1.70.0 (2023-04-12)
* OpenSSL 3 support
* Resource record hashes no longer include the rdata
* Removed requite to title-cased Digest - thanks jhawthron
4.18.2
Changes since 4.18.1
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 15302: Log flood: smbd_calculate_access_mask_fsp: Access denied:
message level should be lower.
* BUG 15306: Floating point exception (FPE) via cli_pull_send at
source3/libsmb/clireadwrite.c.
o Andrew Bartlett <abartlet@samba.org>
* BUG 15328: test_tstream_more_tcp_user_timeout_spin fails intermittently on
Rackspace GitLab runners.
* BUG 15329: Reduce flapping of ridalloc test.
* BUG 15351: large_ldap test is unreliable.
o Ralph Boehme <slow@samba.org>
* BUG 15143: New filename parser doesn't check veto files smb.conf parameter.
* BUG 15354: mdssvc may crash when initializing.
o Volker Lendecke <vl@samba.org>
* BUG 15313: large directory optimization broken for non-lcomp path elements.
* BUG 15357: streams_depot fails to create streams.
* BUG 15358: shadow_copy2 and streams_depot don't play well together.
o Rob van der Linde <rob@catalyst.net.nz>
* BUG 15316: Flapping tests in samba_tool_drs_show_repl.py.
o Stefan Metzmacher <metze@samba.org>
* BUG 15317: winbindd idmap child contacts the domain controller without a
need.
* BUG 15318: idmap_autorid may fail to map sids of trusted domains for the
first time.
* BUG 15319: idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings.
* BUG 15323: net ads search -P doesn't work against servers in other domains.
* BUG 15353: Temporary smbXsrv_tcon_global.tdb can't be parsed.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 15316: Flapping tests in samba_tool_drs_show_repl.py.
* BUG 15343: Tests use depricated and removed methods like
assertRegexpMatches.
4.18.1
This is a security release in order to address the following defects:
o CVE-2023-0225: An incomplete access check on dnsHostName allows authenticated
but otherwise unprivileged users to delete this attribute from
any object in the directory.
https://www.samba.org/samba/security/CVE-2023-0225.html
o CVE-2023-0922: The Samba AD DC administration tool, when operating against a
remote LDAP server, will by default send new or reset
passwords over a signed-only connection.
https://www.samba.org/samba/security/CVE-2023-0922.html
o CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
Confidential attribute disclosure via LDAP filters was
insufficient and an attacker may be able to obtain
confidential BitLocker recovery keys from a Samba AD DC.
Installations with such secrets in their Samba AD should
assume they have been obtained and need replacing.
https://www.samba.org/samba/security/CVE-2023-0614.html
Changes since 4.18.0
--------------------
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 15276: CVE-2023-0225.
o Andrew Bartlett <abartlet@samba.org>
* BUG 15270: CVE-2023-0614.
* BUG 15331: ldb wildcard matching makes excessive allocations.
* BUG 15332: large_ldap test is inefficient.
o Rob van der Linde <rob@catalyst.net.nz>
* BUG 15315: CVE-2023-0922.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 15270: CVE-2023-0614.
* BUG 15276: CVE-2023-0225.
4.18.0
This is the first stable release of the Samba 4.18 release series.
Please read the release notes carefully before upgrading.
NEW FEATURES/CHANGES
====================
SMB Server performance improvements
-----------------------------------
The security improvements in recent releases
(4.13, 4.14, 4.15, 4.16), mainly as protection against symlink races,
caused performance regressions for metadata heavy workloads.
While 4.17 already improved the situation quite a lot,
with 4.18 the locking overhead for contended path based operations
is reduced by an additional factor of ~ 3 compared to 4.17.
It means the throughput of open/close
operations reached the level of 4.12 again.
More succinct samba-tool error messages
---------------------------------------
Historically samba-tool has reported user error or misconfiguration by
means of a Python traceback, showing you where in its code it noticed
something was wrong, but not always exactly what is amiss. Now it
tries harder to identify the true cause and restrict its output to
describing that. Particular cases include:
* a username or password is incorrect
* an ldb database filename is wrong (including in smb.conf)
* samba-tool dns: various zones or records do not exist
* samba-tool ntacl: certain files are missing
* the network seems to be down
* bad --realm or --debug arguments
Accessing the old samba-tool messages
-------------------------------------
This is not new, but users are reminded they can get the full Python
stack trace, along with other noise, by using the argument '-d3'.
This may be useful when searching the web.
The intention is that when samba-tool encounters an unrecognised
problem (especially a bug), it will still output a Python traceback.
If you encounter a problem that has been incorrectly identified by
samba-tool, please report it on https://bugzilla.samba.org.
Colour output with samba-tool --color
-------------------------------------
For some time a few samba-tool commands have had a --color=yes|no|auto
option, which determines whether the command outputs ANSI colour
codes. Now all samba-tool commands support this option, which now also
accepts 'always' and 'force' for 'yes', 'never' and 'none' for 'no',
and 'tty' and 'if-tty' for 'auto' (this more closely matches
convention). With --color=auto, or when --color is omitted, colour
codes are only used when output is directed to a terminal.
Most commands have very little colour in any case. For those that
already used it, the defaults have changed slightly.
* samba-tool drs showrepl: default is now 'auto', not 'no'
* samba-tool visualize: the interactions between --color-scheme,
--color, and --output have changed slightly. When --color-scheme is
set it overrides --color for the purpose of the output diagram, but
not for other output like error messages.
New samba-tool dsacl subcommand for deleting ACES
-------------------------------------------------
The samba-tool dsacl tool can now delete entries in directory access
control lists. The interface for 'samba-tool dsacl delete' is similar
to that of 'samba-tool dsacl set', with the difference being that the
ACEs described by the --sddl argument are deleted rather than added.
No colour with NO_COLOR environment variable
--------------------------------------------
With both samba-tool --color=auto (see above) and some other places
where we use ANSI colour codes, the NO_COLOR environment variable will
disable colour output. See https://no-color.org/ for a description of
this variable. `samba-tool --color=always` will use colour regardless
of NO_COLOR.
New wbinfo option --change-secret-at
------------------------------------
The wbinfo command has a new option, --change-secret-at=<DOMAIN CONTROLLER>
which forces the trust account password to be changed at a specified domain
controller. If the specified domain controller cannot be contacted the
password change fails rather than trying other DCs.
New option to change the NT ACL default location
------------------------------------------------
Usually the NT ACLs are stored in the security.NTACL extended
attribute (xattr) of files and directories. The new
"acl_xattr:security_acl_name" option allows to redefine the default
location. The default "security.NTACL" is a protected location, which
means the content of the security.NTACL attribute is not accessible
from normal users outside of Samba. When this option is set to use a
user-defined value, e.g. user.NTACL then any user can potentially
access and overwrite this information. The module prevents access to
this xattr over SMB, but the xattr may still be accessed by other
means (eg local access, SSH, NFS). This option must only be used when
this consequence is clearly understood and when specific precautions
are taken to avoid compromising the ACL content.
Azure Active Directory / Office365 synchronisation improvements
--------------------------------------------------------------
Use of the Azure AD Connect cloud sync tool is now supported for
password hash synchronisation, allowing Samba AD Domains to synchronise
passwords with this popular cloud environment.
REMOVED FEATURES
================
smb.conf changes
================
Parameter Name Description Default
-------------- ----------- -------
acl_xattr:security_acl_name New security.NTACL
server addresses New
CHANGES SINCE 4.18.0rc4
=======================
o Jeremy Allison <jra@samba.org>
* BUG 15314: streams_xattr is creating unexpected locks on folders.
o Volker Lendecke <vl@samba.org>
* BUG 15310: New samba-dcerpc architecture does not scale gracefully.
CHANGES SINCE 4.18.0rc3
=======================
o Andreas Schneider <asn@samba.org>
* BUG 15308: Avoid that tests fail because other tests didn't do cleanup on
failure.
o baixiangcpp <baixiangcpp@gmail.com>
* BUG 15311: fd_load() function implicitly closes the fd where it should not.
CHANGES SINCE 4.18.0rc2
=======================
o Jeremy Allison <jra@samba.org>
* BUG 15301: Improve file_modtime() and issues around smb3 unix test.
o Ralph Boehme <slow@samba.org>
* BUG 15299: Spotlight doesn't work with latest macOS Ventura.
o Stefan Metzmacher <metze@samba.org>
* BUG 15298: Build failure on solaris with tevent 0.14.0 (and ldb 2.7.0).
(tevent 0.14.1 and ldb 2.7.1 are already released...)
o John Mulligan <jmulligan@redhat.com>
* BUG 15307: vfs_ceph incorrectly uses fsp_get_io_fd() instead of
fsp_get_pathref_fd() in close and fstat.
o Andreas Schneider <asn@samba.org>
* BUG 15291: test_chdir_cache.sh doesn't work with SMBD_DONT_LOG_STDOUT=1.
* BUG 15301: Improve file_modtime() and issues around smb3 unix test.
CHANGES SINCE 4.18.0rc1
=======================
o Andrew Bartlett <abartlet@samba.org>
* BUG 10635: Office365 azure Password Sync not working.
o Stefan Metzmacher <metze@samba.org>
* BUG 15286: auth3_generate_session_info_pac leaks wbcAuthUserInfo.
o Noel Power <noel.power@suse.com>
* BUG 15293: With clustering enabled samba-bgqd can core dump due to use
after free.
Highlighted bugfixes:
avdec_h264: fix decoder deadlocks with FFmpeg 6.0
rtspsrc: fix regression with URI protocols in OPTIONS requests for RTSP over TLS
rtspsrc: improved control url handling compatibility for broken servers
decklink: fix 10 bit RGB (r210) format auto detection for capture and fix playout if video caps are configured before audio caps
d3d11videosink: Fix tearing in case of fullscreen mode
playbin: fix deadlock when stopping stream with subtitles visible (even more)
typefinding: fix regression not detecting application/dash+xml in some corner cases
osxvideosink: fix broken aspect ratio and frame drawing region
decodebin3, parsebin: Improve elementary stream handling when decoders are not present and fix hang when removing a failing stream
urisourcebin: Propagate sticky events from parsebin, so that the `STREAM_START` event with the `GstStream` info is always available when pads get exposed
v4l2: Add support for YVU420M format; mark JPEG content as parsed
h264decoder, h265decoder: DPB bumping process and latency reporting fixes
Opus: Fix reading of extended channel config in MPEG-TS and fix missing sample rate when remuxing from RTP to Matroska
zxing: add support for building against zxing-c++ 2.0
cerbero: Fix packaging of Rust plugins on Android; fix modern Gentoo distro detection
various bug fixes, memory leak fixes, and other stability and reliability improvements
Changelog:
# Arti 1.1.3 — 31 March 2023
Arti 1.1.3 continues our work on onion services. We can now parse all
of the relevant message types, build circuits as needed to target
relays, build and sign onion service descriptors, and deliver onion service
requests to our `hsclient` code.
We've also solved a few annoying bugs, made our CI more bulletproof against
certain programming mistakes, and exposed a few APIs that had been missing
before elsewhere in our code.
### Major bugfixes
- Prevent a fatal error when finding a usable consensus in a read-only
directory store. ([#779], [!1055])
### Breaking changes in lower level crates
- Moved futures-related utilities from `tor-basic-utils` to a new
`tor-async-utils` crate. ([!1091])
- When the `expand-paths` Cargo feature is not enabled, we now reject
paths in our configuration containing unescaped `$` and `~` strings.
Previously we would treat them as literals, which would break
when `expand-paths` was provided. ([#790], [!1069])
### Onion service development
- We now have working implementations for all of the message types that Tor
uses to implement onion services. These are included in our fuzzing, and
are cross-validated against the C Tor implementation. ([!1038], [!1043],
[!1045], [!1052])
- Our onion service descriptor parsing code now validates the inner
certificates embedded in the descriptors, for parity with C Tor's behavior.
([#744], [!1044])
- Refactor responsibility for HS circuit management out of `CircMgr`
([!1047])
- Revise APIs and outline implementations for the initial parts of a state
manager and client implementation. ([!1034], [!1086])
- Handle requests for `.onion` addresses by routing them to our onion service
code. (This code does not yet do anything useful.) ([!1060], [!1071],
[!1098])
- Our circuit implementation now has APIs needed to send special-purpose
messages and receive replies for them. We'll use this to implement
onion service handshakes outside of the `tor-proto` module. ([!1051])
- Implement functionality to pre-construct and launch circuits as needed for
onion service directory, introduction, and rendezvous
communications. ([#691], [!1065])
- Implement code to construct, encrypt, and sign onion service
descriptors. ([#745], [!1070], [!1084])
- More work on usable APIs for HSDir ring. ([!1095])
### Infrastructure
- Add a new `check_env` script to detect whether the environment is set
up correctly to build Arti. ([!1030])
- We have the beginnings of a `fixup-features` tool, to make sure that our
"full" and "experimental" Cargo features behave in the way we expect,
and eventually to enable us to use [`cargo-semver-checks`] on our
non-experimental features only. This tool is not yet ready for
use; its semantics are subtly wrong. ([#771], [!1059])
- Our CI scripts now rejects merges containing the string
"XX<!-- look, a squirrel -->XX";
we use this string to indicate places where the code must be fixed
before it can be merged. ([#782], [!1067])
### Testing
- More of our tests now specify times using [`humantime`] (rather than as
a number of seconds since the Unix epoch). ([!1037])
- Our fuzzers now compile again.
([53e44b58f5fa0cfa], [!1063])
### Documentation
- New example code for building a `BridgeConfig` and launching a TorClient
with bridges, without having a config file. ([#791], [!1074])
### Cleanups, minor features, and minor bugfixes
- Our `caret` macro now works correctly for uninhabited
enumerations. ([841905948f913f73])
- Defend against possible misuse of [`tor_bytes::Reader::extract_n`].
This wasn't a security hole, but could have become one in the
future. ([!1053])
- Do not ask exits to resolve IP addresses: we already know the IP address
for an IP address. ([!1057])
- Fix a bunch of new warnings from Rust 1.68. ([!1062])
- Expose builder for [`TransportConfigList`] as part of the public
API. ([455a7a710917965f])
- Enforce use of blinded keys in places where they are required. ([!1081])
- Add accessors for the [`Blockage`] type, so other programs can
ask what has gone wrong with the connection to the network. ([#800],
[!1088]).
### Acknowledgments
Thanks to everybody who's contributed to this release, including
Alexander Færøy, Dimitris Apostolou, Emil Engler, Saksham Mittal, and
Trinity Pointard. Also, our welcome to Gabi Moldovan as she joins
the team!
Also, our deep thanks to [Zcash Community Grants] for funding the
development of Arti!
## Changes in 2.53.3
Released 2023-04-28
* On Linux, allow syncing the xattrs where POSIX draft ACLS are
stored, which enables syncing the ACL info. (Note that this does
not enable syncing ACLs with the `-acl` switch, and does not
enable syncing ACLs between other systems and Linux. See the
manual.)
* Improved ETA calculation and sync speed display in text UI.
* Fix CI Windows builds (again).
* Drop unmaintained "make install" target.
* Bugfixes, minor improvements, cleanups.
Upstream's changelist:
[2.2] fix CVE-2022-45188 by @rdmark in #254
[2.2] papd: Fix incorrect type in printer status check by @smagoun in #320
[2.2] Improvements to the macusers script by @rdmark in #263
[2.2] man pages: create an a2boot man page by @rdmark in #235
[2.2] Improve systemd service dependencies, improving stability at
boot on wifi only hosts by @rdmark in #233
[2.2] Update manual to match current behavior and correct typos by
@rdmark in #230#234#257
[2.2] Remove release notes code since it's no longer used by @rdmark
in #256
Create Github workflow that builds, tests, and runs static analysis by
@rdmark in #255#290#314
Changelog:
v1.15.8
* Fixed activation of a pinned identity in inline media requests.
* Fixed potential crash when changing split view mode during a UI
animation.
* Updated UI translations.
v1.15.7
* Fixed window contents getting frozen after Reset Zoom when zoom level
is already at 100%.
* Fixed key modifiers not being recognized before a text field has been
activated. (Affects some versions of SDL.)
* Updated UI translations.
v1.15.6
* The Outline tab in the sidebar now uses regular UI colors, like other
sidebar tabs.
* Fixed handling of the AltGr key during text input.
* Fixed incorrect background colors for Preferences tab buttons with
certain themes (e.g., Colorful Light).
* Updated UI translations.
v1.15.5
* Added several new translated languages: Azerbaijani, Catalan, Czech,
Danish, Dutch, Esperanto, Finnish, Greek, Hebrew, Hungarian,
Indonesian, Irish, Korean, Persian, Polish, Slovak, Swedish, Turkish,
and Ukrainian. (LibreTranslate server was upgraded to v1.3.10.)
* Added "Auto-detect" as the default source language for translation.
* Added option to skip preformatted blocks when translating a page.
* Fixed translation of link lines. Only the link label is now
translated.
* Fixed lines on translated pages sometimes shifting position and
getting the wrong line types.
* Fixed handling of redirects when fetching subscribed feed pages.
* Fixed saving the "Split view pinning" setting so it doesn't reset
when relaunching the app.
* Updated UI translations.
v1.15.4
* Fixed crash when trying to open a tab, New Identity dialog, or the
Identity menu when the Preferences window is focused.
* Fixed potential crash if switching focus to a widget being dismissed
(e.g., popup going away).
* Fixed text input becoming unresponsive when focus switches from a
popup being dismissed to a new popup.
* Fixed closing the Preferences window with Ctrl+W or ⌘W.
* Fixed unnecessary page layout update when closing Preferences.
* Updated UI translations.
v1.15.3
* Fixed handling of redirects in the inline media player and file
downloader.
* Updated UI translations.
v1.15.2
* Fixed moving input focus to the next window when closing a window.
* Centered footer info text for better balance.
* Fixed TUI build.
* Updated UI translations.
v1.15.1
* Fixed opening multiple Preferences windows at the same time.
* Fixed the Preferences window missing a window icon.
* Footer information moved out of the margin area and under the page
content.
* Updated UI translations.
v1.15.0
New features:
* Preferences dialog opens as a separate window.
* Option --prefs-sheet: open Preferences as a sheet like in previous
releases.
* Reordering tabs: tab buttons can be dragged with the mouse, and tabs
can be moved left/right using tab context menu items or keyboard
shortcuts.
* Move a tab to the other side of a split view (tab context menu).
* Move a tab to a new window (tab context menu).
* Added a "Window" menu to the menu bar that has actions for
manipulating and switching the active window, and duplicating and
switching tabs. (On macOS, this menu has already been available.)
* macOS: Globe+E opens the native Character Viewer.
* Gopher: Option to disable Gemini styling on Gopher menu pages. When
disabled, whitespace is not normalized and all non-link lines are
presented as regular paragraph text.
* Japanese UI translation (13% complete).
Changes and enhancements:
* Redesigned Preferences dialog with vertical tabs and a new
organization of the settings. "Fonts" and "Colors" are removed, and
there is a new "Content" tab.
* Mouse cursor turns into the I-beam only over selectable text.
* Indicate that tab autoreloading is enabled by changing the appearance
of the navbar reload button.
* macOS: "Window" menu has new actions for duplicating and switching
tabs.
* GTK: Request dark window theme if the app UI color theme is dark.
* Prevent high-resolution mice from flooding event processing with too
many motion events and delaying UI refresh.
* Updated UI translations.
Fixes:
* Changing the UI scaling factor will now affect all existing and newly
created windows.
* Possible crash when duplicating a tab.
* Issues with event processing when multiple windows are open.
* Workaround for a hang when running many parallel requests with MIME
filter hooks.
v1.14.2
* Fixed a potential crash when using musl libc.
* Fixed a potential crash when closing tabs in split view mode.
* Fixed inconsistent spacing after level 1 headings.
* Fixed endless reload animation events if a split view is closed while
loading a page.
* Fixed page load progress indicator that was being obscured by active
split marker in split view.
* Fixed potential crash when trying to reuse a TLS session.
* FreeBSD: By default use the system-provided SSL library (that can be
LibreSSL).
* macOS: Prebuilt binaries use LibreSSL instead of OpenSSL.
* Updated UI translations.
v1.14.1
* Fixed possible crash when closing a tab with the outline sidebar
visible.
* Fixed hang when setting a folder's parent to itself in the Edit
Folder dialog.
* macOS: "Settings" menu item was disabled on Ventura.
* Updated UI translations.
v1.14.0
New features:
* A bookmark folder can be opened in new tabs, in the same window or a
new one, one tab per bookmark.
* Pinned bookmark identities. A simpler way to use identities. When the
"Pinned identity" property is set on a bookmark, opening the bookmark
causes the selected identity to be "pinned" to the tab: while you
stay on the same site, the identity remains in use when opening
links. However, when opening a link to another site, a new tab gets
opened. (The old way of per-URL identities is still available, too.)
* New identities can be created for use in the current directory (as
opposed to domain or page).
* Option --dump (-d) to print contents of URLs/paths to stdout.
Metadata is printed to stderr.
* Option --dump-identity (-I) selects the identity to use with --dump.
* Option --replace-tab URL opens a URL, replacing contents of the
active tab.
* Option --user DIR (-U) to set the directory where user data is
stored.
Changes and enhancements:
* When creating new identities, make it clearer what the scope of usage
will be. The UI actions explicitly say "New Identity for Domain" when
the default usage will be the entire domain.
* URLs opened via system-level handlers always open a new tab, like
URLs opened via the command line.
* MIME types of many new file extensions are recognized (courtesy of
John Cowan).
* The regular expression library PCRE2 is preferred over PCRE, if
available. The older library is in maintenance mode.
* Updated UI translations.
Fixes:
* Accidental backwards navigation when quickly refreshing the page
twice.
* Page scroll position is kept when loading finishes, if the user
already scrolled during loading.
* Schemeless relative URLs no longer assume "gemini" as the scheme,
instead using the current page's scheme as default.
* Opening a feed entry in a background tab will mark is as read, like
opening in the foreground does.
* ANSI escapes 39 and 49 (reset FG/BG color to default) were not
working.
v1.13.8
* Fixed issues with text selection and range visualization.
* macOS: Fixed crash when opening URLs via system handler when no
windows open.
* TUI: Improved POSIX compliance in build-tui script.
v1.13.7
* Fixed reporting of errors related to a proxy server certificate.
* An untrusted proxy server certificate can be trusted via Page
Information.
* Updated UI translations.
v1.13.6
* Added option to split tabs evenly, excluding sidebar widths (default:
no).
* Fixed crash when switching view to plain text.
* Fixed manually entered image URLs inadvertently opening inline.
* Fixed mouse event handling in split view mode when a dialog is open
on one side. The other side would not receive wheel events unless
input focus was first switched over.
* Fixed issues with popup menu positioning.
* Fixed drawing of the widget scroll indicator when a widget doesn't
fit vertically in the window.
* Possible workaround for an issue with mouse hover autoscrolling on an
external displays.
* Don't open an endless number of bookmark creation/edit dialogs when
holding down the keyboard shortcut (Ctrl+D/⌘D).
* Percent-encode backslashes in externally opened URLs, for improved
compatibility.
* Custom link icons are allowed with unsupported/unrecognized protocols
(i.e., Emoji at the start of link label).
* Use file name as the tab/window title if the content has no headings.
* Avoid redundancy in tab/window titles ("Cosmos — Cosmos" → "Cosmos").
* macOS: Fixed a sidebar animation glitch when in split view mode.
* macOS: Adjusted idle UI refresh rate when using the Metal backend, to
avoid stutters.
* Updated UI translations.
v1.13.5
* Parent navigation assumes directory URL is equivalent to index page
URL (e.g., "/path/" == "/path/index.gmi"): this now only applies to
Gemini URLs, and checks for "index.gemini", too, as per Gemini Best
Practices.
* Fixed crash when determining the name of a ZIP file from a URL.
* Fixed misparsing of URL to form the name of a downloaded file (%23
decoded too early).
* macOS: Fixed window state being forgotten when all windows are
closed. Normally state is saved when quitting, but on macOS the app
will keep running without any windows.
* TUI: Added "Simple characters" setting (in Preferences > Fonts) that
replaces selected Unicode symbols with ASCII approximations.
* TUI: Level 1 headings are two lines tall and underlined.
* TUI: Don't load any fontpacks.
* TUI: build-tui.sh now has interactive build config.
* Updated UI translations.
v1.13.4
* TUI: Improved detection of supported color modes. The preferred mode
is a modifiable palette with 256+ colors. As a fallback, use a fixed
VGA palette, or basic monochrome if the terminal doesn't support
colors.
* TUI: Tuned build flags in build-tui.sh as a Linux workaround (set -O1
on SEALCurses).
* TUI: Ignore the LAGRANGE_OVERRIDE_DPI environment variable.
* Spartan: Fixed opening URLs in other apps via operating system
handlers.
* Updated language strings.
v1.13.3
* Changed URL field bookmark indicator for better consistency.
* Show a proper error page if server closes the connection before a
header is fully received.
* Spartan: Prefilled prompt input from URL query string is selected by
default.
* Spartan: Fixed composing request content out of the query string.
* Spartan: Fixed handling of empty path in a request.
* Spartan: Allow opening URLs from command line.
* Spartan: .desktop file includes Spartan scheme handling.
* macOS: Register app as Spartan URL scheme handler.
* macOS: Fixed relaunching the app after installing an update via
Sparkle.
* Windows: Register Gopher and Spartan URL handlers.
* TUI: Fixed build-tui.sh so it doesn't expect the_Foundation to be
preinstalled.
v1.13.2
* Fixed failure to restore the selected fonts at launch.
* Fixed window state being reset when quitting the app by closing the
last window. (No such problem was occurring when quitting via menu or
Ctrl+Q.)
v1.13.1
* Fixed crash when opening Preferences. The text renderer had problems
with font lookup.
v1.13.0
New features:
* Curses-based clagrange for running the app in the terminal. This is a
complete TUI port of the original GUI version including, e.g., UI
animations, smooth scrolling, and split view mode. clagrange has
separate preferences, UI state, and key bindings but the rest of the
runtime files are shared with the GUI version.
* Build option ENABLE_TUI: build a text mode version of the app so it
can be run in the terminal. Enabling this produces an executable
called clagrange that is not linked with SDL.
* URL field indicator that shows if there's a bookmark for the current
page. Clicking on the indicator opens the Add/Edit Bookmark dialog.
* Checking server certificates using a bundled root CA file.
* Build option CACERT_PEM_PATH: path of a cacert.pem file that contains
trusted root CA certificates. This file is included in resources.lgr.
* Support for the Spartan protocol. Prompt lines will open an input
dialog for submitting text. This can be expanded to the full upload
dialog using which a file can be uploaded, too.
* Reopening the last closed tab. The default binding is Shift+Ctrl+T
(⇧⌘T).
* Page context menu item "View as Plain Text": show the page source as
plain text.
* Option to view Markdown as source or as a Gemtext conversion
(default: as source).
Changes and enhancements:
* Updated Noto Emoji font with support for Unicode 14. There should be
no more missing Emoji glyphs.
* Improved UI keyboard navigation. The sidebar and all widgets in
dialogs are accessible via Tab cycling, and new shortcuts have been
added for opening menus. Menu items and lists are cursor-navigable.
Opening the sidebar automatically gives it keyboard focus.
* When bookmarking a page, show the Edit Bookmark dialog if there's
already a bookmark for the URL. The Edit Bookmark dialog has a new
Duplicate button for actually making a duplicate bookmark.
* Markdown documents support horizontal rules.
* TUI: Zoom controls resize the open sidebar (left sidebar if both
visible).
* macOS: Keep app running even after all windows are closed. Clicking
on the dock icon opens a new window.
Fixes:
* Sidebar page outline not updated when the current tab changes.
* The Escape key closes the bookmark editor dialog as intended.
* Preferences: "Justify" option must be hidden if HarfBuzz is not used.
* macOS: Window refresh tweaks to avoid stutters (Metal renderer).
v1.12.2
* Fixed positioning of the language translation dialog's progress
animation.
* Fixed hovering on links via the keyboard (default binding: H).
* Tab buttons use theme background color with light Oceanic to avoid a
color clash.
* Feed refresh indicator uses the accent color.
* Updated UI translations.
v1.12.1
* Windows: Fixed importing identities (path separator confusion).
* Updated Help: export/import, user data archives, paragraph
justification.
* Updated UI translations.
v1.12.0
New features:
* Export and import user data as a ZIP archive, including identities,
bookmarks, site-specific settings, trusted certificate fingerprints,
and browsing history.
* UI layout options: the navigation/tab bars can be moved to the bottom
of the window, and one can have a traditional menu bar instead of the
hamburger menu. On macOS, the normal menu bar is used as before.
* Added style option to justify paragraphs that are at least three
lines long.
* Added new content theme "Oceanic" with support for both dark and
light modes.
* Added new UI accent colors: Red, Green, Blue, Gray.
* Feeds: Added "Mark Below as Read" context menu item.
* macOS: A set of system fonts is available for use in content/UI. In
practice, these are .ttc files loaded from /System/Library/Fonts/,
rendered using Lagrange's own text renderer.
* Site-specific setting for TLS session resumption (enabled by
default).
Changes and enhancements:
* Roboto is the new default content/UI font, except on Windows where
Segoe UI is the default font.
* Toggles use symbols instead of YES/NO.
* UI uses only one accent color at a time.
* Theme palette tuning: adjusted generated palettes of Colorful Dark/
Light, improved the Sepia theme, and added a dark mode Sepia variant.
* Certain pages like Help open in a new tab. If the page is already
open in a tab, that tab is activated instead of opening a new one.
* Improved word wrapping with more breaking punctuation.
* Text renderer uses additional subpixel offsets with lower-density
displays.
* Text rendering optimizations: avoid repeated shaping of the same
text.
* UI rendering optimizations.
Fixes:
* Fixed a possible crash when clicking on the first link of a page with
the monospace body text option enabled.
* Fixed occasional small gaps between glyph backgrounds.
* Fixed problems with marking feed entries as read/unread.
* The bookmark dialog doesn't show irrelevant fields when editing a
bookmark folder.
* Spurious spaces are removed from ends of bookmark titles.
* Pasting text into an input field should not decode reserved URL
characters.
* Percent-encoded spaces (%20) in a file name were not decoded when
saving a file.
* Windows: Fixed issues with restoring window placement in maximized
mode.
v1.11.2
* Added a keybinding for focusing the URL field.
* Sidebar items (bookmarks, feed entries, history) can be
middle-clicked to open in a new tab. Holding Shift will open the tab
in the foreground.
* Flags can be used as link icons. Note that additional fonts and
HarfBuzz are required for all the flag symbols to be visible.
* Updated UI translations.
v1.11.1
* Fixed opening bookmarks in a new window.
* Fixed use of a cached TLS session after deactivating a client
certificate.
v1.11.0
!!️ Downgrading back to v1.10 causes all site-specific themes to be
forgotten. Back up your sitespec.ini beforehand.
New features:
* Multiple windows. Windows can be opened via the menu, Ctrl/⌘+N, or
link context menus.
* Restoring tabs at launch is now optional. Added a toggle in
Preferences > General.
* Site-specific settings (Shift+Ctrl/⌘+Comma), with options for theme
customization and showing ANSI escape warnings. The custom theme is
based on a "seed string" chosen by the user.
* Fontpack search. Fonts in the skyjake.fi font library have been
indexed based on all the glyphs they provide, so one can look up
which fontpacks provide any missing glyphs.
* "Manage Fonts" button on the Preferences > Fonts tab. It opens
"about:fonts".
* "Tab width" setting (default: 8). This controls how TAB characters
are displayed on pages.
* Setting for maximum valid URI length on 'text/gemini' link lines.
* Option to show images decoded from data URLs immediately after
loading a page. This is limited to JPEG, PNG, WebP, and GIF (no
animations).
* "Paste and Go" in the input field context menu.
* TLS session caching: reduces the need for redundant handshaking by
keeping old TLS sessions cached for 10 minutes.
* UI language for Italian.
Changes and enhancements:
* The input prompt dialog saves entered text persistently, just like
the Upload dialog. This prevents losing text if the dialog is closed
accidentally.
* Input field backup is done per window, e.g., "uploadbackup.2.txt".
* Sidebar context menus have more consistent "open" menu items, now
including opening the item in a new window.
* The missing glyphs warning dialog now shows a list of the missing
code points.
* Downloading the Classic Set fontpack is no longer suggested since
fontpacks can be searched as needed.
* Abbreviate font pack descriptions on "about:fonts". The full
description is shown when viewing a single fontpack.
* The active tab button uses the theme background color if the page
color theme has a bright colorful background to avoid clashing with
the UI accent color.
* Adjusted colors of the Gray and Black page themes.
* Added additional (small) variations to theme hues.
* Data URLs have their own link icon.
* Adjusted appearance of context menus.
* Updated UI translations.
Fixes:
* Incorrect behavior and UI glitches related to data URLs. The UI will
now omit the encoded part of data URLs.
* Occasional mismatch between page and banner backgrounds. It was due
to loss of precision when converting colors to 8-bit RGB.
* Issues with changing UI metrics when a window moves between displays.
Not all UI elements were rescaled properly.
* Glitches with opening and closing context menus.
* TAB characters are no longer forcibly normalized to spaces.
* Pasting LF characters in the URL field should not be possible.
* Avoid reinitializing fonts more than once during startup.
v1.10.6
* Added bindings for switching Feeds list to Unread/All mode.
* Fixed normalization of empty Gemini URL paths to / as per the
November 2021 spec update.
* Updated UI translations.
v1.10.5
* Added a keybinding for "Paste Preceding Line" (in input prompt menu).
* The "Miscellaneous Symbols and Arrows" Unicode block
(U+2B00...U+2BFF) is accepted as custom link icons.
* When mixing Emoji into preformatted text (glyphs are from different
fonts), lay out the Emoji as double-wide characters to avoid
overlapping.
* Faster hover-scrolling of long popup menus.
* Fixed sidebars not getting updated after identity addition/deletion.
* Fixed "Paste Preceding Line" not being undoable.
* Fixed lookup of missing glyphs. Fontpack priorities are now applied
as documented.
* Fixed animation issue with sidebars in the right side of split view.
* Fixed a refresh issue that caused the first line of the page to be
redrawn continuously, spiking CPU usage.
* Fixed link numbers showing up next to image captions.
* Fixed how the link hover popup handles extremely long URLs.
* macOS: Handling regular mouse wheel events. Each step of the wheel
should cause a single scroll event.
* macOS: Fixed a sidebar clipping issue with Metal.
* macOS: Possible workaround for a window refresh glitch when using
SDL's Metal renderer. (Sometimes animated elements like the URL hover
info would stop at being partially transparent and not complete the
fade.)
* Updated UI translations.
v1.10.4
* Added missing ANSI background color codes 100-107 (high-intensity
VGA).
* Fixed how the ANSI FG color is adjusted to keep text legible on dark
or bright backgrounds when BG color is unset.
* Fixed possible crash when there are ANSI escapes in the alt text of a
preformatted block.
* Fixed tab/window titles containing ANSI escapes (escapes are
removed).
* macOS: Use Metal for drawing graphics if display refresh rate is
higher than 60 Hz.
* macOS: Handling scroll events meant for other windows.
* Updated UI translations.
v1.10.3
* Unix: Added a lagrange(1) manual page.
* Hide the [+] button on the tab button row if the navbar has a New Tab
button.
* "/index.gmi" is considered equal to "/" when navigating to parent
directory.
* Site icon ❑ replaced with ⌘ ("place of interest") for a more distinct
appearance and to avoid similarity with the ❐ "Open in New Tab" icon.
* Navigating to parent or root from "about:" pages goes to
"about:about" to see overview of all the About pages.
* Gopher: Fixed navigating to root, e.g., when clicking on the page top
banner. Set item type to 1 to show a gophermap and not the plain
source.
* Titan: When navigating to parent/root, switch URL scheme to "gemini".
This action occurs on a Titan response page, so initiating a new
upload with the parent/root URL is probably not appropriate.
* Fixed crash when a media player is active and a new download is
started.
* Fixed crash when a line contains nothing but an ANSI escape sequence.
* Fixed a possible crash when saving state of subscribed feeds.
