- Build system: The Notify Email plugin is no longer linked with
indirect dependencies.
- collectd: A race condition when calculating a metric's rate has been
fixed.
- AMQP, Exec, UnixSock, Write Kafka plugins: Parsing of the PUTVAL
command with multiple values has been fixed.
- AMQP plugin: The "ExchangeType" option is now also valid for
publishers.
- BIND plugin: Fix parsing of the sample time provided by BIND.
Previously, the time was assumed to be in the local timezone when in
fact it was in UTC.
- BIND plugin: Memory leaks have been fixed.
- cURL-JSON plugin: Handling of arrays has been fixed.
- DPDKStat plugin: Error handling during initialization has been
improved.
- DPDKStat plugin: Handling of a number of metrics has been improved,
for example "rx_q0bytes".
- Intel RDT plugin: Configuration handling has been changed to be more
graceful.
- Log Logstash plugin: If writing the log entry fails, print it to
"STDERR" instead.
- LogFile plugin: If writing to the file fails, print log messages on
"STDERR" instead.
- memcachec, Tail plugins: A resource leak in the matching
infrastructure has been fixed.
- MQTT plugin: Invalid symbols in topic names are now replaced and a
resource leak has been fixed.
- Network plugin: A potential endless-loop has been fixed. This can be
triggered remotely by sending a signed network packet to a server
which is not set up to check signatures.
- Perl plugin: A potential double-free has been fixed.
- Processes plugin: A compilation error on AIX has been fixed.
- SMART plugin: A check for the "CAP_SYS_RAWIO" capability has been
added.
- Write Graphite plugin: Error handling in the case that calculating a
metric's rate fails has been improved. Previously, the raw counter
values were sent to Graphite.
- Write Prometheus plugin: An incorrect use of "realloc(3)" has been
fixed.
2.004000 - 2017-06-07
- more extensive quotify tests
- split tests into separate files
- propagate package to deferred subs, even if unnamed
- reject invalid attributes
- include line numbers compile errors (PR#1, djerius)
Update security/hitch to 1.4.6.
hitch-1.4.6 (2017-06-06)
- Fix a problem that broke mock-based builds for el6/el7
hitch-1.4.5 (2017-05-31)
- Set SSL_OP_SINGLE_ECDH_USE to force a fresh ECDH key pair per
handshake
- Fix a bug where we ended up leaking a zombie process on reload
- Fix a bug where the management process could not find its
configuration files after a reload when chroot was configured
- Output the offending line on a configuration file parsing error
- Fix build for non-C99/C11 compilers
- Fix the shared cache code to make it work also with OpenSSL 1.1.0
- Fix an unchecked loop situation that could occur when running with
shared cache enabled
- Various autotools configuration fixes
- A few minor doc fixes
0.04 Tue 13 Jun 2017 22:27:29 BST
- Use ExtUtils::MakeMaker instead of Module::Build
- Fixed encoding in POD (RT#85212)
- Fixed stack corruption in discid_put (RT#98179)
- Updated tests for libdiscid 0.6.x (RT#89285)
- Fixed typo in POD (RT#85212)
7.33 2017-06-05
- Added EXPERIMENTAL support for :matches pseudo-class and :not pseudo-class
with compount selectors to Mojo::DOM::CSS.
- Fixed a few form element value extraction bugs in Mojo::DOM.
- Fixed version command to use the new MetaCPAN API, since the old one got
shut down.
7.32 2017-05-28
- Added -f option to get command.
- Improved get command with support for passing request data by redirecting
STDIN.
- Fixed memory leak in Mojo::IOLoop::Client that sometimes prevented the
connect timeout from working correctly for TLS handshakes.
Added
- Plugins for performing DNS challenges for popular providers
- IPv6 support in the standalone plugin.
- A mechanism for keeping your Apache and Nginx SSL/TLS configuration
up to date.
- --http-01-address and --tls-sni-01-address flags for controlling the
address Certbot listens on when using the standalone plugin.
- The command certbot certificates that lists certificates managed by
Certbot now performs additional validity checks to notify you if
your files have become corrupted.
Changed
- Messages custom hooks print to stdout are now displayed by Certbot
when not running in --quiet mode.
- jwk and alg fields in JWS objects have been moved into the protected
header causing Certbot to more closely follow the latest version of
the ACME spec.
