The CONFLICTS generated by PYTHON_SELF_CONFLICT are not only across
python versions but also across major versions of the package; this is
often correct but can be overbroad.
I had deleted PYTHON_SELF_CONFLICTS because it was overbroad,
resulting in py27-scons-3 incorrectly conflicting with py310-scons-4;
this incorrect conflicts caused incorrect failures during
pkg_rolling-replace and manual building. However, there is still some
python 3 usage of scons-3, and various scons-3 does conflict. This
commit adds a manual CONFLICTS line covering all python versions of
scons 3, and excluding other scons major versions. I believe that now
the declared CONFLICTS are exactly correct, gaining the desired
efficiency while not breaking valid usage.
Thanks to wiz@ for off-list discussion about the subtleties.
6.81.2
If the HYPOTHESIS_NO_PLUGINS environment variable is set, we’ll avoid loading plugins such as the old Pydantic integration or HypoFuzz’ CLI options.
This is probably only useful for our own self-tests, but documented in case it might help narrow down any particularly weird bugs in complex environments.
6.81.1
Fixes some lingering issues with inference of recursive types in ~hypothesis.strategies.from_type.
6.81.0
This release further improves our .patch-file support from version 6.75, skipping duplicates, tests which use data() (and don’t support @example()), and various broken edge-cases.
Because libCST has released version 1.0 which uses the native parser by default, we no longer set the LIBCST_PARSER_TYPE=native environment variable. If you are using an older version, you may need to upgrade or set this envvar for yourself.
6.80.1
This patch updates some internal code for selftests. There is no user-visible change.
6.80.0
This release drops support for Python 3.7, which reached end of life on 2023-06-27.
6.79.4
Fixes occasional recursion-limit-exceeded errors when validating deeply nested strategies.
6.79.3
This patch updates our vendored list of top-level domains, which is used by the provisional domains() strategy.
6.79.2
Improve the type rendered in from_type(), which improves the coverage of Ghostwriter.
6.79.1
We now test against Python 3.12 beta in CI, and this patch fixes some new deprecations.
6.79.0
This release changes register_type_strategy() for compatibility with PEP 585: we now store only a single strategy or resolver function which is used for both the builtin and the typing module version of each type.
If you previously relied on registering separate strategies for e.g. list vs typing.List, you may need to use explicit strategies rather than inferring them from types.
3.8.5 (2023-07-19)
Security bugfixes
- Upgraded the vendored copy of llhttp_ to v8.1.1
Features
- Added information to C parser exceptions to show which character caused the error.
Bugfixes
- Fixed a transport is :data:`None` error
2.0.4 (2023-07-19)
- Added support for union operators to ``HTTPHeaderDict``
- Added ``BaseHTTPResponse`` to ``urllib3.__all__``
- Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client
- Relied on the standard library for checking hostnames in supported PyPy releases
CMake 3.27 Release Notes
************************
Changes made since CMake 3.26 include the following.
New Features
============
Debugger
--------
* "cmake(1)" now supports interactive debugging of the CMake language.
See the "--debugger" option.
Presets
-------
* "cmake-presets(7)" files now support schema version "7".
* "cmake-presets(7)" now supports "$penv{}" macro expansion in
"include" fields.
Generators
----------
* The Makefile and Ninja generators now support using the "--
dependency-file" linker flag, added by GNU Binutils 2.35 and LLVM's
LLD 12.0.0, so that files read by the linker will cause a relink if
they change (typically modified timestamps). See the
"CMAKE_LINK_DEPENDS_USE_LINKER" variable.
* The Visual Studio Generators for VS 2015 and above learned to select
the Windows SDK version explicitly using a "version=" field in the
"CMAKE_GENERATOR_PLATFORM" variable. See Visual Studio Platform
Selection.
Languages
---------
* The "CXX" language now treats source file extensions ".ccm",
".cxxm", and ".c++m" as C++.
File-Based API
--------------
* The "cmake-file-api(7)" "codemodel" version 2 "version" field has
been updated to 2.6.
* The "cmake-file-api(7)" "codemodel" version 2 "target" object gained
a new "frameworks" field in the "compileGroups" objects.
Platforms
---------
* Apple text-based stubs (i.e. ".tbd" files) may now be created for
shared libraries on macOS. See the "ENABLE_EXPORTS" property.
Commands
--------
* The "add_custom_command()" command gained a new
"DEPENDS_EXPLICIT_ONLY" option to tell the Ninja Generators not to
add any dependencies implied by the target to which it is attached.
