Notable Changes
build:
- support for building mips64el
cluster:
- disconnect() now returns a reference to the disconnected worker.
crypto:
- ability to select cert store at runtime
- Use system CAs instead of using bundled ones
- The Decipher methods setAuthTag() and setAAD now return this.
- adding support for OPENSSL_CONF again
- make LazyTransform compabile with Streams1
deps:
- upgrade libuv to 1.11.0
dns:
- Implemented {ttl: true} for resolve4() and resolve6().
process:
- add NODE_NO_WARNINGS environment variable
readline:
- add option to stop duplicates in history
src:
- support "--" after "-e" as end-of-options
tls:
- new tls.TLSSocket() supports sec ctx options
- Allow obvious key/passphrase combinations.
Pkgsrc changes:
===============
* Update dependencies to match requirements.txt
* Adapt to PLIST changes
Upstream changes:
=================
Release 2.1.3
-------------
Features Added:
* Ephemeral config support #707
* Add a srx_cluster_redundancy_group fact. #711
Bugs Fixed:
* ignore_warning fails when single that is first child of . #712
* mode='telnet' did not logout non-cli user #713
* JSONLoadError was thrown when load valid JSON config #717/#718
* Fix XML normalization feature when using NETCONF over console. #719/#720
* Handle differences in |display xml rpc #722
Release 2.1.2
-------------
Bugs Fixed:
* Doc badge was pointing to older version #694
* Fix new-style fact gathering for SRX clusters. #697/#698
* Properly handle SW upgrades on multi-RE and/or multi-chassis
systems when using new-style fact gathering. #700
* Raise JSONLoadError if json config is malformed #706
* Handle ConnectClosedError exception for lock() and unlock() #708
Release 2.1.1
-------------
Bugs Fixed:
* Fix regressions caused by ignore_warning. #691
Release 2.1.0
-------------
Features Added:
* Enhanced fact gathering. Facts are now gathered "on demand."
Additional facts are added.
* The definition of facts and return values are properly documented. #638
* Support for YANG get RPCs. #672
* Add an ignore_warning argument to suppress RpcError exceptions
for warnings. #672/#685
* Enhanced the sw.install() method with basic ISSU and NSSU
support using the issu and nssu
* boolean arguments. #606/#630/#632
* ** NSSU support has not yet been tested and should currently
be considered experimental.
* Provide a master property and a re_name property for Device. #682
* Enhanced reboot() method to take an all_re boolean parameter
which controls if only the connected
* Routing Engine, or all Routing Engines, are rebooted. #613
* Enhanced the warning message produced by the cli() method to
recommend the corresponding
* dev.rpc.<method>() call. #603
* Add support for update parameter to configuration load() method. #681
* Added directory_usage to utils #629/#631/#636
* Adding support for NFX/JDM fact gathering. #652/#659
* Connected property. #664
Bugs Fixed:
* Updated the interface-name glob pattern to correctly match
et-<x>/<y>/<z> interfaces
* in several tables and views. #609
* Take care of special chars on screen during console connection. #610
* Address issue with fact gathering stopping when it encounters
a problem. #615
* Minor typos fixed in RuntimeError exception message and in comments. #621
* Added console_has_banner parameter. #622
* Add CentOS Support to install instructions #623
* Key value is needed in _IsisAdjacencyLogTable #627
* Improved functionality and documentation of Docker build.
#637/#673/#674/#677
* added remote port ID to lldp.yml (OP) #645
* Fix documentation for rollback() #647
* Fix for fact gathering pprint. #660/#661
* update ospf view, add bgp/inventory #665
* Updated doc string for close function #686
* Add Travis builds for Python 3.5 and 3.6 #687
* StartShell.run to take this as None for non returning commands #680
* Modify ignore_warning return value to mimic normal RPC return value. #688
Release 2.0.1
-------------
* StartShell to take timeout (30 second by default) as paramter
* Proper exception handling in case of Console connection #595
* Fix: Config.lock() return exception when normalize is on
* Added microbadge badge for the Docker image #593
* Fix: print dev for Console conn was printing object not Device(....) #591
* Fix: To take care of special chars with StartShell->run function call #589
* Fix: ssh private key file to be considered for scp util #586
* Added Dockerfile to enable automated image builds on project commits #585
Pkgsrc changes:
* Adapt PLIST and patch to README.rst.
