Changelog:
Network Security Services (NSS) 3.19.1 is a patch release
for NSS 3.19.
No new functionality is introduced in this release. This patch
release includes a fix for the recently published logjam attack.
Notable Changes:
* The minimum strength of keys that libssl will accept for
finite field algorithms (RSA, Diffie-Hellman, and DSA) have
been increased to 1023 bits (bug 1138554).
* NSS reports the bit length of keys more accurately. Thus,
the SECKEY_PublicKeyStrength and SECKEY_PublicKeyStrengthInBits
functions could report smaller values for values that have
leading zero values. This affects the key strength values that
are reported by SSL_GetChannelInfo.
The NSS development team would like to thank Matthew Green and
Karthikeyan Bhargavan for responsibly disclosing the issue in
bug 1138554.
The HG tag is NSS_3_19_1_RTM. NSS 3.19.1 requires NSPR 4.10.8 or newer.
Changelog:
This is Version 1.33 (2015-05-23)
Principal changes in this release:
Improved fork detection on fossil update, fossil status and related commands.
Change the default skin to what used to be called "San Francisco Modern".
Add the /repo-tabsize web page
Add fossil import --svn, for importing a subversion repository into fossil which was exported using "svnadmin dump".
Add the "--compress-only" option to fossil rebuild.
Use a pie chart on the /reports?view=byuser page.
Enhanced fossil clean --verily so that it ignores keep-glob and ignore-glob settings. Added the -x alias for --verily.
Add the --soft and --hard options to fossil rm and fossil mv. The default is still --soft, but that is now configurable at compile-time or by the mv-rm-files setting.
Improved ability to customize the timelime graph.
Improvements to the /sitemap page.
Automatically adjust the CLI timeline to the terminal width on Linux.
Added [info commands] and [info vars] commands to TH1. These commands perform the same function as their Tcl counterparts, except they do not accept a pattern argument.
Fix some obscure issues with TH1 expression processing.
Fix titles in search results for documents that are not wiki, markdown, or HTML.
Formally translate TH1 to Tcl return codes and vice-versa, where necessary, in the Tcl integration subsystem.
Add fossil leaves -multiple, for finding multiple leaves on the same branch.
Added the "Blitz" skin option.
Removed the ".fossil-settings/keep-glob" file. It should not have been checked into the repository.
Update the built-in SQLite to version 3.8.10.2.
Make fossil open honor ".fossil-settings/allow-symlinks".
Allow fossil add to be used on symlinks to nonexistent or unreadable files in the same way as fossil addremove.
Added fork warning to be issued if sync produced a fork
Update the info page to report when a file becomes a symlink. Additionally show the UUID for files whose types have changed without changing contents or symlink target.
Have fossil changes and fossil status report when executable or symlink status changes on otherwise unmodified files.
Permit filtering weekday and file reports by user. Also ensure the user parameter is preserved when changing types. Add a field for direct entry of the user name to each applicable report.
Create parent directories of empty-dirs if they don't already exist.
Inhibit timeline links to wiki pages that have been deleted.
13.0.1 (2015-05-22)
~~~~~~~~~~~~~~~~~~~
* Upgrade pip to 7.0.1
13.0.0 (2015-05-21)
~~~~~~~~~~~~~~~~~~~
* Automatically install wheel when creating a new virutalenv. This can be
disabled by using the ``--no-wheel`` option.
* Don't trust the current directory as a location to discover files to install
packages from.
* Upgrade setuptools to 16.0.
* Upgrade pip to 7.0.0.
2.7.1 (compared to 2.7.0)
-----------------------------
- fix issue731: do not get confused by the braces which may be present
and unbalanced in an object's repr while collapsing False
explanations. Thanks Carl Meyer for the report and test case.
- fix issue553: properly handling inspect.getsourcelines failures in
FixtureLookupError which would lead to to an internal error,
obfuscating the original problem. Thanks talljosh for initial
diagnose/patch and Bruno Oliveira for final patch.
- fix issue660: properly report scope-mismatch-access errors
independently from ordering of fixture arguments. Also
avoid the pytest internal traceback which does not provide
information to the user. Thanks Holger Krekel.
- streamlined and documented release process. Also all versions
(in setup.py and documentation generation) are now read
from _pytest/__init__.py. Thanks Holger Krekel.
- fixed docs to remove the notion that yield-fixtures are experimental.
They are here to stay :) Thanks Bruno Oliveira.
- Support building wheels by using environment markers for the
requirements. Thanks Ionel Maries Cristian.
- fixed regression to 2.6.4 which surfaced e.g. in lost stdout capture printing
when tests raised SystemExit. Thanks Holger Krekel.
