2.3.6
- MINOR: check: do not ignore a connection header for http-check send
- BUILD: ssl: fix typo in HAVE_SSL_CTX_ADD_SERVER_CUSTOM_EXT macro
- BUILD: ssl: guard SSL_CTX_add_server_custom_ext with special macro
- BUILD: ssl: guard SSL_CTX_set_msg_callback with SSL_CTRL_SET_MSG_CALLBACK macro
- BUG/MINOR: intops: fix mul32hi()'s off-by-one
- BUG/MINOR: http-ana: Don't increment HTTP error counter on internal errors
- BUG/MEDIUM: mux-h1: Always set CS_FL_EOI for response in MSG_DONE state
- BUG/MINOR: server: re-align state file fields number
- BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints()
- BUG/MINOR: backend: hold correctly lock when killing idle conn
- BUG/MINOR: server: Fix server-state-file-name directive
- CLEANUP: deinit: release global and per-proxy server-state variables on deinit
- BUG/MEDIUM: config: don't pick unset values from last defaults section
- BUG/MINOR: stats: revert the change on ST_CONVDONE
- BUG/MINOR: cfgparse: do not mention "addr:port" as supported on proxy lines
- BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL
- DOC: tune: explain the origin of block size for ssl.cachesize
- CLEANUP: channel: fix comment in ci_putblk.
- BUG/MINOR: server: Remove RMAINT from admin state when loading server state
- BUG/MINOR: session: atomically increment the tracked sessions counter
- BUG/MINOR: checks: properly handle wrapping time in __health_adjust()
- BUG/MEDIUM: checks: don't needlessly take the server lock in health_adjust()
- BUG/MINOR: sample: Always consider zero size string samples as unsafe
- BUILD: ssl: introduce fine guard for OpenSSL specific SCTL functions
- DOC: explain the relation between pool-low-conn and tune.idle-pool.shared
- BUG/MEDIUM: lists: Avoid an infinite loop in MT_LIST_TRY_ADDQ().
- BUG/MEDIUM: spoe: Resolve the sink if a SPOE logs in a ring buffer
- BUG/MINOR: http-rules: Always replace the response status on a return action
- BUG/MINOR: server: Init params before parsing a new server-state line
- BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line
- BUG/MEDIUM: mux-h1: Fix handling of responses to CONNECT other than 200-ok
- BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert"
- MINOR: Configure the `cpp` userdiff driver for *.[ch] in .gitattributes
- BUG/MINOR: sample: secure convs that accept base64 string and var name as args
- BUG/MEDIUM: vars: make functions vars_get_by_{name,desc} thread-safe
- BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop
- BUG/MEDIUM: cli/shutdown sessions: make it thread-safe
- BUG/MINOR: proxy: wake up all threads when sending the hard-stop signal
- BUG/MINOR: fd: properly wait for !running_mask in fd_set_running_excl()
- BUG/MINOR: resolvers: Fix condition to release received ARs if not assigned
- BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record
- BUG/MINOR: resolvers: new callback to properly handle SRV record errors
- BUG/MEDIUM: resolvers: Reset server address and port for obselete SRV records
- BUG/MEDIUM: resolvers: Reset address for unresolved servers
- BUG/MINOR: ssl: potential null pointer dereference in ckchs_dup()
- CLEANUP: muxes: Remove useless if condition in show_fd function
- BUG/MINOR: stats: fix compare of no-maint url suffix
- BUG/MINOR: mux-h1: Immediately report H1C errors from h1_snd_buf()
- BUG/MINOR: http-ana: Only consider dst address to process originalto option
- BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule
- BUG/MINOR: connection: Use the client's dst family for adressless servers
- BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1
- DOC: spoe: Add a note about fragmentation support in HAProxy
- BUG/MINOR: mux-h2: Fix typo in scheme adjustment
- BUG/MINOR: http-ana: Don't increment HTTP error counter on read error/timeout
Changes:
1.54.1
------
* Bug Fixes
* accounting: Fix --bwlimit when up or down is off (Nick Craig-Wood)
* docs
* Fix nesting of brackets and backticks in ftp docs (edwardxml)
* Fix broken link in sftp page (edwardxml)
* Fix typo in crypt.md (Romeo Kienzler)
* Changelog: Correct link to digitalis.io (Alex JOST)
* Replace #file-caching with #vfs-file-caching (Miron Veryanskiy)
* Convert bogus example link to code (edwardxml)
* Remove dead link from rc.md (edwardxml)
* rc: Sync,copy,move: document createEmptySrcDirs parameter (Nick Craig-Wood)
* lsjson: Fix unterminated JSON in the presence of errors (Nick Craig-Wood)
* Mount
* Fix mount dropping on macOS by setting --daemon-timeout 10m (Nick Craig-Wood)
* VFS
* Document simultaneous usage with the same cache shouldn't be used
(Nick Craig-Wood)
* B2
* Automatically raise upload cutoff to avoid spurious error (Nick Craig-Wood)
* Fix failed to create file system with application key limited to a prefix
(Nick Craig-Wood)
* Drive
* Refer to Shared Drives instead of Team Drives (Nick Craig-Wood)
* Dropbox
* Add scopes to oauth request and optionally "members.read" (Nick Craig-Wood)
* S3
* Fix failed to create file system with folder level permissions policy
(Nick Craig-Wood)
* Fix Wasabi HEAD requests returning stale data by using only 1 transport
(Nick Craig-Wood)
* Fix shared_credentials_file auth (Dmitry Chepurovskiy)
* Add --s3-no-head to reducing costs docs (Nick Craig-Wood)
* Union
* Fix mkdir at root with remote:/ (Nick Craig-Wood)
* Zoho
* Fix custom client id's (buengese)
Version 3.10.0
This will be the last major and minor version to support Python 2.7
The next non-patch release should be version 4.0.0.
New Features / Improvements
Add API.search_30_day and API.search_full_archive
Update allowed parameters for API.home_timeline
Add trim_user, exclude_replies, include_entities
Remove page as erroneously documented parameter
Reorder count to be the first parameter
Update allowed parameters for API.get_oembed
Add hide_thread, theme, link_color, widget_type, dnt
Remove id
Remove API.update_profile_background_image
Add support for Python 3.9
Switch from Travis CI to GitHub Actions to run tests and deploy releases
Update and improve various documentation
Bug Fixes
Use mimetypes.guess_type as fallback for determining image file type
Use proper MIME type in Content-Type header for uploaded images
Allow file parameter to be used again for API.media_upload
Allow file parameter to be used again for API.update_profile_banner, API.update_profile_image, and API.update_with_media
Fix User.lists, User.lists_memberships, and User.lists_subscriptions to retrieve information about the user in question rather than the authenticating user
Version 3.9.0
New Features / Improvements
Add API.create_media_metadata
Update allowed parameters for API.update_status
Add exclude_reply_user_ids, attachment_url, possibly_sensitive, trim_user, enable_dmcommands, fail_dmcommands, card_uri
Remove in_reply_to_status_id_str, source
Add allowed parameters to API.get_status
trim_user, include_my_retweet, include_entities, include_ext_alt_text, include_card_uri
Add allowed parameters to API.statuses_lookup
include_ext_alt_text, include_card_uri
Improve API.lookup_users
Improve and optimize API.statuses_lookup, API.create_media_metadata, API.update_status
Add reverse as allowed parameter for API.lists_all
Add count as allowed parameter for API.lists_memberships
Add count as allowed parameter for API.lists_subscriptions
Add include_entities as allowed parameter for API.list_timeline
Add allowed parameters to API.list_subscribers
count, include_entities, skip_status
Add support for Python 3.8
Update and improve setup.py
Use requests socks extra instead of requiring PySocks directly
Allow uploading of images with file names without extensions
Support uploading WebP images
Add missing attributes to Relationship model
Update max allowed size for uploaded GIFs
Add _json attribute to DirectMessage model
Update and improve tests
Add documentation for extended Tweets
Document API.lookup_users
Add documentation for running tests
Add Korean translation of documentation
Add Polish translation of documentation
Document API.lookup_friendships
Update and improve various documentation
Bug Fixes
Fix handling of invalid credentials for API.verify_credentials
Handle boolean value for API.verify_credentials include_email parameter
Allow Cursor to be used with API.list_direct_messages by adding DMCursorIterator
Version 3.8.0
New Features / Improvements
Allow streams to use daemon threads
Remove API.set_delivery_device
Remove simplejson import and usage
Allow cursor parameter for API.blocks_ids and API.mutes_ids
Drop support for Python 3.4
Allow perform_block parameter for API.report_spam
Add API.mutes
Allow count parameter for API.friends
Remove since, from, to, and source as allowed parameters for API.search
Handle location deletion and withheld content notices for streams
Allow usage of equality and difference operators with User objects
Add _json attribute to Category, Friendship, and List models
Remove API.suggested_categories, API.suggested_users, and API.suggested_users_tweets
Update and improve tests and cassettes
Update DirectMessage model
Replace API.direct_messages and API.sent_direct_messages with API.list_direct_messages
Update API.get_direct_message, API.send_direct_message, and API.destroy_direct_message
Update and improve various documentation
Bug Fixes
Exclude examples during installation
Properly initialize OAuthHandler.request_token
Properly handle map_ parameter for API.statuses_lookup
Support cursor pagination for API.blocks_ids and API.mutes_ids
Return values for API.update_profile_background_image and API.update_profile_banner
Replace usage of root logger
Close Requests sessions
Version 3.7.0
New Features / Improvements
Allow trim_user and exclude_replies as parameters for API.user_timeline
Allow tweet_mode parameter for API.statuses_lookup
Drop support for Python 2.6 and 3.3
Discord Server
Add proxy support for streams
Add API.create_mute, API.destroy_mute, and API.mutes_ids
Allow tweet_mode parameter for API.lookup_users
Bug Fixes
Fix AttributeError during streaming
Update how requirements are specified
Fix compatibility issue with Python 3.7
Version 3.6.0
New Features / Improvements
Parse Status.quoted_status as a Status object
Allow in_reply_to_status_id_str as a parameter for API.update_status and API.update_with_media
Add stall_warnings parameter to Stream.sample
Add API.unretweet
Allow auto_populate_reply_metadata as a parameter for API.update_status and API.update_with_media
Allow profile_link_color as a parameter for API.update_profile
Add support for Python 3.6
Bug Fixes
Update file size limit for API.media_upload
Fix JSONParser.parse returning None in certain cases
Include URL parameters when accessing cache
Properly re-raise exceptions during streaming
Fix AttributeError and TypeError during streaming
Properly encode filter_level for Stream.filter
version 0.6.10
-------------
* NETCONF call-home (RFC8071) support
* YANG 1.1 `action` support
* Nokia SR OS device handler support
* Removal of old ALU base-r13 API documentation
* Increased test coverage
* Variety of bugfixes and minor enhancements from a variety of contributors since 0.6.9 (see commit history)
* Thanks to all contributors!
version 0.6.9
-------------
* Resiolved breaking API change
tcpflow v1.6.1
Here is release v1.6.1. Does not use the new be13 API that is updated for C++17. That's coming.
Some problems with the checks, but they are problems with the test harness, not the tests themselves. Help from volunteers is appreciated!
Changelog:
Improvements:
Sockets to CPUs binding is no longer enabled by default but can be enabled via new configuration option 'server.socket-affinity'
Some documentation improvements
Bugfixes:
DNS queries without EDNS to the root zone apex are dropped in the XDP mode
Deterministic ECDSA signing leaks memory
Zone not stored to journal if zonefile-load isn't ZONEFILE_LOAD_WHOLE
Server crashes if the catalog zone isn't configured for registered member zones
Server crashes when loading conflicting catalog member zones
CNAME and DNAME records below delegation are not ignored #713
Not all udp/tcp workers are used if the number of NIC queues is lower than the number of udp/tcp workers
Failed to load statistics and geoip modules if built as shared
Changelog:
19 January 2021: Wouter
- Set branch ready for 4.3.5 release.
15 January 2021: Wouter
- Fix#152: '*' in Rdata causes the return code to be NOERROR instead
of NX.
- Add config.guess and config.sub to .gitignore for autoconf 2.70.
- Fix#150: TXT record validation difference with BIND.
- Fixup TXT record validation fix for escaped quotes.
- Fixup TXT record validation fix for escaped backslashes.
- Fixup escape character parse for quoted strings.
11 January 2021: Wouter
- Fix#151: DNAME not applied more than once to resolve the query.
- Fix dname test for #148.
- For #151: fix to not produce loops in output.
5 January 2021: Wouter
- Fix configure.ac for autoconf 2.70.
4 January 2021: Wouter
- Fix#148: CNAME need not be followed after a synthesized CNAME
for a CNAME query.
11 December 2020: Wouter
- Fix that nsd-control has timeout when connection is down.
- remove windows socket ifdefs from nsd-control.
3 December 2020: Wouter
- For #145: Fix that service of remaining TCP and TLS connections
does not allow new queries to be made, the connection is closed.
Only existing queries and zone transfers are answered, new ones
are rejected by a close of the channel.
30 November 2020: Wouter
- Fix#144: fix better.
27 November 2020: Wouter
- Fix#144: Typo fix in nsd.conf.5.in.
26 November 2020: Wouter
- Fix#143: xfrd no hysteresis with NOT IMPLEMENTED rcode.
Release v1.36.0
Core
Remove unnecessary internal pollset set in c-ares DNS resolver.
Fix implicit declaration error in zlib + macOS.
Support Default Root Certs in Tls Credentials.
C++
Move third party identity C++ api out of experimental namespace.
refactor!: change error_details functions to templates.
Support ServerContext for callback API.
Python
Implement Python Client and Server xDS Creds.
upstream changes:
-----------------
2.0.8 - 2021-02-25
==================
Broker:
- Fix incorrect datatypes in `struct mosquitto_evt_tick`. This changes the
size and offset of two of the members of this struct, and changes the size
of the struct. This is an ABI break, but is considered to be acceptable
because plugins should never be allocating their own instance of this
struct, and currently none of the struct members are used for anything, so a
plugin should not be accessing them. It would also be safe to read/write
from the existing struct parameters.
- Give compile time warning if libwebsockets compiled without external poll
support. Closes#2060.
- Fix memory tracking not being available on FreeBSD or macOS. Closes#2096.
Client library:
- Fix mosquitto_{pub|sub}_topic_check() functions not returning MOSQ_ERR_INVAL
on topic == NULL.
Clients:
- Fix possible loss of data in `mosquitto_pub -l` when sending multiple long
lines. Closes#2078.
Build:
- Provide a mechanism for Docker users to run a broker that doesn't use
authentication, without having to provide their own configuration file.
Closes#2040.
