Age | Commit message (Collapse) | Author | Files | Lines |
|
These were not installed anyway, and one fails to build on macOS.
(No PKGREVISION due to no change in binary package.)
|
|
Noted by anon
Bump PKGREVISION.
|
|
Upstream is about to release 2.51.4rc3 with version number 2.51.3.73,
and this packages a draft of that.
Packaging changes: Don't install the now-missing BUGS.txt.
Upstream NEWS for 2.51.4 relative to 2.51.3:
\item OCaml 4.12 support
\item fsmonitor improvements and Solaris support
\item Color support in text UI, with a new preference, disabled by
NO\_COLOR.
\item Interactive profile selection in text UI, enabled by a new
preference.
\item Working files are stored in the unison directory (typically
~/.unison) rather than \$HOME.
\item Build cleanups, CI improvements, housekeeping
\item Many bugfixes and minor improvements
|
|
|
|
Changes in version 0.4.5.9 - 2021-06-14
Tor 0.4.5.9 fixes several security issues, including a
denial-of-service attack against onion service clients, and another
denial-of-service attack against relays. Everybody should upgrade to
one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5.
o Major bugfixes (security, backport from 0.4.6.5):
- Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on
half-closed streams. Previously, clients failed to validate which
hop sent these cells: this would allow a relay on a circuit to end
a stream that wasn't actually built with it. Fixes bug 40389;
bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021-
003 and CVE-2021-34548.
o Major bugfixes (security, defense-in-depth, backport from 0.4.6.5):
- Detect more failure conditions from the OpenSSL RNG code.
Previously, we would detect errors from a missing RNG
implementation, but not failures from the RNG code itself.
Fortunately, it appears those failures do not happen in practice
when Tor is using OpenSSL's default RNG implementation. Fixes bug
40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as
TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.
o Major bugfixes (security, denial of service, backport from 0.4.6.5):
- Resist a hashtable-based CPU denial-of-service attack against
relays. Previously we used a naive unkeyed hash function to look
up circuits in a circuitmux object. An attacker could exploit this
to construct circuits with chosen circuit IDs, to create
collisions and make the hash table inefficient. Now we use a
SipHash construction here instead. Fixes bug 40391; bugfix on
0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and
CVE-2021-34549. Reported by Jann Horn from Google's Project Zero.
- Fix an out-of-bounds memory access in v3 onion service descriptor
parsing. An attacker could exploit this bug by crafting an onion
service descriptor that would crash any client that tried to visit
it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also
tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei
Glazunov from Google's Project Zero.
o Minor features (compatibility, backport from 0.4.6.4-rc):
- Remove an assertion function related to TLS renegotiation. It was
used nowhere outside the unit tests, and it was breaking
compilation with recent alpha releases of OpenSSL 3.0.0. Closes
ticket 40399.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2021/06/10.
o Minor bugfixes (control, sandbox, backport from 0.4.6.4-rc):
- Allow the control command SAVECONF to succeed when the seccomp
sandbox is enabled, and make SAVECONF keep only one backup file to
simplify implementation. Previously SAVECONF allowed a large
number of backup files, which made it incompatible with the
sandbox. Fixes bug 40317; bugfix on 0.2.5.4-alpha. Patch by
Daniel Pinto.
o Minor bugfixes (metrics port, backport from 0.4.6.4-rc):
- Fix a bug that made tor try to re-bind() on an already open
MetricsPort every 60 seconds. Fixes bug 40370; bugfix
on 0.4.5.1-alpha.
|
|
1.19.93
api-change:ec2: Amazon EC2 adds new AMI property to flag outdated AMIs
api-change:medialive: AWS MediaLive now supports OCR-based conversion of DVB-Sub and SCTE-27 image-based source captions to WebVTT, and supports ingest of ad avail decorations in HLS input manifests.
api-change:mediaconnect: When you enable source failover, you can now designate one of two sources as the primary source. You can choose between two failover modes to prevent any disruption to the video stream. Merge combines the sources into a single stream. Failover allows switching between a primary and a backup stream.
1.19.92
api-change:sagemaker-featurestore-runtime: Release BatchGetRecord API for AWS SageMaker Feature Store Runtime.
api-change:appmesh: AppMesh now supports additional routing capabilities in match and rewrites for Gateway Routes and Routes. Additionally, App Mesh also supports specifying DNS Response Types in Virtual Nodes.
api-change:redshift: Added InvalidClusterStateFault to the ModifyAquaConfiguration API, thrown when calling the API on a non available cluster.
api-change:appflow: Adding MAP_ALL task type support.
api-change:chime: This SDK release adds support for UpdateAccount API to allow users to update their default license on Chime account.
api-change:managedblockchain: This release supports KMS customer-managed Customer Master Keys (CMKs) on member-specific Hyperledger Fabric resources.
api-change:ec2: This release adds a new optional parameter connectivityType (public, private) for the CreateNatGateway API. Private NatGateway does not require customers to attach an InternetGateway to the VPC and can be used for communication with other VPCs and on-premise networks.
api-change:ram: AWS Resource Access Manager (RAM) is releasing new field isResourceTypeDefault in ListPermissions and GetPermission response, and adding permissionArn parameter to GetResourceShare request to filter by permission attached
api-change:cognito-idp: Amazon Cognito now supports targeted sign out through refresh token revocation
api-change:sagemaker: Using SageMaker Edge Manager with AWS IoT Greengrass v2 simplifies accessing, maintaining, and deploying models to your devices. You can now create deployable IoT Greengrass components during edge packaging jobs. You can choose to create a device fleet with or without creating an AWS IoT role alias.
1.19.91
api-change:proton: This is the initial SDK release for AWS Proton
api-change:transfer: Documentation updates for the AWS Transfer Family service.
api-change:personalize-events: Support for unstructured text inputs in the items dataset to to automatically extract key information from product/content description as an input when creating solution versions.
api-change:kendra: AWS Kendra now supports checking document status.
1.19.90
api-change:cognito-idp: Documentation updates for cognito-idp
api-change:macie2: This release of the Amazon Macie API introduces stricter validation of S3 object criteria for classification jobs.
api-change:fsx: This release adds support for auditing end-user access to files, folders, and file shares using Windows event logs, enabling customers to meet their security and compliance needs.
api-change:servicecatalog: increase max pagesize for List/Search apis
1.19.89
api-change:eks: Added updateConfig option that allows customers to control upgrade velocity in Managed Node Group.
api-change:sagemaker: AWS SageMaker - Releasing new APIs related to Callback steps in model building pipelines. Adds experiment integration to model building pipelines.
api-change:glue: Add SampleSize variable to S3Target to enable s3-sampling feature through API.
api-change:personalize: Update regex validation in kmsKeyArn and s3 path API parameters for AWS Personalize APIs
1.19.88
api-change:medialive: Add support for automatically setting the H.264 adaptive quantization and GOP B-frame fields.
api-change:autoscaling: Documentation updates for Amazon EC2 Auto Scaling
api-change:qldb: Documentation updates for Amazon QLDB
api-change:rds: Documentation updates for RDS: fixing an outdated link to the RDS documentation in DBInstance$DBInstanceStatus
api-change:pi: The new GetDimensionKeyDetails action retrieves the attributes of the specified dimension group for a DB instance or data source.
api-change:cloudtrail: AWS CloudTrail supports data events on new service resources, including Amazon DynamoDB tables and S3 Object Lambda access points.
1.19.87
api-change:ssm: Documentation updates for ssm to fix customer reported issue
api-change:forecast: Added optional field AutoMLOverrideStrategy to CreatePredictor API that allows users to customize AutoML strategy. If provided in CreatePredictor request, this field is visible in DescribePredictor and GetAccuracyMetrics responses.
api-change:route53resolver: Documentation updates for Route 53 Resolver
api-change:s3: S3 Inventory now supports Bucket Key Status
api-change:s3control: Amazon S3 Batch Operations now supports S3 Bucket Keys.
1.19.86
api-change:docdb: This SDK release adds support for DocDB global clusters.
api-change:lightsail: Documentation updates for Lightsail
api-change:ecs: Documentation updates for Amazon ECS.
api-change:iam: Documentation updates for AWS Identity and Access Management (IAM).
api-change:braket: Introduction of a RETIRED status for devices.
api-change:autoscaling: You can now launch EC2 instances with GP3 volumes when using Auto Scaling groups with Launch Configurations
1.19.85
api-change:servicediscovery: Bugfixes - The DiscoverInstances API operation now provides an option to return all instances for health-checked services when there are no healthy instances available.
api-change:polly: Amazon Polly adds new Canadian French voice - Gabrielle. Gabrielle is available as Neural voice only.
api-change:ec2: Added idempotency to CreateNetworkInterface using the ClientToken parameter.
api-change:sns: This release adds SMS sandbox in Amazon SNS and the ability to view all configured origination numbers. The SMS sandbox provides a safe environment for sending SMS messages, without risking your reputation as an SMS sender.
api-change:iotwireless: Added six new public customer logging APIs to allow customers to set/get/reset log levels at resource type and resource id level. The log level set from the APIs will be used to filter log messages that can be emitted to CloudWatch in customer accounts.
