Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
PulledPork is a script for Snort and Suricata rule management.
|
|
This is a HUGE bump, so look at the changelog on the Snort website !
For example, Snort does not natively handle MySQL anymore.
As for the pkgsrc changes :
- updated deps (net/daq) ;
- updated config files ;
- updated MASTER_SITE ;
- some substitution to handle pkgsrc paths ;
- updated compile options.
|
|
2.1.7
- Functional ovh provider
2.1.6
- Reinstate gandi provider, by handling import of
xmlrpc.client/xmlrpclib depending of Python version
|
|
|
|
|
|
Enhancements
- Add the 2017 DNSSEC root key
- Add support for RPZ wildcarded target names.
- Speed up RPZ zone loading and add a zoneSizeHint parameter to
rpzFile and rpzMaster for faster reloads
- Make the RPZ summary consistent and log additions/removals at debug
level, not info
- Update Ed25519 algorithm number and mnemonic and hook up to the
Recursor
- Add use-incoming-edns-subnet option to process and pass along ECS
and fix some ECS bugs in the process
- Refuse to start with chroot set in a systemd env
- Handle exceptions raised by closesocket() to prevent process
termination
- Document missing top-pub-queries and top-pub-servfail-queries
commands for rec_control
- IPv6 address for g.root-servers.net added
- Log outgoing queries / incoming responses via protobuf
Bug fixes
- Correctly lowercase the TSIG algorithm name in hash computation
- Clear the RPZ NS IP table when clearing the policy, this prevents
false positives
- Fix cache-only queries against a forward-zone
- Only delegate if NSes are below apex in auth-zones
- Remove hardcoding of port 53 for TCP/IP forwarded zones in recursor
- Make sure labelsToAdd is not empty in getZoneCuts()
- Wait until after daemonizing to start the outgoing protobuf thread,
prevents hangs when the protobuf server is not available
- Ensure (re)priming the root never fails
- Don't age the root, fixes a regression from 3.x
- Fix exception when sending a protobuf message for an empty question
- LuaWrapper: Allow embedded NULs in strings received from Lua
- Fix coredumps on illumos/SmartOS
- StateHolder: Allocate (and copy if needed) before taking the lock
- SuffixMatchNode: Fix insertion issue for an existing node
- Fix negative port detection for IPv6 addresses on 32-bit systems
|
|
--- 9.9.10-P1 released ---
4632. [security] The BIND installer on Windows used an unquoted
service path, which can enable privilege escalation.
(CVE-2017-3141) [RT #45229]
4631. [security] Some RPZ configurations could go into an infinite
query loop when encountering responses with TTL=0.
(CVE-2017-3140) [RT #45181]
|
|
--- 9.10.5-P1 released ---
4632. [security] The BIND installer on Windows used an unquoted
service path, which can enable privilege escalation.
(CVE-2017-3141) [RT #45229]
4631. [security] Some RPZ configurations could go into an infinite
query loop when encountering responses with TTL=0.
(CVE-2017-3140) [RT #45181]
|
|
V0.92
added a few arguments to calls added by fmazu. Allows it to compile.
V0.91
only made the tag point to the proper commit. --REW
script now handles that situation (aborted release script) better.
V0.90
only fixed the release script. Should now contain fmaxullo's
patch. --rew
fmazullo (1):
Add AS number to json output
V0.89
only made the tag point to the proper commit. --REW
V0.88
Antonio Querubin (3):
Merge remote-tracking branch 'origin/master' into newdns
Need to error check getnameinfo().
Merge remote-tracking branch 'origin/master' into newdns
David Hill (1):
include <sys/select.h> for fd_set
Jakub Wilk (1):
Fix typos
Joe Bruggeman (2):
Replace all tabs tabs in net.c with spaces
cleanup the if blocks in net.c to improve readability
Jürgen Weigert (1):
Mention + and - keys in the man page
Kacper Michajłow (2):
Relax mtr-packet search rules.
Add missing errno.h include.
Matt Kimball (20):
Added mtr-packet subprocess
test: Fix mtr-packet tests for Python 3
cmdline: multiple host names dropped all but one host (issue #168)
mtr-packet: IPv6 support
mtr-packet: UDP probe support
mtr-packet: packet customization options (size, fill, mark, tos)
mtr-packet: TCP and SCTP probes
mtr-packet: MPLS decoding and local UDP port usage
mtr-packet: allow local address binding
Merge branch mtr-packet into 'master'
mtr-packet: drop capabilities + using BSD's linked lists for probes
build: moved front-end source into ui subdir
build: use AC_CHECK_LIB for ncurses, rather than pkg-tool
mtr-packet: Fall back to IPv4 only support if IPv6 sockets fail to open
build: if linking with ncurses fails, try curses (for NetBSD)
build: Fix Solaris build issues
build: fix compiler warnings when for OpenBSD, NetBSD and Solaris
mtr-packet: Report probe status on host unreachable (Cygwin)
cleanup: Fix #ifdef structure which confuses 'ident'
cleanup: reindented C source with GNU indent
Narthorn (2):
Initialize dns process before opening display
Add displaymode 2 back in
R.E. Wolff (19):
Merge branch 'newdns' of https://github.com/traviscross/mtr into newdns
Merge branch 'newdns'
fixed double printout of start time, issue 131
Updated NEWS as in v0.87.1
format sent and rcvd fields correctly for big numbers #66
increased default unknownhosts #92 #132 #130 (I give in).
