Version 4.9.2
* mkdir: fixed exit code with -f option.
* ftp: made ftp:use-pret setting tri-boolean.
* get/mget/put/mput: don't try next files after error if cmd:fail-exit is true.
* get/mget: fixed -O option with remote URL and xfer:use-temp-file being true.
* mirror: disallow empty patterns; don't delete "..".
* mirror: fixed --on-change with --reverse.
* sftp: fixed a bug with truncated files when packets are reordered (finally).
Wireshark 3.2.6 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2020-10[1] Kafka dissector crash. Bug 16672[2].
CVE-2020-17498[3].
The following bugs have been fixed:
• Kafka dissector fails parsing FETCH responses. Bug 16623[4].
• Dissector for ASTERIX Category 001 / 210 does not recognize bit 1
as extension. Bug 16662[5].
• "invalid timestamp" for Systemd Journal Export Block. Bug
16664[6].
• Decoding Extended Emergency number list IE length. Bug 16668[7].
• Some macOS Bluetooth PacketLogger capture files aren’t recognized
as PacketLogger files (regression, bisected). Bug 16670[8].
• Short IMSIs (5 digits) lead to wrong decoding+warning. Bug
16676[9].
• Decoding of PFCP IE 'PFD Contents' results in "malformed packet".
Bug 16704[10].
• RFH2 Header with 32 or less bytes of NameValue will not parse out
that info. Bug 16733[11].
• CDP: Port ID TLV followed by Type 1009 TLV triggers [Malformed
Packet]. Bug 16742[12].
• tshark crashed when processing opcda. Bug 16746[13].
• tshark with --export-dicom gives “Segmentation fault (core
dumped)”. Bug 16748[14].
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ASTERIX, BSSAP, CDP, CoAP, DCERPC SPOOLSS, DCOM, DICOM, DVB-S2,
E.212, GBCS, GSM RR, GSM SMS, IEEE 802.11, Kafka, MQ, Nano, NAS 5GS,
NIS+, NR RRC, PacketLogger, PFCP, RTPS, systemd Journal, TDS, TN3270,
and TN5250
New and Updated Capture File Support
PacketLogger and pcapng
Changelog:
7 July 2020: Wouter
- Tag for 4.3.2rc1.
6 July 2020: Wouter
- Fix compile includes for xfr-inspect tool on FreeBSD.
- Add tpkg/run_vm.sh that runs test when in a virtual machine.
- Merge #112 from jaredmauch: log old and new serials when NSD
rejects an IXFR due to an old serial number.
- Fix bug034 test for vm test changes.
22 June 2020: Wouter
- Remove errno reset behaviour from sendmmsg and recvmmsg
replacement functions.
- Fix unit test for different nsd-control-setup -h exit code.
19 June 2020: Wouter
- Merge #108 from Nomis: Make the max-retry-time description clearer.
- Retry when udp send buffer is full to wait until buffer space is
available.
18 June 2020: Wouter
- Do not log EAGAIN errors for sendmmsg, to stop log spam on OpenBSD.
17 June 2020: Wouter
- Fix#107: nsd -v shows configure line, openssl version and libevent version.
27 May 2020: Wouter
- Fix unlink of pidfile warning if not possible due to permissions,
nsd can display the message at high verbosity levels.
- Update contrib/nsd.service for chown of nsd.log and /var/log in
ReadWritePaths.
- Removed contrib/nsd.service, example is too complicated and not
useful.
15 May 2020: Wouter
- Merge PR#102 from and0x000: add missing default in documentation
for drop-updates.
- Fix checkconf test for log-only-syslog option.
14 May 2020: Wouter
- Document default value for tcp-timeout.
13 May 2020: Jeroen
- Fix#99: Fix copying of socket properties with reuseport enabled.
24 April 2020: Wouter
- Fix#97: EDNS unknown version: query not in response.
21 April 2020: Wouter
- Fix#96: log-only-syslog: yes sets to only use syslog, fixes
that the default configuration and systemd results in duplicate
log messages.
20 April 2020: Wouter
- Fix#95: Removed make test check because tpkg not included in
release tarballs.
- Fix unused parameter compile warnings.
Jesse Smith <jessefrgsmith@yahoo.ca> -> 5.6
- When Bftpd is run with the -n flag (no configuration file)
default ratio settings prevented files from downloading.
Samuel Hsu has patched Bftpd to assume no ratio ("") is
treated the same as "none" or no restrictions.
- Fixed potential overflow in buffer for directory listing.
- Used calloc() and single strlen() call to avoid having
a string without a NULL terminator mystring library.
Add bind916 version 9.16.5 package (BIND 9.16.5).
BIND, the Berkeley Internet Name Daemon. This package contains the BIND
9.16 release.
* New dnssec-policy statement to configure a key and signing policy for
zones, enabling automatic key regeneration and rollover.
* New network manager based on libuv.
* Added support for the new GeoIP2 geolocation API, libmaxminddb.
* Improved DNSSEC trust anchor configuration using the trust-anchors
statement, permitting configuration of trust anchors in DS as well as
DNSKEY format.
* YAML output for dig, mdig, and delv.
This hotfix release fixes an issue with block validation.
Bugfixes:
#6827: syncthing 1.6.1 -> 1.7.0 fails on "failed validating data"
v1.7.0
This release performs a database migration to optimize for clusters with
many devices.
Bugfixes:
#6552: panic: Stop called more than once on ... created by nat.Service
#6564: Closing an already removed connection causes GUI error message
#6646: Misleading error message when to be deleted dir contains receive-only changes
#6653: panic: nil pointer dereference in leveldb.(*DB).isClosed()
#6654: panic: runtime error: index out of range in processNeeded()
#6655: panic: nil pointer dereference in checkUpgrade()
#6679: QUIC listener is not added when default TCP port is unavailable
#6697: Malformed listen address causes hang on startup
#6706: Changing a folder in web UI removes introduced-by info
Enhancements:
#1830: "Folder path missing" when folder path is a junction
#4703: Suggest setting up auth on initial startup
#5910: Add Badger database backend for testing and consideration
#6372: Reduce database size by optimizing version list storage
Other issues:
#6608: Data race in Windows fs watcher tests
#6625: TestRequestRemoteRenameChanged is racy/flaky
Changes:
1.52.3
------
* Bug Fixes
* docs
* Disable smart typography (eg en-dash) in MANUAL.* and man page
(Nick Craig-Wood)
* Update install.md to reflect minimum Go version (Evan Harris)
* Update install from source instructions (Nick Craig-Wood)
* make_manual: Support SOURCE_DATE_EPOCH (Morten Linderud)
* log: Fix --use-json-log going to stderr not --log-file on Windows
(Nick Craig-Wood)
* serve dlna: Fix file list on Samsung Series 6+ TVs (Matteo Pietro Dazzi)
* sync: Fix deadlock with --track-renames-strategy modtime (Nick Craig-Wood)
* Cache
* Fix moveto/copyto remote:file remote:file2 (Nick Craig-Wood)
* Drive
* Stop using root_folder_id as a cache (Nick Craig-Wood)
* Make dangling shortcuts appear in listings (Nick Craig-Wood)
* Drop "Disabling ListR" messages down to debug (Nick Craig-Wood)
* Workaround and policy for Google Drive API (Dmitry Ustalov)
* FTP
* Add note to docs about home vs root directory selection (Nick Craig-Wood)
* Onedrive
* Fix reverting to Copy when Move would have worked (Nick Craig-Wood)
* Avoid comma rendered in URL in onedrive.md (Kevin)
* Pcloud
* Fix oauth on European region "eapi.pcloud.com" (Nick Craig-Wood)
* S3
* Fix bucket Region auto detection when Region unset in config (Nick Craig-Wood)
1.2.8 released
* validate UTF-8 encoding of client version strings from peers
* don't time out tracker announces as eagerly while resolving hostnames
* fix NAT-PMP shutdown issue
* improve hostname lookup by merging identical lookups
* fix network route enumeration for large routing tables
* fixed issue where pop_alerts() could return old, invalid alerts
* fix issue when receiving have-all message before the metadata
* don't leave lingering part files handles open
* disallow calling add_piece() during checking
* fix incorrect filename truncation at multi-byte character
* always announce listen port 1 when using a proxy
NEWS for rsync 3.2.3
Changes in this version:
BUG FIXES:
Fixed a bug in the xattr code that was freeing the wrong object when trying to cleanup the xattr list.
Fixed a bug in the xattr code that was not leaving room for the "rsync." prefix in some instances where it needed to be added.
Restored the ability to use ‑‑bwlimit=0 to specify no bandwidth limit. (It was accidentally broken in 3.2.2.)
Fix a bug when combining ‑‑delete-missing-args with ‑‑no-implied-dirs & ‑R where rsync might create the destination path of a missing arg. The code also avoids some superfluous warnings for nested paths of removed args.
Fixed an issue where hard-linked devices could cause the rdev_major value to get out of sync between the sender and the receiver, which could cause a device to get created with the wrong major value in its major,minor pair.
Rsync now complains about a missing ‑‑temp-dir before starting any file transfers.
A completely empty source arg is now a fatal error. This doesn't change the handling of implied dot-dir args such as "localhost:" and such.
ENHANCEMENTS:
Allow ‑‑max-alloc=0 to specify no limit to the alloc sanity check.
Allow ‑‑block-size=SIZE to specify the size using units (e.g. "100K").
The name of the id-0 user & group are now sent to the receiver along with the other user/group names in the transfer (instead of assuming that both sides have the same id-0 names).
Added the ‑‑stop-after=MINS and ‑‑stop-at=DATE_TIME options (with the ‑‑time-limit=MINS option accepted as an alias for ‑‑stop-after). This is an enhanced version of the time-limit patch from the patches repo.
Added the name converter daemon parameter to make it easier to convert user & group names inside a chrooted daemon module. This is based on the nameconverter patch with some improvements, including a tweak to the request protocol (so if you used this patch in the past, be sure to update your converter script to use newlines instead of null chars).
Added ‑‑crtimes (‑N) option for preserving the file's create time (I believe that this is macOS only at the moment).
Added ‑‑mkpath option to tell rsync that it should create a non-existing path component of the destination arg.
Added ‑‑stderr=errors|all|client to replace the ‑‑msgs2stderr and ‑‑no-msgs2stderr options (which are still accepted). The default use of stderr was changed to be ‑‑stderr=errors where all the processes that have stderr available output directly to stderr, which should help error messages get to the user more quickly, especially when doing a push (which includes local copying). This also allows rsync to exit quickly when a receiver failure occurs, since rsync doesn't need to try to keep the connection alive long enough for the fatal error to go from the receiver to the generator to the sender. The old default can be requested via ‑‑stderr=client. Also changed is that a non-default stderr mode is conveyed to the remote rsync (using the older option names) instead of requiring the user to use ‑‑remote-option (‑M) to tell the remote rsync what to do.
Added the ability to specify "@netgroup" names to the hosts allow and hosts deny daemon parameters. This is a finalized version of the netgroup-auth patch from the patches repo.
Rsync can now hard-link symlinks on FreeBSD due to it making ues of the linkat() function when it is available.
Output file+line info on out-of-memory & overflow errors while also avoiding the output of alternate build-dir path info that is not useful to the user.
Change configure to know that Cygwin supports Linux xattrs.
Improved the testsuite on FreeBSD & Cygwin.
Added some compatibility code for HPE NonStop platforms.
Improved the INSTALL.md info.
Added a few more suffixes to the default skip-compress list.
Improved configure's error handling to notify about several issues at once instead of one by one (for the newest optional features).
INTERNAL:
Use a simpler overflow check idiom in a few spots.
Use a C99 Flexible Array for a trailing variable-size filename in a struct (with a fallback to the old 1-char string kluge for older compilers).
Release v1.31.0
Core
The following new xDS functionality is added in this release:
Requests matching based on path (prefix, full path and safe regex) and headers.
Requests routing to multiple clusters based on weights.
The features supported in a given release are documented here.
Other changes:
Remove MAX_EPOLL_EVENTS_HANDLED_EACH_POLL_CALL to ensure timely processing of events.
Include the target name in top-level DNS error messages.
Remove xds-experimental URI scheme.
fix memory leak of grpc_resource_user_quota.
Store ref to the ExternalConnectivityWatcher in external_watchers_ map.
Update grpclb configuration with field "service_name".
Fix possible deadlock in RemoveExternalConnectivityWatcher.
Enable TLS 1.3 in the C-core and all wrapped languages.
Add message-size check before message decompression with ordering change.
Fix race condition caused by simultaneous updates on SSL server handshaker.
Add missing reset for ping clocks to avoid mistakenly sending GOAWAY frames due to 'too_many_pings'.
C++
Simplify makefile: Get rid of "install" rules with pure make, recommend cmake and bazel instead.
Replaced grpc::string with std::string.
Fix wrong version in gRPCConfigVersion.cmake and grpc++*.pc.
Python
[Aio] Support tuple and aio.Metadata interaction.
[Aio] Allows poller to bind to ephemeral loops in multiple threads.
[Aio] Hide init_grpc_aio and guard async API outside of AsyncIO context.
[Aio] Implement methods to access auth context and peer info.
Add protobuf as an "extras" dependency to grpcio package.
[Aio] Use Metadata type.
Avoid attribute error in del of _ChannelCallState.
Default wait_for_ready to True in simple stubs.
Propagate contextvars to auxiliary threads.
Simplify channel credentials in simple stubs.
1.5.0
Improvements
Use explicit flag for the specific version of c++ we are targeting.
Prevent a copy of a pool’s backends when selecting a server.
Bug Fixes
Fix compilation with h2o_socket_get_ssl_server_name().
Prevent a possible overflow via large Proxy Protocol values. (Valentei Sergey)
Avoid name clashes on Solaris derived systems.
Resize hostname to final size in getCarbonHostname(). (Aki Tuomi)
Fix compilation on OpenBSD/amd64.
Handle calling PacketCache methods on a nil object.
1.4.0
Improvements
Fix the default value of setMaxUDPOutstanding in the console’s help (phonedph1)
Add bindings for the noerrors and drops members of StatNode
Fix -Wshadow warnings (Aki Tuomi)
Fix typo: settting to setting (Chris Hofstaedtler)
Bug Fixes
Lowercase the name blocked by a SMT dynamic block
misc
Prefer the cipher suite from the server by default (DoH, DoT)
v0.6.8
Variety of small updates and bugfixes, but of note:
Support for namespace prefixes for XPath queries
edit-config parameter validation
Support for multiple RPC errors
API to get supported device types
Support for subtree filters with multiple top-level tags
19.0.2
- Regenerate Cython sources with 0.29.21 in sdists for compatibility with Python 3.9
- Handle underlying socket being closed in ZMQStream with warning instead of error
- Improvements to socket cleanup during process teardown
- Fix debug-builds on Windows
- Avoid importing ctypes during startup on Windows
- Documentation improvements
- Raise ``AttributeError`` instead of ``ZMQError(EINVAL)`` on attempts to read write-only attributes,
for compatibility with mocking
2.2.2
- BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
- BUILD: tools: fix build with static only toolchains
- BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
- BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
- BUG/MAJOR: dns: don't treat Authority records as an error
- MEDIUM: lua: Add support for the Lua 5.4
- BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
- BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
- BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
- BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
- BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
- MINOR: connection: Preinstall the mux for non-ssl connect
- MINOR: stream-int: Be sure to have a mux to do sends and receives
- SCRIPTS: announce-release: add the link to the wiki in the announce messages
- BUG/MEDIUM: backend: always attach the transport before installing the mux
- BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
(pkgsrc)
- Add adhoc patch to make it build.
(upstream)
Changelog:
- Fix tweet sending on 32bit architectures. #795 Wtf.
- Fix a few spelling mistakes. #798
- Work around a GTK+ bug increasing the window size
when typing DMs. #796
- Prevent the list statuses page from automatically focusing
the delete button, potentially resulting in accidentally
deleted lists. #811
- Show a language selection context menu in the
compose text view. #812
- Added the Guninski patch for alloc from Qualys (CVE-2005-1513).
- dns_ipq (IP qualify) now with unified IPv4/IPv6 handling and evaluation
of DNS well-know names 'localhost' and 'ipv[4|6]-loopback' (RFC 6761).
- Fixed DNS lookup for IPv6 addresses. Adjusted DNS man pages.
Bump default BUILDLINK_API_DEPENDS, as all fehware requires this version.
This is the 1.30.2 release (gradius) of gRPC Core.
Please see the notes for the previous releases here:
https://github.com/grpc/grpc/releases. Please consult https://grpc.io/
for all information regarding this product.
This release is a patch specifically for the Ruby plugin to address
#23490
Ruby
Fix ruby protoc plugin when message is in another package
(#23501)
!! Configuration format was updated !!
With the 0.7.0 release, our configuration format was updated to
use YAML files. Baikal stores data in both the Specific and the
config folders. Keep this in mind when upgrading! We recommend that
you make a full backup of your data, as a safety measure.
0.7.1
-----
* Fixed user deletion
* Fixed upgrading from versions older than 0.6.1
* Re-added config option for base uri
* Ships with sabre/dav 4.1.0
0.7.0 (2020-05-31)
------------------
* New configuration format
* Added support for php 7.4
* REMOVED support for php 7.0
* Shows event count per calendar
* Shows contact count per address book
* Ships with sabre/dav 4.1.0
0.2.3
* Fix handling of WSGI - not all versions of start_response take
keyword arguments.
* Add --no-strict option for clients that don't follow
the spec.
version 2.82
Improve behaviour in the face of network interfaces which come
and go and change index. Thanks to Petr Mensik for the patch.
Convert hard startup failure on NETLINK_NO_ENOBUFS under qemu-user
to a warning.
Allow IPv6 addresses ofthe form [::ffff:1.2.3.4] in --dhcp-option.
Fix crash under heavy TCP connection load introduced in 2.81.
Thanks to Frank for good work chasing this down.
Change default lease time for DHCPv6 to one day.
Alter calculation of preferred and valid times in router
advertisements, so that these do not have a floor applied
of the lease time in the dhcp-range if this is not explicitly
specified and is merely the default.