The "CMAKE_ADD_CUSTOM_COMMAND_DEPENDS_EXPLICIT_ONLY" variable was
added to enable "DEPENDS_EXPLICIT_ONLY" on all calls to
"add_custom_command()" command.
* The "cmake_file_api()" command was added for projects to add "CMake
file API" queries for the current CMake run.
* The "find_package()" command now searches prefixes specified by
upper-case "<PACKAGENAME>_ROOT" CMake variables and upper-case
"<PACKAGENAME>_ROOT" environment variables. See policy "CMP0144".
* The "install(CODE)" and "install(SCRIPT)" commands now support the
"<INSTALL_PREFIX>" generator expression.
Variables
---------
* The "CMAKE_DLL_NAME_WITH_SOVERSION" variable and associated
"DLL_NAME_WITH_SOVERSION" target property were added to optionally
append the "SOVERSION" to the filename of the ".dll" part of a
shared library on Windows.
* Variables "CMAKE_VS_DEBUGGER_COMMAND",
"CMAKE_VS_DEBUGGER_COMMAND_ARGUMENTS",
"CMAKE_VS_DEBUGGER_ENVIRONMENT", and
"CMAKE_VS_DEBUGGER_WORKING_DIRECTORY" were added to initialize
corresponding target properties.
* The "CMAKE_VS_WINDOWS_TARGET_PLATFORM_MIN_VERSION" variable was
added to initialize the "VS_WINDOWS_TARGET_PLATFORM_MIN_VERSION"
target property on all targets when they are created.
Properties
----------
* A "CUDA_CUBIN_COMPILATION" target property was added to Object
Libraries to support compiling to ".cubin" files instead of host
object files. Currently only supported with NVIDIA.
* A "CUDA_FATBIN_COMPILATION" target property was added to Object
Libraries to support compiling to ".fatbin" files instead of host
object files. Currently only supported with NVIDIA.
* A "CUDA_OPTIX_COMPILATION" target property was added to Object
Libraries to support compiling to ".optixir" files instead of host
object files. Currently only supported with NVIDIA.
* The "<LANG>_CLANG_TIDY", "<LANG>_CPPCHECK", "<LANG>_CPPLINT", and
"<LANG>_INCLUDE_WHAT_YOU_USE", target properties now support
"generator expressions".
* The "<LANG>_LINKER_LAUNCHER" target property now supports "generator
expressions".
* The "SKIP_LINTING" source file property was added to suppress
target-wide code checks on specific sources.
Modules
-------
* The "FindCUDAToolkit" module now provides an imported target for
"cudla", and imported targets for CUPTI's "nvperf" and "pcsampling"
components.
* The "FindDoxygen" module's "doxygen_add_docs()" command gained a
"CONFIG_FILE" option to specify a custom doxygen configuration file.
* The "FindOpenGL" module gained support for components "GLES2" and
"GLES3".
* The "FindwxWidgets" module now provides an imported target.
Generator Expressions
---------------------
* The "COMPILE_ONLY" generator expression was added to specify
compilation usage requirements without any linking requirements.
* "<LIST:...>" generator expressions were added for query,
transformation, and ordering operations on lists.
* "<PATH:...>" generator expressions for decomposition and
transformation operations learned to process lists of paths element-
wise.
* The "TARGET_IMPORT_FILE", "TARGET_IMPORT_FILE_BASE_NAME",
"TARGET_IMPORT_FILE_PREFIX", "TARGET_IMPORT_FILE_SUFFIX",
"TARGET_IMPORT_FILE_NAME", and "TARGET_IMPORT_FILE_DIR"
generator expressions were added. These expand to details about the
linker import file for a target.
* The "TARGET_RUNTIME_DLL_DIRS" generator expression was added. It
expands to a list of the directories containing DLLs in
"TARGET_RUNTIME_DLLS".
Autogen
-------
* The "CMAKE_AUTOMOC_EXECUTABLE", "CMAKE_AUTORCC_EXECUTABLE", and
"CMAKE_AUTOUIC_EXECUTABLE" variables were added to initialize the
corresponding target properties as targets are created.
* The "AUTOGEN_USE_SYSTEM_INCLUDE" target property and corresponding
"CMAKE_AUTOGEN_USE_SYSTEM_INCLUDE" variable were added to explicitly
control whether autogen headers are considered system headers.
* The "INTERFACE_AUTOMOC_MACRO_NAMES" target property was added to
specify macro names for "moc" as a transitive usage requirement.
CTest
-----
* The "TIMEOUT_SIGNAL_NAME" and "TIMEOUT_SIGNAL_GRACE_PERIOD" test
properties were added to specify a POSIX signal to send to a test
process when its timeout is reached.