* Fixed the right-hand sidebar handling the U and Shift+U key events if
it was showing the Feeds tab, even though the sidebar was hidden.
* Fixed line wrapping at backslashes. They are now considered
word-breaking characters.
v1.10.2
* Fixed cancelling an input query. Now pressing Cancel will navigate
back to the previous page as intended.
* Gopher: Fixed navigating to parent. Set item type to 1 to show a
gophermap and not the plain source.
* macOS: Workaround for a crash when launching. Prevent event
processing from being triggered while the app window is becoming
visible for the first time.
* Fixed a build issue on Haiku OS.
* Updated Smol Emoji: added the rest of Unicode 8 Emoji glyphs.
v1.10.1
* Fixed bottom actions of the Feeds sidebar getting hidden when all
entries are read. This prevented switching between Unread/All filter
modes.
* Fixed potential crash when downloading a large file (e.g., a
fontpack).
* Linux: SDL event handling workaround adjusted to only apply to
2.0.18+.
* Updated UI translations.
v1.10.0
New features:
* macOS: Trackpad swipe navigation.
* Customizable navbar actions. Right-click on a button to change its
action. (Identity and hamburger buttons cannot be changed.)
* Identity toolbar menu can be used to switch between alternate
identities. If you have used multiple identities on one site, this
makes it more convenient to switch between them.
* Added "Edit Page with Titan": opens the upload dialog with current
page's content prefilled.
* Added "Paste Preceding Line" in the input prompt dialog. Potential
use cases include user-editable sections on a page and suggested/
example input values.
* Added footer action to open file in another app when the media type
is unsupported.
* Added option to disable cursor blinking in input fields.
* Added ANSI SGR codes for light and regular font weights (2, 10).
* macOS: Added "Show in Finder" in the Identities sidebar.
Changes and enhancements:
* Improved image inlining: all responses with an image media type can
get inlined, regardless of the file extension in the URL.
* Inline image metadata goes under the image instead of possibly
overlapping the label text.
* Inline downloads have a context menu for relevant actions, and
clicking on the download opens the file.
* Improved highlighting of open pages. The highlight no longer goes
under the side elements on the page.
* Entry dates in feed links are de-emphasized for improved readability.
* Revised link hover popup. None of the information appears on the same
line any more (which was problematic if there wasn't enough space).
Instead, everything is shown in a popup at the bottom/top of the
view, including the identity that will be used when opening the link
and the date of last visit.
* Revised layout of the Upload dialog. There is a new edit field that
lets you modify the file path of the URL. Identity names are in bold.
* Optimized UI layout procedure and memory use during UI event
processing.
* Audio subsystem is only initialized when actually needed.
* Prevent state file corruption if the app happens to get killed while
state is being saved.
* Gempub: Open books in 1:2 split mode instead of 1:1.
* Minor improvements in page caching.
* Detect when text is Bengali, Devanagari, Oriya, or Tamil.
Fixes:
* Fixed a history caching issue: if there were multiple instances of
the same URL in history, only the latest one's content would be used
when navigating back/forward.
* Fixed handling of reserved characters in URLs (cf. RFC 3986, section
2.2).
* Fixed the copy/paste context menu not showing in input fields.
* Fixed duplicated warnings showing in the page banner.
* Fixed very narrow input fields causing the app to hang.
* Fixed initial scroll position in multiline input fields.
* Fixed layout issues in the sidebar on empty Feeds and Identities
tabs.
* Fixed lookup results list becoming too narrow.
* Fixed glitches when a widget has multiple simultanous animations.
* Fixed mixed-language CJK word wrapping.
* Fixed parsing Atom feed dates with leading whitespace.
* Windows: Fixed installing individual TrueType fonts via drag and
drop.
* macOS: Fixed high CPU usage during audio playback and UI animations.
* macOS: Line breaks inside menu items (e.g., info about current
identity).
v1.9.5
* Fixed misshapen button borders (SDL 2.0.16 line drawing workaround).
* Fixed actions being triggered when navigating via home row keys.
* macOS: Fixed native menu items being triggered when navigating via
home row keys.
* macOS: Fixed native menu items triggering when changing key bindings.
v1.9.4
* Fixed crash when a link is missing both URL and label (just a =>).
* Fixed handling of foreground color escapes in the simple text
renderer.
* Updated UI translations.
* Upgraded SDL to 2.0.18.
v1.9.3
* Added UI language for Dutch.
* Updated UI translations.
* Fixed the simple text renderer (build error, hanging).
* Fixed time zone of the "valid from" time in created client
certificates.
* macOS: Fixed selecting scope for a newly created identity.
v1.9.2
* Windows: Use the correct version number for update checks.
* Fixed possible crash when switching Feeds sidebar filter mode via the
popup menu.
* Shorter label for "Mark All as Read" in Feeds sidebar actions.
* In popup menus, differentiate between selected item and hover item.
* Updated UI translations.
v1.9.1
* Added "24-Hour Time" preference. Currently it only affects the page
timestamp in the bottom left corner.
* Heading level 3 is indented like regular text lines, making the
difference to level 2 evident.
* Fixed crash when creating a top-level bookmark.
* Fixed drawing the page timestamp.
* Fixed layout of tab buttons and other resizing widgets so all
available space is used.
* Fixed tab close buttons preventing activation of very short tab
buttons. The close buttons only appear if there is room for them.
* Fixed very short tab labels not getting truncated.
* Fixed the New Tab button not staying at the right edge of the window,
depending on how many tabs are open.
v1.9.0
New features:
* Added a toolbar button for toggling the left sidebar.
* Added an unsplit button in the toolbar when in split view mode.
* Choose parent folder when creating or editing a bookmark.
* Support for 24-bit RGB ANSI color sequences.
* Support for ANSI background color escapes (disabled by default).
* macOS: Automatic updates using the Sparkle framework.
* Windows: Automatic updates using the WinSparkle library.
* UI language for Turkish.
Changes and enhancements:
* Adjusted font styles of heading levels 2 and 3.
* Sidebar context menus also appear when clicking over the sidebar
background. In this case the menu contains general functions not
related to any item.
* Feeds tab in the sidebar has a redesigned action toolbar with "Mark
All as Read", and dropdown menu and keyboard shortcuts for changing
the filter mode.
* Feeds tab remembers the unread/all filter mode persistently.
* ANSI foreground colors are modified to match colored theme
backgrounds (e.g., Sepia).
* Navigating back and forward in history will skip input query prompts
(status 1x), showing only the query results.
* Ctrl+A now selects all text in input fields (except on macOS, where
it remains the Emacs-style jump to start/end of line).
* The resource bundle (resources.lgr) is now a regular ZIP archive.
This allows it to do double duty as a fontpack containing the
built-in fonts. The archive contains a version number to avoid use of
obsolete resources.
Fixes:
* Fixed layout issues related to footer action buttons. Sometimes the
buttons would overlap page content.
* Fixed handling duplicate feed entries: if multiple entries in a feed
have the same URL, only use the first one.
v1.8.3
* Fixed clicking on UI elements that are over the page top banner. The
banner would always get clicked instead.
* Titan upload identity is remembered as a site-specific setting. It is
no longer affected by selections in the Identities sidebar.
* macOS: Fixed updating items in native menus, e.g., upload identity
selection.
v1.8.2
* Fixed encoding of + characters in URLs as per RFC 3986.
* Fixed crash when fontpack.ini specifies a file that cannot be found.
* Fixed incorrect title of some error messages (was showing response
meta info).
* Fixed ambiguous font dropdown menu items if some fonts have the same
name. Now the unique font ID will be included in these cases.
* Made it possible to manually trust a certificate whose subject
doesn't match domain name.
* Updated UI translations.
v1.8.1
* Added UI translations: Hungarian, Czech.
* Added the zip utility as a build requirement. It is used for making
fontpacks.
* Fixed build failure with the simple text renderer, i.e., when
HarfBuzz is disabled.
* Fixed issues scrolling tall popup menus (e.g., UI language
selection).
* Fixed a line spacing artifact in long headings. With some fonts, the
lines were clipping each other so the spacing was restored to normal.
* Fixed a socket I/O issue that caused received data to be ignored when
the peer closed the connection prematurely.
* macOS: Tab close buttons are on the left side (platform UI
convention).
* Gopher: Recognize both LF and CRLF line endings in page content.
v1.8.0
!!️ Font settings will be reset to defaults. Only a minimal set of fonts
is bundled with the app. If additional fonts are needed, one can use
custom TrueType fonts or download some from the Font Library.
New features:
* Added a customizable font library. Open "about:fonts" to view and
manage the installed fonts.
* Added TrueType fonts as a recognized content type. When one is viewed
in the app (e.g., via a drag-and-drop), there is an option to install
it as a user font.
* Added fontpacks: ZIP archives containing one or more TrueType fonts
and parameters about how they should be used.
* Added support for TrueType collections (.ttc).
* Added new font options: separate preformatted and monospace body
fonts, UI font, smoothing.
* Added style option to show all links as bold regardless of visited
status.
* Added warning message about missing font glyphs.
* Added warning message about terminal emulation. Lagrange supports a
small subset of ANSI escape sequences, so page appearance may be
incorrect when these are used in content.
* Added tab close buttons.
* Added style option to show links as bold regardless of visited
status.
* Added a feed subscription option to exclude web links (HTTP/HTTPS),
since those are not viewable in the app by default.
* Added an automatic conversion of Markdown to Gemtext when viewing
local files. (Not all Markdown features are supported.)
* Added UI language for Ukrainian (uk).
Changes and enhancements:
* Removed all alternative built-in content fonts.
* The default content font is Source Sans, same as the UI font.
* Redesigned error/warning messages. These now show up as part of the
page top banner, and their appearance can no longer be replicated via
Gemtext.
* Warning messages are interactive. Click on them to perform relevant
actions.
* Per-pixel scrolling in input fields (e.g., when using a trackpad on
macOS).
* "file://" pages are always unthemed.
* Show a byte counter during large downloads instead of instantly
jumping to a content view. Content may not viewable correctly until
the download has finished.
* Site-specific settings (sitespec.txt) converted to .ini format. These
are currently used for the Titan upload port and remembering which
warnings have been dismissed.
* macOS: One can choose between Black/Dark and Light/White UI palette
when system color theme is enabled. Previously the system theme
always switched to either Dark or Light.
Fixes:
* Fixed an issue where the page is unscrollable until the mouse cursor
is moved (wrong hover state).
* Fixed wrapping of long input prompts and dialog messages.
* Titan upload token is remembered when the dialog is closed.
* Fixed various layout issues with page footer buttons.
* Fixed theme change glitches when an input prompt appears.
* macOS: Fixed forced unhiding of the dock when the app is launched.
v1.7.3
* Fixed a memory leak in the text renderer.
* Added option to place new bookmarks to the top of the bookmarks list.
* Updated UI translations.
v1.7.2
* Fixed regressions in text selection, for example when marking text
leftwards from the start position or when starting from outside any
text run.
* Fixed a crash when clicking on Outline sidebar items before a page
has finished loading.
* Gopher: Handle the p line type (PNG image).
v1.7.1
* Fixed feed entries forgetting their (un)read status after several
months.
* Fixed feed entries being discarded before they are removed from their
source feed, causing them to reappear on the next refresh.
* Fixed failure to parse Atom feed entry timestamps that use space as
the date/time separator.
* Fixed dropdown labels staying visible in the translation dialog.
* Fixed showing/hiding of the feed update indicator in split view.
* Fixed a crash when selecting text.
* Added a small progress bar to the feed update indicator.
* When adding a bookmark/folder, the bookmarks list scrolls to show the
new item.
* Improved reordering bookmarks in a folder: an item inside a folder
can be moved to be the last item in the folder, or out of the folder
depending on which side of the boundary marker the mouse cursor is.
v1.7.0
(2021-09-29: A rebuilt macOS Intel binary is now available with the
correct version of SDL, fixing issues with context menus.)
!!️ Bookmarks file format has changed. Your existing bookmarks will be
imported to the new format. The old bookmarks.txt file can be found in
the config directory and is writable only by v1.6 and earlier versions.
!!️ Saved UI state format has changed. Downgrading will reset window
state, close all tabs, and clear the navigation cache.
New features:
* Added bookmark folders. Folders can be nested inside each other, and
the fold state of each folder is remembered persistently (per
sidebar).
* The Bookmarks export/list page uses subheadings (level 2 and 3) to
represent folders.
* Added menu item to sort (a folder of) bookmarks alphabetically.
* Added identity selection in the Upload dialog.
* Added image colorization setting. Images can be viewed in grayscale
or using the page's theme colors.
* Added UI focus cycling to all buttons with Tab and Shift+Tab. This
includes dialog buttons and the navigation bar.
* Added a footer action to view application/octet-stream content
depending on recognized file extensions.
* Added support for viewing WebP images. The libwebp library is an
optional dependency and will be included in the build if found via
pkg-config.
* Added command line options -w, -h for setting window size at launch.
* Added new UI languages: Esperanto, Spanish (Mexico), Galician,
Interslavic, and Slovak. Note that some of these are still works in
progress.
Changes and enhancements:
* Bookmarks are now ordered manually. You can drag and drop bookmarks
in the list to change the order.
* The internal bookmarks file format is now a TOML subset instead of
just being three text lines per bookmark, making it more robust and
human-readable.
* Context menus and other popup menus that do not fit inside the window
are split off into independent windows.
* macOS: Use native UI controls for context/popup menus. Note that this
required making a couple of small changes to SDL (see the updated
patch in the repository).
* Dropdown button menus position themselves on the currently selected
item.
* Dialogs that don't fit inside the window have a scroll bar. Note that
such dialogs can only be scrolled via mouse wheel/trackpad, not by
dragging the bar.
* Adjusted mouse wheel smooth scrolling speed for better consistency.
The default scrolling speeds were increased to level 2.
* Visited URLs are remembered for six months. This affects the unread
status of feed entries and the visited status of links.
* Adjusted the UI color palette so that the alternative accent color is
used more rarely. For example, input fields now use the primary
accent color.
* Adjusted button hover/press colors for better consistency,
particularly when the button label uses a non-standard color.
* Image links (as determined by file extension) automatically use a
"photo" link icon if the URL is on the current site. This makes it
clearer which links will likely show up as an inline image.
* Alt+Shift+Tab inserts a tab character in input fields.
* UI rendering optimizations. Some UI controls (e.g., navbar, menus)
will buffer their contents so they can be drawn efficiently during
animations.
Fixes:
* Fixed issues with subscribed feed entry tracking. Heading entries are
not discarded until they are removed from the source.
* Fixed the sidebar unread entry count showing the wrong number after
subscribing to a Headings feed.
* Fixed handling of tab characters in the Upload text editor (when
using HarfBuzz).
* Fixed hang when wrapping a very long word (with HarfBuzz disabled).
* Fixed regressions in retaining window state, position, and size.
* Fixed URL encoding of the % character.
* Fixed ambiguous handling of colons in URI paths.
* Fixed issues with cursor positioning in multi-line input fields.
* Fixed issues with touch swipe events.
* X11: Ask SDL not to bypass the window compositor. This should avoid
issues on KDE, for example.
* macOS: Fixed a flash of blank background color when launching the
app.
* Windows: The main window title bar (when not using a custom frame)
uses dark mode colors according to the UI color theme setting.
Previously it was always stuck on light mode.
What's New in 4.0.3
All Platforms
Fixed 4.0.2 higher CPU load while downloading. Regression introduced by #5167. (#5266, #5273)
Fixed 4.0.0 bug where the torrentGet RPC method returned wrong trackerStats.tier values. (#5274)
Fixed 4.0.0 HTTP announce behavior with bind-address-ipv* settings. (#5296)
Fixed 4.0.0 bug in code that detects the computer's IPv6 support. (#5312)
Silenced 4.0.0 minor log warnings for cross_seed_entry and uid entries in torrent files. (#5365)
When adding a duplicate torrent via the RPC API, the return value now matches Transmission 3's return value. (#5370)
Fixed use of metainfo display-name as a fallback name. (#5378)
Updated torrent Peer ID generation to happen once per session, even for public torrents. (#5233)
macOS Client
Added support for non-UTF-8 magnets. (#5244)
Fixed potential memory leak in tr_strv_convert_utf8(). (#5264)
Fixed crash on launch from tapping on a notification. (#5280)
Qt Client
Fixed 4.0.2 FTBFS on Qt 5.13. (#5238)
GTK Client
Fixed 4.0.0 preferences dialog being too large for small displays. (#5276, #5360)
Fixed 4.0.0 regression of percents, speeds, sizes, etc. not being i18nized properly. (#5288)
Fixed FTBFS in GTKMM 4.10. (#5289, #5295)
Web Client
Fixed confusing Inspector UI when waiting for initial data from the server. (#5249)
Fixed a keyboard shortcut conflict. (#5318)
Turned off keyboard shortcuts when input fields have focus. (#5381)
Show announce URL's origins in the inspector's tracker list. (#5382)
Added missing date-added field in the Inspector's info tab. (#5386)
Daemon
Set the log level sooner at startup to ensure events aren't missed. (#5345)
transmission-remote
Fixed 4.0.0 bug in the display of how much of a torrent has been downloaded. (#5265)
Everything Else
Bumped fallback version of libdeflate from v1.17 to bugfix release v1.18. (#5388)
Documentation improvements. (#5278)
ngtcp2 v0.15.0
client: Fix bug that nghttp3_conn is not initialized by @tatsuhiro-t in #727
client: Fix typo by @tatsuhiro-t in #728
Client wait for ticket by @tatsuhiro-t in #729
Add NGTCP2_PATH_VALIDATION_FLAG_NEW_TOKEN by @tatsuhiro-t in #731
Build with the latest nghttp3 by @tatsuhiro-t in #732
Send PMTUD packet with ECN if path is ECN capable by @tatsuhiro-t in #733
interop: Disable PMTUD for zerortt test by @tatsuhiro-t in #734
Rename NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED by @tatsuhiro-t in #735
bbr: Follow more closely to the draft when setting send_quantum by @tatsuhiro-t in #737
Provide a way to pin nghttp3 version by @tatsuhiro-t in #738
Bump minimum nghttp3 version to v0.11.0 by @tatsuhiro-t in #739
Bump OpenSSL v3 to 3.1.0+quic by @tatsuhiro-t in #743
picotls works with OpenSSL v3 by @tatsuhiro-t in #744
Fix cc logging by @tatsuhiro-t in #745
Tweak msvc counting leading zeros by @tatsuhiro-t in #746
Msvc test run by @tatsuhiro-t in #747
Test msvc 32bit build by @tatsuhiro-t in #748
Use ngtcp2_connection_id_status_type in function signature by @tatsuhiro-t in #749
Use uint8_t for bool fields by @tatsuhiro-t in #750
Rename ngtcp2_conn_handshake_completed by @tatsuhiro-t in #751
Rename NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED by @tatsuhiro-t in #752
Rename conn_is_handshake_completed by @tatsuhiro-t in #753
Make sure that NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED is set when entering post handshake by @tatsuhiro-t in #754
Shorten long names related to connection_close_error by @tatsuhiro-t in #755
Make ngtcp2_conn_get_cerr return a pointer to the internal field by @tatsuhiro-t in #756
Rework cc by @tatsuhiro-t in #757
Hide ngtcp2_addr_eq by @tatsuhiro-t in #758
Remove unused cc free functions by @tatsuhiro-t in #761
Bump boringssl by @tatsuhiro-t in #762
Bump wolfssl by @tatsuhiro-t in #763
Remove ngtcp2_conn_get_max_local_streams_uni by @tatsuhiro-t in #765
Add text to describe when application can start opening streams by @tatsuhiro-t in #766
Only call setup_httpconn again when early data is rejected by @tatsuhiro-t in #767
Add more texts for streams by @tatsuhiro-t in #768
Update doc by @tatsuhiro-t in #769
Version 2.6.3
GHA: remove Ubuntu 18.04 builds
vcpkg: request "tools" feature of openssl for MSVC build
doc: run rst2* with --strict to catch warnings
Support of DNS domain for DHCP-less drivers
Bug-fix: segfault in dco_get_peer_stats()
pkgsrc change: reduce some pkglint warnings.
--- 9.18.14 released ---
6145. [bug] Fix a possible use-after-free bug in the
dns__catz_done_cb() function. [GL #3997]
6143. [bug] A reference counting problem on the error path in
the xfrin_connect_done() might cause an assertion
failure on shutdown. [GL #3989]
6142. [bug] Reduce the number of dns_dnssec_verify calls made
determining if revoked keys needs to be removed from
the trust anchors. [GL #3981]
6141. [bug] Fix several issues in nsupdate timeout handling and
update the -t option's documentation. [GL #3674]
6138. [doc] Fix the DF-flag documentation on the outgoing
UDP packets. [GL #3710]
6136. [cleanup] Remove the isc_fsaccess API in favor of creating
temporary file first and atomically replace the key
with non-truncated content. [GL #3982]
6132. [doc] Remove a dead link in the DNSSEC guide. [GL #3967]
6129. [cleanup] Value stored to 'source' during its initialization is
never read. [GL #3965]
6128. [bug] Fix an omission in an earlier commit to avoid a race
between the 'dns__catz_update_cb()' and
'dns_catz_dbupdate_callback()' functions. [GL #3968]
6126. [cleanup] Deprecate zone type "delegation-only" and the
"delegation-only" and "root-delegation-only"
options. [GL #3953]
6125. [bug] Hold a catz reference while the update process is
running, so that the catalog zone is not destroyed
during shutdown until the update process is finished or
properly canceled by the activated 'shuttingdown' flag.
[GL #3955]
6124. [bug] When changing from a NSEC3 capable DNSSEC algorithm to
an NSEC3 incapable DNSSEC algorithm using KASP the zone
could sometimes be incompletely signed. [GL #3937]
6121. [bug] Fix BIND and dig zone transfer hanging when
downloading large zones over TLS from a primary server,
especially over unstable connections. [GL #3867]
--- 9.16.40 released ---
6142. [bug] Reduce the number of dns_dnssec_verify calls made
determining if revoked keys needs to be removed from
the trust anchors. [GL #3981]
6138. [doc] Fix the DF-flag documentation on the outgoing
UDP packets. [GL #3710]
6132. [doc] Remove a dead link in the DNSSEC guide. [GL #3967]
6129. [cleanup] Value stored to 'source' during its initialization is
never read. [GL #3965]
6124. [bug] When changing from a NSEC3 capable DNSSEC algorithm to
an NSEC3 incapable DNSSEC algorithm using KASP the zone
could sometimes be incompletely signed. [GL #3937]
5741. [bug] Log files with "timestamp" suffixes could be left in
place after rolling, even if the number of preserved
log files exceeded the configured "versions" limit.
[GL #828] [GL #3959]
Big new release, mainly around better privsep process management
which allows us to detect when they exit unexpectedly.
Other changes include:
privsep: keep resources open rather than open/close
dhcp6: OPTION_NTP_SERVER is now preferred over OPTION_SNTP_SERVER
dev: unload when spawning new processes
Defaults to downloading the signed source tarball in the GitHub release
rather than the auto generated GitHub source.
upstream changes:
-----------------
v1.23.4
Bugfixes:
#8851: "Running global migration to fix encryption file sizes" on every start
v1.23.3
Bugfixes:
#5408: Selection of time in versions GUI not possible without editing the string inside the textfield
#8277: Mutual encrypted sharing doesn't work (both sides with password)
#8556: Increased file size when sharing between encrypted devices
#8599: Key generation at connect time is slow for encrypted connections
Enhancements:
#7859: Allow sub-second watcher delay (use case: remote development)
Other issues:
#8828: cmd/stdiscosrv: TestDatabaseGetSet flake
Changes in 1.13.0:
- The servers and native viewer now support RealVNC's RSA-AES authentication methods and encryption
- The native viewer is now translated to Romanian and Georgian
- The native viewer now (optionally) supports PiKVM's H.264 encoding
- The display settings for the native viewer have been overhauled to make them easier to understand
- The native viewer now supports adding exceptions for expired certificates
- Resolved an issue where full-screen mode didn't work in the native viewer on macOS 13
- Lock key synchronization has been re-enabled in the native viewer after being accidentally disabled in 1.11.0
- Xvnc/libvnc.so can now be built with Xorg 1.21
- x0vncserver is a bit better at handling differing server and client keyboard layout
- x0vncserver now correctly handles zaphod mode
- Added Ubuntu 22.04 and RHEL 9 packages
Changes in 1.13.1:
- x0vncserver can either crash itself, or crash the X server it is connected to
- The servers might crash if the clipboard is updated just as a client is connected
- The vncserver service can fail to start on SELinux system if ~/.vnc doesn't exist
pkgsrc changes:
- Drop no longer needed patch-unix_vncserver_vncsession.c
- Add workaround (hack) for NetBSD native libXfont2 builtin issue
Summary for 4.99.4 tcpdump release
Source code:
Fix spaces before tabs in indentation.
Updated printers:
LSP ping: Fix "Unused value" warnings from Coverity.
CVE-2023-1801: Fix an out-of-bounds write in the SMB printer.
DNS: sync resource types with IANA.
ICMPv6: Update the output to show a RPL DAO field name.
Geneve: Fix the Geneve UDP port test.
Building and testing:
Require at least autoconf 2.69.
Don't check for strftime(), as it's in C90 and beyond.
Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21.
Documentation:
man: Document TCP flag names better.
Summary for 1.10.4 libpcap release
Source code:
Fix spaces before tabs in indentation.
rpcap:
Fix name of launchd service.
Documentation:
Document use of rpcapd with systemd, launchd, inetd, and xinetd.
Building and testing:
Require at least pkg-config 0.17.0, as we use --static.
Get rid of the remains of gnuc.h.
Require at least autoconf 2.69.
Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21.
1.27.115
========
* api-change:``appflow``: This release adds a Client Token parameter to the following AppFlow APIs: Create/Update Connector Profile, Create/Update Flow, Start Flow, Register Connector, Update Connector Registration. The Client Token parameter allows idempotent operations for these APIs.
* api-change:``drs``: Changed existing APIs and added new APIs to support using an account-level launch configuration template with AWS Elastic Disaster Recovery.
* api-change:``dynamodb``: Documentation updates for DynamoDB API
* api-change:``emr-serverless``: The GetJobRun API has been updated to include the job's billed resource utilization. This utilization shows the aggregate vCPU, memory and storage that AWS has billed for the job run. The billed resources include a 1-minute minimum usage for workers, plus additional storage over 20 GB per worker.
* api-change:``internetmonitor``: This release includes a new configurable value, TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by percentage
* api-change:``iotwireless``: Supports the new feature of LoRaWAN roaming, allows to configure MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast group
* api-change:``lambda``: Add Python 3.10 (python3.10) support to AWS Lambda
1.27.114
========
* api-change:``ecs``: This release supports ephemeral storage for AWS Fargate Windows containers.
* api-change:``lambda``: This release adds SnapStart related exceptions to InvokeWithResponseStream API. IAM access related documentation is also added for this API.
* api-change:``migration-hub-refactor-spaces``: Doc only update for Refactor Spaces environments without network bridge feature.
* api-change:``rds``: This release adds support of modifying the engine mode of database clusters.
1.27.113
========
* api-change:``chime-sdk-voice``: This release adds tagging support for Voice Connectors and SIP Media Applications
* api-change:``mediaconnect``: Gateway is a new feature of AWS Elemental MediaConnect. Gateway allows the deployment of on-premises resources for the purpose of transporting live video to and from the AWS Cloud.
1.27.112
========
* api-change:``groundstation``: AWS Ground Station Wideband DigIF GA Release
* api-change:``managedblockchain``: Removal of the Ropsten network. The Ethereum foundation ceased support of Ropsten on December 31st, 2022..
1.27.111
========
* api-change:``ecr-public``: This release will allow using registry alias as registryId in BatchDeleteImage request.
* api-change:``emr-serverless``: This release extends GetJobRun API to return job run timeout (executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720 minutes if none was specified).
* api-change:``events``: Update events command to latest version
* api-change:``iot-data``: This release adds support for MQTT5 user properties when calling the AWS IoT GetRetainedMessage API
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
1.27.110
========
* api-change:``connect``: This release adds the ability to configure an agent's routing profile to receive contacts from multiple channels at the same time via extending the UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.
* api-change:``ecs``: This release adds support for enabling FIPS compliance on Amazon ECS Fargate tasks
* api-change:``marketplace-catalog``: Added three new APIs to support resource sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType field to ListEntities request to let users filter on entities that are shared with them. Increased max page size of ListEntities response from 20 to 50 results.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports conversion of 608 paint-on captions to pop-on captions for SCC sources.
* api-change:``omics``: Remove unexpected API changes.
* api-change:``rekognition``: This release adds support for Face Liveness APIs in Amazon Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor updates to API documentation.
1.27.109
========
* api-change:``dlm``: Updated timestamp format for GetLifecyclePolicy API
* api-change:``docdb``: This release adds a new parameter 'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while performing restore.
* api-change:``fsx``: Amazon FSx for Lustre now supports creating data repository associations on Persistent_1 and Scratch_2 file systems.
* api-change:``lambda``: This release adds a new Lambda InvokeWithResponseStream API to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function Url APIs to control whether the response will be streamed or buffered.
* api-change:``quicksight``: This release has two changes: adding the OR condition to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties operations for users to programmatically configure SPICE dataset ingestions.
* api-change:``redshift-data``: Update documentation of API descriptions as needed in support of temporary credentials with IAM identity.
* api-change:``servicecatalog``: Updates description for property
1.27.108
========
* api-change:``cloudformation``: Including UPDATE_COMPLETE as a failed status for DeleteStack waiter.
* api-change:``greengrassv2``: Add support for SUCCEEDED value in coreDeviceExecutionStatus field. Documentation updates for Greengrass V2.
* api-change:``proton``: This release adds support for the AWS Proton service sync feature. Service sync enables managing an AWS Proton service (creating and updating instances) and all of it's corresponding service instances from a Git repository.
* api-change:``rds``: Adds and updates the SDK examples
1.27.107
========
* bugfix:eks: Fix eks kubeconfig validations
* api-change:``apprunner``: App Runner adds support for seven new vCPU and memory configurations.
* api-change:``config``: This release adds resourceType enums for types released in March 2023.
* api-change:``ecs``: This is a document only updated to add information about Amazon Elastic Inference (EI).
* api-change:``identitystore``: Documentation updates for Identity Store CLI command reference.
* api-change:``ivs-realtime``: Fix ParticipantToken ExpirationTime format
* api-change:``network-firewall``: AWS Network Firewall now supports IPv6-only subnets.
* api-change:``servicecatalog``: removed incorrect product type value
* api-change:``vpc-lattice``: This release removes the entities in the API doc model package for auth policies.
1.27.106
========
* api-change:``amplifyuibuilder``: Support StorageField and custom displays for data-bound options in form builder. Support non-string operands for predicates in collections. Support choosing client to get token from.
* api-change:``autoscaling``: Documentation updates for Amazon EC2 Auto Scaling
* api-change:``dataexchange``: This release updates the value of MaxResults.
* api-change:``ec2``: C6in, M6in, M6idn, R6in and R6idn bare metal instances are powered by 3rd Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network bandwidth.
* api-change:``elastic-inference``: Updated public documentation for the Describe and Tagging APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime command to latest version
* api-change:``sagemaker``: Amazon SageMaker Asynchronous Inference now allows customer's to receive failure model responses in S3 and receive success/failure model responses in SNS notifications.
* api-change:``wafv2``: This release rolls back association config feature for webACLs that protect CloudFront protections.
1.27.105
========
* api-change:``glue``: Add support for database-level federation
* api-change:``lakeformation``: Add support for database-level federation
* api-change:``license-manager``: This release adds grant override options to the CreateGrantVersion API. These options can be used to specify grant replacement behavior during grant activation.
* api-change:``mwaa``: This Amazon MWAA release adds the ability to customize the Apache Airflow environment by launching a shell script at startup. This shell script is hosted in your environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and initializing the Apache Airflow process.
* api-change:``servicecatalog``: This release introduces Service Catalog support for Terraform open source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by the terraform engine to notify the result of the provisioning engine execution. 2. Adds a new TERRAFORM_OPEN_SOURCE product type in CreateProduct API.
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
1.27.104
========
* api-change:``ec2``: Documentation updates for EC2 On Demand Capacity Reservations
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet Monitor that enables customers to deliver internet measurements to Amazon S3 buckets as well as CloudWatch Logs.
* api-change:``resiliencehub``: Adding EKS related documentation for appTemplateBody
* api-change:``s3``: Documentation updates for Amazon S3
* api-change:``sagemaker-featurestore-runtime``: In this release, you can now chose between soft delete and hard delete when calling the DeleteRecord API, so you have more flexibility when it comes to managing online store data.
* api-change:``sms``: Deprecating AWS Server Migration Service.
1.27.103
========
* api-change:``athena``: Make DefaultExecutorDpuSize and CoordinatorDpuSize fields optional in StartSession
* api-change:``autoscaling``: Amazon EC2 Auto Scaling now supports Elastic Load Balancing traffic sources with the AttachTrafficSources, DetachTrafficSources, and DescribeTrafficSources APIs. This release also introduces a new activity status, "WaitingForConnectionDraining", for VPC Lattice to the DescribeScalingActivities API.
* api-change:``batch``: This feature allows Batch on EKS to support configuration of Pod Labels through Metadata for Batch on EKS Jobs.
* api-change:``compute-optimizer``: This release adds support for HDD EBS volume types and io2 Block Express. We are also adding support for 61 new instance types and instances that have non consecutive runtime.
* api-change:``drs``: Adding a field to the replication configuration APIs to support the auto replicate new disks feature. We also deprecated RetryDataReplication.
* api-change:``ec2``: This release adds support for Tunnel Endpoint Lifecycle control, a new feature that provides Site-to-Site VPN customers with better visibility and control of their VPN tunnel maintenance updates.
* api-change:``emr``: Update emr command to latest version
* api-change:``glue``: This release adds support for AWS Glue Data Quality, which helps you evaluate and monitor the quality of your data and includes the API for creating, deleting, or updating data quality rulesets, runs and evaluations.
* api-change:``guardduty``: Added EKS Runtime Monitoring feature support to existing detector, finding APIs and introducing new Coverage APIs
* api-change:``imagebuilder``: Adds support for new image workflow details and image vulnerability detection.
* api-change:``ivs``: Amazon Interactive Video Service (IVS) now offers customers the ability to configure IVS channels to allow insecure RTMP ingest.
* api-change:``kendra``: AWS Kendra now supports featured results for a query.
* api-change:``network-firewall``: AWS Network Firewall added TLS inspection configurations to allow TLS traffic inspection.
* api-change:``sagemaker-geospatial``: Amazon SageMaker geospatial capabilities now supports server-side encryption with customer managed KMS key and SageMaker notebooks with a SageMaker geospatial image in a Amazon SageMaker Domain with VPC only mode.
* api-change:``vpc-lattice``: General Availability (GA) release of Amazon VPC Lattice
* api-change:``wellarchitected``: AWS Well-Architected SDK now supports getting consolidated report metrics and generating a consolidated report PDF.
1.27.102
========
* api-change:``opensearchserverless``: This release includes two new exception types "ServiceQuotaExceededException" and "OcuLimitExceededException".
* api-change:``rds``: Add support for creating a read replica DB instance from a Multi-AZ DB cluster.
1.27.101
========
* api-change:``iot-data``: Add endpoint ruleset support for cn-north-1.
* api-change:``ssm-contacts``: This release adds 12 new APIs as part of Oncall Schedule feature release, adds support for a new contact type: ONCALL_SCHEDULE. Check public documentation for AWS ssm-contacts for more information
* api-change:``ssm-incidents``: Increased maximum length of "TriggerDetails.rawData" to 10K characters and "IncidentSummary" to 8K characters.
1.27.100
========
* api-change:``athena``: Enforces a minimal level of encryption for the workgroup for query and calculation results that are written to Amazon S3. When enabled, workgroup users can set encryption only to the minimum level set by the administrator or higher when they submit queries.
* api-change:``chime-sdk-voice``: Documentation updates for Amazon Chime SDK Voice.
* api-change:``connect``: This release introduces support for RelatedContactId in the StartChatContact API. Interactive message and interactive message response have been added to the list of supported message content types for this API as well.
* api-change:``connectparticipant``: This release provides an update to the SendMessage API to handle interactive message response content-types.
