Age | Commit message (Collapse) | Author | Files | Lines |
|
* Add ur locale.
* Sync with www/firefox-81.0.
|
|
Changelog:
September 22, 2020
Version 81.0, first offered to Release channel users on September 22, 2020
We'd like to extend a special thank you to all of the new Mozillians who
contributed to this release of Firefox.
New
* You can pause and play audio or video in Firefox right from your keyboard
or headset, giving you easy access to control your media when in another
Firefox tab, another program, or even when your computer is locked.
* In addition to our default, dark and light themes, with this release,
Firefox introduces the Alpenglow theme: a colorful appearance for buttons,
menus, and windows. You can update your Firefox themes under settings or
preferences.
* For our users in the US and Canada, Firefox can now save, manage, and
auto-fill credit card information for you, making shopping on Firefox ever
more convenient. To ensure the smoothest experience, this will be rolling
out to users gradually.
* Firefox supports AcroForm, which will soon allow you to fill in, print, and
save supported PDF forms and the PDF viewer also has a new fresh look.
* Our users in Austria, Belgium and Switzerland using the German version of
Firefox will now see Pocket recommendations in their new tab featuring some
of the best stories on the web. If you don’t see them, you can turn on
Pocket articles in your new tab by following these steps. In addition to
Firefox’s new tab, Pocket is also available as an app on iOS and Android.
Fixed
* Various security fixes.
* We’ve fixed a bug for users of language packs where the default language
was reset to English after Firefox updates.
* Browser native HTML5 audio/video controls received several important
accessibility fixes:
+ Audio/video controls remain accessible to screen readers even when they
are temporarily hidden visually.
+ Audio/video elapsed and total time are now accessible to screen readers
where they weren't previously.
+ Various unlabelled controls are now labelled making them identifiable
to screen readers.
+ Screen readers no longer intrusively report progress information unless
the user requests it.
Changed
* You will soon find Picture-in-Picture more easily on all the videos you
watch with new iconography.
* The bookmarks toolbar is now automatically revealed once bookmarks are
imported into Firefox, making it easier to find your most important
websites.
* We have expanded our supported file types - .xml, .svg, and .webp - so
files you’ve downloaded can be opened right in Firefox.
Security fixes:
#CVE-2020-15675: Use-After-Free in WebGL
#CVE-2020-15677: Download origin spoofing via redirect
#CVE-2020-15676: XSS when pasting attacker-controlled data into a
contenteditable element
#CVE-2020-15678: When recursing through layers while scrolling, an iterator may
have become invalid, resulting in a potential use-after-free scenario
#CVE-2020-15673: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3
corruption and we presume that with enough effort some of these could have been
exploited to run arbitrary code.
#CVE-2020-15674: Memory safety bugs fixed in Firefox 81
|
|
Changes:
2.30.1
======
- Bring back the environment variable to force single process mode when PSON is disabled.
- Fix downloads started by an ephemeral web context.
- Translation updates: Brazilian Portuguese.
|
|
PKGREVISION++
|
|
Security Vulnerabilities fixed in Firefox ESR 78.3
#CVE-2020-15677: Download origin spoofing via redirect
#CVE-2020-15676: XSS when pasting attacker-controlled data into a
contenteditable element
#CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-free scenario
#CVE-2020-15673: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3
|
|
Add upstream patch for CVE-2020-25219. Bump revision.
|
|
|
|
Update php-ja-wordpress package to 5.5.1.
Most of changes are the same as wordpress package:
<http://mail-index.netbsd.org/pkgsrc-changes/2020/09/19/msg221317.html>.
Japanese own changes are unknown.
|
|
# httr 1.4.2
* Fix failing test.
* `parse_url()` now refers to RFC3986 for the parsing of the URL's
scheme, with a bit more permissive syntax (@ymarcon, #615).
|
|
It turns out the HTTPS plugin hardcodes the SSL certificate dir as
/etc/ssl/certs, which is incorrect in NetBSD. SUBST it to the correct
location and bump revision.
|
|
|
|
Data URIs allow resources to be embedded inside a URI. The URI::Data
class provides support for parsing these URIs using the normal
URI.parse method.
|
|
2.01 2020-09-18 17:51:10Z
- Add rel filter to find_link() (GH#305) (Julien Fiegehenn)
- Fix typos (GH#304) (Ferenc Erki)
|
|
8.59 2020-09-05
- Added l function to ojo. (kiwiroy)
- Added MOJO_PROMISE_DEBUG environment variable to Mojo::Promise.
|
|
1.94 2020-09-19
- better error if LockDataSource is missing in Apache::Session::Lock::MySQL
|
|
Update drupal8 package to 8.9.6.
Fixes these security prbolems:
SA-CORE-2020-007: CVE-2020-13666
SA-CORE-2020-008: CVE-2020-13667
SA-CORE-2020-009: CVE-2020-13668
SA-CORE-2020-010: CVE-2020-13669
SA-CORE-2020-011: CVE-2020-13670
|
|
Update drupal7 package to 7.73.
Drupal 7.73, 2020-09-16
-----------------------
- Fixed security issues:
- SA-CORE-2020-007
|
|
Update ruby-puma package to 5.0.0.
