| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changelog:
Future deprecation notice
=========================
It is now possible[1] to perform chosen-prefix attacks against the
SHA-1 algorithm for less than USD$50K. For this reason, we will be
disabling the "ssh-rsa" public key signature algorithm by default in a
near-future release.
This algorithm is unfortunately still used widely despite the
existence of better alternatives, being the only remaining public key
signature algorithm specified by the original SSH RFCs.
The better alternatives include:
* The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These
algorithms have the advantage of using the same key type as
"ssh-rsa" but use the safe SHA-2 hash algorithms. These have been
supported since OpenSSH 7.2 and are already used by default if the
client and server support them.
* The ssh-ed25519 signature algorithm. It has been supported in
OpenSSH since release 6.5.
* The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These
have been supported by OpenSSH since release 5.7.
To check whether a server is using the weak ssh-rsa public key
algorithm, for host authentication, try to connect to it after
removing the ssh-rsa algorithm from ssh(1)'s allowed list:
ssh -oHostKeyAlgorithms=-ssh-rsa user@host
If the host key verification fails and no other supported host key
types are available, the server software on that host should be
upgraded.
We intend to enable UpdateHostKeys by default in the next OpenSSH
release. This will assist the client by automatically migrating to
better algorithms. Users may consider enabling this option manually.
[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
Application to the PGP Web of Trust" Leurent, G and Peyrin, T
(2020) https://eprint.iacr.org/2020/014.pdf
Security
========
* ssh-agent(1): restrict ssh-agent from signing web challenges for
FIDO/U2F keys.
When signing messages in ssh-agent using a FIDO key that has an
application string that does not start with "ssh:", ensure that the
message being signed is one of the forms expected for the SSH protocol
(currently public key authentication and sshsig signatures).
This prevents ssh-agent forwarding on a host that has FIDO keys
attached granting the ability for the remote side to sign challenges
for web authentication using those keys too.
Note that the converse case of web browsers signing SSH challenges is
already precluded because no web RP can have the "ssh:" prefix in the
application string that we require.
* ssh-keygen(1): Enable FIDO 2.1 credProtect extension when generating
a FIDO resident key.
The recent FIDO 2.1 Client to Authenticator Protocol introduced a
"credProtect" feature to better protect resident keys. We use this
option to require a PIN prior to all operations that may retrieve
a resident key from a FIDO token.
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* For FIDO/U2F support, OpenSSH recommends the use of libfido2 1.5.0
or greater. Older libraries have limited support at the expense of
disabling particular features. These include resident keys, PIN-
required keys and multiple attached tokens.
* ssh-keygen(1): the format of the attestation information optionally
recorded when a FIDO key is generated has changed. It now includes
the authenticator data needed to validate attestation signatures.
* The API between OpenSSH and the FIDO token middleware has changed
and the SSH_SK_VERSION_MAJOR version has been incremented as a
result. Third-party middleware libraries must support the current
API version (7) to work with OpenSSH 8.4.
* The portable OpenSSH distribution now requires automake to rebuild
the configure script and supporting files. This is not required when
simply building portable OpenSSH from a release tar file.
Changes since OpenSSH 8.3
=========================
New features
------------
* ssh(1), ssh-keygen(1): support for FIDO keys that require a PIN for
each use. These keys may be generated using ssh-keygen using a new
"verify-required" option. When a PIN-required key is used, the user
will be prompted for a PIN to complete the signature operation.
* sshd(8): authorized_keys now supports a new "verify-required"
option to require FIDO signatures assert that the token verified
that the user was present before making the signature. The FIDO
protocol supports multiple methods for user-verification, but
currently OpenSSH only supports PIN verification.
* sshd(8), ssh-keygen(1): add support for verifying FIDO webauthn
signatures. Webauthn is a standard for using FIDO keys in web
browsers. These signatures are a slightly different format to plain
FIDO signatures and thus require explicit support.
