Age | Commit message (Collapse) | Author | Files | Lines |
|
www/privoxy: security fix
Revisions pulled up:
- www/privoxy/Makefile 1.68
- www/privoxy/PLIST 1.14
- www/privoxy/distinfo 1.26
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Feb 4 16:29:14 UTC 2021
Modified Files:
pkgsrc/www/privoxy: Makefile PLIST distinfo
Log Message:
privoxy: update to 3.0.29.
*** Version 3.0.29 stable ***
- Security/Reliability:
- Fixed memory leaks when a response is buffered and the buffer
limit is reached or Privoxy is running out of memory.
Commits bbd53f1010b and 4490d451f9b. OVE-20201118-0001.
Sponsored by: Robert Klemme
- Fixed a memory leak in the show-status CGI handler when
no action files are configured. Commit c62254a686.
OVE-20201118-0002.
Sponsored by: Robert Klemme
- Fixed a memory leak in the show-status CGI handler when
no filter files are configured. Commit 1b1370f7a8a.
OVE-20201118-0003.
Sponsored by: Robert Klemme
- Fixes a memory leak when client tags are active.
Commit 245e1cf32. OVE-20201118-0004.
Sponsored by: Robert Klemme
- Fixed a memory leak if multiple filters are executed
and the last one is skipped due to a pcre error.
Commit 5cfb7bc8fe. OVE-20201118-0005.
- Prevent an unlikely dereference of a NULL-pointer that
could result in a crash if accept-intercepted-requests
was enabled, Privoxy failed to get the request destination
from the Host header and a memory allocation failed.
Commit 7530132349. CID 267165. OVE-20201118-0006.
- Fixed memory leaks in the client-tags CGI handler when
client tags are configured and memory allocations fail.
Commit cf5640eb2a. CID 267168. OVE-20201118-0007.
- Fixed memory leaks in the show-status CGI handler when memory
allocations fail. Commit 064eac5fd0 and commit fdee85c0bf3.
CID 305233. OVE-20201118-0008.
- General improvements:
- Added experimental https inspection support which allows to filter
https traffic. To enable it, install MbedTLS and configure with
--with-mbedtls, or install OpenSSL or LibreSSL and configure
with --with-openssl.
Afterwards configure the directives in section 7 of the
config file and enable the +https-inspection action.
Initial MbedTLS-based code contributed by Vaclav Svec,
initial OpenSSL support contributed by Maxim Antonov.
With help from Nedzad Hrnjica and Ho+ Ho+ Ho+.
Integration and improvements sponsored by Robert Klemme.
- pcrs: Request JIT compilation if it's supported and
the filter isn't dynamic. This can speed up filtering.
- Added support for Brotli decompression.
Sponsored by: Robert Klemme
- Added FEATURE_EXTENDED_STATISTICS to gather statistics for
block reasons and filter executions. To enable it, configure
with --enable-extended-statistics and visit
http://config.privoxy.org/show-status.
Sponsored by: Robert Klemme
- Use the IP_FREEBIND socket option, if defined. This allows
Privoxy to bind to not-yet assigned IP addresses which is
useful in failover environments.
Patch by Sam Varshavchik.
- Allow to use extended host patterns and vanilla host patterns
at the same time by prefixing extended host patterns with
"PCRE-HOST-PATTERN:". To enable this, configure with
--enable-pcre-host-patterns.
Sponsored by: Robert Klemme
- Added "Cross-origin resource sharing" (CORS) support.
This allows to access Privoxy's CGI interface via JavaScript from
another domain (white-listed with the new cors-allowed-origin directive).
Based on a patch by Nedzad Hrnjica.
Sponsored by: Robert Klemme.
- Add SOCKS5 username/password support.
Based on a patch by Sam, improved by Ivan Romanov.
Closes Patch#141 and solves TODO#105.
- Bump the maximum number of action and filter files
to 100 each.
Sponsored by: Robert Klemme
- Fixed handling of filters with "split-large-forms 1"
when using the CGI editor.
Reported by withoutname in #921.
- Better detect a mismatch of connection details when
figuring out whether or not a connection can be reused.
- Don't send a "Connection failure" message instead of the
"DNS failure" message.
Sponsored by: Robert Klemme
- Let LOG_LEVEL_REQUEST log all requests. Previously unencrypted
requests were only logged with LOG_LEVEL_REQUEST when they weren't
crunched (in which case they were logged with LOG_LEVEL_CRUNCH).
This was documented behaviour, but logging all requests seems more useful.
- Fixed locking around localtime() and gmtime().
- Removed OS/2 support. We haven't provided OS/2 packages in years,
it complicated the code and it depended on a fallback snprintf()
implementation which is GPLv2 only.
- Remove the fallback snprintf() implementation
Now that OS/2 support is gone we no longer need it.
- Fixed a bunch of format specifiers log messages.
- Added a missing apostrophe in the 'More Privoxy' menu.
