| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
0.3.2
* GHC 9.2.2 support
* Drop export executable
0.3.1
* GHC 9.0.1 and 9.2.1 support
* Add HasCallStack to unsafe* functions.
* Banish String on readMaybe and readEither.
|
|
|
|
This minor release includes 2 security fixes following the security policy:
net/http: handle server errors after sending GOAWAY
A closing HTTP/2 server connection could hang forever waiting for a clean
shutdown that was preempted by a subsequent fatal error. This failure mode
could be exploited to cause a denial of service.
Thanks to Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher,
and Kaan Onarlioglu for reporting this.
This is CVE-2022-27664 and Go issue https://go.dev/issue/54658.
net/url: JoinPath does not strip relative path components in all circumstances
JoinPath and URL.JoinPath would not remove ../ path components appended to a
relative path. For example, JoinPath("https://go.dev", "../go") returned the
URL https://go.dev/../go, despite the JoinPath documentation stating that ../
path elements are cleaned from the result.
Thanks to q0jt for reporting this issue.
This is CVE-2022-32190 and Go issue https://go.dev/issue/54385.
|
|
|
|
|
|
Containers with merging via monoidal accumulation. The Monoid instances
provided by the "containers" and "unordered-containers" packages merge
structures in a left-biased manner instead of using the underlying monoidal
structure of the value.
This package wraps the types provided by these packages, but provides
Monoid instances implemented in terms of the value type's mappend. For
instance, the Monoid Map instance looks like,
instance (Ord k, Semigroup a) => Monoid (MonoidalMap k a)
|
|
|
|
|
|
Per Conor McBride, the "Newtype" typeclass represents the packing and
unpacking of a newtype, and allows you to operate under that newtype with
functions such as "ala".
|
|
|
|
Release notes are too long to paste here:
* 0.15.4: https://github.com/purescript/purescript/releases/tag/v0.15.4
* 0.15.3: https://github.com/purescript/purescript/releases/tag/v0.15.3
* 0.15.2: https://github.com/purescript/purescript/releases/tag/v0.15.2
* 0.15.0: https://github.com/purescript/purescript/releases/tag/v0.15.0
* 0.14.9: https://github.com/purescript/purescript/releases/tag/v0.14.9
* 0.14.8: https://github.com/purescript/purescript/releases/tag/v0.14.8
* 0.14.7: https://github.com/purescript/purescript/releases/tag/v0.14.7
|
|
|
|
0.2.10.0
* Add mkPipeStreamSpec
0.2.9.0
* Re-export StdStream
|
|
|
|
|
|
* drop support for ghc < 8.8
* compat with ghc 9.4
|
|
|
|
* Fix some C symbol blake2b prefix to be cryptonite_ prefix (fix mixing
with other C library)
* add hmac-lazy
* Fix compilation with GHC 9.2
* Drop support for GHC8.0, GHC8.2, GHC8.4, GHC8.6
|
|
|
|
Change log:
0.6.4
======
- settings: Improve app icon and name matching
- settings: Sort known apps by notification count
- settings: Show 'Unspecified app' instead of empty line
- daemon: Improve application icon matching
- Correctly reset position during slideout (Fixes #42)
- panel-plugin: Remove duplicate function call (Fixes #40)
- panel-plugin: Fix file monitor (Fixes #40)
- Properly free the GKeyFile
- tests: Add logging test
- Fix compiler warnings
- Fix tooltip grammar
- build: Fix intltool lock file problem during make distcheck
- Update gitignore
- Update COPYING (#61)
- Translation Updates:
Albanian, Basque, Belarusian, Bulgarian, Catalan, Chinese (China),
Chinese (Taiwan), Czech, Danish, Dutch, Eastern Armenian, Estonian,
French, Galician, German, Greek, Hebrew, Indonesian, Italian,
Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål,
Polish, Portuguese, Portuguese (Brazil), Russian, Serbian, Slovak,
Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian
|
|
|
|
changes unknown
|
|
changes unknown
|
|
0.908
Fixed obscure reference bug, sometimes seen in citations.
0.907
Fix for SVG images with Windows.
0.906
Improvements for screen readers.
|
|
Version 0.10 has a fix for path searching on Windows
|
|
The source code of the KOMA-Script user manuals has been reorganized.
The old 8+3 names of the manuals have been replaced by more canonical names
`scrguide-de.pdf` (German manual) and `scrguide-en.pdf` (English manual).
`README` has been replaced by `README.md`, `manifest.txt` bei `MANIFEST.md`.