* ssh(1): allow some keywords to expand shell-style ${ENV}
environment variables. The supported keywords are CertificateFile,
ControlPath, IdentityAgent and IdentityFile, plus LocalForward and
RemoteForward when used for Unix domain socket paths. bz#3140
* ssh(1), ssh-agent(1): allow some additional control over the use of
ssh-askpass via a new $SSH_ASKPASS_REQUIRE environment variable,
including forcibly enabling and disabling its use. bz#69
* ssh(1): allow ssh_config(5)'s AddKeysToAgent keyword accept a time
limit for keys in addition to its current flag options. Time-
limited keys will automatically be removed from ssh-agent after
their expiry time has passed.
* scp(1), sftp(1): allow the -A flag to explicitly enable agent
forwarding in scp and sftp. The default remains to not forward an
agent, even when ssh_config enables it.
* ssh(1): add a '%k' TOKEN that expands to the effective HostKey of
the destination. This allows, e.g., keeping host keys in individual
files using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k". bz#1654
* ssh(1): add %-TOKEN, environment variable and tilde expansion to
the UserKnownHostsFile directive, allowing the path to be
completed by the configuration (e.g. bz#1654)
* ssh-keygen(1): allow "ssh-add -d -" to read keys to be deleted
from stdin. bz#3180
* sshd(8): improve logging for MaxStartups connection throttling.
sshd will now log when it starts and stops throttling and periodically
while in this state. bz#3055
Bugfixes
--------
* ssh(1), ssh-keygen(1): better support for multiple attached FIDO
tokens. In cases where OpenSSH cannot unambiguously determine which
token to direct a request to, the user is now required to select a
token by touching it. In cases of operations that require a PIN to
be verified, this avoids sending the wrong PIN to the wrong token
and incrementing the token's PIN failure counter (tokens
effectively erase their keys after too many PIN failures).
* sshd(8): fix Include before Match in sshd_config; bz#3122
* ssh(1): close stdin/out/error when forking after authentication
completes ("ssh -f ...") bz#3137
* ssh(1), sshd(8): limit the amount of channel input data buffered,
avoiding peers that advertise large windows but are slow to read
from causing high memory consumption.
* ssh-agent(1): handle multiple requests sent in a single write() to
the agent.
* sshd(8): allow sshd_config longer than 256k
* sshd(8): avoid spurious "Unable to load host key" message when sshd
load a private key but no public counterpart
* ssh(1): prefer the default hostkey algorithm list whenever we have
a hostkey that matches its best-preference algorithm.
* sshd(1): when ordering the hostkey algorithms to request from a
server, prefer certificate types if the known_hosts files contain a key
marked as a @cert-authority; bz#3157
* ssh(1): perform host key fingerprint comparisons for the "Are you
sure you want to continue connecting (yes/no/[fingerprint])?"
prompt with case sensitivity.
* sshd(8): ensure that address/masklen mismatches in sshd_config
yield fatal errors at daemon start time rather than later when
they are evaluated.
* ssh-keygen(1): ensure that certificate extensions are lexically
sorted. Previously if the user specified a custom extension then
the everything would be in order except the custom ones. bz#3198
* ssh(1): also compare username when checking for JumpHost loops.
bz#3057
* ssh-keygen(1): preserve group/world read permission on known_hosts
files across runs of "ssh-keygen -Rf /path". The old behaviour was
to remove all rights for group/other. bz#3146
* ssh-keygen(1): Mention the [-a rounds] flag in the ssh-keygen
manual page and usage().
* sshd(8): explicitly construct path to ~/.ssh/rc rather than
relying on it being relative to the current directory, so that it
can still be found if the shell startup changes its directory.
bz#3185
* sshd(8): when redirecting sshd's log output to a file, undo this
redirection after the session child process is forked(). Fixes
missing log messages when using this feature under some
circumstances.
* sshd(8): start ClientAliveInterval bookkeeping before first pass
through select() loop; fixed theoretical case where busy sshd may
ignore timeouts from client.
