| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
It's an enduser program, so it's not necessary to install
multiple versions. ok schmonz@
While here, simplify github usage.
|
|
Changelog:
2.8.5
fix auto upgrade error message.
2.8.4
Avoiding autoupdate by checking master hash value.
more dns api support'
adapt recent letsencrypt ca http headers changes.
bugs fixes.
Recommended to upgrade.
|
|
Switch from egg.mk to distutils.mk, the latter works.
Add perl dependency for pius-party-worksheet.
Bump PKGREVISION.
|
|
1.10.1:
Bug Fixes
google.auth.compute_engine.metadata: add retry to google.auth.compute_engine._metadata.get()
always pass body of type bytes to google.auth.transport.Request
|
|
## 2.5.2 (2020-01-04)
### Added
- Browser: Show UI warning when entering invalid URLs [#3912]
- Browser: Option to use an entry only for HTTP auth [#3927]
### Changed
- Disable the user interface when merging or saving the database [#3991]
- Ability to hide protected attribute after reveal [#3877]
- Remove mention of "snaps" in Windows and macOS [#3879]
- CLI: Merge parameter for source database key file (--key-file-from) [#3961]
- Improve GUI tests reliability on Hi-DPI displays [#4075]
- Disable deprecation warnings to allow building with Qt 5.14+ [#4075]
- OPVault: Use 'otp' attribute for TOTP field imports [#4075]
### Fixed
- Fix crashes when saving a database to cloud storage [#3991]
- Fix crash when pressing enter twice while opening database [#3885]
- Fix handling of HTML when displayed in the entry preview panel [#3910]
- Fix start minimized to tray on Linux [#3899]
- Fix Auto Open with key file only databases [#4075]
- Fix escape key closing the standalone password generator [#3892]
- macOS: Fix monospace font usage in password field and notes [#4075]
- macOS: Fix building on macOS 10.9 to 10.11 [#3946]
- Fix TOTP setup dialog not closing on database lock [#4075]
- Browser: Fix condition where additional URLs are ignored [#4033]
- Browser: Fix subdomain matching to return only relevant site entries [#3854]
- Secret Service: Fix multiple crashes and incompatibilities [#3871, #4009, #4074]
- Secret Service: Fix searching of entries [#4008, #4036]
- Secret Service: Fix behavior when exposed group is recycled [#3914]
- CLI: Release the database instance before exiting interactive mode [#3889]
- Fix (most) memory leaks in tests [#3922]
## 2.5.1 (2019-11-11)
### Added
- Add programmatic use of the EntrySearcher [#3760]
- Explicitly clear database memory upon locking even if the object is not deleted immediately [#3824]
- macOS: Add ability to perform notarization of built package [#3827]
### Changed
- Reduce file hash checking to every 30 seconds to correct performance issues [#3724]
- Correct formatting of notes in entry preview widget [#3727]
- Improve performance and UX of database statistics page [#3780]
- Improve interface for key file selection to discourage use of the database file [#3807]
- Hide Auto-Type sequences column when not needed [#3794]
- macOS: Revert back to using Carbon API for hotkey detection [#3794]
- CLI: Do not show protected fields by default [#3710]
### Fixed
- Secret Service: Correct issues interfacing with various applications [#3761]
- Fix building without additional features [#3693]
- Fix handling TOTP secret keys that require padding [#3764]
- Fix database unlock dialog password field focus [#3764]
- Correctly label open databases as locked on launch [#3764]
- Prevent infinite recursion when two databases AutoOpen each other [#3764]
- Browser: Fix incorrect matching of invalid URLs [#3759]
- Properly stylize the application name on Linux [#3775]
- Show application icon on Plasma Wayland sessions [#3777]
- macOS: Check for Auto-Type permissions on use instead of at launch [#3794]
## 2.5.0 (2019-10-26)
### Added
- Add 'Paper Backup' aka 'Export to HTML file' to the 'Database' menu [#3277]
- Add statistics panel with information about the database (number of entries, number of unique passwords, etc.) to the Database Settings dialog [#2034]
- Add offline user manual accessible via the 'Help' menu [#3274]
- Add support for importing 1Password OpVault files [#2292]
- Implement Freedesktop.org secret storage DBus protocol so that KeePassXC can be used as a vault service by libsecret [#2726]
- Add support for OnlyKey as an alternative to YubiKeys (requires yubikey-personalization >= 1.20.0) [#3352]
- Add group sorting feature [#3282]
- Add feature to download favicons for all entries at once [#3169]
- Add word case option to passphrase generator [#3172]
