Changes 1.6:
Add in a check for the windows version of EWOULDBLOCK
Apparently in newer versions of python this just works, but in older
versions the error codes were not consistent across platforms.
Changes in libsoup from 2.59.90.1 to 2.60.0:
* New/updated translations: Catalan, Danish, Dutch, Nepali
Changes in libsoup from 2.59.90 to 2.59.90.1:
* CVE-2017-2885: Fixed a chunked decoding buffer overrun that
could be exploited against either clients or servers.
[#785774]
Changes in libsoup from 2.58.0 to 2.59.90:
* Several SoupAuthNegotiate compatibility fixes [#783780,
#783781, Tomas Popela]
* Include a payload in SoupWebsocketConnection's "ping"
messages (to avoid problems with certain buggy server
implementations), and emit a signal when receiving a "pong"
(to allow apps to notice when the remote peer has
disconnected them). [#785660, David Woodhouse]
* Fix the interpretation of wss:// URIs, which previously
mostly didn't work. [#784766, Nirbheek Chauhan].
* Fixed SoupContentSniffer behavior on XML files with no
Content-Type
[https://bugs.webkit.org/show_bug.cgi?id=173923]
* Fixed a bug with cancelling async requests [#773257, Carlos
Garcia Campos]
* Reverted the (undocumented) change in 2.58.0 to call
soup_session_abort() after changing
SoupSession:proxy-resolver; while this made its behavior
more consistent with :proxy-uri, it ended up breaking
things. [#781590]
* Allow HTTP responses that have no trailing CRLF after the
response headers (and no body) [#780352, Carlos Garcia
Campos]
* Fixed an out-of-bounds read in SoupURI parsing [#785042]
* Fixed a spurious (debug-level) error message in
SoupWebsocketConnection [#784935, Ignacio Casal Quinteiro]
* Fixed introspection annotations on
soup_message_headers_get_content_range() [Philip Withnall]
* Fixed a flake in tests/header-parsing [#777258]
* Update tests/test-cert.pem to use stronger algorithms to
avoid problems with newer gnutls. [#784949, Jan Alexander
Steffens]
* Fixed examples/get to not accidentally break https
certificate validation [#784259, Sebatian Dröge]
* Misc updates to apache/php stuff in unit tests:
* Dropped support for Apache 2.2
* Deal with mod_unixd being compiled-in [#776478]
* Switched PHP support from PHP 5 to PHP 7
* Updated translations:
Esperanto, Turkish
Version 2.4.4
=============
This is primarily a maintenance release, with further improved OpenSSL 1.1
integration, several minor bug fixes and other minor improvements.
Bug fixes
---------
- Fix issues when a pushed cipher via the Negotiable Crypto Parameters (NCP) is
rejected by the remote side
- Ignore ``--keysize`` when NCP have resulted in a changed cipher.
- Configurations using ``--auth-nocache`` and the management interface to provide
user credentials (like NetworkManager on Linux) on client side with servers
implementing authentication tokens (for example, using ``--auth-gen-token``)
will now behave correctly and not query the user for an, to them, unknown
authentication token on renegotiations of the tunnel.
- Fix bug causing invalid or corrupt SOCKS port number when changing the
proxy via the management interface.
- The man page should now have proper escaping of hyphens/minus characters
and have seen some minor corrections.
User-visible Changes
--------------------
- Linux servers with systemd which uses the ``openvpn-server@.service`` unit
file for server configurations will now utilize the automatic restart feature
in systemd. If the OpenVPN server process dies unexpectedly, systemd will
ensure the OpenVPN configuration will be restarted without any user interaction.
Deprecated features
-------------------
- ``--no-replay`` is deprecated and will be removed in OpenVPN 2.5.
- ``--keysize`` is deprecated in OpenVPN 2.4 and will be removed in v2.6
Security
--------
- CVE-2017-12166: Fix bounds check for configurations using ``--key-method 1``.
Before this fix, it could allow an attacker to send a malformed packet to
trigger a stack overflow. This is considered to be a low risk issue, as
``--key-method 2`` has been the default since OpenVPN 2.0 (released on
2005-04-17). This option is already deprecated in v2.4 and will be
completely removed in v2.5.
version 2.78
Fix logic of appending ".<layer>" to PXE basename. Thanks to Chris
Novakovic for the patch.
Revert ping-check of address in DHCPDISCOVER if there
already exists a lease for the address. Under some
circumstances, and netbooted windows installation can reply
to pings before if has a DHCP lease and block allocation
of the address it already used during netboot. Thanks to
Jan Psota for spotting this.
Fix DHCP relaying, broken in 2.76 and 2.77 by commit
ff325644c7afae2588583f935f4ea9b9694eb52e. Thanks to
John Fitzgibbon for the diagnosis and patch.
Try other servers if first returns REFUSED when
--strict-order active. Thanks to Hans Dedecker
for the patch
Fix regression in 2.77, ironically added as a security
improvement, which resulted in a crash when a DNS
query exceeded 512 bytes (or the EDNS0 packet size,
if different.) Thanks to Christian Kujau, Arne Woerner
Juan Manuel Fernandez and Kevin Darbyshire-Bryant for
chasing this one down. CVE-2017-13704 applies.
Fix heap overflow in DNS code. This is a potentially serious
security hole. It allows an attacker who can make DNS
requests to dnsmasq, and who controls the contents of
a domain, which is thereby queried, to overflow
(by 2 bytes) a heap buffer and either crash, or
even take control of, dnsmasq.
CVE-2017-14491 applies.
Credit to Felix Wilhelm, Fermin J. Serna, Gabriel Campana
Kevin Hamacher and Ron Bowes of the Google Security Team for
finding this.
Fix heap overflow in IPv6 router advertisement code.
This is a potentially serious security hole, as a
crafted RA request can overflow a buffer and crash or
control dnsmasq. Attacker must be on the local network.
CVE-2017-14492 applies.
Credit to Felix Wilhelm, Fermin J. Serna, Gabriel Campana
and Kevin Hamacher of the Google Security Team for
finding this.
Fix stack overflow in DHCPv6 code. An attacker who can send
a DHCPv6 request to dnsmasq can overflow the stack frame and
crash or control dnsmasq.
CVE-2017-14493 applies.
Credit to Felix Wilhelm, Fermin J. Serna, Gabriel Campana
Kevin Hamacher and Ron Bowes of the Google Security Team for
finding this.
Fix information leak in DHCPv6. A crafted DHCPv6 packet can
cause dnsmasq to forward memory from outside the packet
buffer to a DHCPv6 server when acting as a relay.
CVE-2017-14494 applies.
Credit to Felix Wilhelm, Fermin J. Serna, Gabriel Campana
Kevin Hamacher and Ron Bowes of the Google Security Team for
finding this.
Fix DoS in DNS. Invalid boundary checks in the
add_pseudoheader function allows a memcpy call with negative
size An attacker which can send malicious DNS queries
to dnsmasq can trigger a DoS remotely.
dnsmasq is vulnerable only if one of the following option is
specified: --add-mac, --add-cpe-id or --add-subnet.
CVE-2017-14496 applies.
Credit to Felix Wilhelm, Fermin J. Serna, Gabriel Campana
Kevin Hamacher and Ron Bowes of the Google Security Team for
finding this.
Fix out-of-memory Dos vulnerability. An attacker which can
send malicious DNS queries to dnsmasq can trigger memory
allocations in the add_pseudoheader function
The allocated memory is never freed which leads to a DoS
through memory exhaustion. dnsmasq is vulnerable only
if one of the following option is specified:
--add-mac, --add-cpe-id or --add-subnet.
CVE-2017-14495 applies.
Credit to Felix Wilhelm, Fermin J. Serna, Gabriel Campana
Kevin Hamacher and Ron Bowes of the Google Security Team for
finding this.
1.0.2
=====
- Fix a potential crash of GUPnPProxy when trying to access a dangling
GUPnPServiceProxy pointer of a server handler.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=777491
All contributors to this release:
- Sven Neumann <neumann@teufel.de>
1.0.1
=====
- Connman CM: Various fixes
- Linux CM: Fix compiler warning about negative shift
- Documentation: Fix FSF address
- Documentation: Fix references
- Build: Update ax_append_link_flags
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=770318
All contributors to this release:
- Sven Neumann <neumann@teufel.de>
- Jens Georg <mail@jensge.org>
- Oliver Tappe <zooey@hirschkaefer.de>
1.0.2
=====
- Small documentation fixes
- Fix deprecation warning with GTK+-3.22
All contributors to this release:
- Jens Georg <mail@jensge.org>
1.0.1
=====
- Fix some compiler/c89 issues with recent mingw
- Use proper ssize_t modifier in printf
- Make documentation point to itself by declaring it stable
- Use correct FSF address in documentation text
All contributors to this release:
- Jens Georg <mail@jensge.org>
3.28.0 (2017-09-29)
+ *nix: Official Linux binaries are now built for Debian 9 (Stretch)
- Do not disable password saving settings if fzdefaults.xml contains a kiosk mode setting of 0.
3.28.0-rc1 (2017-09-22)
+ Add "Close once" as queue completion action
- Fixed crash if FileZilla is forced to close, e.g. when the system is shutting down, while there are open dialogs
- If the transfer queue asks for a password and the password dialog is canceled the queue processing is now stopped
- OS X, *nix: Improve detection of invalid character encodings in local filenames
- Fix potential crash expanding directory tree items while changing selections
0.11.0 (2017-09-29)
+ Add fz::buffer class
- *nix: fz::process::spawn no longer calls async-signal-unsafe functions between forking and calling execv in the child.
2.4.0:
Add support for tornado async transport via gen.coroutine
Check if soap:address is defined in the service port instead of raising an exception
Update packaging (stop using find_packages())
Properly handle None values when rendering complex types
Fix generating signature for empty wsdl messages
Support passing strings to xsd:Time objects
Release: 0.7.19:
* added a new SubnetSplitter class for those looking to divide up subnets.
Thanks alanwill and RyPeck and those on (Stack Overflow discussion).
* removed bundled pytest dependency code for "python setup.py test".
* setup.py now uses setuptools only (no more distutils) and setup_egg.py removed.
* cleaned up INSTALL docs so they accurately reflect current Python packaging.
* fixed broken parsing, generating and reading of IEEE index files when switching
between Python 2.x and 3.x.
notable changes: OpenSSL 1.1.0 is now supported, and c-ares has been updated
While touching the package anyhow, it has been taught to pass down hardening
flags, so that the various PKGSRC_USE_ flags now have effect.
