| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Changes in libsoup from 2.69.90 to 2.70.0:
* Deprecate SoupSession:proxy-uri [Patrick Griffis]
* Update translations: Persian, Finnish, Ukrainian
Changes in libsoup from 2.68.3 to 2.69.90:
* Add new API to expose support for same-site cookies [Patrick Griffis]
* Fix TRACE method not being considered safe and idempotent internally [Patrick
Griffis]
* WebSockets: ensure a new connection is created for WebSocket requests [Carlos
Garcia Campos]
* WebSockets: do not start the input source when IO is closing [Carlos Garcia
Campos]
* Deprecate soup_date_to_timeval() [Claudio Saavedra]
* build: Update glib requirement to 2.58 [Xavier Claessens]
* Updated translations: Malay [Umarzuki Mochlis]
|
|
|
|
2.64.0 - March 6, 2020
======================
- Fix OpenSSL backend on RHEL 6 (!116)
2.63.92 - February 27, 2020
===========================
- Revert fix for #127, which broke libsoup (#129)
2.63.91 - February 14, 2020
===========================
- Fix peer-certificate properties changing too soon (#127)
- GnuTLS backend: reduce session resumption cache lifetime (!113)
- GnuTLS backend: restore TLS 1.2 support for copy session state (!114)
2.63.90 - February 1, 2020
==========================
- Remove PKCS#11 support, deferred until next cycle (#104)
- Remove OpenSSL backend's OCSP support (#124)
2.63.3 - January 3, 2019
========================
- Fix OpenSSL backend regressions and reenable OpenSSL testsuite (#54)
- Temporarily disable cancellation of sync handshakes (#97)
- Disable flaky test (#104) and resolve testsuite flakiness (#105)
- Fix leak of base iostream (or base datagram socket), 2.62 regression
- Fix duplicate notifies of peer-certificate and peer-certificate-errors
- Fix regression where GnuTLS connection init could theoretically fail without error
- Fix obscure corner case where SNI might not work
- Fix various build warnings on Windows
- Fix multiple build failures on Windows (Chun-wei Fan)
- Fix installed tests (Iain Lane)
2.63.2 - November 22, 2019
==========================
- Fix crash when handshake context is reset too late (#97)
- Require GnuTLS 3.6.5 (#100)
- Build mock PKCS #11 module only for GnuTLS backend (#101)
- Rework session resumption support for TLS 1.3 (!69)
- Run GnuTLS tests under TLS 1.2 in addition to TLS 1.3 (!69)
- Support OpenSSL 1.0.1 (!81)
- Drop rehandshake mode and protocol version fallback support (!83)
- Add logging functions (!89, MARTINSONS Frederic)
- Fix PKCS #11 tests with TLS 1.2 (!91, Patrick Griffis)
- Add more debug logging for PKCS #11 (!92, Patrick Griffis)
- Fix leak in GTlsCertificateGnutls finalizer (!93, Patrick Griffis)
2.63.1 - October 11, 2019
=========================
- Add support for new PKCS#11 APIs to facilitate use with smartcards (Patrick Griffis)
- Disable TLS 1.0 and TLS 1.1 when using GnuTLS
- Fix threadsafety issue (#95)
|
|
recursive bump for the dependency change
|
|
0.20.2 (2020-03-10)
+ Add encrypt_key and decrypt_key to fz::symmetric key
- fz::datetime::set_rfc822 now parses the zone offset
- Removed unneeded asserts from format.hpp
0.20.1 (2020-02-24)
- Fix potential crash after removing the last speed limit bucket
- TLS: Fix reported key exchange algorithm and improve details
0.20.0 (2020-02-14)
+ Added fz::symmetric_key
+ Added itertions parameter to fz::private_key::from_password
+ Added fz::base32_encode and fz::base32_decode
+ Unified all decode functions to always return a vector, added alternatives returning string with a _s suffix in the function name
+ Changed equal_insensitive_ascii to take (w)string_view
|
|
|
|
This module provides an API for the GeoIP2 web services and databases.
The API also works with the free GeoLite2 databases.
