What's new in Sudo 1.9.11p3
* Fixed "connection reset" errors on AIX when running shell scripts
with the "intercept" or "log_subcmds" sudoers options enabled.
* Fixed very slow execution of shell scripts when the "intercept"
or "log_subcmds" sudoers options are set on systems that enable
Nagle's algorithm on the loopback device, such as AIX.
What's new in Sudo 1.9.11p2
* Fixed a compilation error on Linux/x86_64 with the x32 ABI.
* Fixed a regression introduced in 1.9.11p1 that caused a warning
when logging to sudo_logsrvd if the command returned no output.
What's new in Sudo 1.9.11p1
* Correctly handle EAGAIN in the I/O read/right events. This fixes
a hang seen on some systems when piping a large amount of data
through sudo, such as via rsync.
* Changes to avoid implementation or unspecified behavior when
bit shifting signed values in the protobuf library.
* Fixed a compilation error on Linux/aarch64.
* Fixed the configure check for seccomp(2) support on Linux.
* Corrected the EBNF specification for tags in the sudoers manual
page.
What's new in Sudo 1.9.11
* Fixed a crash in the Python module with Python 3.9.10 on some
systems. Additionally, "make check" now passes for Python 3.9.10.
* Error messages sent via email now include more details, including
the file name and the line number and column of the error.
Multiple errors are sent in a single message. Previously, only
the first error was included.
* Fixed logging of parse errors in JSON format. Previously,
the JSON logger would not write entries unless the command and
runuser were set. These may not be known at the time a parse
error is encountered.
* Fixed a potential crash parsing sudoers lines larger than twice
the value of LINE_MAX on systems that lack the getdelim() function.
* The tests run by "make check" now unset the LANGUAGE environment
variable. Otherwise, localization strings will not match if
LANGUAGE is set to a non-English locale.
* The "starttime" test now passed when run under Debian faketime.
* The Kerberos authentication module now honors the custom password
prompt if one has been specified.
* The embedded copy of zlib has been updated to version 1.2.12.
* Updated the version of libtool used by sudo to version 2.4.7.
* Sudo now defines _TIME_BITS to 64 on systems that define __TIMESIZE
in the header files (currently only GNU libc). This is required
to allow the use of 64-bit time values on some 32-bit systems.
* Sudo's "intercept" and "log_subcmds" options no longer force the
command to run in its own pseudo-terminal. It is now also
possible to intercept the system(3) function.
* Fixed a bug in sudo_logsrvd when run in store-first relay mode
where the commit point messages sent by the server were incorrect
if the command was suspended or received a window size change
event.
* Fixed a potential crash in sudo_logsrvd when the "tls_dhparams"
configuration setting was used.
* The "intercept" and "log_subcmds" functionality can now use
ptrace(2) on Linux systems that support seccomp(2) filtering.
This has the advantage of working for both static and dynamic
binaries and can work with sudo's SELinux RBAC mode. The following
architectures are currently supported: i386, x86_64, aarch64,
arm, mips (log_subcmds only), powerpc, riscv, and s390x. The
default is to use ptrace(2) where possible; the new "intercept_type"
sudoers setting can be used to explicitly set the type.
* New Georgian translation from translationproject.org.
* Fixed creating packages on CentOS Stream.
* Fixed a bug in the intercept and log_subcmds support where
the execve(2) wrapper was using the current environment instead
of the passed environment pointer.
* Added AppArmor integration for Linux. A sudoers rule can now
specify an APPARMOR_PROFILE option to run a command confined by
the named AppArmor profile.
* Fixed parsing of the "server_log" setting in sudo_logsrvd.conf.
Non-paths were being treated as paths and an actual path was
treated as an error.
1.15.1
Security fix: Fixed broken error reporting in the sam_cap_mapq() function, due to a missing hts_log() parameter. Prior to this fix it was possible to abuse the log message format string by passing a specially crafted alignment record to this function.
