Add gssapi option (default off)
Changes in libsoup from 2.53.92 to 2.54.0.1:
* (2.54.0.1 fixes a build problem with the 2.54.0 tarball,
which would not build if you configured with
"--without-gnome". There are no other changes between 2.54.0
and 2.54.0.1.)
* Fixed examples/simple-httpd on Windows [#758759, Chun-wei
Fan]
Changes in libsoup from 2.53.90 to 2.53.92:
* libsoup now supports HTTP "Negotiate"/GSSAPI/Kerberos
authentication. It must be enabled specifically by the
application and is also subject to certain other
restrictions, some of which are not yet controllable through
the API. [#587145, Guido Guenther, Tomas Popela, David
Woodhouse, Dan Winship]
* Added support for building under MSVC [#758759, Chun-wei
Fan]
* Fixed a problem with the 2.53.90 tarball that caused
translations to be mis-installed.
* Updated translations:
Occitan
Changes in libsoup from 2.53.2 to 2.53.90:
* NUL bytes in headers are now ignored [#760832, Dan Winship]
* Fixed transfer annotation of soup_form_decode* functions
[#743966, Lionel Landwerlin]
* Updated translations:
Bulgarian, Latvian, Norwegian bokmål
Changes in libsoup from 2.53.1 to 2.53.2:
* Fixed up symbol visibility handling for mingw by copying
GLib's system [Ignacio Casal Quinteiro, #757146]
* Finally marked the old SoupSessionAsync and SoupSessionSync
methods as deprecated [Ignacio Casal Quinteiro, Dan Winship,
#757146]
* Added libsoup-2.4.deps for valac [Rico Tzschichholz]
* Make it possible to build from git without gtk-doc being
installed [Ignacio Casal Quinteiro]
* Updated translations:
Norwegian bokmål, Occitan
Changes in libsoup from 2.52.1 to 2.53.1:
* Really fixed build under MinGW for sure this time [Ignacio
Casal Quinteiro]
* Fixed SoupServer Web Sockets code so that the
SoupClientContext passed to a SoupServerWebsocketCallback is
fully usable (rather than crashing when you try to do most
things).
2.48.0
======
* New stable release. (No changes since 2.47.90)
2.47.90
=======
* gnutls: The non-PKCS#11 TLS plugin now uses gnutls's certificate
validation code directly, rather than attempting to build a
certificate chain itself first. [#753260 and others, Dan Winship]
* gnutls: Fixed a leak when closing a connection during an implicit
handshake [#736809, Philip Withnall]
* gnutls: Fixed "make check" without PKCS#11 support [#728977,
Gilles Dartiguelongue]
* gnutls: Various changes in preparation for DTLS support (but not
the actual DTLS support itself) [#697908, #735754, Philip
Withnall, Olivier Crête]
* Updated translations: Occitan
2.47.1
======
* Fixed a certificate chain validation problem that affected
Facebook in Epiphany. [#750457, Carlos Garcia Campos]
* Added a systemd service file for glib-pacrunner [#755740, Simon
McVittie]
2.46.0
======
* Various minor cleanups and small memory leak fixes
* Added a new test case for client certificate chain handling
[#754129, Michael Catanzaro]
* New/updated translations:
Japanese, Occitan, Portuguese
2.45.1
======
* tls/gnutls: Implement g_tls_client_connection_copy_session_state(),
to allow implementing FTP-over-TLS in gvfs. (#745255, Ross
Lagerwall)
2.44.0
======
* New stable release. (No changes since 2.43.92)
2.43.92
=======
* Fix TLS session caching when using session tickets (#745099, Ross
Lagerwall)
* Updated translations:
Bosnian
2.43.91
=======
* tls/gnutls: Removed a workaround for connecting to servers with
weak DH parameters, which was apparently only needed because
gnutls was prioritizing DHE over RSA. (Michael Catanzaro)
(https://bugzilla.redhat.com/show_bug.cgi?id=1177964#c8)
* tls/gnutls: We now require gnutls 3.x again. (In fact, 2.42.1
and 2.43.1 accidentally used a 3.x-only function, so we already
required it, we were just failing to declare that fact.)
