| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- Add support for Erlang/OTP 21.0
- Fix missing space in yaws_server:handle_out_reply/5
- recognize '?' in conf strings
|
|
|
|
### Added
- A new security enhancement which we're calling AutoHSTS has been
added to Certbot's Apache plugin. This enhancement configures your
webserver to send a HTTP Strict Transport Security header with a low
max-age value that is slowly increased over time. The max-age value is
not increased to a large value until you've successfully managed to
renew your certificate. This enhancement can be requested with the
--auto-hsts flag.
- New official DNS plugins have been created for Gehirn Infrastracture
Service, Linode, OVH, and Sakura Cloud. These plugins can be found
on our Docker Hub page at https://hub.docker.com/u/certbot and on
PyPI.
- The ability to reuse ACME accounts from Let's Encrypt's ACMEv1
endpoint on Let's Encrypt's ACMEv2 endpoint has been added.
- Certbot and its components now support Python 3.7.
- Certbot's install subcommand now allows you to interactively choose
which certificate to install from the list of certificates managed
by Certbot.
- Certbot now accepts the flag `--no-autorenew` which causes any
obtained certificates to not be automatically renewed when it
approaches expiration.
- Support for parsing the TLS-ALPN-01 challenge has been added back to
the acme library.
### Changed
- Certbot's default ACME server has been changed to Let's Encrypt's
ACMEv2 endpoint. By default, this server will now be used for both
new certificate lineages and renewals.
- The Nginx plugin is no longer marked labeled as an "Alpha" version.
- The `prepare` method of Certbot's plugins is no longer called before
running "Updater" enhancements that are run on every invocation of
`certbot renew`.
|
|
|
|
2.7.0.
- Subreg.cz: Use Zeep instead of PySimpleSOAP library
2.6.0
- Improvements to argument handling
2.5.0
- Add Google Cloud DNS provider
2.4.7
- Add Zeit provider
2.4.6
- Fixes to dnsimple
2.4.5
- Add support for Exoscale
2.4.4
- Add support for online.net
2.4.3
- Test fixes
2.4.2
- Minor fixes to OVH provider
2.4.1
- add support for Gandi LiveDNS API
|
|
|
|
Drop gfortran requirement.
|
|
|
|
|
|
GrafX2 is a drawing program dedicated to pixelart and low-color
graphics. This program is dedicated to everybody who knows what a
single pixel is. Its layout is not very different from the famous
Deluxe Paint or Brilliance, so it will be quite easy to handle it
if you know at least one of these programs. If you aren't used to
the art of drawing with up to 256 colors, it will be a little more
difficult for you, but you should give it a try (or more, because
most of the power of this program won't show up on the first try).
Then, you might eventually like to draw the oldskool way !
|
|
graphics/py-graphviz
|
|
|
|
|
|
|
|
Changelog:
Version 1.2.1:
* Fix failure to start under GLib 2.48.
* Fix failure to start when config and user data dirs are missing.
* GNOME: Update mypaint.appdata.xml.
* Fix failure to start when no translations are present.
* Fix pure-black being duplicated in the colour history.
* Fix glitch stroke when Inking is exited & the default tool entered.
* OSX: fix exception if AppKit isn't installed.
* Fix mispositioned windows in multi-monitor setups.
* Windows: fix inability to paste more than the 1st copied image.
* Fix exception when pasting into a layer group.
* Fix incorrect numeric range check on x-axis tilts.
* Fix layers blinking when selected in layer-solo mode.
* Fix palette drag issues with GTK 3.19.8+.
* Fix exception in the colours tab of the background chooser dialog.
* Fix UI glitch: mark cloned layer as selected after duplicate.
* Fix a potential exception with the brush and colur history features.
* About box: report versions better un Windows.
* Make sure layer clones get selected immediately.
* Fix hypersensitive tab drags.
* Fix allelerator mapping sort order.
* Fix exceptions when loading a corrupt thumbnail during thumb updates.
* Fix GTK removing the main canvas widget.
* BrushManager: use UUIDs for device brush names, backwards-compatibly.
* Fix repeated pixbuflist redraws.
* Windows: drop support for floating windows till upstream support's OK.