See GeoIP2::WebService::Client for details on the web service client API
and GeoIP2::Database::Reader for the database API.
|
|
|
|
The free DB-IP IP to City Lite database is a subset of the IP to Location
database with reduced coverage and accuracy distributed under the Creative
Commons Attribution License.
|
|
|
|
The free DB-IP IP to Country Lite database is a subset of the IP to Country
database with reduced coverage and accuracy distributed under the Creative
Commons Attribution License.
|
|
|
|
Avahi by default pulls in X11 via gtk2 and dbus, so you might want to
disable it on a small server if your clients don't need ZeroConf capability.
|
|
Changes:
20200308
--------
Core
+ [utils] Add support for cookie files with spaces
Extractors
+ [pornhub] Add support for pornhubpremium.com (#24288)
- [youtube] Remove outdated code and unnecessary requests
* [youtube] Improve extraction in 429 HTTP error conditions (#24283)
* [nhk] Update API version (#24270)
|
|
6518 Key combination that will force a server restart
6588 Version number header with update check
6569 Unable to run on macOS 10.15 Catalina
6561 Debian buster no longer supports CA key length of 1024
6556 Function missing error from OpenSSL/TLS
6566 Debug message output mistakenly as info message
5959 User interface failed to load local fingerprint
|
|
|
|
|
|
eXosip2 (5.1.0) - 2020-01-16
* new API:
Generate random string: (low entropy, only hexa)
int eXosip_hexa_generate_random(char *val, int val_size);
Generate random string: (high entropy when compiled with openssl)
int eXosip_byte_generate_random(char *val, int val_size)
* provide more entropy with eXosip_byte_generate_random (with openssl when available).
* fix TLS security issue reported by Alexander Traud regarding hostname validation when using NAPTR/SRV.
* add support for epoll (detected by configured) // becomes the default on linux platforms with autotools
* fix bug #56839: The cnonce should not be static -this is identified as replay attack by some services-.
* fix tcp and tls connection failure detection (accelerate error detection and recovery)
* fix: fixed a crash with DTLS
eXosip2 (5.1.0) - 2019-03-27
* minor API update:
API parameter change: eXosip_call_build_ack/eXosip_call_send_ack API to use tid instead of did as parameter.
* new API: add an API to insert one extra header in BYE:
int eXosip_call_terminate_with_header(struct eXosip_t *excontext, int cid, int did, const char *header_name, const char *header_value);
void eXosip_dnsutils_release(struct osip_naptr *naptr_record); required after usage of eXosip_dnsutils_naptr.
* new OPTION:
EXOSIP_OPT_SET_SESSIONTIMERS_FORCE option to force session timer to be used when remote side does not support it.
* structure change:
new param in eXosip_tls_credentials_t for pinning: "public_key_pinned". A file with the expected public key of server.
If you use eXosip_tls_ctx_t/eXosip_tls_credentials_t/EXOSIP_OPT_SET_TLS_CERTIFICATES_INFO, you need to recompile.
* fix processing response out of transaction. (avoid incorrect logs and extra work)
* fix https://savannah.nongnu.org/bugs/?54628 where ACK was only retransmitted for initial outgoing INVITE.
fix: retransmit ACK for both initial INVITE and re-INVITE.
fix: retransmit ACK for 2xx from forking (with a BYE) even if call does not exist.
ACK for "old transaction" within the established dialog won't be retransmitted because the parameter only hold the latest ACK.
* fix bug report: https://savannah.nongnu.org/bugs/index.php?54624
another patch to fix more issue related to cseq & PRACK.
The newer code better handle forking use-case with PRACK.
The newer code better handle several 1xx from same user.
* fix bug report: https://savannah.nongnu.org/bugs/index.php?54624 cseq wasn't increasing after a PRACK.
* improve portability code, detection of headers, windows compilation detection, sockaddr_storage was not correctly defined.
* fix udp layer: set ipbuf before using it.
* fix: allow socket descriptor to be 0 (posix requirement).
* fix: compile with any openssl version.
* allow compilation with OPENSSL_NO_DH, OPENSSL_NO_RSA, OPENSSL_NO_ECDH and/or OPENSSL_NO_DEPRECATED.
* remove old windows specific RSA obsolete code.
* add in eXtl_tls.c some explanations on usage of TLS with eXosip2. READ THEM.
* improve reliability for naptr/srv lookup (but still a short time).
* fix/improve _eXosip_mark_registration_expired: it was working correctly only if registration had previously failed.
* fix: attach call/dialog to CANCEL transaction (so EXOSIP_CALL_MESSAGE_ANSWERED will be received instead of EXOSIP_MESSAGE_ANSWERED).
* windows: fix DnsQuery to use UTF8 even if compiled without UNICODE (not applicable if you use c-ares).
* windows: add ENUM capability and improve NAPTR/SRV record (not applicable if you use c-ares).
* windows: you should use c-ares AND you should compile with UNICODE. (much better).
* add ability to define a dnsserver when doing NAPTR and SRV record (c-ares only).
* format of domain string for "eXosip_dnsutils_naptr" is "domain.com!+AUS|IP_DNSSERVER".
* fix for on android, DNS are not available any more (restricted access) (c-ares only).