* ssh(1): only reset the ServerAliveInterval check when we receive
traffic from the server and ignore traffic from a port forwarding
client, preventing a client from keeping a connection alive when
it should be terminated. bz#2265
* ssh-keygen(1): avoid spurious error message when ssh-keygen
creates files outside ~/.ssh
* sftp-client(1): fix off-by-one error that caused sftp downloads to
make one more concurrent request that desired. This prevented using
sftp(1) in unpipelined request/response mode, which is useful when
debugging. bz#3054
* ssh(1), sshd(8): handle EINTR in waitfd() and timeout_connect()
helpers. bz#3071
* ssh(1), ssh-keygen(1): defer creation of ~/.ssh until we attempt to
write to it so we don't leave an empty .ssh directory when it's not
needed. bz#3156
* ssh(1), sshd(8): fix multiplier when parsing time specifications
when handling seconds after other units. bz#3171
Portability
-----------
* sshd(8): always send any PAM account messages. If the PAM account
stack returns any messages, always send them to the user and not
just if the check succeeds. bz#2049
* Implement some backwards compatibility for libfido2 libraries
older than 1.5.0. Note that use of an older library will result
in the loss of certain features including resident key support,
PIN support and support for multiple attached tokens.
* configure fixes for XCode 12
* gnome-ssh-askpass3: ensure the "close" button is not focused by
default for SSH_ASKPASS_PROMPT=none prompts. Avoids space/enter
accidentally dismissing FIDO touch notifications.
* gnome-ssh-askpass3: allow some control over textarea colour via
$GNOME_SSH_ASKPASS_FG_COLOR and $GNOME_SSH_ASKPASS_BG_COLOR
environment variables.
* sshd(8): document another PAM spec problem in a frustrated comment
* sshd(8): support NetBSD's utmpx.ut_ss address field. bz#960
* Add the ssh-sk-helper binary and its manpage to the RPM spec file
* Detect the Frankenstein monster of Linux/X32 and allow the sandbox
to function there. bz#3085
|
|
|
|
Changes since v1.34
v1.35 - 27.09.2020
- Added an option to change interpolation mode to 2-tap linear, just to match
real FT2. This interpolation method is of worse quality than the current one
(4-tap cubic spline).
- Fixed some sample tap bugs with the cubic spline resampling interpolation
- Fixed an issue where unwanted sample data could be shown at the loop end
point of a looped sample in the sample editor.
- Updated some parts of the help text
- Small code cleanup
|
|
|
|
Changelog:
Version 9.53.2 (2020-09-25)
Highlights in this release include:
The 9.53.2 release is primarily maintenance.
Three issues arose with 9.53.0/1 that prompted the release of
a .2 patch:
A crash (or silent, erroneous exit) on 64 bit Windows and
other LLP64 type environments.
A parameter type mismatch that would cause Ghostcript to
error out during initialisation, which affected 64 big,
big endian architectures.
An expected side effect of another change that prevented
multithreaded rendering and background rendering from
working correctly.
Details of those can be found in the changelog.
The most obvious change is the (re-)introduction of the patch
level to the version number, this helps facilitate a revised
policy on handling security related issues.
To clarify: in the event we decide to release a patch revision,
it will replace the release with the previous patch number.
Release notes, highlights and warnings will remain the same,
except for the addition of whatever fix(es) prompted the patch.
Our efforts in code hygiene and maintainability continue.
We have added the capability to build with the Tesseract OCR
engine. In such a build, new devices are available
(pdfocr8/pdfocr24/pdfocr32) which render the output file to an
image, OCR that image, and output the image "wrapped" up as a
PDF file, with the OCR generated text information included as
"invisible" text (in PDF terms, text rendering mode 3).
Due to some patches to the Tesseract sources that are required
(integrated upstream, but awaiting release), time constraints,
and the experimental nature of the feature, we only support
including Tesseract from source, not linking to Tesseract shared
libraries. Whether we add this capability will be largely
dependant on community demand for the feature.
See Enabling OCR for more details.
We have added Python bindings for the gsapi interface, can be
found in demos/python. These are experimental, and we welcome
feedback from interested developers.
For those integrating Ghostscript/GhostPDL via the gsapi
interface, we have added new capabilities to that, specifically
in terms of setting and interrogating device parameters. These,
along with the existing interface calls, are documented in:
Ghostscript Interpreter API
IMPORTANT: In consultation with a representative of (OpenPrinting)
it is our intention to deprecate and, in the not distant future,
remove the OpenPrinting Vector/Raster Printer Drivers (that
is, the opvp and oprp devices).