1.19.15
api-change:appflow: Update appflow command to latest version
api-change:ecr-public: Update ecr-public command to latest version
api-change:mediapackage-vod: Update mediapackage-vod command to latest version
api-change:compute-optimizer: Update compute-optimizer command to latest version
api-change🇪🇸 Update es command to latest version
1.19.14
api-change:glue: Update glue command to latest version
api-change:iotevents: Update iotevents command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:quicksight: Update quicksight command to latest version
api-change:redshift-data: Update redshift-data command to latest version
api-change:connect: Update connect command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:s3control: Update s3control command to latest version
1.19.13
api-change:sagemaker-runtime: Update sagemaker-runtime command to latest version
api-change:sagemaker: Update sagemaker command to latest version
1.19.12
api-change:rds: Update rds command to latest version
1.19.11
api-change:cloudformation: Update cloudformation command to latest version
api-change:codebuild: Update codebuild command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:health: Update health command to latest version
1.19.10
api-change:lookoutvision: Update lookoutvision command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:config: Update config command to latest version
1.19.9
api-change:devops-guru: Update devops-guru command to latest version
api-change:codebuild: Update codebuild command to latest version
1.19.8
api-change:medialive: Update medialive command to latest version
api-change:workmailmessageflow: Update workmailmessageflow command to latest version
api-change:mediatailor: Update mediatailor command to latest version
api-change:redshift-data: Update redshift-data command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:config: Update config command to latest version
api-change:lightsail: Update lightsail command to latest version
api-change:kinesis-video-archived-media: Update kinesis-video-archived-media command to latest version
1.19.7
api-change🕵️ Update detective command to latest version
api-change:personalize-events: Update personalize-events command to latest version
api-change:rds: Update rds command to latest version
api-change:appsync: Update appsync command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:elbv2: Update elbv2 command to latest version
api-change:eks: Update eks command to latest version
api-change:codepipeline: Update codepipeline command to latest version
api-change:wafv2: Update wafv2 command to latest version
api-change:iam: Update iam command to latest version
1.19.6
api-change:databrew: Update databrew command to latest version
api-change:rds: Update rds command to latest version
1.19.5
api-change:gamelift: Update gamelift command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:qldb-session: Update qldb-session command to latest version
api-change:quicksight: Update quicksight command to latest version
1.19.4
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:globalaccelerator: Update globalaccelerator command to latest version
api-change:ivs: Update ivs command to latest version
api-change:cloudtrail: Update cloudtrail command to latest version
api-change:elbv2: Update elbv2 command to latest version
api-change:dataexchange: Update dataexchange command to latest version
api-change:elasticache: Update elasticache command to latest version
1.19.3
api-change:elbv2: Update elbv2 command to latest version
api-change:macie: Update macie command to latest version
api-change:organizations: Update organizations command to latest version
1.19.2
api-change:emr-containers: Update emr-containers command to latest version
api-change:dlm: Update dlm command to latest version
api-change:quicksight: Update quicksight command to latest version
api-change:athena: Update athena command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:appflow: Update appflow command to latest version
1.19.1
api-change:lambda: Update lambda command to latest version
api-change:compute-optimizer: Update compute-optimizer command to latest version
api-change:securityhub: Update securityhub command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:workmail: Update workmail command to latest version
api-change:codebuild: Update codebuild command to latest version
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:ce: Update ce command to latest version
api-change:auditmanager: Update auditmanager command to latest version
api-change:databrew: Update databrew command to latest version
1.19.0
api-change:appmesh: Update appmesh command to latest version
api-change:organizations: Update organizations command to latest version
api-change:location: Update location command to latest version
api-change:route53: Update route53 command to latest version
feature:Python: Dropped support for Python 3.4 and 3.5
api-change:rds-data: Update rds-data command to latest version
api-change:s3control: Update s3control command to latest version
api-change:lookoutvision: Update lookoutvision command to latest version
api-change:application-autoscaling: Update application-autoscaling command to latest version
api-change:iotwireless: Update iotwireless command to latest version
api-change:medialive: Update medialive command to latest version
1.18.223
api-change:medialive: Update medialive command to latest version
api-change:connect: Update connect command to latest version
api-change:macie2: Update macie2 command to latest version
1.18.222
api-change:wellarchitected: Update wellarchitected command to latest version
api-change:databrew: Update databrew command to latest version
api-change:robomaker: Update robomaker command to latest version
api-change:iot: Update iot command to latest version
api-change:cloudwatch: Update cloudwatch command to latest version
api-change:managedblockchain: Update managedblockchain command to latest version
1.18.221
api-change:lightsail: Update lightsail command to latest version
api-change:accessanalyzer: Update accessanalyzer command to latest version
api-change:sesv2: Update sesv2 command to latest version
api-change:customer-profiles: Update customer-profiles command to latest version
api-change🇪🇸 Update es command to latest version
api-change:elasticache: Update elasticache command to latest version
1.18.220
api-change:backup: Update backup command to latest version
1.18.219
api-change:ec2: Update ec2 command to latest version
api-change:lexv2-runtime: Update lexv2-runtime command to latest version
api-change:ssm: Update ssm command to latest version
api-change:lexv2-models: Update lexv2-models command to latest version
api-change:redshift: Update redshift command to latest version
api-change:rds: Update rds command to latest version
api-change:greengrassv2: Update greengrassv2 command to latest version
1.18.218
api-change:kafka: Update kafka command to latest version
api-change:resourcegroupstaggingapi: Update resourcegroupstaggingapi command to latest version
enhancement:codeartifact: Added login support for NuGet client v4.9.4
api-change:securityhub: Update securityhub command to latest version
1.18.217
api-change:chime: Update chime command to latest version
api-change:acm-pca: Update acm-pca command to latest version
api-change:ecs: Update ecs command to latest version
1.18.216
api-change:sns: Update sns command to latest version
1.18.215
api-change:cognito-identity: Update cognito-identity command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:s3control: Update s3control command to latest version
1.17.15
api-change🇪🇸 [botocore] Update es client to latest version
api-change:mediapackage-vod: [botocore] Update mediapackage-vod client to latest version
api-change:appflow: [botocore] Update appflow client to latest version
api-change:ecr-public: [botocore] Update ecr-public client to latest version
api-change:compute-optimizer: [botocore] Update compute-optimizer client to latest version
1.17.14
api-change:glue: [botocore] Update glue client to latest version
api-change:redshift-data: [botocore] Update redshift-data client to latest version
api-change:s3control: [botocore] Update s3control client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:pinpoint: [botocore] Update pinpoint client to latest version
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:iotevents: [botocore] Update iotevents client to latest version
api-change:connect: [botocore] Update connect client to latest version
1.17.13
api-change:sagemaker-runtime: [botocore] Update sagemaker-runtime client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
1.17.12
api-change:rds: [botocore] Update rds client to latest version
1.17.11
api-change:health: [botocore] Update health client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
1.17.10
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:config: [botocore] Update config client to latest version
api-change:lookoutvision: [botocore] Update lookoutvision client to latest version
1.17.9
api-change:devops-guru: [botocore] Update devops-guru client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
1.17.8
api-change:lightsail: [botocore] Update lightsail client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:kinesis-video-archived-media: [botocore] Update kinesis-video-archived-media client to latest version
api-change:config: [botocore] Update config client to latest version
api-change:pinpoint: [botocore] Update pinpoint client to latest version
api-change:redshift-data: [botocore] Update redshift-data client to latest version
api-change:workmailmessageflow: [botocore] Update workmailmessageflow client to latest version
api-change:mediatailor: [botocore] Update mediatailor client to latest version
1.17.7
api-change:personalize-events: [botocore] Update personalize-events client to latest version
api-change:eks: [botocore] Update eks client to latest version
api-change:iam: [botocore] Update iam client to latest version
api-change:codepipeline: [botocore] Update codepipeline client to latest version
api-change🕵️ [botocore] Update detective client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:wafv2: [botocore] Update wafv2 client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:appsync: [botocore] Update appsync client to latest version
api-change:rds: [botocore] Update rds client to latest version
1.17.6
api-change:databrew: [botocore] Update databrew client to latest version
api-change:rds: [botocore] Update rds client to latest version
1.17.5
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:qldb-session: [botocore] Update qldb-session client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:gamelift: [botocore] Update gamelift client to latest version
1.17.4
api-change:dataexchange: [botocore] Update dataexchange client to latest version
api-change:cloudtrail: [botocore] Update cloudtrail client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:ivs: [botocore] Update ivs client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:globalaccelerator: [botocore] Update globalaccelerator client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
api-change:elasticache: [botocore] Update elasticache client to latest version
1.17.3
api-change:macie: [botocore] Update macie client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
1.17.2
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:appflow: [botocore] Update appflow client to latest version
api-change:emr-containers: [botocore] Update emr-containers client to latest version
api-change:dlm: [botocore] Update dlm client to latest version
api-change:athena: [botocore] Update athena client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.17.1
api-change:lambda: [botocore] Update lambda client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:ce: [botocore] Update ce client to latest version
api-change:databrew: [botocore] Update databrew client to latest version
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:workmail: [botocore] Update workmail client to latest version
api-change:auditmanager: [botocore] Update auditmanager client to latest version
api-change:compute-optimizer: [botocore] Update compute-optimizer client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
1.17.0
api-change:appmesh: [botocore] Update appmesh client to latest version
feature:Python: Dropped support for Python 3.4 and 3.5
api-change:application-autoscaling: [botocore] Update application-autoscaling client to latest version
api-change:lookoutvision: [botocore] Update lookoutvision client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
feature:Python: [botocore] Dropped support for Python 3.4 and 3.5
api-change:s3control: [botocore] Update s3control client to latest version
api-change:rds-data: [botocore] Update rds-data client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:route53: [botocore] Update route53 client to latest version
api-change:location: [botocore] Update location client to latest version
enhancement:s3: [botocore] Amazon S3 now supports AWS PrivateLink, providing direct access to S3 via a private endpoint within your virtual private network.
api-change:iotwireless: [botocore] Update iotwireless client to latest version
1.16.63
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:connect: [botocore] Update connect client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
1.16.62
api-change:wellarchitected: [botocore] Update wellarchitected client to latest version
api-change:managedblockchain: [botocore] Update managedblockchain client to latest version
api-change:cloudwatch: [botocore] Update cloudwatch client to latest version
api-change:databrew: [botocore] Update databrew client to latest version
bugfix:Validator: [botocore] Fix showing incorrect max-value in error message for range and length value validation
api-change:iot: [botocore] Update iot client to latest version
api-change:robomaker: [botocore] Update robomaker client to latest version
1.16.61
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:customer-profiles: [botocore] Update customer-profiles client to latest version
api-change:sesv2: [botocore] Update sesv2 client to latest version
api-change:accessanalyzer: [botocore] Update accessanalyzer client to latest version
api-change:lightsail: [botocore] Update lightsail client to latest version
api-change🇪🇸 [botocore] Update es client to latest version
1.16.60
api-change:backup: [botocore] Update backup client to latest version
1.16.59
api-change:greengrassv2: [botocore] Update greengrassv2 client to latest version
api-change:redshift: [botocore] Update redshift client to latest version
api-change:lexv2-runtime: [botocore] Update lexv2-runtime client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:lexv2-models: [botocore] Update lexv2-models client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
1.16.58
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:kafka: [botocore] Update kafka client to latest version
api-change:resourcegroupstaggingapi: [botocore] Update resourcegroupstaggingapi client to latest version
1.16.57
api-change:acm-pca: [botocore] Update acm-pca client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:ecs: [botocore] Update ecs client to latest version
1.16.56
api-change:sns: [botocore] Update sns client to latest version
1.16.55
api-change:pinpoint: [botocore] Update pinpoint client to latest version
api-change:cognito-identity: [botocore] Update cognito-identity client to latest version
api-change:s3control: [botocore] Update s3control client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
1.20.15
api-change🇪🇸 Update es client to latest version
api-change:mediapackage-vod: Update mediapackage-vod client to latest version
api-change:appflow: Update appflow client to latest version
api-change:ecr-public: Update ecr-public client to latest version
api-change:compute-optimizer: Update compute-optimizer client to latest version
1.20.14
api-change:glue: Update glue client to latest version
api-change:redshift-data: Update redshift-data client to latest version
api-change:s3control: Update s3control client to latest version
api-change:autoscaling: Update autoscaling client to latest version
api-change:pinpoint: Update pinpoint client to latest version
api-change:quicksight: Update quicksight client to latest version
api-change:iotevents: Update iotevents client to latest version
api-change:connect: Update connect client to latest version
1.20.13
api-change:sagemaker-runtime: Update sagemaker-runtime client to latest version
api-change:sagemaker: Update sagemaker client to latest version
1.20.12
api-change:rds: Update rds client to latest version
1.20.11
api-change:health: Update health client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:cloudformation: Update cloudformation client to latest version
api-change:codebuild: Update codebuild client to latest version
1.20.10
api-change:ec2: Update ec2 client to latest version
api-change:config: Update config client to latest version
api-change:lookoutvision: Update lookoutvision client to latest version
1.20.9
api-change:devops-guru: Update devops-guru client to latest version
api-change:codebuild: Update codebuild client to latest version
1.20.8
api-change:lightsail: Update lightsail client to latest version
api-change:medialive: Update medialive client to latest version
api-change:kinesis-video-archived-media: Update kinesis-video-archived-media client to latest version
api-change:config: Update config client to latest version
api-change:pinpoint: Update pinpoint client to latest version
api-change:redshift-data: Update redshift-data client to latest version
api-change:workmailmessageflow: Update workmailmessageflow client to latest version
api-change:mediatailor: Update mediatailor client to latest version
1.20.7
api-change:personalize-events: Update personalize-events client to latest version
api-change:eks: Update eks client to latest version
api-change:iam: Update iam client to latest version
api-change:codepipeline: Update codepipeline client to latest version
api-change🕵️ Update detective client to latest version
api-change:macie2: Update macie2 client to latest version
api-change:wafv2: Update wafv2 client to latest version
api-change:elbv2: Update elbv2 client to latest version
api-change:appsync: Update appsync client to latest version
api-change:rds: Update rds client to latest version
1.20.6
api-change:databrew: Update databrew client to latest version
api-change:rds: Update rds client to latest version
1.20.5
api-change:quicksight: Update quicksight client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:qldb-session: Update qldb-session client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:gamelift: Update gamelift client to latest version
1.20.4
api-change:dataexchange: Update dataexchange client to latest version
api-change:cloudtrail: Update cloudtrail client to latest version
api-change:elbv2: Update elbv2 client to latest version
api-change:ivs: Update ivs client to latest version
api-change:macie2: Update macie2 client to latest version
api-change:globalaccelerator: Update globalaccelerator client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
api-change:elasticache: Update elasticache client to latest version
1.20.3
api-change:macie: Update macie client to latest version
api-change:elbv2: Update elbv2 client to latest version
api-change:organizations: Update organizations client to latest version
1.20.2
api-change:quicksight: Update quicksight client to latest version
api-change:appflow: Update appflow client to latest version
api-change:emr-containers: Update emr-containers client to latest version
api-change:dlm: Update dlm client to latest version
api-change:athena: Update athena client to latest version
api-change:ec2: Update ec2 client to latest version
1.20.1
api-change:lambda: Update lambda client to latest version
api-change:codebuild: Update codebuild client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:ce: Update ce client to latest version
api-change:databrew: Update databrew client to latest version
api-change:securityhub: Update securityhub client to latest version
api-change:workmail: Update workmail client to latest version
api-change:auditmanager: Update auditmanager client to latest version
api-change:compute-optimizer: Update compute-optimizer client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
1.20.0
api-change:appmesh: Update appmesh client to latest version
api-change:application-autoscaling: Update application-autoscaling client to latest version
api-change:lookoutvision: Update lookoutvision client to latest version
api-change:organizations: Update organizations client to latest version
feature:Python: Dropped support for Python 3.4 and 3.5
api-change:s3control: Update s3control client to latest version
api-change:rds-data: Update rds-data client to latest version
api-change:medialive: Update medialive client to latest version
api-change:route53: Update route53 client to latest version
api-change:location: Update location client to latest version
enhancement:s3: Amazon S3 now supports AWS PrivateLink, providing direct access to S3 via a private endpoint within your virtual private network.
api-change:iotwireless: Update iotwireless client to latest version
1.19.63
api-change:macie2: Update macie2 client to latest version
api-change:connect: Update connect client to latest version
api-change:medialive: Update medialive client to latest version
1.19.62
api-change:wellarchitected: Update wellarchitected client to latest version
api-change:managedblockchain: Update managedblockchain client to latest version
api-change:cloudwatch: Update cloudwatch client to latest version
api-change:databrew: Update databrew client to latest version
bugfix:Validator: Fix showing incorrect max-value in error message for range and length value validation
api-change:iot: Update iot client to latest version
api-change:robomaker: Update robomaker client to latest version
1.19.61
api-change:elasticache: Update elasticache client to latest version
api-change:customer-profiles: Update customer-profiles client to latest version
api-change:sesv2: Update sesv2 client to latest version
api-change:accessanalyzer: Update accessanalyzer client to latest version
api-change:lightsail: Update lightsail client to latest version
api-change🇪🇸 Update es client to latest version
1.19.60
api-change:backup: Update backup client to latest version
1.19.59
api-change:greengrassv2: Update greengrassv2 client to latest version
api-change:redshift: Update redshift client to latest version
api-change:lexv2-runtime: Update lexv2-runtime client to latest version
api-change:rds: Update rds client to latest version
api-change:lexv2-models: Update lexv2-models client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ec2: Update ec2 client to latest version
1.19.58
api-change:securityhub: Update securityhub client to latest version
api-change:kafka: Update kafka client to latest version
api-change:resourcegroupstaggingapi: Update resourcegroupstaggingapi client to latest version
1.19.57
api-change:acm-pca: Update acm-pca client to latest version
api-change:chime: Update chime client to latest version
api-change:ecs: Update ecs client to latest version
1.19.56
api-change:sns: Update sns client to latest version
1.19.55
api-change:pinpoint: Update pinpoint client to latest version
api-change:cognito-identity: Update cognito-identity client to latest version
api-change:s3control: Update s3control client to latest version
api-change:sagemaker: Update sagemaker client to latest version
Version 2.5.1
* Fix auth-token not being updated if auth-nocache is set
* Remove auth_user_pass.wait_for_push variable
* Fix port-share option with TLS-Crypt v2
* Zero initialise msghdr prior to calling sendmesg
* Fix tls-auth mismatch OCC message when tls-cryptv2 is used.
* build: Fix missing install of man page in certain environments
* Fix too early argv freeing when registering DNS
* Remove 1 second delay before running netsh
* Skip DHCP renew with Wintun adapter
* Change travis build scripts to use https when fetching prerequisites.
* Fix line number reporting on config file errors after <inline> segments
* Clarify --block-ipv6 intent and direction.
* Document common uses of 'echo' directive, re-enable logging for 'echo'.
* Make OPENVPN_PLUGIN_ENABLE_PF failures FATAL
* clean up / rewrite sample-plugins/defer/simple.c
* Fix naming error in sample-plugins/defer/simple.c
* Documentation fixes around openvpn_plugin_func_v3 in openvpn-plugin.h.in
* Update openvpn_plugin_func_v2 to _v3 in sample-plugins/defer/simple.c
* More explicit versioning compatibility in sample-plugins/defer/simple.c
* Explain structver usage in sample defer plugin.
