===========================
Bugfixes:
---------
- DNSSEC: Allow import of duplicate private key into the KASP
- DNSSEC: Avoid duplicate NSEC for Wildcard No Data answer
- Fix server crash when an incomming transfer is in progress and reload is issued
- Fix socket polling when configured with many interfaces and threads
- Fix compilation against Nettle 3.2
Improvements:
-------------
- Select correct source address for UDP messages recieved on ANY address
- Extend documentation of knotc commands
Knot DNS 2.1.0 (2016-01-14)
===========================
Features:
---------
- Per-thread UDP socket binding using SO_REUSEPORT on Linux
- Support for dynamic configuration database
- DNSSEC: Support for cryptographic tokens via PKCS #11 interface
- DNSSEC: Experimental support for online signing
Improvements:
-------------
- Support for zone file name patterns
- Configurable location of zone timer database
- Non-blocking network operations and better timeout handling
- Caching of Critical configuration values for better performance
- Logging of ACL failures
- RRL: Add rate-limit-slip zero support to drop all responses
- RRL: Document behavior for different rate-limit-slip options
- kdig: Warning instead of error on TSIG validation failure
- Cleanup of support libraries interfaces (libknot, libzscanner, libdnssec)
- Remove possibly insecure server control over a network socket
- Remove implementation limit for the number of network interfaces
Bugfixes:
---------
- synth-record module: Fix application of default configuration options
- TSIG: Allow compressed TSIG name when forwarding DDNS updates
- Schedule zone bootstrap after slave zone fails to load from disk
cmark is the C reference implementation of CommonMark, a rationalized version
of Markdown syntax with a spec.
It provides a shared library (libcmark) with functions for parsing CommonMark
documents to an abstract syntax tree (AST), manipulating the AST, and rendering
the document to HTML, groff man, LaTeX, CommonMark, or an XML representation of
the AST. It also provides a command-line program (cmark) for parsing and
rendering CommonMark documents.
Originally packages in pkgsrc-wip/cmark by Kamil Rytarowski
Changelog:
Tomcat 8.0.32 (markt)
General
Add: Allow to configure multiple JUnit test class patterns with the build property test.name and document the property in BUILDING.txt. (rjung)
Fix: 58768: Log a warning if a redirect fails because of an invalid location. (markt)
Catalina
Fix: Fix class loader decision on the delegation for class loading and resource lookup and make it faster too. (rjung)
Fix: 58946: Ensure that the request parameter map remains immutable when processing via a RequestDispatcher. (markt)
Fix: 58827: Deprecate what is left of the JSR 77 implementation. (markt)
Fix: 58905: Ensure that Tomcat.silence() silences the correct logger and respects the current setting. (markt)
Coyote
Add: New configuration option ajpFlush for the AJP connectors to disable the sending of AJP flush packets. (rjung)
Cluster
Fix: Correct a regression in the session attribute filtering that prevented clustering from starting in the default configuration. (kfujino)
WebSocket
Fix: Fix a timing issue on session close that could result in an exception being thrown for an incomplete message even through the message was completed. (markt)
not released Tomcat 8.0.31 (markt)
Catalina
Fix: Correct implementation of validateClientProvidedNewSessionId so client provided session IDs may be rejected if validation is enabled. (markt)
Fix: Add path parameter handling to HttpServletRequest.getContextPath(). This is a follow-up to the fix for 57215. (markt)
Fix: 58692: Make StandardJarScanner more robust. Log a warning if a class path entry cannot be scanned rather than triggering the failure of the web application. Includes a test case written by Derek Abdine. (markt)
Fix: 58701: Reset the instanceInitialized field in StandardWrapper when unloading a Servlet so that a new instance may be correctly initialized. (markt)
Fix: 58702: Ensure an access log entry is generated if the client aborts the connection. (markt)
Fix: Fixed various issues reported by Findbugs. (violetagg)
Fix: 58735: Add support for the X-XSS-Protection header to the HttpHeaderSecurityFilter. Patch provided by Jacopo Cappellato. (markt)
Fix: 58751: Correctly handle the case where an AsyncListener dispatches to a Servlet on an asynchronous timeout and the Servlet uses sendError() to trigger an error page. Includes a test case based on code provided by Andy Wilkinson.(markt)