HTSlib now uses libhtscodecs release 1.2.2. This fixes a number of bugs where invalid compressed data could trigger usage of uninitialised values.
Fixed excessive memory used by multi-threaded SAM output on long reads.
Fixed a bug where tabix would misinterpret region specifiers starting at position 0. It will also now warn if the file being indexed is supposed to be 1-based but has positions less than or equal to 0.
The VCF header parser will now issue a warning if it finds an INFO header with Type=Flag but Number not equal to 0. It will also ignore the incorrect Number so the flag can be used.
Changes since 8.2.39:
-- Noteworthy changes in version 8.2.40 (2022-07-02)
* 'channel::disable_fake_channels' now also blocks strikethrough text (0x1E (30))
* 'KNOCK' can now be used on private channels. Channel mode 'K' may be used instead
to control whether or not 'KNOCK' is allowed on a channel.
* Support for '/dev/poll' has been dropped
* 'INFO' now also reports configured values of 'channel::default_join_flood_count'
and 'channel::default_join_flood_time'
* The founder 'q' and admin 'a' channel prefix modes have been implemented.
These are optional and can be enabled with the new 'channel::enable_owner'
and 'channel::enable_admin' configuration directives.
* Channel half-ops may now kick other half-ops
* Extban '$K' of type acting has been implemented. This extban prevents
matching users from using the 'KNOCK' command.
* Server-side channel mode locking 'MLOCK' has been implemented
* Fixed server name leak in 'WHOWAS' with 'serverhide::hide_services' enabled
Changes since 0.3.0:
We reached v1.0.0
## Breaking changes
- fix!: Replace limit flag with paginate by @ankitpokhrel in #359
- fix!: Append components on edit instead of overriding by @ankitpokhrel in #368
- feat!: Append label to an issue, show labels at issue list view by @stchar in #300
- refactor!: Move boards and project list to subcommand by @ankitpokhrel in #314
## What's added?
- feat: Support custom fields on issue create by @ankitpokhrel in #319
- feat: Add support to read from .netrc by @adolsalamanca in #329
- feat: Add support for OS keyrings/-chains by @boyvanamstel in #348
- feat: Support auth with personal access tokens by @marek-veber / @ankitpokhrel in #327
