| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
-------------------
0.26: # 2015-11-25T12:30:00+0100
- No functional changes since 0.25, but we had some Travis-specific
changes in the repo, releasing just so we have the latest code there
on the CPAN.
0.25: # 2015-11-25T12:20:00+0100
- Make the t/select-timeout.t test which fails on various odd
CPANtesters platforms a TODO. Maybe some OS-specific issue, maybe an
issue with kill() in the CPANtesters sandboxes not behaving as we
expect.
|
|
|
|
|
|
--------------
0.51 2015-09-16
- add OPTIONS as a valid method
- better compatibility with CGI.pm < 3.36
- fix tests for freebsd and IPv6
- repository info
|
|
|
|
|
|
|
|
|
|
|
|
Changes since 4.160:
* Changed OWNER
* Made the package work with PKGSRC_RUN_TEST=yes
|
|
Thanks to jperkin@!
|
|
sys/conf.h not needed here.
|
|
|
|
|
|
|
|
|
|
|
|
of e.g. the "fuse-ext2" package.
|
|
|
|
Handle '(' & ')' in cpuctl output
Note that for modern gcc -march=native may be a better alternative
|
|
|
|
|
|
|
|
Changes between 1.0.2e and 1.0.2f [28 Jan 2016]
*) DH small subgroups
Historically OpenSSL only ever generated DH parameters based on "safe"
primes. More recently (in version 1.0.2) support was provided for
generating X9.42 style parameter files such as those required for RFC 5114
support. The primes used in such files may not be "safe". Where an
application is using DH configured with parameters based on primes that are
not "safe" then an attacker could use this fact to find a peer's private
DH exponent. This attack requires that the attacker complete multiple
handshakes in which the peer uses the same private DH exponent. For example
this could be used to discover a TLS server's private DH exponent if it's
reusing the private DH exponent or it's using a static DH ciphersuite.
OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in
TLS. It is not on by default. If the option is not set then the server
reuses the same private DH exponent for the life of the server process and
would be vulnerable to this attack. It is believed that many popular
applications do set this option and would therefore not be at risk.
The fix for this issue adds an additional check where a "q" parameter is
available (as is the case in X9.42 based parameters). This detects the
only known attack, and is the only possible defense for static DH
ciphersuites. This could have some performance impact.
Additionally the SSL_OP_SINGLE_DH_USE option has been switched on by
default and cannot be disabled. This could have some performance impact.
This issue was reported to OpenSSL by Antonio Sanso (Adobe).
(CVE-2016-0701)
[Matt Caswell]
*) SSLv2 doesn't block disabled ciphers
A malicious client can negotiate SSLv2 ciphers that have been disabled on
the server and complete SSLv2 handshakes even if all SSLv2 ciphers have
been disabled, provided that the SSLv2 protocol was not also disabled via
SSL_OP_NO_SSLv2.
This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram
and Sebastian Schinzel.
(CVE-2015-3197)
[Viktor Dukhovni]
*) Reject DH handshakes with parameters shorter than 1024 bits.
[Kurt Roeckx]
|
|
|
|
3.14.14 was tagged but not released, 3.14.13 is the last release, hence
apcupsd-3.14.13r2365.
- Remove use of BSD USB driver; all platforms except Linux use generic-usb now
- i18n support removed
3.14.14 -- 30 May 2015
BUG FIXES
* win32: Fix missing DLLs when installing only apctray
* Fixes for socket error handling. Resolves apcaccess crash when connection
fails as well as several other theoretical issues.
* MODBUS/USB error handling (COMMLOST) improvements for faulty USB links
* Fix hiddev binding when usbfs is mounted on /dev/bus/usb instead of
/proc/bus/usb. This is necessary for switching between MODBUS/USB and
USB/HID on Linux.
* Update GPLv2 text and FSF address to match current versions from FSF.
* Various fixes for potential issues suggested by Coverity Scan
3.14.13 -- 02 February 2015
NEW FEATURES
* MODBUS USB support
Previous releases supported MODBUS serial (RS232). This release adds
support for MODBUS over USB. This protocol is preferable to the normal
USB HID driver because it offers access to more UPS data readouts and
controls. The only configuration file change needed versus MODBUS serial
is to change UPSCABLE to usb and use an empty DEVICE setting. See the
MODBUS section of the apcupsd manual for more details.
