Age | Commit message (Collapse) | Author | Files | Lines |
|
2022.10.04
* Allow a `set` to be passed as `download_archive`
* Allow open ranges for time ranges
* Allow plugin extractors to replace the built-in ones
* Don't download entire video when no matching `--download-sections`
* Fix `--config-location -`
* Fix for when playlists don't have `webpage_url`
* Support environment variables in `--ffmpeg-location`
* Workaround `libc_ver` not be available on Windows Store version of Python
* [outtmpl] Curly braces to filter keys
* [outtmpl] Make `%s` work in strfformat for all systems
* [jsinterp] Workaround operator associativity issue
* [cookies] Let `_get_mac_keyring_password` fail gracefully
* [cookies] Parse cookies leniently
* [phantomjs] Fix bug
* [downloader/aria2c] Fix filename containing leading whitespace
* [downloader/ism] Support ec-3 codec
* [extractor] Fix `fatal=False` in `RetryManager`
* [extractor] Improve json-ld extraction
* [extractor] Make `_search_json` able to parse lists
* [extractor] Escape `%` in `representation_id` of m3u8
* [extractor/generic] Pass through referer from json-ld
* [utils] `base_url`: URL paths can contain `&`
* [utils] `js_to_json`: Improve
* [utils] `Popen.run`: Fix default return in binary mode
* [utils] `traverse_obj`: Rewrite, document and add tests
* [devscripts] `make_lazy_extractors`: Fix for Docker
* [docs] Misc Improvements
* [cleanup] Misc fixes and cleanup
* [extractor/24tv.ua] Add extractors
* [extractor/BerufeTV] Add extractor
* [extractor/booyah] Add extractor
* [extractor/bundesliga] Add extractor
* [extractor/GoPlay] Add extractor
* [extractor/iltalehti] Add extractor
* [extractor/IsraelNationalNews] Add extractor
* [extractor/mediaworksnzvod] Add extractor
* [extractor/MicrosoftEmbed] Add extractor
* [extractor/nbc] Add NBCStations extractor
* [extractor/onenewsnz] Add extractor
* [extractor/prankcast] Add extractor
* [extractor/Smotrim] Add extractor
* [extractor/tencent] Add Iflix extractor
* [extractor/unscripted] Add extractor
* [extractor/adobepass] Add MSO AlticeOne (Optimum TV)
* [extractor/youtube] **Download `post_live` videos from start**
* [extractor/youtube] Add support for Shorts audio pivot feed
* [extractor/youtube] Detect `lazy-load-for-videos` embeds
* [extractor/youtube] Do not warn on duplicate chapters
* [extractor/youtube] Fix video like count extraction
* [extractor/youtube] Support changing extraction language
* [extractor/youtube:tab] Improve continuation items extraction
* [extractor/youtube:tab] Support `reporthistory` page
* [extractor/amazonstore] Fix JSON extraction
* [extractor/amazonstore] Retry to avoid captcha page
* [extractor/animeondemand] Remove extractor
* [extractor/anvato] Fix extractor and refactor
* [extractor/artetv] Remove duplicate stream urls
* [extractor/audioboom] Support direct URLs and refactor
* [extractor/bandcamp] Extract `uploader_url`
* [extractor/bilibili] Add space.bilibili extractors
* [extractor/BilibiliSpace] Fix extractor and better error message
* [extractor/BiliIntl] Support uppercase lang in `_VALID_URL`
* [extractor/BiliIntlSeries] Fix `_VALID_URL`
* [extractor/bongacams] Update `_VALID_URL`
* [extractor/crunchyroll:beta] Improve handling of hardsubs
* [extractor/detik] Generalize extractors
* [extractor/dplay:italy] Add default authentication
* [extractor/heise] Fix extractor
* [extractor/holodex] Fix `_VALID_URL`
* [extractor/hrfensehen] Fix extractor
* [extractor/hungama] Add subtitle
* [extractor/instagram] Extract more metadata
* [extractor/JWPlatform] Fix extractor
* [extractor/malltv] Fix video_id extraction
* [extractor/MLBTV] Detect live streams
* [extractor/motorsport] Support native embeds
* [extractor/Mxplayer] Fix extractor