2.3.21 Mon, 31 Jul 2017
core:
* Service/daemon refactoring:
* Move all daemon method to dedicated FusionInventory::Agent::Daemon package
* Win32 service now based on private FusionInventory::Agent::Service inheriting
from FusionInventory::Agent::Daemon
* support configuration reloading on SIGHUP signal (unix)
* support pausing service under win32
* support run now on SIGUSR1 signal (unix)
* and a lot of daemon/service optimizations and enhancements
* daemon process renamed to provider derivated name under unix-like systems with
tag if defined. Example: "fusioniventory-agent (prod)"
* Report http proxy error to help debug communication problems: #324
* Prevent setup.pm indexing in CPAN as requested by CPAN admins
* Other fixed issues: #321
inventory:
* Bump Inventory task version to 1.3
* Fixed win32 softwares finally missing when 2 'inventory' are set in tasks
* Fixed bug: last dmidecode block wasn't parsed
* Updated pci.ids to 2017.07.27 version
* Updated usb.ids to 2017.07.29 version
* Updated storage inventory on MacOS supporting Firewire storages: #309#310
* Fixes on dmidecode memory inventory: #320
* Update memory component capacity on virtual systems: #339
* Fix lenovo system information product name read from dmidecode: fix#311
* Include TL in AIX OS version: #328
* Fix Xen vm with space in name not colleted: #176
netdiscovery/netinventory:
* Bump NetDiscovery & NetInventory task version to 2.3
* Fix credentials option support
* Fixed duplicated mac addresses: #315
* Also accept LLDP notifications on sysName
* Force MANUFACTURER to match real vendor, VENDOR inventory key removed
* Better cleanup of canonical strings with invalid characters
* Support more alternate mac address formats
* Fix some string field encoding
* Support Digi devices serial
* Support ups model oid
* Fixed Juniper serial retrieval
* Enhanced Konica printer discovery
* Enhanced mac address discovery
* Fixed wrong result on snmp read case: #139
* Enhanced error messages in netdiscovery task
* Updated sysobject.ids
deploy:
* Bump Deploy task version to 2.4
* Added new audit checks winkey not equals support
* Support User Interaction under win32 using WTS API (need server-side plugin upgrade)
injector:
* Support xml file extension: #360
* Fixed returns exit code 0 even on error: #329
* Enhanced displayed error messages
2.3.20 Thu, 1 Jun 2017
core:
* Fix#224, #254, #268
* Fix 2.3.19 regression while installing from sources
* Fix bad initialization while computing inventory checksum involving crash in rare case
* Include new CONTRIB.md file to reference not mergeable contributions
* Fix scheduling issue restarting tasks too early
* Avoid a warning on Socket module version check, issue found on Debian and MacOS
* Fix: Support SSL debugging at verbosity 2 on Stderr only
inventory:
* Bump Inventory task version to 1.2
* Fixed Docker support
* Added system software category support
* Added firewall status innventory support
* Fix last user computation on some unix systems
* Add CPU CORECOUNT support based on dmidecode output
* Fix STORAGES support on some platforms
* MacOS: Refactoring to replace Tie::IxHash dependency with XML::XPath to better
parse system profiler output
* Fix: block device inventory still possible even if fdisk command is missing on linux
* Fix#289: Add ARM Board support
* Support UUID for lxc containers
netinventory:
* Fix#221, #275
* Command documentation updated
* a lot more of additional devices in sysobject.ids
* Fix Juniper new model and firmware detection
deploy:
* Bump Deploy task version to 2.3
* Audit checks refactoring and fixes
* Fix win32 registry key check
* Added new audit checks like winkey values, needs a server plugin upgrade
* Enhanced audit checks error reporting
* Fix and enhanced command action to really report output, may require a server plugin upgrade
* Fix command action exit code while target command is not found on unix
wakeonlan:
* Bump WakeOnLan task version to 2.2
* Fix thanks to Ludovic Pouzenc: send magic packets to all non-loopback non-dumb interfaces
2.3.19 Fri, 17 Feb 2017
core:
* Version & provider refactoring to simplify release process
* Provided agent versions can now been commented by providers and programs will
expose comments for --version argument
* Tasks version is now read more efficiently and should reduce agent memory
footing while running under daemon or service mode
* Bump tasks versions to reflect new way of reading task version
* Support no-compression option: useful for debugging or while server do not
support compression
* Replace JSON dependency with JSON::PP pure perl version
* Fixed configuration parsing
* Fix sigterm support on win32
* Reduced agent memory footprint on win32
* Service optimizations limiting inventory run time on win32
* Fix service registration on win32 while requested from sources
* Try to reschedule target sooner on network error
* add Thomas Lornet aka devtom30 as maintainer
inventory:
* Fix VERSIONCLIENT not set
* Screen inventory refactoring introducing ALTSERIAL inventory value which may
show a better serial number for some manufacturer. This will ease future
screen serial number fix integration: comparing expected S/N toward ALTSERIAL
will tell us we just need to update dedicated subclass for a given monitor.
* Some portable computer screens are now recognized
* Previously undefined screen caption may now contains additionnal informations,
mostly for lcd internal panel, like panel model. These are taken from EDID
"monitor_text" when found.
* Few more Acer serial number are fixed
* Fix some memory size read using canonical API
* add --no-compression|-C option to disable compression of communication with server
* Fix HOSTNAME for MacOS
* Add docker container support for linux
* Fix install date while using rpm packaging or for MacOS
* solaris support update
* macos support updates & fixes
* rudder updates
* virtualization/container detection updates (HyperV, VMWare, KVM, LXC/LXD, VirtualBox)
* Added TeamviewerID support for win32 & MacOS
* Fix win32 key registry reading while it contains white space
* Add batteries support on MacOS
* Add HOSTID support on linux & solaris
deploy:
* Bump Deploy task version to 2.2
* Deploy task audit refactoring
* Add support for fileSHA512mismatch check processor in audit
* Fix#205 - Improve software package's audits
* Support optional audit check name in reported status (needs server update)
* Add checkprocessor unit tests
injector:
* add --no-compression|-C option to disable compression of uploaded files
2.3.18 Thu, 16 Jun 2016
core:
* Many bug fixes
* enhance daemon/service mode:
- running tasks are killed while service is stopping
- httpd daemon is now made not blocking so daemon/service handles
external events quickly
* full win32 service refactoring introducing Windows 10 support
* win32 service can be registered/deleted from sources
* support new option --tasks to specify tasks to execute and their order
* support new option --conf-reload-interval to ask to reload conf at
regular time interval while running in daemon or service mode.
inventory:
* Many bug fixes
* enhanced McAfee antivirus reporting
* added REMOTE_MGMT section to report infos related to installed remote
management tools. Actually reports Teamviewer ID
* Eventually try ethtool syscall on linux to find network cards
* Fixed memory reporting on Solaris
* Enhanced installdate for softwares on many platforms
* Enhanced drive a storage reporting on win32
deploy:
* Bump Deploy task version to 2.1.0
* trigger error on servers missing Digest::SHA library to help diagnostic
* Backport some master branch work done by guillomovitch on P2P support
* Net::Ping & Parallel::ForkManager library are now mandatory for P2P support
* POE & POE::Component::Client::Ping requirements are now obsolete
* Also add few fixes and enhancement to P2P support
* Added unittest for P2P support
* fixed issues related to JSON support
* Enhanced run command output to help debugging failures
injector:
* add --recursive|-R option to scan sub-folder for OCS files
* add g-bougard as maintainer
2.3.17 Sun, 27 Sep 2015
inventory:
* add collect task support
* fix CPU frequency retrieval on Windows (#2876)
* fix CPU core and thread retrieval on Windows (#2894)
* small fixes for DragonFlyBSD (#2899)
* fix interface speed retrieval in Solaris zones (#2939)
* fix memory information retrieval on Solaris (#2907)
* fix recurrent timeout for system_profile usage on MacOS (#2913)
* fix hangup when enumerating ovirt virtual machines (#2917)
* fix virtuozzo virtual machines identification (reported on mailing-list)
* fix offline xen virtual machines properties retrieval (#2988)
* fix warning and parsing issues with LSI RAID adapter
* retrieve Rudder agent information for all kind of Unix systems (#2999)
netdiscovery:
* fix multi-threading issues
netinventory:
* better serial retrieval (#2912)
* better VLAN retrieval for non-Cisco devices
* fix firmware retrieval issues leading to malformed XML (#2908, #2956, #2994)
* fix multi-threading issues
* add support for Kyocera printers page counters
* additional devices in sysobject.ids (#2912, #2932, #2965, #2966, #2994)
* minor fixes in sysobject.ids
* relax constraints on sysobjectid syntax
wake-on-lan:
* fix communication issue with latest FusionInventory for GLPI (#2937)
fusioninventory-injector:
* allow to mimic agent in user-agent HTTP header
fusioninventory-netinventory:
* support multi-threading via --threads option
* support inventory toward multiple hosts
* dropped unused --entity option
test suite:
* more robust SSL connection tests
2.3.16 Sun, 1 Mar 2015
inventory:
* fix Rudder server UUID file location (#2865)
* use BIOS ID as guest ID for HyperV hypervisor (#2881)
* filter disabled CPUs in DMI data (#2525)
* minor fixes in CPU information retrieval
netdiscovery:
* fix communication with latest FusionInventory for GLPI (#2862)
* add multiple H3C/SMC/HP models in sysobject.ids (#2873)
* change sysobject.ids file format
netinventory:
* fix communication with latest FusionInventory for GLPI (#2862)
* add hirschman-specific firmware and serial OIDs (#2631)
2.3.15 Tue, 6 Jan 2015
inventory:
* retrieve attached network gateway from default gateway
* do not report 0.0.0.0 as address for non-configured IPMI interfaces
* fix last user retrieval with 32 bit agent on 64 bit Windows
netinventory:
* better firmware retrieval (#2806)
test suite:
* fix Perl version check for POE tests
* force IPv4 for connection tests
2.3.14 Mon, 15 Dec 2014
core:
* fix ESX and Deploy task execution from server request (#2809, #2820, #2823)
* manage PID file explicitely (#2796)
* make PID file location configurable, through --pidfile option (warning:
default location is now in agent state directory)
netdiscovery:
* add a few H3C/HP models in sysobject.ids (#2812)
netdiscovery:
* fix fast interface speed computation (#2833)
install:
* add versioned dependencies on IO::Socket::SSL and Thread::Queue
2.3.13 Thu, 6 Nov 2014
core:
* log HTTP replies status
* log agent stop event (#61)
* better logging of task initialisation process
* fix syslog logger usage with debug level >= 2 (#2780)
* fix SNMPv1 multiple values queries
netdiscovery:
* skip SNMP scan immediatly if there is no answer from remote host
* send task termination message to server when shutting down (#185)
* thread usage cleanup
netinventory:
* propagate error messages to server
* fix null-character presence in XML output (#2670,#2746,#2754,#2784)
* fix WWN physical address parsing (#2759)
* send task termination message to server when shutting down (#185)
* thread usage cleanup
inventory:
* add support for FibreChannel controller on Linux (#2759)
* fix HyperV machines enumeration (#2141)
* fix typo in printer property name on Windows (#2782)
* fix wrong function call on BSD i386 (#2797)
* fix wrong function call on Solaris (#2799)
* fix parsing of psrinfo -vp output on Solaris (#2798)
test suite:
* disable tests requiring POE under perl 5.8
2.3.12 Mon, 06 Oct 2014
core:
* drop Socket::GetAddrInfo usage, and use Socket directly for name to address
resolution
inventory:
* fix networks interface enumeration on Windows XP (#2733)
* fix BIOS date format error on Solaris (#2735)
* retrieve OS minor version on Solaris (#2736)
* identify dockers containers (#2731)
* fix adobe license key format (RT #99164)
2.3.11.1 Wed, 25 Sep 2014
core:
* update MANIFEST to fix missing files
2.3.11 Wed, 25 Sep 2014