* api-change:``iotwireless``: Introducing new APIs that enable Sidewalk devices to communicate with AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect Sidewalk devices with other AWS IoT Services, creating possibilities for seamless integration and advanced device management.
* api-change:``medialive``: AWS Elemental MediaLive now supports ID3 tag insertion for audio only HLS output groups. AWS Elemental Link devices now support tagging.
* api-change:``sagemaker``: Fixed some improperly rendered links in SDK documentation.
* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
* api-change:``servicecatalog-appregistry``: In this release, we started supporting ARN in applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.
* api-change:``voice-id``: Amazon Connect Voice ID now supports multiple fraudster watchlists. Every domain has a default watchlist where all existing fraudsters are placed by default. Custom watchlists may now be created, managed, and evaluated against for known fraudster detection.
1.27.99
=======
* api-change:``cloudwatch``: Update cloudwatch command to latest version
* api-change:``comprehend``: This release adds a new field (FlywheelArn) to the EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job is started with a FlywheelArn instead of an EntityRecognizerArn .
* api-change:``rds``: Added error code CreateCustomDBEngineVersionFault for when the create custom engine version for Custom engines fails.
1.27.98
=======
* enhancement:eks: Add user-alias argument to update-kubeconfig command.
* api-change:``batch``: This feature allows Batch to support configuration of ephemeral storage size for jobs running on FARGATE
* api-change:``chime-sdk-identity``: AppInstanceBots can be used to add a bot powered by Amazon Lex to chat channels. ExpirationSettings provides automatic resource deletion for AppInstanceUsers.
* api-change:``chime-sdk-media-pipelines``: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.
* api-change:``chime-sdk-messaging``: ExpirationSettings provides automatic resource deletion for Channels.
* api-change:``chime-sdk-voice``: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.
* api-change:``codeartifact``: Repository CreationTime is added to the CreateRepository and ListRepositories API responses.
* api-change:``guardduty``: Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
* api-change:``ivs-realtime``: Initial release of the Amazon Interactive Video Service RealTime API.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports passthrough of ID3v2 tags for audio inputs to audio-only HLS outputs.
* api-change:``sagemaker``: Amazon SageMaker Autopilot adds two new APIs - CreateAutoMLJobV2 and DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the ml.geospatial.interactive instance type.
* api-change:``servicediscovery``: Reverted the throttling exception RequestLimitExceeded for AWS Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to previous exception specified in the ErrorCode.
* api-change:``textract``: The AnalyzeDocument - Tables feature adds support for new elements in the API: table titles, footers, section titles, summary cells/tables, and table type.
1.27.97
=======
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``iottwinmaker``: This release adds support of adding metadata when creating a new scene or updating an existing scene.
* api-change:``networkmanager``: This release includes an update to create-transit-gateway-route-table-attachment, showing example usage for TransitGatewayRouteTableArn.
* api-change:``pipes``: This release improves validation on the ARNs in the API model
* api-change:``resiliencehub``: This release provides customers with the ability to import resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.
* api-change:``ssm``: This Patch Manager release supports creating, updating, and deleting Patch Baselines for AmazonLinux2023, AlmaLinux.
1.27.96
=======
* api-change:``chime-sdk-messaging``: Amazon Chime SDK messaging customers can now manage streaming configuration for messaging data for archival and analysis.
* api-change:``cleanrooms``: GA Release of AWS Clean Rooms, Added Tagging Functionality
* api-change:``ec2``: This release adds support for AWS Network Firewall, AWS PrivateLink, and Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path destination optional as long as a destination address in the filter at source is provided.
* api-change:``iotsitewise``: Provide support for tagging of data streams and enabling tag based authorization for property alias
* api-change:``mgn``: This release introduces the Import and export feature and expansion of the post-launch actions
1.27.95
=======
* api-change:``application-autoscaling``: With this release customers can now tag their Application Auto Scaling registered targets with key-value pairs and manage IAM permissions for all the tagged resources centrally.
* api-change:``neptune``: This release makes following few changes. db-cluster-identifier is now a required parameter of create-db-instance. describe-db-cluster will now return PendingModifiedValues and GlobalClusterIdentifier fields in the response.
* api-change:``s3outposts``: S3 On Outposts added support for endpoint status, and a failed endpoint reason, if any
* api-change:``workdocs``: This release adds a new API, SearchResources, which enable users to search through metadata and content of folders, documents, document versions and comments in a WorkDocs site.
1.26.115
========
* api-change:``appflow``: [``botocore``] This release adds a Client Token parameter to the following AppFlow APIs: Create/Update Connector Profile, Create/Update Flow, Start Flow, Register Connector, Update Connector Registration. The Client Token parameter allows idempotent operations for these APIs.
* api-change:``drs``: [``botocore``] Changed existing APIs and added new APIs to support using an account-level launch configuration template with AWS Elastic Disaster Recovery.
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB API
* api-change:``emr-serverless``: [``botocore``] The GetJobRun API has been updated to include the job's billed resource utilization. This utilization shows the aggregate vCPU, memory and storage that AWS has billed for the job run. The billed resources include a 1-minute minimum usage for workers, plus additional storage over 20 GB per worker.
* api-change:``internetmonitor``: [``botocore``] This release includes a new configurable value, TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by percentage
* api-change:``iotwireless``: [``botocore``] Supports the new feature of LoRaWAN roaming, allows to configure MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast group
* api-change:``lambda``: [``botocore``] Add Python 3.10 (python3.10) support to AWS Lambda
1.26.114
========
* api-change:``ecs``: [``botocore``] This release supports ephemeral storage for AWS Fargate Windows containers.
* api-change:``lambda``: [``botocore``] This release adds SnapStart related exceptions to InvokeWithResponseStream API. IAM access related documentation is also added for this API.
* api-change:``migration-hub-refactor-spaces``: [``botocore``] Doc only update for Refactor Spaces environments without network bridge feature.
* api-change:``rds``: [``botocore``] This release adds support of modifying the engine mode of database clusters.
1.26.113
========
* api-change:``chime-sdk-voice``: [``botocore``] This release adds tagging support for Voice Connectors and SIP Media Applications
* api-change:``mediaconnect``: [``botocore``] Gateway is a new feature of AWS Elemental MediaConnect. Gateway allows the deployment of on-premises resources for the purpose of transporting live video to and from the AWS Cloud.
1.26.112
========
* api-change:``groundstation``: [``botocore``] AWS Ground Station Wideband DigIF GA Release
* api-change:``managedblockchain``: [``botocore``] Removal of the Ropsten network. The Ethereum foundation ceased support of Ropsten on December 31st, 2022..
1.26.111
========
* api-change:``ecr-public``: [``botocore``] This release will allow using registry alias as registryId in BatchDeleteImage request.
* api-change:``emr-serverless``: [``botocore``] This release extends GetJobRun API to return job run timeout (executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720 minutes if none was specified).
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``iot-data``: [``botocore``] This release adds support for MQTT5 user properties when calling the AWS IoT GetRetainedMessage API
* api-change:``wafv2``: [``botocore``] For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
1.26.110
========
* api-change:``connect``: [``botocore``] This release adds the ability to configure an agent's routing profile to receive contacts from multiple channels at the same time via extending the UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.
* api-change:``ecs``: [``botocore``] This release adds support for enabling FIPS compliance on Amazon ECS Fargate tasks
* api-change:``marketplace-catalog``: [``botocore``] Added three new APIs to support resource sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType field to ListEntities request to let users filter on entities that are shared with them. Increased max page size of ListEntities response from 20 to 50 results.
* api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK now supports conversion of 608 paint-on captions to pop-on captions for SCC sources.
* api-change:``omics``: [``botocore``] Remove unexpected API changes.
* api-change:``rekognition``: [``botocore``] This release adds support for Face Liveness APIs in Amazon Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor updates to API documentation.
1.26.109
========
* api-change:``dlm``: [``botocore``] Updated timestamp format for GetLifecyclePolicy API
* api-change:``docdb``: [``botocore``] This release adds a new parameter 'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while performing restore.
* api-change:``fsx``: [``botocore``] Amazon FSx for Lustre now supports creating data repository associations on Persistent_1 and Scratch_2 file systems.
* api-change:``lambda``: [``botocore``] This release adds a new Lambda InvokeWithResponseStream API to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function Url APIs to control whether the response will be streamed or buffered.
* api-change:``quicksight``: [``botocore``] This release has two changes: adding the OR condition to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties operations for users to programmatically configure SPICE dataset ingestions.
* api-change:``redshift-data``: [``botocore``] Update documentation of API descriptions as needed in support of temporary credentials with IAM identity.
* api-change:``servicecatalog``: [``botocore``] Updates description for property
1.26.108
========
* api-change:``cloudformation``: [``botocore``] Including UPDATE_COMPLETE as a failed status for DeleteStack waiter.
* api-change:``greengrassv2``: [``botocore``] Add support for SUCCEEDED value in coreDeviceExecutionStatus field. Documentation updates for Greengrass V2.
* api-change:``proton``: [``botocore``] This release adds support for the AWS Proton service sync feature. Service sync enables managing an AWS Proton service (creating and updating instances) and all of it's corresponding service instances from a Git repository.
* api-change:``rds``: [``botocore``] Adds and updates the SDK examples
1.26.107
========
* api-change:``apprunner``: [``botocore``] App Runner adds support for seven new vCPU and memory configurations.
* api-change:``config``: [``botocore``] This release adds resourceType enums for types released in March 2023.
* api-change:``ecs``: [``botocore``] This is a document only updated to add information about Amazon Elastic Inference (EI).
* api-change:``identitystore``: [``botocore``] Documentation updates for Identity Store CLI command reference.
* api-change:``ivs-realtime``: [``botocore``] Fix ParticipantToken ExpirationTime format
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall now supports IPv6-only subnets.
* api-change:``servicecatalog``: [``botocore``] removed incorrect product type value
* api-change:``vpc-lattice``: [``botocore``] This release removes the entities in the API doc model package for auth policies.
1.26.106
========
* api-change:``amplifyuibuilder``: [``botocore``] Support StorageField and custom displays for data-bound options in form builder. Support non-string operands for predicates in collections. Support choosing client to get token from.
* api-change:``autoscaling``: [``botocore``] Documentation updates for Amazon EC2 Auto Scaling
* api-change:``dataexchange``: [``botocore``] This release updates the value of MaxResults.
* api-change:``ec2``: [``botocore``] C6in, M6in, M6idn, R6in and R6idn bare metal instances are powered by 3rd Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network bandwidth.
* api-change:``elastic-inference``: [``botocore``] Updated public documentation for the Describe and Tagging APIs.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Asynchronous Inference now allows customer's to receive failure model responses in S3 and receive success/failure model responses in SNS notifications.
* api-change:``wafv2``: [``botocore``] This release rolls back association config feature for webACLs that protect CloudFront protections.
1.26.105
========
* api-change:``glue``: [``botocore``] Add support for database-level federation
* api-change:``lakeformation``: [``botocore``] Add support for database-level federation
* api-change:``license-manager``: [``botocore``] This release adds grant override options to the CreateGrantVersion API. These options can be used to specify grant replacement behavior during grant activation.
* api-change:``mwaa``: [``botocore``] This Amazon MWAA release adds the ability to customize the Apache Airflow environment by launching a shell script at startup. This shell script is hosted in your environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and initializing the Apache Airflow process.
* api-change:``servicecatalog``: [``botocore``] This release introduces Service Catalog support for Terraform open source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by the terraform engine to notify the result of the provisioning engine execution. 2. Adds a new TERRAFORM_OPEN_SOURCE product type in CreateProduct API.
* api-change:``wafv2``: [``botocore``] For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
1.26.104
========
* api-change:``ec2``: [``botocore``] Documentation updates for EC2 On Demand Capacity Reservations
* api-change:``internetmonitor``: [``botocore``] This release adds a new feature for Amazon CloudWatch Internet Monitor that enables customers to deliver internet measurements to Amazon S3 buckets as well as CloudWatch Logs.
* api-change:``resiliencehub``: [``botocore``] Adding EKS related documentation for appTemplateBody
* api-change:``s3``: [``botocore``] Documentation updates for Amazon S3
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] In this release, you can now chose between soft delete and hard delete when calling the DeleteRecord API, so you have more flexibility when it comes to managing online store data.
* api-change:``sms``: [``botocore``] Deprecating AWS Server Migration Service.
1.26.103
========
* api-change:``athena``: [``botocore``] Make DefaultExecutorDpuSize and CoordinatorDpuSize fields optional in StartSession
* api-change:``autoscaling``: [``botocore``] Amazon EC2 Auto Scaling now supports Elastic Load Balancing traffic sources with the AttachTrafficSources, DetachTrafficSources, and DescribeTrafficSources APIs. This release also introduces a new activity status, "WaitingForConnectionDraining", for VPC Lattice to the DescribeScalingActivities API.
* api-change:``batch``: [``botocore``] This feature allows Batch on EKS to support configuration of Pod Labels through Metadata for Batch on EKS Jobs.
* api-change:``compute-optimizer``: [``botocore``] This release adds support for HDD EBS volume types and io2 Block Express. We are also adding support for 61 new instance types and instances that have non consecutive runtime.
* api-change:``drs``: [``botocore``] Adding a field to the replication configuration APIs to support the auto replicate new disks feature. We also deprecated RetryDataReplication.
* api-change:``ec2``: [``botocore``] This release adds support for Tunnel Endpoint Lifecycle control, a new feature that provides Site-to-Site VPN customers with better visibility and control of their VPN tunnel maintenance updates.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``glue``: [``botocore``] This release adds support for AWS Glue Data Quality, which helps you evaluate and monitor the quality of your data and includes the API for creating, deleting, or updating data quality rulesets, runs and evaluations.
* api-change:``guardduty``: [``botocore``] Added EKS Runtime Monitoring feature support to existing detector, finding APIs and introducing new Coverage APIs
* api-change:``imagebuilder``: [``botocore``] Adds support for new image workflow details and image vulnerability detection.
* api-change:``ivs``: [``botocore``] Amazon Interactive Video Service (IVS) now offers customers the ability to configure IVS channels to allow insecure RTMP ingest.
* api-change:``kendra``: [``botocore``] AWS Kendra now supports featured results for a query.
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall added TLS inspection configurations to allow TLS traffic inspection.
* api-change:``sagemaker-geospatial``: [``botocore``] Amazon SageMaker geospatial capabilities now supports server-side encryption with customer managed KMS key and SageMaker notebooks with a SageMaker geospatial image in a Amazon SageMaker Domain with VPC only mode.
* api-change:``vpc-lattice``: [``botocore``] General Availability (GA) release of Amazon VPC Lattice
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected SDK now supports getting consolidated report metrics and generating a consolidated report PDF.
1.26.102
========
* api-change:``opensearchserverless``: [``botocore``] This release includes two new exception types "ServiceQuotaExceededException" and "OcuLimitExceededException".
* api-change:``rds``: [``botocore``] Add support for creating a read replica DB instance from a Multi-AZ DB cluster.
1.26.101
========
* api-change:``iot-data``: [``botocore``] Add endpoint ruleset support for cn-north-1.
* api-change:``ssm-contacts``: [``botocore``] This release adds 12 new APIs as part of Oncall Schedule feature release, adds support for a new contact type: ONCALL_SCHEDULE. Check public documentation for AWS ssm-contacts for more information
* api-change:``ssm-incidents``: [``botocore``] Increased maximum length of "TriggerDetails.rawData" to 10K characters and "IncidentSummary" to 8K characters.
1.26.100
========
* api-change:``athena``: [``botocore``] Enforces a minimal level of encryption for the workgroup for query and calculation results that are written to Amazon S3. When enabled, workgroup users can set encryption only to the minimum level set by the administrator or higher when they submit queries.
* api-change:``chime-sdk-voice``: [``botocore``] Documentation updates for Amazon Chime SDK Voice.
* api-change:``connect``: [``botocore``] This release introduces support for RelatedContactId in the StartChatContact API. Interactive message and interactive message response have been added to the list of supported message content types for this API as well.
* api-change:``connectparticipant``: [``botocore``] This release provides an update to the SendMessage API to handle interactive message response content-types.
* api-change:``iotwireless``: [``botocore``] Introducing new APIs that enable Sidewalk devices to communicate with AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect Sidewalk devices with other AWS IoT Services, creating possibilities for seamless integration and advanced device management.
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive now supports ID3 tag insertion for audio only HLS output groups. AWS Elemental Link devices now support tagging.
* api-change:``sagemaker``: [``botocore``] Fixed some improperly rendered links in SDK documentation.
* api-change:``securityhub``: [``botocore``] Added new resource detail objects to ASFF, including resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
* api-change:``servicecatalog-appregistry``: [``botocore``] In this release, we started supporting ARN in applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.
* api-change:``voice-id``: [``botocore``] Amazon Connect Voice ID now supports multiple fraudster watchlists. Every domain has a default watchlist where all existing fraudsters are placed by default. Custom watchlists may now be created, managed, and evaluated against for known fraudster detection.
1.26.99
=======
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``comprehend``: [``botocore``] This release adds a new field (FlywheelArn) to the EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job is started with a FlywheelArn instead of an EntityRecognizerArn .
* api-change:``rds``: [``botocore``] Added error code CreateCustomDBEngineVersionFault for when the create custom engine version for Custom engines fails.
1.26.98
=======
* api-change:``batch``: [``botocore``] This feature allows Batch to support configuration of ephemeral storage size for jobs running on FARGATE
* api-change:``chime-sdk-identity``: [``botocore``] AppInstanceBots can be used to add a bot powered by Amazon Lex to chat channels. ExpirationSettings provides automatic resource deletion for AppInstanceUsers.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.
* api-change:``chime-sdk-messaging``: [``botocore``] ExpirationSettings provides automatic resource deletion for Channels.
* api-change:``chime-sdk-voice``: [``botocore``] This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.
* api-change:``codeartifact``: [``botocore``] Repository CreationTime is added to the CreateRepository and ListRepositories API responses.
* api-change:``guardduty``: [``botocore``] Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
* api-change:``ivs-realtime``: [``botocore``] Initial release of the Amazon Interactive Video Service RealTime API.
* api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK now supports passthrough of ID3v2 tags for audio inputs to audio-only HLS outputs.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Autopilot adds two new APIs - CreateAutoMLJobV2 and DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the ml.geospatial.interactive instance type.
* api-change:``servicediscovery``: [``botocore``] Reverted the throttling exception RequestLimitExceeded for AWS Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to previous exception specified in the ErrorCode.
* api-change:``textract``: [``botocore``] The AnalyzeDocument - Tables feature adds support for new elements in the API: table titles, footers, section titles, summary cells/tables, and table type.
1.26.97
=======
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``iottwinmaker``: [``botocore``] This release adds support of adding metadata when creating a new scene or updating an existing scene.
* api-change:``networkmanager``: [``botocore``] This release includes an update to create-transit-gateway-route-table-attachment, showing example usage for TransitGatewayRouteTableArn.
* api-change:``pipes``: [``botocore``] This release improves validation on the ARNs in the API model
* api-change:``resiliencehub``: [``botocore``] This release provides customers with the ability to import resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.
* api-change:``ssm``: [``botocore``] This Patch Manager release supports creating, updating, and deleting Patch Baselines for AmazonLinux2023, AlmaLinux.
1.26.96
=======
* api-change:``chime-sdk-messaging``: [``botocore``] Amazon Chime SDK messaging customers can now manage streaming configuration for messaging data for archival and analysis.
* api-change:``cleanrooms``: [``botocore``] GA Release of AWS Clean Rooms, Added Tagging Functionality
* api-change:``ec2``: [``botocore``] This release adds support for AWS Network Firewall, AWS PrivateLink, and Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path destination optional as long as a destination address in the filter at source is provided.
* api-change:``iotsitewise``: [``botocore``] Provide support for tagging of data streams and enabling tag based authorization for property alias
* api-change:``mgn``: [``botocore``] This release introduces the Import and export feature and expansion of the post-launch actions
1.26.95
=======
* api-change:``application-autoscaling``: [``botocore``] With this release customers can now tag their Application Auto Scaling registered targets with key-value pairs and manage IAM permissions for all the tagged resources centrally.
* api-change:``neptune``: [``botocore``] This release makes following few changes. db-cluster-identifier is now a required parameter of create-db-instance. describe-db-cluster will now return PendingModifiedValues and GlobalClusterIdentifier fields in the response.
* api-change:``s3outposts``: [``botocore``] S3 On Outposts added support for endpoint status, and a failed endpoint reason, if any
* api-change:``workdocs``: [``botocore``] This release adds a new API, SearchResources, which enable users to search through metadata and content of folders, documents, document versions and comments in a WorkDocs site.
1.29.115
========
* api-change:``appflow``: This release adds a Client Token parameter to the following AppFlow APIs: Create/Update Connector Profile, Create/Update Flow, Start Flow, Register Connector, Update Connector Registration. The Client Token parameter allows idempotent operations for these APIs.
* api-change:``drs``: Changed existing APIs and added new APIs to support using an account-level launch configuration template with AWS Elastic Disaster Recovery.
* api-change:``dynamodb``: Documentation updates for DynamoDB API
* api-change:``emr-serverless``: The GetJobRun API has been updated to include the job's billed resource utilization. This utilization shows the aggregate vCPU, memory and storage that AWS has billed for the job run. The billed resources include a 1-minute minimum usage for workers, plus additional storage over 20 GB per worker.
* api-change:``internetmonitor``: This release includes a new configurable value, TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by percentage
* api-change:``iotwireless``: Supports the new feature of LoRaWAN roaming, allows to configure MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast group
* api-change:``lambda``: Add Python 3.10 (python3.10) support to AWS Lambda
1.29.114
========
* api-change:``ecs``: This release supports ephemeral storage for AWS Fargate Windows containers.
* api-change:``lambda``: This release adds SnapStart related exceptions to InvokeWithResponseStream API. IAM access related documentation is also added for this API.
* api-change:``migration-hub-refactor-spaces``: Doc only update for Refactor Spaces environments without network bridge feature.
* api-change:``rds``: This release adds support of modifying the engine mode of database clusters.
1.29.113
========
* api-change:``chime-sdk-voice``: This release adds tagging support for Voice Connectors and SIP Media Applications
* api-change:``mediaconnect``: Gateway is a new feature of AWS Elemental MediaConnect. Gateway allows the deployment of on-premises resources for the purpose of transporting live video to and from the AWS Cloud.
1.29.112
========
* api-change:``groundstation``: AWS Ground Station Wideband DigIF GA Release
* api-change:``managedblockchain``: Removal of the Ropsten network. The Ethereum foundation ceased support of Ropsten on December 31st, 2022..
1.29.111
========
* api-change:``ecr-public``: This release will allow using registry alias as registryId in BatchDeleteImage request.
* api-change:``emr-serverless``: This release extends GetJobRun API to return job run timeout (executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720 minutes if none was specified).
* api-change:``events``: Update events client to latest version
* api-change:``iot-data``: This release adds support for MQTT5 user properties when calling the AWS IoT GetRetainedMessage API
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
1.29.110
========
* api-change:``connect``: This release adds the ability to configure an agent's routing profile to receive contacts from multiple channels at the same time via extending the UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.
* api-change:``ecs``: This release adds support for enabling FIPS compliance on Amazon ECS Fargate tasks
* api-change:``marketplace-catalog``: Added three new APIs to support resource sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType field to ListEntities request to let users filter on entities that are shared with them. Increased max page size of ListEntities response from 20 to 50 results.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports conversion of 608 paint-on captions to pop-on captions for SCC sources.
* api-change:``omics``: Remove unexpected API changes.
* api-change:``rekognition``: This release adds support for Face Liveness APIs in Amazon Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor updates to API documentation.
1.29.109
========
* api-change:``dlm``: Updated timestamp format for GetLifecyclePolicy API
* api-change:``docdb``: This release adds a new parameter 'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while performing restore.
* api-change:``fsx``: Amazon FSx for Lustre now supports creating data repository associations on Persistent_1 and Scratch_2 file systems.
* api-change:``lambda``: This release adds a new Lambda InvokeWithResponseStream API to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function Url APIs to control whether the response will be streamed or buffered.
* api-change:``quicksight``: This release has two changes: adding the OR condition to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties operations for users to programmatically configure SPICE dataset ingestions.
* api-change:``redshift-data``: Update documentation of API descriptions as needed in support of temporary credentials with IAM identity.
* api-change:``servicecatalog``: Updates description for property
1.29.108
========
* api-change:``cloudformation``: Including UPDATE_COMPLETE as a failed status for DeleteStack waiter.
* api-change:``greengrassv2``: Add support for SUCCEEDED value in coreDeviceExecutionStatus field. Documentation updates for Greengrass V2.
* api-change:``proton``: This release adds support for the AWS Proton service sync feature. Service sync enables managing an AWS Proton service (creating and updating instances) and all of it's corresponding service instances from a Git repository.
* api-change:``rds``: Adds and updates the SDK examples
1.29.107
========
* api-change:``apprunner``: App Runner adds support for seven new vCPU and memory configurations.
* api-change:``config``: This release adds resourceType enums for types released in March 2023.
* api-change:``ecs``: This is a document only updated to add information about Amazon Elastic Inference (EI).
* api-change:``identitystore``: Documentation updates for Identity Store CLI command reference.
* api-change:``ivs-realtime``: Fix ParticipantToken ExpirationTime format
* api-change:``network-firewall``: AWS Network Firewall now supports IPv6-only subnets.
* api-change:``servicecatalog``: removed incorrect product type value
* api-change:``vpc-lattice``: This release removes the entities in the API doc model package for auth policies.
1.29.106
========
* api-change:``amplifyuibuilder``: Support StorageField and custom displays for data-bound options in form builder. Support non-string operands for predicates in collections. Support choosing client to get token from.
* api-change:``autoscaling``: Documentation updates for Amazon EC2 Auto Scaling
* api-change:``dataexchange``: This release updates the value of MaxResults.
* api-change:``ec2``: C6in, M6in, M6idn, R6in and R6idn bare metal instances are powered by 3rd Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network bandwidth.
* api-change:``elastic-inference``: Updated public documentation for the Describe and Tagging APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: Amazon SageMaker Asynchronous Inference now allows customer's to receive failure model responses in S3 and receive success/failure model responses in SNS notifications.
* api-change:``wafv2``: This release rolls back association config feature for webACLs that protect CloudFront protections.
1.29.105
========
* api-change:``glue``: Add support for database-level federation
* api-change:``lakeformation``: Add support for database-level federation
* api-change:``license-manager``: This release adds grant override options to the CreateGrantVersion API. These options can be used to specify grant replacement behavior during grant activation.
* api-change:``mwaa``: This Amazon MWAA release adds the ability to customize the Apache Airflow environment by launching a shell script at startup. This shell script is hosted in your environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and initializing the Apache Airflow process.
* api-change:``servicecatalog``: This release introduces Service Catalog support for Terraform open source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by the terraform engine to notify the result of the provisioning engine execution. 2. Adds a new TERRAFORM_OPEN_SOURCE product type in CreateProduct API.
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
1.29.104
========
* api-change:``ec2``: Documentation updates for EC2 On Demand Capacity Reservations
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet Monitor that enables customers to deliver internet measurements to Amazon S3 buckets as well as CloudWatch Logs.
* api-change:``resiliencehub``: Adding EKS related documentation for appTemplateBody
* api-change:``s3``: Documentation updates for Amazon S3
* api-change:``sagemaker-featurestore-runtime``: In this release, you can now chose between soft delete and hard delete when calling the DeleteRecord API, so you have more flexibility when it comes to managing online store data.
* api-change:``sms``: Deprecating AWS Server Migration Service.
1.29.103
========
* api-change:``athena``: Make DefaultExecutorDpuSize and CoordinatorDpuSize fields optional in StartSession
* api-change:``autoscaling``: Amazon EC2 Auto Scaling now supports Elastic Load Balancing traffic sources with the AttachTrafficSources, DetachTrafficSources, and DescribeTrafficSources APIs. This release also introduces a new activity status, "WaitingForConnectionDraining", for VPC Lattice to the DescribeScalingActivities API.
* api-change:``batch``: This feature allows Batch on EKS to support configuration of Pod Labels through Metadata for Batch on EKS Jobs.
* api-change:``compute-optimizer``: This release adds support for HDD EBS volume types and io2 Block Express. We are also adding support for 61 new instance types and instances that have non consecutive runtime.
* api-change:``drs``: Adding a field to the replication configuration APIs to support the auto replicate new disks feature. We also deprecated RetryDataReplication.
* api-change:``ec2``: This release adds support for Tunnel Endpoint Lifecycle control, a new feature that provides Site-to-Site VPN customers with better visibility and control of their VPN tunnel maintenance updates.
* api-change:``emr``: Update emr client to latest version
* api-change:``glue``: This release adds support for AWS Glue Data Quality, which helps you evaluate and monitor the quality of your data and includes the API for creating, deleting, or updating data quality rulesets, runs and evaluations.
* api-change:``guardduty``: Added EKS Runtime Monitoring feature support to existing detector, finding APIs and introducing new Coverage APIs
* api-change:``imagebuilder``: Adds support for new image workflow details and image vulnerability detection.
* api-change:``ivs``: Amazon Interactive Video Service (IVS) now offers customers the ability to configure IVS channels to allow insecure RTMP ingest.
* api-change:``kendra``: AWS Kendra now supports featured results for a query.
* api-change:``network-firewall``: AWS Network Firewall added TLS inspection configurations to allow TLS traffic inspection.
* api-change:``sagemaker-geospatial``: Amazon SageMaker geospatial capabilities now supports server-side encryption with customer managed KMS key and SageMaker notebooks with a SageMaker geospatial image in a Amazon SageMaker Domain with VPC only mode.
* api-change:``vpc-lattice``: General Availability (GA) release of Amazon VPC Lattice
* api-change:``wellarchitected``: AWS Well-Architected SDK now supports getting consolidated report metrics and generating a consolidated report PDF.
1.29.102
========
* api-change:``opensearchserverless``: This release includes two new exception types "ServiceQuotaExceededException" and "OcuLimitExceededException".
* api-change:``rds``: Add support for creating a read replica DB instance from a Multi-AZ DB cluster.
1.29.101
========
* api-change:``iot-data``: Add endpoint ruleset support for cn-north-1.
* api-change:``ssm-contacts``: This release adds 12 new APIs as part of Oncall Schedule feature release, adds support for a new contact type: ONCALL_SCHEDULE. Check public documentation for AWS ssm-contacts for more information
* api-change:``ssm-incidents``: Increased maximum length of "TriggerDetails.rawData" to 10K characters and "IncidentSummary" to 8K characters.
1.29.100
========
* api-change:``athena``: Enforces a minimal level of encryption for the workgroup for query and calculation results that are written to Amazon S3. When enabled, workgroup users can set encryption only to the minimum level set by the administrator or higher when they submit queries.
* api-change:``chime-sdk-voice``: Documentation updates for Amazon Chime SDK Voice.
* api-change:``connect``: This release introduces support for RelatedContactId in the StartChatContact API. Interactive message and interactive message response have been added to the list of supported message content types for this API as well.
* api-change:``connectparticipant``: This release provides an update to the SendMessage API to handle interactive message response content-types.
* api-change:``iotwireless``: Introducing new APIs that enable Sidewalk devices to communicate with AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect Sidewalk devices with other AWS IoT Services, creating possibilities for seamless integration and advanced device management.
* api-change:``medialive``: AWS Elemental MediaLive now supports ID3 tag insertion for audio only HLS output groups. AWS Elemental Link devices now support tagging.
* api-change:``sagemaker``: Fixed some improperly rendered links in SDK documentation.
* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
* api-change:``servicecatalog-appregistry``: In this release, we started supporting ARN in applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.
* api-change:``voice-id``: Amazon Connect Voice ID now supports multiple fraudster watchlists. Every domain has a default watchlist where all existing fraudsters are placed by default. Custom watchlists may now be created, managed, and evaluated against for known fraudster detection.
1.29.99
=======
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``comprehend``: This release adds a new field (FlywheelArn) to the EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job is started with a FlywheelArn instead of an EntityRecognizerArn .
* api-change:``rds``: Added error code CreateCustomDBEngineVersionFault for when the create custom engine version for Custom engines fails.
1.29.98
=======
* api-change:``batch``: This feature allows Batch to support configuration of ephemeral storage size for jobs running on FARGATE
* api-change:``chime-sdk-identity``: AppInstanceBots can be used to add a bot powered by Amazon Lex to chat channels. ExpirationSettings provides automatic resource deletion for AppInstanceUsers.
* api-change:``chime-sdk-media-pipelines``: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.
* api-change:``chime-sdk-messaging``: ExpirationSettings provides automatic resource deletion for Channels.
* api-change:``chime-sdk-voice``: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio.
* api-change:``codeartifact``: Repository CreationTime is added to the CreateRepository and ListRepositories API responses.
* api-change:``guardduty``: Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
* api-change:``ivs-realtime``: Initial release of the Amazon Interactive Video Service RealTime API.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports passthrough of ID3v2 tags for audio inputs to audio-only HLS outputs.
* api-change:``sagemaker``: Amazon SageMaker Autopilot adds two new APIs - CreateAutoMLJobV2 and DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the ml.geospatial.interactive instance type.
* api-change:``servicediscovery``: Reverted the throttling exception RequestLimitExceeded for AWS Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to previous exception specified in the ErrorCode.
* api-change:``textract``: The AnalyzeDocument - Tables feature adds support for new elements in the API: table titles, footers, section titles, summary cells/tables, and table type.
1.29.97
=======
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``iottwinmaker``: This release adds support of adding metadata when creating a new scene or updating an existing scene.
* api-change:``networkmanager``: This release includes an update to create-transit-gateway-route-table-attachment, showing example usage for TransitGatewayRouteTableArn.
* api-change:``pipes``: This release improves validation on the ARNs in the API model
* api-change:``resiliencehub``: This release provides customers with the ability to import resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.
* api-change:``ssm``: This Patch Manager release supports creating, updating, and deleting Patch Baselines for AmazonLinux2023, AlmaLinux.
1.29.96
=======
* api-change:``chime-sdk-messaging``: Amazon Chime SDK messaging customers can now manage streaming configuration for messaging data for archival and analysis.
* api-change:``cleanrooms``: GA Release of AWS Clean Rooms, Added Tagging Functionality
* api-change:``ec2``: This release adds support for AWS Network Firewall, AWS PrivateLink, and Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path destination optional as long as a destination address in the filter at source is provided.
* api-change:``iotsitewise``: Provide support for tagging of data streams and enabling tag based authorization for property alias
* api-change:``mgn``: This release introduces the Import and export feature and expansion of the post-launch actions
1.29.95
=======
* api-change:``application-autoscaling``: With this release customers can now tag their Application Auto Scaling registered targets with key-value pairs and manage IAM permissions for all the tagged resources centrally.
* api-change:``neptune``: This release makes following few changes. db-cluster-identifier is now a required parameter of create-db-instance. describe-db-cluster will now return PendingModifiedValues and GlobalClusterIdentifier fields in the response.
* api-change:``s3outposts``: S3 On Outposts added support for endpoint status, and a failed endpoint reason, if any
* api-change:``workdocs``: This release adds a new API, SearchResources, which enable users to search through metadata and content of folders, documents, document versions and comments in a WorkDocs site.
Wireshark 4.0.5 Release Notes
What’s New
We do not ship official 32-bit Windows packages for Wireshark 4.0 and
later. If you need to use Wireshark on that platform, we recommend
using the latest 3.6 release. Issue 17779[1]
If you’re running Wireshark on macOS and upgraded to macOS 13 from an
earlier version, you will likely have to open and run the “Uninstall
ChmodBPF” package, then open and run “Install ChmodBPF” in order to
reset the ChmodBPF Launch Daemon. Issue 18734[2].
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2023-09[3] RPCoRDMA dissector crash. Issue 18852[4].
• wnpa-sec-2023-10[5] LISP dissector large loop. Issue 18900[6].
• wnpa-sec-2023-11[7] GQUIC dissector crash Issue 18947[8].
The following bugs have been fixed:
• Wireshark ITS Dissector RTCMEM wrong protocol version selector 2
- should use 1. Issue 18862[9].
• Wireshark treats the letter E in SSRC as an exponential
representation of a number. Issue 18879[10].