* Wayland: remove references to cursors that don't exist.
Version 1.2.0:
* New intuitive Inking tool for smooth strokes.
* New Flood Fill tool.
* Automated backups of your working docs, with recovery on startup.
* Improved symmetry-setting and frame-setting modes.
* New workspace UI: two sidebars, with dockable tabbed panels.
* Smoother scrolling and panning.
* New brush pack.
* New brush and color history panel.
* New layer trimming command in frame options.
* Added layer groups.
* New layer modes: several masking modes added.
* Add display filters: greyscale, simulate dichromacy for trichromats.
* New color wheel options: Red/Yellow/Blue, Red-Green/Blue-Yellow.
* Uses dark theme variant by default.
* Clearer icons, prettier freehand cursors.
* Device prefs allow glitchy devices to be restricted.
* Eraser mode no longer changes the size of the brush.
* New vector layers, editable in an external app (Inkscape recommended).
* New fallback layer types: non-PNG image, data.
* More kinds of images now work as backgrounds.
* Improved Windows support
* Ported to GTK3.
* Accelerator map editor has moved to preferences.
* Many other bugfixes, translations, and code quality improvements.
|
|
|
|
|
|
Pylint 2.0:
* trailing-comma-tuple can be emitted for return statements as well.
* Fix a false positive inconsistent-return-statements message when exception is raised
inside an else statement.
* ImportFrom nodes correctly use the full name for the import sorting checks.
* [].extend and similar builtin operations don't emit dict-*-not-iterating with the Python 3 porting checker
* Add a check consider-using-dict-comprehension which is emitted if for dict initialization
the old style with list comprehensions is used.
* Add a check consider-using-set-comprehension which is emitted if for set initialization
the old style with list comprehensions is used.
* logging-not-lazy is emitted whenever pylint infers that a string is built with addition
* Add a check chained-comparison which is emitted if a boolean operation can be simplified
by chaining some of its operations.
e.g "a < b and b < c", can be simplified as "a < b < c".
* Add a check consider-using-in for comparisons of a variable against
multiple values with "==" and "or"s instead of checking if the variable
is contained "in" a tuple of those values.
* in is considered iterating context for some of the Python 3 porting checkers
* Add --ignore-none flag to control if pylint should warn about no-member where the owner is None
* Fix a false positive related to too-many-arguments and bounded __get__ methods
* mcs as the first parameter of metaclass's __new__ method was replaced by cls
* assignment-from-no-return considers methods as well.
* Support typing.TYPE_CHECKING for *unused-import* errors
* Inferred classes at a function level no longer emit invalid-name
when they don't respect the variable regular expression
* Added basic support for postponed evaluation of function annotations.
* Fix a bug with missing-kwoa and variadics parameters
* simplifiable-if-statement takes in account only when assigning to same targets
* Make len-as-condition test more cases, such as len() < 1 or len <= 0'
* Fix false-positive line-too-long message emission for
commented line at the end of a module
* Fix false-positive bad-continuation for with statements
* Don't warn about stop-iteration-return when using next() over itertools.count
* Add a check consider-using-get for unidiomatic usage of value/default-retrieval
for a key from a dictionary
* invalid-slice-index is not emitted when the slice is used as index for a complex object.
We only use a handful of known objects (list, set and friends) to figure out if
we should emit invalid-slice-index when the slice is used to subscript an object.
* Don't emit unused-import anymore for typing imports used in type comments.
* Add a new check 'useless-import-alias'.
* Add comparison-with-callable to warn for comparison with bare callable, without calling it.
* Don't warn for missing-type-doc and/or missing-return-type-doc, if type
annotations exist on the function signature for a parameter and/or return type.
* Add --exit-zero option for continuous integration scripts to more
easily call Pylint in environments that abort when a program returns a
non-zero (error) status code.
* Warn if the first argument of an instance/ class method gets assigned
* New check comparison-with-itself to check comparison between same value.
* Add a new warning, 'logging-fstring-interpolation', emitted when f-string
is used within logging function calls.
* Don't show 'useless-super-delegation' if the subclass method has different type annotations.
* Add unhashable-dict-key check.