core:
* additional distribution metadata
* more flexible message filtering in logger
inventory:
* additional exclusion categories
* more detailed log message for inventory execution
* utf8 encoding fixes for local users and groups on Windows
* fix mac address retrieval for bonded addresses on Linux (#2622)
* fix network interface type identification on Windows
* add network interface type on BSD and Linux (#1838,#2622)
* add WIFI info for network interfaces on BSD and Linux ()
* identify interfaces aliases on Linux (#2622)
* add PCIID for network interfaces and video cards
* better Xorg log file parsing on Linux
* fix disk size computation on Linux (#2718)
* prevent abusive /etc/blkid.tab update on Linux
* ignore whitespace-only disk serial numbers on Windows (#2665)
* fix architecture identification on Solaris (#2672)
* add publisher for dpkg-based distribution on Linux
netinventory:
* drop consumables database in favor of standard consumable identification data
* no more arbitrary consumables number limit
* report unknown and approximate consumable level values as such
* fix negative consumable level values
* report multiple IP addresses associated with each port (#1421)
* report aggregated network ports (#2179,#2564,#2575)
* log sysdescr lookup in devices database
* additional Hischmann and Fortinet devices IDs (#2631)
2.3.10.1 Mon, 04 Aug 2014
inventory:
* fix regression introduced in 2.3.10 wrt hostname on Windows (#2647)
* fix regression introduced in 2.3.10 wrt last logged user on Windows
* provide error messages for name to resolution failures
netdiscovery and netinventory:
* avoid crash for missing logger with command-line tools
2.3.10 Wed, 30 Jul 2014
inventory:
* fix serial key retrieval regression on Windows (#2632,#2641)
* fix office 32bits serial retrieval on 64bits Windows (#2616)
* fix duplicate network interface on AIX (#2527)
* fix warnings for non-parsable etime on Unix (#2636)
* fix global zone identification on Solaris (#2620)
* fix software retrieval on recent BSDs (#2637)
* better file system types identification on Solaris
* add support for HyperV machines enumeration (#2141)
* add support for LXC container identification (#2311)
* add --scan-profiles option to fusioninventory-inventory (#2625)
netdiscovery:
* fix nmap parameters computation (#2618)
* better device identification (#2601, #2194)
netinventory:
* fix invalid character presence in XML output
* add support for Extreme Discovery Protocol (EDP)
* better handling of CDP implementation differences
* better handling of multiple discovery protocols
2.3.9.1 Tue, 15 Jul 2014
install:
* fix sysobjectid and consumables databases files installation
2.3.9 Tue, 15 Jul 2014
core:
* disable lower-level SSL checks when no-ssl-checks is used
netinventory and netdiscovery tasks:
* merge all files from sysobjectid database into a single one
* update sysobjectid database
netdiscovery task:
* catch more SNMPv3 authentication errors
* allow multiple SNMP credentials for netdiscovery executable
netinventory task:
* better printer consumable identification, using vendor references
(#2581,#2582,#2583,#2584,#2587,#2589,#2591,#2592,#2593,#2594)
* externalize consumable ids in a data file
* report 0% level instead of 100% for wastetoners with OK status (#2593)
* skip problematic address only for non-existing interfaces (#2599)
* mark --model option as deprecated for netinventory executable
inventory task:
* disable user profile scanning for software by default on Windows (#2555)
* avoid fatal dmidecode usage on Windows 2003 for CPUs (#2562)
* fix last loggued user identification on Windows (#2553)
* fix product key decoding on Windows 8 (#2544)
* fix IE 10+ version retrieval on Windows (#2528)
* more details for USB devices on Windows (#2598)
* get OS UUID for SPARC on Solaris (#2539)
* add Xen Citrix server VM support (#2529)
2.3.8 Sun, 11 May 2014
netinventory task:
* add support for trunk port identification on non-cisco hardware (#2386)
* add VENDOR element, and keep MANUFACTURER bound to original manufacturer
* add H3C hardware database
* better error messages for non-existing interfaces
inventory task:
* fix multiple crashes introduced by command logging
* fix crash in Windows License module when office is not installed (#2202)
* fix last loggued user retrieval on Windows (#2458)
* fix 32bits software in user environment retrieval on Windows 64bits
test suite:
* transfer hardware tests in private hardware repository
2.3.7.1 Wed, 30 Apr 2014
inventory task:
* fix crash introduced by command logging on BSD hosts
2.3.7 Tue, 29 Apr 2014
install:
* do not rely on GNU install specific options
netinventory and netdiscovery tasks:
* drop support for SNMP dictionary
* drop support for SNMP models
* large code cleanup
* enhance firmware and serial number retrieval
* update extreme networks models database
inventory task:
* fix multiple warnings for missing commands (#2460)
* fix 'broken pipe' error messages on Solaris (#2460)
* fix warnings for NIS/NIS+ external references in /etc/passwd (#2460)
* log executed commands with debug level >= 2
* fix a crash in Windows storage inventory (#2471)
* fix process inventory on AIX (#2481)
* fix firmware version retrieval on AIX (#2480)
* fix mac address extraction for infiniband interfaces (#2432)
* fix CPU identification on newer ARM kernels (#2485)
* fix inconsistencies in process runtime computation (#2491)
test suite:
* ship missing LXC test file (#2483)
2.3.6 Mon, 10 Mar 2014
core:
* abort with explicit error message when there is
no available task
* when receiving a push request from a server, reschedule
contact for this server only
inventory task:
* fix a warning with LXC 1.0.x
netinventory task:
* fix SNMPv3 credentials handling
* fix mac address retrieval on non-default VLANs
* fix LLDP info retrieval for some hardware
* fix memory exhaustion for some hardware (#2414)
* use get-next-requests instead of get-bulk-requests, slower but safer,
especially with large gaps in indexes
netdiscovery task:
* fix SNMPv3 credentials handling
* do not report errors for non-responding host with SNMPv3
wake-on-lan task
* honour all mac addresses from server request (#2353)
test suite:
* fix network interface test on Solaris (#2438)
2.3.5.1 Tue, 14 Jan 2014
inventory task:
* fix AIX LVM regression introduced by incorrect fix (#2384)
* fix another potential warning on AIX
2.3.5 Tue, 14 Jan 2014
netinventory task:
* add more default OIDs for mappings undefined in SNMP model
* fallback on default OID if SNMP model mapping doesn't bring any result
* restore and enhance mac adressses extraction for connected devices on
non-default VLANs
* fix trunk port identification
* fix model loading with fusioninventory-netinventory
inventory task:
* get size for Adaptec RAID controller disks on Linux (#2360)
* fix size reporting for LSI RAID controller disks on Linux
* add support for modern MegaRAID controllers on Linux (#2361)
* better identification for hard disk manufacturers (#2362)
* fix timeout for user enumeration in AD environment on Windows (#2201)
* fix a potential crash in software inventory on Windows
* cleanup whitespace for DMI and /proc values (#2391)
* fix multiple potential warnings on AIX (#2384)
test suite:
* fix test files list (#2394)
* fix network interface enumeration test on Solaris (#2346)
2.3.4 Fri, 29 Nov 2013
netdiscovery task:
* install missing sysobjectid database files
* add additional device types (phones, storage, etc...) support
netinventory task:
* add default OIDs for mappings undefined in SNMP model
* add IFALIAS support for interfaces
* allow SNMPv3 usage from fusioninventory-netinventory
* allow discovery without model from fusioninventory-netinventory
netinventory and netdiscovery tasks:
* fix infinite recursion in mac address canonicalisation, leading to memory
exhaustion (#2336)
* fix SNMPv3 usage without optional parameters
linux:
* OpenVZ: disable the Virtuozzo module if libvirt is already plugged on OpenVZ
2.3.3 Wed, 06 Nov 2013
core
* clean up in the distribution, thanks Olivier Mengué <dolmen@cpan.org>
inventory task
* fix missing 32bits software on 64bits windows (#2212)
netinventory task
* fix SNMP reconnection when issuing VLAN-specific queries on some Cisco
devices (#2178)
* use longer default SNMP timeout, and make them configurable
* handle MAC addresses with embedded VLAN identifier
netdiscovery task
* backport device model identification from sysobjectid value
2.3.2 Fri, 20 Sep 2013
core
* avoid some warning messages
netinventory task
* fix: properly pass the SNMP credentials
* better handling of mac addresses
2.3.1 Mon, 09 Sep 2013
inventory task
* report when running in a BSD Jail or a LXC system, thanks Igor Morozov
* better strategy for extracting USB printer serial on windows (#2213)
* force lowercase identifiers for USB and PCI lookups (#2122)
netdiscovery task
* fix invalid log message and spurious warnings during discovery (#2200)
* fix dictionary update handling, breaking fusioninventory-netdiscovery usage
* use sysobjectid for better identification
* more sysdescr-based identification rules
* fix loss of information when applying sysdescr-based identification rules
* normalize sysdescr better before dictionary lookup
netinventory task
* ensure device type is set in agent answer
* emits warnings when retrieved values are obviously wrong
* better handling of mac addresses
* large code cleanup and optimisation
wake-on-lan task
* fix wrong mac address pattern check
2.3.0 Thu, 01 Aug 2013
distribution:
* Deploy, Network and ESX tasks are now integrated in the distribution
* new fusioninventory-inventory executable, dedicated to inventory task
core:
* no more thread usage for HTTP interface
* no more token usage for HTTP interface, request source address is enough
* --httpd-trust option now allows multiple values
* --daemon and --no-fork options are now available from command-line only
inventory task:
* add DNS_DOMAIN, BOOT_TIME and FQDN in OPERATINGSYSTEM section (#1197, #1347, #1358)
* collect public SSH keys
* collect local users and groups (#1570, #1870)
* collect license key for MS Office on Windows (#152)
* collect software from user profile on Windows(#1674)
* collect license key for Adobe suite, Panic's Transit, VMware Fusion on MacOs
* collect service package version on AIX (#1896)
* collect manufacturer information for memories (#1735)
* enforce consistent handling of USB and PCI identifiers (#1861)
* enforce consistent TYPE values for network interfaces (#1838)
* various UTF8 encoding fixes
* better stripping of bogus values
* Megaraid and 3ware RAID controller support on BSD (Egor Morozov)
* Megaraid controller support on Linux (Egor Morozov)
* support new OpenVZ configuration on Linux (Alessandro Iurlano)
* LPAR support on AIX (#950, #952)
* FreeBSD jail support on BSD (#736, #1555)
* better caching of system_profiler output (#2076)
* better Qemu support (#2106)
* better OpenVM support (#1774)
* better HyperV support (#1989, #1990, #1991)
* fix CPU inventory for non-i386 arches on Linux (#2172)
* better CPU inventory on Solaris (#1741, #1905, #2152)
* better memory inventory on Solaris (#1711, #1714, #1737)
* better slot inventory on Solaris (#1730)
* fix VXFS filesystem identification on Solaris (#1696)
* minimal support for busybox-specific command output (#1372)
* no more memconf usage on Solaris
* no more Mac::SysProfile usage on MacOS (#1646)
wake-on-lan task:
* ethernet and udp methods support on all systems
netdiscovery task:
* fix for regression introduced during code refactoring regarding printers
identification
test suite:
* check the link for 404 error in the doc
* check for warnings generated during parsing
* check entries generated from parsing match expected inventory format
* normalize list before comparaison, for perl 5.18 hash randomisation
2.2.8 unreleased
AIX:
* minor fixes in LVM support
Libcloud 2.2.1:
Common
- Fix an issue with installation failing on some operating system and file
systems combinations (e.g. ecryptfs layered on top of ext4) which don't
support file names longer than 143 characters.
Compute
- [EC2] add g3 instance types
- [EC2] add 'end' to ec2 reserved_node
- Decrease sleep delay (from 1.5 to 0.2 seconds) inside paramiko client which
is used to prevent busy waiting while waiting for data on the channel.
This should cause deploy scripts which produce a lot of output in incremental
manner to finish faster.