Fixed
- Permissions on renewal configuration files are now properly
preserved when they are updated.
- A bug causing Certbot to display strange defaults in its help output
when using Python <= 2.7.4 has been fixed.
- Certbot now properly handles mixed case domain names found in custom
CSRs.
- A number of poorly worded prompts and error messages.
Removed
- Support for OpenSSL 1.0.0 in certbot-auto has been removed as we now
pin a newer version of cryptography which dropped support for this
version.
1.43 2017-05-29
- Added a small optimization for boolification overloading. Rather than
relying on a fallback to stringification, we now return true directly, which
is a little faster in cases like "if ($might_be_dt) { ... }".
- The datetime() method now accepts a single argument to use as the separate
between the date and time portion. This defaults to "T".
June 5, 2017 - Version 10.55 (production release)
- Added support for GIF multimedia extensions
- Added a couple of new Sony/Minolta lenses (thanks Chris)
- Added a new Nikon LensID (thanks Jakob Dettner)
- Added new Composite TotalPathPoints tag to photoshop_paths.config
- Decode a number of new Sony tags and updated some others (thanks Jos Roost)
- Decode a new Pentax tag and fixed decoding of another (thanks Andras
Salamon)
- Updated iptcCore.args for new IPTC specification
- Changed description of a couple of AVI Model tags to match EXIF
- Patched tests to avoid failures with Perl 5.25.11 due to missing "." in @INC
- Fixed an incorrect warning from the experimental Validate feature
May 26, 2017 - Version 10.54
- Added support for Google XMP GImage and GAudio tags
- Added a new Olympus CameraType (thanks LibRaw)
- Added a two new Sony lenses and decode more ILCE-9 tags (thanks Jos Roost)
- Added new values to some Pentax tags (thanks Andras Salamon)
- Added a new Canon LensType
- Added an additional checks to the experimental -validate feature
- Improved user-defined FileTypes feature to provide more flexibility
- Enhanced -ext option to allow specific files extensions to be processed
along with supported files
- API Changes:
- Added ListJoin option to replace List and ListSep options
May 17, 2017 - Version 10.53
- Added support for "MeSa" Photoshop IRB resource
- Made XMP-GSpherical tags writable
- Improved German translations (thanks Jobi)
May 12, 2017 - Version 10.52
- Added some new values to a number of FujiFilm tags and changed some others
(thanks Albert Shan)
- Decode a number of new Sony tags for the ILCE-9 (thanks Jos Roost)
- Made SonyISO writable
- Changed behaviour of advanced formatting expression for Shortcut tags so it
now applies to the combined value rather than individual constituent values
- Minor changes to some Pentax print conversions
- Fixed problem using new NoDups utility with Shortcut tags
May 2, 2017 - Version 10.51
- Added "NoDups" utility function for use in advanced formatting expressions
- Added a new Pentax LensType (thanks JohnK)
- Added some new Pentax DriveMode values (thanks Andras Salamon)
- Enhanced -ver option to report Perl include directories with -v2
- Improved warning message when advanced formatting expression returns undef
- Minor change to a few FujiFilm print conversion strings (thanks Albert Shan)
- Changed behaviour when interpolating Shortcut tags in a string (the values
are now separated according to the -sep option setting instead of simply
being concatenated)
- Patched to allow file times to be set on systems where futimes is not
available
8.1.1
Child processes
- stdout and stderr are now available on the error output of a failed
call to the util.promisify()ed version of child_process.exec.
HTTP
- A regression that broke certain scenarios in which HTTP is used
together with the cluster module has been fixed.
HTTPS
- The rejectUnauthorized option now works properly for unix sockets.
Readline
- A change that broke npm init and other code which uses readline
multiple times on the same input stream is reverted.
8.1.0
Async Hooks
- When one Promise leads to the creation of a new Promise, the parent
Promise will be identified as the trigger
Dependencies
- libuv has been updated to 1.12.0
- npm has been updated to 5.0.3
File system
- The fs.exists() function now works correctly with util.promisify()
- fs.Stats times are now also available as numbers
Inspector
- It is now possible to bind to a random port using --inspect=0
Zlib
- A regression in the Zlib module that made it impossible to properly
subclasses zlib.Deflate and other Zlib classes has been fixed.