1.19.84
api-change:datasync: Added SecurityDescriptorCopyFlags option that allows for control of which components of SMB security descriptors are copied from source to destination objects.
api-change:lookoutmetrics: Allowing dot(.) character in table name for RDS and Redshift as source connector.
api-change:location: Adds support for calculation of routes, resource tagging and customer provided KMS keys.
1.19.83
api-change:iotsitewise: IoT SiteWise Monitor Portal API updates to add alarms feature configuration.
api-change:devicefarm: Introduces support for using our desktop testing service with applications hosted within your Virtual Private Cloud (VPC).
api-change:iotevents-data: Releasing new APIs for AWS IoT Events Alarms
api-change:fsx: This release adds LZ4 data compression support to FSx for Lustre to reduce storage consumption of both file system storage and file system backups.
api-change:iotevents: Releasing new APIs for AWS IoT Events Alarms
api-change:resource-groups: Documentation updates for Resource Groups.
api-change:sqs: Documentation updates for Amazon SQS for General Availability of high throughput for FIFO queues.
api-change:lightsail: Documentation updates for Lightsail
api-change:kendra: Amazon Kendra now suggests popular queries in order to help guide query typing and help overall accuracy.
1.19.82
api-change:ec2: This release removes resource ids and tagging support for VPC security group rules.
1.19.81
api-change:acm-pca: This release enables customers to store CRLs in S3 buckets with Block Public Access enabled. The release adds the S3ObjectAcl parameter to the CreateCertificateAuthority and UpdateCertificateAuthority APIs to allow customers to choose whether their CRL will be publicly available.
api-change:cloudfront: Documentation fix for CloudFront
api-change:qldb: Support STANDARD permissions mode in CreateLedger and DescribeLedger. Add UpdateLedgerPermissionsMode to update permissions mode on existing ledgers.
api-change:ec2: This release adds resource ids and tagging support for VPC security group rules.
api-change:outposts: Add ConflictException to DeleteOutpost, CreateOutpost
api-change:ecs: The release adds support for registering External instances to your Amazon ECS clusters.
api-change:mwaa: Adds scheduler count selection for Environments using Airflow version 2.0.2 or later.
1.19.80
api-change:workspaces: Adds support for Linux device types in WorkspaceAccessProperties
api-change:iot: This release includes support for a new feature: Job templates for AWS IoT Device Management Jobs. The release includes job templates as a new resource and APIs for managing job templates.
api-change:transfer: AWS Transfer Family customers can now use AWS Managed Active Directory or AD Connector to authenticate their end users, enabling seamless migration of file transfer workflows that rely on AD authentication, without changing end users' credentials or needing a custom authorizer.
1.19.79
api-change:logs: This release provides dimensions and unit support for metric filters.
api-change:quicksight: Add new parameters on RegisterUser and UpdateUser APIs to assign or update external ID associated to QuickSight users federated through web identity.
api-change:ce: Introduced FindingReasonCodes, PlatformDifferences, DiskResourceUtilization and NetworkResourceUtilization to GetRightsizingRecommendation action
api-change:compute-optimizer: Adds support for 1) additional instance types, 2) additional instance metrics, 3) finding reasons for instance recommendations, and 4) platform differences between a current instance and a recommended instance type.
api-change:ec2: This release adds support for creating and managing EC2 On-Demand Capacity Reservations on Outposts.
1.19.78
api-change:s3: Documentation updates for Amazon S3
api-change:opsworkscm: New PUPPET_API_CRL attribute returned by DescribeServers API; new EngineVersion of 2019 available for Puppet Enterprise servers.
api-change:forecast: Updated attribute statistics in DescribeDatasetImportJob response to support Long values
api-change:efs: Update efs command to latest version
1.19.77
api-change:iam: Documentation updates for AWS Identity and Access Management (IAM).
api-change:lexv2-models: Update lexv2-models command to latest version
api-change:personalize: Added new API to stop a solution version creation that is pending or in progress for Amazon Personalize
api-change:quicksight: Add ARN based Row Level Security support to CreateDataSet/UpdateDataSet APIs.
1.19.76
api-change:iam: Add pagination to ListUserTags operation
api-change:eks: Update the EKS AddonActive waiter.
api-change:autoscaling: With this release, customers can easily use Predictive Scaling as a policy directly through Amazon EC2 Auto Scaling configurations to proactively scale their applications ahead of predicted demand.
api-change:kinesisanalyticsv2: Kinesis Data Analytics now allows rapid iteration on Apache Flink stream processing through the Kinesis Data Analytics Studio feature.
api-change:lightsail: Documentation updates for Amazon Lightsail.
api-change:rekognition: Amazon Rekognition Custom Labels adds support for customer managed encryption, using AWS Key Management Service, of image files copied into the service and files written back to the customer.
1.19.75
api-change:license-manager: AWS License Manager now supports periodic report generation.
api-change:personalize: Amazon Personalize now supports the ability to optimize a solution for a custom objective in addition to maximizing relevance.
api-change:iotsitewise: Documentation updates for AWS IoT SiteWise.
api-change:apprunner: AWS App Runner is a service that provides a fast, simple, and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud.
api-change:compute-optimizer: This release enables compute optimizer to support exporting recommendations to Amazon S3 for EBS volumes and Lambda Functions.
api-change:lexv2-models: Update lexv2-models command to latest version
api-change:support: Documentation updates for support
1.19.74
api-change:neptune: Neptune support for CopyTagsToSnapshots
api-change:iotdeviceadvisor: AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.
api-change:sagemaker-a2i-runtime: Documentation updates for Amazon A2I Runtime model
api-change:mediaconnect: MediaConnect now supports JPEG XS for AWS Cloud Digital Interface (AWS CDI) uncompressed workflows, allowing you to establish a bridge between your on-premises live video network and the AWS Cloud.
api-change:elasticache: Documentation updates for elasticache
api-change:applicationcostprofiler: APIs for AWS Application Cost Profiler.
1.19.73
api-change:imagebuilder: Text-only updates for bundled documentation feedback tickets - spring 2021.
api-change:macie2: This release of the Amazon Macie API adds support for defining run-time, S3 bucket criteria for classification jobs. It also adds resources for querying data about AWS resources that Macie monitors.
api-change:securityhub: Updated descriptions to add notes on array lengths.
api-change:es: Adds support for cold storage.
api-change:events: Update InputTransformer variable limit from 10 to 100 variables.
api-change:transcribe: Transcribe Medical now supports identification of PHI entities within transcripts
api-change:detective: Updated descriptions of array parameters to add the restrictions on the array and value lengths.
|
|
1.17.93
api-change:ec2: [botocore] Amazon EC2 adds new AMI property to flag outdated AMIs
api-change:medialive: [botocore] AWS MediaLive now supports OCR-based conversion of DVB-Sub and SCTE-27 image-based source captions to WebVTT, and supports ingest of ad avail decorations in HLS input manifests.
api-change:mediaconnect: [botocore] When you enable source failover, you can now designate one of two sources as the primary source. You can choose between two failover modes to prevent any disruption to the video stream. Merge combines the sources into a single stream. Failover allows switching between a primary and a backup stream.
1.17.92
api-change:sagemaker: [botocore] Using SageMaker Edge Manager with AWS IoT Greengrass v2 simplifies accessing, maintaining, and deploying models to your devices. You can now create deployable IoT Greengrass components during edge packaging jobs. You can choose to create a device fleet with or without creating an AWS IoT role alias.
api-change:appmesh: [botocore] AppMesh now supports additional routing capabilities in match and rewrites for Gateway Routes and Routes. Additionally, App Mesh also supports specifying DNS Response Types in Virtual Nodes.
api-change:redshift: [botocore] Added InvalidClusterStateFault to the ModifyAquaConfiguration API, thrown when calling the API on a non available cluster.
api-change:chime: [botocore] This SDK release adds support for UpdateAccount API to allow users to update their default license on Chime account.
api-change:ec2: [botocore] This release adds a new optional parameter connectivityType (public, private) for the CreateNatGateway API. Private NatGateway does not require customers to attach an InternetGateway to the VPC and can be used for communication with other VPCs and on-premise networks.
api-change:ram: [botocore] AWS Resource Access Manager (RAM) is releasing new field isResourceTypeDefault in ListPermissions and GetPermission response, and adding permissionArn parameter to GetResourceShare request to filter by permission attached
api-change:sagemaker-featurestore-runtime: [botocore] Release BatchGetRecord API for AWS SageMaker Feature Store Runtime.
api-change:cognito-idp: [botocore] Amazon Cognito now supports targeted sign out through refresh token revocation
api-change:appflow: [botocore] Adding MAP_ALL task type support.
api-change:managedblockchain: [botocore] This release supports KMS customer-managed Customer Master Keys (CMKs) on member-specific Hyperledger Fabric resources.
