 Update for
maintenance reasons.
Ruby 2.3 is now under the state of the security maintenance phase,
until the end of the March of 2019. After the date, maintenance of
Ruby 2.3 will be ended. We recommend you start planning migration to
newer versions of Ruby, such as 2.5 or 2.4.
Ruby 2.5.2 Released
Ruby 2.5.2 has been released.
This release includes some bug fixes and some security fixes.
* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives
* CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
There are also some bug fixes. See commit logs for more details.
Ruby 2.5.3 Released
Ruby 2.5.3 has been released.
There were some missing files in the release packages of 2.5.2 which are
necessary for building. See details in [Bug #15232].
This release is just for fixing the packaging issue. This release doesn’t
contain any additional bug fixes from 2.5.2.
Ruby 2.4.5 Released
Ruby 2.4.5 has been released.
This release includes about 40 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.
* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives
* CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
See the commit logs for details.
- Due custom do-{build,test,install} UNLIMIT_RESOURCES were not honored leading
to:
//slurp-ucd
*** - No more room for LISP objects
errors. Adjust these target to honor UNLIMIT_RESOURCES.
- sbcl does not work with PaX MPROTECT because mmap()s by OR'ing all
PROT_{EXEC,READ,WRITE}. Unfortunately src/runtime/sbcl is also
used as part of building needing also `${PAXCTL} +m' in the middle
of the build.
Introduce an SBCL_PAXCTL variable (by default `:') via
patch-src_runtime_GNUmakefile that execute a program against src/runtime/sbcl
and define it for platforms that have a paxctl tool.
Mark bin/sbcl with NOT_PAX_MPROTECT_SAFE too.
- Refactor the environment variables injection logic in do-{build,test,install}
to honor MAKE_ENV and INSTALL_ENV.
- Minor mostly cosmetic adjustments (use ${RM}, not rm)
Bump PKGREVISION
MacOS before 10.13 lacks the POSIX-required clock_gettime(), and fails
to build some "instrumented runtime" files. Conditionalize the PLIST
and avoid expecting these on older MacOS.
Based almost entirely on a patch from Ryo Kogule on tech-pkg@, with
minor munging by me.
Prepare wrapper script handling for use of clang (not yet fully verified).
Adjust the cross-compiler wrapper script to improve the handling
when used as the linker:
* Insert "linker tweaks" before first -L or -l
* Handle "-L arg" style as well as "-Larg"
* Add "-Wl,-rpath-link" to the linker tweaks just to be sure...
Bump PKGREVISION.
Patch provided by dziltener via PR pkg/52929, thanks!
Changes:
4.13.0
- Security fixes
- CVE-2017-6949: Remove unchecked malloc() call in SRFI-4 constructors
when allocating in non-GC memory, resulting in potential 1-word
buffer overrun and/or segfault (thanks to Lemonboy).
- CVE-2017-9334: `length' no longer crashes on improper lists (fixes
#1375, thanks to "megane").
- CVE-2017-11343: The randomization factor of the symbol table was
set before the random seed was set, causing it to have a fixed value
on many platforms.
- Core Libraries
- Unit "posix": If file-lock, file-lock/blocking or file-unlock are
interrupted by a signal, we now retry (thanks to Joerg Wittenberger).
- char-ready? on string ports now also returns #t at EOF, as per R5RS;
in other words, it always returns #t (thanks to Moritz Heidkamp)
- Unit srfi-4: Fixed typo that broke SRFI-17 generalised set! syntax
on s8vectors (thanks to Kristian Lein-Mathisen).
- Large literals no longer crash with "invalid encoded numeric literal"
on mingw-64 (#1344, thanks to Lemonboy).
- Unit irregex: Fix bug that prevented multibyte UTF-8 character sets
from being matched correctly (Thanks to Lemonboy and Chunyang Xu).
- Runtime system:
- The profiler no longer uses malloc from a signal handler which may
cause deadlocks (#1414, thanks to Lemonboy).
- The scheduler no longer indirectly hangs on to the old thread
when switching to a new one, which caused excessive memory
consumption (#1367, thanks to "megane").
- C++ programs no longer fail with a symbol lookup error when
compiled with debugger support (-d3 or -debug-info).