* add support ENUM and regex for res_query API (not applicable if you use c-ares).
* sync with newer osip: use newer osip_naptr & osip_srv_record structures to hold ENUM sip result and
improvements to retreive (and release) it via eXosip_dnsutils_naptr and eXosip_dnsutils_release APIs.
* TLS improvments: simplify client and server config, add ECDH cipher suite if missing,
password for private key is optional, add support for public key pinning.
* improve to report EXOSIP_CALL_NOANSWER upon transport error for INVITE for faster detection.
* fix possible memory leak for X509 server certificate.
* fix crash if dialog has been already closed between 200ok and a received BYE.
* improve windows pipe replacement (use a free allocated port automatically).
* fix to optimize detection of TCP or TLS establishement, fix to optimize sending REGISTER after establishement.
* patch for call transfer to keep dialog after BYE, in order to be able to handle incoming/outgoing NOTIFY within calls after BYE.
* handle incoming UPDATE from alternative dialogs in early dialog mode.
* fix to reject any NOTIFY without established dialog coming later than 64 seconds after initial SUBSCRIBE.
* After a NAPTR query, some DNS server returns SUCCESS without NAPTR answers. In such use-case, fallback to manual SRV records.
* add SOCK_CLOEXEC option to sockets // add missing SO_KEEPALIVE options on TLS socket.
* EXOSIP_OPT_ENABLE_IPV6 now support 0(ipv4 only), 1(ipv6 only) and 2(ipv4 OR ipv6).
With option 2, choice is made based on DNS and the stack can fallback between IPv4 and IPv6.
* fix possible memory leak when using wrong tid for eXosip_insubscription_send_answer.
* fix possible memory leak upon allocation error.
* fix leak upon syntax error in parameters provided for PUBLISH.
* fix leak upon syntax error in parameters provided for REGISTER.
* increase size of proto_ifs for IPv6 local address.
* RFC 2617 erratum: Errata ID: 1649 (minor issue).
* _exosip_isipv4addr: fix checking IPv4 address (minor issue).
* other minor updates.
eXosip2 (5.0.0)
* major API update: add a new parameter to eXosip_call_build_prack in order to create the PRACK
for this specific response and not for the latest.
* major API update: removal of eX_refer.h API. REFER are now handled with subscriptions APIs.
eXosip_refer_build_request removed
eXosip_refer_send_request removed
* major API update: subscription now handle both SUBSCRIBE and REFER with the same APIs:
eXosip_subscription_build_initial_refer ADDED
eXosip_subscribe_build_initial_request renamed eXosip_subscription_build_initial_subscribe
eXosip_subscribe_send_initial_request renamed eXosip_subscription_send_initial_request
eXosip_subscribe_build_refresh_request renamed eXosip_subscription_build_refresh_request
eXosip_subscribe_send_refresh_request renamed eXosip_subscription_send_refresh_request
eXosip_subscribe_remove renamed eXosip_subscription_remove
EXOSIP_IN_SUBSCRIPTION_* and EXOSIP_SUBSCRIPTION_* events may now relate to REFER subscription.
* major API change: eXosip_automatic_refresh is obsolete and has been removed.
only use eXosip_automatic_action instead
* API update:
eXosip_options_send_request returns a positive transaction id (tid) on success.
eXosip_publish returns a positive transaction id (tid) on success.
note: eXosip_message_send_request was already returing the transaction id (tid) on success.
* new API options:
EXOSIP_OPT_REMOVE_PREROUTESET: to keep Route Set
EXOSIP_OPT_SET_SIP_INSTANCE: define +sip.instance parameter in Contact headers
EXOSIP_OPT_ENABLE_USE_EPHEMERAL_PORT: option to use/not use ephemeral port in Contact.
EXOSIP_OPT_ENABLE_REUSE_TCP_PORT: option to reuse port.
EXOSIP_OPT_AUTO_MASQUERADE_CONTACT: option to enable automatic masquerading for Contact headers.
EXOSIP_OPT_UDP_LEARN_PORT: obsolete and will be removed in the future.
EXOSIP_OPT_SET_DEFAULT_CONTACT_DISPLAYNAME: define a display name to be added in Contact headers
* new API options: (high load traffic use-case: DO NOT USE FOR COMMON USAGE)
EXOSIP_OPT_SET_MAX_MESSAGE_TO_READ: set the number of message to read at once for each network processing.
EXOSIP_OPT_SET_MAX_READ_TIMEOUT: set the period in nano seconds during we read for sip message.
EXOSIP_OPT_GET_STATISTICS: retreive numerous statistics.