* [extractor/nebula] Add nebula.tv
* [extractor/nfl] Fix extractor
* [extractor/ondemandkorea] Update `jw_config` regex
* [extractor/paramountplus] Better DRM detection
* [extractor/patreon] Sort formats
* [extractor/rcs] Fix embed extraction
* [extractor/redgifs] Fix extractor
* [extractor/rutube] Fix `_EMBED_REGEX`
* [extractor/RUTV] Fix warnings for livestreams
* [extractor/soundcloud:search] More metadata in `--flat-playlist`
* [extractor/telegraaf] Use mobile GraphQL API endpoint
* [extractor/tennistv] Fix timestamp
* [extractor/tiktok] Fix TikTokIE
* [extractor/triller] Fix auth token
* [extractor/trovo] Fix extractors
* [extractor/tv2] Support new url format
* [extractor/web.archive:youtube] Fix `_YT_INITIAL_PLAYER_RESPONSE_RE`
* [extractor/wistia] Add support for channels
* [extractor/wistia] Match IDs in embed URLs
* [extractor/wordpress:playlist] Add generic embed extractor
* [extractor/yandexvideopreview] Update `_VALID_URL`
* [extractor/zee5] Fix `_VALID_URL`
* [extractor/zee5] Generate device ids
|
|
|
|
4.2.0 - 2022-09-23
* API Updates
* Add `upcoming_lines` method to the `Invoice` resource.
* Update links in documentation to be absolute.
* Add abstract methods for SearchableAPIResource
|
|
Version 0.29 (2022.08.09)
- Lots of improvements to DWARFv5 support
- Support for compressed relocation sections
- Support for supplementary object files - debug fission
- Improved support for corrupted ELF headers
- Readelf used for testing upgraded to 2.38
- Add auto-testing vs. llvm-dwarfdump
|
|
Rust 1.63 no longer ships lib/rustlib/${RUST_ARCH}/bin/gcc-ld/ld64.
|
|
This is a little quality-of-life improvement that simplifies
certain operations with 'nimble install'
Suggested by Chavdar Ivanov
|
|
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
Turned off XeTeXtracingfonts by default.
|
|
|
|
|
|
|
|
Release: 2022-10-10
Fixes
* (first contribution) fix assertion failure in type inference.
* make go-to-def work for #[doc = include_str!(path)]
* revert "add proc-macro dependency to rustc crates".
Internal Improvements
* change generic parameter order.
* prioritize restart messages in flycheck.
* bump xflags.
|
|
|
|
Patch #374 - 2022/10/10
- eliminate use of grep aliases from vttests scripts.
- amend discussion of DECSDM versus Sixel Scrolling in ctlseqs.ms (reports
by Hayaki Saito, Ben Wong).
- change default for sixelScrolling resource to better match VT330/VT340
DECSDM setting (patch by Ben Wong).
- fix some gcc and coverity warnings.
- improve memory usage for OSC 52 (report by David Leadbeater).
- fix regression in xterm-373 change adding resources xftTrackMemUsage to
xftMaxGlyphMemory, which did not first cache the server's resource-settings
(report/testcase by Gabor Hauzer, as well as Debian #1021243).
- fix regression in xterm-373 change for status-line vs alternate screen
(report by Rajeev V. Pillai).
- configure script improvements:
- modify CF_XOPEN_SOURCE to handle more special cases of Linux (reports
by Adam Sampson, Sven Joachim).
- modify checks for egrep/fgrep aliases to work around warning messages
from GNU grep 3.8
Patch #373 - 2022/09/25
- improve rendering of TrueType fonts:
- add resource xftTrackMemUsage to enable/disable a new feature of Xft
which improves performance.
- add resources xftMaxGlyphMemory and xftMaxUnrefFonts to customize
memory-usage of Xft and fontconfig.
- provide for display of colored fonts in libXft 2.3.5
- allow for an extra TrueType font to be specified using the -fa option,
as an override to the fontconfig scheme of fallback fonts (request by
Nickolas Raymond Kaczynski).
- improve caching of TrueType missing-glyph tests.
- allow no more than 255 fonts to be scanned for a fontset.
