- server: Fixed a rare but serious issue where Consul servers could
panic when performing a large delete operation followed by a specific
sequence of other updates to related parts of the state store (affects
KV, sessions, prepared queries, and the catalog).
This is a new stable release.
Major changes for 1.4 are:
Epoxy can now build with MSVC versions prior to 2013; we still recommend using a recent, C99-compatible compiler, like MSVC 2015 [Chun-wei Fan]
When used under X11, Epoxy now attempts to handle the cases where the GLX extension is not built or not available [Yaron Cohen-Tal]
GLX can now be enabled and disabled at configuration time; this allows building Epoxy with GLX on macOS, and allows building Epoxy without GLX on embedded platforms
Epoxy now exposes API that lets dependent projects safely check if platform API like GLX and EGL is available at run time
EGL support has been improved on Windows, and made more resilient on other platforms [Yaron Cohen-Tal, Adam Jackson]
Epoxy supports building with the Meson build system, which has Ninja, Visual Studio, and XCode backends
Epoxy can generate its API reference using Doxygen (currently only available on Meson builds)
The GL registry has been updated with the latest version of the API references provided by Khronos; Epoxy now supports the API introduced by OpenGL 4.5
1.4.3:
* [CritFix] Backport PTR_ARRAY_FOREACH fix
* [CritFix] Fix descriptors leak on reload
* [Feature] Add `caseless_hash` method to `lua_util`
* [Feature] Use t1ha for hashes, allow inlining
* [Feature] Use t1ha instead of metrohash and xxhash32
* [Fix] Another try to fix descriptors leak
* [Fix] Another try to fix reload and logger
* [Fix] Avoid extensive reallocs
* [Fix] Avoid race condition on saving cache and reload
* [Fix] Backport redis pool fixes from master
* [Fix] Break pool connection on fatal redis errors
* [Fix] Fix argument returned on redis backend errors
* [Fix] Fix errors handling in fuzzy backend initialization
* [Fix] Fix race condition in SIGUSR2 handler
* [Fix] Fix reload and hyperscan ready event
* [Fix] More fixes to logger initialization
* [Fix] Plug memory leak in learning fuzzy storage
1.4.2:
* [CritFix] Deal with absent headers in DKIM
* [CritFix] Do not trust remote shingles count
* [CritFix] Fix headers selection in DKIM verification
* [Feature] Add EXT_CSS rule
* [Feature] Add toggle for disabling SURBLs
* [Feature] Extend redis lock when learning spawned
* [Feature] Parse <link> HTML tags
* [Fix] Avoid reusing g_error (Fixes#1262)
* [Fix] Do not reset loaded ANN when learning is requested
* [Fix] Fix another issue with external deps in SA
* [Fix] Fix body trie matching
* [Fix] Fix checking of DKIM bodies that needs just `\n` to be added
* [Fix] Fix fuzzy hashes count
* [Fix] Fix keys names
* [Fix] Fix length calculations for url encoded urls
* [Fix] Fix matching of the same patterns from different tries
* [Fix] Fix name of var
* [Fix] Fix parsing of URLs with spaces and other bad chars
* [Fix] Fix probability calculations for fuzzy redis backend
* [Fix] Fix signing headers creation in DKIM
* [Fix] Plug memory leak
* [Fix] Really fix chained SA dependencies
* [Fix] Really increase lock lifetime
* [Fix] Use checksum to avoid intersection between different ANNs
* [Fix] Use rspamd hashes in embedded ucl
* [Fix] Yet another change for testing external deps
1.4.1:
* [Feature] ASN support in Clickhouse module
* [Feature] Add clickhouse plugin
* [Feature] Add generic tool to add universal maps for lua modules
* [Feature] Add logger.debugm to debug lua modules
* [Feature] Allow to register metrics symbols using register_symbol
* [Feature] Allow to specify prefix for fann_redis
* [Feature] Clickhouse: support different masks for IPv4/IPv6
* [Feature] Support forcing action in antivirus plugin
* [Fix] Add handling of regexp maps
* [Fix] Allow backslashes in http urls
* [Fix] Avoid mapping of empty files
* [Fix] Do not load tld file to speed up rspamadm