* Man page sections corrections
* Quote the domain name argument passed to the wmic command
* tls-crypt-v2: fix server memory leak
* tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key)
changes:
* DHCP: For anonymous, just use a generic ClientID
* link: Split hardware address randomisation out of anonymous option
* link: Only report hardware changes for active interfaces
* link: Report errors obtaining recv buffer size on overflow
* hooks: Add NOCARRIER_ROAMING reason
* hooks: interface_order now reflects priorities again
* Linux: SECCOMP fixes for privsep for various platforms
* Linux: Persist IP when wireless is roaming
XXX: why does this have so many patches?
--- 9.16.12 released ---
5578. [protocol] Make "check-names" accept A records below "_spf",
"_spf_rate", and "_spf_verify" labels in order to cater
for the "exists" SPF mechanism specified in RFC 7208
section 5.7 and appendix D.1. [GL #2377]
5577. [bug] Fix the "three is a crowd" key rollover bug in KASP by
correctly implementing Equation (2) of the "Flexible and
Robust Key Rollover" paper. [GL #2375]
5575. [bug] When migrating to KASP, BIND 9 considered keys with the
"Inactive" and/or "Delete" timing metadata to be
possible active keys. This has been fixed. [GL #2406]
5572. [bug] Address potential double free in generatexml().
[GL #2420]
5571. [bug] named failed to start when its configuration included a
zone with a non-builtin "allow-update" ACL attached.
[GL #2413]
5570. [bug] Improve performance of the DNSSEC verification code by
reducing the number of repeated calls to
dns_dnssec_keyfromrdata(). [GL #2073]
5569. [bug] Emit useful error message when "rndc retransfer" is
applied to a zone of inappropriate type. [GL #2342]
5568. [bug] Fixed a crash in "dnssec-keyfromlabel" when using ECDSA
keys. [GL #2178]
5567. [bug] Dig now reports unknown dash options while pre-parsing
the options. This prevents "-multi" instead of "+multi"
from reporting memory usage before ending option parsing
with "Invalid option: -lti". [GL #2403]
5566. [func] Add "stale-answer-client-timeout" option, which is the
amount of time a recursive resolver waits before
attempting to answer the query using stale data from
cache. [GL #2247]
5565. [func] The SONAMEs for BIND 9 libraries now include the current
BIND 9 version number, in an effort to tightly couple
internal libraries with a specific release. [GL #2387]
5562. [security] Fix off-by-one bug in ISC SPNEGO implementation.
(CVE-2020-8625) [GL #2354]
5561. [bug] KASP incorrectly set signature validity to the value of
the DNSKEY signature validity. This is now fixed.
[GL #2383]
5560. [func] The default value of "max-stale-ttl" has been changed
from 12 hours to 1 day and the default value of
"stale-answer-ttl" has been changed from 1 second to 30
seconds, following RFC 8767 recommendations. [GL #2248]
5456. [func] Added "primaries" as a synonym for "masters" in
named.conf, and "primary-only" as a synonym for
"master-only" in the parameters to "notify", to bring
terminology up-to-date with RFC 8499. [GL #1948]
5362. [func] Limit the size of IXFR responses so that AXFR will
be used instead if it would be smaller. This is
controlled by the "max-ixfr-ratio" option, which
is a percentage representing the ratio of IXFR size
to the size of the entire zone. This value cannot
exceed 100%, which is the default. [GL #1515]
- Fixed bug in tinydns formating NS records for IPv4 wrong
(IPv4-mapped IPv6).
- Added TLSA/DANE support for tinydns: '_' in data. Automatic name
synthesis.
- Included and added man pages. Added script add-tlsa.sh.
pkgsrc changes:
- Since this is derived from public-domain djbdns and no other license
is specified, set LICENSE-public-domain
- Bugfixes.
- Handshake timeout now also works with the libtls backend.
- The SNI server name is now exported after the handshake in the
SSL_TLS_SNI_SERVERNAME variable.
Changes in version 0.4.5.6 - 2021-02-15
The Tor 0.4.5.x release series is dedicated to the memory of Karsten
Loesing (1979-2020), Tor developer, cypherpunk, husband, and father.
Karsten is best known for creating the Tor metrics portal and leading
the metrics team, but he was involved in Tor from the early days. For
example, while he was still a student he invented and implemented the
v2 onion service directory design, and he also served as an ambassador
to the many German researchers working in the anonymity field. We
loved him and respected him for his patience, his consistency, and his
welcoming approach to growing our community.
This release series introduces significant improvements in relay IPv6
address discovery, a new "MetricsPort" mechanism for relay operators
to measure performance, LTTng support, build system improvements to
help when using Tor as a static library, and significant bugfixes
related to Windows relay performance. It also includes numerous
smaller features and bugfixes.
ncgopher is a gopher and gemini client for the modern internet. It uses
ncurses and is written in Rust.
Features:
-Gopher and gemini support
-Ncurses interface
-Keyboard commands for navigation
-Bookmarks support including custom title
-History of visited gopher holes
-Download of text files and gophermaps
-Download of binary files
-Menu for easy configuration
-Mouse support in some terminals
-TLS support
-Darkmode!
-Common search providers in search menu for quick access
-External commands for HTML, images and Telnet
2.5.5 (2021-02-05)
* #256 Use libev 4.33, featuring experimental io_uring
support. (@jcmfernandes)
* #260 Workaround for ARM-based macOS Ruby: Use pure Ruby for M1, since
the native extension is crashing on M1 (arm64). (@jasl)
* #252 JRuby: Fix javac -Xlint warnings (@headius)
Changes:
1.54.0
------
* New backends
* Compression remote (experimental) (buengese)
* Enterprise File Fabric (Nick Craig-Wood)
* This work was sponsored by [Storage Made Easy](https://storagemadeeasy.com/)
* HDFS (Hadoop Distributed File System) (Yury Stankevich)
* Zoho workdrive (buengese)
* New Features
* Deglobalise the config (Nick Craig-Wood)
* Global config now read from the context
* This will enable passing of global config via the rc
* This work was sponsored by [Digitalis](digitalis.io)
* Add `--bwlimit` for upload and download (Nick Craig-Wood)
* Obey bwlimit in http Transport for better limiting
* Enhance systemd integration (Hekmon)
* log level identification, manual activation with flag, automatic systemd launch detection
* Don't compile systemd log integration for non unix systems (Benjamin Gustin)
* Add a `--download` flag to md5sum/sha1sum/hashsum to force rclone to download and hash files locally (lostheli)
* Add `--progress-terminal-title` to print ETA to terminal title (LaSombra)
* Make backend env vars show in help as the defaults for backend flags (Nick Craig-Wood)
* build
* Raise minimum go version to go1.12 (Nick Craig-Wood)
* dedupe
* Add `--by-hash` to dedupe on content hash not file name (Nick Craig-Wood)
* Add `--dedupe-mode list` to just list dupes, changing nothing (Nick Craig-Wood)
* Add warning if used on a remote which can't have duplicate names (Nick Craig-Wood)
* fs
* Add Shutdown optional method for backends (Nick Craig-Wood)
* When using `--files-from` check files concurrently (zhucan)
* Accumulate stats when using `--dry-run` (Ingo Weiss)
* Always show stats when using `--dry-run` or `--interactive` (Nick Craig-Wood)
* Add support for flag `--no-console` on windows to hide the console window (albertony)
* genautocomplete: Add support to output to stdout (Ingo)
* ncdu
* Highlight read errors instead of aborting (Claudio Bantaloukas)
* Add sort by average size in directory (Adam Plánský)
* Add toggle option for average s3ize in directory - key 'a' (Adam Plánský)
* Add empty folder flag into ncdu browser (Adam Plánský)
* Add `!` (errror) and `.` (unreadable) file flags to go with `e` (empty) (Nick Craig-Wood)
* obscure: Make `rclone osbcure -` ignore newline at end of line (Nick Craig-Wood)
* operations
* Add logs when need to upload files to set mod times (Nick Craig-Wood)
* Move and copy log name of the destination object in verbose (Adam Plánský)
* Add size if known to skipped items and JSON log (Nick Craig-Wood)
* rc
* Prefer actual listener address if using ":port" or "addr:0" only (Nick Craig-Wood)
* Add listener for finished jobs (Aleksandar Jankovic)
* serve ftp: Add options to enable TLS (Deepak Sah)
* serve http/webdav: Redirect requests to the base url without the / (Nick Craig-Wood)
* serve restic: Implement object cache (Nick Craig-Wood)
* stats: Add counter for deleted directories (Nick Craig-Wood)
* sync: Only print "There was nothing to transfer" if no errors (Nick Craig-Wood)
* webui
* Prompt user for updating webui if an update is available (Chaitanya Bankanhal)
* Fix plugins initialization (negative0)
* Bug Fixes
* fs
* Fix nil pointer on copy & move operations directly to remote (Anagh Kumar Baranwal)
* Fix parsing of .. when joining remotes (Nick Craig-Wood)
* log: Fix enabling systemd logging when using `--log-file` (Nick Craig-Wood)
* check
* Make the error count match up in the log message (Nick Craig-Wood)
* move: Fix data loss when source and destination are the same object (Nick Craig-Wood)
* operations
* Fix `--cutof-mode` hard not cutting off immediately (Nick Craig-Wood)
* Fix `--immutable` error message (Nick Craig-Wood)
* sync
* Fix `--cutoff-mode` soft & cautious so it doesn't end the transfer early (Nick Craig-Wood)
* Fix `--immutable` errors retrying many times (Nick Craig-Wood)
* Docs
* Many fixes and a rewrite of the filtering docs (edwardxml)
* Many spelling and grammar fixes (Josh Soref)
* Doc fixes for commands delete, purge, rmdir, rmdirs and mount (albertony)
* And thanks to these people for many doc fixes too numerous to list
* Ameer Dawood, Antoine GIRARD, Bob Bagwill, Christopher Stewart
* CokeMine, David, Dov Murik, Durval Menezes, Evan Harris, gtorelly
* Ilyess Bachiri, Janne Johansson, Kerry Su, Marcin Zelent,
* Martin Michlmayr, Milly, Sơn Trần-Nguyễn
* Mount
* Update systemd status with cache stats (Hekmon)
* Disable bazil/fuse based mount on macOS (Nick Craig-Wood)
* Make `rclone mount` actually run `rclone cmount` under macOS (Nick Craig-Wood)
* Implement mknod to make NFS file creation work (Nick Craig-Wood)
* Make sure we don't call umount more than once (Nick Craig-Wood)
* More user friendly mounting as network drive on windows (albertony)
* Detect if uid or gid are set in same option string: -o uid=123,gid=456 (albertony)
* Don't attempt to unmount if fs has been destroyed already (Nick Craig-Wood)
* VFS
* Fix virtual entries causing deleted files to still appear (Nick Craig-Wood)
* Fix "file already exists" error for stale cache files (Nick Craig-Wood)
* Fix file leaks with `--vfs-cache-mode` full and `--buffer-size 0` (Nick Craig-Wood)
* Fix invalid cache path on windows when using :backend: as remote (albertony)
* Local
* Continue listing files/folders when a circular symlink is detected (Manish Gupta)
* New flag `--local-zero-size-links` to fix sync on some virtual filesystems (Riccardo Iaconelli)
* Azure Blob
* Add support for service principals (James Lim)
* Add support for managed identities (Brad Ackerman)
* Add examples for access tier (Bob Pusateri)
* Utilize the streaming capabilities from the SDK for multipart uploads (Denis Neuling)
* Fix setting of mime types (Nick Craig-Wood)
* Fix crash when listing outside a SAS URL's root (Nick Craig-Wood)
* Delete archive tier blobs before update if `--azureblob-archive-tier-delete` (Nick Craig-Wood)
* Fix crash on startup (Nick Craig-Wood)
* Fix memory usage by upgrading the SDK to v0.13.0 and implementing a TransferManager (Nick Craig-Wood)
* Require go1.14+ to compile due to SDK changes (Nick Craig-Wood)
* B2
* Make NewObject use less expensive API calls (Nick Craig-Wood)
* This will improve `--files-from` and `restic serve` in particular
* Fixed crash on an empty file name (lluuaapp)
* Box
* Fix NewObject for files that differ in case (Nick Craig-Wood)
* Fix finding directories in a case insentive way (Nick Craig-Wood)
* Chunker
* Skip long local hashing, hash in-transit (fixes) (Ivan Andreev)
* Set Features ReadMimeType to false as Object.MimeType not supported (Nick Craig-Wood)
* Fix case-insensitive NewObject, test metadata detection (Ivan Andreev)
* Drive
* Implement `rclone backend copyid` command for copying files by ID (Nick Craig-Wood)
* Added flag `--drive-stop-on-download-limit` to stop transfers when the download limit is exceeded (Anagh Kumar Baranwal)
* Implement CleanUp workaround for team drives (buengese)
* Allow shortcut resolution and creation to be retried (Nick Craig-Wood)
* Log that emptying the trash can take some time (Nick Craig-Wood)
* Add xdg office icons to xdg desktop files (Pau Rodriguez-Estivill)
* Dropbox
* Add support for viewing shared files and folders (buengese)
* Enable short lived access tokens (Nick Craig-Wood)
* Implement IDer on Objects so `rclone lsf` etc can read the IDs (buengese)
* Set Features ReadMimeType to false as Object.MimeType not supported (Nick Craig-Wood)
* Make malformed_path errors from too long files not retriable (Nick Craig-Wood)
* Test file name length before upload to fix upload loop (Nick Craig-Wood)
* Fichier
* Set Features ReadMimeType to true as Object.MimeType is supported (Nick Craig-Wood)
* FTP
* Add `--ftp-disable-msld` option to ignore MLSD for really old servers (Nick Craig-Wood)
* Make `--tpslimit apply` (Nick Craig-Wood)
* Google Cloud Storage
* Storage class object header support (Laurens Janssen)
* Fix anonymous client to use rclone's HTTP client (Nick Craig-Wood)
* Fix `Entry doesn't belong in directory "" (same as directory) - ignoring` (Nick Craig-Wood)
* Googlephotos
* New flag `--gphotos-include-archived` to show archived photos as well (Nicolas Rueff)
* Jottacloud
* Don't erroneously report support for writing mime types (buengese)
* Add support for Telia Cloud (Patrik Nordlén)
* Mailru
* Accept special folders eg camera-upload (Ivan Andreev)
* Avoid prehashing of large local files (Ivan Andreev)
* Fix uploads after recent changes on server (Ivan Andreev)
* Fix range requests after June 2020 changes on server (Ivan Andreev)
* Fix invalid timestamp on corrupted files (fixes) (Ivan Andreev)
* Remove deprecated protocol quirks (Ivan Andreev)
* Memory
* Fix setting of mime types (Nick Craig-Wood)
* Onedrive
* Add support for China region operated by 21vianet and other regional suppliers (NyaMisty)
* Warn on gateway timeout errors (Nick Craig-Wood)
* Fall back to normal copy if server-side copy unavailable (Alex Chen)
* Fix server-side copy completely disabled on OneDrive for Business (Cnly)
* (business only) workaround to replace existing file on server-side copy (Alex Chen)
* Enhance link creation with expiry, scope, type and password (Nick Craig-Wood)
* Remove % and # from the set of encoded characters (Alex Chen)
* Support addressing site by server-relative URL (kice)
* Opendrive
* Fix finding directories in a case insensitive way (Nick Craig-Wood)
* Pcloud
* Fix setting of mime types (Nick Craig-Wood)
* Premiumizeme
* Fix finding directories in a case insensitive way (Nick Craig-Wood)
* Qingstor
* Fix error propagation in CleanUp (Nick Craig-Wood)
* Fix rclone cleanup (Nick Craig-Wood)
* S3
* Added `--s3-disable-http2` to disable http/2 (Anagh Kumar Baranwal)
* Complete SSE-C implementation (Nick Craig-Wood)
* Fix hashes on small files with AWS:KMS and SSE-C (Nick Craig-Wood)
* Add MD5 metadata to objects uploaded with SSE-AWS/SSE-C (Nick Craig-Wood)
* Add `--s3-no-head parameter` to minimise transactions on upload (Nick Craig-Wood)
* Update docs with a Reducing Costs section (Nick Craig-Wood)
* Added error handling for error code 429 indicating too many requests (Anagh Kumar Baranwal)
* Add requester pays option (kelv)
* Fix copy multipart with v2 auth failing with 'SignatureDoesNotMatch' (Louis Koo)
* SFTP
* Allow cert based auth via optional pubkey (Stephen Harris)
* Allow user to optionally check server hosts key to add security (Stephen Harris)
* Defer asking for user passwords until the SSH connection succeeds (Stephen Harris)
* Remember entered password in AskPass mode (Stephen Harris)
* Implement Shutdown method (Nick Craig-Wood)
* Implement keyboard interactive authentication (Nick Craig-Wood)
* Make `--tpslimit` apply (Nick Craig-Wood)
* Implement `--sftp-use-fstat` for unusual SFTP servers (Nick Craig-Wood)
* Sugarsync
* Fix NewObject for files that differ in case (Nick Craig-Wood)
* Fix finding directories in a case insentive way (Nick Craig-Wood)
* Swift
* Fix deletion of parts of Static Large Object (SLO) (Nguyễn Hữu Luân)
* Ensure partially uploaded large files are uploaded unless `--swift-leave-parts-on-error` (Nguyễn Hữu Luân)
* Tardigrade
* Upgrade to uplink v1.4.1 (Caleb Case)
* WebDAV
* Updated docs to show streaming to nextcloud is working (Durval Menezes)
* Yandex
* Set Features WriteMimeType to false as Yandex ignores mime types (Nick Craig-Wood)
KD Soap is a Qt-based client-side and server-side SOAP component.