2.13 2017-06-01
- Really fix the indexing issue. For reals this time. I'm totally not
kidding. Thanks to Grinnz on #metacpan for giving me the solution.
2.12 2017-06-01
- Attempting to fix indexing of DateTime::TimeZone::Catalog on metacpan
again. No real code or zone changes. Reported by Greg Oscwhald. GH #19.
Patch #328 - 2017/06/01
* revise parser for charClass resource, making these improvements:
+ accept octal and hexadecimal values
+ allow embedded whitespace
+ allow the class after colon to be optional, e.g., to clear
class settings for a range of characters.
* add command-line option -report-charclass.
* fix most lintian warnings about test-package
* add eraseSavedLines resource.
* document DECSED 3 in ctlseqs.ms (report by Ben Longmans).
* improve integration between configure-events and updates for
reported screensize, in particular when switching between vt100 and
tek4014 modes.
* modify selection-highlighting of reverse-video text to keep that
distinct, e.g., by reversing the selection foreground and
background colors as one would expect. This fixes a "useless" case
in the description of highlightColorMode.
* improve fix for Debian #759734, addressing a case where non-colored
cursor would be invisible against reverse-video (see patch #311).
* updates for ReGIS (Ross Combs):
+ the "H" option of the "T" command should multiply by 10, not
20.
+ display unknown glyphs as a solid block.
+ given a succession of text-direction options, use the last.
+ fix the direction of ReGIS slanted text so that negative
values produce oblique output .
+ fix the ReGIS text direction option to only rotate characters
when no following size option is used.
* update terminfo to better match corresponding entries in ncurses,
e.g., u8 pattern to match the VT220, VT420, etc., primary
responses, as well as adding smxx and rmxx.
* fixes from Jörg Sommer:
+ corrected a trace-message regarding maximum graphics-size; it
used the similar ReGIS maximum size which might not be
configured.
+ in do_select_regex, clear selection if there is no match. If
the regex does not match anything around the cursor, the
selection returned must be empty, otherwise the whole line is
treated as a match. This way the command defined by
exec-selectable will not be executed if there is no match.
+ modify limit in do_select_regex to include the character at
the cursor in the match, making it easier to type something
and then hit the key to trigger exec-selectable.
+ If exec-selectable or insert-selection is triggered by a mouse
button click, the position of the mouse pointer should be
used. This makes it easier to address any position on the
window and it makes it possible to use the mouse, e.g., for
applications such as mutt where you cannot move the cursor.
* modify DECRC to save/restore xterm's last-column flag used to
control wrapping behavior rather than manipulating DECAWM
(report/analysis by Mattias Engdegård).
* add configure option --enable-terminfo-env to use the value set by
--with-own-terminfo for the $TERMINFO environment variable. That
variable was set automatically for HPUX, but would be useful in
other systems, e.g., for Solaris (request by Jeff Wieland).
* fix a race condition when setting up a signal handler to timeout if
opening /dev/tty hangs (patch by Tobias Stoeckmann).
* review/cleanup resources which were not in the manual page (report
by Maxwell Anselm):
+ add manual page description as needed.
+ drop resource name for menuBar, as unnecessary.
+ modify fallback numeric value for regisScreenSize resource to
match that for maxGraphicSize.
* updated configure macros CF_ADD_CFLAGS, CF_CC_ENV_FLAGS,
CF_GNU_SOURCE, CF_MATH_LIB, and CF_XOPEN_SOURCE from other
program-changes.
* update config.guess, config.sub
* change “maximum screensize” assumed by resize to 9999x9999, to
accommodate people using the Unreadable font.
* drop Utility from default value of --with-desktop-category (Debian
#780176).
* widen the configure script pattern used for finding related
".desktop" files, including “Terminal”
* several minor improvements to font utility functions:
+ provide for later modification to implement font-sets by
parsing the font resources as comma-separated lists.
+ parse -fn and -fa similarly, using “x:” and “xft:” prefixes
for font name/family strings to distinguish between XLFD and
Xft font specifications.
+ use loops to iterate over font classes
+ use getters/setters for font data to allow for on-demand
lookups.
+ make the debugging trace for missing glyph less verbose since
that interferes with the -report-fonts option.