- Explicitly prevent use of FEATURE_CONNECTION_SHARING
without FEATURE_CONNECTION_KEEP_ALIVE. It makes no sense
and does not compile anyway.
Sponsored by: Robert Klemme
- Fix build without FEATURE_CONNECTION_KEEP_ALIVE.
Sponsored by: Robert Klemme
- Downgrade the 'Graceful termination requested' message
to LOG_LEVEL_INFO as it isn't an error.
Sponsored by: Robert Klemme
- decompress_iob(): Downgrade the no-content message to LOG_LEVEL_RE_FILTER
While at it, fix a typo in a comment.
Sponsored by: Robert Klemme
- Fixed a couple of cppcheck warnings.
- Rename LOG_LEVEL_GPC to LOG_LEVEL_REQUEST.
Only the shadow knows what "GPC" is supposed to stand for.
- Remove SourceForge references in copyright headers.
- Upgrade a bunch of links to the homepage to https://.
- Add 'no-brotli-accepted' filter which prevents the
use of Brotli compression.
- Changed license for pcrs to GPLv2+ after getting the
permission from Andreas. This allows to redistribute
Privoxy under the GPLv3 which is required when linking
to future mbedTLS versions which are expected to be
licensed under the Apache 2.0 license only.
- Updated a bunch of tests that have to expect status code 403
now after r1.168/070e904afa5.
- Lowercase the host name in the request line.
- Only set SOURCE_DATE_EPOCH if it's not already set so
distributions can overwrite it through the environment.
- Documentation changes:
- Explain that Privoxy has to be distributed under the
GPLv3 (or later) when linked with an MbedTLS version
that is licensed under the Apache 2.0 license.
- Import the GNU GPLv3 and include it the user manual.
- Clarify FEATURE_FORCE_LOAD's description. It allows to bypass
blocking not filtering and only does it if blocks aren't enforced.
Reported by: Robert Klemme
- FAQ: Remove Zwiebelfreunde e.V. from the list of fiduciary sponsors
As of 2021 they no longer handle donations for foreign organisations
due to lack of resources.
- FAQ: Remove an obsolete comment with a link to the long-gone PDF manual.
- FAQ: Add a link to the TODO list.
- FAQ: Change the sponsor amounts to USD slightly rounding the
converted amounts up to get simple numbers.
Receiving USD is apparently easier for SPI and SPI is
preferred by sponsors as they can send invoices.
- Advertise the client-tags CGI page in the user manual.
- Stop advertising the show-version CGI page which no longer exists.
- Add yet another reason why +prevent-compression may cause problems.
- Don't claim that contributors need ssh. It's only needed for committers.
- Replace obsolete CVS instructions with Git instructions.
- Remove an obsolete comment
- Config file changes:
- Change the suggested default-server-timeout to 5 to match the
suggested keep-alive-timeout. Otherwise using the defaults would
result in Privoxy reducing the default-server-timeout and logging
an error message.
Sponsored by: Robert Klemme
- Update the 'debug 1' description.
- Add a missing 'client-specific-tag' directive.
- Comment out trusted-cgi-referer pointing to example.org.
- Action file improvements:
- Block requests to /(.*/)?piwik\.php
- Block requests to .connectaserver.de/
- Block requests to pixel.inforsea.com/
- Block requests to t.vi-serve.com/
- Block requests to .ioam.de/
- Block requests to t.9gag.com/img.gif
- Block requests to .pixel.parsely.com/ as image
- Block requests to pixel.wp.com/
- Disable fast-redirects for .librarything.com/
- Disable fast-redirects for issue.freebsdfoundation.org/
- Disable fast-redirects for .twitter.com/.*origin=http
- Unblock belco24.de/
- Add fast-redirects exception for .wikipedia.org/
- Add fast-redirects exception for oss-fuzz.com/
- Disable fast-redirects for .consensu.org/delivery/pixel\.php
and block the requests as image instead
- Unblock .adbinstaller.com/
Reported by lvm in #942.
- Unblock .adbshell.com
Reported by lvm in #942.
- Unblock .tagesschau.de/
- Disable fast-redirects for collector.githubapp.com/
and block requests to it as image instead
- Unblock 'ada*.'
- Add fast-redirects{} exception for sourcepoint.vice.com/
- Unblock adaway.org/
Reported by DRS David Soft in AF#945.
- Change two block reasons that previously were the same.
Sponsored by: Robert Klemme
- Added a +delay-response{} test.
- Updated the location of the development version
of default.action.master.
- Privoxy-Log-Parser:
- Added a --keep-date option to keep the date in highlighted messages.
- Highlight new log messages.
- Make gather_loglevel_clf_stats() more tolerant. While at it,
count all CLF messages as requests, even if the request is invalid.
- Only show HTTP version distribution if at least one version has been detected.
- Only show crunch statistics if crunches were detected.
- Warn if the request counts differ.
