Age | Commit message (Collapse) | Author | Files | Lines |
|
Upstream changes:
1.6.1:
fix python27, broken in 1.6.0
1.6.0:
- Big performance improvement when receiving large payloads,
particularly for SSL. Closes #571,
- Add basic MQTT v5 support to the subscribe and publish helper
functions. Closes #575.
- Changed default TLS version to 1.2 instead of 1.0.
- Remove _out_packet_mutex and _current_out_packet_mutex and convert
the _out_packet queue use to thread safe (simplifies the internals)
- Callbacks can now be applied to client instances using decorators.
- The `rc` parameter in the `on_disconnect` callback now has
meaningful values in the case of an error. Closes #441.
- Remove periodic retry checks for outgoing messages with QoS>0. This
means that outgoing messages will only be retried on the client
reconnecting to the server. They will *not* be retried when the client
is still connected.
- MQTTMessageInfo.wait_for_publish() and
MQTTMessageInfo.is_published() will now raise exceptions if called
when the publish call produced an error. Closes #550.
- Raise exceptions when attempting to set MQTT v5 properties to
forbidden values. Closes #586.
- PUBACK messages are now sent to the broker only after the on_message
callback has - Add timeout to
MQTTMessageInfo:wait_for_publish().returned.
- Add timeout to MQTTMessageInfo:wait_for_publish().
- Removed ancient Mosquitto compatibility class.
bugfixes
|
|
- Added CurveDNS support for all servers. curvedns-keygen available.
|
|
- sslhandle to bind to IPv4 sockets, if told so.
- Compatibility tests with OpenSSL 3.0. Still preliminary.
|
|
|
|
- Provided socket_accept4 again to avoid IPv4-mapped IPv6 adress
binding problems.
|
|
Fix for: Shared object "libprotobuf.so.28" not found
|
|
1.6.0:
Unknown changes
|
|
|
|
its buildlink3.mk now includes openssl's buildlink3.mk
|
|
3.9.8:
Core Server
Bug Fixes
* When the mandatory flag was used when publishing to classic queues,
but publisher confirms were not, channels memory usage would grow indefinitely.
* `rabbitmq-diagnostics memory_breakdown` failed to read memory of connection
reader, writer and channel processes.
* In some environments, Stream replicas advertised IP addresses that could not be reached by cluster peers
(eg. IP addresses behind a NAT in a Docker deployment). RabbitMQ node hostnames are now advertised as well
so that other peers can resolve them to get an externally visible IP address.
|
|
v1.3.0 - Oct 15, 2020
- Add HTTPSTAT_METRICS_ONLY env.
If set to true, httpstat will only output metrics in json format,
this is useful if you want to parse the data instead of reading it.
|
|
0.998 (05 Dec 2015)
- bugfix: correctly handle V4MAPPED (v4 in v6) addresses, the
original v6 prefix was wrong. Thanks to Alex Lasoriti for
finding the issue
- bugfix: sometimes IP4-based datasets gave false positives when
an IP6 dataset were present, and it was also possible to have
false positive in IP6 datasets. Both has been fixed.
|
|
Jesse Smith <jessefrgsmith@yahoo.ca> -> 6.0
- Make extended passive mode respect the PASSIVE_PORTS variable
in the bftpd configuration file. Previously random ports
would be assigned.
- Minor code clean-up in mystrings library to avoid calculating
string length multiple times.
Jesse Smith <jessefrgsmith@yahoo.ca> -> 5.9
- Fixed output of directory listing so that file size is right-justified
which makes output look cleaner.
Fix suggested by uomo ukko.
- Addressed some compiler warnings. Make sure we bail out
of situations even if they should never realisticaly return
an error.
Jesse Smith <jessefrgsmith@yahoo.ca> -> 5.8
- Many spelling errors in source code and documentation found and
fixed by Jens of Fossies (fossies.org). Applied spelling corrections.
- Removed mark-up and special characters from COPYING, README, and INSTALL
files.
- Fixed file size reporting on 32-bit ARM architecture when files are
large (greater than 2GB).
Problem and fix reported by uomo ukko.