3.3.28:
Added
Redesign of the release process using Azure Pipelines
Create a dedicated documentation on ReadTheDoc, refactor README.md into README.rst
Modified
Fix localzone provider to make it work with dnspython 2.x
Update easyname provider against the recent API changes
2.2.1
- BUG/MINOR: sample: Free str.area in smp_check_const_bool
- BUG/MINOR: sample: Free str.area in smp_check_const_meth
- BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
- BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
- CONTRIB: da: fix memory leak in dummy function da_atlas_open()
- BUG/MEDIUM: mux-h2: Don't add private connections in available connection list
- BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list
- BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode
- BUG/MINOR: mux-fcgi: Handle empty STDERR record
- BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding
- BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT
- BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
- BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
- BUG/MEDIUM: server: resolve state file handle leak on reload
- BUG/MEDIUM: server: fix possibly uninitialized state file on close
- BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
- BUILD: config: address build warning on raspbian+rpi4
- BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
- BUILD: config: fix again bugs gcc warnings on calloc
- DOC: ssl: req_ssl_sni needs implicit TLS
- BUG/MEDIUM: arg: empty args list must be dropped
- BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
- BUG/MAJOR: tasks: don't requeue global tasks into the local queue
- BUG/MAJOR: dns: Make the do-resolve action thread-safe
- BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
- MEDIUM: htx: Add a flag on a HTX message when no more data are expected
- BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
- BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected
- BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
v1.11.4
IMPROVEMENTS:
Add resource for CSIDriver
Add resource for Pod Security Policies
Add data source for Pod and PVC
Add support for CSI volume type in persistent_volume resource
Add Kubernetes Job 'wait_for_completion' functionality
Support 'optional' flag for ConfigMap mounted as volume
Add specific error message when failing to load provider config
Support 'optional' on env valueFrom for secret key/configmap key
Skip tests for CSIDriver if cluster version is less than 1.16
Allow 'ttl_seconds_after_finished = 0' in kubernetes_job resource
Set service block to 'optional' for webhook configurations
0.12.29
BUG FIXES:
core: core: Prevent quadratic memory usage with large numbers of instances by not storing the complete resource state in each instance
Changes:
5.2
---
* Add Filter message to mitmdump (@sarthak212)
* Display TCP flows at flow list (@Jessonsotoventura, @nikitastupin, @mhils)
* Colorize JSON Contentview (@sarthak212)
* Fix console crash when entering regex escape character in half-open
string (@sarthak212)
* Integrate contentviews to TCP flow details (@nikitastupin)
* Added add-ons that enhance the performance of web application
scanners (@anneborcherding)
* Increase WebSocket message timestamp precision (@JustAnotherArchivist)
* Fix HTTP reason value on HTTP/2 reponses (@rbdixon)
* mitmweb: support wslview to open a web browser (@G-Rath)
* Fix dev version detection with parent git repo (@JustAnotherArchivist)
* Restructure examples and supported addons (@mhils)
* Certificate generation: mark SAN as critical if no CN is set (@mhils)
* Simplify Replacements with new ModifyBody addon (@mplattner)
* Rename SetHeaders addon to ModifyHeaders (@mplattner)
* mitmweb: "New -> File" menu option has been renamed to "Clear All"
(@yogeshojha)
* Add new MapRemote addon to rewrite URLs of requests (@mplattner)
* Add support for HTTP Trailers to the HTTP/2 protocol
(@sanlengjingvv and @Kriechi)
* Fix certificate runtime error during expire cleanup (@gorogoroumaru)
* Fixed the DNS Rebind Protection for secure support of IPv6 addresses
(@tunnelpr0)
* WebSockets: match the HTTP-WebSocket flow for the ~websocket filter
(@Kriechi)
* Fix deadlock caused by the "replay.client.stop" command (@gorogoroumaru)
* Add new MapLocal addon to serve local files instead of remote
resources (@mplattner and @mhils)
* Add minimal TCP interception and modification (@nikitastupin)
* Add new CheckSSLPinning addon to check SSL-Pinning on client (@su-vikas)
* Add a JSON dump script: write data into a file or send to an endpoint as
JSON (@emedvedev)
* Fix console output formatting (@sarthak212)
* Add example for proxy authentication using selenium
(@anneborcherding and @weichweich)
HAProxy 2.2.0 was released on 2020/07/07. It added 24 new commits
after version 2.2-dev12.
There were very few last-minute changes since dev12, just as I hoped,
that's pretty fine.
We're late by about 1 month compared to the initial planning, which is
not terrible and should be seen instead as an investment on the debugging
cycle since almost only bug fixes were merged during that period. In the
end you get a better version later.
While I was initially worried that this version didn't seem to contain
any outstanding changes, looking back in the mirror tells be it's another
awesome one instead:
- dynamic content emission:
- "http-request return" directive to build dynamic responses ;
- rewrite of headers (including our own) after the response ;
- dynamic error files (errorfiles can be used as templates to
deliver personalized pages)
- further improvements to TLS runtime certificates management:
- insertion of new certificates
- split of key and cert
- manipulation and creation of crt-lists
- even directories can be handled
And by the way now TLSv1.2 is set as the default minimum version.
- significant reduction of server-side resources by sharing idle
connection pools between all threads ; till 2.1 if you had 64 threads,
each of them had its own connections, so the reuse rate was lower, and
the idle connection count was very high. This is not the case anymore.
- health-checks were rewritten to all rely on tcp-check rules behind the
curtains. This allowed to get rid of all the dirt we had accumulate over
18 years and to write extensible checks. New ones are much easier to add.
In addition we now have http-checks which support header and body
addition, and which pass through muxes (HTTP/1 and HTTP/2).
- ring buffer creation with ability to forward any event to any log server
including over TCP. This means that it's now possible to log over a TCP
syslog server, and that adding new protocols should be fairly easy.
- further refined and improved debugging (symbols in panic dumps, malloc
debugging, more activity counters)
- the default security was improved. For example fork() is forbidden by
default, which will block against any potential code execution (and
will also block external checks by default unless explicitly unblocked).
- new performance improvements in the scheduler and I/O layers, reducing
the cost of I/O processing and overall latency. I've known from private
discussions that some noticed tremendous gains there.
I'm pretty sure there are many other things but I don't remember, I'm
looking at my notes. I'm aware that HaproxyTech will soon post an in-depth
review on the haproxy.com blog so just have a look there for all the details.
(edit: it's already there: https://www.haproxy.com/blog/announcing-haproxy-2-2/
).
There are three things I noted during the development of this version.
The first one is that with the myriad of new tools we're using to help
users and improve our code quality (discourse, travis, cirrus, oss-fuzz,
mailing-list etc), some people really found their role in the project and
are becoming more autonomous. This definitely scales much better and helps
me spend less time on things that are not directly connected to my code
activities, so thank you very much for this (Lukas, Tim, Ilya, Cyril).
The second one is that this is the first version that has been tortured
in production long before the release. And when I'm saying "tortured", I
really mean it, because several of us were suffering as well. But it
allowed to address very serious issues that would have been a nightmare
to debug and fix post-release. For this I really want to publicly thank
William Dauchy for all his work and involvement on this, and for all the
very detailed reports he's sent us. For me this is the proof that running
code early on very limited traffic is enough to catch unacceptable bugs
that will not hit you later. And this pays off because he will be able to
deploy 2.2 soon without sweating. Others might face bugs that were not in
the perimeter he tested, hehe :-) I really encourage anyone who can to do
this. I know it's not easy and can be risky, but with some organization
and good prod automation it's possible and is great. What's nice with
reporting bugs during development is that you have a safe version to roll
back to and it can take the time it takes to fix the bug, it's not a
problem! Please think about it and what it would imply for you to adopt
such a model, it's a real time saver and risk saver for your production.
The last one is that we started to use the -next branch to queue some
pending work (that was already merged) and that the principle of finishing
one version while we're starting to queue some work for the next one is
well accepted and will help really us. I'd like this to continue and grow
in importance.
Enough talking, now's time to download and update, and for me to leave to
have dinner :-)
Release 4.52
Bug Fixes
- Fix tests using wrong AWS credentials if AWS CLI is installed.
- Fix `AttributeError: module 'gslib' has no attribute 'USER_AGENT'`.
- Fix encoding error in `user_agent_helper`.
- Fix stdout ordering issue in hash command.
- Fix multithread race condition for cp/mv command when multiple operations are attempting to create the same directory.
- Fix OSError on interrupted rsync -d.
2.70.0
FEATURES:
* **New Resource:** `aws_ec2_client_vpn_authorization_rule`
* **New Resource:** `aws_ec2_client_vpn_route`
ENHANCEMENTS:
* resource/aws_launch_template: Add `default_version` argument (previously only an exported attribute)
* resource/aws_launch_template: Add `update_default_version` argument to set the launch template's default version to the latest version available on update
* resource/aws_organizations_organization: Support `BACKUP_POLICY` value in `enabled_policy_types` plan-time validation (Support Backup policies)
* resource/aws_organizations_policy: Support `BACKUP_POLICY` value in `type` plan-time validation (Support Backup policies)
fping 4.3
New features
Linux unprivileged ping support
Add SIGQUIT summary support similar to ping
Bugfixes and other changes
Corrected long option name of -s to --stats
Do not fail if using fping6 with -6 flag
Fail if interface binding (-I) does not work
Fix using option -4 when fping is compiled IPv4-only
Add Azure pipeline test build
GCC 10 compatibility fixes
Macos build fix
Fix xmt stats in Netdata output
Only increase num_alive if response is not a duplicate
Use line buffering for stdout
1.18.97
api-change:ebs: Update ebs command to latest version
api-change:sns: Update sns command to latest version
api-change:appmesh: Update appmesh command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:wafv2: Update wafv2 command to latest version
api-change:cloudhsmv2: Update cloudhsmv2 command to latest version
api-change:events: Update events command to latest version
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:amplify: Update amplify command to latest version
api-change:secretsmanager: Update secretsmanager command to latest version
api-change:comprehend: Update comprehend command to latest version
1.18.96
api-change:organizations: Update organizations command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:ce: Update ce command to latest version
api-change:forecast: Update forecast command to latest version
1.18.95
api-change:efs: Update efs command to latest version
api-change:storagegateway: Update storagegateway command to latest version
api-change:lakeformation: Update lakeformation command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:glue: Update glue command to latest version
api-change:cloudfront: Update cloudfront command to latest version
1.18.94
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:rds: Update rds command to latest version
api-change:quicksight: Update quicksight command to latest version
1.18.93
api-change:connect: Update connect command to latest version
api-change:elasticache: Update elasticache command to latest version
1.18.92
api-change:rds: Update rds command to latest version
api-change:appsync: Update appsync command to latest version
api-change:imagebuilder: Update imagebuilder command to latest version
api-change:codebuild: Update codebuild command to latest version
api-change:securityhub: Update securityhub command to latest version
api-change:chime: Update chime command to latest version
1.18.91
api-change:ec2: Update ec2 command to latest version
api-change:rds: Update rds command to latest version
api-change:codeguru-reviewer: Update codeguru-reviewer command to latest version
api-change:comprehendmedical: Update comprehendmedical command to latest version
api-change:ecr: Update ecr command to latest version
1.18.90
api-change:ec2: Update ec2 command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:codestar-connections: Update codestar-connections command to latest version
api-change:codeguruprofiler: Update codeguruprofiler command to latest version
1.18.89
api-change:sagemaker: Update sagemaker command to latest version
api-change:quicksight: Update quicksight command to latest version
api-change:cloudformation: Update cloudformation command to latest version
api-change:dms: Update dms command to latest version
api-change:cognito-idp: Update cognito-idp command to latest version
1.18.88
api-change:ec2: Update ec2 command to latest version
api-change:glue: Update glue command to latest version
1.18.87
api-change:fsx: Update fsx command to latest version
api-change:emr: Update emr command to latest version
api-change:amplify: Update amplify command to latest version
api-change:honeycode: Update honeycode command to latest version
api-change:codecommit: Update codecommit command to latest version
api-change:iam: Update iam command to latest version
api-change:backup: Update backup command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:organizations: Update organizations command to latest version
1.18.86
api-change:organizations: Update organizations command to latest version
api-change:mediatailor: Update mediatailor command to latest version
1.18.85
api-change:rds: Update rds command to latest version
api-change:rekognition: Update rekognition command to latest version
api-change:sqs: Update sqs command to latest version
api-change:emr: Update emr command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.84
api-change:elasticache: Update elasticache command to latest version
api-change:medialive: Update medialive command to latest version
api-change:opsworkscm: Update opsworkscm command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.83
api-change:rds: Update rds command to latest version
api-change:support: Update support command to latest version
api-change:route53: Update route53 command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
enchancement:codeartifact: Backport login command to AWS CLI v1
api-change:meteringmarketplace: Update meteringmarketplace command to latest version
api-change:sesv2: Update sesv2 command to latest version
api-change:ssm: Update ssm command to latest version
1.18.82
api-change:route53: Update route53 command to latest version
api-change:appmesh: Update appmesh command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:snowball: Update snowball command to latest version
1.18.81
api-change:lambda: Update lambda command to latest version
api-change:dataexchange: Update dataexchange command to latest version
api-change:qldb: Update qldb command to latest version
api-change:cloudfront: Update cloudfront command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:polly: Update polly command to latest version
1.18.80
api-change:appconfig: Update appconfig command to latest version
api-change:alexaforbusiness: Update alexaforbusiness command to latest version
api-change:cognito-idp: Update cognito-idp command to latest version
api-change:chime: Update chime command to latest version
api-change:iot: Update iot command to latest version
1.18.79
api-change:storagegateway: Update storagegateway command to latest version
api-change:apigateway: Update apigateway command to latest version
api-change:glue: Update glue command to latest version
api-change:cloudformation: Update cloudformation command to latest version
1.18.78
api-change:ecs: Update ecs command to latest version
api-change:iot-data: Update iot-data command to latest version
api-change:lex-models: Update lex-models command to latest version
api-change:imagebuilder: Update imagebuilder command to latest version
1.18.77
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:compute-optimizer: Update compute-optimizer command to latest version
api-change:appconfig: Update appconfig command to latest version
api-change:dlm: Update dlm command to latest version
api-change:lightsail: Update lightsail command to latest version
api-change🛡️ Update shield command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:codeartifact: Update codeartifact command to latest version
1.18.76
api-change:transfer: Update transfer command to latest version
bugfix:config file: Improve config parsing to handle values with square brackets.
1.14.20
api-change:amplify: [botocore] Update amplify client to latest version
api-change:wafv2: [botocore] Update wafv2 client to latest version
api-change:ebs: [botocore] Update ebs client to latest version
api-change:events: [botocore] Update events client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:cloudhsmv2: [botocore] Update cloudhsmv2 client to latest version
api-change:appmesh: [botocore] Update appmesh client to latest version
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
api-change:sns: [botocore] Update sns client to latest version
api-change:secretsmanager: [botocore] Update secretsmanager client to latest version
api-change:comprehend: [botocore] Update comprehend client to latest version
1.14.19
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:forecast: [botocore] Update forecast client to latest version
api-change:ce: [botocore] Update ce client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
1.14.18
api-change:storagegateway: [botocore] Update storagegateway client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:lakeformation: [botocore] Update lakeformation client to latest version
api-change:efs: [botocore] Update efs client to latest version
api-change:cloudfront: [botocore] Update cloudfront client to latest version
1.14.17
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
1.14.16
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:connect: [botocore] Update connect client to latest version
1.14.15
api-change:imagebuilder: [botocore] Update imagebuilder client to latest version
api-change:appsync: [botocore] Update appsync client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
1.14.14
api-change:ecr: [botocore] Update ecr client to latest version
api-change:codeguru-reviewer: [botocore] Update codeguru-reviewer client to latest version
api-change:comprehendmedical: [botocore] Update comprehendmedical client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.14.13
api-change:codestar-connections: [botocore] Update codestar-connections client to latest version
api-change:codeguruprofiler: [botocore] Update codeguruprofiler client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
1.14.12
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:cognito-idp: [botocore] Update cognito-idp client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
api-change:dms: [botocore] Update dms client to latest version
1.14.11
api-change:glue: [botocore] Update glue client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.14.10
api-change:iam: [botocore] Update iam client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
api-change:backup: [botocore] Update backup client to latest version
api-change:emr: [botocore] Update emr client to latest version
api-change:fsx: [botocore] Update fsx client to latest version
api-change:amplify: [botocore] Update amplify client to latest version
api-change:codecommit: [botocore] Update codecommit client to latest version
api-change:honeycode: [botocore] Update honeycode client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
1.14.9
api-change:mediatailor: [botocore] Update mediatailor client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
1.14.8
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:emr: [botocore] Update emr client to latest version
api-change:rekognition: [botocore] Update rekognition client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:sqs: [botocore] Update sqs client to latest version
1.14.7
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:opsworkscm: [botocore] Update opsworkscm client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
1.14.6
api-change:support: [botocore] Update support client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:meteringmarketplace: [botocore] Update meteringmarketplace client to latest version
api-change:route53: [botocore] Update route53 client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:sesv2: [botocore] Update sesv2 client to latest version
1.14.5
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:snowball: [botocore] Update snowball client to latest version
api-change:appmesh: [botocore] Update appmesh client to latest version
api-change:route53: [botocore] Update route53 client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
1.14.4
api-change:cloudfront: [botocore] Update cloudfront client to latest version
api-change:dataexchange: [botocore] Update dataexchange client to latest version
api-change:qldb: [botocore] Update qldb client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:lambda: [botocore] Update lambda client to latest version
api-change:polly: [botocore] Update polly client to latest version
1.14.3
api-change:chime: [botocore] Update chime client to latest version
api-change:appconfig: [botocore] Update appconfig client to latest version
api-change:alexaforbusiness: [botocore] Update alexaforbusiness client to latest version
api-change:cognito-idp: [botocore] Update cognito-idp client to latest version
api-change:iot: [botocore] Update iot client to latest version
1.14.2
api-change:apigateway: [botocore] Update apigateway client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
api-change:storagegateway: [botocore] Update storagegateway client to latest version
1.14.1
api-change:lex-models: [botocore] Update lex-models client to latest version
api-change:imagebuilder: [botocore] Update imagebuilder client to latest version
api-change:iot-data: [botocore] Update iot-data client to latest version
api-change:ecs: [botocore] Update ecs client to latest version
1.14.0
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:codeartifact: [botocore] Update codeartifact client to latest version
api-change:compute-optimizer: [botocore] Update compute-optimizer client to latest version
api-change🛡️ [botocore] Update shield client to latest version
api-change:lightsail: [botocore] Update lightsail client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:appconfig: [botocore] Update appconfig client to latest version
feature:SSO: [botocore] Added support for the SSO credential provider. This allows the SDK to retrieve temporary AWS credentials from a profile configured to use SSO credentials.