* [Fix] Do not resolve numeric IP addresses due to ipv6 insanity
* [Fix] Filter incorrect training data
* [Fix] Fix Fuzzyconvert tool when password or DB is given
* [Fix] Fix build with custom glib/gmime
* [Fix] Fix converting of learn count from sqlite to redis
* [Fix] Fix crashes with invalid received and task:set_from_ip
* [Fix] Fix external dependencies for SA module
* [Fix] Fix fann_redis when number of scores has been changed
* [Fix] Fix hyperscan usage for non compatible platforms
* [Fix] Fix loading of maps from UCL objects
* [Fix] Fix memory leak for task-less redis requests
* [Fix] Fix mid module with new maps syntax
* [Fix] Fix parsing of URLs with username
* [Fix] Fix re cache initialisation
* [Fix] Fix replacements to sanitize '%' character
* [Fix] Fix set and regexp like static maps
* [Fix] Fix some issues in redis settings
* [Fix] Fix static IP maps
* [Fix] Fix total learns counter for redis stats
* [Fix] Fix usage of config during reload
* [Fix] Fix various warnings and issues
* [Fix] Invalidate ANN if training data is incorrect
* [Fix] Miltiple fixes to fann_redis module
* [Fix] More fixes for URLs with backslashes
* [Fix] Properly get options for ip_score module
* [Fix] Relax requirements for Received as gmail cannot RFC
* [Fix] Remove or fix hyperscan incompatible regexps
* [Fix] Settings: correctly read redis config
* [Rework] Rework lua logger interface slightly
* [Rework] Use new maps add function
1.4.0:
* [CritFix] Add guards for inactive redis connections
* [CritFix] Another fix for proxying files using rspamd_proxy
* [CritFix] Cleanup inactive redis connections
* [CritFix] Do not sometimes try to exec posfilters before classification
* [CritFix] Fix application of IPv6 mask
* [CritFix] Fix chunked encoding when reading messages
* [CritFix] Fix file mode for rspamd_proxy
* [CritFix] Fix hyperscan compilation on regexp change
* [CritFix] Fix issue with finding of end of lines pointers
* [CritFix] Fix iteration over headers array (introduced in 1.4)
* [CritFix] Fix processing of learned tokens count for redis backend
* [CritFix] Fix race condition in checking of cached maps
* [CritFix] Fix workers scripts by sharing workers configs
* [CritFix] Introduce raw content to text parts
* [CritFix] Plug memory leak and potential memory corruption
* [Feature] Adaptive ratelimits
* [Feature] Add ASN -> rbldnsd script for asn.rspamd.com
* [Feature] Add DMARC_NA symbol
* [Feature] Add F-Prot support to antivirus module
* [Feature] Add HTTP backend to metadata exporter
* [Feature] Add Lua API module for monitored objects
* [Feature] Add R_DKIM_NA / R_SPF_NA / AUTH_NA symbols
* [Feature] Add R_DKIM_PERMFAIL symbol
* [Feature] Add R_SPF_PERMFAIL symbol
* [Feature] Add Sophos antivirus support
* [Feature] Add ZSTD compression to Lua API
* [Feature] Add `mid` Lua module
* [Feature] Add `one_param` flag for metric symbols
* [Feature] Add a generic lua classifier
* [Feature] Add a very basic interface to access workers data from on_load
* [Feature] Add ability to delete a hash by its data to fuzzy_check plugin
* [Feature] Add ability to enable/disable symbols via dynamic_conf
* [Feature] Add ability to lookup settings by key
* [Feature] Add common way to disable Lua modules
* [Feature] Add compression support to rspamd client
* [Feature] Add condition to do antiviral check
* [Feature] Add configuration for lua classifiers
* [Feature] Add configuration knobs for the errors circular buffer
* [Feature] Add decompression support in rspamd client
* [Feature] Add errors exporter to the controller
* [Feature] Add expected value for monitored DNS resources
* [Feature] Add exporter from error ringbuf to ucl
* [Feature] Add extended version for fann creation function
* [Feature] Add ffi friendly version of process_regexp function
* [Feature] Add frequency and time display to webui
* [Feature] Add fuzzy_delhash command to rspamc client
* [Feature] Add implementation of redis connections pool