## 5.0.0
* Features
* Allow compiling without OpenSSL and dynamically load files needed for SSL, add 'no ssl' CI (#2305)
* EXPERIMENTAL: Add `fork_worker` option and `refork` command for reduced memory usage by forking from a worker process instead of the master process. (#2099)
* EXPERIMENTAL: Added `wait_for_less_busy_worker` config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (#2079).
* EXPERIMENTAL: Added `nakayoshi_fork` option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (#2093, #2256)
* Added pumactl `thread-backtraces` command to print thread backtraces (#2054)
* Added incrementing `requests_count` to `Puma.stats`. (#2106)
* Increased maximum URI path length from 2048 to 8192 bytes (#2167, #2344)
* `lowlevel_error_handler` is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (#2203)
* Faster phased restart and worker timeout (#2220)
* Added `state_permission` to config DSL to set state file permissions (#2238)
* Added `Puma.stats_hash`, which returns a stats in Hash instead of a JSON string (#2086, #2253)
* `rack.multithread` and `rack.multiprocess` now dynamically resolved by `max_thread` and `workers` respectively (#2288)
* Deprecations, Removals and Breaking API Changes
* `--control` has been removed. Use `--control-url` (#1487)
* `worker_directory` has been removed. Use `directory`.
* min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (#2143)
* max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (#2143)
* max_threads default to 5 in MRI or 16 for all other interpreters. (#2143)
* preload by default if workers > 1 (#2143)
* Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (#2143)
* `tcp_mode` has been removed without replacement. (#2169)
* Daemonization has been removed without replacement. (#2170)
* Changed #connected_port to #connected_ports (#2076)
* Configuration: `environment` is read from `RAILS_ENV`, if `RACK_ENV` can't be found (#2022)
* Log binding on http:// for TCP bindings to make it clickable
* Bugfixes
* Fix JSON loading issues on phased-restarts (#2269)
* Improve shutdown reliability (#2312, #2338)
* Close client http connections made to an ssl server with TLSv1.3 (#2116)
* Do not set user_config to quiet by default to allow for file config (#2074)
* Always close SSL connection in Puma::ControlCLI (#2211)
* Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (#2069)
* Ensure control server Unix socket is closed on shutdown (#2112)
* Preserve `BUNDLE_GEMFILE` env var when using `prune_bundler` (#1893)
* Send 408 request timeout even when queue requests is disabled (#2119)
* Rescue IO::WaitReadable instead of EAGAIN for blocking read (#2121)
* Ensure `BUNDLE_GEMFILE` is unspecified in workers if unspecified in master when using `prune_bundler` (#2154)
* Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (#1551)
* Read directly from the socket in #read_and_drop to avoid raising further SSL errors (#2198)
* Set `Connection: closed` header when queue requests is disabled (#2216)
* Pass queued requests to thread pool on server shutdown (#2122)
* Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (#2220)
* Fix `out_of_band` hook never executed if the number of worker threads is > 1 (#2177)
* Fix ThreadPool#shutdown timeout accuracy (#2221)
* Fix `UserFileDefaultOptions#fetch` to properly use `default` (#2233)
* Improvements to `out_of_band` hook (#2234)
* Prefer the rackup file specified by the CLI (#2225)
* Fix for spawning subprocesses with fork_worker option (#2267)
* Set `CONTENT_LENGTH` for chunked requests (#2287)
* JRuby - Add Puma::MiniSSL::Engine#init? and #teardown methods, run all SSL tests (#2317)
* Improve shutdown reliability (#2312)
* Resolve issue with threadpool waiting counter decrement when thread is killed
* Constrain rake-compiler version to 0.9.4 to fix `ClassNotFound` exception when using MiniSSL with Java8.
* Fix recursive `prune_bundler` (#2319).
