2.48.0
======
* New stable release. (No changes since 2.47.90)
2.47.90
=======
* gnutls: The non-PKCS#11 TLS plugin now uses gnutls's certificate
validation code directly, rather than attempting to build a
certificate chain itself first. [#753260 and others, Dan Winship]
* gnutls: Fixed a leak when closing a connection during an implicit
handshake [#736809, Philip Withnall]
* gnutls: Fixed "make check" without PKCS#11 support [#728977,
Gilles Dartiguelongue]
* gnutls: Various changes in preparation for DTLS support (but not
the actual DTLS support itself) [#697908, #735754, Philip
Withnall, Olivier Crête]
* Updated translations: Occitan
2.47.1
======
* Fixed a certificate chain validation problem that affected
Facebook in Epiphany. [#750457, Carlos Garcia Campos]
* Added a systemd service file for glib-pacrunner [#755740, Simon
McVittie]
2.46.0
======
* Various minor cleanups and small memory leak fixes
* Added a new test case for client certificate chain handling
[#754129, Michael Catanzaro]
* New/updated translations:
Japanese, Occitan, Portuguese
2.45.1
======
* tls/gnutls: Implement g_tls_client_connection_copy_session_state(),
to allow implementing FTP-over-TLS in gvfs. (#745255, Ross
Lagerwall)
2.44.0
======
* New stable release. (No changes since 2.43.92)
2.43.92
=======
* Fix TLS session caching when using session tickets (#745099, Ross
Lagerwall)
* Updated translations:
Bosnian
2.43.91
=======
* tls/gnutls: Removed a workaround for connecting to servers with
weak DH parameters, which was apparently only needed because
gnutls was prioritizing DHE over RSA. (Michael Catanzaro)
(https://bugzilla.redhat.com/show_bug.cgi?id=1177964#c8)
* tls/gnutls: We now require gnutls 3.x again. (In fact, 2.42.1
and 2.43.1 accidentally used a 3.x-only function, so we already
required it, we were just failing to declare that fact.)
* tls/tests: Skip certain tests when running against old gnutls or
GLib releases. (glib-networking 2.43.91 itself does not require
GLib 2.43, but one of the test cases does.)
* Updated translations:
Friulian
2.43.1
======
* The GTlsClientConnection "use-ssl3" property now falls back to TLS
1.0 if SSL 3.0 has been disabled, rather than just failing. Also,
we now use the gnutls %LATEST_RECORD_VERSION option by default (to
allow connecting to certain servers that were incorrectly patched
for the POODLE attack), but also make sure to remove that option
in the fallback ("use-ssl3") mode (to allow connecting to other
servers that are differently broken). (#738633, #740087, Dan
Winship)
* tls/gnutls: Miscellaneous warning, debugging, and leak fixes
(#736757, #736809, #737106, Philip Withnall)
* New/updated translations:
Kazakh
2.42.0
======
* New stable release. (No changes since 2.41.92)
2.41.92
=======
* tls/gnutls: Incorrectly-ordered certificate chains are now
accepted (#683266, Michael Catanzaro)
* tls/gnutls: Closing an already-closed GTlsConnection now correctly
returns TRUE rather than G_IO_ERROR_CLOSED (#735754, Olivier
Crête)
2.41.4
======
* tls/gnutls: certificates with IP address subject altnames are now
supported (#726596, Aleix Conchillo Flaqué)
* tls/tests: added a script to re-generate the certificates, and
regenerated them (since the key for the existing CA certificate
had been lost, so it wasn't possible to add new test certificates,
eg, for IP SAN). (#733365, Aleix Conchillo Flaqué)
* Updated translations:
Greek
2.41.3
======
* tls/gnutls: g_tls_backend_get_default_database() should never
return %NULL; if glib-networking was built without a
ca-certificates file, then the default GTlsDatabase should just be
empty. (#727282, Olivier Crête)
* tls/gnutls: If a server's certificate includes an issuer chain, we
now send the entire chain to the client. (#724708, Aleix Conchillo
Flaqué)
* Updated translations:
Swedish
2.40.0
======
* New stable release. (No changes since 2.39.90)
2.39.90
=======
* tls/gnutls: Avoid trying to update a destroyed GSource (#723774,
Philip Withnall)
* tls/tests: Fix another flaky test (#722336)
* tests: use the TAP driver
* Updated translations:
Chinese, Czech
2.39.3
======
* tls/tests: Fix one sporadic bug in the connection test (#720081)
and make it properly fail rather than hanging forever when another
sporadic bug happens (which I don't actually know the cause of)
(#719727)
* tls/gnutls: Fix for -Werror=format-nonliteral (#720081, Ryan
Lortie)
2.39.1
======
* tls/gnutls: Use g_tls_interaction_invoke_request_certificate()
when processing a certificate request. (#637257, Stef Walter)
* tls/gnutls: Handle G_IO_ERROR_TIMED_OUT on a GTlsConnection
correctly rather than reporting "The specified session has
been invalidated for some reason". (#710700, Aleix Concillo
Flaque)
* tls/tests: Fix to previous installed-tests fix, which resulted
in some files getting installed even when installed tests weren't
enabled. (#710197)
* tls/tests: add a test for a fix made in glib (#710691, Aleix
Conchillo Flaque).