Fix: 58765: Change default for mapperContextRootRedirectEnabled to true since this is required for correct session management because of the default for sessionCookiePathUsesTrailingSlash. (markt)
Fix: Add the StatusManagerServlet to the list of Servlets that can only be loaded by privileged applications. (markt)
Fix: Simplify code and fix messages in org.apache.catalina.core.DefaultInstanceManager class. (kkolinko)
Code: Deprecate InstanceListener, InstanceEvent and InstanceSupport prior to removal in 9.0.x. (markt)
Fix: Ensure that the proper file encoding if specified will be used when a readme file is served by DefaultServlet. (violetagg)
Fix: Fix declaration of localPort attribute of Connector MBean: it is read-only. (kkolinko)
Fix: 58766: Make skipping non-class files during annotation scanning faster by checking the file name first. Improve debug logging. (kkolinko)
Fix: 58809: Correctly recycle cookies when mapping requests for parallel deployment. As a side-effect of this fix, the system property org.apache.tomcat.util.http.ServerCookie.PRESERVE_COOKIE_HEADER is no longer used. From this release, Tomcat will always preserve the cookie header. (markt)
Fix: 58836: Correctly merge query string parameters when processing a forwarded request where the target includes a query string that contains a parameter with no value. (markt/kkolinko)
Fix: Make sure that shared Digester is reset in an unlikely error case in HostConfig.deployWAR(). (kkolinko)
Fix: 58867: Improve checking on Host start for WAR files that have been modified while Tomcat has stopped and re-expand them if unpackWARs is true. (markt)
Fix: Fix a potential JDBC resource leak in DataSourceRealm. (schultz)
Fix: 58900: Correctly undeploy symlinked resources and prevent an infinite cycle of deploy / undeploy. (markt)
Fix: Protect initialization of ResourceLinkFactory when running with a SecurityManager. (kkolinko)
Add: Extend the feature available in the cluster session manager implementations that enables session attribute replication to be filtered bases on attribute name to all session manager implementations. Note that configuration attribute name has changed from sessionAttributeFilter to sessionAttributeNameFilter. Apply the filter on load as well as unload to ensure that configuration changes made while the web application is stopped are applied to any persisted data. (markt)
Add: Extend the session attribute filtering options to include filtering based on the implementation class of the value and optional WARN level logging if an attribute is filtered. These options are available for all of the Manager implementations that ship with Tomcat. When a SecurityManager is used filtering will be enabled by default. (markt)
Jasper
Fix: Fix handling of missing messages in org.apache.el.util.MessageFactory. (violetagg)
Cluster
Fix: In order to avoid that the heartbeat thread and the background thread to run Channel.heartbeat simultaneously, if heartbeatBackgroundEnabled of SimpleTcpCluster set to true, ensure that the heartbeat thread does not start. (kfujino)
Code: Simplify the code of JvmRouteBinderValve.ed directly at Engine element. (kfujino)
WebSocket
Fix: 57489: Ensure onClose() is called when a WebSocket connection is closed even if the sending of the close message fails. Includes test cases by Barry Coughlan. (markt)
Web Applications
Addl docs. (kfujino)
Fix: Correct some typos in the JNDI resources How-To. (markt)
Fix: Don't create sessions unnecessarily in the Manager application. (markt)
Fix: Don't create sessions unnecessarily in the Host Manager application. (markt)
referencing contexts deployed using parallel deployment. (markt)
Tribes
Fix: Fix potential NPE in AbstractReplicatedMap.breakdown(). (kfujino)
Fix: Add support for the startup notification of local members in the static cluster. (kfujino)
Fix: Ignore the unnecessary member remove operation from different domain. (kfujino)
Fix: Add support for the shutdown notification of local members in the static cluster. (kfujino)
Fix: Ensure that asynchronous session replication thread is a daemon thread. (kfujino)
Other
Update: Remove native code (Windows Service Wrapper, APR/native connector) support for Windows Itanium. (markt)
Update: Update the packaged version of the Tomcat Native Library to 1.2.4 to pick up the Windows binaries that are based on OpenSSL 1.0.2e and APR 1.5.1. (markt)