- Fix a regression in the Azure ARM driver which didn't allow custom storage
URI suffix to be used with create_node.
Tests
- Make sure we normalize header values and cast all the numbers to strings in
base connection classes used by tests.
This is a regularly scheduled stable release.
Resolved issues (cmd/syncthing):
#4063, #4343: KCP connections are now more stable.
#4348: Hashing benchmarks are skipped if a manual selection has been forced.
Resolved issues (cmd/strelaysrv):
#4245: Relay server RAM usage has been reduced.
=============================
Release Notes for Samba 4.6.8
September 20, 2017
=============================
This is a security release in order to address the following defects:
o CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
should)
o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects)
o CVE-2017-12163 (Server memory information leak over SMB1)
=======
Details
=======
o CVE-2017-12150:
A man in the middle attack may hijack client connections.
o CVE-2017-12151:
A man in the middle attack can read and may alter confidential
documents transferred via a client connection, which are reached
via DFS redirect when the original connection used SMB3.
o CVE-2017-12163:
Client with write access to a share can cause server memory contents to be
written into a file or printer.
For more details and workarounds, please see the security advisories:
o https://www.samba.org/samba/security/CVE-2017-12150.html
o https://www.samba.org/samba/security/CVE-2017-12151.html
o https://www.samba.org/samba/security/CVE-2017-12163.html
Changes since 4.6.7:
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes
async.
* BUG 13020: CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from
writing server memory to file.
o Ralph Boehme <slow@samba.org>
* BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories
directly.
o Stefan Metzmacher <metze@samba.org>
* BUG 12996: CVE-2017-12151: Keep required encryption across SMB3 dfs
redirects.
* BUG 12997: CVE-2017-12150: Some code path don't enforce smb signing
when they should.
Clean-up:
Removed double USE_LIBTOOL=yes.
Pass external CFLAGS and LDFLAGS.
Put PREFIX in patches, removing SUBST.
Do not override optimisation with OPT=-O2.
Changes in version 0.3.0.11 - 2017-09-18
Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1
series.
Most significantly, it includes a fix for TROVE-2017-008, a
security bug that affects hidden services running with the
SafeLogging option disabled. For more information, see
https://trac.torproject.org/projects/tor/ticket/23490
o Minor features (code style, backport from 0.3.1.7):
- Add "Falls through" comments to our codebase, in order to silence
GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
Stieger. Closes ticket 22446.
o Minor features:
- Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
Country database.
o Minor bugfixes (compilation, backport from 0.3.1.7):
- Avoid compiler warnings in the unit tests for calling tor_sscanf()
with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
o Minor bugfixes (controller, backport from 0.3.1.7):
- Do not crash when receiving a HSPOST command with an empty body.
Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
- Do not crash when receiving a POSTDESCRIPTOR command with an empty
body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
- When setting the maximum number of connections allowed by the OS,
always allow some extra file descriptors for other files. Fixes
bug 22797; bugfix on 0.2.0.10-alpha.
o Minor bugfixes (logging, relay, backport from 0.3.1.6-rc):
- Remove a forgotten debugging message when an introduction point
successfully establishes a hidden service prop224 circuit with
a client.
- Change three other log_warn() for an introduction point to
protocol warnings, because they can be failure from the network
and are not relevant to the operator. Fixes bug 23078; bugfix on
0.3.0.1-alpha and 0.3.0.2-alpha.
ChangeLog:
- BUG/MINOR: peers: peer synchronization issue (with several peers sections).
- BUG/MINOR: lua: In error case, the safe mode is not removed
- BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
- BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
- BUG/MEDIUM: lua: bad memory access
- DOC: update CONTRIBUTING regarding optional parts and message format
- DOC: update the list of OpenSSL versions in the README
- MINOR: tools: add a portable timegm() alternative
- BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10
- DOC: Updated 51Degrees git URL to point to a stable version.
- BUG/MINOR: http: Set the response error state in http_sync_res_state
- MINOR: http: Reorder/rewrite checks in http_resync_states
- MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
- BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
- BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
- BUG/MINOR: lua: Fix Server.get_addr() port values
- BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
- BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
- BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
Pkgsrc changes:
* Unbound now needs flex >= 2.6.4 to build, or at least 2.6.3 is a no-go,
so depend on the pkgsrc version which is already 2.6.4.
Upstream changes:
Features:
* unbound-control dump_infra prints port number for address if not 53.
* Fix#1344: RFC6761-reserved domains: test. and invalid.
* Fix#1349: allow suppression of pidfiles (from Daniel Kahn Gillmor).
With the -p option unbound does not create a pidfile.
* Added stats for queries that have been ratelimited by domain
recursion.
* Patch to show DNSCrypt status in help output, from Carsten
Strotmann.
* Fix#1407: Add ECS options check to unbound-checkconf.
* Fix#1415: [dnscrypt] shared secret cache, patch from
Manu Bretelle.
Bug Fixes:
* fixup of dnscrypt_cert_chacha test (from Manu Bretelle).
* First fix for zero b64 and hex text zone format in sldns.
* Better fixup of dnscrypt_cert_chacha test for different escapes.
* Fix that infra cache host hash does not change after reconfig.
* Fix python example0 return module wait instead of error for pass.
* enhancement for hardened-tls for DNS over TLS. Removed duplicated
security settings.
* Fix for unbound-checkconf, check ipsecmod-hook if ipsecmod is turned
on.
* Fix#1331: libunbound segfault in threaded mode when context is
deleted.
* Fix pythonmod link line option flag.
* Fix openssl 1.1.0 load of ssl error strings from ssl init.
* Fix 1332: Bump verbosity of failed chown'ing of the control socket.
* Redirect all localhost names to localhost address for RFC6761.
* Fix#1350: make cachedb backend configurable (from JINMEI Tatuya).
* Fix tests to use .tdir (from Manu Bretelle) instead of .tpkg.
* upgrade aclocal(pkg.m4 0.29.1), config.guess(2016-10-02),
config.sub(2016-09-05).
* annotate case statement fallthrough for gcc 7.1.1.
* flex output from flex 2.6.1.
* snprintf of thread number does not warn about truncated string.
* squelch TCP fast open error on FreeBSD when kernel has it disabled,
unless verbosity is high.
* remove warning from windows compile.
* Fix compile with libnettle
* Fix DSA configure switch (--disable dsa) for libnettle and libnss.
* Fix#1365: Add Ed25519 support using libnettle.
* Fix#1394: mix of serve-expired and response-ip could cause a crash.
* Remove unused iter_env member (ip6arpa_dname)
* Do not reset rrset.bogus stats when called using stats_noreset.
* Do not add rrset_bogus and query ratelimiting stats per thread, these
module stats are global.
* Fix#1397: Recursive DS lookups for AS112 zones names should recurse.
* Fix#1398: make cachedb secret configurable.
* Remove spaces from Makefile.
* Fix issue on macOX 10.10 where TCP fast open is detected but not
implemented causing TCP to fail. The fix allows fallback to regular
TCP in this case and is also more robust for cases where connectx()
fails for some reason.
* Fix#1402: squelch invalid argument error for fd_set_block on windows.
* Fix to reclaim tcp handler when it is closed due to dnscrypt buffer
allocation failure.
* Fix#1415: patch to free dnscrypt environment on reload.
* iana portlist update
* Small fixes for the shared secret cache patch.
* Fix WKS records on kvm autobuild host, with default protobyname
entries for udp and tcp.
* Fix#1414: fix segfault on parse failure and log_replies.
* zero qinfo in handle_request, this zeroes local_alias and also the
qname member.
* new keys and certs for dnscrypt tests.
* fixup WKS test on buildhost without servicebyname.
* updated contrib/fastrpz.patch to apply with configparser changes.
* Fix 1416: qname-minimisation breaks TLSA lookups with CNAMEs.
* Fix#1424: cachedb:testframe is not thread safe.
* Fix#1417: [dnscrypt] shared secret cache counters, and works when
dnscrypt is not enabled. And cache size configuration option.
* Fix#1418: [ip ratelimit] initialize slabhash using
ip-ratelimit-slabs.
* Recommend 1472 buffer size in unbound.conf
* Fix#1412: QNAME minimisation strict mode not honored
* Fix#1434: Fix windows openssl 1.1.0 linking.
* Add dns64 for client-subnet in unbound-checkconf.
4.6.7 (2017/08/09): the latest stable release of the Samba 4.6 release series.
Changes since 4.6.6
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes async.
o Andrew Bartlett <abartlet@samba.org>
* BUG 11392: s4-cldap/netlogon: Match Windows 2012R2 and return
NETLOGON_NT_VERSION_5 when version unspecified.
o Ralph Boehme <slow@samba.org>
* BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories directly.
* BUG 12910: s3/notifyd: Ensure notifyd doesn't return from
smbd_notifyd_init.
o Günther Deschner <gd@samba.org>
* BUG 12840: vfs_fruit: Add fruit:model = <modelname> parametric option.
o David Disseldorp <ddiss@samba.org>
* BUG 12911: vfs_ceph: Fix cephwrap_chdir().
o Dustin L. Howett
* BUG 12720: idmap_ad: Retry query_user exactly once if we get
TLDAP_SERVER_DOWN.
o Thomas Jarosch <thomas.jarosch@intra2net.com>
* BUG 12927: s3: libsmb: Fix use-after-free when accessing pointer *p.
o Volker Lendecke <vl@samba.org>
* BUG 12925: smbd: Fix a connection run-down race condition.
o Stefan Metzmacher <metze@samba.org>
* BUG 12782: winbindd changes the local password and gets
NT_STATUS_WRONG_PASSWORD for the remote change.
* BUG 12890: s3:smbd: consistently use talloc_tos() memory for
rpc_pipe_open_interface().
o Noel Power <noel.power@suse.com>
* BUG 12937: smbcacls: Don't fail against a directory on Windows using SMB2.
o Arvid Requate <requate@univention.de>
* BUG 11392: s4-dsdb/netlogon: Allow missing ntver in cldap ping.
o Garming Sam <garming@catalyst.net.nz>
* BUG 12813: dnsserver: Stop dns_name_equal doing OOB read.
o Andreas Schneider <asn@samba.org>
* BUG 12886: s3:client: The smbspool krb5 wrapper needs negotiate for
authentication.
o Martin Schwenke <martin@meltin.net>
* BUG 12898: ctdb-common: Set close-on-exec when creating PID file.
4.6.6 (2017/07/12): security release in order to address the following defect:
o CVE-2017-11103 (Orpheus' Lyre mutual authentication validation bypass)
Changes since 4.6.5:
---------------------
o Jeffrey Altman <jaltman@secure-endpoints.com>
* BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
4.6.5 (2017/06/06): the latest stable release of the Samba 4.6 release series.
Changes since 4.6.4:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 12804: s3: VFS: Catia: Ensure path name is also converted.
o Christian Ambach <ambi@samba.org>
* BUG 12765: s3:smbcacls add prompt for password.
o Ralph Boehme <slow@samba.org>
* BUG 12562: vfs_acl_xattr|tdb: Ensure create mask is at least 0666 if
ignore_system_acls is set.
* BUG 12702: Wrong sid->uid mapping for SIDs residing in sIDHistory.
* BUG 12749: vfs_fruit: lp_case_sensitive() does not return a bool.
* BUG 12766: s3/smbd: Update exclusive oplock optimisation to the lease area.