Merge branch 'master' of github.com:traviscross/mtr
fixed no-gtk build bug introduced with e2d898cc
more cleanup
Partial reverse of 6bb5b6b3b.
re-initialize ipinfo_no and -max. Fixes #161.
Merge branch 'master' of github.com:traviscross/mtr
fixed dynamic DNS on/off switch. Fixed #160
header alignment issue found&fixed by meingtsla. Fixes #164
Merge branch 'master' of github.com:traviscross/mtr
asn fix from meingtsla, fixes #163. Pong!
put ifdefs around IPV6 only part. Fixes #184
More whitespace mangling for consistency in net.c
The release script bumped the version number
Roger Wolff (22):
New DNS works for IPV4....
moved towards IPV6 compatibilty...
removed the include mess...
merged antonios's bufsize fixes
Merge branch 'master' of github.com:traviscross/mtr into newdns
AQ: Added include for redhat, and fixed salen for BSD
removed last debug output from dns.c
One more patch to fix a getnameinfo corruption problem. -- AQ
Rogier Wolff (5):
removed AC check for features newdns doesn't use
Fixed pull #133 another way....
fixed #27 and #35 where the fix was tested a long time ago.
fixed #141 compile without SCTP if not available
fixed typo.
Sami Kerola (122):
warnings: remove unnecessary file
usage: add short and long options and descriptions to usage()
warnings: stop variable shadowing
dns: remove unnecessary dns_events() function
posix: replace bzero() and index() with modern equivelants
warnings: stop reassigning a value before the old one has been used
warnings: remove code that cannot be reached
warnings: fix printf data types
cleanup: remove unnecessary null check
build-sys; do not use subdirectory object
man: use url macro to urls and fix reference manual notations
build-sys: default to ,/configure --enable-silent-rules
warnings: do not take abs() when data type is unsigned
warnings: mark unused function input variables
warnings: fix couple unsigned vs signed variable comparisions
warnings: multiply timeval seconds only when the value is small
warnings: fix some missed unsigned vs signed variable comparisions
comment: add value range note to initialization
cast: do not downgrade to float when double should be used
warnings: remove dead code
build-sys: fix make distcheck
build-sys: remove old dist Makefile kludge
build-sys: use build version script from gnulib
build-sys: improve configure.am
build-sys: require automake 1.11.6 or newer
warnings: fix unused variable when ./configure --without-gtk is used
readability: always use EXIT_* definitions from stdlib.h
cleanup: remove unnecessary function
warnigns: add void to functions that do not take any arguments
build-sys: fix --without-ipinfo regressions
build-sys: fix ./configure --disable-ipv6
warnings: fix --disable-ipv6 --without-ipinfo compilation warnings
build-sys: check pkg-config availability
build-sys: use pkg-config to find gtk+-2.0
build-sys: use pkg-config to find ncurses
build-sys: get rid of double negative ipinfo autotools settings
cleanup: remove NO_SPLIT preprocessor check
build-sys: simplify finding resolver library
build-sys: remove unused autoconf check values
cleanup: remove obsolete herror() function
usage: reflect ./configure choices in available command line options
cleanup: remove preprocessor missing functions go-arounds
usage: be careful when parsing numeric user input
usage: use error(3) error-reporting function
cleanup: move max port number to be a define in net.h
build-sys: use system getopt_long() when it is available
build-sys: tell function locality explicitly
portability: fix float max check from values.h
portability: MacOS does not have error() function
portability: fix MacOS libresolv usage
data types: set static strings to be read-only
cleanup: remove redundant redeclaration
data types: move variable declaration from header to .c file
data types: check with smatch everything is in resonable scope
warnings: fix use of uninitialized warning
data types: get rid of all globals that are easy to remove
usability: fix --mark documentation
docs: make manual page versioning automatic
data types: move global data to control structures
data types: make control structure smaller
data types: move rest of the global variables to control structures
crash fix: make --xml not to dump core
warnings: correct function pointer prototype argument
warnings: do not use zero as NULL
warnings: avoid vla when malloc() is more appropriate
usability: print usage() if unknown options are used
cleanup: use definition for a magic value appearing twice in code
cleanup: remove commented out includes in dns.c
cleanup: avoid duplicating stdint.h
cleanup: use ICMP definitions from linux/icmp.h when possible
cleanup: move generic utility functions to a separate file
reliability: ensure string copy results to a null determined string
reliability: further removal of unsave string operation
reliability: always check malloc() return value
reliability: always check strdup() return value
reliability: check writing to stdout and stderr was successful
usability: use ISO-8601 timestamp
posix: do not use time(2) input argument
usability: add bash-completion file
bug fix: long option --gracetime is correct, --graceperiod is not
performance: use fewer printw() calls to center text