Jesse Smith <jessefrgsmith@yahoo.ca> -> 5.7
- A malicious client could cause a buffer overflow with
a lot of EPSV commands sent in a row. We now close
the pasv socket before each new use to avoid accumulating
more than 1023.
Thanks to Shisong Qin for reporting this issue and suggesting
a fix.
|
|
1.3.7c
+ Fix memory disclosure to RADIUS servers by mod_radius (Issue #1284).
+ PCRE expressions with capture groups were not being handled properly
(Issue #1300).
1.3.7b
+ Fixed occasional segfaults with FTPS data transfers using TLSv1.3, when
session tickets cannot be decrypted (Issue #1063).
+ Passive transfers fail unexpectedly due to use of SO_REUSEPORT socket
option (Issue #1171).
+ Implemented support for Redis 6.x AUTH semantics (Issue #1070).
+ Fixed memory use-after-free issue in mod_sftp which can cause unexpected
login/authentication issues.
+ Fixed SQL syntax regression for some generated SQL statements
(Issue #1149).
+ Fixed "Corrupted MAC on inptut" errors when SFTP uses the
umac-64@openssh.com digest (Issue #1111).
1.3.7a
+ Fix build-time regression when using the --localstatedir configure option.
1.3.7
+ Support the SOURCE_DATE_EPOCH environment variable, for reproducible
builds (Issue #1038).
1.3.7rc4
+ Implemented support for configuring certificate options for LDAP
connections using SSL/TLS.
+ Fixed issue with FTPS uploads of large files using TLSv1.3 (Issue #959).
+ Fixed handling of IPv6 addresses in From directives (Issue #682).
+ Added -b and -n command-line options to ftptop.
+ Ignore supplemental groups when run as non-root user (Issue #808).
+ Use re-entrant versions of time functions where available (Issue #983).
+ New Configuration Directives
BanOptions
The BanOptions directive is used to tune mod_ban behavior, such as
creating ban entries that match/apply to all <VirtualHost> sections.
See doc/contrib/mod_ban.html#BanOptions for more details.
LDAPUseSASL
The LDAPUseSASL directive configures a list of SASL authentication
mechanisms to use, when using the LDAPBindDN to bind to the LDAP
server. See doc/contrib/mod_ldap.html#LDAPUseSASL for details.
LogOptions
The LogOptions directive is used to modify the default logging format
for ProFTPD syslog, debug, and module logging. See
doc/modules/mod_log.html#LogOptions for more information.
SQLKeepAlive
The SQLKeepAlive directive configures a periodic "keepalive" query
for ensuring the connection between mod_sql and the backend database
server. See doc/contrib/mod_sql.html#SQLKeepAlive for more information.
+ Changed Configuration Directives
LDAPServer
The LDAPServer directive now supports configuring the trusted CA
file, client certificate and key files, SSL ciphers, and verification
policies for LDAP connections. See doc/contrib/mod_ldap.html#LDAPServer
for more details.
TraceOptions
The TraceOptions directive now supports a "Timestamp" option, for
disabling inclusion of timestamps in Trace logs.
+ Developer notes
When MaxLoginAttempts is reach, the POST_CMD_ERR/LOG_CMD_ERR command
handler phases will now run. This allows interested modules, such
as mod_exec and others, to react to these events (Issue #718).
1.3.7rc3
+ Fixed regression in directory listing latency (Issue #863).
+ Fixed use-after-free vulnerability during data transfers (Issue #903).
+ Addressed out-of-bounds read in mod_cap by removing bundled libcap, and
relying solely on the system-provided libcap (Issue #902). Note that
building ProFTPD from source will *not* automatically include the
mod_cap module, unless the libcap library is available.
+ mod_sftp now supports OpenSSH-specific private host keys (Issue #793).
Newer versions of OpenSSH ssh-keygen(1) automatically generate private
keys formatted with this OpenSSH-specific format.
+ mod_sftp now supports Ed25519 keys (Bug #4221).
+ mod_sftp now supports RSA SHA-2 publickey signatures, per RFC 8332
(Issue #907).
+ mod_tls now honors client-provided SNI as part of the TLS handshake,
for implementing name-based virtual hosts via TLS SNI.