* Ensure that TCP_CORK is usable
* Fix corner case when request body is chunked (#2326)
* Fix filehandle leak in MiniSSL (#2299)
* Refactor
* Remove unused loader argument from Plugin initializer (#2095)
* Simplify `Configuration.random_token` and remove insecure fallback (#2102)
* Simplify `Runner#start_control` URL parsing (#2111)
* Removed the IOBuffer extension and replaced with Ruby (#1980)
* Update `Rack::Handler::Puma.run` to use `**options` (#2189)
* ThreadPool concurrency refactoring (#2220)
* JSON parse cluster worker stats instead of regex (#2124)
* Support parallel tests in verbose progress reporting (#2223)
* Refactor error handling in server accept loop (#2239)
|
|
Changes:
5.5:
- lazy-loaded images
- new sitemap
- autoupdate of plugins and themes
- block editor:
- block patterns
- block directory
- inline image editing
5.5.1:
WordPress Core changes on Trac:
#50882 - Administration: WP 5.5: Cannot attribute content when deleting users
#50998 - Quick/Bulk Edit: Editing posts using bottom "Bulk actions" dropdown menu doesn't work
#38009 - Comments: #reply-title.comment-reply-title not updating when replying to an individual
#50845 - Editor: Block patterns: Fix translatable strings (take 2)
#50858 - Site Health: Check PHP notices with site_status_tests filter
#50887 - Site Health: Add site environment to debug information
#50892 - Editor: Some block patterns have text contrast issues with dark themes
#50910 - Sitemaps: 5.5 Sitemap URLs are incorrectly paginated
#50912 - Site Health: flags define WP_AUTO_UPDATE_CORE value as an error
#50919 - Script Loader: Change the jquery handle back to an alias for jquery-core
#50933 - Media: Lazy loading in 5.5 causes flashing of custom logo in Firefox
#50945 - Site Health: don't give a warning when upload_max_size is lower than max_post_size
#50988 - Upgrade/Install: Pass details about the specific plugin and theme updates attempted to filters
#50992 - Bootstrap/Load: Remove the ability to alter the list of environment types in wp_get_environment_type()
#50999 - Script Loader: Disable concatenation for scripts with translations to ensure they are printed in the right order
#51011 - Upgrade/Install: Empty string comparison on home option during DB upgrades is invalid
#51018 - Editor: PHP Notice thrown when searching for certain terms via the Gutenberg block directory
#51151 - Editor: Packages update
#51021 - REST API: Permit uniqueItems keyword in endpoint args
#51146 - REST API: Fix multi-type schemas with integer fields
#51029 - Filesystem API: Typo in variable name causes warning from fclose()
#51042 - Post: missing excerpt
#51050 - Docs: Add docblock for get_the_archive_title() filter
#51052 - Administration: Undefined index: update-supported
#51060 - Docs: Update register_rest_route docblock to reflect additions since 5.5
#51064 - Bootstrap/Load: Consider adding "local" as environment on WP_ENVIRONMENT_TYPE
#51073 - Administration: Extra padding below the admin bar
#51075 - Docs: Update docs for custom logo functions
#51122 - Docs: add a mention about the use of loading attribute in wp_get_attachment_image function
#51127 - UI/CSS: Remove non-color related styling from Modern color scheme
#51129 - Upgrade/Install: Only display the auto-update links on the Network Admin > Themes screen for themes that support the feature
#51337 - Template: wp_terms_checklist not checking selected taxonomy items with selected_cats option
#51184 - get_the_date() checks $format only for empty variable and fails on false boolean
#51182 - Theme_Installer_skin::do_overwrite does not work on a Windows server
#38009 - #reply-title.comment-reply-title not updating when replying to an individual
#51123 - commonL10n and other JS globals removed without backwards compatibility
#50848 - Clarify the usage of null for auto_update_{$type} filter
#51081 - Fatal Error - Undefined get_page_templates() in Customizer
#51154 - sitemaps should be initialized before each test is run
#51028 - Dot should be out of the quotes
Block editor changes from GitHub:
PR24609 - Fix missing selected block highlighting in list view
PR24599 - Fix specificity for buttons with outline style and background colors
PR24533 - Fix incorrect aria description in List View
PR24516 - Fix regression bug for category select in QueryControls component
PR24478 - Fix tiny editor preview when using Mobile or Tablet options with metaboxes enabled
|
|
|
|
Changelog:
19.0.3
Changes
Fix possible leaking scope in Flow (server#22410)
Combine body-login rules in theming and fix twofactor and guest styling on bright colors (server#22427)
Show better quota warning for group folders and external storage (server#22442)
Add php docs build script (server#22448)
Fix clicks on actions menu of non opaque file rows in acceptance tests (server#22503)
Fix writing BLOBs to postgres with recent contacts interaction (server#22515)
Set the mount id before calling storage wrapper (server#22519)
Fix S3 error handling (server#22521)
Only disable zip64 if the size is known (server#22537)
Change free space calculation (server#22553)
Do not keep the part file if the forbidden exception has no retry set (server#22560)
Fix app password updating out of bounds (server#22569)
Use the correct root to determinate the webroot for the resource (server#22579)
Upgrade icewind/smb to 3.2.7 (server#22581)
Bump elliptic from 6.4.1 to 6.5.3 (notifications#732)
Fixes regression that prevented you from toggling the encryption flag (privacy#489)
Match any non-whitespace character in filesystem pattern (serverinfo#229)
Catch StorageNotAvailable exceptions (text#1001)