* rewrite/update autotools and ./configure options
--enable-pthread=[autodetect|force]
autodetect POSIX threads or force -DHAVE_PTHREAD [default=autodetect]
--enable-semaphore=[autodetect|semaphore|sysv]
select your prefered semaphore [default=autodetect].
* fix selection of Contact header for 3xx (default to a tel/sip/sips one with any transport)
* keep to call context enough time to handle redirection.
* fix race condition for processing SRV results (not likely to happen)
* fix bug when reading sip message longuer than 8000 over UDP and TLS.
* improve eXosip_add_authentication_info to avoid duplicate credentials
* if a SUBSCRIBE is rejected, the context will be released automatically
* add failover after a DNS failure.
* fallback to SRV even if we receive a NOTFOUND reply for NAPTR.
* fix route set with strict router.
* rename usage of -DHAVE_CARES_H into -DHAVE_ARES_H real name of header.
* remove warnings mainly related to socket API (getnameinfo/bind/accept/recv/connect/sendto)
* rewrite all loop using iterator to improve performance (useful for high load traffic)
* rewrite Via and Contact management: both will now contains the IP of the real network interface
instead of the default one.
* improve NAPTR failover, more reliable // add failover for 503 answer
* improve interval to force REGISTER refresh upon network error and failover.
* improve TCP socket management
* add a callback to simplify/optimize/accelerate usage of wakelocks in android application using exosip2.
* improve TLS, add TLSv1.1, TLSv1.2, disable weak cipher (FREAK) and enable ECDHE cipher.
* add support for SNI tls extension (openssl 1.0.2)
* add try/except on windows to catch possible missing qwave (windows server)
* implement a timeout (32 seconds) for establishing a TCP and TLS connection.
* if a connection is failing, report the failure asap.
* fix memory leak in eXosip_call_get_referto
* remove extra connect on socket for TCP and TLS (not allowed for tcp stream)
* fix to correctly discard INVITE retransmission with same branch received after original INVITE was replied
* add WSACleanup for each WSAStartup call (windows)
* do not include contact in BYE and CANCEL
* fix to use sips when appropriate (in Contact)
* fix to avoid handling negative content-length
* do not start naptr for incoming transactions.
* fix bug when rseq is empty but exist
* add support for QOS on windows.
* improve connection handling/failure detection, keep alive options, in TLS, TCP, UDP.
* update static IDs (cid/did/rid/pid) to use range from 0 to INT_MAX to avoid possible collision
* other minor updates.
|
|
|
|
Changes:
2.14.2
------
* Ensure man pages are shown at full width
* Fix subject in `ci-status` docs
* Indicate in docs that you can do plain `git push` after
`hub pr checkout` #2467
* Fix using hub inside git worktree #2489
2.14.1
------
* Fixed script/build when running from within the downloaded hub
tarball
|
|
Changes:
20200306
--------
Extractors
* [youtube] Fix age-gated videos support without login (#24248)
* [vimeo] Fix showcase password protected video extraction (#24224)
* [pornhub] Improve title extraction (#24184)
* [peertube] Improve extraction (#23657)
+ [servus] Add support for new URL schema (#23475, #23583, #24142)
* [vimeo] Fix subtitles URLs (#24209)
|
|
- Adopted some fixes contributed by Alan S. (mtx):
DNS IP Name qualification; X.509 DNS name matching; certs are only
read on demand.
- Support of STARTTLS in sslclient is postponed to next minor version.
- Straightened error codes and exiting for sslserver/sslhandle instead of
dropping the session in case of errors.
|
|
- Improved stability of rblsmtpd (which might segfault on IPv6 connections).
- Fixed rblsmtpd core dumping due to wrong decrement of IPv6 loop variable.
|
|
- Added 'const' for most input arguments + updated man:
byte, logmsg, str, pathexec. Patch contributed by Alan S.
- Added byte_fill and case_upper function (potentially for SRS).
- Included CFLAGS and LDFLAGS macros in Makefile.
|
|
Changes in libsoup from 2.68.3 to 2.68.4:
* WebSockets: Ensure a new connection is created for WebSocket requests [Carlos
Garcia Campos]
* WebSockets: Do not start the input source when IO is closing [Carlos Garcia
Campos]
* build: Update glib requirement to 2.58 [Xavier Claessens]
|
|
0.10.12
- Fixed incorrect content-type in `add_callback()` when headers are provided as a list of tuples.
|
|
Upstream has a hard-coded path to spamc which is not correct in the
pkgsrc context. Previously there was a SUBST block to change this,
but it was changed to an odd directory with a missing /, and it seems
this could never have worked. Change the SUBST block to result in
looking for spamc in ${PREFIX}/bin/spamc, which is where the pkgsrc
build of spamassassin puts it.