* tls/tests: Skip certain tests when running against old gnutls or
GLib releases. (glib-networking 2.43.91 itself does not require
GLib 2.43, but one of the test cases does.)
* Updated translations:
Friulian
2.43.1
======
* The GTlsClientConnection "use-ssl3" property now falls back to TLS
1.0 if SSL 3.0 has been disabled, rather than just failing. Also,
we now use the gnutls %LATEST_RECORD_VERSION option by default (to
allow connecting to certain servers that were incorrectly patched
for the POODLE attack), but also make sure to remove that option
in the fallback ("use-ssl3") mode (to allow connecting to other
servers that are differently broken). (#738633, #740087, Dan
Winship)
* tls/gnutls: Miscellaneous warning, debugging, and leak fixes
(#736757, #736809, #737106, Philip Withnall)
* New/updated translations:
Kazakh
2.42.0
======
* New stable release. (No changes since 2.41.92)
2.41.92
=======
* tls/gnutls: Incorrectly-ordered certificate chains are now
accepted (#683266, Michael Catanzaro)
* tls/gnutls: Closing an already-closed GTlsConnection now correctly
returns TRUE rather than G_IO_ERROR_CLOSED (#735754, Olivier
Crête)
2.41.4
======
* tls/gnutls: certificates with IP address subject altnames are now
supported (#726596, Aleix Conchillo Flaqué)
* tls/tests: added a script to re-generate the certificates, and
regenerated them (since the key for the existing CA certificate
had been lost, so it wasn't possible to add new test certificates,
eg, for IP SAN). (#733365, Aleix Conchillo Flaqué)
* Updated translations:
Greek
2.41.3
======
* tls/gnutls: g_tls_backend_get_default_database() should never
return %NULL; if glib-networking was built without a
ca-certificates file, then the default GTlsDatabase should just be
empty. (#727282, Olivier Crête)
* tls/gnutls: If a server's certificate includes an issuer chain, we
now send the entire chain to the client. (#724708, Aleix Conchillo
Flaqué)
* Updated translations:
Swedish
2.40.0
======
* New stable release. (No changes since 2.39.90)
2.39.90
=======
* tls/gnutls: Avoid trying to update a destroyed GSource (#723774,
Philip Withnall)
* tls/tests: Fix another flaky test (#722336)
* tests: use the TAP driver
* Updated translations:
Chinese, Czech
2.39.3
======
* tls/tests: Fix one sporadic bug in the connection test (#720081)
and make it properly fail rather than hanging forever when another
sporadic bug happens (which I don't actually know the cause of)
(#719727)
* tls/gnutls: Fix for -Werror=format-nonliteral (#720081, Ryan
Lortie)
2.39.1
======
* tls/gnutls: Use g_tls_interaction_invoke_request_certificate()
when processing a certificate request. (#637257, Stef Walter)
* tls/gnutls: Handle G_IO_ERROR_TIMED_OUT on a GTlsConnection
correctly rather than reporting "The specified session has
been invalidated for some reason". (#710700, Aleix Concillo
Flaque)
* tls/tests: Fix to previous installed-tests fix, which resulted
in some files getting installed even when installed tests weren't
enabled. (#710197)
* tls/tests: add a test for a fix made in glib (#710691, Aleix
Conchillo Flaque).
2.38.1
======
* glibpacrunner: Don't crash if there is an internal libproxy error.
(rhbz #866927)
* tls/tests: Fix installed tests to not accidentally depend on
having the source tree still exist. (#709628)
* Updated translations:
Tajik
2.38.0
======
* New stable release. (No changes since 2.37.5)
2.37.5
======
* gnutls: minimum version is now 2.12.8 (with 3.x preferred...)