It can be used to create client applications for web services and also provides
the means to create web services without the need for any further component such
as a dedicated web server.
adns (1.6.0) UPSTREAM; urgency=medium
Bugfixes:
* adnshost: Support --reverse in -f mode input stream
* timeout robustness against clock skew: track query start time and
duration. Clock instability may now only cause spurious timeouts
rather than indefinite hangs or even assertion failures.
New features:
* adnshost: Offer ability to set adns checkc flags
* adnslogres: Honour --checkc-freq (if it comes first)
* adnsresfilter: Honour --checkc-freq and --checkc-entex
* time handling: Support use of CLOCK_MONOTONIC via an init flag.
* adns_str* etc.: Improve robustness; more allowable inputs values.
Build system improvements:
* clean targets: Delete $(TARGETS) too!
* Remove all m4 output files from the distributed source tree.
* Support DESTDIR=/some/absolute/path on `make install'.
* Provide autogen.sh.
* Rerun autoheader and autoconf (2.69).
Internal changes:
* adnshost: adh-opts.c: Whitespace adjustments to option table
Tests:
* New tests for fixes in 1.5.3.
* Fixes to test harness to avoid false positives during fuzzing.
* Other changes to support use with AFL.
* Many supporting improvements and refactorings.
* Fix skipped tests ($$ reference in Makefile)
-- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 11 Jun 2020 15:49:39 +0100
adns (1.5.2) UPSTREAM; urgency=medium
* Important security fixes:
CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109:
Vulnerable applications: all adns callers.
Exploitable by: the local recursive resolver.
Likely worst case: Remote code execution.
CVE-2017-9106:
Vulnerable applications: those that make SOA queries.
Exploitable by: upstream DNS data sources.
Likely worst case: DoS (crash of the adns-using application)
CVE-2017-9107:
Vulnerable applications: those that use adns_qf_quoteok_query.
Exploitable by: sources of query domain names.
Likely worst case: DoS (crash of the adns-using application)
CVE-2017-9108:
Vulnerable applications: adnshost.
Exploitable by: code responsible for framing the input.
Likely worst case: DoS (adnshost crashes at EOF).
All found by AFL 2.35b. Thanks to the University of Cambridge
Department of Applied Mathematics for computing facilities.
Bugfixes:
* Do not include spurious external symbol `data' (fixes GCC10 build).
* If server sends TC flag over TCP, bail rather than retrying.
* Do not crash on certain strange resolv.conf contents.
* Fix various crashes if a global system failure occurs, or
adns_finish is called with outstanding queries.
* Correct a parsing error message very slightly.
* DNS packet parsing: Slight fix when packet is truncated.
* Fix ABI compatibility in string conversion of certain RR types.
* internal.h: Use `unsigned' for nextid; fixes theoretical C UB.
Portability fix:
* common.make.in: add -Wno-unused-value. Fixes build with GCC9.
Internal changes:
* Additional comments describing some internal code restrions.
* Robustness assert() against malfunctioning write() system call.
-- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 11 Jun 2020 15:48:12 +0100
Packaged for wip by Edgar Fuß.
Nagios plugin to check various hardware environmental sensors, like power
supply's, fans, cards, modules etc. Cisco, Nokia, BlueCoat, IronPort, Foundry,
Linux, Extreme, Juniper, HP ProCurve, NetScreen, Citrix and Transmode.
Supported Checks:
cisco Cisco Systems: Fan, power-supply, voltage, temperature
ciscoSW Cisco Systems: Card and module status check
ciscoNEW Cisco Systems: Sensor check for devices that have the
CISCO-ENTITY-SENSOR-MIB
nokia Nokia IP: Fan, power-supply
bc Blue Coat Systems: Fan, power-supply, voltage, disk
iron IronPort: Fan, power-supply, temperature
foundry Foundry Network: power supply, temperature
linux lm-sensors: Fan, voltage, temperature, misc
extremeSW Extreme Networks: Slot, power-supply, fan, temperature
juniper Juniper Networks: Component status check
procurve HP ProCurve: Fan, power-supply, temperature
netscreen NetScreen: Slot, fan, power-supply
citrix Citrix NetScaler: Fan, voltage, temperture, HA state, SSL engine
transmode Transmode Systems: Check alarm table that is not deactivated and
not acknowledged
2.3.5
- BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable
- MINOR: config: Add failifnotcap() to emit an alert on proxy capabilities
- MINOR: server: Forbid server definitions in frontend sections
- BUG/MINOR: threads: Fixes the number of possible cpus report for Mac.
- MINOR: peers: Add traces for peer control messages.
- BUG/MINOR: dns: SRV records ignores duplicated AR records (v2)
- BUILD: peers: fix build warning about unused variable
- BUG/MEDIUM: stats: add missing INF_BUILD_INFO definition
- BUG/MINOR: peers: Possible appctx pointer dereference.
- MINOR: build: discard echoing in help target
- BUG/MINOR: peers: Wrong "new_conn" value for "show peers" CLI command.
- BUG/MINOR: mux_h2: missing space between "st" and ".flg" in the "show fd" helper
- BUG/MINOR: mworker: define _GNU_SOURCE for strsignal()
- BUG/MEDIUM: tcpcheck: Don't destroy connection in the wake callback context
- BUG/MEDIUM: mux-h2: fix read0 handling on partial frames
- BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX
- DOC: Improve documentation of the various hdr() fetches
- BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is unknown
- BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name
- BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file()
- BUG/MEDIUM: session: only retrieve ready idle conn from session
- REORG: backend: simplify conn_backend_get
- BUG/MEDIUM: backend: never reuse a connection for tcp mode
- BUG/MINOR: backend: check available list allocation for reuse
- MINOR: contrib: Make the wireshark peers dissector compile for more distribs.
- CLEANUP: tools: make resolve_sym_name() take a const pointer
- CLEANUP: cli: make "show fd" use a const connection to access other fields
- MINOR: cli: make "show fd" also report the xprt and xprt_ctx
- MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps.
- MINOR: ssl: provide a "show fd" helper to report important SSL information
- MINOR: xprt/mux: export all *_io_cb functions so that "show fd" resolves them
- MINOR: mux-h2: make the "show fd" helper also decode the h2s subscriber when known
- MINOR: mux-h1: make the "show fd" helper also decode the h1s subscriber when known
- MINOR: mux-fcgi: make the "show fd" helper also decode the fstrm subscriber when known
- MINOR: cli: give the show_fd helpers the ability to report a suspicious entry
- MINOR: cli/show_fd: report some easily detectable suspicious states
- MINOR: ssl/show_fd: report some FDs as suspicious when possible
- MINOR: mux-h2/show_fd: report as suspicious an entry with too many calls
- MINOR: mux-h1/show_fd: report as suspicious an entry with too many calls
- MINOR: h1: Raise the chunk size limit up to (2^52 - 1)
- DOC: management: fix "show resolvers" alphabetical ordering
- BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list
- BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store
- BUG/MEDIUM: ssl: check a connection's status before computing a handshake
- BUG/MINOR: mux_h2: fix incorrect stat titles
- BUG/MINOR: xxhash: make sure armv6 uses memcpy()
- BUG/MINOR: ssl: do not try to use early data if not configured
- BUILD: ssl: fix build breakage with last commit
- MINOR: cli/show_fd: report local and report ports when known
- BUILD: Makefile: move REGTESTST_TYPE default setting
- BUG/MEDIUM: mux-h2: handle remaining read0 cases
- BUG/MEDIUM: mux-h2: do not quit the demux loop before setting END_REACHED
- BUG/MINOR: sock: Unclosed fd in case of connection allocation failure
- MINOR: config: Deprecate and ignore tune.chksize global option
Pkgsrc changes:
* none, other than checksums.
Upstream changes:
This release contains a number of bug fixes. There is added support
for the EDNS Padding option (RFC7830 and RFC8467), and the EDNS NSID
option (RFC 5001). Unbound control has added commands to enable and
disable rpz processing. Reply callbacks have a start time passed to
them that can be used to calculate time, these are callbacks for
response processing. With the option serve-original-ttl the TTL served
in responses is the original, not counted down, value, for when in
front of authority service.
Features
- Merge PR #375 by fhriley: Add rpz_enable and rpz_disable commands
to unbound-control.
- Merge PR #391 from fhriley: Add start_time to reply callbacks so
modules can compute the response time.
- Fix#397: [Feature request] add new type always_null to local-zone
similar to always_nxdomain.
- Support for RFC5001: DNS Name Server Identifier (NSID) Option
with the nsid: option in unbound.conf
- Padding of queries and responses with DNS over TLS as specified in
RFC7830 and RFC8467.
- Merge PR #275 from Roland van Rijswijk-Deij: Add feature to return the
original instead of a decrementing TTL ('serve-original-ttl')
Bug Fixes
- Fix#358: Squelch udp connect 'no route to host' errors on low
verbosity.
- Fix#360: for the additionally reported TCP Fast Open makes TCP
connections fail, in that case we print a hint that this is
happening with the error in the logs.
- Fix#356: deadlock when listening tcp.
- Fix unbound-dnstap-socket to not use log routine from interrupt
handler and not print so frequently when invoked in sequence.
- Fix on windows to ignore connection failure on UDP, unless verbose.
- make depend.
- Fix#371: unbound-control timeout when Unbound is not running.
- Fix to squelch permission denied and other errors from remote host,
they are logged at higher verbosity but not on low verbosity.
- Merge PR #335 from fobser: Sprinkle in some static to prevent
missing prototype warnings.
- Merge PR #373 from fobser: Warning: arithmetic on a pointer to void
is a GNU extension.
- Fix missing prototypes in the code.
- Fix error cases when udp-connect is set and send() returns an error
(modified patch from Xin Li @delphij).
- For #376: Fix that comm point event is not double removed or double
added to event map.
- iana portlist updated.
- Fix#385: autoconf 2.70 impacts unbound build
- Fix#379: zone loading over HTTP appears to have buffer issues.
- Merge PR #395 from mptre: add missing null check.
- Fix#387: client-subnet-always-forward seems to effectively bypass
any caching?
- For #391: use struct timeval* start_time for callback information.
- For #391: fix indentation.
- For #391: more double casts in python start time calculation.
- Add comment documentation.
- Fix clang analysis warning.
- Fix so local zone types always_nodata and always_deny can be used
from the config file.
- Merge #399 from xiangbao227: The lock of lruhash table should
unlocked after markdel entry.
- Fix for #93: dynlibmodule link fix for Windows.
- Fix for #93: dynlibmodule import library is named libunbound.dll.a.
- Merge #402 from fobser: Implement IPv4-Embedded addresses according
to RFC6052.
- Fix#404: DNS query with small edns bufsize fail.
- Fix declaration before statement and signed comparison warning in
dns64.
- Fix TTL of SOA record for negative answers (localzone and
authzone data) to be the minimum of the SOA TTL and the SOA.MINIMUM.
- Fix compile of unbound-dnstap-socket without dnstap installed.
- Merge PR #355 from noloader: Make ICANN Update CA and DS Trust Anchor
static data.
- Ignore cache blacklisting when trying to reply with expired data from
cache (#394).
- Merge PR #408 from fobser: Prevent a few more yacc clashes.
- Annotate that we ignore the return value of if_indextoname.
- Fix to use correct type for label count in rpz routine.
- Fix empty clause warning in config_file nsid parse.
- Fix to use correct type for label count in ipdnametoaddr rpz routine.
- Fix empty clause warning in edns pass for padding.
- Fix for doxygen 1.8.20 compatibility.
- Attempt to fix NULL keys in the reuse_tcp tree; relates to #411.
- Fix dynlibmod link on rhel8 for -ldl inclusion.
- Fix windows dependency on libssp.dll because of default stack
protector in mingw.
- Fix indentation of root anchor for use by windows install script.
StatZone 1.0.5 (2021-02-08)
- Stop forcing FORTIFY_SOURCE level 2, it should be package builders decision
- Remove hardcoded program name in the manual page
- Rename displayUsage() and displaySummary() to usage() and summary()
- Get rid of most global variables, move all declarations to main()
- Remove dead increments for argc and argv
- Refactor things to check earlier on if *lineBuffer is not NUL
- Refactor the domain comparison checks, allows removing strdup("") call
- Add an error() function to wrap errx() calls
- Check malloc() and strdup() return value and error out on failed allocations
- Group and initialize uthash struct declarations
- Free previous_domain to appease Clang's static analyzer
* Released: 8th of February 2021
* Improvements:
- debian packaging update
- dockerfiles: do not claim equivs-dummy is built from the pdns source
package
- Fix missing #include for gcc-11
- lmdb: Do a mdb_readers_check to clean up stale readers on database load
* Bug Fixes:
- fix TCP answer counters
- run deleteDomain() inside a transaction
- lmdb: do not reuse backend that has seen corrupted data
- lmdb: serialise LMDBBackend construction to ensure only a single schema
upgrade is attempted
- backport some asan/ubsan fixes
- pdnsutil edit-zone: do not exit on ZoneParser exception
Full changelog:
https://doc.powerdns.com/authoritative/changelog/4.4.html#change-4.4.1
Changes:
3.27.0
======
FEATURES:
---------
New Data Source: aws_cloudfront_origin_request_policy (#17342)
New Resource: aws_ec2_transit_gateway_prefix_list_reference (#16823)
New Resource: aws_route53_key_signing_key (#16840)
New Resource: aws_cloudfront_origin_request_policy (#17342)
ENHANCEMENTS:
-------------
data-source/resource_aws_lb_target_group: Add protocol_version attribute (#17260)
data-source/aws_subnet: Add customer_owned_ipv4_pool and map_customer_owned_ip_on_launch attributes (#16676)
resource/aws_glacier_vault: Add plan-time validation for notification configuration block events and sns_topic_arn arguments (#12645)
resource/aws_glue_catalog_table: Adds support for specifying schema from schema registry. (#17335)
resource/aws_iam_access_key: Add create_date attribute (#17318)
resource/aws_iam_access_key: Support resource import (#17321)
resource/resource_aws_lb_target_group: Add protocol_version (#17260)
resource/aws_subnet: Add customer_owned_ipv4_pool and map_customer_owned_ip_on_launch attributes (#16676)
resource/aws_lb: Add ipv6_address attribute (#17229)
resource/aws_sfn_state_machine: Add support for EXPRESS state machine type (#12249)
resource/aws_cloudfront_distribution: Add cloudfront_origin_request_policy_id attribute (#17342)
BUG FIXES:
----------
data-source/aws_partition: Correct reverse_dns_prefix value in AWS China, C2S, and SC2S (#17142)
provider: Only validate AWS shared configuration profile SSO configuration when attempting to use SSO cached credentials (#17469)
resource/aws_api_gateway_method_settings: Ignore non-existent resource errors during deletion (#17234)
resource/aws_api_gateway_method_settings: Prevent confusing Terraform error on resource disappearance during creation (#17234)
resource/aws_cloudwatch_event_rule: Prevent perpetual differences with name_prefix argument values beginning with terraform- (#17030)
resource/aws_glacier_vault: Prevent crash with GetVaultAccessPolicy API errors (#12645)
resource/aws_glacier_vault: Properly remove from state when resource does not exist (#12645)
resource/aws_glue_crawler: Use standard retry timeout for IAM eventual consistency and retry on LakeFormation permissions errors (#17256)
resource/aws_glue_partition: Fix partition_values to preserve order. (#17344)
resource/aws_iam_access_key: Ensure Inactive status is properly configured during resource creation (#17322)
resource/aws_kinesis_firehose_delivery_stream: Use standard retry timeout for IAM eventual consistency and retry on LakeFormation access errors (#17254)
resource/aws_security_group: Prevent perpetual differences with name_prefix argument values beginning with terraform- (#17030)
resource/aws_ssoadmin_permission_set: Properly update resource with relay_state argument (#17423)
resource/aws_vpc_endpoint: Return unsuccessful deletion information immediately as an error instead of timing out while waiting for deletion (#16656)
resource/aws_vpc_endpoint_service: Return unsuccessful deletion information immediately as an error instead of timing out while waiting for deletion (#16656)
The real issue is that this package does not include all of twisted,
so just say that in DESCR -- which is supposed to describe what is in
the package.
(There's a larger issue about why py-amkCrypto is not a dependency, or
an optional dependency, or a dependency of some py-twisted-conf other
package.)
version 2.84
Unknown changes
version 2.83
Use the values of --min-port and --max-port in outgoing
TCP connections to upstream DNS servers.
Fix a remote buffer overflow problem in the DNSSEC code. Any
dnsmasq with DNSSEC compiled in and enabled is vulnerable to this,
referenced by CVE-2020-25681, CVE-2020-25682, CVE-2020-25683
CVE-2020-25687.
Be sure to only accept UDP DNS query replies at the address
from which the query was originated. This keeps as much entropy
in the {query-ID, random-port} tuple as possible, to help defeat
cache poisoning attacks. Refer: CVE-2020-25684.