- feat: Allow to set fixVersions on issue creation by @ankitpokhrel in #276
- feat: Allow insecure TLS by @ankitpokhrel in #305
- feat: Add --no-browser option to open cmd by @ankitpokhrel in #308
- feat: Add search option for boards on jira init by @ankitpokhrel in #322
- feat: Add issues unlink command by @sushilkg in #347
- feat: Support refresh for issues list by @GZLiew in #325
- feat: Ability to delete issue by @ankitpokhrel in #336
- feat: Allow to set custom fields on epic create by @ankitpokhrel in #364
- feat: Allow to edit release-info/fixVersions by @ankitpokhrel in #365
- feat: Allow removing labels on edit by @ankitpokhrel in #371
- feat: Support creating issues with custom subtask type by @danobi in #372
- feat: Allow removing component on edit by @ankitpokhrel in #374
- feat: Allow removing fixVersions on edit by @ankitpokhrel in #376
- feat: Support custom fields on issue edit by @ankitpokhrel in #377
- feat: Jira init non-interactive by @ankitpokhrel in #381
- feat: Show subtasks in issue view by @ankitpokhrel in #382
- feat: Allow project filter in raw jql by @ankitpokhrel in #395
## What's fixed?
- fix: Makefile compatiblity with Make 3.81 by @danmichaelo in #252
- fix: Config generation issue by @ankitpokhrel in #275
- fix(cfg): Strip trailing slash on server name by @ankitpokhrel in #295
- fix: Jira client should respect timeout opt by @ankitpokhrel in #304
- fix: Respect GLAMOUR_STYLE env on issue view by @ankitpokhrel in #317
- fix: Get subtask handle from config by @ankitpokhrel in #296
- fix: Jira wiki parser by @ankitpokhrel in #326
- fix: Display correctly columns in list sprint command help by @adolsalamanca in #320
- fix: Panic on empty sub-list by @ankitpokhrel in #330
- fix: Issue with assigning user by @ankitpokhrel in #321
- fix: OOM bug on issue view by @ankitpokhrel in #350
- fix: Assign parent key as is on edit by @ankitpokhrel in #351
- fix: Add additional check for total boards returned by @ankitpokhrel in #360
- fix: Issue with query param in user assignment by @ankitpokhrel in #380
- fix: Subtask clone by @ankitpokhrel in #383
- fix: editing issue with custom field in non interactive mode by @DrudgeRajen in #391
## Dependency updates
- dep: Upgrade charmbracelet/glamour to 0.5.0 by @ankitpokhrel in #309
- dep: Upgrade rivo/tview to latest by @ankitpokhrel in #310
- dep: Upgrade outdated packages by @ankitpokhrel in #311
- dep: Upgrade cobra to 1.4.0 by @ankitpokhrel in #373
## Other notable changes
- Use md ext for tmp file to trigger vim syntax by @ElementalWarrior in #318
Full Changelog: https://github.com/ankitpokhrel/jira-cli/compare/v0.3.0...v1.0.0
Version 4.3
🔥 Breaking Changes
Fix backward compatibility from 4.3.2 in Lock.acquire()
Fix XAUTOCLAIM to return the full response, instead of only keys 2+
🚀 New Features
Added dynamic_startup_nodes configuration to RedisCluster.
🐛 Bug Fixes
Fix retries in async mode
Async cluster: fix simultaneous initialize
Uppercased commands in CommandsParser.get_keys
🧰 Maintenance
Late eval of the skip condition in async tests
Reuse the old nodes' connections when a cluster topology refresh is being done
Docs: add pipeline examples
Correct retention_msecs value
Cluster: use pipeline to execute split commands
Docs: Add a note about client_setname and client_name difference
Version 0.8.1
- Yet another fix of ``Screen.set_margins`` for the case of CSI
with no arguments.
- Changed ``Screen.erase_in_display`` to accept additional positional
arguments as some some ``clear`` implementations include a ``;`` after
the first parameter causing ``pyte`` to assume a ``0`` second parameter.
- Changed ``Stream`` FSM to reinit on error when parsing control sequence.
- Added support for blink to the SGR handler.
- Changed ``Stream`` to skip XTerm-specific ``ESC]...$[a-z]`` sequences.
- Dropped Python 2.X support. The minimal required version of Python is
now 3.7.
3.15.0
New features
------------
* Add support for curves Ed25519 and Ed448, including export and import of keys.
* Add support for EdDSA signatures.
* Add support for Asymmetric Key Packages (RFC5958) to import private keys.
Resolved issues
---------------
* GH-620: for ``Crypto.Util.number.getPrime`` , do not sequentially
scan numbers searching for a prime.
1.4.0 (2022-07-05)
Packaging
- Increase minimum `setuptools` version to 62.4.
Added
- Add `cargo_manifest_args` to support locked, frozen and offline builds.
- Add `RustBin` for packaging binaries in scripts data directory.
Changed
- `Exec` binding `RustExtension` with `script=True` is deprecated in favor of `RustBin`.
- Errors while calling `cargo metadata` are now reported back to the user
- `quiet` option will now suppress output of `cargo metadata`.
- `setuptools-rust` will now match `cargo` behavior of not setting `--target` when the selected target is the rust host.
- Deprecate `native` option of `RustExtension`.
Fixed
- If the sysconfig for `BLDSHARED` has no flags, `setuptools-rust` won't crash anymore.
Updated in wip by Paolo Vincenzo Olivo.
Remove upstreamed patches.
2021-01-10 (0.6.3) Volker Gropp <bwmng(at)gropp.org>
* remove outdated copyright and email
* Merge pull request #25 from fweimer/patch-1 AC_QEF_C_NORETURN: Include
<stdlib.h> for exit
* Merge pull request #27 from ofalk/master Fix potential write to unallocated
memory.