The HTML wrapper files have been replaced by individual files for each class
and package linking to the corresponding chapter of the KOMA-Script user
manuals.
Additionally the issues 21, 23, 24, 25, 28, 29, 30, 31, 32, 33
have been fixed.
|
|
Maintenance release with documentation improvements and addition of
\etocimmediatedepthtag.toc as well as some other "immediate" variants of
macros writing to the .toc file. Refer to README.md for details.
The German language documentation was without updates since April 2015 and
had become obsolete in various ways. It is not distributed anymore.
|
|
|
|
This is a huge jump over several releases and it's impossible to list changes.
Please visit https://www.nushell.sh/blog/ for the details of every release.
Be aware that there are lots of changes across all aspects of Nushell.
- There's a new engine, new line editor, and new commands.
- Configuration files will not work and have to be re-written.
- Previous scripts will need to be updated, and you'll need to learn some of
the new ways of doing things in Nushell to get back to the same level of
comfort.
- Several shell improvements and behavior changes.
- There's also a new plugin architecture and quite a number of breaking
changes after fixing design flaws, cleaned-up the design, and rethought how
commands should work.
- New additional startup file (env.nu) which, sets up the environment that
you'll run Nushell in. As a result, you're able to set up important
environment variables like $env.NU_LIB_DIRS before 'config.nu' begins to run.
- Deeper integration with SQLite, new completion logic, introduction of
overlays, hooks, lazy dataframes, input overloading, input/output type,
new variable naming convention ...
So, please do read about the changes before.
|
|
|
|
|
|
Bump PKGREVISION.
Fix a pkglint warning while here.
|
|
|
|
* Dropped support for GHC < 7.8.
* Tested with GHC 7.8 - 9.2.
* TODO: new module System.Clock.Seconds
* TODO: new functions
* TODO: other changes
|
|
|
|
|
|
Match python310 version.
|
|
Python 3.10.7 final
Security
gh-95778: Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This is a mitigation for CVE-2020-10735.
This new limit can be configured or disabled by environment variable, command line flag, or sys APIs. See the integer string conversion length limitation documentation. The default limit is 4300 digits in string form.
Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson.
Core and Builtins
gh-96187: Fixed a bug that caused _PyCode_GetExtra to return garbage for negative indexes. Patch by Pablo Galindo
gh-95876: Fix format string in _PyPegen_raise_error_known_location that can lead to memory corruption on some 64bit systems. The function was building a tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t arguments.
gh-95605: Fix misleading contents of error message when converting an all-whitespace string to float.
gh-93592: coroutine.throw() now properly initializes the frame.f_back when resuming a stack of coroutines. This allows e.g. traceback.print_stack() to work correctly when an exception (such as CancelledError) is thrown into a coroutine.
gh-94996: ast.parse() will no longer parse function definitions with positional-only params when passed feature_version less than (3, 8). Patch by Shantanu Jain.
Library
gh-68163: Correct conversion of numbers.Rational’s to float.
gh-96159: Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed.
gh-96175: Fix unused localName parameter in the Attr class in xml.dom.minidom.
gh-95609: Update bundled pip to 22.2.2.
gh-95231: Fail gracefully if EPERM or ENOSYS is raised when loading crypt methods. This may happen when trying to load MD5 on a Linux kernel with FIPS enabled.
Documentation
gh-96098: Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules.
gh-95789: Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org
gh-91207: Fix stylesheet not working in Windows CHM htmlhelp docs. Contributed by C.A.M. Gerlach.
bpo-47115: The documentation now lists which members of C structs are part of the Limited API/Stable ABI.
Tests
gh-95243: Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. Patch by Ross Burton.
Build
gh-94682: Build and test with OpenSSL 1.1.1q
IDLE
gh-65802: Document handling of extensions in Save As dialogs.
gh-95191: Include prompts when saving Shell (interactive input and output).
|
|
IPython 8.5.0
-------------
First release since a couple of month due to various reasons and timing preventing
me for sticking to the usual monthly release the last Friday of each month. This
is of non negligible size as it has more than two dozen PRs with various fixes
an bug fixes.
|
|
|
|
This minor release includes 2 security fixes following the security policy:
net/http: handle server errors after sending GOAWAY
A closing HTTP/2 server connection could hang forever waiting for a clean
shutdown that was preempted by a subsequent fatal error. This failure mode
could be exploited to cause a denial of service.
Thanks to Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher,
and Kaan Onarlioglu for reporting this.