cleanup: merge two trim functions to one
crash fix: add ctl structure to gtk Pause_clicked() handler
crash fix: never return const string as address
crash fix: ctl->iiwidth_len was not initialized correctly
cleanup: make unused and const attributes to look the same
performance: make get_iiwidth() to be const function
cleanup: remove more/bottom labels header separation from mpls
cleanup: set variable only if it is used
cleanup: correct display_offset variable usage
cleanup: remove message duplicate
performance: set few variables read-only
docs: add Sami Kerola to authors
performance: make reset in net.c more effective
portability: fix bsd build
warnings: ensure printf will not overflow
misc: improve random initialization
net: fix net_reopen() initialization
warnings: fix warnings when everything possible is turned on
curses: simplify format_number()
curses: use switch case in mtr_curses_keyaction()
cleanup: remove dead code
style: convert c++ comment style to c style
display: avoid unnecessary switch case clauses
curses: convert magic numbers to an enum list
data types: move variables from a file to a function scope
cleanup: move file scope variables to the beginning of file
data types: move names list away from global scope
cleanup: move definitions and struct declarations to mtr.h
cleanup: clarify preprocessor nesting
build-sys: use proper check to find if time_t is defined
build-sys: enable all system extensions
regression: fix --displaymode=2 argument
user interface: do not allow out of range --ipinfo arguments
cleanup: use single logic to handle conditional options
docs: add very basic --sctp documentation to manual page
docs: improve mtr-packet(8) manual page
build-sys: update .gitignore file
smatch: extern keyword is needed only in header
smatch: fix couple warnings
build-sys: update .gitignore file
docs: FSF moved back in 2005
Vlad Glagolev (1):
respect theme foreground color
aquerubin (5):
Correct psize for IPv6.
Merge updates from branch 'master' into newdns
Merge branch 'master' into newdns
Merge branch 'newdns' of https://github.com/aquerubin/mtr into newdns
Fix standard deviation calculation.
|
|
Changes in version 0.3.0.8 - 2017-06-08
Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to
remotely crash a hidden service with an assertion failure. Anyone
running a hidden service should upgrade to this version, or to some
other version with fixes for TROVE-2017-004 and TROVE-2017-005.
Tor 0.3.0.8 also includes fixes for several key management bugs
that sometimes made relays unreliable, as well as several other
bugfixes described below.
o Major bugfixes (hidden service, relay, security, backport
from 0.3.1.3-alpha):
- Fix a remotely triggerable assertion failure when a hidden service
handles a malformed BEGIN cell. Fixes bug 22493, tracked as
TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
- Fix a remotely triggerable assertion failure caused by receiving a
BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
on 0.2.2.1-alpha.
o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
- When performing the v3 link handshake on a TLS connection, report
that we have the x509 certificate that we actually used on that
connection, even if we have changed certificates since that
connection was first opened. Previously, we would claim to have
used our most recent x509 link certificate, which would sometimes
make the link handshake fail. Fixes one case of bug 22460; bugfix
on 0.2.3.6-alpha.
o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha):
- Regenerate link and authentication certificates whenever the key
that signs them changes; also, regenerate link certificates
whenever the signed key changes. Previously, these processes were
only weakly coupled, and we relays could (for minutes to hours)
wind up with an inconsistent set of keys and certificates, which
other relays would not accept. Fixes two cases of bug 22460;
bugfix on 0.3.0.1-alpha.
- When sending an Ed25519 signing->link certificate in a CERTS cell,
send the certificate that matches the x509 certificate that we
used on the TLS connection. Previously, there was a race condition
if the TLS context rotated after we began the TLS handshake but
before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
on 0.3.0.1-alpha.
o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha):
- Stop rejecting v3 hidden service descriptors because their size
did not match an old padding rule. Fixes bug 22447; bugfix on
tor-0.3.0.1-alpha.
o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
- Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
December 2016 (of which ~126 were still functional) with a list of
151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
2017. Resolves ticket 21564.
o Minor bugfixes (configuration, backport from 0.3.1.1-alpha):
- Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes
bug 22252; bugfix on 0.2.9.3-alpha.
o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
- Avoid undefined behavior when parsing IPv6 entries from the geoip6
file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha):
- Lower the lifetime of the RSA->Ed25519 cross-certificate to six
months, and regenerate it when it is within one month of expiring.