• VNC RRE Parser skips over data. Issue 18883[11].
• sshdump coredump when --remote-interface is left empty. Issue
18904[12].
• Fuzz job crash output: fuzz-2023-03-17-7298.pcap. Issue
18917[13].
• Fuzz job crash output: fuzz-2023-03-27-7564.pcap. Issue
18934[14].
• RFC8925 support (dhcp option 108) Issue 18943[15].
• DIS dissector shows an incorrect state in the packet list info
column. Issue 18967[16].
• RTP analysis shows incorrect timestamp error when timestamp is
rolled over. Issue 18973[17].
• Asterisk (*) key crash on Endpoint/Conversation dialog. Issue
18975[18].
• The RTP player waveform now synchronizes better with audio.
New and Updated Features
There are no new or updated features in this release.
Removed Features and Support
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
DHCP, DIS, DNS, ERF, FF, genl, GQUIC, GSM A-bis OML, HL7, IEEE
802.11, ITS, LAPD, netfilter, netlink-route, netlink-sock_diag,
nl80211, RLC, RPCoRDMA, RTPS, SCTP, SMB, UDS, VNC, and WCP
Highlights include:
* Linux SECCOMP updates for many more platforms.
* Misc bug fixes mainly around privsep for many platforms.
* Fix for reading the some BSD routing table entries.
* Fix reading authtokens from config.
0.12.2: youtube uses the agent as well.
0.12.1: xhamster uses the agent as well ; simplified code.
0.12.0: experimental proxy support; improved youtube regex for /shorts/.
grpc headers include abseil headers.
When using grpc from cmake it links to both
c-ares and re2 due to how they have set up
the packages. The pkg-config files for grpc
does this as well.
Remove alot of the patches taken from or sent upstream.
Add qt6-qtserialport to qt6 meta-pkg.
This release has more PLIST files since header files
for features for different OS:s are not installed
on the ones not having them.
Changes:
More than a thousand bug fixes including some pkgsrc
patches.
Version 3.2.2
FEATURE IMPROVEMENTS
The "configure" process now gives a much clearer report when it's finished. Patches by Matthew Newton.
Fallback to "uname -n" on missing "hostname".
Export thread details in radmin "stats threads".
Improve queries for processing radacct into periodic usage data Fix from Nick Porter.
Update dictionary.juniper.
Add dictionary.calix.
Fix dictionary.rfc6519 DS-Lite-Tunnel-Name to be "octets".
Update documentation for robust-proxy-accounting, and be more aggressive about sending packets.
Add per-module README.md files in the source.
Add default Visual Studio configuration for developers.
Postgres can now automatically use alternate queries for errors other than duplicate keys.
%{listen:TLS-PSK-Identity} is now set when using PSK and psk_query This helps the server track the identity of the client which is connecting.
Include thread stats in Status-Server attributes.
Mark rlm_unbound stable and add to packages. Patches by Nick Porter.
Remove broken/unsupported Dockerfiles for centos8 and debian9.
Ensure Docker containers have stable uid/gid. Patches from Terry Burton.
BUG FIXES
Preliminary support for non-blocking TLS sockets.
Fix support for partial certificate chains after adding reload support.
Fix handling of debug_condition.
Clean up home server states, and re-sync with the dictionaries.
Correct certificate order when creating TLS-* attributes
Update use of isalpha() etc. so broken configurations have less impact on the server.
Outgoing TLS sockets now set SNI correctly from the "hostname" configuration item.
Support Apple Homebrew on the M1.
Better error messages when %{listen:TLS-...} is used.
Getting statistics via Status-Server can now be done within a virtual server.
Make TTLS+MS-CHAP work with TLS 1.3.
Fix md5 xlat memory leak when using OpenSSL 3. Fix by Terry Burton.
Version 3.2.1
FEATURE IMPROVEMENTS
Add dictionary.ciena, dictionary.nile, and DHCPv4 dictionaries,.
Add simultaneous-use queries for MS SQL.
Add radmin command for "stats pool <module-name>" Which prints out statistics about the connection pools.
Client statistics now shows "conflicts", to count conflicting packets.
New optional "lightweight accounting-on/off" strategy. When refreshing queries.conf you should also add the new nasreload table and corresponding GRANTs to your DB schema.
Add TLS-Client-Cert-X509v3-Certificate-Policies, which helps with Eduroam. Suggested by Stefan Winter.
Allow auth+acct for TCP sockets, too.
Add rlm_cache_redis. See raddb/mods-available/cache for details.
Allow radmin to look up home servers by name, too.
Ensure that dynamic clients don't create loops on duplicates Reported by Sam Yee.
Removed rlm_sqlhpwippool. There was no documentation, no configuration, and the module was ~15 years old with no one using it.
Marked rlm_python3 as stable.
Add sigalgs_list. See raddb/mods-available/eap. Patch from Boris Lytochkin.
For rlm_linelog, when opening files in /dev, look at "permissions" to see whether to open them r/w.
More flexibility for dynamic home servers. See doc/configuration/dynamic_home_servers.md and raddb/home_servers/README.md.
Allow setting of application_name for PostgreSQL. See mods-available/sql.
BUG FIXES
Correct test for open sessions in radacct for MS SQL.
The linelog module now opens /dev/stdout in "write-only" mode if the permissions are set to "u+w" (0002).
Various fixes to rlm_unbound from Nick Porter.
PEAP now correctly runs Post-Auth-Type Accept.
Create "TLS-Cert-*" for outbound Radsec, instead of TLS-Client-Cert-*. See sites-available/tls, and fix_cert_order.
Minor updates and fixes to CI, Dockerfiles and packaging.
Fix rlm_python3 build with python >= 3.10.
New features
- Added feature to warn you when a newer version of Sniffnet is available on
GitHub 🆕 (#118)
- Added badge on tab bar to show unread notifications count
- Added Romanian translation 🇷🇴 (#113)
Improvements
- Introduction of lazy widgets to improve the application efficiency (#122)
- Aesthetic improvements to create a more modern and minimal UI (use #119 to
suggest me further improvements)
- Changed keyboard shortcut to open settings from ctrl+S to ctrl+,, as
suggested in #97
- Refactored and cleaned code modules (#123)
Fixes
- Fixed problem that was causing a switch to the initial page when back button
was pressed with settings opened on running page and with no packets received
- Fixed problem that was causing application logo to be partially hidden when
resizing the window to a lower dimension
- Show - option in app protocol picklist only when a filter is active
- Fixed header alignment
- ssl_io uses now two specific return codes under condition 'BOMB'
avoiding unnecessary error messages in case of TLS client termination.
- ssl_io.c closes TLS connection gracefully upon SSL_ERROR_SSL recognition and not continue looping.
- Included tests on tai_now in ssl_timeout.c and removed obsolete pollmax variables.
- apply patch-macros_quota-check.m4's changes to configure, so that
it has a chance to enable quota support on NetBSD
- etc/afpd/quota.c: update for new libquota after dholland's changes
(back in 2012!)
Bump PKGREVISION
[1.1.2] - 2023-03-18
- Added new translations of the GUI, bringing the total number of supported
languages to 8!
- German 🇩🇪 (#87)
- Simplified Chinese 🇨🇳 (#89 - #93)
- Ukrainian 🇺🇦 (#94)
- Added keyboard shortcuts to make the whole experience more enjoyable and
efficient: check out issue #97 to see all the available hotkeys or to
suggest new ones!
- Changed GUI font to sarasa-gothic-mono to support the introduction of
Simplified Chinese language
- Minor improvements to Overview page proportions and paddings
RabbitMQ 3.11.13
Core Server
Bug Fixes
3.11.12 introduced a regression that caused client connections to fail with an exception
when TCP or TLS listeners were bould to a particular interface.
RabbitMQ 3.11.12
Core Server
Bug Fixes
Boot time import of definitions from a conf.d-style directory failed unless
definitions.skip_if_unchanged was set to true, for example, like in this
rabbitmq.conf:
definitions.skip_if_unchanged = false
definitions.import_backend = local_filesystem
definitions.local.path = /path/to/RabbitMQ/definitions/conf.d/
Improved resiliency of dead-lettering.
Enhancements
When the maximum allowed number of connections to the node was limited using the connection_max key
and the limit was reached, newly connecting client previously would run into a TCP connection timeout.
Now a more specific error will be returned to the client before connection closure.
Contributed by @SimonUnge (AWS).
CLI Tools
Bug Fixes
rabbitmqctl add_vhosts failed with an exception when --default-queue-type option was provided.
Management Plugin
Bug Fixes
HTTP API endpoint PUT /api/vhosts/{name} incorrectly used defaultqueuetype for default queue type
key name. It is now default_queue_type, the same key as returned by GET /api/vhosts/{name}.
HTTP API will now respond with a 405 Method Not Allowed instead of a 500 when
an unsupported method is used by the client.
Contributed by @gomoripeti (CloudAMQP).
AMQP 1.0 Plugin
Bug Fixes
Fixed AMQP 1.0 authentication issue that affected OAuth 2 token users.
==============================
Release Notes for Samba 4.17.7
March 29, 2023
==============================
This is a security release in order to address the following defects:
o CVE-2023-0225: An incomplete access check on dnsHostName allows authenticated
but otherwise unprivileged users to delete this attribute from
any object in the directory.
https://www.samba.org/samba/security/CVE-2023-0225.html
o CVE-2023-0922: The Samba AD DC administration tool, when operating against a
remote LDAP server, will by default send new or reset
passwords over a signed-only connection.
https://www.samba.org/samba/security/CVE-2023-0922.html
o CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
Confidential attribute disclosure via LDAP filters was
insufficient and an attacker may be able to obtain
confidential BitLocker recovery keys from a Samba AD DC.
Installations with such secrets in their Samba AD should
assume they have been obtained and need replacing.
https://www.samba.org/samba/security/CVE-2023-0614.html
Pkgsrc changes:
* update dependency list to match package requirements
* PLIST and checksum fixes
Upstream changes:
2.6.7:
Enhancements done
Supported option to set look_for_keys with bool True/False #1234
Bugs Fixed
Fixed build failure against setuptools #1231
2.6.6:
Bugs Fixed
Fixed reboot failing on other RE #1199
Fixed passing 'sleep' arg to StartShell run() #1202
Fixed PyEZ get-facts support for ACX model #1209
Fixed EthPortTable regex pattern #1215
Fixed StartShell UnboundLocalError #1203#1211
2.6.5:
Enhancements done
Supported multi-gig ports for EthPortTable.yml #1177
Bugs Fixed
Fixed on-box support for start shell types #1190#1186
Fixed conn_open_timeout value was getting set None , changed
it to default 30 seconds #1184
2.6.4:
Enhancements done
Supported start_shell options to choose the shell types (sh or csh) #995
Supported for python 3.9
Bugs Fixed
Fixed Device facts current_re returns the SRX cluster node0
and node1 details with cluster ID 16 #1135
Fixed upgrade ncclient version 0.6.13, updated requirements.txt
to install ncclient==0.6.13 #1153
Fixed deprecation warning due to invalid escape sequences #1034
Fixed Unit tests test_sw_put_ftp failure #1165
2.6.3:
Enhancements done
Adding ignore warning for rollback api #1131
Add escaped $ Bourne-style shell prompt support #868
Bugs Fixed
Fix for junos versions returning a bool value for config diff
if there are no changes #1093
Handle ncclient timeout exception at close. #787
Newer junos versions return a bool for config diff and not
etree if there are no changes #1093
2.6.2:
Bugs Fixed
Fix for evo device as Password prompt comes directly during telnet #1112
2.6.1:
Enhancement Added
Flag for json.loads() for special character like newline was
made false by default. #1029
Bugs Fixed
Transform function modified only for the rpc and set back to
original value. #1108
Skip the values returned in re-list without numbers during
multi re software install #1099
getiterator() replaced with iter() as was deprecated in Python
3.2 and removed in Python 3.9 #1110
2.6.0:
Enhancement Added
Python 2 support removed from this release.
Session-id variable added to support telnet based persistent
connection in Juniper supported ansible collections.
2.5.4:
Features Added
cRPD model check to be added for on-box junos #1084
Bugs Fixed
support use-fast-diff in diff/pdff function #1088
Zeroize handling modified for scenario where only warning is
returned in the rpc-reply #1087
ntc_template and textfsm module's installation made optional
and to be done explicitly if one want to use PyEZ table/view
for other vendors cli o/p parsing. #1085
Checksum algorithm argument to be passed during remote checksum
in software installation. #1083
docstring initialized with empty string as it becomes empty if
optimization flag is added. #1081
2.5.3:
Bugs Fixed
vmhost single re based image upgrade is failing while reboot #1071
2.5.2:
Bugs Fixed
juniper_junos_system fails when (vmhost) rebooting MX204 router #1068
Testcase failing in PyEZ after ncclient upgrade #1064
Wheel support for version integrated with versioneer. #1070
rpc-reply during reboot parsing gives error #1066
2.5.1:
Bugs Fixed
Adding monitor-failure information in juniper_junos_facts output #991
Raise exception when dev.cli fails with exception #925
Device version fix for srx when cluster id greater than 15 #1032#819
2.5.0:
Features Added
Black tool integrated and checked in Travis.
Versioneer support added for the code.
Changes for ansible actions of the reboot, shutdown to be handled in PyEZ
Bugs Fixed
sax parser filter generation generic logic #1047
Changes for the msg displayed in case of failure in software update #1030
fix for default ssh_config path in windows #1043
ntc_template latest version uses textfsm 1.1.0 #1042
drop hard dependency on unittest2 #1040
Note:
Due to changes in software install functionality, the return type
has changed for the function sw.install. Now it will return tuple
in place of Boolean, Tuple contains Success/Failure status and
software install message (if any)
2.4.1:
Bugs fixed
Latest textfsm doesn't support in windows. Hence, supporting
textfsm 0.4.1 for windows user #1019
Convert port argument when passed as str to int data type #1020
Return type of sw.install function going to change in the
upcoming major release. So, added a deprecation warning in
sw.install #1025
2.4.0:
Features Added
Added TableView Null Key support #983
Added timeout support for commit_check() #998
Added Win serial COM support #1000
Added load patch support #1001
Added textfsm support for table/view #1009
Bugs fixed:
Fixed table/view issue w.r.t to get() call #981
Fixed documentation typo #986
Handled sax parser input for nested fields #997
Fixed outbound ssh issue #1007
Fixed xpath issue when defined with a string function #1008
2.3.2:
Features Added
Added TableView Null Key support #983
Added timeout support for commit_check() #998
Added Win serial COM support #1000
Added load patch support #1001
Added textfsm support for table/view #1009
Bugs fixed:
Fixed table/view issue w.r.t to get() call #981
Fixed documentation typo #986
Handled sax parser input for nested fields #997
Fixed outbound ssh issue #1007
Fixed xpath issue when defined with a string function #1008
2.3.1:
Bugs fixed:
Handled a check for pending Junos OS or package installation #966
Fixed MetaPathLoader support only for jnpr.junos* modules #977
Fixed huge tree XML support #975
Fixed Junos sax parser issue for filter_xml broken #969
2.3.0:
Features Added
TableView extended for vty/cli unstructured command #950
Added junos SAX parser feature #942#955#951
Added TableView Null Key support #910
Added command tables #958.
Added reboot support for junos vmhost platform #952
Added ElsEthernetSwitchingTable TableView #939
Added callback functionality to ftp get #932
Extended start shell support for Bourne shell #934
Added at option support for sw.reboot() and sw.poweroff() #916
Added generalized function for ssh-client #957
Bugs Fixed
Updated fact collection for srx platform #935
Supports new ssh private key format #945
Handled exception in dev.close() #956
Updated file transfers to use context manager to open files #885
Fixed reboot and poweroff behavior #916
2.2.1:
Bugs Fixed
Handle multiple package-result values from sw.install #864
Extended support to WR-Based Linux H/W #882#883#889
Fixed issues in Console over SSH #877
Optimized PyEZ docker image size and minor bug fixes#894#911
Fixed JSON serialization for Junos facts #902
Updated securityzone.yml. Added item zone-security #909
Fixed runtime error while using Outbound-SSH #915
Fixed Pyyaml bugs #914#917#918
2.2.0:
Features Added:
Support for Node Slicing based platforms #856
Support for Linux based Juniper devices #862
Support SSH Connection through console server (having login
credentials) #861#870
Outbound SSH #732
2.1.9:
Bugs Fixed
Added op tables and views for SRX security zones #855
Changed facts for DVATIA platform #856
Fixed issue in gathering facts when other RE is rebooting/off #852
Added and fixed existing unit test cases in PyEZ #838#854#840
Fixed RpcTimeoutError for pdiff() #839
Handled newer junos device #853
2.1.8:
Bug Fixed:
Correct PyEZ TechWiki link #813
Support active and inactive configuration options in config
table/view #826
Upgraded alpine 3.6 to support docker in PyEZ #789#828#827
Support configuration table/view in telnet mode #829
Added new unit test cases in PyEZ #831
Detect set config format with all keywords like insert, activate,
copy etc #791#792
Pkgsrc changes:
* update dependency list to match package requirements
* PLIST and checksum fixes
Upstream changes:
2.6.7:
Enhancements done
Supported option to set look_for_keys with bool True/False #1234
Bugs Fixed
Fixed build failure against setuptools #1231
2.6.6:
Bugs Fixed
Fixed reboot failing on other RE #1199
Fixed passing 'sleep' arg to StartShell run() #1202
Fixed PyEZ get-facts support for ACX model #1209
Fixed EthPortTable regex pattern #1215
Fixed StartShell UnboundLocalError #1203#1211
2.6.5:
Enhancements done
Supported multi-gig ports for EthPortTable.yml #1177
Bugs Fixed
Fixed on-box support for start shell types #1190#1186
Fixed conn_open_timeout value was getting set None , changed
it to default 30 seconds #1184
2.6.4:
Enhancements done
Supported start_shell options to choose the shell types (sh or csh) #995
Supported for python 3.9
Bugs Fixed
Fixed Device facts current_re returns the SRX cluster node0
and node1 details with cluster ID 16 #1135
Fixed upgrade ncclient version 0.6.13, updated requirements.txt
to install ncclient==0.6.13 #1153
Fixed deprecation warning due to invalid escape sequences #1034
Fixed Unit tests test_sw_put_ftp failure #1165
2.6.3:
Enhancements done
Adding ignore warning for rollback api #1131
Add escaped $ Bourne-style shell prompt support #868
Bugs Fixed
Fix for junos versions returning a bool value for config diff
if there are no changes #1093
Handle ncclient timeout exception at close. #787
Newer junos versions return a bool for config diff and not
etree if there are no changes #1093
2.6.2:
Bugs Fixed
Fix for evo device as Password prompt comes directly during telnet #1112
2.6.1:
Enhancement Added
Flag for json.loads() for special character like newline was
made false by default. #1029
Bugs Fixed
Transform function modified only for the rpc and set back to
original value. #1108
Skip the values returned in re-list without numbers during
multi re software install #1099
getiterator() replaced with iter() as was deprecated in Python
3.2 and removed in Python 3.9 #1110
2.6.0:
Enhancement Added
Python 2 support removed from this release.
Session-id variable added to support telnet based persistent
connection in Juniper supported ansible collections.
2.5.4:
Features Added
cRPD model check to be added for on-box junos #1084
Bugs Fixed
support use-fast-diff in diff/pdff function #1088
Zeroize handling modified for scenario where only warning is
returned in the rpc-reply #1087
ntc_template and textfsm module's installation made optional
and to be done explicitly if one want to use PyEZ table/view
for other vendors cli o/p parsing. #1085
Checksum algorithm argument to be passed during remote checksum
in software installation. #1083
docstring initialized with empty string as it becomes empty if
optimization flag is added. #1081
2.5.3:
Bugs Fixed
vmhost single re based image upgrade is failing while reboot #1071
2.5.2:
Bugs Fixed
juniper_junos_system fails when (vmhost) rebooting MX204 router #1068
Testcase failing in PyEZ after ncclient upgrade #1064
Wheel support for version integrated with versioneer. #1070
rpc-reply during reboot parsing gives error #1066
2.5.1:
Bugs Fixed
Adding monitor-failure information in juniper_junos_facts output #991
Raise exception when dev.cli fails with exception #925
Device version fix for srx when cluster id greater than 15 #1032#819
2.5.0:
Features Added
Black tool integrated and checked in Travis.
Versioneer support added for the code.
Changes for ansible actions of the reboot, shutdown to be handled in PyEZ
Bugs Fixed
sax parser filter generation generic logic #1047
Changes for the msg displayed in case of failure in software update #1030
fix for default ssh_config path in windows #1043
ntc_template latest version uses textfsm 1.1.0 #1042
drop hard dependency on unittest2 #1040
Note:
Due to changes in software install functionality, the return type
has changed for the function sw.install. Now it will return tuple
in place of Boolean, Tuple contains Success/Failure status and
software install message (if any)
2.4.1:
Bugs fixed
Latest textfsm doesn't support in windows. Hence, supporting
textfsm 0.4.1 for windows user #1019
Convert port argument when passed as str to int data type #1020
Return type of sw.install function going to change in the
upcoming major release. So, added a deprecation warning in
sw.install #1025
2.4.0:
Features Added
Added TableView Null Key support #983
Added timeout support for commit_check() #998
Added Win serial COM support #1000
Added load patch support #1001
Added textfsm support for table/view #1009
Bugs fixed:
Fixed table/view issue w.r.t to get() call #981
Fixed documentation typo #986
Handled sax parser input for nested fields #997
Fixed outbound ssh issue #1007
Fixed xpath issue when defined with a string function #1008
2.3.2:
Features Added
Added TableView Null Key support #983
Added timeout support for commit_check() #998
Added Win serial COM support #1000
Added load patch support #1001
Added textfsm support for table/view #1009
Bugs fixed:
Fixed table/view issue w.r.t to get() call #981
Fixed documentation typo #986
Handled sax parser input for nested fields #997
Fixed outbound ssh issue #1007
Fixed xpath issue when defined with a string function #1008
2.3.1:
Bugs fixed:
Handled a check for pending Junos OS or package installation #966
Fixed MetaPathLoader support only for jnpr.junos* modules #977
Fixed huge tree XML support #975
Fixed Junos sax parser issue for filter_xml broken #969
2.3.0:
Features Added
TableView extended for vty/cli unstructured command #950
Added junos SAX parser feature #942#955#951
Added TableView Null Key support #910
Added command tables #958.
Added reboot support for junos vmhost platform #952
Added ElsEthernetSwitchingTable TableView #939
Added callback functionality to ftp get #932
Extended start shell support for Bourne shell #934
Added at option support for sw.reboot() and sw.poweroff() #916
Added generalized function for ssh-client #957
Bugs Fixed
Updated fact collection for srx platform #935
Supports new ssh private key format #945
Handled exception in dev.close() #956
Updated file transfers to use context manager to open files #885
Fixed reboot and poweroff behavior #916
2.2.1:
Bugs Fixed
Handle multiple package-result values from sw.install #864
Extended support to WR-Based Linux H/W #882#883#889
Fixed issues in Console over SSH #877
Optimized PyEZ docker image size and minor bug fixes#894#911
Fixed JSON serialization for Junos facts #902
Updated securityzone.yml. Added item zone-security #909
Fixed runtime error while using Outbound-SSH #915
Fixed Pyyaml bugs #914#917#918
2.2.0:
Features Added:
Support for Node Slicing based platforms #856
Support for Linux based Juniper devices #862
Support SSH Connection through console server (having login
credentials) #861#870
Outbound SSH #732
2.1.9:
Bugs Fixed
Added op tables and views for SRX security zones #855
Changed facts for DVATIA platform #856
Fixed issue in gathering facts when other RE is rebooting/off #852
Added and fixed existing unit test cases in PyEZ #838#854#840
Fixed RpcTimeoutError for pdiff() #839
Handled newer junos device #853
2.1.8:
Bug Fixed:
Correct PyEZ TechWiki link #813
Support active and inactive configuration options in config
table/view #826
Upgraded alpine 3.6 to support docker in PyEZ #789#828#827
Support configuration table/view in telnet mode #829
Added new unit test cases in PyEZ #831
Detect set config format with all keywords like insert, activate,
copy etc #791#792
- New suite of commands for working with Repository and Organization variables
- ext install: Introduce new --force flag
- variable: fix listing and deleting per-environment variables
Overview of changes in 2.6.2
New features
implement byte counter statistics for DCO Linux (p2mp server and client)
implement byte counter statistics for DCO Windows (client only)
'--dns server <n> address ...' now permits up to 8 v4 or v6 addresses
fix a few cases of possibly undefined behaviour detected by ASAN
add more unit tests for Windows cryptoapi interface
Bug fixes
sending of AUTH_PENDING and INFO_PRE messages fixed
Windows: do not treat "setting IPv6 interface metric failed" as fatal error on "block-dns" install - this can happen if IPv6 is disabled on the interface and is not harmful in itself
fix '--inactive' if DCO is in use NOTE: on FreeBSD, this is not working yet (missing per-peer stats)
DCO-Linux: do not print errno on netlink errors (errno is not set by NL)
SOCKS client: improve error reporting on server disconnects
DCO-Linux: fix lockups due to netlink buffer overflows on high client connect/disconnect activity. See "User visible changes" for more details of this.
fix some uses of the OpenSSL3 API for non-default providers (enable use of quantum-crypto OpenSSL provider)
fix memory leak of approx. 1600 bytes per incoming initial TLS packet
fix bug when using ECDSA signatures with OpenSSL 3.0.x and pkcs11-helper (data format conversion was not done properly)
fix 'make distcheck' - unexpected side effect of 'subdir-objects'
fix ASSERT() with dynamic tls-crypt and --tls-crypt-v2
User visible changes
print (kernel) DCO version on startup - helpful for getting a more complete picture of the environment in use.
New control packets flow for data channel offloading on Linux. 2.6.2+ changes the way OpenVPN control packets are handled on Linux when DCO is active, fixing the lockups observed with 2.6.0/2.6.1 under high client connect/disconnect activity. This is an INCOMPATIBLE change and therefore an ovpn-dco kernel module older than v0.2.20230323 (commit ID 726fdfe0fa21) will not work anymore and must be upgraded. The kernel module was renamed to "ovpn-dco-v2.ko" in order to highlight this change and ensure that users and userspace software could easily understand which version is loaded. Attempting to use the old ovpn-dco with 2.6.2+ will lead to disabling DCO at runtime.
The client-pending-auth management command now requires also the key id. The management version has been changed to 5 to indicate this change.
A client will now refuse a connection if pushed compression settings will contradict the setting of allow-compression as this almost always results in a non-working connection.
Highlights
The major highlight of the 0.7.0 release of Trippy is the addition of full
support for Windows, for all tracing modes and protocols!
This has been many months in the making and is thanks to the hard work and
perseverance of @zarkdav.
This release also sees the introduction of custom Tui themes and key bindings,
deb and rpm package releases, as well as several important bug fixes.
My thanks to all the contributors!
Added
- Added support for Windows (icmp, udp & tcp for IPv4 &IPv6) (#98) [@zarkdav]
- Added support for custom Tui key bindings (#448)
- Added support for custom Tui color themes (#411)
- Added RPM packaging (#95) [@OmarAtefThabet]
- Added DEB packaging (#94) [@Marwanmhks]
Fixed
- Variable Equal Cost Multi-path Routing (ECMP) causing truncated trace (#269)
- Tracing using the tcp may ignore some incoming icmp responses (#407)
- Tracer panics with large --initial-sequence and delayed TCP probe response
(#435)
- Trippy Docker fails to start (#277)
2.7.6
- MINOR: proto_uxst: add resume method
- MINOR: listener/api: add lli hint to listener functions
- MINOR: listener: add relax_listener() function
- MINOR: listener: workaround for closing a tiny race between resume_listener() and stopping
- MINOR: listener: make sure we don't pause/resume bypassed listeners
- BUG/MEDIUM: listener: fix pause_listener() suspend return value handling
- BUG/MINOR: listener: fix resume_listener() resume return value handling
- BUG/MEDIUM: resume from LI_ASSIGNED in default_resume_listener()
- MINOR: listener: pause_listener() becomes suspend_listener()
- BUG/MEDIUM: listener/proxy: fix listeners notify for proxy resume
- MEDIUM: proto_ux: properly suspend named UNIX listeners
- MINOR: proto_ux: ability to dump ABNS names in error messages
- MINOR: quic: Stop stressing the acknowledgments process (RX ACK frames)
- BUG/MINOR: quic: Dysfunctional 01RTT packet number space probing
- BUG/MEDIUM: stream: do not try to free a failed stream-conn
- BUG/MEDIUM: mux-h2: do not try to free an unallocated h2s->sd
- BUG/MEDIUM: mux-h2: erase h2c->wait_event.tasklet on error path
- BUG/MEDIUM: stconn: don't set the type before allocation succeeds
- BUG/MINOR: stconn: fix sedesc memory leak on stream allocation failure
- BUG/MEDIUM: mux-h1: properly destroy a partially allocated h1s
- BUG/MEDIUM: applet: only set appctx->sedesc on successful allocation
- BUG/MINOR: quic: wake up MUX on probing only for 01RTT
- BUG/MINOR: quic: ignore congestion window on probing for MUX wakeup
- BUG/MINOR: trace: fix hardcoded level for TRACE_PRINTF
- BUG/MEDIUM: mux-quic: release data from conn flow-control on qcs reset
- MINOR: mux-quic: complete traces for qcs emission
- MINOR: mux-quic: adjust trace level for MAX_DATA/MAX_STREAM_DATA recv
- MINOR: mux-quic: add flow-control info to minimal trace level
- BUG/MINOR: h3: properly handle incomplete remote uni stream type
- BUG/MINOR: mux-quic: prevent CC status to be erased by shutdown
- MINOR: mux-quic: interrupt qcc_recv*() operations if CC scheduled
- MINOR: mux-quic: ensure CONNECTION_CLOSE is scheduled once per conn
- MINOR: mux-quic: close on qcs allocation failure
- MINOR: mux-quic: close on frame alloc failure
- BUG/MEDIUM: stats: Consume the request except when parsing the POST payload
- DOC: config: set-var() dconv rendering issues
- BUG/MEDIUM: mux-h1: Wakeup H1C on shutw if there is no I/O subscription
- BUG/MINOR: applet/new: fix sedesc freeing logic
- BUG/MINOR: quic: Missing STREAM frame type updated
2.7.5
- BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
- BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
- BUG/MEDIUM: proxy: properly stop backends on soft-stop
- BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
- DEBUG: cli/show_fd: Display connection error code
- DEBUG: ssl-sock/show_fd: Display SSL error code
- BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
- BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
- BUG/MINOR: quic: Missing STREAM frame length updates
- BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
- BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
- MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
- BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
- BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
- BUG/MINOR: quic: Missing STREAM frame data pointer updates
- BUG/MEDIUM: listener: duplicate inherited FDs if needed
- MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
- MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
- MEDIUM: mux-h2/trace: add tracing support for headers
- BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
- BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
- BUG/MINOR: proto_ux: report correct error when bind_listener fails
- BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
- BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
- BUG/MAJOR: qpack: fix possible read out of bounds in static table
- OPTIM: mux-h1: limit first read size to avoid wrapping
Upstream changes:
* 3.6.0 (2023/03/18)
- recover timeline temporarily by REST API (v1.1) since filter stream is
no longer available
- remove --reconnect option
## Changes in 2.53.1
Released 2023-03-19
* Repeat mode is more fault tolerant, recovering after temporary
errors.
* Preferences "force", "prefer" and related no longer require
specifying the full root.
* Improve stopping of update propagation.
* Enable VT input escape codes in Windows.
* Respect user-provided CFLAGS, CPPFLAGS, LDFLAGS, LDLIBS.
* Add build instructions in INSTALL.md (and drop from manual).
* Add graceful stop in repeat mode - SIGUSR2.
* Add watch+seconds to 'repeat' preference.
1.27.94
=======
* api-change:``billingconductor``: This release adds a new filter to ListAccountAssociations API and a new filter to ListBillingGroups API.
* api-change:``config``: This release adds resourceType enums for types released from October 2022 through February 2023.
* api-change:``dms``: S3 setting to create AWS Glue Data Catalog. Oracle setting to control conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map boolean from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to control access of database logs.
1.27.93
=======
* api-change:``guardduty``: Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
* api-change:``resource-explorer-2``: Documentation updates for APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime command to latest version
1.27.92
=======
* api-change:``migrationhubstrategy``: This release adds the binary analysis that analyzes IIS application DLLs on Windows and Java applications on Linux to provide anti-pattern report without configuring access to the source code.
* api-change:``s3control``: Added support for S3 Object Lambda aliases.
* api-change:``securitylake``: Make Create/Get/ListSubscribers APIs return resource share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to track status of UpdateDatalake and DeleteDatalake requests.
1.27.91
=======
* api-change:``application-autoscaling``: Application Auto Scaling customers can now use mathematical functions to customize the metric used with Target Tracking policies within the policy configuration itself, saving the cost and effort of publishing the customizations as a separate metric.
* api-change:``dataexchange``: This release enables data providers to license direct access to S3 objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data Exchange. Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with them, without creating or managing copies.
* api-change:``directconnect``: describe-direct-connect-gateway-associations includes a new status, updating, indicating that the association is currently in-process of updating.
* api-change:``ec2``: This release adds a new DnsOptions key (PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs.
* api-change:``iam``: Documentation only updates to correct customer-reported issues
* api-change:``keyspaces``: Adding support for client-side timestamps
1.27.90
=======
* bugfix:``codeartifact login``: Prevent AWS CodeArtifact login command from hanging unexpectedly.
* api-change:``appintegrations``: Adds FileConfiguration to Amazon AppIntegrations CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect from sources such as Microsoft SharePoint.
* api-change:``lakeformation``: This release updates the documentation regarding Get/Update DataCellsFilter
* api-change:``s3control``: Added support for cross-account Multi-Region Access Points. Added support for S3 Replication for S3 on Outposts.
* api-change:``tnb``: This release adds tagging support to the following Network Instance APIs : Instantiate, Update, Terminate.
* api-change:``wisdom``: This release extends Wisdom CreateKnowledgeBase API to support SharePoint connector type by removing the @required trait for objectField
1.27.89
=======
* api-change:``ivschat``: This release adds a new exception returned when calling AWS IVS chat UpdateLoggingConfiguration. Now UpdateLoggingConfiguration can return ConflictException when invalid updates are made in sequence to Logging Configurations.
* api-change:``secretsmanager``: The type definitions of SecretString and SecretBinary now have a minimum length of 1 in the model to match the exception thrown when you pass in empty values.
1.27.88
=======
* api-change:``codeartifact``: This release introduces the generic package format, a mechanism for storing arbitrary binary assets. It also adds a new API, PublishPackageVersion, to allow for publishing generic packages.
* api-change:``connect``: This release adds a new API, GetMetricDataV2, which returns metric data for Amazon Connect.
* api-change:``evidently``: Updated entity override documentation
* api-change:``networkmanager``: This update provides example usage for TransitGatewayRouteTableArn.
* api-change:``quicksight``: This release has two changes: add state persistence feature for embedded dashboard and console in GenerateEmbedUrlForRegisteredUser API; add properties for hidden collapsed row dimensions in PivotTableOptions.
* api-change:``redshift-data``: Added support for Redshift Serverless workgroup-arn wherever the WorkgroupName parameter is available.
* api-change:``sagemaker``: Amazon SageMaker Inference now allows SSM access to customer's model container by setting the "EnableSSMAccess" parameter for a ProductionVariant in CreateEndpointConfig API.
* api-change:``servicediscovery``: Updated all AWS Cloud Map APIs to provide consistent throttling exception (RequestLimitExceeded)
* api-change:``sesv2``: This release introduces a new recommendation in Virtual Deliverability Manager Advisor, which detects missing or misconfigured Brand Indicator for Message Identification (BIMI) DNS records for customer sending identities.
1.27.87
=======
* api-change:``athena``: A new field SubstatementType is added to GetQueryExecution API, so customers have an error free way to detect the query type and interpret the result.
* api-change:``dynamodb``: Adds deletion protection support to DynamoDB tables. Tables with deletion protection enabled cannot be deleted. Deletion protection is disabled by default, can be enabled via the CreateTable or UpdateTable APIs, and is visible in TableDescription. This setting is not replicated for Global Tables.