Update: Update the NSIS Installer used to build the Windows Installers to version 2.50. (markt/kkolinko)
Update: Update optional Checkstyle library to 6.14.1. (kkolinko)
Changelog:
Tomcat 7.0.68 (violetagg)
General
add Allow to configure multiple JUnit test class patterns with the build property test.name and document the property in BUILDING.txt. (rjung)
Catalina
fix Correct implementation of validateClientProvidedNewSessionId so client provided session IDs may be rejected if validation is enabled. (markt)
fix 56785: Avoid NullPointerException if directory exists on the class path that is not readable by the Tomcat user. (kkolinko)
fix 57906: Suppress WebappClassLoader log messages when running with a security manager on Java 6, caused by java.beans.Introspector.findExplicitBeanInfo() calls during evaluation of EL expressions. (kkolinko)
fix 58692: Make StandardJarScanner more robust. Log a warning if a class path entry cannot be scanned rather than triggering the failure of the web application. (markt)
fix 58701: Reset the instanceInitialized field in StandardWrapper when unloading a Servlet so that a new instance may be correctly initialized. (markt)
fix 58702: Ensure an access log entry is generated if the client aborts the connection. (markt)
fix Fixed various issues reported by Findbugs. (violetagg)
fix 58735: Add support for the X-XSS-Protection header to the HttpHeaderSecurityFilter. Patch provided by Jacopo Cappellato. (markt)
fix 58751: Correctly handle the case where an AsyncListener dispatches to a Servlet on an asynchronous timeout and the Servlet uses sendError() to trigger an error page. Includes a test case based on code provided by Andy Wilkinson.(markt)
fix 58765: Change default for mapperContextRootRedirectEnabled to true since this is required for correct session management because of the default for sessionCookiePathUsesTrailingSlash. (markt)
fix Add the StatusManagerServlet to the list of Servlets that can only be loaded by privileged applications. (markt)
fix Simplify code and fix messages in org.apache.catalina.core.DefaultInstanceManager class. (kkolinko)
fix Ensure that the proper file encoding if specified will be used when a readme file is served by DefaultServlet. (violetagg)
fix Fix declaration of localPort attribute of Connector MBean: it is read-only. (kkolinko)
fix 58766: Make skipping non-class files during annotation scanning faster by checking the file name first. Improve debug logging. (kkolinko)
fix 58768: Log a warning if a redirect fails because of an invalid location. (markt)
fix 58836: Correctly merge query string parameters when processing a forwarded request where the target includes a query string that contains a parameter with no value. (markt/kkolinko)
fix Make sure that shared Digester is reset in an unlikely error case in HostConfig.deployWAR(). (kkolinko)
fix Fix a potential JDBC resource leak in DataSourceRealm. (schultz)
fix 58900: Correctly undeploy symlinked resources and prevent an infinite cycle of deploy / undeploy. (markt)
fix Protect initialization of ResourceLinkFactory when running with a SecurityManager. (kkolinko)
add Extend the feature available in the cluster session manager implementations that enables session attribute replication to be filtered bases on attribute name to all session manager implementations. Note that configuration attribute name has changed from sessionAttributeFilter to sessionAttributeNameFilter. Apply the filter on load as well as unload to ensure that configuration changes made while the web application is stopped are applied to any persisted data. (markt)
add Extend the session attribute filtering options to include filtering based on the implementation class of the value and optional WARN level logging if an attribute is filtered. These options are available for all of the Manager implementations that ship with Tomcat. When a SecurityManager is used filtering will be enabled by default. (markt)
fix 58905: Ensure that Tomcat.silence() silences the correct logger and respects the current setting. (markt)
fix 58946: Ensure that the request parameter map remains immutable when processing via a RequestDispatcher. (markt)
Coyote
add New configuration option ajpFlush for the AJP connectors to disable the sending of AJP flush packets. (rjung)
Jasper
fix Fix handling of missing messages in org.apache.el.util.MessageFactory. (violetagg)
Cluster
fix In order to avoid that the heartbeat thread and the background thread to run Channel.heartbeat simultaneously, if heartbeatBackgroundEnabled of SimpleTcpCluster set to true, ensure that the heartbeat thread does not start. (kfujino)