1.17.91
api-change:transfer: [botocore] Documentation updates for the AWS Transfer Family service.
api-change:personalize-events: [botocore] Support for unstructured text inputs in the items dataset to to automatically extract key information from product/content description as an input when creating solution versions.
api-change:proton: [botocore] This is the initial SDK release for AWS Proton
api-change:kendra: [botocore] AWS Kendra now supports checking document status.
1.17.90
api-change:fsx: [botocore] This release adds support for auditing end-user access to files, folders, and file shares using Windows event logs, enabling customers to meet their security and compliance needs.
api-change:servicecatalog: [botocore] increase max pagesize for List/Search apis
api-change:macie2: [botocore] This release of the Amazon Macie API introduces stricter validation of S3 object criteria for classification jobs.
api-change:cognito-idp: [botocore] Documentation updates for cognito-idp
1.17.89
api-change:sagemaker: [botocore] AWS SageMaker - Releasing new APIs related to Callback steps in model building pipelines. Adds experiment integration to model building pipelines.
api-change:glue: [botocore] Add SampleSize variable to S3Target to enable s3-sampling feature through API.
api-change:personalize: [botocore] Update regex validation in kmsKeyArn and s3 path API parameters for AWS Personalize APIs
api-change:eks: [botocore] Added updateConfig option that allows customers to control upgrade velocity in Managed Node Group.
1.17.88
api-change:rds: [botocore] Documentation updates for RDS: fixing an outdated link to the RDS documentation in DBInstance$DBInstanceStatus
api-change:pi: [botocore] The new GetDimensionKeyDetails action retrieves the attributes of the specified dimension group for a DB instance or data source.
api-change:cloudtrail: [botocore] AWS CloudTrail supports data events on new service resources, including Amazon DynamoDB tables and S3 Object Lambda access points.
api-change:medialive: [botocore] Add support for automatically setting the H.264 adaptive quantization and GOP B-frame fields.
api-change:autoscaling: [botocore] Documentation updates for Amazon EC2 Auto Scaling
api-change:qldb: [botocore] Documentation updates for Amazon QLDB
1.17.87
api-change:s3: [botocore] S3 Inventory now supports Bucket Key Status
api-change:s3control: [botocore] Amazon S3 Batch Operations now supports S3 Bucket Keys.
api-change:route53resolver: [botocore] Documentation updates for Route 53 Resolver
api-change:ssm: [botocore] Documentation updates for ssm to fix customer reported issue
api-change:forecast: [botocore] Added optional field AutoMLOverrideStrategy to CreatePredictor API that allows users to customize AutoML strategy. If provided in CreatePredictor request, this field is visible in DescribePredictor and GetAccuracyMetrics responses.
1.17.86
api-change:autoscaling: [botocore] You can now launch EC2 instances with GP3 volumes when using Auto Scaling groups with Launch Configurations
api-change:lightsail: [botocore] Documentation updates for Lightsail
api-change:ecs: [botocore] Documentation updates for Amazon ECS.
api-change:docdb: [botocore] This SDK release adds support for DocDB global clusters.
api-change:iam: [botocore] Documentation updates for AWS Identity and Access Management (IAM).
api-change:braket: [botocore] Introduction of a RETIRED status for devices.
1.17.85
api-change:sns: [botocore] This release adds SMS sandbox in Amazon SNS and the ability to view all configured origination numbers. The SMS sandbox provides a safe environment for sending SMS messages, without risking your reputation as an SMS sender.
api-change:polly: [botocore] Amazon Polly adds new Canadian French voice - Gabrielle. Gabrielle is available as Neural voice only.
api-change:ec2: [botocore] Added idempotency to CreateNetworkInterface using the ClientToken parameter.
api-change:iotwireless: [botocore] Added six new public customer logging APIs to allow customers to set/get/reset log levels at resource type and resource id level. The log level set from the APIs will be used to filter log messages that can be emitted to CloudWatch in customer accounts.
api-change:servicediscovery: [botocore] Bugfixes - The DiscoverInstances API operation now provides an option to return all instances for health-checked services when there are no healthy instances available.
1.17.84
api-change:lookoutmetrics: [botocore] Allowing dot(.) character in table name for RDS and Redshift as source connector.
api-change:location: [botocore] Adds support for calculation of routes, resource tagging and customer provided KMS keys.
api-change:datasync: [botocore] Added SecurityDescriptorCopyFlags option that allows for control of which components of SMB security descriptors are copied from source to destination objects.
1.17.83
api-change:iotevents-data: [botocore] Releasing new APIs for AWS IoT Events Alarms
api-change:devicefarm: [botocore] Introduces support for using our desktop testing service with applications hosted within your Virtual Private Cloud (VPC).
api-change:kendra: [botocore] Amazon Kendra now suggests popular queries in order to help guide query typing and help overall accuracy.
api-change:iotsitewise: [botocore] IoT SiteWise Monitor Portal API updates to add alarms feature configuration.
api-change:resource-groups: [botocore] Documentation updates for Resource Groups.
api-change:lightsail: [botocore] Documentation updates for Lightsail
api-change:iotevents: [botocore] Releasing new APIs for AWS IoT Events Alarms
api-change:fsx: [botocore] This release adds LZ4 data compression support to FSx for Lustre to reduce storage consumption of both file system storage and file system backups.
api-change:sqs: [botocore] Documentation updates for Amazon SQS for General Availability of high throughput for FIFO queues.
1.17.82
api-change:ec2: [botocore] This release removes resource ids and tagging support for VPC security group rules.
1.17.81
api-change:qldb: [botocore] Support STANDARD permissions mode in CreateLedger and DescribeLedger. Add UpdateLedgerPermissionsMode to update permissions mode on existing ledgers.
api-change:cloudfront: [botocore] Documentation fix for CloudFront
api-change:outposts: [botocore] Add ConflictException to DeleteOutpost, CreateOutpost
api-change:mwaa: [botocore] Adds scheduler count selection for Environments using Airflow version 2.0.2 or later.
api-change:ec2: [botocore] This release adds resource ids and tagging support for VPC security group rules.
api-change:ecs: [botocore] The release adds support for registering External instances to your Amazon ECS clusters.
api-change:acm-pca: [botocore] This release enables customers to store CRLs in S3 buckets with Block Public Access enabled. The release adds the S3ObjectAcl parameter to the CreateCertificateAuthority and UpdateCertificateAuthority APIs to allow customers to choose whether their CRL will be publicly available.
1.17.80
api-change:transfer: [botocore] AWS Transfer Family customers can now use AWS Managed Active Directory or AD Connector to authenticate their end users, enabling seamless migration of file transfer workflows that rely on AD authentication, without changing end users' credentials or needing a custom authorizer.
api-change:iot: [botocore] This release includes support for a new feature: Job templates for AWS IoT Device Management Jobs. The release includes job templates as a new resource and APIs for managing job templates.
api-change:workspaces: [botocore] Adds support for Linux device types in WorkspaceAccessProperties
1.17.79
api-change:quicksight: [botocore] Add new parameters on RegisterUser and UpdateUser APIs to assign or update external ID associated to QuickSight users federated through web identity.
api-change:ce: [botocore] Introduced FindingReasonCodes, PlatformDifferences, DiskResourceUtilization and NetworkResourceUtilization to GetRightsizingRecommendation action
api-change:compute-optimizer: [botocore] Adds support for 1) additional instance types, 2) additional instance metrics, 3) finding reasons for instance recommendations, and 4) platform differences between a current instance and a recommended instance type.
api-change:ec2: [botocore] This release adds support for creating and managing EC2 On-Demand Capacity Reservations on Outposts.
api-change:logs: [botocore] This release provides dimensions and unit support for metric filters.