api-change:dlm: [botocore] Update dlm client to latest version
1.13.26
api-change:transfer: [botocore] Update transfer client to latest version
1.17.20
api-change:amplify: Update amplify client to latest version
api-change:wafv2: Update wafv2 client to latest version
api-change:ebs: Update ebs client to latest version
api-change:events: Update events client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:cloudhsmv2: Update cloudhsmv2 client to latest version
api-change:appmesh: Update appmesh client to latest version
api-change:alexaforbusiness: Update alexaforbusiness client to latest version
api-change:sns: Update sns client to latest version
api-change:secretsmanager: Update secretsmanager client to latest version
api-change:comprehend: Update comprehend client to latest version
1.17.19
api-change:ec2: Update ec2 client to latest version
api-change:forecast: Update forecast client to latest version
api-change:ce: Update ce client to latest version
api-change:organizations: Update organizations client to latest version
1.17.18
api-change:storagegateway: Update storagegateway client to latest version
api-change:glue: Update glue client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:lakeformation: Update lakeformation client to latest version
api-change:efs: Update efs client to latest version
api-change:cloudfront: Update cloudfront client to latest version
1.17.17
api-change:quicksight: Update quicksight client to latest version
api-change:rds: Update rds client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
1.17.16
api-change:elasticache: Update elasticache client to latest version
api-change:connect: Update connect client to latest version
1.17.15
api-change:imagebuilder: Update imagebuilder client to latest version
api-change:appsync: Update appsync client to latest version
api-change:chime: Update chime client to latest version
api-change:rds: Update rds client to latest version
api-change:securityhub: Update securityhub client to latest version
api-change:codebuild: Update codebuild client to latest version
1.17.14
api-change:ecr: Update ecr client to latest version
api-change:codeguru-reviewer: Update codeguru-reviewer client to latest version
api-change:comprehendmedical: Update comprehendmedical client to latest version
api-change:rds: Update rds client to latest version
api-change:ec2: Update ec2 client to latest version
1.17.13
api-change:codestar-connections: Update codestar-connections client to latest version
api-change:codeguruprofiler: Update codeguruprofiler client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:autoscaling: Update autoscaling client to latest version
1.17.12
api-change:quicksight: Update quicksight client to latest version
api-change:cognito-idp: Update cognito-idp client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:cloudformation: Update cloudformation client to latest version
api-change:dms: Update dms client to latest version
1.17.11
api-change:glue: Update glue client to latest version
api-change:ec2: Update ec2 client to latest version
1.17.10
api-change:iam: Update iam client to latest version
api-change:organizations: Update organizations client to latest version
api-change:backup: Update backup client to latest version
api-change:emr: Update emr client to latest version
api-change:fsx: Update fsx client to latest version
api-change:amplify: Update amplify client to latest version
api-change:codecommit: Update codecommit client to latest version
api-change:honeycode: Update honeycode client to latest version
api-change:autoscaling: Update autoscaling client to latest version
1.17.9
api-change:mediatailor: Update mediatailor client to latest version
api-change:organizations: Update organizations client to latest version
1.17.8
api-change:ec2: Update ec2 client to latest version
api-change:emr: Update emr client to latest version
api-change:rekognition: Update rekognition client to latest version
api-change:rds: Update rds client to latest version
api-change:sqs: Update sqs client to latest version
1.17.7
api-change:elasticache: Update elasticache client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:opsworkscm: Update opsworkscm client to latest version
api-change:medialive: Update medialive client to latest version
1.17.6
api-change:support: Update support client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:meteringmarketplace: Update meteringmarketplace client to latest version
api-change:route53: Update route53 client to latest version
api-change:ssm: Update ssm client to latest version
api-change:rds: Update rds client to latest version
api-change:sesv2: Update sesv2 client to latest version
1.17.5
api-change:ec2: Update ec2 client to latest version
api-change:snowball: Update snowball client to latest version
api-change:appmesh: Update appmesh client to latest version
api-change:route53: Update route53 client to latest version
api-change:macie2: Update macie2 client to latest version
1.17.4
api-change:cloudfront: Update cloudfront client to latest version
api-change:dataexchange: Update dataexchange client to latest version
api-change:qldb: Update qldb client to latest version
api-change:autoscaling: Update autoscaling client to latest version
api-change:lambda: Update lambda client to latest version
api-change:polly: Update polly client to latest version
1.17.3
api-change:chime: Update chime client to latest version
api-change:appconfig: Update appconfig client to latest version
api-change:alexaforbusiness: Update alexaforbusiness client to latest version
api-change:cognito-idp: Update cognito-idp client to latest version
api-change:iot: Update iot client to latest version
1.17.2
api-change:apigateway: Update apigateway client to latest version
api-change:glue: Update glue client to latest version
api-change:cloudformation: Update cloudformation client to latest version
api-change:storagegateway: Update storagegateway client to latest version
1.17.1
api-change:lex-models: Update lex-models client to latest version
api-change:imagebuilder: Update imagebuilder client to latest version
api-change:iot-data: Update iot-data client to latest version
api-change:ecs: Update ecs client to latest version
1.17.0
api-change:macie2: Update macie2 client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:codeartifact: Update codeartifact client to latest version
api-change:compute-optimizer: Update compute-optimizer client to latest version
api-change🛡️ Update shield client to latest version
api-change:lightsail: Update lightsail client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:appconfig: Update appconfig client to latest version
feature:SSO: Added support for the SSO credential provider. This allows the SDK to retrieve temporary AWS credentials from a profile configured to use SSO credentials.
api-change:dlm: Update dlm client to latest version
1.16.26
api-change:transfer: Update transfer client to latest version
pkgsrc changes:
- Remove patch-configure: applied upstream
Changes:
Changes in version 0.4.3.6 - 2020-07-09
Tor 0.4.3.6 backports several bugfixes from later releases, including
some affecting usability.
This release also fixes TROVE-2020-001, a medium-severity denial of
service vulnerability affecting all versions of Tor when compiled with
the NSS encryption library. (This is not the default configuration.)
Using this vulnerability, an attacker could cause an affected Tor
instance to crash remotely. This issue is also tracked as CVE-2020-
15572. Anybody running a version of Tor built with the NSS library
should upgrade to 0.3.5.11, 0.4.2.8, 0.4.3.6, or 0.4.4.2-alpha
or later.
o Major bugfixes (NSS, security, backport from 0.4.4.2-alpha):
- Fix a crash due to an out-of-bound memory access when Tor is
compiled with NSS support. Fixes bug 33119; bugfix on
0.3.5.1-alpha. This issue is also tracked as TROVE-2020-001
and CVE-2020-15572.
o Minor bugfix (CI, Windows, backport from 0.4.4.2-alpha):
- Use the correct 64-bit printf format when compiling with MINGW on
Appveyor. Fixes bug 40026; bugfix on 0.3.5.5-alpha.
o Minor bugfixes (client performance, backport from 0.4.4.1-alpha):
- Resume use of preemptively-built circuits when UseEntryGuards is set
to 0. We accidentally disabled this feature with that config
setting, leading to slower load times. Fixes bug 34303; bugfix
on 0.3.3.2-alpha.
o Minor bugfixes (compiler warnings, backport from 0.4.4.2-alpha):
- Fix a compiler warning on platforms with 32-bit time_t values.
Fixes bug 40028; bugfix on 0.3.2.8-rc.
o Minor bugfixes (linux seccomp sandbox, nss, backport from 0.4.4.1-alpha):
- Fix a startup crash when tor is compiled with --enable-nss and
sandbox support is enabled. Fixes bug 34130; bugfix on
0.3.5.1-alpha. Patch by Daniel Pinto.
o Minor bugfixes (logging, backport from 0.4.4.2-alpha):
- Downgrade a noisy log message that could occur naturally when
receiving an extrainfo document that we no longer want. Fixes bug
16016; bugfix on 0.2.6.3-alpha.
o Minor bugfixes (manual page, backport from 0.4.4.1-alpha):
- Update the man page to reflect that MinUptimeHidServDirectoryV2
defaults to 96 hours. Fixes bug 34299; bugfix on 0.2.6.3-alpha.
o Minor bugfixes (onion service v3, backport from 0.4.4.1-alpha):
- Prevent an assert() that would occur when cleaning the client
descriptor cache, and attempting to close circuits for a non-
decrypted descriptor (lacking client authorization). Fixes bug
33458; bugfix on 0.4.2.1-alpha.
o Minor bugfixes (portability, backport from 0.4.4.1-alpha):
- Fix a portability error in the configure script, where we were
using "==" instead of "=". Fixes bug 34233; bugfix on 0.4.3.5.
o Minor bugfixes (relays, backport from 0.4.4.1-alpha):
- Stop advertising incorrect IPv6 ORPorts in relay and bridge
descriptors, when the IPv6 port was configured as "auto". Fixes
bug 32588; bugfix on 0.2.3.9-alpha.
o Documentation (backport from 0.4.4.1-alpha):
- Fix several doxygen warnings related to imbalanced groups. Closes
ticket 34255.
Release v1.30.1
This release is a patch specifically for the Ruby bindings
Release v1.30.0
Core
This release adds an xDS URI scheme called xds. This is the stable version of the scheme xds-experimental that was introduced in v1.28.0. xds-experimental scheme will be removed in subsequent releases so you must switch to xds scheme instead. xds scheme is a client side implementation of xDSv2 APIs. This allows a gRPC client written in C++, Python, Ruby, PHP and C# to receive configuration from an xDSv2 API compatible server and use that configuration to load balance RPCs. In this release, only the virtual host matching, default path (“” or “/”) matching and cluster route action are supported. The features supported in a given release are documented here.
Remove unnamed typedef structs in src/core.
Support xDS via both xds and xds-experimental URI schemes.
Fix sorting of gRPCLB addresses when resolved via DNS.
Support local creds in grpc_cli.
Add some additional delay when sending pings without there being activity on receive side.
Added GRPC_TSAN_SUPPRESSED and GRPC_ASAN_SUPPRESSED.
Fail decompression when the gzip trailer is missing.
Include source address in tcp posix async connect errors.
Fix HTTP status conversion inconsistencies.
Add GRPC_ARG_HTTP_PROXY channel argument.
Include the query type and name in all c-ares DNS error messages.
Include the destination address in synchronous TCP connect errors.
Use aligned calculation to determine transport stream from call data.
Fixing bug with END_STREAM if header has continuations.
Fail writes when End of stream has been received.
C++
Fix missing include for std::string.
Don't override cmake cxx standard when already set by the user.
Grpc.Tools: Fix cpp paths in tools to match actual codegen.
TlsCredentialsOption API optimization.
Fixed MinGW 7.3.0 shared library compile and link issues.
Fix interceptor batch method FailHijackedRecvMessage for async APIs.
Python
Add Aio stream stream client interceptor support.
[Aio] Add AsyncIO support for Channelz.
Stop memory leak when Python channel is deallocated without invoking "close".
Expose ALTS client/server credentials in Python API.
[Aio] Stream Unary client interceptor.
[Aio] Make sync handlers runnable in AsyncIO server.
[Aio] Add AsyncIO support to grpcio-status.
[Aio] Implement the Unary Stream client interceptor.
Changes
0.10.1
======
gh api --paginate
-----------------
The api command now offers functionality to recursively fetch next
pages of results until all results have been fetched.
Fixes
-----
- Fix pr create not respecting template when editor was skipped #1243
- Fix pr checkout OWNER:BRANCH invocation setting up upstream configuration in
case maintainers are allowed to modify the pull request branch #1252
- Fix pr status not working in detached HEAD state #1155
- Do not output ANSI colour escape sequences from issue/pr/repo view if standard
output is redirected elsewhere #1187
- Improve error reporting and exit status for mistyped command names #1221
- Improve error reporting when someone might have forgotten to quote values with
spaces #1147
Tweaks
------
- Documentation improvements #1179#1204
- Added description text to Debian/RPM packages #1211
0.28.0
Improved Windows support when using socket errno checks.
Added support for passing text addresses to ServiceInfo.
Improved logging (includes fixing an incorrect logging call)
Improved Windows compatibility by using Adapter.index from ifaddr.
Improved Windows compatibility by stopping using socket.if_nameindex.
Fixed an OS X edge case which should also eliminate a memory leak.
Technically backwards incompatible:
ifaddr 0.1.7 or newer is required now.
It now includes its own vendored copy of Boto.
Release 4.51 (release date: 2020-03-26)
======================================
- Fixed file permissions for credstor2 and tracker files (#1002 and # 1005)
- Added a check to restrict the duration (-d option) for signurl command
to 12 hours if -u flag is used. (#1014)
- Updated rsync command to try patching before overwriting,
rather than checking ACL (#1016)
- Several documentation updates and clarifications.
Release 4.50 (release date: 2020-04-30)
======================================
- Switched to Using V4 signature as default for S3 (#981)
- Updated rsa library to release-4.0 (#992)
- Updated test script to install pyenv if missing for kokoro (#990)
- Fixed print ordering in kms set by using print instead of
text_util.print_to_fd (#974)
- Several documentation updates and clarifications (#969) (#987)
Release 4.49 (release date: 2020-03-26)
======================================
- Added support for service account impersonation for signurl.
- Fixed an issue with rsync throwing error when the destination url is a prefix of
an existing object.
- Several documentation updates and clarifications.
Release 4.48 (release date: 2020-02-28)
======================================
- Fixed special character handling in filenames on Windows with Python3.
- Fixed issue while transferring binary files from S3 with Python3.
- Fixed KMS tests, so that keys are created in the same region as their buckets.
- Several documentation updates and clarifications.
NEWS for rsync 3.2.2
BUG FIXES:
- Avoid a crash when a daemon module enables `transfer logging` without
setting a `log format` value.
- Fixed installing rsync-ssl script from an alternate build dir.
- Fixed the updating of configure.sh from an alternate build dir.
- Apple requires the asm function name to begin with an underscore.
- Avoid a test failure in the daemon test when --atimes is disabled.
ENHANCEMENTS:
- Allow the server side to restrict checksum & compression choices via the
same environment variables the client uses. The env vars can be divided
into "client list & server list" by the "`&`" char or the same list can
apply to both.
- Simplify how the negotiation environment variables apply when interacting
with an older rsync and also when a list contains only invalid names.
- Do not allow a negotiated checksum or compression choice of "none" unless
the user authorized it via an environment variable or command-line option.
- Added the `--max-alloc=SIZE` option to be able to override the memory
allocator's sanity-check limit. It defaults to 1G (as before) but the error
message when exceeding it specifically mentions the new option so that you
can differentiate an out-of-memory error from a failure of this limit. It
also allows you to specify the value via the RSYNC_MAX_ALLOC environment
variable.
- Add the "open atime" daemon parameter to allow a daemon to always enable or
disable the use of O_NOATIME (the default is to let the user control it).
- The default systemd config was changed to remove the `ProtectHome=on`
setting since rsync is often used to serve files in /home and /root and this
seemed a bit too strict. Feel free to use `systemctl edit rsync` to add
that restriction (or maybe `ProtectHome=read-only`), if you like. See the
3.2.0 NEWS for the other restrictions that were added compared to 3.1.3.
- The memory allocation functions now automatically check for a failure and
die when out of memory. This eliminated some caller-side check-and-die
code and added some missing sanity-checking of allocations.
- Put optimizations into their own list in the `--version` output.
- Improved the man page a bit more.
PACKAGING RELATED:
- Prepared the checksum code for an upcoming xxHash release that provides new
XXH3 (64-bit) & XXH128 (128-bit) checksum routines. These will not be
compiled into rsync until the xxhash v0.8.0 include files are installed on
the build host, and that release is a few weeks away at the time this was
written. So, if it's now the future and you have packaged and installed
xxhash-0.8.0-devel, a fresh rebuild of rsync 3.2.2 will give you the new
checksum routines. Just make sure that the new rsync package depends on
xxhash >= 0.8.0.
DEVELOPER RELATED:
- Moved the version number out of configure.ac into its own version.h file so
that we don't need to reconfigure just because the version number changes.
- Moved the daemon parameter list into daemon-parm.txt so that an awk script
can create the interrelated structs and accessors that loadparm.c needs.
v2.69.0
NOTES:
data-source/aws_availability_zones: The blacklisted_names and blacklisted_zone_ids arguments have been deprecated in preference for exclude_names and exclude_zone_ids respectively.
ENHANCEMENTS:
data-source/aws_availability_zones: Add exclude_names and exclude_zone_ids arguments
data-source/aws_elasticsearch_domain: Add advanced_security_options attribute
resource/aws_ecs_service: Increase delete retry timeout from 5 to 20 minutes
resource/aws_ecs_service: Support configurable delete timeout
resource/aws_elasticsearch_domain: Add advanced_security_options configuration block
resource/aws_sfn_state_machine: Add arn attribute
BUG FIXES:
resource/aws_autoscaling_group: Prevent unexpected differences in tags for Terraform 0.11 and earlier with boolean propagate_at_launch values
resource/aws_backup_selection: Correctly handle the associated backup plan being deleted outside Terraform
resource/aws_customer_gateway: Continue allowing 4-byte ASN values in bgp_asn argument
resource/aws_db_instance: Prevent schema version 1 upgrade panic on missing state
resource/aws_db_instance_role_association: Prevent immediate read after creation panic
resource/aws_efs_mount_target: Ensure empty string ("") validation in ip_address argument continues to work for Terraform 0.11 support
resource/aws_route53_record: Ensure old Route53 record is deleted when updating name argument
resource/aws_route53_record: Prevent errors when health_check_id argument is configured and updating set_identifier or type arguments
resource/aws_sfn_state_machine: Handle IAM Role eventual consistency on creation and wait for state machine deletion
resource/aws_spot_fleet_request: Increase default delete timeout to 15 minutes
resource/aws_wafv2_web_acl: Support additional nested and/or/not statement in rule statement and rule statement rate_based_statement attributes
Release: 0.8.0
* Fixed weak reference support in classes with ``__slots__``
* Added ``__bytes__`` to ``IPAddress`` for intuitive usage
* Added ``format()`` function to EUI
* Added ``IPNetwork.netmask`` property setter
* Added support for IABs in the ``40:D8:55`` OUI
* Drastically optimized ``spanning_cidr()``
* Fixed ``"x.x.x.x/x" in IPNetwork`` tests
* Added support for passing iterables of ``IPRange`` to ``IPSet`` and ``cidr_merge()``
Specific bug fixes addressed in this release
- N log N complexity instead of linear
- Efficiently creating a large IPSet from a list of IPRanges?
- Weak reference support
StatZone 1.0.3 (2020-07-06)
- Remove some unneeded seccomp related includes
- Validate architectures for seccomp
- Add seccomp support on i386, tested on glibc and musl
- Use __NR_ instead of SYS_ prefix in #if defined checks
Changes since 4.12.4
--------------------
* BUG 14301: Fix smbd panic on force-close share during async io.
* BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share
folder that contains incorrect symbols in any file name.
* BUG 14391: Fix DFS links.
* BUG 14310: Can't use DNS functionality after a Windows DC has been in
domain.
* BUG 14413: ldapi search to FreeIPA crashes.
* BUG 14396: Add net-ads-join dnshostname=fqdn option.
* BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC.
* BUG 14386: docs-xml: Update list of posible VFS operations for
vfs_full_audit.
* BUG 14382: winbindd: Fix a use-after-free when winbind clients exit.
* BUG 14370: Client tools are not able to read gencache anymore.
Samba 4.12.4
============
o CVE-2020-10730:
A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer
de-reference and further combinations with the LDAP paged_results feature can
give a use-after-free in Samba's AD DC LDAP server.
o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU.
o CVE-2020-10760:
The use of the paged_results or VLV controls against the Global Catalog LDAP
server on the AD DC will cause a use-after-free.
o CVE-2020-14303:
The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process
further requests once it receives an empty (zero-length) UDP packet to
port 137.
For more details, please refer to the security advisories.
Changes since 4.12.3
--------------------
* BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use
several seconds of CPU each.
* BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
and VLV combined.
* BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP
server with paged_result or VLV.
* BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to
AD DC nbt_server.
* BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
and VLV combined, ldb: Bump version to 2.1.4.
Upstream changes:
mikutter 4.0.6
* bundle pulseaudio plugin
* thanks to Shibafu Midorino
* backport a minor improvement from 4.1.0
(fix compatibility issue with pluggaloid 1.3.0 and later)
* configure: Fix fallout with disabling embedded config
* inet6: Add support for reporting Mobile IPv6 RA's
* inet6: Report RA Proxy flag if set
* BSD: Allow non NetBSD and OpenBSD to set IN6_IFF_AUTOCONF
* privsep: Don't handle any signals meant for the main process
* eloop: Try and survive a signal storm
* configure: add --with-eghook=foo
* dhcpcd: Add an option to poll the interface carrier state
* script: Make visible some link level parameters to lease dumping
* Linux: ignore unsupported interfaces by default, such as sit0
* Linux: support aarch64 for reading cpu info
* Linux: keep the generic netlink socket around to get ssid with privsep
* Linux: restore fix when no address is returned by getifaddrs(3)
* inet6: Don't regen temp addresses we didn't add
* privsep: Don't limit file writes if logging to a file
* DHCP6: Fix lease timings with nodelay option
Changes since 4.2.2:
* Released:
- 7th of April 2020
* Improvements:
- reduce the number of temporary memory allocations
- adjust NSEC TTLs to negative TTL
- Add more SQL schema files to packages and tarballs
- only log "No question section in packet" at Debug logging level
- do not update identical notified serials
- IXFR: only sign SOA in empty response for +DO queries
- Prepare the caches' buckets in advance
- Rework NetmaskTree for better CPU and memory efficiency.