* api-change:``ec2``: Introducing Amazon EC2 C7g, M7g and R7g instances, powered by the latest generation AWS Graviton3 processors and deliver up to 25% better performance over Graviton2-based instances.
* api-change:``lakeformation``: This release adds two new API support "GetDataCellsFiler" and "UpdateDataCellsFilter", and also updates the corresponding documentation.
* api-change:``mediapackage-vod``: This release provides the date and time VOD resources were created.
* api-change:``mediapackage``: This release provides the date and time live resources were created.
* api-change:``route53resolver``: Add dual-stack and IPv6 support for Route 53 Resolver Endpoint,Add IPv6 target IP in Route 53 Resolver Forwarding Rule
* api-change:``sagemaker``: There needs to be a user identity to specify the SageMaker user who perform each action regarding the entity. However, these is a not a unified concept of user identity across SageMaker service that could be used today.
1.27.86
=======
* bugfix:eks: Output JSON only for user entry in kubeconfig.
* api-change:``dms``: This release adds DMS Fleet Advisor Target Recommendation APIs and exposes functionality for DMS Fleet Advisor. It adds functionality to start Target Recommendation calculation.
* api-change:``location``: Documentation update for the release of 3 additional map styles for use with Open Data Maps: Open Data Standard Dark, Open Data Visualization Light & Open Data Visualization Dark.
1.27.85
=======
* api-change:``account``: AWS Account alternate contact email addresses can now have a length of 254 characters and contain the character "|".
* api-change:``ivs``: Updated text description in DeleteChannel, Stream, and StreamSummary.
1.27.84
=======
* api-change:``dynamodb``: Documentation updates for DynamoDB.
* api-change:``ec2``: This release adds support for a new boot mode for EC2 instances called 'UEFI Preferred'.
* api-change:``macie2``: Documentation updates for Amazon Macie
* api-change:``mediaconvert``: The AWS Elemental MediaConvert SDK has improved handling for different input and output color space combinations.
* api-change:``medialive``: AWS Elemental MediaLive adds support for Nielsen watermark timezones.
* api-change:``transcribe``: Amazon Transcribe now supports role access for these API operations: CreateVocabulary, UpdateVocabulary, CreateVocabularyFilter, and UpdateVocabularyFilter.
1.27.83
=======
* api-change:``iot``: A recurring maintenance window is an optional configuration used for rolling out the job document to all devices in the target group observing a predetermined start time, duration, and frequency that the maintenance window occurs.
* api-change:``migrationhubstrategy``: This release updates the File Import API to allow importing servers already discovered by customers with reduced pre-requisites.
* api-change:``organizations``: This release introduces a new reason code, ACCOUNT_CREATION_NOT_COMPLETE, to ConstraintViolationException in CreateOrganization API.
* api-change:``pi``: This release adds a new field PeriodAlignment to allow the customer specifying the returned timestamp of time periods to be either the start or end time.
* api-change:``pipes``: This release fixes some input parameter range and patterns.
* api-change:``sagemaker``: Add a new field "EndpointMetrics" in SageMaker Inference Recommender "ListInferenceRecommendationsJobSteps" API response.
1.27.82
=======
* api-change:``codecatalyst``: Published Dev Environments StopDevEnvironmentSession API
* api-change:``pricing``: This release adds 2 new APIs - ListPriceLists which returns a list of applicable price lists, and GetPriceListFileUrl which outputs a URL to retrieve your price lists from the generated file from ListPriceLists
* api-change:``s3outposts``: S3 on Outposts introduces a new API ListOutpostsWithS3, with this API you can list all your Outposts with S3 capacity.
1.27.81
=======
* api-change:``comprehend``: Amazon Comprehend now supports flywheels to help you train and manage new model versions for custom models.
* api-change:``ec2``: This release allows IMDS support to be set to v2-only on an existing AMI, so that all future instances launched from that AMI will use IMDSv2 by default.
* api-change:``kms``: AWS KMS is deprecating the RSAES_PKCS1_V1_5 wrapping algorithm option in the GetParametersForImport API that is used in the AWS KMS Import Key Material feature. AWS KMS will end support for this wrapping algorithm by October 1, 2023.
* api-change:``lightsail``: This release adds Lightsail for Research feature support, such as GUI session access, cost estimates, stop instance on idle, and disk auto mount.
* api-change:``managedblockchain``: This release adds support for tagging to the accessor resource in Amazon Managed Blockchain
* api-change:``omics``: Minor model changes to accomodate batch imports feature
1.27.80
=======
* api-change:``devops-guru``: This release adds the description field on ListAnomaliesForInsight and DescribeAnomaly API responses for proactive anomalies.
* api-change:``drs``: New fields were added to reflect availability zone data in source server and recovery instance description commands responses, as well as source server launch status.
* api-change:``internetmonitor``: CloudWatch Internet Monitor is a a new service within CloudWatch that will help application developers and network engineers continuously monitor internet performance metrics such as availability and performance between their AWS-hosted applications and end-users of these applications
* api-change:``lambda``: This release adds the ability to create ESMs with Document DB change streams as event source. For more information see https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html.
* api-change:``mediaconvert``: The AWS Elemental MediaConvert SDK has added support for HDR10 to SDR tone mapping, and animated GIF video input sources.
* api-change:``timestream-write``: This release adds the ability to ingest batched historical data or migrate data in bulk from S3 into Timestream using CSV files.
1.27.79
=======
* api-change:``connect``: StartTaskContact API now supports linked task creation with a new optional RelatedContactId parameter
* api-change:``connectcases``: This release adds the ability to delete domains through the DeleteDomain API. For more information see https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html
* api-change:``redshift``: Documentation updates for Redshift API bringing it in line with IAM best practices.
* api-change:``securityhub``: New Security Hub APIs and updates to existing APIs that help you consolidate control findings and enable and disable controls across all supported standards
* api-change:``servicecatalog``: Documentation updates for Service Catalog
1.27.78
=======
* api-change:``appflow``: This release enables the customers to choose whether to use Private Link for Metadata and Authorization call when using a private Salesforce connections
* api-change:``ecs``: This release supports deleting Amazon ECS task definitions that are in the INACTIVE state.
* api-change:``grafana``: Doc-only update. Updated information on attached role policies for customer provided roles
* api-change:``guardduty``: Updated API and data types descriptions for CreateFilter, UpdateFilter, and TriggerDetails.
* api-change:``iotwireless``: In this release, we add additional capabilities for the FUOTA which allows user to configure the fragment size, the sending interval and the redundancy ratio of the FUOTA tasks
* api-change:``location``: This release adds support for using Maps APIs with an API Key in addition to AWS Cognito. This includes support for adding, listing, updating and deleting API Keys.
* api-change:``macie2``: This release adds support for a new finding type, Policy:IAMUser/S3BucketSharedWithCloudFront, and S3 bucket metadata that indicates if a bucket is shared with an Amazon CloudFront OAI or OAC.
* api-change:``wafv2``: You can now associate an AWS WAF v2 web ACL with an AWS App Runner service.
1.27.77
=======
* api-change:``chime-sdk-voice``: This release introduces support for Voice Connector media metrics in the Amazon Chime SDK Voice namespace
* api-change:``cloudfront``: CloudFront now supports block lists in origin request policies so that you can forward all headers, cookies, or query string from viewer requests to the origin *except* for those specified in the block list.
* api-change:``datasync``: AWS DataSync has relaxed the minimum length constraint of AccessKey for Object Storage locations to 1.
* api-change:``opensearch``: This release lets customers configure Off-peak window and software update related properties for a new/existing domain. It enhances the capabilities of StartServiceSoftwareUpdate API; adds 2 new APIs - ListScheduledActions & UpdateScheduledAction; and allows Auto-tune to make use of Off-peak window.
* api-change:``rum``: CloudWatch RUM now supports CloudWatch Custom Metrics
* api-change:``ssm``: Document only update for Feb 2023
1.27.76
=======
* api-change:``quicksight``: S3 data sources now accept a custom IAM role.
* api-change:``resiliencehub``: In this release we improved resilience hub application creation and maintenance by introducing new resource and app component crud APIs, improving visibility and maintenance of application input sources and added support for additional information attributes to be provided by customers.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
* api-change:``tnb``: This is the initial SDK release for AWS Telco Network Builder (TNB). AWS Telco Network Builder is a network automation service that helps you deploy and manage telecom networks.
1.27.75
=======
* api-change:``auditmanager``: This release introduces a ServiceQuotaExceededException to the UpdateAssessmentFrameworkShare API operation.
* api-change:``connect``: Reasons for failed diff has been approved by SDK Reviewer
1.27.74
=======
* api-change:``apprunner``: This release supports removing MaxSize limit for AutoScalingConfiguration.
* api-change:``glue``: Release of Delta Lake Data Lake Format for Glue Studio Service
1.27.73
=======
* api-change:``emr``: Update emr command to latest version
* api-change:``grafana``: With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces
* api-change:``ivs``: Doc-only update. Updated text description in DeleteChannel, Stream, and StreamSummary.
* api-change:``wafv2``: Added a notice for account takeover prevention (ATP). The interface incorrectly lets you to configure ATP response inspection in regional web ACLs in Region US East (N. Virginia), without returning an error. ATP response inspection is only available in web ACLs that protect CloudFront distributions.
1.27.72
=======
* api-change:``cloudtrail``: This release adds an InsufficientEncryptionPolicyException type to the StartImport endpoint
* api-change:``efs``: Update efs command to latest version
* api-change:``frauddetector``: This release introduces Lists feature which allows customers to reference a set of values in Fraud Detector's rules. With Lists, customers can dynamically manage these attributes in real time. Lists can be created/deleted and its contents can be modified using the Fraud Detector API.
* api-change:``glue``: Fix DirectJDBCSource not showing up in CLI code gen
* api-change:``privatenetworks``: This release introduces a new StartNetworkResourceUpdate API, which enables return/replacement of hardware from a NetworkSite.
* api-change:``rds``: Database Activity Stream support for RDS for SQL Server.
* api-change:``wafv2``: For protected CloudFront distributions, you can now use the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group to block new login attempts from clients that have recently submitted too many failed login attempts.
1.26.94
=======
* api-change:``billingconductor``: [``botocore``] This release adds a new filter to ListAccountAssociations API and a new filter to ListBillingGroups API.
* api-change:``config``: [``botocore``] This release adds resourceType enums for types released from October 2022 through February 2023.
* api-change:``dms``: [``botocore``] S3 setting to create AWS Glue Data Catalog. Oracle setting to control conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map boolean from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to control access of database logs.
1.26.93
=======
* api-change:``guardduty``: [``botocore``] Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
* api-change:``resource-explorer-2``: [``botocore``] Documentation updates for APIs.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
1.26.92
=======
* api-change:``migrationhubstrategy``: [``botocore``] This release adds the binary analysis that analyzes IIS application DLLs on Windows and Java applications on Linux to provide anti-pattern report without configuring access to the source code.
* api-change:``s3control``: [``botocore``] Added support for S3 Object Lambda aliases.
* api-change:``securitylake``: [``botocore``] Make Create/Get/ListSubscribers APIs return resource share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to track status of UpdateDatalake and DeleteDatalake requests.
1.26.91
=======
* api-change:``application-autoscaling``: [``botocore``] Application Auto Scaling customers can now use mathematical functions to customize the metric used with Target Tracking policies within the policy configuration itself, saving the cost and effort of publishing the customizations as a separate metric.
* api-change:``dataexchange``: [``botocore``] This release enables data providers to license direct access to S3 objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data Exchange. Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with them, without creating or managing copies.
* api-change:``directconnect``: [``botocore``] describe-direct-connect-gateway-associations includes a new status, updating, indicating that the association is currently in-process of updating.
* api-change:``ec2``: [``botocore``] This release adds a new DnsOptions key (PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs.
* api-change:``iam``: [``botocore``] Documentation only updates to correct customer-reported issues
* api-change:``keyspaces``: [``botocore``] Adding support for client-side timestamps
1.26.90
=======
* api-change:``appintegrations``: [``botocore``] Adds FileConfiguration to Amazon AppIntegrations CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect from sources such as Microsoft SharePoint.
* api-change:``lakeformation``: [``botocore``] This release updates the documentation regarding Get/Update DataCellsFilter
* api-change:``s3control``: [``botocore``] Added support for cross-account Multi-Region Access Points. Added support for S3 Replication for S3 on Outposts.
* api-change:``tnb``: [``botocore``] This release adds tagging support to the following Network Instance APIs : Instantiate, Update, Terminate.
* api-change:``wisdom``: [``botocore``] This release extends Wisdom CreateKnowledgeBase API to support SharePoint connector type by removing the @required trait for objectField
1.26.89
=======
* api-change:``ivschat``: [``botocore``] This release adds a new exception returned when calling AWS IVS chat UpdateLoggingConfiguration. Now UpdateLoggingConfiguration can return ConflictException when invalid updates are made in sequence to Logging Configurations.
* api-change:``secretsmanager``: [``botocore``] The type definitions of SecretString and SecretBinary now have a minimum length of 1 in the model to match the exception thrown when you pass in empty values.
1.26.88
=======
* api-change:``codeartifact``: [``botocore``] This release introduces the generic package format, a mechanism for storing arbitrary binary assets. It also adds a new API, PublishPackageVersion, to allow for publishing generic packages.
* api-change:``connect``: [``botocore``] This release adds a new API, GetMetricDataV2, which returns metric data for Amazon Connect.
* api-change:``evidently``: [``botocore``] Updated entity override documentation
* api-change:``networkmanager``: [``botocore``] This update provides example usage for TransitGatewayRouteTableArn.
* api-change:``quicksight``: [``botocore``] This release has two changes: add state persistence feature for embedded dashboard and console in GenerateEmbedUrlForRegisteredUser API; add properties for hidden collapsed row dimensions in PivotTableOptions.
* api-change:``redshift-data``: [``botocore``] Added support for Redshift Serverless workgroup-arn wherever the WorkgroupName parameter is available.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Inference now allows SSM access to customer's model container by setting the "EnableSSMAccess" parameter for a ProductionVariant in CreateEndpointConfig API.
* api-change:``servicediscovery``: [``botocore``] Updated all AWS Cloud Map APIs to provide consistent throttling exception (RequestLimitExceeded)
* api-change:``sesv2``: [``botocore``] This release introduces a new recommendation in Virtual Deliverability Manager Advisor, which detects missing or misconfigured Brand Indicator for Message Identification (BIMI) DNS records for customer sending identities.
1.26.87
=======
* api-change:``athena``: [``botocore``] A new field SubstatementType is added to GetQueryExecution API, so customers have an error free way to detect the query type and interpret the result.
* api-change:``dynamodb``: [``botocore``] Adds deletion protection support to DynamoDB tables. Tables with deletion protection enabled cannot be deleted. Deletion protection is disabled by default, can be enabled via the CreateTable or UpdateTable APIs, and is visible in TableDescription. This setting is not replicated for Global Tables.
* api-change:``ec2``: [``botocore``] Introducing Amazon EC2 C7g, M7g and R7g instances, powered by the latest generation AWS Graviton3 processors and deliver up to 25% better performance over Graviton2-based instances.
* api-change:``lakeformation``: [``botocore``] This release adds two new API support "GetDataCellsFiler" and "UpdateDataCellsFilter", and also updates the corresponding documentation.
* api-change:``mediapackage-vod``: [``botocore``] This release provides the date and time VOD resources were created.
* api-change:``mediapackage``: [``botocore``] This release provides the date and time live resources were created.
* api-change:``route53resolver``: [``botocore``] Add dual-stack and IPv6 support for Route 53 Resolver Endpoint,Add IPv6 target IP in Route 53 Resolver Forwarding Rule
* api-change:``sagemaker``: [``botocore``] There needs to be a user identity to specify the SageMaker user who perform each action regarding the entity. However, these is a not a unified concept of user identity across SageMaker service that could be used today.
1.26.86
=======
* api-change:``dms``: [``botocore``] This release adds DMS Fleet Advisor Target Recommendation APIs and exposes functionality for DMS Fleet Advisor. It adds functionality to start Target Recommendation calculation.
* api-change:``location``: [``botocore``] Documentation update for the release of 3 additional map styles for use with Open Data Maps: Open Data Standard Dark, Open Data Visualization Light & Open Data Visualization Dark.
1.26.85
=======
* api-change:``account``: [``botocore``] AWS Account alternate contact email addresses can now have a length of 254 characters and contain the character "|".
* api-change:``ivs``: [``botocore``] Updated text description in DeleteChannel, Stream, and StreamSummary.
1.26.84
=======
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB.
* api-change:``ec2``: [``botocore``] This release adds support for a new boot mode for EC2 instances called 'UEFI Preferred'.
* api-change:``macie2``: [``botocore``] Documentation updates for Amazon Macie
* api-change:``mediaconvert``: [``botocore``] The AWS Elemental MediaConvert SDK has improved handling for different input and output color space combinations.
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive adds support for Nielsen watermark timezones.
* api-change:``transcribe``: [``botocore``] Amazon Transcribe now supports role access for these API operations: CreateVocabulary, UpdateVocabulary, CreateVocabularyFilter, and UpdateVocabularyFilter.
1.26.83
=======
* api-change:``iot``: [``botocore``] A recurring maintenance window is an optional configuration used for rolling out the job document to all devices in the target group observing a predetermined start time, duration, and frequency that the maintenance window occurs.
* api-change:``migrationhubstrategy``: [``botocore``] This release updates the File Import API to allow importing servers already discovered by customers with reduced pre-requisites.
* api-change:``organizations``: [``botocore``] This release introduces a new reason code, ACCOUNT_CREATION_NOT_COMPLETE, to ConstraintViolationException in CreateOrganization API.
* api-change:``pi``: [``botocore``] This release adds a new field PeriodAlignment to allow the customer specifying the returned timestamp of time periods to be either the start or end time.
* api-change:``pipes``: [``botocore``] This release fixes some input parameter range and patterns.
* api-change:``sagemaker``: [``botocore``] Add a new field "EndpointMetrics" in SageMaker Inference Recommender "ListInferenceRecommendationsJobSteps" API response.
1.26.82
=======
* api-change:``codecatalyst``: [``botocore``] Published Dev Environments StopDevEnvironmentSession API
* api-change:``pricing``: [``botocore``] This release adds 2 new APIs - ListPriceLists which returns a list of applicable price lists, and GetPriceListFileUrl which outputs a URL to retrieve your price lists from the generated file from ListPriceLists
* api-change:``s3outposts``: [``botocore``] S3 on Outposts introduces a new API ListOutpostsWithS3, with this API you can list all your Outposts with S3 capacity.
1.26.81
=======
* enhancement:Documentation: Splits service documentation into multiple sub-pages for better organization and faster loading time.
* enhancement:Documentation: [``botocore``] Splits service documentation into multiple sub-pages for better organization and faster loading time.
* api-change:``comprehend``: [``botocore``] Amazon Comprehend now supports flywheels to help you train and manage new model versions for custom models.
* api-change:``ec2``: [``botocore``] This release allows IMDS support to be set to v2-only on an existing AMI, so that all future instances launched from that AMI will use IMDSv2 by default.
* api-change:``kms``: [``botocore``] AWS KMS is deprecating the RSAES_PKCS1_V1_5 wrapping algorithm option in the GetParametersForImport API that is used in the AWS KMS Import Key Material feature. AWS KMS will end support for this wrapping algorithm by October 1, 2023.
* api-change:``lightsail``: [``botocore``] This release adds Lightsail for Research feature support, such as GUI session access, cost estimates, stop instance on idle, and disk auto mount.
* api-change:``managedblockchain``: [``botocore``] This release adds support for tagging to the accessor resource in Amazon Managed Blockchain
* api-change:``omics``: [``botocore``] Minor model changes to accomodate batch imports feature
1.26.80
=======
* api-change:``devops-guru``: [``botocore``] This release adds the description field on ListAnomaliesForInsight and DescribeAnomaly API responses for proactive anomalies.
* api-change:``drs``: [``botocore``] New fields were added to reflect availability zone data in source server and recovery instance description commands responses, as well as source server launch status.
* api-change:``internetmonitor``: [``botocore``] CloudWatch Internet Monitor is a a new service within CloudWatch that will help application developers and network engineers continuously monitor internet performance metrics such as availability and performance between their AWS-hosted applications and end-users of these applications
* api-change:``lambda``: [``botocore``] This release adds the ability to create ESMs with Document DB change streams as event source. For more information see https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html.
* api-change:``mediaconvert``: [``botocore``] The AWS Elemental MediaConvert SDK has added support for HDR10 to SDR tone mapping, and animated GIF video input sources.
* api-change:``timestream-write``: [``botocore``] This release adds the ability to ingest batched historical data or migrate data in bulk from S3 into Timestream using CSV files.
1.26.79
=======
* api-change:``connect``: [``botocore``] StartTaskContact API now supports linked task creation with a new optional RelatedContactId parameter
* api-change:``connectcases``: [``botocore``] This release adds the ability to delete domains through the DeleteDomain API. For more information see https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html
* api-change:``redshift``: [``botocore``] Documentation updates for Redshift API bringing it in line with IAM best practices.
* api-change:``securityhub``: [``botocore``] New Security Hub APIs and updates to existing APIs that help you consolidate control findings and enable and disable controls across all supported standards
* api-change:``servicecatalog``: [``botocore``] Documentation updates for Service Catalog
1.26.78
=======
* api-change:``appflow``: [``botocore``] This release enables the customers to choose whether to use Private Link for Metadata and Authorization call when using a private Salesforce connections
* api-change:``ecs``: [``botocore``] This release supports deleting Amazon ECS task definitions that are in the INACTIVE state.
* api-change:``grafana``: [``botocore``] Doc-only update. Updated information on attached role policies for customer provided roles
* api-change:``guardduty``: [``botocore``] Updated API and data types descriptions for CreateFilter, UpdateFilter, and TriggerDetails.
* api-change:``iotwireless``: [``botocore``] In this release, we add additional capabilities for the FUOTA which allows user to configure the fragment size, the sending interval and the redundancy ratio of the FUOTA tasks
* api-change:``location``: [``botocore``] This release adds support for using Maps APIs with an API Key in addition to AWS Cognito. This includes support for adding, listing, updating and deleting API Keys.
* api-change:``macie2``: [``botocore``] This release adds support for a new finding type, Policy:IAMUser/S3BucketSharedWithCloudFront, and S3 bucket metadata that indicates if a bucket is shared with an Amazon CloudFront OAI or OAC.
* api-change:``wafv2``: [``botocore``] You can now associate an AWS WAF v2 web ACL with an AWS App Runner service.
1.26.77
=======
* api-change:``chime-sdk-voice``: [``botocore``] This release introduces support for Voice Connector media metrics in the Amazon Chime SDK Voice namespace
* api-change:``cloudfront``: [``botocore``] CloudFront now supports block lists in origin request policies so that you can forward all headers, cookies, or query string from viewer requests to the origin *except* for those specified in the block list.
* api-change:``datasync``: [``botocore``] AWS DataSync has relaxed the minimum length constraint of AccessKey for Object Storage locations to 1.
* api-change:``opensearch``: [``botocore``] This release lets customers configure Off-peak window and software update related properties for a new/existing domain. It enhances the capabilities of StartServiceSoftwareUpdate API; adds 2 new APIs - ListScheduledActions & UpdateScheduledAction; and allows Auto-tune to make use of Off-peak window.
* api-change:``rum``: [``botocore``] CloudWatch RUM now supports CloudWatch Custom Metrics
* api-change:``ssm``: [``botocore``] Document only update for Feb 2023
1.26.76
=======
* api-change:``quicksight``: [``botocore``] S3 data sources now accept a custom IAM role.
* api-change:``resiliencehub``: [``botocore``] In this release we improved resilience hub application creation and maintenance by introducing new resource and app component crud APIs, improving visibility and maintenance of application input sources and added support for additional information attributes to be provided by customers.
* api-change:``securityhub``: [``botocore``] Documentation updates for AWS Security Hub
* api-change:``tnb``: [``botocore``] This is the initial SDK release for AWS Telco Network Builder (TNB). AWS Telco Network Builder is a network automation service that helps you deploy and manage telecom networks.
1.26.75
=======
* bugfix:SSO: [``botocore``] Fixes aws/aws-cli by using the correct profile name rather than the one set in the session.
* api-change:``auditmanager``: [``botocore``] This release introduces a ServiceQuotaExceededException to the UpdateAssessmentFrameworkShare API operation.
* api-change:``connect``: [``botocore``] Reasons for failed diff has been approved by SDK Reviewer
1.26.74
=======
* api-change:``apprunner``: [``botocore``] This release supports removing MaxSize limit for AutoScalingConfiguration.
* api-change:``glue``: [``botocore``] Release of Delta Lake Data Lake Format for Glue Studio Service
1.26.73
=======
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``grafana``: [``botocore``] With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces
* api-change:``ivs``: [``botocore``] Doc-only update. Updated text description in DeleteChannel, Stream, and StreamSummary.
* api-change:``wafv2``: [``botocore``] Added a notice for account takeover prevention (ATP). The interface incorrectly lets you to configure ATP response inspection in regional web ACLs in Region US East (N. Virginia), without returning an error. ATP response inspection is only available in web ACLs that protect CloudFront distributions.
1.26.72
=======
* api-change:``cloudtrail``: [``botocore``] This release adds an InsufficientEncryptionPolicyException type to the StartImport endpoint
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``frauddetector``: [``botocore``] This release introduces Lists feature which allows customers to reference a set of values in Fraud Detector's rules. With Lists, customers can dynamically manage these attributes in real time. Lists can be created/deleted and its contents can be modified using the Fraud Detector API.
* api-change:``glue``: [``botocore``] Fix DirectJDBCSource not showing up in CLI code gen
* api-change:``privatenetworks``: [``botocore``] This release introduces a new StartNetworkResourceUpdate API, which enables return/replacement of hardware from a NetworkSite.
* api-change:``rds``: [``botocore``] Database Activity Stream support for RDS for SQL Server.
* api-change:``wafv2``: [``botocore``] For protected CloudFront distributions, you can now use the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group to block new login attempts from clients that have recently submitted too many failed login attempts.
1.29.94
=======
* api-change:``billingconductor``: This release adds a new filter to ListAccountAssociations API and a new filter to ListBillingGroups API.
* api-change:``config``: This release adds resourceType enums for types released from October 2022 through February 2023.
* api-change:``dms``: S3 setting to create AWS Glue Data Catalog. Oracle setting to control conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map boolean from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to control access of database logs.
1.29.93
=======
* api-change:``guardduty``: Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
* api-change:``resource-explorer-2``: Documentation updates for APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
1.29.92
=======
* api-change:``migrationhubstrategy``: This release adds the binary analysis that analyzes IIS application DLLs on Windows and Java applications on Linux to provide anti-pattern report without configuring access to the source code.
* api-change:``s3control``: Added support for S3 Object Lambda aliases.
* api-change:``securitylake``: Make Create/Get/ListSubscribers APIs return resource share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to track status of UpdateDatalake and DeleteDatalake requests.
1.29.91
=======
* api-change:``application-autoscaling``: Application Auto Scaling customers can now use mathematical functions to customize the metric used with Target Tracking policies within the policy configuration itself, saving the cost and effort of publishing the customizations as a separate metric.
* api-change:``dataexchange``: This release enables data providers to license direct access to S3 objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data Exchange. Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with them, without creating or managing copies.
* api-change:``directconnect``: describe-direct-connect-gateway-associations includes a new status, updating, indicating that the association is currently in-process of updating.
* api-change:``ec2``: This release adds a new DnsOptions key (PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs.
* api-change:``iam``: Documentation only updates to correct customer-reported issues
* api-change:``keyspaces``: Adding support for client-side timestamps
1.29.90
=======
* api-change:``appintegrations``: Adds FileConfiguration to Amazon AppIntegrations CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect from sources such as Microsoft SharePoint.
* api-change:``lakeformation``: This release updates the documentation regarding Get/Update DataCellsFilter
* api-change:``s3control``: Added support for cross-account Multi-Region Access Points. Added support for S3 Replication for S3 on Outposts.
* api-change:``tnb``: This release adds tagging support to the following Network Instance APIs : Instantiate, Update, Terminate.
* api-change:``wisdom``: This release extends Wisdom CreateKnowledgeBase API to support SharePoint connector type by removing the @required trait for objectField
1.29.89
=======
* api-change:``ivschat``: This release adds a new exception returned when calling AWS IVS chat UpdateLoggingConfiguration. Now UpdateLoggingConfiguration can return ConflictException when invalid updates are made in sequence to Logging Configurations.
* api-change:``secretsmanager``: The type definitions of SecretString and SecretBinary now have a minimum length of 1 in the model to match the exception thrown when you pass in empty values.
1.29.88
=======
* api-change:``codeartifact``: This release introduces the generic package format, a mechanism for storing arbitrary binary assets. It also adds a new API, PublishPackageVersion, to allow for publishing generic packages.
* api-change:``connect``: This release adds a new API, GetMetricDataV2, which returns metric data for Amazon Connect.
* api-change:``evidently``: Updated entity override documentation
* api-change:``networkmanager``: This update provides example usage for TransitGatewayRouteTableArn.
* api-change:``quicksight``: This release has two changes: add state persistence feature for embedded dashboard and console in GenerateEmbedUrlForRegisteredUser API; add properties for hidden collapsed row dimensions in PivotTableOptions.
* api-change:``redshift-data``: Added support for Redshift Serverless workgroup-arn wherever the WorkgroupName parameter is available.
* api-change:``sagemaker``: Amazon SageMaker Inference now allows SSM access to customer's model container by setting the "EnableSSMAccess" parameter for a ProductionVariant in CreateEndpointConfig API.
* api-change:``servicediscovery``: Updated all AWS Cloud Map APIs to provide consistent throttling exception (RequestLimitExceeded)
* api-change:``sesv2``: This release introduces a new recommendation in Virtual Deliverability Manager Advisor, which detects missing or misconfigured Brand Indicator for Message Identification (BIMI) DNS records for customer sending identities.
1.29.87
=======
* api-change:``athena``: A new field SubstatementType is added to GetQueryExecution API, so customers have an error free way to detect the query type and interpret the result.
* api-change:``dynamodb``: Adds deletion protection support to DynamoDB tables. Tables with deletion protection enabled cannot be deleted. Deletion protection is disabled by default, can be enabled via the CreateTable or UpdateTable APIs, and is visible in TableDescription. This setting is not replicated for Global Tables.
* api-change:``ec2``: Introducing Amazon EC2 C7g, M7g and R7g instances, powered by the latest generation AWS Graviton3 processors and deliver up to 25% better performance over Graviton2-based instances.
* api-change:``lakeformation``: This release adds two new API support "GetDataCellsFiler" and "UpdateDataCellsFilter", and also updates the corresponding documentation.
* api-change:``mediapackage-vod``: This release provides the date and time VOD resources were created.
* api-change:``mediapackage``: This release provides the date and time live resources were created.
* api-change:``route53resolver``: Add dual-stack and IPv6 support for Route 53 Resolver Endpoint,Add IPv6 target IP in Route 53 Resolver Forwarding Rule
* api-change:``sagemaker``: There needs to be a user identity to specify the SageMaker user who perform each action regarding the entity. However, these is a not a unified concept of user identity across SageMaker service that could be used today.
1.29.86
=======
* api-change:``dms``: This release adds DMS Fleet Advisor Target Recommendation APIs and exposes functionality for DMS Fleet Advisor. It adds functionality to start Target Recommendation calculation.
* api-change:``location``: Documentation update for the release of 3 additional map styles for use with Open Data Maps: Open Data Standard Dark, Open Data Visualization Light & Open Data Visualization Dark.
1.29.85
=======
* api-change:``account``: AWS Account alternate contact email addresses can now have a length of 254 characters and contain the character "|".
* api-change:``ivs``: Updated text description in DeleteChannel, Stream, and StreamSummary.
1.29.84
=======
* api-change:``dynamodb``: Documentation updates for DynamoDB.
* api-change:``ec2``: This release adds support for a new boot mode for EC2 instances called 'UEFI Preferred'.
* api-change:``macie2``: Documentation updates for Amazon Macie
* api-change:``mediaconvert``: The AWS Elemental MediaConvert SDK has improved handling for different input and output color space combinations.
* api-change:``medialive``: AWS Elemental MediaLive adds support for Nielsen watermark timezones.
* api-change:``transcribe``: Amazon Transcribe now supports role access for these API operations: CreateVocabulary, UpdateVocabulary, CreateVocabularyFilter, and UpdateVocabularyFilter.
1.29.83
=======
* api-change:``iot``: A recurring maintenance window is an optional configuration used for rolling out the job document to all devices in the target group observing a predetermined start time, duration, and frequency that the maintenance window occurs.
* api-change:``migrationhubstrategy``: This release updates the File Import API to allow importing servers already discovered by customers with reduced pre-requisites.
* api-change:``organizations``: This release introduces a new reason code, ACCOUNT_CREATION_NOT_COMPLETE, to ConstraintViolationException in CreateOrganization API.
* api-change:``pi``: This release adds a new field PeriodAlignment to allow the customer specifying the returned timestamp of time periods to be either the start or end time.
* api-change:``pipes``: This release fixes some input parameter range and patterns.
* api-change:``sagemaker``: Add a new field "EndpointMetrics" in SageMaker Inference Recommender "ListInferenceRecommendationsJobSteps" API response.
1.29.82
=======
* api-change:``codecatalyst``: Published Dev Environments StopDevEnvironmentSession API
* api-change:``pricing``: This release adds 2 new APIs - ListPriceLists which returns a list of applicable price lists, and GetPriceListFileUrl which outputs a URL to retrieve your price lists from the generated file from ListPriceLists
* api-change:``s3outposts``: S3 on Outposts introduces a new API ListOutpostsWithS3, with this API you can list all your Outposts with S3 capacity.
1.29.81
=======
* enhancement:Documentation: Splits service documentation into multiple sub-pages for better organization and faster loading time.
* api-change:``comprehend``: Amazon Comprehend now supports flywheels to help you train and manage new model versions for custom models.
* api-change:``ec2``: This release allows IMDS support to be set to v2-only on an existing AMI, so that all future instances launched from that AMI will use IMDSv2 by default.
* api-change:``kms``: AWS KMS is deprecating the RSAES_PKCS1_V1_5 wrapping algorithm option in the GetParametersForImport API that is used in the AWS KMS Import Key Material feature. AWS KMS will end support for this wrapping algorithm by October 1, 2023.
* api-change:``lightsail``: This release adds Lightsail for Research feature support, such as GUI session access, cost estimates, stop instance on idle, and disk auto mount.
* api-change:``managedblockchain``: This release adds support for tagging to the accessor resource in Amazon Managed Blockchain
* api-change:``omics``: Minor model changes to accomodate batch imports feature
1.29.80
=======
* api-change:``devops-guru``: This release adds the description field on ListAnomaliesForInsight and DescribeAnomaly API responses for proactive anomalies.
* api-change:``drs``: New fields were added to reflect availability zone data in source server and recovery instance description commands responses, as well as source server launch status.
* api-change:``internetmonitor``: CloudWatch Internet Monitor is a a new service within CloudWatch that will help application developers and network engineers continuously monitor internet performance metrics such as availability and performance between their AWS-hosted applications and end-users of these applications
* api-change:``lambda``: This release adds the ability to create ESMs with Document DB change streams as event source. For more information see https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html.
* api-change:``mediaconvert``: The AWS Elemental MediaConvert SDK has added support for HDR10 to SDR tone mapping, and animated GIF video input sources.
* api-change:``timestream-write``: This release adds the ability to ingest batched historical data or migrate data in bulk from S3 into Timestream using CSV files.
1.29.79
=======
* api-change:``connect``: StartTaskContact API now supports linked task creation with a new optional RelatedContactId parameter
* api-change:``connectcases``: This release adds the ability to delete domains through the DeleteDomain API. For more information see https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html
* api-change:``redshift``: Documentation updates for Redshift API bringing it in line with IAM best practices.