Previously, we had generated this certificate at startup with a
ten-year lifetime, but that could lead to weird behavior when Tor
was started with a grossly inaccurate clock. Mitigates bug 22466;
mitigation on 0.3.0.1-alpha.
o Minor bugfixes (memory leak, directory authority, backport from
0.3.1.2-alpha):
- When directory authorities reject a router descriptor due to
keypinning, free the router descriptor rather than leaking the
memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
|
|
1.0.2 Friday June 2nd 2017
- Fix tests for busy server issues
|
|
|
|
|
|
o [Windows] Updated the bundled Npcap from 0.78 to 0.91, with several bugfixes
for WiFi connectivity problems and stability issues. [Daniel Miller, Yang Luo]
o Integrated all of your service/version detection fingerprints submitted from
September to March (855 of them). The signature count went up 2.9% to 11,418.
We now detect 1193 protocols from apachemq, bro, and clickhouse to jmon,
slmp, and zookeeper. Highlights: http://seclists.org/nmap-dev/2017/q2/140
o [NSE] Added 14 NSE scripts from 12 authors, bringing the total up to 566!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below:
o [Ncat] A series of changes and fixes based on feedback from the Red Hat community:
o [NSE][GH-266][GH-704][GH-238][GH-883] NSE libraries smb and msrpc now use
fully qualified paths. SMB scripts now work against all modern versions
of Microsoft Windows. [Paulino Calderon]
o [NSE] smb library's share_get_list now properly uses anonymous connections
first before falling back authenticating as a known user.
o New service probes and matches for Apache HBase and Hadoop MapReduce.
[Paulino Calderon]
o Extended Memcached service probe and added match for Apache ZooKeeper.
[Paulino Calderon]
o [NSE] New script argument "vulns.short" will reduce vulns library script
output to a single line containing the target name or IP, the vulnerability
state, and the CVE ID or title of the vulnerability. [Daniel Miller]
o [NSE][GH-862] SNMP scripts will now take a community string provided like
`--script-args creds.snmp=private`, which previously did not work because it
was interpreted as a username. [Daniel Miller]
o [NSE] Resolved several issues in the default HTTP redirect rules:
- [GH-826] A redirect is now cancelled if the original URL contains
embedded credentials
- [GH-829] A redirect test is now more careful in determining whether
a redirect destination is related to the original host
- [GH-830] A redirect is now more strict in avoiding possible redirect
loops
[nnposter]
o [NSE][GH-766] The HTTP Host header will now include the port unless it is
the default one for a given scheme. [nnposter]
o [NSE] The HTTP response object has a new member, fragment, which contains
a partially received body (if any) when the overall request fails to
complete. [nnposter]
o [NSE][GH-866] NSE now allows cookies to have arbitrary attributes, which
are silently ignored (in accordance with RFC 6265). Unrecognized attributes
were previously causing HTTP requests with such cookies to fail. [nnposter]
o [NSE][GH-844] NSE now correctly parses a Set-Cookie header that has unquoted
whitespace in the cookie value (which is allowed per RFC 6265). [nnposter]
o [NSE][GH-731] NSE is now able to process HTTP responses with a Set-Cookie
header that has an extraneous trailing semicolon. [nnposter]
o [NSE][GH-708] TLS SNI now works correctly for NSE HTTP requests initiated
with option any_af. As an added benefit, option any_af is now available for
all connections via comm.lua, not just HTTP requests. [nnposter]
o [NSE][GH-781] There is a new common function, url.get_default_port(),
to obtain the default port number for a given scheme. [nnposter]
o [NSE][GH-833] Function url.parse() now returns the port part as a number,
not a string. [nnposter]
o No longer allow ICMP Time Exceeded messages to mark a host as down during
host discovery. Running traceroute at the same time as Nmap was causing
interference. [David Fifield]
o [NSE][GH-807] Fixed a JSON library issue that was causing long integers
to be expressed in the scientific/exponent notation. [nnposter]
o [NSE] Fixed several potential hangs in NSE scripts that used
receive_buf(pattern), which will not return if the service continues to send
data that does not match pattern. A new function in match.lua, pattern_limit,
is introduced to limit the number of bytes consumed while searching for the
pattern. [Daniel Miller, Jacek Wielemborek]
o [Nsock] Handle any and all socket connect errors the same: raise as an Nsock
error instead of fatal. This prevents Nmap and Ncat from quitting with
"Strange error from connect:" [Daniel Miller]
o [NSE] Added several commands to redis-info to extract listening addresses,
connected clients, active channels, and cluster nodes. [Vasiliy Kulikov]
o [NSE][GH-679][GH-681] Refreshed script http-robtex-reverse-ip, reflecting
changes at the source site (www.robtex.com). [aDoN]
o [NSE][GH-620][GH-715] Added 8 new http-enum fingerprints for Hadoop
infrastructure components. [Thomas Debize, Varunram Ganesh]
o [NSE][GH-629] Added two new fingerprints to http-default-accounts
(APC Management Card, older NetScreen ScreenOS) [Steve Benson, nnposter]
o [NSE][GH-716] Fix for oracle-tns-version which was sending an invalid TNS
probe due to a string escaping mixup. [Alexandr Savca]
o [NSE][GH-694] ike-version now outputs information about supported attributes
and unknown vendor ids. Also, a new fingerprint for FortiGate VPNs was
submitted by Alexis La Goutte. [Daniel Miller]
o [GH-700] Enabled support for TLS SNI on the Windows platform. [nnposter]
o [GH-649] New service probe and match lines for the JMON and RSE services of
IBM Explorer for z/OS. [Soldier of Fortran]
o Removed a duplicate service probe for Memcached added in 2011 (the original
probe was added in 2008) and reported as duplicate in 2013 by Pavel Kankovsky.
o New service probe and match line for NoMachine NX Server remote desktop.