+ Changed Configuration Directives
LogFormat %{transfer-port}
The LogFormat directive supports a %{transfer-port} variable for
logging the selected data transfer port.
SFTPOptions NoExtensionNegotiation
The mod_sftp module now supports SSH extension negotations (RFC 8332).
If there any issues with this support, it can be disabled using:
SFTPOptions NoExtensionNegotiation
SQLAuthTypes bcrypt
The mod_sql_passwd module now supports bcrypt-encrypted passwords.
This can be enabled using:
SQLAuthTypes bcrypt
in your mod_sql configuration. See doc/contrib/mod_sql_password.html
for more information.
TLSOption IgnoreSNI
The TLSOption directive now supports an "IgnoreSNI" setting, to
tell mod_tls to ignore/not use any SNI, provided by the client in the
TLS handshake, for determining any name-based virtual hosts. See
doc/contrib/mod_tls.html#TLSOption for more details.
+ Added API
FSIO pread(2), pwrite(2) (Issue#317)
1.3.7rc2
+ Fixed pre-authentication remote denial-of-service issue (Issue #846,
CVE-2019-18217).
1.3.7rc1
+ RootRevoke is now on by default, meaning that once authentication succeeds,
all root privileges are dropped by default, unless the UserOwner directive
(which requires root privileges) is used (Bug#4241).
+ The mod_ident module is no longer automatically built by default.
To include the mod_ident module in the build, it must be explicitly
requested via --enable-ident or --with-shared=mod_ident.
This means that configuration files using the IdentLookups directive
will now want to using an enclosing <IfModule> section, like so:
<IfModule mod_ident.c>
IdentLookups off
</IfModule>
+ The mod_tls module now performs basic sanity checks of configured TLS
files on startup (Issue#491).
+ The mod_deflate module now supports MODE Z data transfers when TLS
is used (Issue#505).
+ The mod_xfer module now supports the RANG FTP command; see
https://tools.ietf.org/html/draft-bryan-ftp-range-08 (Issue#351).
+ The ftpasswd script now supports a --change-home option, for changing
the home directory of a user in an AuthUserFile (Issue#566).
+ The ftpasswd script supports deleting a user from a group (Issue#620).
+ Refactored the LogFormat handling code so that it is not longer
duplicated by mod_log, mod_sql, etc. The new Jot API is the common API
to be used by modules for LogFormat variables and logging.
+ Generated new DH parameters for mod_sftp, mod_tls.
+ New Configuration Directives
AuthFileOptions
The mod_auth_file module supports a configuration directive for disabling
its requirement for secure permissions on configured
AuthUserFile/AuthGroupFile. See
doc/modules/mod_auth_file.html#AuthFileOptions for information.
RedisLogOnEvent
The mod_redis module can be configured to log JSON messages based on
specified events (Issue#392). See the
doc/modules/mod_redis.html#RedisLogOnEvent documentation for details.
RedisOptions
The mod_redis module now implements a RedisOptions directive, for tuning
some of the module behavior (Issue#477). The
doc/modules/mod_redis.html#RedisOptions documentation has more details.
RedisSentinel
The mod_redis module now supports use of Redis Sentinels (Issue#396);
see doc/modules/mod_redis.html#RedisSentinel.
+ Changed Configuration Directives
AllowForeignAddress class-name
The AllowForeignAddress directive supports a Class name, for finer-grained
control over which clients are allowed to use foreign/mismatching IP
addresses for transfers. See
doc/modules/mod_core.html#AllowForeignAddress for more information.
ExecEnviron %b
The ExecEnviron directive has been fixed to properly resolve the %b
LogFormat variable (Issue#515).
RedisServer db-index (Issue#550)
The mod_redis module can now be configured to select a database index
via the RedisServer directive (Issue#550). See the
doc/modules/mod_redis.html#RedisServer documentation for details.
RewriteMap idnatrans
The mod_rewrite module can now support rewriting `idn` to `idna`
formats (Issue#231). See the doc/modules/mod_rewrite#RewriteMap for
details on how to do so.
RootRevoke on
The RootRevoke directive is now enabled by default (Bug#4241). This
makes for more secure configurations/sessions out-of-the-box. See
doc/modules/mod_auth.html#RootRevoke for more information.