WebSocket
fix 57489: Ensure onClose() is called when a WebSocket connection is closed even if the sending of the close message fails. Includes test cases by Barry Coughlan. (markt)
fix Fix a timing issue on session close that could result in an exception being thrown for an incomplete message even through the message was completed. (markt)
Web Applications
fix Correct some typos in the JNDI resources How-To. (markt)
fix Don't create sessions unnecessarily in the Manager application. (markt)
fix Don't create sessions unnecessarily in the Host Manager application. (markt)
fix 58723: Clarify documentation and error messages for the text interface of the manager to make clear that version must be used with path when referencing contexts deployed using parallel deployment. (markt)
fix Correct an error in the documentation of the extory will always be deleted and recreated by expanding the WAR if unpackWARs is true. (markt)
fix 58935: Remove incorrect references in the documentation to using jar:file: URLs with the Manager application. (markt)
Tribes
fix Add sun the static cluster. (kfujino)
fix Ignore the unnecessary member remove operation from different domain. (kfujino)
fix Add support for the shutdown notification of local members in the static cluster. (kfujino)
fix Ensure that asynchronous session replication thread is a daemon thread. (kfujino)
Other
update Update the NSIS Installer used to build the Windows Installers to version 2.50. (markt/kkolinko)
Changelog:
Tomcat 6.0.45 (jfclere)
Catalina
fix Back-port various improvements to the AprLifecycleListener including the fix for 57021 that improves logging when the Tomcat-Native DLL fails to load. (markt)
add 57154: Add support for web applications (Context elements) that do not have a docBase. This is intended for use when embedding, such as Tomcat unit tests, when a web application is configured programmatically and does not serve any files. Based on a patch provided by Huxing Zhang. (kkolinko)
add 57741: Enable the CGI servlet to use the standard error page mechanism. Note that if the CGI servlet's debug init parameter is set to 10 or higher then the standard error page mechanism will be bypassed and a debug response generated by the CGI servlet will be returned instead. (markt)
fix 57896: Support defensive copying of "cookie" header so that unescaping double quotes in a cookie value does not corrupt original value of "cookie" header. This is an opt-in feature, enabled by org.apache.tomcat.util.http.ServerCookie.PRESERVE_COOKIE_HEADER or org.apache.catalina.STRICT_SERVLET_COMPLIANCE system property. (kkolinko)
fix 58031: Make the (first) reason parameter parsing failed available as a request attribute and then use it to provide a better status code via the FailedRequstFilter (if configured). (markt)
fix 58313: Fix concurrent access of encoders map when clearing encoders during Comet processing. (markt)
fix 58508: Escape role names when generating associated MBeans in case the role name contains characters not permitted in an MBean name. (markt)
fix 58582: Combined realm should perform background processing on its sub-realms. Based upon a patch provided by Aidan. (kkolinko)
add Move the functionality that provides redirects for context roots and directories where a trailing / is added from the Mapper to the DefaultServlet. This enables such requests to be processed by any configured Valves and Filters before the redirect is made. This behaviour is configurable via the mapperContextRootRedirectEnabled and mapperDirectoryRedirectEnabled attributes of the Context which may be used to restore the previous behaviour. (markt)
fix 58635: Enable break points to be set within agent code when running Tomcat with a Java agent. Based on a patch by Huxing Zhang. (markt)
fix Add the StatusManagerServlet to the list of Servlets that can only be loaded by privileged applications. (markt)
fix Remove redundant copy of catalina.properties from o.a.c.startup. Generate this copy during the ant "compile" task. (kkolinko)
fix 58817: Fix ArrayIndexOutOfBoundsException caused by MapperListener when ROOT context is being undeployed and mapperContextRootRedirectEnabled="false". (kkolinko)
fix 58836: Correctly merge query string parameters when processing a forwarded request where the target includes a query string that contains a parameter with no value. (markt/kkolinko)