If you rely on either of these devices, please get in touch
with us, so we can discuss your use case, and revise our plans
accordingly.
IMPORTANT: We have forked LittleCMS2 into LittleCMS2mt (the
"mt" indicating "multi-thread"). LCMS2 is not thread safe and
cannot be made thread safe without breaking the ABI. Our fork
will be thread safe and include performance enhancements (these
changes have all be been offered and rejected upstream). We
will maintain compatibility between Ghostscript and LCMS2 for
a time, but not in perpetuity. If there is sufficient interest,
our fork will be available as its own package separately from
Ghostscript (and MuPDF).
The usual round of bug fixes, compatibility changes, and
incremental improvements.
|
|
|
|
v1.2.5
* Add schema export API to schema and global maps
* Fix decoding with lax/skip validation modes
* Add *keep_unknown* optional argument for *iter_decode()* methods
|
|
Version 2.15.05
Correct %ifid $ and %ifid $$ being treated as true. See section 4.4.6.
Add --reproducible option to suppress NASM version numbers and timestamps in output files. See section 2.1.34.
Version 2.15.04
More sensible handling of the case where one single-line macro definition will shadow another. A warning will be issued, but the additional definition will be allowed. For the existing error case where both a parameterless and parametered macro are created, that warning is promoted to an error by default.
Add special preprocessor tokens %*? and %*?? that expand like %? and %?? in single-line macros only. See section 4.1.6.
Correct the encoding of the ENQCMDS and TILELOADT1 instructions.
Fix case where the COFF backend (the coff, win32 and win64 output formats) would add padding bytes in the middle of a section if a SECTION/SEGMENT directive was provided which repeated an ALIGN= attribute. This neither matched legacy behavior, other backends, or user expectations.
Fix SSE instructions not being recognized with an explicit memory operation size (e.g. movsd qword [eax],xmm0).
The -L+ option no longer enables -Lw, which is mainly useful to debug NASM crashes. See section 2.1.4.
Document long-standing hazards in the use of $ in Dx statements, see section 3.2.1.
The NASM-only RDOFF output format backend, which has been broken since at least NASM 2.14, has been disabled. The RDOFF tools are scheduled to be removed from the NASM distribution in NASM 2.16. If you have a concrete use case for RDOFF, please file a NASM bug report at https://bugs.nasm.us/ as soon as possible. See section 8.13.
|
|
|
|
|
|
PCSX-Reloaded is a forked version of the dead PCSX PlayStation emulator, with
a nicer interface and several improvements to stability and functionality.
PCSX-Reloaded uses the PSEMU plugin interface to provide most functionality;
without them, you will not be able to use it to play games. PCSX-Reloaded
provides a number of plugins to provide basic functionality out of the box.
|
|
|
|
Fvwm3 is a multiple large virtual desktop window manager, originally (a
looooong time ago!) derived from twm.
Fvwm3 is intended to have a small memory footprint but a rich feature set,
be extremely customizable and extendible, and have a high degree of Motif
mwm compatibility.
|
|
|
|
0.55.3:
Unknown changes
|
|
1.14.3:
Unknown changes
|
|
|
|
avahi 0.8 release brings a number of new features and bug fix changes
including a backward-compatible addition to the D-Bus API and the avahi-core
API.
The existing API is still fully supported however clients using the new
API will not work with older Avahi releases. The avahi-client library is not
affected. See the "API Changes" section for further details.
New Features:
- New options for filtering reflected queries between networks (reflect-filter)
- New mainloop integration for Qt5 and libevent
- docs/THREADS: Information for multi-threaded avahi-client apps
- Listen on loopback interfaces by default, allowing local-only services to be
consumed by the local machine
- New D-Bus V2 API and additions to the avahi-core API for splitting "New"
calls into "Prepare" and "Start". See "API Changes" for more details.