- reintroduced _pytest fixture of the pytester plugin which is used
at least by pytest-xdist.
+ Version 2.13 (12.05.2015)
- Added support for offsetof() the way gcc implements it (special builtin
that takes a type as an argument).
- Added faked va_* macros (these are expected to come from stdarg.h)
- Added a bunch more fake headers and typedefs to support parsing C projects
like Git and SQLite without modifications to pycparser.
- Added support for empty initializer lists (#79).
1.0.3
Same as 1.0.2, apart from doc and test fixes on some platforms.
1.0.2
Variadic C functions (ending in a ... argument) were not
supported in the out-of-line ABI mode. This was a bug-there
was even a (non-working) example doing exactly that!
1.0.1
ffi.set_source() crashed if passed a sources=[..] argument.
Fixed by chrippa on pull request #60.
Issue #193: if we use a struct between the first cdef() where
it is declared and another cdef() where its fields are defined,
then this definition was ignored.
Enums were buggy if you used too many ... in their definition.
1.0.0
The main news item is out-of-line module generation:
for ABI level, with ffi.dlopen()
for API level, which used to be with ffi.verify(), now
deprecated
-*- coding: utf-8 -*-
Changes for APR 1.5.2
*) SECURITY: CVE-2015-1829 (cve.mitre.org)
APR applications using APR named pipe support on Windows can be
vulnerable to a pipe squatting attack from a local process; the extent
of the vulnerability, when present, depends on the application.
Initial analysis and report was provided by John Hernandez of Casaba
Security via HP SSRT Security Alert. [Yann Ylavic]
*) apr_atomic: Fix errors when building on Visual Studio 2013 while
maintaining the ability to build on Visual Studio 6 with Windows
Server 2003 R2 SDK. PR 57191. [Gregg Smith]
*) Switch to generic atomics for early/unpatched Solaris 10 not exporting
some atomic functions. PR 55418. [Yann Ylavic]
*) apr_file_mktemp() on HP-UX: Remove limitation of 26 temporary files
per process. PR 57677. [Jeff Trawick]
*) apr_escape: Correctly calculate the size of the returned string in
apr_escape_path and set the correct return value in case we actually
escape the string. [<aduryagin gmail.com>] PR 57230.
*) pollcb on Windows: Handle calls with no file/socket descriptors.
Follow up to PR 49882. [Jeff Trawick, Yann Ylavic]
*) apr_poll(cb): fix error paths returned values and leaks. [Yann Ylavic]
*) apr_thread_cond_*wait() on BeOS: Fix broken logic. PR 45800.
[Jochen Voss (no e-mail)]
*) apr_skiplist: Optimize the number of allocations by reusing pooled or
malloc()ed nodes for the lifetime of the skiplist. [Yann Ylavic]
*) apr_skiplist: Fix possible multiple-free() on the same value in
apr_skiplist_remove_all(). [Yann Ylavic]
*) apr_pollset: On z/OS, threadsafe apr_pollset_poll() may return
"EDC8102I Operation would block" under load.
[Pat Odonnell <patod us.ibm.com>]
*) On z/OS, apr_sockaddr_info_get() with family == APR_UNSPEC was not
returning IPv4 addresses if any IPv6 addresses were returned.
[Eric Covener]
*) Windows cmake build: Fix an incompatibility with cmake 2.8.12 and
later. [Jeff Trawick]
*) apr_global_mutex/apr_proc_mutex: Resolve failures with the
POSIX sem implementation in environments which receive signals.
[Jeff Trawick]
*) apr_skiplist: Fix potential corruption of skiplists leading to
results or crashes. [Takashi Sato <takashi tks st>, Eric Covener]
PR 56654.
*) Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
--------------
Version 1.80b:
--------------
- Made afl-cmin tolerant of whitespaces in filenames. Suggested by
Jonathan Neuschafer and Ketil Froyn.
- Added support for AFL_EXIT_WHEN_DONE, as suggested by Michael Rash.
--------------
Version 1.79b:
--------------
- Added support for dictionary levels, see testcases/README.testcases.
- Reworked the SQL dictionary to use levels.
- Added a note about Preeny.
--------------
Version 1.78b:
--------------
- Added a dictionary for PDF, contributed by Ben Nagy.
- Added several references to afl-cov, a new tool by Michael Rash.
- Fixed a problem with crash reporter detection on MacOS X, as reported by
Louis Dassy.
--------------
Version 1.77b:
--------------
- Extended the -x option to support single-file dictionaries.
- Replaced factory-packaged dictionaries with file-based variants.