Use the SHA-256 hash function to verify that DNS answers
received are for the questions originally asked. This replaces
the slightly insecure SHA-1 (when compiled with DNSSEC) or
the very insecure CRC32 (otherwise). Refer: CVE-2020-25685.
Handle multiple identical near simultaneous DNS queries better.
Previously, such queries would all be forwarded
independently. This is, in theory, inefficent but in practise
not a problem, _except_ that is means that an answer for any
of the forwarded queries will be accepted and cached.
An attacker can send a query multiple times, and for each repeat,
another {port, ID} becomes capable of accepting the answer he is
sending in the blind, to random IDs and ports. The chance of a
succesful attack is therefore multiplied by the number of repeats
of the query. The new behaviour detects repeated queries and
merely stores the clients sending repeats so that when the
first query completes, the answer can be sent to all the
clients who asked. Refer: CVE-2020-25686.
This says nothing other than that the package behaves the way it
should and that the user should read the documentation.
(The hint about upgrading is from at least 7 years ago, so that should
be deleted anyway.)
2.3.19 (2021.02.04)
Highlights:
* JARM: New JARM database thanks to Julien Voisin @jvoisin (#331)
* Many contributions from Rumble Discovery (@hdm) thanks to Julien Voisin
@jvoisin for the backport (#334)
* Testing: New testing via Github actions thanks to Gavin Schneider
@gschneider-r7 (#328)
* SIP: Improved coverage for Server and User Agent (#339)
* CPE: Various improvements (#330)
* SMB: Focused improvements and added product coverage (#307)
* Misc fingerprint improvements (Thanks @jvoisin and @scopedsecurity)
(#308, #327, #331)
Changes in version 0.4.4.7 - 2021-02-03
Tor 0.4.4.7 backports numerous bugfixes from later releases,
including one that made v3 onion services more susceptible to
denial-of-service attacks, and a feature that makes some kinds of
DoS attacks harder to perform.
o Major bugfixes (onion service v3, backport from 0.4.5.3-rc):
- Stop requiring a live consensus for v3 clients and services, and
allow a "reasonably live" consensus instead. This allows v3 onion
services to work even if the authorities fail to generate a
consensus for more than 2 hours in a row. Fixes bug 40237; bugfix
on 0.3.5.1-alpha.
o Major feature (exit, backport from 0.4.5.5-rc):
- Re-entry into the network is now denied at the Exit level to all
relays' ORPorts and authorities' ORPorts and DirPorts. This change
should help mitgate a set of denial-of-service attacks. Closes
ticket 2667.
o Minor feature (build system, backport from 0.4.5.4-rc):
- New "make lsp" command to generate the compile_commands.json file
used by the ccls language server. The "bear" program is needed for
this. Closes ticket 40227.
o Minor features (compilation, backport from 0.4.5.2-rc):
- Disable deprecation warnings when building with OpenSSL 3.0.0 or
later. There are a number of APIs newly deprecated in OpenSSL
3.0.0 that Tor still requires. (A later version of Tor will try to
stop depending on these APIs.) Closes ticket 40165.
o Minor features (crypto, backport from 0.4.5.3-rc):
- Fix undefined behavior on our Keccak library. The bug only
appeared on platforms with 32-byte CPU cache lines (e.g. armv5tel)
and would result in wrong digests. Fixes bug 40210; bugfix on
0.2.8.1-alpha. Thanks to Bernhard Übelacker, Arnd Bergmann and
weasel for diagnosing this.
o Minor bugfixes (compatibility, backport from 0.4.5.1-rc):
- Strip '\r' characters when reading text files on Unix platforms.
This should resolve an issue where a relay operator migrates a
relay from Windows to Unix, but does not change the line ending of
Tor's various state files to match the platform, and the CRLF line
endings from Windows end up leaking into other files such as the
extra-info document. Fixes bug 33781; bugfix on 0.0.9pre5.
o Minor bugfixes (compilation, backport from 0.4.5.3-rc):
- Fix a compilation warning about unreachable fallthrough
annotations when building with "--enable-all-bugs-are-fatal" on
some compilers. Fixes bug 40241; bugfix on 0.3.5.4-alpha.
o Minor bugfixes (SOCKS5, backport from 0.4.5.3-rc):
- Handle partial SOCKS5 messages correctly. Previously, our code
would send an incorrect error message if it got a SOCKS5 request
that wasn't complete. Fixes bug 40190; bugfix on 0.3.5.1-alpha.
o Minor bugfixes (testing, backport from 0.4.5.2-alpha):
- Fix the `config/parse_tcp_proxy_line` test so that it works
correctly on systems where the DNS provider hijacks invalid
queries. Fixes part of bug 40179; bugfix on 0.4.3.1-alpha.
- Fix our Python reference-implementation for the v3 onion service
handshake so that it works correctly with the version of hashlib
provided by Python 3.9. Fixes part of bug 40179; bugfix
on 0.3.1.6-rc.
- Fix the `tortls/openssl/log_one_error` test to work with OpenSSL
3.0.0. Fixes bug 40170; bugfix on 0.2.8.1-alpha.
Add ruby-winrm-elevated package version 1.2.3. This is required by new
ruby-winrm package.
Runs PowerShell commands as elevated over Windows Remote Management (WinRM)
via a scheduled task
This gem allows you to break out of the magical WinRM constraints thus
allowing to reach out to network shares and even install Windows updates,
.NET, SQL Server etc.
3.4.9 (2021-01-27)
* Powershell process keep running with local train transport. #660
(Vasu1105)
3.4.8 (2021-01-26)
* su - USER command execution support & change transport_options to
attr_accessor #636 (vsingh-msys)
RELRO_SUPPORTED=no is set in lang/go/go-vars.mk which should remove the
need to use CHECK_RELRO_SKIP in go packages. This was not working
previously because check-relro.mk was using "PKGSRC_USE_RELRO" instead
of "_PKGSRC_USE_RELRO".
ok'd jperkin
Wireshark 3.4.3 Release Notes
What’s New
The Windows installers now ship with Npcap 1.10. They previously
shipped with Npcap 1.00.
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2021-01[1] USB HID dissector memory leak. Bug 17124[2].
CVE-2021-22173[3].
• wnpa-sec-2021-02[4] USB HID dissector crash. Bug 17165[5].
CVE-2021-22174[6].
The following bugs have been fixed:
• SIP response single-line multiple Contact-URIs decoding error Bug
13752[7].
• Adding filter while "Telephony→VoIP Calls→Flow Sequence" open
causes OOB memory reads and potential crashes. Bug 16952[8].
• QUIC packet not fully dissected Bug 17077[9].
• SOMEIP-SD hidden entries are off Bug 17091[10].
• Problem with calculation on UDP checksum in SRv6 Bug 17097[11].
• Dark mode not working in Wireshark 3.4.2 on macOS Bug 17098[12].
• Wireshark 3.4.0: build failure on older MacOS releases, due to
'CLOCK_REALTIME' Bug 17101[13].
• TECMP: Status Capture Module messages shows 3 instead of 2 bytes
for HW version Bug 17133[14].
• Documentation - editorial error - README.dissector bad reference
Bug 17141[15].
• Cannot save capture with comments to a format that doesn’t
support it (no pop-up) Bug 17146[16].
• AUTOSAR-NM: PNI TF-String wrong way around Bug 17154[17].
• Fibre Channel parsing errors even with the fix for 17084 Bug
17168[18].
• f5ethtrailer: Won’t find a trailer after an FCS that begins with
a 0x00 byte Bug 17171[19].
• f5ethtrailer: legacy format, low noise only, no vip name trailers
no longer detected Bug 17172[20].
• Buildbot crash output: fuzz-2021-01-22-3387835.pcap Bug
17174[21].
• Dissection error on large ZVT packets Bug 17177[22].
• TShark crashes with -T ek option Bug 17179[23].
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
AUTOSAR-NM, DHCPv6, DoIP, FC ELS, GQUIC, IPv6, NAS 5GS, NAS EPS,
QUIC, SIP, SOME/IP-SD, TECMP, TLS, TPNCP, USB HID, and ZVT
New and Updated Capture File Support
f5ethtrailer and pcapng
pkgsrc changes:
- Adjust to use go-module.mk
- Remove unneeded GITHUB_PROJECT, it is already PKGBASE by default
- Remove bash tool dependency and REPLACE_BASH, none of the scripts are invoked
Changes:
Unfortunately the changelog is too long to include (138KB, more than 1000 lines
not wrapped). It can be found at:
https://raw.githubusercontent.com/hashicorp/terraform-provider-aws/v3.26.0/CHANGELOG.md
(or ${WRKSRC}/CHANGELOG.md).
Worth to note:
- terraform-provider-aws 3.x is compatible only with Terraform 0.12 and newer
- A lot of new data sources and resources
And here the complete list of breaking changes of 3.x:
BREAKING CHANGES
----------------
* provider: New versions of the provider can only be automatically installed on Terraform 0.12 and later
* provider: All "removed" attributes are cut, using them would result in a Terraform Core level error
* provider: Credential ordering has changed from static, environment, shared credentials, EC2 metadata, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata) to static, environment, shared credentials, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata)
* provider: The `AWS_METADATA_TIMEOUT` environment variable no longer has any effect as we now depend on the default AWS Go SDK EC2 Metadata client timeout of one second with two retries
* provider: Remove deprecated `kinesis_analytics` and `r53` custom service endpoint arguments
* data-source/aws_availability_zones: Remove deprecated `blacklisted_names` and `blacklisted_zone_ids` arguments
* data-source/aws_directory_service_directory: Return an error when a single result is not found
* data-source/aws_ecr_repository: Return an error when a single result is not found
* data-source/aws_efs_file_system: Return an error when a single result is not found
* data-source/aws_launch_template: Return an error when a single result is not found
* data-source/aws_route53_resolver_rule: Trailing period removed from `domain_name` argument set in data-source
* data-source/aws_route53_zone: Trailing period removed from `name` argument set in data-source
* resource/aws_acm_certificate: `certificate_body`, `certificate_chain`, and `private_key` attributes are no longer stored in the Terraform state with hash values
* resource/aws_acm_certificate: `domain_validation_options` attribute changed from list to set
* resource/aws_acm_certificate: Plan-time validation added to `domain_name` and `subject_alternative_names` arguments to prevent usage of strings with trailing periods
* resource/aws_api_gateway_method_settings: Remove `Computed` property from `throttling_burst_limit` and `throttling_rate_limit` arguments, enabling drift detection
* resource/aws_api_gateway_method_settings: Update `throttling_burst_limit` and `throttling_rate_limit` argument defaults to match API default of `-1` to keep throttling disabled
* resource/aws_autoscaling_group: `availability_zones` and `vpc_zone_identifier` argument conflict now reported at plan-time
* resource/aws_autoscaling_group: Remove `Computed` property from `load_balancers` and `target_group_arns` arguments, enabling drift detection
* resource/aws_cloudfront_distribution: `active_trusted_signers` argument renamed to `trusted_signers` to support accessing `items` in Terraform 0.12
* resource/aws_cloudwatch_log_group: Automatically trim `:*` suffix from `arn` attribute
* resource/aws_codepipeline: Removes `GITHUB_TOKEN` environment variable
* resource/aws_cognito_user_pool: Remove deprecated `admin_create_user_config` configuration block `unused_account_validity_days` argument
* resource/aws_dx_gateway: Remove automatic `aws_dx_gateway_association` resource import
* resource/aws_dx_gateway_association: Remove deprecated `vpn_gateway_id` argument
* resource/aws_dx_gateway_association_proposal: Remove deprecated `vpn_gateway_id` argument
* resource/aws_ebs_volume: Return an error when `iops` argument set to a value greater than 0 for volume types other than `io1`
* resource/aws_elastic_transcoder_preset: Remove `video` configuration block `max_frame_rate` argument default value
* resource/aws_emr_cluster: Remove deprecated `instance_group` configuration block, `core_instance_count`, `core_instance_type`, and `master_instance_type` arguments
* resource/aws_glue_job: Remove deprecated `allocated_capacity` argument
* resource/aws_iam_access_key: Remove deprecated `ses_smtp_password` attribute
* resource/aws_iam_instance_profile: Remove deprecated `roles` argument
* resource/aws_iam_server_certificate: Remove state hashing from `certificate_body`, `certificate_chain`, and `private_key` arguments for new or recreated resources
* resource/aws_instance: Return an error when `ebs_block_device` `iops` or `root_block_device` `iops` argument set to a value greater than `0` for volume types other than `io1`
* resource/aws_lambda_alias: Resource import no longer converts Lambda Function name to ARN
* resource/aws_launch_template: `network_interfaces` `delete_on_termination` argument changed from `bool` to `string` type
* resource/aws_lb_listener_rule: Remove deprecated `condition` configuration block `field` and `values` arguments
* resource/aws_msk_cluster: Update `encryption_info` `encryption_in_transit` `client_broker` argument default to match API default of `TLS`
* resource/aws_rds_cluster: Update `scaling_configuration` `min_capacity` argument default to match API default of `1`
* resource/aws_route53_resolver_rule: Trailing period removed from `domain_name` argument set in resource
* resource/aws_route53_zone: Trailing period removed from `name` argument set in resource
* resource/aws_s3_bucket: Remove automatic `aws_s3_bucket_policy` resource import
* resource/aws_s3_bucket: Convert `region` to read-only attribute
* resource/aws_s3_bucket_metric: Update `filter` argument to require at least one of the `prefix` or `tags` nested arguments
* resource/aws_security_group: Remove automatic `aws_security_group_rule` resource import
* resource/aws_ses_domain_identity: Plan-time validation added to `domain` argument to prevent usage of strings with trailing periods
* resource/aws_ses_domain_identity_verification: Plan-time validation added to `domain` argument to prevent usage of strings with trailing periods
* resource/aws_sns_platform_application: `platform_credential` and `platform_principal` attributes are no longer stored in the Terraform state with hash values
* resource/aws_spot_fleet_request: Remove 24 hour default for `valid_until` argument
* resource/aws_ssm_maintenance_window_task: Remove deprecated `logging_info` and `task_parameters` configuration blocks
- Changelog:
* Bug Fixes:
- Multiple threads could attempt to destroy a single RBTDB instance at the
same time, resulting in an unpredictable but low-probability assertion
failure in free_rbtdb(). This has been fixed. [GL #2317]
- Full changelog at:
https://downloads.isc.org/isc/bind9/9.11.27/RELEASE-NOTES-bind-9.11.27.html
- Fix build (at least) on SmartOS
- Changelog:
* Feature Changes:
- The new networking code introduced in BIND 9.16 (netmgr) was overhauled
in order to make it more stable, testable, and maintainable. [GL #2321]
- Earlier releases of BIND versions 9.16 and newer required the operating
system to support load-balanced sockets in order for named to be able to
achieve high performance (by distributing incoming queries among multiple
threads). However, the only operating systems currently known to support
load-balanced sockets are Linux and FreeBSD 12, which means both UDP and
TCP performance were limited to a single thread on other systems. As of
BIND 9.17.8, named attempts to distribute incoming queries among multiple
threads on systems which lack support for load-balanced sockets (except
Windows). [GL #2137]
- It is now possible to transition a zone from secure to insecure mode
without making it bogus in the process; changing to dnssec-policy none;
also causes CDS and CDNSKEY DELETE records to be published, to signal
that the entire DS RRset at the parent must be removed, as described in
RFC 8078. [GL #1750]
- When using the unixtime or date method to update the SOA serial number,
named and dnssec-signzone silently fell back to the increment method to
prevent the new serial number from being smaller than the old serial
number (using serial number arithmetics). dnssec-signzone now prints a
warning message, and named logs a warning, when such a fallback happens.
[GL #2058]
* Bug Fixes:
- Multiple threads could attempt to destroy a single RBTDB instance at the
same time, resulting in an unpredictable but low-probability assertion
failure in free_rbtdb(). This has been fixed. [GL #2317]
- named no longer attempts to assign threads to CPUs outside the CPU
affinity set. Thanks to Ole Bjørn Hessen. [GL #2245]
- When reconfiguring named, removing auto-dnssec did not turn off DNSSEC
maintenance. This has been fixed. [GL #2341]
- The report of intermittent BIND assertion failures triggered in
lib/dns/resolver.c:dns_name_issubdomain() has now been closed without
further action. Our initial response to this was to add diagnostic
logging instead of terminating named, anticipating that we would receive
further useful troubleshooting input. This workaround first appeared in
BIND releases 9.17.5 and 9.16.7. However, since those releases were
published, there have been no new reports of assertion failures matching
this issue, but also no further diagnostic input, so we have closed the
issue. [GL #2091]
- Full Changelog at:
https://downloads.isc.org/isc/bind9/9.16.11/doc/arm/html/notes.html
pkgsrc changes:
---------------
* The PID file does not need to be written in a dedicated subdirectory
and it can be written in ${VARBASE}/run directly instead.
* The configuration parameters which need to be tuned in mosquitto.conf
can be uncommented and set in according with pkgsrc variables.
upstream changes:
-----------------
2.0.5 - 2021-01-11
==================
Broker:
- Fix `auth_method` not being provided to the extended auth plugin event.