Upstream changes:
v0.5.3
- Add notifications support
- Add support for ecdsa keys
- Various bug fixes
Py-scp is a pure python scp module.
The scp.py module uses a paramiko transport to send and recieve
files via the scp1 protocol. This is the protocol as referenced
from the openssh scp program, and has only been tested with this
implementation.
- avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 53098 * 40448 cannot be represented in type 'int'
- avcodec/pafvideo: Fix assertion failure
- avcodec/takdec: Fix multiple runtime error: signed integer overflow: 637072 * 4096 cannot be represented in type 'int'
- avcodec/mjpegdec: Check that reference frame matches the current frame
- avcodec/tiff: Avoid loosing allocated geotag values
- avcodec/cavs: Fix runtime error: signed integer overflow: -12648062 * 256 cannot be represented in type 'int'
- avformat/hls: Check local file extensions
- avcodec/qdrw: Fix null pointer dereference
- avutil/softfloat: Fix sign error in and improve documentation of av_int2sf()
- avcodec/hevc_ps: Fix runtime error: index 32 out of bounds for type 'uint8_t [32]'
- avcodec/dxv: Check remaining bytes in dxv_decompress_raw()
- avcodec/pafvideo: Check packet size and frame code before ff_reget_buffer()
- avcodec/ac3dec_fixed: Fix runtime error: left shift of 419 by 23 places cannot be represented in type 'int'
- avformat/options: log filename on open
- avcodec/aacps: Fix runtime error: left shift of 1073741824 by 1 places cannot be represented in type 'INTFLOAT' (aka 'int')
- avcodec/wavpack: Fix runtime error: shift exponent 32 is too large for 32-bit type 'int'
- avcodec/cfhd: Fix runtime error: signed integer overflow: 65280 * 65288 cannot be represented in type 'int'
- avcodec/wavpack: Fix runtime error: signed integer overflow: 2013265955 - -134217694 cannot be represented in type 'int'
- avcodec/cinepak: Check input packet size before frame reallocation
- avcodec/hevc_ps: Fix runtime error: signed integer overflow: 2147483628 + 256 cannot be represented in type 'int'
- avcodec/ra144: Fixes runtime error: signed integer overflow: 7160 * 327138 cannot be represented in type 'int'
- avcodec/pnm: Use ff_set_dimensions()
- avcodec/cavsdec: Fix runtime error: signed integer overflow: 59 + 2147483600 cannot be represented in type 'int'
- avcodec/nvenc: fix hw accelerated transcode with bframes
- libavformat/hls: Observe Set-Cookie headers
- libavformat/http: Ignore expired cookies
- avformat/avidec: Limit formats in gab2 to srt and ass/ssa
- avcodec/acelp_pitch_delay: Fix runtime error: value 4.83233e+39 is outside the range of representable values of type 'float'
- avcodec/wavpack: Check float_shift
- avcodec/wavpack: Fix runtime error: signed integer overflow: 24 * -2147483648 cannot be represented in type 'int'
- avcodec/ansi: Fix frame memleak
- avcodec/dds: Fix runtime error: left shift of 145 by 24 places cannot be represented in type 'int'
- avcodec/jpeg2000dec: Use ff_set_dimensions()
- avcodec/truemotion2: Fix passing null pointer to memset()
- avcodec/truemotion2: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
- avcodec/ra144: Fix runtime error: signed integer overflow: -2449 * 1398101 cannot be represented in type 'int'
- avcodec/ra144: Fix runtime error: signed integer overflow: 11184810 * 404 cannot be represented in type 'int'
- avcodec/aac_defines: Add missing () to AAC_HALF_SUM() macro
- avcodec/webp: Fixes null pointer dereference
- avcodec/aacdec_fixed: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
- avcodec/ylc: Check count in build_vlc()
- avcodec/snow: Fix runtime error: signed integer overflow: 1086573993 + 1086573994 cannot be represented in type 'int'
- avcodec/jpeg2000: Fix runtime error: signed integer overflow: 4185 + 2147483394 cannot be represented in type 'int'
- avcodec/jpeg2000dec: Check tile offsets more completely
- avcodec/sheervideo: Check input buffer size before allocating and decoding
- avcodec/aacdec_fixed: Fix multiple runtime error: shift exponent 127 is too large for 32-bit type 'int'
- avcodec/wnv1: More strict buffer size check
- avcodec/libfdk-aacdec: Correct buffer_size parameter
- avcodec/sbrdsp_template: Fix: runtime error: signed integer overflow: 849815297 + 1315389781 cannot be represented in type 'int'