- Generate statistics if the log only contains LOG_LEVEL_CLF messages
so it can be used with vanilla webserver logs.
Previously Privoxy-specific "Request:" messages were required.
- Align the client-HTTP-version distribution like other distributions
- Bump version to 0.9.1
- Include status code distribution in the stats.
- Let the statistics include the size of the content Privoxy
transferred excluding HTTP headers.
- Get with the program and expect all requests to be logged with LOG_LEVEL_REQUEST.
It's no longer necessary to count both LOG_LEVEL_REQUEST and
LOG_LEVEL_CRUNCH messages to get the total number of requests.
- Leverage the LOG_LEVEL_CLF message to gather statistics that where
previously taken from LOG_LEVEL_HEADER lines. This results in less
confusing results if https inspection is enabled in which case there
are two LOG_LEVEL_HEADER lines with request lines.
Sponsored by: Robert Klemme
- Properly highlight the filter results message. Previously a brace got lost.
- Prefer the number of CLF lines to get the total number of requests
as it works with older Privoxy versions as well.
- Privoxy-Regression-Test:
- Turn curl's globbing mode off so we can allow more characters in URLs.
- Allow '[' and ']' in URLs.
- Include the action file when complaining about missing Sticky Actions.
- Fix a sentence in the documentation.
- Bump version to 0.7.1
- url-pattern-translator:
- Detect a couple of pattern prefixes case-insensitively.
Sponsored by: Robert Klemme
- Skip CLIENT-TAG patterns.
Sponsored by: Robert Klemme
- Skip patterns that have already been converted.
It should now be safe to "convert" a file multiple times.
Sponsored by: Robert Klemme
- Add the new 'PCRE-HOST-PATTERN:' prefix.
Sponsored by: Robert Klemme
|
|
www/firefox78-l10n: dependency update
Revisions pulled up:
- www/firefox78-l10n/Makefile 1.8
- www/firefox78-l10n/distinfo 1.8
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: nia
Date: Wed Jan 27 05:29:25 UTC 2021
Modified Files:
pkgsrc/www/firefox78-l10n: Makefile distinfo
Log Message:
firefox78-l10n: sync with firefox78
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/firefox78-l10n/Makefile \
pkgsrc/www/firefox78-l10n/distinfo
|
|
www/firefox78: security update
Revisions pulled up:
- www/firefox78/Makefile 1.18
- www/firefox78/PLIST 1.2
- www/firefox78/distinfo 1.10
- www/firefox78/mozilla-common.mk 1.9
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: nia
Date: Wed Jan 27 05:24:11 UTC 2021
Modified Files:
pkgsrc/www/firefox78: Makefile PLIST distinfo mozilla-common.mk
Log Message:
firefox78: Update to 78.7.0
changes:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/firefox78/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/firefox78/PLIST
cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/firefox78/distinfo
cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/firefox78/mozilla-common.mk
|
|
www/firefox: build fix
www/firefox78: build fix
Revisions pulled up:
- www/firefox/mozilla-common.mk 1.196
- www/firefox78/mozilla-common.mk 1.8
---
Module Name: pkgsrc
Committed By: nia
Date: Tue Jan 19 22:40:26 UTC 2021
Modified Files:
pkgsrc/www/firefox: mozilla-common.mk
pkgsrc/www/firefox78: mozilla-common.mk
Log Message:
firefox(78): set GCC_REQD
|
|
www/firefox78-l10n: dependent update
Revisions pulled up:
- www/firefox78-l10n/Makefile 1.7
- www/firefox78-l10n/distinfo 1.7
---
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jan 8 19:14:29 UTC 2021
Modified Files:
pkgsrc/www/firefox78-l10n: Makefile distinfo
Log Message:
firefox78-l10n: Update to 78.6.1
* Sync with www/firefox78-78.6.1.
|
|
www/firefox78: security fix
Revisions pulled up:
- www/firefox78/Makefile 1.17
- www/firefox78/distinfo 1.9
- www/firefox78/patches/patch-dom_webgpu_ipc_WebGPUParent.cpp deleted
---
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jan 8 19:13:53 UTC 2021
Modified Files:
pkgsrc/www/firefox78: Makefile distinfo
Removed Files:
pkgsrc/www/firefox78/patches: patch-dom_webgpu_ipc_WebGPUParent.cpp
Log Message:
firefox78: Update to 78.6.1
Changelog:
* Fix: Fixed a crash during video playback on Apple Silicon devices (bug 1683579)
* Secrity fix:
#CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
|
|
- [tests] collect code for "die-at-end" tests
- [tests] remove FastCGI test dependency on libfcgi
- [core] prefer IPv6+IPv4 func vs IPv4-specific func
- [tests] remove FastCGI test dependency on PHP
- [core] reuse large mem chunks (fix mem usage) (fixes #3033)
- [core] add comment for FastCGI mem use in hctx→rb (#3033)
- [mod_proxy] fix sending of initial reqbody chunked
- [multiple] fdevent_waitpid() wrapper
- [core] sys-time.h – localtime_r,gmtime_r macros
- [core] http_date.[ch] encapsulate HTTP-date parse
- [core] specialized strptime() for HTTP date fmts
- [multiple] employ http_date.h, sys-time.h
- [core] http_date_timegm() (portable timegm())
- buffer_append_path_len() to join paths
- [core] inet_ntop_cache -> sock_addr_cache
- [tests] slight speed up checking for server ready
- [tests] load required modules in alt .conf tests
- [multiple] etag.[ch] -> http_etag.[ch]; better imp
- [core] fix crash after specific err in config file
- [core] fix bug in FastCGI uploads (#3033)
- [tests] OpenBSD crypt() support limited to bcrypt
- [core] http_response_match_if_range()
- [mod_webdav] typedef off_t loff_t for FreeBSD
- [multiple] chunkqueue_write_chunk()
- [build] add GNUMAKEFLAGS=—no-print-directory
- [tests] consolidate some tests/ content
- [core] fix bug in read retry found by coverity
Updating during the freeze for (also from the changelog) "important
changes: bugfixes, portability".