* [Feature] Add latency and offline time monitoring
* [Feature] Add learning support for lua classifiers
* [Feature] Add max-size and timeout options to CGP helper
* [Feature] Add method to enable/disable symbols in config
* [Feature] Add methods to get metric's actions and symbols from Lua
* [Feature] Add mmap support to lua_text
* [Feature] Add monitored object for surbl plugin
* [Feature] Add more exceptions to surbl whitelist
* [Feature] Add more meta-tokens to bayes
* [Feature] Add neural net classifier to fann_scores module
* [Feature] Add neural net serialization/deserialization
* [Feature] Add new dynamic conf module
* [Feature] Add periodic events support for lua_config
* [Feature] Add plugin to check MX'es for the sender's domain
* [Feature] Add preliminary monitored module
* [Feature] Add preliminary support of dynamic conf updates in Redis
* [Feature] Add preliminary version of clamav plugin
* [Feature] Add redis cache to asn module
* [Feature] Add replies compression
* [Feature] Add spamhaus DROP dnsbl
* [Feature] Add support for dictionary in client compression
* [Feature] Add support for fuzzy learn and unlearn from lua
* [Feature] Add support for input encryption
* [Feature] Add support of min_learns to neural net classifier
* [Feature] Add termination callbacks for workers
* [Feature] Add user-agent for rspamc
* [Feature] Add utility to perform classifier tests
* [Feature] Add zstd compression library
* [Feature] Allow HTTPS requests in lua_http
* [Feature] Allow conditions for pre and postfilters
* [Feature] Allow custom functions for ratelimits
* [Feature] Allow for excluding messages from AV scanning based on size
* [Feature] Allow for getting worker stats from Lua
* [Feature] Allow getting task UID from Lua
* [Feature] Allow parsing of mailbox messages from the commandline
* [Feature] Allow plugins to publish their lua API via rspamd_plugins
* [Feature] Allow to compare other systems with Rspamd
* [Feature] Allow to execute Lua scripts by controller
* [Feature] Allow to have a function to set custom greylist message
* [Feature] Allow to iterate over multiple tags
* [Feature] Allow to pass extra data from plugins to log helper
* [Feature] Allow to plan new periodics at different time
* [Feature] Allow to reset hashes
* [Feature] Allow to run rspamadm lua just as a lua interpreter
* [Feature] Allow to store settings in redis
* [Feature] Allow to update dynamic conf in Redis
* [Feature] Allow to use dictionaries for compression
* [Feature] Allow to use md5, sha1, sha256, sha384 and sha512 hashes in Lua
* [Feature] Allow whitelisting by IP for greylisting plugin
* [Feature] Antivirus: Support whitelists & pattern-matching sig names
* [Feature] Backport pack/unpack routines from Lua 5.3
* [Feature] Check settings with equal priopities in alphabetical order
* [Feature] Compress neural net in redis
* [Feature] Consider more tags when doing WHITE_ON_WHITE rule
* [Feature] Descriptive options for DMARC failure symbols
* [Feature] Descriptive options for RBL symbols
* [Feature] Enable configuration for monitored objects
* [Feature] Execute on_load scripts with ev_base ready
* [Feature] Fann scores now uses metadata from a message
* [Feature] Implement FANN threaded learning
* [Feature] Implement classifying for lua classifiers
* [Feature] Implement finish scripts for worker processes
* [Feature] Implement monitoring for DNS resources
* [Feature] Implement real priorities for pre and post filters
* [Feature] Insert two symbols: FANN_HAM and FANN_SPAM instead of one
* [Feature] Module to push metadata/messages to redis pubsub
* [Feature] Monitor RBL records
* [Feature] Move fann_classifier to a separate plugin
* [Feature] Normalize all ANN inputs
* [Feature] Preliminary version of metric exporter module
* [Feature] Preserve decompression context between tasks
* [Feature] Ratelimit: Support dynamic bucket size/leak rate
* [Feature] Relax FORGED_RECIPIENTS: allow senders to BCC themselves