[Justin Cacak]
o [Zenmap] Fixed a recurring installation problem on OS X/macOS where Zenmap
was installed to /Applications/Applications/Zenmap.app instead of
/Applications/Zenmap.app.
o [Zenmap][GH-639] Zenmap will no longer crash when no suitable temporary
directory is found. Patches contributed by [Varunram Ganesh] and [Sai Sundhar]
o [Zenmap][GH-626] Zenmap now properly handles the -v0 (no output) option,
which was added in Nmap 7.10. Previously, this was treated the same as not
specifying -v at all. [lymanZerga11]
o [GH-630] Updated or removed some OpenSSL library calls that were deprecated
in OpenSSL 1.1. [eroen]
o [NSE] Script ssh-hostkey now recognizes and reports Ed25519 keys [nnposter]
o [NSE][GH-627] Fixed script hang in several brute scripts due to the "threads"
script-arg not being converted to a number. Error message was
"nselib/brute.lua:1188: attempt to compare number with string" [Arne Beer]
|
|
|
|
|
|
|
|
Provides telnet client functionality.
This class also has, through delegation, all the methods of a socket object
(by default, a TCPSocket, but can be set by the Proxy option to new()).
This provides methods such as close() to end the session and sysread() to read
data directly from the host, instead of via the waitfor() mechanism.
Note that if you do use sysread() directly when in telnet mode, you should
probably pass the output through preprocess() to extract telnet command
sequences.
|
|
pkgsrc changes:
- pull upstream fix for redmine ticket #1031 (twitpic gzipped xfer)
- pull changes to use delayer-deferred 2.0.0 for redmine ticket
#916 (extra follow/follower activities) and
#995 (abnormal cpu load with delayer-deferred 1.1.0)
Upstream changes:
- ruby-gnome2 3.1.6
- subcommands that create spec files don't accept . as a pathname
- free memories on loading images earlier
- avoid to use deprecated Gdk::PixbufLoader
|
|
|
|
|
|
Pkgsrc changes:
===============
* Update dependencies to match requirements.txt
* Adapt to PLIST changes
Upstream changes:
=================
Release 2.1.3
-------------
Features Added:
* Ephemeral config support #707
* Add a srx_cluster_redundancy_group fact. #711
Bugs Fixed:
* ignore_warning fails when single that is first child of . #712
* mode='telnet' did not logout non-cli user #713
* JSONLoadError was thrown when load valid JSON config #717/#718
* Fix XML normalization feature when using NETCONF over console. #719/#720
* Handle differences in |display xml rpc #722
Release 2.1.2
-------------
Bugs Fixed:
* Doc badge was pointing to older version #694
* Fix new-style fact gathering for SRX clusters. #697/#698
* Properly handle SW upgrades on multi-RE and/or multi-chassis
systems when using new-style fact gathering. #700
* Raise JSONLoadError if json config is malformed #706
* Handle ConnectClosedError exception for lock() and unlock() #708
Release 2.1.1
-------------
Bugs Fixed:
* Fix regressions caused by ignore_warning. #691
Release 2.1.0
-------------
Features Added:
* Enhanced fact gathering. Facts are now gathered "on demand."
Additional facts are added.
* The definition of facts and return values are properly documented. #638
* Support for YANG get RPCs. #672
* Add an ignore_warning argument to suppress RpcError exceptions
for warnings. #672/#685
* Enhanced the sw.install() method with basic ISSU and NSSU
support using the issu and nssu
* boolean arguments. #606/#630/#632
* ** NSSU support has not yet been tested and should currently
be considered experimental.
* Provide a master property and a re_name property for Device. #682
* Enhanced reboot() method to take an all_re boolean parameter
which controls if only the connected
* Routing Engine, or all Routing Engines, are rebooted. #613
* Enhanced the warning message produced by the cli() method to
recommend the corresponding
* dev.rpc.<method>() call. #603
* Add support for update parameter to configuration load() method. #681
* Added directory_usage to utils #629/#631/#636
* Adding support for NFX/JDM fact gathering. #652/#659
* Connected property. #664
Bugs Fixed:
* Updated the interface-name glob pattern to correctly match
et-<x>/<y>/<z> interfaces
* in several tables and views. #609
* Take care of special chars on screen during console connection. #610
* Address issue with fact gathering stopping when it encounters
a problem. #615
* Minor typos fixed in RuntimeError exception message and in comments. #621
* Added console_has_banner parameter. #622
* Add CentOS Support to install instructions #623
* Key value is needed in _IsisAdjacencyLogTable #627
* Improved functionality and documentation of Docker build.