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Likely this is needed because gtk2 no longer provides python2.
|
|
Likely this is needed because gtk2 no longer provides python2.
|
|
0.13.2:
Fixed
* Log full exception traceback in case of invalid HTTP request.
|
|
Drupal 7.75, 2020-11-26
-----------------------
- Fixed security issues:
- SA-CORE-2020-013
Drupal 7.74, 2020-11-17
-----------------------
- Fixed security issues:
- SA-CORE-2020-012
|
|
Changes:
1.0.0 (2020-11-22)
------------------
- Prevent invalid window bit sizes.
- Added support for Python 3.8 and 3.9.
|
|
=== RELEASE 2.21 ===
Sun Aug 2 15:26:02 cet 2020 mikulas:
Workaround for a crash on OS/2 caused by gcc3 bug
Thu Apr 16 18:17:39 CEST 2020 Emir Yasin SARI <bitigchi@me.com>:
Updated Turkish translation
Wed Jan 8 18:25:17 CET 2020 mikulas:
Fix a bug that textarea was broken if it immediatelly followed a list
Sun Nov 3 09:33:08 CET 2019 pluvano <me@pluvano.com>:
Delete the 4-pixel border in Xwindow
Tue Oct 8 20:26:47 CEST 2019 mikulas:
Fix a bug that an image would not be properly resized sometimes
|
|
|
|
|
|
Security Vulnerabilities fixed in Firefox ESR 78.6
#CVE-2020-16042: Operations on a BigInt could have caused uninitialized
memory to be exposed
#CVE-2020-26971: Heap buffer overflow in WebGL
#CVE-2020-26973: CSS Sanitizer performed incorrect sanitization
#CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
#CVE-2020-26978: Internal network hosts could have been probed by a
malicious webpage
#CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs
#CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead
#CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
|
|
- [core] attempt to quiet some coverity warnings
- [mod_webdav] compile fix for Mac OSX/11
- [core] handle U+00A0 in config parser
- [core] fix lighttpd -1 one-shot with pipes
- [core] quiet start/shutdown trace in one-shot mode
- [core] allow keep-alives in one-shot mode (#3042)
- [mod_webdav] define _ATFILE_SOURCE if AT_FDCWD
- [core] setsockopt IPV6_V6ONLY if server.v4mapped
- [build] fix meson.build when building all TLS mods
- [core] prefer inet_aton() over inet_addr()
- [build] fix SCons build when building all TLS mods
- [core] add missing mod_wolfssl to ssl compat list
- [mod_openssl] remove ancient preprocessor logic
- [core] SHA512_Init, SHA512_Update, SHA512_Final
- [mod_wolfssl] add complex preproc logic for SNI
- [core] wrap a macro value with parens
- [core] fix handling chunked response from backend (fixes #3044)
- [core] always set file.fd = -1 on FILE_CHUNK reset (fixes #3044)
- [core] skip some trace if backend Upgrade (#3044)
- [TLS] cert-staple.sh POSIX sh compat (fixes #3043)
- [core] portability fix if st_mtime not defined
- [mod_nss] portability fix
- [core] warn if mod_authn_file needed in conf
- [core] fix chunked decoding from backend (fixes #3044)
- [core] reject excess data after chunked encoding (#3046)
- [core] track chunked encoding state from backend (fixes #3046)
- [core] li_restricted_strtoint64()
- [core] track Content-Length from backend (fixes #3046)
- [core] enhance config parsing debugging (#3047)
- [core] reorder srv->config_context to match ndx (fixes #3047)
- [mod_proxy] proxy.header = ("force-http10" => ...)