+ refactor xtermLoadFont to make it clearer how some fonts are
derived from others, e.g., bold, wide.
+ make the triggering and suppressing of font-warnings more
consistent by storing the last state in the widget.
+ reduce font-warnings by checking for repeated warnings.
* add vttests/query-status.pl
* add vttests/closest-rgb
* add special case for displaying soft-hyphen if it happens to fall
at the right margin, and omitting similar case such as the BIDI
markers, where a zero-width character is neither a control
character nor a combining character (Debian #844325).
* modify logic for OSC 52, manipulate selection data, to update the
selection-time to include the latest X events. This fixes some
cases where the selection was invalid, e.g., after an event due to
focus-follows-mouse (report/testcase by Stephane Chauveau).
* revise macro CastMallocN as new macro TextAlloc to make explicit
use of sizeof(char) (prompted by patch by Cade Foster).
* add “Mouse Ops” menu entry and related resources to allow runtime
disabling/enabling of the mouse protocol escape sequences
(discussion with Bob Proulx).
* improve discussion of mouse actions versus protocol in the manual
(discussion with Bob Proulx).
* improve discussion of environment variables in the manual, pointing
out where some features (such as termcap and the System5 COLUMNS
and LINES variables) are used rarely, mainly to support legacy
applications.
* add examples of translations resource for select/paste, and for
font-size changes to the manual.
* minor reordering of some entries in ctlseqs.ms for consistency
(report by Arran Ubels).
* add -s option to 256colors2.pl and 88colors2.pl, to demonstrate
modifying the “system” colors 0–15.
* omit XFT_SPACING property from call to XftPatternBuild, to work
around a bug in fontconfig for handling Google Go fonts, whose
names sort in an order not expected by fontconfig, causing the
request for a monospaced font to return italics, e.g.,
$ fc-match 'Go Mono:spacing=monospace'
Go-Mono-Italic.ttf: "Go Mono" "Italic"
(report by Giacomo Boffi on Stackoverflow).
* modify minstall.in to improve a workaround added to the manual page
in patch #182 to avoid having the C preprocessor used in the imake
configuration strip out the comments in the character classes
section (reports by Ted Unangst, Anthony J Bentley).
NEW IN WAF 1.9.12
-----------------
* Work around config.log encoding issues on windows/Python3.6/console #1974
* Handle spaces in python path detection on windows #1973
* Set a better default path for windows import libraries #1959
* Fix variable propagation for javac targets #1969
* Various cpplint enhancements #1961#1963
* Various eclipse project generator enhancements #1967#1968#1970
* Various C# enhancements #1975#1976#1977
* Override resx namespaces #1978
Version 2.42b:
--------------
- Renamed the R() macro to avoid a problem with llvm_mode in the latest
versions of LLVM. Fix suggested by Christian Holler.
* If your 54.0 is unstable, please disable e10s with
browser.tabs.remote.autostart.2=false (this works at least for me)
Changelog:
New
Simplified the download button and download status panel
Added support for multiple content processes (e10s-multi)
Added Burmese (my) locale
Fixed
Various security fixes
Changed
Moved the mobile bookmarks folder to the main bookmarks menu for easier access
Security fixes:
#CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
#CVE-2017-7749: Use-after-free during docshell reloading
#CVE-2017-7750: Use-after-free with track elements
#CVE-2017-7751: Use-after-free with content viewer listeners
#CVE-2017-7752: Use-after-free with IME input
#CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
#CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files
#CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors
#CVE-2017-7757: Use-after-free in IndexedDB
#CVE-2017-7778: Vulnerabilities in the Graphite 2 library
#CVE-2017-7758: Out-of-bounds read in Opus encoder
#CVE-2017-7759: Android intent URLs can cause navigation to local file system
#CVE-2017-7760: File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service
#CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application
#CVE-2017-7762: Addressbar spoofing in Reader mode
#CVE-2017-7763: Mac fonts render some unicode characters as spaces
#CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks
#CVE-2017-7765: Mark of the Web bypass when saving executable files
#CVE-2017-7766: File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service
#CVE-2017-7767: Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service
#CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service
#CVE-2017-7770: Addressbar spoofing with JavaScript events and fullscreen mode
#CVE-2017-5471: Memory safety bugs fixed in Firefox 54
#CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