* [Feature] Remove symbols weights on composites processing
* [Feature] Return symbol scores when getting resulting symbols
* [Feature] Rework lua tcp module
* [Feature] Rule to detect some obvious X-PHP-Originating-Script forgeries
* [Feature] Rule to identify some X-PHP-Script forgeries
* [Feature] Rules for scoring Google Message-ID fixes
* [Feature] Send hashes values to reply
* [Feature] Set expire for dmarc reports
* [Feature] Stop using cymru zone as it is unstable
* [Feature] Stop using of GLists for headers, improve performance
* [Feature] Store `for` in task:get_received_headers
* [Feature] Store `for` part in received headers
* [Feature] Store enabled flag for webui session
* [Feature] Store error messages in ring buffer
* [Feature] Support compressed maps
* [Feature] Support excluding selected users from ratelimits
* [Feature] Support looking up NS records in lua_dns
* [Feature] Support modern style SURBL configuration
* [Feature] Support multiple hashes in delhash path
* [Feature] Support new messages in rspamc
* [Feature] Support requests without reads in lua_tcp
* [Feature] Support setting task message from Lua
* [Feature] Track visibility of HTML elements
* [Feature] Try to add CRLF when checking DKIM
* [Feature] Try to guess line endings when folding headers
* [Feature] Try to improve normalization function for bayes
* [Feature] Use FFI to optimize SA module
* [Feature] Use length based arguments for redis, allow lua_text as arg
* [Feature] Use more layers for fann and another normalization
* [Feature] User-defined ratelimits
* [Feature] Utility to convert fuzzy storage from sqlite to redis
* [Feature] Yield DMARC_DNSFAIL on lookup failure
* [Fix] Adopt fuzzy storage for flexible backends
* [Fix] Allow plain IP addresses in Rspamd maps
* [Fix] Another fix for brain-damaged hiredis
* [Fix] Another fix for rdns write errors
* [Fix] Another fix for rdns_make_request_full invocation
* [Fix] Another fix in DKIM canonicalization
* [Fix] Another memory leak plugged
* [Fix] Another try to deal with posix idiotizm
* [Fix] Another try to fix RDNS events processing logic
* [Fix] Avoid double frees in HEAD requests
* [Fix] Avoid extra symbols for RBLs
* [Fix] Banish table.maxn from Lua parts
* [Fix] Check for socket error before connection in lua_tcp
* [Fix] Correctly propagate redis timeouts to Lua
* [Fix] Do not add extra newline in MIME mode
* [Fix] Do not be cheated by system hiredis
* [Fix] Do not classify when a message has not enough tokens
* [Fix] Do not crash on redis errors
* [Fix] Do not distinguish NXDOMAIN and NOREC for monitored
* [Fix] Do not replan retransmits if merely one server is defined
* [Fix] Do not use headers to calculate messages digests
* [Fix] Don't force action in replies module for authenticated users/local networks
* [Fix] Explicitly ban default passwords in webui
* [Fix] Finally fix ambiguity between parsed and resolved spf elts
* [Fix] Fix 'decoded' value in task:get_header_full()
* [Fix] Fix DKIM calculations
* [Fix] Fix DKIM signing for messages with no newline at the end
* [Fix] Fix DNS request in monitored
* [Fix] Fix DNS write errors processing
* [Fix] Fix HTTP methods other than GET and POST
* [Fix] Fix PERMFAIL for v6/v4 ambiguities
* [Fix] Fix absurdic scores for HFILTER_URL_ONLY
* [Fix] Fix actions in rolling history
* [Fix] Fix actrie patterns
* [Fix] Fix applying of lua dynamic confg
* [Fix] Fix autolearning errors and redis cache
* [Fix] Fix bayes learn_condition
* [Fix] Fix build with the recent OpenSSL
* [Fix] Fix caching and compressed maps
* [Fix] Fix check plain text part
* [Fix] Fix crash on OpenBSD in `url_email_start`
* [Fix] Fix double free in SPF
* [Fix] Fix extraction of shingles from redis fuzzy storage
* [Fix] Fix false sharing for symbols in the cache
* [Fix] Fix float usage in util:get_time
* [Fix] Fix folding algorithm to deal with empty tokens
* [Fix] Fix format string