- [mod_authn_ldap] fix crash (fixes #3048)
- [mod_authn_ldap, mod_vhostdb_ldap] default cafile
- [core] fix array_copy_array() sorted[]
- [multiple] replace fall through comment with attr
- [core] fix crash printing trace if backend is down
- [core] fix decoding chunked from backend (fixes #3049)
- [core] attempt to quiet some coverity warnings
|
|
* Sync with www/firefox-84.0.
|
|
Changelog:
New
* Native support for macOS devices built with Apple Silicon CPUs brings
dramatic performance improvements over the non-native build that was
shipped in Firefox 83: Firefox launches over 2.5 times faster and web apps
are now twice as responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest Firefox.
* WebRender rolls out to MacOS Big Sur, Windows devices with Intel Gen 6
GPUs, and Intel laptops running Windows 7 and 8. Additionally we'll ship an
accelerated rendering pipeline for Linux/GNOME/X11 users for the first
time, ever!
* Firefox now uses more modern techniques for allocating shared memory on
Linux, improving performance and increasing compatibility with Docker.
* Firefox 84 is the final release to support Adobe Flash.
Fixed
* Various security fixes
#CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory
to be exposed
#CVE-2020-26971: Heap buffer overflow in WebGL
#CVE-2020-26972: Use-After-Free in WebGL
#CVE-2020-26973: CSS Sanitizer performed incorrect sanitization
#CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
#CVE-2020-26975: Malicious applications on Android could have induced Firefox
for Android into sending arbitrary attacker-specified headers
#CVE-2020-26976: HTTPS pages could have been intercepted by a registered
service worker when they should not have been
#CVE-2020-26977: URL spoofing via unresponsive port in Firefox for Android
#CVE-2020-26978: Internal network hosts could have been probed by a malicious
webpage
#CVE-2020-26979: When entering an address in the address or search bars, a
website could have redirected the user before they were navigated to the
intended url
#CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs
#CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead
#CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
|
|
Changes with nginx 1.19.6 15 Dec 2020
*) Bugfix: "no live upstreams" errors if a "server" inside "upstream"
block was marked as "down".
*) Bugfix: a segmentation fault might occur in a worker process if HTTPS
was used; the bug had appeared in 1.19.5.
*) Bugfix: nginx returned the 400 response on requests like
"GET http://example.com?args HTTP/1.0".
*) Bugfix: in the ngx_http_flv_module and ngx_http_mp4_module.
And while here, also update naxsi to 1.3.
Changes for naxsi 1.3:
*) Fixed regression on FILE_EXT confusion
*) Documented id 19 and 20 to rules
|
|
Changes for naxsi 1.3:
- Fixed regression on FILE_EXT confusion
- Documented id 19 and 20 to rules
|
|
Changelog:
Version 20.0.4 December 17 2020
Changes
* Avoid dashboard crash when accessibility app is not installed (server#
24636)
* Bump ini from 1.3.5 to 1.3.7 (server#24649)
* Handle owncloud migration to latest release (server#24653)
* Use string for storing a OCM remote id (server#24654)
* Fix MySQL database size calculation (serverinfo#262)
* Bump cypress-io/github-action@v2 (viewer#722)
* Fix] sidebar opening animation (viewer#723)
* Fix not.exist cypress and TESTING checks (viewer#725)
Note: the main improvement in this very small release is the migration support.
Version 20.0.3 December 10 2020
Changes
* Check quota of subdirectories when uploading to them (server#24181)
* CircleId too short in some request (server#24196)
* Missing level in ScopedPsrLogger (server#24212)
* Fix nextcloud logo in email notifications misalignment (server#24228)
* Allow selecting multiple columns with SELECT DISTINCT (server#24230)
* Use file name instead of path in 'not allowed to share' message (server#
24231)
* Fix setting images through occ for theming (server#24232)
* Use regex when searching on single file shares (server#24239)
* Harden EncryptionLegacyCipher a bit (server#24249)
* Update ScanLegacyFormat.php (server#24258)
* Simple typo in comments (server#24259)
* Use correct year for generated birthdays events (server#24263)
* Delete files that exceed trashbin size immediately (server#24297)
* Update sabre/xml to fix XML parsing errors (server#24311)
* Only check path for being accessible when the storage is a object home
(server#24325)
* Avoid empty null default with value that will be inserted anyways (server#
24333)
* Fix contacts menu position and show uid as a tooltip (server#24342)
* Fix the config key on the sharing expire checkbox (server#24346)
* Set the display name of federated sharees from addressbook (server#24353)
* Catch storage not available in versions expire command (server#24367)
* Use proper bundles for files client and fileinfo (server#24377)
* Properly encode path when fetching inherited shares (server#24387)
* Formatting remote sharer should take protocol, path into account (server#
24391)