- avcodec/ivi_dsp: Fix runtime error: left shift of negative value -2
- doc/filters: Clarify scale2ref example
- avcodec/mlpdec: Do not leave invalid values in matrix_out_ch[] on error
- avcodec/ra144dec: Fix runtime error: left shift of negative value -17
- avcodec/pixlet: Fix runtime error: signed integer overflow: 2147483647 + 32 cannot be represented in type 'int'
- avformat/mux: Fix copy an paste typo
- avutil/internal: Do not enable CHECKED with DEBUG
- avcodec/clearvideo: Check buf_size before decoding frame
- avcodec/aacdec_fixed: Fix runtime error: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int'
- avcodec/smc: Check remaining input
- avcodec/diracdec: Fix off by 1 error in quant check
- avcodec/jpeg2000dec: Fix copy and paste error
- avcodec/jpeg2000dec: Check tile offsets
- avcodec/sanm: Fix uninitialized reference frames
- avcodec/jpeglsdec: Check get_bits_left() before decoding a picture
- avcodec/fmvc: Fix use of uninitialized memory when the first frame is not a keyframe
- avcodec/ivi_dsp: Fix multiple runtime error: left shift of negative value -71
- avcodec/mjpegdec: Fix runtime error: signed integer overflow: -32767 * 130560 cannot be represented in type 'int'
- avcodec/aacdec_fixed: Fix runtime error: shift exponent 34 is too large for 32-bit type 'int'
- avcodec/mpeg4videodec: Check for multiple VOL headers
- avcodec/vp9block: fix runtime error: signed integer overflow: 196675 * 20670 cannot be represented in type 'int'
- avcodec/vmnc: Check location before use
- avcodec/takdec: Fix runtime error: signed integer overflow: 8192 * 524308 cannot be represented in type 'int'
- avcodec/aac_defines: Fix: runtime error: left shift of negative value -2
- avcodec/takdec: Fix runtime error: left shift of negative value -63
- avcodec/mlpdsp: Fix runtime error: signed integer overflow: -24419392 * 128 cannot be represented in type 'int'
- avcodec/sbrdsp_fixed: fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
- avcodec/aacsbr_fixed: Fix multiple runtime error: shift exponent 170 is too large for 32-bit type 'int'
- avcodec/mlpdec: Do not leave a invalid num_primitive_matrices in the context
- avcodec/aacsbr_fixed: Fix multiple runtime error: shift exponent 150 is too large for 32-bit type 'int'
- avcodec/mimic: Use ff_set_dimensions() to set the dimensions
- avcodec/fic: Fix multiple runtime error: signed integer overflow: 5793 * 419752 cannot be represented in type 'int'
- avcodec/pixlet: Fix reading invalid numbers of bits
- avcodec/mlpdec: Fix: runtime error: left shift of negative value -8
- avcodec/dfa: Fix: runtime error: signed integer overflow: -14202 * 196877 cannot be represented in type 'int'
- avcodec/aacdec: Fix runtime error: signed integer overflow: 2147483520 + 255 cannot be represented in type 'int'
- avcodec/aacdec_template: Fix fixed point scale in decode_cce()
- avcodec/fmvc: Fix off by 1 error
- avcodec/flicvideo: Check frame_size before decrementing
- avcodec/mlpdec: Fix runtime error: left shift of negative value -1
- avcodec/takdec: Fix runtime error: left shift of negative value -42
- avcodec/hq_hqa: Fix: runtime error: signed integer overflow: -255 * 10180917 cannot be represented in type 'int'
- avcodec/scpr: mask bits to prevent out of array read
- avcodec/truemotion1: Fix multiple runtime error: signed integer overflow: 1246906962 * 2 cannot be represented in type 'int'
- avcodec/svq3: Fix runtime error: left shift of negative value -6
- avcodec/tiff: reset sampling[] if its invalid
- configure: Fix the msvcrt version check for mingw32
- lavf/mov: make invalid m{d,v}hd time_scale default to 1 instead of erroring out
- lavc/ffjni: add missing '\n'
- lavc/mediacodec_wrapper: do not declare JNIAMedia{Codec,CodecList,Format}Fields on the stack
- lavc/mediacodec_wrapper: fix local reference leaks
- avcodec/nvenc: remove unnecessary alignment
- Use AVOnce as a static variable consistently
- avfilter: take_samples: do not directly return frame when samples are skipped
- avutil/hwcontext_dxva2: Don't improperly free IDirect3DSurface9 objects
This is a minor bug-fix release in the 0.20.x series and includes some small regression fixes, bug fixes and performance improvements. We recommend that all users upgrade to this version.