Closes#1975.
- Fix large packets not being completely published to slow clients.
Closes#1977.
- Fix bridge connection not relinquishing POLLOUT after messages are sent.
Closes#1979.
- Fix apparmor incorrectly denying access to
/var/lib/mosquitto/mosquitto.db.new. Closes#1978.
- Fix potential intermittent initial bridge connections when using poll().
- Fix `bind_interface` option. Closes#1999.
- Fix invalid behaviour in dynsec plugin if a group or client is deleted
before a role that was attached to the group or client is deleted.
Closes#1998.
- Improve logging in dynsec addGroupRole command. Closes#2005.
- Improve logging in dynsec addGroupClient command. Closes#2008.
Client library:
- Improve documentation around the `_v5()` and non-v5 functions, e.g.
`mosquitto_publish()` and `mosquitto_publish_v5().
Build:
- `install` Makefile target should depend on `all`, not `mosquitto`, to ensure
that man pages are always built. Closes#1989.
- Fixes for lots of minor build warnings highlighted by Visual Studio.
Apps:
- Disallow control characters in mosquitto_passwd usernames.
- Fix incorrect description in mosquitto_ctrl man page. Closes#1995.
- Fix `mosquitto_ctrl dynsec getGroup` not showing roles. Closes#1997.
2.0.4 - 2020-12-22
==================
Broker:
- Fix $SYS/broker/publish/messages/+ counters not being updated for QoS 1, 2
messages. Closes#1968.
- mosquitto_connect_bind_async() and mosquitto_connect_bind_v5() should not
reset the bind address option if called with bind_address == NULL.
- Fix dynamic security configuration possibly not being reloaded on Windows
only. Closes#1962.
- Add more log messages for dynsec load/save error conditions.
- Fix websockets connections blocking non-websockets connections on Windows.
Closes#1934.
Build:
- Fix man pages not being built when using CMake. Closes#1969.
2.0.3 - 2020-12-17
==================
Security:
- Running mosquitto_passwd with the following arguments only
`mosquitto_passwd -b password_file username password` would cause the
username to be used as the password.
Broker:
- Fix excessive CPU use on non-Linux systems when the open file limit is set
high. Closes#1947.
- Fix LWT not being sent on client takeover when the existing session wasn't
being continued. Closes#1946.
- Fix bridges possibly not completing connections when WITH_ADNS is in use.
Closes#1960.
- Fix QoS 0 messages not being delivered if max_queued_messages was set to 0.
Closes#1956.
- Fix local bridges being disconnected on SIGHUP. Closes#1942.
- Fix slow initial bridge connections for WITH_ADNS=no.
- Fix persistence_location not appending a '/'.
Clients:
- Fix mosquitto_sub being unable to terminate with Ctrl-C if a successful
connection is not made. Closes#1957.
Apps:
- Fix `mosquitto_passwd -b` using username as password (not if `-c` is also
used). Closes#1949.
Build:
- Fix `install` target when using WITH_CJSON=no. Closes#1938.
- Fix `generic` docker build. Closes#1945.
2.0.2 - 2020-12-10
==================
Broker:
- Fix build regression for WITH_WEBSOCKETS=yes on non-Linux systems.
2.0.1 - 2020-12-10
==================
Broker:
- Fix websockets connections on Windows blocking subsequent connections.
Closes#1934.
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes#1925. Closes#1476.
- Fix websockets listeners not causing the main loop not to wake up.
Closes#1936.
Client library:
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes#1925. Closes#1476.
Apps:
- Fix `mosquitto_passwd -U`
Build:
- Fix cjson include paths.
- Fix build using WITH_TLS=no when the openssl headers aren't available.
- Distribute cmake/ and snap/ directories in tar.
2.0.0 - 2020-12-03
==================
Breaking changes:
- When the Mosquitto broker is run without configuring any listeners it will
now bind to the loopback interfaces 127.0.0.1 and/or ::1. This means that
only connections from the local host will be possible.
Running the broker as `mosquitto` or `mosquitto -p 1883` will bind to the
loopback interface.
Running the broker with a configuration file with no listeners configured
will bind to the loopback interface with port 1883.
Running the broker with a listener defined will bind by default to `0.0.0.0`
/ `::` and so will be accessible from any interface. It is still possible to
bind to a specific address/interface.
If the broker is run as `mosquitto -c mosquitto.conf -p 1884`, and a
listener is defined in the configuration file, then the port defined on the
command line will be IGNORED, and no listener configured for it.
- All listeners now default to `allow_anonymous false` unless explicitly set
to true in the configuration file. This means that when configuring a
listener the user must either configure an authentication and access control
method, or set `allow_anonymous true`. When the broker is run without a
configured listener, and so binds to the loopback interface, anonymous
connections are allowed.
- If Mosquitto is run on as root on a unix like system, it will attempt to
drop privileges as soon as the configuration file has been read. This is in
contrast to the previous behaviour where elevated privileges were only
dropped after listeners had been started (and hence TLS certificates loaded)
and logging had been started. The change means that clients will never be
able to connect to the broker when it is running as root, unless the user
explicitly sets it to run as root, which is not advised. It also means that
all locations that the broker needs to access must be available to the
unprivileged user. In particular those people using TLS certificates from
Lets Encrypt will need to do something to allow Mosquitto to access
those certificates. An example deploy renewal hook script to help with this
is at `misc/letsencrypt/mosquitto-copy.sh`.
The user that Mosquitto will change to are the one provided in the
configuration, `mosquitto`, or `nobody`, in order of availability.
- The `pid_file` option will now always attempt to write a pid file,
regardless of whether the `-d` argument is used when running the broker.
- The `tls_version` option now defines the *minimum* TLS protocol version to
be used, rather than the exact version. Closes#1258.
- The `max_queued_messages` option has been increased from 100 to 1000 by
default, and now also applies to QoS 0 messages, when a client is connected.
- The mosquitto_sub, mosquitto_pub, and mosquitto_rr clients will now load
OS provided CA certificates by default if `-L mqtts://...` is used, or if
the port is set to 8883 and no other CA certificates are loaded.
- Minimum support libwebsockets version is now 2.4.0
- The license has changed from "EPL-1.0 OR EDL-1.0" to "EPL-2.0 OR EDL-1.0".
Broker features:
- New plugin interface which is more flexible, easier to develop for and
easier to extend.
- New dynamic security plugin, which allows clients, groups, and roles to be
defined and updated as the broker is running.
- Performance improvements, particularly for higher numbers of clients.
- When running as root, if dropping privileges to the "mosquitto" user fails,
then try "nobody" instead. This reduces the burden on users installing
Mosquitto themselves.
- Add support for Unix domain socket listeners.
- Add `bridge_outgoing_retain` option, to allow outgoing messages from a
bridge to have the retain bit completely disabled, which is useful when
bridging to e.g. Amazon or Google.
- Add support for MQTT v5 bridges to handle the "retain-available" property
being false.
- Allow MQTT v5.0 outgoing bridges to fall back to MQTT v3.1.1 if connecting
to a v3.x only broker.
- DLT logging is now configurable at runtime with `log_dest dlt`.
Closes#1735.
- Add `mosquitto_broker_publish()` and `mosquitto_broker_publish_copy()`
functions, which can be used by plugins to publish messages.
- Add `mosquitto_client_protocol_version()` function which can be used by
plugins to determine which version of MQTT a client has connected with.
- Add `mosquitto_kick_client_by_clientid()` and `mosquitto_kick_client_by_username()`
functions, which can be used by plugins to disconnect clients.
- Add support for handling $CONTROL/ topics in plugins.
- Add support for PBKDF2-SHA512 password hashing.
- Enabling certificate based TLS encryption is now through certfile and
keyfile, not capath or cafile.
- Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.
- Add "deny" acl type. Closes#1611.
- The broker now sends the receive-maximum property for MQTT v5 CONNACKs.
- Add the `bridge_max_packet_size` option. Closes#265.
- Add the `bridge_bind_address` option. Closes#1311.
- TLS certificates for the server are now reloaded on SIGHUP.
- Default for max_queued_messages has been changed to 1000.
- Add `ciphers_tls1.3` option, to allow setting TLS v1.3 ciphersuites.
Closes#1825.
- Bridges now obey MQTT v5 server-keepalive.
- Add bridge support for the MQTT v5 maximum-qos property.
- Log client port on new connections. Closes#1911.
Broker fixes:
- Send DISCONNECT with `malformed-packet` reason code on invalid PUBLISH,
SUBSCRIBE, and UNSUBSCRIBE packets.
- Document that X509_free() must be called after using
mosquitto_client_certificate(). Closes#1842.
- Fix listener not being reassociated with client when reloading a persistence
file and `per_listener_settings true` is set and the client did not set a
username. Closes#1891.
- Fix bridge sock not being removed from sock hash on error. Closes#1897.
- mosquitto_password now forbids the : character. Closes#1833.
- Fix `log_timestamp_format` not applying to `log_dest topic`. Closes#1862.
- Fix crash on Windows if loading a plugin fails. Closes#1866.
- Fix file logging on Windows. Closes#1880.
- Report an error if the config file is set to a directory. Closes#1814.
- Fix bridges incorrectly setting Wills to manage remote notifications when
`notifications_local_only` was set true. Closes#1902.
Client library features:
- Client no longer generates random client ids for v3.1.1 clients, these are
now expected to be generated on the broker. This matches the behaviour for
v5 clients. Closes#291.
- Add support for connecting to brokers through Unix domain sockets.
- Add `mosquitto_property_identifier()`, for retrieving the identifier integer
for a property.
- Add `mosquitto_property_identifier_to_string()` for converting a property
identifier integer to the corresponding property name string.
- Add `mosquitto_property_next()` to retrieve the next property in a list, for
iterating over property lists.
- mosquitto_pub now handles the MQTT v5 retain-available property by never
setting the retain bit.
- Added MOSQ_OPT_TCP_NODELAY, to allow disabling Nagle's algorithm on client
sockets. Closes#1526.
- Add `mosquitto_ssl_get()` to allow clients to access their SSL structure and
perform additional verification.
- Add MOSQ_OPT_BIND_ADDRESS to allow setting of a bind address independently
of the `mosquitto_connect*()` call.
- Add `MOSQ_OPT_TLS_USE_OS_CERTS` option, to instruct the client to load and
trust OS provided CA certificates for use with TLS connections.
Client library fixes:
- Fix send quota being incorrecly reset on reconnect. Closes#1822.
- Don't use logging until log mutex is initialised. Closes#1819.
- Fix missing mach/mach_time.h header on OS X. Closes#1831.
- Fix connect properties not being sent when the client automatically
reconnects. Closes#1846.
Client features:
- Add timeout return code (27) for `mosquitto_sub -W <secs>` and
`mosquitto_rr -W <secs>`. Closes#275.
- Add support for connecting to brokers through Unix domain sockets with the
`--unix` argument.
- Use cJSON library for producing JSON output, where available. Closes#1222.
- Add support for outputting MQTT v5 property information to mosquitto_sub/rr
JSON output. Closes#1416.
- Add `--pretty` option to mosquitto_sub/rr for formatted/unformatted JSON
output.
- Add support for v5 property printing to mosquitto_sub/rr in non-JSON mode.
Closes#1416.
- Add `--nodelay` to all clients to allow them to use the MOSQ_OPT_TCP_NODELAY
option.
- Add `-x` to all clients to all the session-expiry-interval property to be
easily set for MQTT v5 clients.
- Add `--random-filter` to mosquitto_sub, to allow only a certain proportion
of received messages to be printed.
- mosquitto_sub %j and %J timestamps are now in a ISO 8601 compatible format.
- mosquitto_sub now supports extra format specifiers for field width and
precision for some parameters.
- Add `--version` for all clients.
- All clients now load OS provided CA certificates if used with `-L
mqtts://...`, or if port is set to 8883 and no other CA certificates are
used. Closes#1824.
- Add the `--tls-use-os-certs` option to all clients.
Client fixes:
- mosquitto_sub will now exit if all subscriptions were denied.
- mosquitto_pub now sends 0 length files without an error when using `-f`.
- Fix description of `-e` and `-t` arguments in mosquitto_rr. Closes#1881.
- mosquitto_sub will now quit with an error if the %U option is used on
Windows, rather than just quitting. Closes#1908.
pkgsrc changes:
- Remove GITHUB_PROJECT nop redefinition (it is already PKGBASE by default)
- Avoid GITHUB_PROJECT reference in GO_SRCPATH: it is unlikely that it will be
changed (NFC, and in general more consistent with most GO_SRCPATH definitions
in pkgsrc)
Changes:
0.12.30
-------
UPGRADE NOTES:
* The builtin provider's `terraform_remote_state` data source no longer
enforces Terraform version checks on the remote state file. This allows
Terraform 0.12.30 to access remote state from future Terraform
versions, up until a future incompatible state file version upgrade is
required. (#26692)
Changes 4.13.4
* BUG 14607: Work around special SMB2 IOCTL response behavior of NetApp Ontap
7.3.7.
* BUG 14612: Temporary DFS share setup doesn't set case parameters in the
same way as a regular share definition does.
* BUG 14605: lib: Avoid declaring zero-length VLAs in various messaging
functions.
* BUG 14579: Do not create an empty DB when accessing a sam.ldb.
* BUG 14596: vfs_fruit may close wrong backend fd.
* BUG 14612: Temporary DFS share setup doesn't set case parameters in the
same way as a regular share definition does.
* BUG 14606: vfs_virusfilter: Allocate separate memory for config char*.
* BUG 14596: vfs_fruit may close wrong backend fd.
* BUG 14607: Work around special SMB2 IOCTL response behavior of NetApp Ontap
7.3.7.
* BUG 14601: The cache directory for the user gencache should be created
recursively.
* BUG 14594: Be more flexible with repository names in CentOS 8 test
environments.
3.8.11:
Bug fixes
This release requires Erlang/OTP 22.x or later
3.8.10:
We encourage all users to consult release notes but skip this release and upgrade to 3.8.11 or later.
Bug fixes
More features supported by quorum queues
Usability improvements
Deprecations
Sat Jul 4 06:40:38 UTC 2020 lukem
* Release as "tnftpd 20200704".
* Change --with-blacklist to --with-blocklist and search for
libblocklist first, falling back to the legacy libblacklist.
* Update to NetBSD-ftpd 20200615:
* Increase some buffer sizes.
* Rename blacklist to blocklist.
Changes:
1.53.4
------
* Bug Fixes
* accounting: Fix data race in Transferred() (Maciej Zimnoch)
* build
* Stop tagged releases making a current beta (Nick Craig-Wood)
* Upgrade docker buildx action (Matteo Pietro Dazzi)
* Add -buildmode to cross-compile.go (Nick Craig-Wood)
* Fix docker build by upgrading ilteoood/docker_buildx
(Nick Craig-Wood)
* Revert GitHub actions brew fix since this is now fixed
(Nick Craig-Wood)
* Fix brew install --cask syntax for macOS build (Nick Craig-Wood)
* Update nfpm syntax to fix build of .deb/.rpm packages
(Nick Craig-Wood)
* Fix for Windows build errors (Ivan Andreev)
* fs: Parseduration: fixed tests to use UTC time (Ankur Gupta)
* fshttp: Prevent overlap of HTTP headers in logs (Nathan Collins)
* rc
* Fix core/command giving 500 internal error (Nick Craig-Wood)
* Add Copy method to rc.Params (Nick Craig-Wood)
* Fix 500 error when marshalling errors from core/command
(Nick Craig-Wood)
* plugins: Create plugins files only if webui is enabled. (negative0)
* serve http: Fix serving files of unknown length (Nick Craig-Wood)
* serve sftp: Fix authentication on one connection blocking others
(Nick Craig-Wood)
* Mount
* Add optional `brew` tag to throw an error when using mount in the
binaries installed via Homebrew (Anagh Kumar Baranwal)
* Add "." and ".." to directories to match cmount and expectations
(Nick Craig-Wood)
* VFS
* Make cache dir absolute before using it to fix path too long errors
(Nick Craig-Wood)
* Chunker
* Improve detection of incompatible metadata (Ivan Andreev)
* Google Cloud Storage
* Fix server side copy of large objects (Nick Craig-Wood)
* Jottacloud
* Fix token renewer to fix long uploads (Nick Craig-Wood)
* Fix token refresh failed: is not a regular file error (Nick Craig-Wood)
* Pcloud
* Only use SHA1 hashes in EU region (Nick Craig-Wood)
* Sharefile
* Undo Fix backend due to API swapping integers for strings
(Nick Craig-Wood)
* WebDAV
* Fix Open Range requests to fix 4shared mount (Nick Craig-Wood)
* Add "Depth: 0" to GET requests to fix bitrix (Nick Craig-Wood)
Add ability to comment on issues and pull requests
gh issue comment and gh pr comment commands are now available
Add ability to clone gists
gh gist clone is now available
New Features
- pr view: Display top level review comments inline with regular comments
- repo fork: Add ability to specify fork remote name
- pr merge: Add ability to delete local branch for previously merged PRs
Fixes
- auth: Add more descriptive error messaging when aborting due to environment
variables
- completion: Improve docs for bash, zsh, fish #2636
- version: Output link to correct tagged release #2638
- Update notification avoids incorrect notifications when gh is built from
source
# Version 2.0.45
- Configuration changes (to be required in versions 2.1.x):
* `[blacklist]` has been renamed to `[blocked_names]`
* `[ip_blacklist]` has been renamed to `[blocked_ips]`
* `[whitelist]` has been renamed to `[allowed_names]`
* `generate-domains-blacklist.py` has been renamed to
`generate-domains-blocklist.py`, and the configuration files have been
renamed as well.