#637/#673/#674/#677
* added remote port ID to lldp.yml (OP) #645
* Fix documentation for rollback() #647
* Fix for fact gathering pprint. #660/#661
* update ospf view, add bgp/inventory #665
* Updated doc string for close function #686
* Add Travis builds for Python 3.5 and 3.6 #687
* StartShell.run to take this as None for non returning commands #680
* Modify ignore_warning return value to mimic normal RPC return value. #688
Release 2.0.1
-------------
* StartShell to take timeout (30 second by default) as paramter
* Proper exception handling in case of Console connection #595
* Fix: Config.lock() return exception when normalize is on
* Added microbadge badge for the Docker image #593
* Fix: print dev for Console conn was printing object not Device(....) #591
* Fix: To take care of special chars with StartShell->run function call #589
* Fix: ssh private key file to be considered for scp util #586
* Added Dockerfile to enable automated image builds on project commits #585
|
|
Pkgsrc changes:
* Adapt PLIST and patch to README.rst.
Upstream changes:
v0.5.3
- Add notifications support
- Add support for ecdsa keys
- Various bug fixes
|
|
|
|
Py-scp is a pure python scp module.
The scp.py module uses a paramiko transport to send and recieve
files via the scp1 protocol. This is the protocol as referenced
from the openssh scp program, and has only been tested with this
implementation.
|
|
|
|
Changes:
version 2017.06.05
Core
* [YoutubeDL] Don't emit ANSI escape codes on Windows (#13270)
Extractors
+ [bandcamp:weekly] Add support for bandcamp weekly (#12758)
* [pornhub:playlist] Fix extraction (#13281)
- [godtv] Remove extractor (#13175)
* [safari] Fix typo (#13252)
* [youtube] Improve chapters extraction (#13247)
* [1tv] Lower preference for HTTP formats (#13246)
* [francetv] Relax URL regular expression
* [drbonanza] Fix extraction (#13231)
* [packtpub] Fix authentication (#13240)
version 2017.05.29
Extractors
* [youtube] Fix DASH MPD extraction for videos with non-encrypted format URLs
(#13211)
* [xhamster] Fix uploader and like/dislike count extraction (#13216))
+ [xhamster] Extract categories (#11728)
+ [abcnews] Add support for embed URLs (#12851)
* [gaskrank] Fix extraction (#12493)
* [medialaan] Fix videos with missing videoUrl (#12774)
* [dvtv] Fix playlist support
+ [dvtv] Add support for DASH and HLS formats (#3063)
+ [beam:vod] Add support for beam.pro/mixer.com VODs (#13032))
* [cbsinteractive] Relax URL regular expression (#13213)
* [adn] Fix formats extraction
+ [youku] Extract more metadata (#10433)
* [cbsnews] Fix extraction (#13205)
version 2017.05.26
Core
+ [utils] strip_jsonp() can recognize more patterns
* [postprocessor/ffmpeg] Fix metadata filename handling on Python 2 (#13182)
Extractors
+ [youtube] DASH MPDs with cipher signatures are recognized now (#11381)
+ [bbc] Add support for authentication
* [tudou] Merge into youku extractor (#12214)
* [youku:show] Fix extraction
* [youku] Fix extraction (#13191)
* [udemy] Fix extraction for outputs' format entries without URL (#13192)
* [vimeo] Fix formats' sorting (#13189)
* [cbsnews] Fix extraction for 60 Minutes videos (#12861)
version 2017.05.23
Core
+ [downloader/external] Pass -loglevel to ffmpeg downloader (#13183)
+ [adobepass] Add support for Bright House Networks (#13149)
Extractors
+ [streamcz] Add support for subtitles (#13174)
* [youtube] Fix DASH manifest signature decryption (#8944, #13156)
* [toggle] Relax URL regular expression (#13172)
* [toypics] Fix extraction (#13077)
* [njpwworld] Fix extraction (#13162, #13169)
+ [hitbox] Add support for smashcast.tv (#13154)
* [mitele] Update app key regular expression (#13158)
version 2017.05.18.1
Core
* [jsinterp] Fix typo and cleanup regular expressions (#13134)
version 2017.05.18
Core
+ [jsinterp] Add support for quoted names and indexers (#13123, #13124, #13125,
#13126, #13128, #13129, #13130, #13131, #13132)
+ [extractor/common] Add support for schemeless URLs in _extract_wowza_formats
(#13088, #13092)
+ [utils] Recognize more audio codecs (#13081)
Extractors
+ [vier] Extract more metadata (#12539)
* [vier] Improve extraction (#12801)
+ Add support for authentication
* Bypass authentication when no credentials provided
* Improve extraction robustness
* [dailymail] Fix sources extraction (#13057)
* [dailymotion] Extend URL regular expression (#13079)
|
|
|
|
Proxifier is a gem to force ruby to use a proxy.
