--------------------------------------------
Version 16.02
=============
- From Windows version of 7-Zip 16.02:
- The BUG in 16.00 - 16.01 was fixed: 7-Zip mistakenly reported the warning
"There are some data after the end of the payload data" for split archives.
Version 16.01 (never published)
=============
- From Windows version of 7-Zip 16.01:
- The bugs in SWM (WIM), EXE (PE) and CHM code were fixed.
- there are some internal changes in source code for better compatibility with VS2015 C++ compiler.
Version 16.00 (never published)
=============
- better support for OpenBsd (CPP/Windows/System.cpp), thanks Josh (https://sourceforge.net/p/p7zip/discussion/383043/thread/ee32dcd8/?limit=25#c322)
- From Windows version of 7-Zip 16.00:
- 7-Zip now can extract multivolume ZIP archives (z01, z02, ... , zip).
- Some fixed bugs:
- bzip2 decoder -mmt2 reported E_FAIL (for k_My_HRESULT_WritingWasCut case), if we extract partial file.
- 7z solid update (hang in break)
- sha1 worked incorrectly for call after call with ((size & 3) != 0)
- 7z update bcj bugs were fixed.
- split (aaa.001) fixed
- iso loop fix
- rar4 multivol -stdin kpidSize
- drag and drop 1<2.txt
- memory access violation fix
Unsafe usage of JavaScript’s Element.innerHTML could result in XSS in the admin’s add/change related popup. Element.textContent is now used to prevent execution of the data.
The debug view also used innerHTML. Although a security issue wasn’t identified there, out of an abundance of caution it’s also updated to use textContent.
Bugfixes:
* Fixed missing varchar/text_pattern_ops index on CharField and TextField respectively when using AddField on PostgreSQL.
* Fixed makemessages crash on Python 2 with non-ASCII file names.
program, version 1.2.1, into the packages collection.
Lepton is a tool and file format for losslessly compressing JPEGs by
an average of 22%.
This can be used to archive large photo collections, or to serve
images live and save 22% banwdith.
Changes from 9.10.3-P4 to 9.10.4 are too many to write here, please refer
CHANGES file.
--- 9.10.4-P2 released ---
4406. [bug] getrrsetbyname with a non absolute name could
trigger an infinite recursion bug in lwresd
and named with lwres configured if when combined
with a search list entry the resulting name is
too long. (CVE-2016-2775) [RT #42694]
4405. [bug] Change 4342 introduced a regression where you could
not remove a delegation in a NSEC3 signed zone using
OPTOUT via nsupdate. [RT #42702]
4387. [bug] Change 4336 was not complete leading to SERVFAIL
being return as NS records expired. [RT #42683]
--- 9.10.4-P1 released ---
4368. [bug] Fix a crash when calling "rndc stats" on some
Windows builds because some Visual Studio compilers
generated crashing code for the "%z" printf()
format specifier. [RT #42380]
4366. [bug] Address race condition when updating rbtnode bit
fields. [RT #42379]
4363. [port] win32: Disable explicit triggering UAC when running
BINDInstall.
--- 9.10.4 released ---
--- 9.9.9-P2 released ---
4406. [bug] getrrsetbyname with a non absolute name could
trigger an infinite recursion bug in lwresd
and named with lwres configured if when combined
with a search list entry the resulting name is
too long. (CVE-2016-2775) [RT #42694]
4405. [bug] Change 4342 introduced a regression where you could
not remove a delegation in a NSEC3 signed zone using
OPTOUT via nsupdate. [RT #42702]
4387. [bug] Change 4336 was not complete leading to SERVFAIL
being return as NS records expired. [RT #42683]
--- 9.9.9-P1 released ---
4366. [bug] Address race condition when updating rbtnode bit
fields. [RT #42379]
4363. [port] win32: Disable explicit triggering UAC when running
BINDInstall.
screenFetch is a "Bash Screenshot Information Tool". This handy Bash script can
be used to generate one of those nifty terminal theme information + ASCII
distribution logos you see in everyone's screenshots nowadays. It will
auto-detect your distribution and display an ASCII version of that
distribution's logo and some valuable information to the right. There are
options to specify no ASCII art, colors, taking a screenshot upon displaying
info, and even customizing the screenshot command! This script is very easy to
add to and can easily be extended.
