2.3.20 (2021-05-13)
Highlights:
* BUG: Fix for a regex performance bug in http_servers when matching
IPs. This was brought to our attention by @hudclark (#353)
* BUG: Fix for a CPE generation bug in which we were using deprecated
CPEs. This was brought to our attention by @p0lr (#361)
* CPE: Remapping logic was refactored so that remaps are specific record
type (a,h,o) which provides much greater flexibility. (#361)
* CPE: Focused improvements in coverage (#349)
* Fingerprints: Misc improvements (Thanks @cblack-r7, @dabdine, @sdynes-r7)
(#341, #344, #345, #351, #354, #355)
* Fingerprints: HTTP - focused work on HTTP related (http_servers,
html_title, etc) fingerprints (#352, #357, #358, #359)
* Tooling: Adding field names (os.vendor, service.product, etc) to our
standard identifier checks (#350)
2.2.18 (May 25, 2021)
Security fixes:
* Fix dependency confusion issues with implicit dependencies #4609
Enhancements:
* Use simpler notation for generated required_ruby_version #4598
* Undeprecate bundle show #4586
* Make sure link to new issue uses the proper template #4592
Bug fixes:
* Fix platform specific gems being removed from the lockfile #4580
2.8.1 (2021-05-14)
* Wait for STDOUT to be flushed before exiting the node runtime
2.8.0 (2021-05-12)
* Fix Ruby 3.0 compatibility on Windows
* Undefine console, process and other globals. See #43
* Removed the RubyRacer runtime as it is no longer maintained and broken on
recent rubies.
* Node runtime look for node before nodejs.
1.29.1 (2021-05-20)
* Reraise the same exception object for exceptions with additional methods.
* Readme: Remove homepage section, the link shows a 404.
(pkgsrc chagnes)
- Add TEST_DEPENDS+=
(upstream changes)
# hms 1.1.0
## Breaking changes
- `"hms"` objects no longer have a common type with `character` and `numeric`. Combining such values previously threw a warning, now throws an error (#94).
- `vec_cast()` and `as_hms()` throw error instead of a warning if input can't be parsed (#68).
## Features
- New `unique.hms()` method (#98, @joethorley).
- `as_hms()` is a generic again (#81).
## Internal
- Avoid `LazyData` in `DESCRIPTION`.
- Bump required versions of ellipsis and vctrs to avoid warning during package load.
- Using lifecycle package (#94).
# hms 1.0.0
## Life cycle
- hms is now marked as "stable".
## Breaking changes
- `"hms"` objects no longer have a common type with `character` and `numeric`. Combining such values previously threw a warning, now throws an error (#94).
- `vec_cast()` and `as_hms()` now throw error instead of a warning if input can't be parsed (#68).
## Features
- `as_hms()` is a generic again (#81).
- `round_hms()` and `trunc_hms()` gain `digits` argument (#78, @hglanz).
## Bug fixes
- `as_hms()` and `vec_cast()` now correctly treat objects of class `"difftime"` with `integer` mode (#84).
## Internal
- Using lifecycle package (#94).
- hms has been re-licensed as MIT (#86).
# hms 0.5.3
- Use `vec_default_ptype2()`, remove `vec_ptype2.hms.unspecified()` (#80, @romainfrancois).
- `vec_ptype2.hms.default()` forwards to `vec_default_ptype2()` for compatibility with vctrs 0.2.1.
- Remove `as.data.frame.hms()`, handeld by vctrs.
# hms 0.5.2.9000
- Internal changes only.
# hms 0.5.2
- Work around parsing error that occurs on DST changeover dates (https://bugs.r-project.org/bugzilla/show_bug.cgi?id=16764).
# hms 0.5.1
- Lossy casts from `character` vectors to `hms` now also trigger a warning if the cast succeeds in the first element of the vector but fails for other elements.