* BUG 12798: s3/smbd: Fix exclusive lease optimisation.
o Alexander Bokovoy <ab@samba.org>
* BUG 12751: Allow passing trusted domain password as plain-text to PASSDB
layer.
* BUG 12764: systemd: Fix detection of libsystemd.
o Amitay Isaacs <amitay@gmail.com>
* BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
complete.
* BUG 12770: ctdb-logging: Initialize DEBUGLEVEL before changing the value.
o Shilpa Krishnareddy <skrishnareddy@panzura.com>
* BUG 12756: notify: Fix ordering of events in notifyd.
o Volker Lendecke <vl@samba.org>
* BUG 12757: idmap_rfc2307: Lookup of more than two SIDs fails.
o Stefan Metzmacher <metze@samba.org>
* BUG 12767: samba-tool: Let 'samba-tool user syncpasswords' report deletions
immediately.
o Doug Nazar <nazard@nazar.ca>
* BUG 12760: s3: smbd: inotify_map_mask_to_filter incorrectly indexes an
array.
o Andreas Schneider <asn@samba.org>
* BUG 12687: vfs_expand_msdfs tries to open the remote address as a file
path.
o Martin Schwenke <martin@meltin.net>
* BUG 12802: 'ctdb nodestatus' incorrectly displays status for all nodes with
wrong exit code.
* BUG 12814: ctdb-common: Fix crash in logging initialisation.
1.5.0 2017/04/09
* fix attachments case
* chat.postMessage argument error only if both text and attachments are missing
* RealTime::Client has some information(self, team, channels, ...)
* @url was not, set rtm_start_response["url"] to @url to work properly
1.6.0 2017/07/12
* recognize multiple dot on endpoint
0.06 2016-09-11
Fix some failing tests.
0.05 2016-08-22
Fix strict mode. Thanks to whosgonna.
0.04 2013-09-09
Fix broken length handling. Thanks to Erik Østlyngen.
2.19 2017-05-11T13:02:47Z
commit aac1b06c1e3b0d73ca964794bab0c444d454ebcc
Author: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Date: Thu May 11 18:40:13 2017 +0900
don't run command when the port is empty
Test::TCP do hack on Windows for checking port used.
https://github.com/tokuhirom/Test-TCP/commit/0f4510d8
But this way always return 0 with succeeded with empty port. This is not
expected behavior. So this change fix to call check_port if the port is
not defined.
fixes#60
2.18 2017-04-24T06:00:25Z
- let the kernel select an empty port #59https://github.com/tokuhirom/Test-TCP/pull/59
(i110)
version 3.37 (2017-07-11)
[ENHANCEMENTS]
* Layer3::Juniper fixed to return os_ver for JUNOS 14.x and higher
version 3.36 (2017-06-28)
[ENHANCEMENTS]
* Migrate to Module::Build for distribution maintenance
version 3.35 (2017-06-28)
[ENHANCEMENTS]
* Include loading of LLDP-EXT-MED-MIB in LLDP.pm
[BUG FIXES]
* #180 support CiscoConfig on Nexus (sf.net:scratchfury)
* #50 remove interface specific part from vrf interfaces on IOS (W. Vandersmissen)
* #211 f5 class should respect UseEnums when faking i_type
version 3.34 (2016-11-20)
[ENHANCEMENTS]
* Support Cisco IPS Modules homed on the Cisco ASA (M. Kraus)
[BUG FIXES]
* Serial number on Nexus 9372 (genereic check for ID before using) (M. Caines)
1.11 Mon Sep 11 08:00:00 EDT 2017
- Updated to new module layout (lib/).
- Remove .cvsignore
- Added simple t\*.t tests.
- Makefile.PL: updated version dependencies
- Cisco.pm:
Added 'use warnings;'.
Added warnings() to fix RT 48904.
Added fhopen() to fix RT 19285.
Added POD for last_cmd.
Updated new() to fix RT 19260.
Updated _normalize() to fix RT 7796, 39882, 102753, 118170.
Changed check for '' instead of not defined for $en_level to catch
enable() success or failure.
Changed @out to $out[] in cmd() to fix RT 2592.
Changed prompt_append() to _prompt_append() [private].
Changed re_sans_delims() to _re_sans_delims() [private].
- test.pl: make Term::ReadKey conditional.
2.009 Aug 09 2017
- Several long awaited fixes
- Log when a child exits abnormally. RT #86815
- Added delete-child hook
- Add cleanup_dead_child_hook to PreFork server
- Removed stray warn
- Use File::Temp instead of POSIX::tmpnam
- UNIX read_until to allow for SSL under unix sockets
0.7 2017-08-26 Ben Bullock <bkb@cpan.org>
* Documentation rewrite
0.6 2017-08-25 Ben Bullock <bkb@cpan.org>
* Changed format of ChangeLog to follow CPAN::Changes::Spec,
which means it will be displayed nicely by MetaCPAN.
0.5 2017-08-24 Ben Bullock <bkb@cpan.org>
* Add licence information to POD documentation
0.4 2017-08-24 Ben Bullock <bkb@cpan.org>
* Add contributors and licence information
* Add documentation
* Remove RFCs from distro
0.3 2017-08-24 Ben Bullock <bkb@cpan.org>
* Add meta files to distribution
* in_network altered
* Documentation updates
Changes in 0.22
---------------
- RT 108273 remove PREREQ_FATAL
Changes in 0.21
---------------
- Fix bug relating to scopes and change required field. It's a temporary Fix
until something more permanent can be put into place; effectively, it just
forces the change-required field to match properly.
Changes in 0.20
---------------
- Add capability to get any number of fields starting with a specific string.
- Misc fixes and documentation amendments from Miniconf NYC.
Changes in 0.19
---------------
- Add 'scopes' capability to fields.
Changes in 0.18
---------------
- Bugfix Github issue #1 regarding expression concatenation.
- Bugfix Github issue #4 regarding perldoc parse problems in Net::Gnats.
- Fixed stubbed subroutines which caused test failures for Perl 5.10.1.
- Added additional tests and documentation for Net::Gnats::Command.
- Added additional tests and documentation for Net::Gnats::Command::ADMV.
- Removed dead code from Net::Gnats::Session.
- Bugfix Github issue #6 regarding wrong type returned for query() method.
- Added additional tests and documentation for Net::Gnats get_field_type.
Changes in 0.17
---------------
- Added ability to submit a PR from a PR object.
Changes in 0.16
---------------
- Set consistent versioning across all modules.
- Added 'strictures' to PREREQ_PM.
Changes in 0.15
---------------
- Completely reworked sessions and issuing commands.
- Comprehensive tests, removing all stubs.
- Known issue: attachments not managed
- Known issue: after submit of PR, new PR number not captured into the PR object.
0.90 2017-08-24
- Adding some Pagination helpers (warthog9)
0.89 2017-07-22
- rebuild
0.88 2017-07-22
- Add option to pass in OTP token (bentglasstube)
- Add support for review requests (waniji)
- Add two new methods for filter views of org members (grantm)
0.87 2017-05-23
- new GitHub GraphQL API
0.86 2016-12-03
- Add support for organization membership (alexm)
0.85 2016-09-01
- adding support for passing permission to add_team_repos #75 (allandrick, Leigh Hart)
0.84 2016-05-03
- fix json in upload_asset
- minor Doc fixes and CI (JJ)
0.38 2017/03/30 08:30:00
- Bug Id: 120802. PreserveTimestamp bugs with _mfmt() & _mdtm(). I pulled
the arguments off the stack in the wrong order. Corrected this.
- Added instructions on how to install this module in an alternate location
to the README file.
0.37 2017/03/27 08:30:00
- Found an issue with size() function when it gets the file size via "STAT".
Found a server where "STAT" returned the results in a different format.
- Removed duplicate setting of {help_cmds_no_syntax_available} key in _help().
- Bug Id: 120623. Missed the 2nd half of the ticket. When Croak=>1 is turned
on to not treat the failure of "SITE HELP" as a fatal error!
0.36 2017/03/20 08:30:00
- Updated the copyright & version number.
- Added additional module versions to the logs in BEGIN.
- Bug Id: 120341. Turns out the latest release of IO-Socket-SSL broke
this module. (v2.046 broken, v2.012 worked) Looks like the start_SSL()
call is removing my "_FTPSSL_arguments" hash entry.
- Bug Id: 120623. The OverrideHELP option had issues. Shouldn't have called
_feat() or _site_help() for =>1 or =>\@lst. So removed in _help()!
- Bug Id: 120621. Request for a new feature of allowing objects that inherit
from IO::Handle wherever it asks for a GLOB! put/get/DebugLogFile/etc ...
Implemented via new helper function _isa_glob(). Also updated POD.
- Updated README section on using client certificates.
- Updated t/20-certificate.t to use a callback & updated the %certificate
hash.
Revision history for Net-eBay
0.60 Added support for submitFindingRequest function to work with eBay finding API. In Progress
0.61 added submitPaginatedFindingRequest with obvious functionality (takes all work out of pagination).
--- 0.009 (2017-07-24)
+ Cleaner way to handle both arrays of strings and Net::DNS::Packet objects,
courtesy of NLNETLABS (Dick Franks) in RT 122542 - thanks!
+ Extend tests to cover non-mocked queries too
--- 0.008 (2017-07-21)
* Add Scalar::Util to deps
--- 0.007 (2017-07-19)
* Fix handling pre-prepared ::Packet objects passed to send()
+ Additional tests
--- 0.006 (2017-07-16)
* Don't demand 5.10, work on perl >= 5.6
* No taint mode flag in t/01-basic.t
* Avoid problems with our $VERSION = '...' on one line
All these courtesy of Dick Franks (rwfranks) - thanks!
--- 0.005 (2017-07-13)
* Remove debian/ subdir as per RT #108522
* Regenerate README via pod2readme
* Fix version number in changelog entry below - d'oh - and remove
use of deprecated qv()
* Import rcode list from Net::DNS - RT 96390
--- 0.004 (2017-07-13)
* BIGPRESH taking over maintainership of this seemingly orphaned but
very useful distribution. Plan to fix various RT tickets.
* Fix RT 109266 - avoid deprecated make_query_packet() call
Recog is a framework for identifying products, services, operating
systems, and hardware by matching fingerprints against data returned
from various network probes. Recog makes it simply to extract useful
information from web server banners, snmp system description fields,
and a whole lot more.
Changes 2.2.2:
- Sending empty messages no longer hangs. Instead an empty message is sent correctly.
- Fixed compatibility issues in UTF-8 encoding behavior between Py2/Py3
Core Server
- Process responsible for running the autoheal partition handling
strategy could run into a deadlock with its peers, preventing autoheal
from completing.
- Garbage collection of mirrored queue metrics on nodes that did not
host a master or mirror for a queue affected delivery and
acknowledgement rates. This could result in rates being 0 or negative
when they should not be.
- Stats emission could prevent queue mirrors from performing garbage
collection and consume memory even when they were empty.
- RABBITMQ_SCHEDULER_BIND_TYPE and RABBITMQ_DISTRIBUTION_BUFFER_SIZE now
can be set via rabbitmq-env.conf.
Shovel Management Plugin
- Passwords in source and destination URIs are now redacted out.
Federation Management Plugin
- Passwords in upstream URIs are now redacted out.