* glib-networking now supports the --enable-installed-tests flag, to
install its test programs to run at other times (ie, after
updating glib)
2.37.4
======
* proxy/gnome: further improve GNOME session detection (#701377)
* gnutls: don't crash if $G_TLS_GNUTS_PRIORITY is invalid (#701693)
2.37.2
======
* proxy/gnome: Improve session-type detection to include
gnome-classic and anything else starting with "gnome" (#700607,
Giovanni Campagna)
* proxy/libproxy: make SOCKS work when using the async API (#699359,
Dan)
* proxy/tests: make the libproxy test program use the just-built
plugin rather than the installed one. Oops (#700286, Iain Lane)
* proxy/tests: fix to not error out if neither proxy module is built
(#700628, Dan)
* tls/tests: fix a sporadic crash (Dan)
2.37.1
======
* gnutls: Fixed a bug that could cause hangs and/or bursts of CPU
usage in some cases. (#696881, Olivier Crête)
* gnutls: Fixed CFLAGS when building with gnutls in a different
prefix. (#696519, Emmanuel Pacaud)
* gnutls: Fixed a hang while rehandshaking with gnutls 3.x (#695062,
Dan)
* gnutls: Fixed a handshaking crash in multithreaded use (#697754,
Olivier Crête)
* proxy/gnome: Fix "automatic" mode, which was mistakenly being
treated as "none" (Dan)
* proxy/gnome: Use this in Unity sessions as well as GNOME ones.
(#698936, Iain Lane)
* New/Updated translations:
Friulian, Indonesian, Turkish
Changes:
9 April 2016: mitmproxy 0.17
* Simplify repository and release structure. mitmproxy now comes as a single package, including netlib and pathod.
* Rename the Python package from libmproxy to mitmproxy.
* New option to add server certs to client chain (CVE-2016-2402, John Kozyrakis)
* Enable HTTP/2 by default (Thomas Kriechbaumer)
* Improved HAR extractor (Shadab Zafar)
* Add icon for OSX and Windows binaries
* Add content view for query parameters (Will Coster)
* Initial work on Python 3 compatibility
* locust.io export (Zohar Lorberbaum)
* Fix XSS vulnerability in HTTP errors (Will Coster)
* Numerous bugfixes and minor improvements
* Support iSNS, RFC4174
* Fix Prefix Delegation with SLA 0 and warn that it's not
really RFC compliant
* Fix build with --disable-embedded
* On an IPv4LL defence, an ARP announcement is now sent in
accordance with RFC 3927 Section 2.5
dhcpcd-6.10.2 had the following changes:
* Add fix for CVE-2014-7913.
* eloop performance and API improvements.
* Don't send a blank hostname.
* Prefix Delegation default value fixes.
* Prefix Delegation suffix is now configurable.
* dhcpcd.conf now allows embedded comments.
* IPv6 static address support.
* ipv6ra_accept_nopublic has been removed, all prefixes now accepted.
* Support RTF_CONNECTED on NetBSD.
* Fix compile on older platforms which lack O_CLOEXEC.
Thanks to OBATA Akio.
* Remove pidfile handling from dhcpcd and use pidfile_lock(3).
If not available, use a compat shim.
* Fix ignoring messages sent to the kernel and receive via another one
on Linux.
* Fix changing routes on BSD.
4.079 Fri Mar 25 16:18:26 PDT 2016
correct non-suppression of leading zeros in certain instances of
new_no use. Thanks to "Mike Bartman (mbartman)" <mbartman@cisco.com>
for spotting the bug.
put in missing code to propagate NetAddr::IP::Lite :nofqdn to IP.pm
GStreamer 1.8.0 was released on 24 March 2016.
The GStreamer team is proud to announce a new major feature release
in the stable 1.x API series of your favourite cross-platform
multimedia framework!
As always, this release is again packed with new features, bug fixes
and other improvements.
See https://gstreamer.freedesktop.org/releases/1.8/ for the latest
version of this document.
Highlights
Hardware-accelerated zero-copy video decoding on Android
New video capture source for Android using the android.hardware.Camera
API
Windows Media reverse playback support (ASF/WMV/WMA)
New tracing system provides support for more sophisticated
debugging tools
New high-level GstPlayer playback convenience API
Initial support for the new Vulkan API, see Matthew Waters'
blog post for more details
Improved Opus audio codec support: Support for more than two
channels; MPEG-TS demuxer/muxer can now handle Opus; sample-accurate
encoding/decoding/transmuxing with Ogg, Matroska, ISOBMFF
(Quicktime/MP4), and MPEG-TS as container; new codec utility
functions for Opus header and caps handling in pbutils library.
The Opus encoder/decoder elements were also moved to gst-plugins-base
(from -bad), and the opus RTP depayloader/payloader to -good.