This is CVE-2022-27664 and Go issue https://go.dev/issue/54658.
net/url: JoinPath does not strip relative path components in all circumstances
JoinPath and URL.JoinPath would not remove ../ path components appended to a
relative path. For example, JoinPath("https://go.dev", "../go") returned the
URL https://go.dev/../go, despite the JoinPath documentation stating that ../
path elements are cleaned from the result.
Thanks to q0jt for reporting this issue.
This is CVE-2022-32190 and Go issue https://go.dev/issue/54385.
|
|
What's New in astroid 2.12.8?
=============================
* Fixed a crash in the ``dataclass`` brain for ``InitVars`` without subscript typing.
* Fixed parsing of default values in ``dataclass`` attributes.
What's New in astroid 2.12.7?
=============================
* Fixed a crash in the ``dataclass`` brain for uninferable bases.
|
|
|
|
No release notes have been provided by the upstream.
|
|
devel/lemon
|
|
Changes in version 3.39.3 (2022-09-05):
Use a statement journal on DML statement affecting two or more database rows if the statement makes use of a SQL functions that might abort. See forum thread 9b9e4716c0d7bbd1.
Use a mutex to protect the PRAGMA temp_store_directory and PRAGMA data_store_directory statements, even though they are deprecated and documented as not being threadsafe. See forum post 719a11e1314d1c70.
Other bug and warning fixes. See the timeline for details.
|
|
|
|
Nmap 7.93 [2022-09-01]
o This release commemorates Nmap's 25th anniversary! It all started with this
September 1, 1997 Phrack article by Fyodor: https://nmap.org/p51-11.html.
o [Windows] Upgraded Npcap (our Windows raw packet capturing and
transmission driver) from version 1.50 to the latest version 1.71. It
includes dozens of performance improvements, bug fixes and feature
enhancements described at https://npcap.com/changelog.
o Ensure Nmap builds with OpenSSL 3.0 using no deprecated API functions.
Binaries for this release include OpenSSL 3.0.5.
o Upgrade included libraries: libssh2 1.10.0, zlib 1.2.12, Lua 5.3.6, libpcap 1.10.1
o Fix a bug that prevented Nmap from discovering interfaces on Linux
when no IPv4 addresses were configured. [Daniel Miller, nnposter]
o [NSE] NSE "exception handling" with nmap.new_try() will no longer
result in a stack traceback in debug output nor a "ERROR: script execution
failed" message in script output, since the intended behavior has always been
to end the script immediately without output. [Daniel Miller]
o Update the Nmap output DTD to match actual output since the
`<hosthint>` element was added in Nmap 7.90.
o [NSE] Fix newtargets support: since Nmap 7.92, scripts could not add
targets in script pre-scanning phase. [Daniel Miller]
o Scripts dhcp-discover and broadcast-dhcp-discover now support
setting a client identifier. [nnposter]
o Script oracle-tns-version was not reporting the version
correctly for Oracle 19c or newer [linholmes]
o Script redis-info was crashing or producing inaccurate
information about client connections and/or cluster nodes. [nnposter]
o Nmap and Nping were unable to obtain system routes on FreeBSD
[benpratt, nnposter]
o Script ipidseq was broken due to calling an unreachable library
function. [nnposter]
o Support for EC crypto was not properly enabled if Nmap
was compiled with OpenSSL in a custom location. [nnposter]
o [NSE] Improvements to event handling and pcap socket garbage collection,
fixing potential hangs and crashes. [Daniel Miller]
o We ceased creating the Nmap win32 binary zipfile. It was useful back when
you could just unzip it and run Nmap from there, but that hasn't worked well
for many years. The win32 self-installer handles Npcap installation and many
other dependencies and complexities. Anyone who needs the binaries for some
reason can still install Nmap on any system and retrieve them from there.
For now we're keeping the Win32 zipfile in the Nmap OEM Edition
(https://nmap.org/oem) for companies building Nmap into their own
products. But even in that case we believe that running the Nmap OEM
self-installer in silent mode is a better approach.
o Fix TDS7 password encoding for mssql.lua, which had been assuming
ASCII input even though other parts of the library had been passing it Unicode.
o Replace deprecated CPEs for IIS with their updated identifier,
cpe:/a:microsoft:internet_information_services [Esa Jokinen]
o [NSE] Fix script-terminating error when unknown BSON data types are
encountered. Added parsers for most standard data types. [Daniel Miller]
o [Ncat] Fix hostname/certificate comparison and matching to handle ASN.1
strings without null terminators, a similar bug to OpenSSL's CVE-2021-3712.
o [Ncat] Added support for SOCKS5 proxies that return bind addresses
as hostnames, instead of IPv4/IPv6 addresses. [pomu0325]
|