* Support for Apple Notification Center on Mac OS X (replaces Growl)
* Apple install packages and binaries are signed with an Apple Developer
key for compatibility with Gate Keeper
* Windows USB driver has been updated with additional USB identifiers to
support future APC products.
BUG FIXES
* Use launchd for startup on Mac OS X as the old Startup Items mechanism is
no longer supported in 10.10 and above
* Fix apcaccess on ARM systems where char is unsigned by default
* Fix several potential issues identified by Coverity static analysis
* Numerous other fixes and improvements all over the code, many of them
submitted by users...Thank you!
MISC
* Windows port now builds with the same configure and make system as the
other targets, no need to maintain a special hardcoded Makefile.
* Many cleanups to the Windows port codebase
* Prebuilt binaries for Mac OS X no longer support PowerPC systems or
Mac OS X 10.4 and older
3.14.12 -- 29 March 2014 (Maintenance Release)
NEW FEATURES
* apcaccess and apcupsd status format updates to ease parsing by scripts
* UPS name is included in subject line of emails in default scripts
* Default event scripts pull SYSADMIN and APCUPSD_MAIL definitions from a
common config file so they can easily be configured in one place
BUG FIXES
* Fix issue with certain Back-UPS USB models repeatedly cycling power on/off
after killpower is issued
* Fix display of battery level during MODBUS calibration
* Fix apctest EEPROM setting on various models
* Close and reopen serial port during extended COMMLOST in apcsmart driver
(helps recover connection when USB serial port dongles are reconnected)
* Avoid probing non-APC USB devices as it can cause lockups
* Fix issue with service failing to start on Windows during boot with USB UPS
* Fix bogus lock file error when config file error forces early termination
* Fix MODBUS NOMOUTV reading for voltages other than 120VAC
* Fix LOADPCT (CI_LOAD) on MODBUS driver
* Fix issue with net driver not reporting MODEL value
3.14.11 -- 31 January 2014 (Maintenance Release)
NEW FEATURES
* MODBUS protocol support
Over the summer, APC publicly released documentation[1] on a new UPS
control and monitoring protocol, loosely referred to as MODBUS (after the
historic industrial control protocol it is based on). The new protocol
operates over RS232 serial lines as well as USB connections and is intended
to supplement APC's proprietary Microlink protocol. Microlink is not going
away, but APC has realized that third parties require access to UPS status
and control information. Rather than publicly open Microlink, they have
created another protocol to operate along side it.
Many existing Microlink UPSes can be upgraded to support MODBUS via a
firmware update. See [2]. Certain older models are not upgradeable. APC
support will be your best contact for determining if your UPS supports a
MODBUS upgrade the information linked below does not make it clear.
For now, apcupsd supports MODBUS over RS232 serial only. It DOES NOT yet
support MODBUS over USB. See the apcupsd manual[3] for information on
setting up apcupsd.conf for MODBUS UPSes.
[1] http://www.apc.com/whitepaper/?an=176
[2] http://www.schneider-electric.us/support/index?page=content&country=ITB&lang=EN&id=FA164737
[3] http://www.apcupsd.com/manual/manual.html
* Windows USB driver is now digitally signed thanks to Jernej Simoncic
<jernej's-sflist@eternallybored.org>
3.14.10 -- 13 September 2011 (Maintenance Release)
BUG FIXES
* Fix missing status and spurrious incorrect status on newer BackUPS CS
models using USB interface.
* USB compatibility fixes for Mac OS X Lion
* USB driver support for newer Microlink models on Mac OS X Lion and Windows
* Ignore transitions to battery due to calibration (possible if user
initiates calibration, then exits apctest and starts apcupsd before
calibration completes.