* api-change:``securityhub``: New Security Hub APIs and updates to existing APIs that help you consolidate control findings and enable and disable controls across all supported standards
* api-change:``servicecatalog``: Documentation updates for Service Catalog
1.29.78
=======
* api-change:``appflow``: This release enables the customers to choose whether to use Private Link for Metadata and Authorization call when using a private Salesforce connections
* api-change:``ecs``: This release supports deleting Amazon ECS task definitions that are in the INACTIVE state.
* api-change:``grafana``: Doc-only update. Updated information on attached role policies for customer provided roles
* api-change:``guardduty``: Updated API and data types descriptions for CreateFilter, UpdateFilter, and TriggerDetails.
* api-change:``iotwireless``: In this release, we add additional capabilities for the FUOTA which allows user to configure the fragment size, the sending interval and the redundancy ratio of the FUOTA tasks
* api-change:``location``: This release adds support for using Maps APIs with an API Key in addition to AWS Cognito. This includes support for adding, listing, updating and deleting API Keys.
* api-change:``macie2``: This release adds support for a new finding type, Policy:IAMUser/S3BucketSharedWithCloudFront, and S3 bucket metadata that indicates if a bucket is shared with an Amazon CloudFront OAI or OAC.
* api-change:``wafv2``: You can now associate an AWS WAF v2 web ACL with an AWS App Runner service.
1.29.77
=======
* api-change:``chime-sdk-voice``: This release introduces support for Voice Connector media metrics in the Amazon Chime SDK Voice namespace
* api-change:``cloudfront``: CloudFront now supports block lists in origin request policies so that you can forward all headers, cookies, or query string from viewer requests to the origin *except* for those specified in the block list.
* api-change:``datasync``: AWS DataSync has relaxed the minimum length constraint of AccessKey for Object Storage locations to 1.
* api-change:``opensearch``: This release lets customers configure Off-peak window and software update related properties for a new/existing domain. It enhances the capabilities of StartServiceSoftwareUpdate API; adds 2 new APIs - ListScheduledActions & UpdateScheduledAction; and allows Auto-tune to make use of Off-peak window.
* api-change:``rum``: CloudWatch RUM now supports CloudWatch Custom Metrics
* api-change:``ssm``: Document only update for Feb 2023
1.29.76
=======
* api-change:``quicksight``: S3 data sources now accept a custom IAM role.
* api-change:``resiliencehub``: In this release we improved resilience hub application creation and maintenance by introducing new resource and app component crud APIs, improving visibility and maintenance of application input sources and added support for additional information attributes to be provided by customers.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
* api-change:``tnb``: This is the initial SDK release for AWS Telco Network Builder (TNB). AWS Telco Network Builder is a network automation service that helps you deploy and manage telecom networks.
1.29.75
=======
* bugfix:SSO: Fixes aws/aws-cli by using the correct profile name rather than the one set in the session.
* api-change:``auditmanager``: This release introduces a ServiceQuotaExceededException to the UpdateAssessmentFrameworkShare API operation.
* api-change:``connect``: Reasons for failed diff has been approved by SDK Reviewer
1.29.74
=======
* api-change:``apprunner``: This release supports removing MaxSize limit for AutoScalingConfiguration.
* api-change:``glue``: Release of Delta Lake Data Lake Format for Glue Studio Service
1.29.73
=======
* api-change:``emr``: Update emr client to latest version
* api-change:``grafana``: With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces
* api-change:``ivs``: Doc-only update. Updated text description in DeleteChannel, Stream, and StreamSummary.
* api-change:``wafv2``: Added a notice for account takeover prevention (ATP). The interface incorrectly lets you to configure ATP response inspection in regional web ACLs in Region US East (N. Virginia), without returning an error. ATP response inspection is only available in web ACLs that protect CloudFront distributions.
1.29.72
=======
* api-change:``cloudtrail``: This release adds an InsufficientEncryptionPolicyException type to the StartImport endpoint
* api-change:``efs``: Update efs client to latest version
* api-change:``frauddetector``: This release introduces Lists feature which allows customers to reference a set of values in Fraud Detector's rules. With Lists, customers can dynamically manage these attributes in real time. Lists can be created/deleted and its contents can be modified using the Fraud Detector API.
* api-change:``glue``: Fix DirectJDBCSource not showing up in CLI code gen
* api-change:``privatenetworks``: This release introduces a new StartNetworkResourceUpdate API, which enables return/replacement of hardware from a NetworkSite.
* api-change:``rds``: Database Activity Stream support for RDS for SQL Server.
* api-change:``wafv2``: For protected CloudFront distributions, you can now use the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group to block new login attempts from clients that have recently submitted too many failed login attempts.
3.1.1 (2023.03.17)
What's Changed
* mirror doc changes from recog-ruby by @TomSellers in #547
3.1.0 (2023.03.17)
What's Changed
* DHCP fingerprints for Aruba sensors by @dmoinescu-r7 in #500
* New matches for Apple Boot Service Discovery Protocol by @modoyle-r7 in
#501
* DHCP fingeprints for devices of unknown type/model by @dmoinescu-r7 in
#502
* CI Workflow: add Ruby 3.1 and make lower JRuby version flexible by
@mkienow-r7 in #504
* Update for Rumble to runZero rebrand by @mkienow-r7 in #506
* Correct Zebra vendor and minor fingerprint param changes by @mkienow-r7 in
#505
* DHCP fingerprint for ChromeOS devices by @dmoinescu-r7 in #507
* DHCP fingerprint for Compaq Remote Insight by @dmoinescu-r7 in #508
* Update workflow action versions by @mkienow-r7 in #509
* New DHCP fingerprints for Cisco VoIP Devices by @modoyle-r7 in #511
* Add OWASP Zed Attack Proxy API web UI fingerprints by @mkienow-r7 in #512
* Add OpenKM Document Management System HTML title fingerprint by
@mkienow-r7 in #513
* Add MGT-COMMERCE GmbH CloudPanel fingerprints by @mkienow-r7 in #514
* Castopod favicon fingerprint by @todb in #516
* Add FileRun fingerprints by @mkienow-r7 in #515
* Add darkstat fingerprints by @mkienow-r7 in #518
* Add darkhttpd HTTP server fingerprint by @mkienow-r7 in #519
* Add ntopng HTTP server fingerprints by @mkienow-r7 in #520
* Add Bitwarden Server fingerprints by @mkienow-r7 in #522
* Add Vaultwarden fingerprints by @mkienow-r7 in #523
* Add Cacti fingerprints by @mkienow-r7 in #524
* Add Server Technology Sentry Switched device fingerprints by @mkienow-r7
in #527
* DHCP fingerprint for Dell Wyse-1000 thin client by @dmoinescu-r7 in #526
* Add ManageEngine ServiceDesk Plus fingerprints by @mkienow-r7 in #528
* Add ManageEngine ServiceDesk Plus MSP HTML title fingerprint by
@mkienow-r7 in #529
* Add ManageEngine Active Directory 360 (AD360) HTTP cookie fingerprint by
@mkienow-r7 in #530
* Add ManageEngine ADManager Plus fingerprints by @mkienow-r7 in #531
* Update existing ManageEngine ADAudit Plus and add HTTP Cookies
fingerprints by @mkienow-r7 in #532
* Add Control Web Panel (formerly CentOS Web Panel) fingerprints by
@mkienow-r7 in #525
* Add Cambium Wireless Access Point to dhcp_vendor_class by @modoyle-r7 in
#534
* Add another ManageEngine ADSelfService Plus cookie fingerprint by
@mkienow-r7 in #533
* Add ManageEngine Analytics Plus fingerprints by @mkienow-r7 in #535
* Add ManageEngine AssetExplorer fingerprints by @mkienow-r7 in #536
* Add Fortra GoAnywhere MFT fingerprints by @mkienow-r7 in #539
* Add Avaya E129 to dhcp_vendor_class by @modoyle-r7 in #538
* Add ManageEngine Endpoint Central HTML title fingerprint by @mkienow-r7 in
#540
* Add ManageEngine SupportCenter Plus fingerprints by @mkienow-r7 in #541
* Add Atlassian Jira v9.6.0 favicon fingerprint by @mkienow-r7 in #542
* Add Atlassian Jira Service Management favicon fingerprint by @mkienow-r7
in #543
* Added LG TV to dhcp_vendor_class by @modoyle-r7 in #544
* Add Zebra Label Printer to dhcp_vendor_class by @modoyle-r7 in #546
* Added Cisco Telepresence Peripheral to dhcp_vendor_class by @modoyle-r7 in
#548
* Added ShoreTel IP Phone to dhcp_vendor_class by @modoyle-r7 in #549
* Cross language compatibility: case insensitivity flag by @TomSellers in
#552
* Add ConnectWise R1Soft Server Backup Manager fingerprints by @mkienow-r7
in #551
* Added Juniper SSL VPN to dhcp_vendor_class by @modoyle-r7 in #553
* Add Set-Cookie fingerprint for Laravel by @adfoster-r7 in #555
* Add favicon hash for drupal 9.2 plus by @adfoster-r7 in #556
New Contributors
* @todb made their first contribution in #516
* @adfoster-r7 made their first contribution in #555
pkgsrc changes:
---------------
* remove go 1.20 restriction since this release fix the issue.
upstream changes:
-----------------
v1.23.2 Latest
Bugfixes:
o #8749: Relay listener does not restart sometimes
Enhancements:
o #8660: GUI editor for xattr filter patterns
o #8781: gui: Remove duplicate Spanish translation
Other issues:
o #8768: Update quic-go for Go 1.20
==============================
Release Notes for Samba 4.17.6
March 09, 2023
==============================
This is the latest stable release of the Samba 4.17 release series.
Changes since 4.17.5
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 15314: streams_xattr is creating unexpected locks on folders.
o Andrew Bartlett <abartlet@samba.org>
* BUG 10635: Use of the Azure AD Connect cloud sync tool is now supported for
password hash synchronisation, allowing Samba AD Domains to synchronise
passwords with this popular cloud environment.
o Ralph Boehme <slow@samba.org>
* BUG 15299: Spotlight doesn't work with latest macOS Ventura.
o Volker Lendecke <vl@samba.org>
* BUG 15310: New samba-dcerpc architecture does not scale gracefully.
o John Mulligan <jmulligan@redhat.com>
* BUG 15307: vfs_ceph incorrectly uses fsp_get_io_fd() instead of
fsp_get_pathref_fd() in close and fstat.
o Noel Power <noel.power@suse.com>
* BUG 15293: With clustering enabled samba-bgqd can core dump due to use
after free.
o baixiangcpp <baixiangcpp@gmail.com>
* BUG 15311: fd_load() function implicitly closes the fd where it should not.
--- 9.18.13 released ---
6120. [bug] Use two pairs of dns_db_t and dns_dbversion_t in a
catalog zone structure to avoid a race between the
dns__catz_update_cb() and dns_catz_dbupdate_callback()
functions. [GL #3907]
6119. [bug] Make sure to revert the reconfigured zones to the
previous version of the view, when the new view
reconfiguration fails during the configuration of
one of the configured zones. [GL #3911]
6116. [bug] Fix error path cleanup issues in dns_catz_new_zones()
and dns_catz_new_zone() functions. [GL #3900]
6115. [bug] Unregister db update notify callback before detaching
from the previous db inside the catz update notify
callback. [GL #3777]
6114. [func] Run the catalog zone update process on the offload
threads. [GL #3881]
6113. [func] Add shutdown signaling for catalog zones. [GL !7571]
6112. [func] Add reference count tracing for dns_catz_zone_t and
dns_catz_zones_t. [GL !7570]
6105. [bug] Detach 'rpzs' and 'catzs' from the previous view in
configure_rpz() and configure_catz(), respectively,
just after attaching it to the new view. [GL #3880]
6098. [test] Don't test HMAC-MD5 when not supported by libcrypto.
[GL #3871]
6096. [bug] Fix RPZ reference counting error on shutdown in
dns__rpz_timer_cb(). [GL #3866]
6095. [test] Test various 'islands of trust' configurations when
using managed keys. [GL #3662]
6094. [bug] Building against (or running with) libuv versions
1.35.0 and 1.36.0 is now a fatal error. The rules for
mixing and matching compile-time and run-time libuv
versions have been tightened for libuv versions between
1.35.0 and 1.40.0. [GL #3840]
6092. [bug] dnssec-cds failed to cleanup properly. [GL #3831]
6089. [bug] Source ports configured for query-source,
transfer-source, etc, were being ignored. (This
feature is deprecated, but it is not yet removed,
so the bug still needed fixing.) [GL #3790]
--- 9.16.39 released ---
6119. [bug] Make sure to revert the reconfigured zones to the
previous version of the view, when the new view
reconfiguration fails during the configuration of
one of the configured zones. [GL #3911]
6116. [bug] Fix error path cleanup issue in the dns_catz_new_zones()
function. [GL #3900]
6115. [bug] Unregister db update notify callback before detaching
from the previous db inside the catz update notify
callback. [GL #3777]
6105. [bug] Detach 'rpzs' and 'catzs' from the previous view in
configure_rpz() and configure_catz(), respectively,
just after attaching it to the new view. [GL #3880]
6098. [test] Don't test HMAC-MD5 when not supported by libcrypto.
[GL #3871]
6095. [test] Test various 'islands of trust' configurations when
using managed keys. [GL #3662]
6094. [bug] Building against (or running with) libuv versions
1.35.0 and 1.36.0 is now a fatal error. The rules for
mixing and matching compile-time and run-time libuv
versions have been tightened for libuv versions between
1.35.0 and 1.40.0. [GL #3840]
The distribution includes a broken NEWS file that refers to a non-existant
version 2.3.4, and a ChangeLog that has not been updated since 2020, so it is
assumed that the following changes are in this release, even though the version
number is wrong. This update is primarily for the Solaris build fix.
2.3.4 ????-??-??
pst3.c: Fix build issue on Solaris (#537)
check_log: Fix error message for systems that don't use bash (#539)
Primarily came here to fix builds on systems where SSL is not in base, as the
configure script aborts if it can't find SSL, however we might as well update
to the latest version while here. SSL support is now properly optional.
4.4.10 - 2023-01-17
-------------------
FIXES
* Fix memory leak in nagiostats.c when using -c, -s, -d, or -D multiple times (#888)
* Improve service scheduling at startup (#887)
* Improve compilation/reduce warnings when using Clang 16 (#889)
* Improve compilation on other, stricter C99 compilers (#890)
2.7.4
- BUG/MINOR: mworker: stop doing strtok directly from the env
- BUG/MEDIUM: mworker: prevent inconsistent reload when upgrading from old versions
- BUG/MEDIUM: mworker: don't register mworker_accept_wrapper() when master FD is wrong
- MINOR: startup: HAPROXY_STARTUP_VERSION contains the version used to start
- BUG/MINOR: lua/httpclient: missing free in hlua_httpclient_send()
- BUG/MEDIUM: httpclient/lua: fix a race between lua GC and hlua_ctx_destroy
- BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached
- BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping
- BUG/MINOR: sched: properly report long_rq when tasks remain in the queue
- BUG/MEDIUM: sched: allow a bit more TASK_HEAVY to be processed when needed
- MINOR: h3/hq-interop: handle no data in decode_qcs() with FIN set
- BUG/MINOR: mux-quic: transfer FIN on empty STREAM frame
- BUG/MINOR: mworker: prevent incorrect values in uptime
- MINOR: h3: add traces on decode_qcs callback
- BUG/MINOR: quic: Possible unexpected counter incrementation on send*() errors
- MINOR: quic: Add new traces about by connection RX buffer handling
- MINOR: quic: Move code to wakeup the timer task to avoid anti-amplication deadlock
- BUG/MINOR: quic: Really cancel the connection timer from qc_set_timer()
- MINOR: quic: Simplication for qc_set_timer()
- MINOR: quic: Kill the connections on ICMP (port unreachable) packet receipt
- MINOR: quic: Add traces to qc_kill_conn()
- MINOR: quic: Make qc_dgrams_retransmit() return a status.
- BUG/MINOR: quic: Missing call to task_queue() in qc_idle_timer_do_rearm()
- MINOR: quic: Add a trace to identify connections which sent Initial packet.
- MINOR: quic: Add <pto_count> to the traces
- BUG/MINOR: quic: Do not probe with too little Initial packets
- BUG/MINOR: quic: Wrong initialization for io_cb_wakeup boolean
- BUG/MINOR: quic: Do not drop too small datagrams with Initial packets
- BUG/MINOR: quic: Missing padding for short packets
- MINOR: quic: adjust request reject when MUX is already freed
- BUG/MINOR: quic: also send RESET_STREAM if MUX released
- BUG/MINOR: quic: acknowledge STREAM frame even if MUX is released
- BUG/MINOR: h3: prevent hypothetical demux failure on int overflow
- MEDIUM: h3: enforce GOAWAY by resetting higher unhandled stream
- MINOR: mux-quic: define qc_shutdown()
- MINOR: mux-quic: define qc_process()
- MINOR: mux-quic: implement client-fin timeout
- MEDIUM: mux-quic: properly implement soft-stop
- MINOR: quic: mark quic-conn as jobs on socket allocation
- MEDIUM: quic: trigger fast connection closing on process stopping
- MINOR: mux-h2/traces: do not log h2s pointer for dummy streams
- MINOR: mux-h2/traces: add a missing TRACE_LEAVE() in h2s_frt_handle_headers()
- BUG/MEDIUM: quic: Missing TX buffer draining from qc_send_ppkts()
- DOC: config: Fix description of options about HTTP connection modes
- DOC: config: Add the missing tune.fail-alloc option from global listing
- REGTESTS: Fix ssl_errors.vtc script to wait for connections close
- BUG/MINOR: cache: Cache response even if request has "no-cache" directive
- BUG/MINOR: cache: Check cache entry is complete in case of Vary
- BUILD: quic: 32-bits compilation issue with %zu in quic_rx_pkts_del()
- BUG/MINOR: ring: do not realign ring contents on resize
- BUILD: thead: Fix several 32 bits compilation issues with uint64_t variables
- BUG/MEDIUM: fd: avoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list
- BUG/MEDIUM: h1-htx: Never copy more than the max data allowed during parsing
- DOC: config: Clarify the meaning of 'hold' in the 'resolvers' section
- BUG/MINOR: fd: used the update list from the fd's group instead of tgid
- BUG/MEDIUM: fd: make fd_delete() support being called from a different group
- CLEANUP: listener: only store conn counts for local threads
- MEDIUM: quic: improve fatal error handling on send
- MINOR: quic: consider EBADF as critical on send()
- BUG/MEDIUM: connection: Clear flags when a conn is removed from an idle list
- BUG/MINOR: mux-h1: Don't report an error on an early response close
- BUG/MINOR: http-check: Don't set HTX_SL_F_BODYLESS flag with a log-format body
- BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory
- MINOR: quic: simplify return path in send functions
- MINOR: quic: implement qc_notify_send()
- MINOR: quic: purge txbuf before preparing new packets
- MEDIUM: quic: implement poller subscribe on sendto error
- MINOR: quic: notify on send ready
- BUG/MINOR: http-ana: Don't increment conn_retries counter before the L7 retry
- BUG/MINOR: http-ana: Do a L7 retry on read error if there is no response
- BUG/MINOR: mxu-h1: Report a parsing error on abort with pending data
- BUG/MINOR: ssl: Use 'date' instead of 'now' in ocsp stapling callback
- MINOR: ssl: rename confusing ssl_bind_kws
- BUG/MINOR: config: crt-list keywords mistaken for bind ssl keywords
- BUG/MEDIUM: quic: properly handle duplicated STREAM frames
- BUG/MINOR: cli: fix CLI handler "set anon global-key" call
- BUG/MINOR: quic: Do not send too small datagrams (with Initial packets)
- MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams
- BUG/MINOR: quic: Ensure to be able to build datagrams to be retransmitted
- BUG/MINOR: quic: v2 Initial packets decryption failed
- MINOR: quic: Add traces about QUIC TLS key update
- BUG/MINOR: quic: Remove force_ack for Initial,Handshake packets
- BUG/MINOR: quic: Ensure not to retransmit packets with no ack-eliciting frames
- BUG/MINOR: quic: Do not resend already acked frames
- BUG/MINOR: quic: Missing detections of amplification limit reached
- MINOR: quic: Send PING frames when probing Initial packet number space
- BUG/MEDIUM: quic: do not crash when handling STREAM on released MUX
- BUG/MAJOR: fd/thread: fix race between updates and closing FD
- BUG/MINOR: mux-quic: properly init STREAM frame as not duplicated
- MINOR: quic: Do not accept wrong active_connection_id_limit values
- MINOR: quic: Store the next connection IDs sequence number in the connection
- MINOR: quic: Typo fix for ACK_ECN frame
- MINOR: quic: RETIRE_CONNECTION_ID frame handling (RX)
- MINOR: quic: Useless TLS context allocations in qc_do_rm_hp()
- MINOR: quic: Add spin bit support
- MINOR: quic: Add transport parameters to "show quic"
- MINOR: h3: add traces on h3_init_uni_stream() error paths
- MINOR: quic: create a global list dedicated for closing QUIC conns
- MINOR: quic: handle new closing list in show quic
- MEDIUM: quic: release closing connections on stopping
- BUG/MINOR: quic: Wrong RETIRE_CONNECTION_ID sequence number check
- MINOR: fd/cli: report the polling mask in "show fd"
- MINOR: quic: Do not stress the peer during retransmissions of lost packets
- BUG/MINOR: init: properly detect NUMA bindings on large systems
- BUG/MINOR: thread: report thread and group counts in the correct order
- BUG/MAJOR: fd/threads: close a race on closing connections after takeover
- BUG/MINOR: mworker: use MASTER_MAXCONN as default maxconn value
- BUG/MINOR: quic: Missing listener accept queue tasklet wakeups
- MINOR: quic_sock: un-statify quic_conn_sock_fd_iocb()
- DOC/CLEANUP: fix typos
Overview of changes in 2.6.1
New features
Dynamic TLS Crypt When both peers are OpenVPN 2.6.1+, OpenVPN will dynamically create a tls-crypt key that is used for renegotiation. This ensure that only the previously authenticated peer can do trigger renegotiation and complete renegotiations.
CryptoAPI (Windows): support issuer name as a selector. Certificate selection string can now specify a partial issuer name string as "--cryptoapicert ISSUER:<string>" where <string> is matched as a substring of the issuer (CA) name in the certificate.
User visible changes
on crypto initialization, move old "quite verbose" messages to --verb 4 and only print a more compact summary about crypto and timing parameters by default
configure now enables DCO build by default on FreeBSD and Linux, which brings in a default dependency for libnl-genl (for Linux distributions that are too old to have this library, use "configure --disable-dco")
make "configure --help" output more consistent
CryptoAPI (Windows): remove support code for OpenSSL before 3.0.1 (this will not affect official OpenVPN for Windows installers, as they will always be built with OpenSSL 3.0.x)
CryptoAPI (Windows): log the selected certificate's name
"configure" now uses "subdir-objects", for automake >= 1.16 (less warnings for recent-enough automake versions, will change the way .o files are created)
Bugfixes / minor improvements
fixed old IPv6 ifconfig race condition for FreeBSD 12.4
fix compile-time breakage related to DCO defines on FreeBSD 14
enforce minimum packet size for "--fragment" (avoid division by zero)
some alignment fixes to avoid unaligned memory accesses, which will bring problems on some architectures (Sparc64, some ARM versions) - found by USAN clang checker
windows source code fixes to reduce number of compile time warnings (eventual goal is to be able to compile with -Werror on MinGW), mostly related to signed/unsigned char * conversions, printf() format specifiers and unused variables.
avoid endless loop on logging with --management + --verb 6+
build (but not run) unit tests on MinGW cross compiles, and run them when building with GitHub Actions.
add unit test for parts of cryptoapi.c
add debug logging to help with diagnosing windows driver selection
disable DCO if proxy config is set via management interface
do not crash on Android if run without --management
improve documentation about cipher negotiation and OpenVPN3
for x86 windows builds, use proper calling conventions for dco-win (__stdcall)
differentiate "dhcp-option ..." options into "needs an interface with true DHCP service" (tap-windows) and "can also be installed by IPAPI or service, and can be used on non-DHCP interfaces" (wintun, dco-win)
windows interactive service: fix possible double-free if "--block-dns" installation fails due to "security products" interfering
"make dist": package ovpn_dco_freebsd.h to permit building from tarballs on FreeBSD 14
3.63.2 (2023-02-23)
- macOS: Several rendering fixes in dark mode
- macOS: Disable automatic quote/dash substitution in text input fields
- MSW: Fixed an issue with Drag&Drop to Explorer on systems that use shortened 8.3 pathnames in environment variables
- MSW: If FileZilla was installed for current user only, updating with the installer now skips the UAC prompt
- Updated to libfilezilla 0.41.1 to fix a rare crash
- Official binaries are now built againt GnuTLS 3.8.0
Breaking Change
- The previous behaviour of running the download job with the base command has
been moved into its own subcommand run in order to accommodate some features
I plan to add in the future.
Added
--dry-run flag to get a list of releases Bandsnatch would try to download,
without actually downloading them.
--debug flag to get some extra information in certain circumstances (Might be
changed to --verbose in the future if I change my mind).
Fixed
- Fix problem where some releases could crash a thread with missing field
'download_type'.
Changed
- New run subcommand which replaces the previous functionality of running the
downloader on the base command.
Highlight summary:
- New HLS, DASH and Microsoft Smooth Streaming adaptive streaming clients
adaptivemux2, which requires a "streams-aware" container to work.
- videoconvert and videoscale were combined to videoconvertscale
- xingmux was moved to plugins-good
Many improvements listed at
https://gstreamer.freedesktop.org/releases/1.22/
DNSControl is a system for maintaining DNS zones. It has two parts: a
domain specific language (DSL) for describing DNS zones plus software
that processes the DSL and pushes the resulting zones to DNS providers
such as Route53, Cloudflare, and Gandi. It can send the same DNS
records to multiple providers. It even generates the most beautiful
BIND zone files ever. It runs anywhere Go runs (Linux, macOS,
Windows). The provider model is extensible, so more providers can be
added.
https://dnscontrol.org/
Release v1.51.3
This release is a Python-only patch to release universal2 Mac OS artifacts compatible with both x86 and arm64.
Release v1.51.2
Upgraded Boring SSL to address CVE-2023-0286
0.11.1
Released on 07/03/2022
- Issue 150
- fixed config directory not being created
- before setting default ssh config path; check wheter it actually exists
- Security:
- removed remove_dir_all crate with tempfile 3.4
- Dependencies:
- Bump ssh2-config to 0.1.6
2023.03.04
Extractor changes
bilibili: Fix for downloading wrong subtitles
ESPNcricinfo: Handle new URL pattern
lefigaro: Add extractors
lumni: Add extractor
Prankcast: Fix tags
rutube: Extract chapters from description
SportDeutschland: Rewrite extractor by pukkandan
telecaribe: Add extractor
tubetugraz: Support --twofactor
tunein: Fix extractors
twitch: Update for GraphQL API changes
twitter: Fix retweet extraction
xvideos: quickies: Add extractor
Misc. changes
build:
Fix publishing to PyPI and homebrew by bashonly
Only archive if vars.ARCHIVE_REPO is set by Grub4K
cleanup: Miscellaneous: 392389b by pukkandan
devscripts: make_changelog: Stop at Release ... commit by pukkandan
2023.03.03
Important changes
- **A new release type has been added!**
* [`nightly`]
* When using `--update`/`-U`, a release binary will only update to its current channel (either `stable` or `nightly`).
* The `--update-to` option has been added allowing the user more control over program upgrades (or downgrades).
* `--update-to` can change the release channel (`stable`, `nightly`) and also upgrade or downgrade to specific tags.
* **Usage**: `--update-to CHANNEL`, `--update-to TAG`, `--update-to CHANNEL@TAG`
- **YouTube throttling fixes!**
Core changes
- [Add option `--break-match-filters`]
- [Fix `--break-on-existing` with `--lazy-playlist`]
- dependencies
- [Simplify `Cryptodome`]
- jsinterp
- [Handle `Date` at epoch 0]
- plugins
- [Don't look in `.egg` directories]
- update
- [Add option `--update-to`, including to nightly]
- utils
- `LenientJSONDecoder`: [Parse unclosed objects]
- `Popen`: [Shim undocumented `text_mode` property]
Extractor changes
- [Fix DRM detection in m3u8]
- generic
- [Detect manifest links via extension]
- [Handle basic-auth when checking redirects]
- GoogleDrive
- [Fix some audio]
- iprima
- [Fix extractor]
- mediastream
- [Improve WinSports support]
- ntvru
- [Extract HLS and DASH formats]
- tencent
- [Add more formats and info]
- yle_areena
- [Extract non-Kaltura videos]
- youtube
- [Construct dash formats with `range` query]
- [Detect and break on looping comments]
- [Extract channel `view_count` when `/about` tab is passed]
Misc. changes
- build
- [Add `cffi` as a dependency for `yt_dlp_linux`]
- [Automated builds and nightly releases]
- [Sign SHA files and release public key]
- cleanup
- [Fix `Changelog`]
- jsinterp: [Give functions names to help debugging]
- Miscellaneous: [4815bbf]
- devscripts
- [Script to generate changelog]
RabbitMQ 3.11.10
Core Server
Bug Fixes
Tag changes could result in a loop of internal events in certain plugins.
Enhancements
Key classic mirrored queue (a deprecated feature) settings now can be overriden with
operator policies.
Contributed by @SimonUnge (AWS).
Management Plugin
Bug Fixes
Individual virtual host page failed to render.
Individual exchange page failed to render.
AMQP 1.0 Plugin
Enhancements
The plugin now supports authentication with JWT tokens (the OAuth 2 authentication backend).
OAuth 2 Plugin
Bug Fixes
The auth_oauth2.preferred_username_claims key in rabbitmq.conf now accepts a list of values.
Dependency Upgrades
ra was upgraded from 2.4.6 to 2.4.9
Things included in since the last patch version:
- up command, which allows you to jump up one heirarchy level in the current
path (move up a directory), whenever the path is not at the root directory
of the host (/)
- Updates the makefile to remove a gnu specific gzip flag
- Line wrapping now wraps at word boundaries
- The width at which to wrap lines can now be set by a configuration
option: :set maxwidth 60 would set the client to wrap lines at 60 characters
The second item, removing the GNU specific flag, is thanks to Jay Williams.
Thanks again so much for your contribution!!
The last 2 items are thanks to code contributions via pull request from
R. Aldan Campbell. Thanks again so much for the contributions!!
upstream changes:
-----------------
* v1.23.1
Bugfixes:
o #8325: "accept: function not implemented" after upgrading to syncthing
v1.20.1
* v1.23.0
Bugfixes:
o #8572: Incorrect rescan interval on auto accepted encrypted folder
o #8646: Perhaps the list of devices contains empty elements
o #8686: Properly indicate whether a connection is "LAN" or not in the GUI
* v1.22.2
Bugfixes:
o #3744: Folders with custom icons not deletable on Windows
o #8570: Incorrect rescan interval when add encrypted folder with watch for
changes enabled
o #8592: Newly added "connection type" icon and text in device info is
slightly misaligned
o #8630: Enabling rate limit drastically reduces network performance
o #8654: Conflicts created on Android on files modified by other devices
o #8657: Xattrs not properly applied to directories, causes rescan/resync
loop
o #8661: webgui complains about not set password in ldap mode
o #8682: syncthing generate command writes the deviceId to stderr instead of
stdout as INFO
Enhancements:
o #2771: Add mailto link to "Show ID" dialog, for sending device ID via email
o #7703: Show if devices have not connected in a long time
o #8638: Use healtcheck endpoint for docker
o #8686: LAN detection via subnetmask
Other issues:
o #8601: Build fails due to setting xattrs that affect SELinux, "permission denied"
o #8679: Bump quic-go
* v1.22.1
Bugfixes:
o #8084: Scope ID should be filtered out of IPv6 addresses when using Remote
GUI
o #8569: Periodic connection losses to webui because docker image doesn't
support upgrade
o #8594: Extended attributes are only synced one way
Enhancements:
o #3987: Private relay server with authentication
o #8244: Show connection type in Remote Devices
o #8430: Add HTTP health check without using API Token
Changelog:
Version 3.2.5
Thursday, February 2, 2023
Features:
+ knotd: new configuration option for enforcing IXFR fallback (see
'zone.provide-ixfr')
Improvements:
+ knotd: changed UNIX socket file mode to 0222 for answering and 0220 for
control
+ mod-probe: new support for communication over a UNIX socket
+ kdig: new support for communication over a UNIX socket
+ libs: upgraded embedded libngtcp2 to 0.13.0
+ doc: various improvements
Bugfixes:
+ knotd: failed to get catalog member configuration if catalog template
is in a template
+ knotd: failed to respond over a UNIX socket with EDNS
+ knotd: unexpected zone update upon restart or zone reload if ZONEMD
generation is enabled
+ knotd: redundant zone flush of unchanged zone if zone file load is
'difference-no-serial'
+ knotd/kxdpgun: failed to receive messages over XDP with drivers tap or
ena
+ knotc: zone check doesn't report missing zone file #829
+ kxdpgun: program crashes when remote closes QUIC connection instead of
resumption
+ mod-geoip: configuration check leaks memory in the geodb mode
+ utils: unwanted color reset sequences in non-color output
Wireshark 4.0.4 Release Notes
What’s New
We do not ship official 32-bit Windows packages for Wireshark 4.0 and
later. If you need to use Wireshark on that platform, we recommend
using the latest 3.6 release. Issue 17779[1]
If you’re running Wireshark on macOS and upgraded to macOS 13 from an
earlier version, you will likely have to open and run the “Uninstall
ChmodBPF” package, then open and run “Install ChmodBPF” in order to
reset the ChmodBPF Launch Daemon. Issue 18734[2].
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2023-08[3] ISO 15765 and ISO 10681 dissector crash.
Issue 18839[4].
The following bugs have been fixed:
• UTF-8 characters end up escaped in PSML output. Issue 10445[5].
• Export filtered displayed packets won’t save IP fragments of SCTP
fragments needed to reassemble a displayed frame. Issue 12597[6].
• DICOM dissection in reassembled PDV goes wrong. Issue 13388[7].
• "Export Objects - IMF" produces incorrect file, TCP reassembly
fails with retransmissions that have additional data. Issue
13523[8].
• The intelligent scroll bar or minimap is not predictable on
locating and scrolling. Issue 13989[9].
• If you mark (or unmark) the currently-selected frame, the packet
details still say it’s not marked (or it is marked) Issue
14330[10].
• An out-of-order packet incorrectly detected as retransmission
breaks desegmentation of TCP stream. Issue 15993[11].
• Sorting Packet Loss Column is not sorting correct. Issue
16785[12].
• Some HTTPS packets cannot be decrypted. Issue 17406[13].
• SIP TCP decoding regression from Wireshark 1.99.0 to 3.6.8. Issue
18411[14].
• Frame comments not preserved when using filter to write new pcap
from tshark. Issue 18693[15].
• ChmodBPF not working on macOS Ventura 13.1. Issue 18734[16].
• Wireshark GUI and window manager stuck after setting display
filter. Issue 18809[17].
• Dissector bug, protocol H.261. Issue 18812[18].
• File extension heuristics are case-sensitive. Issue 18821[19].
• Symbolic links to packages in macOS dmg can’t be double-clicked
to install on macOS 13.2. Issue 18830[20].
• Potential memory leak in tshark.c. Issue 18837[21].
• Fuzz job crash output: fuzz-2023-02-05-7303.pcap. Issue
18842[22].
• f5fileinfo: Hardware platforms missing descriptions. Issue
18848[23].
• The lines in the intelligent scrollbar are off by one. Issue
18850[24].
• Wireshark crashes on invalid UDS packet in Lua context. Issue
18865[25].
• TECMP dissector shows the wrong Voltage in Vendor Data. Issue
18871[26].
• UDS: Names of RDTCI subfunctions 0x0b … 0x0e are not correct.
Issue 18873[27].
New and Updated Features
There are no new or updated features in this release.
Removed Features and Support
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ASTERIX, BGP, DHCP, ERF, F5 Ethernet trailer, GMR-1 RR, Gryphon, GSM
SMS, H.261, H.450, ISO 10681, ISO 15765, MIPv6, NAS-5gs, NR RRC, NS
Trace, OptoMMP, PDCP-LTE, PDCP-NR, QSIG, ROHC, RSVP, RTCP, SCTP, SIP,
TCP, TECMP, TWAMP, UDS, and UMTS RLC
ChangeLog:
Arti 1.1.2 — 28 February 2023
Arti 1.1.2 continues our work on onion services, and builds out more of the necessary infrastructure, focusing on backend support for the onion service directories.