Harden read only check on public endpoints (text#1017)
Harden check when using token from memcache (text#1020)
Sessionid is an int (text#1029)
Only overwrite Ctrl-f when text is focussed (text#990)
Set the X-Requested-With header on dav requests (viewer#582)
19.0.2
Changes
Lower minimum search length to 2 characters (server#21782)
Call openssl_pkey_export with $config and log errors. (server#21804)
Improve error reporting on sharing errors (server#21806)
Do not log RequestedRangeNotSatisfiable exceptions in DAV (server#21840)
Fix parsing of language code (server#21857)
Fix typo in revokeShare() (server#21876)
Discourage webauthn user interaction (server#21917)
Encryption is ready if master key is enabled (server#21935)
Disable fragile comments tests (server#21939)
Do not double encode the userid in webauthn login (server#21953)
Update icewind/smb to 3.2.6 (server#21955)
Respect default share permissions (server#21967)
allow admin to configure the max trashbin size (server#21975)
Fix risky test in twofactor_backupcodes (server#21978)
Fix PHPUnit deprecation warnings (server#21981)
Fix moving files from external storage to object store trashbin (server#21983)
Ignore whitespace in sharing by mail (server#21991)
Properly fetch translation for remote wipe confirmation dialog (server#22036)
Parse_url returns null in case a parameter is not found (server#22044)
Bump elliptic from 6.5.2 to 6.5.3 (server#22050)
Correctly remove usergroup shares on removing group members (server#22053)
Fix height to big for iPhone when using many apps (server#22064)
Reset the cookie internally in new API when abandoning paged results op (server#22069)
Add Guzzle's InvalidArgumentException (server#22070)
Contactsmanager shall limit number of results early (server#22091)
Fix browser freeze on long password input (server#22094)
Search also the email and displayname in user mangement for groups (server#22118)
Ensured large image is unloaded from memory when generating previews (server#22121)
Fix display of remote users in incoming share notifications (server#22131)
Reuse cache for directory mtime/size if filesystem changes can be ignored (server#22171)
Remove unexpected argument (server#22178)
Do not exit if available space cannot be determined on file transfer (server#22181)
Fix empty 'more' apps navigation after installing an app (server#22183)
Fix default log_rotate_size in config.sample.php (server#22192)
shortcut in reading nested group members when IN_CHAIN is available (server#22203)
Fix chmod on file descriptor (server#22208)
Do clearstatcache() on rmdir (server#22209)
SSE enhancement of file signature (server#22210)
Remove logging message carrying no valuable information (server#22215)
Add app config option to disable "Email was changed by admin" activity (server#22232)
Delete chunks if the move on an upload failed (server#22239)
Silence duplicate session warnings (server#22247)
Doctrine: Fix unquoted stmt fragments backslash escaping (server#22252)
Allow to disable share emails (server#22300)
Show disabled user count in occ user:report (server#22302)
Bump 3rdparty to last stable19 commit (server#22303)
Fixing a logged deprecation message (server#22309)
CalDAV: Add ability to limit sharing to owner (server#22333)
Only copy the link when updating a share or no password was forced (server#22337)
Remove encryption option for nextcloud external storage (server#22341)
L10n:Correct appid for WebAuthn (server#22348)
Properly search for users when limittogroups is enabled (server#22355)
SSE: make legacy format opt in (server#22381)
Update the CRL (server#22387)
Fix missing FN from federated contact (server#22400)
Fix event icon sizes and text alignment (server#22414)
Bump stecman/symfony-console-completion from 0.8.0 to 0.11.0 (3rdparty#457)
Add Guzzle's InvalidArgumentException (3rdparty#474)
Doctrine: Fix unquoted stmt fragments backslash escaping (3rdparty#486)
Fix cypress (viewer#545)
Move to webpack vue global config & bump deps (viewer#558)
|
|
Logswan 2.1.7 (2020-09-17)
- Add a Perl program to generate an example MMDB database for testing
- Add a new test case to exercise the IP geolocation codepaths
- Add support for seccomp on arm
- Add missing test for __NR_mmap, the mmap syscall doesn't exist on arm
|
|
|
|
|
|
CHANGELOG for gnurl-7.72.0 released 2020-09-16 (curl 7.72.0)
------------------------------------------------------------
gnurl:
No significant changes
curl:
Fixed in 7.72.0 - August 19 2020
Changes:
content_encoding: add zstd decoding support
CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream
CURLINFO_EFFECTIVE_METHOD: added
Bugfixes:
CVE-2020-8231: libcurl: wrong connect-only connection
appveyor: collect libcurl.dll variants with prefix or suffix
asyn-ares: correct some bad comments
bearssl: fix build with disabled proxy support
buildconf: avoid array concatenation in die()
buildconf: retire ares buildconf invocation
checksrc: ban gmtime/localtime
checksrc: invoke script with -D to find .checksrc proper
CI/azure: install libssh2 for use with msys2-based builds
CI/azure: unconditionally enable warnings-as-errors with autotools
CI/macos: enable warnings as errors for CMake builds
CI/macos: set minimum macOS version
CI/macos: unconditionally enable warnings-as-errors with autotools
CI: Add muse CI analyzer
cirrus-ci: upgrade 11-STABLE to 11.4
CMake: don't complain about missing nroff
CMake: fix test for warning suppressions
cmake: fix windows xp build
configure.ac: Sort features name in summary
configure: allow disabling warnings
configure: cleanup wolfssl + pkg-config conflicts when cross compiling.