GStreamer VAAPI module now released and maintained as part of
the GStreamer project
Asset proxy support in the GStreamer Editing Services
=== Transmission 2.92 (2016/03/06) ===
[http://trac.transmissionbt.com/query?milestone=2.92&group=component&order=severity All tickets closed by this release]
==== Mac Client ====
* Build OSX.KeRanger.A ransomware removal into the app
=== Transmission 2.91 (2016/03/06) ===
[http://trac.transmissionbt.com/query?milestone=2.91&group=component&order=severity All tickets closed by this release]
==== All Platforms ====
* Fix Makefile.am to include Windows patches into source archive
* Fix miniupnpc script to handle spaces and other special chars in paths
==== Mac Client ====
* Prevent crash during group rules removal in some cases
* Fix failure to remove seeding completion notifications from notification center
* Show main window and scroll to torrent on notification click
* Fix issue on Yosemite where peers view didn't occupy all the available space when web seed view was hidden
==== Qt Client ====
* Fix existing running instance detection and torrents delegation when using DBus
==== Daemon ====
* Fix building on Windows x86
* Add `--blocklist-update` argument description to transmission-remote man page
* Use `-rad` as short form of `--remove-and-delete` option in transmission-remote
=== Transmission 2.90 (2016/02/28) ===
[http://trac.transmissionbt.com/query?milestone=2.90&group=component&order=severity All tickets closed by this release]
==== All Platforms ====
* Fix renaming torrent files with common prefix
* Fix some more thread safety bugs in the tr_list datatype
* Fix infinite loop when removing torrent data
* Add support for CyaSSL/WolfSSL and PolarSSL cryptographic backends; bump OpenSSL minimum to v0.9.7
* Initial CMake build system support
* Many improvements to support Windows builds with MSVS and MinGW; drop XP/2003 support, only Vista and up now
* Allow building against system UTP and DHT libraries
* Fix several memory leaks and buffer overflows
* Support miniupnpc API v14
* Fix "prefetch-enabled" value type in settings.json (boolean instead of integer)
* Fix some issues discovered by static analysis (cppcheck, coverity)
* Fix invalid JSON encoding for non-printable characters
* Fix multi-threaded locale use when encoding/decoding JSON data
* Fix encrypted communication with libevent 2.1+
* Prevent completed pieces modification by webseeds
* Require absolute paths in RPC requests
* Fix and unify torrent origin display in GTK+, Qt and web clients
* Fix crash on session shutdown (evdns_getaddrinfo_cancel)
* Retry if RPC server fails to bind to specified address
* Improve error checking on metadata retrieval
* Improve UTF-8 validity checking (merge changes from LLVM)
* Don't build transmission-cli by default (it's long deprecated)
==== Mac Client ====
* UI fixes for OS X 10.9+
* Trim potential URIs from clipboard
* Allow downloading files from http servers (not https) on OS X 10.11+
* Change Sparkle Update URL to use HTTPS instead of HTTP (addresses Sparkle vulnerability)
* Fix global options popover layout
* Fix building with Xcode 7+
* Drop OS X 10.6 support
==== GTK+ Client ====
* Fix overshoot and undershoot indicators display with GTK+ 3.16+ in main window
* Don't require DISPLAY if started with `--version` argument
==== Qt Client ====
* Improve performance in Torrent Properties dialog for torrents with lots of files
* Prevent entering file renaming mode with mouse double-click
* Add context menu on files tab of Torrent Properties dialog resembling that of Mac client
* Remove torrent file from watch directory even if "show options dialog" is not set
* Use theme-provided icons in system tray and About dialog
* Fix initial watch directory scan
* Improve filter bar look and feel; lots of other small visual fixes; RTL layout fixes
* Show message to the user when duplicate torrent is being added
* Improve magnets handling in main window
* Display notifications via tray icon if D-Bus is not available
* Show notice on top of filtered torrents list; clear whole filter on notice double-click
* Add proper compiler flags to indicate C++11 use
* Fix translation files loading
* Add Chinese (China), German, Indonesian, Italian (Italy), Korean, Polish (Poland), Ukrainian translations; update existing translations
==== Daemon ====
* Run as service on Windows when in background mode
* Rework directory watching, add support for native mechanisms on BSD/Darwin (kqueue) and Windows (ReadDirectoryChanges)
* Don't make assumptions of remote path validity in transmission-remote
==== Web Client ====
* Content Security Policy enhancements
* Enable "resume now" for queued torrents
* Mark appropriate fields in preferences dialog as HTML5 number fields
* Update to jQuery 1.11.2, jQueryUI 1.11.4; use jQueryUI menus instead of custom ones
Twisted Web 16.1.1 (2016-04-08)
===============================
Bugfixes
--------
- twisted.web.http.Request once again has a reference to the
HTTPFactory which created it, the absence of which was preventing
log messages from being created. (#8272)
Twisted Core 16.1.0 (2016-04-04)
================================
Features
--------
- twisted.application.internet.ClientService, a service that
maintains a persistent outgoing endpoint-based connection; a
replacement for ReconnectingClientFactory that uses modern APIs.