* [Fix] Fix format string usage in controller errors handling
* [Fix] Fix handling of '\0' in lua_tcp
* [Fix] Fix handling of HTTP HEAD methods
* [Fix] Fix hash creation
* [Fix] Fix hiredis stupidity
* [Fix] Fix implicit settings module settingsup
* [Fix] Fix interaction with lua GC to avoid craches
* [Fix] Fix ip_score module registration
* [Fix] Fix issue with empty messages and dkim
* [Fix] Fix issues with CGP helper
* [Fix] Fix issues with the recent SPF changes
* [Fix] Fix key name to load ANN correctly
* [Fix] Fix lua tcp module by saving `do_read` in callback data
* [Fix] Fix memory leak in client when using compression
* [Fix] Fix min_learns option
* [Fix] Fix on_finish scripts and async handlers
* [Fix] Fix options for SPF dnsfail symbol
* [Fix] Fix parsing includes and redirects in SPF
* [Fix] Fix parsing of lua comments with empty lines
* [Fix] Fix parsing of unquoted HTML attributes
* [Fix] Fix periodic events and redis
* [Fix] Fix processing of fuzzy learns from Lua
* [Fix] Fix processing of redirect in SPF includes
* [Fix] Fix processing of symbols when reject limit is reached
* [Fix] Fix refcounts when map is specified by IP
* [Fix] Fix rspamd{session} class in Lua API
* [Fix] Fix setting ratelimit key for 'ip' bucket
* [Fix] Fix some cases of TLD urls detector
* [Fix] Fix statconvert tool
* [Fix] Fix stats for backend-less classifiers
* [Fix] Fix training script for fann_redis
* [Fix] Fix variable in ann module
* [Fix] Fix various errors in lua dynamic conf plugin
* [Fix] Forget old ANN when max_usages is reached to avoid overtrain
* [Fix] Further canonicalization fixes
* [Fix] Further fixes for fann_redis prefixes
* [Fix] Handle failures for inactive pooled connections
* [Fix] Improve multimap info message
* [Fix] More fixes in ANN loading
* [Fix] More fixes to fann_redis
* [Fix] More issues in fann_redis
* [Fix] More spaces fix in DKIM signature
* [Fix] Multiple fixes to asn script, add IPv6 support
* [Fix] Multiple issues in fann_redis
* [Fix] No greylist rejected messages
* [Fix] One more attempt to fix lua_redis
* [Fix] One more check for readdir...
* [Fix] Params should be treated as a hash
* [Fix] Plug memory leak in regexp desctructor
* [Fix] Process headers only once
* [Fix] Properly handle nil values in ratelimit plugin
* [Fix] Really fix redis shingles check
* [Fix] Remove fann with incorrect layers count
* [Fix] Remove mentions of deleted include
* [Fix] Remove some incompatible functions
* [Fix] Settings: fix `authenticated` parameter (#886)
* [Fix] Skip MX check for authenticated users and local networks
* [Fix] Slightly fix ANN routines
* [Fix] Stop caching records with DNS failures
* [Fix] Treat all errors in redis_pool as fatal errors for a connection
* [Fix] Try avoid false-positives in HEADER_FORGED_MDN rule
* [Fix] Try to avoid race condition when using rrd
* [Fix] Try to reload redis scripts if they are missing
* [Fix] Unbreak once_received skipping for local networks
* [Fix] Unlock ANN on error
* [Fix] Use memmove for overlapping regions
* [Fix] Use real size instead of displayed for core limits
* [Fix] Use the correct macro to get the size of control
* [Fix] Various fixes for errors ringbuffer
* [Fix] Yield R_SPF_DNSFAIL if lookup of included record fails
* [Fix] mid: fix map initialization
* [Fix] mid: handle incorrect rgexps in the map
* [Rework] Add extract training data function to fann_redis
* [Rework] Add preliminary train tests
* [Rework] Add redis storage feature to fann_redis
* [Rework] Adopt fuzzy storage for abstract backend
* [Rework] Adopt plugins
* [Rework] First reiteration on fann scores
* [Rework] Implement loading/invalidating
* [Rework] Make lua_redis task agnostic
* [Rework] Make rspamd protocol messages useful
* [Rework] Massive removal of legacy code
* [Rework] More cleanup actions
* [Rework] Remove legacy code never used for classifiers
* [Rework] Remove outdated and unused lua_session module
* [Rework] Reorganize fuzzy backend structure
