pkgsrc changes:
- Remove patches/patch-player_lua_ytdl__hook.lua, no longer needed because it
is present since 0.27.1 and 0.28.1 mpv releases
Changes:
0.27.1
======
This releaes fixes CVE-2018-6360.
Fixes and Minor Enhancements
----------------------------
- ytdl_hook: whitelist protocols from urls retrieved from youtube-dl (#5456)
* Fix the hardcoded pathes and the flag for libhidapi option
* Tested with STM32F4Discovery board
Changelog:
Highlights of the changes made in the OpenOCD source archive release
JTAG Layer:
New driver for J-Link adapters based on libjaylink
(including support for FPGA configuration, SWO and EMUCOM)
FTDI improvements to work at 30MHz clock
BCM2835 native driver SWD and Raspberry Pi2 support
BCM2835 is set to 4ma drive, slow slew rate
ixo-usb-jtag (emulation of an Altera Bus Blaster I on Cypress FX2 IC)
support
JTAG pass-through mode for CMSIS-DAP (including support for FPGA
configuration)
OpenJTAG support for Cypress CY7C65215
connect_assert_srst support for SWD
Xilinx Virtex-II Series7 bitstream loading support
Use JEP106 data to decode IDs
Deprecated “ft2232″ driver removed (use “ftdi” instead)
GPL-incompatible FTDI D2XX library support dropped (Presto, OpenJTAG and
USB-Blaster I are using libftdi only now)
ZY1000 support dropped (unmaintained since long)
oocd_trace support dropped
Target Layer:
ARMv7-A, Cortex-M, Cortex-A/R important fixes and improvements (allowing
e.g. simultaneous debugging of A8 and M3 cores, JTAG WAIT support etc.)
ARM Cortex-A,R allow interrupt disable during single-step (maskisr command)
Semihosting support for ARMv7-A
ARM Cortex-M7 support
Intel Quark mcu D2000 support
Freescale LS102x SAP support
ThreadX RTOS support on ARM926E-JS
Cortex-M RTOS stack alignment fixes
FreeRTOS FPU support
uC/OS-III RTOS support
bridging semihosting to GDB’s File-I/O support
-defer-examine option added to target create command
verify_image_checksum command added
Flash Layer:
Atmel SAM4S, SAM4N, SAM4C support
Atmel SAMV, SAMS, SAME (Cortex-M7) support
Atmel AT91SAMD handle reset run/halt in DSU, other fixes
Atmel AT91SAML21, SAML22, SAMC20/SAMC21, SAMD09 support
ST STM32F4x support
ST STM32F74x/76x/77x, STM32L4 support
ST STM32L0 categories 1, 2 and 5 support
Kinetis K02, K21, K22, K24, K26, K63, K64, K66 support
Kinetis KE, KVx, K8x families support
Kinetis FlexNVM handling
Kinetis flash protection, security, mass_erase improvements
Infineon XMC4xxx family support
Infineon XMC1000 flash driver
Energy Micro EFM32 Happy Gecko support
Energy Micro EFM32 debug interface lock support
Analog Devices ADuCM360 support
Unified Nuvoton NuMicro flash driver
NIIET K1921VK01T (Cortex-M4) support
Nordic Semiconductor nRF51 improvements
Spansion FM4 flash (including MB9BFx64/x65, S6E2DH) driver
Ambiq Micro Apollo flash driver
PIC32MX new device IDs, 17x/27x flash support
read_bank() and verify_bank() NOR flash internal API to allow reading
(and verifying) non-memory-mapped devices
JTAGSPI driver to access SPI NOR flashes via a trivial FPGA proxy
Milandr read/verify for Info memory support
Various discrete SPI NOR flashes support
CFI 16-bit flash reversed endianness support
Board, Target, and Interface Configuration Scripts:
Digilent JTAG-HS2, JTAG-HS3 interfaces configs
FTDI UM232H module as JTAG interface config
100ask’s OpenJTAG interface config
MBFTDI interface config
XDS100v3 interface config
Freescale Vybrid VF6xx target config
EmCraft VF6 SOM and baseboard configs
Freescale SabreSD board config
Freescale VF65GS10 tower board config
Pipistrello Xilinx Spartan6 LX45 FPGA board config
miniSpartan6+ board config
Xilinx Kintex7 Development board config
Parallella-I board config
Digilent Atlys and Analog Discovery board configs
Numato Opsis board config
Xilinx Spartan 6 FPGA “Device DNA” reading support
Altera 10M50 FPGA (MAX10 family) target config
Altera EPM240 CPLD (MAXII family) target config
Marsohod2, Marsohod3 FPGA, Marsohod CPLD boards configs
Novena’s integrated FPGA board config
XMOS XS1-XAU8A-10′s ARM core config
XMOS xCORE-XA Core Module board config
Exynos5250 target config
Arndale board config
FM4 MB9BFxxx family configs
Spansion SK-FM4-U120-9B560 board config
Diolan LPC4357-DB1 board config
ST STM32F469 discovery board config
ST STM32F7-DISCO, STM327[4|5]6G-EVAL boards configs
ST STM32L4 discovery, NUCLEO L476RG, STM32F429I-DISC1 boards configs
Atheros AR2313, AR2315 targets config
Netgear WP102 board config
La Fonera FON2200 board config
Linksys WAG200G board config
LPC-Link2 board config
NXP LPC4370 target config
Atmel SAMV, SAMS, SAME target configs
Atmel SAM E70 Xplained, SAM V71 Xplained Ultra boards configs
Nordic nRF52 target config
Nordic nRF51-DK, nRF52-DK boards configs