configure: show zstd "no" in summary when built without it
connect: remove redundant message about connect failure
curl-config: ignore REQUIRE_LIB_DEPS in --libs output
curl.1: add a few missing valid exit codes
curl: add %{method} to the -w variables
curl: improve the existing file check with -J
curl_multi_setopt: fix compiler warning "result is always false"
curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated
CURLINFO_CERTINFO.3: fix typo
CURLOPT_NOBODY.3: clarify what setting to 0 means
docs: add date of 7.20 to CURLM_CALL_MULTI_PERFORM mentions
docs: Add video link to docs/CONTRIBUTE.md
docs: change "web site" to "website"
docs: clarify MAX_SEND/RECV_SPEED functionality
docs: Update a few leftover mentions of DarwinSSL
doh: remove redundant cast
file2memory: use a define instead of -1 unsigned value
ftp: don't do ssl_shutdown instead of ssl_close
ftpserver: don't verify SMTP MAIL FROM names
getinfo: reset retry-after value in initinfo
gnutls: repair the build with `CURL_DISABLE_PROXY`
gtls: survive not being able to get name/issuer
h2: repair trailer handling
http2: close the http2 connection when no more requests may be sent
http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages
libssh2: s/ssherr/sftperr/
libtest/Makefile.am: add -no-undefined for libstubgss for Cygwin
md(4|5): don't use deprecated macOS functions
mprintf: Fix dollar string handling
mprintf: Fix stack overflows
multi: Condition 'extrawait' is always true
multi: Remove 10-year old out-commented code
multi: remove two checks always true
multi: update comment to say easyp list is linear
multi_remove_handle: close unused connect-only connections
ngtcp2: adapt to error code rename
ngtcp2: adjust to recent sockaddr updates
ngtcp2: update to modified qlog callback prototype
nss: fix build with disabled proxy support
ntlm: free target_info before (re-)malloc
openssl: fix build with LibreSSL < 2.9.1
page-header: provide protocol details in the curl.1 man page
quiche: handle calling disconnect twice
runtests.pl: treat LibreSSL and BoringSSL as OpenSSL
runtests: move the gnutls-serv tests to a dynamic port
runtests: move the smbserver to use a dynamic port number
runtests: move the TELNET server to a dynamic port
runtests: run the DICT server on a random port number
runtests: run the http2 tests on a random port number
runtests: support dynamicly base64 encoded sections in tests
setopt: unset NOBODY switches to GET if still HEAD
smtp_parse_address: handle blank input string properly
socks: use size_t for size variable
strdup: remove the odd strlen check
test1119: verify stdout in the test
test1139: make it display the difference on test failures
test1140: compare stdout
test1908: treat file as text
tests/FILEFORMAT.md: mention %HTTP2PORT
tests/sshserver.pl: fix compatibility with OpenSSH for Windows
TLS naming: fix more Winssl and Darwinssl leftovers
tls-max.d: this option is only for TLS-using connections
tlsv1.3.d. only for TLS-using connections
tool_doswin: Simplify Windows version detection
tool_getparam: make --krb option work again
TrackMemory tests: ignore realloc and free in getenv.c
transfer: fix data_pending for builds with both h2 and h3 enabled
transfer: fix memory-leak with CURLOPT_CURLU in a duped handle
transfer: move retrycount from connect struct to easy handle
travis/script.sh: fix use of `-n' with unquoted envvar
travis: add ppc64le and s390x builds
travis: update quiche builds for new boringssl layout
url: fix CURLU and location following
url: silence MSVC warning
util: silence conversion warnings
win32: Add Curl_verify_windows_version() to curlx
WIN32: stop forcing narrow-character API
windows: add unicode to feature list
windows: disable Unix Sockets for old mingw
Fixed in 7.71.1 - July 1 2020
Bugfixes:
cirrus-ci: disable FreeBSD 13 (again)
Curl_inet_ntop: always check the return code
CURLOPT_READFUNCTION.3: provide the upload data size up front
DYNBUF.md: fix a typo: trail => tail
escape: make the URL decode able to reject only %00-bytes
escape: zero length input should return a zero length output
examples/multithread.c: call curl_global_cleanup()
http2: set the correct URL in pushed transfers
http: fix proxy auth with blank password
mbedtls: fix build with disabled proxy support
ngtcp2: sync with current master
openssl: Fix compilation on Windows when ngtcp2 is enabled
Revert "multi: implement wait using winsock events"
sendf: improve the message on client write errors
terminology: call them null-terminated strings
tool_cb_hdr: Fix etag warning output and return code
url: allow user + password to contain "control codes" for HTTP(S)
vtls: compare cert blob when finding a connection to reuse
Fixed in 7.71.0 - June 24 2020
Changes:
CURLOPT_SSL_OPTIONS: optional use of Windows' CA store (with openssl)
setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency
setopt: support certificate options in memory with struct curl_blob
tool: Add option --retry-all-errors to retry on any error
Bugfixes:
*_sspi: fix bad uses of CURLE_NOT_BUILT_IN
all: fix codespell errors
altsvc: bump to h3-29
altsvc: fix 'dsthost' may be used uninitialized in this function
altsvc: fix parser for lines ending with CRLF
altsvc: remove the num field from the altsvc struct
appveyor: add non-debug plain autotools-based build
appveyor: disable flaky test 1501 and ignore broken 1056
appveyor: disable test 1139 instead of ignoring it
asyn-*: remove support for never-used NULL entry pointers
azure: use matrix strategy to avoid configuration redundancy
build: disable more code/data when built without proxy support
buildconf: remove -print from the find command that removes files
checksrc: enhance the ASTERISKSPACE and update code accordingly
CI/macos: fix 'is already installed' errors by using bundle
cirrus: disable SFTP and SCP tests
CMake: add ENABLE_ALT_SVC option
CMake: add HTTP/3 support (ngtcp2+nghttp3, quiche)
CMake: add libssh build support
CMake: do not build test programs by default