* Make sure we add new line between vcf groups exports (server#24443)
* Fix public calendars shared to circles (server#24446)
* Store scss variables under a different prefix for each theming config
version (server#24453)
* External storages: save group ids not display names in configuration
(server#24455)
* Use correct l10n source in files_sharing JS code (server#24462)
* Set frame-ancestors to none if none are filled (server#24477)
* Move the password fiels of chaging passwords to post (server#24478)
* Move the global password for files external to post (server#24479)
* Only attempt to move to trash if a file is not in appdata (server#24483)
* Fix loading mtime of new file in conflict dialog in firefox (server#24491)
* Harden setup check for TLS version if host is not reachable (server#24502)
* Fix file size computation on 32bit platforms (server#24509)
* Allow subscription to indicate that a userlimit is reached (server#24511)
* Set mountid for personal external storage mounts (server#24513)
* Only execute plain mimetype check for directories and do the fallback…
(server#24517)
* Fix vsprint parameter (server#24527)
* Replace abandoned log normalizer with our fork (server#24530)
* Add icon to user limit notification (server#24531)
* Also run repair steps when encryption is disabled but a legacy key is
present (server#24532)
* [3rdparty][security] Archive TAR to 1.4.11 (server#24534)
* Generate a new session id if the decrypting the session data fails (server#
24553)
* Revert "Do not read certificate bundle from data dir by default" (server#
24556)
* Dont use system composer for autoload checker (server#24557)
* Remember me is not an app_password (server#24563)
* Do not load nonexisting setup.js (server#24582)
* Update sabre/xml to fix XML parsing errors (3rdparty#529)
* Use composer v1 on CI (3rdparty#532)
* Bump pear/archive_tar from 1.4.9 to 1.4.11 (3rdparty#536)
* Replace abandoned log normalizer with our fork (3rdparty#543)
* Allow nullable values as subject params (activity#535)
* Don't log when unknown array is null (notifications#803)
* Feat/virtual grid (photos#550)
* Make sure we have a string to localecompare to (photos#583)
* Always get recommendations for dashboard if enabled (recommendations#336)
* Properly fetch oracle database information (serverinfo#258)
* Also register to urlChanged event to update RichWorkspace (text#1181)
* Move away from GET (text#1214)
|
|
pkgsrc changes:
- Remove ICU 68.1 patches applied upstream
Changes:
WebKitGTK 2.30.4
================
- Fix text data sent with WebSockets when using libsoup < 2.68.
- Fix the rendering on Raspberry Pi 3 using the proprietary video driver.
- Fix clipping of descedant layers of a mask layer.
- Fix the build with ICU 68.1.
|
|
3.1.0
Changes:
Improvement: pipchecker, sleep 60s if pypi raises a fault
Improvement: add django_zero_downtime_migrations to list of supported postgresql engines
Improvement: use list of supported database engines from settings for all database commands
Improvement: reset_db, documentation
Fix: tests, Python 3.9 fixes for some tests
Fix: runserver_plus, parsing of RUNSERVER_PLUS_EXTRA_FILES
3.0.9
Changes:
Improvement: runserver_plus, survive syntax and configuration errors part II
Improvement: tests, refactor test runner
Improvement: sqlcreate, support postgresql unix domain socket
3.0.8
Changes:
Improvement: setup.cfg, remove universal flag from wheel, we only support Python 3 and up
Improvement: sqlcreate, fixed mentioned of old syncdb
Fix: runserver_plus, stop catching SyntaxError since reload for it was not working properly
3.0.7
Changes:
Improvement: runserver_plus, survive syntax and configuration errors
Improvement: runscript, use exit-code 1 if script is not found
3.0.6
Changes:
Improvement: runscript, add --continue-on-error unless set runscript will exit on errors
Improvement: runscript, allow to return exit-code
Improvement: runscript, support raise CommandError(... returncode=...)
Improvement: runscript, run Django checks() and check_migrations() before executing scripts
Improvement: shell_plus, set application name on all postgresql backends
3.0.5
Changes:
Fix: runserver_plus, exceptions must derive from BaseException error
3.0.4
Changes:
Various cleanups
Deprecated using --router instead use --database
Locales: Indonesian and Polish, updated
Improvement: show_dsn, fix crash with django-postgres-extra
Improvement: print_settings, added wildcard support
Improvement: print_settings, added --fail option
Improvement: delete_squashed_migrations, add --database option
Improvement: runserver_plus, added RUNSERVER_PLUS_EXTRA_FILES setting
Improvement: runserver_plus, added runserver_plus_started signal
3.0.3
Changes:
New: InternalIPS, allows to specify CIDRs for INTERNAL_IPS
Docs: restructure toctree
3.0.2
Changes:
Fix: shell_plus, fix honouring SHELL_PLUS in settings.py
3.0.1
Changes:
Fix: setup.py, add python_requires and remove legacy trove classifiers
3.0.0
This is the first Django Extensions release which only targets Django 2.2 and above. It drops official support for Python 2.7.