- Syntax expander
- Renaming an identifier twice no longer results in an undo of the
rename (fixes#1362, thanks to "megane").
- Build system
- Fixed broken compilation on NetBSD, due to missing _NETBSD_SOURCE.
- Fixed compilation on DragonflyBSD due to no feature macro support
in its standard C library (thanks to Markus Pfeiffer).
- Compiler
- The scrutinizer no longer uses 'fixnum as the type for fixnums
that might not fit into a fixnum on 32-bit architectures.
- Foreign function interface
- Correctly calculate memory requirements of Scheme objects produced
from foreign types with "const" qualifiers, avoiding memory
corruption (#1424, thanks to Vasilij Schneidermann and Lemonboy)
- Do not read beyond temporary stack buffer, which could lead to
a crash when returning from a foreign callback (#1428).
4.12.0
- Security fixes
- CVE-2016-6830: Fix buffer overrun due to excessively long argument
or environment lists in process-execute and process-spawn (#1308).
This also removes unnecessary limitations on the length of
these lists (thanks to Vasilij Schneidermann).
- CVE-2016-6831: Fix memory leak in process-execute and
process-spawn. If, during argument and environment list
processing, a list item isn't a string, an exception is thrown,
in which case previously malloc()ed strings weren't freed.
- CVE-2016-9954: Irregex has been updated to 0.9.6, which fixes
an exponential explosion in compilation of nested "+" patterns.
- Compiler:
- define-constant now correctly keeps symbol values quoted.
- Warnings are now emitted when using vector-{ref,set!} or one
of take, drop, list-ref or list-tail with an out of range index
for vectors and proper lists of a definitely known length.
- The scrutinizer will no longer drop knowledge of the length of a
vector. It still drops types of its contents (which may be mutated).
- Fixed incorrect argvector restoration after GC in directly
recursive functions (#1317).
- "Direct" procedure invocations now also maintain debug info (#894).
- Syntax expander
- DSSSL lambda lists have improved hygiene, so they don't need
the chicken or scheme modules to be imported in full (#806).
- The let-optionals* macro no longer needs "quote", "car" and "cdr"
to be imported and bound to their default values (#806).
- Runtime system:
- C_locative_ref has been deprecated in favor of C_a_i_locative_ref,
which is faster because it is inlined (#1260, thanks to Kooda).
- The default error handler now truncates very long condition
messages (thanks to Lemonboy).
- Weak symbol GC (-:w) no longer drops random symbols (#1173).
- The number of arguments to procedures, both via "apply" and direct
invocation, are now limited only by the C stack size (#1098).
- "time" macro now shows peak memory usage (#1318, thanks to Kooda).
- Avoid crashes in ffi callbacks after GC (#1337, thanks to cosarara).
- Core libraries:
- Irregex has been updated to 0.9.5, which fixes matching of all "bow"
occurrances beyond the first with irregex-fold (upstream issue #14).
- Keywords are more consistently read/written, like symbols (#1332).
- SRFI-39: When jumping out of a parameterized dynamic extent,
"parameterize" now remember the actual values, so when jumping back
in, they are restored (fixes#1336, thanks to Joo ChurlSoo).
This was a regression caused by the fix for #1227.
- Tools:
- "chicken-install"
- When installing eggs in deploy mode with "-keep-installed", eggs
under the prefix won't unnecessarily be reinstalled (#1144).
- Added new option "-no-install-deps" which inhibits automatic
installation of dependencies, useful with "-prefix" (#1298).
point to the bootstrap kit for NetBSD/powerpc I'm hosting at the
moment.
Also add the bits I used when cross-building the NetBSD/powerpc
rust on amd64, commented out, as well as the gcc / c++ wrapper
script I used in the process.
The changes affecting other ports are:
* We now add LD_LIBRARY_PATH in the make environment, so that
if the bootstrap kit binaries and shared libraries don't have
the $ORIGIN-style RPATH entries, it will still work
* The bootstrap.py script has been changed to turn off the
generation of debuginfo in "RUSTFLAGS"; for some so far unknown
reason, the NetBSD/powerpc rust will not build if you ask for
debug info. This could perhaps have been made OS-variant dependent,
but isn't at the moment.