* Add support for binary values in TXT records in XML service files by
specifying value-format="text|binary-hex|binary-base64". If not specified,
defaults to the normal value of "text" (thus backwards compatible)
* avahi-gobject: Allow starting the client in a custom GMainContext by
passing context to ga_client_start_in_context instead of ga_client_start
(avahi-gobject minor version has been incremented)
Security Fixes:
- Drop legacy unicast queries from address not on local link which can lead to
UDP traffic amplification attacks (CVE-2017-6519)
For full details, see:
https://github.com/lathiat/avahi/blob/v0.8/docs/NEWS
|
|
|
|
1.66.0 - 2020-09-12
-------------------
* Support the gtk-doc action syntax :mr:`203`
* Meson fixes with glib and/or g-i is a subproject :mr:`206` :mr:`208`
* GITypeInfo storage type utility API :mr:`205`
* Meson: Fix build as subproject :mr:`214`
* Fixing XDG_DATA_DIRS logic :mr:`215`
* libgirepository: Add a couple missing nullable annotations :mr:`217` :mr:`225`
* dumper: Fix missing symbols in LTO case or with overridden symbol visibility settings :mr:`216`
* Documentation improvements: :mr:`220` :mr:`232`
* Remove old autoconf fallback code for the python tools :mr:`221`
* meson: Rename option `gi_cross_use_{host -> prebuilt}_gi` mr:`211`
* meson: Don't override finding executables when using pre-built tools. :mr:`212`
* meson: gir: add a dependency for g-ir-compiler for building .girs :mr:`228`
* meson: Use pkgconfig generator :mr:`207`
* Fix gi-dump-types.c to build on Windows :mr:`218`
* giscanner: parse block comments for members and fields :mr:`230`
* Add the notion of standalone doc sections :mr:`226`
* giscanner: Add support for using clang-cl :mr:`234`
* giscanner: Fix section matching for documentation :mr:`237`
|
|
|
|
Highlights:
* Fixes to the new `statx()` calls - note that since GLib 2.65.2 uses `statx()`
(if available) instead of `stat()`/`fstat()`/`lstat()`/`fstatat()`, syscall
sandboxing for third party applications might need to be updated
* Fix deadlock in `g_subprocess_communicate_async()` (work by Alexander Larsson) (#2182)
* Add `%f`/microsecond placeholder support to `g_date_time_format()` (work by Johan Bjäreholt) (!1605)
* Add `GUri` API for parsing, building and representing URIs according to
[RFC 3986](https://tools.ietf.org/html/rfc3986) (work by Marc-Andre Lureau) (#110)
* D-Bus credentials support on macOS (#507)
* Year 2038 fixes involving new API in `GBookmarkFile` (#1931)
For full details, see:
https://gitlab.gnome.org/GNOME/glib/-/blob/2.66.0/NEWS
|
|
|
|
Upstream NEWS:
We are pleased to announce the release of GNU Gama 2.10!
One major update that is visible to the end users is the change in the
'update_constrained_coordinates' parameter. This parameter was
deprecated in 2.09 and has now been completely removed.
Another big change is the addition of output in GNU Octave format.
The GNU Octave *.m output file contains adjustment results from
gama-local, in matrix format that includes the following sections:
* General adjustment parameters - number of squares, observations,
sum of squares, etc.
* IDs and coordinates of fixed points
* Information about the adjustment - adjusted and constrained
coordinates, their indexes and covariances. Observation
covariances and weight matrix and equation system matrices.
The main motivation for introducing GNU Octave output was to have an
experimental tool for computation of statistical parameters that are not
directly available in gama-local (e.g. reliability matrix).
GNU Octave output defines an explicit set of conditions to calculate the
adjustment of free networks (networks with a singular project equation
system). The differences between coordinates are tested with a tolerance
of 1e-3 millimeters.
This criterion may fail for poorly conditioned systems (typically
networks with a "bad"configuration).
Syntax of the GNU Octave .m output was tested for compatibility with
MATLAB R2013b (8.2.0.701).
|
|
|
|
Improvements
ParseAndAddCatchTests handles CMake v3.18.0 correctly (#1984)
Improved autodetection of std::byte (#1992)
Simplified implementation of templated test cases (#2007)
This should have a tiny positive effect on its compilation throughput
Fixes
Automatic stringification of ranges handles sentinel ranges properly (#2004)
|
|
textproc/py-xlsxwriter
|
|
Release 1.3.6:
* Added the worksheet :func:`unprotect_range()` method to allow ranges within
a protected worksheet to be unprotected.