* [Rework] Reorganize the internal backend structure
* [Rework] Restore old fann_scores, move common parts
* [Rework] Rework and simplify rbl plugin
* [Rework] Rework parsing of DMARC records
2017-02-06 Richard Russon <rich@flatcap.org>
* Bug Fixes
- Unicode 0x202F is a non-break space too (#358) (@gahr)
- improve readability of find_subject() (@toogley)
- Import hcache-lmdb fixes from upstream (#363) (@gahr)
- Rework the "inbox-first" implementation to make code self-explanatory (#356) (@gahr)
- If possible, only redraw after gpgme has invoked pinentry (#352) (@gahr)
- Remove two use-after free in global hooks (#353) (@guiniol)
- Handle BAD as IMAP_AUTH_UNAVAIL (#351) (@gahr)
- Do not crash when closing a non-opened mailbox (origin/requests/github/343) (@gahr)
- Import hcache benchmark (@gahr)
- fix: bug introduced by mkdir changes (#350)
- change pager to allow timehook-hook to fire
* Docs
- Update documentation about modify-labels-then-hide (@bbenne10)
2017-01-28 Richard Russon <rich@flatcap.org>
* Features
- Add option for missing subject replacement
- notmuch: Allow <modify-labels> to toggle labels
- Support for aborting mailbox loading
- Do a buffy check after shell escape
- Support of relative paths sourcing and cyclic source detection
- Support of multiple config files as CLI arguments
- Extend the ~m pattern to allow relative ranges
- Implement SASL's PLAIN mechanism as a standalone authenticator
- Add support for sensitive config options
- Searching with a window over notmuch vfolders
* Contrib
- fix vim syntax file for index-color commands
- add .editorconfig
* Bug Fixes
- fix global hooks to not take a pattern
- Avoid breaking relative paths when avoiding cyclic checks on
- Fix sorting when using '/' as a namespace separator
* Docs
- Added waffle badges to readme
- Describe the new message ranges
- add documentation for -DS command line switch
- fix typos in section on config locations
- remove reference to missing keybinding
- fix docbook validation
* Build
- Start migrating to stdbool logic
- add recursive mkdir()
- reformat the source to mutt standards
- appease check_sec.sh
- Metricbeat: Fix go routine leak in docker module.
- Packetbeat: Fix error in the NFS sample dashboard.
- Winlogbeat: Fix error in the Winlogbeat sample dashboard.
D-Bus 1.10.16 (2017-02-16)
==
The “super digging powers” release.
The fixes in this release are arguably security fixes, but if they
affect you, please take this opportunity to rethink how you are
configuring dbus.
Enhancements:
• Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian
stable and Debian testing in addition to the older Ubuntu that is
the default (fd.o #98889, Simon McVittie)
Fixes:
• Prevent symlink attacks in the nonce-tcp transport on Unix that could
allow an attacker to overwrite a file named "nonce", in a directory
that the user running dbus-daemon can write, with a random value
known only to the user running dbus-daemon. This is unlikely to be
exploitable in practice, particularly since the nonce-tcp transport
is really only useful on Windows.
On Unix systems we strongly recommend using only the unix: and systemd:
transports, together with EXTERNAL authentication. These are the only
transports and authentication mechanisms enabled by default,
(fd.o #99828, Simon McVittie)
• Avoid symlink attacks in the "embedded tests", which are not enabled
by default and should never be enabled in production builds of dbus.
(fd.o #99828, Simon McVittie)
6.19 2017-02-14
- Call HTTP::Status constant functions without & (GH#110)
- Make bin scripts use LWP's version and not maintain their own (PR #54)
- Fix bug triggered in some cases of auth challenges not having a viable
protocol (PR#111)
- Remove usage of the 'vars' pragma (GH#113)
0.35 2017-02-12
- Added Specio::Subs, a module which allows you to turn one or more library's
types into subroutines like is_Int() and to_Int().
- Added an inline_coercion method to Specio constraints.