1.17.78
api-change:efs: [botocore] Update efs client to latest version
api-change:s3: [botocore] Documentation updates for Amazon S3
api-change:forecast: [botocore] Updated attribute statistics in DescribeDatasetImportJob response to support Long values
api-change:opsworkscm: [botocore] New PUPPET_API_CRL attribute returned by DescribeServers API; new EngineVersion of 2019 available for Puppet Enterprise servers.
1.17.77
api-change:personalize: [botocore] Added new API to stop a solution version creation that is pending or in progress for Amazon Personalize
api-change:lexv2-models: [botocore] Update lexv2-models client to latest version
api-change:quicksight: [botocore] Add ARN based Row Level Security support to CreateDataSet/UpdateDataSet APIs.
api-change:iam: [botocore] Documentation updates for AWS Identity and Access Management (IAM).
1.17.76
api-change:kinesisanalyticsv2: [botocore] Kinesis Data Analytics now allows rapid iteration on Apache Flink stream processing through the Kinesis Data Analytics Studio feature.
api-change:rekognition: [botocore] Amazon Rekognition Custom Labels adds support for customer managed encryption, using AWS Key Management Service, of image files copied into the service and files written back to the customer.
api-change:iam: [botocore] Add pagination to ListUserTags operation
api-change:eks: [botocore] Update the EKS AddonActive waiter.
api-change:autoscaling: [botocore] With this release, customers can easily use Predictive Scaling as a policy directly through Amazon EC2 Auto Scaling configurations to proactively scale their applications ahead of predicted demand.
api-change:lightsail: [botocore] Documentation updates for Amazon Lightsail.
1.17.75
api-change:support: [botocore] Documentation updates for support
api-change:apprunner: [botocore] AWS App Runner is a service that provides a fast, simple, and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud.
api-change:compute-optimizer: [botocore] This release enables compute optimizer to support exporting recommendations to Amazon S3 for EBS volumes and Lambda Functions.
api-change:personalize: [botocore] Amazon Personalize now supports the ability to optimize a solution for a custom objective in addition to maximizing relevance.
api-change:license-manager: [botocore] AWS License Manager now supports periodic report generation.
api-change:iotsitewise: [botocore] Documentation updates for AWS IoT SiteWise.
api-change:lexv2-models: [botocore] Update lexv2-models client to latest version
1.17.74
api-change:mediaconnect: [botocore] MediaConnect now supports JPEG XS for AWS Cloud Digital Interface (AWS CDI) uncompressed workflows, allowing you to establish a bridge between your on-premises live video network and the AWS Cloud.
api-change:sagemaker-a2i-runtime: [botocore] Documentation updates for Amazon A2I Runtime model
api-change:applicationcostprofiler: [botocore] APIs for AWS Application Cost Profiler.
api-change:neptune: [botocore] Neptune support for CopyTagsToSnapshots
api-change:iotdeviceadvisor: [botocore] AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.
api-change:elasticache: [botocore] Documentation updates for elasticache
1.17.73
api-change:events: [botocore] Update InputTransformer variable limit from 10 to 100 variables.
enhancement:s3: [botocore] Block endpoint resolution of clients configured with S3 pseudo-regions (e.g. aws-global, s3-external-1) that will never resolve to a correct access point endpoint.
api-change:macie2: [botocore] This release of the Amazon Macie API adds support for defining run-time, S3 bucket criteria for classification jobs. It also adds resources for querying data about AWS resources that Macie monitors.
api-change:es: [botocore] Adds support for cold storage.
api-change:securityhub: [botocore] Updated descriptions to add notes on array lengths.
api-change:detective: [botocore] Updated descriptions of array parameters to add the restrictions on the array and value lengths.
api-change:transcribe: [botocore] Transcribe Medical now supports identification of PHI entities within transcripts
api-change:imagebuilder: [botocore] Text-only updates for bundled documentation feedback tickets - spring 2021.
enhancement:FIPS: [botocore] Add validation to only attempt to connect to FIPS endpoints with a FIPS pseudo-region if the pseudo-region is explicitly known to the SDK.
|
|
1.20.93
api-change:ec2: Amazon EC2 adds new AMI property to flag outdated AMIs
api-change:medialive: AWS MediaLive now supports OCR-based conversion of DVB-Sub and SCTE-27 image-based source captions to WebVTT, and supports ingest of ad avail decorations in HLS input manifests.
api-change:mediaconnect: When you enable source failover, you can now designate one of two sources as the primary source. You can choose between two failover modes to prevent any disruption to the video stream. Merge combines the sources into a single stream. Failover allows switching between a primary and a backup stream.
1.20.92
api-change:sagemaker: Using SageMaker Edge Manager with AWS IoT Greengrass v2 simplifies accessing, maintaining, and deploying models to your devices. You can now create deployable IoT Greengrass components during edge packaging jobs. You can choose to create a device fleet with or without creating an AWS IoT role alias.
api-change:appmesh: AppMesh now supports additional routing capabilities in match and rewrites for Gateway Routes and Routes. Additionally, App Mesh also supports specifying DNS Response Types in Virtual Nodes.
api-change:redshift: Added InvalidClusterStateFault to the ModifyAquaConfiguration API, thrown when calling the API on a non available cluster.
api-change:chime: This SDK release adds support for UpdateAccount API to allow users to update their default license on Chime account.
api-change:ec2: This release adds a new optional parameter connectivityType (public, private) for the CreateNatGateway API. Private NatGateway does not require customers to attach an InternetGateway to the VPC and can be used for communication with other VPCs and on-premise networks.
api-change:ram: AWS Resource Access Manager (RAM) is releasing new field isResourceTypeDefault in ListPermissions and GetPermission response, and adding permissionArn parameter to GetResourceShare request to filter by permission attached
api-change:sagemaker-featurestore-runtime: Release BatchGetRecord API for AWS SageMaker Feature Store Runtime.
api-change:cognito-idp: Amazon Cognito now supports targeted sign out through refresh token revocation
api-change:appflow: Adding MAP_ALL task type support.
api-change:managedblockchain: This release supports KMS customer-managed Customer Master Keys (CMKs) on member-specific Hyperledger Fabric resources.
1.20.91
api-change:transfer: Documentation updates for the AWS Transfer Family service.
api-change:personalize-events: Support for unstructured text inputs in the items dataset to to automatically extract key information from product/content description as an input when creating solution versions.
api-change:proton: This is the initial SDK release for AWS Proton
api-change:kendra: AWS Kendra now supports checking document status.
1.20.90
api-change:fsx: This release adds support for auditing end-user access to files, folders, and file shares using Windows event logs, enabling customers to meet their security and compliance needs.
api-change:servicecatalog: increase max pagesize for List/Search apis
api-change:macie2: This release of the Amazon Macie API introduces stricter validation of S3 object criteria for classification jobs.
api-change:cognito-idp: Documentation updates for cognito-idp
1.20.89
api-change:sagemaker: AWS SageMaker - Releasing new APIs related to Callback steps in model building pipelines. Adds experiment integration to model building pipelines.
api-change:glue: Add SampleSize variable to S3Target to enable s3-sampling feature through API.
api-change:personalize: Update regex validation in kmsKeyArn and s3 path API parameters for AWS Personalize APIs
api-change:eks: Added updateConfig option that allows customers to control upgrade velocity in Managed Node Group.
1.20.88
api-change:rds: Documentation updates for RDS: fixing an outdated link to the RDS documentation in DBInstance$DBInstanceStatus
api-change:pi: The new GetDimensionKeyDetails action retrieves the attributes of the specified dimension group for a DB instance or data source.
api-change:cloudtrail: AWS CloudTrail supports data events on new service resources, including Amazon DynamoDB tables and S3 Object Lambda access points.
api-change:medialive: Add support for automatically setting the H.264 adaptive quantization and GOP B-frame fields.
api-change:autoscaling: Documentation updates for Amazon EC2 Auto Scaling
api-change:qldb: Documentation updates for Amazon QLDB
1.20.87
api-change:s3: S3 Inventory now supports Bucket Key Status
api-change:s3control: Amazon S3 Batch Operations now supports S3 Bucket Keys.
api-change:route53resolver: Documentation updates for Route 53 Resolver
api-change:ssm: Documentation updates for ssm to fix customer reported issue
api-change:forecast: Added optional field AutoMLOverrideStrategy to CreatePredictor API that allows users to customize AutoML strategy. If provided in CreatePredictor request, this field is visible in DescribePredictor and GetAccuracyMetrics responses.