Changelog:
Version 21.0.2 May 20 2021
Changes
* L10n: Add word user in FederatedShareProvider.php (server#26508)
* Increase subnet matcher (server#26514)
* Limit size of properties to 2048 characters (server#26525)
* Fix accessibility issues on log in screen (server#26535)
* Fix constraint violation detection in QB Mapper (server#26587)
* Bump ssri from 6.0.1 to 6.0.2 (server#26604)
* Add force option to app install command (server#26607)
* Update root.crl due to revoked news.crt (server#26616)
* Do not allow adding file drop shares to your own cloud (server#26621)
* Fix empty password check for mail shares (server#26625)
* Require read permissions for federated shares (server#26636)
* Ensure redis returns bool for hasKey (server#26639)
* Make lookup search explicit (server#26641)
* Update psalm baseline (server#26653)
* Fix broken Expiration test (server#26667)
* Do not stop directory listing when ACL is blocking access (server#26677)
* Mention MariaDB in MySQL support warning (server#26685)
* Make Testcase class compatible with phpunit-9.5 (server#26690)
* Explicitly check hex2bin input (server#26694)
* Remove undefined parameter, add description (server#26702)
* FIx Oracle by testing on Ubuntu 20.04 until oci8.so is available for ??
(server#26703)
* Update icewind/smb to 3.4.1 (server#26704)
* Bump @nextcloud/dialogs from 3.1.1 to 3.1.2 (server#26733)
* Private cannot be final (server#26752)
* Fix installer deprecation warnings for PHP 8 (server#26759)
* Validate the website field input to be a valid URL (server#26760)
* Respect the error level when logging (server#26766)
* Improve federated permission handling (server#26770)
* No longer add trusted servers on federated share creation (server#26778)
* Fix ratelimit template (server#26789)
* LDAP: do not bother to search after the last page (server#26797)
* Fail when creating new files with an empty path (server#26808)
* Only return display name as editable when the user backend allows it
(server#26815)
* Do not try to contact lookup server if not needed (server#26823)
* Only perform login check during ownership transfer for encryption (server#
26863)
* Fix creating vcards with multiple string values (server#26865)
* L10n: Spelling unification (server#26881)
* Remove self setting checking which can not be set anymore (activity#574)
* Ensure link names are unique for accessibility, thanks @nickvergessen, fix
#575 (activity#578)
* Use PNG images in daily activity summary emails (activity#584)
* Fix accessibility issues in PDF pt. II (example-files#18)
* Fix admin notification api (notifications#929)
* Only push delete-push to devices that also got the notification
(notifications#938)
* Move counting storage statistics to the background (serverinfo#298)
* Hide squashfs and overlay-FS from the overview (serverinfo#304)
* Add download button in actions menu (viewer#849)
* Limit scope of the icon white overwrite (viewer#858)
* Fixes for naughty filenames (viewer#869)
Changelog:
1.4.17
Fix build with musl libc !2259 @ncopa
Fix typos !2260 @mfvescovi
Improving CI cache !2257 @antenore
Fix System Tray Icon Broken/Missing !2261 @antenore
VNC quality deafults now to good !2264 @antenore
Flatpak refactoring !2262 @antenore
Adding Gateway websocket support !2263 @antenore
Revert "Linking snap and flatpak to FreeRDP 2.3.1" !2265 @antenore
Set FreeRDP config path to Remmina profiles path !2266 @antenore
1.4.16
Fix Data PATH for the FreeRDP files bcf24360 @antenore
1.4.15
Fixing SSH plugin colour palette initialization. !2255 @antenore
1.4.14
[VNC] - Ignore remote Bell option and other fixes!2237 (merged) @antenore
Fixing color palette size for themed SSH !2253 (merged) @antenore
Bump FreeRDP version to 2.3.2 !2226 (merged) @antenore
Fixes search bar shortcuts wrong bahavior !2227 (merged) @antenore
Honour theme settings when run from command line !2251 (merged) @antenore
FTP UI improvements !2228 (merged) @antenore
Experimental VNC plugin using GTK-VNC !2248 (merged) @antenore
Config SSH tunnel username takes precedence. !2231 (merged) @matir
Allow groups to be expanded and collapsed by using the keyboard !2232 (merged) @xsmile
Fixing VNC repeater logic. !2243 (merged) @antenore
Send text clipboard content as keystrokes !2238 (merged) @antenore
scrolled viewport: explicitly recheck whether the timeout is active !2233 (merged) @cth451
Resolve Host+Page_Down triggers search text in SSH !2240 (merged) @antenore
UNIX sockets initial support !2250 (merged) @antenore
Fixed wrong freerdp_settings function use !2234 (merged) @akallabeth
Fixing RemminaConnectionWindow map/unmap events !2245 (merged) @antenore
Spelling: Comma-separated, List monitor IDs !2235 (merged) @kingu
Set Remmina specific FreeRDP config data folder !2236 (merged) @antenore
Optional port connection instead of server !2239 (merged) @kingu
Resolve "Use LZO compression for Snap to improve startup speed" !2241 (merged) @antenore
Make wayland not mandatory during compile time !2246 (merged) @antenore
Do not use alpha as it is not used for the Desktop !2247 (merged) @antenore
Refactoring: Deprecations and warnings !2249 (merged) @antenore
Removing unneeded widgets in the headerbar !2252 (merged) @antenore
Ellipsis 0.3.2
* Compatibility with next version of rlang.