* Fix truncation of long UPS model names such as "Smart-UPS RT 5000 XL"
* Fix MODEL vs. APCMODEL confusion. Remove APCMODEL and rename old MODEL
aka 'mode' to DRIVER.
|
|
|
|
|
|
|
|
|
|
|
|
----------------
- 1.4.39 2015-12-19
* [core] fix memset_s call (fixes #2698)
* [chunk] fix use after free / double free (fixes #2700)
|
|
- Update HOMEPAGE
- Add
* LICENSE= gnu-gpl-v2
* BUILD_DEPENDS+= gtk-doc
* gtk-doc.pc.in on PKGCONFIG_OVERRIDE+=
* pre-configure: target for ./autogen.sh
|
|
|
|
|
|
|
|
-----------------------
Curl and libcurl 7.47.0
Public curl releases: 151
Command line options: 179
curl_easy_setopt() options: 221
Public functions in libcurl: 61
Contributors: 1340
This release includes the following changes:
o version: Add flag CURL_VERSION_PSL for libpsl
o http: added CURL_HTTP_VERSION_2TLS to do HTTP/2 for HTTPS only [8]
o curl: use 2TLS by default
o curl --expect100-timeout: added [10]
o Add .dir-locals and set c-basic-offset to 2 (for emacs) [16]
This release includes the following bugfixes:
o curl: avoid local drive traversal when saving file on Windows [33]
o NTLM: do not resuse proxy connections without diff proxy credentials [34]
o tests: Disable the OAUTHBEARER tests when using a non-default port number [1]
o curl: remove keepalive #ifdef checks done on libcurl's behalf
o formdata: Check if length is too large for memory [2]
o lwip: Fix compatibility issues with later versions [3]
o openssl: BoringSSL doesn't have CONF_modules_free
o config-win32: Fix warning HAVE_WINSOCK2_H undefined
o build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGS [4]
o http2: Fix hanging paused stream [5]
o scripts/Makefile: fix GNUism and survive no perl [6]
o openssl: adapt to 1.1.0+ name changes
o openssl: adapt to openssl >= 1.1.0 X509 opaque structs [7]
o HTTP2.md: spell fix and remove TODO now implemented
o setstropt: const-correctness [9]
o cyassl: fix compiler warning on type conversion
o gskit: Fix host subject altname verification [11]
o http2: Support trailer fields [12]
o wolfssl: handle builds without SSLv3 support
o cyassl: deal with lack of *get_peer_certificate [13]
o sockfilt: do not wait on unreliable file or pipe handle
o make: build zsh script even in an out-of-tree build
o test 1326: fix getting stuck on Windows
o test 87: fix file check on Windows
o configure: allow static builds on mingw [14]
o configure: detect IPv6 support on Windows [15]
o ConnectionExists: with *PIPEWAIT, wait for connections [17]
o Makefile.inc: s/curl_SOURCES/CURL_FILES [18]
o test 16: fixed for Windows
o test 252-255: use datacheck mode text for ASCII-mode LISTings
o tftpd server: add Windows support by writing files in binary mode
o ftplistparser: fix handling of file LISTings using Windows EOL
o tests first.c: fix calculation of sleep timeout on Windows
o tests (several): use datacheck mode text for ASCII-mode LISTings
o CURLOPT_RANGE.3: for HTTP servers, range support is optional
o test 1515: add MSYS support by passing a relative path
o curl_global_init.3: Add Windows-specific info for init via DLL [19]
o http2: Fix client write for trailers on stream close [20]
o mbedtls: Fix ALPN support
o connection reuse: IDN host names fixed [21]
o http2: Fix PUSH_PROMISE headers being treated as trailers [22]
o http2: handle the received SETTINGS frame [23]
o http2: Ensure that http2_handle_stream_close is called [24]
o mbedtls: implement CURLOPT_PINNEDPUBLICKEY
o runtests: Add mbedTLS to the SSL backends
o IDN host names: Remove the port number before converting to ACE [25]
o zsh.pl: fail if no curl is found
o scripts: fix zsh completion generation
o scripts: don't generate and install zsh completion when cross-compiling [26]
o lib: Prefix URLs with lower-case protocol names/schemes [27]
o ConnectionExists: only do pipelining/multiplexing when asked [28]
o configure: assume IPv6 works when cross-compiled [29]
o openssl: for 1.1.0+ they now provide a SSLeay() macro of their own