- Removed newlines from HTML keywords in testcases/_extras/html/.
--------------
Version 1.76b:
--------------
- Very significantly reduced the number of duplicate execs during
deterministic checks, chiefly in int16 and int32 stages. Confirmed
identical path yields. This should improve early-stage efficiency by
around 5-10%.
- Reduced the likelihood of duplicate non-deterministic execs by
bumping up lowest stacking factor from 1 to 2. Quickly confirmed
that this doesn't seem to have significant impact on coverage with
libpng.
- Added a note about integrating afl-fuzz with third-party tools.
Upstream changes:
0.234 20150527
. Fix the test for PMC loading to work on versions on Perl that don't
have Config::non_bincompat_options (HAARG). Fixes RT#102626 .
0.233 20150525
! The diagnostic about inheriting from ourselves was removed.
It served no own purpose as Perl already warns if we try to
inherit in a circular way.
* Fix: deadlock when thread join is issued in read-side C.S.
* Fix: rename RCU_DEBUG to DEBUG_RCU in urcu-qsbr.h
* Mark braced-groups within expressions with __extension__
* Fix: compat_futex_noasync race condition
* Fix: documentation: urcu-pointer.h: s/rcu_dereference_pointer/rcu_dereference/
* Fix: call rcu should call internal RCU API
This release is a bugfix release for configure 0.2.0, which brought:
- support for building out-of-tree (OBJDIR)
- new "distcheck" target generation
- support for phony targets
- updated helper scripts (OBJDIR support, portability fixes...)
- new helper script for Python conformance (PEP 8)
- initial support for Objective-C/C++ programs
- documentation update
- test suite
----------------
1.7034 2015-05-07 14:20:57 PDT
[Improvements]
- Improved an error message when dependency requirement in cpanfile
get conflict with prereqs in sub dependencies.
- Add one DEPENDS archivers/p5-Archive-Tar-Wrapper
to satisfy one of '# === Runtime Recommends ==='
(one more to add, Term::ReadLine::Gnu, but not for now).
(upstream)
- update to 5.036
------------------
5.036 2015-05-02 11:08:51-04:00 America/New_York
- BUGFIX: detection of trial status via underscore in version was
accidentally lost in v5.035; restored now!
-------------------
1.26 Sun Apr 12 13:37:00 2015
- Fix bug in string2hashref(), which failed on some strings, such as {a => 'b, c'}.
string2hashref() is called by read_tree().
Escaped chars are still not handled.
- Add t/string2hash.t to test new code.
1.25 Sun Mar 22 11:42:00 2015
- I've deleted the undocumented sub _dump_quote(), which butchered
Unicode characters
when it tried to convert ASCII control characters into
printable strings (on the assumption all data is
ASCII). Thanx to Dr. Petra Steiner (Germany) for discussion
and some testing. I hope no-one was relying on this sub in
output redirected to disk files, or otherwise saved for
later comparisons.
Methods which used to call _dump_quote() now just output
the node's name by calling quote_name(), which is discussed
next. Undefined names are output as the string 'undef'.
- Add method quote_name(), which simply returns its input string
surrounded by single-quotes.
- Add method decode_lol(). This converts the output of
tree_to_lol() and tree_to_simple_lol() into something which
is easy to read. See scripts/read.tree.pl for sample usage.
- Reorder a couple of methods called tree_*(), so that they are in
alphabetical order.
- Expand the docs for methods tree_to_*(), re undefined node names.
- Add scripts/write.tree.pl, which creates the test input file
t/tree.utf8.attributes.txt. Note: This latter file is now
much more complex that in previous versions.
- Add scripts/read.tree.pl, and it's output file scripts/read.tree.log. This program
demonstrates the output produced by various methods.
- Fix the faulty syntax I had used in Build.PL to identify the github repo.
- Delete and re-create github repo after 'git push' failed to upload the new version.
- Add LICENSE file to MANIFEST.
1.24 Sun Jan 25 14:17:00 2015
- Clean up discussion in docs of original author's reluctance to
allow parameters to new().
- Rewrite bareword filehandles (INX) to use a variable (my $fh).
- Rename github repo from Tree--DAG_Node to Tree-DAG_Node - My new standard.
Update Build.PL and Makefile.PL to match.
- Reformat the docs, and this file, slighty, to be <= 100 chars per
line - My new standard.
- Change horizontal indentation used by node2string() to add 1
space, so '|' lines up underneath the first char of the
previous node's name. Use scripts/cut.and.paste.subtrees.pl
to see the difference.