* Changed license to MIT (#39).
----------------------------------------------------------------------
(pkgsrc changes)
- Add three of TEST_DEPENDS, and make test gives one WARNING
(upstream changes from: pkgconfig/inst/NEWS.markdown)
# 2.0.3
No user visible changes.
Create disposable R packages for testing. You can create, install and
load multiple R packages with a single function call, and then unload,
uninstall and destroy them with another function call. This is handy
when testing how some R code or an R package behaves with respect to
other packages.
Release 3.17.0 (19 Mar 2021)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.17.0 fixes a number of bugs and adds some functional changes: support for
GCC 11, Clang 11, DWARF5 debuginfo, the 'debuginfod' debuginfo server, and
some new instructions for Arm64, S390 and POWER. There are also some tool
updates.
This release supports X86/Linux, AMD64/Linux, ARM32/Linux, ARM64/Linux,
PPC32/Linux, PPC64BE/Linux, PPC64LE/Linux, S390X/Linux, MIPS32/Linux,
MIPS64/Linux, ARM/Android, ARM64/Android, MIPS32/Android, X86/Android,
X86/Solaris, AMD64/Solaris and AMD64/MacOSX 10.12. There is also preliminary
support for X86/macOS 10.13, AMD64/macOS 10.13 and nanoMIPS/Linux.
* ==================== CORE CHANGES ===================
* DWARF version 5 support. Valgrind can now read DWARF version 5 debuginfo as
produced by GCC 11.
* Valgrind now supports debuginfod, an HTTP server for distributing ELF/DWARF
debugging information. When a debuginfo file cannot be found locally,
Valgrind is able to query debuginfod servers for the file using its
build-id. See the user manual for more information about debuginfod support.
* ================== PLATFORM CHANGES =================
* arm64:
- Inaccuracies resulting from double-rounding in the simulation of
floating-point multiply-add/subtract instructions have been fixed. These
should now behave exactly as the hardware does.
- Partial support for the ARM v8.2 instruction set. v8.2 support work is
ongoing. Support for the half-word variants of at least the following
instructions has been added:
FABS <Hd>, <Hn>
FABS <Vd>.<T>, <Vn>.<T>
FNEG <Hd>, <Hn>
FNEG <Vd>.<T>, <Vn>.<T>
FSQRT <Hd>, <Hn>
FSQRT <Vd>.<T>, <Vn>.<T>
FADDP
* s390:
- Implement the new instructions/features that were added to z/Architecture
with the vector-enhancements facility 1. Also cover the instructions from
the vector-packed-decimal facility that are defined outside the chapter
"Vector Decimal Instructions", but not the ones from that chapter itself.
For a detailed list of newly supported instructions see the updates to
`docs/internals/s390-opcodes.csv'.
Since the miscellaneous instruction extensions facility 2 was already
added in Valgrind 3.16.0, this completes the support necessary to run
general programs built with `--march=z14' under Valgrind. The
vector-packed-decimal facility is currently not exploited by the standard
toolchain and libraries.
* ppc64:
- Various bug fixes. Fix for the sync field to limit setting just two of
the two bits in the L-field. Fix the write size for the stxsibx and
stxsihx instructions. Fix the modsw and modsd instructions.
- Partial support for ISA 3.1 has been added. Support for the VSX PCV mask
instructions, bfloat16 GER instructions, and bfloat16 to/from float 32-bit
conversion instructions are still missing.
* ==================== TOOL CHANGES ====================
* General tool changes
- All the tools and their vgpreload libraries are now installed under
libexec because they cannot be executed directly and should be run through
the valgrind executable. This should be an internal, not user visible,
change, but might impact valgrind packagers.
- The --track-fds option now respects -q, --quiet and won't output anything
if no file descriptors are leaked. It also won't report the standard stdin
(0), stdout (1) or stderr (2) descriptors as being leaked with
--trace-fds=yes anymore. To track whether the standard file descriptors
are still open at the end of the program run use --trace-fds=all.