SFTPCiphers, SFTPDigests
Some weak algorithms are now disabled by default in mod_sftp (Bug#4279).
These algorithms, if need be, can be explicitly enabled by configuration;
they are just not enabled automatically. For list of the algorithms
affected, see doc/contrib/mod_sftp.html#SFTPCiphers,
doc/contrib/mod_sftp.html#SFTPDigests.
SFTPOptions IncludeSFTPTimes
The SFTOptions directive of mod_sftp now supports an option for explicitly
including the timestamps of files when SFTP protocol 4 and higher are
used, even if the SFTP client did not request these timestamps. This
works around a bug in the popular Rebex SFTP library; see
doc/contrib/mod_sftp.html#SFTPOptions for details.
TLSProtocol TLSv1.3
The mod_tls module, and its TLSProtocol directive, now support TLSv1.3
(Issue#536). See doc/contrib/mod_tls.html#TLSProtocol for more
information.
TLSServerCipherPreference
The TLSServerCipherPreference directive is now enabled by default.
See doc/contrib/mod_tls.html#TLSServerCipherPrefrence.
TLSStaplingOptions NoFakeTryLater
Some TLS clients have trouble with the "fake" OCSP response that mod_tls
might stable, when the client requested stapled OCSP responses and
mod_tls is unable to contact the OCSP responder. Use this option to
disable such fake responses (Issue#518):
TLSStaplingOptions NoFakeTryLater
See doc/contrib/mod_tls.html#TLSStaplingOptions for details.
+ Removed Configuration Directives
The following directives have been removed:
GroupPassword
LoginPasswordPrompt
TransferPriority
|
|
1.9.7.2
Performance Regression Fix
1.9.7
- Moved the project documentation from Read the Docs(RST) to github.io(MarkDown)
- Added a new mechanism for creating bit-sized field definitions in the protocol parsers (Packet.\_\_bit_fields\_\_)
- Added pretty printing capability aka Packet.pprint(), Packet.\_\_pprint_funcs\_\_
- Added documentation on developing protocol parsers in dpkt (creating_parsers.md)
- Added a universal pcap+pcapng reader (dpkt.pcap.UniversalReader)
- Improved TLS ClientHello and ServerHello parsing: return an "Unknown" ciphersuite instead of raising an exception, add codes for rfc8701, GREASE ciphersutes
- Added function to get IP protocol name
- Modified Packet.\_\_getitem\_\_() and added Packet.\_\_contains\_\_() to address the nested protocol layers
- Fixed payload length interpretation in AH decoder
- Improved handling of invalid chunks in HTTP and SCTP
- Fixed decoding of IPv6 fragments after the 1st fragment
- Support rfc3540 nonce sum flag in TCP
|
|
|
|
1.5.3:
Add support (and pre-built wheels) for Python 3.10
|
|
|
|
... for packages where the go-module.mk defaults DTRT as-is.
|
|
7.1.1:
Changelog
Fix transition xml name in lifecycleconfig
Remove nose tests and move to python unittest
Use unquote_plus() to decode url encoded value.
Ignore cert addition if custom httpclient is passed
use f-string wherever possible
Raise ValueError instead of returning in ChainedProvider
|
|
Wireshark 3.4.9 Release Notes
Bug Fixes
The following bugs have been fixed:
• TShark PDML output embeds "proto" elements within other "proto"
elements Issue 10588[1].
• Filter expressions comparing against single-octet hex strings
where the hex digit string equals a protocol name don’t work
Issue 12810[2].
• AMQP 0.9: dissector fails to handle Content-Body frame split
across TCP packets Issue 14217[3].
• IEEE 802.15.4: Missing check on "PAN ID Present" bit of the
Multipurpose Frame Control field Issue 17496[4].
• Wireshark ignored some character in filename when exporting SMB
objects. Issue 17530[5].
• tshark -z credentials: assertion failed: (allocator→in_scope)
Issue 17576[6].
• IS-IS Extended IP Reachability Prefix-SID not decoded properly
Issue 17610[7].
• Error when reloading lua plugins with a capture file loaded via a
custom lua file handler Issue 17615[8].