The full release of TigerVNC 1.8.0 is now available. Lots of changes
have been made since the last release, but the highlights are:
- Overhaul of the Java client to match the look and behaviour
of the native client
- Initial work for multi-threaded decoding in the Java client
- vncconfig no longer needed for clipboard with Xvnc/libvnc.so
- vncserver has system wide config support
- Reduced CPU usage in the native viewer on macOS
- macOS requirement raised to 10.6
- Full support for alpha cursors in Xvnc/libvnc.so and both viewers
Highlights
new msdk plugin for Intel's Media SDK for hardware-accelerated
video encoding and decoding on Intel graphics hardware on Windows
or Linux.
x264enc can now use multiple x264 library versions compiled for
different bit depths at runtime, to transparently provide support
for multiple bit depths.
videoscale and videoconvert now support multi-threaded scaling
and conversion, which is particularly useful with higher
resolution video.
h264parse will now automatically insert AU delimiters if needed
when outputting byte-stream format, which improves standard
compliance and is needed in particular for HLS playback on
iOS/macOS.
rtpbin has acquired bundle support for incoming streams
Major new features and changes Noteworthy new API
The video library gained support for a number of new video
formats:
GBR_12LE, GBR_12BE, GBRA_12LE, GBRA_12BE (planar 4:4:4
RGB/RGBA, 12 bits per channel) GBRA_10LE, GBRA_10BE (planar
4:4:4:4 RGBA, 10 bits per channel) GBRA (planar 4:4:4:4
ARGB, 8 bits per channel) I420_12BE, I420_12LE (planar 4:2:0
YUV, 12 bits per channel) I422_12BE,I422_12LE (planar 4:2:2
YUV, 12 bits per channel) Y444_12BE, Y444_12LE (planar 4:4:4
YUV, 12 bits per channel) VYUY (another packed 4:2:2 YUV
format)
The high-level GstPlayer API was extended with functions for
taking video snapshots and enabling accurate seeking. It can
optionally also use the still-experimental playbin3 element
now.
New Elements
msdk: new plugin for Intel's Media SDK for hardware-accelerated
video encoding and decoding on Intel graphics hardware on Windows
or Linux. This includes an H.264 encoder/decoder (msdkh264dec,
msdkh264enc), an H.265 encoder/decoder (msdkh265dec, msdkh265enc),
an MJPEG encoder/encoder (msdkmjpegdec, msdkmjpegenc), an MPEG-2
video encoder (msdkmpeg2enc) and a VP8 encoder (msdkvp8enc).
iqa is a new Image Quality Assessment plugin based on DSSIM,
similar to the old (unported) videomeasure element.
The faceoverlay element, which allows you to overlay SVG graphics
over a detected face in a video stream, has been ported from
0.10.
our ffmpeg wrapper plugin now exposes/maps the ffmpeg Opus audio
decoder (avdec_opus) as well as the GoPro CineForm HD / CFHD
decoder (avdec_cfhd), and also a parser/writer for the IVF
format (avdemux_ivf and avmux_ivf).
audiobuffersplit is a new element that splits raw audio buffers
into equal-sized buffers
audiomixmatrix is a new element that mixes N:M audio channels
according to a configured mix matrix.
The timecodewait element got renamed to avwait and can operate
in different modes now.
The opencv video processing plugin has gained a new dewarp
element that dewarps fisheye images.
ttml is a new plugin for parsing and rendering subtitles in
Timed Text Markup Language (TTML) format. For the time being
these elements will not be autoplugged during media playback
however, unless the GST_TTML_AUTOPLUG=1 environment variable
is set. Only the EBU-TT-D profile is supported at this point.
New element features and additions
x264enc can now use multiple x264 library versions compiled for
different bit depths at runtime, to transparently provide support
for multiple bit depths. A new configure parameter
--with-x264-libraries has been added to specify additional paths
to look for additional x264 libraries to load. Background is
that the libx264 library is always compile for one specific bit
depth and the x264enc element would simply support the depth
supported by the underlying library. Now we can support multiple
depths.
x264enc also picks up the interlacing mode automatically from
the input caps now and passed interlacing/TFF information
correctly to the library.
videoscale and videoconvert now support multi-threaded scaling
and conversion, which is particularly useful with higher
resolution video. This has to be enabled explicitly via the
"n-threads" property.
videorate's new "rate" property lets you set a speed factor on
the output stream
splitmuxsink's buffer collection and scheduling was rewritten
to make processing and splitting deterministic; before it was
possible for a buffer to end up in a different file chunk in
different runs. splitmuxsink also gained a new "format-location-full"
signal that works just like the existing "format-location"
signal only that it is also passed the primary stream's first
buffer as argument, so that it is possible to construct the
file name based on metadata such as the buffer timestamp or any
GstMeta attached to the buffer. The new "max-size-timecode"
property allows for timecode-based splitting. splitmuxsink will
now also automatically start a new file if the input caps change
in an incompatible way.
fakesink has a new "drop-out-of-segment" property to not drop
out-of-segment buffers, which is useful for debugging purposes.
identity gained a "ts-offset" property.
both fakesink and identity now also print what kind of metas
are attached to buffers when printing buffer details via the
"last-message" property used by gst-launch-1.0 -v.
multiqueue: made "min-interleave-time" a configurable property.
video nerds will be thrilled to know that videotestsrc's snow
is now deterministic. videotestsrc also gained some new properties
to make the ball pattern based on system time, and invert colours
each second ("animation-mode", "motion", and "flip" properties).
oggdemux reverse playback should work again now. You're welcome.
playbin3 and urisourcebin now have buffering enabled by default,
and buffering message aggregation was fixed.
tcpclientsrc now has a "timeout" property
appsink has gained support for buffer lists. For backwards
compatibility reasons users need to enable this explicitly with
gst_app_sink_set_buffer_list_support(), however. Once activated,
a pulled GstSample can contain either a buffer list or a single
buffer.
splitmuxsrc reverse playback was fixed and handling of sparse
streams, such as subtitle tracks or metadata tracks, was improved.
matroskamux has acquired support for muxing G722 audio; it also
marks all buffers as keyframes now when streaming only audio,
so that tcpserversink will behave properly with audio-only
streams.
qtmux gained support for ProRes 4444 XQ, HEVC/H.265 and CineForm
(GoPro) formats, and generally writes more video stream-related
metadata into the track headers. It is also allows configuration
of the maximum interleave size in bytes and time now. For
fragmented mp4 we always write the tfdt atom now as required
by the DASH spec.
qtdemux supports FLAC, xvid, mp2, S16L and CineForm (GoPro)
tracks now, and generally tries harder to extract more video-related
information from track headers, such as colorimetry or interlacing
details. It also received a couple of fixes for the scenario
where upstream operates in TIME format and feeds chunks to
qtdemux (e.g. DASH or MSE).
audioecho has two new properties to apply a delay only to certain
channels to create a surround effect, rather than an echo on
all channels. This is useful when upmixing from stereo, for
example. The "surround-delay" property enables this, and the
"surround-mask" property controls which channels are considered
surround sound channels in this case.
webrtcdsp gained various new properties for gain control and
also exposes voice activity detection now, in which case it
will post "voice-activity" messages on the bus whenever the
voice detection status changes.
The decklink capture elements for Blackmagic Decklink cards
have seen a number of improvements:
decklinkvideosrc will post a warning message on "no signal"
and an info message when the signal lock has been (re)acquired.
There is also a new read-only "signal" property that can
be used to query the signal lock status. The GAP flag will
be set on buffers that are captured without a signal lock.
The new drop-no-signal-frames will make decklinkvideosrc
drop all buffers that have been captured without an input
signal. The "skip-first-time" property will make the source
drop the first few buffers, which is handy since some devices
will at first output buffers with the wrong resolution
before they manage to figure out the right input format and
decide on the actual output caps.
decklinkaudiosrc supports more than just 2 audio channels
now.
The capture sources no longer use the "hardware" timestamps
which turn out to be useless and instead just use the
pipeline clock directly.
srtpdec now also has a readonly "stats" property, just like
srtpenc.
rtpbin gained RTP bundle support, as used by e.g. WebRTC. The
first rtpsession will have a rtpssrcdemux element inside splitting
the streams based on their SSRC and potentially dispatch to a
different rtpsession. Because retransmission SSRCs need to be
merged with the corresponding media stream the ::on-bundled-ssrc
signal is emitted on rtpbin so that the application can find
out to which session the SSRC belongs.
rtprtxqueue gained two new properties exposing retransmission
statistics ("requests" and "fulfilled-requests")
kmssink will now use the preferred mode for the monitor and
render to the base plane if nothing else has set a mode yet.
This can also be done forcibly in any case via the new
"force-modesetting" property. Furthermore, kmssink now allows
only the supported connector resolutions as input caps in order
to avoid scaling or positioning of the input stream, as kmssink
can't know whether scaling or positioning would be more appropriate
for the use case at hand.
waylandsink can now take DMAbuf buffers as input in the presence
of a compatible Wayland compositor. This enables zero-copy
transfer from a decoder or source that outputs DMAbuf. It will
also set surface opacity hint to allow better rendering
optimization in the compositor.
udpsrc can be bound to more than one interface when joining a
multicast group, this is done by giving a comma separate list
of interfaces such as multicast-iface="eth0,eth1".
Plugin moves
dataurisrc moved from gst-plugins-bad to core
The rawparse plugin containing the rawaudioparse and rawvideoparse
elements moved from gst-plugins-bad to gst-plugins-base. These
elements supersede the old videoparse and audioparse elements.
They work the same, with just some minor API changes. The old
legacy elements still exist in gst-plugins-bad, but may be
removed at some point in the future.
timecodestamper is an element that attaches time codes to video
buffers in form of GstVideoTimeCodeMetas. It had a "clock-source"
property which has now been removed because it was fairly useless
in practice. It gained some new properties however: the
"first-timecode" property can be used to set the inital timecode;
alternatively "first-timecode-to-now" can be set, and then the
current system time at the time the first buffer arrives is
used as base time for the time codes.
Plugin removals
The mad mp1/mp2/mp3 decoder plugin was removed from gst-plugins-ugly,
as libmad is GPL licensed, has been unmaintained for a very
long time, and there are better alternatives available. Use the
mpg123audiodec element from the mpg123 plugin in gst-plugins-ugly
instead, or avdec_mp3 from the gst-libav module which wraps the
ffmpeg library. We expect that we will be able to move mp3
decoding to gst-plugins-good in the next cycle seeing that most
patents around mp3 have expired recently or are about to expire.
The mimic plugin was removed from gst-plugins-bad. It contained
a decoder and encoder for a video codec used by MSN messenger
many many years ago (in a galaxy far far away). The underlying
library is unmaintained and no one really needs to use this
codec any more. Recorded videos can still be played back with
the MIMIC decoder in gst-libav.
Miscellaneous API additions
Request pad name templates passed to gst_element_request_pad()
may now contain multiple specifiers, such as e.g. src_%u_%u.
gst_buffer_iterate_meta_filtered() is a variant of
gst_buffer_iterate_meta() that only returns metas of the requested
type and skips all other metas.
gst_pad_task_get_state() gets the current state of a task in a
thread-safe way.
gst_uri_get_media_fragment_table() provides the media fragments
of an URI as a table of key=value pairs.
gst_print(), gst_println(), gst_printerr(), and gst_printerrln()
can be used to print to stdout or stderr. These functions are
similar to g_print() and g_printerr() but they also support all
the additional format specifiers provided by the GStreamer
logging system, such as e.g. GST_PTR_FORMAT.
a GstParamSpecArray has been added, for elements who want to
have array type properties, such as the audiomixmatrix element
for example. There are also two new functions to set and get
properties of this type from bindings:
gst_util_set_object_array() gst_util_get_object_array()
various helper functions have been added to make it easier to
set or get GstStructure fields containing caps-style array or
list fields from language bindings (which usually support
GValueArray but don't know about the GStreamer specific fundamental
types):
gst_structure_get_array() gst_structure_set_array()
gst_structure_get_list() gst_structure_set_list()
a new 'dynamic type' registry factory type was added to register
dynamically loadable GType types. This is useful for automatically
loading enum/flags types that are used in caps, such as for
example the GstVideoMultiviewFlagsSet type used in multiview
video caps.
there is a new GstProxyControlBinding for use with GstController.