upstream changelog:
2017-05-31 Todd C. Miller <Todd.Miller@courtesan.com>
* NEWS, configure, configure.ac:
Sudo 1.8.20p2
[47836f4c9834]
* src/ttyname.c:
A command name may also contain newline characters so read
/proc/self/stat until EOF. It is not legal for /proc/self/stat to
contain embedded NUL bytes so treat the file as corrupt if we see
any. With help from Qualys.
This is not exploitable due to the /dev traversal changes in sudo
1.8.20p1 (thanks Solar!).
[15a46f4007dd]
2017-05-30 Todd C. Miller <Todd.Miller@courtesan.com>
* src/ttyname.c:
Use /proc/self consistently on Linux. As far as I know, only AIX
doesn't support /proc/self.
[6f3d9816541b]
- Fix out of bounds read when scanning expandos (GL!11).
- Fix invalid memory access with quoted filenames in DCC
(GL#8, GL!12).
- Fix null-pointer dereference on DCC without address (GL#9, GL!13).
- Improve integer overflow handling. Originally reported by
oss-fuzz#525 (#706).
- Improve nicklist performance from O(N^2) to O(N) (#705).
- Fix initial screen redraw delay. By Stephen Oberholtzer
(#680, bdo#856201).
- Fix incorrect reset of true colours when resetting background. (#711).
- Fix missing -notls option in /SERVER. By Jari Matilainen (#117, #702).
- Fix minor history glitch on overcounter (#462, #685).
- Improved OpenSSL detection at compile time. By Rodrigo Rebello (#677).
- Improved NetBSD Terminfo detection. By Maya Rashish (#694, #698).
- Add missing syntax info for COMPLETION (#687, #688).
- Minor typo correction in help. By Michael Hansen (#707).
From maya@
CHANGES FROM 2.4 to 2.5 09 May 2017
- Reset updated flag when restarting #() command so that new output is
properly
recognised. GitHub issue 922.
- Fix ECH with a background colour.
- Do not rely on the terminal not moving the cursor after DL or EL.
- Fix send-keys and send-prefix in copy-mode (so C-b C-b works).
- Set the current pane for rotate-window so it works in command
sequences.
- Add pane_mode format.
- Differentiate M-Up from Escape+Up when possible (that is, in
terminals with xterm(1) style function keys). GitHub issue 907.
- Add session_stack and window_stack_index formats.
- Some new control mode notifications and corresponding hooks:
pane-mode-changed, window-pane-changed, client-session-changed,
session-window-changed.
- Format pane_search_string for last search term while in copy mode
(useful with command-prompt -I).
- Fix a problem with high CPU usage and multiple clients with #().
- Fix UTF-8 combining characters in column 0.
- Fix reference counting so that panes are properly destroyed and
their processes killed.
- Clamp SU (CSI S) parameter to work around a bug in Konsole.
- Tweak line wrapping in full width panes to play more nicely with
terminal copy and paste.
- Fix when we emit SGR 0 in capture-pane -e.
- Do not change TERM until after config file parsing has finished, so
that commands run inside the config file can use it to make decisions
(typically about default-terminal).
- Make the initial client wait until config file parsing has finished
to avoid racing with commands.
- Fix core when if-shell fails.
- Only use ED to clear screen if the pane is at the bottom.