CPack
-----
* The "CPack Inno Setup Generator" was added to package using Inno
Setup.
Deprecated and Removed Features
===============================
* Compatibility with versions of CMake older than 3.5 is now
deprecated and will be removed from a future version. Calls to
"cmake_minimum_required()" or "cmake_policy()" that set the policy
version to an older value now issue a deprecation diagnostic.
* The Extra Generators have been deprecated. IDEs may use the "cmake-
file-api(7)" to view CMake-generated project build trees.
* The "FindCUDA" module, which has been deprecated since CMake 3.10,
has been removed by policy "CMP0146". Port projects to CMake's
first-class "CUDA" language support.
* The "FindPythonInterp" and "FindPythonLibs" modules, which have been
deprecated since CMake 3.12, have been removed by policy "CMP0148".
Port projects to "FindPython3", "FindPython2", or "FindPython".
* The "Dart" and "FindDart" modules have been deprecated via policy
"CMP0145". Port projects to the "CTest" module.
* The "Visual Studio 9 2008" generator is now deprecated and will be
removed in a future version of CMake.
Other Changes
=============
* "cmake --build $dir --verbose" will now print the working directory
and command line used to perform the build.
* The "ExternalProject" and "FetchContent" modules now resolve
relative "GIT_REPOSITORY" paths as relative to the parent project's
remote, not as a relative local file system path. See "CMP0150".
* The "ExternalProject" "configure" step no longer re-runs on every
build when the "UPDATE_DISCONNECTED" option is enabled. It will only
re-run if details of the "download", "update", or "patch" step
change.
* The "ExternalProject" "update" and "patch" steps now always re-run
if any of their details change, even if the "UPDATE_DISCONNECTED"
option is enabled. If using the "GIT" download method, and the
"GIT_TAG" is changed to a commit that is not already known locally,
an error is now issued instead of silently using the previous
"GIT_TAG".
* The "FindPython", "FindPython2" and "FindPython3" modules now
support the Windows ARM64 platform.
* The "file(GET_RUNTIME_DEPENDENCIES)" command now case-preserves DLL
names reported on Windows. They are still converted to lowercase
for filter matching.
* The "SYSTEM" target property is now honored for Apple Frameworks.
* Visual Studio Generators, for VS 15.8 (2017) and newer, now build
custom commands in parallel. See policy "CMP0147".
==============================
Release Notes for Samba 4.18.5
July 19, 2023
==============================
This is a security release in order to address the following defects:
o CVE-2022-2127: When winbind is used for NTLM authentication, a maliciously
crafted request can trigger an out-of-bounds read in winbind
and possibly crash it.
https://www.samba.org/samba/security/CVE-2022-2127.html
o CVE-2023-3347: SMB2 packet signing is not enforced if an admin configured
"server signing = required" or for SMB2 connections to Domain
Controllers where SMB2 packet signing is mandatory.
https://www.samba.org/samba/security/CVE-2023-3347.html
o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for
Spotlight can be triggered by an unauthenticated attacker by
issuing a malformed RPC request.
https://www.samba.org/samba/security/CVE-2023-34966.html
o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for
Spotlight can be used by an unauthenticated attacker to
trigger a process crash in a shared RPC mdssvc worker process.
https://www.samba.org/samba/security/CVE-2023-34967.html
o CVE-2023-34968: As part of the Spotlight protocol Samba discloses the server-
side absolute path of shares and files and directories in
search results.
https://www.samba.org/samba/security/CVE-2023-34968.html
Changes since 4.18.4
--------------------
o Ralph Boehme <slow@samba.org>
* BUG 15072: CVE-2022-2127.
* BUG 15340: CVE-2023-34966.
* BUG 15341: CVE-2023-34967.
* BUG 15388: CVE-2023-34968.
* BUG 15397: CVE-2023-3347.
o Volker Lendecke <vl@samba.org>
* BUG 15072: CVE-2022-2127.
o Stefan Metzmacher <metze@samba.org>
* BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023.
Overview of changes leading to 8.0.1
Wednesday, July 12, 2023
====================================
- Build fix on 32-bit arm.
- More speed optimizations:
- 60% speedup in retaingids subsetting SourceHanSans-VF.
- 38% speed up in subsetting (beyond-64k) mega-merged Noto.
- 16% speed up in retain-gid (used for IFT) subsetting of NotoSansCJKkr.