- Add support for RFC6238-compliant TOTP hashes [#2972]
- Add UNIX man page for main program [#3665]
- Add 'Monospaced font' option to the notes field [#3321]
- Add support for key files in auto open [#3504]
- Add search field for filtering entries in Auto-Type dialog [#2955]
- Complete usernames based on known usernames from other entries [#3300]
- Parse hyperlinks in the notes field of the entry preview pane [#3596]
- Allow abbreviation of field names in entry search [#3440]
- Allow setting group icons recursively [#3273]
- Add copy context menu for username and password in Auto-Type dialog [#3038]
- Drop to background after copying a password to the clipboard [#3253]
- Add 'Lock databases' entry to tray icon menu [#2896]
- Add option to minimize window after unlocking [#3439]
- Add option to minimize window after opening a URL [#3302]
- Request accessibility permissions for Auto-Type on macOS [#3624]
- Browser: Add initial support for multiple URLs [#3558]
- Browser: Add entry-specific browser integration settings [#3444]
- CLI: Add offline HIBP checker (requires a downloaded HIBP dump) [#2707]
- CLI: Add 'flatten' option to the 'ls' command [#3276]
- CLI: Add password generation options to `Add` and `Edit` commands [#3275]
- CLI: Add XML import [#3572]
- CLI: Add CSV export to the 'export' command [#3278]
- CLI: Add `-y --yubikey` option for YubiKey [#3416]
- CLI: Add `--dry-run` option for merging databases [#3254]
- CLI: Add group commands (mv, mkdir and rmdir) [#3313].
- CLI: Add interactive shell mode command `open` [#3224]
### Changed
- Redesign database unlock dialog [ #3287]
- Rework the entry preview panel [ #3306]
- Move notes to General tab on Group Preview Panel [#3336]
- Enable entry actions when editing an entry and cleanup entry context menu [#3641]
- Improve detection of external database changes [#2389]
- Warn if user is trying to use a KDBX file as a key file [#3625]
- Add option to disable KeePassHTTP settings migrations prompt [#3349, #3344]
- Re-enabled Wayland support (no Auto-Type yet) [#3520, #3341]
- Add icon to 'Toggle Window' action in tray icon menu [#3244]
- Merge custom data between databases only when necessary [#3475]
- Improve various file-handling related issues when picking files using the system's file dialog [#3473]
- Add 'New Entry' context menu when no entries are selected [#3671]
- Reduce default Argon2 settings from 128 MiB and one thread per CPU core to 64 MiB and two threads to account for lower-spec mobile hardware [ #3672]
- Browser: Remove unused 'Remember' checkbox for HTTP Basic Auth [#3371]
- Browser: Show database name when pairing with a new browser [#3638]
- Browser: Show URL in allow access dialog [#3639]
- CLI: The password length option `-l` for the CLI commands `Add` and `Edit` is now `-L` [#3275]
- CLI: The `-u` shorthand for the `--upper` password generation option has been renamed to `-U` [#3275]
- CLI: Rename command `extract` to `export`. [#3277]
### Fixed
- Improve accessibility for assistive technologies [#3409]
- Correctly unlock all databases if `--pw-stdin` is provided [#2916]
- Fix password generator issues with special characters [#3303]
- Fix KeePassXC interrupting shutdown procedure [#3666]
- Fix password visibility toggle button state on unlock dialog [#3312]
- Fix potential data loss if database is reloaded while user is editing an entry [#3656]
- Fix hard-coded background color in search help popup [#3001]
- Fix font choice for password preview [#3425]
- Fix handling of read-only files when autosave is enabled [#3408]
- Handle symlinks correctly when atomic saves are disabled [#3463]
- Enable HighDPI icon scaling on Linux [#3332]
- Make Auto-Type on macOS more robust and remove old Carbon API calls [#3634, [#3347)]
- Hide Share tab if KeePassXC is compiled without KeeShare support and other minor KeeShare improvements [#3654, [#3291, #3029, #3031, #3236]
- Correctly bring window to the front when clicking tray icon on macOS [#3576]
- Correct application shortcut created by MSI Installer on Windows [#3296]
- Fix crash when removing custom data [#3508]
- Fix placeholder resolution in URLs [#3281]
- Fix various inconsistencies and platform-dependent compilation bugs [#3664, #3662, #3660, #3655, #3649, #3417, #3357, #3319, #3318, #3304]
- Browser: Fix potential leaking of entries through the browser integration API if multiple databases are opened [#3480]
- Browser: Fix password entropy calculation [#3107]
- Browser: Fix Windows registry settings for portable installation [#3603]
|
|
recent import.