A security-related issue was recently reported in Go's net/http/cgi package and
net/http package when used in a CGI environment. Go 1.6.3 and Go 1.7rc2 contain
a fix for this issue.
Go versions 1.0-1.6.2 and 1.7rc1 are vulnerable to an input validation flaw in
the CGI components resulting in the HTTP_PROXY environment variable being set
by the incoming Proxy header. This environment variable was also used to set
the outgoing proxy, enabling an attacker to insert a proxy into outgoing
requests of a CGI program.
This is CVE-2016-5386 and was addressed by this change:
https://golang.org/cl/25010, tracked in this issue:
https://golang.org/issue/16405
The Go team would like to thank Dominic Scheirlinck for coordinating disclosure
of this issue across multiple languages and CGI environments. Read more about
"httpoxy" here: https://httpoxy.org/
Go 1.6.3 also adds support for macOS Sierra. See https://golang.org/issue/16354
for details.
pkgsrc changes:
- Add a comment to suggest running upload-distfiles because upstream only store
latest stable version distfiles.
Changes:
7.0.2-4:
* To comply with the SVG standard, use stroke-opacity for transparent strokes.
* Define CompositeChannels mask to Red, Green, Blue, Alpha, and Black.
7.0.2-3:
* Patch so -kuwahara option can preserve colormapped edges.
* The histogram coder now returns the correct extent.
* Use CopyMagickString() rather than CopyMagickMemory() for strings.
Changes:
CHANGES IN V1.10.0
- texttotext: Added new filter for text-only printers written
in C, to use the CUPS library to access the print queue's
PPD file, with a lot of options to fit practically all
printer models amd paper sizes, support for CUPS' page
management options, and support for configuring the print
queue and controlling the options by the PPD file. The PPD
is now generated on-the-fly by cupsfilters.drv.
- textonly: Removed the old script-based filter and its PPD
for text-only printers.
- rastertops: Added new filter to turn PWG Raster into
PostScript, in preparation for MuPDF support. Thanks to
Pranjal Bhor for contributing this as part of his Google
Summer of Code project.
- gstoraster, gstopxl, gstopdf, pstopdf: Integrated
functionality of script-based filters pstopdf and gstopxl
into gstoraster filter as script-based filters cannot access
the print queue's PPD file with current CUPS due to change
of PPD file permissions. To make gstoraster always produce
the correct output format (CUPS/PWG Raster, PDF, PCL-XL) it
is called via new wrapper scripts (gstopdf, gstopxl) which
set an environment variable telling the format. The old
filter scripts got removed.
- imagetops, texttops: Do not use $0 in the wrapper scripts,
when CUPS calls filters, it passes the queue name as $0, not
path and name of the called filter.
- cups-browsed: When creating local queues for discovered IPP
network printers always create PPD files and if the
information supplied by the printer via IPP is insufficient
use information from the DNS-SD entry or default values
suitable for most printers. Use System V interface scripts
only on explicit request in cups-browsed.conf. This change
is to address the fact that System V interface script
support is removed from CUPS 2.2.x and later for security
reasons.
- pstopdf: Make the filter only get installed if Ghostscript is
present and also moved its conversion rules into the
cupsfilters-ghostscript.convs file.
- cups-browsed: Fixed crash when trying to get debugg logging
both to the terminal and into a file.
- libcupsfilters: Fixed crash of pdftoraster when the color
space is an RGB space (3 colors) with 1 bit color
depth. Here we need to add one bit to the pixels (to get 4
bits per pixel) to align the pixels with the bytes.
- cups-browsed: From cups-browsed.service removed the unneeded
"Wants=cups.service" as we have "Requires=cups.service"
(Debian bug #827455, #827457).
- foomatic-rip: Updated man page for removed page logging
facility.
- pdftops: Also added Dell to the list of manufacturers whose
printers need Poppler's PostScript to work around their
PostScript interpreter bugs (Debian bug #827040).