We've also done a significant revision on our handling of incoming messages on circuits, to avoid a fair amount of unnecessary copying, and defer message parsing until we're certain that the message type would be acceptable in a given context. Doing this turned up several bugs, which are now fixed too.
Breaking changes in lower level crates
The APIs for tor-cell have changed significantly, to help implement #525 and prepare for #690. This has no downstream implications outside of tor-proto.
Our IntegerMinutes type no longer has an erroneous days() accessor. (This accessor did not work correctly, and actually returned a number of minutes!) (bb2ab7c2a3e0994bb43)
The PartialNetDir::fill_from_previous_netdir() function has changed its argument types and semantics. (f69d7f96ac40dda5)
(Breaking changes in experimental APIs are not noted here.)
New features
We now have the facility to give a helpful "error hint" in response to a given failure. Right now, we use this to improve the error message given for file-system permission errors, so that it suggests either changing the permissions on a directory, or suppressing the error. (#578, #579, !976, !994, !1018)
When we log an error message from inside our code (at "info" or higher), we now make sure to log a full error report, including the cause of the error, its cause, and so on. (#680, !997)
When receiving messages on channels, circuits, and streams, we now defer parsing those messages until we know whether their types are acceptable. This shrinks our attack surface, simplifies our code, and makes our protocol handling less error-prone. (#525, !1008, !1013, !1017)
We now copy relay cell bodies much less than previously. (#7, ca3b33a1afc58b84)
We have support for handling link specifier types verbatim, for cases when we need to use them to contact a rendezvous point or introduction point without checking them. (!1029)
Onion service development
We can now parse onion service descriptors, including all encrypted layers, with support for descriptor-based client authentication. (#744, !999, !1015)
Our network directory code now supports deriving the HsDir directory ring, to find out where onion service descriptors should be uploaded and downloaded. (#687, !1012)
We've refactored our implementation of onion service message extensions into a single place, to save on code and avoid type confusion. (5521df0909ff7afa)
Our internal onion-service Cargo features have been renamed to start with hs-*. We're still using onion-* as the prefix for our high-level onion-service features. ([#756], [!1033])
Infrastructure
All our shell scripts now work when bash is somewhere other than /bin. (!990)
Our check_doc_features script is now a little more reliable. (!1023)
Our coverage tools now perform better checks to make sure they have all of their dependencies. (#776, !1025)
Cleanups, minor features, and bugfixes
The internal data structures in tor-netdir now use the typed_index_collections crate to ensure that the indices for one list are not mis-used as indices into another. (!1004)
We no longer reject authority certificates that contain an unrecognized keyword. (#752, 266c61f7213dbec7)
Our tor-netdoc parsing code now requires the caller to specify handling for unrecognized keywords explicitly, to avoid future instances of bug #752. (!1006)
Several internal APIs and patterns in tor-netdoc have been streamlined. (#760, !1016, !1021)
Make extension-handling code in for onion service message decoding more generic, since we'll reuse it a lot. (!1020)
We now kill off circuits under more circumstances when the other side of the circuit violates the protocol. (#769, #773, !1026)
We now expire router descriptors as soon as any of their internal expiration times has elapsed. Previously, we expired them when all of their expiration times had elapsed, which is incorrect. (#772, !1022)
We are much more careful than previous about validating the correctness of various message types on half-closed streams. Previously, we had separate implementations for message validation; now, we use a single object to check messages in both cases. (#744, !1026)
We now treat a RESOLVED message as closing a half-closed resolve stream. Previously, we left the stream open. (!1026)
Thanks to everyone who has contributed to this release, including Dimitris Apostolou, Emil Engler, and Shady Katy.
Also, our deep thanks to Zcash Community Grants for funding the development of Arti!
v0.47.3 (2023-02-14)
Fix
Hold a strong reference to the query sender start task
v0.47.2 (2023-02-14)
Fix
Missing c extensions with newer poetry
v0.47.1 (2022-12-24)
Fix
The equality checks for DNSPointer and DNSService should be case insensitive
v0.47.0 (2022-12-22)
Feature
Optimize equality checks for DNS records
v0.46.0 (2022-12-21)
Feature
Optimize the dns cache
v0.45.0 (2022-12-20)
Feature
Optimize construction of outgoing packets
v0.44.0 (2022-12-18)
Feature
Optimize dns objects by adding pxd files
v0.43.0 (2022-12-18)
Feature
Optimize incoming parser by reducing call stack
v0.42.0 (2022-12-18)
Feature
Optimize incoming parser by using unpack_from
v0.41.0 (2022-12-18)
Feature
Optimize incoming parser by adding pxd files
v0.40.1 (2022-12-18)
Fix
Fix project name in pyproject.toml
v0.40.0 (2022-12-17)
Feature
Drop async_timeout requirement for python 3.11+
v4.5.2
- BUGFIX: Don't unexpectedly activate queued torrents when prefetching metadata for added magnets (glassez)
- BUGFIX: Update the cached torrent state once recheck is started (glassez)
- BUGFIX: Be more likely to allow the system to use power saving modes (glassez)
- WEBUI: Migrate away from unsafe function (Chocobo1)
- WEBUI: Blacklist bad ciphers for TLS in the server (sledgehammer999)
- WEBUI: Allow only TLS 1.2+ in the server (sledgehammer999)
- WEBUI: Allow to set read-only directory as torrent location (glassez)
- WEBUI: Reject requests that contain backslash in path (glassez)
- RSS: Prevent RSS folder from being moved into itself (glassez)
- WINDOWS: NSIS: Update Turkish, Uzbek translation (Burak Yavuz, shitcod3r)
[1.1.1] - 2023-02-25
- Added new translations of the GUI!
* French, Spanish and Polish
- The last successfully sniffed network adapter is now remembered on application
closure, so that users don't have to manually select it again when restarting
Sniffnet
- Implemented possibility to quit the application pressing crtl+Q keys
- The last opened settings page is now remembered within a given session
- Fixed bug that caused settings configuration not to be permanently saved
across different sessions when closing settings from the 'x' button on the
top right corner
- Textual report is now saved in a fixed directory, instead of using the
directory where the execution was started. The output is now saved in the
same folder containing configuration files storing Sniffnet settings.
The directory is automatically chosen by confy depending on your architecture,
and can be seen hovering on the "Open full report" button.
- When multiple favorite connections are featured per time interval, now it's
possible to receive more than one favorite notification referred to the same
timestamp
- Fixed problem that was causing the Application Protocol picklist placeholder
not being translated
Changes in 2.2.8
================
* NEW: asip-status.pl: IPv6 support; show GSS-UAM SPNEGO blob;
improved layout of output. (3.1 backport)
* NEW: apple_dump: support for EA meta data. (3.1 backport)
* NEW: Import netatalk-doc into the main repo, and overhaul
scripts, man pages and html manual sources.
* UPD: Display the Netatalk Daemon icon with the '-icon' afpd.conf
option for all platforms. GH #214
* UPD: Remove OpenSSL 1.0 backwards compatibility header.
Please use OpenSSL 1.1 or later.
* UPD: configure: Enable DDP, timelord, and a2boot by default. GH #215
* UPD: configure: Disable Quota by default. GH #198
* FIX: afpd: Create tmp files in /tmp rather than / and clean up
after use. Regression in 2.2.7. GH #188
* FIX: Provide MNTTYPE_NFS for Solaris descendents to enable
compiling with Quota. GH #117
* FIX: afpd: reading from file may fail. SF Bug #619 (3.1 backport)
* FIX: timelord: Fall back to timezone when tm_gmtoff is unavailable.
Makes it work on Solaris descendents. GH #194
* FIX: fix largefile-check macro for largefile with clang 16.
* FIX: Typo fixes in user facing strings.
CHANGES (since version 1.0.31)
# 2.0.1
- Show an error if tut can't parse your config. Forgot it in the last release
- More examples in config.example.toml and the man pages
# 2.0.0
- The configuration format is now toml instead of ini, so you'll have to
start from scratch with your config and themes, but most parts are the
same, so it should be quite easy. Sorry for the inconvenience.
- Support for multiple accounts in the same window. Start tut with tut
--user "user1 user2" Use command :login Switch account with Ctrl+N or
Ctrl+P
- New commands for switch accounts :next-acct and :prev-acct
- Editor inside of tut. You can still use $EDITOR but then you'll have
to set editor to that in your config.
- More options for [[general.timelines]] closed = don't open the feed when
you start tut. Use key to open. on-creation-closed = how to open the
new feed if closed. on-focus = how to give it focus
- [open-custom] now has key hints instead of 1, 2, 3, 4 and 5`
- Bug fix for some image viewers that don't like that tut deletes files.
Set delete-temp-files=false if you want tut to wait till you exists tut
to remove all files. If you want to clear the tempfiles while running
tut you can use :clear-temp
- When you run commands inside of tut the new timeline will appear in a
new pane. You can disable this under [general] with
commands-in-new-pane=false
- The title of panes will update automatically. If you want the old
behavior set dynamic-timeline-name=false under [general]
- If your instance supports lists, bold or italic text tut will now render
this
- Show the language of a toot
# 1.0.33
- Make GoToSocial work again
# 1.0.32
- Tut will now get numbers of chars per toot from the instance instead
of from the config. Hence char-limit is removed from the config. It
will also fetch number of poll options and the length of each option
from the instance.
- URLs now has a fixed length set by the instance, so the char count
should now be correct when you are composing toots.
- The API now use WebSocket streams instead of streaming over https.
Should make tut play nicer with GoToSocial.
- Transfers optimized:
- If local/remote file have the same 'last modification time' (mtime),
the file is not transferred
- When the file is exchanged, all times attributes are set (if supported
by the protocol)
- Default ssh config path:
- SSH configuration path is now '~/.ssh/config' by default
- Added ARM64 Linux builds
- Bugfix:
- Fix issue 126
- Fix issue 141
- Bump dependencies
Arti is a project to produce an embeddable, production-quality implementation
of the Tor anonymity protocols in the Rust programming language.
Arti is more flexible than the C tor implementation. Unlike the C tor, which
was designed as SOCKS proxy originally, and whose integration features were
later "bolted on", Arti is designed from the ground up to work as a modular,
embeddable library that other applications can use.
Current Status
Arti can connect to the Tor network, bootstrap a view of the Tor directory,
and make anonymized connections over the network. Now that Arti has reached
version 1.0.0, we believe it is suitable for actual use to anonymise
connections.
There are a number of areas (especially at the lower layers) where APIs
(especially internal APIs) are not stable, and are likely to change them.
Right now that includes the command line interface to the arti program.
And of course it's still very new so there are likely to be bugs.
librsync 2.3.4
This is a patch release that includes an important fix for a bug introduced in v2.3.3 that broke librsync on some platforms. Upgrading from v2.3.3 is strongly recommended for most people, particularly on platforms where the unit tests fail.
2.74.0 - September 15, 2022
- Updated translations
2.74.rc - September 1, 2022
- Support PKCS #12 encrypted certificates
- Various improvements to Meson build system
- Multiple fixes for proxy tests
2.74.beta - August 5, 2022
- Drop environment proxy resolver to lowest priority
- Expose implementation of G_TLS_CHANNEL_BINDING_EXPORTER
- Add build option for environment proxy resolver
2.74.alpha - July 7, 2022
- Add build option for toggling debug logging
- Move gettext() usage out of hot paths
- Fix tests build when using openssl
- Properly free libproxy lookup results and require libproxy 0.4.16
- Add additional validation for proxy lookup results
- Allow using static libraries via meson subprojects
- Updated translations
iperf-3.13 2023-02-16
---------------------
* Notable user-visible changes
* fq-rate, and bidirectional flag were added to the JSON output.
* Added support for OpenBSD including cleaning up endian handling
and support for TCP_INFO on systems where it was implemented.
* Fixed bug in how TOS is set in mapped v4.
* Corrected documentation, such as updating binary download links and text,
updating version on iperf3 websites, and fixing an incorrect error message.
* Fixed crash on rcv-timeout with JSON logfile.
* Fixed a bug that prevented TOS/DSCP from getting set correctly for reverse
tests.
* Developer-visible changes
* Getter and setter are now available for bind_dev.
* Added missing getter for bidirectional tests.
* Added minor changes to clean up .gitignore and error messages.
* Made sure configure scripts are runnable with /bin/sh.
* Cleaned up RPM spec, such as adding missing RPM build dependencies, dropping
EL5 and removing outdated %changelog to make.
* Added a fix for a resource leak bug in function iperf_create_pidfile.
Merge youtube-dl
Fix --concat-playlist
Imply --no-progress when --print
Improve default subtitle language selection
Make title completely non-fatal
Sanitize formats before sorting
Support module level __bool__ and property
Bugfixes in various extractor modules
--- 9.18.12 released ---
6083. [bug] Fix DNSRPS-enabled builds as they were inadvertently
broken by change 6042. [GL #3827]
6082. [test] fuzz/dns_message_checksig leaked memory when shutting
down. [GL #3828]
6081. [bug] Handle primary server address lookup failures in
nsupdate more gracefully. [GL #3830]
6080. [bug] 'named -V' leaked memory. [GL #3829]
6079. [bug] Force set the DS state after a 'rdnc dnssec -checkds'
command. [GL #3822]
6075. [bug] Add missing node lock when setting node->wild in
add_wildcard_magic. [GL #3799]
6074. [func] Refactor the isc_nm_xfr_allowed() function to return
isc_result_t instead of boolean. [GL #3808]
6073. [bug] Set RD=1 on DS requests to parental-agents. [GL #3783]
6072. [bug] Avoid the OpenSSL lock contention when initializing
Message Digest Contexts by using explicit algorithm
fetching, initializing static contexts for every
supported algorithms, and initializing the new context
by copying the static copy. [GL #3795]
6071. [func] The use of "port" when configuring query-source,
transfer-source, notify-source and parental-source
addresses has been deprecated, along with the
use-v[46]-udp-ports and avoid-v[46]-udp-ports
options. A warning will be logged when these
options are used. In a future release, they
will be removed. [GL #3781]
6069. [bug] Detach from the view in zone_shutdown() to
release the memory held by the dead view
early. [GL #3801]
6068. [bug] Downloading a zone via TLS from a server which does
not negotiate "dot" ALPN token could crash BIND
on shutdown. That has been fixed. [GL #3767]
--- 9.16.38 released ---
6083. [bug] Fix DNSRPS-enabled builds as they were inadvertently
broken by change 6042. [GL #3827]
6081. [bug] Handle primary server address lookup failures in
nsupdate more gracefully. [GL #3830]
6080. [bug] 'named -V' leaked memory. [GL #3829]
6079. [bug] Force set the DS state after a 'rdnc dnssec -checkds'
command. [GL #3822]
6075. [bug] Add missing node lock when setting node->wild in
add_wildcard_magic. [GL #3799]
6072. [bug] Avoid the OpenSSL lock contention when initializing
Message Digest Contexts by using explicit algorithm
fetching, initializing static contexts for every
supported algorithms, and initializing the new context
by copying the static copy. [GL #3795]
6069. [bug] Detach from the view in zone_shutdown() to
release the memory held by the dead view
early. [GL #3801]
1.27.71
=======
* api-change:``appconfig``: AWS AppConfig now offers the option to set a version label on hosted configuration versions. Version labels allow you to identify specific hosted configuration versions based on an alternate versioning scheme that you define.
* api-change:``datasync``: With this launch, we are giving customers the ability to use older SMB protocol versions, enabling them to use DataSync to copy data to and from their legacy storage arrays.
* api-change:``ec2``: With this release customers can turn host maintenance on or off when allocating or modifying a supported dedicated host. Host maintenance is turned on by default for supported hosts.
1.27.70
=======
* api-change:``account``: This release of the Account Management API enables customers to view and manage whether AWS Opt-In Regions are enabled or disabled for their Account. For more information, see https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html
* api-change:``appconfigdata``: AWS AppConfig now offers the option to set a version label on hosted configuration versions. If a labeled hosted configuration version is deployed, its version label is available in the GetLatestConfiguration response.
* api-change:``snowball``: Adds support for EKS Anywhere on Snowball. AWS Snow Family customers can now install EKS Anywhere service on Snowball Edge Compute Optimized devices.
1.27.69
=======
* api-change:``autoscaling``: You can now either terminate/replace, ignore, or wait for EC2 Auto Scaling instances on standby or protected from scale in. Also, you can also roll back changes from a failed instance refresh.
* api-change:``connect``: This update provides the Wisdom session ARN for contacts enabled for Wisdom in the chat channel.
* api-change:``ec2``: Adds support for waiters that automatically poll for an imported snapshot until it reaches the completed state.
* api-change:``polly``: Amazon Polly adds two new neural Japanese voices - Kazuha, Tomoko
* api-change:``sagemaker``: Amazon SageMaker Autopilot adds support for selecting algorithms in CreateAutoMLJob API.
* api-change:``sns``: This release adds support for SNS X-Ray active tracing as well as other updates.
1.27.68
=======
* api-change:``chime-sdk-meetings``: Documentation updates for Chime Meetings SDK
* api-change:``emr-containers``: EMR on EKS allows configuring retry policies for job runs through the StartJobRun API. Using retry policies, a job cause a driver pod to be restarted automatically if it fails or is deleted. The job's status can be seen in the DescribeJobRun and ListJobRun APIs and monitored using CloudWatch events.
* api-change:``evidently``: Updated entity overrides parameter to accept up to 2500 overrides or a total of 40KB.
* api-change:``lexv2-models``: Update lexv2-models command to latest version
* api-change:``lexv2-runtime``: Update lexv2-runtime command to latest version
* api-change:``lightsail``: Documentation updates for Lightsail
* api-change:``migration-hub-refactor-spaces``: This release adds support for creating environments with a network fabric type of NONE
* api-change:``workdocs``: Doc only update for the WorkDocs APIs.
* api-change:``workspaces``: Removed Windows Server 2016 BYOL and made changes based on IAM campaign.
1.27.67
=======
* api-change:``backup``: This release added one attribute (resource name) in the output model of our 9 existing APIs in AWS backup so that customers will see the resource name at the output. No input required from Customers.
* api-change:``cloudfront``: CloudFront Origin Access Control extends support to AWS Elemental MediaStore origins.
* api-change:``glue``: DirectJDBCSource + Glue 4.0 streaming options
* api-change:``lakeformation``: This release removes the LFTagpolicyResource expression limits.
1.27.66
=======
* api-change:``transfer``: Updated the documentation for the ImportCertificate API call, and added examples.
1.27.65
=======
* api-change:``compute-optimizer``: AWS Compute optimizer can now infer if Kafka is running on an instance.
* api-change:``customer-profiles``: This release deprecates the PartyType and Gender enum data types from the Profile model and replaces them with new PartyTypeString and GenderString attributes, which accept any string of length up to 255.
* api-change:``frauddetector``: My AWS Service (Amazon Fraud Detector) - This release introduces Cold Start Model Training which optimizes training for small datasets and adds intelligent methods for treating unlabeled data. You can now train Online Fraud Insights or Transaction Fraud Insights models with minimal historical-data.
* api-change:``mediaconvert``: The AWS Elemental MediaConvert SDK has added improved scene change detection capabilities and a bandwidth reduction filter, along with video quality enhancements, to the AVC encoder.
* api-change:``outposts``: Adds OrderType to Order structure. Adds PreviousOrderId and PreviousLineItemId to LineItem structure. Adds new line item status REPLACED. Increases maximum length of pagination token.
1.27.64
=======
* api-change:``proton``: Add new GetResourcesSummary API
* api-change:``redshift``: Corrects descriptions of the parameters for the API operations RestoreFromClusterSnapshot, RestoreTableFromClusterSnapshot, and CreateCluster.
1.27.63
=======
* api-change:``appconfig``: AWS AppConfig introduces KMS customer-managed key (CMK) encryption of configuration data, along with AWS Secrets Manager as a new configuration data source. S3 objects using SSE-KMS encryption and SSM Parameter Store SecureStrings are also now supported.
* api-change:``connect``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: Documentation updates for EC2.
* api-change:``elbv2``: Update elbv2 command to latest version
* api-change:``keyspaces``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``quicksight``: QuickSight support for Radar Chart and Dashboard Publish Options
* api-change:``redshift``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``sso-admin``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.27.62
=======
* api-change:``devops-guru``: This release adds filter support ListAnomalyForInsight API.
* api-change:``forecast``: This release will enable customer select INCREMENTAL as ImportModel in Forecast's CreateDatasetImportJob API. Verified latest SDK containing required attribute, following https://w.amazon.com/bin/view/AWS-Seer/Launch/Trebuchet/
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``mediatailor``: The AWS Elemental MediaTailor SDK for Channel Assembly has added support for program updates, and the ability to clip the end of VOD sources in programs.
* api-change:``sns``: Additional attributes added for set-topic-attributes.
1.27.61
=======
* api-change:``accessanalyzer``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``appsync``: This release introduces the feature to support EventBridge as AppSync data source.
* api-change:``cloudtrail-data``: Add CloudTrail Data Service to enable users to ingest activity events from non-AWS sources into CloudTrail Lake.
* api-change:``cloudtrail``: Add new "Channel" APIs to enable users to manage channels used for CloudTrail Lake integrations, and "Resource Policy" APIs to enable users to manage the resource-based permissions policy attached to a channel.
* api-change:``codeartifact``: This release introduces a new DeletePackage API, which enables deletion of a package and all of its versions from a repository.
* api-change:``connectparticipant``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: This launch allows customers to associate up to 8 IP addresses to their NAT Gateways to increase the limit on concurrent connections to a single destination by eight times from 55K to 440K.
* api-change:``groundstation``: DigIF Expansion changes to the Customer APIs.
* api-change:``iot``: Added support for IoT Rules Engine Cloudwatch Logs action batch mode.
* api-change:``kinesis``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``opensearch``: Amazon OpenSearch Service adds the option for a VPC endpoint connection between two domains when the local domain uses OpenSearch version 1.3 or 2.3. You can now use remote reindex to copy indices from one VPC domain to another without a reverse proxy.
* api-change:``outposts``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``polly``: Amazon Polly adds two new neural American English voices - Ruth, Stephen
* api-change:``sagemaker``: Amazon SageMaker Automatic Model Tuning now supports more completion criteria for Hyperparameter Optimization.
* api-change:``securityhub``: New fields have been added to the AWS Security Finding Format. Compliance.SecurityControlId is a unique identifier for a security control across standards. Compliance.AssociatedStandards contains all enabled standards in which a security control is enabled.
* api-change:``support``: This fixes incorrect endpoint construction when a customer is explicitly setting a region.
1.27.60
=======
* api-change:``clouddirectory``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``cloudformation``: This feature provides a method of obtaining which regions a stackset has stack instances deployed in.
* api-change:``discovery``: Update ImportName validation to 255 from the current length of 100
* api-change:``dlm``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: We add Prefix Lists as a new route destination option for LocalGatewayRoutes. This will allow customers to create routes to Prefix Lists. Prefix List routes will allow customers to group individual CIDR routes with the same target into a single route.
* api-change:``imagebuilder``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``kafka``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``mediaconvert``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``swf``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.27.59
=======
* api-change:``application-autoscaling``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``appstream``: Fixing the issue where Appstream waiters hang for fleet_started and fleet_stopped.
* api-change:``elasticbeanstalk``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``fis``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``glacier``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``greengrass``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``greengrassv2``: Enabled FIPS endpoints for GovCloud (US) in SDK.
* api-change:``mediatailor``: This release introduces the As Run logging type, along with API and documentation updates.
* api-change:``outposts``: Adding support for payment term in GetOrder, CreateOrder responses.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime command to latest version
* api-change:``sagemaker``: This release supports running SageMaker Training jobs with container images that are in a private Docker registry.
* api-change:``serverlessrepo``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.27.58
=======
* api-change:``events``: Update events command to latest version
* api-change:``iotfleetwise``: Add model validation to BatchCreateVehicle and BatchUpdateVehicle operations that invalidate requests with an empty vehicles list.
* api-change:``s3``: Allow FIPS to be used with path-style URLs.
1.27.57
=======
* enhancement:ec2 customization: Update --cidr parameter description to indicate the address range must be IPv4
* api-change:``cloudformation``: Enabled FIPS aws-us-gov endpoints in SDK.
* api-change:``ec2``: This release adds new functionality that allows customers to provision IPv6 CIDR blocks through Amazon VPC IP Address Manager (IPAM) as well as allowing customers to utilize IPAM Resource Discovery APIs.
* api-change:``m2``: Add returnCode, batchJobIdentifier in GetBatchJobExecution response, for user to view the batch job execution result & unique identifier from engine. Also removed unused headers from REST APIs
* api-change:``polly``: Add 5 new neural voices - Sergio (es-ES), Andres (es-MX), Remi (fr-FR), Adriano (it-IT) and Thiago (pt-BR).
* api-change:``redshift-serverless``: Added query monitoring rules as possible parameters for create and update workgroup operations.
* api-change:``s3control``: Add additional endpoint tests for S3 Control. Fix missing endpoint parameters for PutBucketVersioning and GetBucketVersioning. Prior to this fix, those operations may have resulted in an invalid endpoint being resolved.
* api-change:``sagemaker``: SageMaker Inference Recommender now decouples from Model Registry and could accept Model Name to invoke inference recommendations job; Inference Recommender now provides CPU/Memory Utilization metrics data in recommendation output.
* api-change:``sts``: Doc only change to update wording in a key topic
1.27.56
=======
* api-change:``databrew``: Enabled FIPS us-gov-west-1 endpoints in SDK.
* api-change:``route53``: Amazon Route 53 now supports the Asia Pacific (Melbourne) Region (ap-southeast-4) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.
* api-change:``ssm-sap``: This release provides updates to documentation and support for listing operations performed by AWS Systems Manager for SAP.
1.27.55
=======
* enhancement:``gamelift upload-build``: Add ``--server-sdk-version`` parameter to the ``upload-build`` command
* api-change:``lambda``: Release Lambda RuntimeManagementConfig, enabling customers to better manage runtime updates to their Lambda functions. This release adds two new APIs, GetRuntimeManagementConfig and PutRuntimeManagementConfig, as well as support on existing Create/Get/Update function APIs.
* api-change:``sagemaker``: Amazon SageMaker Inference now supports P4de instance types.
1.27.54
=======
* api-change:``ec2``: C6in, M6in, M6idn, R6in and R6idn instances are powered by 3rd Generation Intel Xeon Scalable processors (code named Ice Lake) with an all-core turbo frequency of 3.5 GHz.
* api-change:``ivs``: API and Doc update. Update to arns field in BatchGetStreamKey. Also updates to operations and structures.
* api-change:``quicksight``: This release adds support for data bars in QuickSight table and increases pivot table field well limit.
1.27.53
=======
* api-change:``appflow``: Adding support for Salesforce Pardot connector in Amazon AppFlow.
* api-change:``codeartifact``: Documentation updates for CodeArtifact
* api-change:``connect``: Amazon Connect Chat introduces Persistent Chat, allowing customers to resume previous conversations with context and transcripts carried over from previous chats, eliminating the need to repeat themselves and allowing agents to provide personalized service with access to entire conversation history.
* api-change:``connectparticipant``: This release updates Amazon Connect Participant's GetTranscript api to provide transcripts of past chats on a persistent chat session.
* api-change:``ec2``: Adds SSM Parameter Resource Aliasing support to EC2 Launch Templates. Launch Templates can now store parameter aliases in place of AMI Resource IDs. CreateLaunchTemplateVersion and DescribeLaunchTemplateVersions now support a convenience flag, ResolveAlias, to return the resolved parameter value.
* api-change:``glue``: Release Glue Studio Hudi Data Lake Format for SDK/CLI
* api-change:``groundstation``: Add configurable prepass and postpass times for DataflowEndpointGroup. Add Waiter to allow customers to wait for a contact that was reserved through ReserveContact
* api-change:``logs``: Bug fix - Removed the regex pattern validation from CoralModel to avoid potential security issue.
* api-change:``medialive``: AWS Elemental MediaLive adds support for SCTE 35 preRollMilliSeconds.
* api-change:``opensearch``: This release adds the enhanced dry run option, that checks for validation errors that might occur when deploying configuration changes and provides a summary of these errors, if any. The feature will also indicate whether a blue/green deployment will be required to apply a change.
* api-change:``panorama``: Added AllowMajorVersionUpdate option to OTAJobConfig to make appliance software major version updates opt-in.
* api-change:``sagemaker``: HyperParameterTuningJobs now allow passing environment variables into the corresponding TrainingJobs
1.27.52
=======
* api-change:``cloudwatch``: Update cloudwatch command to latest version
* api-change:``efs``: Update efs command to latest version
* api-change:``ivschat``: Updates the range for a Chat Room's maximumMessageRatePerSecond field.
* api-change:``wafv2``: Improved the visibility of the guidance for updating AWS WAF resources, such as web ACLs and rule groups.
1.26.71
=======
* api-change:``appconfig``: [``botocore``] AWS AppConfig now offers the option to set a version label on hosted configuration versions. Version labels allow you to identify specific hosted configuration versions based on an alternate versioning scheme that you define.
* api-change:``datasync``: [``botocore``] With this launch, we are giving customers the ability to use older SMB protocol versions, enabling them to use DataSync to copy data to and from their legacy storage arrays.
* api-change:``ec2``: [``botocore``] With this release customers can turn host maintenance on or off when allocating or modifying a supported dedicated host. Host maintenance is turned on by default for supported hosts.
1.26.70
=======
* api-change:``account``: [``botocore``] This release of the Account Management API enables customers to view and manage whether AWS Opt-In Regions are enabled or disabled for their Account. For more information, see https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html
* api-change:``appconfigdata``: [``botocore``] AWS AppConfig now offers the option to set a version label on hosted configuration versions. If a labeled hosted configuration version is deployed, its version label is available in the GetLatestConfiguration response.
* api-change:``snowball``: [``botocore``] Adds support for EKS Anywhere on Snowball. AWS Snow Family customers can now install EKS Anywhere service on Snowball Edge Compute Optimized devices.
1.26.69
=======
* api-change:``autoscaling``: [``botocore``] You can now either terminate/replace, ignore, or wait for EC2 Auto Scaling instances on standby or protected from scale in. Also, you can also roll back changes from a failed instance refresh.
* api-change:``connect``: [``botocore``] This update provides the Wisdom session ARN for contacts enabled for Wisdom in the chat channel.
* api-change:``ec2``: [``botocore``] Adds support for waiters that automatically poll for an imported snapshot until it reaches the completed state.
* api-change:``polly``: [``botocore``] Amazon Polly adds two new neural Japanese voices - Kazuha, Tomoko
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Autopilot adds support for selecting algorithms in CreateAutoMLJob API.
* api-change:``sns``: [``botocore``] This release adds support for SNS X-Ray active tracing as well as other updates.
1.26.68
=======
* api-change:``chime-sdk-meetings``: [``botocore``] Documentation updates for Chime Meetings SDK
* api-change:``emr-containers``: [``botocore``] EMR on EKS allows configuring retry policies for job runs through the StartJobRun API. Using retry policies, a job cause a driver pod to be restarted automatically if it fails or is deleted. The job's status can be seen in the DescribeJobRun and ListJobRun APIs and monitored using CloudWatch events.
* api-change:``evidently``: [``botocore``] Updated entity overrides parameter to accept up to 2500 overrides or a total of 40KB.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
* api-change:``lightsail``: [``botocore``] Documentation updates for Lightsail
* api-change:``migration-hub-refactor-spaces``: [``botocore``] This release adds support for creating environments with a network fabric type of NONE
* api-change:``workdocs``: [``botocore``] Doc only update for the WorkDocs APIs.
* api-change:``workspaces``: [``botocore``] Removed Windows Server 2016 BYOL and made changes based on IAM campaign.
1.26.67
=======
* api-change:``backup``: [``botocore``] This release added one attribute (resource name) in the output model of our 9 existing APIs in AWS backup so that customers will see the resource name at the output. No input required from Customers.
* api-change:``cloudfront``: [``botocore``] CloudFront Origin Access Control extends support to AWS Elemental MediaStore origins.
* api-change:``glue``: [``botocore``] DirectJDBCSource + Glue 4.0 streaming options
* api-change:``lakeformation``: [``botocore``] This release removes the LFTagpolicyResource expression limits.
1.26.66
=======
* api-change:``transfer``: [``botocore``] Updated the documentation for the ImportCertificate API call, and added examples.
1.26.65
=======
* api-change:``compute-optimizer``: [``botocore``] AWS Compute optimizer can now infer if Kafka is running on an instance.
* api-change:``customer-profiles``: [``botocore``] This release deprecates the PartyType and Gender enum data types from the Profile model and replaces them with new PartyTypeString and GenderString attributes, which accept any string of length up to 255.
* api-change:``frauddetector``: [``botocore``] My AWS Service (Amazon Fraud Detector) - This release introduces Cold Start Model Training which optimizes training for small datasets and adds intelligent methods for treating unlabeled data. You can now train Online Fraud Insights or Transaction Fraud Insights models with minimal historical-data.
* api-change:``mediaconvert``: [``botocore``] The AWS Elemental MediaConvert SDK has added improved scene change detection capabilities and a bandwidth reduction filter, along with video quality enhancements, to the AVC encoder.
* api-change:``outposts``: [``botocore``] Adds OrderType to Order structure. Adds PreviousOrderId and PreviousLineItemId to LineItem structure. Adds new line item status REPLACED. Increases maximum length of pagination token.
1.26.64
=======
* enhancement:AWSCRT: [``botocore``] Upgrade awscrt version to 0.16.9
* api-change:``proton``: [``botocore``] Add new GetResourcesSummary API
* api-change:``redshift``: [``botocore``] Corrects descriptions of the parameters for the API operations RestoreFromClusterSnapshot, RestoreTableFromClusterSnapshot, and CreateCluster.
1.26.63
=======
* api-change:``appconfig``: [``botocore``] AWS AppConfig introduces KMS customer-managed key (CMK) encryption of configuration data, along with AWS Secrets Manager as a new configuration data source. S3 objects using SSE-KMS encryption and SSM Parameter Store SecureStrings are also now supported.
* api-change:``connect``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: [``botocore``] Documentation updates for EC2.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``keyspaces``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``quicksight``: [``botocore``] QuickSight support for Radar Chart and Dashboard Publish Options
* api-change:``redshift``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``sso-admin``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.26.62
=======
* bugfix:``s3``: [``botocore``] boto3 no longer overwrites user supplied `Content-Encoding` with `aws-chunked` when user also supplies `ChecksumAlgorithm`.
* api-change:``devops-guru``: [``botocore``] This release adds filter support ListAnomalyForInsight API.
* api-change:``forecast``: [``botocore``] This release will enable customer select INCREMENTAL as ImportModel in Forecast's CreateDatasetImportJob API. Verified latest SDK containing required attribute, following https://w.amazon.com/bin/view/AWS-Seer/Launch/Trebuchet/
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``mediatailor``: [``botocore``] The AWS Elemental MediaTailor SDK for Channel Assembly has added support for program updates, and the ability to clip the end of VOD sources in programs.
* api-change:``sns``: [``botocore``] Additional attributes added for set-topic-attributes.
1.26.61
=======
* api-change:``accessanalyzer``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``appsync``: [``botocore``] This release introduces the feature to support EventBridge as AppSync data source.
* api-change:``cloudtrail-data``: [``botocore``] Add CloudTrail Data Service to enable users to ingest activity events from non-AWS sources into CloudTrail Lake.
* api-change:``cloudtrail``: [``botocore``] Add new "Channel" APIs to enable users to manage channels used for CloudTrail Lake integrations, and "Resource Policy" APIs to enable users to manage the resource-based permissions policy attached to a channel.
* api-change:``codeartifact``: [``botocore``] This release introduces a new DeletePackage API, which enables deletion of a package and all of its versions from a repository.
* api-change:``connectparticipant``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: [``botocore``] This launch allows customers to associate up to 8 IP addresses to their NAT Gateways to increase the limit on concurrent connections to a single destination by eight times from 55K to 440K.