|
|
|
|
keysigning parties. It allows you to quickly and easily sign each UID on
a set of PGP keys. It is designed to take the pain out of the
sign-all-the-keys part of PGP Keysigning Party while adding security to
the process.
|
|
|
|
|
|
|
|
1.10.0:
Features
send quota project id in x-goog-user-project for OAuth2 credentials
1.9.0:
Features
add timeout parameter to AuthorizedSession.request()
|
|
1.3.0
- Added `encrypt_key_pref` (`1.2.840.113549.1.9.16.2.11`) to
`cms.CMSAttributeType()`, along with related structures
- Added Brainpool curves from RFC 5639 to `keys.NamedCurve()`
- Fixed `x509.Certificate().subject_directory_attributes_value`
- Fixed some incorrectly computed minimum elliptic curve primary key
encoding sizes in `keys.NamedCurve()`
- Fixed a `TypeError` when trying to call `.untag()` or `.copy()` on a
`core.UTCTime()` or `core.GeneralizedTime()`, or a value containing one,
when using Python 2
|
|
--------------------------------------------------------------------------
LuaSec 0.9
---------------
This version includes:
* Add DNS-based Authentication of Named Entities (DANE) support
* Add __close() metamethod
* Fix deprecation warnings with OpenSSL 1.1
* Fix special case listing of TLS 1.3 EC curves
* Fix general_name leak in cert:extensions()
* Fix unexported 'ssl.config' table
* Replace $(LD) with $(CCLD) variable
* Remove multiple definitions of 'ssl_options' variable
* Use tag in git format: v0.9
--------------------------------------------------------------------------
LuaSec 0.8.2
---------------
This version includes:
* Fix unexported 'ssl.config' table (backported)
--------------------------------------------------------------------------
LuaSec 0.8.1
---------------
This version includes:
* Fix general_name leak in cert:extensions() (backported)
--------------------------------------------------------------------------
LuaSec 0.8
---------------
This version includes:
* Add support to ALPN
* Add support to TLS 1.3
* Add support to multiple certificates
* Add timeout to https module (https.TIMEOUT)
* Drop support to SSL 3.0
* Drop support to TLS 1.0 from https module
* Fix invalid reference to Lua state
* Fix memory leak when get certficate extensions
--------------------------------------------------------------------------
LuaSec 0.7.2
---------------
This version includes:
* Fix unexported 'ssl.config' table (backported)
--------------------------------------------------------------------------
LuaSec 0.7.1
---------------
This version includes:
* Fix general_name leak in cert:extensions() (backported)
--------------------------------------------------------------------------
LuaSec 0.7
---------------
LuaSec depends on OpenSSL, and integrates with LuaSocket to make it
easy to add secure connections to any Lua applications or scripts.
Documentation: https://github.com/brunoos/luasec/wiki
This version includes:
* Add support to OpenSSL 1.1.0
* Add support to elliptic curves list
* Add ssl.config that exports some OpenSSL information
* Add integration with luaossl
|
|
|
|
Old GNOME 2 component. This is no longer part of GNOME.
Plugins for GNOME are no longer maintained alongside the seahorse client.
|
|
Prepare to bump the default $VERSION in meta-pkg/mate to 1.22.2 (now
the most common version amongst the packages and the effective release
we're at).
|
|
Major changes between OpenSSL 1.0.2t and OpenSSL 1.0.2u [20 Dec 2019]
Fixed an an overflow bug in the x64_64 Montgomery squaring procedure used
in exponentiation with 512-bit moduli (CVE-2019-1551)
|
|
|
|
Unfortunately no changelog is provided by upstream.
|
|
Notable changes:
* The version string no longer has the word "beta" in it.
|
|
Changelog picked from https://github.com/slicer69/doas/releases:
6.2p4:
* Keeping environment variables with keepenv
On some platforms (seemingly Linux and macOS) it is possible for
repeated calls to getpwuid() can over-write the original struct
passwd structure. (This behaviour may vary depending on which
C library is used. This can lead to the original user's
environment data being overwritten by the target user's, even
when "keepenv" is specified in the doas.conf file.