This gem was created for 2 purposes.
First is to enable ruby programmers to use HTTP or SOCKS proxies
interchangeably when using TCPSockets. Either manually with
Proxifier::Proxy#open or by require "proxifier/env".
The second purpose is to use ruby code that doesn't user proxies for users
that have to use proxies.
The pruby and pirb executables are simple wrappers for their respective ruby
executables that support proxies from environment variables.
|
|
# Change Log
## [v0.5.20170404](https://github.com/knu/ruby-domain_name/tree/v0.5.20170404) (2017-04-04)
[Full Changelog](https://github.com/knu/ruby-domain_name/compare/v0.5.20170223...v0.5.20170404)
- Update the eTLD database to 2017-04-04T20:20:25Z
|
|
## v1.60.1
* DNSSEC validation switched OFF by default (but can still be switched on)
* Add APL RR support (thanks Manabu Sonoda)
* Various test fixes (thanks Keith Bennett)
* 'include' issues fixed (thanks Keith Bennett!)
* Fixnum replacement (thanks Keith Bennett)
* Zone transfer fixes (thanks Manabu Sonoda)
* Name decoding fix
* MX record passing error now raised
* CAA RR support (thanks Richard Luther)
* TLSA RR support (thanks Manabu Sonoda)
|
|
## Changes between 2.1.0 and 2.2.0 (unreleased)
### Timestamps are Encoded as 64-bit Unsigned Integers
This is a potentially **breaking change**. It is recommended that
all applications that use this gem and pass date/time values in message
properties or headers are upgraded at the same time.
GitHub issue: [#64](https://github.com/ruby-amqp/amq-protocol/issues/64).
Contributed by Carl Hoerberg.
|
|
|
|
|
|
pkgsrc changes:
removed patches:
patch-bin_afppasswd_afppasswd.c
patch-etc_uams_uams__randnum.c
https://github.com/Netatalk/Netatalk/commit/ee2dee23560ac3c059b020b1ec2fbd3c0ef1318f
patch-include_atalk_acl.h
https://github.com/Netatalk/Netatalk/commit/d48ecb55ac4c916cd78bbaf4de53a04abf6d47fb
regen patch:
patch-config_pam_Makefile.in
changelog(from NEWS):
Changes in 3.1.11
================
* NEW: Global option "zeroconf name", FR#99
* NEW: show Zeroconf support by "netatalk -V", FR#100
* UPD: gentoo: Switch openrc init script to openrc-run, GitHub#77
* FIX: log message: name of function doese not match, GitHub#78
* UPD: volume capacity reporting to match Samba behavior, GitHub#83
* FIX: debian: sysv init status command exits with proper exit code, GitHub#84
* FIX: dsi_stream_read: len:0, unexpected EOF, GitHub#82
* UPD: dhx uams: OpenSSL 1.1 support, GitHub#87
Changes in 3.1.10
================
* FIX: cannot build when ldap is not defined, bug #630
* FIX: SIGHUP can cause core dump when mdns is enabled, bug #72
* FIX: Solaris: stale pid file puts netatalk into maintenance mode, bug #73
* FIX: dsi_stream_read: len:0, unexpected EOF, bug #633
Changes in 3.1.9
================
* FIX: afpd: fix "admin group" option
* NEW: afpd: new options "force user" and "force group"
* FIX: listening on IPv6 wildcard address may fail if IPv6 is
disabled, bug #606
* NEW: LibreSSL support, FR #98
* FIX: cannot build when acl is not defined, bug #574
* UPD: configure option "--with-init-style=" for Gentoo.
"gentoo" is renamed to "gentoo-openrc".
"gentoo-openrc" is same as "openrc".
"gentoo-systemd" is same as "systemd".
* NEW: configure option "--with-dbus-daemon=PATH" for Spotlight feature
* UPD: use "tracker daemon" command instead of "tracker-control" command
if Gnome Tracker is the recent version.
* NEW: configure options "--enable-rpath" and "--disable-rpath" which
can be used to force setting of RPATH (default on Solaris/NetBSD)
or disable it.
* NEW: configure option "--with-tracker-install-prefix" allows setting
an alternate install prefix for tracker when cross-compiling.
* UPD: asip-status.pl: IPv6 support
* UPD: asip-status.pl: show GSS-UAM SPNEGO blob
* FIX: afpd: don't use network IDs without LDAP, bug #621
* FIX: afpd: reading from file may fail, bug #619
* NEW: AFP clients should not be able to copy or manipulate special
extended attributes set by NFS and SMB servers on Solaris, issue #36
* FIX: ad: ad cp may crash, bug #622
* UPD: Update Unicode support to version 9.0.0
Changes in 3.1.8
================
* FIX: CNID/MySQL: Quote UUID table names.
https://sourceforge.net/p/netatalk/bugs/585/
* FIX: Crash in cnid_metad, bug #593
* UPD: Update Unicode support to version 8.0.0
* FIX: larger server side copyfile buffer for improved IO performance,
bug #599
* NEW: afpd: new option "ea = samba". Use Samba vfs_streams_xattr
compatible xattrs which means adding a 0 byte at the end of
xattrs.