* api-change:``groundstation``: [``botocore``] DigIF Expansion changes to the Customer APIs.
* api-change:``iot``: [``botocore``] Added support for IoT Rules Engine Cloudwatch Logs action batch mode.
* api-change:``kinesis``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``opensearch``: [``botocore``] Amazon OpenSearch Service adds the option for a VPC endpoint connection between two domains when the local domain uses OpenSearch version 1.3 or 2.3. You can now use remote reindex to copy indices from one VPC domain to another without a reverse proxy.
* api-change:``outposts``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``polly``: [``botocore``] Amazon Polly adds two new neural American English voices - Ruth, Stephen
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Automatic Model Tuning now supports more completion criteria for Hyperparameter Optimization.
* api-change:``securityhub``: [``botocore``] New fields have been added to the AWS Security Finding Format. Compliance.SecurityControlId is a unique identifier for a security control across standards. Compliance.AssociatedStandards contains all enabled standards in which a security control is enabled.
* api-change:``support``: [``botocore``] This fixes incorrect endpoint construction when a customer is explicitly setting a region.
1.26.60
=======
* api-change:``clouddirectory``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``cloudformation``: [``botocore``] This feature provides a method of obtaining which regions a stackset has stack instances deployed in.
* api-change:``discovery``: [``botocore``] Update ImportName validation to 255 from the current length of 100
* api-change:``dlm``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: [``botocore``] We add Prefix Lists as a new route destination option for LocalGatewayRoutes. This will allow customers to create routes to Prefix Lists. Prefix List routes will allow customers to group individual CIDR routes with the same target into a single route.
* api-change:``imagebuilder``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``kafka``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``mediaconvert``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``swf``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.26.59
=======
* api-change:``application-autoscaling``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``appstream``: [``botocore``] Fixing the issue where Appstream waiters hang for fleet_started and fleet_stopped.
* api-change:``elasticbeanstalk``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``fis``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``glacier``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``greengrass``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``greengrassv2``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) in SDK.
* api-change:``mediatailor``: [``botocore``] This release introduces the As Run logging type, along with API and documentation updates.
* api-change:``outposts``: [``botocore``] Adding support for payment term in GetOrder, CreateOrder responses.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: [``botocore``] This release supports running SageMaker Training jobs with container images that are in a private Docker registry.
* api-change:``serverlessrepo``: [``botocore``] Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.26.58
=======
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``iotfleetwise``: [``botocore``] Add model validation to BatchCreateVehicle and BatchUpdateVehicle operations that invalidate requests with an empty vehicles list.
* api-change:``s3``: [``botocore``] Allow FIPS to be used with path-style URLs.
1.26.57
=======
* api-change:``cloudformation``: [``botocore``] Enabled FIPS aws-us-gov endpoints in SDK.
* api-change:``ec2``: [``botocore``] This release adds new functionality that allows customers to provision IPv6 CIDR blocks through Amazon VPC IP Address Manager (IPAM) as well as allowing customers to utilize IPAM Resource Discovery APIs.
* api-change:``m2``: [``botocore``] Add returnCode, batchJobIdentifier in GetBatchJobExecution response, for user to view the batch job execution result & unique identifier from engine. Also removed unused headers from REST APIs
* api-change:``polly``: [``botocore``] Add 5 new neural voices - Sergio (es-ES), Andres (es-MX), Remi (fr-FR), Adriano (it-IT) and Thiago (pt-BR).
* api-change:``redshift-serverless``: [``botocore``] Added query monitoring rules as possible parameters for create and update workgroup operations.
* api-change:``s3control``: [``botocore``] Add additional endpoint tests for S3 Control. Fix missing endpoint parameters for PutBucketVersioning and GetBucketVersioning. Prior to this fix, those operations may have resulted in an invalid endpoint being resolved.
* api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender now decouples from Model Registry and could accept Model Name to invoke inference recommendations job; Inference Recommender now provides CPU/Memory Utilization metrics data in recommendation output.
* api-change:``sts``: [``botocore``] Doc only change to update wording in a key topic
1.26.56
=======
* api-change:``databrew``: [``botocore``] Enabled FIPS us-gov-west-1 endpoints in SDK.
* api-change:``route53``: [``botocore``] Amazon Route 53 now supports the Asia Pacific (Melbourne) Region (ap-southeast-4) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.
* api-change:``ssm-sap``: [``botocore``] This release provides updates to documentation and support for listing operations performed by AWS Systems Manager for SAP.
1.26.55
=======
* api-change:``lambda``: [``botocore``] Release Lambda RuntimeManagementConfig, enabling customers to better manage runtime updates to their Lambda functions. This release adds two new APIs, GetRuntimeManagementConfig and PutRuntimeManagementConfig, as well as support on existing Create/Get/Update function APIs.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Inference now supports P4de instance types.
1.26.54
=======
* api-change:``ec2``: [``botocore``] C6in, M6in, M6idn, R6in and R6idn instances are powered by 3rd Generation Intel Xeon Scalable processors (code named Ice Lake) with an all-core turbo frequency of 3.5 GHz.
* api-change:``ivs``: [``botocore``] API and Doc update. Update to arns field in BatchGetStreamKey. Also updates to operations and structures.
* api-change:``quicksight``: [``botocore``] This release adds support for data bars in QuickSight table and increases pivot table field well limit.
1.26.53
=======
* api-change:``appflow``: [``botocore``] Adding support for Salesforce Pardot connector in Amazon AppFlow.
* api-change:``codeartifact``: [``botocore``] Documentation updates for CodeArtifact
* api-change:``connect``: [``botocore``] Amazon Connect Chat introduces Persistent Chat, allowing customers to resume previous conversations with context and transcripts carried over from previous chats, eliminating the need to repeat themselves and allowing agents to provide personalized service with access to entire conversation history.
* api-change:``connectparticipant``: [``botocore``] This release updates Amazon Connect Participant's GetTranscript api to provide transcripts of past chats on a persistent chat session.
* api-change:``ec2``: [``botocore``] Adds SSM Parameter Resource Aliasing support to EC2 Launch Templates. Launch Templates can now store parameter aliases in place of AMI Resource IDs. CreateLaunchTemplateVersion and DescribeLaunchTemplateVersions now support a convenience flag, ResolveAlias, to return the resolved parameter value.
* api-change:``glue``: [``botocore``] Release Glue Studio Hudi Data Lake Format for SDK/CLI
* api-change:``groundstation``: [``botocore``] Add configurable prepass and postpass times for DataflowEndpointGroup. Add Waiter to allow customers to wait for a contact that was reserved through ReserveContact
* api-change:``logs``: [``botocore``] Bug fix - Removed the regex pattern validation from CoralModel to avoid potential security issue.
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive adds support for SCTE 35 preRollMilliSeconds.
* api-change:``opensearch``: [``botocore``] This release adds the enhanced dry run option, that checks for validation errors that might occur when deploying configuration changes and provides a summary of these errors, if any. The feature will also indicate whether a blue/green deployment will be required to apply a change.
* api-change:``panorama``: [``botocore``] Added AllowMajorVersionUpdate option to OTAJobConfig to make appliance software major version updates opt-in.
* api-change:``sagemaker``: [``botocore``] HyperParameterTuningJobs now allow passing environment variables into the corresponding TrainingJobs
1.26.52
=======
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``ivschat``: [``botocore``] Updates the range for a Chat Room's maximumMessageRatePerSecond field.
* api-change:``wafv2``: [``botocore``] Improved the visibility of the guidance for updating AWS WAF resources, such as web ACLs and rule groups.
1.29.71
=======
* api-change:``appconfig``: AWS AppConfig now offers the option to set a version label on hosted configuration versions. Version labels allow you to identify specific hosted configuration versions based on an alternate versioning scheme that you define.
* api-change:``datasync``: With this launch, we are giving customers the ability to use older SMB protocol versions, enabling them to use DataSync to copy data to and from their legacy storage arrays.
* api-change:``ec2``: With this release customers can turn host maintenance on or off when allocating or modifying a supported dedicated host. Host maintenance is turned on by default for supported hosts.
1.29.70
=======
* api-change:``account``: This release of the Account Management API enables customers to view and manage whether AWS Opt-In Regions are enabled or disabled for their Account. For more information, see https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html
* api-change:``appconfigdata``: AWS AppConfig now offers the option to set a version label on hosted configuration versions. If a labeled hosted configuration version is deployed, its version label is available in the GetLatestConfiguration response.
* api-change:``snowball``: Adds support for EKS Anywhere on Snowball. AWS Snow Family customers can now install EKS Anywhere service on Snowball Edge Compute Optimized devices.
1.29.69
=======
* api-change:``autoscaling``: You can now either terminate/replace, ignore, or wait for EC2 Auto Scaling instances on standby or protected from scale in. Also, you can also roll back changes from a failed instance refresh.
* api-change:``connect``: This update provides the Wisdom session ARN for contacts enabled for Wisdom in the chat channel.
* api-change:``ec2``: Adds support for waiters that automatically poll for an imported snapshot until it reaches the completed state.
* api-change:``polly``: Amazon Polly adds two new neural Japanese voices - Kazuha, Tomoko
* api-change:``sagemaker``: Amazon SageMaker Autopilot adds support for selecting algorithms in CreateAutoMLJob API.
* api-change:``sns``: This release adds support for SNS X-Ray active tracing as well as other updates.
1.29.68
=======
* api-change:``chime-sdk-meetings``: Documentation updates for Chime Meetings SDK
* api-change:``emr-containers``: EMR on EKS allows configuring retry policies for job runs through the StartJobRun API. Using retry policies, a job cause a driver pod to be restarted automatically if it fails or is deleted. The job's status can be seen in the DescribeJobRun and ListJobRun APIs and monitored using CloudWatch events.
* api-change:``evidently``: Updated entity overrides parameter to accept up to 2500 overrides or a total of 40KB.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
* api-change:``lightsail``: Documentation updates for Lightsail
* api-change:``migration-hub-refactor-spaces``: This release adds support for creating environments with a network fabric type of NONE
* api-change:``workdocs``: Doc only update for the WorkDocs APIs.
* api-change:``workspaces``: Removed Windows Server 2016 BYOL and made changes based on IAM campaign.
1.29.67
=======
* api-change:``backup``: This release added one attribute (resource name) in the output model of our 9 existing APIs in AWS backup so that customers will see the resource name at the output. No input required from Customers.
* api-change:``cloudfront``: CloudFront Origin Access Control extends support to AWS Elemental MediaStore origins.
* api-change:``glue``: DirectJDBCSource + Glue 4.0 streaming options
* api-change:``lakeformation``: This release removes the LFTagpolicyResource expression limits.
1.29.66
=======
* api-change:``transfer``: Updated the documentation for the ImportCertificate API call, and added examples.
1.29.65
=======
* api-change:``compute-optimizer``: AWS Compute optimizer can now infer if Kafka is running on an instance.
* api-change:``customer-profiles``: This release deprecates the PartyType and Gender enum data types from the Profile model and replaces them with new PartyTypeString and GenderString attributes, which accept any string of length up to 255.
* api-change:``frauddetector``: My AWS Service (Amazon Fraud Detector) - This release introduces Cold Start Model Training which optimizes training for small datasets and adds intelligent methods for treating unlabeled data. You can now train Online Fraud Insights or Transaction Fraud Insights models with minimal historical-data.
* api-change:``mediaconvert``: The AWS Elemental MediaConvert SDK has added improved scene change detection capabilities and a bandwidth reduction filter, along with video quality enhancements, to the AVC encoder.
* api-change:``outposts``: Adds OrderType to Order structure. Adds PreviousOrderId and PreviousLineItemId to LineItem structure. Adds new line item status REPLACED. Increases maximum length of pagination token.
1.29.64
=======
* enhancement:AWSCRT: Upgrade awscrt version to 0.16.9
* api-change:``proton``: Add new GetResourcesSummary API
* api-change:``redshift``: Corrects descriptions of the parameters for the API operations RestoreFromClusterSnapshot, RestoreTableFromClusterSnapshot, and CreateCluster.
1.29.63
=======
* api-change:``appconfig``: AWS AppConfig introduces KMS customer-managed key (CMK) encryption of configuration data, along with AWS Secrets Manager as a new configuration data source. S3 objects using SSE-KMS encryption and SSM Parameter Store SecureStrings are also now supported.
* api-change:``connect``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: Documentation updates for EC2.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``keyspaces``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``quicksight``: QuickSight support for Radar Chart and Dashboard Publish Options
* api-change:``redshift``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``sso-admin``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.29.62
=======
* bugfix:``s3``: boto3 no longer overwrites user supplied `Content-Encoding` with `aws-chunked` when user also supplies `ChecksumAlgorithm`.
* api-change:``devops-guru``: This release adds filter support ListAnomalyForInsight API.
* api-change:``forecast``: This release will enable customer select INCREMENTAL as ImportModel in Forecast's CreateDatasetImportJob API. Verified latest SDK containing required attribute, following https://w.amazon.com/bin/view/AWS-Seer/Launch/Trebuchet/
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``mediatailor``: The AWS Elemental MediaTailor SDK for Channel Assembly has added support for program updates, and the ability to clip the end of VOD sources in programs.
* api-change:``sns``: Additional attributes added for set-topic-attributes.
1.29.61
=======
* api-change:``accessanalyzer``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``appsync``: This release introduces the feature to support EventBridge as AppSync data source.
* api-change:``cloudtrail-data``: Add CloudTrail Data Service to enable users to ingest activity events from non-AWS sources into CloudTrail Lake.
* api-change:``cloudtrail``: Add new "Channel" APIs to enable users to manage channels used for CloudTrail Lake integrations, and "Resource Policy" APIs to enable users to manage the resource-based permissions policy attached to a channel.
* api-change:``codeartifact``: This release introduces a new DeletePackage API, which enables deletion of a package and all of its versions from a repository.
* api-change:``connectparticipant``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: This launch allows customers to associate up to 8 IP addresses to their NAT Gateways to increase the limit on concurrent connections to a single destination by eight times from 55K to 440K.
* api-change:``groundstation``: DigIF Expansion changes to the Customer APIs.
* api-change:``iot``: Added support for IoT Rules Engine Cloudwatch Logs action batch mode.
* api-change:``kinesis``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``opensearch``: Amazon OpenSearch Service adds the option for a VPC endpoint connection between two domains when the local domain uses OpenSearch version 1.3 or 2.3. You can now use remote reindex to copy indices from one VPC domain to another without a reverse proxy.
* api-change:``outposts``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``polly``: Amazon Polly adds two new neural American English voices - Ruth, Stephen
* api-change:``sagemaker``: Amazon SageMaker Automatic Model Tuning now supports more completion criteria for Hyperparameter Optimization.
* api-change:``securityhub``: New fields have been added to the AWS Security Finding Format. Compliance.SecurityControlId is a unique identifier for a security control across standards. Compliance.AssociatedStandards contains all enabled standards in which a security control is enabled.
* api-change:``support``: This fixes incorrect endpoint construction when a customer is explicitly setting a region.
1.29.60
=======
* api-change:``clouddirectory``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``cloudformation``: This feature provides a method of obtaining which regions a stackset has stack instances deployed in.
* api-change:``discovery``: Update ImportName validation to 255 from the current length of 100
* api-change:``dlm``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``ec2``: We add Prefix Lists as a new route destination option for LocalGatewayRoutes. This will allow customers to create routes to Prefix Lists. Prefix List routes will allow customers to group individual CIDR routes with the same target into a single route.
* api-change:``imagebuilder``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``kafka``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``mediaconvert``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``swf``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.29.59
=======
* api-change:``application-autoscaling``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``appstream``: Fixing the issue where Appstream waiters hang for fleet_started and fleet_stopped.
* api-change:``elasticbeanstalk``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``fis``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``glacier``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``greengrass``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
* api-change:``greengrassv2``: Enabled FIPS endpoints for GovCloud (US) in SDK.
* api-change:``mediatailor``: This release introduces the As Run logging type, along with API and documentation updates.
* api-change:``outposts``: Adding support for payment term in GetOrder, CreateOrder responses.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: This release supports running SageMaker Training jobs with container images that are in a private Docker registry.
* api-change:``serverlessrepo``: Enabled FIPS endpoints for GovCloud (US) regions in SDK.
1.29.58
=======
* api-change:``events``: Update events client to latest version
* api-change:``iotfleetwise``: Add model validation to BatchCreateVehicle and BatchUpdateVehicle operations that invalidate requests with an empty vehicles list.
* api-change:``s3``: Allow FIPS to be used with path-style URLs.
1.29.57
=======
* api-change:``cloudformation``: Enabled FIPS aws-us-gov endpoints in SDK.
* api-change:``ec2``: This release adds new functionality that allows customers to provision IPv6 CIDR blocks through Amazon VPC IP Address Manager (IPAM) as well as allowing customers to utilize IPAM Resource Discovery APIs.
* api-change:``m2``: Add returnCode, batchJobIdentifier in GetBatchJobExecution response, for user to view the batch job execution result & unique identifier from engine. Also removed unused headers from REST APIs
* api-change:``polly``: Add 5 new neural voices - Sergio (es-ES), Andres (es-MX), Remi (fr-FR), Adriano (it-IT) and Thiago (pt-BR).
* api-change:``redshift-serverless``: Added query monitoring rules as possible parameters for create and update workgroup operations.
* api-change:``s3control``: Add additional endpoint tests for S3 Control. Fix missing endpoint parameters for PutBucketVersioning and GetBucketVersioning. Prior to this fix, those operations may have resulted in an invalid endpoint being resolved.
* api-change:``sagemaker``: SageMaker Inference Recommender now decouples from Model Registry and could accept Model Name to invoke inference recommendations job; Inference Recommender now provides CPU/Memory Utilization metrics data in recommendation output.
* api-change:``sts``: Doc only change to update wording in a key topic
1.29.56
=======
* api-change:``databrew``: Enabled FIPS us-gov-west-1 endpoints in SDK.
* api-change:``route53``: Amazon Route 53 now supports the Asia Pacific (Melbourne) Region (ap-southeast-4) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.
* api-change:``ssm-sap``: This release provides updates to documentation and support for listing operations performed by AWS Systems Manager for SAP.
1.29.55
=======
* api-change:``lambda``: Release Lambda RuntimeManagementConfig, enabling customers to better manage runtime updates to their Lambda functions. This release adds two new APIs, GetRuntimeManagementConfig and PutRuntimeManagementConfig, as well as support on existing Create/Get/Update function APIs.
* api-change:``sagemaker``: Amazon SageMaker Inference now supports P4de instance types.
1.29.54
=======
* api-change:``ec2``: C6in, M6in, M6idn, R6in and R6idn instances are powered by 3rd Generation Intel Xeon Scalable processors (code named Ice Lake) with an all-core turbo frequency of 3.5 GHz.
* api-change:``ivs``: API and Doc update. Update to arns field in BatchGetStreamKey. Also updates to operations and structures.
* api-change:``quicksight``: This release adds support for data bars in QuickSight table and increases pivot table field well limit.
1.29.53
=======
* api-change:``appflow``: Adding support for Salesforce Pardot connector in Amazon AppFlow.
* api-change:``codeartifact``: Documentation updates for CodeArtifact
* api-change:``connect``: Amazon Connect Chat introduces Persistent Chat, allowing customers to resume previous conversations with context and transcripts carried over from previous chats, eliminating the need to repeat themselves and allowing agents to provide personalized service with access to entire conversation history.
* api-change:``connectparticipant``: This release updates Amazon Connect Participant's GetTranscript api to provide transcripts of past chats on a persistent chat session.
* api-change:``ec2``: Adds SSM Parameter Resource Aliasing support to EC2 Launch Templates. Launch Templates can now store parameter aliases in place of AMI Resource IDs. CreateLaunchTemplateVersion and DescribeLaunchTemplateVersions now support a convenience flag, ResolveAlias, to return the resolved parameter value.
* api-change:``glue``: Release Glue Studio Hudi Data Lake Format for SDK/CLI
* api-change:``groundstation``: Add configurable prepass and postpass times for DataflowEndpointGroup. Add Waiter to allow customers to wait for a contact that was reserved through ReserveContact
* api-change:``logs``: Bug fix - Removed the regex pattern validation from CoralModel to avoid potential security issue.
* api-change:``medialive``: AWS Elemental MediaLive adds support for SCTE 35 preRollMilliSeconds.
* api-change:``opensearch``: This release adds the enhanced dry run option, that checks for validation errors that might occur when deploying configuration changes and provides a summary of these errors, if any. The feature will also indicate whether a blue/green deployment will be required to apply a change.
* api-change:``panorama``: Added AllowMajorVersionUpdate option to OTAJobConfig to make appliance software major version updates opt-in.
* api-change:``sagemaker``: HyperParameterTuningJobs now allow passing environment variables into the corresponding TrainingJobs
1.29.52
=======
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``efs``: Update efs client to latest version
* api-change:``ivschat``: Updates the range for a Chat Room's maximumMessageRatePerSecond field.
* api-change:``wafv2``: Improved the visibility of the guidance for updating AWS WAF resources, such as web ACLs and rule groups.
ngtcp2 v0.13.1
Workaround Handshake packet deadlock by exceeding CWND limit
Fix bug that a remote uni stream never be closed
ngtcp2 v0.13.0
Add section to describe how to associate Connection ID to ngtcp2_conn
server: Cleanup Connection ID association
Remove TLS lib version to make the maintenance easier
bbr2: Fix assertion failure
Picotls keylog
Add const qualifier to some array fields
Make token a pair of pointer to const uint8_t and its size
Add final QUIC version 2 support
examples: Format QUIC version in hex string
Make hard-coded static library suffix optional
Update Version Negotiation to draft-14
Remove QUIC version 2 draft
Clarify server behavior when negotiating version with preferred_versions
examples: Use std::fixed for timer value
Bump boringssl
Remove sphinx theme bundle
2.7.3
- BUG/MINOR: jwt: Wrong return value checked
- BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams
- MEDIUM: quic-sock: fix udp source address for send on listener socket
- BUG/MINOR: sink: make sure to always properly unmap a file-backed ring
- DEV: haring: add a new option "-r" to automatically repair broken files
- MINOR: connection: add a BUG_ON() to detect destroying connection in idle list
- MINOR: mux-quic/h3: send SETTINGS as soon as transport is ready
- BUG/MINOR: h3: fix GOAWAY emission
- BUG/MEDIUM: mux-quic: fix crash on H3 SETTINGS emission
- BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars
- BUG/MINOR: log: release global log servers on exit
- BUG/MINOR: ring: release the backing store name on exit
- BUG/MINOR: sink: free the forwarding task on exit
- DEV: hpack: fix `trash` build regression
- MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is active
- MINOR: trace: add a trace_no_cb() dummy callback for when to use no callback
- MINOR: trace: add the long awaited TRACE_PRINTF()
- BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section
- BUG/MEDIUM: h3: do not crash if no buf space for trailers
- OPTIM: h3: skip buf realign if no trailer to encode
- MINOR: mux-quic/h3: define stream close callback
- BUG/MEDIUM: h3: handle STOP_SENDING on control stream
- BUG/MINOR: h3: reject RESET_STREAM received for control stream
- MINOR: h3: add missing traces on closure
- BUG/MEDIUM: ssl: wrong eviction from the session cache tree
- BUG/MINOR: h3: fix crash due to h3 traces
- BUG/MINOR: stats: use proper buffer size for http dump
- BUG/MINOR: stats: fix source buffer size for http dump
- BUG/MEDIUM: stats: fix resolvers dump
- BUG/MINOR: stats: fix ctx->field update in stats_dump_proxy_to_buffer()
- BUG/MINOR: stats: fix show stats field ctx for servers
- BUG/MINOR: stats: fix STAT_STARTED behavior with full htx
- MINOR: stats: add by HTTP version cumulated number of sessions and requests
- BUG/MINOR: stats: Prevent HTTP "other sessions" counter underflows
- MINOR: quic: remove fin from quic_stream frame type
- MINOR: quic: ensure offset is properly set for STREAM frames
- MINOR: quic: define new functions for frame alloc
- MINOR: quic: refactor frame deallocation
- MEDIUM: quic: implement a retransmit limit per frame
- MINOR: quic: add config for retransmit limit
- CLEANUP: quic: no need for atomics on packet refcnt
- BUG/MINOR: quic: Possible stream truncations under heavy loss
- BUG/MINOR: quic: Too big PTO during handshakes
- MINOR: quic: Add a trace about variable states in qc_prep_fast_retrans()
- BUG/MINOR: quic: Do not ignore coalesced packets in qc_prep_fast_retrans()
- MINOR: quic: When probing Handshake packet number space, also probe the Initial one
- BUG/MAJOR: quic: Possible crash when processing 1-RTT during 0-RTT session
- MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks
- BUG/MINOR: quic: Unchecked source connection ID
- BUG/MEDIUM: quic: do not split STREAM frames if no space
- MINOR: quic: Update version_information transport parameter to draft-14
- BUG/MINOR: ssl/crt-list: warn when a line is malformated
- BUG/MEDIUM: stick-table: do not leave entries in end of window during purge
- BUG/MINOR: clock: do not mix wall-clock and monotonic time in uptime calculation
- BUG/MEDIUM: cache: use the correct time reference when comparing dates
- DOC: config: fix option spop-check proxy compatibility
- DOC: config: 'http-send-name-header' option may be used in default section
- BUG/MINOR: h3: fix crash due to h3 traces
- MINOR: cfgparse/server: move (min/max)conn postparsing logic into dedicated function
- BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server
- BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first
- BUG/MEDIUM: quic: fix crash when "option nolinger" is set in the frontend
- MINOR: quic: implement a basic "show quic" CLI handler
- MINOR: quic: display CIDs and state in "show quic"
- MINOR: quic: display socket info on "show quic"
- MINOR: quic: display infos about various encryption level on "show quic"
- MINOR: quic: display Tx stream info on "show quic"
- MINOR: quic: filter closing conn on "show quic"
- BUG/MINOR: quic: fix filtering of closing connections on "show quic"
- BUG/MINOR: quic: fix type bug on "show quic" for 32-bits arch
- BUG/MINOR: mworker: fix uptime for master process
- BUG/MINOR: clock/stats: also use start_time not start_date in HTML info
- BUG/MEDIUM: quic: Buffer overflow when looking through QUIC CLI keyword list
- DOC: proxy-protocol: fix wrong byte in provided example
- BUG/MINOR: quic: Wrong datagram dispatch because of qc_check_dcid()
- BUG/CRITICAL: http: properly reject empty http header field names
RabbitMQ 3.11.9
Core Server
Bug Fixes
Stream delivery using RabbitMQ Stream protocol v2 could fail to start in some cases.
Nodes could run into an exception with certain publishers that used QPid for client library.
When discovering feature flags across the cluster, default stability level is now experimental and not stable.
Reset and manually added nodes could start receiving stream replica data before its database was initialized,
confusing all code paths that expected a blank node state.
Fixed a minor issue with feature flag log message formatting.
Enhancements
Improved support for the AMQP 1.0 message format (used internally by streams), in particular, when original message
was published using AMQP 1.0.
CLI Tools
Features
rabbitmqctl set_permissions_globally is a new command that sets up user permissions in all existing virtual hosts.
rabbitmq-diagnostics cluster_status now lists how many CPU cores are available to individual nodes, plus a total.
Management Plugin
Bug Fixes
Limits tab failed to load when there were no limits configured.
Enhancements
It is now possible to disable operator policy modifications. This can be necessary in
RabbitMQ-as-a-Service environments.
Contributed by @illotum (AWS).
AMQP 1.0 Plugin
Enhancements
Support for OAuth 2 authentication and authorization backends.
MQTT Plugin
Bug Fixes
MQTT nodes did not correctly remove client IDs for clients connected to a node that was in the process of
being removed from the cluster.
OAuth 2 Plugin
Bug Fixes
auth_oauth2.additional_scopes_key had no effect.
LDAP Plugin
Bug Fixes
Due to a $ sign escaping differences between Make and Bazel (the newly adopted build tool),
default value of of user_dn_pattern setting was incorrect (had an extra $).
Transmission is a free, lightweight BitTorrent client. It features
a simple, intuitive interface on top on an efficient, cross-platform
back-end.
This package includes the shared web frontend files for Transmission.
Fix interrupted pending writes on socket write shutdown
from eager close
Plug a packet buffer memory leak
vm: Make network configuration optional
Switch to go 1.18
Changelog:
1.4.29
Hiroyuki Tanaka added to README :) !2451 @kingu
Initial macOS support !2453 @wegank
X2Go error-message consistency !2452 @kingu
Avoid crash when closing, fixes issue #2832!2454 @giox069
Update Copyright for 2023 !2455 @myheroyuki
Aligning local and downstream jsons !2456 @antenore
1.4.28
Some minor RDP fixes!2415 @akallabeth
Mathias Winterhalter's avatar Fix Unix socket support for VNC !2417 @ToolsDevler
GVNC: Fixed JPEG quality encoding advertizing !2418 @mdevaev
Fix missing null checks causing signal 11 !2419 @ToolsDevler
Add modified date to SFTP file list !2420 @youcefnafa
Adding Labels/Tags !2421 @antonio.petricca
Spelling: Hostname !2422 @kingu
X2Go: Fix annoying default_username bug. !2423 @D0n1elT
plugins/x2go/x2go_plugin.c: Fix tip and comment sentence !2424 @kingu
Remove webkit_settings_set_enable_frame_flattening() for newer WekbKitGTK, fixes#2780!2425 @giox069
Change password including gateway !2427 @benoit.lagarde
Improve rcw close!2429 @giox069
Multiple changes to build and run with libsoup 3.0 !2431 @antenore
X2Go: Add ssh_passphrase and ssh_privatekey settings. !2428 @D0n1elT
RDP: Add option to disable output suppression !2432 @iskunk
Spelling: "Passphrase" -> "password" !2433 @kingu
Fix compile warnings and some spelling corrections !2434 @myheroyuki
[Rem-2782] Display protocol name in tooltip for connections in the ... menu... !2436 @myheroyuki
[Rem-2782] Added protocol icons in drop-down menu !2438 @myheroyuki
Fix widget reparenting when entering/exiting fullscreen !2439 @giox069
Rem 2760 !2440 @myheroyuki
Allow building on a Wayland-only environment - version 4 !2437 @festevam
[Rem-2564] Allow for VNC runtime adjustment of color depth !2442 @myheroyuki
Fix floating toolbar not disappearing when in fullscreen and keyboard grabbed !2441 @giox069
Revert "Merge branch 'Rem-2564' into 'master'" !2443 @myheroyuki
[Rem-2654] Allow for runtime adjustment of colour depth, both increasing and decreasing !2444 @myheroyuki
[Rem-2564] Changed declaration of variables to be compatible with different Ubuntu version !2445 @myheroyuki
[Rem-2682] Added view-only mode for RDP !2447 @myheroyuki
Removing the news widget !2446 @antenore
Updated Flatpak manifest files to match GitHub !2448 @myheroyuki
Add missing include for X11/Wayland conditional !2450 @bkohler
1.4.27
Fix dangling pointer after scrolled container destruction. !2409 (merged) @antenore
Strengthen remmina file set string !2410 (merged) @giox069
Refactoring and minor fixes!2411 (merged) @antenore
launcher.sh is compatible with xfce4-terminal and gnome-terminal now. !2412 (merged) @Lebensgefahr
Fix#2473 - revive rcw_focus_out_event to avoid sticky Alt on Alt-TAB !2413 (merged) @wolfmanx
New SSH color schemes. @antenore
Some grammar fixes. @antenore
1.4.26
Fix trial for 2577: Closing a VNC connection makes Remmina close all other... !2391 @PHWR
Handle after-auth connection errors in VNC properly !2390 @lorenz
Using Remmina from command-line for kiosked servers !2392 @marco.fortina
Manual page refactoring fixes#2056!2393 @antenore
Add mutex to protect RDP clipboard->srv_data. Fixes#2666!2395 @giox069
SSH Forward X11 !2397 @antenore
Add '--no-tray-icon' command-line option !2398 @marco.fortina
Python plugins !2399 @ToolsDevler
Apply plugin api changes from Python plugin change !2400 @ToolsDevler
Extract python plugin !2401 @ToolsDevler
Make FreeRDPs TLS Security Level setting accessible in the advanced settings view !2402 @antenore
Disable grabs for SSH and SFTP, #closes #2728!2403 @antenore
Cannot disable shared folder !2404 @antenore
Use PyInitializeEx in order to skip signal handler registration !2405 @ToolsDevler
Ignore add new connection button in kiosk mode !2406 @antenore
WWW plugin refactoring !2407 @antenore
With two patches provided by Onno van der Linden.
## 4.0.0 beta 1
- Resource Efficiency - Use less memory, fewer CPU cycles
- Better Community - Pull requests welcomed and used
- Code Modernization - Rewritten in C++
### New Features
- Support for using BitTorrent v2 torrents and hybrid torrents. (Support for _creating_ v2 and hybrid torrents is slated for an upcoming release.)
- Users can now set "default" trackers that can be used to announce all public torrents.
- Newly-added seeds can start immediately and verify pieces on demand, instead of needing a full verify before seeding can begin.
- Added an option to omit potentially-identifying information (e.g. User-Agent and date created) when creating new torrents.
- The Web client has been rewritten and now supports mobile use.
- When creating new torrents, users can now specify the piece size.
- IPv6 blocklists are now supported.
- Beginning with 4.0.0-beta.1, Transmission releases now use semver versioning.
- Dozens of other new features -- too many to list here! We've been working on this for a year!
### Qt Client
- Support both Qt5 and Qt6
### GTK Client
- Ported to GTKMM
## 4.0.0 beta 2
### Highlights
* Added support for GTK 4.
* Lots of bugfixes!
## 4.0.0 beta 3
Bugfixes.
- Checked compatibility with LibreSSL 3.6/3.7.
- The selected ciphers are now shown during start of sslserver/sslhandle.
- Fixed duplicate symbol in sslhandle (Who).
- Included enhancements and bug fixes from M.C. for dnscache and
queries: no global PTR lookup for ULA addresses, recognition of
.onion domain, considering empty forwarding files and all 16
possible name servers.
- tinydns' split-horizon capabilities are now based on IPv4/IPv6
CIDR addresses.
22:
- Changed ipX_bytestring to return correctly the number of bytes
processed.
21:
- Fixed wrong return code for DNS_COM (tx Franz).
- Fixed header and man page for env functions and included fd_coe
in man fd.
Changes:
2.23.0
------
* `repo fork`: Add `--default-branch-only` flag
* `repo edit`: Add visibility warning
2.22.1
------
* Rename `--confirm` flag to `--yes` for various destructive commands
2.22.0
------
* Add all-new Projects support to issue and PR commands
Commands like `gh issue create --project mytitle` now work with
all-new GitHub Projects, not just with "Projects (classic)" as it was
before. However, an additional OAuth scope is needed to interact with
new Projects. To enable this, run:
`gh auth refresh -h github.com -s project`
* Add `search commits` command
* Add `repo edit --enable-discussions`
* `auth status` now shows token scopes
* `extension create` now makes the initial git commit
[1.1.0] - 2023-02-07
- Added Custom Notifications to inform the user when defined network events
occur:
- data intensity exceeded a defined packets per second rate
- data intensity exceeded a defined bytes per second rate
- new data are exchanged from one of the favorite connections
- Added Settings pages to configure the state of the application (persistently
stored in a configuration file):
- customise notifications
- choose between 4 different application styles
- set the application language (this release introduces the Italian
language 🇮🇹, and more languages will be supported soon)
- Added Geolocation of the remote IP addresses (consult the README for more
information)
- Implemented the possibility of marking a group of connections as favorites
and added favorites view to the report
- Added modal to ask the user for confirmation before leaving the current
analysis
- Added Tooltips to help the user better understand the function of some
buttons
- Partially implemented support for broadcast IP addresses (still missing IPv4
directed broadcast)
- The application window is now maximized after start
- All the GUI text fonts have been replaced with 'Inconsolata'
- Fixed issue #48 adding a horizontal scrollable to the report view
taca
wiz
nikita
gdt
hauke
yhardy
adam
roy
manu
triaxx
pin
abs
bsiegert
nros
tsutsui
schmonz
bouyer
fcambus
he
mrg
tnn
leot
jperkin
gutteridge
prlw1
riastradh
ryoon
vins
mef