2.38.1
======
* glibpacrunner: Don't crash if there is an internal libproxy error.
(rhbz #866927)
* tls/tests: Fix installed tests to not accidentally depend on
having the source tree still exist. (#709628)
* Updated translations:
Tajik
2.38.0
======
* New stable release. (No changes since 2.37.5)
2.37.5
======
* gnutls: minimum version is now 2.12.8 (with 3.x preferred...)
* glib-networking now supports the --enable-installed-tests flag, to
install its test programs to run at other times (ie, after
updating glib)
2.37.4
======
* proxy/gnome: further improve GNOME session detection (#701377)
* gnutls: don't crash if $G_TLS_GNUTS_PRIORITY is invalid (#701693)
2.37.2
======
* proxy/gnome: Improve session-type detection to include
gnome-classic and anything else starting with "gnome" (#700607,
Giovanni Campagna)
* proxy/libproxy: make SOCKS work when using the async API (#699359,
Dan)
* proxy/tests: make the libproxy test program use the just-built
plugin rather than the installed one. Oops (#700286, Iain Lane)
* proxy/tests: fix to not error out if neither proxy module is built
(#700628, Dan)
* tls/tests: fix a sporadic crash (Dan)
2.37.1
======
* gnutls: Fixed a bug that could cause hangs and/or bursts of CPU
usage in some cases. (#696881, Olivier Crête)
* gnutls: Fixed CFLAGS when building with gnutls in a different
prefix. (#696519, Emmanuel Pacaud)
* gnutls: Fixed a hang while rehandshaking with gnutls 3.x (#695062,
Dan)
* gnutls: Fixed a handshaking crash in multithreaded use (#697754,
Olivier Crête)
* proxy/gnome: Fix "automatic" mode, which was mistakenly being
treated as "none" (Dan)
* proxy/gnome: Use this in Unity sessions as well as GNOME ones.
(#698936, Iain Lane)
* New/Updated translations:
Friulian, Indonesian, Turkish
Some highlights of the release are:
- New statistics info about runnable and active processes & ports.
- Time warp improvements: dbg:p/2 and erlang:trace/3 with
monotonic_timestamp | strict_monotonic_timestamp.
- Introduced a validation callback for heart.
- The module overload in sasl has been deprecated.
- ~90 contributions since 18.2
Full release notes:
http://erlang.org/download/otp_src_18.3.readme
New Features
Allow creation of rules to convert arbitrary identifiers into clickable links in the book details panel (Prefrences->Look & Feel->Book details)
Tag mapper: A new rule type 'split' allows you to easily split tags on a character
Make the shutting down message an overlay so it is less disruptive
Allow right clicking on Virtual Library tabs to edit/delete the virtual library.
Tag mapper: Add a button to edit the list of tags in a tag mapper rule using the tag editor dialog.
Bug Fixes
Conversion: Fix the obsolete HTML align=center markup (produced by Microsoft Word) not working for tables.
Font subsetting: When font-variant: small-caps is used include the capital letters as well, in case either the font or the renderer do not support OpenType smcp.
Font subsetting: Implement support for text-transform.
Fix the target book entry in the book list not being refreshed after merging books. Only matters if you have a column based on book formats.
E-book viewer: Fix a link that has some text along with a superscript/subscript being incorrectly detected as a footnote link
Fix device detection on windows failing if the registry entries for the device contain a very long item.
Edit Book: Fix an extra colon being added when setting the 'notes' semantic
Ensure that author folder names are never windows reserved names
E-book viewer: When displaying an EPUB 3 document that uses epub:switch to provide a fallback for MathML content, prevent both the MathML and fallback from being shown together.
PDF Output: When displaying an EPUB 3 document that uses epub:switch to provide a fallback for MathML content, prevent both the MathML and fallback from being rendered together.
Fix exception in custom column preferences when the column lookup key is changed
Catalog generation: Do not crash is a book in the library has no uuid.
Version 8.18.0 [v8-stable] 2016-04-19
- testbench: When running privdrop tests testbench tries to drop
user to "rsyslog", "syslog" or "daemon" when running as root and
you don't explict set RSYSLOG_TESTUSER environment variable.
Make sure the unprivileged testuser can write into tests/ dir!
- templates: add option to convert timestamps to UTC
closes https://github.com/rsyslog/rsyslog/issues/730
- omjournal: fix segfault (regression in 8.17.0)
- imptcp: added AF_UNIX support
Thanks to Nathan Brown for implementing this feature.