Overview of changes leading to 8.0.0
Sunday, July 9, 2023
====================================
- New, experimental, WebAssembly (WASM) shaper, that provides greater
flexibility over OpenType/AAT/Graphite shaping, using WebAssembly embedded
inside the font file. Currently WASM shaper is disabled by default and needs
to be enabled at build time. For details, see:
https://github.com/harfbuzz/harfbuzz/blob/main/docs/wasm-shaper.md
For example fonts making use of the WASM shaper, see:
https://github.com/simoncozens/wasm-examples
- Improvements to Experimental features introduced in earlier releases:
- Support for subsetting beyond-64k and VarComposites fonts.
- Support for instancing variable fonts with cubic “glyf” table.
- Many big speed optimizations:
- Up to 89% speedup loading variable fonts for shaping.
- Up to 88% speedup in small subsets of large (eg. CJK) fonts (both TTF and
OTF), essential for Incremental Font Transfer (IFT).
- Over 50% speedup in loading Roboto font for shaping.
- Up to 40% speed up in loading (sanitizing) complex fonts.
- 30% speed up in shaping Gulzar font.
- Over 25% speedup in glyph loading Roboto font.
- 10% speed up loading glyph shapes in VarComposite Hangul font.
- hb-hashmap optimizations & hashing improvements.
- New macro HB_ALWAYS_INLINE. HarfBuzz now inlines functions more aggressively,
which results in some speedup at the expense of bigger code size. To disable
this feature define the macro to just inline.
- New API:
+HB_CODEPOINT_INVALID
+hb_ot_layout_get_baseline2()
+hb_ot_layout_get_baseline_with_fallback2()
+hb_ot_layout_get_font_extents()
+hb_ot_layout_get_font_extents2()
+hb_subset_input_set_axis_range()
Changes since 4.18.3
--------------------
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 15404: Backport --pidl-developer fixes.
o Samuel Cabrero <scabrero@samba.org>
* BUG 14030: Named crashes on DLZ zone update.
o Björn Jacke <bj@sernet.de>
* BUG 2312: smbcacls and smbcquotas do not check // before the server.
o Volker Lendecke <vl@samba.org>
* BUG 15382: cli_list loops 100% CPU against pre-lanman2 servers.
* BUG 15391: smbclient leaks fds with showacls.
* BUG 15402: smbd returns NOT_FOUND when creating files on a r/o filesystem.
o Stefan Metzmacher <metze@samba.org>
* BUG 15355: NSS_WRAPPER_HOSTNAME doesn't match NSS_WRAPPER_HOSTS entry and
causes test timeouts.
o Noel Power <noel.power@suse.com>
* BUG 15384: net ads lookup (with unspecified realm) fails.
o Christof Schmitt <cs@samba.org>
* BUG 15381: Register Samba processes with GPFS.
o Andreas Schneider <asn@samba.org>
* BUG 15390: Python tarfile extraction needs change to avoid a warning
(CVE-2007-4559 mitigation).
* BUG 15398: The winbind child segfaults when listing users with `winbind
scan trusted domains = yes`.
o Jones Syue <jonessyue@qnap.com>
* BUG 15383: Remove comments about deprecated 'write cache size'.
* BUG 15403: smbget memory leak if failed to download files recursively.
9.18.17 released
6206. [bug] Add shutdown checks in dns_catz_dbupdate_callback() to
avoid a race with dns_catz_shutdown_catzs(). [GL #4171]
6205. [bug] Restore support to read legacy HMAC-MD5 K file pairs.
[GL #4154]
6204. [bug] Use NS records for relaxed QNAME-minimization mode.
This reduces the number of queries named makes when
resolving, as it allows the non-existence of NS RRsets
at non-referral nodes to be cached in addition to the
referrals that are normally cached. [GL #3325]
6200. [bug] Fix nslookup erroneously reporting a timeout when the
input is delayed. [GL #4044]
6199. [bug] Improve HTTP Connection: header protocol conformance
in the statistics channel. [GL #4126]
6198. [func] Remove the holes in the isc_result_t enum to compact
the isc_result tables. [GL #4149]
6197. [bug] Fix a data race between the dns_zone and dns_catz
modules when registering/unregistering a database
update notification callback for a catalog zone.
[GL #4132]
6196. [cleanup] Report "permission denied" instead of "unexpected error"
when trying to update a zone file on a read-only file
system. Thanks to Midnight Veil. [GL #4134]
6193. [bug] Fix a catz db update notification callback registration
logic error, which could crash named when receiving an
AXFR update for a catalog zone while the previous update
process of the catalog zone was already running.
[GL #4136]
6166. [func] Retry without DNS COOKIE on FORMERR if it appears that
the FORMERR was due to the presence of a DNS COOKIE
option. [GL #4049]