So .. bump PKGREVISION.
Bumping buildlink3.mk required because the reporter mentions having
to do this because of a time-consuming incompatibility in p6-zip.
Unclear if the packages are independent, so updating together.
No changelog found.
From tomasz motyl in PR pkg/53663
Don't inline push with more than 1 argument
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process.
Bump PKGREVISION
go1.11.1 (released 2018/10/01) includes fixes to the compiler, documentation,
go command, runtime, and the crypto/x509, encoding/json, go/types, net,
net/http, and reflect packages. See the Go 1.11.1 milestone on our issue
tracker for details.
Also correct the PLIST and use ln -sf instead of ln -s.
Changelog:
What’s new in 0.19.0
The nil state for strings/seqs is gone. Instead the default value for these is "" / @[]. Use --nilseqs:on for a transition period. This eliminates a large class of bugs that used to plague the average Nim code out there, including Nim’s standard library.
Accessing the binary zero terminator in Nim’s native strings is now invalid. Internally a Nim string still has the trailing zero for zero-copy interoperability with cstring. Compile your code with the new switch --laxStrings:on if you need a transition period.
These changes to strings and seqs give us more flexibility in how they are implemented and indeed alternative implementations are in development.
experimental is now a pragma and a command line switch that can enable specific language extensions, it is not an all-or-nothing switch anymore. We think this leads to a more robust development process where it’s clearly documented which parts of Nim are bleeding edge and which parts can be relied upon.
Other notable language additions:
Dot calls combined with explicit generic instantiations can now be written as x.y[:z] which is transformed into y[z](x) by the parser.
func is now an alias for proc {.noSideEffect.}.
Anonymous tuples with a single element can now be written as (1,) with a trailing comma.
In order to make for loops and iterators more flexible to use Nim now supports so called “for-loop macros”. See the manual for more details. This feature enables a Python-like generic enumerate implementation.
Case statements can now be rewritten via macros. See the manual for more information. This feature enables custom pattern matching.
The command syntax now supports keyword arguments after the first comma.
Thread-local variables can now be declared inside procs. This implies all the effects of the global pragma.
Nim now supports the except clause in the export statement.
Range float types, example range[0.0 .. Inf]. More details in language manual.
Breaking changes to be mindful of
The default location of nimcache for the native code targets was changed. Read the compiler user guide for more information.
Lots of deprecated symbols in the standard library that have been deprecated for quite some time now like system.expr or the old type aliases starting with a T or P prefix have been removed.
The exception hierarchy was slightly reworked, SystemError was renamed to CatchableError and is the new base class for any exception that is guaranteed to be catchable. This change should have minimal impact on most existing Nim code.
Async improvements
The “closure iterators” that Nim’s async macro is based on has been rewritten from the ground up and so async works completely with exception handling. Finally it is possible to use await in a try statement!
Nimble 0.9.0
This release includes a brand new version of Nimble. The new version contains a breaking change which you should read up on if you own hybrid packages. There are also the usual bug fixes and this release contains a lot of them.
The standard library's str::repeat function contained an out of bounds
write caused by an integer overflow. This has been fixed by
deterministically panicking when an overflow happens.
Replacements: the versioned lang/go19, lang/go110 and lang/go111.
Nothing in pkgsrc directly depends on this anymore. There are a few
stragglers in wip, which will be fixed.