This allows proxying the control interface from one property
on one GstObject to another property (of the same type) in
another GstObject. So e.g. in parent-child relationship, one
may need to call gst_object_sync_values() on the child and have
a binding (set elsewhere) on the parent update the value. This
is used in glvideomixer and glsinkbin for example, where
sync_values() on the child pad or element will call sync_values()
on the exposed bin pad or element.
Note that this doesn't solve GObject property forwarding, that
must be taken care of by the implementation manually or using
GBinding.
gst_base_parse_drain() has been made public for subclasses to
use.
`gst_base_sink_set_drop_out_of_segment()' can be used by
subclasses to prevent GstBaseSink from dropping buffers that
fall outside of the segment.
gst_calculate_linear_regression() is a new utility function to
calculate a linear regression.
gst_debug_get_stack_trace is an easy way to retrieve a stack
trace, which can be useful in tracer plugins.
allocators: the dmabuf allocator is now sub-classable, and there
is a new GST_CAPS_FEATURE_MEMORY_DMABUF define.
video decoder subclasses can use the newly-added function
gst_video_decoder_allocate_output_frame_with_params() to pass
a GstBufferPoolAcquireParams to the buffer pool for each buffer
allocation.
the video time code API has gained a dedicated GstVideoTimeCodeInterval
type plus related API, including functions to add intervals to
timecodes.
There is a new libgstbadallocators-1.0 library in gst-plugins-bad,
which may go away again in future releases once the
GstPhysMemoryAllocator interface API has been validated by more
users and was moved to libgstallocators-1.0 from gst-plugins-base.
GstPlayer
New API has been added to:
get the number of audio/video/subtitle streams:
gst_player_media_info_get_number_of_streams()
gst_player_media_info_get_number_of_video_streams()
gst_player_media_info_get_number_of_audio_streams()
gst_player_media_info_get_number_of_subtitle_streams()
enable accurate seeking: gst_player_config_set_seek_accurate()
and gst_player_config_get_seek_accurate()
get a snapshot image of the video in RGBx, BGRx, JPEG, PNG or
native format: gst_player_get_video_snapshot()
selecting use of a specific video sink element
(gst_player_video_overlay_video_renderer_new_with_sink())
If the environment variable GST_PLAYER_USE_PLAYBIN3 is set,
GstPlayer will use the still-experimental playbin3 element and
the GstStreams API for playback.
Miscellaneous changes
video caps for interlaced video may contain an optional
"field-order" field now in the case of interlaced-mode=interleaved
to signal that the field order is always the same throughout
the stream. This is useful to signal to muxers such as mp4mux.
The new field is parsed from/to GstVideoInfo of course.
video decoder and video encoder base classes try harder to proxy
interlacing, colorimetry and chroma-site related fields in caps
properly.
The buffer stored in the PROTECTION events is now left unchanged.
This is a change of behaviour since 1.8, especially for the
mssdemux element which used to decode the base64 parsed data
wrapped in the protection events emitted by the demuxer.
PROTECTION events can now be injected into the pipeline from
the application; source elements deriving from GstBaseSrc will
forward those downstream now.
The DASH demuxer is now correctly parsing the MSPR-2.0
ContentProtection nodes and emits Protection events accordingly.
Applications relying on those events might need to decode the
base64 data stored in the event buffer before using it.
The registry can now also be disabled by setting the environment
variable GST_REGISTRY_DISABLE=yes, with similar effect as the
GST_DISABLE_REGISTRY compile time switch.
Seeking performance with gstreamer-vaapi based decoders was
improved. It would recreate the decoder and surfaces on every
seek which can be quite slow.
more robust handling of input caps changes in videoaggregator-based
elements such as compositor.
Lots of adaptive streaming-related fixes across the board (DASH,
MSS, HLS). Also:
mssdemux, the Microsoft Smooth Streaming demuxer, has seen
various fixes for live streams, duration reporting and
seeking.
The DASH manifest parser now extracts MS PlayReady
ContentProtection objects from manifests and sends them
downstream as PROTECTION events. It also supports multiple
Period elements in external xml now.
gst-libav was updated to ffmpeg 3.3 but should still work with
any 3.x version.
GstEncodingProfile has been generally enhanced so it can, for
example, be used to get possible profiles for a given file
extension. It is now possible to define profiles based on element
factory names or using a path to a .gep file containing a
serialized profile.
audioconvert can now do endianness conversion in-place. All
other conversions still require a copy, but e.g. sign conversion
and a few others could also be implemented in-place now.
The new, experimental playbin3 and urisourcebin elements got
many bugfixes and improvements and should generally be closer
to a full replacement of the old elements.
interleave now supports > 64 channels.
OpenCV elements, grabcut and retinex has been ported to use
GstOpencvVideoFilter base class, increasing code reuse and
fixing buffer map/unmap issues. Redundant copie of images has
been removed in edgedetect, cvlaplace and cvsobel. This comes
with various cleanup and Meson support.
OpenGL integration
As usual the GStreamer OpenGL integration library has seen
numerous fixes and performance improvements all over the place,
and is hopefully ready now to become API stable and be moved
to gst-plugins-base during the 1.14 release cycle.
The GStreamer OpenGL integration layer has also gained support
for the Vivante EGL FB windowing system, which improves performance
on platforms such as Freescale iMX.6 for those who are stuck
with the proprietary driver. The qmlglsink element also supports
this now if Qt is used with eglfs or wayland backend, and it
works in conjunction with gstreamer-imx of course.
various qmlglsrc improvements
Tracing framework and debugging improvements
New tracing hooks have been added to track GstMiniObject and
GstObject ref/unref operations.
The memory leaks tracer can optionally use this to retrieve
stack traces if enabled with e.g.
GST_TRACERS=leaks(filters="GstEvent,GstMessage",stack-traces-flags=full)
The GST_DEBUG_FILE environment variable, which can be used to
write the debug log output to a file instead of printing it to
stderr, can now contain a name pattern, which is useful for
automated testing and continuous integration systems. The
following format specifiers are supported:
%p: will be replaced with the PID %r: will be replaced with
a random number, which is useful for instance when running
two processes with the same PID but in different containers.
Tools
gst-inspect-1.0 can now list elements by type with the new
--types command-line option, e.g. gst-inspect-1.0 --types=Audio/Encoder
will show a list of audio encoders.
gst-launch-1.0 and gst_parse_launch() have gained a new operator
(:) that allows linking all pads between two elements. This is
useful in cases where the exact number of pads or type of pads
is not known beforehand, such as in the uridecodebin : encodebin
scenario, for example. In this case, multiple links will be
created if the encodebin has multiple profiles compatible with
the output of uridecodebin.
gst-device-monitor-1.0 now shows a gst-launch-1.0 snippet for
each device that shows how to make use of it in a gst-launch-1.0
pipeline string.
GStreamer RTSP server
The RTSP server now also supports Digest authentication in
addition to Basic authentication.
The GstRTSPClient class has gained a pre-*-request signal and
virtual method for each client request type, emitted in the
beginning of each rtsp request. These signals or virtual methods
let the application validate the requests, configure the
media/stream in a certain way and also generate error status
codes in case of an error or a bad request.
GStreamer VAAPI
GstVaapiDisplay now inherits from GstObject, thus the VA display
logging messages are better and tracing the context sharing is
more readable.
When uploading raw images into a VA surfaces now VADeriveImages
are tried fist, improving the upload performance, if it is
possible.
The decoders and the post-processor now can push dmabuf-based
buffers to downstream under certain conditions. For example:
GST_GL_PLATFORM=egl gst-play-1.0 video-sample.mkv
--videosink=glimagesink
Refactored the wrapping of VA surface into gstreamer memory,
adding lock when mapping and unmapping, and many other fixes.
Now vaapidecodebin loads vaapipostproc dynamically. It is
possible to avoid it usage with the environment variable
GST_VAAPI_DISABLE_VPP=1.
Regarding encoders: they have primary rank again, since they
can discover, in run-time, the color formats they can use for
upstream raw buffers and caps renegotiation is now possible.
Also the encoders push encoding info downstream via tags.
About specific encoders: added constant bit-rate encoding mode
for VP8 and H265 encoder handles P010_10LE color format.
Regarding decoders, flush operation has been improved, now the
internal VA encoder is not recreated at each flush. Also there
are several improvements in the handling of H264 and H265
streams.
VAAPI plugins try to create their on GstGL context (when
available) if they cannot find it in the pipeline, to figure
out what type of VA Display they should create.
Regarding vaapisink for X11, if the backend reports that it is
unable to render correctly the current color format, an internal
VA post-processor, is instantiated (if available) and converts
the color format.
GStreamer Editing Services and NLE
Enhanced auto transition behaviour
Fix some races in nlecomposition
Allow building with msvc
Added a UNIX manpage for ges-launch
API changes:
Added ges_deinit (allowing the leak tracer to work properly)
Added ges_layer_get_clips_in_interval Finally hide internal
symbols that should never have been exposed
GStreamer validate
Port gst-validate-launcher to python 3
gst-validate-launcher now checks if blacklisted bugs have been
fixed on bugzilla and errors out if it is the case
Allow building with msvc
Add ability for the launcher to run GStreamer unit tests
Added a way to activate the leaks tracer on our tests and fix
leaks
Make the http server multithreaded
New testsuite for running various test scenarios on the DASH-IF
test vectors
GStreamer Python Bindings
Overrides has been added for IntRange, Int64Range, DoubleRange,
FractionRange, Array and List. This finally enables Python
programmers to fully read and write GstCaps objects.
Build and Dependencies
Meson build files are now disted in tarballs, for jhbuild and
so distro packagers can start using it. Note that the Meson-based
build system is not 100% feature-equivalent with the autotools-based
one yet.
Some plugin filenames have been changed to match the plugin
names: for example the file name of the encoding plugin in
gst-plugins-base containing the encodebin element was
libgstencodebin.so and has been changed to libgstencoding.so.
This affects only a handful of plugins across modules.
Developers who install GStreamer from source and just do make
install after updating the source code, without doing make
uninstall first, will have to manually remove the old installed
plugin files from the installation prefix, or they will get
'Cannot register existing type' critical warnings.
Most of the docbook-based documentation (FAQ, Application
Development Manual, Plugin Writer's Guide, design documents)
has been converted to markdown and moved into a new gst-docs
module. The gtk-doc library API references and the plugins
documentation are still built as part of the source modules
though.
GStreamer core now optionally uses libunwind and libdw to
generate backtraces. This is useful for tracer plugins used
during debugging and development.
There is a new libgstbadallocators-1.0 library in gst-plugins-bad
(which may go away again in future releases once the
GstPhysMemoryAllocator interface API has been validated by more
users).
gst-omx and gstreamer-vaapi modules can now also be built using
the Meson build system.
The qtkitvideosrc element for macOS was removed. The API is
deprecated since 10.9 and it wasn't shipped in the binaries
since a few releases.