CMake: fix runtests.pl with CMake, add new test targets
CMake: ignore INTERFACE_LIBRARY targets for pkg-config file
CMake: rebuild Makefile.inc.cmake when Makefile.inc changes
CODE_REVIEW.md: how to do code reviews in curl
configure: fix pthread check with static boringssl
configure: for wolfSSL, check for the DES func needed for NTLM
configure: only strip first -L from LDFLAGS
configure: repair the check if argv can be written to
configure: the wolfssh backend does not provide SCP
connect: improve happy eyeballs handling
connect: make happy eyeballs work for QUIC (again)
curl.1: Quote globbed URLs
curl: remove -J "informational" written on stdout
Curl_addrinfo: use one malloc instead of three
CURLINFO_ACTIVESOCKET.3: clarify the description
doc: add missing closing parenthesis in CURLINFO_SSL_VERIFYRESULT.3
doc: Rename VERSIONS to VERSIONS.md as it already has Markdown syntax
docs/HTTP3: add qlog to the quiche build instruction
docs/options-in-versions: which version added each cmdline option
docs: unify protocol lists
dynbuf: introduce internal generic dynamic buffer functions
easy: fix dangling pointer on easy_perform fail
examples/ephiperfifo: turn off interval when setting timerfd
examples/http2-down/upload: add error checks
examples: remove asiohiper.cpp
FILEFORMAT: add more features that tests can depend on
FILEFORMAT: describe verify/stderr
ftp: make domore_getsock() return the secondary socket properly
ftp: mark return-ignoring calls to Curl_GetFTPResponse with (void)
ftp: shut down the secondary connection properly when SSL is used
GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT
hostip: make Curl_printable_address not return anything
hostip: on macOS avoid DoH when given a numerical IP address
http2: keep trying to send pending frames after req.upload_done
http2: simplify and clean up trailer handling
HTTP3.md: clarify cargo build directory
http: move header storage to Curl_easy from connectdata
libcurl.pc: Merge Libs.private into Libs for static-only builds
libssh2: improved error output for wrong quote syntax
libssh2: keep sftp errors as 'unsigned long'
libssh2: set the expected total size in SCP upload init
libtest/cmake: Remove commented code
list-only.d: this option existed already in 4.0
manpage: add three missing environment variables
multi: add defensive check on data->multi->num_alive
multi: implement wait using winsock events
ngtcp2: cleanup memory when failing to connect
ngtcp2: fix build with current ngtcp2 master implementing draft 28
ngtcp2: fix happy eyeballs quic connect crash
ngtcp2: introduce qlog support
ngtcp2: never call fprintf() in lib code in release version
ngtcp2: update with recent API changes
ntlm: enable NTLM support with wolfSSL
OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAIN
openssl: set FLAG_TRUSTED_FIRST unconditionally
projects: Add crypt32.lib to dependencies for all OpenSSL configs
quiche: clean up memory properly when failing to connect
quiche: enable qlog output
quiche: update SSLKEYLOGFILE support
Revert "buildconf: use find -execdir"
Revert "ssh: ignore timeouts during disconnect"
runtests: remove sleep calls
runtests: show elapsed test time with higher precision (ms)
select: always use Sleep in Curl_wait_ms on Win32
select: fix overflow protection in Curl_socket_check
sendf: make failf() use the mvsnprintf() return code
server/sws: fix asan warning on use of uninitialized variable
server/util: fix logmsg format using curl_off_t argument
sha256: fixed potentially uninitialized variable
share: don not set the share flag it something fails
sockfilt: make select_ws stop waiting on exit signal event
socks: detect connection close during handshake
socks: fix expected length of SOCKS5 reply
socks: remove unreachable breaks in socks.c and mime.c
source cleanup: remove all custom typedef structs
test1167: fixes in badsymbols.pl
test1177: look for curl.h in source directory
test1238: avoid tftpd being busy for tests shortly following
test613.pl: make tests 613 and 614 work with OpenSSH for Windows
test75: Remove precheck test
tests: add https-proxy support to the test suite
tests: add support for SSH server variant specific transfer paths
tests: add two simple tests for --login-options
tests: make test 1248 + 1249 use %NOLISTENPORT
tests: pick a random port number for SSH
tests: run stunnel for HTTPS and FTPS on dynamic ports
timeouts: change millisecond timeouts to timediff_t from time_t
timeouts: move ms timeouts to timediff_t from int and long
tool: fixup a few --help descriptions
tool: support UTF-16 command line on Windows
tool_cfgable: free login_options at exit
tool_getparam: -i is not OK if -J is used
tool_getparam: fix memory leak in parse_args
tool_operate: fixed potentially uninitialized variables
tool_paramhlp: fixed potentially uninitialized strtol() variable
transfer: close connection after excess data has been read
travis: add "qlog" as feature in the quiche build
travis: Add ngtcp2 and quiche tests for CMake
travis: upgrade to bionic, clang-9, improve readability
typecheck-gcc.h: CURLINFO_PRIVATE does not need a 'char *'
unit1604.c: fix implicit conv from 'SANITIZEcode' to 'CURLcode'
url: accept "any length" credentials for proxy auth
url: alloc the download buffer at transfer start
url: make the updated credentials URL-encoded in the URL
url: reject too long input when parsing credentials
url: sort the protocol schemes in rough popularity order
urlapi: accept :: as a valid IPv6 address
urldata: leave the HTTP method untouched in the set.* struct
urlglob: treat literal IPv6 addresses with zone IDs as a host name
user-agent.d: spell out what happens given a blank argument
vauth/cleartext: fix theoretical integer overflow
version.d: expanded and alpha-sorted
vtls: Extract and simplify key log file handling from OpenSSL
wolfssl: add SSLKEYLOGFILE support
wording: avoid blacklist/whitelist stereotypes
write-out.d: added "response_code"
|
|
|
|
|
|
|
|
Update ruby-unicorn package to 5.7.0.