- new template options
* compressSpace
* date-utc
- redis: support for authentication
Thanks to Manohar Ht for the patch
- omkafka: makes kafka-producer on-HUP restart optional
As of now, omkafka kills and re-creates kafka-producer on HUP.
This is not always desirable. This change introduces an action param
(reopenOnHup="on|off") which allows user to control re-cycling of
kafka-producer.
It defaults to on (for backward compatibility). Off allows user to
ignore HUP as far as kafka-producer is concerned.
Thanks to Janmejay Singh for implementing this feature
- imfile: new "FreshStartTail" input parameter
Thanks to Curu Wong for implementing this.
- omjournal: fix libfastjson API issues
This module accessed private data members of libfastjson
- ommongodb: fix json API issues
This module accessed private data members of libfastjson
- testbench improvements (more tests and more thourough tests)
among others:
- tests for omjournal added
- tests for KSI subsystem
- tests for priviledge drop statements
- basic test for RELP with TLS
- some previously disabled tests have been re-enabled
- dynamic stats subsystem: a couple of smaller changes
they also involve the format, which is slightly incompatible to
previous version. As this was out only very recently (last version),
we considered this as acceptable.
Thanks to Janmejay Singh for developing this.
- foreach loop: now also iterates over objects (not just arrays)
Thanks to Janmejay Singh for developing this.
- improvements to the CI environment
- enhancement: queue subsystem is more robst in regard to some
corruptions
It is now detected if a .qi file states that the queue contains more
records than there are actually inside the queue files. Previously this
resulted in an emergency switch to direct mode, now the problem is only
reported but processing continues.
- enhancement: Allow rsyslog to bind UDP ports even w/out specific
interface being up at the moment.
Alternatively, rsyslog could be ordered after networking, however,
that might have some negative side effects. Also IP_FREEBIND is
recommended by systemd documentation.
Thanks to Nirmoy Das and Marius Tomaschewski for the patch.
- cleanup: removed no longer needed json-c compatibility layer
as we now always use libfastjson, we do not need to support old
versions of json-c (libfastjson was based on the newest json-c
version at the time of the fork, which is the newest in regard
to the compatibility layer)
- new External plugin for sending metrics to SPM Monitoring SaaS
Thanks to Radu Gheorghe for the patch.
- bugfix imfile: fix memory corruption bug when appending @cee
Thanks to Brian Knox for the patch.
- bugfix: memory misallocation if position.from and position.to is used
a negative amount of memory is tried to be allocated if position.from
is smaller than the buffer size (at least with json variables). This
usually leads to a segfault.
closes https://github.com/rsyslog/rsyslog/issues/915
- bugfix: fix potential memleak in TCP allowed sender definition
depending on circumstances, a very small leak could happen on each
HUP. This was caused by an invalid macro definition which did not rule
out side effects.
- bugfix: $PrivDropToGroupID actually did a name lookup
... instead of using the provided ID
- bugfix: small memory leak in imfile
Thanks to Tomas Heinrich for the patch.
- bugfix: double free in jsonmesg template
There has to be actual json data in the message (from mmjsonparse,
mmnormalize, imjournal, ...) to trigger the crash.
Thanks to Tomas Heinrich for the patch.
- bugfix: incorrect formatting of stats when CEE/Json format is used
This lead to ill-formed json being generated
- bugfix omfwd: new-style keepalive action parameters did not work
due to being inconsistently spelled inside the code. Note that legacy
parameters $keepalive... always worked
see also: https://github.com/rsyslog/rsyslog/issues/916
Thanks to Devin Christensen for alerting us and an analysis of the
root cause.
- bugfix: memory leaks in logctl utility
Detected by clang static analyzer. Note that these leaks CAN happen in
practice and may even be pretty large. This was probably never detected
because the tool is not often used.
- bugfix omrelp: fix segfault if no port action parameter was given
closes https://github.com/rsyslog/rsyslog/issues/911
- bugfix imtcp: Messages not terminated by a NL were discarded
... upon connection termination.
Thanks to Tomas Heinrich for the patch.
Changes:
9 April 2016: mitmproxy 0.17
* Simplify repository and release structure. mitmproxy now comes as a single package, including netlib and pathod.
* Rename the Python package from libmproxy to mitmproxy.
* New option to add server certs to client chain (CVE-2016-2402, John Kozyrakis)
* Enable HTTP/2 by default (Thomas Kriechbaumer)
* Improved HAR extractor (Shadab Zafar)
* Add icon for OSX and Windows binaries
* Add content view for query parameters (Will Coster)
* Initial work on Python 3 compatibility
* locust.io export (Zohar Lorberbaum)
* Fix XSS vulnerability in HTTP errors (Will Coster)
* Numerous bugfixes and minor improvements