- `dnscrypt-proxy -resolve` has been completely revamped, and now requires
the configuration file to be accessible. It will send a query to an IP address
of the `dnscrypt-proxy` server by default. Sending queries to arbitrary
servers is also supported with the new `-resolve name,address` syntax.
- Relay lists can be set to `*` for automatic relay selection. When a wildcard
is used, either for the list of servers or relays, the proxy ensures that
relays and servers are on distinct networks.
- Lying resolvers are detected and reported.
- New return code: `NOT_READY` for queries received before the proxy has
been initialized.
- Server lists can't be older than a week any more, even if directory
permissions are incorrect and cache files cannot be written.
- macOS/arm64 is now officially supported.
- New feature: `allowed_ips`, to configure a set of IP addresses to
never block no matter what DNS name resolves to them.
- Hard-coded IP addresses can be immediately returned for test queries
sent by operating systems in order to check for connectivity and captive
portals. Such responses can be sent even before an interface is considered
as enabled by the operating system. This can be configured in a new section
called `[captive_portals]`.
- On Linux, OpenBSD and FreeBSD, `listen_addresses` can now include IP
addresses that haven't been assigned to an interface yet.
- The logo has been tweaked to look fine on a dark background.
- `generate-domains-blocklist.py`: regular expressions are now ignored in
time-based entries.
- Minor bug fixes and logging improvements.
- Cloaking plugin: if an entry has multiple IP addresses for a type,
all the IP addresses are now returned instead of a random one.
- Static entries can now include DNSCrypt relays.
- Name blocking: aliases relying on `SVCB` and `HTTPS` records can now
be blocked in addition to aliases via regular `CNAME` records.
- EDNS-Client-Subnet information can be added to outgoing queries.
Instead of sending the actual client IP, ECS information is user
configurable, and IP addresses will be randomly chosen for every query.
- Initial DoH queries are now checked using random names in order to
properly measure CDNs such as Tencent that ignore the padding.
- DoH: the `max-stale` cache control directive is now present in queries.
- Logs can now be sent to `/dev/stdout` instead of actual files.
- User switching is now supported on macOS.
- New download mirror (https://download.dnscrypt.net) for resolvers,
relays and parental-control.
Thanks to the nice people who contributed to this release:
- Ian Bashford
- Will Elwood
- Alison Winters
- Krish De Souza
- @hugepants
- @IceCodeNew
- @lifenjoiner
- @mibere
- @jacob755
- @petercooperjr
- @yofiji
- Exposed Unicode Slugify options to better enhance filename generation, user can now:
Retain uppercase
Retain spaces
Choose the space replacement char if not retaining them
Convert characters to ASCII
- Album cover quality increased by switching to the pop-up image
- Fixed bandcamp-dl not being able to find the needed page data due to a change on Bandcamp's end
- Fixed script data matching
Release 1.35.0
For gRPC documentation, see grpc.io. For previous releases, see Releases.
This release contains refinements, improvements, and bug fixes, with highlights listed below.
Core
Backport "Fix implicit declaration error in zlib + macOS".
xDS features doc update for case insensitive prefix/full path matching.
Add darwin_arm64 and darwin_arm64e to c-ares config settings.
Add FileWatcher CertificateProvider.
Protect xds security code with the environment variable "GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT".
C++
Upgrade bazel to 3.7.1 (repository-wide).
Makefile: remove support for building protobuf, C++ libraries and executables.
C#
fix nuget package signing on Linux (do not use PublicSign=true on non-windows).
Remove C# as a supported language for xDS features.
Fix C# native library loading in .NET 5 single-file apps.
Python
Fix visibility of libprotobuf symbols in protoc_compiler.so on Mac.
[Aio] Correct type annotation of grpc.aio.ServicerContext.abort.
Add limit concurrent RPC feature to asyncio server.
[Aio] Fix the emtpy response handling in streaming RPC.
[Backport] Implement grpc.Future interface in SingleThreadedRendezvous.
[Backport] Make Python 2 an optional dependency for Bazel build.
Ruby
Fix implicit decalaration in rb_event_thread.c.
Base the ruby build off of latest rake-compiler-dock/manylinux14 images, add ruby 3.0 binary packages.
Ruby: add support to circuit_breaking xds interop test case.
Binary packages (for example, grpc-1.35.0-x86_64-linux.gem):
Are now compatible with ruby 3.0
Are now built off of manylinux14 (we no longer support Centos 6)
v11.0.0
Add stone to setup.py
Automated Spec Update
Fix links in release notes to be absolute
Bump peter-evans/create-pull-request from v3.4.1 to v3.5.1
change update_version.sh to reflect the renaming of dropbox/dropbox.py to dropbox/dropbox_client.py
Regenerate client using Stone 3.2.0
Bump codecov/codecov-action from v1.0.14 to v1.0.15
remove auto generated stone_fixtures.py
Automated Spec Update
v10.10.0
Automated Spec Update
v10.9.0
Automated Spec Update
Migrate references of master to main
Migrate primary branch to main
v10.8.0
Automated Spec Update
Update dispatch on spec update workflow
v10.7.0
Fix default in getAuthenticationUrl to pass if requested
Automated Spec Update
Bump codecov/codecov-action from v1.0.13 to v1.0.14
Bump actions/setup-python from v2.1.3 to v2.1.4
v10.6.0
Automated Spec Update
Bump peter-evans/create-pull-request from v3.4.0 to v3.4.1
v10.5.0
Automated Spec Update
Bump actions/setup-python from v2.1.2 to v2.1.3
Add release scripts
Add local build for docs to contributing
Added "of" to Question / Help Template
Fix arguments in OAuth2FlowResult.repr return value
Bump peter-evans/create-pull-request from v3.3.0 to v3.4.0
Update actions/setup-python requirement to v2.1.2
File update
Updated sphinx syntax
Add github action to auto update spec
Run CodeCov through github actions and remove Tox
Fix lists
Update OAuth.py Formatting
Update tox to not run codecov as github action takes care of it
Add github action for publishing master branch coverage
Add basic test to test codecov
Add 3.9-dev to travis and add codecov.yaml
Add Coverage.py and codecov functionality
ChangeLog for 0.9.22:
Library improvements
Added implementation of RPC over HTTP v2 protocol (by @mohemiv).
Added MS-NSPI, MS-OXNSPI and MS-OXABREF protocol implementations (by @mohemiv).
Improved the multi-page results in LDAP queries (by @ThePirateWhoSmellsOfSunflowers).
NDR parser optimization (by @mohemiv).
Improved serialization of WMI method parameters (by @tshmul).
Introduce the MS-NLMP 2.2.2.10 VERSION structure in NTLMAuthNegotiate messages (by @franferrax).
Added some NETLOGON structs for NetrServerPasswordSet2 (by @dirkjanm).
Python 3.8 support.
Examples improvements
atexec.py: Fixed after MS patches related to RPC attacks (by @mohemiv).
dpapi.py: Added -no-pass, pass-the-hash and AES Key support for backup subcommand.
GetNPUsers.py: Added ability to enumerate targets with Kerberos KRB5CC (by @rmaksimov).
GetUserSPNs.py: Added new features for kerberoasting (by @mohemiv).
ntlmrelayx.py:
Added ability to relay on new Windows versions that have SMB guest access disabled by default.
Added option to specify the NTLM Server Challenge used when receiving a connection.
Added relaying to RPC support (by @mohemiv).
Implemented WCFRelayServer (by @cnotin).
Added Zerologon DCSync Relay Client (by @dirkjanm).
Fixed issue in ldapattack.py when relaying and creating computer in CN=Computers (by @Hackndo).
rpcdump.py: Added RPC over HTTP v2 support (by @mohemiv).
secretsdump.py:
Added ability to specifically delete a shadow based on its ID (by @phefley).
Dump plaintext machine account password when dumping the local registry secrets(by @dirkjanm).
New examples
exchanger.py: A tool for connecting to MS Exchange via RPC over HTTP v2 (by @mohemiv).
rpcmap.py: Scan for listening DCE/RPC interfaces (by @mohemiv).
librsync 2.3.1
This is a patch release that adds peformance improvements, updates and tidies documentation, and fixes two build/test bugs on FreeBSD.
librsync 2.3.0
This is a minor release that adds rs_sig_args() for getting the recommended signature arguments based on the file size. which is used by rs_sig_file() and rdiff. This means rdiff by default will use a better block size based on the file size, and supports using --sum-size=-1 to use the smallest safe sum size (safe against random collisions, not against crafted hash-collision attacks). It removes old code that made the default strongsum size 8 when using --hash=md4, and it now defaults to 16 (the max for md4) for better protection against the risk of hash collision attacks and corruption. It also includes many code cleanups and testing improvements, including full C99 compliance. Upgrading from v2.2.1 is optional.
To generate signatures identical to the previous version's default arguments, you will need to use --block-size=2048 to select the old default block size. Also, when using --hash md4 you will need to add --sum-size=8 to select the old sum-size default when using md4 strongsums.
librsync 2.2.1
This is a patch release that fixes a bug that makes delta operations hang for files larger than 4GB. Upgrading from v2.2.0 is essential.
librsync 2.2.0
This is a minor release that adds RabinKarp rollsum support as the new recommended default. This is a much better rolling hash with a much better distribution and less collisions, particularly for text files and small blocks. This results in faster delta calculations and a reduced risk of corruption from hash collisions when using small strongsum sizes. It also includes important fixes for compiling on/for windows, and some other minor improvements. Upgrading from v2.1.0 is essential for people compiling for windows, recommended for people who want a performance increase, and otherwise not urgent.
To generate signatures compatible with previous versions of rdiff you will need to use the --rollsum rollsum to select the old rollsum algorithm, or for librsync use the RS_BLAKE2_SIG_MAGIC or RS_MD4_SIG_MAGIC arguments when starting the signature with rs_sig_begin().
librsync 2.1.0
This is a minor release that exposes a few useful utility functions to librsync.h previously only used by rdiff. It also introduces proper exporting of only public symbols in the librsync.h header. The most important fix is for a memory leak when freeing signatures. Upgrading from v2.0.2 is highly recommended for people using librsync and experiencing memory leak problems, but otherwise not urgent.
Packaged for wip by Edgar Fuß.
Icinga Web 2 is a powerful PHP framework for web applications that comes
in a clean and reduced design.
It's fast, responsive, accessible and easily extensible with modules.
upstream changes:
-----------------
Version 1.0.39
* Updating fast_tls to version 1.1.10.
* Updating stun to version 1.0.40.
* Updating p1_utils to version 1.0.21.
Version 1.0.38
* Updating stun to version 1.0.39.
* Updating fast_tls to version 1.1.9.
* Exclude old OTP releases from Travis
* Fixes to support compilation with rebar3
Version 1.0.37
* Updating stun to version 1.0.37.
* Updating fast_tls to version 1.1.8.
* Updating p1_utils to version 1.0.20.
Version 1.0.36
* Updating stun to version 1.0.36.
* Updating stun to version 1.0.36.
Version 1.0.35
* Fix compilation with Erlang/OTP 23.0 and Travis
* Updating stun to version 1.0.35.
* Updating fast_tls to version 1.1.7.
Version 1.0.34
* Updating stun to version 1.0.33.
* Updating fast_tls to version 1.1.6.
* Updating p1_utils to version 1.0.19.
Version 1.0.33
* Updating fast_tls to version 1.1.5.
* Updating stun to version 1.0.32.
Version 1.0.32
* Updating stun to version 1.0.31.
* Updating fast_tls to version 1.1.4.
* Updating p1_utils to version 1.0.18.
* Update copyright year
Version 1.0.31
* Updating stun to version 1.0.30.
* Updating fast_tls to version 1.1.3.
* Updating p1_utils to version 1.0.17.
Version 1.0.30
* Updating stun to version 1.0.29.
* Updating fast_tls to version 1.1.2.
* Updating p1_utils to version 1.0.16.
* Export useful types
Version 1.0.29
* Updating stun to version 1.0.28.
* Updating fast_tls to version 1.1.1.
* Updating p1_utils to version 1.0.15.
Version 1.0.28
* Updating stun to version 1.0.27.
* Updating fast_tls to version 1.1.0.
* Updating p1_utils to version 1.0.14.
* Add contribution guide
* Disable gcov because there is no c part anymore
Version 1.0.27
* Updating fast_tls to version 1.0.26.
* Updating stun to version 1.0.26.
Version 1.0.26
* Updating stun to version 1.0.25.
* Updating fast_tls to version 1.0.25.
* Updating p1_utils to version 1.0.13.
Version 1.0.25
* Updating stun to version 1.0.24.
* Updating fast_tls to version f36ea5b74526c2c1c9c38f8d473168d95804f59d.
* Updating p1_utils to version 6ff85e8.
upstream changes:
-----------------
Version 1.0.40
* Updating fast_tls to version 1.1.10.
* Updating p1_utils to version 1.0.21.
Version 1.0.39
* Updating fast_tls to version 1.1.9.
* Exclude from Travis old OTP releases
* Reduce log level for requests from incompatible clients.
Version 1.0.38
* Always log reason for TCP/TLS connection termination.
* Log relay allocation refreshes at notice level.
* Log duration of TURN sessions.
* Log STUN queries at debug (rather than info) level.
* Hand over more metadata to STUN callback.
Version 1.0.37
* Updating p1_utils to version 1.0.20.
* Updating fast_tls to version 1.1.8.
Version 1.0.36
* Log relay (de)allocation rather than authentication at notice level.
* Allow worker processes to perform cleanup tasks on shutdown.
* Support event callbacks.
Version 1.0.35
* Add session ID, transport, username, and IP addresses to log output.
* Log number of TURN-relayed bytes and packets.
* Log plain STUN (Binding) responses.
* Log all error responses.
Version 1.0.34
* Allow for binding listeners to specific IP addresses.
* Use new logging API on Erlang/OTP 22+.
Version 1.0.33
* Updating p1_utils to version 1.0.19.
* Fix compatibility issues with Erlang 23
* Add support for ipv6 clients
* Improve compatibilty with clients
Version 1.0.32
* Updating fast_tls to version 1.1.5.
* Make sure that 'turn_ip' address is used for communicating with peer.
* Make sure that opened socket uses ipv4.
Version 1.0.31
* Updating fast_tls to version 1.1.4.
* Updating p1_utils to version 1.0.18.
* Update copyright year
Version 1.0.30
* Updating fast_tls to version 1.1.3.
* Updating p1_utils to version 1.0.17.
Version 1.0.29
* Updating fast_tls to version 1.1.2.
* Updating p1_utils to version 1.0.16.
Version 1.0.28
* Updating fast_tls to version 1.1.1.
* Updating p1_utils to version 1.0.15.
Version 1.0.27
* Updating fast_tls to version 1.1.0.
* Updating p1_utils to version 1.0.14.
* Add contribution guide
Version 1.0.26
* Updating fast_tls to version 1.0.26.
Version 1.0.25
* Updating p1_utils to version 1.0.13.
* Updating fast_tls to version 1.0.25.
Version 1.0.24
* Updating fast_tls to version f36ea5b74526c2c1c9c38f8d473168d95804f59d.
* Updating p1_utils to version 6ff85e8.
upstream changes:
-----------------
Version 1.5.1
* Fix issues with scram *-PLUS
Version 1.5.0
* Updating p1_utils to version 1.0.21.
* Updating stringprep to version 1.0.24.
* Updating fast_tls to version 1.1.10.
* Updating fast_xml to version 1.1.45.
* Add support for scram-sha-256/512-{plus}
Version 1.4.10
* Updating ezlib to version 1.0.9.
* Updating fast_tls to version 1.1.9.
* Updating fast_xml to version 1.1.44.
* Updating stringprep to version 1.0.23.
* Add support for MAM Flipped Pages
* Exclude old OTP releases from Travis
* Support building specs with rebar3
Version 1.4.9
* Updating p1_utils to version 1.0.20.
* Updating fast_xml to version 1.1.43.
* Updating fast_tls to version 1.1.8.
* Updating stringprep to version 1.0.22.
Version 1.4.8
* Fixes to compile with Erlang/OTP 23.0
* updating ezlib to version 1.0.8.
* updating fast_tls to version 1.1.7.
* updating fast_xml to version 1.1.42.
* updating stringprep to version 1.0.21.
* Replace bad-protocol sasl errors with not-authorized
* Add Travis setup, and set Erlang/OTP 19.0 as lowest supported version
Version 1.4.7
* Updating fast_tls to version 1.1.6.
* Updating p1_utils to version 1.0.19.
* Updating fast_xml to version 1.1.41.
* Updating stringprep to version 1.0.20.