* There are now over 1500 test cases in the test suite, including 900 tests
that compare the output from XlsxWriter, byte for byte, against test files
created in Excel. This is to ensure the maximum possible compatibility with
Excel.
Release 1.3.5:
* Fixed issue where relative url links in images didn't work.
* Added ``use_zip64`` as a constructor option.
* Added check, and warning, for worksheet tables with no data row.
Either with or without a header row.
* Add a warning when the string length in :func:`write_rich_string()` exceeds
Excel's limit.
Release 1.3.4:
* Replaced internal MD5 digest used to check for duplicate images with a SHA256
digest to avoid issues on operating systems such as Red Hat in FIPS mode
which don't support MD5 for security reasons.
|
|
0.16.16
Fixed inconsistency in integrity error exception of FastAPI
add OSError to _get_comments except block
|
|
Unknown changes
|
|
2.2.3
- SCRIPTS: git-show-backports: make -m most only show the left branch
- SCRIPTS: git-show-backports: emit the shell command to backport a commit
- BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send
- CLEANUP: dns: typo in reported error message
- BUG/MAJOR: dns: disabled servers through SRV records never recover
- BUG/MINOR: spoa-server: fix size_t format printing
- DOC: spoa-server: fix false friends `actually`
- BUG/MINOR: ssl: fix memory leak at OCSP loading
- BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free()
- BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime
- MINOR: arg: Add an argument type to keep a reference on opaque data
- BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter
- BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created
- BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters
- BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation
- BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation
- MINOR: hlua: Don't needlessly copy lua strings in trash during args validation
- BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array
- MEDIUM: lua: Don't filter exported fetches and converters
- BUG/MINOR: snapshots: leak of snapshots on deinit()
- BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option
- BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2
- BUG/MINOR: stats: use strncmp() instead of memcmp() on health states
- BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction
- BUG/MEDIUM: ssl: never generates the chain from the verify store
- BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards
- BUG/MINOR: reload: do not fail when no socket is sent
- BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers
- MINOR: http-htx: Add an option to eval query-string when the path is replaced
- BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action
- BUG/MEDIUM: ssl: crt-list negative filters don't work
- DOC: cache: Use '<name>' instead of '<id>' in error message
- MINOR: cache: Reject duplicate cache names
- BUILD: tools: include auxv a bit later
- BUILD: task: work around a bogus warning in gcc 4.7/4.8 at -O1
- BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak
- BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed
- BUG/MINOR: contrib/spoa-server: Do not free reference to NULL
- BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure
- BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address
- BUG/MINOR: startup: haproxy -s cause 100% cpu
- Revert "BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action"
- BUG/MEDIUM: doc: Fix replace-path action description
- MINOR: http-rules: Add set-pathq and replace-pathq actions
- MINOR: http-fetch: Add pathq sample fetch
- REGTEST: Add a test for request path manipulations, with and without the QS
- BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()
- MINOR: arg: Use chunk_destroy() to release string arguments
- BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate
- BUG/MINOR: threads: work around a libgcc_s issue with chrooting
- BUILD: thread: limit the libgcc_s workaround to glibc only
- MINOR: Commit .gitattributes
- CLEANUP: Update .gitignore
- CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response()
- BUG/MEDIUM: dns: Don't store additional records in a linked-list
- BUG/MEDIUM: dns: Be sure to renew IP address for already known servers
- MINOR: server: Improve log message sent when server address is updated
- DOC: ssl-load-extra-files only applies to certificates on bind lines
- BUG/MINOR: auth: report valid crypto(3) support depending on build options
- BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections
|
|
|
|
Version 1.14.14
Add-ons client
* Add-on titles and descriptions translated to the current language are used when available.
The original English title is displayed in the UI and considered for search purposes in addition
to translations.