* DHAT:
- DHAT has been extended, with two new modes of operation. The new
--mode=copy flag triggers copy profiling, which records calls to memcpy,
strcpy, and similar functions. The new --mode=ad-hoc flag triggers ad hoc
profiling, which records calls to the DHAT_AD_HOC_EVENT client request in
the new dhat/dhat.h file. This is useful for learning more about hot code
paths. See the user manual for more information about the new modes.
- Because of these changes, DHAT's file format has changed. DHAT output
files produced with earlier versions of DHAT will not work with this
version of DHAT's viewer, and DHAT output files produced with this version
of DHAT will not work with earlier versions of DHAT's viewer.
* ==================== FIXED BUGS ====================
The following bugs have been fixed or resolved. Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry. We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.
To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.
140178 open("/proc/self/exe", ...); doesn't quite work
140939 --track-fds reports leakage of stdout/in/err and doesn't respect -q
217695 malloc/calloc/realloc/memalign failure doesn't set errno to ENOMEM
338633 gdbserver_tests/nlcontrolc.vgtest hangs on arm64
345077 linux syscall execveat support (linux 3.19)
361770 Missing F_ADD_SEALS
369029 handle linux syscalls sched_getattr and sched_setattr
384729 __libc_freeres inhibits cross-platform valgrind
388787 Support for C++17 new/delete
391853 Makefile.all.am:L247 and @SOLARIS_UNDEF_LARGESOURCE@ being empty
396656 Warnings while reading debug info
397605 ioctl FICLONE mishandled
401416 Compile failure with openmpi 4.0
408663 Suppression file for musl libc
404076 s390x: z14 vector instructions not implemented
410743 shmat() calls for 32-bit programs fail when running in 64-bit valgrind
(actually affected all x86 and nanomips regardless of host bitness)
413547 regression test does not check for Arm 64 features.
414268 Enable AArch64 feature detection and decoding for v8.x instructions
415293 Incorrect call-graph tracking due to new _dl_runtime_resolve_xsave*
422174 unhandled instruction bytes: 0x48 0xE9 (REX prefixed JMP instruction)
422261 platform selection fails for unqualified client name
422623 epoll_ctl warns for uninitialized padding on non-amd64 64bit arches
423021 PPC: Add missing ISA 3.0 documentation link and HWCAPS test.
423195 PPC ISA 3.1 support is missing, part 1
423361 Adds io_uring support on arm64/aarch64 (and all other arches)
424012 crash with readv/writev having invalid but not NULL arg2 iovec
424298 amd64: Implement RDSEED
425232 PPC ISA 3.1 support is missing, part 2
425820 Failure to recognize vpcmpeqq as a dependency breaking idiom.
426014 arm64: implement fmadd and fmsub as Iop_MAdd/Sub
426123 PPC ISA 3.1 support is missing, part 3
426144 Fix "condition variable has not been initialized" on Fedora 33.
427400 PPC ISA 3.1 support is missing, part 4
427401 PPC ISA 3.1 support is missing, part 5
427404 PPC ISA 3.1 support is missing, part 6
427870 lmw, lswi and related PowerPC insns aren't allowed on ppc64le
427787 Support new faccessat2 linux syscall (439)
427969 debuginfo section duplicates a section in the main ELF file
428035 drd: Unbreak the musl build
428648 s390_emit_load_mem panics due to 20-bit offset for vector load
428716 cppcheck detects potential leak in VEX/useful/smchash.c
428909 helgrind: need to intercept duplicate libc definitions for Fedora 33
429352 PPC ISA 3.1 support is missing, part 7
429354 PPC ISA 3.1 support is missing, part 8
429692 unhandled ppc64le-linux syscall: 147 (getsid)
429864 s390x: C++ atomic test_and_set yields false-positive memcheck
diagnostics
429952 Errors when building regtest with clang
430354 ppc stxsibx and stxsihx instructions write too much data
430429 valgrind.h doesn't compile on s390x with clang
430485 expr_is_guardable doesn't handle Iex_Qop
431556 Complete arm64 FADDP v8.2 instruction support
432102 Add support for DWARF5 as produced by GCC11
432161 Addition of arm64 v8.2 FADDP, FNEG and FSQRT
432381 drd: Process STACK_REGISTER client requests
432552 [AArch64] invalid error emitted for pre-decremented byte/hword addresses
432672 vg_regtest: test-specific environment variables not reset between tests
432809 VEX should support REX.W + POPF
432861 PPC modsw and modsd give incorrect results for 1 mod 12
432870 gdbserver_tests:nlcontrolc hangs with newest glibc2.33 x86-64
432215 Add debuginfod functionality
433323 Use pkglibexecdir as vglibdir
433500 DRD regtest faulures when libstdc++ and libgcc debuginfo are installed
433629 valgrind/README has type "abd" instead of "and"
433641 Rust std::sys::unix::fs::try_statx Syscall param fstatat(file_name)
433898 arm64: Handle sp, lr, fp as DwReg in CfiExpr
434193 GCC 9+ inlined strcmp causes "Conditional jump or move [..] value" report
n-i-bz helgrind: If hg_cli__realloc fails, return NULL.