We now do a deep copy of the original and target users' struct
passwd information to avoid over-writing the original on platforms
where libc uses a static area for all calls.
|
|
version 0.9.3 (released 2019-12-10)
* Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution
* SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
* SSH-01-006 General: Various unchecked Null-derefs cause DOS
* SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
* SSH-01-010 SSH: Deprecated hash function in fingerprinting
* SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
* SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
* SSH-01-001 State Machine: Initial machine states should be set explicitly
* SSH-01-002 Kex: Differently bound macros used to iterate same array
* SSH-01-005 Code-Quality: Integer sign confusion during assignments
* SSH-01-008 SCP: Protocol Injection via unescaped File Names
* SSH-01-009 SSH: Update documentation which RFCs are implemented
* SSH-01-012 PKI: Information leak via uninitialized stack buffer
|
|
|
|
|
|
|
|
|
|
DigitalOcean DNS Authenticator plugin for Certbot
|
|
* Portability fixes from pkgsrc have been merged upstream
* Add runas_check_shell flag to require a runas user to have a valid
shell. Not enabled by default.
* Add a new flag "allow_unknown_runas_id" to control matching of unknown
IDs. Previous, sudo would always allow unknown user or group IDs if
the sudoers entry permitted it. This included the "ALL" alias. With
this change, the admin must explicitly enable support for unknown IDs.
* Transparently handle the "sudo sudoedit" problem. Some admin are
confused about how to give users sudoedit permission and many users
try to run sudoedit via sudo instead of directly. If the user runs
"sudo sudoedit" sudo will now treat it as plain "sudoedit" after
issuing a warning. If the admin has specified a fully-qualified path
for sudoedit in sudoers, sudo will treat it as just "sudoedit" and
match accordingly. In visudo (but not sudo), a fully-qualified path
for sudoedit is now treated as an error.
* When restoring old resource limits, try to recover if we receive
EINVAL. On NetBSD, setrlimit(2) can return EINVAL if the new soft
limit is lower than the current resource usage. This can be a problem
when restoring the old stack limit if sudo has raised it.
* Restore resource limits before executing the askpass program. Linux
with docker seems to have issues executing a program when the stack
size is unlimited. Bug #908
* macOS does not allow rlim_cur to be set to RLIM_INFINITY for
RLIMIT_NOFILE. We need to use OPEN_MAX instead as per the macOS
setrlimit manual. Bug #904
* Use 64-bit resource limits on AIX.
|
|
Install config files in examples directory.
Fixes installation which did not use DESTDIR.
|
|
|
|
|
|
|
|
Rename the awk variable "namespace" to "name_space", since the former
is now a reserved word with GNU awk 5.0, and was causing parsing
errors.
|
|
|
|
|
|
|
|
|
|
The new code that unlimits many resources appears to have been problematic
on a number of fronts. Fetched the current version of src/limits.c from
the sudo hg repo. RLIMIT_STACK (i.e. "3") is no longer set to RLIM_INFINITY.
Added code to output the name of the limit instead of its number.
|
|
|
|
Drop php71 support mechanically.
|
|
Update php-pecl-mcrypt to 1.0.3.
o pkgsr change: allow build on php74.
1.0.3 (2019-09-17)
* Addressed Windows build issues
|
|
Major changes between version 1.8.29 and 1.8.28p1:
The cvtsudoers command will now reject non-LDIF input when converting from LDIF format to sudoers or JSON formats.
The new log_allowed and log_denied sudoers settings make it possible to disable logging and auditing of allowed and/or denied commands.
The umask is now handled differently on systems with PAM or login.conf. If the umask is explicitly set in sudoers, that value is used regardless of what PAM or login.conf may specify. However, if the umask is not explicitly set in sudoers, PAM or login.conf may now override the default sudoers umask.
For make install, the sudoers file is no longer checked for syntax errors when DESTDIR is set. The default sudoers file includes the contents of /etc/sudoers.d which may not be readable as non-root.
Sudo now sets most resource limits to their maximum value to avoid problems caused by insufficient resources, such as an inability to allocate memory or open files and pipes.
Fixed a regression introduced in sudo 1.8.28 where sudo would refuse to run if the parent process was not associated with a session. This was due to sudo passing a session ID of -1 to the plugin.
|
|
Allow build on php74.
|
|
0.4:
Unknown changes
|
|
1.8.2:
Bug Fixes
revert "feat: send quota project id in x-goog-user-project header for OAuth2 credentials"
1.8.1:
Bug Fixes
revert "feat: add timeout to AuthorizedSession.request()
1.8.0:
Features
add to_json method to google.oauth2.credentials.Credentials
add timeout to AuthorizedSession.request()
send quota project id in x-goog-user-project header for OAuth2 credentials
|
|
Certbot 1.0.0
Removed:
* The docs extras for the certbot-apache and certbot-nginx packages
have been removed.
