-Add new messages Quit, LastVisitedPath and NextVisitedPath
-q is mapped to Quit.
-ctrl-o is mapped to LastVisitedPath
-ctrl-i / tab is mapped to NextVisitedPath
version 2.85
Fix problem with DNS retries in 2.83/2.84.
The new logic in 2.83/2.84 which merges distinct requests
for the same domain causes problems with clients which do
retries as distinct requests (differing IDs and/or source ports.)
The retries just get piggy-backed on the first, failed, request.
The logic is now changed so that distinct requests for repeated
queries still get merged into a single ID/source port, but
they now always trigger a re-try upstream.
Thanks to Nicholas Mu for his analysis.
Tweak sort order of tags in get-version. v2.84 sorts
before v2.83, but v2.83 sorts before v2.83rc1 and 2.83rc1
sorts before v2.83test1. This fixes the problem which lead
to 2.84 announcing itself as 2.84rc2.
Avoid treating a --dhcp-host which has an IPv6 address
as eligible for use with DHCPv4 on the grounds that it has
no address, and vice-versa. Thanks to Viktor Papp for
spotting the problem. (This bug was fixed was back in 2.67, and
then regressed in 2.81).
Add --dynamic-host option: A and AAAA records which take their
network part from the network of a local interface. Useful
for routers with dynamically prefixes. Thanks
to Fred F for the suggestion.
Teach --bogus-nxdomain and --ignore-address to take an IPv4 subnet.
Use random source ports where possible if source
addresses/interfaces in use.
CVE-2021-3448 applies. Thanks to Petr Menšík for spotting this.
It's possible to specify the source address or interface to be
used when contacting upstream name servers: server=8.8.8.8@1.2.3.4
or server=8.8.8.8@1.2.3.4#66 or server=8.8.8.8@eth0, and all of
these have, until now, used a single socket, bound to a fixed
port. This was originally done to allow an error (non-existent
interface, or non-local address) to be detected at start-up. This
means that any upstream servers specified in such a way don't use
random source ports, and are more susceptible to cache-poisoning
attacks.
We now use random ports where possible, even when the
source is specified, so server=8.8.8.8@1.2.3.4 or
server=8.8.8.8@eth0 will use random source
ports. server=8.8.8.8@1.2.3.4#66 or any use of --query-port will
use the explicitly configured port, and should only be done with
understanding of the security implications.
Note that this change changes non-existing interface, or non-local
source address errors from fatal to run-time. The error will be
logged and communication with the server not possible.
Change the method of allocation of random source ports for DNS.
Previously, without min-port or max-port configured, dnsmasq would
default to the compiled in defaults for those, which are 1024 and
65535. Now, when neither are configured, it defaults instead to
the kernel's ephemeral port range, which is typically
32768 to 60999 on Linux systems. This change eliminates the
possibility that dnsmasq may be using a registered port > 1024
when a long-running daemon starts up and wishes to claim it.
This change does likely slightly reduce the number of random ports
and therefore the protection from reply spoofing. The older
behaviour can be restored using the min-port and max-port config
switches should that be a concern.
Scale the size of the DNS random-port pool based on the
value of the --dns-forward-max configuration.
Tweak TFTP code to check sender of all received packets, as
specified in RFC 1350 para 4.
upstream changes:
-----------------
7.0.11-6
* fix portable Windows build.
7.0.11-5
* OpenCL will be disable by default, use the environment variable
MAGICK_OCL_DEVICE to turn it on or select the device to use.
* eliminate extraneous spaces in AC_PATH_PROG (reference
https://github.com/ImageMagick/ImageMagick/issues/3428).
* fix handling of non-square images with -fft option.
* enable FFTW support with --with-fftw configure script command-line option.
7.0.11-4
* support caption:split define (reference
https://github.com/ImageMagick/ImageMagick/discussions/3389).
* avoid an omp deadlock with policy string
7.0.11-3
* Eliminate multiple division by zero exceptions (reference
https://github.com/ImageMagick/ImageMagick/issues/3339 and others).
* Use -define filename:literal=true to bypass interpretting embedded
formatting characters and instead use the filename literally.