- allow local-ipv6 until 4.4.0
- Add metrics about the size of our in-memory rings
- gpgsqlbackend: stop using prepared statements
- Enforce a strict maximum size for the packet and records caches
- API: optionally, do not return dnssec info in domain list
- zone file parser: Add a parameter to limit the number of "$GENERATE" steps
- api: avoid a large number of new database connections
- Emulate a buffered read in the pipe backend, ~3x faster
- LUA performance: register lua functions only once
- API: make max request/response body size configurable
- API: add edited_serial to Zone object
- Improve error when notification comes in for non-slave zone
- LUA record: rewrote the health checking system
* Bug fixes:
- avoid IXFR-in corruption when deltas come in close together (please see the
IXFR-in corruption upgrade notes)
- improve sql schema updates
- Fix NSECx for unpublished DNSKEYs properly
- emit correct NSEC/NSEC3 bitmaps in hidden key situations
- Refuse NSEC records with a bitmap length > 32
- YaHTTP: Support bracketed IPv6 addresses
- Make sure the default-publish-cds and default-publish-cdnskey options are
- respected for AXFR
- make sure records from LMDB backend end up in the right packet section
- Clear the TSIG algo between iterations in the API
- HTTP API: Allow DNAME in apex with SOA and NS records
- various memory/thread correctness fixes
- LUA view: do not crash on empty IP list
- REST API: accept headers without spaces
- on luaSynth exception, drain db output
- tinydnsbackend: limit timestamp-based TTLs
- Ensure that pdns can read pdns.conf when upgrading from an older package
- Ixfrdist: handle reading of empty files gracefully
- webserver: handle exceptions instead of SIGABRTing the world
* New features:
- add full option to "pdns_control show-config"
- Add "IO wait" and "steal" metrics on Linux
- API: add includerings option to statistics endpoint
- Add an extended status report in the bind backend
- add default-publish-{cds|cdnskey} options
- remotebackend: Support alsoNotifies, setFresh, getUnfreshSlaveInfos
- Add support for managing unpublished DNSSEC keys
- gmysql backend, add an option to send the SSL capability flag
- pdnsutil: offer to increase serial after edit-zone
* Removed features:
- remove goracle, lua, mydns, opendbx, oracle backends
- deprecate SOA autocomplete in pdnsutil check-zone
* misc.:
- remove the implicit 5->7 algorithm upgrade
- Make Lua mandatory for Auth
For complete and up-to-date changelog, see:
https://doc.powerdns.com/authoritative/changelog/4.3.html
pkgsrc notes:
~~~~~~~~~~~~~
The default options have changed since 4.2.2 a bit:
- option "lua" has been removed as LUA is now mandatory
- option "luarecords" has been added with default "on". When
not present in PKG_OPTIONS, LUA records support will be disabled.
Wireshark 3.2.5 Release Notes
What’s New
The Windows installers now ship with Npcap 0.9994. They previously
shipped with Npcap 0.9991.
The Windows installers now ship with USBPcap 1.5.4.0. They previously
shipped with USBPcap 1.5.3.0.
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2020-09[1] GVCP dissector infinite loop.
CVE-2020-15466[3].
The following bugs have been fixed:
• Add decryption support for QUIC IETF version 0xfaceb001 and
0xfaceb002.
• Windows Uninstall does not remove all files in Program Files.
• The "relative sequence number" is same as "raw sequence number"
when tcp.analyze_sequence_numbers:FALSE.
• Importing profiles from a different Windows PC fails.
• Decode as not working correctly with multiple user profiles.
• Wireshark can misdissect the HE Radiotap field if it’s ever
dissected one with any value unknown.
• Buildbot crash output: fuzz-2020-06-19-5981.pcap.
• Buildbot crash output: fuzz-2020-06-20-7665.pcap.
• mergecap man page contains invalid formatting.
Changes since 4.3.1:
* Released:
- 1st of July 2020
* Improvements:
- Defer the NOD lookup until after the response has been sent.
- CNAME loop detection.
* Bug fixes:
- Backport of CVE-2020-14196: Enforce webserver ACL.
- Copy the negative cache entry before validating it.
- Fix compilation of the ports event multiplexer.
- Fix the handling of DS queries for the root.
- Fix RPZ removals when an update has several deltas.
- Fix compilation on systems that do not define HOST_NAME_MAX.
- Fix build with gcc-10.Â
* misc.:
- Correct depth increments.
- Limit the TTL of RRSIG records as well
This package automatically enabled the "blacklist" option under recent
enough versions of NetBSD. However in NetBSD-current the "blacklist"
library has been replaced by the "blocklist" library which BIND currently
doesn't support. And as result the build failed with the default option
because the "blacklist" could not be found.
Change the option check to only enable this option under NetBSD if the
"blacklist" header file can be found. This fixes the build under
NetBSD-current with the default options.
The correct long term fixed would be:
* Wait for a BIND version which supports "blocklist" instead of "blacklist"
* Add "blocklist" as a package in "pkgsrc" with an appropriate "builtin.mk"
NEWS for rsync 3.2.1 (22 Jun 2020)
Protocol: 31 (unchanged)
Changes since 3.2.0:
BUG FIXES:
Fixed a potential build issue with the MD5 assembly-language code by removing some non-portable directives.
Use the preprocessor with the asm file to ensure that if the code is unneeded, it doesn't get built.
Avoid the stack getting set to executable when including the asm code.
Some improvements in the SIMD configure testing to try to avoid build issues, such as avoiding a clang++ core dump when ‑g is combined with ‑O2. Note that clang++ is quite buggy in this area, and it does still crash for some folks, so just use ‑‑disable-simd if you need to avoid their buggy compiler (since the configure test is apparently not finding all the compilers that will to crash and burn).
Fixed an issue in the md2man script when building from an alternate dir.
Disable ‑‑atimes on macOS (it apparently just ignores the atime change).
ENHANCEMENTS:
The use of ‑‑backup-dir=STR now implies ‑‑backup.
Added ‑‑zl=NUM as a short-hand for ‑‑compress-level=NUM.
Added ‑‑early-input=FILE option that allows the client to send some data to a daemon's (optional) "early exec" script on its stdin.
Mention atimes in the capabilities list that ‑‑version outputs.
Mention either "default protect-args" or "optional protect-args" in the ‑‑version capabilities depending on how rsync was configured.
Some info on optimizations is now elided from the ‑‑version capabilities since they aren't really user-facing capabilities. You can still see the info (plus the status of a couple extra optimizations) by repeating the ‑‑version option (e.g. ‑VV).
Updated various URLs to be https instead of http.
Some documentation improvements.
PACKAGING RELATED:
If you had to use ‑‑disable-simd for 3.2.0, you might want to try removing that and see if it will succeed or auto-disable. Some buggy clang++ compilers are still not auto disabled, though.
The MD5 asm code is now under its own configure flag (not shared with the SIMD setting), so if you have any issues compiling it, re-run configure with ‑‑disable-asm.
Merged the OLDNEWS.md file into NEWS.md.
NEWS for rsync 3.2.0 (19 Jun 2020)
Protocol: 31 (unchanged)
Changes since 3.1.3:
BUG FIXES:
Avoid a potential out-of-bounds read in daemon mode if argc can be made to become 0.
Fix the default list of skip-compress files for non-daemon transfers.
Fix xattr filter rules losing an 'x' attribute in a non-local transfer.
Avoid an error when a check for a potential fuzzy file happens to reference a directory.
Make the atomic-rsync helper script have a more consistent error-exit.
Make sure that a signal handler's use of exit_cleanup() calls _exit() instead of exit().
Various zlib fixes, including security fixes for CVE-2016-9843, CVE-2016-9842, CVE-2016-9841, and CVE-2016-9840.
Fixed an issue with ‑‑remove-source-files not removing a source symlink when combined with ‑‑copy-links.
Fixed a bug where the daemon would fail to write early fatal error messages to the client, such as refused or unknown command-line options.
Fixed the block-size validation logic when dealing with older protocols.
Some rrsync fixes and enhancements to handle the latest options.
Fixed a problem with the ‑‑link-dest|‑‑copy-dest code when ‑‑xattrs was specified along with multiple alternate-destination directories (it could possibly choose a bad file match while trying to find a better xattr match).
Fixed a couple bugs in the handling of files with the ‑‑sparse option.
Fixed a bug in the writing of the batch.sh file (w/‑‑write-batch) when the source & destination args were not last on the command-line.
Avoid a hang when an overabundance of messages clogs up all the I/O buffers.
Fixed a mismatch in the RSYNC_PID values put into the environment of pre-xfer exec and a post-xfer exec.
Fixed a crash in the ‑‑iconv code.
Fixed a rare crash in the popt_unalias() code.
ENHANCEMENTS:
Various checksum enhancements, including the optional use of openssl's MD4 & MD5 checksum algorithms, some x86-64 optimizations for the rolling checksum, some x86-64 optimizations for the (non-openssl) MD5 checksum, the addition of xxHash checksum support, and a negotiation heuristic that ensures that it is easier to add new checksum algorithms in the future. The environment variable RSYNC_CHECKSUM_LIST can be used to customize the preference order of the negotiation, or use ‑‑checksum-choice (‑‑cc) to force a choice.
Various compression enhancements, including the addition of zstd and lz4 compression algorithms and a negotiation heuristic that picks the best compression option supported by both sides. The environment variable RSYNC_COMPRESS_LIST can be used to customize the preference order of the negotiation, or use ‑‑compress-choice (‑‑zc) to force a choice.
Added a ‑‑debug=NSTR option that outputs details of the new negotiation strings (for checksums and compression). The first level just outputs the result of each negotiation on the client, level 2 outputs the values of the strings that were sent to and received from the server, and level 3 outputs all those values on the server side too (when the server was given the debug option).
The ‑‑debug=OPTS command-line option is no longer auto-forwarded to the remote rsync which allows for the client and server to have different levels of debug specified. This also allows for newer debug options to be specified, such as using ‑‑debug=NSTR to see the negotiated hash result, without having the command fail if the server version is too old to handle that debug item. Use ‑M‑‑debug=OPTS to send the options to the remote side.
Added the ‑‑atimes option based on the long-standing patch (just with some fixes that the patch has been needing).
Added ‑‑open-noatime option to open files using O_NOATIME.
Added the ‑‑write-devices option based on the long-standing patch.
Added openssl & preliminary gnutls support to the rsync-ssl script, which is now installed by default. This was unified with the old stunnel-rsync helper script to simplify packaging. Note that the script accepts the use of ‑‑type=gnutls for gnutls testing, but does not look for gnutls-cli on the path yet. The use of ‑‑type=gnutls will not work right until gnutls-cli no longer drops data.
Rsync was enhanced to set the RSYNC_PORT environment variable when running a daemon-over-rsh script. Its value is the user-specified port number (set via ‑‑port or an rsync:// URL) or 0 if the user didn't override the port.
Added the proxy protocol daemon parameter that allows your rsyncd to know the real remote IP when it is setup behind a proxy.
Added negated matching to the daemon's refuse options setting by using match strings that start with a ! (such as !compress*). This lets you refuse all options except for a particular approved list, for example. It also lets rsync refuse certain options by default (such as write-devices) while allowing the config to override that, as desired.
Added the early exec daemon parameter that runs a script before the transfer parameters are known, allowing some early setup based on module name.
Added status output in response to a signal (via both SIGINFO & SIGVTALRM).
Added ‑‑copy-as=USER option to give some extra security to root-run rsync commands into/from untrusted directories (such as backups and restores).
When resuming the transfer of a file in the ‑‑partial-dir, rsync will now update that partial file in-place instead of creating yet another tmp file copy. This requires both sender & receiver to be at least v3.2.0.
Added support for RSYNC_SHELL & RSYNC_NO_XFER_EXEC environment variables that affect the early, pre-xfer, and post-xfer exec rsync daemon parameters.
Optimize the ‑‑fuzzy ‑‑fuzzy heuristic to avoid the fuzzy directory scan until all other basis-file options are exhausted (such as ‑‑link-dest).
Have the daemon log include the normal-exit sent/received stats when the transfer exited with an error when possible (i.e. if it is the sender).
The daemon now locks its pid file (when configured to use one) so that it will not fail to start when the file exists but no daemon is running.
Various man page improvements, including some html representations (that aren't installed by default).
Made ‑V the short option for ‑‑version and improved its information.
Pass the ‑4 or ‑6 option to the ssh command, making it easier to type than ‑‑rsh='ssh ‑4' (or the ‑6 equivalent).
Added example config for rsyncd SSL proxy configs to rsyncd.conf.
More errors messages now mention if the error is coming from the sender or the receiver.
PACKAGING RELATED:
Add installed binary: /usr/bin/rsync-ssl
Add installed man page: /usr/man/man1/rsync-ssl.1
Tweak auxiliary doc file names, such as: README.md, INSTALL.md, & NEWS.md.
The rsync-ssl script wants to run openssl or stunnel4, so consider adding a dependency for one of those options (though it's probably fine to just let it complain about being unable to find the program and let the user decide if they want to install one or the other).
If you packaged rsync + rsync-ssl + rsync-ssl-daemon as separate packages, the rsync-ssl package is now gone (rsync-ssl should be considered to be mainstream now that Samba requires SSL for its rsync daemon).
Add build dependency for liblz4-dev, libxxhash-dev, libzstd-dev, and libssl-dev. These development libraries will give rsync extra compression algorithms, extra checksum algorithms, and allow use of openssl's crypto lib for (potentially) faster MD4/MD5 checksums.
Add build dependency for g++ or clang++ on x86_64 systems to enable the SIMD checksum optimizations.
Add build dependency for either python3-cmarkcfm or python3-commonmark to allow for patching of man pages or building a git release. This is not required for a release-tar build, since it comes with pre-built man pages. Note that cmarkcfm is faster than commonmark, but they generate the same data. The commonmark dependency is easiest to install since it's native python, and can even be installed via pip3 install ‑‑user commonmark if you want to just install it for the build user.
Remove yodl build dependency (if it was even listed before).
DEVELOPER RELATED:
Silenced some annoying warnings about major() & minor() by improving an autoconf include-file check.
Converted the man pages from yodl to markdown. They are now processed via a simple python3 script using the cmarkgfm or commonmark library. This should make it easier to package rsync, since yodl has gotten obscure.
Improved some configure checks to work better with strict C99 compilers.
Some perl building/packaging scripts were recoded into awk and python3.
Some defines in byteorder.h were changed into static inline functions that will help to ensure that the args don't get evaluated multiple times on "careful alignment" hosts.
Some code typos were fixed (as pointed out by a Fossies run).
get_iplayer 3.26 Release Notes
Changes in 3.26
* Restored download of programme credits - broken by BBC changes.
* Restored channel names to --pid-recursive-list output - broken by BBC
changes.
* Restored subtitle colours - broken by BBC changes.
* Media streams mislabelled as belonging to the defunct BBC Store are no
longer ignored - a few may contain valid content.
* Fixed hash initialisation in Pvr class (@praxilian)
* Added new --cuesheet-offset option (synonym: --tracklist-offset) that
can be used to apply a positive or negative offset to track times in
cue sheet or track list. If you find track times off by a consistent
amount after download, use --cuesheet-only with --cuesheet-offset=<n>
or --tracklist-only with --tracklist-offset=<n> (where n = offset in
seconds) to generate a new cue sheet or track list with adjusted track
times.
* The default value of the --thumbnail-size option is now 1920, which
downloads a 1920x1080 image. The previous default was 192, which
downloaded a 192x108 image. This larger default size should work
better on TVs and larger devices, but it will still scale down for
smaller devices and media manager software.
* If you have added --thumbnail-size to your preferences, it will
continue to be used.
* This change will add ~200KB to the size of tagged output files,
compared to the previous default.
* If you wish to restore the previous default thumbnail size:
get_iplayer --prefs-add --thumbnail-size=192
* Thumbnail size is now automatically limited to 1280 when
--thumbnail-square is used, in order to avoid distorted images.
* The @wrt atom in metadata tags (iTunes: Composer field) is now set to
"BBC Sounds" for radio programmes. The value is still set to "BBC
iPlayer" for TV programmes.
* The --tag-utf8 option is now ignored and will be removed in the next
release. It hasn't served any useful purpose for some time. To remove
it from your preferences if necessary:
get_iplayer --prefs-del --tag-utf8
* The minimum version of Perl nominally required for get_iplayer is now
5.16, in line with recent changes in requirements for the Mojolicious
module. This requirement is not yet enforced in get_iplayer code since
some combinations of older Perl and Mojolicious versions will still
work. This only concerns Linux users doing manual installations, and
who for some reason attempt to install new versions of Mojolicious
with obsolete versions of Perl, so it is unlikely to apply to you.
* get_iplayer previously allowed a PVR run to continue even if the
previous run might still be active, as long as 12 hours had elapsed
since the previous run was launched, on the presumption that after 12
hours the previous run must be hung. That is no longer the case.
* If an invalid (e.g., due to disk write error) PVR lockfile is
found, get_iplayer deletes the lockfile and exits with an error
and an instruction for you to check if get_iplayer PVR is already
running before restarting.
* If a valid PVR lockfile is found and the previous run is still
active, get_iplayer will now always exit with an error regardless
of whether or not 12 hours has elapsed. It now prints the process
ID associated with the running PVR so that you can check the
process status if necessary.
* get_iplayer is not prone to hanging as it sometimes was when it
relied on rtmpdump and ffmpeg for downloading, so this change
should have little effect on you. One possible exception is if
you try to use get_iplayer in Windows Subsystem for Linux v1 (WSL
1), where AtomicParsley always hangs and thus hangs every PVR
run. Don't use get_iplayer on WSL 1. AtomicParsley does work with
WSL 2.
v2.68.0:
FEATURES:
New Data Source: aws_efs_access_points
New Resource: aws_wafv2_web_acl_logging_configuration
ENHANCEMENTS:
data-soruce/aws_ami: Add arn attribute
data-source/aws_customer_gateway: Add arn attribute
data-source/aws_ebs_snapshot: Add arn attribute
data-source/aws_vpc_endpoint: Add arn attribute
data-source/aws_vpc_endpoint_service: Add arn attribute
data-source/aws_vpn_gateway: Add arn attribute
resource/aws_ami: Add arn attribute and plan-time validations to architecture, volume_type and virtualization_type arguments
resource/aws_ami_copy: Add arn attribute
resource/aws_ami_from_instance: Add arn attribute
resource/aws_customer_gateway: Add arn attribute and plan-time validations for bgp_asn, ip_address, and type arguments
resource/aws_default_network_acl: Add arn attribute and plan-time validations for ingress and egress configuration block arguments
resource/aws_ebs_snapshot: Add arn attribute
resource/aws_ebs_snapshot: Support resource import
resource/aws_ebs_snapshot_copy: Add arn attribute
resource/aws_ec2_traffic_mirror_session: Add arn attribute
resource/aws_ecs_service: Support deployment_controller configuration block type argument value of EXTERNAL (support external deployments)
resource/aws_ecs_task_definition: Add efs_volume_configuration configuration block authorization_config, transit_encryption, and transit_encryption_port arguments (support EFS Access Points and transit encryption)
resource/aws_elasticsearch_domain: Ultrawarm can now be enabled without re-creating the resource
resource/aws_glue_catalog_database: Add arn attribute
resource/aws_iot_policy: Support resource import
resource/aws_iot_topic_rule: Add error_action configuration block
resource/aws_network_acl: Add arn attribute and plan-time validations for ingress and egress configuration block arguments
resource/aws_placement_group: Add arn attribute
resource/aws_ses_receipt_filter: Add arn attribute and plan-time validations for all arguments
resource/aws_vpn_connection: Add arn attribute
resource/aws_vpc_endpoint: Add arn attribute
resource/aws_vpc_endpoint_service: Add arn attribute
resource/aws_vpn_gateway: Add arn attribute
BUG FIXES:
resource/aws_batch_compute_environment: Ensure desired_vcpus is fully optional and wait for updates
resource/aws_batch_compute_environment: Remove resource from Terraform state when not found instead of returning error
resource/aws_cloudtrail: Properly configure single event_selector with no data_resource and read_write_type of ReadOnly or WriteOnly
resource/aws_cloudtrail: Prevent InvalidEventSelectorsException error when removing all event_selector configuration
resource/aws_default_route_table: Validate CIDR blocks for misalignment before attempting to create the route to ensure Terraform can read the information after EC2 API canonicalization
resource/aws_default_route_table: Ensure empty string ("") validation in cidr_block and ipv6_cidr_block arguments continues to work for Terraform 0.11 support
resource/aws_ecs_service: Add plan-time validation and prevent panics with empty type argument in ordered_placement_strategy configuration block
resource/aws_ecs_task_definition: Prevent showing API ordering differences in container_definitions environment variables during update plans
resource/aws_elasticsearch_domain: Ensure empty string ("") validation in ebs_options volume_type argument continues to work for Terraform 0.11 support
resource/aws_iot_policy: Ensure name argument updates recreate the resource
resource/aws_route: Validate CIDR blocks for misalignment before attempting to create the route to ensure Terraform can read the information after EC2 API canonicalization
resource/aws_route: Ensure empty string ("") validation in destination_cidr_block and destination_ipv6_cidr_block arguments continues to work for Terraform 0.11 support
resource/aws_route_table: Validate CIDR blocks for misalignment before attempting to create the route to ensure Terraform can read the information after EC2 API canonicalization
resource/aws_route_table: Ensure empty string ("") validation in cidr_block and ipv6_cidr_block arguments continues to work for Terraform 0.11 support
resource/aws_spot_fleet_request: Prevent crash with missing placement information
resource/aws_vpc_endpoint: Skip ModifyVpcEndpoint API call on tags only updates
resource/aws_vpc_endpoint: Wait for acceptance when auto_accept is enabled
resource/aws_wafv2_web_acl: Prevent unexpected UpdateWebACL API errors on tags only updates
v0.12.28:
BUG FIXES:
build: build the 0.12 version of Terraform with Go 1.12.13, rather than 0.13 Terraform's 1.14.2
v0.12.27:
BUG FIXES:
backend/remote: fix panic when there's a connection error to the remote backend
Instead:
1. Package makefiles including their own options.mk
2. Packages say "SUBST_CLASSES+=djberrno" to get the hack, if needed
3. Packages adjust SUBST_FILES.djberrno, if needed
Should fix bulk build failures due to multiple inclusions of options.mk
and/or incorrect definitions of DJB_ERRNO_HACK.