• Absolute time UTC field filters are constructed incorrectly,
don’t match the packet Issue 17617[9].
• GUI freezes when clicking on large (non-capture) file in File
chooser Issue 17620[10].
• Crash after selecting a different profile while capturing Issue
17622[11].
• BT-DHT reports malformed packets that are actually uTP on same
connection Issue 17626[12].
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
AMQP, Aruba IAP, BGP, BT-DHT, CoAP, DCERPC SPOOLSS, Diameter, EPL,
GSM A-bis OML, GSM A-I/F COMMON, GSM SIM, IEEE 1905.1a, IEEE
802.15.4, IMAP, InfiniBand, ISIS LSP, ISObus VT, JPEG, MP2T,
NORDIC_BLE, QUIC, RTCP, SDP, SMB, TWAMP-Control, USB HID, and VSS
Monitoring
New and Updated Capture File Support
CAM Inspector, Ixia IxVeriWave, pcapng, and USBDump
|
|
(For real! That was part of previous update, sorry!)
|
|
|
|
pkgsrc changes:
- Take MAINTAINERship
Changes:
(Manually filled to only highlight major changes)
1.22.x
------
- Added support for `kubectl debug' ephemeral containers
(compatible with old API)
1.21.x
------
- Update kubectl kustomize to 4.0.5
- Default Container Annotation: Pod with multiple containers can use
kubectl.kubernetes.io/default-container annotation to have a container
preselected for kubectl commands. More can be read in KEP-2227.
|
|
rst2html.py and rst2man.py are accidentally recognized if installed and used
leading to generation of HTML man pages and PLIST mismatch.
|
|
Changes since 4.13.11
---------------------
* BUG 14806: Address a signifcant performance regression in database access
in the AD DC since Samba 4.12.
* BUG 14807: Fix performance regression in lsa_LookupSids3/LookupNames4 since
Samba 4.9 by using an explicit database handle cache.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14818: Address flapping samba_tool_drs_showrepl test.
* BUG 14819: Address flapping dsdb_schema_attributes test.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
* BUG 14784: Fix CTDB flag/status update race conditions.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
server name in a TGS-REQ.
|
|
3.8.0 - 04/10/2021
Modified
transip provider is deprecated and not maintained anymore, it will be replaced soon by a new transip provider build on top of the TransIP v6 REST API
Deleted
transip provider is not part of the full dns-lexicon extra, you need to install explicitly the transip extra instead
3.7.1 - 04/10/2021
Modified
Allow to use newer versions of cryptography
Fix doc about unit tests
|
|
|
|
|
|
Release v1.41.0
This release contains refinements, improvements, and bug fixes, with highlights listed below.
Core
De-experimentalize XdsCredentials and XdsServerCredentials API.
xDS: Remove environmental variable guard for security.
xDS Security: Use new way to fetch certificate provider plugin instance config.
xDS server serving status: Use a struct to allow more fields to be added in the future.
Annotate impl/codegen with IWYU pragmas.
Update submodule envoy-api to origin/main.
Upgrade third_party/protobuf to v3.17.3.
update submodule boringssl-with-bazel with origin/master-with-bazel.
Delete libuv-iomgr implementation and GRPC_UV build option.
Allow access to Google API regional endpoints via Google Default Credentials.
Remove GPR_*_TLS macros except PTHREAD.
Limit initial window size increases and per-stream window delta.
C++
Bump version to v1.41.0-pre1.
De-experimentalize XdsServerBuilder.
C++ opencensus filter: Fix point of creating context for overall call.
Flag grpc++_test library testonly.
Add note on officially supported platforms.
Open census call attempt span name and attribute changes
Open census call attempt span name and attribute changes.
C#
Backport 27382 to v1.41.x.
[csharp] Fix error loading library grpc_csharp_ext.*.dll on windows with non-ASCII encoding.
Annotate copied Content native lib items with package id to enable customization.
Objective-C
Objective-C: Fix issue with creating a Unix file socket.
Python
Use manylinux_2_17 instead of manylinux_2_24 tag for manylinux2014 aarch64 wheels.
Add Python 3.10 drop 3.5.