Add comments explaining why there is both this SUBST block (embedded
spamc path) and REPLACE_PERL (interpreter path).
From Mike Pumford on pkgsrc-users.
|
|
Changes:
1.13.1
------
### Additions
- [hentaihand] add extractors (#605)
- [hiperdex] add chapter and manga extractors (#606)
- [oauth] implement option to write DeviantArt refresh-tokens to cache (#616)
- [downloader:http] add more MIME types for `.bmp` and `.rar`
files (#621, #628)
- warn about expired cookies
### Fixes
- [bcy] fix partial image URLs (#613)
- [danbooru] fix Ugoira downloads and metadata
- [deviantart] check availability of `/intermediary/` URLs (#609)
- [hitomi] follow multiple redirects & fix image URLs
- [piczel] improve and update
- [tumblr] replace `-` with ` ` in tag searches (#611)
- [vsco] update gallery URL pattern
- fix `--verbose` and `--quiet` command-line options
|
|
bump PKGREVISION
|
|
Changes:
20200301
--------
Core
* [YoutubeDL] Force redirect URL to unicode on python 2
- [options] Remove duplicate short option -v for --version (#24162)
Extractors
* [xhamster] Fix extraction (#24205)
* [franceculture] Fix extraction (#24204)
+ [telecinco] Add support for article opening videos
* [telecinco] Fix extraction (#24195)
* [xtube] Fix metadata extraction (#21073, #22455)
* [youjizz] Fix extraction (#24181)
- Remove no longer needed compat_str around geturl
* [pornhd] Fix extraction (#24128)
+ [teachable] Add support for multiple videos per lecture (#24101)
+ [wistia] Add support for multiple generic embeds (#8347, 11385)
* [imdb] Fix extraction (#23443)
* [tv2dk:bornholm:play] Fix extraction (#24076)
|
|
No longer used by anything in pkgsrc
|
|
Upstream NEWS equivalent is:
Bugfixes
Use presence of password file as indicator for whether username
checks should take place, not whether usernames are defined in the
password file. Closes #1545. [This is a security fix for
misconfigured systems.]
|
|
|
|
Wireshark 3.2.2 Release Notes
What is Wireshark?
Wireshark is the world’s most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.
What’s New
Automatic updates were inadvertently disabled in the Wireshark 3.2.1
64-bit and 32-bit Windows installers. If you’re running Wireshark
3.2.1 on Windows you will have to update to a later version manually.
Bug 16381[1]
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2020-03[2] LTE RRC dissector memory leak. Bug 16341[3].
• wnpa-sec-2020-04[4] WiMax DLMAP dissector crash. Bug 16368[5].
• wnpa-sec-2020-05[6] EAP dissector crash. Bug 16397[7].
• wnpa-sec-2020-06[8] WireGuard dissector crash. Bug 16394[9].
The following bugs have been fixed:
• Add (IETF) QUIC Dissector. Bug 13881[10].
• Support for CoAP over TCP and WebSockets (RFC 8323). Bug
15910[11].
• SMB IOCTL response packet with BUFFER_OVERFLOW status is
dissected improperly. Bug 16261[12].
• Wireshark fails to build with GCC-9. Bug 16319[13].
• NVMe/TCP ICReq PDU Not Interpreted Correctly. Bug 16333[14].
• ICMP: No response if ICMP reply packet has an ICMP checksum of
0x0000. Bug 16334[15].
• Display filter parsing broken after upgrade from 3.0.7. Bug
16336[16].
• IPv4 fragment offset value is incorrect in IPv4 header decode.
Bug 16344[17].
• RTCP frame length warning for SAT>IP APP packets. Bug 16345[18].
• RTP export to rtpdump file doesn’t work. Bug 16351[19].
• CFDP dissector skips a byte. Bug 16361[20].
• ISAKMP: IKEv2 transforms and proposal have critical bit (BUG).
Bug 16364[21].
• No IPv4/IPv6 hosts in Resolved Addresses dialog. Bug 16366[22].
• Lack of Check for Updates option in the Windows GUI. Bug
16381[23].
• LLDP dissector consumes all octets to the end of the TVB and eth
trailer dissector does not get called. Bug 16387[24].
• LACP dissector consumes all octets to the end of the TVB and eth
trailer dissector does not get called. Bug 16388[25].
