| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Upstream changes (from HISTORY):
=== 0.5.4 2017-12-08
* Fixes UnknownRequestType on Rails 5.1 for ActionDispatch::Request (xprazak2)
* Various cleanups (charliesome)
|
|
|
|
No upstream changelog, but seems to include security fixes CVE-2017-16516
and others:
https://github.com/brianmario/yajl-ruby/issues/176
https://github.com/brianmario/yajl-ruby/pull/178
|
|
|
|
2.1.16
- Fix python 3 syntax error when running tests.
- [nsone] support linked records-
2.1.15
- Added Linode provider.
|
|
|
|
Read/write after SSL object in error state (CVE-2017-3737)
==========================================================
Severity: Moderate
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
mechanism. The intent was that if a fatal error occurred during a handshake then
OpenSSL would move into the error state and would immediately fail if you
attempted to continue the handshake. This works as designed for the explicit
handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()),
however due to a bug it does not work correctly if SSL_read() or SSL_write() is
called directly. In that scenario, if the handshake fails then a fatal error
will be returned in the initial function call. If SSL_read()/SSL_write() is
subsequently called by the application for the same SSL object then it will
succeed and the data is passed without being decrypted/encrypted directly from
the SSL/TLS record layer.
In order to exploit this issue an application bug would have to be present that
resulted in a call to SSL_read()/SSL_write() being issued after having already
received a fatal error.
rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
=========================================================
Severity: Low
There is an overflow bug in the AVX2 Montgomery multiplication procedure
used in exponentiation with 1024-bit moduli. No EC algorithms are affected.
Analysis suggests that attacks against RSA and DSA as a result of this defect
would be very difficult to perform and are not believed likely. Attacks
against DH1024 are considered just feasible, because most of the work
necessary to deduce information about a private key may be performed offline.
The amount of resources required for such an attack would be significant.
However, for an attack on TLS to be meaningful, the server would have to share
the DH1024 private key among multiple clients, which is no longer an option
since CVE-2016-0701.
This only affects processors that support the AVX2 but not ADX extensions
like Intel Haswell (4th generation).
|
|
|
|
"Not yet documented, sorry" in upstream CHANGELOG.md.
|
|
|
|
|
|
- buffer: buffer allocated with an invalid content will now be zero
filled (CVE-2017-15897)
- deps: openssl updated to 1.0.2n
|
|
|
|
- buffer: buffer allocated with an invalid content will now be zero
filled (CVE-2017-15897)
- deps: openssl updated to 1.0.2n
|
|
- deps: openssl updated to 1.0.2n
|
|
|
|
- deps: openssl updated to 1.0.2n
|
|
|
|
pkgsrc changes:
- sort DEPENDS
Upstream changes (from CHANGES.md):
## 3.0.0 (2017-10-01)
* Drop support of Ruby `2.0` and Ruby `2.1`.
([@ixti])
* [#410](https://github.com/httprb/http/pull/410)
Infer `Host` header upon redirects.
([@janko-m])
* [#409](https://github.com/httprb/http/pull/409)
Enables request body streaming on any IO object.
([@janko-m])
* [#413](https://github.com/httprb/http/issues/413),
[#414](https://github.com/httprb/http/pull/414)
Fix encoding of body chunks.
([@janko-m])
* [#368](https://github.com/httprb/http/pull/368),
[#357](https://github.com/httprb/http/issues/357)
Fix timeout issue.
([@HoneyryderChuck])
|
|
|
|
This version is required by newer ruby-http gem 3.0.0.
Upstream changes: (from CHANGES.md)
## 2.0.0 (2017-10-01)
* [#17](https://github.com/httprb/form_data/pull/17)
Add CRLF character to end of multipart body.
[@mhickman][]
## 2.0.0.pre2 (2017-05-11)
* [#14](https://github.com/httprb/form_data/pull/14)
Enable streaming for urlencoded form data.
[@janko-m][]
## 2.0.0.pre1 (2017-05-10)
* [#12](https://github.com/httprb/form_data.rb/pull/12)
Enable form data streaming.