* Don't warn that a global variable is unused if it is defined by an import
* Skip wildcard import check for __init__.py.
* The Python 3 porting mode can now run with Python 3 as well.
* too-few-public-methods is not emitted for dataclasses.
* New verbose mode option, enabled with --verbose command line flag, to
display of extra non-checker-related output. It is disabled by default.
* undefined-loop-variable takes in consideration non-empty iterred objects before emitting
* Add support for numpydoc optional return value names.
* singleton-comparison accounts for negative checks
* Add a check consider-using-in for comparisons of a variable against
multiple values with "==" and "or"s instead of checking if the variable
is contained "in" a tuple of those values.
* defaultdict and subclasses of dict are now handled for dict-iter-* checks
* logging-format-interpolation also emits when f-strings are used instead of % syntax.
* Don't trigger misplaced-bare-raise when the raise is in a finally clause
* Add a new check, possibly-unused-variable.
This is similar to unused-variable, the only difference is that it is
emitted when we detect a locals() call in the scope of the unused variable.
The locals() call could potentially use the said variable, by consuming
all values that are present up to the point of the call. This new check
allows to disable this error when the user intentionally uses locals()
to consume everything.
* no-else-return accounts for multiple cases
The check was a bit overrestrictive because we were checking for
return nodes in the .orelse node. At that point though the if statement
can be refactored to not have the orelse. This improves the detection of
other cases, for instance it now detects TryExcept nodes that are part of
the .else branch.
* Added two new checks, invalid-envvar-value and invalid-envvar-default.
The former is trigger whenever pylint detects that environment variable manipulation
functions uses a different type than strings, while the latter is emitted whenever
the said functions are using a default variable of different type than expected.
* Add a check consider-using-join for concatenation of strings using str.join(sequence)
* Add a check consider-swap-variables for swapping variables with tuple unpacking
* Add new checker try-except-raise that warns the user if an except handler block
has a raise statement as its first operator. The warning is shown when there is
a bare raise statement, effectively re-raising the exception that was caught or the
type of the exception being raised is the same as the one being handled.
* Don't crash on invalid strings when checking for logging-format-interpolation
* Exempt __doc__ from triggering a redefined-builtin
__doc__ can be used to specify a docstring for a module without
passing it as a first-statement string.
* Fix false positive bad-whitespace from function arguments with default
values and annotations
* Fix stop-iteration-return false positive when next builtin has a
default value in a generator
* Fix emission of false positive no-member message for class with "private" attributes whose name is mangled.
* Fixed a crash which occurred when Uninferable wasn't properly handled in stop-iteration-return
* Use the proper node to get the name for redefined functions
* Don't crash when encountering bare raises while checking inconsistent returns
* Fix a false positive inconsistent-return-statements message when if statement is inside try/except.
* Fix a false positive inconsistent-return-statements message when while loop are used.
* Correct column number for whitespace conventions.
Previously the column was stuck at 0
* Fix unused-argument false positives with overshadowed variable in
dictionary comprehension.
* Fix false positive inconsistent-return-statements message when never
returning functions are used (i.e sys.exit for example).
* Fix error when checking if function is exception, as in bad-exception-context.
* Fix false positive inconsistent-return-statements message when a
function is defined under an if statement.
* New useless-return message when function or method ends with a "return" or
"return None" statement and this is the only return statement in the body.
* Fix false positive inconsistent-return-statements message by
avoiding useless exception inference if the exception is not handled.
* Fix bad thread instantiation check when target function is provided in args.
* Fixed false positive when a numpy Attributes section follows a Parameters
section
* Fix incorrect file path when file absolute path contains multiple path_strip_prefix strings.
* Fix false positive undefined-variable for lambda argument in class definitions
* Add of a new checker that warns the user if some messages are enabled or disabled
by id instead of symbol.
* Suppress false-positive not-callable messages from certain
staticmethod descriptors
* Fix indentation handling with tabs
* Fix false-positive bad-continuation error
* Fix false positive unused-variable in lambda default arguments
* Updated the default report format to include paths that can be clicked on in some terminals (e.g. iTerm).
* Fix inline def behavior with too-many-statements checker
* Fix KeyError raised when using docparams and NotImplementedError is documented.