Changes:
Removal of Python 2 support
Removal of deprecated keyczar encrypted fields EncryptedTextField and EncryptedCharField
Removal of deprecated passwd command
Removal of truncate_letters filter
Change: TimeStampedModel; Removed default ordering on abstract model
New: DjangoExtensionsConfig AppConfig
New: shell_plus, JupyterLab support
New: list_signals, List all signals by model and signal type
Improvement: shell_plus, use -- to directly pass additional arguments to Jupyter
Improvement: shell_plus, improvements to MySQL support
Improvement: jobs, use logging to record errors
Improvement: syncdata, added --remove-before flag
Improvement: graph_models, add field and model to template context
Fix: syncdata, fix non existent field in fixture data
Fix: pipchecker, compatibility with pip 20.1
|
|
v1.1.8
- Explicitly support Python v3.8
- Test Python v3.7 and v3.8 with CI
- Fix sample slideshow link in `setup.py`
v1.1.7
- Change "PrinceXML" references to "Prince"
- Upgrade `Jinja2` from v2.10 to v2.10.1
- Support `markdown` v3.0+
- Fix Prince integration for PDF output
- Use HTTPS URLs in generated HTML code
|
|
3.6.0:
Drop Python 3.5 support.
Support Python 3.9.
|
|
0.13.1
Fixed
Prevent exceptions when the ASGI application rejects a connection during the WebSocket handshake, when running on both --ws wsproto or --ws websockets.
Ensure connection scope doesn't leak in logs when using JSON log formatters.
|
|
Added devel/R-waldo version 0.2.3
Added devel/R-diffobj version 0.3.2
Added devel/R-brio version 1.1.0
Added www/R-diffviewer version 0.1.0
Updated sysutils/R-ps to 1.5.0
|
|
A HTML widget that shows differences between files (text, images, and
data frames).
|
|
List of changes is here: https://wordpress.org/support/wordpress-version/version-5-6/
|
|
A text-based interface (TUI) to view and interact with Reddit from your
terminal.
|
|
Changelog is sketchy, but this adds a parameter that is needed by newer
versions of ocsigen-start.
|
|
Mostly compatibility updates with dependencies.
|
|
Changelog is incomplete, but at least one widget (ot_tongue) was added.
|
|
The changelog has not been updated yet, but changes from the previous
version seem minor only.
|
|
This version is not in the changelog yet, but changes seem minor.
|
|
ChangeLog:
- We have two new lexers: one for OCL and one for ReScript.
- There are also fixes for the CMake, Crystal, JSL, Python, ReasonML
and Rust lexers.
|
|
Changelog for 8.5.61:
- Align the behaviour of ServletContext.getRealPath(String path) with the
recent clarification from the Servlet specification project. If the path
parameter does not start with / then Tomcat processes the call as if / is
appended to the beginning of the provided path.
- Fix a potential file descriptor leak when WebSocket connections are
attempted and fail.
- Ensure that the LoadBalancerDrainingValve uses the correct setting for the
secure attribute for any session cookies it creates.
Changelog for 8.5.60:
- Statistics are now available (via JMX) for HTTP/2, WebSocket and HTTP/1.1
upgraded connections
- Stability improvements for HTTP/2
- Improvements to error handling in the connection pool used by the JNDI
Realm
|
|
Changelog for 9.0.41:
- Align the behaviour of ServletContext.getRealPath(String path) with the
recent clarification from the Servlet specification project. If the path
parameter does not start with / then Tomcat processes the call as if / is
appended to the beginning of the provided path.
- Fix a potential file descriptor leak when WebSocket connections are
attempted and fail.
- Ensure that the LoadBalancerDrainingValve uses the correct setting for the
secure attribute for any session cookies it creates.
Changelog for 9.0.40:
- Statistics are now available (via JMX) for HTTP/2, WebSocket and HTTP/1.1
upgraded connections
- Stability improvements for HTTP/2
- Stability improvements for the NIO connector
|
|
0.13.0:
Added
Add --factory flag to support factory-style application imports.
Skip installation of signal handlers when not in the main thread. Allows using Server in multithreaded contexts without having to override .install_signal_handlers().