Infineon XMC4700 Relax Kit, XMC4800 Relax EtherCAT Kit, XMC4300 Relax
EtherCAT Kit boards configs
Renesas S7G2 target config
Renesas DK-S7G2 board config
Altera EP3C10 FPGA (Cyclone III family) target config
TI MSP432P4xx target config
Cypress PSoC 5LP target config
Analog Devices ADSP-SC58x target config (Cortex-A5 core only)
Server Layer:
tcl_trace command for async target trace output via Tcl RPC
Build and Release:
Various fixes thanks to http://coccinellery.org
libftdi is now autodetected with pkgconfig
Releases should now support reproducible builds
Conversion to non-recursive make, requires automake >= 1.14
Udev rules modified to add uaccess tag and moved to 60-openocd.rules
Support searching for scripts relative to the openocd binary for all
major architectures
Upstream changes:
mikutter 3.6.3
* "reply" of mikutter commands doesn't appear in non Twitter Worlds
* crashed on registrating already registered World again
* fix use of deperecated methods of Pango (thanks: akkiesoft)
This switch is meant to be used by packages requiring an implementation of the
former libusb (as in devel/libusb). The original implementation can be
chosen by setting LIBUSB_TYPE to "native".
The alternative implementation libusb-compat (as in devel/libusb-compat) wraps
libusb1 (in devel/libusb1). This implementation can be chosen by setting
LIBUSB_TYPE to "compat". On NetBSD, it has the advantage of not requiring root
privileges to locate and use USB devices without a kernel driver.
This second part switches packages using libusb to this framework. It does not
change compilation options or dependencies at this point.
Compile-tested on most packages affected and available on NetBSD/amd64.
This switch is meant to be used by packages requiring an implementation of the
former libusb (as in devel/libusb). The original implementation can be
chosen by setting LIBUSB_TYPE to "native".
The alternative implementation libusb-compat (as in devel/libusb-compat) wraps
libusb1 (in devel/libusb1). This implementation can be chosen by setting
LIBUSB_TYPE to "compat". On NetBSD, it has the advantage of not requiring root
privileges to locate and use USB devices without a kernel driver.
This first part only imports the switch framework itself.
* Fix segfault on netbsd-7
Changelog:
Fix
Avoid a signature validation issue during update on macOS
Blocklisted graphics drivers related to off main thread painting crashes
Tab crash during printing
Fix clicking links and scrolling emails on Microsoft Hotmail and Outlook
(OWA) webmail
Changelog:
This patch release includes several important fixes to the link mode
and driver logic. In addition, it adds mdso support to midipix targets,
as well as updates slibtool's own build system.
- link mode: re-implemented slbt_exec_link_finalize_argument_vector().
- link mode: import library generation: added mdso support.
- link mode: use -fpic objects with -disable-static.
- driver: added --mdso and --implib support.
- driver: added initial -dlpreopen support.
- driver: support -thread-safe more elegantly.
- driver: properly handle -thread-safe (no-op, compatibility).
In the do-install target, deal with the spaces in the directory
name "Visual Studio Projects" instead of printing the message
"install: Visual: stat: No such file or directory" and failing to
install one of the .txt files.
The 'timeDate' class fulfils the conventions of the ISO 8601 standard
as well as of the ANSI C and POSIX standards. Beyond these standards
it provides the "Financial Center" concept which allows to handle data
records collected in different time zones and mix them up to have
always the proper time stamps with respect to your personal financial
center, or alternatively to the GMT reference time. It can thus also
handle time stamps from historical data records from the same time
zone, even if the financial centers changed day light saving times at
different calendar dates.
v2.3.5
======
- Try and force glibc to cache zoneinfo files in an attempt to work around
glibc parsing vulnerability. Thanks to Kingcope.
- Only report CHMOD in SITE HELP if it's enabled. Thanks to Martin Schwenke
<martin@meltin.net>.
- Some simple fixes and cleanups from Thorsten Brehm <tbrehm@dspace.de>.
- Only advertise "AUTH SSL" if one of SSLv2, SSLv3 is enabled. Thanks to
steve willing <eiji-gravion@hotmail.com>.
- Handle connect() failures properly. Thanks to Takayuki Nagata
<tnagata@redhat.com>.
- Add stronger checks for the configuration error of running with a writeable
root directory inside a chroot(). This may bite people who carelessly turned
on chroot_local_user but such is life.
v3.0.0
======
- Update vsf_findlibs.sh to work on Ubuntu 11.10+
- Make listen mode the default.
- Add -Werror to build flags.