- eliminate a table-lookup in findXftGlyph
- improvements status-line feature:
- save/restore wraparound flag when updating the status-line (report
by Rajeev V. Pillai).
- avoid clearing the status-line when switching between normal and
alternate screens (report by Valtteri Vuorikoski).
- remove adjustment from update_winsize leftover from initial work
(report by Valtteri Vuorikoski).
- modify wcwidth tables to separate Unicode Cf category as formatting
control-characters, to better match the guideline for unsupported
characters (report by Tim Chase).
- add configure option --disable-exec-selection.
- use mkstemp where mkdtemp is unavailable, when initializing colored cursor.
- adapt fixes from OpenBSD xenocara:
- improve ifdef's for a few optional features.
- correct #ifdef to #if in a few uses of OPT_PRINT_ON_EXIT.
- set StartupWMClass in “.desktop” files, e.g., to help cinnamon-session
notice that xterm sets WM_CLASS and use its icon (patch by Richard de Boer).
- disable pixel computation when rgb width is greater than 8, to work with
depth 30 (patch by Denis Kaganovich).
- improve color-computation for SGR 2 faint/dim (patch by Boian Bonev).
Add resource faintIsRelative to specify if the modified computation should
be used (prompted by discussion with Matthieu Herrb).
- correct comparison-length for environment variable cleanup (patch by
Brendan O' Dea).
- correct dsl capability for dec+sl block in terminfo (report by Rajeev
V. Pillai).
- improve output formatting by vttests/utf8.pl
- repair test/demo scripts still using "vxt-" prefix, some cleanup with
shellcheck.
- enable page-number for DECXCPR response in VT330.
- amend change for combining characters in patch #371 to limit it to the
currently-defined codes (report by Thomas Wolff).
- add directory-template parameter to mktemp in shell-scripts to improve
portability to older systems (patch by Ryan Schmidt).
- mention webpage XTerm – bracketed-paste in ctlseqs.ms
- update manual-page descriptions for allowPasteControls and
disallowedPasteControls (patch #363).
- further extended list of environment variables to purge on startup
(suggested by Thomas Wolff).
- update config.guess, config.sub
|
|
|
|
Contains various fixes backported from current Firefox.
|
|
|
|
The tarball was retracted due to a regression, to quote:
We have received a report of a significant regression in the latest
3.0.6 and 1.1.1r versions. The regression is not thought to have
security consequences. While the regression is further investigated we
have taken the decision to withdraw the 3.0.6 and 1.1.1r versions and
instead recommend that users remain on the previous 3.0.5 and 1.1.1q
versions for now.
We will issue a new plan for the release of 3.0.7 and 1.1.1s soon.
From https://mta.openssl.org/pipermail/openssl-announce/2022-October/000237.html
|
|
|
|
[v0.7.4] Released on: October 12, 2022.
- Fix: Build error under MacOS and probably Windows as well.
- Fix: MSRV changed to rust v1.61.0 because a dependent package quick-xml
upgraded and refuse to build below this version.
|
|
|
|
Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]
o Added a missing header for memcmp that caused compilation failure on
some platforms
|
|
|
|
=========================
This release is focused on bug fixing.
Security
========
This release contains fixes for three minor memory safety problems.
None are believed to be exploitable, but we report most memory safety
problems as potential security vulnerabilities out of caution.
* ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing.
Reported by Qualys
* ssh-keygen(1): double free() in error path of file hashing step in
signing/verify code; GHPR333
* ssh-keysign(8): double-free in error path introduced in openssh-8.9
Potentially-incompatible changes
--------------------------------
* The portable OpenSSH project now signs commits and release tags
using git's recent SSH signature support. The list of developer
signing keys is included in the repository as .git_allowed_signers
and is cross-signed using the PGP key that is still used to sign
release artifacts:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
* ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config
are now first-match-wins to match other directives. Previously
if an environment variable was multiply specified the last set
value would have been used. bz3438
* ssh-keygen(8): ssh-keygen -A (generate all default host key types)
will no longer generate DSA keys, as these are insecure and have
not been used by default for some years.