Approved during the freeze by wiz@.
05/20/2020 Version 4.3.3
- Increase cache buffers size to accomodate VLAN edits (#594)
- Correct L2 header length to correct IP header offset (#583)
- Fix warnings from gcc version 10 (#580)
- Heap Buffer Overflow in randomize_iparp (#579)
- Use after free in get_ipv6_next (#578)
- Heap Buffer Overflow in git_ipv6_next (#576)
- Call pcap_freecode() on pcap_compile() (#572)
- Increase max snaplen to 262144 (#571)
- Fix divide by zero in fuzzing (#570)
- Unique IP repeats at very high iteration counts (#566)
- Fails to compile on FreeBSD amd64 13.0 (#558)
- Heap Buffer Overflow in do_checksum (#556) (#577)
- Attempt to correct corrupt pcap files, if possible (#557)
- Fix GCC v10 warnings (#555)
- Remove some duplicated SOURCES entries (#551)
- Expand /dev/bpfX hard limit to fix macOS Mojave (#550)
- Implement --loopdelay-ms when using --loop=0 (#546)
- Heap overflow packet2tree and get_l2len (#530)
03/12/2019 Version 4.3.2
- CVE-2019-8381 memory access in do_checksum() (#538)
- CVE-2019-8376 NULL pointer dereference get_layer4_v6() (#537)
- CVE-2019-8377 NULL pointer dereference get_ipv6_l4proto() (#536)
- Rename Ethereal to Wireshark (#545)
12/27/2018 Version 4.3.1
- Fix checkspell detected typos (#531)
11/10/2018 Version 4.3.0
- Fix maxOS TOS checksum failure (#524)
- TCP sequence edits seeding (#514)
- Fix issues identifed by Codacy (#493)
- CVE-2018-18408 use-after-free in post_args (#489)
- CVE-2018-18407 heap-buffer-overflow csum_replace4 (#488)
- CVE-2018-17974 heap-buffer-overflow dlt_en10mb_encode (#486)
- CVE-2018-17580 heap-buffer-overflow fast_edit_packet (#485)
- CVE-2018-17582 heap-buffer-overflow in get_next_packet (#484)
- Out-of-tree build (#482)
- CVE-2018-13112 heap-buffer-overflow in get_l2len (#477 dup #408)
- Closing stdin on pipe (#479)
- Second pcap file hangs on multiplier option (#472)
- Jumbo frame support for fragroute option (#466)
- TCP sequence edit ACK corruption (#451)
- TCP sequence number edit initial SYN packet should have zero ACK (#450)
- Travis CI build fails due to new build images (#432)
- Upgrade libopts to 5.18.12 to address version build issues (#430)
- Add ability to change tcp SEQ/ACK numbers (#425)
- Hang using loop and netmap options (#424)
- tcpprep -S not working for large cache files (#423)
- Unable to tcprewrite range of ports with --portmap (#422)
- --maxsleep broken for values less than 1000 (#421)
- -T flag breaks traffic replay timing (#419)
- Respect 2nd packet timing (#418)
- Avoid non-blocking behaviour when using STDIN (#416)
- pcap containing >1020 packets produces invalid cache file (#415)
- manpage typos (#413)
- Fails to open tap0 on Zephyr (#411)
- Heap-buffer-overflow in get_l2protocol (#410)
- Heap-buffer-overflow in packet2tree (#409)
- Heap-buffer-overflow in get_l2len (#408)
- Heap-buffer-overflow in flow_decode (#407)
- Rewrite zero IP total length field to match the actual packet length (#406)
- Stack-buffer-overflow in tcpcapinfo (#405)
- tcpprep --include option does not exclude (#404)
- Negative-size-param memset in dlt_radiotap_get_80211 (#402)
- tcpeplay --verbose option not working (#398)
- Fix replay when using --with-testnic (#178)
Update ruby-twitter to 7.0.0.
7.0.0
* Add Twitter::DirectMessageEvent (@FabienChaynes)
* Create Twitter::DirectMessageEvent with media (@FabienChaynes)
* Support for DM welcome messages (@FabienChaynes)
* Support for closing Twitter::Streaming::Connection (@okkez)
* Add Twitter::REST::Client#create_direct_message_event (@cyu)
* Add Twitter::REST::Client#premium_search
* Add Twitter::REST::AccountActivity
* Update all direct message methods to return Twitter::DirectMessageEvent
(@flikglick)
* Correctly handle different Twitter::Error::AlreadyRetweeted error messages
(@knu)
* Fix proxy setting sample (@nicklegr)
* Add Active Support presence methods on Twitter::NullObject (@davebrace)
* Upload GIFs over 5MB in chunks (@wild_dmitry)
* Track rate limit when searching tweets (@dsalahutdinov1)
* Add quote_count and reply_count attributes to Twitter::Tweet
* Drop support for Ruby 2.0, 2.1, and 2.2
Updaet ntp4 to 4.2.8p14.
pkgsrc changes:
* Incorporate several changes from NetBSD base.
* few pkglint fixes.
Quote from release announce:
NTP 4.2.8p14 (Harlan Stenn <stenn@ntp.org>, 2020 Mar 03)
Focus: Security, Bug fixes, enhancements.
Severity: MEDIUM
This release fixes three vulnerabilities: a bug that causes causes an ntpd
instance that is explicitly configured to override the default and allow
ntpdc (mode 7) connections to be made to a server to read some uninitialized
memory; fixes the case where an unmonitored ntpd using an unauthenticated
association to its servers may be susceptible to a forged packet DoS attack;
and fixes an attack against a client instance that uses a single
unauthenticated time source. It also fixes 46 other bugs and addresses
4 other issues.
Update ruby-ruby_smb to 2.0.1.
* store server time values and GUDI
* Fix issues with Mac OS X SMB server
- Set the unicode flag on the Negotiate SMB Header request
- Check if the Socket is closed before calling IO.select
- Improve Socket#recv_packet exception handling
* Update related to Win8 errors
- Change :encryption_required parameter name to a more meaningful name
according to the context: :session_encrypt_data and
:tree_connect_encrypt_data.
- #can_be_encrypted? now returns false with SMB1 packet.
- Improve exception handling in #recv_encrypt in case an encryption error
occurs on the server (this will help in detecting the unpatched Win8
bug).
- Only enable session encryption if the server supports it. This only
applies if session_encrypt_data was originally set (forced). If it is
not set, session encryption will stay disabled even if the server
supports encryption.
* More fixes
- Remove the `OEM` flag when initializing the `Net::NTLM::Client`.
Unicode is the default now and `Net::NTLM::Client` does not handle OEM
string correctly.
- Improve error message when an SMB1 `NtCreateAndxResponse` is received
without extended information.
v3.3.26:
More straightforward approach to configure tests suites
v3.3.25:
Allow updating gandi rrset ttl. Previously, a rrset ttl could be set only when creating a new record
Final customizations for hetzner dns api v1. The main fix is, that hetzner does not need the fqdn as record name. This leads to major errors like: record name=sub1.my-fqdn.tld --> record created with final name sub1.my-fqdn.tld.my-fqdn.tld
Delete config.yml delete circleci integration. no longer necessary.
0.27.1
Improved the logging situation (includes fixing a false-positive "packets() made no progress adding records")
0.27.0
Large multi-resource responses are now split into separate packets which fixes a bad mdns-repeater/ChromeCast Audio interaction ending with ChromeCast Audio crash (and possibly some others) and improves RFC 6762 compliance
Added a warning presented when the listener passed to ServiceBrowser lacks update_service() callback
Added support for finding all services available in the browser example
Backwards incompatible:
Removed previously deprecated ServiceInfo address constructor parameter and property
pysmb-1.2.1
- Fix bug in deleteFiles() method which can fail for certain search patterns.
pysmb-1.2.0
- Add new parameter, delete_matching_folders, to deleteFiles() method to
support deletion of child folders that match the search pattern.
pysmb-1.1.29
- Fix unhandled exception for short NBNS queries
- Fix wildcard file deletion with servers on SMB2 protocol
Changes since 0.7.19
* Fixed returning from an iterator on Python 3.7+, by Sergey Kozlov.
* Fixed Python 3.8 SyntaxWarning on using `is not` with a string literal, by Stefan Nordhausen.
* Fixed DeprecationWarnings by using raw strings for escape characters used in regexes, by Sean McGinnis.
* Improved IPGlob documentation, by obkmeta.
* Fixed exception creation in corner cases by explicitly passin error message params as tuples, by
Matthias Urlichs.
* Stopped manually replacing shebang of an included script.
* Stopped using __file__ in all code that's expected to run in environments that don't support it
(like PyOxidizer-produced binaries).
* Updated all databases included in the package.
Specific bug fixes addressed in this release
FIXED Issue 182: https://github.com/netaddr/netaddr/issues/182
- test_ip_splitter_remove_prefix_larger_than_input_range fails with python 3.7
FIXED Issue 206: https://github.com/netaddr/netaddr/issues/206
- ""is not" with a literal." SyntaxWarning
FIXED Issue 198: https://github.com/netaddr/netaddr/issues/198
- oui databases are outdated
FIXED Issue 188: https://github.com/netaddr/netaddr/issues/188
- Avoid use of __file__
Miscellanea
- Python 2 versions older than 2.7 and Python 3 versions older than 3.5 should be considered
unsupported. No incompatible code has been introduced to the best of our knowledge but
there's no CI infrastructure in place to verify this and if there are any issues with
those versions they won't be fixed.
- Consequently, Python 2.7 and 3.5 support should be considered deprecated as 2.7 has
reached its end-of-life already and 3.5 will hit it soon.
- A CI setup has been introduced which allows us to test on a variety of Python versions
on all Mac, Linux and Windows.
v2.67.0
NOTES:
data-source/aws_secretsmanager_secret: The rotation_* attributes have been deprecated in favor of the new aws_secretsmanager_secret_rotation data source.
resource/aws_secretsmanager_secret: The rotation_* arguments have been deprecated in favor of the new aws_secretsmanager_secret_rotation resource. The new resource, which fixes workflow issues, prevents the existing resource from showing changes when attempting to remove rotation. Removal must be done with the new resource or manually.
FEATURES:
New Data Source: aws_ebs_volumes
New Data Source: aws_ec2_local_gateway_virtual_interface
New Data Source: aws_ec2_local_gateway_virtual_interface_group
New Data Source: aws_ec2_local_gateway_virtual_interface_groups
New Data Source: aws_ecr_authorization_token
New Data Source: aws_outposts_outpost
New Data Source: aws_outposts_outpost_instance_type
New Data Source: aws_outposts_outpost_instance_types
New Data Source: aws_outposts_outposts
New Data Source: aws_outposts_site
New Data Source: aws_outposts_sites
New Data Source: aws_secretsmanager_secret_rotation
New Data Source: aws_wafv2_web_acl
New Guide: Resource Tagging
New Resource: aws_ec2_local_gateway_route
New Resource: aws_ec2_local_gateway_route_table_vpc_association
New Resource: aws_ec2_tag
New Resource: aws_secretsmanager_secret_rotation
New Resource: aws_wafv2_web_acl
New Resource: aws_wafv2_web_acl_association
ENHANCEMENTS:
data-source/aws_vpc_dhcp_options: Add arn attribute
data-source/aws_efs_mount_target: Add availability_zone_name, availability_zone_id, mount_target_dns_name, and owner_id attributes
data-source/aws_internet_gateway: Add arn attribute
data-source/aws_lambda_function: Add file_system_config attribute
data-source/aws_workspaces_bundle: Add name and owner as search crieria
resource/aws_ec2_capacity_reservation: Add arn attribute and support for Linux SQL Server values in instance_platform argument
resource/aws_cloudwatch_log_stream: Support resource import
resource/aws_default_vpc_dhcp_options: Add arn attribute
resource/aws_devicefarm_project: Support resource import
resource/aws_ec2_traffic_mirror_target: Add arn attribute
resource/aws_ecs_capacity_provider: Implement API deletion support
resource/aws_efs_mount_target: Add availability_zone_name, availability_zone_id, mount_target_dns_name, and owner_id attributes
resource/aws_efs_mount_target: Add plan time validation for ip_address argument
resource_aws_elasticsearch_domain: Add support for elasticsearch warm storage
resource_aws_elasticsearch_domain: Add plan time validation for cloudwatch_log_group_arn, role_arn, and ebs_options.volume_type
resource/aws_flow_log: Add arn attribute
resource/aws_glue_catalog_table: Add arn attribute
resource/aws_guardduty_detector: Add tags argument and arn attribute
resource/aws_guardduty_ipset: Add tags argument and arn attribute
resource/aws_guardduty_threatintelset: Add tags argument and arn attribute
resource/aws_internet_gateway: Add arn attribute
resource/aws_key_pair: Add arn attribute
resource/aws_lambda_function: Add file_system_config attribute
resource/aws_service_discovery_http_namespace: Add tags argument
resource/aws_service_discovery_private_dns_namespace: Add tags argument
resource/aws_service_discovery_public_dns_namespace: Add tags argument
resource/aws_service_discovery_service: Add tags argument
resource/aws_vpc_dhcp_options: Add arn attribute
resource/aws_wafv2_ip_set: Increase addresses maximum amount of items limit from 50 to 10,000 to match AWS limits
BUG FIXES:
resource/aws_cloudfront_origin_access_identity: Properly trigger resource recreation when deleted outside Terraform
resource/aws_cognito_user_pool_client: Mark client_secret as sensitive
resource/aws_route: Ensure retries occur on read after creation if route not found for EC2 eventual consistency
Changelog:
List of changes:
Hotkey language fixed!2064 (merged) @kingu
TRANSLATION file for l10n !2065 (merged) @kingu
Fetch news from remmina.org optional !2066 (merged) @antenore
allow saving notes in connection profile !2067 (merged) @juarez.rudsatz
RDP: Improving hardware option parsing !2068 (merged) @antenore
Rearranged widgets in a new Behavior tab !2069 (merged) @juarez.rudsatz
Add separator only when there are saved profiles. Fixes#1914!2070 (merged) @antenore
Implementing resume all for FTP file transfer, should fix#2210!2072 (merged) @antenore
Spelling: Overwrite all file transfers !2073 (merged) @kingu
Spelling: Options for redirection x2, -: !2074 (merged) @kingu
Edit or connect using multiple profile files from the command line !2075 (merged) @antenore
Desktop session files for Remmina kiosk are optional !2076 (merged) @antenore
Update Ukrainian translation for the desktop file !2077 (merged) @yurchor
Remove 'translatable="yes"' from the fake label in remmina_spinner.glade !2079 (merged) @yurchor
Remove 'translatable="yes"' from the fake label !2078 (merged) @yurchor
Feat/lebowski !2080 (merged) @antenore
# pkgsrc changes
No OWNDIR needed for daemon's HOME
Add Perl path to LDFLAGS only when it is needed (snmp support)
List INSTALLATION_DIRS explicitly
Set PKG_SYSCONFSUBDIR, so that README.conf actually gets installed
Since editline is fully functional, avoid linking against the GPLv3 readline
# upstream changes
Numerous small changes, see ChangeLog.
gh is GitHub on the command line, and it's now available in beta.
It brings pull requests, issues, and other GitHub concepts to the
terminal next to where you are already working with git and your code.
Update bind911 to 9.11.20, fixing CVE-2020-8619.
--- 9.11.20 released ---
5437. [bug] Fix a data race in lib/dns/resolver.c:log_formerr().
[GL #1808]
5434. [security] It was possible to trigger an INSIST in
lib/dns/rbtdb.c:new_reference() with a particular zone
content and query patterns. (CVE-2020-8619) [GL #1111]
[GL #1718]
5433. [test] Prevent the resolver system test for change #5395
(max-recursion-queries) from failing on systems without
IPv6 support. [GL #1873]
5428. [bug] Clean up GSSAPI resources in nsupdate only after taskmgr
has been destroyed. Thanks to Petr Menšík. [GL !3316]
5427. [bug] Fix a regression in address/prefix length checking that
should have been a warning instead of an error.
[GL #1849]
5415. [test] Address race in dnssec system test that led to
test failures. [GL #1852]
5413. [test] Address race in autosign system test that led to
test failures. [GL #1852]
5412. [bug] 'provide-ixfr no;' failed to return up-to-date responses
when the serial was greater than or equal to the
current serial. [GL #1714]
5409. [performance] When looking up NSEC3 data in a zone database, skip the
check for empty non-terminal nodes; the NSEC3 tree does
not have any. [GL #1834]
5408. [protocol] Print Extended DNS Errors if present in OPT record.
[GL #1835]
5405. [bug] 'named-checkconf -p' could include spurious text in
server-addresses statements due to an uninitialized DSCP
value. [GL #1812]
0.10.15
- Added `assert_call_count` to improve ergonomics around ensuring a mock was called.
- Fix incorrect handling of paths with query strings.
- Add Python 3.9 support to CI matrix.
Features
Add L3 switching features for USW-Pro series.
Improvements
Add support for MongoDB 3.6.
Auto-optimize enables Wi-Fi AI.
Prioritize busy times in Wi-Fi AI logic.
Update Hotspot 2.0 for WFA requirements.
Add VHT160 option for Japan.
Show client icons on DPI and statistics pages.
Improve SSID validation.
Improve support for USP Plug.
Allow adopting UBB only if both devices are connected.
Allow changing VHT mode for 5GHz radio on UBB.
Adjust speed test statistics to longer intervals.
Add LTS notifications.
Add Analytics & Improvements opt-in modal which is displayed post upgrade.
Add description of SNMPv3 security options.
Allow sending test emails via Cloud Email service.
Make timezones dropdown searchable.
Update IANA timezone database.
Update inter-VLAN routing Network form.