5.7.0 (2020-09-08)
Changes:
unicorn 5.7.0
Relaxed Ruby version requirements for Ruby 3.0.0dev.
Thanks to Jean Boussier for testing
5.6.0 (2020-07-26)
Changes:
unicorn 5.6.0 - early_hints support
This release adds support for the early_hints configurator
directive for the 'rack.early_hints' API used by Rails 5.2+.
Thanks to Jean Boussier for the patch.
|
|
Update ruby-sinatra and ruby-sinatra-contrib package to 2.1.0.
2.1.0 / 2020-09-05
* Fix additional Ruby 2.7 keyword warnings #1586 by Stefan Sundin
* Drop Ruby 2.2 support #1455 by Eloy Pérez
* Add default_content_type setting. Fixes #1238 #1239 by Mike Pastore
* Allow set :<engine> in sinatra-namespace #1255 by Christian Höppner
* Use prepend instead of include for helpers. Fixes #1213 #1214 by Mike
Pastore
* Fix issue with passed routes and provides Fixes #1095 #1606 by Mike
Pastore, Jordan Owens
* Add QuietLogger that excludes pathes from Rack::CommonLogger 1250 by
Christoph Wagner
* Sinatra::Contrib dependency updates. Fixes #1207 #1411 by Mike Pastore
* Allow CSP to fallback to default-src. Fixes #1484 #1490 by Jordan Owens
* Replace origin_whitelist with permitted_origins. Closes #1620 #1625 by
rhymes
* Use Rainbows instead of thin for async/stream features. Closes #1624 #1627
by Ryuichi KAWAMATA
* Enable EscapedParams if passed via settings. Closes #1615 #1632 by Anders
Bälter
* Support for parameters in mime types. Fixes #1141 by John Hope
* Handle null byte when serving static files #1574 by Kush Fanikiso
* Improve development support and documentation and source code by Olle
Jonsson, Pierre-Adrien Buisson, Shota Iguchi
|
|
Update ruby-rack-protection package to 2.1.0.
2.1.0 (2020-09-05)
* Add Rack::Protection::ReferrerPolicy #1291 by Stefan Sundin
|
|
Update ruby-puma to 4.3.6.
## 4.3.6 / 2020-09-05
* Bugfixes
* Explicitly include ctype.h to fix compilation warning and build error on
macOS with Xcode 12 (#2304)
* Don't require json at boot (#2269)
|
|
Update ruby-loofah package to 2.7.0.
2.7.0 / 2020-08-26
Features
* Allow CSS properties page-break-before, page-break-inside, and
page-break-after. [#190] (Thanks, @ahorek!)
Fixes
* Don't drop the !important rule from some CSS properties. [#191] (Thanks,
@b7kich!)
|
|
Update ruby-jekyll-feed package to 0.15.0.
## 0.15.0 / 2020-07-10
### Minor Enhancements
* Add support for drafts (#316)
## 0.14.0 / 2020-06-24
### Minor Enhancements
* add support for categories (#153) (#233)
* add support for tags (#264)
* Make posts limit configurable (#314)
* XML escape the title field of feed_meta (#306)
### Bug Fixes
* Fix feed link when post title contains HTML (#305)
### Development Fixes
* Use Dir to list source files (#309)
* Require Ruby >=2.4.0 (#307)
|
|
Update ruby-websocket-driver package to 0.7.3.
### 0.7.3 / 2020-07-09
- Let the client accept HTTP responses that have an empty reason phrase
following the `101` status code
|
|
Update ruby-faye-websocket package to 0.11.0.
0.11.0 / 2020-07-31
* Implement TLS certificate verification and enable it by default on client
connections
* Add a :tls option to the client with sub-fields :root_cert_file and
:verify_peer for configuring TLS verification
|
|
Update ruby-em-http-request to 1.1.7.
1.1.7 (2020-08-31)
* Don't warn about TLS hostname verification if verify_peer was explicitly
set to false
* As long as I had one spec... figured a couple others couldn't hurt
* Reuse the warning string.
|
|
Update ruby-capybara package to 3.3.0.