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ARTNET, CFDP, CoAP, EAP, GTP, ICMP, ICMPv6, IPv4, ISAKMP, LACP, LLDP,
LTE RRC, NBAP, NVME-TCP, QUIC, RDM, RTCP, RTP, SMB, SOME/IP, TLS,
WiMax DLMAP, and WireGuard
|
|
Email address seems no longer deliverable (if you are the maintainer and
reading that and/or if the problem was just temporary please let me
know and I will update it!).
|
|
Summary for 4.9.3 tcpdump release
Fix buffer overflow/overread vulnerabilities:
CVE-2017-16808 (AoE)
CVE-2018-14468 (FrameRelay)
CVE-2018-14469 (IKEv1)
CVE-2018-14470 (BABEL)
CVE-2018-14466 (AFS/RX)
CVE-2018-14461 (LDP)
CVE-2018-14462 (ICMP)
CVE-2018-14465 (RSVP)
CVE-2018-14881 (BGP)
CVE-2018-14464 (LMP)
CVE-2018-14463 (VRRP)
CVE-2018-14467 (BGP)
CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
CVE-2018-14880 (OSPF6)
CVE-2018-16451 (SMB)
CVE-2018-14882 (RPL)
CVE-2018-16227 (802.11)
CVE-2018-16229 (DCCP)
CVE-2018-16301 (was fixed in libpcap)
CVE-2018-16230 (BGP)
CVE-2018-16452 (SMB)
CVE-2018-16300 (BGP)
CVE-2018-16228 (HNCP)
CVE-2019-15166 (LMP)
CVE-2019-15167 (VRRP)
Fix for cmdline argument/local issues:
CVE-2018-14879 (tcpdump -V)
|
|
0.10.11
- Fixed invalid README formatted.
- Fixed string formatting in error message.
0.10.10
- Added Python 3.8 support
- Remove Python 3.4 from test suite matrix.
- The `response.request` object now has a `params` attribute that contains the query string parameters from the request that was captured.
- `add_passthru` now supports `re` pattern objects to match URLs.
- ConnectionErrors raised by responses now include more details on the request that was attempted and the mocks registered.
|
|
Changes:
2.0.0
-----
- Drop Python2 support
- Adjust Travis tests for Python3-only, and add v3.8
- Add inline typing
- Remove "debug_mode" parameter
- Add "logging" support (basically replacing "debug_mode" and the various
"print"s)
- Fix "no-else-after-return" and "no-else-after-raise"
- Fix "startswitch" typos / bugs
- Removed deprecated "basic_auth" and "digest_auth" paramters. The same
functionality is given by specifying the "http_auth" with an instance
of either object. This allows for more flexibility with various other
alternative authentication methods.
(Done in a separate commit of 1.0.13 update because 1.0.13 was the last release
supporting Python 2.7, if you use py-rt with python27 please let me know/feel
free to add a possible py-rt1 package.)
|
|
Changes:
1.0.13
------
- Add deprecation warning for in the next major release unsupported
parameters (basic_auth, digest_auth). They are now replaced with http_auth.
- Fix problematic default method parameters ("{}" and "[]").
|
|
keyword in Python 3.7. Bump revision.
|
|
pkgsrc changes:
- Remove `makefile' SUBST_CLASSES, now Makefile honors user's {C,LD}FLAGS
- Adjust LIBGIT_{INC,LIB} via MAKE_FLAGS (and remove no longer used
GIT{INC,LIB} injections)
Changes:
0.9.3
-----
- Minor bug fixes and improvements
|
|
Changes:
1.01
----
- Use a random temporary directory instead of hardcoded `/tmp/sacc'
- Add a keybinding for displaying current page URI
- Ignore possible extra tab delimited fields
- Be case-insesitive for inline searching
- Add support for RedType `+' items
- Several other bug fixes and improvements
|
|
|
|
No upstream changelog, but main visible ones are memory leak fixes.
|
|
|
|
mikutter-plugins-twitter provides a set of Twitter client plugins
for mikutter version 4.0 and later.
|
|
pkgsrc changes:
* update DESCR and MESSAGE to reflect twitter plugin removal etc.
* sort DEPENDS by package (i.e. gem) names without categories for
maintainability
* adjust EXTRACT_DIR per upstream tarball changes
(probably this will soon be changed again on upstream)
* set DISABLE_BUNDLER_SETUP=1 to disable bundler's auto download on startup
Upstream changes:
mikutter 4.0.4
* crash on adding Mastdon accounts
* thanks Ahiru Iegamo
* error on Mastodon User Profile tab
* thanks Ahiru Iegamo
* delayer 1.0.2
mikutter 4.0.3
* support Ruby 2.7 changes
* clear image loading window by bg color after loading images and
before drawing Pixbuf
* thanks Shibafu Midorino
mikutter 4.0.2
* support thumbnails of YouTube and Niconico-video
* thanks Shibafu Midorino
* appimage: fix crash/freeze
* thanks Yuto Tokunaga
* adjust selected region including custom emoji cases on strings copy
* thanks Shibafu Midorino
* remove irb from Gemfile
mikutter 4.0.1
* happy new year
* fix appimage
* thanks hinaloe k
* remove unnecessary code executed per MiraclePainter updates
* thanks Shibafu Midorino
mikutter 4.0
Major version up after five and half years after prevous update,
for 10 years aniversary of mikutter, with some incompatible changes.