Remove OP mode from Port Profiles.
Add MAC column to Insights/Known Clients.
Update available IDS/IPS categories to lessen false positives and improve resource use.
Rename UDM-Beacon to UAP-BeaconHD.
Improve Property Panel for USW Leaf.
Handle LCM sync event notifications on UDM.
Support U-LTE on UDM devices.
Support WAN failover for UDM devices.
Add UDM boot sound checkbox.
Various fixes and improvements in Beta Settings.
Various performance improvements.
Update translations and add missing events.
Known issues
Don't remind me button for LTS notifications doesn't function properly.
Blocking countries in map is not working, workaround is using the classic settings.
Incorrect DPI Statistics.
This allows rust-bin and rust to coexist in bulk builds (for testing, etc),
but the packages still may not be installed at the same time.
rust.mk as a solution for picking the correct rust variant was suggested
by gdt@. It is intended to be included directly by packages that do not
use cargo.mk, and indirectly by packages that do use cargo.mk.
rust.mk provides one user-settable variable:
RUST_TYPE
as before, whether to bootstrap rust from source or use
official binaries. may be "src" or "bin"
And two package-settable variables:
RUST_REQ
the minimum version of Rust required by the package.
defaults to "1.20.0"
RUST_RUNTIME
whether Rust is a runtime dependency, may be "yes" or "no"
Update ruby-xdr to 3.0.1.
3.0.1
Added
* Add encoding parameter to Union#to_xdr
((#7)[https://github.com/stellar/ruby-xdr/pull/7]).
Fixed
* Padding bytes are now properly validated when reading xdr values.
According to the XDR spec, padding must be zeros.
* Version 2.0.44
- More updates to the set of block lists, thanks again to IceCodeNew.
- Netprobes and listening sockets are now ignored when the `-list`,
`-list-all`, `-show-certs` or `-check` command-line switches are used.
- `tls_client_auth` was renamed to `doh_client_x509_auth`. A section
with the previous name is temporarily ignored if empty, but will error
out if not.
- Unit tests are now working on 32-bit systems. Thanks to Will Elwood
and @lifenjoiner.
v2.66.0
FEATURES:
New Data Source: aws_wafv2_rule_group
New Resource: aws_wafv2_rule_group
BUG FIXES:
resource/aws_autoscaling_group: Allow on_demand_base_capacity to be set to 0
resource/aws_autoscaling_group: Add Computed field to instances_distribution and it's sub-fields on_demand_allocation_strategy, on_demand_base_capacity, on_demand_percentage_above_base_capacity, and spot_allocation_strategy
resource/aws_autoscaling_group: Remove Default field from instances_distribution sub-fields on_demand_allocation_strategy, on_demand_percentage_above_base_capacity, and spot_allocation_strategy
resource/aws_batch_job_definition: Prevent differences when no command is specified in container properties
resource/aws_instance: Continue supporting empty string ("") private_ip argument
*5.8*
snmplib:
- TLS/DTLS fixes
- fix usm keychanges for new algorithms and longer keylengths
- IP address formatting fixes
- BUG: 2592: from Stuart Kendrick - increase MAXTC to 16384
- add new sha2 auth protocols
- Restore AES-192 and AES-256 privacy protocols - from
draft-blumenthal-aes-usm-04 (precursor to RFC 3826)
- Use OIDs from http://www.snmp.com/eso/esoConsortiumMIB.txt
- Some code borrowed from PATCH 1346, thanks to
Alexander Ivanov and Vladimir Sukhorukov.
- BUG: 2622: Fix excessive indents in log file
- new config tokens:
- sendMessageMaxSize
- disableSNMPv1 / disableSNMPv2c
- new api for dynamic debug log level (netsnmp_set_debug_log_level)
snmpd:
- SNMP-TARGET-MIB: Fix snmpTargetAddrTAddress
- Com2sec and com2sec6 SOURCE values may deny sources as well as
permit.
- allow trap sinks to set Target-MIB characteristics (name, tag, profile)
- add source addr/port option to trapsink/trap2sink/informsink
- packet filtering by source ip (enableSourceFiltering/filtersource)
- several getbulk handling improvements
- several new APIs introduced for run-time configuration of agent:
- netsnmp_vacm_simple_usm_add/del
- usm_create_usmUser_*
- netsnmp_udp_com2SecEntry_create/netsnmp_udp_com2SecList_remove
- netsnmp_agent_listen_on to open agent port
Win32:
- Add support for the DTLS-UDP and TLS-TCP transports
scripts:
- A new 'checkbandwidth' script to check host min/max bandwidth
snmptranslate:
- Introduce bulk translation mode The special argument "-" causes
snmptranslate to enter bulk translation mode, in which it expects
one OID per line. Whitespace is treated as the end of the OID, and
only that portion of the line is replaced, meaning that this can be
used to translate, e.g., "snmpwalk" output without the proper MIBs
loaded: snmptranslate -m all -OX < numeric.txt > symbolic.txt
building:
- Add Travis and Appveyor CI support
- IPv6 support is now compiled by default. If you need an IPv4-only
agent, use --disable-ipv6.
- Fixed/improved support for several non-Linux platforms
- Many fixes found by Coverity anf Fortify scans
Changes:
1.52.1
------
* Bug Fixes
* lib/file: Fix SetSparse on Windows 7 which fixes downloads of
files > 250MB (Nick Craig-Wood)
* build
* Update go.mod to go1.14 to enable -mod=vendor build (Nick Craig-Wood)
* Remove quicktest from Dockerfile (Nick Craig-Wood)
* Build Docker images with GitHub actions (Matteo Pietro Dazzi)
* Update Docker build workflows (Nick Craig-Wood)
* Set user_allow_other in /etc/fuse.conf in the Docker image
(Nick Craig-Wood)
* Fix xgo build after go1.14 go.mod update (Nick Craig-Wood)
* docs
* Add link to source and modified time to footer of every
page (Nick Craig-Wood)
* Remove manually set dates and use git dates instead (Nick Craig-Wood)
* Minor tense, punctuation, brevity and positivity changes for the
home page (edwardxml)
* Remove leading slash in page reference in footer when present
(Nick Craig-Wood)
* Note commands which need obscured input in the docs (Nick Craig-Wood)
* obscure: Write more help as we are referencing it elsewhere
(Nick Craig-Wood)
* VFS
* Fix OS vs Unix path confusion - fixes ChangeNotify on Windows
(Nick Craig-Wood)
* Drive
* Fix missing items when listing using --fast-list / ListR
(Nick Craig-Wood)
* Putio
* Fix panic on Object.Open (Cenk Alti)
* S3
* Fix upload of single files into buckets without create permission
(Nick Craig-Wood)
* Fix --header-upload (Nick Craig-Wood)
* Tardigrade
* Fix listing bug by upgrading to v1.0.7
* Set UserAgent to rclone (Caleb Case)
iperf 3.8.1 2020-06-10
----------------------
* Notable user-visible changes
* A regression with "make install", where the libiperf shared
library files were not getting installed, has been fixed.
iperf 3.8 2020-06-08
--------------------
* Notable user-visible changes
* Profiled libraries and binaries are no longer built by default.
* A minimal Dockerfile has been added.
* A bug with burst mode and unlimited rate has been fixed
* Configuring with the --enable-static-bin flag will now cause
a statically-linked iperf3 binary to be built.
* Configuring with the --without-sctp flag will now prevent SCTP
from being auto-detected. This flag allows building a
static binary (see above item) on a CentOS system with SCTP
installed, because no static SCTP libraries are available.
* Clock skew between the iperf3 client and server will no longer
skew the computation of jitter during UDP tests.
* A possible buffer overflow in the authentication feature has been
fixed. This was only relevant when configuration authentication
using the libiperf3 API, and did not affect command-line usage.
Various other improvements and fixes in this area were also made.
* Notable developer-visible changes
* The embedded version of cJSON has been updated to 1.3.17.
* Some server authentication functions have been added to the API.
* API access has been added to the connection timeout parameter.
* Tests for some authentication functions have been added.
* Various compiler errors and warnings have been fixed.
Overview of changes in 3.36.0
=============================
* Updated translations:
Finnish
Kurdish (Sorani)
Overview of changes in 3.35.90
==============================
* Bugs fixed:
!41 Polish some rough edges in the Meson build
!43 build: Remove AC_ISC_POSIX
!44 build: Remove AC_HEADER_STDC
!45 kerberos-identity-manager: Remove unused signal handler ID
#43 daemon, dbus: Enable checking if a provider type is supported
* Updated translations:
Croatian
English (British)
Japanese
Malay
Overview of changes in 3.35.3
=============================
* Remove Pocket (!18)
* Bugs fixed:
!36 Drop the priv pointer from the GObject instance structures
!37 Port away from deprecated GLib API like g_memove and g_get_current_time
!39 webview: Port to JSCValue
!40 Use the G_DECLARE_* macros to reduce GObject boilerplate
#83 Add Exchange and Last.fm icons
* Updated translations:
Galician
Russian
Overview of changes in 3.35.1
=============================
* Bugs fixed:
#8 icons: Unbreak providers without any visual identity
* Updated translations:
Basque
Catalan
Traditional Chinese (Taiwan)
Czech
Danish
Dutch
Finnish
French
Friulian
Galician
German
Greek
Hungarian
Indonesian
Italian
Japanese
Korean
Latvian
Lithuanian
Persian
Polish
Portuguese (Brazilian)
Punjabi
Romanian
Serbian
Slovak
Slovenian
Spanish
Swedish
Turkish
Overview of changes in 3.33.91
==============================
* Support Fedora Account System (#26)
* Bugs fixed:
!21 owncloud: Use "Nextcloud", not "ownCloud", in user-visible errors
!23 build: Allow building with gettext ≥ 0.20
!26 webview: Make it more flexible in terms of its size
!28 kerberos: Use GTask's task data slot to leverage the compiler
!29 daemon: Return a D-Bus error if AddAccount fails to list all providers
!30 kerberos: Use GTask's task data slot to leverage the compiler
#73 build: Support the use of g_autolist with GoaObject
764157 Port to GTask from GSimpleAsyncResult
* Updated translations:
Basque
Czech
German
Indonesian
Karbi
Lithuanian
Polish
Romanian
Spanish
Swedish
Overview of changes in 3.32.0
=============================
* Updated translations:
Basque
Finnish
Gaelic (Scottish)
Icelandic
Overview of changes in 3.31.90
==============================
* Bugs fixed:
!17 icons: Replace PNGs with SVGs and add symbolics
!19 google: Only request the email field when getting the user's identity
796095 alarm: Refresh Kerberos tickets after a suspended system is resumed
* Updated translations:
Afrikaans
French
Japanese
Kabyle
Overview of changes in 3.31.3
=============================
* Remove Todoist
* Bugs fixed:
!14 build: Don't define _POSIX_PTHREAD_SEMANTICS and _REENTRANT
!15 identity: Port away from deprecated g_type_class_add_private
764157 Port to GTask from GSimpleAsyncResult
* Updated translations:
Belarusian
Esperanto
Estonian
Malayalam
Overview of changes in 3.30.0
=============================
* Updated translations:
Arabic
Overview of changes in 3.29.91
==============================
* Bugs fixed:
!2 build: Fix #FooObject style links
!8 Remove additional unnecessary GDestroyNotify casts
#10 build: Silence warning about _FORTIFY_SOURCE requiring optimization
Overview of changes in 3.29.4
=============================
* Bugs fixed:
!2 Port to meson build system
* Updated translations:
Occitan
Overview of changes in 3.29.1
=============================
* Remove Telepathy support (795322)
* Updated translations:
Simplified Chinese
Czech
StatZone 1.0.2 (2020-06-10)
- Use CLOCK_REALTIME if CLOCK_MONOTONIC is not available
- Remove unneeded <sys/select.h> include
- Define _GNU_SOURCE in CMakeLists.txt to avoid cluttering source files
- Allow the openat and write syscalls, they are used on glibc systems
- No need to set HAVE_SECCOMP to 1, defining it is enough
- Introduce the displaySummary() function, and use it to print summary
- Move elapsed time calculation in the displaySummary() function
- Add a signal handler for SIGINFO, to display progression on
supported platforms
- Do not use intermediate variable to calculate elapsed time
- Remove now useless runtime member from the results structure
3.48.1 (2020-05-18)
- If FileZilla is configured to restore open tabs on startup, the directory trees no longer shrink in size
3.48.1-rc1 (2020-05-12)
! MSW: The settings directory is now initially created with tight permissions restricted to the user's account. Previously the directory could have had inherited too wide permissions if a custom location outside the user's profile directory had been preconfigured.
+ Redesigned certificate dialog
+ During directory comparison and comparative search, Ctrl+Shift+A can now be used to select only the highlighted files
- Fixed import of settings
- Fixed local file editing if the option to track local file changes had been disabled
- Fixes to storing associations
3.48.0 (2020-04-27)
! Custom associations for file extensions containing spaces were not saved correctly
3.48.0-rc1 (2020-04-20)
+ Overhaul of file associations for editing files. The setting to inherit system associations has been removed. When first editing a type of file with no default editor set, a dialog is shown asking which editor to use. The system associatio, if it exists, is a choice in this dialog.
- SFTP: Re-added support for AES-GCM which was accidentally removed in 3.46.1
- Fixes for comparative search leaving the program in an inconsistent state when closing the dialog during an ongoing search
- Building and running FileZilla now depends on libfilezilla >= 0.20.0 (https://lib.filezilla-project.org/)
0.22.0 (2020-05-12)
+ Added a flag to fz::file to allow creation of files with permissions only granting the current user access
+ Added fz::mkdir to create local directories, optionally recursive and with permissions to only grant the current user access to the final directory
- MSW: Improvements handling directory reparse points
- Lengthen partial certificate chains in fz::tls_info to include any found trust anchor if using the system trust store
- Mark self-signed certificates in the in fz::x509_certificate
- Fix constructing fz::uri from default-constructed string_view
0.21.0 (2020-04-20)
+ macOS: fz::spawn_detached_process can now start application bundles
+ Changed arguments of fz::local_filesys::get_next_file to be consistent with fz::local_filesys::get_file_info
- Improved error detection for fz::spawn_detached-process on *nix systems that support the pipe2 syscall with O_CLOEXEC
0.1.7
Fixed Python 3 compatibility in the examples
Exposed network interface indexes in Adapter.index
Added the license file to distributions on PyPI
Fixed Illumos/Solaris compatibility
Set up universal wheels, ifaddr will have both source and wheel distributions on PyPI from now on
# 2020-05-20 Version 2.1.1
Important notes:
* CVE: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage
* CVE: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value
* CVE: GHSL-2020-102 OOB Write in crypto_rsa_common
* Enforce synchronous legacy RDP encryption count (#6156)
* Fixed some leaks and crashes missed in 2.1.0
* Removed dynamic channel listener limits
* Lots of resource cleanup fixes (clang sanitizers)
* A couple of performance improvements
* Various small annoyances eliminated (typos, prefilled username for windows client, ...)
v1.6.1
This is a fixup release on 1.6.0 in order to restore the auto upgrade
critera broken in 1.5.0.
Bugfixes:
* #6701: Syncthing 1.5.0+ auto upgrades even with auto upgrades disabled
in config
v1.6.0
This release performs a database schema migration, and adds the
BlockPullOrder, DisableFsync and MaxConcurrentWrites folder
options to the configuration schema.
The LocalChangeDetected event no longer has the action set to
added for new files, instead showing modified for all local file
changes.
Bugfixes:
* #3876: Removing and re-adding a folder may cause data loss
* #5731: 100% CPU every minute on watch setup retry
* #6268: Out of sync panel layout overflows
* #6557: Folder error repeatedly set and unset
* #6559: Deadlock on folder unsubscribe
* #6576: Versioning params in config flip flop in order
* #6578: Allow rescan at folder state "Local Additions"
* #6583: Distributed deadlock on request
* #6604: Docker healthcheck fails when run in host network
Enhancements:
* #5224: Accept new connections in place of old ones when appropriate
* #6530: Add "Pause All"/"Resume All" button for devices
* #6541: Limit number of concurrent writes while syncing
Other issues:
* #6575: Incomprehensible error message: 'directory is not empty; files
within are probably ignored on connected devices only'
* #6584: A field in a structure is sometimes protected by Mutex, but
sometimes unprotected.
* Version 2.0.43
- Built-in support for DNS64 translation has been implemented.
(Contributed by Sergey Smirnov, thanks!)
- Connections to DoH servers can be authenticated using TLS client
certificates (Contributed by Kevin O'Sullivan, thanks!)
- Multiple stamps are now allowed for a single server in resolvers
and relays lists.
- Android: the time zone for log files is now set to the system
time zone.
- Quite a lot of updates and additions have been made to the
example domain block lists. Thanks to `IceCodeNew`!
- Cached configuration files can now be temporarily used if
they are out of date, but bootstraping is impossible. Contributed by
`lifenjoiner`, thanks!
- Precompiled macOS binaries are now notarized.
- `generate-domains-blacklists` now tries to deduplicate entries
clobbered by wildcard rules. Thanks to `Huhni`!
- `generate-domains-blacklists` can now directly write lists to a
file with the `-o` command-line option.
- cache files are now downloaded as the user the daemon will be running
as. This fixes permission issues at startup time.
- Forwarded queries are now subject to global timeouts, and can be
forced to use TCP.
- The `ct` parameter has been removed from DoH queries, as Google doesn't
require it any more.
- Service installation is now supported on FreeBSD.
- When stored into a file, service logs now only contain data from the most
recent launch. This can be changed with the new `log_file_latest` option.