[Aio] Remove custom IO manager support.
|
|
Bump PKGREVISION.
|
|
Overview of changes in 2.5.4
============================
Bugfixes
--------
- fix prompting for password on windows console if stderr redirection
is in use - this breaks 2.5.x on Win11/ARM, and might also break
on Win11/adm64 when released.
- fix setting MAC address on TAP adapters (--lladdr) to use sitnl
(was overlooked, and still used "ifconfig" calls)
- various improvements for man page building (rst2man/rst2html etc)
- minor bugfix with IN6_IS_ADDR_UNSPECIFIED() use (breaks build on
at least one platform strictly checking this)
- fix minor memory leak under certain conditions in add_route() and
add_route_ipv6()
User-visible Changes
--------------------
- documentation improvements
- copyright updates where needed
- better error reporting when win32 console access fails
New features
------------
- also build man page on Windows builds
|
|
2021/10/04 : 2.4.6
- BUG/MEDIUM: filters: Fix a typo when a filter is attached blocking the release
2021/10/01 : 2.4.5
- MINOR: lua: Add a flag on lua context to know the yield capability at run time
- BUG/MINOR: lua: Yield in channel functions only if lua context can yield
- BUG/MINOR: lua: Don't yield in channel.append() and channel.set()
- BUG/MINOR: stream: Don't release a stream if FLT_END is still registered
- BUG/MEDIUM: http-ana: Reset channels analysers when returning an error
- BUG/MINOR: filters: Always set FLT_END analyser when CF_FLT_ANALYZE flag is set
- BUG/MINOR: filters: Set right FLT_END analyser depending on channel
- BUG/MINOR: systemd: ExecStartPre must use -Ws
- BUG/MEDIUM: mux-h1: Remove "Upgrade:" header for requests with payload
- MINOR: htx: Skip headers with no value when adding a header list to a message
- CLEANUP: mux-h1: Remove condition rejecting upgrade requests with payload
- BUG/MEDIUM: stream-int: Don't block SI on a channel policy if EOI is reached
- BUG/MINOR: compat: make sure __WORDSIZE is always defined
- CLEANUP: pools: factor all malloc_trim() calls into trim_all_pools()
- MINOR: pools: automatically disable malloc_trim() with external allocators
- MINOR: pools: use mallinfo2() when available instead of mallinfo()
- BUG/MAJOR: mux-h1: Don't eval input data if an error was reported
- BUG/MINOR: tcpcheck: Improve LDAP response parsing to fix LDAP check
- DOC: management: certificate files must be sanitized before injection
- BUG/MINOR: connection: prevent null deref on mux cleanup task allocation
- BUILD: ist: prevent gcc11 maybe-uninitialized warning on istalloc
- BUG/MINOR: cli/payload: do not search for args inside payload
- BUG/MINOR: flt-trace: fix an infinite loop when random-parsing is set
- BUILD: tools: get the absolute path of the current binary on NetBSD.
- MINOR: tools: add FreeBSD support to get_exec_path()
- MINOR: proc: setting the process to produce a core dump on FreeBSD.
- BUILD: activity: use #ifdef not #if on USE_MEMORY_PROFILING
- BUILD/MINOR: defaults: eliminate warning on MAXHOSTNAMELEN with -Wundef
- BUILD/MINOR: ssl: avoid a build warning on LIBRESSL_VERSION with -Wundef
- IMPORT: slz: silence a build warning with -Wundef
- BUILD/MINOR: regex: avoid a build warning on USE_PCRE2 with -Wundef
- BUILD: ssl: next round of build warnings on LIBRESSL_VERSION_NUMBER
- BUILD: ssl: fix two remaining occurrences of #if USE_OPENSSL
- BUILD: tools: properly guard __GLIBC__ with defined()
- BUG/MINOR: vars: improve accuracy of the rules used to check expression validity
- MINOR: sample: add missing ARGC_ entries
- BUG/MINOR: vars: properly set the argument parsing context in the expression
- BUG/MINOR: vars: truncate the variable name in error reports about scope.