(#4735)
- Twisted now uses setuptools' sdist to build tarballs. (#7985)
Bugfixes
--------
- Twisted is now compatible with OpenSSL 1.0.2f. (#8189)
Other
-----
- #4543, #8124, #8193, #8210, #8220, #8223, #8226, #8242
Twisted Conch 16.1.0 (2016-04-04)
=================================
Features
--------
- twisted.conch.checkers is now ported to Python 3. (#8225)
- twisted.conch.telnet is now ported to Python 3. (#8228)
- twisted.conch.manhole_ssh.ConchFactory (used by `twistd manhole`)
no longer uses a hardcoded SSH server key, and will generate a
persistent one, saving it in your user appdir. If you use
ConchFactory, you will now need to provide your own SSH server key.
(#8229)
Other
-----
- #8237, #8240
Twisted Web 16.1.0 (2016-04-04)
===============================
Features
--------
- twisted.web.http.Request.addCookie now supports both unicode and
bytes arguments, with unicode arguments being encoded to UTF-8.
(#8067)
Bugfixes
--------
- twisted.web.util.DeferredResource no longer causes spurious
"Unhandled error in Deferred" log messages. (#8192)
- twisted.web.server.site.makeSession now generates an uid of type
bytes on both Python 2 and 3. (#8215)
Other
-----
- #8238
Twisted Core 16.0.0 (2016-03-10)
================================
Features
--------
- todo parameter for IReporter.addExpectedSuccess and
IReporter.addUnexpectedSuccess is no longer required. If not
provided, a sensible default will be used instead. (#4811)
- A new string endpoint type, "tls:", allows for properly-verified
TLS (unlike "ssl:", always matching hostname resolution with
certificate hostname verification) with faster IPv4/IPv6
connections. This comes with an accompanying function,
twisted.internet.endpoints.wrapClientTLS, which can wrap an
arbitrary client endpoint with client TLS. (#5642)
- twisted.python.filepath.makedirs accepts an ignoreExistingDirectory
flag which ignore the OSError raised by os.makedirs if requested
directory already exists. (#5704)
- twisted.protocols.amp has been ported to Python 3. (#6833)
- twisted.internet.ssl.trustRootFromCertificates returns an object
suitable for use as trustRoot= to
twisted.internet.ssl.optionsForClientTLS that trusts multiple
certificates. (#7671)
- twisted.python.roots is now ported to Python 3. (#8131)
- twisted.cred.strports has been ported to Python 3. (#8216)
Bugfixes
--------
- Expected failures from standard library unittest no longer fail
with Trial reporters. (#4811)
- twisted.internet.endpoints.HostnameEndpoint.connect no longer fails
with an AlreadyCalledError when the Deferred it returns is
cancelled after all outgoing connection attempts have been made but
none have yet succeeded or failed. (#8014)
- twisted.internet.task.LoopingCall.withCount when run with internal
of 0, now calls the countCallable with 1, regardless of the time
passed between calls. (#8125)
- twisted.internet.endpoints.serverFromString, when parsing a SSL
strports definition, now gives the correct error message when an
empty chain file is given. (#8222)
Improved Documentation
----------------------
- The Twisted Project has adopted the Contributor Covenant as its
Code of Conduct. (#8173)
Deprecations and Removals
-------------------------
- twisted.internet.task.LoopingCall.deferred is now deprecated. Use
the deferred returned by twisted.internet.task.LoopingCall.start()
(#8116)
- twisted.internet.gtkreactor, the GTK+ 1 reactor deprecated since
Twisted 10.1, has been removed. This does not affect the GTK2,
GLib, GTK3, or GObject-Introspection reactors. (#8145)
- twisted.protocols.mice, containing a Logitech MouseMan serial