* Merge pull request #28 from vgropp/#2-fix-csv-bits feat: #2 output bits in csv
* Merge pull request #29 from vgropp/#2-fix-csv-bits fix(doc): #2 output bits
in csv
* Merge pull request #32 from vgropp/new-netstat-#5 feat: add support for newer
(2016+) linux netstat #5
2019-01-01 14:50 (0.6.2) Volker Gropp <bwmng(at)gropp.org>
* Merge pull request #22 from vgropp/issue-#13 to fix windows build
* Merge pull request #20 from dreibh/master CSV file output: fix for timestamp
inaccuracy and Y-2038 problem
* Merge pull request #21 from vgropp/travisci add travisci
* Merge pull request #17 from Himura2la/master Add the started time in "sum"
mode
* Merge pull request #18 from Himura2la/fix-dynamic Fix DYNAMIC and ANSIOUT in
config
* Merge pull request #10 from SoapGentoo/fixes Use `static inline` instead of
`inline`
* Merge pull request #9 from adventureloop/master Always fflush the pipe
* Merge pull request #7 from samueloph/fsf_address_clean Update FSF address
* Merge pull request #6 from samueloph/master Fix typos
* fix nan and inf values on fast refresh (fixes debian bug #532331)
0.30 (released 4th July 2022)
Parsing
-Added support for HTML and Julia.
Display
-Fixed an issue where line numbers were coloured even when colour was disabled.
-Improved alignment when files contain Unicode characters that are more than
one column wide.
-Improved syntax highlighting for conditionals, particularly for Dart, Elvish
and HCL.
Command Line Interface
--node-limit has been replaced by --graph-limit, and the corresponding
environment variable DFT_NODE_LIMIT has been replaced with DFT_GRAPH_LIMIT.
--graph-limit makes difftastic give up on structural diffs after traversing
this many graph nodes. --node-limit applied a limit based on an estimate of
how big the graph would be, leading to very slow diffs when the estimate
was wrong.
This new setting sets a more accurate limit on difftastic performance. It also
means that difftastic will always try a structural diff first. This will be
slower for files that exceed --graph-limit, but guarantees that files with a
small number of changes will always get a structural diff.
The previous commit message included the following comment:
TODO: avoid suggesting nls on macOS/x86_64 versions where bison
will crash.
Additionally, options.mk contains a comment suggesting the crash only
occurs for versions less than or equal to approximately 11.6. This
commit adds conditionals to options.mk to suggest the nls option only
when crashes are not expected.
Packaged in wip by Paolo Vincenzo Olivo.
Drawterm is a program that users of non-Plan 9 systems can use to
establish graphical cpu(1) connections with Plan 9 CPU servers. Just as
a real Plan 9 terminal does, drawterm serves its local name space as
well as some devices (the keyboard, mouse, and screen) to a remote CPU
server, which mounts this name space on /mnt/term and starts a shell.
Typically, either explicitly or via the profile, one uses the shell to
start rio(1).
This is a fork of Russ Cox's drawterm to incorporate features from
Plan9front (http://9front.org), most importantly DP9IK authentication
support (see authsrv(6)) and the TLS based rcpu(1) protocol.
Packaged in wip by Paolo Vincenzo Olivo.
This package provides the XmSm and XmToolbox utilities, to use in
conjuction with the Enhanced Motif Window Manager.
- XmSm is simple session manager that provides session configuration and
screen locking, as well as shutdown/suspend options. It also launches the
window manager and the toolbox.
- XmToolbox, is a toolchest like application launcher, which reads it's
multi-level menu structure from a simple plain-text file (namely
~/.toolboxrc). It also communicates with the session manager to provide
lock, log out, and shutdown commands.
Packaged in wip by Paolo Vincenzo Olivo.