1.20.86
api-change:autoscaling: You can now launch EC2 instances with GP3 volumes when using Auto Scaling groups with Launch Configurations
api-change:lightsail: Documentation updates for Lightsail
api-change:ecs: Documentation updates for Amazon ECS.
api-change:docdb: This SDK release adds support for DocDB global clusters.
api-change:iam: Documentation updates for AWS Identity and Access Management (IAM).
api-change:braket: Introduction of a RETIRED status for devices.
1.20.85
api-change:sns: This release adds SMS sandbox in Amazon SNS and the ability to view all configured origination numbers. The SMS sandbox provides a safe environment for sending SMS messages, without risking your reputation as an SMS sender.
api-change:polly: Amazon Polly adds new Canadian French voice - Gabrielle. Gabrielle is available as Neural voice only.
api-change:ec2: Added idempotency to CreateNetworkInterface using the ClientToken parameter.
api-change:iotwireless: Added six new public customer logging APIs to allow customers to set/get/reset log levels at resource type and resource id level. The log level set from the APIs will be used to filter log messages that can be emitted to CloudWatch in customer accounts.
api-change:servicediscovery: Bugfixes - The DiscoverInstances API operation now provides an option to return all instances for health-checked services when there are no healthy instances available.
1.20.84
api-change:lookoutmetrics: Allowing dot(.) character in table name for RDS and Redshift as source connector.
api-change:location: Adds support for calculation of routes, resource tagging and customer provided KMS keys.
api-change:datasync: Added SecurityDescriptorCopyFlags option that allows for control of which components of SMB security descriptors are copied from source to destination objects.
1.20.83
api-change:iotevents-data: Releasing new APIs for AWS IoT Events Alarms
api-change:devicefarm: Introduces support for using our desktop testing service with applications hosted within your Virtual Private Cloud (VPC).
api-change:kendra: Amazon Kendra now suggests popular queries in order to help guide query typing and help overall accuracy.
api-change:iotsitewise: IoT SiteWise Monitor Portal API updates to add alarms feature configuration.
api-change:resource-groups: Documentation updates for Resource Groups.
api-change:lightsail: Documentation updates for Lightsail
api-change:iotevents: Releasing new APIs for AWS IoT Events Alarms
api-change:fsx: This release adds LZ4 data compression support to FSx for Lustre to reduce storage consumption of both file system storage and file system backups.
api-change:sqs: Documentation updates for Amazon SQS for General Availability of high throughput for FIFO queues.
1.20.82
api-change:ec2: This release removes resource ids and tagging support for VPC security group rules.
1.20.81
api-change:qldb: Support STANDARD permissions mode in CreateLedger and DescribeLedger. Add UpdateLedgerPermissionsMode to update permissions mode on existing ledgers.
api-change:cloudfront: Documentation fix for CloudFront
api-change:outposts: Add ConflictException to DeleteOutpost, CreateOutpost
api-change:mwaa: Adds scheduler count selection for Environments using Airflow version 2.0.2 or later.
api-change:ec2: This release adds resource ids and tagging support for VPC security group rules.
api-change:ecs: The release adds support for registering External instances to your Amazon ECS clusters.
api-change:acm-pca: This release enables customers to store CRLs in S3 buckets with Block Public Access enabled. The release adds the S3ObjectAcl parameter to the CreateCertificateAuthority and UpdateCertificateAuthority APIs to allow customers to choose whether their CRL will be publicly available.
1.20.80
api-change:transfer: AWS Transfer Family customers can now use AWS Managed Active Directory or AD Connector to authenticate their end users, enabling seamless migration of file transfer workflows that rely on AD authentication, without changing end users' credentials or needing a custom authorizer.
api-change:iot: This release includes support for a new feature: Job templates for AWS IoT Device Management Jobs. The release includes job templates as a new resource and APIs for managing job templates.
api-change:workspaces: Adds support for Linux device types in WorkspaceAccessProperties
1.20.79
api-change:quicksight: Add new parameters on RegisterUser and UpdateUser APIs to assign or update external ID associated to QuickSight users federated through web identity.
api-change:ce: Introduced FindingReasonCodes, PlatformDifferences, DiskResourceUtilization and NetworkResourceUtilization to GetRightsizingRecommendation action
api-change:compute-optimizer: Adds support for 1) additional instance types, 2) additional instance metrics, 3) finding reasons for instance recommendations, and 4) platform differences between a current instance and a recommended instance type.
api-change:ec2: This release adds support for creating and managing EC2 On-Demand Capacity Reservations on Outposts.
api-change:logs: This release provides dimensions and unit support for metric filters.
1.20.78
api-change:efs: Update efs client to latest version
api-change:s3: Documentation updates for Amazon S3
api-change:forecast: Updated attribute statistics in DescribeDatasetImportJob response to support Long values
api-change:opsworkscm: New PUPPET_API_CRL attribute returned by DescribeServers API; new EngineVersion of 2019 available for Puppet Enterprise servers.
1.20.77
api-change:personalize: Added new API to stop a solution version creation that is pending or in progress for Amazon Personalize
api-change:lexv2-models: Update lexv2-models client to latest version
api-change:quicksight: Add ARN based Row Level Security support to CreateDataSet/UpdateDataSet APIs.
api-change:iam: Documentation updates for AWS Identity and Access Management (IAM).
1.20.76
api-change:kinesisanalyticsv2: Kinesis Data Analytics now allows rapid iteration on Apache Flink stream processing through the Kinesis Data Analytics Studio feature.
api-change:rekognition: Amazon Rekognition Custom Labels adds support for customer managed encryption, using AWS Key Management Service, of image files copied into the service and files written back to the customer.
api-change:iam: Add pagination to ListUserTags operation
api-change:eks: Update the EKS AddonActive waiter.
api-change:autoscaling: With this release, customers can easily use Predictive Scaling as a policy directly through Amazon EC2 Auto Scaling configurations to proactively scale their applications ahead of predicted demand.
api-change:lightsail: Documentation updates for Amazon Lightsail.
1.20.75
api-change:support: Documentation updates for support
api-change:apprunner: AWS App Runner is a service that provides a fast, simple, and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud.
api-change:compute-optimizer: This release enables compute optimizer to support exporting recommendations to Amazon S3 for EBS volumes and Lambda Functions.
api-change:personalize: Amazon Personalize now supports the ability to optimize a solution for a custom objective in addition to maximizing relevance.
api-change:license-manager: AWS License Manager now supports periodic report generation.
api-change:iotsitewise: Documentation updates for AWS IoT SiteWise.
api-change:lexv2-models: Update lexv2-models client to latest version
1.20.74
api-change:mediaconnect: MediaConnect now supports JPEG XS for AWS Cloud Digital Interface (AWS CDI) uncompressed workflows, allowing you to establish a bridge between your on-premises live video network and the AWS Cloud.
api-change:sagemaker-a2i-runtime: Documentation updates for Amazon A2I Runtime model
api-change:applicationcostprofiler: APIs for AWS Application Cost Profiler.
api-change:neptune: Neptune support for CopyTagsToSnapshots
api-change:iotdeviceadvisor: AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.
api-change:elasticache: Documentation updates for elasticache
1.20.73
api-change:events: Update InputTransformer variable limit from 10 to 100 variables.
enhancement:s3: Block endpoint resolution of clients configured with S3 pseudo-regions (e.g. aws-global, s3-external-1) that will never resolve to a correct access point endpoint.
api-change:macie2: This release of the Amazon Macie API adds support for defining run-time, S3 bucket criteria for classification jobs. It also adds resources for querying data about AWS resources that Macie monitors.
api-change:es: Adds support for cold storage.
api-change:securityhub: Updated descriptions to add notes on array lengths.
api-change:detective: Updated descriptions of array parameters to add the restrictions on the array and value lengths.
api-change:transcribe: Transcribe Medical now supports identification of PHI entities within transcripts
api-change:imagebuilder: Text-only updates for bundled documentation feedback tickets - spring 2021.
enhancement:FIPS: Add validation to only attempt to connect to FIPS endpoints with a FIPS pseudo-region if the pseudo-region is explicitly known to the SDK.
|
|
v1.21
Added TCP_FASTOPEN support for client sockets (if tfo_ok is
specified in their configuration) and for listenint socket,
if all client protocols support it. (Craig Andrews)
Added 'minlength' option to skip a probe if less
than that many bytes have been received (mostly for
regex)
Moved configuration and command-line management to
use conf2struct. Hopefully this should be transparent
to users.
Update Let's Encrypt entry in example.cfg for tls-alpn-01
challenges; tls-sni-* challenges are now deprecated.