New features
------------
* ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum
RSA key length. Keys below this length will be ignored for user
authentication and for host authentication in sshd(8).
ssh(1) will terminate a connection if the server offers an RSA key
that falls below this limit, as the SSH protocol does not include
the ability to retry a failed key exchange.
* sftp-server(8): add a "users-groups-by-id@openssh.com" extension
request that allows the client to obtain user/group names that
correspond to a set of uids/gids.
* sftp(1): use "users-groups-by-id@openssh.com" sftp-server
extension (when available) to fill in user/group names for
directory listings.
* sftp-server(8): support the "home-directory" extension request
defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps
a bit with the existing "expand-path@openssh.com", but some other
clients support it.
* ssh-keygen(1), sshd(8): allow certificate validity intervals,
sshsig verification times and authorized_keys expiry-time options
to accept dates in the UTC time zone in addition to the default
of interpreting them in the system time zone. YYYYMMDD and
YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed
with a 'Z' character.
Also allow certificate validity intervals to be specified in raw
seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
is intended for use by regress tests and other tools that call
ssh-keygen as part of a CA workflow. bz3468
* sftp(1): allow arguments to the sftp -D option, e.g. sftp -D
"/usr/libexec/sftp-server -el debug3"
* ssh-keygen(1): allow the existing -U (use agent) flag to work
with "-Y sign" operations, where it will be interpreted to require
that the private keys is hosted in an agent; bz3429
Bugfixes
--------
* ssh-keygen(1): implement the "verify-required" certificate option.
This was already documented when support for user-verified FIDO
keys was added, but the ssh-keygen(1) code was missing.
* ssh-agent(1): hook up the restrict_websafe command-line flag;
previously the flag was accepted but never actually used.
* sftp(1): improve filename tab completions: never try to complete
names to non-existent commands, and better match the completion
type (local or remote filename) against the argument position
being completed.
* ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO key
handling, especially relating to keys that request
user-verification. These should reduce the number of unnecessary
PIN prompts for keys that support intrinsic user verification.
GHPR302, GHPR329
* ssh-keygen(1): when enrolling a FIDO resident key, check if a
credential with matching application and user ID strings already
exists and, if so, prompt the user for confirmation before
overwriting the credential. GHPR329
* sshd(8): improve logging of errors when opening authorized_keys
files. bz2042
* ssh(1): avoid multiplexing operations that could cause SIGPIPE from
causing the client to exit early. bz3454
* ssh_config(5), sshd_config(5): clarify that the RekeyLimit
directive applies to both transmitted and received data. GHPR328
* ssh-keygen(1): avoid double fclose() in error path.
* sshd(8): log an error if pipe() fails while accepting a
connection. bz3447
* ssh(1), ssh-keygen(1): fix possible NULL deref when built without
FIDO support. bz3443
* ssh-keyscan(1): add missing *-sk types to ssh-keyscan manpage.
GHPR294.
* sshd(8): ensure that authentication passwords are cleared from
memory in error paths. GHPR286
* ssh(1), ssh-agent(1): avoid possibility of notifier code executing
kill(-1). GHPR286
* ssh_config(5): note that the ProxyJump directive also accepts the
same tokens as ProxyCommand. GHPR305.
* scp(1): do not not ftruncate(3) files early when in sftp mode. The
previous behaviour of unconditionally truncating the destination
file would cause "scp ~/foo localhost:foo" and the reverse
"scp localhost:foo ~/foo" to delete all the contents of their
destination. bz3431
* ssh-keygen(1): improve error message when 'ssh-keygen -Y sign' is
unable to load a private key; bz3429
* sftp(1), scp(1): when performing operations that glob(3) a remote
path, ensure that the implicit working directory used to construct
that path escapes glob(3) characters. This prevents glob characters
from being processed in places they shouldn't, e.g. "cd /tmp/a*/",
"get *.txt" should have the get operation treat the path "/tmp/a*"
literally and not attempt to expand it.
* ssh(1), sshd(8): be stricter in which characters will be accepted
in specifying a mask length; allow only 0-9. GHPR278
* ssh-keygen(1): avoid printing hash algorithm twice when dumping a
KRL
* ssh(1), sshd(8): continue running local I/O for open channels
during SSH transport rekeying. This should make ~-escapes work in
the client (e.g. to exit) if the connection happened to have
stalled during a rekey event.