* make Twitter plugins third party plugins
* Twitter plugins are no longer included
* users can still use Twitter on mikutter by installing Twitter plugins
https://github.com/mikutter/twitter_bootstrap
* remove Service module
* Abstraction by Service was not sufficient and it has been replaced
by World plugin
* deprecate boot events
* initialization should be implemented in plugin context or
Delayer.new {...} should be used if it need to be executed after
load is conplete
* remove miquire
* miquire was introduce to avoid (no-longer-recallable) problems
on ruby 1.8 and to switch loaded files by command line options,
but both of them no longer exist
* use own implementation to handle event loop
* mikutter used Gtk mailloop and Delayer queue but it caused FiberError
exceptions and the FiberError was hard to fix per specification
* make it possible to change, preserve and restore order of general
Model viewer tabs
* orders of tabs in Mastdon user prifile tabs are recoreded and
preserved on the next open even on other similar tabs
* support Ruby 2.5 and later (drop support for 2.4)
* ruby 2.4 will be EOLed on end of March 2020
https://www.ruby-lang.org/ja/news/2019/10/02/ruby-2-4-9-released/
* drop bundling gems in release tar ball
* nowadays bundler is common enough and plugins with Gemfile made
things more complicated
* all other things forgotten to be written
* all things I missed
|
|
Pkgsrc changes:
* Adjust line numbers in patch.
Upstream changes:
The 1.10.0 release has RPZ support and serve stale functionality
according to draft draft-ietf-dnsop-serve-stale-10. And a number of
other, smaller, features, and bug fixes.
The DNS Response Policy Zones (RPZ) functionality makes it possible
to express DNS response policies in a DNS zone. These zones can
be loaded from file or transferred over DNS zone transfers or
HTTP. The RPZ functionality in Unbound is implemented as specified in
draft-vixie-dnsop-dns-rpz-00. Only the QNAME and Response IP Address
triggers are supported. The supported RPZ actions are: NXDOMAIN, NODATA,
PASSTHRU, DROP and Local Data.
Enabling the respip module using `module-config` is required to use
RPZ. Each RPZ zone can be configured using the `rpz` clause. RPZ clauses
are applied in order of configuration. Unbound can get the data from
zone transfer, a zonefile or https url, and more options are documented
in the man page. A minimal RPZ configuration that will transfer the
RPZ zone using AXFR and IXFR can look like:
server:
module-config: "respip validator iterator"
rpz:
name: "rpz.example.com" # name of the policy zone
master: 192.0.2.0 # address of the name server to transfer from
The serve-stale functionality as described in
draft-ietf-dnsop-serve-stale-10 is now supported in unbound.
This allows unbound to first try and resolve a domain name before
replying with expired data from cache. This differs from unbound's
initial serve-expired behavior which attempts to reply with expired
entries from cache without waiting for the actual resolution to finish.
Both behaviors are available and can be configured with the various
serve-expired-* configuration options. serve-expired-client-timeout is
the option that enables one or the other.
The DSA algorithms have been disabled by default, this is because of
RFC 8624.
There is a crash fix in the parse of text of type WKS, reported by
X41 D-Sec.
In addition, neg and key caches can be shared with multiple
libunbound contexts, a change that assists unwind. The
contrib/unbound_portable.service provides a systemd start file for a
portable setup. The configure --with-libbsd option allows the use
of the bsd compatibility library so that it can use the arc4random
from it. The stats in contrib/unbound_munin_ have num.query.tls and
num.query.tls.resume added to them. For unbound-control the command
view_local_datas_remove is added that removes data from a view.
Features:
- Merge RPZ support into master. Only QNAME and Response IP triggers are
supported.
- Added serve-stale functionality as described in
draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
come with a configurable TTL value (`serve-expired-reply-ttl`).
- Merge #135 from Florian Obser: Use passed in neg and key cache
if non-NULL.
- Fix #153: Disable validation for DSA algorithms. RFC 8624 compliance.
- Merge PR#151: Fixes for systemd units, by Maryse47, Edmonds
and Frzk. Updates the unbound.service systemd file and adds a portable
systemd service file.
- Merge PR#154; Allow use of libbsd functions with configure option
--with-libbsd. By Robert Edmonds and Steven Chamberlain.