[@janko-m][]
|
|
|
|
No quotable changelog in the annoucement:
http://cldr.unicode.org/index/downloads/cldr-32
|
|
|
|
Default changes
- Change default queue.buffering.max.kbytes and
queued.max.message.kbytes to 1GB
- win32: Use sasl.kerberos.service.name for broker principal, not
sasl.kerberos.principal
Enhancements
- Default producer message offsets to OFFSET_INVALID rather than 0
- new nuget package layout + debian9 librdkafka build
- Allow for calling rd_kafka_queue_io_event_enable() from the C++
world
- rdkafka_performance: allow testing latency with different size
messages
Fixes
- Improved stability on termination
- offsets_for_times() return ERR__TIMED_OUT if brokers did not respond
in time
- Let list_groups() return ERR__PARTIAL with a partial group list
- Properly handle infinite
- Fix offsets_store() return value when at least one valid partition
- portability: rdendian: add le64toh() alias for older glibc
- Add MIPS build and fix CRC32 to work on big endian CPUs
- osx: fix endian checking for software crc32c
- Fix comparison in rd_list_remove_cmp
- stop calling cnd_timedwait() with a timeout of 0h
- Fix DNS cache logic broker.address.ttl
- Fix broker thread "hang" in CONNECT state
- Reset rkb_blocking_max_ms on broker DOWN to avoid busy-loop during
CONNECT
- Fix memory leak when producev() fails
- Raise cmake minimum version to 3.2
- Do not assume LZ4 worst
- Fix ALL_BROKERS_DOWN re-generation
- rdkafka-performance: busy wait to wait short periods of time
|
|
|
|
- This release fixes yet more errors present in the 4.0.5 fixes, that
could affect slaves. Moreover another critical issue in quicklists,
when they are used at a massive memory scale, was fixed in this
release. Upgrading from any 4.0.x release, especially if you are
running 4.0.4 or 4.0.5, is highly recommended.
|
|
|
|
0.20.0 - 2017-12-06
- Certbot's ACME library now recognizes URL fields in challenge
objects in preparation for Let's Encrypt's new ACME endpoint.
- The Apache plugin now parses some distro specific Apache
configuration files on non-Debian systems allowing it to get a
clearer picture on the running configuration.
- Certbot better reports network failures by removing information
about connection retries from the error output.
- An unnecessary question when using Certbot's webroot plugin
interactively has been removed.
- Certbot's NGINX plugin no longer sometimes incorrectly reports that
it was unable to deploy a HTTP->HTTPS redirect when requesting
Certbot to enable a redirect for multiple domains.
- Problems where the Apache plugin was failing to find directives and
duplicating existing directives on openSUSE have been resolved.
- An issue running the test shipped with Certbot and some our DNS
plugins with older versions of mock have been resolved.
- On some systems, users reported strangely interleaved output
depending on when stdout and stderr were flushed.
0.19.0 - 2017-10-04
- Certbot now has renewal hook directories where executable files can
be placed for Certbot to run with the renew subcommand.
- After revoking a certificate with the revoke subcommand, Certbot
will offer to delete the lineage associated with the certificate.
- When using Certbot's Google Cloud DNS plugin on Google Compute
Engine, you no longer have to provide a credential file to Certbot
if you have configured sufficient permissions for the instance which
Certbot can automatically obtain using Google's metadata service.
- When deleting certificates interactively using the delete
subcommand, Certbot will now allow you to select multiple lineages
to be deleted at once.
- Certbot's Apache plugin no longer always parses Apache's
sites-available on Debian based systems and instead only parses
virtual hosts included in your Apache configuration.
- The plugins subcommand can now be run without root access.
- certbot-auto now includes a timeout when updating itself so it no
longer hangs indefinitely when it is unable to connect to the
external server.
- An issue where Certbot's Apache plugin would sometimes fail to
deploy a certificate on Debian based systems if mod_ssl wasn't
already enabled has been resolved.
- A bug in our Docker image where the certificates subcommand could
not report if certificates maintained by Certbot had been revoked
has been fixed.
- Certbot's RFC 2136 DNS plugin (for use with software like BIND) now
properly performs DNS challenges when the domain being verified
contains a CNAME record.
|
|
|
|
|
|
U-Boot is a bootloader for embedded boards based on PowerPC, ARM, MIPS and
several other processors, which can be installed in a boot ROM and used to
initialize and test the hardware or to download and run application code.