- BUG/MINOR: vars: do not talk about global section in CLI errors for set-var
- BUILD: fix dragonfly build again on __read_mostly
- BUILD: compiler: fixed a missing test on defined(__GNUC__)
- BUILD: halog: fix a -Wundef warning on non-glibc systems
- BUILD: threads: fix -Wundef for _POSIX_PRIORITY_SCHEDULING on libmusl
- BUG/MINOR: server: allow 'enable health' only if check configured
- BUG/MEDIUM: leastconn: fix rare possibility of divide by zero
- BUG/MINOR: h1-htx: Fix a typo when request parser is reset
- BUG/MINOR: http-ana: increment internal_errors counter on response error
- MINOR: server: implement a refcount for dynamic servers
- MINOR: global: define MODE_STOPPING
- BUG/MINOR: server: do not use refcount in free_server in stopping mode
- MINOR: server: return the next srv instance on free_server
- BUG/MINOR: stats: use refcount to protect dynamic server on dump
- BUG/MEDIUM: mux-h1: Adjust conditions to ask more space in the channel buffer
- BUG/MEDIUM: stream-int: Notify stream that the mux wants more room to xfer data
- BUG/MEDIUM: stream: Stop waiting for more data if SI is blocked on RXBLK_ROOM
- MINOR: stream-int: Set CO_RFL transient/persistent flags apart in si_cs_rcv()
- MINOR: htx: Add an HTX flag to know when a message is fragmented
- MINOR: htx: Add a function to know if the free space wraps
- BUG/MEDIUM: stream-int: Defrag HTX message in si_cs_recv() if necessary
- MINOR: stream-int: Notify mux when the buffer is not stuck when calling rcv_buf
- BUG/MINOR: mux-h1/mux-fcgi: Sanitize TE header to only send "trailers"
- DOC: peers: fix doc "enable" statement on "peers" sections
- MINOR: Makefile: add MEMORY_POOLS to the list of DEBUG_xxx options
- BUG/MEDIUM: lua: fix wakeup condition from sleep()
- BUG/MAJOR: lua: use task_wakeup() to properly run a task once
- MINOR: arg: Be able to forbid unresolved args when building an argument list
- BUG/MINOR: tcpcheck: Don't use arg list for default proxies during parsing
- BUG/MINOR: tcp-rules: Stop content rules eval on read error and end-of-input
- MINOR: tasks: catch TICK_ETERNITY with BUG_ON() in __task_queue()
|
|
No upstream ChangeLog.
|
|
No upstream ChangeLog.
|
|
No upstream ChangeLog.
|
|
GNU Wget2 is the successor of GNU Wget, a file and recursive website
downloader. Designed and written from scratch it wraps around
libwget, that provides the basic functions needed by a web client.
Wget2 works multi-threaded and uses many features to allow fast
operation.
|
|
Upstream changes:
mikutter 4.1.7
https://mikutter.hatenablog.com/entry/2021/10/02/114317
* make modules that use httpclient explicitly refer system's root CA
|
|
Bump PKGREVISION.
|
|
|
|
|
|
From Chavdar Ivanov in PR 56427.
Bump PKGREVISION.
|
|
|
|
Changelog:
1.36.0
Changes
-------
* Update wslay
* Bump Windows build dependencies
* Bump android build dependencies
* Fix segfault when time_t is 64bit on 32bit arch
Patch from Natanael Copa
bug 1666
* Updates the make_bash_completion script to Python3.
Patch from sleepymac
bug 1672
* Prevent corrupt downloads after app and/or system crash
Patch from Ali MJ Al-Nasrawy
bug 1644
* Reset sessionDownloadLength and sessionUploadLength on download start
bug 1486
* AppleTLS: Add TLSv1.3 support
|
|
- Adaptation to skalibs-2.11.0.0.
- minidentd removed.
- Full client certificate support.
- Full SNI support, including server-side.
- s6-ucspitls[cd] -v2 now logs whether TLS is activated or not.
Complete client certificate and SNI support now make the TLS part of
s6-networking a fully viable replacement of stunnel and other similar
TLS tunneling tools.
|
|
- Adaptation to skalibs-2.11.0.0.
- Bugfixes.
|
|
|
|
3.9.7:
All Components
All bytecode is now compiled using the +deterministic compiler flag. This should eliminate the capture of some irrelevant build environment attributes in produced artifacts, improve consistency between builds, and reduce the file level diff between release artifacts.