Changed:
* certbot-auto has deprecated support for systems using OpenSSL 1.0.1 that are
not running on x86-64. This primarily affects RHEL 6 based systems.
* Certbot's config_changes subcommand has been removed
* certbot.plugins.common.TLSSNI01 has been removed.
* Deprecated attributes related to the TLS-SNI-01 challenge in
acme.challenges and acme.standalone
have been removed.
* The functions certbot.client.view_config_changes,
certbot.main.config_changes,
certbot.plugins.common.Installer.view_config_changes,
certbot.reverter.Reverter.view_config_changes, and
certbot.util.get_systemd_os_info have been removed
* Certbot's register --update-registration subcommand has been removed
* When possible, default to automatically configuring the webserver so all requests
redirect to secure HTTPS access. This is mostly relevant when running Certbot
in non-interactive mode. Previously, the default was to not redirect all requests.
|
|
patch in the correct installed location of the config file
in the manpages.
|
|
Coordinated with leot@ and he@ while investigating CVE-2019-19648.
|
|
Coordinated with leot@ and he@ while investigating CVE-2019-19648.
The changes listed for this version include:
* Duplicated string modifiers are now an error.
* More flexible xor modifier.
* Implement private strings (#1096)
* Add field_offsets to dotnet module.
* Implement crc32 functions in hash module.
* Improvements to rich_signature functions in pe module.
* Implement sandboxed API using SAPI
* BUGFIX: Some regexp character classes not matching correctly when used with nocase modifier (#1117)
* BUGFIX: Reduce the number of ERROR_TOO_MANY_RE_FIBERS errors for certain hex pattern containing large jumps (#1107)
* BUGFIX: Buffer overrun in dotnet module (#1108)
* BUGFIX: Segfault in certain Windows versions (#1068)
* BUGFIX: Memory leak while attaching to a process fails (#1070)
Changes for version 3.10.0:
* Optimize integer range loops by exiting earlier when possible.
* Cache the result of PE module's imphash function in order to improve performance.
* Harden virtual machine against malicious code.
* BUGFIX: xor modifier not working as expected if not accompanied by ascii (#1053).
* BUGFIX: \s and \S character classes in regular expressions now include vertical tab, new line, carriage return and form feed characters.
* BUGFIX: Regression bug in hex strings containing wildcards (#1025).
* BUGFIX: Buffer overrun in elf module.
* BUGFIX: Buffer overrun in dotnet module
Changes for version 3.9.0:
* Improve scan performance for certain strings.
* Reduce stack usage.
* Prevent inadvertent use of compiled rules by forcing the use of -C when using yara command-line tool.
* BUGFIX: Buffer overflow in "dotnet" module.
* BUGFIX: Internal error when running multiple instances of YARA in Mac OS X. (#945)
* BUGFIX: Regexp regression when using nested quantifiers {x,y} for certain values of x and y. (#1018)
* BUGFIX: High RAM consumption in "pe" module while parsing certain files.(0c8b461)
* BUGFIX: Denial of service when using "dex" module. Found by the Cisco Talos team. (#1023)
* BUGFIX: Issues with comments inside hex strings.
Changes for version 3.8.1:
* BUGFIX: Some combinations of boolean command-line flags were broken in version 3.8.0.
* BUGFIX: While reporting errors that occur at the end of the file, the file name appeared as null.
* BUGFIX: dex module now works in big-endian architectures.
* BUGFIX: Keep ABI compatibility by keeping deprecated functions visible.
Changes for version 3.8.0:
* Scanner API
* New xor modifier for strings
* New fields and functions in PE module.
* Add functions min and max to math module.
* Make compiled.
* yara and yaracsupport reading rules from stdin by using - as the file name.
* Rule compilation is faster.
* BUGFIX: Regression in regex engine. /ba{3}b/ was matching baaaab.
* BUGFIX: Function yr_compiler_add_fd() was reading only the first 1024 bytes of the file.
* BUGFIX: Wrong calculation of sha256 hashes in Windows when using native crypto API.
* Lots of more bug fixes.
Changes for version 3.7.1:
* Fix regression in include directive (issue #796)
* Fix bug in PE checksum calculation causing wrong results in some cases.
|