Add-ons server
* Made it possible to provide translations for add-on titles and descriptions at upload
time in the .pbl. Only clients running 1.14.14/1.15.4 or later can read the
translated values.
Language and i18n
* Updated translations: British English, Catalan, Chinese (Simplified),
Chinese (Traditional), Czech, Esperanto, French, Hungarian, Italian, Polish,
Portuguese (Brazil), Russian, Spanish, Turkish
Multiplayer
* 5p - The Wilderlands:
* Player 5’s units are sorted when cycling through them with the »n« key.
* Map tweaks (changes to some castles & villages, the northern river and embellishments)
User interface
* Do not list nameless abilities in the Abilities and Ability Upgrades lists in unit
descriptions in Help.
* Fixed disabled buttons using the pressed highlight color.
Miscellaneous and bug fixes
* Made wmllint recognize [remove_time_area] in order to avoid spurious warnings about
unit ids.
* Files created by the scenario editor include a boilerplate warning about hand-editing them.
|
|
2.2.0 "Interactive Fantasy" (2020-09-27)
New games:
Added support for Blazing Dragons.
Added support for Griffon Legend.
Added support for Interactive Fiction games based on the following engines:
ADRIFT (except for version 5)
AdvSys
AGT
Alan 2 & 3
Archetype (newly reimplemented for Glk from the original Pascal sources)
Hugo
JACL
Level 9
Magnetic Scrolls
Quest
Scott Adams
ZCode (all ZCode games except the Infocom graphical version 6 games).
Currently, more than 1600 games are detected and supported.
Added support for Operation Stealth.
Added support for Police Quest: SWAT.
Added support for English translation of Prince and the Coward.
Added support for Ultima IV - Quest of the Avatar.
Added support for Ultima VI - The False Prophet.
Added support for Ultima VIII - Pagan.
New ports:
MorphOS port got a major rewrite.
General:
Autosaves are now supported for all the engines.
Errors are more likely to open the debugger, and be displayed, than just crash ScummVM.
Games are sorted in GUI ignoring the articles.
Now Hebrew is displayed correctly in GUI (requires FriBiDi library).
Updated the Roland MT-32 emulation code to Munt 2.4.0.
Added option to select the default voice for ports that support Text-to-Speech.
Added support for Discord Rich Presence integration on supported platforms (Windows Vista+, macOS 10.9+ 64 Bit)
Major improvements to the keymapper.
BBVS:
Added support for the demo, available from our website.
Added support for the Loogie minigame demo.
Dreamweb:
Added support for Russian fan-translation.
Fixed animation speed.
Illusions:
Fixed subtitle speed (set it to max for good speed).
Added support for Russian Duckman.
Kyra:
Added support for the SegaCD version of Eye of the Beholder I (with CD-Audio, animated cutscenes and map function).
Added support for the PC-98 version of Eye of the Beholder I.
Added support for the Spanish versions of Eye of the Beholder I and II, Legend of Kyrandia 1 (CD-ROM fan translation) and Legend of Kyrandia 2 (floppy version and CD-ROM fan translation). Fix Spanish Lands of Lore support (floppy version and CD-ROM fan translation).
Lab:
Fixed sound looping in some rooms.
Neverhood:
Added support for bigger demo, available from our website.
Prince:
Fixed inventory item descriptions display.
Added English translation.
Fixed bug with infinite loop when looking at some objects.
Queen:
Fixed loading a save game from the launcher.
Fixed random long delays when starting a game.
SCI:
Major improvements to Amiga and Mac sound drivers.
Improved MIDI playback and fixed many audio issues.
Fixed 30 original script bugs in ECO2, GK1, KQ4, KQ5, KQ6, KQ7, LB1, LONGBOW, PHANT2, QFG1, QFG3, QFG4, SQ5 and SQ6.
Fixed a script bug responsible for rare and random lockups in most Sierra games between 1992-1996.
Added support for Inside the Chest / Behind the Developer's Shield.
Added support for German LSL6-Floppy.
Added support for Hebrew Torin's Passage.
Added support for Italian Lighthouse.
Added support for Polish KQ5, LSL2, LSL3, LSL5 and LSL6-Floppy.