Log to syslog even if in foreground (for people who
use fail2ban)
Use syslog_facility: "none" to disable syslog
output.
v1.21b
Added TCP_FASTOPEN support for client sockets (if tfo_ok is specified
in their configuration) and for listenint socket, if all client
protocols support it. (Craig Andrews)
Added 'minlength' option to skip a probe if less than that many bytes
have been received (mostly for regex)
Moved configuration and command-line management to use conf2struct.
Changes are:
* command line option <-F|--config> no longer defaults to /etc/sslh.cfg,
so you have to specify it explicitly.
* command line option <-v|--verbose> takes a mandatory integer parameter
Update Let's Encrypt entry in example.cfg for tls-alpn-01 challenges;
tls-sni-* challenges are now deprecated.
Log to syslog even if in foreground (for people who use fail2ban)
Use syslog_facility: "none" to disable syslog output.
Changed exit code for illegal command line parameter from 1 to 6 (for
testing purposes)
v1.21c
Removed support for 'ssl' and fix a related segfault bug.
(use tls instead of ssl)
|
|
deprecated go-package; no users in pkgsrc
|
|
|
|
New in version 4.1
==================
Enhancements
------------
* Add support for NTS servers specified by IP address (matching
Subject Alternative Name in server certificate)
* Add source-specific configuration of trusted certificates
* Allow multiple files and directories with trusted certificates
* Allow multiple pairs of server keys and certificates
* Add copy option to server/pool directive
* Increase PPS lock limit to 40% of pulse interval
* Perform source selection immediately after loading dump files
* Reload dump files for addresses negotiated by NTS-KE server
* Update seccomp filter and add less restrictive level
* Restart ongoing name resolution on online command
Bug fixes
---------
* Fix responding to IPv4 command requests on FreeBSD
* Fix dump files to not include uncorrected offset
* Fix initstepslew to accept time from own NTP clients
* Reset NTP address and port when no longer negotiated by NTS-KE server
|
|
This file contains all major changes made during the development of bftpd.
The uppermost change is the newest one.
Jesse Smith <jessefrgsmith@yahoo.ca> -> 5.7
- A malicious client could cause a buffer overflow with
a lot of EPSV commands sent in a row. We now close
the pasv socket before each new use to avoid accumulating
more than 1023.
Thanks to Shisong Qin for reporting this issue and suggesting
a fix.
|
|
Version 1.0.36 August 26 2019
* Fix compiling tinc with certain versions of the OpenSSL library.
* Fix parsing some IPv6 addresses with :: in them.
* Fix GraphDumpFile output to handle node names starting with a digit.
* Fix a potential segmentation fault when fragmenting packets.
Thanks to Rosen Penev, Quentin Rameau and Werner Schreiber for their
contributions to this version of tinc.
Version 1.0.35 October 5 2018
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
* Minor fixes in the documentation.
Thanks to Amine Amri and Rafael Sadowski for their contributions to this
version of tinc.
Version 1.0.34 June 12 2018
* Fix a potential segmentation fault when connecting to an IPv6 peer via a
proxy.
* Minor improvements to the build system.
* Make the systemd service file identical to the one from the 1.1 branch.
* Fix a potential problem causing IPv4 sockets to not work on macOS.
Thanks to Maximilian Stein and Wang Liu Shuai for their contributions to this
version of tinc.
Version 1.0.33 November 4 2017
* Allow compilation from a build directory.
* Source code cleanups.
* Fix some options specified on the command line not surviving a HUP signal.
* Handle tun/tap device returning EPERM or EBUSY.
* Disable PMTUDiscovery when TCPOnly is used.
* Support the --runstatedir option of the autoconf 2.70.
Thanks to Rafael Sadowski and Pierre-Olivier Mercier for their contributions to
this version of tinc.
|
|
This release is for bug fixes only.
ASAN reports memory leaks while running tests
local libopts compiler warnings
DLT name for DLT_C_JNPR_ETHER in documentation
clean up new_cidr_map() string manipulation on error exit
fix gcc 8.3.0 build warnings
invalid --pps value protection
packets slowly drift further and further behind when they should be sent
64 bit rollover can cause pps replay issues after several hours
typo fixes
DLT_NULL/DLT_LOOP support for cross-platform PF_INET6
armv5 Freescale compile
heap buffer overflow in tcpreplay fast_edit_packet
heap buffer overflow in tcpreplay get_next_packet
CVE-2020-24266 heap buffer overflow in tcpprep get_l2len
CVE-2020-24265 heap buffer overflow in tcpprep
fix UNUSED macro declaration
handle malformed and unsupported packets as soft errors
compile failure on aarch64-linux-android
tcprewrite --fixlen not working on DLT conversion
fix configure --without-libdnet
ensure automake version is at least 1.15
with multiplier option only first file can be sent and hang
do not create tap0 if device already exists
|
|
Packaging changes: link against pthread, per upstream recommendations
Upstream changes: Bugfixes
|
|
sed 's/\(.*MINIUPNPC_API_VERSION\s\+\)[0-9]\+/\117/' < miniupnpc.h.bak > miniupnpc.h
sed: 1: "s/\(.*MINIUPNPC_API_VER ...": RE error: trailing backslash (\)
I held back on updating this package because of exactly this error...
|
|
|
|
All-in-one client for EC2 Instance Connect that handles key brokerage
and establishing connection to EC2 Instances through an interface
near-identical to standard system ssh, sftp, and other utilities.
|
|
[5.9.5] - 2021-05-25
Improvements
Changed a testing domain to one that really doesnt exist
Fix Incomplete notes field for file and block
Show component versions on hw detail
Add the firewall information on slcli firewall detail
Add an --orderBy parameters to call-api
Add image detail transaction data
[5.9.4] - 2021-04-27
New Commands
slcli hw authorize-storage
slcli order quote-save
Improvements
Refactored managers.ordering_manager.verify_quote() to work better with the REST endpoing
Add routers for each DC in slcli hw create-options
Add preset datatype in slcli virtual detail
Add upgrade option to slcli hw.
Ibmcloud authentication support
slcli config setup --ibmid
slcli config setup --sso
slcli config setup --cloud_key
slcli config setup --classic_key
Refactor slcli hw detail prices.
Updated contributing guide
Add the Hardware components on "slcli hardware detail"
Add billing and lastTransaction on hardware detail
Forced reserved capacity guests to be monthly
Removing the rwhois commands
Added automation to publish to test-pypi
Updating author_email to SLDN distro list
Add the option to add and upgrade the hw disk.
Added a utility to merge objectFilters,
Fixes shift+ins when pasteing into a password field for windows users.
Add Billing and lastTransaction on slcli virtual detail
Fixing 'import mock' pylint issues
|
|
RabbitMQ 3.8.17
RabbitMQ 3.8.17 is a maintenance release that includes a security patch.
Security Patches
This release addresses an undisclosed vulnerability with CVSS 3.1 score of 2.4 (low).
This section will be updated when the details are made public.
|
|
bump PKGREVISION
ok gdt@
|
|
Does not build, no release since 2015, no user in pkgsrc.
|
|
libtorrent-1.2.14
improve handling of seed flag in PEX messages
fix issue of accruing unlimited DHT node candidates when DHT is disabled
fix bug in parsing chunked encoding
fix incorrect reporting of active_duration when entering graceful-pause
fix python binding for functions taking string_view
fix python binding for torrent_info constructor overloads
issue python deprecation warnings for some deprecated functions in the python bindings
fix python binding for torrent_info::add_url_seed, add_tracker and add_http_seed
|
|
|
|
Changes:
20210606
--------
Extractors
* [facebook] Improve login required detection
* [youporn] Fix formats and view count extraction (#29216)
* [orf:tvthek] Fix thumbnails extraction (#29217)
* [formula1] Fix extraction (#29206)
* [ard] Relax URL regular expression and fix video ids (#22724, #29091)
+ [ustream] Detect https embeds (#29133)
* [ted] Prefer own formats over external sources (#29142)
* [twitch:clips] Improve extraction (#29149)
+ [twitch:clips] Add access token query to download URLs (#29136)
* [youtube] Fix get_video_info request (#29086, #29165)
* [vimeo] Fix vimeo pro embed extraction (#29126)
* [redbulltv] Fix embed data extraction (#28770)
* [shahid] Relax URL regular expression (#28772, #28930)
20210516
--------
Core
* [options] Fix thumbnail option group name (#29042)
* [YoutubeDL] Improve extract_info doc (#28946)
Extractors
+ [playstuff] Add support for play.stuff.co.nz (#28901, #28931)
* [eroprofile] Fix extraction (#23200, #23626, #29008)
+ [vivo] Add support for vivo.st (#29009)
+ [generic] Add support for og:audio (#28311, #29015)
* [phoenix] Fix extraction (#29057)
+ [generic] Add support for sibnet embeds
+ [vk] Add support for sibnet embeds (#9500)
+ [generic] Add Referer header for direct videojs download URLs (#2879,
#20217, #29053)
* [orf:radio] Switch download URLs to HTTPS (#29012, #29046)
- [blinkx] Remove extractor (#28941)
* [medaltv] Relax URL regular expression (#28884)
+ [funimation] Add support for optional lang code in URLs (#28950)
+ [gdcvault] Add support for HTML5 videos
* [dispeak] Improve FLV extraction (#13513, #28970)
* [kaltura] Improve iframe extraction (#28969)
* [kaltura] Make embed code alternatives actually work
* [cda] Improve extraction (#28709, #28937)
* [twitter] Improve formats extraction from vmap URL (#28909)
* [xtube] Fix formats extraction (#28870)
* [svtplay] Improve extraction (#28507, #28876)
* [tv2dk] Fix extraction (#28888)
|
|
Wireshark 3.4.6 Release Notes
What’s New
The Windows installers now ship with Npcap 1.31. They previously
shipped with Npcap 1.10.