driver, has been deprecated. (#8148)
- The __version__ attribute of former subprojects (conch, mail,
names, news, pair, runner, web, and words) is deprecated in
preference to the central twisted.__version__. (#8219)
Other
-----
- #6842, #6978, #7668, #7791, #7881, #7943, #7944, #8050, #8104,
#8115, #8119, #8122, #8139, #8144, #8154, #8162, #8180, #8187,
#8220
Twisted Conch 16.0.0 (2016-03-10)
=================================
Features
--------
- twisted.conch now uses cryptography instead of PyCrypto for its
underlying crypto operations. (#7413)
- twisted.conch.ssh.keys is now ported to Python 3. (#7998)
Bugfixes
--------
- twisted.conch.ssh.channel.SSHChannel's getPeer and getHost methods
now return an object which provides IAddress instead of an old-
style tuple address. (#5999)
- twisted.conch.endpoint.SSHCommandClientEndpoint, when
authentication is delegated to an SSH agent, no longer leaves the
agent connection opened when connection to the server is lost.
(#8138)
Other
-----
- #7037, #7715, #8200, #8208
Twisted Web 16.0.0 (2016-03-10)
===============================
Features
--------
- twisted.web.http_headers._DictHeaders now correctly handles
updating via keyword arguments in Python 3 (therefore
twisted.web.http_headers is now fully ported to Python 3). (#6082)
- twisted.web.wsgi has been ported to Python 3. (#7993)
- twisted.web.http_headers.Headers now accepts both Unicode and
bytestring keys and values, encoding to iso-8859-1 and utf8
respectively. (#8129)
- twisted.web.vhost ported to Python 3. (#8132)
Bugfixes
--------
- twisted.web.http.HTTPChannel now correctly handles non-ascii method
name by returning 400. Previously non-ascii method name was causing
unhandled exceptions. (#8102)
- twisted.web.static.File on Python 3 now redirects paths to
directories without a trailing slash, to a path with a trailing
slash, as on Python 2. (#8169)
Deprecations and Removals
-------------------------
- twisted.web.http.Request's headers and request_headers attributes,
deprecated since Twisted 13.2, have been removed. (#8136)
- twisted.web.static.addSlash is deprecated. (#8169)
Other
-----
- #8140, #8182
* Release 0.11.0 (23-Mar-2016)
** Packaging Fixes
Foolscap now declares a dependency on "twisted[tls]" instead of just
"twisted": the "[tls]" extra means "we need Twisted and its TLS support".
That's how we ask for Twisted to depend upon service_identity and other
supporting packages. By using "[tls]", we no longer need to manually depend
upon service_identity ourselves. If Twisted switches to some other scheme for
TLS support, this will correctly ask for that to be included. (#249)
Note that we still depend on pyOpenSSL ourselves, because we need its code to
control certificate validation (if Twisted actually moved away from pyOpenSSL
for TLS, Foolscap might break altogether).
The Twisted dependency was updated to >=16.0.0 (the current version), to get
an important HostnameEndpoint fix (#155).
The "flogtool", "flappserver", and "flappclient" executables are now provided
as "entry_points" on all platforms, not just windows. The old bin/* scripts
have been removed. The "flogtool" entrypoint was fixed (a one-character typo
in the setup.py specification): apparently it was always broken on windows
and nobody noticed.
We now use "tox" to run tests, instead of "trial foolscap", although the
latter is still fine when run in a virtualenv into which Foolscap has been
installed (and is what "tox" does under the hood).
This release also moves all source code from "foolscap/" to "src/foolscap/",
which should avoid some confusion as to which code is being tested.