5.1.0 - 2018-05-30
Added
* (.NET) - Better .NET Core support
* Support for Aragonese (#298 danilat)
* (C) build a shared libgherkin.so library which allows Gherkin to be used as
a library. (Cucumber.ml currently uses this.) (cucumber/gherkin-c#6 cyocum)
Changed
* Pass the content type of a docstring down into its pickle string form (#292
rjwittams)
* Fixed Russian equivalents of Given and Then. (#369 cerebellum13)
Fixed
* (C) Segfault when file does not exist (#394#395 cyocum)
* (JavaScript) (#374#377 charlierudolph)
* (Ruby, JavaScript) Remove berp.exe from packages (#289 aslakhellesoy)
* (Go) fixes validation for go vet tool on latest versions (#330 l3pp4rd)
* (Ruby) removed unneeded files from the gem
1.10.6 (2018-08-22 15:11 UTC)
Changelog:
* PR #70: Fix notice undefined variable metadata_dir
* PR #71: fix Warning: count(): Parameter must be an array or an object
* PR #74: Bug #23744 Remove is_executable check
* Bug #23744: The is_executable check in the Which method when run on Windows
is unnecessary
* PR #75: Migrate old while(list() = each()) constructs to foreach
* PR #76: Fix PHP Warning: "continue" targeting switch is equivalent to
"break"
* PR #77: proxy server auth
* PR #72: Correctly authenticate at proxy server
* PR #78: array or Countable error in 7.2
This moves builds of packages using Go off the unversioned lang/go package
and onto Go 1.11 or Go 1.9 (on NetBSD 6) by default.
There is a new, user-settable variable GO_VERSION_DEFAULT.
NOTE: not all Go packages completely implement this yet. For example,
net/syncthing does its own thing. This will be fixed.
A native Python cross-version decompiler and fragment decompiler. The successor
to decompyle, uncompyle, and uncompyle2.
uncompyle6 translates Python bytecode back into equivalent Python source code.
It accepts bytecodes from Python version 1.3 to version 3.7, spanning over 22
years of Python releases. We include Dropbox's Python 2.5 bytecode and some
PyPy bytecode.
This package uses Jay Earley's algorithm for parsing context free grammars, and
comes with some generic Abstract Syntax Tree routines. There is also a
prototype scanner which does its job by combining Python regular expressions.
(SPARK stands for Scanning, Parsing, and Rewriting Kit. It is a poor name since
it conflicts with a more popular package of the same name. In the future we
will rename this.)
Back-port perl commit 3d5e9c119db6b727684fe75dfcfe5831c4351bec to
fix a file descriptor leak in in-place editing which is breaking
the build of xentools48. Should fix PR 53578. Bump PKGREVISION.
This uses a similar approach as go111. Its revision is one higher than
the existing lang/go.
Next steps:
- make builds use this for dependent packages
- delete lang/go to complete the move
This installs the go tool as go111; all the supporting files go under
$PREFIX/go111, so it does not conflict with other Go versions. Go packages
in pkgsrc do not use it to build yet.
Changes:
There are many changes and improvements to the toolchain, runtime, and
libraries, but two features stand out as being especially exciting: modules
and WebAssembly support.
This release adds preliminary support for a new concept called "modules," an
alternative to GOPATH with integrated support for versioning and package
distribution. Module support is considered experimental, and there are still
a few rough edges to smooth out, so please make liberal use of the issue
tracker.
Go 1.11 also adds an experimental port to WebAssembly (js/wasm). This allows
programmers to compile Go programs to a binary format compatible with four
major web browsers.
The GNU Compiler Collection (GCC) includes front ends for C, C++, Objective-C,
Fortran, and Go, as well as libraries for these languages (libstdc++,
libgfortran, ...).
This packages provides GCC support libraries in a specific location and allows
packages to depend on just the libraries rather than having to pull in the full
GCC package.
Changelog:
This is the list of problem reports (PRs) from GCC's bug tracking system
that are known to be fixed in the 8.2 release. This list might not be
complete (that is, it is possible that some PRs that have been fixed are
not listed here).
General Improvements
Fixed LTO link-time performance problems caused by an overflow in the
partitioning algorithm while building large binaries.
Language Specific Changes
C++
GCC 8.2 fixed a bug introduced in GCC 8.1 affecting passing or returning
of classes with a deleted copy constructor and defaulted trivial move
constructor (bug c++/86094). GCC 8.2 introduces -fabi-version=13 and makes
it the default, ABI incompatibilities between GCC 8.1 and 8.2 can be
reported with -Wabi=12. See C++ changes for more details.
Target Specific Changes
IA-32/x86-64
-mtune=native performance regression bug84413 on Intel Skylake
processors has been fixed.
Go packages create ${PREFIX}/bin and ${PREFIX}/gopkg even when they
don't install anything in them. This change sets PRINT_PLIST_AWK to
ignore such empty directories.