1.18.75
api-change:servicediscovery: Update servicediscovery command to latest version
api-change🛡️ Update shield command to latest version
1.18.74
api-change:apigateway: Update apigateway command to latest version
api-change:elasticbeanstalk: Update elasticbeanstalk command to latest version
api-change:cloudfront: Update cloudfront command to latest version
api-change:servicecatalog: Update servicecatalog command to latest version
api-change:personalize-runtime: Update personalize-runtime command to latest version
api-change:sagemaker-runtime: Update sagemaker-runtime command to latest version
api-change:personalize: Update personalize command to latest version
api-change:pinpoint: Update pinpoint command to latest version
1.18.73
api-change:mediapackage-vod: Update mediapackage-vod command to latest version
api-change:meteringmarketplace: Update meteringmarketplace command to latest version
api-change:lightsail: Update lightsail command to latest version
api-change:ssm: Update ssm command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.72
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:iam: Update iam command to latest version
api-change:directconnect: Update directconnect command to latest version
api-change:glue: Update glue command to latest version
api-change🇪🇸 Update es command to latest version
api-change:elasticache: Update elasticache command to latest version
1.18.71
api-change:guardduty: Update guardduty command to latest version
1.18.70
api-change:sagemaker: Update sagemaker command to latest version
api-change:emr: Update emr command to latest version
api-change:fsx: Update fsx command to latest version
api-change:worklink: Update worklink command to latest version
api-change:kms: Update kms command to latest version
api-change:athena: Update athena command to latest version
1.18.69
api-change:workmail: Update workmail command to latest version
api-change:kafka: Update kafka command to latest version
api-change:marketplace-catalog: Update marketplace-catalog command to latest version
api-change:qldb-session: Update qldb-session command to latest version
1.18.68
api-change:guardduty: Update guardduty command to latest version
api-change:elbv2: Update elbv2 command to latest version
1.13.25
api-change🛡️ [botocore] Update shield client to latest version
api-change:servicediscovery: [botocore] Update servicediscovery client to latest version
1.13.24
api-change:cloudfront: [botocore] Update cloudfront client to latest version
api-change:pinpoint: [botocore] Update pinpoint client to latest version
api-change:personalize-runtime: [botocore] Update personalize-runtime client to latest version
api-change:sagemaker-runtime: [botocore] Update sagemaker-runtime client to latest version
api-change:elasticbeanstalk: [botocore] Update elasticbeanstalk client to latest version
api-change:servicecatalog: [botocore] Update servicecatalog client to latest version
api-change:apigateway: [botocore] Update apigateway client to latest version
api-change:personalize: [botocore] Update personalize client to latest version
1.13.23
api-change:ssm: [botocore] Update ssm client to latest version
api-change:lightsail: [botocore] Update lightsail client to latest version
api-change:meteringmarketplace: [botocore] Update meteringmarketplace client to latest version
api-change:mediapackage-vod: [botocore] Update mediapackage-vod client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.13.22
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:iam: [botocore] Update iam client to latest version
api-change:directconnect: [botocore] Update directconnect client to latest version
api-change🇪🇸 [botocore] Update es client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
1.13.21
api-change:guardduty: [botocore] Update guardduty client to latest version
1.13.20
api-change:fsx: [botocore] Update fsx client to latest version
api-change:kms: [botocore] Update kms client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:athena: [botocore] Update athena client to latest version
api-change:worklink: [botocore] Update worklink client to latest version
api-change:emr: [botocore] Update emr client to latest version
1.13.19
api-change:marketplace-catalog: [botocore] Update marketplace-catalog client to latest version
api-change:kafka: [botocore] Update kafka client to latest version
api-change:qldb-session: [botocore] Update qldb-session client to latest version
api-change:workmail: [botocore] Update workmail client to latest version
1.13.18
api-change:guardduty: [botocore] Update guardduty client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
1.16.25
api-change🛡️ Update shield client to latest version
api-change:servicediscovery: Update servicediscovery client to latest version
1.16.24
api-change:cloudfront: Update cloudfront client to latest version
api-change:pinpoint: Update pinpoint client to latest version
api-change:personalize-runtime: Update personalize-runtime client to latest version
api-change:sagemaker-runtime: Update sagemaker-runtime client to latest version
api-change:elasticbeanstalk: Update elasticbeanstalk client to latest version
api-change:servicecatalog: Update servicecatalog client to latest version
api-change:apigateway: Update apigateway client to latest version
api-change:personalize: Update personalize client to latest version
1.16.23
api-change:ssm: Update ssm client to latest version
api-change:lightsail: Update lightsail client to latest version
api-change:meteringmarketplace: Update meteringmarketplace client to latest version
api-change:mediapackage-vod: Update mediapackage-vod client to latest version
api-change:ec2: Update ec2 client to latest version
1.16.22
api-change:elasticache: Update elasticache client to latest version
api-change:iam: Update iam client to latest version
api-change:directconnect: Update directconnect client to latest version
api-change🇪🇸 Update es client to latest version
api-change:glue: Update glue client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
1.16.21
api-change:guardduty: Update guardduty client to latest version
1.16.20
api-change:fsx: Update fsx client to latest version
api-change:kms: Update kms client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:athena: Update athena client to latest version
api-change:worklink: Update worklink client to latest version
api-change:emr: Update emr client to latest version
1.16.19
api-change:marketplace-catalog: Update marketplace-catalog client to latest version
api-change:kafka: Update kafka client to latest version
api-change:qldb-session: Update qldb-session client to latest version
api-change:workmail: Update workmail client to latest version
1.16.18
api-change:guardduty: Update guardduty client to latest version
api-change:elbv2: Update elbv2 client to latest version
v3.3.24
Fixed create and update operations for GoDaddy if CAA records are present
v3.3.23
Add initial support for UltraDNS provider Signed-off-by
remove hetzner special handling from dehydrated.default.sh as it's not supported anymore
2.1.6
- Revert "BUG/MEDIUM: connections: force connections cleanup on server changes"
- SCRIPTS: publish-release: pass -n to gzip to remove timestamp
- BUG/MINOR: peers: fix internal/network key type mapping.
- BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
- BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string
- BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
- BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics
- BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
- BUG/MINOR: init: -x can have a parameter starting with a dash
- BUG/MINOR: init: -S can have a parameter starting with a dash
- BUG/MEDIUM: mworker: fix the reload with an -- option
- BUG/MINOR: ssl: fix a trash buffer leak in some error cases
- BUG/MINOR: mworker: fix a memleak when execvp() failed
2.1.5
- BUG/MINOR: protocol_buffer: Wrong maximum shifting.
- MINOR: ssl: improve the errors when a crt can't be open
- BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
- BUG/MINOR: ssl: memleak of the struct cert_key_and_chain
- BUG/MINOR: connection: always send address-less LOCAL PROXY connections
- BUG/MINOR: peers: Incomplete peers sections should be validated.
- DOC: hashing: update link to hashing functions
- MINOR: version: Show uname output in display_version()
- DOC: Improve documentation on http-request set-src
- BUG/MINOR: ssl: default settings for ssl server options are not used
- BUG/MEDIUM: http-ana: Handle NTLM messages correctly.
- BUG/MINOR: tools: fix the i386 version of the div64_32 function
- BUG/MINOR: http: make url_decode() optionally convert '+' to SP
- DOC: option logasap does not depend on mode
- MEDIUM: memory: make pool_gc() run under thread isolation
- MINOR: contrib: make the peers wireshark dissector a plugin
- BUG/MINOR: check: Update server address and port to execute an external check
- MINOR: checks: Add a way to send custom headers and payload during http chekcs
- BUG/MINOR: checks: Respect the no-check-ssl option
- BUG/MEDIUM: server/checks: Init server check during config validity check
- BUG/MINOR: checks: chained expect will not properly wait for enough data
- BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function
- BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it
- BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream
- BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
- BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam
- BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam
- BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream
- BUG/MEDIUM: listener: mark the thread as not stuck inside the loop
- MINOR: threads: export the POSIX thread ID in panic dumps
- BUG/MINOR: debug: properly use long long instead of long for the thread ID
- BUG/MEDIUM: shctx: really check the lock's value while waiting
- BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock
- MINOR: stream: report the list of active filters on stream crashes
- MINOR: haproxy: export run_poll_loop
- MINOR: tools: add new function dump_addr_and_bytes()
- MINOR: tools: add resolve_sym_name() to resolve function pointers
- MINOR: debug: use resolve_sym_name() to dump task handlers
- MINOR: cli: make "show fd" rely on resolve_sym_name()
- MEDIUM: debug: add support for dumping backtraces of stuck threads
- MINOR: debug: call backtrace() once upon startup
- BUILD: Makefile: include librt before libpthread
- MINOR: wdt: do not depend on USE_THREAD
- MINOR: debug: report the number of entries in the backtrace
- MINOR: debug: improve backtrace() on aarch64 and possibly other systems
- MINOR: debug: use our own backtrace function on clang+x86_64
- MINOR: debug: dump the whole trace if we can't spot the starting point
- BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms
- BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr()
- BUILD: Makefile: add linux-musl to TARGET
- REGTEST: ssl: test the client certificate authentication
- REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script
- Revert "BUG/MINOR: connection: always send address-less LOCAL PROXY connections"
- Revert "BUG/MINOR: connection: make sure to correctly tag local PROXY connections"
- BUG/MINOR: checks/server: use_ssl member must be signed
- BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks
- BUG/MINOR: checks: Remove a warning about http health checks
- BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release()
- BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
- BUG/MEDIUM: connections: force connections cleanup on server changes
- BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed
- BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id()
- CLEANUP: connections: align function declaration
- BUG/MINOR: sample: Set the correct type when a binary is converted to a string
- BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
- BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
- BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT
- BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
- BUG/MINOR: http-ana: fix NTLM response parsing again
- BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
- BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered
- BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
- BUG/MINOR: pollers: remove uneeded free in global init
- BUG/MINOR: soft-stop: always wake up waiting threads on stopping
- BUILD: select: only declare existing local labels to appease clang
- BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry.
- BUG/MEDIUM: stream: Only allow L7 retries when using HTTP.
- BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt()
- BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason
- BUG/MEDIUM: ring: write-lock the ring while attaching/detaching
- BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified
- BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
- DOC: retry-on can only be used with mode http
- DOC/MINOR: halog: Add long help info for ic flag
- DOC: SPOE is no longer experimental
- BUG/MINOR: logs: prevent double line returns in some events.
- REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used
- BUG/MEDIUM: logs: fix trailing zeros on log message.
- BUG/MINOR: lua: Add missing string length for lua sticktable lookup
- BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf
Changes since 4.2.1:
* Released:
- 9th of April 2020
* New Features:
- api: add includerings option to statistics endpoint
* Improvements:
- cache: strictly enforce maximum size, and improve cleanup routine
* Bug Fixes:
- fix records ending up in wrong packet section
- avoid IXFR-in corruption when deltas come in close together.
Please see the IXFR-in corruption upgrade notes
- fix out-of-bound access for zero length "serialized" string when
using lmdbbackend.
- bind backend: pthread_mutex_t should be inited and destroyed and not be copied
* Reference:
- https://doc.powerdns.com/authoritative/changelog/4.2.html#change-4.2.2
Update ruby-recog to 2.3.8.
2.3.8 (2020-06-03)
Highlights:
* MariaDB and MySQL fingerprint improvements (#264, #267)
* Multiple fingerprint and consistency improvements by HD Moore (#260, #266)
* Kyocera Printer fingerprint improvements (#262)
5.67
Unbreak the KNSQuick::Engine::changedEntries functionality
5.68
Fix clicking thumb-only delegate
Fix scrolling on the EntryDetails page
Don't double delete CommentsModel
Cover also the qtquick plugin in the installed categories file
Use the right translation catalog to show translations
Fix the KNSQuick Dialog's close title and basic layout
5.69
Fix layout in DownloadItemsSheet
[QtQuick dialog] Port to UrlBUtton and hide when there's no URL
Switch to using Kirigami's ShadowedRectangle
Fix update scenarios with no explicit downloadlink selected
5.70
KNewStuff: Fix file path and process call
KNewStuff: port from KRun::runApplication to KIO::ApplicationLauncherJob
Replace Vokoscreen with VokoscreenNG
Introduce more user-visible error reporting for installations
Update ruby-connection_pool to 2.2.3.
2.2.3
------
- Pool now throws `ConnectionPool::TimeoutError` on timeout. [#130]
- Use monotonic clock present in all modern Rubies [Tero Tasanen, #109]
- Remove code hacks necessary for JRuby 1.7
- Expose wrapped pool from ConnectionPool::Wrapper [Thomas Lecavelier, #113]
v2.65.0
ENHANCEMENTS:
resource/aws_acm_certificate: Add status attribute
resource/aws_directory_servicedirectory: Add availability_zones attribute to vpc_settings block
resource/aws_directory_servicedirectory: Add availability_zones attribute to connect_settings block
resource/aws_directory_servicedirectory: Add plan time validation to customer_dns_ips in connect_settings block
resource/aws_ec2_client_vpn_endpoint: Add arn attribute and plan time validation to root_certificate_chain_arn (in authentication_options block), client_cidr_block, and server_certificate_arn
resource/aws_instance: Add plan time validation to volume_type(in ebs_block_device and root_block_device blocks), private_ip, ipv6_addresses, and tenancy
resource/aws_lb_listener_rule: Add support for multiple, weighted target groups in forward rules
resource/aws_lb_listener: Add support for multiple, weighted target groups in default actions
resource/aws_workspaces_ip_group: Add plan-time validation for rules.source
BUG FIXES:
resource/aws_acm_certificate: Detect AMAZON_ISSUED type validation_method value directly from API response instead of custom logic
resource/aws_acm_certificate: Increase deletion retries from 10 minutes to 20 minutes (better support API Gateway Custom Domain deletion)
resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with default_route_settings.logging_level argument for HTTP APIs
resource/aws_appmesh_route: Allow configuration of spec http_route action weighted_target weight argument to be 0
resource/aws_autoscaling_group: Prevent crash with tags argument containing boolean values in Terraform 0.11 and earlier
resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors
resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with ebs_block_device configuration blocks
resource/aws_kinesis_firehose_delivery_stream: Correctly set kinesis_source_configuration during import to prevent resource recreation
resource/aws_ses_configuration_set: Prevent Provider produced inconsistent result after apply errors during creation or import
resource/aws_workspaces_ip_group: Remove resource from state if deleted outside of Terraform
* Restore dumping leases from stdin
* auth: Only accept RECONFIGURE messages from LL addresses
* auth: Access the RDM monotonic counter file via privsep
* ARP: call arp_announced() when cancelling it
* BSD: fwip(4) interfaces are now ignored by default
* privsep: Ensure IPC buffers are large enough to carry messages
* privsep: Only open RAW sockets for the needed protocols
* privsep: Fix indirect ioctls returning data
* privsep: wait for processes on SIGCHLD rather than when sent a STOP cmd
* eloop: just use ppoll/pollts(2), falling back to pselect(2)
1.2.7 released
* add set_alert_fd in python binding, to supersede set_alert_notify
* fix bug in part files > 2 GiB
* add function to clear the peer list for a torrent
* fix resume data functions to save/restore more torrent flags
* limit number of concurrent HTTP announces
* fix queue position for force_rechecking a torrent that is not auto-managed
* improve rate-based choker documentation, and minor tweak
* undeprecate upnp_ignore_nonrouters (but refering to devices on our subnet)
* increase default tracker timeout
* retry failed socks5 server connections
* allow UPnP lease duration to be changed after device discovery
* fix IPv6 address change detection on Windows
Release v1.29.1
PHP
PHP: Fix include path for boringssl in windows build
Objective-C
--grpc_out: protoc-gen-grpc: Plugin killed by signal 6.
Release v1.29.0
Core
Move decompression into gRPC Core.
Introduce CFRunLoop based iomgr.
Add option for logging keepalive pings.
Clamp the receive flow control window size to ((1 << 31) - 1).
CallCredentials debug string API.
C++
Append to CMAKE_MODULE_PATH instead of replacing it.
Clean way to enable C and C++ standards in cmake.
Autogenerate build.yaml equivalent from bazel BUILD metadata (with bazel query xml).
This code was very complicated and easily broke, for example when termcap is
builtin but curses is not, resulting in circular dependencies.
Such core packages should default to a safe set of build options, unless they
can be reliably added to PKG_SUGGESTED_OPTIONS, to avoid a miserable first
experience for users running on older or quirky platforms.
c-ares version 1.16.1
Security:
* Prevent possible use-after-free and double-free in ares_getaddrinfo() if ares_destroy() is called prior to ares_getaddrinfo() completing. Reported by Jann Horn at Google Project Zero.
Changes:
* Allow TXT records on CHAOS qclass. Used for retriving things like version.bind, version.server, authoris.bind, hostname.bind, and id.server.
Bug fixes:
* Fix Windows Unicode incompatibilities with ares_getaddrinfo()
* Silence false cast-align compiler warnings due to valid casts of struct sockaddr to struct sockaddr_in and struct sockaddr_in6.
* MacOS should use libresolv for retrieving DNS servers, like iOS
* CMake build system should populate the INCLUDE_DIRECTORIES property of installed targets
* Correct macros in use for the ares_getaddrinfo.3 man page
There was build problem after pkg-config was aded to USE_TOOLS if
PKG_DEVELOPER is enabled, causing WRKDIR reference.
Fix method is dirty (or quick) hack.
There was build problem after pkg-config was aded to USE_TOOLS if
PKG_DEVELOPER is enabled, causing WRKDIR reference.
Fix method is dirty (or quick) hack.
The null provider is a rather-unusual provider that has constructs that
intentionally do nothing. This may sound strange, and indeed these constructs
do not need to be used in most cases, but they can be useful in various
situations to help orchestrate tricky behavior or work around limitations.
v2.64.0
ENHANCEMENTS:
data-source/aws_directory_service_directory: connect_settings connect_ips attribute now set
resource/aws_directory_service_directory: connect_settings connect_ips attribute now set
resource/aws_iot_topic_rule: Add step_functions configuration block
resource/aws_ses_event_destination: Support resource import
BUG FIXES:
data-source/aws_elasticsearch_domain: processing is now correctly set
resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names)
resource/aws_api_gateway_method_settings: settings now properly set
resource/aws_autoscaling_group: Ignore ordering differences for tags argument (prevent unexpected differences from version 2.63.0)
resource/aws_codebuild_project: Enable drift detection for environment_variable argument
resource/aws_codebuild_project: Prevent inconsistent final plan errors with source configuration block
resource/aws_ecs_task_definition: Ensure efs_volume_configuration changes are properly detected
resource/aws_lb_cookie_stickiness_policy: cookie_expiration_policy now properly set
resource/aws_lightsail_instance: ram_size now properly set
resource/aws_load_balancer_backend_server_policy: instance_port now properly set
resource/aws_load_balancer_listener_policy: load_balancer_port now properly set
resource/aws_opsworks_application: environment secure now properly set
resource/aws_security_group_rule: Correctly set description after state refresh when source_security_group_id refers to a security group across accounts
resource/aws_ses_active_receipt_rule_set: Recreate resource when destroyed outside of Terraform
resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection)
resource/aws_ses_receipt_rule: Recreate resource when destroyed outside of Terraform
resource/aws_sns_topic: Attributes of type schema.TypeInt are now correctly set
v0.12.26
ENHANCEMENTS:
backend/remote: Can now accept -target options when creating a plan using remote operations, if supported by the target server. (Server-side support for this in Terraform Cloud and Terraform Enterprise will follow in forthcoming releases of each.)
cli: A special new lifecycle mode for provider plugins where they are assumed to be controlled by an external process outside of Terraform. This is for automated provider plugin testing only, and is not an end-user feature.
pkgsrc changes:
- Update patches due file renames
Changes:
1.52.0
------
Special thanks to Martin Michlmayr for proof reading and correcting all
the docs and Edward Barker for helping re-write the front page.