Developers who work from a git checkout should manually "rm -rf foolscap"
after pulling this change, because otherwise the leftover .pyc files are
likely to cause spurious test failures. (#250, #251)
** partial IPv6 support
Foolscap's outbound connections now use HostnameEndpoint, which means that
connection hints which contain DNS names which map to AAAA (and maybe A6)
records should successfully connect to those IPv6 addresses. There is not yet
any support to *listen* on IPv6 ports, so this probably does not enable IPv6
completely. But a client running this release may be able to connect to
server running some future IPv6-capable release and advertising v6-based
hostnames. (#155)
This fixes the Badlock bug (CVE-2016-2118) and others vulnerabilities:
o CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
o CVE-2016-2115 (SMB IPC traffic is not integrity protected)
o CVE-2016-2114 ("server signing = mandatory" not enforced)
o CVE-2016-2113 (Missing TLS certificate validation)
o CVE-2016-2112 (LDAP client and server don't enforce integrity)
o CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
o CVE-2016-0771 (Out-of-bounds read in internal DNS server)
o CVE-2015-5370 (Multiple errors in DCE-RPC code)
Added:
- SSL: peer certificate and hostname validation can now be
controlled separately using amqp_ssl_socket_set_verify_peer and
amqp_ssl_socket_set_verify_hostname.
- SSL: the desire SSL version range can now be specified using the
amqp_ssl_socket_set_ssl_versions function.
- Add flags to SSL examples on controlling hostname verification.
Changed:
- SSL: SSLv2, and SSLv3 have been disabled by default.
- SSL: OpenSSL hostname validation has been improved.
- Win32 debug information is built with /Z7 on MSVC to embed debug
info instead of using a .pdb
Fixed:
- Connection failure results in hang on Win32
- Rabbitmq-c may block when attempting to close an SSL socket
- amqp_parse_url does not correctly initialize default parameters
- x509 objects are leaked in verify_hostname
- TCP_NOPUSH doesn't work under cygwin
Deprecated
- SSL: amqp_ssl_socket_set_verify is being replaced by
- amqp_ssl_socket_set_verify_peer and
- amqp_ssl_socket_set_verify_hostname.
Removed:
- OpenVMS build system and related files.
- Unmaintained PolarSSL, CyaSSL, and gnuTLS SSL backends
libtelnet provides safe and correct handling of the core TELNET
protocol. In addition to the base TELNET protocol, libtelnet also
implements the Q method of TELNET option negotiation. libtelnet
can be used for writing servers, clients, or proxies.
v0.12.21
- lib/model: Correct handling of multiple subs when scanning (#2851, @calmh)
- lib/model: Properly handle deleting multiple files when doing scans with subs (#2851, @calmh)
- Clarify GUI stuff (#2819, @AudriusButkevicius)
- Increase contrast for readonly form controls in dark theme (#2820, @wweich)
- gui: Improve layout of footer on narrow screens (#2663, @calmh)
- lib/relay/client: Log relay client messages (#2624, @AudriusButkevicius)
- gui: Better accessibility for folder & device panels (#2288, @wweich)
v0.12.20
- Add priority,section and homepage to debian/control (Laurent Arnoud)
- Fix description-contains-tabs and improve description (Laurent Arnoud)
- gui: add a lock icon to the folder title for easy overview (fixes#2703) (@kralo)
- gui: add html tooltips (title) to the folder path and syncthing version elements (fixes#2758) (@kralo)
- systemd: Add syncthing-resume.service (@rumpelsepp)
- Only test with -race on supported platforms (fixes#2765) (@calmh)
o [Zenmap] Avoid file corruption in zenmap.conf, reported as files containing
many null ("\x00") characters. Example exception:
ValueError: unable to parse colour specification
o [NSE] VNC updates including vnc-brute support for TLS security type and
negotiating a lower RFB version if the server sends an unknown higher
version.
o [NSE] Added STARTTLS support for VNC, NNTP, and LMTP
o Added new service probes and match lines for OpenVPN on UDP and TCP.
probe that shows the network usage, similar to what the popular top Unix
command does. ntopng is based on libpcap and it has been written in a portable
way in order to virtually run on every Unix platform, MacOSX and on Windows as
well.
ntopng users can use a a web browser to navigate through ntop (that acts as
a web server) traffic information and get a dump of the network status. In
the latter case, ntopng can be seen as a simple RMON-like agent with
an embedded web interface. The use of:
* a web interface.