The Windows installers now ship with Qt 5.15.2. They previously
shipped with Qt 5.12.1.
Bug Fixes
• wnpa-sec-2021-04[1] DVB-S2-BB dissector infinite loop
The following bugs have been fixed:
• Macro filters can’t handle escaped characters Issue 17160[2].
• Display filter crashes Wireshark Issue 17316[3].
• IEEE-1588 Signalling Unicast TLV incorrectly reported as being
malformed Issue 17355[4].
• IETF QUIC TLS decryption error with extraneous packets during the
handshake Issue 17383[5].
• Statistics → Resolved Addresses: multi-protocol (TCP/UDP/…<U+200B>)
ports not displayed Issue 17395[6].
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
DNP, DVB-S2-BB, ProtoBuf, PTP, QUIC, RANAP, and TACACS
New and Updated Capture File Support
Ascend, ERF, K12, NetScaler, and pcapng
|
|
2.3.3 - The "delayed too many times, but still not too late" version
Yes, it's been delayed too many times, but finally it's out! With all the new features and bug fixes from the past four years! Let me highlight some for you:
CMake support. CMake provides us platform-independent configuration files and generates native makefiles and workspaces for the compiler of your choice. It's highly experimental in its current state, but it aims to take the place of good old autoconf/automake one day.
Command completion with the TAB key in amulecmd.
Supports compilation with the latest C++ standard (C++17).
Scope graphs now (should) work on Mac.
Notification when a download completes.
|
|
pysmb-1.2.7, 30 May 2021
========================
- Fix compatibility issues on file retrievals with Likewise servers
- Improve SMBConnection's connect() method to remove the need to provide sock_family
parameter for IPv6 addresses in Python 3.x
|
|
|
|
|
|
Do not use priorities attribute as they are not supported
at least on SmartOS with gcc 7.5
|
|
2.2.2:
miniupnpcmodule.c: throw an exception in UPnP_discover()
Fix usage of IP_MULTICAST_IF with struct ip_mreqn
|
|
Version 1.14.7
Fixes broken windows build.
Version 1.14.6
Fix for a DNS Rebind exploit. A special thanks for the collaboration
of the following people:
- Alaric Senat
- Fabrice Fontaine
- Gabriel Corona
- Ian Whyman
- Jean-Francois Dockes
- Marvin Scholz
- Werner Mahr
When upnp uses ixml to parse SOAP messages which contains too many node,
services are unavailable.
Version 1.14.5
Avoid potential memory leak in http_SendMessage()
Get rid of alloca()'s.
Non-recursive version of ixmlNode_free() avoids stack overflow attack.
Fixes CVE-2021-28302.
Version 1.14.4
Add more missing CMake infrastructure to the tarball.
Version 1.14.3
Add CMake infrastructure to the tarball.
Fix for gena leak.
Version 1.14.2
upnpapi.c: Fix crash in UpnpGetIfInfo
Per getifaddrs documentation, the ifa_addr field of an ifaddrs structure
can be null. In a real world example, an entry may be provided for the
non-existent hardware address of a tunnel device. This behavior was
observed with the netlink based getifaddrs implementation in glibc.
Handle interfaces without address
I got a crash on gerbera startup because at least one interface did not have `ifa_addr` set.
The reason is quite simple: they are the physical interfaces which are part of my channel
```
2: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
```
CMake:
- Fix tests for all occasions. (Hopefully)
- Set right so-version and don't yell commands.
- Reverted libname-change till decided
Fix IPv6 GENA subscription
Use LOCAL_PORT_V6_ULA_GUA or LOCAL_PORT_V6 depending on the IPv6 address
samples: allow the user to specify the control point interface
This is useful to test UPnP on specific interface (e.g. IPv6-only).
This was already possible on the device sample.
upnp/src/api/upnpapi.c: don't set gIF_IPV4 if there is no IPv4
Don't set gIF_IPV4 if no IPv4 is found to keep the default value of '\0'
otherwise SSDP will try to register IPv4 multicast with address 0.0.0.0
which will result in a runtime failure
Version 1.14.1
CMake Github Actions, including windows build.
upnpapi.c: assume that getifaddrs is available
Assume that getifaddrs is available even if it is not POSIX-compliant,
this will simplify the code and, as a side effect, this allow pupnp to
work on an interface that does not have an IPv4 address.
CMake support.
Fixes the inclusion of alloca.h in WIN32.
Remove the now unused file ClientSubscription.c.
Remove port >= 49152 restriction.
Version 1.14.0
Reworked the miniserver code to deal with SO_REUSEADDR
Factored the common socket code and test for EADDRINUSE returning from
listen() when SO_REUSEADDR is turned on.
Removed template classes.
The files generated through template classes had some drawbacks:
1 - You could not read the code.
2 - You could not step through the code with a debugger.
3 - Doxygen was unable to document it.
This patch removes the templates and creates an auto generator for these
boilerplate generated code in the same spirit of the templates, but
solves the above problems.
Still, dealing with documentation still needs some work, but should be
much easier now.
upnpapi.c: retrieve gIF_IPV4_NETMASK with BSD
BSD is using getifaddrs, update the code to retrieve the IPv4 netmask
(used in the CallStranger fix)
Signed-off-by: Fabrice Fontaine fontaine.fabrice@gmail.com
Drop UpnpInit
This function is deprecated since a long time moreover it is vulnerable
to CallStranger a.k.a. CVE-2020-12695 and can't be fixed without
breaking the API as HostIP only allows the user to pass an IP address
and not a netmask.
If we want to discover the netmask from the HostIP provided in UPnPInit,
we'll have to loop through all the available interfaces to find the
interface with the given IP address to finally retrieve the netmask.
This is a lot of work/modification for a deprecated function. Moreover,
in the end UPnPInit will be like a "deprecated" (i.e. IPv4-only) version
of UPnPInit2.
So it is time to remove this deprecated function.
As a result, also remove getlocalhostname and DEFAULT_INTERFACE which
are not needed anymore and replace UpnpInit by UpnpInit2 in comments.
Signed-off-by: Fabrice Fontaine fontaine.fabrice@gmail.com
Partial fix for CallStranger on IPv4
This is a partial fix for CallStranger a.k.a. CVE-2020-12695
Check that DeliveryURLs are in the expected network segment as requested
by the new UPnP UDA:
https://openconnectivity.org/upnp-specs/UPnP-arch-DeviceArchitecture-v2.0-20200417.pdf.
Here is an extract of the new requirement:
The subscription request containing a delivery URL not on the same
network segment as the fully qualified event subscription URL shall not
be accepted. For private networks this means that the delivery URL
provided will adhere to the following IP ranges:
. 10.0.0.0 - 10.255.255.255 (10/8 prefix)
. 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
. 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
In the context of pupnp, this means that the IPv4 netmask is now
retrieved when using UPnPInit2. Then, each DeliveryURL is checked
against the device's IPv4 address and netmask. If one of them are not
compliant, the whole subscription is rejected.
This first commit should be enhanced / updated to:
. remove UPnPInit (it is deprecated for a long time) or update it so
. the user can also pass the netmask
. fix IPv6
. fix Windows code
. retrieve the netmask in the BSD code of UPnPInit2
Signed-off-by: Fabrice Fontaine fontaine.fabrice@gmail.com
NULL pointer dereference in FindServiceControlURLPath
Version 1.12.1
setsockopt(IP_MULTICAST_IF) fails on 64-bit CPUs
Do not use usleep when using newer POSIX C source.
usleep is deprecated and is optionally unavailable with uClibc-ng.