This package provides U-Boot for the NVIDIA Jetson TK1.
|
|
|
|
Changes:
1.1.0
-----
* Added the `-r/--limit-rate` command-line option to set a maximum download
rate
* Added the `--sleep` command-line option to specify the number of seconds
to sleep before each download
* Updated `gelbooru` to no longer use their now disabled API
* Fixed SWF extraction for `sankaku` (#52)
* Fixed extraction issues for `hentai2read` and `khinsider`
* Removed the deprecated `--images` and `--chapters` options
* Removed the `mangazuki` module
|
|
|
|
Note: tamago-tsunagi is based on wip/tamago-tsunagi made by mef@.
|
|
tamago-tsunagi is Emacs plug-in to bridge inputmethods of (Free)Wnn, Canna,
sj3, and Anthy. It is fork from IM egg(tamago) and it supports Emacs-24.3
and later, one of successors of editors/tamago.
Similar work may also be found at
http://anonscm.debian.org/cgit/pkg-anthy/egg.git
but it does not have capability with (Free)Wnn and Canna.
|
|
Fix BUILDLINK_PKGSRCDI to here, www/php-propro2 not www/php-propro.
|
|
|
|
|
|
|
|
|
|
Reset PKGREVISION along with update to 3.2.4.
|
|
[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.4.html]
This announcement concerns fixes for problems that were introduced
with Postfix 3.0 and later. Older supported releases are unaffected.
Fixed in Postfix 3.1 and later:
* DANE interoperability. Postfix builds with OpenSSL 1.0.0 or
1.0.1 failed to send email to some sites with "TLSA 2 X X" DNS
records associated with an intermediate CA certificate. Problem
report and initial fix by Erwan Legrand.
Fixed in Postfix 3.0 and later:
* Missing dynamicmaps support in the Postfix sendmail command.
This broke authorized_submit_users settings that use a
dynamically-loaded map type. Problem reported by Ulrich Zehl.
|
|
|
|
Release date: 2017-11-17 04:27 UTC
Release state: stable
Changelog:
* Fix Bug #21255: Boundary gets added twice when using setContentType() [alec]
* PHP 7.2 compatibility fixes [alec]
|
|
Allow build with php72.
|
|
Fix BUILDLINK_PKGSRCDI to here, devel/php-raphf2 not devel/php-raphf.
|
|
|
|
=== 5.3.0 (2017-12-01)
* Add logger to Database instance before making first connection in bin/sequel (jeremyevans)
* Drop support for PostgreSQL <8.1 in Database#indexes (jeremyevans)
* Add synchronize_sql extension, for checking out a connection around SQL generation (KJTsanaktsidis, jeremyevans) (#1451)
* Deprecate Dataset#where calls with no existing filter, no argument, and where the virtual row block returns nil (jeremyevans) (#1454)
* Add DatasetModule#reverse for simpler use of descending orders (jeremyevans)
* Support WITH clauses in subqueries on SQLite, but not in UNION/INTERSECT/EXCEPT (jeremyevans)
* Hoist WITH clauses to INSERT statement level if INSERT subquery uses a CTE on MSSQL (jeremyevans)
* Respect indislive and ignore indcheckxmin index attributes when using Database#indexes on PostgreSQL (jeremyevans)
* Explicitly disallow use of server-side prepared statements when using Dataset#call in the jdbc/postgresql adapter (jeremyevans) (#1448)
* Support common table expressions, window functions, dropping CHECK constraints, and recognizing CURRENT_DATE defaults on MariaDB 10.2+ (jeremyevans)
* Make Database#reset_primary_key_sequence work on PostgreSQL 10+ (jeremyevans)
* Support :connect_sqls Database option for easily issuing sql commands on all new connections (jeremyevans)
* Support :extensions Database option for loading extensions when initializing, useful in connection strings (jeremyevans)
* Avoid warning if trying to rollback after a commit or rollback raises an exception in the postgres adapter (jeremyevans)
* Support Date::Infinity values in the pg_extended_date_support extension (jeremyevans)
|