* Fix 'method-hidden' raised when assigning to a property or data descriptor.
* Fix emitting useless-super-delegation when changing the default value of keyword arguments.
* Expand ignored-argument-names include starred arguments and keyword arguments
* Fix false-postive undefined-variable in nested lambda
* Fix false-positive bad-whitespace message for typing annoatations
with ellipses in them
|
|
astroid 2.0:
* String representation of nodes takes in account precedence and associativity rules of operators.
* Fix loading files with modutils.load_from_module when
the path that contains it in sys.path is a symlink and
the file is contained in a symlinked folder.
* Reworking of the numpy brain dealing with numerictypes
(use of inspect module to determine the class hierarchy of
numpy.core.numerictypes module)
* Added inference support for starred nodes in for loops
* Support unpacking for dicts in assignments
* Add support for inferring functools.partial
* Inference support for dict.fromkeys
* int() builtin is inferred as returning integers.
* str() builtin is inferred as returning strings.
* DescriptorBoundMethod has the correct number of arguments defined.
* Improvement of the numpy numeric types definition.
* Subclasses of *property* are now interpreted as properties
* AsStringRegexpPredicate has been removed.
Use transform predicates instead of it.
* Switched to using typed_ast for getting access to type comments
As a side effect of this change, some nodes gained a new type_annotation attribute,
which, if the type comments were correctly parsed, should contain a node object
with the corresponding objects from the type comment.
* typing.X[...] and typing.NewType are inferred as classes instead of instances.
* Module.__path__ is now a list
It used to be a string containing the path, but it doesn't reflect the situation
on Python, where it is actually a list.
* Fix a bug with namespace package's __path__ attribute.
* Added brain tips for random.sample
* Add brain tip for issubclass builtin
* Fix submodule imports from six
* Fix missing __module__ and __qualname__ from class definition locals
* Fix a crash when __annotations__ access a parent's __init__ that does not have arguments
* Fix multiple objects sharing the same InferenceContext.path causing uninferable results
* Fix improper modification of col_offset, lineno upon inference of builtin functions
* Subprocess.Popen brain now knows of the args member
* add move_to_end method to collections.OrderedDict brain
* Include new hashlib classes added in python 3.6
* Fix RecursionError for augmented assign
* Add missing attrs special attribute
* Inference now understands the 'isinstance' builtin
* Stop duplicate nodes with the same key values
from appearing in dictionaries from dictionary unpacking.
* Fix contextlib.contextmanager inference for nested context managers
* Implement inference for len builtin
* Add qname method to Super object preventing potential errors in upstream
pylint
* Stop astroid from getting stuck in an infinite loop if a function shares
its name with its decorator
* Fix issue with inherited __call__ improperly inferencing self
* Fix __call__ precedence for classes with custom metaclasses
* Limit the maximum amount of interable result in an NodeNG.infer() call to
100 by default for performance issues with variables with large amounts of
possible values.
The max inferable value can be tuned by setting the max_inferable_values flag on
astroid.MANAGER.
|
|
|
|
build fix for newer qt.
bump PKGREVISION.
|
|
|
|
|
|
This is a bug fix release, and includes a few important security fixes.
It is strongly recommended that IMAP and POP users upgrade as soon as
possible.
|
|
|
|
version 1.32:
* Fixes a problem with gpgrt_fflush and gpgrt_fopencookie.
* Fixes a problem with the C11 header stdnoreturn.h.
* The yat2m tool can now also be build on Windows.
* Updates translations for Spanish, Russian and Ukrainian.
|
|
0.7.0:
Unknown changes.
|
|
|
|
Changes in version 0.3.3.9 - 2018-07-13
Tor 0.3.3.9 moves to a new bridge authority, meaning people running
bridge relays should upgrade.
o Directory authority changes:
- The "Bifroest" bridge authority has been retired; the new bridge
authority is "Serge", and it is operated by George from the
TorBSD project. Closes ticket 26771.
|
|
|
|
|
|
tablewriter generates ASCII table on the fly.