2.045 2017/02/13
- fixed memory leak caused by not destroying CREATED_IN_THIS_THREAD for SSL
objects -> github pull#55
- optimization: don't track SSL objects and CTX in *CREATED_IN_THIS_THREAD
if perl is compiled w/o thread support
- small fix in t/protocol_version.t to use older versions of Net::SSLeay
with openssl build w/o SSLv3 support
- when setting SSL_keepSocketOnError to true the socket will not be closed
on fatal error. This is a modified version of
https://github.com/noxxi/p5-io-socket-ssl/pull/53/
Summary of upstream changelog:
bug fixes
many new ATRs
ATR_analysis: propose to submit the ATR if not known
We propose to submit the ATR at http://smartcard-atr.appspot.com/ when
the ATR is not found in the list.
The message is always displayed for an unknown ATR, not just after the
list has been updated.
ATR_analysis: correctly use wget to store the ATR list
1.4.26 - 7 January 2017, Ludovic Rousseau
- Add support of
. Bit4id Digital DNA Key
. Bit4id tokenME FIPS v3
. INGENICO Leo
. appidkey GmbH ID60-USB
- Add support of
- PowerOn: the default algorithm is now 5V then 1.8V then 3V then fail.
It is still possible to change the initial voltage in the
Info.plist file. Now, in any case, all the values are tried
before failing.
- Negociate maximum baud rate when bNumDataRatesSupported = 0
- Some minor improvements
1.4.25 - 30 September 2016, Ludovic Rousseau
- Add support of
. Aladdin R.D. JaCarta (idProduct: 0x0402)
. Broadcom Corp 5880 (idProduct: 0x5832)
. Broadcom Corp 5880 (idProduct: 0x5833)
. Broadcom Corp 5880 (idProduct: 0x5834)
. ESMART Token GOST X2 ET1020-A
. Feitian VR504 VHBR Contactless & Contact Card Reader
. Feitian bR500
. Gemalto K50
. appidkey GmbH ID100-USB SC Reader
. appidkey GmbH ID50 -USB
- Remove suport of
. Broadcom Corp 5880 (idProduct: 0x5800)
. Broadcom Corp 5880 (idProduct: 0x5805)
. KEBTechnology KONA USB SmartCard
- macOS: Fix composite device enumeration
- Fix crash with GemCore Pos Pro and GemCore Sim Pro
- Some minor improvements
1.4.24 - 22 May 2016, Ludovic Rousseau
- Add support of
. Generic USB Smart Card Reader
. Giesecke & Devrient GmbH StarSign CUT S
. HID AVIATOR Generic
- better support of Elatec TWN4 SmartCard NFC
- better support of SCM SCL011
- betetr support of HID Aviator generic
- fix SCARD_ATTR_VENDOR_IFD_SERIAL_NO attribute size
- fix a race condition on card events with multiple readers
- Some minor improvements
1.4.23 - 20 April 2016, Ludovic Rousseau
- Add support of
. ACS ACR3901U ICC Reader
. Alcor Micro AU9560
. Cherry SmartTerminal XX44
. HID Global OMNIKEY 3x21 Smart Card Reader
. HID Global OMNIKEY 5022 Smart Card Reader
. HID Global OMNIKEY 6121 Smart Card Reader
. IonIDe Smartcard Reader reader
. KACST HSID Reader
. KACST HSID Reader Dual Storage
. KACST HSID Reader Single Storage
- Remove support of
. VMware Virtual USB CCID
- Do NOT add support of
. DUALi DE-ABCM6
- Fix a busy loop consuming 100% of CPU for some composite USB devices
impacted readers: Yubico Yubikey NEO U2F+CCID and Broadcom BCM5880
- Remove support of (unused) option DRIVER_OPTION_RESET_ON_CLOSE
- log libusb error name instead of decimal value
- Some minor improvements
1.4.22 - 10 January 2016, Ludovic Rousseau
- Add support of
. Aktiv Rutoken PINPad 2
. Aladdin R.D. JC-WebPass (JC600)
. Aladdin R.D. JCR-770
. Aladdin R.D. JaCarta
. Aladdin R.D. JaCarta Flash
. Aladdin R.D. JaCarta LT
. Aladdin R.D. JaCarta U2F (JC602)
. Athena ASEDrive IIIe Combo Bio PIV
. Athena ASEDrive IIIe KB Bio PIV
. GEMALTO CT1100
. GEMALTO K1100
. Hitachi, Ltd. Hitachi Biometric Reader
. Hitachi, Ltd. Hitachi Portable Biometric Reader
. Nitrokey Nitrokey Storage
. THURSBY SOFTWARE TSS-PK1
. Thursby Software Systems, Inc. TSS-PK7
. Thursby Software Systems, Inc. TSS-PK8
- Patch for Microchip SEC1110 reader on Mac OS X (card events notification)
- Patch for Cherry KC 1000 SC (problem was with a T=1 card and case 2 APDU)
- Fix support of FEATURE_MCT_READER_DIRECT for the Kobil mIDentity
visual reader
- Set timeout to 90 sec for PPDU (Pseudo APDU) commands. This change
allows the use of a Secure Verify command sent as a PPDU through
SCardTransmit().