Add Os/UserAgent information to UpnpActionRequest and UpnpFileInfo
Add CtrlPtIPAddr to UpnpFileInfo class
List: Add extern C for C++ users
Version 1.12.0
Reduce spurious HTTP 416 errors due to ill-defined bytes header
I (re)discovered this behavior trying to use the Gerbera media server
with Chromecast (built in to my Vizio P55-F1 TV). Chromecast specifies
"bytes:0-" with no end range, which caused pupnp to return
RANGE_NOT_SATISFIABLE. Jin, the author of MediaTomb, of which Gerbera
is a continuation, fixed this in 2007 in MediaTomb's fork of pupnp, see
gerbera@ccd7994d45 "made sure that range requests specified as
"bytes=0-" do not trigger...", but never passed the fix upstream. When
restarted as Gerbera, pupnp was removed from the local tree in favor of
using the upstream version, and the patch was lost which lead to me
rediscovering it recently.
This is Jin's original patch applied to pupnp 1.8. This teaches pupnp to
ignore the bytes header if it matches "0-" and return HTTP_OK.
When building v1.8.6 (on GNU/Linux) with --disable-device, pupnp doesn't build:
/bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../upnp/inc -I./inc -I../ixml/inc -DNDEBUG -I./src/inc -I./src/threadutil -I/foo/contrib/x86_64-linux-gnu/include -fPIC -pthread -I/foo/contrib/x86_64-linux-gnu/include -DNDEBUG=1 -O3 -DUPNP_STATIC_LIB -Os -Wall -c -o src/genlib/util/libupnp_la-util.lo `test -f 'src/genlib/util/util.c' || echo './'`src/genlib/util/util.c
In file included from src/genlib/miniserver/miniserver.c:58:0:
./src/inc/upnpapi.h:208:2: error: unknown type name 'service_info'
service_info **serv_info
^~~~~~~~~~~~
This patch fixes compilation for the --disable-device case.
GitHub PRs:
* Remove unused files
* UpnpEnableWebserver: Error correctly when web server compiled-out
* CI: Remove .travis.yml
* Remove TRUE/FALSE defines and BOOL typedef
* CI: Add address sanitizer and leak sanitizer enabled test run
* Add list test
* Add -Wextra and -Wpedantic to get more warnings
* More warning fixes
* Doxygen changes
* Remove unused headers
* Remove IN, OUT and INOUT defines
* Remove unused defines in uri.h
* Use stdbool.h instead of BOOL typedef and defines
* Various compiler warning fixes
* configure.ac: Fix Windows detection
* configure.ac: Enable silent rules
* LinkedList: Simplify _WIN32 check
* Remove checks of __OSX__ define
* Add Github Actions based CI
Github PR * Add forgotten Windows dll export qualifiers
Github PR * Remove and replace the list.h file
Github PRs:
* Overhaul list.h to fix various issues
* Use rand_s in get_random_info on Windows
* Do not redeclare timezone struct if already defined in Mingw
* Fix interface filtering for Windows
- The mentioned fix is not only needed for MSVC, but when
cross-compiling for Windows with mingw-w64 too.
* config.h: Remove DEBUG_TARGET
- The DEBUG_TARGET is no longer used, it was previously used in
upnpdebug.c to disable logging to a file, which now is done
by just not calling UpnpSetLogFileNames.
* Check for -lpthread too
- Updates pthread m4 check from upstream
Version 1.10.1
Fix format string for ExtraHeaders
Version 1.10.0
Fix sed command for upnp patch in configure.ac
Proper allocation for an array of structs and a check for an unlikely
overflow when calling the SIOCGIFCONF ioctl().
It still bugs me the stack requirements of getlocalhostname() and
UpnpGetIfInfo().
Version 1.8.6
Fix format string for ExtraHeaders
Version 1.8.5
Fixed a wrong ifdef in ssdp_device.c that was causing problems with
ipv6.
|
|
|
|
iperf-3.10.1 2021-06-03
-----------------------
* Notable user-visible changes
* Fixed a problem with autoconf scripts that made builds fail in
some environments.
* Developer-visible changes
* GNU autoconf 2.71 or newer is now required to regenerate iperf3's
configure scripts.
|
|
idna uses unicode_compat_util, and downloads it from the net and
builds it. This wasn't installed, and thus any attempt to use idna
failed at runtime, breaking s2s in ejabberd with earlier erlang-xmpp,
and probably breaking everything with current erlang-xmpp.
The idna library has removed this library, but doesn't have a release
yet. So this problem should go away soonish. For now, accept the ick
to (very likely) unbreak ejabberd.
(This commit does not increase the use of the net during the build; it
merely uses the build products that already happened.)
|
|
|
|
|
|
Gunison is a new GUI (GTK 3) frontend for the Unison file synchronizer.
Unison already has a built-in GTK 2 frontend, but Gunison is nicer
and more convenient. Gunison works by wrapping Unison's console
frontend in an expect-like fashion.
|
|
1.4.5 (2021-04-24 09:39 UTC)
Changelog:
* Support XOAUTH2 authorization method
|
|
|
|
Notes for BIND 9.16.16
Feature Changes
* DNSSEC responses containing NSEC3 records with iteration counts greater
than 150 are now treated as insecure. [GL #2445]
* The maximum supported number of NSEC3 iterations that can be configured
for a zone has been reduced to 150. [GL #2642]
* The default value of the max-ixfr-ratio option was changed to unlimited,
for better backwards compatibility in the stable release series. [GL
#2671]
* Zones that want to transition from secure to insecure mode without
becoming bogus in the process must now have their dnssec-policy changed
first to insecure, rather than none. After the DNSSEC records have been
removed from the zone, the dnssec-policy can be set to none or removed
from the configuration. Setting the dnssec-policy to insecure causes CDS
and CDNSKEY DELETE records to be published. [GL #2645]
* The implementation of the ZONEMD RR type has been updated to match RFC
8976. [GL #2658]
* The draft-vandijk-dnsop-nsec-ttl IETF draft was implemented: NSEC(3) TTL
values are now set to the minimum of the SOA MINIMUM value or the SOA TTL.
[GL #2347]
Bug Fixes
* It was possible for corrupt journal files generated by an earlier version
of named to cause problems after an upgrade. This has been fixed. [GL
#2670]
* TTL values in cache dumps were reported incorrectly when
stale-cache-enable was set to yes. This has been fixed. [GL #389] [GL
#2289]
* A deadlock could occur when multiple rndc addzone, rndc delzone, and/or
rndc modzone commands were invoked simultaneously for different zones.
This has been fixed. [GL #2626]
* named and named-checkconf did not report an error when multiple zones with
the dnssec-policy option set were using the same zone file. This has been
fixed. [GL #2603]
* If dnssec-policy was active and a private key file was temporarily offline
during a rekey event, named could incorrectly introduce replacement keys
and break a signed zone. This has been fixed. [GL #2596]
* When generating zone signing keys, KASP now also checks for key ID
conflicts among newly created keys, rather than just between new and
existing ones. [GL #2628]
|
|
|
|
Notes for BIND 9.11.32
Feature Changes
* DNSSEC responses containing NSEC3 records with iteration counts greater
than 150 are now treated as insecure. [GL #2445]
* The maximum supported number of NSEC3 iterations that can be configured
for a zone has been reduced to 150. [GL #2642]
* The implementation of the ZONEMD RR type has been updated to match RFC
8976. [GL #2658]
|
|
(This is a comment-only change.)
|
|
No upstream ChangeLog.
|
|
No upstream ChangeLog.
|
|
No upstream ChangeLog.
|
|
Changes since 4.14.4
--------------------
* BUG 14696: s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success.
* BUG 14708: s3: smbd: Ensure POSIX default ACL is mapped into returned
Windows ACL for directory handles.
* BUG 14721: s3: smbd: Fix uninitialized memory read in
process_symlink_open() when used with vfs_shadow_copy2().
* BUG 14689: docs: Expand the "log level" docs on audit logging.
* BUG 14714: smbd: Correctly initialize close timestamp fields.
* BUG 14699: Fix gcc11 compiler issues.
* BUG 14718: docs-xml: Update smbcacls manpage.
* BUG 14719: docs: Update list of available commands in rpcclient.
* BUG 14475: ctdb: Fix a crash in run_proc_signal_handler().
* BUG 14695: s3:winbind: For 'security = ADS' require realm/workgroup to be
set.
* BUG 14699: lib:replace: Do not build strndup test with gcc 11 or newer.
|