* New backends
* Tardigrade backend for use with storj.io (Caleb Case)
* Union re-write to have multiple writable remotes (Max Sum)
* Seafile for Seafile server (Fred @creativeprojects)
* New commands
* backend: command for backend specific commands (see backends)
(Nick Craig-Wood)
* cachestats: Deprecate in favour of `rclone backend stats cache:`
(Nick Craig-Wood)
* dbhashsum: Deprecate in favour of `rclone hashsum DropboxHash` (Nick Craig-Wood)
* New Features
* Add `--header-download` and `--header-upload` flags for setting
HTTP headers when uploading/downloading (Tim Gallant)
* Add `--header` flag to add HTTP headers to every HTTP transaction
(Nick Craig-Wood)
* Add `--check-first` to do all checking before starting transfers
(Nick Craig-Wood)
* Add `--track-renames-strategy` for configurable matching criteria for
`--track-renames` (Bernd Schoolmann)
* Add `--cutoff-mode` hard,soft,catious (Shing Kit Chan & Franklyn Tackitt)
* Filter flags (eg `--files-from -`) can read from stdin (fishbullet)
* Add `--error-on-no-transfer` option (Jon Fautley)
* Implement `--order-by xxx,mixed` for copying some small and some big
files (Nick Craig-Wood)
* Allow `--max-backlog` to be negative meaning as large as possible
(Nick Craig-Wood)
* Added `--no-unicode-normalization` flag to allow Unicode filenames to
remain unique (Ben Zenker)
* Allow `--min-age`/`--max-age` to take a date as well as a duration
(Nick Craig-Wood)
* Add rename statistics for file and directory renames (Nick Craig-Wood)
* Add statistics output to JSON log (reddi)
* Make stats be printed on non-zero exit code (Nick Craig-Wood)
* When running `--password-command` allow use of stdin (Sébastien Gross)
* Stop empty strings being a valid remote path (Nick Craig-Wood)
* accounting: support WriterTo for less memory copying (Nick Craig-Wood)
* build
* Update to use go1.14 for the build (Nick Craig-Wood)
* Add `-trimpath` to release build for reproduceable builds
(Nick Craig-Wood)
* Remove GOOS and GOARCH from Dockerfile (Brandon Philips)
* config
* Fsync the config file after writing to save more reliably
(Nick Craig-Wood)
* Add `--obscure` and `--no-obscure` flags to `config create`/`update`
(Nick Craig-Wood)
* Make `config show` take `remote:` as well as `remote` (Nick Craig-Wood)
* copyurl: Add `--no-clobber` flag (Denis)
* delete: Added `--rmdirs` flag to delete directories as well (Kush)
* filter: Added `--files-from-raw` flag (Ankur Gupta)
* genautocomplete: Add support for fish shell (Matan Rosenberg)
* log: Add support for syslog LOCAL facilities (Patryk Jakuszew)
* lsjson: Add `--hash-type` parameter and use it in lsf to speed up
hashing (Nick Craig-Wood)
* rc
* Add `-o`/`--opt` and `-a`/`--arg` for more structured input
(Nick Craig-Wood)
* Implement `backend/command` for running backend specific commands
remotely (Nick Craig-Wood)
* Add `mount/mount` command for starting `rclone mount` via the
API (Chaitanya)
* rcd: Add Prometheus metrics support (Gary Kim)
* serve http
* Added a `--template` flag for user defined markup (calistri)
* Add Last-Modified headers to files and directories (Nick Craig-Wood)
* serve sftp: Add support for multiple host keys by repeating `--key` flag
(Maxime Suret)
* touch: Add `--localtime` flag to make `--timestamp` localtime not UTC
(Nick Craig-Wood)
* Bug Fixes
* accounting
* Restore "Max number of stats groups reached" log line (Michał Matczuk)
* Correct exitcode on Transfer Limit Exceeded flag. (Anuar Serdaliyev)
* Reset bytes read during copy retry (Ankur Gupta)
* Fix race clearing stats (Nick Craig-Wood)
* copy: Only create empty directories when they don't exist on the remote
(Ishuah Kariuki)
* dedupe: Stop dedupe deleting files with identical IDs (Nick Craig-Wood)
* oauth
* Use custom http client so that `--no-check-certificate` is honored by
oauth token fetch (Mark Spieth)
* Replace deprecated oauth2.NoContext (Lars Lehtonen)
* operations
* Fix setting the timestamp on Windows for multithread copy
(Nick Craig-Wood)
* Make rcat obey `--ignore-checksum` (Nick Craig-Wood)
* Make `--max-transfer` more accurate (Nick Craig-Wood)
* rc
* Fix dropped error (Lars Lehtonen)
* Fix misplaced http server config (Xiaoxing Ye)
* Disable duplicate log (ElonH)
* serve dlna
* Cds: don't specify childCount at all when unknown (Dan Walters)
* Cds: use modification time as date in dlna metadata (Dan Walters)
* serve restic: Fix tests after restic project removed vendoring
(Nick Craig-Wood)
* sync
* Fix incorrect "nothing to transfer" message using `--delete-before`
(Nick Craig-Wood)
* Only create empty directories when they don't exist on the remote
(Ishuah Kariuki)
* Mount
* Add `--async-read` flag to disable asynchronous reads (Nick Craig-Wood)
* Ignore `--allow-root` flag with a warning as it has been removed upstream
(Nick Craig-Wood)
* Warn if `--allow-non-empty` used on Windows and clarify docs
(Nick Craig-Wood)
* Constrain to go1.13 or above otherwise bazil.org/fuse fails to compile
(Nick Craig-Wood)
* Fix fail because of too long volume name (evileye)
* Report 1PB free for unknown disk sizes (Nick Craig-Wood)
* Map more rclone errors into file systems errors (Nick Craig-Wood)
* Fix disappearing cwd problem (Nick Craig-Wood)
* Use ReaddirPlus on Windows to improve directory listing performance (Nick Craig-Wood)
* Send a hint as to whether the filesystem is case insensitive or not (Nick Craig-Wood)
* Add rc command `mount/types` (Nick Craig-Wood)
* Change maximum leaf name length to 1024 bytes (Nick Craig-Wood)
* VFS
* Add `--vfs-read-wait` and `--vfs-write-wait` flags to control time
waiting for a sequential read/write (Nick Craig-Wood)
* Change default `--vfs-read-wait` to 20ms (it was 5ms and not configurable)
(Nick Craig-Wood)
* Make `df` output more consistent on a rclone mount. (Yves G)
* Report 1PB free for unknown disk sizes (Nick Craig-Wood)
* Fix race condition caused by unlocked reading of Dir.path (Nick Craig-Wood)
* Make File lock and Dir lock not overlap to avoid deadlock (Nick Craig-Wood)
* Implement lock ordering between File and Dir to eliminate deadlocks
(Nick Craig-Wood)
* Factor the vfs cache into its own package (Nick Craig-Wood)
* Pin the Fs in use in the Fs cache (Nick Craig-Wood)
* Add SetSys() methods to Node to allow caching stuff on a node
(Nick Craig-Wood)
* Ignore file not found errors from Hash in Read.Release (Nick Craig-Wood)
* Fix hang in read wait code (Nick Craig-Wood)
* Local
* Speed up multi thread downloads by using sparse files on Windows
(Nick Craig-Wood)
* Implement `--local-no-sparse` flag for disabling sparse files
(Nick Craig-Wood)
* Implement `rclone backend noop` for testing purposes (Nick Craig-Wood)
* Fix "file not found" errors on post transfer Hash calculation
(Nick Craig-Wood)
* Cache
* Implement `rclone backend stats` command (Nick Craig-Wood)
* Fix Server Side Copy with Temp Upload (Brandon McNama)
* Remove Unused Functions (Lars Lehtonen)
* Disable race tests until bbolt is fixed (Nick Craig-Wood)
* Move methods used for testing into test file (greatroar)
* Add Pin and Unpin and canonicalised lookup (Nick Craig-Wood)
* Use proper import path go.etcd.io/bbolt (Robert-André Mauchin)
* Crypt
* Calculate hashes for uploads from local disk (Nick Craig-Wood)
* This allows crypted Jottacloud uploads without using local disk
* This means crypted s3/b2 uploads will now have hashes
* Added `rclone backend decode`/`encode` commands to replicate functionality
of `cryptdecode` (Anagh Kumar Baranwal)
* Get rid of the unused Cipher interface as it obfuscated the code
(Nick Craig-Wood)
* Azure Blob
* Implement streaming of unknown sized files so `rcat` is now supported
(Nick Craig-Wood)
* Implement memory pooling to control memory use (Nick Craig-Wood)
* Add `--azureblob-disable-checksum` flag (Nick Craig-Wood)
* Retry `InvalidBlobOrBlock` error as it may indicate block concurrency
problems (Nick Craig-Wood)
* Remove unused `Object.parseTimeString()` (Lars Lehtonen)
* Fix permission error on SAS URL limited to container (Nick Craig-Wood)
* B2
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Ignore directory markers at the root also (Nick Craig-Wood)
* Force the case of the SHA1 to lowercase (Nick Craig-Wood)
* Remove unused `largeUpload.clearUploadURL()` (Lars Lehtonen)
* Box
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Implement About to read size used (Nick Craig-Wood)
* Add token renew function for jwt auth (David Bramwell)
* Added support for interchangeable root folder for Box backend (Sunil Patra)
* Remove unnecessary iat from jws claims (David)
* Drive
* Follow shortcuts by default, skip with `--drive-skip-shortcuts`
(Nick Craig-Wood)
* Implement `rclone backend shortcut` command for creating shortcuts
(Nick Craig-Wood)
* Added `rclone backend` command to change `service_account_file` and
`chunk_size` (Anagh Kumar Baranwal)
* Fix missing files when using `--fast-list` and `--drive-shared-with-me`
(Nick Craig-Wood)
* Fix duplicate items when using `--drive-shared-with-me` (Nick Craig-Wood)
* Extend `--drive-stop-on-upload-limit` to respond to
`teamDriveFileLimitExceeded`. (harry)
* Don't delete files with multiple parents to avoid data loss
(Nick Craig-Wood)
* Server side copy docs use default description if empty (Nick Craig-Wood)
* Dropbox
* Make error insufficient space to be fatal (harry)
* Add info about required redirect url (Elan Ruusamäe)
* Fichier
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Implement custom pacer to deal with the new rate limiting (buengese)
* FTP
* Fix lockup when using concurrency limit on failed connections
(Nick Craig-Wood)
* Fix lockup on failed upload when using concurrency limit (Nick Craig-Wood)
* Fix lockup on Close failures when using concurrency limit (Nick Craig-Wood)
* Work around pureftp sending spurious 150 messages (Nick Craig-Wood)
* Google Cloud Storage
* Add support for `--header-upload` and `--header-download` (Nick Craig-Wood)
* Add `ARCHIVE` storage class to help (Adam Stroud)
* Ignore directory markers at the root (Nick Craig-Wood)
* Googlephotos
* Make the start year configurable (Daven)
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Create feature/favorites directory (Brandon Philips)
* Fix "concurrent map write" error (Nick Craig-Wood)
* Don't put an image in error message (Nick Craig-Wood)
* HTTP
* Improved directory listing with new template from Caddy project (calisro)
* Jottacloud
* Implement `--jottacloud-trashed-only` (buengese)
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Use `RawURLEncoding` when decoding base64 encoded login token (buengese)
* Implement cleanup (buengese)
* Update docs regarding cleanup, removed remains from old auth, and added
warning about special mountpoints. (albertony)
* Mailru
* Describe 2FA requirements (valery1707)
* Onedrive
* Implement `--onedrive-server-side-across-configs` (Nick Craig-Wood)
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Fix occasional 416 errors on multipart uploads (Nick Craig-Wood)
* Added maximum chunk size limit warning in the docs (Harry)
* Fix missing drive on config (Nick Craig-Wood)
* Make error `quotaLimitReached` to be fatal (harry)
* Opendrive
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Pcloud
* Added support for interchangeable root folder for pCloud backend
(Sunil Patra)
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Fix initial config "Auth state doesn't match" message (Nick Craig-Wood)
* Premiumizeme
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Prune unused functions (Lars Lehtonen)
* Putio
* Add support for `--header-upload` and `--header-download` (Nick Craig-Wood)
* Make downloading files use the rclone http Client (Nick Craig-Wood)
* Fix parsing of remotes with leading and trailing / (Nick Craig-Wood)
* Qingstor
* Make `rclone cleanup` remove pending multipart uploads older than 24h
(Nick Craig-Wood)
* Try harder to cancel failed multipart uploads (Nick Craig-Wood)
* Prune `multiUploader.list()` (Lars Lehtonen)
* Lint fix (Lars Lehtonen)
* S3
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Use memory pool for buffer allocations (Maciej Zimnoch)
* Add SSE-C support for AWS, Ceph, and MinIO (Jack Anderson)
* Fail fast multipart upload (Michał Matczuk)
* Report errors on bucket creation (mkdir) correctly (Nick Craig-Wood)
* Specify that Minio supports URL encoding in listings (Nick Craig-Wood)
* Added 500 as retryErrorCode (Michał Matczuk)
* Use `--low-level-retries` as the number of SDK retries
(Aleksandar Janković)
* Fix multipart abort context (Aleksandar Jankovic)
* Replace deprecated `session.New()` with `session.NewSession()`
(Lars Lehtonen)
* Use the provided size parameter when allocating a new memory pool
(Joachim Brandon LeBlanc)
* Use rclone's low level retries instead of AWS SDK to fix listing retries
(Nick Craig-Wood)
* Ignore directory markers at the root also (Nick Craig-Wood)
* Use single memory pool (Michał Matczuk)
* Do not resize buf on put to memBuf (Michał Matczuk)
* Improve docs for `--s3-disable-checksum` (Nick Craig-Wood)
* Don't leak memory or tokens in edge cases for multipart upload
(Nick Craig-Wood)
* Seafile
* Implement 2FA (Fred)
* SFTP
* Added `--sftp-pem-key` to support inline key files (calisro)
* Fix post transfer copies failing with 0 size when using
`set_modtime=false` (Nick Craig-Wood)
* Sharefile
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Sugarsync
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Swift
* Add support for `--header-upload` and `--header-download` (Nick Craig-Wood)
* Fix cosmetic issue in error message (Martin Michlmayr)
* Union
* Implement multiple writable remotes (Max Sum)
* Fix server-side copy (Max Sum)
* Implement ListR (Max Sum)
* Enable ListR when upstreams contain local (Max Sum)
* WebDAV
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
* Fix `X-OC-Mtime` header for Transip compatibility (Nick Craig-Wood)
* Report full and consistent usage with `about` (Yves G)
* Yandex
* Add support for `--header-upload` and `--header-download` (Tim Gallant)
Changelog:
Monday, May 25, 2020
Bugfixes:
Old ZSK can be withdrawn too early during a ZSK rollover if maximum zone TTL is computed automatically
Server responds SERVFAIL to ANY queries on empty non-terminal nodes
Improvements:
Also module onlinesign returns minimized responses to ANY queries
Linking against libcap-ng can be disabled via a configure option
1.18.67
api-change:quicksight: Update quicksight command to latest version
api-change:macie: Update macie command to latest version
api-change:elasticache: Update elasticache command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:dlm: Update dlm command to latest version
api-change:ssm: Update ssm command to latest version
1.18.66
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:autoscaling: Update autoscaling command to latest version
1.18.65
api-change:codebuild: Update codebuild command to latest version
api-change:s3: Update s3 command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:synthetics: Update synthetics command to latest version
1.18.64
api-change:codedeploy: Update codedeploy command to latest version
api-change:securityhub: Update securityhub command to latest version
api-change:chime: Update chime command to latest version
api-change:medialive: Update medialive command to latest version
api-change:backup: Update backup command to latest version
api-change:application-autoscaling: Update application-autoscaling command to latest version
api-change:appmesh: Update appmesh command to latest version
1.18.63
api-change:health: Update health command to latest version
bugfix:s3: Mute warnings for not restored glacier deep archive objects if --ignore-glacier-warnings option enabled. Fixes#4039
api-change:transcribe: Update transcribe command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:chime: Update chime command to latest version
1.18.62
api-change:qldb: Update qldb command to latest version
api-change:ecs: Update ecs command to latest version
api-change:dynamodb: Update dynamodb command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:chime: Update chime command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.61
api-change:ecr: Update ecr command to latest version
api-change:glue: Update glue command to latest version
api-change:cloudformation: Update cloudformation command to latest version
api-change:sts: Update sts command to latest version
1.18.60
api-change:imagebuilder: Update imagebuilder command to latest version
api-change:ec2: Update ec2 command to latest version
1.18.59
api-change:elasticache: Update elasticache command to latest version
api-change:macie2: Update macie2 command to latest version
1.18.58
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:workmail: Update workmail command to latest version
1.13.17
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:dlm: [botocore] Update dlm client to latest version
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:macie: [botocore] Update macie client to latest version
1.13.16
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
1.13.15
api-change:synthetics: [botocore] Update synthetics client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
api-change:s3: [botocore] Update s3 client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.13.14
api-change:backup: [botocore] Update backup client to latest version
api-change:codedeploy: [botocore] Update codedeploy client to latest version
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:application-autoscaling: [botocore] Update application-autoscaling client to latest version
api-change:appmesh: [botocore] Update appmesh client to latest version
1.13.13
api-change:transcribe: [botocore] Update transcribe client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:health: [botocore] Update health client to latest version
api-change:chime: [botocore] Update chime client to latest version
1.13.12
api-change:chime: [botocore] Update chime client to latest version
api-change:qldb: [botocore] Update qldb client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:ecs: [botocore] Update ecs client to latest version
api-change:dynamodb: [botocore] Update dynamodb client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
1.13.11
api-change:sts: [botocore] Update sts client to latest version
api-change:ecr: [botocore] Update ecr client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
1.13.10
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:imagebuilder: [botocore] Update imagebuilder client to latest version
1.13.9
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
1.13.8
api-change:workmail: [botocore] Update workmail client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
enchancement:Endpoints: [botocore] Improved endpoint resolution for clients with unknown regions
1.16.17
api-change:elasticache: Update elasticache client to latest version
api-change:dlm: Update dlm client to latest version
api-change:quicksight: Update quicksight client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:macie: Update macie client to latest version
1.16.16
api-change:autoscaling: Update autoscaling client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
1.16.15
api-change:synthetics: Update synthetics client to latest version
api-change:codebuild: Update codebuild client to latest version
api-change:s3: Update s3 client to latest version
api-change:ec2: Update ec2 client to latest version
1.16.14
api-change:backup: Update backup client to latest version
api-change:codedeploy: Update codedeploy client to latest version
api-change:securityhub: Update securityhub client to latest version
api-change:chime: Update chime client to latest version
api-change:medialive: Update medialive client to latest version
api-change:application-autoscaling: Update application-autoscaling client to latest version
api-change:appmesh: Update appmesh client to latest version
1.16.13
api-change:transcribe: Update transcribe client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:health: Update health client to latest version
api-change:chime: Update chime client to latest version
1.16.12
api-change:chime: Update chime client to latest version
api-change:qldb: Update qldb client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:ecs: Update ecs client to latest version
api-change:dynamodb: Update dynamodb client to latest version
api-change:macie2: Update macie2 client to latest version
1.16.11
api-change:sts: Update sts client to latest version
api-change:ecr: Update ecr client to latest version
api-change:glue: Update glue client to latest version
api-change:cloudformation: Update cloudformation client to latest version
1.16.10
api-change:ec2: Update ec2 client to latest version
api-change:imagebuilder: Update imagebuilder client to latest version
1.16.9
api-change:elasticache: Update elasticache client to latest version
api-change:macie2: Update macie2 client to latest version
1.16.8
api-change:workmail: Update workmail client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
enchancement:Endpoints: Improved endpoint resolution for clients with unknown regions
This had a SUBST block to fix /usr/share to ${PREFIX}/share. It was
doing this to files where the pattern didn't match, and also missed
fixin up /usr/bin. Split into a bin and a share SUBST, and loosen the
regexp (specifically, to match /syncthing rather than just
/syncthing-gtk). Tested to basically work on NetBSD 8. Desktop files
etc. appear much better than before.
(Found by newish SUBST noop check.)
0.26.3
Improved readability of logged incoming data.
Threads are given unique names now to aid debugging.
Fixed a regression where get_service_info() called within a listener add_service method would deadlock, timeout and incorrectly return None.
This module allows you to perform IP subnet calculations, there is support for
both IPv4 and IPv6 CIDR notation.
This is required by dane(1) from security/sshfp.
dnspython is a DNS toolkit for Python. It supports almost all record types. It
can be used for queries, zone transfers, and dynamic updates. It supports TSIG
authenticated messages and EDNS0.
dnspython provides both high and low level access to DNS. The high level
classes perform queries for data of a given name, type, and class, and return
an answer set. The low level classes allow direct manipulation of DNS zones,
messages, names, and records.
0.8.0:
[FEATURE] Added ASGI application
[FEATURE] Add support for parsing timestamps in Prometheus exposition format.
[FEATURE] Add target_info to registries
[ENHANCEMENT] Handle empty and slashes in label values for pushgateway
[ENHANCEMENT] Various updates for latest OpenMetrics draft spec
[ENHANCEMENT] Add HELP output for auto-created metrics
[ENHANCEMENT] Use mmap.PAGESIZE constant as value for first read.
[ENHANCEMENT] Add __repr__ method to metric objects, make them debug friendly.
[ENHANCEMENT] Add observability check to metrics
[BUGFIX] Fix urlparse in python >= 3.7.6
[BUGFIX] Cleaning up name before appending unit on name
[BUGFIX] Allow for OSError on Google App Engine