* FIX: remove #541 workaround patch. There was this problem with only early
Fedora 20.
* FIX: rpmbuild fails on Fedora x86_64, bug #598
* FIX: Listen on IPv6 wildcard address by default, bug #602
* FIX: FCE protocol version 1 packets, bug #603
* UPD: Update list of BerkeleyDB versions searched at configure time
|
|
Generate an error when configured with a CNAME loop,
rather than a crash. Thanks to George Metz for
spotting this problem.
Calculate the length of TFTP error reply packet
correctly. This fixes a problem when the error
message in a TFTP packet exceeds the arbitrary
limit of 500 characters. The message was correctly
truncated, but not the packet length, so
extra data was appended. This is a possible
security risk, since the extra data comes from
a buffer which is also used for DNS, so that
previous DNS queries or replies may be leaked.
Fix logic error in Linux netlink code. This could
cause dnsmasq to enter a tight loop on systems
with a very large number of network interfaces.
Fix problem with --dnssec-timestamp whereby receipt
of SIGHUP would erroneously engage timestamp checking.
Bump zone serial on reloading /etc/hosts and friends
when providing authoritative DNS.
Handle v4-mapped IPv6 addresses sanely in --synth-domain.
These have standard representation like ::ffff:1.2.3.4
and are now converted to names like
<prefix>--ffff-1-2-3-4.<domain>
Handle binding upstream servers to an interface
(--server=1.2.3.4@eth0) when the named interface
is destroyed and recreated in the kernel.
Allow wildcard CNAME records in authoritative zones.
For example --cname=*.example.com,default.example.com
more...
|
|
|
|
|
|
- Fix logging TypeError
|
|
This is a regularly scheduled stable release.
Resolved issues:
#3895: The layout of the global changes dialog is improved
#4123: Running as root or SYSTEM now triggers a warning recommending against it
#4127: Changing the theme no longer causes an HTTP error
#4143: The file paths in the failed files dialog are now correct on Windows
|
|
The expected use case for mosh is using ssh for authentication, by just
running "mosh username@host". No need to spawn mosh-server and -client
manually.
|
|
required version of json extension.
Instead, override json_pure to json in gemspec.
Bump PKGREVISION.
|
|
required version of json extension.
|
|
No comment from maintainer.
|
|
Bug Fixes
- rabbitmqctl wait exited with the status code of 0 when node stopped
because it could not contact any cluster peers to [re-]join.
- rabbitmqctl forget_cluster_node used in offline mode could result in
promotion of a node that's no longer a cluster member.
- Queue master locator could not be set using optional queue arguments
(x-arguments).
- CLI tool (e.g. rabbitmqctl) man pages were not rendered correctly.
Enhancements
- Disk space monitor will periodically retry (every 2 minutes by
default, up to 10 times) before going into disabled state as
external tools used to monitor available disk space can fail or
produce unexpected output temporarily.
- Memory relative free disk space limits now support integer values as
well as floats.
Management and Management Agent Plugins
- TLS-related settings in HTTP API listeners could break JSON
serialisation for the GET /api/overview endpoint.
- Non-numerical values for numerical stats are now handled safety by
stats aggregation.
- Stats are no longer emitted for connections that are not considered
to be in the fully initialised state.
- POST requests now instruct clients to close TCP connections.
- In some popular browsers (Chrome, Internet Explorer) a POST request
followed by an immediate GET request would result in a 400 response.
Other browsers do no exhibit this behaviour.
- I/O average time per operation graph didn't match legend.
- Sample retention policies are now validated more strictly to avoid
configurations that are not supported and will lead to exceptions.
- Certain stats for connections were not initialised as numerical
values, which resulted in log noise.
- UI operation for binding deletion did not respect optional (extra)
binding arguments.
- Current virtual host is pre-selected on the "Add/update policy"
form.
MQTT Plugin
- A non-initialized connection (e.g. one that failed early because
client-provided payload wasn't a valid MQTT payload) produced a
crash report log entry during termination.
LDAP Plugin
- Stale connection purging in LDAP connection pool could fail with a
badmatch.
Trust Store Plugin
- Certificate change detection algorithm no longer uses stat(2) on
certificate directory because of its limitations that could lead to
undetected changes in certain scenarios.
Web STOMP Plugin
- The plugin failed to start after being stopped and re-enabled.
- Server-initiated consumer cancellation failed with an exception.
Management Visualiser Plugin
- The plugin wasn't compatible with recent 3.6.x releases.
|