7.0.11-2
* decode HEIC images in sRGB instead of YCbCr.
* Division by zero error is possible if crafty file sets film-gamma property
* Check for overflow in thumbnail coder
* Prevent compiler from optimizing out buffer clearing in cipher
* Clone properties from image stack.
* Set overall image depth statistic in Composite channel.
7.0.11-1
* Clone properties from image stack.
* fix EXR crash (reference
https://github.com/ImageMagick/ImageMagick/issues/3242).
1.0.1 (2021-04-02)
* Fixes identifying OpenDocument files by magic. 1.0.0 imprecisely
identified them as application/zip. (#38)
* Fixes identifying .docx, .pptx, and .xlsx files exported from Google
Sheets by magic. (#36)
* Identifies vCard files as text/vcard rather than text/x-vcard. (27fac74)
* Identifies .otf, .woff, and .woff2 files aș font/otf, font/woff, and
font/woff2, respectively. (#37)
0.4.1
-Fix remap behavior.
-Fix help menu.
0.4.0
-Support easier config overwrite (without having to dump the whole config).
-Rename custom field for node metadata to meta.
-Move icon to meta.icon.
-Rename normal_ui to default_ui.
-Rename filetypes to node_types.
-Split modes into modes.builtin and modes.custom.
-Add the missing create file mode.
-Rename focused_ui to focus_ui.
-Make version compatibility less annoying.
-Add key binding ~ to go to homedir.
-Add customizable cursor and prompts.
-Improve the help menus.
New features:
-Publish binaries for more platforms, including Windows (#490)
Fixes:
-Fix path for downloaded cheats (#493)
-Fix navi fn welcome (#495)
Code quality:
-Update demo video (#488)
-Add link to more shell instructions
Security release includes several security fixes, including a fix for a
permission bypass in Issues API and a fix for private project name that can
be leaked in issue journal details, so upgrading as soon as possible is
recommended. You can get more details in Security Advisories:
<https://redmine.org/projects/redmine/wiki/Security_Advisories>
4.0.8 (2021-03-21)
[Accounts / authentication]
* Defect #33926: Rake tasks "db:encrypt" and "db:decrypt" may fail due to
validation error
[Administration]
* Defect #33310: Warnings while running redmine:load_default_data rake task
* Patch #32341: Show tooltip when hovering on repeat-value link in Field
permission tab
[Attachments]
* Defect #33459: The order of thumbnails in journals does not match the
order of file name list
* Defect #33769: When creating more than two identical attachments in a
single db transaction, the first one always ends up unreadable
[Custom fields]
* Defect #33275: Possible values field in list format custom field form is
not marked as required
[Documentation]
* Defect #33939: Unnecessary translation of {{toc}} macros in Russian Wiki
formatting help
[Filters]
* Defect #34375: "is not" operator for Subproject filter incorrectly
excludes closed subprojects
[Gantt]
* Defect #33140: Gantt bar is not displayed if the due date is the leftmost
date or the start date is the rightmost date
* Defect #33175: Starting or ending marker is not displayed if they are on
the leftmost or rightmost boundary of the gantt
[Gems support]
* Patch #34461: Update Redcarpet to 3.5.1
[Issues]
* Defect #33576: Done ratio of a parent issue may be shown as 99% even
though all subtasks are completed
[Issues list]
* Defect #33548: Column header is clickable even when the column is not
actually sortable
* Defect #34297: Subprojects issues are not displayed on main project when
all subprojects are closed
[Projects]
* Defect #33889: Do not show list for custom fields without list entry on
project overview
[REST API]
* Defect #34615: 'Search' falsy parameters are not respected
[SEO]
* Defect #6734: robots.txt: disallow crawling issues list with a query string
[Security]
* Defect #33360: Names of private projects are leaked by issue journal
details that contain project_id changes
* Defect #33689: Issues API bypasses add_issue_notes permission
* Feature #33906: Upgrade Rails to 5.2.4.5
[Themes]
* Defect #8251: Classic Theme: Missed base line
[Translations]
* Defect #34447: Typo in translation string
'setting_issue_list_default_columns': s//Isuses/Issues
[UI]
* Patch #33958: Jump to end of line in editor when starting list or quote