- Fix missing "const" in ssl.c
- Add seccompsandbox.c to support a seccomp filter sandbox; works against Ubuntu
12.04 ABI.
- Rearrange ftppolicy.c a bit so the syscall list is easily comparable with
seccompsandbox.c
- Rename deprecated "sandbox" to "ptrace_sandbox".
- Add a few more state checks to the privileged helper processes.
- Add tunable "seccomp_sandbox", default on.
- Use hardened build flags. Distros of course override these and provide their
own build flags but no harm in showing how it could be done.
- Retry creating a PASV socket upon port reuse race between bind() and listen(),
patch from Ralph Wuerthner <ralph.wuerthner@de.ibm.com>.
- Don't die() if recv() indicates a closed remote connection. Problem report
on a Windows client from Herbert van den Bergh,
<herbert.van.den.bergh@oracle.com>.
- Add new config setting "allow_writeable_chroot" to help people in a bit of
a spot with the v2.3.5 defensive change. Only applies to non-anonymous.
- Remove a couple of fixed things from BUGS.
- strlen() trunction fix -- no particular impact.
- Apply some tidyups from mmoufid@yorku.ca.
(vsftpd-3.0.0-pre1)
- Fix delete_failed_uploads if there is a timeout. Report from Alejandro
Hernández Hdez <aalejandrohdez@gmail.com>.
- Fix other data channel bugs such as failure to log failure upon timeout.
- Use exit codes a bit more consistently.
- Fix bad interaction between SSL and trans_chunk_size.
- Redo data timeout to fire properly for SSL sessions.
- Redo idle timeout to fire properly for SSL sessions.
- Make sure PROT_EXEC isn't allowed, thanks to Will Drewry for noticing.
- Use 10 minutes as a max linger time just in case an alarm gets lost.
(vsftpd-3.0.0-pre2)
- Change PR_SET_NO_NEW_PRIVS define, from Kees Cook.
- Add AES128-SHA to default SSL cipher suites for FileZilla compatibility.
Unfortunately the default vsftpd SSL confiuration still doesn't fully work
with FileZilla, because FileZilla has a data connection security problem:
no client certificate presentation and no session reuse. At least the error
message is now very clear.
- Add restart_syscall to seccomp policy. Triggers reliably if you strace whilst
a data transfer is in progress.
- Fix delete_failed_uploads for anonymous sessions.
- Don't listen for urgent data if the control connection is SSL, due to possible
protocol synchronization issues.
v3.0.1
======
- Fix some seccomp related build errors on certain CentOS and Debian versions.
- Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort()
opens and maps /proc/meminfo but only for larger item counts?
- Seccomp filter sandbox: deny socket() gracefully for text_userdb_names.
- Fix various NULL crashes with nonsensical config settings. Noted by Tianyin Xu
<tixu@cs.ucsd.edu>.
- Force cast to unsigned char in is* char functions.
- Fix harmless integer issues in strlist.c.
- Started on a (possibly ill-advised?) crusade to compile cleanly with
Wconversion. Decided to suspend the effort half-way through.
v3.0.2
======
- One more seccomp policy fix: mremap (denied).
- Support STOU with no filename, uses a STOU. prefix.
v3.0.3
======
- Increase VSFTP_AS_LIMIT to 200MB; various reports.
- Make the PWD response more RFC compliant; report from Barry Kelly
<barry@modeltwozero.com>.
- Remove the trailing period from EPSV response to work around BT Internet
issues; report from Tim Bishop <tdb@mirrorservice.org>.
- Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
<mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now.
- Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
probably have a different distro / libc / etc. and there are multiple reports.
- Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
this case gracefully. Report from Vasily Averin <vvs@odin.com>.
- List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
- Make some compile-time SSL defaults (such as correct client shutdown
handling) stricter.
- Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
delays. From Tim Kosse <tim.kosse@filezilla-project.org>.
- Kill the FTP session if we see HTTP protocol commands, to avoid
cross-protocol attacks. A report from Jann Horn <jann@thejh.net>.
- Kill the FTP session if we see session re-use failure. A report from
Tim Kosse <tim.kosse@filezilla-project.org>.
(vsftpd-3.0.3pre1)
- Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>.
- Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
- Minor SSL logging improvements.
- Un-default tunable_strict_ssl_write_shutdown again. We still have
tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
upload integrity.
(vsftpd-3.0.3pre2)
0.7.0:
Features added during Google Summer of Code 2017:
* Harvesting language data from Unicode CLDR database (https://github.com/unicode-cldr/cldr-json), which includes over 200 locales
See full currently supported locale list in README.
* Extracting dates from longer strings of text
Special thanks for their awesome contributions!
New features:
* Added (independently from CLDR) Georgian and Swedish
Improvements:
* Improved support of Chinese, Thai, French, Russian
* Removed ruamel.yaml from dependencies. This should reduce the number of installation issues and improve performance as the result of moving away from YAML as basic data storage format.
Note that YAML is still used as format for support language files.
* Improved performance through using pre-compiling frequent regexes and lazy loading of data
* Extended tests
* Updated nose_parameterized to its current package, parameterized
Parameterized testing in Python sucks. 'parameterized' fixes that. For
everything. Parameterized testing for nose, parameterized testing for py.test,
parameterized testing for unittest.