add Allow singleton server instance stored by ServerFactory to be cleared. Allow ResourceLinkFactory to be initialized more than once. This is used by unit tests when running several copies of Tomcat sequentially in the same JVM. When running with a SecurityManager the initialization method of ResourceLinkFactory is protected by requiring a RuntimePermission. (kkolinko)
add Extend the feature available in the cluster session manager implementations that enables session attribute replication to be filtered bases on attribute name to all session manager implementations. Note that configuration attribute name has changed from sessionAttributeFilter to sessionAttributeNameFilter. Apply the filter on load as well as unload to ensure that configuration changes made while the web application is stopped are applied to any persisted data. (markt)
add Extend the session attribute filtering options to include filtering based on the implementation class of the value and optional WARN level logging if an attribute is filtered. These options are available for all of the Manager implementations that ship with Tomcat. When a SecurityManager is used filtering will be enabled by default. (markt)
fix 58946: Ensure that the request parameter map remains immutable when processing via a RequestDispatcher. (markt)
Coyote
add Align the Java side of the tc-native connector with the Tomcat 7 implementation to ease future maintenance. (markt)
fix 51503: Add additional validation that prevents a connector from starting if it does not have a valid port number. (kkolinko)
add 52028: Add support for automatic binding to a free port by a connector if the special value of zero is used for the port. This is mainly useful in embedded and testing scenarios. (kkolinko)
fix 52926: Avoid NPE when an NIO Comet connection times out on one thread at the same time as it is closed on another thread. (markt/kkolinko)
fix 57943: Prevent the same socket being added to the cache twice. Patch based on analysis by Ian Luo / Sun Qi. (markt/kkolinko)
fix Improve HTTP header validation. (markt)
Web applications
fix 57971: Correct the documentation for the cluster configuration setting recoverySleepTime. (markt)
fix 58112: Update the documentation for using the Catalina tasks in an Apache Ant build file. (markt)
fix Improve the Javadoc for some of the APR socket read functions that have inconsistent behaviour for return values. (markt)
add 58255: Document the Semaphore valve. Patch provided by Kyohei Nakamu. (markt)
fix 58631: Correct the continuation character use in the Windows Service How-To page of the documenation web application. (markt)
fix Correct some typos in the JNDI resources How-To. (markt)
fix Add a redirect to the web interface to the root of the Manager web application. (markt)
fix Don't create sessions unnecessarily in the Manager application. (markt)
fix Add a redirect to the web interface to the root of the Host Manager web application. (markt)
fix Don't create sessions unnecessarily in the Host Manager application. (markt)
Other
fix Ensure JULI adapters JAR in Tomcat extras package does not include the LogFactoryImpl[$*] classes. Based on patch provided by Benjamin Gandon. (kkolinko)
code Convert test classes to JUnit 4. (kkolinko)
update 58596: Clarify the description in RUNNING.txt of how environment variables are used. (markt)
update Update the NSIS Installer used to build the Windows Installers to version 2.50. (markt/kkolinko)
add Add framework for client-server unit tests, porting it from Tomcat 7. Add support for running the tests with Apache Ant. (kkolinko)
update Update to Tomcat Native Library version 1.1.34. (jfclere)
update Remove support for Intel Itanium CPU (i64, IA-64) in the Windows installer, as the current release of Tomcat Native does not have binaries for that processor architecture. (jfclere)
Changelog:
Fixed Various security fixes.
Fixed Filters ran on a different folder than selected
Fixed For Windows systems on roaming profiles, could not display messages after Thunderbird update (related to Lightning updates)
Fixed in Thunderbird 38.6
2016-14 Vulnerabilities in Graphite 2
2016-03 Buffer overflow in WebGL after out of memory allocation
2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
2015-150 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
This release adds new library APIs to send and receive non-critical HTTP/2 extension frames. It also adds new features to nghttpx and nghttpd, and polishes many rough edges.