- Fix multibyte UTF-8 output.
- Code improvements around target (-t) resolution.
- Change how the default target (for commands without -t) is managed
across command sequences: now it is set up at the start and commands
are required to update it if needed. Fixes binding command sequences
to mouse keys.
- Make if-shell from the config file work correctly.
- Change to always check the root key table if no binding is found in
the current table (prefix table or copy-mode table or whatever). This
means that root key bindings will take effect even in copy mode, if not
overridden by a copy mode key binding.
- Fix so that the history file works again.
- Run config file without a client rather than using the first client,
restores previous behaviour.
- If a #() command doesn't exit, continue to read from it and use its
last full line of output.
- Handle slow terminals and fast output better: when the amount of
data outstanding gets too large, discard output until it is drained and
we are able to do a full redraw. Prevents tmux sitting on a huge buffer
that the terminal will take forever to consume.
- Do not redraw a client unless we realistically think it can accept
the data - defer redraws until the client has nothing else waiting to write.
Node.js 8.0.0 is a major new release that includes a significant number of
semver-major and semver-minor changes. Notable changes are listed below.
The Node.js 8.x release branch is scheduled to become the next actively
maintained Long Term Support (LTS) release line in October, 2017 under the
LTS codename 'Carbon'.
### Notable Changes
* Async Hooks
* The `async_hooks` module has landed in core
* Buffer
* Using the `--pending-deprecation` flag will cause Node.js to emit a
deprecation warning when using `new Buffer(num)` or `Buffer(num)`.
* `new Buffer(num)` and `Buffer(num)` will zero-fill new `Buffer` instances
* Many `Buffer` methods now accept `Uint8Array` as input
* Child Process
* Argument and kill signal validations have been improved
* Child Process methods accept `Uint8Array` as input
* Console
* Error events emitted when using `console` methods are now supressed.
* Dependencies
* The npm client has been updated to 5.0.0
* V8 has been updated to 5.8 with forward ABI stability to 6.0
* Domains
* Native `Promise` instances are now `Domain` aware
* Errors
* We have started assigning static error codes to errors generated by Node.js.
This has been done through multiple commits and is still a work in
progress.
* File System
* The utility class `fs.SyncWriteStream` has been deprecated
* The deprecated `fs.read()` string interface has been removed
* HTTP
* Improved support for userland implemented Agents
* Outgoing Cookie headers are concatenated into a single string
* The `httpResponse.writeHeader()` method has been deprecated
* New methods for accessing HTTP headers have been added to `OutgoingMessage`
* Lib
* All deprecation messages have been assigned static identifiers
* The legacy `linkedlist` module has been removed
* N-API
* Experimental support for the new N-API API has been added
* Process
* Process warning output can be redirected to a file using the
`--redirect-warnings` command-line argument
* Process warnings may now include additional detail
* REPL
* REPL magic mode has been deprecated
* Src
* `NODE_MODULE_VERSION` has been updated to 57
* Add `--pending-deprecation` command-line argument and
`NODE_PENDING_DEPRECATION` environment variable
* The `--debug` command-line argument has been deprecated. Note that
using `--debug` will enable the *new* Inspector-based debug protocol
as the legacy Debugger protocol previously used by Node.js has been
removed.
* Throw when the `-c` and `-e` command-line arguments are used at the same
time
* Throw when the `--use-bundled-ca` and `--use-openssl-ca` command-line
arguments are used at the same time.
* Stream
* `Stream` now supports `destroy()` and `_destroy()` APIs
* `Stream` now supports the `_final()` API
* TLS
* The `rejectUnauthorized` option now defaults to `true`
* The `tls.createSecurePair()` API now emits a runtime deprecation
* A runtime deprecation will now be emitted when `dhparam` is less than
2048 bits
* URL
* The WHATWG URL implementation is now a fully-supported Node.js API
* Util
* `Symbol` keys are now displayed by default when using `util.inspect()`
* `toJSON` errors will be thrown when formatting `%j`
* Convert `inspect.styles` and `inspect.colors` to prototype-less objects
* The new `util.promisify()` API has been added
* Zlib
* Support `Uint8Array` in Zlib convenience methods
* Zlib errors now use `RangeError` and `TypeError` consistently