Platform-specific improvements Android
androidmedia: add support for VP9 video decoding/encoding and
Opus audio decoding (where supported)
OS/X and iOS
avfvideosrc, which represents an iPhone camera or, on a Mac, a
screencapture session, so far allowed you to select an input
device by device index only. New API adds the ability to select
the position (front or back facing) and device-type (wide angle,
telephoto, etc.). Furthermore, you can now also specify the
orientation (portrait, landscape, etc.) of the videostream.
Bugs fixed in 1.12
More than 635 bugs have been fixed during the development of 1.12.
This list does not include issues that have been cherry-picked into
the stable 1.10 branch and fixed there as well, all fixes that ended
up in the 1.10 branch are also included in 1.12.
This list also does not include issues that have been fixed without
a bug report in bugzilla, so the actual number of fixes is much
higher. Stable 1.12 branch
After the 1.12.0 release there will be several 1.12.x bug-fix
releases which will contain bug fixes which have been deemed suitable
for a stable branch, but no new features or intrusive changes will
be added to a bug-fix release usually. The 1.12.x bug-fix releases
will be made from the git 1.12 branch, which is a stable branch.
1.12.0
1.12.0 was released on 4th May 2017.
1.12.1
The first 1.12 bug-fix release (1.12.1) was released on 20 June
2017. This release only contains bugfixes and it should be safe to
update from 1.12.x. Major bugfixes in 1.12.1
Various fixes for crashes, assertions, deadlocks and memory
leaks Fix for regression when seeking to the end of ASF files
Fix for regression in (raw)videoparse that caused it to omit
video metadata Fix for regression in discoverer that made it
show more streams than actually available Numerous bugfixes to
the adaptive demuxer base class and the DASH demuxer Various
playbin3/urisourcebin related bugfixes Vivante DirectVIV (imx6)
texture uploader works with single-plane (e.g. RGB) video formats
now Intel Media SDK encoder now outputs valid PTS and keyframe
flags OpenJPEG2000 plugin can be loaded again on MacOS and
correctly displays 8 bit RGB images now Fixes to DirectSound
source/sink for high CPU usage and wrong latency/buffer size
calculations gst-libav was updated to ffmpeg n3.3.2 ... and
many, many more!
1.12.2
The second 1.12 bug-fix release (1.12.2) was released on 14 July
2017. This release only contains bugfixes and it should be safe to
update from 1.12.x. Major bugfixes in 1.12.2
Various fixes for crashes, assertions, deadlocks and memory
leaks Regression fix for playback of live HLS streams Regression
fix for crash when playing back a tunneled RTSP stream Regression
fix for playback of RLE animations in MOV containers Regression
fix for RTP GSM payloading producing corrupted output Major
bugfixes to the MXF demuxer, mostly related to seeking and fixes
to the frame reordering handling in the MXF muxer and demuxer
Fix for playback of mono streams on MacOS More fixes for index
handling of ASF containers Various fixes to adaptivedemux, DASH
and HLS demuxers Fix deadlock in gstreamer-editing-services
during class initialization ... and many, many more!
3.27.1 (2017-08-14)
! Change client identification string if connecting with SFTP due to OpenSSH disregarding the supported ciphers announced by the client, resulting in less secure algorithms being chosen by OpenSSH.
- MSW: Improve handling of NTFS reparse points
- MSW: If running the installer with /S, previous versions where not uninstalled prior to the new version being installed
- MSW: The installer can be run with /quiet for a semi-silent installation
- OS X, *nix: Potential fix for a rare crash if changing local directories while the local directory list is being updated and vice versa.
3.27.0.1 (2017-07-19)
- MSW: Add misssing file to .zip binary package
- MSW: Fix toolchain issues breaking the shell extension
3.27.0 (2017-07-19)
- SFTP components have been updated and are now based on PuTTY 0.70
3.27.0-rc1 (2017-07-11)
+ Support for the Storj decentralized cloud storage provider
- MSW: Fix display of file type of directories if the directory name contains a dot
- Fix assertion if entering an invalid protocol prefix into the host field on the quickconnect bar or in the site manager
- Improve error message if TLS certificate verification fails due to a missing stapled OCSP resonse
- Building and running FileZilla now depends on libfilezilla >= 0.10.0 (https://lib.filezilla-project.org/)
3.26.2 (2017-06-12)
- Fixed crash if using master passwords and decrypting very long passwords
3.26.1 (2017-06-02)
- Fixed crash if changing password settings and the Site Manager contains subdirectories
- *nix: Fixed saving of sites having more than one site-specific bookmark
3.26.0 (2017-06-01)
- When changing or removing the master password, update protected credentials of server items in the transfer queue
- Fix display of remember checkbox when showing the password entry dialog for sites that have no username set and are using the "Ask" logon type
- Some icons were missing in the Windows .zip binary archive
3.26.0-rc1 (2017-05-25)
+ Passwords can now be stored encrypted, protected with a master password
+ Building and running FileZilla now depends on libfilezilla >= 0.9.2 (https://lib.filezilla-project.org/).
+ Building and running FileZilla now depends on wxWidgets >= 3.0.3
#### Release 3.0.0
This new version includes a major redesign of the library internals, with the
goal to drastically improve the lookup time while reducing storage space.
For this reason, several public methods that are no longer applicable have
been deprecated and/or removed. You can find more information at GH-133.
- CHANGED: Updated definitions.
- CHANGED: Dropped support for Ruby < 2.1
- CHANGED: `PublicSuffix::List#rules` is now protected. You should not rely on
it as the internal rule representation is subject to change to optimize
performances.
- CHANGED: Removed `PublicSuffix::List.clear`, it was an unnecessary accessor
method. Use `PublicSuffix::List.default = nil` if you **really** need to
reset the default list. You shouldn't.
- CHANGED: `PublicSuffix::List#select` is now private. You should not use it,
instead use `PublicSuffix::List#find`.
- CHANGED: `PublicSuffix::List` no longer implements Enumerable. Instead, use
`#each` to loop over, or get an Enumerator.
- CHANGED: Redesigned internal list storage and lookup algorithm to achieve
O(1) lookup time (see GH-133).
## v1.60.2
* Fix deletion of TXT records with spaces in dynamic updates (thanks Sean Dilda)
* Fix use of non-default ports in Dnsruby::Resolver (thanks Thomas Morgan)
* Fix NAPTR encoding for null rdata dynamic update packets
* Fix CAA resource record encoding
* Avoid changing ruby global thread abort behavior (thanks Brent Cook)
Changelog:
- Dependencies: GTK+ 3.20 is now required, and librest is no longer
a dependency
- Facelift for the tweet info page
- Lots of stability fixes
- The compose window now starts uploading images as soon as they
are selected
This is a regularly scheduled stable release.
Resolved issues:
#3742, #4305: Better detect sync conflicts that happen while syncing
#4300: Fixes a crash related to a nil reference in ignore handling
There is also a major internal refactor as part of this release.
Version 1.0.32 September 02 2017
------------------------------------------------------------------------
Guus Sliepen (13):
Don't dereference myself->incipher if it's NULL.
Merge remote-tracking branch 'VittGam/master'
Use /dev/udp instead of /dev/ip on Solaris.
Use getmsg()/putmsg() instead of read()/write() on Solaris.
Fix Solaris DeviceType = tap in router Mode.
Bind outgoing TCP sockets.
Move logging of "would block" messages to debug level 4.
Set KillMode=mixed in the systemd service file.
Don't forget about outgoing connections on host file read errors.
Fix Proxy = exec.
Set status.proxy_passed early for Proxy = exec.
Don't try to bind Proxy = exec sockets to an address.
Releasing 1.0.32.
Vittorio Gambaletta (VittGam) (1):
route: Support ToS/DiffServ priority inheritance when routing IPv6
packets.
Version 1.0.31 January 15 2017
------------------------------------------------------------------------
Guus Sliepen (1):
Releasing 1.0.31.
Élie Bouttier (1):
Remove ExecStop in tinc@.service
Version 1.0.30 October 30 2016
------------------------------------------------------------------------
Guus Sliepen (11):
Allow non-empty lines after status code from a HTTP proxy.
Fix proxy reply parsing broken by the previous commit.
Log only the first line of a proxy request rejection message.
Delay sending the real ID request until after a proxy request is granted.
Use AES256 and SHA256 by default, also for the meta-connections.
Enforce maximum amount of bytes sent/received on meta-connections.
Fix bit shifting arithmetic so the code actually does what the last commit
message says.
Really fix byte budget calculation.
Use AES in CTR mode instead of OFB mode for meta-connections.
Use CFB mode for meta-connections to improve security.
Releasing 1.0.30.
Version 1.0.29 October 09 2016
------------------------------------------------------------------------
Guus Sliepen (11):
Preserve IPv6 scope_id in edges.
Ensure compatibility with OpenSSL 1.1.0.
Add -Wall to CFLAGS.
Check return value of RSA_generate_key_ex().
Force nul-termination of strings after vsnprintf().
Log warnings about dropped packets only with debug level 5 or higher.
Add a copy of ax_append_flag.m4.
Add ax_require_defined.m4.
Fix possibly unitialized variable.
Fix compiler warnings about format string errors on BSD.
Releasing 1.0.29.
Version 1.0.28 April 10 2016
------------------------------------------------------------------------
Guus Sliepen (8):
Fix compiling bsd/device.c on systems without utun.
Really remove use of __DATE__ and __TIME__ to facilitate reproducible
builds.
Add systemd service files.
Update .gitignore.
Ensure the service files are in the tarball.
Explicitly mention that LibreSSL can be used as well.
Update links in the documentation.
Releasing 1.0.28.
Version 1.0.27 April 10 2016
------------------------------------------------------------------------
Guus Sliepen (26):
Add missing AM_PROG_CC_C_O to configure.ac.
Attribution for various contributors.
Update "now" after connect() when making outgoing connections.
Add ability to use proxies to connect to hostnames when there is no
nameserver.
Only add a reflexive address when we're sure it's working.
Fix compatibility with TAP-Win32 9.0.0.21 and later.
Fix warnings from the Clang Static Analyzer.
Improve performance of edge updates.
Clarify that scripts are called synchronously.
Small fixes for the documentation.
Add warnings for bad combinations of Device and Interface.
Fix forwarding of edge updates.
Don't compile getopt*.c if the system provides getopt_long().
Update .gitignore.
Update THANKS.
Use iface instead of interface.
Update copyright notices.
Remove use of __DATE__ and __TIME__ to facilitate reproducible builds.
Cast 0xff to char before comparing it to another char.
Get rid of a warning when compiling tinc using MinGW.
Every BSD flavor has a tap device nowadays.
Use devname() if available to support devfs cloning on BSD.
Use SIOCGIFADDR on BSDs that support it.
Enable silent builds by default.
Add support for OS X utun interfaces.
Releasing 1.0.27.
Vittorio Gambaletta (VittGam) (6):
Fix DecrementTTL option.
Fix source IP address for ICMP unreachable packets generated by tinc.
Try to reply with node address only when decrementing the TTL.
Fix DecrementTTL option for packets destined to the local node.
s/broadcast_packet_helper/route_broadcast/
Remove forward declaration for do_decrement_ttl.
LunarShaddow (3):
fix typo
re-arrange include sequence to avoid a mingw introduced bug.
Proofing README.
Florian Weik (1):
Fix NAME variable in subnet-* scripts for local subnets.
Nathan Stratton Treadway (1):
Fix invalid checksum generation.