|
|
|
|
Changes since 1.8.1:
- Export language.RegisterPluralFunc
- Export language.Operand
- Update to CLDR 31.0.1
- Fix panic in goi18n command
- Export language.GetPluralSpec
|
|
|
|
AST-2017-005, AST-2017-006, and AST-2017-008. There was no release
announcement as only security patches were issued. I just found
this update while looking to see what updates I was missing for
more recent versions of Asterisk. The Asterisk 11.x series was
declared end-of-life on Oct. 25th, 2017, so there will not be any
more updates to this package (other then PKGREVISION bumps for
dependencies) before it gets deleted. There is a reasonable chance
that there are unpatched vulnerabilities in this package. Anybody
still using it should upgrade a newer version as soon as possibble.
----- AST-2017-2005 -----
Description The "strictrtp" option in rtp.conf enables a feature of the
RTP stack that learns the source address of media for a
session and drops any packets that do not originate from
the expected address. This option is enabled by default in
Asterisk 11 and above.
The "nat" and "rtp_symmetric" options for chan_sip and
chan_pjsip respectively enable symmetric RTP support in the
RTP stack. This uses the source address of incoming media
as the target address of any sent media. This option is not
enabled by default but is commonly enabled to handle
devices behind NAT.
A change was made to the strict RTP support in the RTP
stack to better tolerate late media when a reinvite occurs.
When combined with the symmetric RTP support this
introduced an avenue where media could be hijacked. Instead
of only learning a new address when expected the new code
allowed a new source address to be learned at all times.
If a flood of RTP traffic was received the strict RTP
support would allow the new address to provide media and
with symmetric RTP enabled outgoing traffic would be sent
to this new address, allowing the media to be hijacked.
Provided the attacker continued to send traffic they would
continue to receive traffic as well.
Resolution The RTP stack will now only learn a new source address if it
has been told to expect the address to change. The RTCP
support has now also been updated to drop RTCP reports that
are not regarding the RTP session currently in progress. The
strict RTP learning progress has also been improved to guard
against a flood of RTP packets attempting to take over the
media stream.
----- AST-2017-006 -----
Description The app_minivm module has an "externnotify" program
configuration option that is executed by the MinivmNotify
dialplan application. The application uses the caller-id
name and number as part of a built string passed to the OS
shell for interpretation and execution. Since the caller-id
name and number can come from an untrusted source, a
crafted caller-id name or number allows an arbitrary shell
command injection.
Resolution Patched Asterisk's app_minivm module to use a different
system call that passes argument strings in an array instead
of having the OS shell determine the application parameter
boundaries.
----- AST-2017-008 -----
Description This is a follow up advisory to AST-2017-005.
Insufficient RTCP packet validation could allow reading
stale buffer contents and when combined with the "nat" and
"symmetric_rtp" options allow redirecting where Asterisk
sends the next RTCP report.
The RTP stream qualification to learn the source address of
media always accepted the first RTP packet as the new
source and allowed what AST-2017-005 was mitigating. The
intent was to qualify a series of packets before accepting
the new source address.
Resolution The RTP/RTCP stack will now validate RTCP packets before
processing them. Packets failing validation are discarded.
RTP stream qualification now requires the intended series of
packets from the same address without seeing packets from a
different source address to accept a new source address.
|
|
|
|
|
|
Asterisk is a complete PBX in software. It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.
Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).
This is a standard version. It is scheduled to go to security
fixes only on October 3th, 2018, and EOL on October 3th, 2019.
See here for more information about Asterisk versions:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions
|
|
|
|
PR pkg/43947
|
|
pkgsrc-users@ a few weeks ago. This package is ancient and has
been EOL for a couple of years. It likely has numerous security
issues. Also, the PKGNAME will conflict with the upcoming Asterisk
18.* in a couple of years times. There were no objections.
|
|
|
|
|
|
2018-07-16 Richard Russon <rich@flatcap.org>
* Features
- <check-stats> function
* Bug Fixes
- Lots
|
|
|
|
|
|
Changes:
0.4.5
-----
* raise minimum Python version to 3.5.3
* add support for Python 3.7
* improve markup parsing
* fix crash on event for unloaded conversion
* add compatibility with aiohttp 3
|
|
|
|
|