* ssh(1), sshd(8): avoid potential poll() spin during rekeying
* Further hardening for sshbuf internals: disallow "reparenting" a
hierarchical sshbuf and zero the entire buffer if reallocation
fails. GHPR287
Portability
-----------
* ssh(1), ssh-keygen(1), sshd(8): automatically enable the built-in
FIDO security key support if libfido2 is found and usable, unless
--without-security-key-builtin was requested.
* ssh(1), ssh-keygen(1), sshd(8): many fixes to make the WinHello
FIDO device usable on Cygwin. The windows://hello FIDO device will
be automatically used by default on this platform unless requested
otherwise, or when probing resident FIDO credentials (an operation
not currently supported by WinHello).
* Portable OpenSSH: remove workarounds for obsolete and unsupported
versions of OpenSSL libcrypto. In particular, this release removes
fallback support for OpenSSL that lacks AES-CTR or AES-GCM.
Those AES cipher modes were added to OpenSSL prior to the minimum
version currently supported by OpenSSH, so this is not expected to
impact any currently supported configurations.
* sshd(8): fix SANDBOX_SECCOMP_FILTER_DEBUG on current Linux/glibc
* All: resync and clean up internal CSPRNG code.
* scp(1), sftp(1), sftp-server(8): avoid linking these programs with
unnecessary libraries. They are no longer linked against libz and
libcrypto. This may be of benefit to space constrained systems
using any of those components in isolation.
* sshd(8): add AUDIT_ARCH_PPC to supported seccomp sandbox
architectures.
* configure: remove special casing of crypt(). configure will no
longer search for crypt() in libcrypto, as it was removed from
there years ago. configure will now only search libc and libcrypt.
* configure: refuse to use OpenSSL 3.0.4 due to potential RCE in its
RSA implementation (CVE-2022-2274) on x86_64.
* All: request 1.1x API compatibility for OpenSSL >=3.x; GHPR#322
* ssh(1), ssh-keygen(1), sshd(8): fix a number of missing includes
required by the XMSS code on some platforms.
* sshd(8): cache timezone data in capsicum sandbox.
|
|
|
|
still fails with PLIST issues
|
|
|
|
|
|
Python 3.7.15
Security
gh-97616: Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. Issue reported by Jordan Limor. Patch by Victor Stinner.
gh-97612: Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. Issue reported and initial fix by Caleb Shortt. Patch by Victor Stinner.
Core and Builtins
gh-96848: Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit. Patch by Victor Stinner.
gh-95778: When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message. Patch by Victor Stinner.
Library
gh-97005: Update bundled libexpat to 2.4.9
Windows
gh-96577: Fixes a potential buffer overrun in msilib.
|
|
Python 3.8.15
Security
gh-97616: Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. Issue reported by Jordan Limor. Patch by Victor Stinner.
gh-97612: Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. Issue reported and initial fix by Caleb Shortt. Patch by Victor Stinner.
Core and Builtins
gh-96848: Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit. Patch by Victor Stinner.
gh-95778: When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message. Patch by Victor Stinner.
Library
gh-97005: Update bundled libexpat to 2.4.9
Windows
gh-96577: Fixes a potential buffer overrun in msilib.
|
|
Python 3.9.15
Security
gh-97616: Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. Issue reported by Jordan Limor. Patch by Victor Stinner.
gh-97612: Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. Issue reported and initial fix by Caleb Shortt. Patch by Victor Stinner.
Core and Builtins
gh-96848: Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit. Patch by Victor Stinner.
gh-95778: When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message. Patch by Victor Stinner.
Library
gh-97005: Update bundled libexpat to 2.4.9
Windows
gh-96577: Fixes a potential buffer overrun in msilib.
macOS
gh-97897: The macOS 13 SDK includes support for the mkfifoat and mknodat system calls. Using the dir_fd option with either os.mkfifo() or os.mknod() could result in a segfault if cpython is built with the macOS 13 SDK but run on an earlier version of macOS. Prevent this by adding runtime support for detection of these system calls (“weaklinking”) as is done for other newer syscalls on macOS.
|
|
|