2.1.2 - 2014-09-21
==================
**Enhancements**
- #407: project moved from Google Code to Github; code moved from Mercurial
to Git.
- #492: use tox to run tests on multiple python versions. (patch by msabramo)
- #505: [Windows] distribution as wheel packages.
- #511: new examples/ps.py sample code.
**Bug fixes**
- #340: [Windows] Process.get_open_files() no longer hangs. (patch by
Jeff Tang)
- #501: [Windows] disk_io_counters() may return negative values.
- #503: [Linux] in rare conditions Process exe(), open_files() and
connections() methods can raise OSError(ESRCH) instead of NoSuchProcess.
- #504: [Linux] can't build RPM packages via setup.py
- #506: [Linux] python 2.4 support was broken.
- #522: [Linux] Process.cpu_affinity() might return EINVAL. (patch by David
Daeschler)
- #529: [Windows] Process.exe() may raise unhandled WindowsError exception
for PIDs 0 and 4. (patch by Jeff Tang)
- #530: [Linux] psutil.disk_io_counters() may crash on old Linux distros
(< 2.6.5) (patch by Yaolong Huang)
- #533: [Linux] Process.memory_maps() may raise TypeError on old Linux distros.
CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible
CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be
created
CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection
CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests
pkgsrc also includes patches from the Xen Security Advisory:
XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram
XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT,
LIDT, and LMSW emulation
XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation
of software interrupts
D-Bus 1.8.8 (2014-09-16)
==
The "smashy smashy egg man" release.
Security fixes:
* Do not accept an extra fd in the padding of a cmsg message, which
could lead to a 4-byte heap buffer overrun.
(CVE-2014-3635, fd.o #83622; Simon McVittie)
* Reduce default for maximum Unix file descriptors passed per message
from 1024 to 16, preventing a uid with the default maximum number of
connections from exhausting the system bus' file descriptors under
Linux's default rlimit. Distributors or system administrators with a
more restrictive fd limit may wish to reduce these limits further.
Additionally, on Linux this prevents a second denial of service
in which the dbus-daemon can be made to exceed the maximum number
of fds per sendmsg() and disconnect the process that would have
received them.
(CVE-2014-3636, fd.o #82820; Alban Crequy)
* Disconnect connections that still have a fd pending unmarshalling after
a new configurable limit, pending_fd_timeout (defaulting to 150 seconds),
removing the possibility of creating an abusive connection that cannot be
disconnected by setting up a circular reference to a connection's
file descriptor.
(CVE-2014-3637, fd.o #80559; Alban Crequy)
* Reduce default for maximum pending replies per connection from 8192 to 128,
mitigating an algorithmic complexity denial-of-service attack
(CVE-2014-3638, fd.o #81053; Alban Crequy)
* Reduce default for authentication timeout on the system bus from
30 seconds to 5 seconds, avoiding denial of service by using up
all unauthenticated connection slots; and when all unauthenticated
connection slots are used up, make new connection attempts block
instead of disconnecting them.
(CVE-2014-3639, fd.o #80919; Alban Crequy)
Other fixes:
* Check for libsystemd from systemd >= 209, falling back to
the older separate libraries if not found (Umut Tezduyar Lindskog,
Simon McVittie)
* On Linux, use prctl() to disable core dumps from a test executable
that deliberately raises SIGSEGV to test dbus-daemon's handling
of that condition (fd.o #83772, Simon McVittie)
* Fix compilation with --enable-stats (fd.o #81043, Gentoo #507232;
Alban Crequy)
* Improve documentation for running tests on Windows (fd.o #41252,
Ralf Habacker)
packaged for wip.
The functions for creating temporary files and directories in the base
library are quite limited. The unixutils package contains some good ones,
but they aren't portable to Windows. This library just repackages the Cabal
implementations of its own temporary file and folder functions so that you
can use them without linking against Cabal or depending on it being
installed.
rather than trying to consolidate into a single fnmatch. There aren't that
many of them, and it will aid the integration of cwrappers which doesn't
support globs.
Direvent is a directory content watcher daemon, i.e. a program that
monitors a set of directories on the file system and reacts when
their content changes. When a change is detected, the daemon reacts by
invoking an external command configured for that kind of change.
The program aims to provide a uniform and system-independent
command-level interface for file system events.
This release doesn't include anything as significant as the metadata
support added in 0.25, but it has quite a few bug fixes and internal
improvements, in addition to these notable changes:
- When --meta is specified to the fuse command, instead of generic
data, the originally saved mode, uid, git, atime, mtime, and ctime
will be reported for the archive paths.
- When --browser is specified to the web command, a browser window
will be opened for the repository.
- The -x/--xdev/--one-filesystem options now include the mountpoint
itself in the traversal (matching rsyc, tar, etc.).
- Empty lines in --exclude-rx-from files will be ignored.
Previously they would cause all paths to be excluded.
- The index and restore commands now support --exclude-rx-from.
- Relative filesystem --excludes like "--exclude bar" should now
work. Previously --excludes had to be absolute.
- The drecurse command now supports --exclude-rx and
--exclude-rx-from.
- The --compress option should now work for remote repositories.
- Streams saved via "bup split" will now show up as a single file
named "data" at the top level of the VFS, instead of as a subtree
(i.e. when examined via ftp, ls, and fuse).