- Merge PR#148; Add some TLS stats to unbound_munin_. By Fredrik Pettai.
- Merge PR#156 from Alexander Berkes; Added unbound-control
view_local_datas_remove command.
Bug Fixes:
- Fix typo to let serve-expired-ttl work with ub_ctx_set_option(), by
Florian Obser
- Update mailing list URL.
- Fix #140: Document slave not downloading new zonefile upon update.
- Downgrade compat/getentropy_solaris.c to version 1.4 from OpenBSD.
The dl_iterate_phdr() function introduced in newer versions raises
compilation errors on solaris 10.
- Changes to compat/getentropy_solaris.c for,
ifdef stdint.h inclusion for older systems. ifdef sha2.h inclusion
for older systems.
- Fix 'make test' to work for --disable-sha1 configure option.
- Fix out-of-bounds null-byte write in sldns_bget_token_par while
parsing type WKS, reported by Luis Merino from X41 D-Sec.
- Updated sldns_bget_token_par fix for also space for the zero
delimiter after the character. And update for more spare space.
- Fix #138: stop binding pidfile inside chroot dir in systemd service
file.
- Fix the relationship between serve-expired and prefetch options,
patch from Saksham Manchanda from Secure64.
- Fix unreachable code in ssl set options code.
- Removed the dnscrypt_queries and dnscrypt_queries_chacha tests,
because dnscrypt-proxy (2.0.36) does not support the test setup
any more, and also the config file format does not seem to have the
appropriate keys to recreate that setup.
- Fix crash after reload where a stats lookup could reference old key
cache and neg cache structures.
- Fix for memory leak when edns subnet config options are read when
compiled without edns subnet support.
- Fix auth zone support for NSEC3 records without salt.
- Merge PR#150 from Frzk: Systemd unit without chroot. It add
contrib/unbound_nochroot.service.in, a systemd file for use with
chroot: "", see comments in the file, it uses systemd protections
instead. It was superceded by #151, the unbound_portable.service
file.
- Merge PR#155 from Robert Edmonds: contrib/libunbound.pc.in: Fixes
to Libs/Requires for crypto library dependencies.
- iana portlist updated.
- Fix to silence the tls handshake errors for broken pipe and reset
by peer, unless verbosity is set to 2 or higher.
- Merge PR#147; change rfc reference for reserved top level dns names.
- Fix #157: undefined reference to `htobe64'.
- Fix subnet tests for disabled DSA algorithm by default.
- Update contrib/fastrpz.patch for clean diff with current code.
- updated .gitignore for added contrib file.
- Add build rule for ipset to Makefile
- Add getentropy_freebsd.o to Makefile dependencies.
- Fix memory leak in error condition remote.c
- Fix double free in error condition view.c
- Fix memory leak in do_auth_zone_transfer on success
- Stop working on socket when socket() call returns an error.
- Check malloc return values in TLS session ticket code
- Fix fclose on error in TLS session ticket code.
- Add assertion to please static analyzer
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
- Fix num_reply_addr counting in mesh and tcp drop due to size
after serve_stale commit.
- Fix to create and destroy rpz_lock in auth_zones structure.
- Fix to lock zone before adding rpz qname trigger.
- Fix to lock and release once in mesh_serve_expired_lookup.
- Fix to put braces around empty if body when threading is disabled.
- Fix num_reply_states and num_detached_states counting with
serve_expired_callback.
- Cleaner code in mesh_serve_expired_lookup.
- Document in unbound.conf manpage that configuration clauses can be
repeated in the configuration file.
- Document 'ub_result.was_ratelimited' in libunbound.
- Fix use after free on log-identity after a reload; Fixes #163.
- Fix with libnettle make test with dsa disabled.
- Fix contrib/fastrpz.patch to apply cleanly. Fix for serve-stale
fixes, but it does not compile, conflicts with new rpz code.
- Fix to clean memory leak of respip_addr.lock when ip_tree deleted.
- Fix compile warning when threads disabled.
|
|
Update bind911 to 9.11.16 (BIND 9.11.16).
--- 9.11.16 released ---
5353. [doc] Document port and dscp parameters in forwarders
configuration option. [GL #914]
5352. [bug] Correctly handle catalog zone entries containing
characters that aren't legal in filenames. [GL #1592]
5351. [bug] CDS / CDNSKEY consistency checks failed to handle
removal records. [GL #1554]
5350. [bug] When a view was configured with class CHAOS,
dns_view_findzonecut() could incorrectly return
success for non-existent records. [GL #1540]
5348. [bug] dnssec-settime -Psync was not being honoured.
[GL !2925]
|