* Fix compatibility issues with Erlang 23
Version 1.4.6
* Updating fast_tls to version 1.1.5.
* Updating fast_xml to version 1.1.40.
* Recognize elements from XEP-0215 (External Service Discovery)
* Limit usage of synchronously terminating session, as is can cause problems with handling of queued messages
Version 1.4.5
* Updating ezlib to version 1.0.7.
* Updating fast_tls to version 1.1.4.
* Updating fast_xml to version 1.1.39.
* Updating p1_utils to version 1.0.18.
* Updating stringprep to version 1.0.19.
* Update copyright year
Version 1.4.4
* Fix handling of infinity values in couple places
* Declare namespace for "urn:xmpp:carbons:rules:0"
Version 1.4.3
* Updating fast_tls to version 1.1.3.
* Updating stringprep to version 1.0.18.
* Updating fast_xml to version 1.1.38.
* Updating p1_utils to version 1.0.17.
Version 1.4.2
* Fix incorrect return type
Version 1.4.1
* Add support for jid-prep
* Improve handling of IDNA
Version 1.4.0
* Updating fast_tls to version 1.1.2.
* Updating fast_xml to version 1.1.37.
* Updating stringprep to version 1.0.17.
* Updating p1_utils to version 1.0.16.
* Update type specs
* Improve xdata compiler
* Add support for CAPTCHA data forms (XEP-0158)
* Accept certificates without XmppAddr fields
* Improve xmpp_socket:get_peer_certificate/2
* Update pubsub#metadata form
Version 1.3.4
* Updating ezlib to version 1.0.6.
* Updating fast_tls to version 1.1.1.
* Updating fast_xml to version 1.1.36.
* Updating p1_utils to version 1.0.15.
* Updating stringprep to version 1.0.16.
Version 1.3.3
* Allow muc_subscriber element to have jid or nick attribute
* Add support for XEP-0417
* Add get_subtags/2 and try_subtags/2
Version 1.3.2
* Release from correct branch
Version 1.3.1
* Updating ezlib to version 1.0.5.
* Updating fast_tls to version 1.1.0.
* Updating fast_xml to version 1.1.35.
* Updating p1_utils to version 1.0.14.
* Updating stringprep to version 1.0.15.
* Add contribution guide
* Encode by attribute in stanza_error
Version 1.3.0
* Introduce 'ignore_unknown' xdata codec option
* Add support for decoding language tags generated by Cisco Jabber
* Add support for latest MIX version and MIX-PAM (XEP-0405)
Version 1.2.8
* Improve building with rebar3 and hex packaging
Version 1.2.7
* Add code required for proxy protocol support
Version 1.2.6
* Updating fast_tls to version 1.0.26.
* Add support for XEP-0048 and XEP-0411
* Add logging of data transmited over xml sockets
* Add functions for processing white space pings
* Validate xml:lang values
* Fix encoding of timestamp with negative TZ offsets
Version 1.2.5
* Update packaging for hex
Version 1.2.4
* Updating fast_xml to version 1.1.34.
* Updating stringprep to version 1.0.14.
* Updating p1_utils to version 1.0.13.
* Updating fast_tls to version 1.0.25.
Version 1.2.3
* Updating fast_tls to version f36ea5b74526c2c1c9c38f8d473168d95804f59d.
* Updating fast_xml to version 1.1.33.
* Updating p1_utils to version 1.0.13.
* Updating stringprep to version 1.0.13.
* Added handling for xeps: 319, 047, 261, 260, 234, 300, 166
* Refactor of xmpp_socket
2.3.4
- MINOR: reg-tests: add a way to add service dependency
- BUG/MINOR: sample: check alloc_trash_chunk return value in concat()
- BUG/MINOR: reg-tests: fix service dependency script
- MINOR: reg-tests: add base prometheus test
- Revert "BUG/MINOR: dns: SRV records ignores duplicated AR records"
- BUG/MINOR: sample: Memory leak of sample_expr structure in case of error
- BUG/MINOR: check: Don't perform any check on servers defined in a frontend
- BUG/MINOR: init: enforce strict-limits when using master-worker
- MINOR: contrib/prometheus-exporter: avoid connection close header
- MINOR: contrib/prometheus-exporter: use fill_info for process dump
2.3.3
- MINOR: plock: use an ARMv8 instruction barrier for the pause instruction
- BUG/MEDIUM: lists: Lock the element while we check if it is in a list.
- MINOR: task: remove __tasklet_remove_from_tasklet_list()
- BUG/MEDIUM: task: close a possible data race condition on a tasklet's list link
- BUG/MEDIUM: local log format regression.
- BUG/MINOR: mux-h2/stats: make stream/connection proto errors more accurate
- BUG/MINOR: mux-h2/stats: not all GOAWAY frames are errors
- BUG/MINOR: lua: missing "\n" in error message
- BUG/MINOR: lua: lua-load doesn't check its parameters
- BUG/MINOR: lua: Post init register function are not executed beyond the first one
- BUG/MINOR: lua: Some lua init operation are processed unsafe
- MINOR: actions: Export actions lookup functions
- MINOR: actions: add a function returning a service pointer from its name
- MINOR: cli: add a function to look up a CLI service description
- BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times
- BUG/MAJOR: ring: tcp forward on ring can break the reader counter.
- BUILD/MINOR: haproxy DragonFlyBSD affinity build update.
- DOC/MINOR: Fix formatting in Management Guide
- BUG/MINOR: listener: use sockaddr_in6 for IPv6
- BUG/MINOR: mux-h1: Handle keep-alive timeout for idle frontend connections
- MINOR: protocol: add a ->set_port() helper to address families
- MINOR: listener: automatically set the port when creating listeners
- MINOR: listener: now use a generic add_listener() function
- MEDIUM: ssl: fatal error with bundle + openssl < 1.1.1
- BUG/MAJOR: spoa/python: Fixing return None
- DOC: spoa/python: Fixing typo in IP related error messages
- DOC: spoa/python: Rephrasing memory related error messages
- DOC: spoa/python: Fixing typos in comments
- BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations
- BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails
- BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments
- BUG/MEDIUM: spoa/python: Fixing references to None
- DOC: email change of the DeviceAtlas maintainer
- BUG/MINOR: http-check: Use right condition to consider HTX message as full
- BUG/MINOR: tcpcheck: Don't rearm the check timeout on each read
- MINOR: tcpcheck: Only wait for more payload data on HTTP expect rules
- BUG/MINOR: tools: make parse_time_err() more strict on the timer validity
- BUG/MINOR: tools: Reject size format not starting by a digit
- BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight
- BUG/MEDIUM: ssl/crt-list: bad behavior with "commit ssl cert"
- REGTESTS: make use of HAPROXY_ARGS and pass -dM by default
- BUILD: SSL: fine guard for SSL_CTX_add_server_custom_ext call
- BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well
- BUG/MINOR: mux-h1: Don't set CS_FL_EOI too early for protocol upgrade requests
- BUG/MEDIUM: http-ana: Never for sending data in TUNNEL mode
- BUG/MEDIUM: mux-h1: Handle h1_process() failures on a pipelined request
- CONTRIB: halog: fix build issue caused by %L printf format
- CONTRIB: halog: mark the has_zero* functions unused
- CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps
- CONTRIB: debug: address "poll" utility build on non-linux platforms
- BUILD: plock: remove dead code that causes a warning in gcc 11
- BUILD: ssl: fine guard for SSL_CTX_get0_privatekey call
- BUG/MINOR: dns: SRV records ignores duplicated AR records
- DOC: fix "smp_size" vs "sample_size" in "log" directive arguments
- BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup
- BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h
- MINOR: atomic: don't use ; to separate instruction on aarch64.
- BUG/MINOR: sink: Return an allocation failure in __sink_new if strdup() fails
- BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails
- BUG/MINOR: tcpcheck: Report a L7OK if the last evaluated rule is a send rule
- DOC: Improve the message printed when running `make` w/o `TARGET`
- BUG/MINOR: stats: Make stat_l variable used to dump a stat line thread local
- SCRIPTS: improve announce-release to support different tag and versions
- SCRIPTS: make announce release support preparing announces before tag exists
- BUG/MINOR: srv: do not init address if backend is disabled
- BUG/MINOR: srv: do not cleanup idle conns if pool max is null
- MINOR: converter: adding support for url_enc
- BUILD: Makefile: exclude broken tests by default
- CLEANUP: cfgparse: replace "realloc" with "my_realloc2" to fix to memory leak on error
- MINOR: contrib/prometheus-exporter: export build_info
- DOC: fix some spelling issues over multiple files
- SCRIPTS: announce-release: fix typo in help message
- DOC: Add maintainers for the Prometheus exporter
- BUG/MINOR: sample: fix concat() converter's corruption with non-string variables
erlang-idna is a pure Erlang IDNA implementation that follows the RFC5891. This addition is motivated by the fact it is a dependency for the last releases of erlang-xmpp.
RabbitMQ 3.8.9 is a maintenance release.
It focuses on bug fixes and usability improvements.
RabbitMQ 3.8.8 is a maintenance release.
It focuses on bug fixes and usability improvements.
This releases introduces a new node operation mode, called the maintenance mode.
This feature is useful when performing rolling upgrades and is covered
in more detail below.
RabbitMQ 3.8.7 is a maintenance release that patches
a security vulnerability.
RabbitMQ 3.8.6 is a maintenance release.
It focuses on bug fixes and usability improvements.
RabbitMQ 3.8.5 is a maintenance release.
It focuses on bug fixes and usability improvements.
RabbitMQ 3.8.4 is a maintenance release. It focuses on bug fixes and usability
improvements. etcd peer discovery plugin includes potentially breaking changes which are covered in detail below.
Packaged by Edgar Fuß for pkgsrc-wip.
Icinga 2 is an open source monitoring system which checks the
availability of your network resources, notifies users of outages,
and generates performance data for reporting.
Scalable and extensible, Icinga 2 can monitor large, complex
environments across multiple locations.
1.18.214
api-change:frauddetector: Update frauddetector command to latest version
api-change:personalize: Update personalize command to latest version
1.18.213
api-change:elasticache: Update elasticache command to latest version
api-change:lightsail: Update lightsail command to latest version
api-change:auditmanager: Update auditmanager command to latest version
api-change:appstream: Update appstream command to latest version
api-change:ssm: Update ssm command to latest version
1.18.212
api-change:rds: Update rds command to latest version
api-change:kms: Update kms command to latest version
1.16.54
api-change:frauddetector: [botocore] Update frauddetector client to latest version
api-change:personalize: [botocore] Update personalize client to latest version
1.16.53
api-change:appstream: [botocore] Update appstream client to latest version
api-change:auditmanager: [botocore] Update auditmanager client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:lightsail: [botocore] Update lightsail client to latest version
1.16.52
api-change:rds: [botocore] Update rds client to latest version
api-change:kms: [botocore] Update kms client to latest version
1.19.54
api-change:frauddetector: Update frauddetector client to latest version
api-change:personalize: Update personalize client to latest version
1.19.53
api-change:appstream: Update appstream client to latest version
api-change:auditmanager: Update auditmanager client to latest version
api-change:ssm: Update ssm client to latest version
api-change:elasticache: Update elasticache client to latest version
api-change:lightsail: Update lightsail client to latest version
1.19.52
api-change:rds: Update rds client to latest version
api-change:kms: Update kms client to latest version
Release v1.34.1
This is release 1.34.1 (gauntlet) of gRPC Core.
For gRPC documentation, see grpc.io. For previous releases, see Releases.
This release is a patch specifically for Python and C#, which adds three backported PRs:
Backport "Fix visibility of libprotobuf symbols in protoc_compiler.so on Mac" to 1.34.x
Backport "Lazily import grpc_tools when using runtime stub/message generation" to 1.34.x
Backport "do not use <PublicSign>true</PublicSign> on non-windows" to 1.34.x
0.2.11 (2020-09-30)
Merged Pull Requests
* Remove redundant encoding comments #22 (tas50)
* Add winrm-shell-type option and winrm elevated shell #25 (catriona1)
* Add validation to winrm shell type option #28 (catriona1)
* Allow timeout option for WinRM commands #27 (james-stocks)
* Correct minor spelling mistakes #23 (tas50)
No release note for from 0.2.7 to 0.2.10 but these seems to various fixes.
3.4.7 (2021-01-11)
Merged Pull Requests
* Update chefstyle requirement from 1.5.7 to 1.5.9 #654
(dependabot-preview[bot])
* Update google API upper constraints to allow Ruby 3 #656 (clintoncwolfe)
* Test on ruby 3.0, drop testing on ruby 2.4 #657 (clintoncwolfe)
3.4.4 (2020-12-14)
Merged Pull Requests
* Update parallel requirement from < 1.20.0 to < 1.21.0 #651
(dependabot-preview[bot])
* Update chefstyle requirement from 1.5.0 to 1.5.7 #652
(dependabot-preview[bot])
* Use IdentitiesOnly only when keys are present #650 (drbrain)
3.4.1 (2020-12-07)
Merged Pull Requests
* Change timeout log entry to debug #643 (james-stocks)
* Update chefstyle requirement from 1.4.5 to 1.5.0 and pin parallel for
ruby 2.4 #648 (dependabot-preview[bot])
* Support unpacking train options from URI query values #642 (lamont-granquist)
* Make :forward_agent a valid SSH option #649 (drbrain)
3.3.27 (2020-10-19)
Merged Pull Requests
* Check stdout even when exit_status is 0, and handle JSON.parse exception
#601 (CodesWhisperer)
* Update chefstyle requirement from 1.3.2 to 1.4.5 #646
(dependabot-preview[bot])
* Use the build in Expeditor gem caching #647 (tas50)
v3.3.24 (2020-09-30)
Merged Pull Requests
* Further optimize requires for external libraries #639 (tas50)
* Update chefstyle requirement from 1.2.1 to 1.3.2 #634
(dependabot-preview[bot])
* Allow timeout option per ssh command #625 (james-stocks)
checking whether -latomic is needed for __atomic builtins... configure: error: in `/scratch/work/net/powerdns/work/pdns-4.4.0':
configure: error: libatomic needed, but linking with -latomic failed, cannot continue
Changelog:
* Noteworthy changes in release 1.21.1 (2021-01-09)
** Fix compilation on MacOS and Solaris 9
** Resove bashism from configure.ac
** Fix a compilation warning on 32-bit systems
- Can be built against OpenSSL + libretls.
- execline is now optional.
- s6-tlsc and s6-tlsd rewrite. They're now wrappers around new
binaries: s6-tlsc-io and s6-tlsd-io, which establish and run a
TLS tunnel over already existing fds.
- New functionality: s6-ucspitlsc and s6-ucspitlsd, for an
implementation of delayed encryption.
pkgsrc changes:
- Switch from BearSSL to LibreTLS (atop OpenSSL).
- Turn 'execline' option off by default.
2.0.7 (2020-11-19)
* Add missing padding to request packets
* Land #166, Add missing padding to Netlogon request packets
2.0.6 (2020-09-23)
* Fix Trans2 response data block
* Remove unicode encoding in SMB1 File#rename
* Fix example file permissions
* Update specs
* Land #165, Fix SMB1 Trans2 response packets
2.0.5 (2020-09-21)
* Add the first two necessary requests for exploiting CVE-2020-1472
* Add responses and fix a bug in the NetlogonCredential type
* Add the function to calculate the session key
* Use a string instead of an int array for credential data
* Fix some typos in the documentation that could have been confusing
* Add proper data type definitions for Netlogon
* Fix some Netlogon data definitions and register the service
* Add the NetrServerPasswordSet2 request / response definitions
* Add rspec unit tests for the netlogon request / response definitions
* Implement a WarnNoReadLengthPlugin for the NdrFixedByteArray
* Land #164, Minimal Netlogon Implementation For CVE-2020-1472 (AKA:
Zerologon)
2.3.18 (2020-12-17)
* DCA-22255 Add low certainty to IIS 10 fingerprint to prevent trumping
better system fingerprints
2.3.17 (2020-12-08)
Highlights:
* DNS: Fingerprint for Windows 2003 (#298)
* CPE: Improved generation, standardization, and updates (#301, #303)
* BUG: Fix issue preventing recog_standardize from working (#302)
Changes of note:
* All values for hw.device and os.device have been converted to Title Case
* All hw.device and os.device instances of Web cam and Web Cam are now IP
Camera
* All hw.device and os.device instances of POS are now Point of Sale
2.3.16 (2020-11-06)
Highlights:
* DNS: Extract Microsoft DNS build (#297)
2.3.15 (2020-10-22)
Highlights:
* SNMP: Siemens fingerprint corrections (#286, #291)
* SNMP: SonicWall fingerprint addition (#293)
Net::LDAP 0.17.0 (2020-11-30)
* Added private recursive_delete as alternative to DELETE_TREE #268
* Test suite updates #373#376#377
* Use Base64.strict_encode64 and SSHA256 #303
* Remove deprecated ConnectionRefusedError #366
* Added method to get a duplicate of the internal Hash #286
* remove a circular require #380
* fix LdapServerAsnSyntax compile #379
* Implement '==' operator for entries #381
* fix for undefined method for write exception #383