* limited configuration and administration via the web interface.
* reduced CPU and memory usage (they vary according to network size and traffic)
OpenDPI it includes ntop extensions. We have tried to push them into the OpenDPI
source tree but nobody answered emails so we have decided to create our own
source tree.
2016-03-23 Hajimu UMEMOTO <ume@mahoroba.org>
* Socket6.pm: Bump version number to 0.27.
2016-03-22 Hajimu UMEMOTO <ume@mahoroba.org>
* t/use.t: We still supports an environment where AF_INET6 is not
defined.
2016-03-17 Hajimu UMEMOTO <ume@mahoroba.org>
* Socket6.pm: Bump version number to 0.26.
* Makefile.PL: Make Socket6 buildable on Android. [cpan #98181]
Submitted by: fraserbn [...] gmail.com
* system inet_ntop broken in darwin. [cpan #113005]
Submitted by: RURBAN [...] cpan.org
2015-12-05 Hajimu UMEMOTO <ume@mahoroba.org>
* gailookup.pl.in: Add -r option to do reverse lookup.
2015-11-25 Hajimu UMEMOTO <ume@mahoroba.org>
* gailookup.pl.in: Add awareness of AI_ALL and AI_V4MAPPED.
* gailookup.pl.in: Add -P option to ease to specify port number.
from DESCR:
This is a module with functions for handling mac addresses. There are
already two or three MAC addressing functions in CPAN, the motivation
for this module is moderate functionality without Moose.
With that in mind, you can understand why I have cloned much of the really
useful functionality from the two or three existing similar modules on CPAN.
I've covered off all the mac address formats I deal with in my workplace
of mixed hardware. This module can decode just about anything that looks
reasonably like a mac address, and stringify into every format I have seen
used...
So sorry, I'm not really interesting in adding a templating function to
define your own mac address formats. You're welcome to either send in a
patch, extend this module or quickly write a function that wraps the 'raw'
output to whatever you want. Match and join are your friends :)
Hopefully this module is useful to you. So far I have been pleased with
the amount of feedback and patches people have sent in, this has been very
rewarding as well as providing a number of new features I have been able
to use myself.
Upstream changes:
3.08 2016-01-05
- Fix a bug introduced in version 1.28 whereby a short write in Net::Cmd
would be treated as an error instead of looping. [David Golden, PR#24]
- Documented the fact that Net::SMTP::auth() can accept an Authen::SASL
object instead of a username and password. [Jan Viktorin, CPAN RT#106183]
- Simplified specification of INSTALLDIRS: We do not need to check the lower
bound since we only support Perl 5.8.1 and higher anyway.
Changes:
2016.04.06:
[*] Various bug fixes and improvements
2016.04.05:
[cbs] add base extractor
[movieclips] fix extraction
[camwithher] Add extractor
[cbsinteractive] Add support for ZDNet videos
[instagram:user] Fix extraction (fixes#9059)
[youtube] Add support for zwearz (Closes#9062)
[zdf] Extract subtitles (closes#9081)
[auroravid] Add extractor (Closes#9070)
[deezer] Fix extraction (Closes#9086)
[*] Various bug fixes and improvements
2016.04.01:
[nbc] add new extractor for csnne.com(#5432)
[tenplay] remove extractor(fixes#6927)
[voxmedia] Add new extractor(closes#3182)
[*] Various bug fixes and improvements
2016.03.27:
[twitter] Fix extraction (closes#8966)
[*] Various bug fixes and improvements
2016.03.26:
[*] Various bug fixes and improvements
2016.03.25:
[hbo] Add new extractor
[cda] Add new extractor for cda.pl
[biobiotv] Add extractor
[francetvinfo] Add support for france3-regions and strip title (Closes#7673)
[openload] Add new extractor (closes#8489)
Add extractor for thescene.com (closes#8929)
[youtube:live] Add extractor (Closes#8959)
[*] Various bug fixes and improvements
2016.03.18:
[thestar] Add new extractor(closes#5955)
[tv3] Add new extractor(closes#8059)
[utils] Add extract_attributes for extracting html tag attributes
[bravotv] Add new extractor(#4657)
[once] Add new format extractor
[*] Various bug fixes and improvements