|
|
curl and libcurl 7.74.0
This release includes the following changes:
o hsts: add experimental support for Strict-Transport-Security
This release includes the following bugfixes:
o CVE-2020-8286: Inferior OCSP verification
o CVE-2020-8285: FTP wildcard stack overflow
o CVE-2020-8284: trusting FTP PASV responses
o acinclude: detect manually set minimum macos/ipod version
o alt-svc: enable (in the build) by default
o alt-svc: minimize variable scope and avoid "DEAD_STORE"
o asyn: use 'struct thread_data *' instead of 'void *'
o checksrc: warn on empty line before open brace
o CI/appveyor: disable test 571 in two cmake builds
o CI/azure: improve on flakiness by avoiding libtool wrappers
o CI/tests: enable test target on TravisCI for CMake builds
o CI/travis: add brotli and zstd to the libssh2 build
o cirrus: build with FreeBSD 12.2 in CirrusCI
o cmake: call the feature unixsockets without dash
o cmake: check for linux/tcp.h
o cmake: correctly handle linker flags for static libs
o cmake: don't pass -fvisibility=hidden to clang-cl on Windows
o cmake: don't use reserved target name 'test'
o cmake: make BUILD_TESTING dependent option
o cmake: make CURL_ZLIB a tri-state variable
o cmake: set the unicode feature in curl-config on Windows
o cmake: store IDN2 information in curl_config.h
o cmake: use libcurl.rc in all Windows builds
o configure: pass -pthread to Libs.private for pkg-config
o configure: use pkgconfig to find openSSL when cross-compiling
o connect: repair build without ipv6 availability
o curl.1: add an "OUTPUT" section at the top of the manpage
o curl.se: new home
o curl: add compatibility for Amiga and GCC 6.5
o curl: only warn not fail, if not finding the home dir
o curl_easy_escape: limit output string length to 3 * max input
o Curl_pgrsStartNow: init speed limit time stamps at start
o curl_setup: USE_RESOLVE_ON_IPS is for Apple native resolver use
o curl_url_set.3: fix typo in the RETURN VALUE section
o CURLOPT_DNS_USE_GLOBAL_CACHE.3: fix typo
o CURLOPT_HSTS.3: document the file format
o CURLOPT_NOBODY.3: fix typo
o CURLOPT_TCP_NODELAY.3: fix comment in example code
o CURLOPT_URL.3: clarify SCP/SFTP URLs are for uploads as well
o docs: document the 8MB input string limit
o docs: fix typos and markup in ETag manpage sections
o docs: Fix various typos in documentation
o examples/httpput: remove use of CURLOPT_PUT
o FAQ: refreshed
o file: avoid duplicated code sequence
o ftp: retry getpeername for FTP with TCP_FASTOPEN
o gnutls: fix memory leaks (certfields memory wasn't released)
o header.d: mention the "Transfer-Encoding: chunked" handling
o HISTORY: the new domain
o http3: fix two build errors, silence warnings
o http3: use the master branch of GnuTLS for testing
o http: pass correct header size to debug callback for chunked post
o http_proxy: use enum with state names for 'keepon'
o httpput-postfields.c: new example doing PUT with POSTFIELDS
o infof/failf calls: fix format specifiers
o libssh2: fix build with disabled proxy support
o libssh2: fix transport over HTTPS proxy
o libssh2: require version 1.0 or later
o Makefile.m32: add support for HTTP/3 via ngtcp2+nghttp3
o Makefile.m32: add support for UNICODE builds
o mqttd: fclose test file when done
o NEW-PROTOCOL: document what needs to be done to add one
o ngtcp2: adapt to recent nghttp3 updates
o ngtcp2: advertise h3 ALPN unconditionally
o ngtcp2: Fix build error due to symbol name change
o ngtcp2: use the minimal version of QUIC supported by ngtcp2
o ntlm: avoid malloc(0) on zero length user and domain
o openssl: acknowledge SRP disabling in configure properly
o openssl: free mem_buf in error path
o openssl: guard against OOM on context creation
o openssl: use OPENSSL_init_ssl() with >= 1.1.0
o os400: Sync libcurl API options
o packages/OS400: make the source code-style compliant
o quiche: close the connection
o quiche: remove 'static' from local buffer
o range.d: clarify that curl will not parse multipart responses
o range.d: fix typo
o Revert "multi: implement wait using winsock events"
o rtsp: error out on empty Session ID, unified the code
o rtsp: fixed Session ID comparison to refuse prefix
o rtsp: fixed the RTST Session ID mismatch in test 570
o runtests: return error if no tests ran
o runtests: revert the mistaken edit of $CURL
o runtests: show keywords when no tests ran
o scripts/completion.pl: parse all opts
o socks: check for DNS entries with the right port number
o src/tool_filetime: disable -Wformat on mingw for this file
o strerror: use 'const' as the string should never be modified
o test122[12]: remove these two tests
o test506: make it not run in c-ares builds
o tests/*server.py: close log file after each log line
o tests/server/tftpd.c: close upload file right after transfer
o tests/util.py: fix compatibility with Python 2
o tests: add missing global_init/cleanup calls
o tests: fix some http/2 tests for older versions of nghttpx
o tool_debug_cb: do not assume zero-terminated data
o tool_help: make "output" description less confusing
o tool_operate: --retry for HTTP 408 responses too
o tool_operate: bail out proper on errors during parallel transfers
o tool_operate: fix compiler warning when --libcurl is disabled
o tool_writeout: use off_t getinfo-types instead of doubles
o travis: use ninja-build for CMake builds
o travis: use valgrind when running tests for debug builds
o urlapi: don't accept blank port number field without scheme
o urlapi: URL encode a '+' in the query part
o urldata: remove 'void *protop' and create the union 'p'
o vquic/ngtcp2.h: define local_addr as sockaddr_storage
|
|
|
|
For the Python 3.8 default switch.
|
|
|