n-i-bz arm64 front end: avoid Memcheck false positives relating to CPUID
** Version 2.14.1 - 7 Nov 2017
* Bug Fixes
- Fixed a spelling error.
- Made relative path mode on Win32 to work.
** Version 2.14 - 12 Sep 2017
* New Features
- Optimizations to the fuzzy hashing engine. (hash generator can run as twice
as fast and comparison can run 1.5 through 5 times faster [heavily depends
on the data and platform] than the previous release)
* Bug Fixes
- Fixed issue when certain memory allocation is failed.
YARA v4.1.1
* BUGFIX: Accept the "+" character as valid in DLL names (#1501).
* BUGFIX: Buffer overrun in "macho" module.
* BUGFIX: Undefined behavior in Windows implementation of yr_filemap_xxx functions (#1302).
* BUGFIX: Crash due to consecutive jumps in hex strings (#1492).
The yara-python repository does not offer a corresponding release.
Since version 3.11.0:
YARA v4.1.0
* New operators icontains, endswith, iendswith, startswith, istartswith.
* Accept \t escape sequence in text strings.
* Add --no-follow-links command-line option to yara.
* Prevent yara from following links to "." (@1D2D).
* Implemented non-blocking scanning API (@simonhf).
* When a string causes too many matches, YARA raises a warning instead of failing (@wxsBSD).
* BUGFIX: The use of --timeout could hang yara when scanning directories or lists of files (#1481).
* BUGFIX: Incorrect parsing of PE certificates (#1443).
* BUGFIX: Short-circuit evaluation not working fine with undefined expressions.
YARA v4.1.0-rc2
* Don't raise warnings for non-ASCII strings.
YARA v4.1.0-rc1
* New operators icontains, endswith, iendswith, startswith, istartswith.
* Raise warnings for non-ascii strings.
* Accept \t escape sequence in text strings.
* Add --no-follow-links command-line option to yara.
* Prevent yara from following links to "." (@1D2D).
* Implemented non-blocking scanning API (@simonhf).
* When a string causes too many matches, YARA raises a warning instead of failing.
YARA v4.0.5
* BUGFIX: Fix bug in "macho" module introduced in v4.0.4.
YARA v4.0.4
* BUGFIX: Multiple out-of-bounds reads in "macho" module.
Credits to Luis Merino from X41 D-SEC GmbH for reporting these issues.
YARA v4.0.3
* BUGFIX: Multiple out-of-bounds read in "dotnet" module.
YARA v4.0.2
* BUGFIX: Use-after-free bug in PE module (#1287).
* BUGFIX: Incorrect errors in rules when a single rule is badly formatted (#1294).
* BUGFIX: Assertion failed with rules that have invalid syntax (#1295).
* BUGFIX: Integer overflow causing missed matches on files larger than 2GB (#1304).
* BUGFIX: Crashes in Mac OS while scanning binaries with a signature that can't be verified (#1309).
YARA v4.0.1
* Update sandboxed API (#1276).
* BUGFIX: Fix regression in exports parsing in PE module (2bf67e6).
* BUGFIX: Fix unaligned accesses in ARM (e1654ae).
YARA v4.0.0
* New string modifiers base64 and base64wide (#1185).
* New string modifier private (#1096).
* Iterators for dictionaries and arrays (#1141).
* Multiple API changes.
* Memory footprint greatly reduced, specially when compiling large numbers of rules.
* New commmand-line option --scan-list (#1261).
* Added pdb_path field to "pe" module.
* Added export_details array to "pe" module.
* Added exports_index functions to "pe" module.
* Improvements to "cuckoo" module.
* BUGFIX: PE files with multiple signatures are parsed correctly (#940).
* BUGFIX: Fix PE rich header parsing (#1164).
* BUGFIX: Buffer overruns in "dotnet" module (#1167, #1173).