EMWM is a lightweight window manager for X11. It is derived from MWM, adding
support for UTF-8, Xinerama and Extended Window Manager Hints.
While not strictly true, it's required to avoid pbulk always choosing nodejs18
as the preferred dependency, which is incorrect on platforms where it does not
build (macOS 10.14) and NODE_VERSION_DEFAULT is set to 16.
Changelog:
New
* Tired of too many windows crowding your screen? You can now disable
automatic opening of the download panel every time a new download starts.
Read more.
* Firefox now mitigates query parameter tracking when navigating sites in ETP
strict mode.
Fixed
* When using a screen reader on Windows, pressing enter to activate an
element no longer fails or clicks the wrong element and/or another
application window. For those blind or with very limited vision, this
technology reads out loud what is on the screen, and users can adapt them
to their needs (now, on our platform, without errors).
* Various security fixes.
Changed
* Improved security by moving audio decoding into a separate process with
stricter sandboxing, thus improving process isolation.
Enterprise
* Various bug fixes and new policies have been implemented in the latest
version of Firefox. You can find more information in the Firefox for
Enterprise 102 Release Notes.
* Firefox 102 is the new Extended Support Release (ESR). Firefox 91 ESR goes
out of support on September 20, 2022. (See the 102 ESR release notes for
more information)
Developer
* Developer Information
* You can now filter style sheets in the Style Editor tab of our developer
tools
Web Platform
* TransformStream and ReadableStream.pipeThrough have landed, allowing you to
pipe from a ReadableStream to a WritableStream, executing a transformation
on each chunk.
* ReadableStream, TransformStream, and WritableStream are all transferable
now.
* Firefox now supports Content-Security-Policy (CSP) integration with
WebAssembly. A document with a CSP that restricts scripts will no longer
execute WebAssembly unless the policy uses 'unsafe-eval' or the new
'wasm-unsafe-eval' keyword.
Security fixes:
#CVE-2022-34479: A popup window could be resized in a way to overlay the
address bar with web content
#CVE-2022-34470: Use-after-free in nsSHistory
#CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via
retargeted javascript: URI
#CVE-2022-34482: Drag and drop of malicious image could have led to malicious
executable and potential code execution
#CVE-2022-34483: Drag and drop of malicious image could have led to malicious
executable and potential code execution
#CVE-2022-34476: ASN.1 parser could have been tricked into accepting malformed
ASN.1
#CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
#CVE-2022-34474: Sandboxed iframes could redirect to external schemes
#CVE-2022-34469: TLS certificate errors on HSTS-protected domains could be
bypassed by the user on Firefox for Android
#CVE-2022-34471: Compromised server could trick a browser into an addon
downgrade
#CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked
#CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt
#CVE-2022-2200: Undesired attributes could be set as part of prototype
pollution
#CVE-2022-34480: Free of uninitialized pointer in lg_init
#CVE-2022-34477: MediaError message property leaked information on cross-origin
same-site pages
#CVE-2022-34475: HTML Sanitizer could have been bypassed via same-origin script
via use tags
#CVE-2022-34473: HTML Sanitizer could have been bypassed via use tags
#CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11
#CVE-2022-34485: Memory safety bugs fixed in Firefox 102
Packaged in wip by Paolo Vincenzo Olivo.
Etsh provides two ports of the original /bin/sh from Version 6 (V6) UNIX
(circa 1975).
Etsh(1) is an enhanced, backward-compatible port of the V6 Thompson shell.
Tsh(1) is an unenhanced port of the shell, and glob(1) is a port of its
global command. Together, tsh and glob provide a user interface which
is backward compatible with that provided by the V6 Thompson shell and
global command, but without the obvious enhancements found in etsh.
The original Thompson shell was principally written by Ken Thompson
of Bell Labs.
This package also includes the following shell utilities:
- if(1) - conditional command (ported from V6 UNIX)
- goto(1) - transfer command (ported from V6 UNIX)
- fd2(1) - redirect from/to file descriptor 2