-------------------
1.10 2015-05-12 05:15:41 -0400
- Work around for buggy IPC::Run3 0.048 on MSWin32
On Windows we probe for and mitigate a bug in IPC::Run3
(see https://github.com/plicease/Test-Script/issues/1 for details)
with the intention of removing the workaround if/when IPC::Run3
is fixed.
1.09 2015-05-07 16:44:26 -0400
- If IPC::Run3::run3 throws an exception it will now fail the test
(with a helpful diagnostic) rather than crashing the test script.
- A script that is killed with a singnal is now considered a failure
as well.
- Use alternate expected exit and signal values with options as the
second argument to script_runs.
- Ability to pass input via stdin to the script with script_runs.
- Ability to capture stdout and stderr from script with script_runs.
- Functions to test stdout and stderr:
script_stdout_is
script_stdout_isnt
script_stdout_like
script_stdout_unlike
script_stderr_is
script_stderr_isnt
script_stderr_like
script_stderr_unlike
1.08 2015-05-06 05:09:13 -0400
- Now works with or without blib (rt81222, rt102743)
- Compatability with older versions of Test::Builder::Tester (rt81335)
- Requires Perl 5.6.0
- Migrate to Dist::Zilla
--------------
1.20 2015-05-17
Deprecated:
* Search::Elasticsearch::Client::Direct in favour of
Search::Elasticsearch::Client::1_0::Direct
New features:
* Added support for structured JSON exceptions in Elasticsearch 2.0
* Added support for plugins
* Added Search::Elasticsearch::Client::2_0::Direct for the upcoming
Elasticsearch 2.0 with these changes:
* removed delete_by_query()
* removed termvector()
* removed indices.delete_mapping()
* removed nodes.shutdown()
* removed indices.status()
* added terminate_after param to search()
* added dfs param to termvectors()
* removed filter_keys param from indices.clear_cache()
* removed full param from indices.flush()
* removed force param from indics.optmize()
* removed replication param from all CRUD methods
* removed mlt() method
Bug fix:
* The bulk buffer was being cleared on a NoNodes exception
Added class:
Added methods:
* field_stats()
Added params:
* allow_no_indices, expand_wildcards, ignore_unavailable to cluster.state()
* fielddata_fields to search()
* master_timeout to indices.get_template() and indices.exists_template()
* detect_noop to update()
* only_ancient_segments to upgrade()
* analyze_wildcards, analyzer, default_operator, df, lenient, lowercase_expanded_terms,
and q to count(), search_exists() and indices.validate_query()
Removed methods:
* benchmark.* - never released in Elasticsearch
Also:
* arrays of enum query string params are now flattened as CSV
* enum expand_wildcards also accepts: none, all
* Search::Elasticsearch is no longer a Moo class
* Updated elasticsearch.org URLs to use elastic.co instead
* the request body is retained in exceptions
* upgraded Hijk to 0.20
-------------------
1.14 2015.05.17
- Add 'reap_finished_children', 'is_child' and 'is_parent'. (GH#6, Nine bit)
1.13 2015.05.11
- Use 'select' instead of sleep in _waitpid_blocking. (GH#5)
---------------------
0.412 2015-05-19
- release 0.411_001 without further changes
0.411_001 2015-05-11
- move generation of test endpoints to author stage as requested per issue/#9
- add a rough guide for contributors
- fix rt#103251 to avoid removing bundled stuff by accident
- Fix compilation errors under cl (Thanks to jddurand)
- Add one BUILD_DEPENDS to devel/p5-Devel-LexAlias for make test.
(upstream)
- Update to 0.13
--------------
0.13 2015-05-12
- one more fix for blead (eserte, jplesnik, #6)
-------------------
1.80 May 14, 2015
- add be_like_java feature (bug report by Bojan Jovanovic)
- generate warnings only when enabled
1.79 May 7, 2015
- add repository metadata
1.78 May 7, 2015
- accept any end of line terminator (i.e. "\r\n", "\r" or "\n")
independently of the underlaying operating system (bug report by
William Fishburne, problem analysis by Alexander Brett)
- As described below, PERL5_MODULE_TYPE converted to default to EU:MM
ExtUtils::MakeMaker
(upstream)
- update to 0.04
--------------
0.04 2015-05-10T22:08:23Z
- use EU::MM
-------------------
0.30 2015-05-15 20:43:54-04:00 America/New_York
No changes from 0.29
0.29 2015-04-19 18:36:24+02:00 Europe/Berlin (TRIAL RELEASE)
Fixed:
- Fix double filehandle close error with tee on Windows
(which started warning during the perl 5.21.x series,
causing tests to fail)