- Fix a crash when reader reader initialization failed
- Fix initialization bug with Gemalto Pinpad reader on Mac OS X
- Some minor bugs fixed
1.4.21 - 21 October 2015, Ludovic Rousseau
- Add support of
. ACS ACR1252 Dual Reader
. Chicony HP USB Smartcard CCID Keyboard JP
. Chicony HP USB Smartcard CCID Keyboard KR
. FT ePass2003Auto
. Feitian bR301 BLE
. Feitian iR301 (ProductID 0x0619)
. Feitian iR301 (ProductID 0x061C)
. Identiv @MAXX ID-1 Smart Card Reader
. Identiv @MAXX Light2 token
. Identiv CLOUD 2980 F Smart Card Reader
. Identiv Identiv uTrust 4701 F Dual Interface Reader
. Identiv SCR3500 A Contact Reader
. Identiv SCR3500 B Contact Reader
. Identiv SCR35xx USB Smart Card Reader
. Identiv uTrust 2900 R Smart Card Reader
. Identiv uTrust 2910 R Smart Card Reader
. Identiv uTrust 2910 R Taglio SC Reader
. Identiv uTrust 3512 SAM slot Token
. Identiv uTrust 3522 embd SE RFID Token
. Identiv uTrust 3700 F CL Reader
. Identiv uTrust 3701 F CL Reader
. Identive Identive CLOUD 4000 F DTC
. Liteon HP SC Keyboard - Apollo (Liteon)
. Liteon HP SC Keyboard - Apollo JP (Liteon)
. Liteon HP SC Keyboard - Apollo KR (Liteon)
. Nitrokey Nitrokey HSM
. Nitrokey Nitrokey Pro
. Nitrokey Nitrokey Start
. Rocketek RT-SCR1
. VASCO DIGIPASS 875
. WatchCNPC USB CCID Key
- Remove support of
. Crypto Stick Crypto Stick v1.4 is an old version of Nitrokey Nitrokey Pro
. Free Software Initiative of Japan Gnuk Token is an old version
of Nitrokey Nitrokey Start
- Add Feitain R502 dual interface (composite) reader on Mac OS X
- display a human readable version of the error code returned by
libusb
- Mac OS X: wait until libusb/the reader is ready
- some minor bugs fixed
1.8.20: Ludovic Rousseau
30 December 2016
- Fix a crash and potential security issue in pcscd
1.8.19: Ludovic Rousseau
9 December 2016
- SCardGetStatusChange(): Fix a (rare) race condition
- Doxygen:
. SCardGetStatusChange() may return SCARD_E_UNKNOWN_READER
. SCardConnect() and SCardReconnect() will never return SCARD_E_NOT_READY
- pcsc-spy:
. fix display of execution time
. log the thread number in the results
- Some other minor improvements
Add -o modern switches to -h
metadump: Fix preventing dumping of class 63
Fix cache_memlimit bug for > 4G values
metadump: ensure buffer is flushed to client before finishing
Number of small fixes/additions to new logging
add logging endpoint for LRU crawler
evicted_active counter for LRU maintainer
stop pushing NULL byte into watcher stream
Scale item hash locks more with more worker threads (minor performance)
Further increase systemd service hardening
Missing necessary header for atomic_inc_64_nv() used in logger.c (solaris)
Fix print format for idle timeout thread
Improve binary sasl security fixes
Fix clang compile error
Widen systemd caps to allow maxconns to increase
Add -X option to disable cachedump/metadump
Don't double free in lru_crawler on closed clients
Fix segfault if metadump client goes away