o openssl: improved error detection/reporting
o ssh: CURLOPT_SSH_PUBLIC_KEYFILE now treats "" as NULL again [30]
o mbedtls: Fix pinned key return value on fail [31]
o maketgz: generate date stamp with LC_TIME=C [32]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Alessandro Ghedini, Anders Bakken, Christian Stewart, Dan Fandrich,
Daniel Schauenberg, Daniel Stenberg, Francisco Moraes, Gisle Vanem,
Isaac Boukris, Johannes Schindelin, John Kohl, Kamil Dudka, Marc Hoersken,
Michael Kaufmann, Mohammad AlSaleh, Patrick Monnerat, Ray Satiro, Steve Holme,
Tatsuhiro Tsujikawa, Thomas Glanzmann, Thomas Klausner,
(21 contributors)
Thanks! (and sorry if I forgot to mention someone)
|
|
|
|
|
|
|
|
|
|
|
|
1.1 [2016/01/26]
* ziptool(1): command line tool to modify zip archives
* Speedups for archives with many entries
* Coverity fixes
* Better APK support
* Support for running tests on Windows
* More build fixes for Windows
* Portability fixes
* Documentation improvements
|
|
|
|
|
|
Changes since 5.3.3:
* Added some unit tests
* Fixed the Makefile parser to recognize seldomly-used variable modifiers
like :S///S/// without intermediate colon or :ts\n
* Cleaned up some unit tests
* Combined diagnostics that span multiple lines into single-line ones
|
|
|
|
* 3.5.0 (stable)
* A fix for ARM architecture was made.
* TLSv1.1 and TLSv1.2 will be enabled for STARTTLS when OpenSSL 1.0.1 or
above is used.
* Some bugfixes and stability improvements were made.
* Win32: more fix for the crash when linked with newer MSVCRT was made.
* Win32: irresponsibe text entries on the first display of the filter
edit dialog were fixed.
* Win32: libpng was updated to 1.4.19.
* Win32: OpenSSL was updated to v0.9.8zh.
* 3.5.0beta3 (development)
* A bug that reorder of filter runes by DnD was not saved was fixed.
* The original file names of attachments are kept when opening them,
and shorter suffixes are added in the case they conflict.
* The crash when displaying HTML messages was fixed (#215).
* The bug that column sizes of the address book were not properly set was
fixed.
* Win32: the bug that maximized state was unset on minimize was fixed.
* Win32: the crash when linked with newer MSVCRT was fixed.
* Win32: dependency on libtiff was removed (GDI+ is used).
* Win32: libjpeg was updated.
* Win32: libpng was updated to 1.4.16.
* Win32: OpenSSL was updated to v0.9.8zg.
* Win32: included SSL certificates were updated.
* 3.5.0beta2 (development)
* Windows / widgets are now adjusted to their optimal sizes by reference
to system DPI value.
* The option to specify startup online mode was added.
* The bug that wrote the first part of data if the message body in the
IMAP4 responses didn't end with CR+LF was fixed (#84).
* The bug that previously selected folder on the file selection dialog
was not remembered with GTK+ 2.24.x was fixed.
* Hebrew translation was added.
* Win32: The bug that 'Minimize to tray icon' didn't work with 3.5.0beta1
was fixed.
* Win32: 'Toggle window on trayicon click' now works.
* Win32: sylpheed.exe executable became DPI-Aware.
* Win32: OpenSSL was updated to 0.9.8zc.
* Win32: included SSL certificates were updated.
* 3.5.0beta1 (development)
* Mbox locking became NFS-safe (#202).
* Configure: silent rules are enabled by default.
* Configure.in was renamed to configure.ac.
* Fade effect was added to the notification window.
* Sylpheed.desktop file was updated.
* Win32: build fix for newer MinGW was made.
* Win32: 32-bit time_t is always used on win32 for backward compatibility.
* Win32: included third-party libraries were updated:
- GTK+ 2.24.23
- GLib 2.38.2
- GDK-Pixbuf 2.30.7
- Pango 1.36.3
- Cairo 1.10.2
- libpng 1.14.13
- GPGME 1.4.3
* Win32: the following issues were fixed because of GTK+ update:
- System Icon issue when ran on Windows 7 (#13, #85)
- Scroll jumping issue on text views when using Japanese IME
- Menus became more native-looking
- File dialogs were improved
|