Core Server
Enhancements
Classic queue shutdown now uses a much higher timeout (up to 10 minutes instead of 30 seconds).
In environments with many queues (especially mirrored queues) and many consumers this means that the chance of queue indices rebuilding after node restart is now substantially lower.
Prometheus Plugin
Enhancements
More configurability for metrics exposed via the Prometheus endpoint.
Shovel Plugin
Bug Fixes
Shovel URIs could be logged with credentials in some scenarios.
3.9.6:
Core Server
Bug Fixes
TLS information delivered in Proxy protocol header is now attached to connection metrics as if it was provided by a non-proxying client.
max_message_size had a one-off error in the validator.
mirroring_sync_batch_size was incorrectly validated as if it represented batch size in bytes. It represents batch size in number of messages, so the new default hard cap is now 1M (a very high number that's impractical)
Stream Plugin
Bug Fixes
Offset parameters were not stored correctly in some cases.
Partitions list order is now stable.
When stream clients close connections abruptly, publisher and consumer metrics get cleaned up correctly.
Management Plugin
Enhancements
Stream publishers are now listed on the individual stream page.
Counters have been added to the tiles of several sections on detail pages.
3.9.5:
Core Server
Bug Fixes
Virtual host metadata (description, tags) was not imported from definitions.
Reduced unnecessary debug logging from streams.
AWS Peer Discovery Plugin
Enhancements
AWS API calls are now retried multiple times.
Contributed by AWS.
Management Plugin
Enhancements
PUT /api/vhosts/{name} now can update metadata (tags and descriptions) for existing virtual hosts.
3.9.4:
Core Server
Enhancements
New Prometheus metrics for alarms
Nodes will now use four more environment variables, if set: RABBITMQ_DEFAULT_USER (overrides default_user in rabbitmq.conf), RABBITMQ_DEFAULT_PASS (overrides default_pass), RABBITMQ_DEFAULT_VHOST (overrides default_vhost) and RABBITMQ_ERLANG_COOKIE (sets shared authentication secret value). These variables are not recommended to be used in production but can be the only realistic option in some environment, such as service containers, ECS, and so on. Most users should continue using rabbitmq.conf and a securely generated local cookie file.
Definitions now can be imported from different sources, including those provided by plugins. Original local filesystem source is still supported in a backwards-compatible way.
3.9.3:
Core Server
Bug Fixes
Queues that had messages with per-message TTL in them could fail to recover their indices after a restart.
JSON logging could fail with an exception when a logged event included epoch-based timestamp value.
JSON logging now uses integers (as opposed to floats) to represent epoch-based timestamps
Enhancements
RabbitMQ application no longer reports the stopping event to systemd. This was counterproductive when the application was stopped but the runtime (Erlang VM) was kept running, e.g. via rabbitmqctl stop_app or by the pause minority partition handling strategy.
Now systemd service monitoring will recognize a node as stopped only when the runtime is stopped, which is usually the behavior operators expect.
3.9.2:
CLI Tools
Bug Fixes
rabbitmq-upgrade drain and rabbitmq-upgrade revive now log warning and info level instead of alert.
Shovel Plugin
Bug Fixes
Multiple Shovels could be started in some cases involving node restarts of failures.
Federation Plugin
Bug Fixes
Multiple Federation links could be started in some cases involving node restarts of failures.
3.9.1:
Core Server
Bug Fixes
Clients that used global QoS prefetch (deprecated as of 3.9.0) ran into an exception when acknowledging deliveries.
Improved resiliency of stream coordinator in certain conditions.
Nodes failed to start when hostname contained non-ASCII (broader Unicode) characters.
CLI Tools
Bug Fixes
rabbitmq-diagnostics stream_status fails with an exception when the --tracking option was used.
rabbitmq-diagnostics stream_status used an outdated documentation guide link.
RabbitMQ Erlang Client
Bug Fixes
New releases of the client are again published to Hex.pm.
connection_timeout was adjusted to avoid a confusing warning.
Corrected a typo in direct connection net tick time adjustment.
3.9.0:
Streams
Erlang 24 Support
Kubernetes
Logging in JSON
|
|
|
|
|