Fixed Russian LSL1 error when hailing a taxi.
Fixed Phantasmagoria 2 error when attempting easter eggs.
Fixed QFG3 auto-saves.
Fixed QFG4 and Shivers save game thumbnails being obscured by control panels.
Fixed a random crash in the Windows version when exiting a game.
Added support for Roland D-110 sound driver.
The "Prefer digital sound effects" checkbox works correctly now for SCI01/SCI1 games.
SCUMM:
Fixed palette issues leading to incorrect colors in MM NES intro and dark rooms.
Fixed the rendering of the flashlight in MM NES to match the original version.
Replaced the existing NES palette to a more accurate NTSC palette based on Mesen.
Added a new GUI option to switch to an alternative NES palette based on the NES Classic.
Improved colors in Apple //gs Maniac Mansion.
Fixed crash when entering garage in Apple //gs Maniac Mansion.
Added support from Classic Full Throttle from Remastered release.
Supernova:
Improved English translation.
Sky:
Fixed syncing of music volume between native settings panel and ScummVM configuration.
Sword1:
Added support for localized menus in Novy Disk Russian Trilogy release.
Added support for Spanish playable Demo available from our website.
Sword2:
Added support for Spanish playable Demo available from our website.
Titanic:
Fixed Barbot crash after asking what else he needs.
Wintermute:
Added subsystem for tracking achievements, implemented for 10+ games.
Xeen:
Add missing sprite drawer for enemies hit by Energy Blast.
Fixed freeze due to bad mob data at the top of Witches Tower.
Fix crash loading some savegames directly from the launcher.
Fix curing the well in Nightshadow.
Fix loading of wall items from savegames.
Fix U/D keys not working on Quests dialog
Fix incorrect mirror destination for Dragon Tower
Fix crash reading book in Great Pyramid safe
Prevent attributes from going negative
Fix border faces animation during Clairvoyance
ZVision:
Fixed regression in the safe puzzle in Zork Nemesis: The Forbidden Lands.
Fixed getting perfect score in Zork: Grand Inquisitor.
Android port:
Added support for immersive fullscreen mode.
Improved keyboard and mouse input.
iOS port:
Fixed unsupported graphic mode for some games (such as SCI games with high quality video scaling enabled).
Removed Quit button to follow the iOS design guidelines.
Removed virtual keyboard input assistant bar. In particular this means that we no longer see a bar at the bottom of the screen when using an external keyboard.
Added save of current game state if possible when switching to a different task and restore game state when returning to the ScummVM task.
Linux port:
Added option to use the system file browser instead of the ScummVM file browser.
MacOS X port:
Fixed blurry on Retina screens. Unfortunately this required dropping support for the dark theme for window decorations.
Fixed Taskbar icon display when running a game (this was broken since ScummVM 1.9.0).
RISC OS port:
Added a VFP optimized build for newer hardware.
Windows port:
Added support for using additional OneCore voices for text to speech.
Active support for Windows Vista and lower is now discontinued. While we still provide builds for those systems in the foreseeable future, some newer features might be missing.
|
|
|
|
pkgsrc changes:
---------------
* Add preprocessor test for stdlib.h inclusion on FreeBSD
* Bump revision
|
|
asm files).
|
|
|
|
Bumps PKGREVISION.
|
|
|
|
|
|
|
|
DeepState is a framework that provides C and C++ developers with a common
interface to various symbolic execution and fuzzing engines. Users can write
one test harness using a Google Test-like API, then execute it using multiple
backends without having to learn the complexities of the underlying engines. It
supports writing unit tests and API sequence tests, as well as automatic test
generation.
This package installs the executors for DeepState.
|
|
|
|
|
|
|
|
|
|
|
|
DeepState is a framework that provides C and C++ developers with a common
interface to various symbolic execution and fuzzing engines. Users can write
one test harness using a Google Test-like API, then execute it using multiple
backends without having to learn the complexities of the underlying engines. It
supports writing unit tests and API sequence tests, as well as automatic test
generation.
This package adds support for libfuzzer to DeepState.
|
|
While there, appease pkglint a tad.
Bumps PKGREVISION.
|