* InnoDB: A new InnoDB configuration option, innodb_tmpdir, allows you to configure a separate temporary file directory for online ALTER TABLE operations. This option was introduced to help avoid tmpdir overflows that could occur as a result of large temporary files created during online ALTER TABLE operations. innodb_tmpdir is a SESSION variable and can be configured dynamically using a SET statement.
* yaSSL was upgraded to version 2.3.9. This upgrade corrects an issue in which yaSSL handled only cases of zero or one leading zeros for the key agreement instead of potentially any number, which in rare cases could cause connections to fail when using DHE cipher suites.
* The Valgrind function signature in mysql-test/valgrind.supp was upgraded for Valgrind 3.11.
* Bugs Fixed
elfcat dumps requested parts (sections and segments) of an ELF file
(executable, shared object, .o file) to stdout.
Dumping sections can be achieved with "objcopy --dump-section" but this
tools relies on BFD which abstracts all executable files and is not able
to see some ELF sections. Morever it cannot handle program header table
entries.
Originally packaged as wip/elfacat by Kamil Rytarowski
Sayaka is a light-weight terminal specific twitter client which
supports userstream and sixel graphics etc.
There are two variants (PHP based version and and Vala based version)
in the sayaka distribution and this package uses the newer Vala based one.
* yaSSL was upgraded to version 2.3.9. This upgrade corrects an issue in which yaSSL handled only cases of zero or one leading zeros for the key agreement instead of potentially any number, which in rare cases could cause connections to fail when using DHE cipher suites.
* The Valgrind function signature in mysql-test/valgrind.supp was upgraded for Valgrind 3.11.
* Bugs Fixed
Upstream changes:
6.50 2016-02-27
- Added throw method to Mojo::Exception.
6.49 2016-02-26
- Removed throw method from Mojo::Exception.
- Added inspect method to Mojo::Exception.
- Improved check_box and radio_button helpers with support for "on" default
values.
- Improved val method in Mojo::DOM with support for "on" default values.
- Fixed url_for bug where routes with custom names would not match in the same
order as routes with automatically generated names.
- Fixed bug in Mojo::Template where not all exceptions were verbose.
- Fixed Windows bug in "util.t".
6.48 2016-02-24
- Added files function to Mojo::Util.
- Updated jQuery to version 2.2.1.
- Improved url_for performance significantly.
- Fixed bug where the results of the list_files method in Mojo::Home would
include directories.
- Fixed a few small CGI bugs.
Upstream changes:
1.64 2016-02-21
- Changed how a string that contains separate epoch and nanosecond fields is
turned into a DateTime object in order to deal with changes coming in the
next DateTime release.
1.63 2016-01-13
[BUG FIXES]
- The behaviour of silently ignoring text after the matching part was
lost in the rewrite. This has been restored. Patch by Dagfinn Ilmari
Manns疇ker. RT #111155.
1.62 2015-12-19
[BUG FIXES]
- When on_error was set to something that did not die (including the default
error handling), calling ->parse_datetime with some bad inputs could cause
the module to error out internally by trying to call methods on an undefined
value instead of returning undef. Reported by Mike Dorman. RT #110247.
Upstream changes:
0.07045 2016-01-22
- Regenerate tarball without author-mode test dependencies
0.07044 2016-01-22
- Fix Pg date/time types with zero fractional second digits
- Add support for nested hashref form of col_accessor_map
Upstream changes:
0.082821 2016-02-11 17:58 (UTC)
* Fixes
- Fix t/52leaks.t failures on compilerless systems (RT#104429)
- Fix t/storage/quote_names.t failures on systems with specified Oracle
test credentials while missing the optional Math::Base36
- Fix test failures when DBICTEST_SYBASE_DSN is set (unnoticed change
in error message wording during 0.082800 and a bogus test)
- Remove largely obsolete test of SQLite view deployment (RT#111916)
* Misc
- Work around rare test deadlock under heavy parallelism (RT#108390)