- The ls command now supports -n, -A, -F, --file-type,
--numeric-ids, and detailed -l options.
- The save dates are now taken from the corresponding git commit's
author date, not the committer date.
- The tornado server, required by the web command, is no longer
included. See the README for installation instructions.
Note that the metadata support is still somewhat immature. For
example, we still need to add better support for cross-filesystem-type
save/restore (which is too noisy), etc.
Please give this release a try and let us know what's broken. If
you're new to bup, start with the README (and then HACKING if you'd
like to help further):
https://github.com/bup/bup/blob/master/README.mdhttps://github.com/bup/bup/blob/master/HACKINGhttp://anonscm.debian.org/gitweb/?p=users/rlb/bup.git;a=blob;f=README.md;hb=refs/heads/masterhttp://anonscm.debian.org/gitweb/?p=users/rlb/bup.git;a=blob;f=HACKING;hb=refs/heads/master
And although I probably sound like a broken record -- while we expect
bup to work fairly well, I still don't recommend it as your sole
backup strategy. I'd still suggest a periodic
tar/rsync/etc. backstop.
Rsyslog is an enhanced syslogd supporting, among others, MySQL,
PostgreSQL, failover log destinations, syslog/tcp, fine grain
output format control, high precision timestamps, queued operations
and the ability to filter on any message part. It is quite
compatible to stock sysklogd and can be used as a drop-in
replacement.
liblognorm shall help to make sense out of syslog data, or, actually,
any event data that is present in text form.
In short words, one will be able to throw arbitrary log message to
liblognorm, one at a time, and for each message it will output
well-defined name-value pairs and a set of tags describing the message.
ZnapZend is a ZFS centric backup tool. It relies on snapshot, send
and receive todo its work. It has the built-in ability to to manage
both local snapshots as well as remote copies by thining them out
as time progresses.
The ZnapZend configuration is stored as properties in the
ZFS filesystem itself.
The bug prevents mkisofs from creating old-style distrib/cdrom ISO
image for macppc. Trying to create bootable macppc CD in distrib/cdrom
using cdrtools mkisofs fails with:
mkisofs: No such file or directory. Invalid node - '--macbin'.
The bug is in option spec that causes mkisofs to misparse
-hide-hfs-list option. The patch is actually a single whitespace
character.
Bump PKGREVISION.
==============
Version 0.4.4
==============
* systemd fixes (Lennart Poettering)
==============
Version 0.4.3
==============
* Revert VT_WAITEVENT usage, since it is racy (Lennart Poettering)
* systemd fixes (Lennart Poettering)
==============
Version 0.4.2
==============
* Ensure we only care for seat files ending in .seat (William Jon McCann)
* Various Solaris improvements (Halton Huo)
* Make build silent (Ray Strode)
* Don't take bus name until ready (Ray Strode)
* systemd hookup (Lennart Poettering)
* add --since option to ck-history (William Jon McCann)
* Reduce number of threads on Linux (Kan-Ru Chen)
* Other fixes (Anders Kaseor, Frederic Crozat, Matthias Clasen, Michael Biebl, William Jon McCann)
==============
Version 0.4.1
==============
* Fix a crasher (William Jon McCann)
* fix a small memory leak (Matthias Clasen)
* update email address (William Jon McCann)
==============
Version 0.4.0
==============
* Starting with this release we will not do session.d/ 'session_active_changed' callouts anymore. (Lennart Poettering)
* get rid of session.d's session_active_changed callout (Lennart Poettering)
* close file descriptors before exit func (Halton Huo)
* log the kernel release and boot arguments at start time (William Jon McCann)
* show display in host field if the host isn't set (William Jon McCann)
* print the uptime for the reboot items in the report (William Jon McCann)
* fix logic for finding session remove events (William Jon McCann)
* fix a few small leaks (William Jon McCann)
* Add seat.d/ callout directory and guarantee we dump the database before call
* database: write the console database to disk before signalling via dbus (Len
* Enforce that the env array has the right size (Lennart Poettering)
* when printing size_t use %z format string (Lennart Poettering)
* make CK database world readable (Lennart Poettering)
* get rid of ck_seat_set_active_session() prototype since no such function exi
* Move ck_session_run_programs() from ck-run-programs.h to ck-session.h (Lenna
* post release version bump (Ray Strode)
==============
Version 0.3.1
==============
* port to PolicyKit 1.0 (Matthias Clasen)
* D-Bus policy updates (Colin Walters, Martin Pitt, Vincent Untz, William Jon McCann)
* better diagnostic information for unimplemented backends (Daniel Macks)
* file monitoring fixes (James Westby)
* get VT from X display if no controlling tty is available (Ray Strode)
* add "nox11" option to PAM module (Martin Pitt)
* parse log entries with no body correctly (William Jon McCann)
* fix zero-sized struct/unions (William Jon McCann)
* solaris build fixes (Halton Huo)
* parse gecos field for real name (William Jon McCann)
* leak fixes (James Westby, Steve Langasek)
* compile warning fixes (Matthias Clasen)
* fix doc xml validation errors (William Jon McCann)
* fix doc generation when srcdir != builddir (Ray Strode)
* add example upstart events for logging (William Jon McCann, Ray Strode)
* fix ChangeLog generation script to work with git-log moved to libexecdir (Ray Strode)