# Version 3.33.0
Release date: 2020-06-21
### Added
* Block passed to `within_session` now receives the new and old session
* Support for aria-role button when enabled [Seiei Miyagi]
* Support for aria-role link when enabled
* Support for `validation_message` filter with :field and :fillable_field selectors
### Changed
* Ruby 2.5.0+ is now required
* Deprecated direct manupulation of the driver and server registries
### Fixed
* Ruby 2.7 warning in minitest `assert_text` [Eileen M. Uchitelle]
|
|
|
|
* There is no need to stay on misc/ruby-bundler1 and switch to
depends on misc/ruby-bundler.
Bump PKGREVISION
|
|
* Fix dependency to to ruby-bundler, "RUBY_VER < 26" instead of
"RUBY_VER != 26".
* There is no need to stay on misc/ruby-bundler1 and switch to
depends on misc/ruby-bundler.
Bump PKGREVISION
|
|
6.26 2020-09-10 02:34:25Z
- Update comment which explains in which RFC 451 is defined (GH#143) (Olaf
Alders). Reported by Toby Inkster.
- Fix HTTP status descriptions and add 425 Too Early (GH#145) (Dan Book)
|
|
5.90128 - 2020-09-11
- fix command to run psgi compile test if Catalyst not already installed
- improve debugging output on psgi compile test
5.90_127 - 2020-07-27
- fix TODO tests for uri_for as a class method
- silence warnings in tests
- remove developer prerequisites on Catalyst plugins
- cleanups and fixes for optional tests
- bump Moose prereq to 2.1400, and drop MooseX::Role::WithOverloading prereq
- stop warning about missing Term::Size::Any when it isn't useful
|
|
1.42 - 2020-09-11
- stop using Module::Install for packaging, improving metadata and
fixing Makefile.PL on perl 5.26+. Generating a Catalyst application
still uses Module::Install::Catalyst for now.
- fix generated_app.t test on Windows
- whitespace and formatting tweaks
- various internal test cleanups
|
|
Fixes build on NetBSD/macppc 9.0, should have no effect elsewhere, so no
revision bump.
|
|
pkgsrc changes:
- Unconditionally disable systemd support via CMAKE_ARGS (by default systemd is
enabled unconditionally)
Changes:
WebKitGTK 2.30.0
================
- Fix NTLM authentication.
- Don't try to use SHM on wayland with older wpebackend-fdo.
- Fix the build due to seccomp.h header not found.
WebKitGTK 2.29.92
=================
- Fix user agent header after a redirect when a new quirk is required.
- Stop using firefox user agent quirk for google docs.
- Fix rendering frames timeline panel in web inspector.
- Fix per-thread cpu usage in web inspector.
- Fix several crashes and rendering issues.
- Translation updates: Polish
WebKitGTK 2.29.91
=================
- Fix a web process crash introduced in 2.29.90.
WebKitGTK 2.29.90
=================
- Fix font variation settings when font smoothing setting is also present.
- Fix HTML drag and drop operations.
- Fix argument order for clone syscall seccomp filter on s390x.
- Fix a crash when selecting text.
- Fix several crashes and rendering issues.
WebKitGTK 2.29.4
================
- Add support for backdrop filters.
- Add support for text-underline-offset and text-decoration-thickness.
- Add OpenCDM and AV1 support to media backend.
- Add new API to get ITP data summary.
- Use mobile user-agent on tablets.
- Fix several crashes and rendering issues.
WebKitGTK 2.29.3
================
- Add webkit_authentication_request_get_security_origin.
- Change the cookies accept policy to always when no-third-party is set and ITP is enabled.
- Fix web process hangs on large GitHub pages.
- Bubblewrap sandbox should not attempt to bind empty paths.
- Add support for sndio to bubblewrap sandbox.
- Also handle dark themes when the name ends with -Dark.
- Fix a race condition causing a crash in media player.
- Fix several crashes and rendering issues.
WebKitGTK 2.29.2
================
- Add Intelligent Tracking Prevention (ITP) support.
- Add support for video formats in img elements.
- Add API to handle video autoplay policy that now defaults to disallow autoplay videos with audio.
- Add API to mute a web view.
- Add API to allow applications to handle the HTTP authentication credential storage.
- Add a WebKitSetting to set the media content types requiring hardware support.
- Fix a crash during drag an drop due to a bug introduced in 2.29.1.
- Do not start page load during animation in back/forward gesture.
- Fix several crashes and rendering issues.
- Translation updates: Ukrainian.
WebKitGTK 2.29.1
================
- Stop using GTK theming to render form controls.
- Add API to disable GTK theming for scrollbars too.
- Fix several race conditions and threading issues in the media player.
- Add USER_AGENT_BRANDING build option.
- Add paste as plain text option to the context menu for rich editable content.
- Fix several crashes and rendering issues.
|
|
|
|
0.6.2:
Unknown changes
0.6.1:
Added
- Added Danish translation
Changed
- Refactor tests
|
|
0.7.7
Add support for Django-3.1.
|
|
Fixes build on NetBSD/macppc 9.0, should have no effect elsewhere, so no
revision bump.
|